<?php
-\r
-/*\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
- * Copyright (C) 2002-2009 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- */\r
-\r
-/**\r
- * Nucleus configration file\r
- * @license http://nucleuscms.org/license.txt GNU General Public License\r
- * @copyright Copyright (C) 2002-2009 The Nucleus Group\r
- * @version $Id$\r
- */\r
+
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2009 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+
+/**
+ * Nucleus configration file
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2009 The Nucleus Group
+ * @version $Id$
+ */
// This file contains variables with the locations of the data dirs
// and basic functions that every page can use
$MYSQL_PASSWORD = 'password';
$MYSQL_DATABASE = 'databasename';
$MYSQL_PREFIX = '';
+// new in 3.50. first element is db handler, the second is the db driver used by the handler
+// default is $MYSQL_HANDLER = array('mysql','mysql');
+$MYSQL_HANDLER = array('mysql','mysql');
+//$MYSQL_HANDLER = array('pdo','mysql');
// main nucleus directory
$DIR_NUCLEUS = '/your/path/to/nucleus/';
include_once('nucleus/libs/vars4.0.6.php');\r
}\r
\r
-include_once('nucleus/libs/mysql.php');\r
+// include core classes that are needed for login & plugin handling\r
+// added for 3.5 sql_* wrapper\r
+global $MYSQL_HANDLER;\r
+if (!isset($MYSQL_HANDLER))\r
+ $MYSQL_HANDLER = array('mysql','');\r
+include_once(str_replace("install.php", "", __FILE__) . 'nucleus/libs/sql/'.$MYSQL_HANDLER[0].'.php');\r
+// end new for 3.5 sql_* wrapper\r
+include_once(str_replace("install.php", "", __FILE__) . '/nucleus/libs/mysql.php');\r
\r
// check if mysql support is installed\r
+// this check may not make sense, as is, in a version past 3.5x\r
if (!function_exists('mysql_query') ) {\r
_doError(_ERROR1);\r
}\r
\r
<?php\r
// note: this piece of code is taken from phpMyAdmin\r
- $result = @mysql_query('SELECT VERSION() AS version');\r
+ $result = @sql_query('SELECT VERSION() AS version');\r
\r
- if ($result != FALSE && @mysql_num_rows($result) > 0) {\r
- $row = mysql_fetch_array($result);\r
+ if ($result != FALSE && @sql_num_rows($result) > 0) {\r
+ $row = sql_fetch_array($result);\r
$match = explode('.', $row['version']);\r
} else {\r
- $result = @mysql_query('SHOW VARIABLES LIKE \'version\'');\r
+ $result = @sql_query('SHOW VARIABLES LIKE \'version\'');\r
\r
- if ($result != FALSE && @mysql_num_rows($result) > 0) {\r
- $row = mysql_fetch_row($result);\r
+ if ($result != FALSE && @sql_num_rows($result) > 0) {\r
+ $row = sql_fetch_row($result);\r
$match = explode('.', $row[1]);\r
} else {\r
$output = shell_exec('mysql -V');\r
}\r
\r
// 2-1. try to log in to mySQL\r
+\r
global $MYSQL_CONN;\r
- $MYSQL_CONN = @mysql_connect($mysql_host, $mysql_user, $mysql_password);\r
+ // this will need to be changed if we ever allow\r
+ $MYSQL_CONN = @sql_connect_args($mysql_host, $mysql_user, $mysql_password);\r
\r
if ($MYSQL_CONN == false) {\r
- _doError(_ERROR15 . ': ' . mysql_error() );\r
+ _doError(_ERROR15 . ': ' . sql_error() );\r
}\r
\r
// <add for garble measure>\r
if ($mySqlVer >= '5.0.7' && phpversion() >= '5.2.3') {\r
mysql_set_charset($charset);\r
} elseif ($mySqlVer >= '4.1.0') {\r
- mysql_query("SET NAMES " . $charset);\r
+ sql_query("SET NAMES " . $charset);\r
}\r
$collation = ($charset == 'utf8') ? 'utf8_unicode_ci' : 'ujis_japanese_ci';\r
// </add for garble measure>*/\r
. $collation;\r
}\r
// </add for garble measure>*/\r
- mysql_query($sql) or _doError(_ERROR16 . ': ' . mysql_error());\r
+ sql_query($sql) or _doError(_ERROR16 . ': ' . sql_error());\r
}\r
\r
// 4. try to select database\r
- mysql_select_db($mysql_database) or _doError(_ERROR17);\r
+ sql_select_db($mysql_database) or _doError(_ERROR17);\r
\r
// 5. execute queries\r
$filename = 'install.sql';\r
}\r
// </add for garble measure>*/\r
\r
- mysql_query($query) or _doError(_ERROR30 . ' (<small>' . htmlspecialchars($query) . '</small>): ' . mysql_error() );\r
+ sql_query($query) or _doError(_ERROR30 . ' (<small>' . htmlspecialchars($query) . '</small>): ' . sql_error() );\r
}\r
}\r
\r
. " '" . $itm_body . "',"\r
. " '" . $itm_more . "',"\r
. " 1, 1, '2005-08-15 11:04:26', 0, 0, 0, 1, 0, 1);";\r
- mysql_query($newpost) or _doError(_ERROR18 . ' (<small>' . htmlspecialchars($newpost) . '</small>): ' . mysql_error() );\r
+ sql_query($newpost) or _doError(_ERROR18 . ' (<small>' . htmlspecialchars($newpost) . '</small>): ' . sql_error() );\r
\r
// 6. update global settings\r
updateConfig('IndexURL', $config_indexurl);\r
. " WHERE"\r
. " mnumber = 1";\r
\r
- mysql_query($query) or _doError(_ERROR19 . ': ' . mysql_error() );\r
+ sql_query($query) or _doError(_ERROR19 . ': ' . sql_error() );\r
\r
// 8. update weblog settings\r
$query = 'UPDATE ' . tableName('nucleus_blog')\r
. " WHERE"\r
. " bnumber = 1";\r
\r
- mysql_query($query) or _doError(_ERROR20 . ': ' . mysql_error() );\r
+ sql_query($query) or _doError(_ERROR20 . ': ' . sql_error() );\r
\r
// 8-2. update category settings\r
if ($charset == 'ujis') {\r
. " WHERE"\r
. " catid = 1";\r
\r
- mysql_query($query) or _doError(_ERROR20 . ': ' . mysql_error() );\r
+ sql_query($query) or _doError(_ERROR20 . ': ' . sql_error() );\r
\r
// 9. update item date\r
$query = 'UPDATE ' . tableName('nucleus_item')\r
. " SET itime = '" . date('Y-m-d H:i:s', time() ) ."'"\r
. " WHERE inumber = 1";\r
\r
- mysql_query($query) or _doError(_ERROR21 . ': ' . mysql_error() );\r
+ sql_query($query) or _doError(_ERROR21 . ': ' . sql_error() );\r
\r
global $aConfPlugsToInstall, $aConfSkinsToImport;\r
$aSkinErrors = array();\r
$DIR_LIBS = $DIR_NUCLEUS . 'libs/';\r
\r
// close database connection (needs to be closed if we want to include globalfunctions.php)\r
- mysql_close();\r
+ sql_close();\r
\r
$manager = '';\r
include_once($DIR_LIBS . 'globalfunctions.php');\r
$config_data .= " \$MYSQL_PASSWORD = '" . $mysql_password . "';\n";\r
$config_data .= " \$MYSQL_DATABASE = '" . $mysql_database . "';\n";\r
$config_data .= " \$MYSQL_PREFIX = '" . (($mysql_usePrefix == 1) ? $mysql_prefix : '') . "';\n";\r
+ $config_data .= " // new in 3.50. first element is db handler, the second is the db driver used by the handler\n";\r
+ $config_data .= " // default is \$MYSQL_HANDLER = array('mysql','mysql');\n";\r
+ $config_data .= " \$MYSQL_HANDLER = array('mysql','mysql');\n";\r
+ $config_data .= " //\$MYSQL_HANDLER = array('pdo','mysql');\n";\r
$config_data .= "\n";\r
$config_data .= " // main nucleus directory\n";\r
$config_data .= " \$DIR_NUCLEUS = '" . $config_adminpath . "';\n";\r
<li><?php echo _TEXT15_L3; ?></li>\r
</ul>\r
\r
- <?php echo _TEXT15_EX; ?>\r
+ <?php echo _TEXT16; ?>\r
\r
<h1><?php echo _HEADER11; ?></h1>\r
\r
- <p><?php echo _TEXT16; ?>\r
+ <p><?php echo _TEXT16_H; ?>\r
<ul>\r
<li><a href="<?php echo $config_adminurl?>"><?php echo _TEXT16_L1; ?></a></li>\r
<li><a href="<?php echo $config_indexurl?>"><?php echo _TEXT16_L2; ?></a></li>\r
}\r
\r
$res = sql_query('SELECT * FROM ' . sql_table('plugin') );\r
- $numCurrent = mysql_num_rows($res);\r
+ $numCurrent = sql_num_rows($res);\r
\r
foreach ($aConfPlugsToInstall as $plugName) {\r
// do this before calling getPlugin (in case the plugin id is used there)\r
// loop over all installed plugins\r
$res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin') );\r
\r
- while($o = mysql_fetch_object($res) ) {\r
+ while($o = sql_fetch_object($res) ) {\r
$pid = $o->pid;\r
$plug =& $manager->getPlugin($o->pfile);\r
\r
. " SET value = '$val'"\r
. " WHERE name = '$name'";\r
\r
- mysql_query($query) or _doError(_ERROR26 . ': ' . mysql_error() );\r
- return mysql_insert_id();\r
+ sql_query($query) or _doError(_ERROR26 . ': ' . mysql_error() );\r
+ return sql_insert_id();\r
}\r
\r
function replaceDoubleBackslash($input) {\r
define('_TEXT15_EX', '<p>もしこれらのファイルを削除していなければ、管理領域を開くことが出来ません。</p>');\r
\r
define('_HEADER11', 'ウェブサイトの確認');\r
-define('_TEXT16', 'ウェブサイトを使う準備が整いました。');\r
+define('_TEXT16_H', 'ウェブサイトを使う準備が整いました。');\r
define('_TEXT16_L1', '管理領域にログインしてサイトの設定を行う');\r
define('_TEXT16_L2', 'すぐにサイトへ行ってみる');\r
\r
<li>\r
<strong>Nucleus v3.5 (SVN)</strong>\r
<ul>\r
+ <li>ADDED/CHANGED: extended sql_* api to cover all mysql_* functions used in core. Functions loaded from nucleus/libs/sql/ folder. See <a href="http://wakka.xiffy.nl/planning:3.50#mysql_api_warning" title="sql API">here</a>. (ftruscot)</li>\r
<li>FIXED: atom.phpとxml-rss2.phpで_CHARSETをチェックして文字コード変換(<a href="http://japan.nucleuscms.org/bb/viewtopic.php?t=4376" target="_blank" class="postlink">Nicleus3.41 へアップグレード後 xml-rss2.php でエラー</a>)(きゃしゃ)</li>\r
<li>CHANGED: SEARCH.php改良(<a href="http://japan.nucleuscms.org/bb/viewtopic.php?t=4370" target="_blank" class="postlink"><%relevance%>対応SEARCH.php</a>、<a href="http://japan.nucleuscms.org/bb/viewtopic.php?t=3824" target="_blank" class="postlink">検索結果の正確さ</a>)(きゃしゃ)</li>\r
<li>CHANGED: _CHARSETチェックのときにstrtoupper(きゃしゃ)</li>\r
case 'unsetadmin':\r
// there should always remain at least one super-admin\r
$r = sql_query('SELECT * FROM '.sql_table('member'). ' WHERE madmin=1 and mcanlogin=1');\r
- if (mysql_num_rows($r) < 2)\r
+ if (sql_num_rows($r) < 2)\r
$error = _ERROR_ATLEASTONEADMIN;\r
else\r
sql_query('UPDATE ' . sql_table('member') .' SET madmin=0 WHERE mnumber='.$memberid);\r
case 'unsetadmin':\r
// there should always remain at least one admin\r
$r = sql_query('SELECT * FROM '.sql_table('team').' WHERE tadmin=1 and tblog='.$blogid);\r
- if (mysql_num_rows($r) < 2)\r
+ if (sql_num_rows($r) < 2)\r
$error = _ERROR_ATLEASTONEBLOGADMIN;\r
else\r
sql_query('UPDATE '.sql_table('team').' SET tadmin=0 WHERE tblog='.$blogid.' and tmember='.$memberid);\r
else\r
$queryBlogs = 'SELECT bnumber FROM '.sql_table('blog').', '.sql_table('team').' WHERE tblog=bnumber and tmember=' . $member->getID();\r
$rblogids = sql_query($queryBlogs);\r
- while ($o = mysql_fetch_object($rblogids))\r
+ while ($o = sql_fetch_object($rblogids))\r
if ($o->bnumber != $iForcedBlogInclude)\r
$aBlogIds[] = intval($o->bnumber);\r
\r
$queryBlogs = 'SELECT bnumber, bname FROM '.sql_table('blog').' WHERE bnumber in ('.implode(',',$aBlogIds).') ORDER BY bname';\r
$blogs = sql_query($queryBlogs);\r
if ($mode == 'category') {\r
- if (mysql_num_rows($blogs) > 1)\r
+ if (sql_num_rows($blogs) > 1)\r
$multipleBlogs = 1;\r
\r
- while ($oBlog = mysql_fetch_object($blogs)) {\r
+ while ($oBlog = sql_fetch_object($blogs)) {\r
if ($multipleBlogs)\r
echo '<optgroup label="',htmlspecialchars($oBlog->bname),'">';\r
\r
\r
// 2. for each category in that blog\r
$categories = sql_query('SELECT cname, catid FROM '.sql_table('category').' WHERE cblog=' . $oBlog->bnumber . ' ORDER BY cname ASC');\r
- while ($oCat = mysql_fetch_object($categories)) {\r
+ while ($oCat = sql_fetch_object($categories)) {\r
if ($oCat->catid == $selected)\r
$selectText = ' selected="selected" ';\r
else\r
}\r
} else {\r
// blog mode\r
- while ($oBlog = mysql_fetch_object($blogs)) {\r
+ while ($oBlog = sql_fetch_object($blogs)) {\r
echo '<option value="',$oBlog->bnumber,'"';\r
if ($oBlog->bnumber == $selected)\r
echo ' selected="selected"';\r
$currenttime = $blog->getCorrectTime(time());\r
$result = sql_query("SELECT * FROM ".sql_table('item').\r
" WHERE iblog='".$blogid."' AND iposted=0 AND itime>".mysqldate($currenttime));\r
- if (mysql_num_rows($result) > 0) {\r
+ if (sql_num_rows($result) > 0) {\r
$blog->setFuturePost();\r
}\r
else {\r
\r
// get itemid\r
$res = sql_query('SELECT citem FROM '.sql_table('comment').' WHERE cnumber=' . $commentid);\r
- $o = mysql_fetch_object($res);\r
+ $o = sql_fetch_object($res);\r
$itemid = $o->citem;\r
\r
if ($member->canAlterItem($itemid))\r
\r
// get item id first\r
$res = sql_query('SELECT citem FROM '.sql_table('comment') .' WHERE cnumber=' . $commentid);\r
- $o = mysql_fetch_object($res);\r
+ $o = sql_fetch_object($res);\r
$itemid = $o->citem;\r
\r
$error = $this->deleteOneComment($commentid);\r
)\r
{\r
$r = sql_query('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');\r
- if (mysql_num_rows($r) < 2)\r
+ if (sql_num_rows($r) < 2)\r
$this->error(_ERROR_ATLEASTONEADMIN);\r
}\r
\r
// (check for at least two admins before deletion)\r
$query = 'SELECT * FROM '.sql_table('team') . ' WHERE tblog='.$blogid.' and tadmin=1';\r
$r = sql_query($query);\r
- if (mysql_num_rows($r) < 2)\r
+ if (sql_num_rows($r) < 2)\r
return _ERROR_ATLEASTONEBLOGADMIN;\r
}\r
\r
// don't allow when there is only one admin at this moment\r
if ($mem->isBlogAdmin($blogid)) {\r
$r = sql_query('SELECT * FROM '.sql_table('team') . " WHERE tblog=$blogid and tadmin=1");\r
- if (mysql_num_rows($r) == 1)\r
+ if (sql_num_rows($r) == 1)\r
$this->error(_ERROR_ATLEASTONEBLOGADMIN);\r
}\r
\r
<?php\r
$res = sql_query('SELECT mname, mrealname FROM ' . sql_table('member') . ',' . sql_table('team') . ' WHERE mnumber=tmember AND tblog=' . intval($blogid));\r
$aMemberNames = array();\r
- while ($o = mysql_fetch_object($res))\r
+ while ($o = sql_fetch_object($res))\r
array_push($aMemberNames, htmlspecialchars($o->mname) . ' (' . htmlspecialchars($o->mrealname). ')');\r
echo implode(',', $aMemberNames);\r
?>\r
\r
$query = 'SELECT * FROM '.sql_table('category') . ' WHERE cname=\'' . addslashes($cname).'\' and cblog=' . intval($blogid);\r
$res = sql_query($query);\r
- if (mysql_num_rows($res) > 0)\r
+ if (sql_num_rows($res) > 0)\r
$this->error(_ERROR_DUPCATEGORYNAME);\r
\r
$blog =& $manager->getBlog($blogid);\r
$member->blogAdminRights($blogid) or $this->disallow();\r
\r
$res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cblog=$blogid AND catid=$catid");\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
\r
$cname = $obj->cname;\r
$cdesc = $obj->cdesc;\r
\r
$query = 'SELECT * FROM '.sql_table('category').' WHERE cname=\'' . addslashes($cname).'\' and cblog=' . intval($blogid) . " and not(catid=$catid)";\r
$res = sql_query($query);\r
- if (mysql_num_rows($res) > 0)\r
+ if (sql_num_rows($res) > 0)\r
$this->error(_ERROR_DUPCATEGORYNAME);\r
\r
$query = 'UPDATE '.sql_table('category').' SET'\r
// check if catid is the only category left for blogid\r
$query = 'SELECT catid FROM '.sql_table('category').' WHERE cblog=' . $blogid;\r
$res = sql_query($query);\r
- if (mysql_num_rows($res) == 1)\r
+ if (sql_num_rows($res) == 1)\r
$this->error(_ERROR_DELETELASTCATEGORY);\r
\r
\r
// check if catid is the only category left for blogid\r
$query = 'SELECT catid FROM '.sql_table('category').' WHERE cblog=' . $blogid;\r
$res = sql_query($query);\r
- if (mysql_num_rows($res) == 1)\r
+ if (sql_num_rows($res) == 1)\r
return _ERROR_DELETELASTCATEGORY;\r
\r
// change category for all items to the default category\r
// update comments table (cblog)\r
$query = 'SELECT inumber FROM '.sql_table('item').' WHERE icat='.$catid;\r
$items = sql_query($query);\r
- while ($oItem = mysql_fetch_object($items)) {\r
+ while ($oItem = sql_fetch_object($items)) {\r
sql_query('UPDATE '.sql_table('comment').' SET cblog='.$destblogid.' WHERE citem='.$oItem->inumber);\r
}\r
\r
// create blog\r
$query = 'INSERT INTO '.sql_table('blog')." (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES ('$bname', '$bshortname', '$bdesc', '$btimeoffset', '$bdefskin')";\r
sql_query($query);\r
- $blogid = mysql_insert_id();\r
+ $blogid = sql_insert_id();\r
$blog =& $manager->getBlog($blogid);\r
\r
// create new category\r
$sql = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, "%s", "%s")';\r
sql_query(sprintf($sql, sql_table('category'), $blogid, _EBLOGDEFAULTCATEGORY_NAME, _EBLOGDEFAULTCATEGORY_DESC));\r
// sql_query('INSERT INTO '.sql_table('category')." (cblog, cname, cdesc) VALUES ($blogid, _EBLOGDEFAULTCATEGORY_NAME, _EBLOGDEFAULTCATEGORY_DESC)");\r
- $catid = mysql_insert_id();\r
+ $catid = sql_insert_id();\r
\r
// set as default category\r
$blog->setDefaultCategory($catid);\r
</tr><tr>\r
<?php // show list of skins\r
$res = sql_query('SELECT * FROM '.sql_table('skin_desc'));\r
- while ($skinObj = mysql_fetch_object($res)) {\r
+ while ($skinObj = sql_fetch_object($res)) {\r
$id = 'skinexp' . $skinObj->sdnumber;\r
echo '<td><input type="checkbox" name="skin[',$skinObj->sdnumber,']" id="',$id,'" />';\r
echo '<label for="',$id,'">',htmlspecialchars($skinObj->sdname),'</label></td>';\r
\r
// show list of templates\r
$res = sql_query('SELECT * FROM '.sql_table('template_desc'));\r
- while ($templateObj = mysql_fetch_object($res)) {\r
+ while ($templateObj = sql_fetch_object($res)) {\r
$id = 'templateexp' . $templateObj->tdnumber;\r
echo '<td><input type="checkbox" name="template[',$templateObj->tdnumber,']" id="',$id,'" />';\r
echo '<label for="',$id,'">',htmlspecialchars($templateObj->tdname),'</label></td>';\r
\r
$query = 'INSERT INTO '.sql_table('template')." (tdesc, tpartname, tcontent) "\r
