FIX:DB::executeの戻り値の判定が正しく行えていない不具合の修正

[nucleus-jp/nucleus-next.git] / nucleus / libs / BAN.php

diff --git a/nucleus/libs/BAN.php b/nucleus/libs/BAN.php
index 671b80f..cd8f8cf 100644 (file)
--- a/nucleus/libs/BAN.php
+++ b/nucleus/libs/BAN.php
@@ -1,106 +1,127 @@
-<?php
-/*
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2009 The Nucleus Group
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU General Public License
- * as published by the Free Software Foundation; either version 2
- * of the License, or (at your option) any later version.
- * (see nucleus/documentation/index.html#license for more info)
- */
-/**
- * PHP class responsible for ban-management.
- *
- * @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2009 The Nucleus Group
- * @version $Id: BAN.php 1525 2011-06-21 10:20:19Z sakamocchi $
- */
-
-class BAN {
-
-       /**
-         * Checks if a given IP is banned from commenting/voting
-         *
-         * Returns 0 when not banned, or a BANINFO object containing the
-         * message and other information of the ban
-         */
-       function isBanned($blogid, $ip) {
-               $blogid = intval($blogid);
-               $query = 'SELECT * FROM '.sql_table('ban').' WHERE blogid='.$blogid;
-               $res = sql_query($query);
-               while ($obj = sql_fetch_object($res)) {
-                       $found = i18n::strpos ($ip, $obj->iprange);
-                       if (!($found === false))
-                               // found a match!
-                                       return new BANINFO($obj->iprange, $obj->reason);
-               }
-               return 0;
-       }
-
-       /**
-         * Adds a new ban to the banlist. Returns 1 on success, 0 on error
-         */
-       function addBan($blogid, $iprange, $reason) {
-               global $manager;
-
-               $blogid = intval($blogid);
-
-               $manager->notify(
-                       'PreAddBan',
-                       array(
-                               'blogid' => $blogid,
-                               'iprange' => &$iprange,
-                               'reason' => &$reason
-                       )
-               );
-
-               $query = 'INSERT INTO '.sql_table('ban')." (blogid, iprange, reason) VALUES "
-                          . "($blogid,'".sql_real_escape_string($iprange)."','".sql_real_escape_string($reason)."')";
-               $res = sql_query($query);
-
-               $manager->notify(
-                       'PostAddBan',
-                       array(
-                               'blogid' => $blogid,
-                               'iprange' => $iprange,
-                               'reason' => $reason
-                       )
-               );
-
-               return $res ? 1 : 0;
-       }
-
-       /**
-         * Removes a ban from the banlist (correct iprange is needed as argument)
-         * Returns 1 on success, 0 on error
-         */
-       function removeBan($blogid, $iprange) {
-               global $manager;
-               $blogid = intval($blogid);
-
-               $manager->notify('PreDeleteBan', array('blogid' => $blogid, 'range' => $iprange));
-
-               $query = 'DELETE FROM '.sql_table('ban')." WHERE blogid=$blogid and iprange='" .sql_real_escape_string($iprange). "'";
-               sql_query($query);
-
-               $result = (sql_affected_rows() > 0);
-
-               $manager->notify('PostDeleteBan', array('blogid' => $blogid, 'range' => $iprange));
-
-               return $result;
-       }
-}
-
-class BANINFO {
-       var $iprange;
-       var $message;
-
-       function BANINFO($iprange, $message) {
-               $this->iprange = $iprange;
-               $this->message = $message;
-       }
-}
-
-
-?>
\ No newline at end of file
+<?php\r
+/*\r
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
+ * Copyright (C) 2002-2012 The Nucleus Group\r
+ *\r
+ * This program is free software; you can redistribute it and/or\r
+ * modify it under the terms of the GNU General Public License\r
+ * as published by the Free Software Foundation; either version 2\r
+ * of the License, or (at your option) any later version.\r
+ * (see nucleus/documentation/index.html#license for more info)\r