. "VALUES ($id, '$partname', '$content')";\r
- sql_query($query) or exit(_ADMIN_SQLDIE_QUERYERROR . mysql_error());\r
- return mysql_insert_id();\r
+ sql_query($query) or exit(_ADMIN_SQLDIE_QUERYERROR . sql_error());\r
+ return sql_insert_id();\r
}\r
\r
/**\r
// 3. create clone\r
// go through parts of old template and add them to the new one\r
$res = sql_query('SELECT tpartname, tcontent FROM '.sql_table('template').' WHERE tdesc=' . $templateid);\r
- while ($o = mysql_fetch_object($res)) {\r
+ while ($o = sql_fetch_object($res)) {\r
$this->addToTemplate($newid, $o->tpartname, $o->tcontent);\r
}\r
\r
echo '<input type="submit" tabindex="140" value="' . _SKIN_CREATE . '" onclick="return checkSubmit();" />' . "\r\n";\r
echo '</form>' . "\r\n";\r
\r
- if ($res && mysql_num_rows($res) > 0) {\r
+ if ($res && sql_num_rows($res) > 0) {\r
echo '<ul>';\r
$tabstart = 75;\r
\r
- while ($row = mysql_fetch_assoc($res)) {\r
+ while ($row = sql_fetch_assoc($res)) {\r
echo '<li><a tabindex="' . ($tabstart++) . '" href="index.php?action=skinedittype&skinid=' . $skinid . '&type=' . htmlspecialchars(strtolower($row['stype'])) . '">' . htmlspecialchars(ucfirst($row['stype'])) . '</a> (<a tabindex="' . ($tabstart++) . '" href="index.php?action=skinremovetype&skinid=' . $skinid . '&type=' . htmlspecialchars(strtolower($row['stype'])) . '">remove</a>)</li>';\r
}\r
\r
// don't allow deletion of default skins for blogs\r
$query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;\r
$r = sql_query($query);\r
- if ($o = mysql_fetch_object($r))\r
+ if ($o = sql_fetch_object($r))\r
$this->error(_ERROR_SKINDEFDELETE . htmlspecialchars($o->bname));\r
\r
$this->pagehead();\r
// don't allow deletion of default skins for blogs\r
$query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;\r
$r = sql_query($query);\r
- if ($o = mysql_fetch_object($r))\r
+ if ($o = sql_fetch_object($r))\r
$this->error(_ERROR_SKINDEFDELETE .$o->bname);\r
\r
$manager->notify('PreDeleteSkin', array('skinid' => $skinid));\r
\r
$query = "SELECT stype FROM " . sql_table('skin') . " WHERE sdesc = " . $skinid;\r
$res = sql_query($query);\r
- while ($row = mysql_fetch_assoc($res)) {\r
+ while ($row = sql_fetch_assoc($res)) {\r
$this->skinclonetype($skin, $newid, $row['stype']);\r
}\r
\r
echo "\t\t" . '<td>' . phpversion() . "</td>\n";\r
echo "\t</tr><tr>\n";\r
echo "\t\t" . '<td>' . _ADMIN_SYSTEMOVERVIEW_MYSQLVERSION . "</td>\n";\r
- echo "\t\t" . '<td>' . mysql_get_server_info() . ' (' . mysql_get_client_info() . ')' . "</td>\n";\r
+ echo "\t\t" . '<td>' . sql_get_server_info() . ' (' . sql_get_client_info() . ')' . "</td>\n";\r
echo "\t</tr>";\r
echo "</table>\n";\r
\r
. " SET value='$val'"\r
. " WHERE name='$name'";\r
\r
- sql_query($query) or die(_ADMIN_SQLDIE_QUERYERROR . mysql_error());\r
- return mysql_insert_id();\r
+ sql_query($query) or die(_ADMIN_SQLDIE_QUERYERROR . sql_error());\r
+ return sql_insert_id();\r
}\r
\r
/**\r
$name = $matches[1];\r
// only show in list when not yet installed\r
$res = sql_query('SELECT * FROM '.sql_table('plugin').' WHERE pfile="NP_'.addslashes($name).'"');\r
- if (mysql_num_rows($res) == 0)\r
+ if (sql_num_rows($res) == 0)\r
array_push($candidates,$name);\r
}\r
}\r
\r
// get number of currently installed plugins\r
$res = sql_query('SELECT * FROM '.sql_table('plugin'));\r
- $numCurrent = mysql_num_rows($res);\r
+ $numCurrent = sql_num_rows($res);\r
\r
// plugin will be added as last one in the list\r
$newOrder = $numCurrent + 1;\r
// do this before calling getPlugin (in case the plugin id is used there)\r
$query = 'INSERT INTO '.sql_table('plugin').' (porder, pfile) VALUES ('.$newOrder.',"'.addslashes($name).'")';\r
sql_query($query);\r
- $iPid = mysql_insert_id();\r
+ $iPid = sql_insert_id();\r
\r
$manager->clearCachedInfo('installedPlugins');\r
\r
{\r
\r
$res = sql_query('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile="' . $pluginName . '"');\r
- if (mysql_num_rows($res) == 0)\r
+ if (sql_num_rows($res) == 0)\r
{\r
// uninstall plugin again...\r
$this->deleteOnePlugin($plugin->getID());\r
\r
// loop over all installed plugins\r
$res = sql_query('SELECT pid, pfile FROM '.sql_table('plugin'));\r
- while($o = mysql_fetch_object($res)) {\r
+ while($o = sql_fetch_object($res)) {\r
$pid = $o->pid;\r
$plug =& $manager->getPlugin($o->pfile);\r
if ($plug)\r
\r
// check dependency before delete\r
$res = sql_query('SELECT pfile FROM '.sql_table('plugin'));\r
- while($o = mysql_fetch_object($res)) {\r
+ while($o = sql_fetch_object($res)) {\r
$plug =& $manager->getPlugin($o->pfile);\r
if ($plug)\r
{\r
// get OIDs from plugin_option_desc\r
$res = sql_query('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);\r
$aOIDs = array();\r
- while ($o = mysql_fetch_object($res)) {\r
+ while ($o = sql_fetch_object($res)) {\r
array_push($aOIDs, $o->oid);\r
}\r
\r
\r
// update order numbers\r
$res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid);\r
- $o = mysql_fetch_object($res);\r
+ $o = sql_fetch_object($res);\r
sql_query('UPDATE '.sql_table('plugin').' SET porder=(porder - 1) WHERE porder>'.$o->porder);\r
\r
// delete row\r
\r
// 1. get old order number\r
$res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);\r
- $o = mysql_fetch_object($res);\r
+ $o = sql_fetch_object($res);\r
$oldOrder = $o->porder;\r
\r
// 2. calculate new order number\r
\r
// 1. get old order number\r
$res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);\r
- $o = mysql_fetch_object($res);\r
+ $o = sql_fetch_object($res);\r
$oldOrder = $o->porder;\r
\r
$res = sql_query('SELECT * FROM '.sql_table('plugin'));\r
- $maxOrder = mysql_num_rows($res);\r
+ $maxOrder = sql_num_rows($res);\r
\r
// 2. calculate new order number\r
$newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;\r
$aOIDs = array();\r
$query = 'SELECT * FROM ' . sql_table('plugin_option_desc') . ' WHERE ocontext=\'global\' and opid=' . $pid . ' ORDER BY oid ASC';\r
$r = sql_query($query);\r
- while ($o = mysql_fetch_object($r)) {\r
+ while ($o = sql_fetch_object($r)) {\r
array_push($aOIDs, $o->oid);\r
$aOptions[$o->oid] = array(\r
'oid' => $o->oid,\r
// fill out actual values\r
if (count($aOIDs) > 0) {\r
$r = sql_query('SELECT oid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).')');\r
- while ($o = mysql_fetch_object($r))\r
+ while ($o = sql_fetch_object($r))\r
$aOptions[$o->oid]['value'] = $o->ovalue;\r
}\r
\r
// (note: this might contain doubles for overlapping contextids)\r
$aIdToValue = array();\r
$res = sql_query('SELECT oid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE ocontextid=' . intval($contextid));\r
- while ($o = mysql_fetch_object($res)) {\r
+ while ($o = sql_fetch_object($res)) {\r
$aIdToValue[$o->oid] = $o->ovalue;\r
}\r
\r
. ' WHERE opid=pid and ocontext=\''.addslashes($context).'\' ORDER BY porder, oid ASC';\r
$res = sql_query($query);\r
$aOptions = array();\r
- while ($o = mysql_fetch_object($res)) {\r
+ while ($o = sql_fetch_object($res)) {\r
if (in_array($o->oid, array_keys($aIdToValue)))\r
$value = $aIdToValue[$o->oid];\r
else\r
$blogid = intval($blogid);
$query = 'SELECT * FROM '.sql_table('ban').' WHERE blogid='.$blogid;
$res = sql_query($query);
- while ($obj = mysql_fetch_object($res)) {
+ while ($obj = sql_fetch_object($res)) {
$found = strpos ($ip, $obj->iprange);
if (!($found === false))
// found a match!
$query = 'DELETE FROM '.sql_table('ban')." WHERE blogid=$blogid and iprange='" .addslashes($iprange). "'";
sql_query($query);
- $result = (mysql_affected_rows() > 0);
+ $result = (sql_affected_rows() > 0);
$manager->notify('PostDeleteBan', array('blogid' => $blogid, 'range' => $iprange));
// loop over all items
$old_date = 0;
- while ($item = mysql_fetch_object($items)) {
+ while ($item = sql_fetch_object($items)) {
$item->timestamp = strtotime($item->itime); // string timestamp -> unix timestamp
}
- $numrows = mysql_num_rows($items);
+ $numrows = sql_num_rows($items);
// add another date footer if there was at least one item
if (($numrows > 0) && $dateheads) {
$manager->notify('PostDateFoot',array('blog' => &$this, 'timestamp' => strtotime($old_date)));
}
- mysql_free_result($items); // free memory
+ sql_free_result($items); // free memory
return $numrows;
$query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IDRAFT, ICAT, IPOSTED) '
. "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $draft, $catid, $posted)";
sql_query($query);
- $itemid = mysql_insert_id();
+ $itemid = sql_insert_id();
$manager->notify('PostAddItem',array('itemid' => $itemid));
$i = 1;
$res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cname='".$catName.$i."' and cblog=".$this->getID());
- while (mysql_num_rows($res) > 0)
+ while (sql_num_rows($res) > 0)
{
$i++;
$res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cname='".$catName.$i."' and cblog=".$this->getID());
$query = 'INSERT INTO '.sql_table('category').' (cblog, cname, cdesc) VALUES (' . $this->getID() . ", '" . addslashes($catName) . "', '" . addslashes($catDescription) . "')";
sql_query($query);
- $catid = mysql_insert_id();
+ $catid = sql_insert_id();
$manager->notify(
'PostAddCategory',
if ($catid)
$query .= ' and icat=' . intval($catid);
- $query .= ' GROUP BY Year, Month';
+ $query .= ' GROUP BY Year';
+ if ($mode == 'month' || $mode == 'day')
+ $query .= ', Month';
if ($mode == 'day')
$query .= ', Day';
$res = sql_query($query);
- while ($current = mysql_fetch_object($res)) {
+ while ($current = sql_fetch_object($res)) {
$current->itime = strtotime($current->itime); // string time -> unix timestamp
if ($mode == 'day') {
- $archivedate = date('Y-m-d',$current->itime);
- $archive['day'] = date('d',$current->itime);
- $data['day'] = date('d',$current->itime);
+ $archivedate = date('Y-m-d',$current->itime);
+ $archive['day'] = date('d',$current->itime);
+ $data['day'] = date('d',$current->itime);
+ $data['month'] = date('m',$current->itime);
+ $archive['month'] = $data['month'];
+ } elseif ($mode == 'year') {
+ $archivedate = date('Y',$current->itime);
+ $data['day'] = '';
+ $data['month'] = '';
+ $archive['day'] = '';
+ $archive['month'] = '';
} else {
$archivedate = date('Y-m',$current->itime);
+ $data['month'] = date('m',$current->itime);
+ $archive['month'] = $data['month'];
+ $data['day'] = '';
+ $archive['day'] = '';
}
- $data['month'] = date('m',$current->itime);
$data['year'] = date('Y',$current->itime);
+ $archive['year'] = $data['year'];
$data['archivelink'] = createArchiveLink($this->getID(),$archivedate,$linkparams);
$manager->notify(
}
- mysql_free_result($res);
+ sql_free_result($res);
echo TEMPLATE::fill($template['ARCHIVELIST_FOOTER'],$data);
}
$res = sql_query($query);
- while ($data = mysql_fetch_assoc($res)) {
+ while ($data = sql_fetch_assoc($res)) {
$data['blogid'] = $this->getID();
$data['blogurl'] = $blogurl;
$data['catlink'] = createLink(
}
- mysql_free_result($res);
+ sql_free_result($res);
echo TEMPLATE::fill((isset($template['CATLIST_FOOTER']) ? $template['CATLIST_FOOTER'] : null),
array(
$query = 'SELECT bnumber, bname, bshortname, bdesc, burl FROM '.sql_table('blog').' ORDER BY '.$orderby.' '.$direction;
$res = sql_query($query);
- while ($data = mysql_fetch_assoc($res)) {
+ while ($data = sql_fetch_assoc($res)) {
$list = array();
}
- mysql_free_result($res);
+ sql_free_result($res);
echo TEMPLATE::fill((isset($template['BLOGLIST_FOOTER']) ? $template['BLOGLIST_FOOTER'] : null),
array(
. ' WHERE bnumber=' . $this->blogid;
$res = sql_query($query);
- $this->isValid = (mysql_num_rows($res) > 0);
+ $this->isValid = (sql_num_rows($res) > 0);
if (!$this->isValid)
return;
- $this->settings = mysql_fetch_assoc($res);
+ $this->settings = sql_fetch_assoc($res);
}
function writeSettings() {
function isValidCategory($catid) {
$query = 'SELECT * FROM '.sql_table('category').' WHERE cblog=' . $this->getID() . ' and catid=' . intval($catid);
$res = sql_query($query);
- return (mysql_num_rows($res) != 0);
+ return (sql_num_rows($res) != 0);
}
function getCategoryName($catid) {
$res = sql_query('SELECT cname FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
- $o = mysql_fetch_object($res);
+ $o = sql_fetch_object($res);
return $o->cname;
}
function getCategoryDesc($catid) {
$res = sql_query('SELECT cdesc FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
- $o = mysql_fetch_object($res);
+ $o = sql_fetch_object($res);
return $o->cdesc;
}
function getCategoryIdFromName($name) {
$res = sql_query('SELECT catid FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and cname="' . addslashes($name) . '"');
- if (mysql_num_rows($res) > 0) {
- $o = mysql_fetch_object($res);
+ if (sql_num_rows($res) > 0) {
+ $o = sql_fetch_object($res);
return $o->catid;
} else {
return $this->getDefaultCategory();
// returns true if there is a blog with the given shortname (static)
function exists($name) {
$r = sql_query('select * FROM '.sql_table('blog').' WHERE bshortname="'.addslashes($name).'"');
- return (mysql_num_rows($r) != 0);
+ return (sql_num_rows($r) != 0);
}
// returns true if there is a blog with the given ID (static)
function existsID($id) {
$r = sql_query('select * FROM '.sql_table('blog').' WHERE bnumber='.intval($id));
- return (mysql_num_rows($r) != 0);
+ return (sql_num_rows($r) != 0);
}
// flag there is a future post pending
$blogid = $this->getID();
$result = sql_query("SELECT * FROM " . sql_table('item')
. " WHERE iposted=0 AND iblog=" . $blogid . " AND itime<NOW()");
- if (mysql_num_rows($result) > 0) {
+ if (sql_num_rows($result) > 0) {
// This $pinged is allow a plugin to tell other hook to the event that a ping is sent already
// Note that the plugins's calling order is subject to thri order in the plugin list
$pinged = false;
// check to see any pending future post, clear the flag is none
$result = sql_query("SELECT * FROM " . sql_table('item')
. " WHERE iposted=0 AND iblog=" . $blogid);
- if (mysql_num_rows($result) == 0) {
+ if (sql_num_rows($result) == 0) {
$this->clearFuturePost();
}
}
* @version $Id$
* $NucleusJP: COMMENT.php,v 1.4 2006/07/17 20:03:44 kimitake Exp $
*/
-class COMMENT {\r
-\r
- /**\r
- * Returns the requested comment\r
- * \r
- * @static\r
- */\r
- function getComment($commentid) {\r
- $query = 'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cemail as email, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'\r
- . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'\r
- . ' WHERE cnumber=' . intval($commentid);\r
- $comments = sql_query($query);\r
-\r
- $aCommentInfo = mysql_fetch_assoc($comments);\r
- if ($aCommentInfo)\r
- {\r
- $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);\r
- }\r
- return $aCommentInfo;\r
- }\r
-\r
- /**\r
- * Prepares a comment to be saved\r
- * \r
- * @static\r
- */\r
- function prepare($comment) {\r
- $comment['user'] = strip_tags($comment['user']);\r
- $comment['userid'] = strip_tags($comment['userid']);\r
- $comment['email'] = strip_tags($comment['email']);\r
-\r
- // remove quotes and newlines from user and userid\r
- $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');\r
- $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');\r
- $comment['email'] = strtr($comment['email'], "\'\"\n",'-- ');\r
-\r
- $comment['body'] = COMMENT::prepareBody($comment['body']);\r
-\r
- return $comment;\r
- }\r
-\r
- /**\r
- * Prepares the body of a comment\r
- *\r
- * @ static\r
- */ \r
- function prepareBody($body) {\r
-\r
- // remove newlines when too many in a row\r
- $body = ereg_replace("\n.\n.\n","\n",$body);\r
-\r
- // encode special characters as entities\r
- $body = htmlspecialchars($body);\r
-\r
- // trim away whitespace and newlines at beginning and end\r
- $body = trim($body);\r
-\r
- // add <br /> tags\r
- $body = addBreaks($body);\r
-\r
- // create hyperlinks for http:// addresses\r
- // there's a testcase for this in /build/testcases/urllinking.txt\r
- $replaceFrom = array(\r
- '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',\r
- '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',\r
- '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',\r
- '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'\r
- );\r
- $replaceTo = array(\r
- 'COMMENT::createLinkCode("\\1", "\\2","https")',\r
- 'COMMENT::createLinkCode("\\1", "\\2","http")',\r
- 'COMMENT::createLinkCode("\\1", "\\2","ftp")',\r
- 'COMMENT::createLinkCode("\\1", "\\3","mailto")'\r
- );\r
- $body = preg_replace($replaceFrom, $replaceTo, $body);\r
-\r
- return $body;\r
- }\r
-\r
- /**\r
- * Creates a link code for unlinked URLs with different protocols\r
- *\r
- * @ static\r
- */ \r
- function createLinkCode($pre, $url, $protocol = 'http') {\r
- $post = '';\r
-\r
- // it's possible that $url ends contains entities we don't want,\r
- // since htmlspecialchars is applied _before_ URL linking\r
- // move the part of URL, starting from the disallowed entity to the 'post' link part\r
- $aBadEntities = array('"', '>', '<');\r
- foreach ($aBadEntities as $entity)\r
- {\r
- $pos = strpos($url, $entity);\r
- if ($pos)\r
- {\r
- $post = substr($url, $pos) . $post;\r
- $url = substr($url, 0, $pos);\r
-\r
- }\r
- }\r
-\r
- // remove entities at end (&&&&)\r
- if (preg_match('/(&\w+;)+$/i', $url, $matches)) {\r
- $post = $matches[0] . $post; // found entities (1 or more)\r
- $url = substr($url, 0, strlen($url) - strlen($post));\r
- }\r
-\r
- // move ending comma from url to 'post' part\r
- if (substr($url, strlen($url) - 1) == ',')\r
- {\r
- $url = substr($url, 0, strlen($url) - 1);\r
- $post = ',' . $post;\r
- }\r
-\r
- if (!ereg('^'.$protocol.'://',$url))\r
- $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;\r
- else\r
- $linkedUrl = $url;\r
-\r
-\r
- if ($protocol != 'mailto')\r
- $displayedUrl = $linkedUrl;\r
- else\r
- $displayedUrl = $url;\r
- return $pre . '<a href="'.$linkedUrl.'" rel="nofollow">'.shorten($displayedUrl,30,'...').'</a>' . $post;\r
- }\r
-\r
-}\r
-\r
+class COMMENT {
+
+ /**
+ * Returns the requested comment
+ *
+ * @static
+ */
+ function getComment($commentid) {
+ $query = 'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cemail as email, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'
+ . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'
+ . ' WHERE cnumber=' . intval($commentid);
+ $comments = sql_query($query);
+
+ $aCommentInfo = sql_fetch_assoc($comments);
+ if ($aCommentInfo)
+ {
+ $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);
+ }
+ return $aCommentInfo;
+ }
+
+ /**
+ * Prepares a comment to be saved
+ *
+ * @static
+ */
+ function prepare($comment) {
+ $comment['user'] = strip_tags($comment['user']);
+ $comment['userid'] = strip_tags($comment['userid']);
+ $comment['email'] = strip_tags($comment['email']);
+
+ // remove quotes and newlines from user and userid
+ $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');
+ $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');
+ $comment['email'] = strtr($comment['email'], "\'\"\n",'-- ');
+
+ $comment['body'] = COMMENT::prepareBody($comment['body']);
+
+ return $comment;
+ }
+
+ /**
+ * Prepares the body of a comment
+ *
+ * @ static
+ */
+ function prepareBody($body) {
+
+ // remove newlines when too many in a row
+ $body = ereg_replace("\n.\n.\n","\n",$body);
+
+ // encode special characters as entities
+ $body = htmlspecialchars($body);
+
+ // trim away whitespace and newlines at beginning and end
+ $body = trim($body);
+
+ // add <br /> tags
+ $body = addBreaks($body);
+
+ // create hyperlinks for http:// addresses
+ // there's a testcase for this in /build/testcases/urllinking.txt
+ $replaceFrom = array(
+ '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
+ '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
+ '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
+ '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'
+ );
+ $replaceTo = array(
+ 'COMMENT::createLinkCode("\\1", "\\2","https")',
+ 'COMMENT::createLinkCode("\\1", "\\2","http")',
+ 'COMMENT::createLinkCode("\\1", "\\2","ftp")',
+ 'COMMENT::createLinkCode("\\1", "\\3","mailto")'
+ );
+ $body = preg_replace($replaceFrom, $replaceTo, $body);
+
+ return $body;
+ }
+
+ /**
+ * Creates a link code for unlinked URLs with different protocols
+ *
+ * @ static
+ */
+ function createLinkCode($pre, $url, $protocol = 'http') {
+ $post = '';
+
+ // it's possible that $url ends contains entities we don't want,
+ // since htmlspecialchars is applied _before_ URL linking
+ // move the part of URL, starting from the disallowed entity to the 'post' link part
+ $aBadEntities = array('"', '>', '<');
+ foreach ($aBadEntities as $entity)
+ {
+ $pos = strpos($url, $entity);
+ if ($pos)
+ {
+ $post = substr($url, $pos) . $post;
+ $url = substr($url, 0, $pos);
+
+ }
+ }
+
+ // remove entities at end (&&&&)
+ if (preg_match('/(&\w+;)+$/i', $url, $matches)) {
+ $post = $matches[0] . $post; // found entities (1 or more)
+ $url = substr($url, 0, strlen($url) - strlen($post));
+ }
+
+ // move ending comma from url to 'post' part
+ if (substr($url, strlen($url) - 1) == ',')
+ {
+ $url = substr($url, 0, strlen($url) - 1);
+ $post = ',' . $post;
+ }
+
+ if (!ereg('^'.$protocol.'://',$url))
+ $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;
+ else
+ $linkedUrl = $url;
+
+
+ if ($protocol != 'mailto')
+ $displayedUrl = $linkedUrl;
+ else
+ $displayedUrl = $url;
+ return $pre . '<a href="'.$linkedUrl.'" rel="nofollow">'.shorten($displayedUrl,30,'...').'</a>' . $post;
+ }
+
+}
+
?>
\ No newline at end of file
* @version $Id$
* $NucleusJP: COMMENTS.php,v 1.9.2.1 2007/08/08 05:32:21 kimitake Exp $
*/
-\r
-if ( !function_exists('requestVar') ) exit;\r
-require_once dirname(__FILE__) . '/COMMENTACTIONS.php';\r
-\r
-class COMMENTS {\r
-\r
- // item for which comment are being displayed\r
- var $itemid;\r
-\r
- // reference to the itemActions object that is calling the showComments function\r
- var $itemActions;\r
-\r
- // total amount of comments displayed\r
- var $commentcount;\r
-\r
- /**\r
- * Creates a new COMMENTS object for the given blog and item\r
- *\r
- * @param $itemid\r
- * id of the item\r
- */\r
- function COMMENTS($itemid) {\r
- $this->itemid = intval($itemid);\r
- }\r
-\r
- /**\r
- * Used when parsing comments\r
- *\r
- * @param $itemActions\r
- * itemActions object, that will take care of the parsing\r
- */\r
- function setItemActions(&$itemActions) {\r
- $this->itemActions =& $itemActions;\r
- }\r
-\r
- /**\r
- * Shows maximum $max comments to the given item using the given template\r
- * returns the amount of shown comments (if maxToShow = -1, then there is no limit)\r
- *\r
- * @param template\r
- * template to use\r
- * @param maxToShow\r
- * max. comments to show\r
- * @param showNone\r
- * indicates if the 'no comments' thingie should be outputted when there are no comments\r
- * (useful for closed items)\r
- * @param highlight\r
- * Highlight to use (if any)\r
- */\r
- function showComments($template, $maxToShow = -1, $showNone = 1, $highlight = '') {\r
- global $CONF, $manager;\r
-\r
- // create parser object & action handler\r
- $actions =& new COMMENTACTIONS($this);\r
- $parser =& new PARSER($actions->getDefinedActions(),$actions);\r
- $actions->setTemplate($template);\r
- $actions->setParser($parser);\r
-\r
- if ($maxToShow == 0) {\r
- $this->commentcount = $this->amountComments();\r
- } else {\r
- $query = 'SELECT c.citem as itemid, c.cnumber as commentid, c.cbody as body, c.cuser as user, c.cmail as userid, c.cemail as email, c.cmember as memberid, c.ctime, c.chost as host, c.cip as ip, c.cblog as blogid'\r
- . ' FROM '.sql_table('comment').' as c'\r
- . ' WHERE c.citem=' . $this->itemid\r
- . ' ORDER BY c.ctime';\r
-\r
- $comments = sql_query($query);\r
- $this->commentcount = mysql_num_rows($comments);\r
- }\r
-\r
- // if no result was found\r
- if ($this->commentcount == 0) {\r
- // note: when no reactions, COMMENTS_HEADER and COMMENTS_FOOTER are _NOT_ used\r
- if ($showNone) $parser->parse($template['COMMENTS_NONE']);\r
- return 0;\r
- }\r
-\r
- // if too many comments to show\r
- if (($maxToShow != -1) && ($this->commentcount > $maxToShow)) {\r
- $parser->parse($template['COMMENTS_TOOMUCH']);\r
- return 0;\r
- }\r
-\r
- $parser->parse($template['COMMENTS_HEADER']);\r
-\r
- while ( $comment = mysql_fetch_assoc($comments) ) {\r
- $comment['timestamp'] = strtotime($comment['ctime']);\r
- $actions->setCurrentComment($comment);\r
- $actions->setHighlight($highlight);\r
- $manager->notify('PreComment', array('comment' => &$comment));\r
- $parser->parse($template['COMMENTS_BODY']);\r
- $manager->notify('PostComment', array('comment' => &$comment));\r
- }\r
-\r
- $parser->parse($template['COMMENTS_FOOTER']);\r
-\r
- mysql_free_result($comments);\r
-\r
- return $this->commentcount;\r
- }\r
-\r
- /**\r
- * Returns the amount of comments for this itemid\r
- */\r
- function amountComments() {\r
- $query = 'SELECT COUNT(*)'\r
- . ' FROM '.sql_table('comment').' as c'\r
- . ' WHERE c.citem='. $this->itemid;\r
- $res = sql_query($query);\r
- $arr = mysql_fetch_row($res);\r
-\r
- return $arr[0];\r
- }\r
-\r
- /**\r
- * Adds a new comment to the database\r
- */\r
- function addComment($timestamp, $comment) {\r
- global $CONF, $member, $manager;\r
-\r
- $blogid = getBlogIDFromItemID($this->itemid);\r
-\r
- $settings =& $manager->getBlog($blogid);\r
- $settings->readSettings();\r
-\r
- if (!$settings->commentsEnabled())\r
- return _ERROR_COMMENTS_DISABLED;\r
-\r
- if (!$settings->isPublic() && !$member->isLoggedIn())\r
- return _ERROR_COMMENTS_NONPUBLIC;\r
-\r
- // member name protection\r
- if ($CONF['ProtectMemNames'] && !$member->isLoggedIn() && MEMBER::isNameProtected($comment['user']))\r
- return _ERROR_COMMENTS_MEMBERNICK;\r
-\r
- // email required protection\r
- if ($settings->emailRequired() && strlen($comment['email']) == 0 && !$member->isLoggedIn()) {\r
- return _ERROR_EMAIL_REQUIRED;\r
- }\r
-\r
- $comment['timestamp'] = $timestamp;\r
- $comment['host'] = gethostbyaddr(serverVar('REMOTE_ADDR'));\r
- $comment['ip'] = serverVar('REMOTE_ADDR');\r
-\r
- // if member is logged in, use that data\r
- if ($member->isLoggedIn()) {\r
- $comment['memberid'] = $member->getID();\r
- $comment['user'] = '';\r
- $comment['userid'] = '';\r
- $comment['email'] = '';\r
- } else {\r
- $comment['memberid'] = 0;\r
- }\r
-\r
- // spam check\r
- $continue = false;\r
- $plugins = array();\r
-\r
- if (isset($manager->subscriptions['ValidateForm']))\r
- $plugins = array_merge($plugins, $manager->subscriptions['ValidateForm']);\r
-\r
- if (isset($manager->subscriptions['PreAddComment']))\r
- $plugins = array_merge($plugins, $manager->subscriptions['PreAddComment']);\r
-\r
- if (isset($manager->subscriptions['PostAddComment']))\r
- $plugins = array_merge($plugins, $manager->subscriptions['PostAddComment']);\r
-\r
- $plugins = array_unique($plugins);\r
-\r
- while (list(,$plugin) = each($plugins)) {\r
- $p = $manager->getPlugin($plugin);\r
- $continue = $continue || $p->supportsFeature('handleSpam');\r
- }\r
-\r
- $spamcheck = array (\r
- 'type' => 'comment',\r
- 'body' => $comment['body'],\r
- 'id' => $comment['itemid'],\r
- 'live' => true,\r
- 'return' => $continue\r
- );\r
-\r
- if ($member->isLoggedIn()) {\r
- $spamcheck['author'] = $member->displayname;\r
- $spamcheck['email'] = $member->email;\r
- } else {\r
- $spamcheck['author'] = $comment['user'];\r
- $spamcheck['email'] = $comment['email'];\r
- $spamcheck['url'] = $comment['userid'];\r
- }\r
-\r
- $manager->notify('SpamCheck', array ('spamcheck' => &$spamcheck));\r
-\r
- if (!$continue && isset($spamcheck['result']) && $spamcheck['result'] == true)\r
- return _ERROR_COMMENTS_SPAM;\r
-\r
-\r
- // isValidComment returns either "1" or an error message\r
- $isvalid = $this->isValidComment($comment, $spamcheck);\r
- if ($isvalid != 1)\r
- return $isvalid;\r
-\r
- // send email to notification address, if any\r
- if ($settings->getNotifyAddress() && $settings->notifyOnComment()) {\r
-\r
- $mailto_msg = _NOTIFY_NC_MSG . ' ' . $this->itemid . "\n";\r
-// $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $this->itemid . "\n\n";\r
- $temp = parse_url($CONF['Self']);\r
- if ($temp['scheme']) {\r
- $mailto_msg .= createItemLink($this->itemid) . "\n\n";\r
- } else {\r
- $tempurl = $settings->getURL();\r
- if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {\r
- $mailto_msg .= $tempurl . '?itemid=' . $this->itemid . "\n\n";\r
- } else {\r
- $mailto_msg .= $tempurl . '/?itemid=' . $this->itemid . "\n\n";\r
- }\r
- }\r
- if ($comment['memberid'] == 0) {\r
- $mailto_msg .= _NOTIFY_USER . ' ' . $comment['user'] . "\n";\r
- $mailto_msg .= _NOTIFY_USERID . ' ' . $comment['userid'] . "\n";\r
- } else {\r
- $mailto_msg .= _NOTIFY_MEMBER .' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
- }\r
- $mailto_msg .= _NOTIFY_HOST . ' ' . $comment['host'] . "\n";\r
- $mailto_msg .= _NOTIFY_COMMENT . "\n " . $comment['body'] . "\n";\r
- $mailto_msg .= getMailFooter();\r
-\r
- $item =& $manager->getItem($this->itemid, 0, 0);\r
- $mailto_title = _NOTIFY_NC_TITLE . ' ' . strip_tags($item['title']) . ' (' . $this->itemid . ')';\r
-\r
- $frommail = $member->getNotifyFromMailAddress($comment['email']);\r
-\r
- $notify =& new NOTIFICATION($settings->getNotifyAddress());\r
- $notify->notify($mailto_title, $mailto_msg , $frommail);\r
- }\r
-\r
- $comment = COMMENT::prepare($comment);\r
-\r
- $manager->notify('PreAddComment',array('comment' => &$comment, 'spamcheck' => &$spamcheck));\r
-\r
- $name = addslashes($comment['user']);\r
- $url = addslashes($comment['userid']);\r
- $email = addslashes($comment['email']);\r
- $body = addslashes($comment['body']);\r
- $host = addslashes($comment['host']);\r
- $ip = addslashes($comment['ip']);\r
- $memberid = intval($comment['memberid']);\r
- $timestamp = date('Y-m-d H:i:s', $comment['timestamp']);\r
- $itemid = $this->itemid;\r
-\r
- $qSql = 'SELECT COUNT(*) AS result '\r
- . 'FROM ' . sql_table('comment')\r
- . ' WHERE '\r
- . 'cmail = "' . $url . '"'\r
- . ' AND cmember = "' . $memberid . '"'\r
- . ' AND cbody = "' . $body . '"'\r
- . ' AND citem = "' . $itemid . '"'\r
- . ' AND cblog = "' . $blogid . '"';\r
- $result = (integer) quickQuery($qSql);\r
- if ($result > 0) {\r
- return _ERROR_BADACTION;\r
- }\r
-\r
- $query = 'INSERT INTO '.sql_table('comment').' (CUSER, CMAIL, CEMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CIP, CBLOG) '\r
- . "VALUES ('$name', '$url', '$email', $memberid, '$body', $itemid, '$timestamp', '$host', '$ip', '$blogid')";\r
-\r
- sql_query($query);\r
-\r
- // post add comment\r
- $commentid = mysql_insert_id();\r
- $manager->notify('PostAddComment',array('comment' => &$comment, 'commentid' => &$commentid, 'spamcheck' => &$spamcheck));\r
-\r
- // succeeded !\r
- return true;\r
- }\r
-\r
- /**\r
- * Checks if a comment is valid and call plugins\r
- * that can check if the comment is a spam comment \r
- */\r
- function isValidComment(&$comment, & $spamcheck) {\r
- global $member, $manager;\r
-\r
- // check if there exists a item for this date\r
- $item =& $manager->getItem($this->itemid,0,0);\r
-\r
- if (!$item)\r
- return _ERROR_NOSUCHITEM;\r
-\r
- if ($item['closed'])\r
- return _ERROR_ITEMCLOSED;\r
-\r
- // don't allow words that are too long\r
- if (eregi('[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}',$comment['body']) != false)\r
- return _ERROR_COMMENT_LONGWORD;\r
-\r
- // check lengths of comment\r
- if (strlen($comment['body'])<3)\r
- return _ERROR_COMMENT_NOCOMMENT;\r
-\r
- if (strlen($comment['body'])>5000)\r
- return _ERROR_COMMENT_TOOLONG;\r
-\r
- // only check username if no member logged in\r
- if (!$member->isLoggedIn())\r
- if (strlen($comment['user'])<2)\r
- return _ERROR_COMMENT_NOUSERNAME;\r
-\r
- if ((strlen($comment['email']) != 0) && !(isValidMailAddress($comment['email']))) {\r
- return _ERROR_BADMAILADDRESS;\r
- }\r
-\r
- // let plugins do verification (any plugin which thinks the comment is invalid\r
- // can change 'error' to something other than '1')\r
- $result = 1;\r
- $manager->notify('ValidateForm', array('type' => 'comment', 'comment' => &$comment, 'error' => &$result, 'spamcheck' => &$spamcheck));\r
-\r
- return $result;\r
- }\r
-\r
-}\r
-\r
+
+if ( !function_exists('requestVar') ) exit;
+require_once dirname(__FILE__) . '/COMMENTACTIONS.php';
+
+class COMMENTS {
+
+ // item for which comment are being displayed
+ var $itemid;
+
+ // reference to the itemActions object that is calling the showComments function
+ var $itemActions;
+
+ // total amount of comments displayed
+ var $commentcount;
+
+ /**
+ * Creates a new COMMENTS object for the given blog and item
+ *
+ * @param $itemid
+ * id of the item
+ */
+ function COMMENTS($itemid) {
+ $this->itemid = intval($itemid);
+ }
+
+ /**
+ * Used when parsing comments
+ *
+ * @param $itemActions
+ * itemActions object, that will take care of the parsing
+ */
+ function setItemActions(&$itemActions) {
+ $this->itemActions =& $itemActions;
+ }
+
+ /**
+ * Shows maximum $max comments to the given item using the given template
+ * returns the amount of shown comments (if maxToShow = -1, then there is no limit)
+ *
+ * @param template
+ * template to use
+ * @param maxToShow
+ * max. comments to show
+ * @param showNone
+ * indicates if the 'no comments' thingie should be outputted when there are no comments
+ * (useful for closed items)
+ * @param highlight
+ * Highlight to use (if any)
+ */