+ */\r
+/**\r
+ * PHP class responsible for ban-management.\r
+ *\r
+ * @license http://nucleuscms.org/license.txt GNU General Public License\r
+ * @copyright Copyright (C) 2002-2012 The Nucleus Group\r
+ * @version $Id: BAN.php 1525 2011-06-21 10:20:19Z sakamocchi $\r
+ */\r
+\r
+class Ban\r
+{\r
+       /**\r
+        * Checks if a given IP is banned from commenting/voting\r
+        *\r
+        * Returns 0 when not banned, or a BanInfo object containing the\r
+        * message and other information of the ban\r
+        */\r
+       public function isBanned($blogid, $ip)\r
+       {\r
+               $blogid = intval($blogid);\r
+               $query = sprintf('SELECT * FROM %s WHERE blogid=%d', sql_table('ban'), intval($blogid));\r
+               $res = DB::getResult($query);\r
+               foreach ( $res as $row )\r
+               {\r
+                       $found = i18n::strpos ($ip, $row['iprange']);\r
+                       if ( $found !== false )\r
+                       {\r
+                               // found a match!\r
+                               return new BanInfo($row['iprange'], $row['reason']);\r
+                       }\r
+               }\r
+               return 0;\r
+       }\r
+\r
+       /**\r
+        * Ban::addBan()\r
+        * Adds a new ban to the banlist. Returns 1 on success, 0 on error\r
+        * \r
+        * @param       Integer $blogid ID for weblog\r
+        * @param       String  $iprange        IP range\r
+        * @param       String  $reason reason for banning\r
+        * @return      Boolean\r
+        * \r
+        */\r
+       public function addBan($blogid, $iprange, $reason)\r
+       {\r
+               global $manager;\r
+               \r
+               $manager->notify(\r
+                       'PreAddBan',\r
+                       array(\r
+                               'blogid' => $blogid,\r
+                               'iprange' => &$iprange,\r
+                               'reason' => &$reason\r
+                       )\r
+               );\r
+               \r
+               $query = 'INSERT INTO %s (blogid, iprange, reason) VALUES (%d, %s, %s)';\r
+               $query = sprintf($query, sql_table('ban'), intval($blogid), DB::quoteValue($iprange), DB::quoteValue($reason));\r
+               $res = DB::execute($query);\r
+               \r
+               $manager->notify(\r
+                       'PostAddBan',\r
+                       array(\r
+                               'blogid' => $blogid,\r
+                               'iprange' => $iprange,\r
+                               'reason' => $reason\r
+                       )\r
+               );\r
+               \r
+               return $res !== FALSE ? 1 : 0;\r
+       }\r
+       \r
+       /**\r
+        * Removes a ban from the banlist (correct iprange is needed as argument)\r
+        * Returns 1 on success, 0 on error\r
+        */\r
+       public function removeBan($blogid, $iprange)\r
+       {\r
+               global $manager;\r
+               \r
+               $manager->notify(\r
+                       'PreDeleteBan',\r
+                       array(\r
+                               'blogid' => $blogid,\r
+                               'range' => $iprange\r
+                       )\r
+               );\r
+               \r
+               $query = 'DELETE FROM %s WHERE blogid=%d and iprange=%s';\r
+               $query = sprintf($query, sql_table('ban'), intval($blogid), DB::quoteValue($iprange));\r
+               $res = DB::execute($query);\r
+               \r
+               $manager->notify(\r
+                       'PostDeleteBan',\r
+                       array(\r
+                               'blogid' => $blogid,\r
+                               'range' => $iprange\r
+                       )\r
+               );\r
+               \r
+               return $res !== FALSE ? 1 : 0;\r
+       }\r
+}\r
+\r
+class BanInfo\r
+{\r
+       public $iprange;\r
+       public $message;\r
+       \r
+       public function __construct($iprange, $message)\r
+       {\r
+               $this->iprange = $iprange;\r
+               $this->message = $message;\r
+               return;\r
+       }\r
+}\r