+ function showComments($template, $maxToShow = -1, $showNone = 1, $highlight = '') {
+ global $CONF, $manager;
+
+ // create parser object & action handler
+ $actions =& new COMMENTACTIONS($this);
+ $parser =& new PARSER($actions->getDefinedActions(),$actions);
+ $actions->setTemplate($template);
+ $actions->setParser($parser);
+
+ if ($maxToShow == 0) {
+ $this->commentcount = $this->amountComments();
+ } else {
+ $query = 'SELECT c.citem as itemid, c.cnumber as commentid, c.cbody as body, c.cuser as user, c.cmail as userid, c.cemail as email, c.cmember as memberid, c.ctime, c.chost as host, c.cip as ip, c.cblog as blogid'
+ . ' FROM '.sql_table('comment').' as c'
+ . ' WHERE c.citem=' . $this->itemid
+ . ' ORDER BY c.ctime';
+
+ $comments = sql_query($query);
+ $this->commentcount = sql_num_rows($comments);
+ }
+
+ // if no result was found
+ if ($this->commentcount == 0) {
+ // note: when no reactions, COMMENTS_HEADER and COMMENTS_FOOTER are _NOT_ used
+ if ($showNone) $parser->parse($template['COMMENTS_NONE']);
+ return 0;
+ }
+
+ // if too many comments to show
+ if (($maxToShow != -1) && ($this->commentcount > $maxToShow)) {
+ $parser->parse($template['COMMENTS_TOOMUCH']);
+ return 0;
+ }
+
+ $parser->parse($template['COMMENTS_HEADER']);
+
+ while ( $comment = sql_fetch_assoc($comments) ) {
+ $comment['timestamp'] = strtotime($comment['ctime']);
+ $actions->setCurrentComment($comment);
+ $actions->setHighlight($highlight);
+ $manager->notify('PreComment', array('comment' => &$comment));
+ $parser->parse($template['COMMENTS_BODY']);
+ $manager->notify('PostComment', array('comment' => &$comment));
+ }
+
+ $parser->parse($template['COMMENTS_FOOTER']);
+
+ sql_free_result($comments);
+
+ return $this->commentcount;
+ }
+
+ /**
+ * Returns the amount of comments for this itemid
+ */
+ function amountComments() {
+ $query = 'SELECT COUNT(*)'
+ . ' FROM '.sql_table('comment').' as c'
+ . ' WHERE c.citem='. $this->itemid;
+ $res = sql_query($query);
+ $arr = sql_fetch_row($res);
+
+ return $arr[0];
+ }
+
+ /**
+ * Adds a new comment to the database
+ */
+ function addComment($timestamp, $comment) {
+ global $CONF, $member, $manager;
+
+ $blogid = getBlogIDFromItemID($this->itemid);
+
+ $settings =& $manager->getBlog($blogid);
+ $settings->readSettings();
+
+ if (!$settings->commentsEnabled())
+ return _ERROR_COMMENTS_DISABLED;
+
+ if (!$settings->isPublic() && !$member->isLoggedIn())
+ return _ERROR_COMMENTS_NONPUBLIC;
+
+ // member name protection
+ if ($CONF['ProtectMemNames'] && !$member->isLoggedIn() && MEMBER::isNameProtected($comment['user']))
+ return _ERROR_COMMENTS_MEMBERNICK;
+
+ // email required protection
+ if ($settings->emailRequired() && strlen($comment['email']) == 0 && !$member->isLoggedIn()) {
+ return _ERROR_EMAIL_REQUIRED;
+ }
+
+ $comment['timestamp'] = $timestamp;
+ $comment['host'] = gethostbyaddr(serverVar('REMOTE_ADDR'));
+ $comment['ip'] = serverVar('REMOTE_ADDR');
+
+ // if member is logged in, use that data
+ if ($member->isLoggedIn()) {
+ $comment['memberid'] = $member->getID();
+ $comment['user'] = '';
+ $comment['userid'] = '';
+ $comment['email'] = '';
+ } else {
+ $comment['memberid'] = 0;
+ }
+
+ // spam check
+ $continue = false;
+ $plugins = array();
+
+ if (isset($manager->subscriptions['ValidateForm']))
+ $plugins = array_merge($plugins, $manager->subscriptions['ValidateForm']);
+
+ if (isset($manager->subscriptions['PreAddComment']))
+ $plugins = array_merge($plugins, $manager->subscriptions['PreAddComment']);
+
+ if (isset($manager->subscriptions['PostAddComment']))
+ $plugins = array_merge($plugins, $manager->subscriptions['PostAddComment']);
+
+ $plugins = array_unique($plugins);
+
+ while (list(,$plugin) = each($plugins)) {
+ $p = $manager->getPlugin($plugin);
+ $continue = $continue || $p->supportsFeature('handleSpam');
+ }
+
+ $spamcheck = array (
+ 'type' => 'comment',
+ 'body' => $comment['body'],
+ 'id' => $comment['itemid'],
+ 'live' => true,
+ 'return' => $continue
+ );
+
+ if ($member->isLoggedIn()) {
+ $spamcheck['author'] = $member->displayname;
+ $spamcheck['email'] = $member->email;
+ } else {
+ $spamcheck['author'] = $comment['user'];
+ $spamcheck['email'] = $comment['email'];
+ $spamcheck['url'] = $comment['userid'];
+ }
+
+ $manager->notify('SpamCheck', array ('spamcheck' => &$spamcheck));
+
+ if (!$continue && isset($spamcheck['result']) && $spamcheck['result'] == true)
+ return _ERROR_COMMENTS_SPAM;
+
+
+ // isValidComment returns either "1" or an error message
+ $isvalid = $this->isValidComment($comment, $spamcheck);
+ if ($isvalid != 1)
+ return $isvalid;
+
+ // send email to notification address, if any
+ if ($settings->getNotifyAddress() && $settings->notifyOnComment()) {
+
+ $mailto_msg = _NOTIFY_NC_MSG . ' ' . $this->itemid . "\n";
+// $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $this->itemid . "\n\n";
+ $temp = parse_url($CONF['Self']);
+ if ($temp['scheme']) {
+ $mailto_msg .= createItemLink($this->itemid) . "\n\n";
+ } else {
+ $tempurl = $settings->getURL();
+ if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {
+ $mailto_msg .= $tempurl . '?itemid=' . $this->itemid . "\n\n";
+ } else {
+ $mailto_msg .= $tempurl . '/?itemid=' . $this->itemid . "\n\n";
+ }
+ }
+ if ($comment['memberid'] == 0) {
+ $mailto_msg .= _NOTIFY_USER . ' ' . $comment['user'] . "\n";
+ $mailto_msg .= _NOTIFY_USERID . ' ' . $comment['userid'] . "\n";
+ } else {
+ $mailto_msg .= _NOTIFY_MEMBER .' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
+ }
+ $mailto_msg .= _NOTIFY_HOST . ' ' . $comment['host'] . "\n";
+ $mailto_msg .= _NOTIFY_COMMENT . "\n " . $comment['body'] . "\n";
+ $mailto_msg .= getMailFooter();
+
+ $item =& $manager->getItem($this->itemid, 0, 0);
+ $mailto_title = _NOTIFY_NC_TITLE . ' ' . strip_tags($item['title']) . ' (' . $this->itemid . ')';
+
+ $frommail = $member->getNotifyFromMailAddress($comment['email']);
+
+ $notify =& new NOTIFICATION($settings->getNotifyAddress());
+ $notify->notify($mailto_title, $mailto_msg , $frommail);
+ }
+
+ $comment = COMMENT::prepare($comment);
+
+ $manager->notify('PreAddComment',array('comment' => &$comment, 'spamcheck' => &$spamcheck));
+
+ $name = addslashes($comment['user']);
+ $url = addslashes($comment['userid']);
+ $email = addslashes($comment['email']);
+ $body = addslashes($comment['body']);
+ $host = addslashes($comment['host']);
+ $ip = addslashes($comment['ip']);
+ $memberid = intval($comment['memberid']);
+ $timestamp = date('Y-m-d H:i:s', $comment['timestamp']);
+ $itemid = $this->itemid;
+
+ $qSql = 'SELECT COUNT(*) AS result '
+ . 'FROM ' . sql_table('comment')
+ . ' WHERE '
+ . 'cmail = "' . $url . '"'
+ . ' AND cmember = "' . $memberid . '"'
+ . ' AND cbody = "' . $body . '"'
+ . ' AND citem = "' . $itemid . '"'
+ . ' AND cblog = "' . $blogid . '"';
+ $result = (integer) quickQuery($qSql);
+ if ($result > 0) {
+ return _ERROR_BADACTION;
+ }
+
+ $query = 'INSERT INTO '.sql_table('comment').' (CUSER, CMAIL, CEMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CIP, CBLOG) '
+ . "VALUES ('$name', '$url', '$email', $memberid, '$body', $itemid, '$timestamp', '$host', '$ip', '$blogid')";
+
+ sql_query($query);
+
+ // post add comment
+ $commentid = sql_insert_id();
+ $manager->notify('PostAddComment',array('comment' => &$comment, 'commentid' => &$commentid, 'spamcheck' => &$spamcheck));
+
+ // succeeded !
+ return true;
+ }
+
+ /**
+ * Checks if a comment is valid and call plugins
+ * that can check if the comment is a spam comment
+ */
+ function isValidComment(&$comment, & $spamcheck) {
+ global $member, $manager;
+
+ // check if there exists a item for this date
+ $item =& $manager->getItem($this->itemid,0,0);
+
+ if (!$item)
+ return _ERROR_NOSUCHITEM;
+
+ if ($item['closed'])
+ return _ERROR_ITEMCLOSED;
+
+ // don't allow words that are too long
+ if (eregi('[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}',$comment['body']) != false)
+ return _ERROR_COMMENT_LONGWORD;
+
+ // check lengths of comment
+ if (strlen($comment['body'])<3)
+ return _ERROR_COMMENT_NOCOMMENT;
+
+ if (strlen($comment['body'])>5000)
+ return _ERROR_COMMENT_TOOLONG;
+
+ // only check username if no member logged in
+ if (!$member->isLoggedIn())
+ if (strlen($comment['user'])<2)
+ return _ERROR_COMMENT_NOUSERNAME;
+
+ if ((strlen($comment['email']) != 0) && !(isValidMailAddress($comment['email']))) {
+ return _ERROR_BADMAILADDRESS;
+ }
+
+ // let plugins do verification (any plugin which thinks the comment is invalid
+ // can change 'error' to something other than '1')
+ $result = 1;
+ $manager->notify('ValidateForm', array('type' => 'comment', 'comment' => &$comment, 'error' => &$result, 'spamcheck' => &$spamcheck));
+
+ return $result;
+ }
+
+}
+
?>
\ No newline at end of file
\r
$res = sql_query($query);\r
\r
- if (mysql_num_rows($res) == 1)\r
+ if (sql_num_rows($res) == 1)\r
{\r
- $aItemInfo = mysql_fetch_assoc($res);\r
+ $aItemInfo = sql_fetch_assoc($res);\r
$aItemInfo['timestamp'] = strtotime($aItemInfo['itime']);\r
return $aItemInfo;\r
} else {\r
}\r
$r = sql_query($r);\r
\r
- return (mysql_num_rows($r) != 0);\r
+ return (sql_num_rows($r) != 0);\r
}\r
\r
/**\r
function readFromDatabase() {
$query = 'SELECT ikarmapos, ikarmaneg FROM '.sql_table('item').' WHERE inumber=' . $this->itemid;
$res = sql_query($query);
- $obj = mysql_fetch_object($res);
+ $obj = sql_fetch_object($res);
$this->karmapos = $obj->ikarmapos;
$this->karmaneg = $obj->ikarmaneg;
function isVoteAllowed($ip) {
$query = 'SELECT * FROM '.sql_table('karma')." WHERE itemid=$this->itemid and ip='".addslashes($ip)."'";
$res = sql_query($query);
- return (mysql_num_rows($res) == 0);
+ return (sql_num_rows($res) == 0);
}
// save IP in database so no multiple votes are possible
* @version $Id$
* $NucleusJP: MANAGER.php,v 1.8.2.1 2007/09/05 07:00:18 kimitake Exp $
*/
-class MANAGER {\r
-\r
- /**\r
- * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested\r
- * through the global $manager object (getItem, getBlog, ...), only the first call\r
- * will create an object. Subsequent calls will return the same object.\r
- *\r
- * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used\r
- * rather than an ID)\r
- */\r
- var $items;\r
- var $blogs;\r
- var $plugins;\r
- var $karma;\r
- var $templates;\r
- var $members;\r
-\r
- /**\r
- * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)\r
- * e.g. which plugins exists?\r
- *\r
- * $cachedInfo['installedPlugins'] = array($pid -> $name)\r
- */\r
- var $cachedInfo;\r
-\r
- /**\r
- * The plugin subscriptionlist\r
- *\r
- * The subcription array has the following structure\r
- * $subscriptions[$EventName] = array containing names of plugin classes to be\r
- * notified when that event happens\r
- */\r
- var $subscriptions;\r
-\r
- /**\r
- * Returns the only instance of this class. Creates the instance if it\r
- * does not yet exists. Users should use this function as\r
- * $manager =& MANAGER::instance(); to get a reference to the object\r
- * instead of a copy\r
- */\r
- function &instance() {\r
- static $instance = array();\r
- if (empty($instance)) {\r
- $instance[0] =& new MANAGER();\r
- }\r
- return $instance[0];\r
- }\r
-\r
- /**\r
- * The constructor of this class initializes the object caches\r
- */\r
- function MANAGER() {\r
- $this->items = array();\r
- $this->blogs = array();\r
- $this->plugins = array();\r
- $this->karma = array();\r
- $this->parserPrefs = array();\r
- $this->cachedInfo = array();\r
- }\r
-\r
- /**\r
- * Returns the requested item object. If it is not in the cache, it will\r
- * first be loaded and then placed in the cache.\r
- * Intended use: $item =& $manager->getItem(1234)\r
- */\r
- function &getItem($itemid, $allowdraft, $allowfuture) {\r
- $item =& $this->items[$itemid];\r
-\r
- // check the draft and future rules if the item was already cached\r
- if ($item) {\r
- if ((!$allowdraft) && ($item['draft']))\r
- return 0;\r
-\r
- $blog =& $this->getBlog(getBlogIDFromItemID($itemid));\r
- if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))\r
- return 0;\r
- }\r
- if (!$item) {\r
- // load class if needed\r
- $this->loadClass('ITEM');\r
- // load item object\r
- $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);\r
- $this->items[$itemid] = $item;\r
- }\r
- return $item;\r
- }\r
-\r
- /**\r
- * Loads a class if it has not yet been loaded\r
- */\r
- function loadClass($name) {\r
- $this->_loadClass($name, $name . '.php');\r
- }\r
-\r
- /**\r
- * Checks if an item exists\r
- */\r
- function existsItem($id,$future,$draft) {\r
- $this->_loadClass('ITEM','ITEM.php');\r
- return ITEM::exists($id,$future,$draft);\r
- }\r
-\r
- /**\r
- * Checks if a category exists\r
- */\r
- function existsCategory($id) {\r
- return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
- }\r
-\r
- /**\r
- * Returns the blog object for a given blogid\r
- */\r
- function &getBlog($blogid) {\r
- $blog =& $this->blogs[$blogid];\r
-\r
- if (!$blog) {\r
- // load class if needed\r
- $this->_loadClass('BLOG','BLOG.php');\r
- // load blog object\r
- $blog =& new BLOG($blogid);\r
- $this->blogs[$blogid] =& $blog;\r
- }\r
- return $blog;\r
- }\r
-\r
- /**\r
- * Checks if a blog exists\r
- */\r
- function existsBlog($name) {\r
- $this->_loadClass('BLOG','BLOG.php');\r
- return BLOG::exists($name);\r
- }\r
-\r
- /**\r
- * Checks if a blog id exists\r
- */\r
- function existsBlogID($id) {\r
- $this->_loadClass('BLOG','BLOG.php');\r
- return BLOG::existsID($id);\r
- }\r
-\r
- /**\r
- * Returns a previously read template\r
- */\r
- function &getTemplate($templateName) {\r
- $template =& $this->templates[$templateName];\r
-\r
- if (!$template) {\r
- $template = TEMPLATE::read($templateName);\r
- $this->templates[$templateName] =& $template;\r
- }\r
- return $template;\r
- }\r
-\r
- /**\r
- * Returns a KARMA object (karma votes)\r
- */\r
- function &getKarma($itemid) {\r
- $karma =& $this->karma[$itemid];\r
-\r
- if (!$karma) {\r
- // load class if needed\r
- $this->_loadClass('KARMA','KARMA.php');\r
- // create KARMA object\r
- $karma =& new KARMA($itemid);\r
- $this->karma[$itemid] =& $karma;\r
- }\r
- return $karma;\r
- }\r
-\r
- /**\r
- * Returns a MEMBER object\r
- */\r
- function &getMember($memberid) {\r
- $mem =& $this->members[$memberid];\r
-\r
- if (!$mem) {\r
- // load class if needed\r
- $this->_loadClass('MEMBER','MEMBER.php');\r
- // create MEMBER object\r
- $mem =& MEMBER::createFromID($memberid);\r
- $this->members[$memberid] =& $mem;\r
- }\r
- return $mem;\r
- }\r
-\r
- /**\r
- * Set the global parser preferences\r
- */\r
- function setParserProperty($name, $value) {\r
- $this->parserPrefs[$name] = $value;\r
- }\r
-\r
- /**\r
- * Get the global parser preferences\r
- */\r
- function getParserProperty($name) {\r
- return $this->parserPrefs[$name];\r
- }\r
-\r
- /**\r
- * A helper function to load a class\r
- * \r
- * private\r
- */\r
- function _loadClass($name, $filename) {\r
- if (!class_exists($name)) {\r
- global $DIR_LIBS;\r
- include($DIR_LIBS . $filename);\r
- }\r
- }\r
-\r
- /**\r
- * A helper function to load a plugin\r
- * \r
- * private\r
- */\r
- function _loadPlugin($name) {\r
- if (!class_exists($name)) {\r
- global $DIR_PLUGINS;\r
-\r
- $fileName = $DIR_PLUGINS . $name . '.php';\r
-\r
- if (!file_exists($fileName))\r
- {\r
- ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));\r
- return 0;\r
- }\r
-\r
- // load plugin\r
- include($fileName);\r
-\r
- // check if class exists (avoid errors in eval'd code)\r
- if (!class_exists($name))\r
- {\r
- ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));\r
- return 0;\r
- }\r
-\r
- // add to plugin array\r
- eval('$this->plugins[$name] =& new ' . $name . '();');\r
-\r
- // get plugid\r
- $this->plugins[$name]->plugid = $this->getPidFromName($name);\r
-\r
- // unload plugin if a prefix is used and the plugin cannot handle this^\r
- global $MYSQL_PREFIX;\r
- if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix'))\r
- {\r
- unset($this->plugins[$name]);\r
- ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));\r
- return 0;\r
- }\r
-\r
- // call init method\r
- $this->plugins[$name]->init();\r
-\r
- }\r
- }\r
-\r
- /**\r
- * Returns a PLUGIN object\r
- */\r
- function &getPlugin($name) {\r
- // retrieve the name of the plugin in the right capitalisation\r
- $name = $this->getUpperCaseName ($name);\r
- // get the plugin \r
- $plugin =& $this->plugins[$name];\r
-\r
- if (!$plugin) {\r
- // load class if needed\r
- $this->_loadPlugin($name);\r
- $plugin =& $this->plugins[$name];\r
- }\r
- return $plugin;\r
- }\r
-\r
- /**\r
- * Checks if the given plugin IS loaded or not\r
- */\r
- function &pluginLoaded($name) {\r
- $plugin =& $this->plugins[$name];\r
- return $plugin;\r
- }\r
-\r
- function &pidLoaded($pid) {\r
- $plugin=false;\r
- reset($this->plugins);\r
- while (list($name) = each($this->plugins)) {\r
- if ($pid!=$this->plugins[$name]->getId()) continue;\r
- $plugin= & $this->plugins[$name];\r
- break;\r
- }\r
- return $plugin;\r
- }\r
-\r
- /**\r
- * checks if the given plugin IS installed or not\r
- */\r
- function pluginInstalled($name) {\r
- $this->_initCacheInfo('installedPlugins');\r
- return ($this->getPidFromName($name) != -1);\r
- }\r
-\r
- function pidInstalled($pid) {\r
- $this->_initCacheInfo('installedPlugins');\r
- return ($this->cachedInfo['installedPlugins'][$pid] != '');\r
- }\r
-\r
- function getPidFromName($name) {\r
- $this->_initCacheInfo('installedPlugins');\r
- foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)\r
- {\r
- if (strtolower($pfile) == strtolower($name))\r
- return $pid;\r
- }\r
- return -1;\r
- }\r
-\r
- /**\r
- * Retrieve the name of a plugin in the right capitalisation\r
- */\r
- function getUpperCaseName ($name) {\r
- $this->_initCacheInfo('installedPlugins');\r
- foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)\r
- {\r
- if (strtolower($pfile) == strtolower($name))\r
- return $pfile;\r
- }\r
- return -1;\r
- }\r
-\r
- function clearCachedInfo($what) {\r
- unset($this->cachedInfo[$what]);\r
- }\r
-\r
- /**\r
- * Loads some info on the first call only\r
- */\r
- function _initCacheInfo($what)\r
- {\r
- if (isset($this->cachedInfo[$what]) && is_array($this->cachedInfo[$what]))\r
- return;\r
- switch ($what)\r
- {\r
- // 'installedPlugins' = array ($pid => $name)\r
- case 'installedPlugins':\r
- $this->cachedInfo['installedPlugins'] = array();\r
- $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
- while ($o = mysql_fetch_object($res))\r
- {\r
- $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;\r
- }\r
- break;\r
- }\r
- }\r
-\r
- /**\r
- * A function to notify plugins that something has happened. Only the plugins\r
- * that are subscribed to the event will get notified.\r
- * Upon the first call, the list of subscriptions will be fetched from the\r
- * database. The plugins itsself will only get loaded when they are first needed\r
- *\r
- * @param $eventName\r
- * Name of the event (method to be called on plugins)\r
- * @param $data\r
- * Can contain any type of data, depending on the event type. Usually this is\r
- * an itemid, blogid, ... but it can also be an array containing multiple values\r
- */\r
- function notify($eventName, $data) {\r
- // load subscription list if needed\r
- if (!is_array($this->subscriptions))\r
- $this->_loadSubscriptions();\r
-\r
-\r
- // get listening objects\r
- $listeners = false;\r
- if (isset($this->subscriptions[$eventName])) {\r
- $listeners = $this->subscriptions[$eventName];\r
- }\r
-\r
- // notify all of them\r
- if (is_array($listeners)) {\r
- foreach($listeners as $listener) {\r
- // load class if needed\r
- $this->_loadPlugin($listener);\r
- // do notify (if method exists)\r
- if (method_exists($this->plugins[$listener], 'event_' . $eventName))\r
- call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), $data);\r
- }\r
- }\r
-\r
- }\r
-\r
- /**\r
- * Loads plugin subscriptions\r
- */\r
- function _loadSubscriptions() {\r
- // initialize as array\r
- $this->subscriptions = array();\r
-\r
- $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');\r
- while ($o = mysql_fetch_object($res)) {\r
- $pluginName = $o->pfile;\r
- $eventName = $o->event;\r
- $this->subscriptions[$eventName][] = $pluginName;\r
- }\r
-\r
- }\r
-\r
- /*\r
- Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST\r
- requests. tickets are user specific\r
- */\r
-\r
- var $currentRequestTicket = '';\r
-\r
- /**\r
- * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)\r
- */\r
- function addTicketToUrl($url)\r
- {\r
- $ticketCode = 'ticket=' . $this->_generateTicket();\r
- if (strstr($url, '?'))\r
- return $url . '&' . $ticketCode;\r
- else\r
- return $url . '?' . $ticketCode;\r
- }\r
-\r
- /**\r
- * POST requests: Adds ticket as hidden formvar\r
- */\r
- function addTicketHidden()\r
- {\r
- $ticket = $this->_generateTicket();\r
-\r
- echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';\r
- }\r
-\r
- /**\r
- * Get a new ticket\r
- * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)\r
- */\r
- function getNewTicket()\r
- {\r
- $this->currentRequestTicket = '';\r
- return $this->_generateTicket();\r
- }\r
-\r
- /**\r
- * Checks the ticket that was passed along with the current request\r
- */\r
- function checkTicket()\r
- {\r
- global $member;\r
-\r
- // get ticket from request\r
- $ticket = requestVar('ticket');\r
-\r
- // no ticket -> don't allow\r
- if ($ticket == '')\r
- return false;\r
-\r
- // remove expired tickets first\r
- $this->_cleanUpExpiredTickets();\r
-\r
- // get member id\r
- if (!$member->isLoggedIn())\r
- $memberId = -1;\r
- else\r
- $memberId = $member->getID();\r
-\r
- // check if ticket is a valid one\r
- $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'';\r
- if (quickQuery($query) == 1)\r
- {\r
- // [in the original implementation, the checked ticket was deleted. This would lead to invalid\r
- // tickets when using the browsers back button and clicking another link/form\r
- // leaving the keys in the database is not a real problem, since they're member-specific and\r
- // only valid for a period of one hour\r
- // ]\r
- // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');\r
- return true;\r
- } else {\r
- // not a valid ticket\r
- return false;\r
- }\r
-\r
- }\r
-\r
- /**\r
- * (internal method) Removes the expired tickets\r
- */\r
- function _cleanUpExpiredTickets()\r
- {\r
- // remove tickets older than 1 hour\r
- $oldTime = time() - 60 * 60;\r
- $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';\r
- sql_query($query);\r
- }\r
-\r
- /**\r
- * (internal method) Generates/returns a ticket (one ticket per page request)\r
- */\r
- function _generateTicket()\r
- {\r
- if ($this->currentRequestTicket == '')\r
- {\r
- // generate new ticket (only one ticket will be generated per page request)\r
- // and store in database\r
- global $member;\r
- // get member id\r
- if (!$member->isLoggedIn())\r
- $memberId = -1;\r
- else\r
- $memberId = $member->getID();\r
-\r
- $ok = false;\r
- while (!$ok)\r
- {\r
- // generate a random token\r
- srand((double)microtime()*1000000);\r
- $ticket = md5(uniqid(rand(), true));\r
-\r
- // add in database as non-active\r
- $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';\r
- $query .= 'VALUES (\'' . addslashes($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';\r
- if (sql_query($query))\r
- $ok = true;\r
- }\r
-\r
- $this->currentRequestTicket = $ticket;\r
- }\r
- return $this->currentRequestTicket;\r
- }\r
-\r
-}\r
-\r
+class MANAGER {
+
+ /**
+ * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested
+ * through the global $manager object (getItem, getBlog, ...), only the first call
+ * will create an object. Subsequent calls will return the same object.
+ *
+ * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used
+ * rather than an ID)
+ */
+ var $items;
+ var $blogs;
+ var $plugins;
+ var $karma;
+ var $templates;
+ var $members;
+
+ /**
+ * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)
+ * e.g. which plugins exists?
+ *
+ * $cachedInfo['installedPlugins'] = array($pid -> $name)
+ */
+ var $cachedInfo;
+
+ /**
+ * The plugin subscriptionlist
+ *
+ * The subcription array has the following structure
+ * $subscriptions[$EventName] = array containing names of plugin classes to be
+ * notified when that event happens
+ */
+ var $subscriptions;
+
+ /**
+ * Returns the only instance of this class. Creates the instance if it
+ * does not yet exists. Users should use this function as
+ * $manager =& MANAGER::instance(); to get a reference to the object
+ * instead of a copy
+ */
+ function &instance() {
+ static $instance = array();
+ if (empty($instance)) {
+ $instance[0] =& new MANAGER();
+ }
+ return $instance[0];
+ }
+
+ /**
+ * The constructor of this class initializes the object caches
+ */
+ function MANAGER() {
+ $this->items = array();
+ $this->blogs = array();
+ $this->plugins = array();
+ $this->karma = array();
+ $this->parserPrefs = array();
+ $this->cachedInfo = array();
+ }
+
+ /**
+ * Returns the requested item object. If it is not in the cache, it will
+ * first be loaded and then placed in the cache.
+ * Intended use: $item =& $manager->getItem(1234)
+ */
+ function &getItem($itemid, $allowdraft, $allowfuture) {
+ $item =& $this->items[$itemid];
+
+ // check the draft and future rules if the item was already cached
+ if ($item) {
+ if ((!$allowdraft) && ($item['draft']))
+ return 0;
+
+ $blog =& $this->getBlog(getBlogIDFromItemID($itemid));
+ if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))
+ return 0;
+ }
+ if (!$item) {
+ // load class if needed
+ $this->loadClass('ITEM');
+ // load item object
+ $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);
+ $this->items[$itemid] = $item;
+ }
+ return $item;
+ }
+
+ /**
+ * Loads a class if it has not yet been loaded
+ */
+ function loadClass($name) {
+ $this->_loadClass($name, $name . '.php');
+ }
+
+ /**
+ * Checks if an item exists
+ */
+ function existsItem($id,$future,$draft) {
+ $this->_loadClass('ITEM','ITEM.php');
+ return ITEM::exists($id,$future,$draft);
+ }
+
+ /**
+ * Checks if a category exists
+ */
+ function existsCategory($id) {
+ return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);
+ }
+
+ /**
+ * Returns the blog object for a given blogid
+ */
+ function &getBlog($blogid) {
+ $blog =& $this->blogs[$blogid];
+
+ if (!$blog) {
+ // load class if needed
+ $this->_loadClass('BLOG','BLOG.php');
+ // load blog object
+ $blog =& new BLOG($blogid);
+ $this->blogs[$blogid] =& $blog;
+ }
+ return $blog;
+ }
+
+ /**
+ * Checks if a blog exists
+ */
+ function existsBlog($name) {
+ $this->_loadClass('BLOG','BLOG.php');
+ return BLOG::exists($name);
+ }
+
+ /**
+ * Checks if a blog id exists
+ */
+ function existsBlogID($id) {
+ $this->_loadClass('BLOG','BLOG.php');
+ return BLOG::existsID($id);
+ }
+
+ /**
+ * Returns a previously read template
+ */
+ function &getTemplate($templateName) {
+ $template =& $this->templates[$templateName];
+
+ if (!$template) {
+ $template = TEMPLATE::read($templateName);
+ $this->templates[$templateName] =& $template;
+ }
+ return $template;
+ }
+
+ /**
+ * Returns a KARMA object (karma votes)
+ */
+ function &getKarma($itemid) {
+ $karma =& $this->karma[$itemid];
+
+ if (!$karma) {
+ // load class if needed
+ $this->_loadClass('KARMA','KARMA.php');
+ // create KARMA object
+ $karma =& new KARMA($itemid);
+ $this->karma[$itemid] =& $karma;
+ }
+ return $karma;
+ }
+
+ /**
+ * Returns a MEMBER object
+ */
+ function &getMember($memberid) {
+ $mem =& $this->members[$memberid];
+
+ if (!$mem) {
+ // load class if needed
+ $this->_loadClass('MEMBER','MEMBER.php');
+ // create MEMBER object
+ $mem =& MEMBER::createFromID($memberid);
+ $this->members[$memberid] =& $mem;
+ }
+ return $mem;
+ }
+
+ /**
+ * Set the global parser preferences
+ */
+ function setParserProperty($name, $value) {
+ $this->parserPrefs[$name] = $value;
+ }
+
+ /**
+ * Get the global parser preferences
+ */
+ function getParserProperty($name) {
+ return $this->parserPrefs[$name];
+ }
+
+ /**
+ * A helper function to load a class
+ *
+ * private
+ */
+ function _loadClass($name, $filename) {
+ if (!class_exists($name)) {
+ global $DIR_LIBS;
+ include($DIR_LIBS . $filename);
+ }
+ }
+
+ /**
+ * A helper function to load a plugin
+ *
+ * private
+ */
+ function _loadPlugin($name) {
+ if (!class_exists($name)) {
+ global $DIR_PLUGINS;
+
+ $fileName = $DIR_PLUGINS . $name . '.php';
+
+ if (!file_exists($fileName))
+ {
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));
+ return 0;
+ }
+
+ // load plugin
+ include($fileName);
+
+ // check if class exists (avoid errors in eval'd code)
+ if (!class_exists($name))
+ {
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));
+ return 0;
+ }
+
+ // add to plugin array
+ eval('$this->plugins[$name] =& new ' . $name . '();');
+
+ // get plugid
+ $this->plugins[$name]->plugid = $this->getPidFromName($name);
+
+ // unload plugin if a prefix is used and the plugin cannot handle this^
+ global $MYSQL_PREFIX;
+ if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix'))
+ {
+ unset($this->plugins[$name]);
+ ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));
+ return 0;
+ }
+
+ // call init method
+ $this->plugins[$name]->init();
+
+ }
+ }
+
+ /**
+ * Returns a PLUGIN object
+ */
+ function &getPlugin($name) {
+ // retrieve the name of the plugin in the right capitalisation
+ $name = $this->getUpperCaseName ($name);
+ // get the plugin
+ $plugin =& $this->plugins[$name];
+
+ if (!$plugin) {
+ // load class if needed
+ $this->_loadPlugin($name);
+ $plugin =& $this->plugins[$name];
+ }
+ return $plugin;
+ }
+
+ /**
+ * Checks if the given plugin IS loaded or not
+ */
+ function &pluginLoaded($name) {
+ $plugin =& $this->plugins[$name];
+ return $plugin;
+ }
+
+ function &pidLoaded($pid) {
+ $plugin=false;
+ reset($this->plugins);
+ while (list($name) = each($this->plugins)) {
+ if ($pid!=$this->plugins[$name]->getId()) continue;
+ $plugin= & $this->plugins[$name];
+ break;
+ }
+ return $plugin;
+ }
+
+ /**
+ * checks if the given plugin IS installed or not
+ */
+ function pluginInstalled($name) {
+ $this->_initCacheInfo('installedPlugins');
+ return ($this->getPidFromName($name) != -1);
+ }
+
+ function pidInstalled($pid) {
+ $this->_initCacheInfo('installedPlugins');
+ return ($this->cachedInfo['installedPlugins'][$pid] != '');
+ }
+
+ function getPidFromName($name) {
+ $this->_initCacheInfo('installedPlugins');
+ foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
+ {
+ if (strtolower($pfile) == strtolower($name))
+ return $pid;
+ }
+ return -1;
+ }
+
+ /**
+ * Retrieve the name of a plugin in the right capitalisation
+ */
+ function getUpperCaseName ($name) {
+ $this->_initCacheInfo('installedPlugins');
+ foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
+ {
+ if (strtolower($pfile) == strtolower($name))
+ return $pfile;
+ }
+ return -1;
+ }
+
+ function clearCachedInfo($what) {
+ unset($this->cachedInfo[$what]);
+ }
+
+ /**
+ * Loads some info on the first call only
+ */
+ function _initCacheInfo($what)
+ {
+ if (isset($this->cachedInfo[$what]) && is_array($this->cachedInfo[$what]))
+ return;
+ switch ($what)
+ {
+ // 'installedPlugins' = array ($pid => $name)
+ case 'installedPlugins':
+ $this->cachedInfo['installedPlugins'] = array();
+ $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));
+ while ($o = sql_fetch_object($res))
+ {
+ $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;
+ }
+ break;
+ }
+ }
+
+ /**
+ * A function to notify plugins that something has happened. Only the plugins
+ * that are subscribed to the event will get notified.
+ * Upon the first call, the list of subscriptions will be fetched from the
+ * database. The plugins itsself will only get loaded when they are first needed
+ *
+ * @param $eventName
+ * Name of the event (method to be called on plugins)
+ * @param $data
+ * Can contain any type of data, depending on the event type. Usually this is
+ * an itemid, blogid, ... but it can also be an array containing multiple values
+ */
+ function notify($eventName, $data) {
+ // load subscription list if needed
+ if (!is_array($this->subscriptions))
+ $this->_loadSubscriptions();
+
+
+ // get listening objects
+ $listeners = false;
+ if (isset($this->subscriptions[$eventName])) {
+ $listeners = $this->subscriptions[$eventName];
+ }
+
+ // notify all of them
+ if (is_array($listeners)) {
+ foreach($listeners as $listener) {
+ // load class if needed
+ $this->_loadPlugin($listener);
+ // do notify (if method exists)
+ if (method_exists($this->plugins[$listener], 'event_' . $eventName))
+ call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), $data);
+ }
+ }
+
+ }
+
+ /**
+ * Loads plugin subscriptions
+ */
+ function _loadSubscriptions() {
+ // initialize as array
+ $this->subscriptions = array();
+
+ $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');
+ while ($o = sql_fetch_object($res)) {
+ $pluginName = $o->pfile;
+ $eventName = $o->event;
+ $this->subscriptions[$eventName][] = $pluginName;
+ }
+
+ }
+
+ /*
+ Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST
+ requests. tickets are user specific
+ */
+
+ var $currentRequestTicket = '';
+
+ /**
+ * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)
+ */
+ function addTicketToUrl($url)
+ {
+ $ticketCode = 'ticket=' . $this->_generateTicket();
+ if (strstr($url, '?'))
+ return $url . '&' . $ticketCode;
+ else
+ return $url . '?' . $ticketCode;
+ }
+
+ /**
+ * POST requests: Adds ticket as hidden formvar
+ */
+ function addTicketHidden()
+ {
+ $ticket = $this->_generateTicket();
+
+ echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';
+ }
+
+ /**
+ * Get a new ticket
+ * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)
+ */
+ function getNewTicket()
+ {
+ $this->currentRequestTicket = '';
+ return $this->_generateTicket();
+ }
+
+ /**
+ * Checks the ticket that was passed along with the current request
+ */
+ function checkTicket()
+ {
+ global $member;
+
+ // get ticket from request
+ $ticket = requestVar('ticket');
+
+ // no ticket -> don't allow
+ if ($ticket == '')
+ return false;
+
+ // remove expired tickets first
+ $this->_cleanUpExpiredTickets();
+
+ // get member id
+ if (!$member->isLoggedIn())
+ $memberId = -1;
+ else
+ $memberId = $member->getID();
+
+ // check if ticket is a valid one
+ $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'';
+ if (quickQuery($query) == 1)
+ {
+ // [in the original implementation, the checked ticket was deleted. This would lead to invalid
+ // tickets when using the browsers back button and clicking another link/form
+ // leaving the keys in the database is not a real problem, since they're member-specific and
+ // only valid for a period of one hour
+ // ]
+ // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');
+ return true;
+ } else {
+ // not a valid ticket
+ return false;
+ }
+
+ }
+
+ /**
+ * (internal method) Removes the expired tickets
+ */
+ function _cleanUpExpiredTickets()
+ {
+ // remove tickets older than 1 hour
+ $oldTime = time() - 60 * 60;
+ $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';
+ sql_query($query);
+ }
+
+ /**
+ * (internal method) Generates/returns a ticket (one ticket per page request)
+ */
+ function _generateTicket()
+ {
+ if ($this->currentRequestTicket == '')
+ {
+ // generate new ticket (only one ticket will be generated per page request)
+ // and store in database
+ global $member;
+ // get member id
+ if (!$member->isLoggedIn())
+ $memberId = -1;
+ else
+ $memberId = $member->getID();
+
+ $ok = false;
+ while (!$ok)
+ {
+ // generate a random token
+ srand((double)microtime()*1000000);
+ $ticket = md5(uniqid(rand(), true));
+
+ // add in database as non-active
+ $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';
+ $query .= 'VALUES (\'' . addslashes($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';
+ if (sql_query($query))
+ $ok = true;
+ }
+
+ $this->currentRequestTicket = $ticket;
+ }
+ return $this->currentRequestTicket;
+ }
+
+}
+
?>
\ No newline at end of file
$query = 'SELECT * FROM '.sql_table('member') . ' WHERE ' . $where;
$res = sql_query($query);
- $obj = mysql_fetch_object($res);
+ $obj = sql_fetch_object($res);
$this->setRealName($obj->mrealname);
$this->setEmail($obj->memail);
$this->setLanguage($obj->deflang);
$this->setAutosave($obj->mautosave);
- return mysql_num_rows($res);
+ return sql_num_rows($res);
}
. ' tblog=' . intval($blogid)
. ' and tmember='. $this->getID();
$res = sql_query($query);
- if (mysql_num_rows($res) == 0)
+ if (sql_num_rows($res) == 0)
return 0;
else
- return (mysql_result($res,0,0) == 1) ;
+ return (sql_result($res,0,0) == 1) ;
}
function blogAdminRights($blogid) {
. ' tblog=' . intval($blogid)
. ' and tmember='. $this->getID();
$res = sql_query($query);
- return (mysql_num_rows($res) != 0);
+ return (sql_num_rows($res) != 0);
}
function canAddItem($catid) {
. ' FROM '.sql_table('comment') .', '.sql_table('item').', '.sql_table('blog')
. ' WHERE citem=inumber and iblog=bnumber and cnumber=' . intval($commentid);
$res = sql_query($query);
- $obj = mysql_fetch_object($res);
+ $obj = sql_fetch_object($res);
return ($obj->cauthor == $this->getID()) or $this->isBlogAdmin($obj->blogid) or ($obj->iauthor == $this->getID());
}
$query = 'SELECT iblog, iauthor FROM '.sql_table('item').' WHERE inumber=' . intval($itemid);
$res = sql_query($query);
- $obj = mysql_fetch_object($res);
+ $obj = sql_fetch_object($res);
return ($obj->iauthor == $this->getID()) or $this->isBlogAdmin($obj->iblog);
}
*/
function canBeDeleted() {
$res = sql_query('SELECT * FROM '.sql_table('item').' WHERE iauthor=' . $this->getID());
- return (mysql_num_rows($res) == 0);
+ return (sql_num_rows($res) == 0);
}
/**
$query = 'SELECT tblog as blogid from '.sql_table('team').' where tadmin=1 and tmember=' . $this->getID();
$res = sql_query($query);
- if (mysql_num_rows($res) > 0) {
- while ($obj = mysql_fetch_object($res)) {
+ if (sql_num_rows($res) > 0) {
+ while ($obj = sql_fetch_object($res)) {
array_push($blogs, $obj->blogid);
}
}
$query = 'SELECT tblog as blogid from '.sql_table('team').' where tmember=' . $this->getID();
$res = sql_query($query);
- if (mysql_num_rows($res) > 0) {
- while ($obj = mysql_fetch_object($res)) {
+ if (sql_num_rows($res) > 0) {
+ while ($obj = sql_fetch_object($res)) {
array_push($blogs, $obj->blogid);
}
}
*/
function exists($name) {
$r = sql_query('select * FROM '.sql_table('member')." WHERE mname='".addslashes($name)."'");
- return (mysql_num_rows($r) != 0);
+ return (sql_num_rows($r) != 0);
}
/**
*/
function existsID($id) {
$r = sql_query('select * FROM '.sql_table('member')." WHERE mnumber='".intval($id)."'");
- return (mysql_num_rows($r) != 0);
+ return (sql_num_rows($r) != 0);
}
/**
$query = 'SELECT * FROM ' . sql_table('activation') . ' WHERE vkey=\'' . addslashes($key). '\'';
$res = sql_query($query);
- if (!$res || (mysql_num_rows($res) == 0))
+ if (!$res || (sql_num_rows($res) == 0))
return 0;
else
- return mysql_fetch_object($res);
+ return sql_fetch_object($res);
}
/**
// 1. walk over all entries, and see if special actions need to be performed
$res = sql_query('SELECT * FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\'');
- while ($o = mysql_fetch_object($res))
+ while ($o = sql_fetch_object($res))
{
switch ($o->vtype)
{
* @version $Id$
* $NucleusJP: PLUGIN.php,v 1.12.2.3 2007/12/03 02:22:42 kmorimatsu Exp $
*/
- class NucleusPlugin {\r
-\r
- // these functions _have_ to be redefined in your plugin\r
-\r
- function getName() { return 'Undefined'; }\r
- function getAuthor() { return 'Undefined'; }\r
- function getURL() { return 'Undefined'; }\r
- function getVersion() { return '0.0'; }\r
- function getDescription() { return 'Undefined';}\r
-\r
- // these function _may_ be redefined in your plugin\r
-\r
- function getMinNucleusVersion() { return 150; }\r
- function getMinNucleusPatchLevel() { return 0; }\r
- function getEventList() { return array(); }\r
- function getTableList() { return array(); }\r
- function hasAdminArea() { return 0; }\r
-\r
- function install() {}\r
- function unInstall() {}\r
-\r
- function init() {}\r
-\r
- function doSkinVar($skinType) {}\r
- function doTemplateVar(&$item) {\r
- $args = func_get_args();\r
- array_shift($args);\r
- array_unshift($args, 'template');\r
- call_user_func_array(array(&$this,'doSkinVar'),$args);\r
- }\r
- function doTemplateCommentsVar(&$item, &$comment) {\r
- $args = func_get_args();\r
- array_shift($args);\r
- array_shift($args);\r
- array_unshift($args, 'template');\r
- call_user_func_array(array(&$this,'doSkinVar'),$args);\r
- }\r
- function doAction($type) { return _ERROR_PLUGIN_NOSUCHACTION; }\r
- function doIf($key,$value) { return false; }\r
- function doItemVar () {}\r
-\r
- /**\r
- * Checks if a plugin supports a certain feature.\r
- *\r
- * @returns 1 if the feature is reported, 0 if not\r
- * @param $feature\r
- * Name of the feature. See plugin documentation for more info\r
- * 'SqlTablePrefix' -> if the plugin uses the sql_table() method to get table names\r
- * 'HelpPage' -> if the plugin provides a helppage\r
- */\r
- function supportsFeature($feature) {\r
- return 0;\r
- }\r
-\r
- /**\r
- * Report a list of plugin that is required to function\r
- *\r
- * @returns an array of names of plugin, an empty array indicates no dependency\r
- */\r
- function getPluginDep() { return array(); }\r
-\r
- // these helper functions should not be redefined in your plugin\r
-\r
- /**\r
- * Creates a new option for this plugin\r
- *\r
- * @param name\r
- * A string uniquely identifying your option. (max. length is 20 characters)\r
- * @param description\r
- * A description that will show up in the nucleus admin area (max. length: 255 characters)\r
- * @param type\r
- * Either 'text', 'yesno' or 'password'\r
- * This info is used when showing 'edit plugin options' screens\r
- * @param value\r
- * Initial value for the option (max. value length is 128 characters)\r
- */\r
- function createOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
- return $this->_createOption('global', $name, $desc, $type, $defValue, $typeExtras);\r
- }\r
- function createBlogOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
- return $this->_createOption('blog', $name, $desc, $type, $defValue, $typeExtras);\r
- }\r
- function createMemberOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
- return $this->_createOption('member', $name, $desc, $type, $defValue, $typeExtras);\r
- }\r
- function createCategoryOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
- return $this->_createOption('category', $name, $desc, $type, $defValue, $typeExtras);\r
- }\r
- function createItemOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
- return $this->_createOption('item', $name, $desc, $type, $defValue, $typeExtras);\r
- }\r
-\r
- /**\r
- * Removes the option from the database\r
- *\r
- * Note: Options get erased automatically on plugin uninstall\r
- */\r
- function deleteOption($name) {\r
- return $this->_deleteOption('global', $name);\r
- }\r
- function deleteBlogOption($name) {\r
- return $this->_deleteOption('blog', $name);\r
- }\r
- function deleteMemberOption($name) {\r
- return $this->_deleteOption('member', $name);\r
- }\r
- function deleteCategoryOption($name) {\r
- return $this->_deleteOption('category', $name);\r
- }\r
- function deleteItemOption($name) {\r
- return $this->_deleteOption('item', $name);\r
- }\r
-\r
- /**\r
- * Sets the value of an option to something new\r
- */\r
- function setOption($name, $value) {\r
- return $this->_setOption('global', 0, $name, $value);\r
- }\r
- function setBlogOption($blogid, $name, $value) {\r
- return $this->_setOption('blog', $blogid, $name, $value);\r
- }\r
- function setMemberOption($memberid, $name, $value) {\r
- return $this->_setOption('member', $memberid, $name, $value);\r
- }\r
- function setCategoryOption($catid, $name, $value) {\r
- return $this->_setOption('category', $catid, $name, $value);\r
- }\r
- function setItemOption($itemid, $name, $value) {\r
- return $this->_setOption('item', $itemid, $name, $value);\r
- }\r
-\r
- /**\r
- * Retrieves the current value for an option\r
- */\r
- function getOption($name)\r
- {\r
- // only request the options the very first time. On subsequent requests\r
- // the static collection is used to save SQL queries.\r
- if ($this->plugin_options == 0)\r
- {\r
- $this->plugin_options = array();\r
- $query = sql_query(\r
- 'SELECT d.oname as name, o.ovalue as value '.\r
- 'FROM '.\r
- sql_table('plugin_option').' o, '.\r
- sql_table('plugin_option_desc').' d '.\r
- 'WHERE d.opid='. intval($this->getID()).' AND d.oid=o.oid'\r
- );\r
- while ($row = mysql_fetch_object($query))\r
- $this->plugin_options[strtolower($row->name)] = $row->value;\r
- }\r
- if (isset($this->plugin_options[strtolower($name)]))\r
- return $this->plugin_options[strtolower($name)];\r
- else\r
- return $this->_getOption('global', 0, $name);\r
- }\r
-\r
- function getBlogOption($blogid, $name) {\r
- return $this->_getOption('blog', $blogid, $name);\r
- }\r
- function getMemberOption($memberid, $name) {\r
- return $this->_getOption('member', $memberid, $name);\r
- }\r
- function getCategoryOption($catid, $name) {\r
- return $this->_getOption('category', $catid, $name);\r
- }\r
- function getItemOption($itemid, $name) {\r
- return $this->_getOption('item', $itemid, $name);\r
- }\r
-\r
- /**\r
- * Retrieves an associative array with the option value for each\r
- * context id\r
- */\r
- function getAllBlogOptions($name) {\r
- return $this->_getAllOptions('blog', $name);\r
- }\r
- function getAllMemberOptions($name) {\r
- return $this->_getAllOptions('member', $name);\r
- }\r
- function getAllCategoryOptions($name) {\r
- return $this->_getAllOptions('category', $name);\r
- }\r
- function getAllItemOptions($name) {\r
- return $this->_getAllOptions('item', $name);\r
- }\r
-\r
- /**\r
- * Retrieves an indexed array with the top (or bottom) of an option\r
- * (delegates to _getOptionTop())\r
- */\r
- function getBlogOptionTop($name, $amount = 10, $sort = 'desc') {\r
- return $this->_getOptionTop('blog', $name, $amount, $sort);\r
- }\r
- function getMemberOptionTop($name, $amount = 10, $sort = 'desc') {\r
- return $this->_getOptionTop('member', $name, $amount, $sort);\r
- }\r
- function getCategoryOptionTop($name, $amount = 10, $sort = 'desc') {\r
- return $this->_getOptionTop('category', $name, $amount, $sort);\r
- }\r
- function getItemOptionTop($name, $amount = 10, $sort = 'desc') {\r
- return $this->_getOptionTop('item', $name, $amount, $sort);\r
- }\r
-\r
- /**\r
- * Returns the plugin ID\r
- * \r
- * public \r
- */\r
- function getID() {\r
- return $this->plugid;\r
- }\r
-\r
- /**\r
- * Returns the URL of the admin area for this plugin (in case there's\r
- * no such area, the returned information is invalid)\r
- * \r
- * public \r
- */\r
- function getAdminURL() {\r
- global $CONF;\r
- return $CONF['PluginURL'] . $this->getShortName() . '/';\r
- }\r
-\r
- /**\r
- * Returns the directory where the admin directory is located and\r
- * where the plugin can maintain his extra files\r
- * \r
- * public \r
- */\r
- function getDirectory() {\r
- global $DIR_PLUGINS;\r
- return $DIR_PLUGINS . $this->getShortName() . '/';\r
- }\r
-\r
- /**\r
- * Derives the short name for the plugin from the classname (all \r
- * lowercase)\r
- * \r
- * public \r
- */\r
- function getShortName() {\r
- return str_replace('np_','',strtolower(get_class($this)));\r
- }\r
-\r
- /**\r
- * Clears the option value cache which saves the option values during\r
- * the plugin execution. This function is usefull if the options has \r
- * changed during the plugin execution (especially in association with\r
- * the PrePluginOptionsUpdate and the PostPluginOptionsUpdate events)\r
- * \r
- * public \r
- **/ \r
- function clearOptionValueCache(){\r
- $this->_aOptionValues = array();\r
- $this->plugin_options = 0;\r
- }\r
-\r
- // internal functions of the class starts here\r
-\r
- var $_aOptionValues; // oid_contextid => value\r
- var $_aOptionToInfo; // context_name => array('oid' => ..., 'default' => ...)\r
- var $plugin_options; // see getOption()\r
- var $plugid; // plugin id\r
-\r
-\r
- /**\r
- * Class constructor: Initializes some internal data\r
- */ \r
- function NucleusPlugin() {\r
- $this->_aOptionValues = array(); // oid_contextid => value\r
- $this->_aOptionToInfo = array(); // context_name => array('oid' => ..., 'default' => ...)\r
- $this->plugin_options = 0;\r
- }\r
-\r
- /**\r
- * Retrieves an array of the top (or bottom) of an option from a plugin.\r
- * @author TeRanEX\r
- * @param string $context the context for the option: item, blog, member,...\r
- * @param string $name the name of the option\r
- * @param int $amount how many rows must be returned\r
- * @param string $sort desc or asc\r
- * @return array array with both values and contextid's\r
- * @access private\r
- */\r
- function _getOptionTop($context, $name, $amount = 10, $sort = 'desc') {\r
- if (($sort != 'desc') && ($sort != 'asc')) {\r
- $sort= 'desc';\r
- }\r
-\r
- $oid = $this->_getOID($context, $name);\r
-\r
- // retrieve the data and return\r
- $q = 'SELECT otype, oextra FROM '.sql_table('plugin_option_desc').' WHERE oid = '.$oid;\r
- $query = sql_query($q);\r
-\r
- $o = mysql_fetch_array($query);\r
-\r
- if (($this->optionCanBeNumeric($o['otype'])) && ($o['oextra'] == 'number' )) {\r
- $orderby = 'CAST(ovalue AS SIGNED)';\r
- } else {\r
- $orderby = 'ovalue';\r
- }\r
- $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.intval($amount);\r
- $query = sql_query($q);\r
-\r
- // create the array\r
- $i = 0;\r
- $top = array();\r
- while($row = mysql_fetch_array($query)) {\r
- $top[$i++] = $row;\r
- }\r
-\r
- // return the array (duh!)\r
- return $top;\r
- }\r
-\r
- /**\r
- * Creates an option in the database table plugin_option_desc\r
- * \r
- * private\r
- */ \r
- function _createOption($context, $name, $desc, $type, $defValue, $typeExtras = '') {\r
- // create in plugin_option_desc\r
- $query = 'INSERT INTO ' . sql_table('plugin_option_desc')\r
- .' (opid, oname, ocontext, odesc, otype, odef, oextra)'\r
- .' VALUES ('.intval($this->plugid)\r
- .', \''.addslashes($name).'\''\r
- .', \''.addslashes($context).'\''\r
- .', \''.addslashes($desc).'\''\r
- .', \''.addslashes($type).'\''\r
- .', \''.addslashes($defValue).'\''\r
- .', \''.addslashes($typeExtras).'\')';\r
- sql_query($query);\r
- $oid = mysql_insert_id();\r
-\r
- $key = $context . '_' . $name;\r
- $this->_aOptionToInfo[$key] = array('oid' => $oid, 'default' => $defValue);\r
- return 1;\r
- }\r
-\r
-\r
- /**\r
- * Deletes an option from the database tables\r
- * plugin_option and plugin_option_desc \r
- *\r
- * private \r
- */ \r
- function _deleteOption($context, $name) {\r
- $oid = $this->_getOID($context, $name);\r
- if (!$oid) return 0; // no such option\r
-\r
- // delete all things from plugin_option\r
- sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);\r
-\r
- // delete entry from plugin_option_desc\r
- sql_query('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . $oid);\r
-\r
- // clear from cache\r
- unset($this->_aOptionToInfo[$context . '_' . $name]);\r
- $this->_aOptionValues = array();\r
- return 1;\r
- }\r
-\r
- /**\r
- * Update an option in the database table plugin_option\r
- * \r
- * returns: 1 on success, 0 on failure\r
- * private\r
- */\r
- function _setOption($context, $contextid, $name, $value) {\r
- global $manager;\r
-\r
- $oid = $this->_getOID($context, $name);\r
- if (!$oid) return 0;\r
-\r
- // check if context id exists\r
- switch ($context) {\r
- case 'member':\r
- if (!MEMBER::existsID($contextid)) return 0;\r
- break;\r
- case 'blog':\r
- if (!$manager->existsBlogID($contextid)) return 0;\r
- break;\r
- case 'category':\r
- if (!$manager->existsCategory($contextid)) return 0;\r
- break;\r
- case 'item':\r
- if (!$manager->existsItem($contextid, true, true)) return 0;\r
- break;\r
- case 'global':\r
- if ($contextid != 0) return 0;\r
- break;\r
- }\r
-\r
-\r
- // update plugin_option\r
- sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid) . ' and ocontextid='. intval($contextid));\r
- sql_query('INSERT INTO ' . sql_table('plugin_option') . ' (ovalue, oid, ocontextid) VALUES (\''.addslashes($value).'\', '. intval($oid) . ', ' . intval($contextid) . ')');\r
-\r
- // update cache\r
- $this->_aOptionValues[$oid . '_' . $contextid] = $value;\r
-\r
- return 1;\r
- }\r
-\r
- /**\r
- * Get an option from Cache or database\r
- * - if not in the option Cache read it from the database\r
- * - if not in the database write default values into the database\r
- * \r
- * private \r
- */ \r
- function _getOption($context, $contextid, $name) {\r
- $oid = $this->_getOID($context, $name);\r
- if (!$oid) return '';\r
-\r
-\r
- $key = $oid . '_' . $contextid;\r
-\r
- if (isset($this->_aOptionValues[$key]))\r
- return $this->_aOptionValues[$key];\r
-\r
- // get from DB\r
- $res = sql_query('SELECT ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid).' and ocontextid=' . intval($contextid));\r
-\r
- if (!$res || (mysql_num_rows($res) == 0)) {\r
- $defVal = $this->_getDefVal($context, $name);\r
- $this->_aOptionValues[$key] = $defVal;\r
-\r
- // fill DB with default value\r
- $query = 'INSERT INTO ' . sql_table('plugin_option') . ' (oid,ocontextid,ovalue)'\r
- .' VALUES ('.intval($oid).', '.intval($contextid).', \''.addslashes($defVal).'\')';\r
- sql_query($query);\r
- }\r
- else {\r
- $o = mysql_fetch_object($res);\r
- $this->_aOptionValues[$key] = $o->ovalue;\r
- }\r
-\r
- return $this->_aOptionValues[$key];\r
- }\r
-\r
- /**\r
- * Returns assoc array with all values for a given option \r
- * (one option per possible context id)\r
- * \r
- * private \r
- */\r
- function _getAllOptions($context, $name) {\r
- $oid = $this->_getOID($context, $name);\r
- if (!$oid) return array();\r
- $defVal = $this->_getDefVal($context, $name);\r
-\r
- $aOptions = array();\r
- switch ($context) {\r
- case 'blog':\r
- $r = sql_query('SELECT bnumber as contextid FROM ' . sql_table('blog'));\r
- break;\r
- case 'category':\r
- $r = sql_query('SELECT catid as contextid FROM ' . sql_table('category'));\r
- break;\r
- case 'member':\r
- $r = sql_query('SELECT mnumber as contextid FROM ' . sql_table('member'));\r
- break;\r
- case 'item':\r
- $r = sql_query('SELECT inumber as contextid FROM ' . sql_table('item'));\r
- break;\r
- }\r
- if ($r) {\r
- while ($o = mysql_fetch_object($r))\r
- $aOptions[$o->contextid] = $defVal;\r
- }\r
-\r
- $res = sql_query('SELECT ocontextid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);\r
- while ($o = mysql_fetch_object($res))\r
- $aOptions[$o->ocontextid] = $o->ovalue;\r
-\r
- return $aOptions;\r
- }\r
-\r
- /**\r
- * Gets the 'option identifier' that corresponds to a given option name.\r
- * When this method is called for the first time, all the OIDs for the plugin\r
- * are loaded into memory, to avoid re-doing the same query all over.\r
- */\r
- function _getOID($context, $name) {\r
- $key = $context . '_' . $name;\r
- $info = @$this->_aOptionToInfo[$key];\r
- if (is_array($info)) return $info['oid'];\r
-\r
- // load all OIDs for this plugin from the database\r
- $this->_aOptionToInfo = array();\r
- $query = 'SELECT oid, oname, ocontext, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . intval($this->plugid);\r
- $res = sql_query($query);\r
- while ($o = mysql_fetch_object($res)) {\r
- $k = $o->ocontext . '_' . $o->oname;\r
- $this->_aOptionToInfo[$k] = array('oid' => $o->oid, 'default' => $o->odef);\r
- }\r
- mysql_free_result($res);\r
-\r
- return @$this->_aOptionToInfo[$key]['oid'];\r
- }\r
- function _getDefVal($context, $name) {\r
- $key = $context . '_' . $name;\r
- $info = $this->_aOptionToInfo[$key];\r
- if (is_array($info)) return $info['default'];\r
- }\r
-\r
-\r
- /**\r
- * Deletes all option values for a given context and contextid\r
- * (used when e.g. a blog, member or category is deleted)\r
- *\r
- * (static method)\r
- */\r
- function _deleteOptionValues($context, $contextid) {\r
- // delete all associated plugin options\r
- $aOIDs = array();\r
- // find ids\r
- $query = 'SELECT oid FROM '.sql_table('plugin_option_desc') . ' WHERE ocontext=\''.addslashes($context).'\'';\r
- $res = sql_query($query);\r
- while ($o = mysql_fetch_object($res))\r
- array_push($aOIDs, $o->oid);\r
- mysql_free_result($res);\r
- // delete those options. go go go\r
- if (count($aOIDs) > 0) {\r
- $query = 'DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).') and ocontextid=' . intval($contextid);\r
- sql_query($query);\r
- }\r
- }\r
-\r
- /**\r
- * splits the option's typeextra field (at ;'s) to split the meta collection\r
- * @param string $typeExtra the value of the typeExtra field of an option\r
- * @return array array of the meta-key/value-pairs\r
- * @author TeRanEX\r
- * @static\r
- */\r
- function getOptionMeta($typeExtra) {\r
- $tmpMeta = explode(';', $typeExtra);\r
- $meta = array();\r
- for ($i = 0; $i < count($tmpMeta); $i++) {\r
- if (($i == 0) && (!strstr($tmpMeta[0], '='))) {\r
- // we have the select-list\r
- $meta['select'] = $tmpMeta[0];\r
- } else {\r
- $tmp = explode('=', $tmpMeta[$i]);\r
- $meta[$tmp[0]] = $tmp[1];\r
- }\r
- }\r
- return $meta;\r
- }\r
-\r
- /**\r
- * filters the selectlists out of the meta collection\r
- * @param string $typeExtra the value of the typeExtra field of an option\r
- * @return string the selectlist\r
- * @author TeRanEX\r
- */\r
- function getOptionSelectValues($typeExtra) {\r
- $meta = NucleusPlugin::getOptionMeta($typeExtra);\r
- //the select list must always be the first part\r
- return $meta['select'];\r
- }\r
-\r
- /**\r
- * checks if the eventlist in the database is up-to-date\r
- * @return bool if it is up-to-date it return true, else false\r
- * @author TeRanEX\r
- */\r
- function subscribtionListIsUptodate() {\r
- $res = sql_query('SELECT event FROM '.sql_table('plugin_event').' WHERE pid = '.$this->getID());\r
- $ev = array();\r
- while($a = mysql_fetch_array($res)) {\r
- array_push($ev, $a['event']);\r
- }\r
- if (count($ev) != count($this->getEventList())) {\r
- return false;\r
- }\r
- $d = array_diff($ev, $this->getEventList());\r
- if (count($d) > 0) {\r
- // there are differences so the db is not up-to-date\r
- return false;\r
- }\r
- return true;\r
- }\r
-\r
- /**\r
- * @param $aOptions: array ( 'oid' => array( 'contextid' => 'value'))\r
- * (taken from request using requestVar())\r
- * @param $newContextid: integer (accepts a contextid when it is for a new\r
- * contextid there was no id available at the moment of writing the\r
- * formcontrols into the page (by ex: itemOptions for new item)\r
- * @static\r
- */\r
- function _applyPluginOptions(&$aOptions, $newContextid = 0) {\r
- global $manager;\r
- if (!is_array($aOptions)) return;\r
-\r
- foreach ($aOptions as $oid => $values) {\r
-\r
- // get option type info\r
- $query = 'SELECT opid, oname, ocontext, otype, oextra, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . intval($oid);\r
- $res = sql_query($query);\r
- if ($o = mysql_fetch_object($res))\r
- {\r
- foreach ($values as $key => $value) {\r
- // avoid overriding the key used by foreach statement\r
- $contextid=$key;\r
-\r
- // retreive any metadata\r
- $meta = NucleusPlugin::getOptionMeta($o->oextra);\r
-\r
- // if the option is readonly or hidden it may not be saved\r
- if ((@$meta['access'] != 'readonly') && (@$meta['access'] != 'hidden')) {\r
-\r
- $value = undoMagic($value); // value comes from request\r
-\r
- switch($o->otype) {\r
- case 'yesno':\r
- if (($value != 'yes') && ($value != 'no')) $value = 'no';\r
- break;\r
- default:\r
- break;\r
- }\r
-\r
- // check the validity of numerical options\r
- if ((@$meta['datatype'] == 'numerical') && (!is_numeric($value))) {\r
- //the option must be numeric, but the it isn't\r
- //use the default for this option\r
- $value = $o->odef;\r
- }\r
-\r
- // decide wether we are using the contextid of newContextid\r
- if ($newContextid != 0) {\r
- $contextid = $newContextid;\r
- }\r
-\r
- //trigger event PrePluginOptionsUpdate to give the plugin the\r
- //possibility to change/validate the new value for the option\r
- $manager->notify('PrePluginOptionsUpdate',array('context' => $o->ocontext, 'plugid' => $o->opid, 'optionname' => $o->oname, 'contextid' => $contextid, 'value' => &$value));\r
-\r
- // delete the old value for the option\r
- sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid='.intval($oid).' AND ocontextid='.intval($contextid));\r
- sql_query('INSERT INTO '.sql_table('plugin_option')." (oid, ocontextid, ovalue) VALUES (".intval($oid).",".intval($contextid).",'" . addslashes($value) . "')");\r
- }\r
- }\r
- }\r
- // clear option value cache if the plugin object is already loaded\r
- if (is_object($o)) {\r
- $plugin=& $manager->pidLoaded($o->opid);\r
- if ($plugin) $plugin->clearOptionValueCache();\r
- }\r
- }\r
- }\r
- }\r
+ class NucleusPlugin {
+
+ // these functions _have_ to be redefined in your plugin
+
+ function getName() { return 'Undefined'; }
+ function getAuthor() { return 'Undefined'; }
+ function getURL() { return 'Undefined'; }
+ function getVersion() { return '0.0'; }
+ function getDescription() { return 'Undefined';}
+
+ // these function _may_ be redefined in your plugin
+
+ function getMinNucleusVersion() { return 150; }
+ function getMinNucleusPatchLevel() { return 0; }
+ function getEventList() { return array(); }
+ function getTableList() { return array(); }
+ function hasAdminArea() { return 0; }
+
+ function install() {}
+ function unInstall() {}
+
+ function init() {}
+
+ function doSkinVar($skinType) {}
+ function doTemplateVar(&$item) {
+ $args = func_get_args();
+ array_shift($args);
+ array_unshift($args, 'template');
+ call_user_func_array(array(&$this,'doSkinVar'),$args);
+ }
+ function doTemplateCommentsVar(&$item, &$comment) {
+ $args = func_get_args();
+ array_shift($args);
+ array_shift($args);
+ array_unshift($args, 'template');
+ call_user_func_array(array(&$this,'doSkinVar'),$args);
+ }
+ function doAction($type) { return _ERROR_PLUGIN_NOSUCHACTION; }
+ function doIf($key,$value) { return false; }
+ function doItemVar () {}
+
+ /**
+ * Checks if a plugin supports a certain feature.
+ *
+ * @returns 1 if the feature is reported, 0 if not
+ * @param $feature
+ * Name of the feature. See plugin documentation for more info
+ * 'SqlTablePrefix' -> if the plugin uses the sql_table() method to get table names
+ * 'HelpPage' -> if the plugin provides a helppage
+ */
+ function supportsFeature($feature) {
+ return 0;
+ }
+
+ /**
+ * Report a list of plugin that is required to function
+ *
+ * @returns an array of names of plugin, an empty array indicates no dependency
+ */
+ function getPluginDep() { return array(); }
+
+ // these helper functions should not be redefined in your plugin
+
+ /**
+ * Creates a new option for this plugin
+ *
+ * @param name
+ * A string uniquely identifying your option. (max. length is 20 characters)
+ * @param description
+ * A description that will show up in the nucleus admin area (max. length: 255 characters)
+ * @param type
+ * Either 'text', 'yesno' or 'password'
+ * This info is used when showing 'edit plugin options' screens
+ * @param value
+ * Initial value for the option (max. value length is 128 characters)
+ */
+ function createOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+ return $this->_createOption('global', $name, $desc, $type, $defValue, $typeExtras);
+ }
+ function createBlogOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+ return $this->_createOption('blog', $name, $desc, $type, $defValue, $typeExtras);
+ }
+ function createMemberOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+ return $this->_createOption('member', $name, $desc, $type, $defValue, $typeExtras);
+ }
+ function createCategoryOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+ return $this->_createOption('category', $name, $desc, $type, $defValue, $typeExtras);
+ }
+ function createItemOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+ return $this->_createOption('item', $name, $desc, $type, $defValue, $typeExtras);
+ }
+
+ /**
+ * Removes the option from the database
+ *
+ * Note: Options get erased automatically on plugin uninstall
+ */
+ function deleteOption($name) {
+ return $this->_deleteOption('global', $name);
+ }
+ function deleteBlogOption($name) {
+ return $this->_deleteOption('blog', $name);
+ }
+ function deleteMemberOption($name) {
+ return $this->_deleteOption('member', $name);
+ }
+ function deleteCategoryOption($name) {
+ return $this->_deleteOption('category', $name);
+ }
+ function deleteItemOption($name) {
+ return $this->_deleteOption('item', $name);
+ }
+
+ /**
+ * Sets the value of an option to something new
+ */
+ function setOption($name, $value) {
+ return $this->_setOption('global', 0, $name, $value);
+ }
+ function setBlogOption($blogid, $name, $value) {
+ return $this->_setOption('blog', $blogid, $name, $value);
+ }
+ function setMemberOption($memberid, $name, $value) {
+ return $this->_setOption('member', $memberid, $name, $value);
+ }
+ function setCategoryOption($catid, $name, $value) {
+ return $this->_setOption('category', $catid, $name, $value);
+ }
+ function setItemOption($itemid, $name, $value) {
+ return $this->_setOption('item', $itemid, $name, $value);
+ }
+
+ /**
+ * Retrieves the current value for an option
+ */
+ function getOption($name)
+ {
+ // only request the options the very first time. On subsequent requests
+ // the static collection is used to save SQL queries.
+ if ($this->plugin_options == 0)
+ {
+ $this->plugin_options = array();
+ $query = sql_query(
+ 'SELECT d.oname as name, o.ovalue as value '.
+ 'FROM '.
+ sql_table('plugin_option').' o, '.
+ sql_table('plugin_option_desc').' d '.
+ 'WHERE d.opid='. intval($this->getID()).' AND d.oid=o.oid'
+ );
+ while ($row = sql_fetch_object($query))
+ $this->plugin_options[strtolower($row->name)] = $row->value;
+ }
+ if (isset($this->plugin_options[strtolower($name)]))
+ return $this->plugin_options[strtolower($name)];
+ else
+ return $this->_getOption('global', 0, $name);
+ }
+
+ function getBlogOption($blogid, $name) {
+ return $this->_getOption('blog', $blogid, $name);
+ }
+ function getMemberOption($memberid, $name) {
+ return $this->_getOption('member', $memberid, $name);
+ }
+ function getCategoryOption($catid, $name) {
+ return $this->_getOption('category', $catid, $name);
+ }
+ function getItemOption($itemid, $name) {
+ return $this->_getOption('item', $itemid, $name);
+ }
+
+ /**
+ * Retrieves an associative array with the option value for each
+ * context id
+ */
+ function getAllBlogOptions($name) {
+ return $this->_getAllOptions('blog', $name);
+ }
+ function getAllMemberOptions($name) {
+ return $this->_getAllOptions('member', $name);
+ }
+ function getAllCategoryOptions($name) {
+ return $this->_getAllOptions('category', $name);
+ }
+ function getAllItemOptions($name) {
+ return $this->_getAllOptions('item', $name);
+ }
+
+ /**
+ * Retrieves an indexed array with the top (or bottom) of an option
+ * (delegates to _getOptionTop())
+ */
+ function getBlogOptionTop($name, $amount = 10, $sort = 'desc') {
+ return $this->_getOptionTop('blog', $name, $amount, $sort);
+ }
+ function getMemberOptionTop($name, $amount = 10, $sort = 'desc') {
+ return $this->_getOptionTop('member', $name, $amount, $sort);
+ }
+ function getCategoryOptionTop($name, $amount = 10, $sort = 'desc') {
+ return $this->_getOptionTop('category', $name, $amount, $sort);
+ }
+ function getItemOptionTop($name, $amount = 10, $sort = 'desc') {
+ return $this->_getOptionTop('item', $name, $amount, $sort);
+ }
+
+ /**
+ * Returns the plugin ID
+ *
+ * public
+ */
+ function getID() {
+ return $this->plugid;
+ }
+
+ /**
+ * Returns the URL of the admin area for this plugin (in case there's
+ * no such area, the returned information is invalid)
+ *
+ * public
+ */
+ function getAdminURL() {
+ global $CONF;
+ return $CONF['PluginURL'] . $this->getShortName() . '/';
+ }
+
+ /**
+ * Returns the directory where the admin directory is located and
+ * where the plugin can maintain his extra files
+ *
+ * public
+ */
+ function getDirectory() {
+ global $DIR_PLUGINS;
+ return $DIR_PLUGINS . $this->getShortName() . '/';
+ }
+
+ /**
+ * Derives the short name for the plugin from the classname (all
+ * lowercase)
+ *
+ * public
+ */
+ function getShortName() {
+ return str_replace('np_','',strtolower(get_class($this)));
+ }
+
+ /**
+ * Clears the option value cache which saves the option values during
+ * the plugin execution. This function is usefull if the options has
+ * changed during the plugin execution (especially in association with
+ * the PrePluginOptionsUpdate and the PostPluginOptionsUpdate events)
+ *
+ * public
+ **/
+ function clearOptionValueCache(){
+ $this->_aOptionValues = array();
+ $this->plugin_options = 0;
+ }
+
+ // internal functions of the class starts here
+
+ var $_aOptionValues; // oid_contextid => value
+ var $_aOptionToInfo; // context_name => array('oid' => ..., 'default' => ...)
+ var $plugin_options; // see getOption()
+ var $plugid; // plugin id
+
+
+ /**
+ * Class constructor: Initializes some internal data
+ */
+ function NucleusPlugin() {
+ $this->_aOptionValues = array(); // oid_contextid => value
+ $this->_aOptionToInfo = array(); // context_name => array('oid' => ..., 'default' => ...)
+ $this->plugin_options = 0;
+ }
+
+ /**
+ * Retrieves an array of the top (or bottom) of an option from a plugin.
+ * @author TeRanEX
+ * @param string $context the context for the option: item, blog, member,...
+ * @param string $name the name of the option
+ * @param int $amount how many rows must be returned
+ * @param string $sort desc or asc
+ * @return array array with both values and contextid's
+ * @access private
+ */
+ function _getOptionTop($context, $name, $amount = 10, $sort = 'desc') {
+ if (($sort != 'desc') && ($sort != 'asc')) {
+ $sort= 'desc';
+ }
+
+ $oid = $this->_getOID($context, $name);
+
+ // retrieve the data and return
+ $q = 'SELECT otype, oextra FROM '.sql_table('plugin_option_desc').' WHERE oid = '.$oid;
+ $query = sql_query($q);
+
+ $o = sql_fetch_array($query);
+
+ if (($this->optionCanBeNumeric($o['otype'])) && ($o['oextra'] == 'number' )) {
+ $orderby = 'CAST(ovalue AS SIGNED)';
+ } else {
+ $orderby = 'ovalue';
+ }
+ $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.intval($amount);
+ $query = sql_query($q);
+
+ // create the array
+ $i = 0;
+ $top = array();
+ while($row = sql_fetch_array($query)) {
+ $top[$i++] = $row;
+ }
+
+ // return the array (duh!)
+ return $top;
+ }
+
+ /**
+ * Creates an option in the database table plugin_option_desc
+ *
+ * private
+ */
+ function _createOption($context, $name, $desc, $type, $defValue, $typeExtras = '') {
+ // create in plugin_option_desc
+ $query = 'INSERT INTO ' . sql_table('plugin_option_desc')
+ .' (opid, oname, ocontext, odesc, otype, odef, oextra)'
+ .' VALUES ('.intval($this->plugid)
+ .', \''.addslashes($name).'\''
+ .', \''.addslashes($context).'\''
+ .', \''.addslashes($desc).'\''
+ .', \''.addslashes($type).'\''
+ .', \''.addslashes($defValue).'\''
+ .', \''.addslashes($typeExtras).'\')';
+ sql_query($query);
+ $oid = sql_insert_id();
+
+ $key = $context . '_' . $name;
+ $this->_aOptionToInfo[$key] = array('oid' => $oid, 'default' => $defValue);
+ return 1;
+ }
+
+
+ /**
+ * Deletes an option from the database tables
+ * plugin_option and plugin_option_desc
+ *
+ * private
+ */
+ function _deleteOption($context, $name) {
+ $oid = $this->_getOID($context, $name);
+ if (!$oid) return 0; // no such option
+
+ // delete all things from plugin_option
+ sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);
+
+ // delete entry from plugin_option_desc
+ sql_query('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . $oid);
+
+ // clear from cache
+ unset($this->_aOptionToInfo[$context . '_' . $name]);
+ $this->_aOptionValues = array();
+ return 1;
+ }
+
+ /**
+ * Update an option in the database table plugin_option
+ *
+ * returns: 1 on success, 0 on failure
+ * private
+ */
+ function _setOption($context, $contextid, $name, $value) {
+ global $manager;
+
+ $oid = $this->_getOID($context, $name);
+ if (!$oid) return 0;
+
+ // check if context id exists
+ switch ($context) {
+ case 'member':
+ if (!MEMBER::existsID($contextid)) return 0;
+ break;
+ case 'blog':
+ if (!$manager->existsBlogID($contextid)) return 0;
+ break;
+ case 'category':
+ if (!$manager->existsCategory($contextid)) return 0;
+ break;
+ case 'item':
+ if (!$manager->existsItem($contextid, true, true)) return 0;
+ break;
+ case 'global':
+ if ($contextid != 0) return 0;
+ break;
+ }
+
+
+ // update plugin_option
+ sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid) . ' and ocontextid='. intval($contextid));
+ sql_query('INSERT INTO ' . sql_table('plugin_option') . ' (ovalue, oid, ocontextid) VALUES (\''.addslashes($value).'\', '. intval($oid) . ', ' . intval($contextid) . ')');
+
+ // update cache
+ $this->_aOptionValues[$oid . '_' . $contextid] = $value;
+
+ return 1;
+ }
+
+ /**
+ * Get an option from Cache or database
+ * - if not in the option Cache read it from the database
+ * - if not in the database write default values into the database
+ *
+ * private
+ */
+ function _getOption($context, $contextid, $name) {
+ $oid = $this->_getOID($context, $name);
+ if (!$oid) return '';
+
+
+ $key = $oid . '_' . $contextid;
+
+ if (isset($this->_aOptionValues[$key]))
+ return $this->_aOptionValues[$key];
+
+ // get from DB
+ $res = sql_query('SELECT ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid).' and ocontextid=' . intval($contextid));
+
+ if (!$res || (sql_num_rows($res) == 0)) {
+ $defVal = $this->_getDefVal($context, $name);
+ $this->_aOptionValues[$key] = $defVal;
+
+ // fill DB with default value
+ $query = 'INSERT INTO ' . sql_table('plugin_option') . ' (oid,ocontextid,ovalue)'
+ .' VALUES ('.intval($oid).', '.intval($contextid).', \''.addslashes($defVal).'\')';
+ sql_query($query);
+ }
+ else {
+ $o = sql_fetch_object($res);
+ $this->_aOptionValues[$key] = $o->ovalue;
+ }
+
+ return $this->_aOptionValues[$key];
+ }
+
+ /**
+ * Returns assoc array with all values for a given option
+ * (one option per possible context id)
+ *
+ * private
+ */
+ function _getAllOptions($context, $name) {
+ $oid = $this->_getOID($context, $name);
+ if (!$oid) return array();
+ $defVal = $this->_getDefVal($context, $name);
+
+ $aOptions = array();
+ switch ($context) {
+ case 'blog':
+ $r = sql_query('SELECT bnumber as contextid FROM ' . sql_table('blog'));
+ break;
+ case 'category':
+ $r = sql_query('SELECT catid as contextid FROM ' . sql_table('category'));
+ break;
+ case 'member':
+ $r = sql_query('SELECT mnumber as contextid FROM ' . sql_table('member'));
+ break;
+ case 'item':
+ $r = sql_query('SELECT inumber as contextid FROM ' . sql_table('item'));
+ break;
+ }
+ if ($r) {
+ while ($o = sql_fetch_object($r))
+ $aOptions[$o->contextid] = $defVal;
+ }
+
+ $res = sql_query('SELECT ocontextid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);
+ while ($o = sql_fetch_object($res))
+ $aOptions[$o->ocontextid] = $o->ovalue;
+
+ return $aOptions;
+ }
+
+ /**
+ * Gets the 'option identifier' that corresponds to a given option name.
+ * When this method is called for the first time, all the OIDs for the plugin
+ * are loaded into memory, to avoid re-doing the same query all over.
+ */
+ function _getOID($context, $name) {
+ $key = $context . '_' . $name;
+ $info = @$this->_aOptionToInfo[$key];
+ if (is_array($info)) return $info['oid'];
+
+ // load all OIDs for this plugin from the database
+ $this->_aOptionToInfo = array();
+ $query = 'SELECT oid, oname, ocontext, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . intval($this->plugid);
+ $res = sql_query($query);
+ while ($o = sql_fetch_object($res)) {
+ $k = $o->ocontext . '_' . $o->oname;
+ $this->_aOptionToInfo[$k] = array('oid' => $o->oid, 'default' => $o->odef);
+ }
+ sql_free_result($res);
+
+ return @$this->_aOptionToInfo[$key]['oid'];
+ }
+ function _getDefVal($context, $name) {
+ $key = $context . '_' . $name;
+ $info = $this->_aOptionToInfo[$key];
+ if (is_array($info)) return $info['default'];
+ }
+
+
+ /**
+ * Deletes all option values for a given context and contextid
+ * (used when e.g. a blog, member or category is deleted)
+ *
+ * (static method)
+ */
+ function _deleteOptionValues($context, $contextid) {
+ // delete all associated plugin options
+ $aOIDs = array();
+ // find ids
+ $query = 'SELECT oid FROM '.sql_table('plugin_option_desc') . ' WHERE ocontext=\''.addslashes($context).'\'';
+ $res = sql_query($query);
+ while ($o = sql_fetch_object($res))
+ array_push($aOIDs, $o->oid);
+ sql_free_result($res);
+ // delete those options. go go go
+ if (count($aOIDs) > 0) {
+ $query = 'DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).') and ocontextid=' . intval($contextid);
+ sql_query($query);
+ }
+ }
+
+ /**
+ * splits the option's typeextra field (at ;'s) to split the meta collection
+ * @param string $typeExtra the value of the typeExtra field of an option
+ * @return array array of the meta-key/value-pairs
+ * @author TeRanEX
+ * @static
+ */
+ function getOptionMeta($typeExtra) {
+ $tmpMeta = explode(';', $typeExtra);
+ $meta = array();
+ for ($i = 0; $i < count($tmpMeta); $i++) {
+ if (($i == 0) && (!strstr($tmpMeta[0], '='))) {
+ // we have the select-list
+ $meta['select'] = $tmpMeta[0];
+ } else {
+ $tmp = explode('=', $tmpMeta[$i]);
+ $meta[$tmp[0]] = $tmp[1];
+ }
+ }
+ return $meta;
+ }
+
+ /**
+ * filters the selectlists out of the meta collection
+ * @param string $typeExtra the value of the typeExtra field of an option
+ * @return string the selectlist
+ * @author TeRanEX
+ */
+ function getOptionSelectValues($typeExtra) {
+ $meta = NucleusPlugin::getOptionMeta($typeExtra);
+ //the select list must always be the first part
+ return $meta['select'];
+ }
+
+ /**
+ * checks if the eventlist in the database is up-to-date
+ * @return bool if it is up-to-date it return true, else false
+ * @author TeRanEX
+ */
+ function subscribtionListIsUptodate() {
+ $res = sql_query('SELECT event FROM '.sql_table('plugin_event').' WHERE pid = '.$this->getID());
+ $ev = array();
+ while($a = sql_fetch_array($res)) {
+ array_push($ev, $a['event']);
+ }
+ if (count($ev) != count($this->getEventList())) {
+ return false;
+ }
+ $d = array_diff($ev, $this->getEventList());
+ if (count($d) > 0) {
+ // there are differences so the db is not up-to-date
+ return false;
+ }
+ return true;
+ }
+
+ /**
+ * @param $aOptions: array ( 'oid' => array( 'contextid' => 'value'))
+ * (taken from request using requestVar())
+ * @param $newContextid: integer (accepts a contextid when it is for a new
+ * contextid there was no id available at the moment of writing the
+ * formcontrols into the page (by ex: itemOptions for new item)
+ * @static
+ */
+ function _applyPluginOptions(&$aOptions, $newContextid = 0) {
+ global $manager;
+ if (!is_array($aOptions)) return;
+
+ foreach ($aOptions as $oid => $values) {
+
+ // get option type info
+ $query = 'SELECT opid, oname, ocontext, otype, oextra, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . intval($oid);
+ $res = sql_query($query);
+ if ($o = sql_fetch_object($res))
+ {
+ foreach ($values as $key => $value) {
+ // avoid overriding the key used by foreach statement
+ $contextid=$key;
+
+ // retreive any metadata
+ $meta = NucleusPlugin::getOptionMeta($o->oextra);
+
+ // if the option is readonly or hidden it may not be saved
+ if ((@$meta['access'] != 'readonly') && (@$meta['access'] != 'hidden')) {
+
+ $value = undoMagic($value); // value comes from request
+
+ switch($o->otype) {
+ case 'yesno':
+ if (($value != 'yes') && ($value != 'no')) $value = 'no';
+ break;
+ default:
+ break;
+ }
+
+ // check the validity of numerical options
+ if ((@$meta['datatype'] == 'numerical') && (!is_numeric($value))) {
+ //the option must be numeric, but the it isn't
+ //use the default for this option
+ $value = $o->odef;
+ }
+
+ // decide wether we are using the contextid of newContextid
+ if ($newContextid != 0) {
+ $contextid = $newContextid;
+ }
+
+ //trigger event PrePluginOptionsUpdate to give the plugin the
+ //possibility to change/validate the new value for the option
+ $manager->notify('PrePluginOptionsUpdate',array('context' => $o->ocontext, 'plugid' => $o->opid, 'optionname' => $o->oname, 'contextid' => $contextid, 'value' => &$value));
+
+ // delete the old value for the option
+ sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid='.intval($oid).' AND ocontextid='.intval($contextid));
+ sql_query('INSERT INTO '.sql_table('plugin_option')." (oid, ocontextid, ovalue) VALUES (".intval($oid).",".intval($contextid).",'" . addslashes($value) . "')");
+ }
+ }
+ }
+ // clear option value cache if the plugin object is already loaded
+ if (is_object($o)) {
+ $plugin=& $manager->pidLoaded($o->opid);
+ if ($plugin) $plugin->clearOptionValueCache();
+ }
+ }
+ }
+ }
?>
\ No newline at end of file
// get all public searchable blogs, no matter what, include the current blog allways.
$res = sql_query('SELECT bnumber FROM '.sql_table('blog').' WHERE bincludesearch=1 ');
- while ($obj = mysql_fetch_object($res))
+ while ($obj = sql_fetch_object($res))
$this->blogs[] = intval($obj->bnumber);
}
// read skin name/description/content type
$res = sql_query('SELECT * FROM '.sql_table('skin_desc').' WHERE sdnumber=' . $this->id);
- $obj = mysql_fetch_object($res);
- $this->isValid = (mysql_num_rows($res) > 0);
+ $obj = sql_fetch_object($res);
+ $this->isValid = (sql_num_rows($res) > 0);
if (!$this->isValid)
return;
. ' FROM '.sql_table('skin_desc')
. ' WHERE sdname="'.addslashes($name).'"';
$res = sql_query($query);
- $obj = mysql_fetch_object($res);
+ $obj = sql_fetch_object($res);
return $obj->sdnumber;
}
);
sql_query('INSERT INTO '.sql_table('skin_desc')." (sdname, sddesc, sdtype, sdincmode, sdincpref) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "','".addslashes($type)."','".addslashes($includeMode)."','".addslashes($includePrefix)."')");
- $newid = mysql_insert_id();
+ $newid = sql_insert_id();
$manager->notify(
'PostAddSkin',
$query = 'SELECT scontent FROM '.sql_table('skin')." WHERE sdesc=$this->id and stype='". addslashes($type) ."'";
$res = sql_query($query);
- if (mysql_num_rows($res) == 0)
+ if (sql_num_rows($res) == 0)
return '';
else
- return mysql_result($res, 0, 0);
+ return sql_result($res, 0, 0);
}
/**
$query = "SELECT stype FROM " . sql_table('skin') . " WHERE stype NOT IN ('index', 'item', 'error', 'search', 'archive', 'archivelist', 'imagepopup', 'member')";
$res = sql_query($query);
- while ($row = mysql_fetch_array($res)) {
+ while ($row = sql_fetch_array($res)) {
$skintypes[strtolower($row['stype'])] = ucfirst($row['stype']);
}
* @version $Id$
* @version $NucleusJP: TEMPLATE.php,v 1.6 2006/07/20 08:01:52 kimitake Exp $
*/
-class TEMPLATE {\r
-\r
- var $id;\r
-\r
- function TEMPLATE($templateid) {\r
- $this->id = intval($templateid);\r
- }\r
-\r
- function getID() {\r
- return intval($this->id);\r
- }\r
-\r
- // (static)\r
- function createFromName($name) {\r
- return new TEMPLATE(TEMPLATE::getIdFromName($name));\r
- }\r
-\r
- // (static)\r
- function getIdFromName($name) {\r
- $query = 'SELECT tdnumber'\r
- . ' FROM '.sql_table('template_desc')\r
- . ' WHERE tdname="'.addslashes($name).'"';\r
- $res = sql_query($query);\r
- $obj = mysql_fetch_object($res);\r
- return $obj->tdnumber;\r
- }\r
-\r
- /**\r
- * Updates the general information about the template\r
- */\r
- function updateGeneralInfo($name, $desc) {\r
- $query = 'UPDATE '.sql_table('template_desc').' SET'\r
- . " tdname='" . addslashes($name) . "',"\r
- . " tddesc='" . addslashes($desc) . "'"\r
- . " WHERE tdnumber=" . $this->getID();\r
- sql_query($query);\r
- }\r
-\r
- /**\r
- * Updates the contents of one part of the template\r
- */\r
- function update($type, $content) {\r
- $id = $this->getID();\r
-\r
- // delete old thingie\r
- sql_query('DELETE FROM '.sql_table('template')." WHERE tpartname='". addslashes($type) ."' and tdesc=" . intval($id));\r
-\r
- // write new thingie\r
- if ($content) {\r
- sql_query('INSERT INTO '.sql_table('template')." SET tcontent='" . addslashes($content) . "', tpartname='" . addslashes($type) . "', tdesc=" . intval($id));\r
- }\r
- }\r
-\r
-\r
- /**\r
- * Deletes all template parts from the database\r
- */\r
- function deleteAllParts() {\r
- sql_query('DELETE FROM '.sql_table('template').' WHERE tdesc='.$this->getID());\r
- }\r
-\r
- /**\r
- * Creates a new template\r
- *\r
- * (static)\r
- */\r
- function createNew($name, $desc) {\r
- global $manager;\r
-\r
- // <temporary hack. for 3.4x ONLY !!>\r
- global $CONF;\r
- if (!$manager && $CONF['installscript']) {\r
- include_once($DIR_LIBS . 'MANAGER.php');\r
- $manager =& MANAGER::instance();\r
- }\r
- // </temporary hack. for 3.4x ONLY !!>\r
-\r
- $manager->notify(\r
- 'PreAddTemplate',\r
- array(\r
- 'name' => &$name,\r
- 'description' => &$desc\r
- )\r
- );\r
-\r
- sql_query('INSERT INTO '.sql_table('template_desc')." (tdname, tddesc) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "')");\r
- $newId = mysql_insert_id();\r
-\r
- $manager->notify(\r
- 'PostAddTemplate',\r
- array(\r
- 'templateid' => $newId,\r
- 'name' => $name,\r
- 'description' => $desc\r
- )\r
- );\r
-\r
- return $newId;\r
- }\r
-\r
-\r
-\r
- /**\r
- * Reads a template and returns an array with the parts.\r
- * (static)\r
- *\r
- * @param $name name of the template file\r
- */\r
- function read($name) {\r
- global $manager;\r
- $manager->notify(\r
- 'PreTemplateRead',\r
- array(\r
- 'template' => &$name\r
- )\r
- );\r
-\r
- $query = 'SELECT tpartname, tcontent'\r
- . ' FROM '.sql_table('template_desc').', '.sql_table('template')\r
- . ' WHERE tdesc=tdnumber and tdname="' . addslashes($name) . '"';\r
- $res = sql_query($query);\r
- while ($obj = mysql_fetch_object($res))\r
- $template[$obj->tpartname] = $obj->tcontent;\r
-\r
- // set locale according to template:\r
- if (isset($template['LOCALE']))\r
- setlocale(LC_TIME,$template['LOCALE']);\r
- else\r
- setlocale(LC_TIME,'');\r
-\r
- return $template;\r
- }\r
-\r
- /**\r
- * fills a template with values\r
- * (static)\r
- *\r
- * @param $template\r
- * Template to be used\r
- * @param $values\r
- * Array of all the values\r
- */\r
- function fill($template, $values) {\r
-\r
- if (sizeof($values) != 0) {\r
- // go through all the values\r
- for(reset($values); $key = key($values); next($values)) {\r
- $template = str_replace("<%$key%>",$values[$key],$template);\r
- }\r
- }\r
-\r
- // remove non matched template-tags\r
- return preg_replace('/<%[a-zA-Z]+%>/','',$template);\r
- }\r
-\r
- // returns true if there is a template with the given shortname\r
- // (static)\r
- function exists($name) {\r
- $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdname="'.addslashes($name).'"');\r
- return (mysql_num_rows($r) != 0);\r
- }\r
-\r
- // returns true if there is a template with the given ID\r
- // (static)\r
- function existsID($id) {\r
- $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdnumber='.intval($id));\r
- return (mysql_num_rows($r) != 0);\r
- }\r
-\r
- // (static)\r
- function getNameFromId($id) {\r
- return quickQuery('SELECT tdname as result FROM '.sql_table('template_desc').' WHERE tdnumber=' . intval($id));\r
- }\r
-\r
- // (static)\r
- function getDesc($id) {\r
- $query = 'SELECT tddesc FROM '.sql_table('template_desc').' WHERE tdnumber='. intval($id);\r
- $res = sql_query($query);\r
- $obj = mysql_fetch_object($res);\r
- return $obj->tddesc;\r
- }\r
-\r
-\r
-\r
-}\r
-\r
+class TEMPLATE {
+
+ var $id;
+
+ function TEMPLATE($templateid) {
+ $this->id = intval($templateid);
+ }
+
+ function getID() {
+ return intval($this->id);
+ }
+
+ // (static)
+ function createFromName($name) {
+ return new TEMPLATE(TEMPLATE::getIdFromName($name));
+ }
+
+ // (static)
+ function getIdFromName($name) {
+ $query = 'SELECT tdnumber'
+ . ' FROM '.sql_table('template_desc')
+ . ' WHERE tdname="'.addslashes($name).'"';
+ $res = sql_query($query);
+ $obj = sql_fetch_object($res);
+ return $obj->tdnumber;
+ }
+
+ /**
+ * Updates the general information about the template
+ */
+ function updateGeneralInfo($name, $desc) {
+ $query = 'UPDATE '.sql_table('template_desc').' SET'
+ . " tdname='" . addslashes($name) . "',"
+ . " tddesc='" . addslashes($desc) . "'"
+ . " WHERE tdnumber=" . $this->getID();
+ sql_query($query);
+ }
+
+ /**
+ * Updates the contents of one part of the template
+ */
+ function update($type, $content) {
+ $id = $this->getID();
+
+ // delete old thingie
+ sql_query('DELETE FROM '.sql_table('template')." WHERE tpartname='". addslashes($type) ."' and tdesc=" . intval($id));
+
+ // write new thingie
+ if ($content) {
+ sql_query('INSERT INTO '.sql_table('template')." SET tcontent='" . addslashes($content) . "', tpartname='" . addslashes($type) . "', tdesc=" . intval($id));
+ }
+ }
+
+
+ /**
+ * Deletes all template parts from the database
+ */
+ function deleteAllParts() {
+ sql_query('DELETE FROM '.sql_table('template').' WHERE tdesc='.$this->getID());
+ }
+
+ /**
+ * Creates a new template
+ *
+ * (static)
+ */
+ function createNew($name, $desc) {
+ global $manager;
+
+ // <temporary hack. for 3.4x ONLY !!>
+ global $CONF;
+ if (!$manager && $CONF['installscript']) {
+ include_once($DIR_LIBS . 'MANAGER.php');
+ $manager =& MANAGER::instance();
+ }
+ // </temporary hack. for 3.4x ONLY !!>
+
+ $manager->notify(
+ 'PreAddTemplate',
+ array(
+ 'name' => &$name,
+ 'description' => &$desc
+ )
+ );
+
+ sql_query('INSERT INTO '.sql_table('template_desc')." (tdname, tddesc) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "')");
+ $newId = sql_insert_id();
+
+ $manager->notify(
+ 'PostAddTemplate',
+ array(
+ 'templateid' => $newId,
+ 'name' => $name,
+ 'description' => $desc
+ )
+ );
+
+ return $newId;
+ }
+
+
+
+ /**
+ * Reads a template and returns an array with the parts.
+ * (static)
+ *
+ * @param $name name of the template file
+ */
+ function read($name) {
+ global $manager;
+ $manager->notify(
+ 'PreTemplateRead',
+ array(
+ 'template' => &$name
+ )
+ );
+
+ $query = 'SELECT tpartname, tcontent'
+ . ' FROM '.sql_table('template_desc').', '.sql_table('template')
+ . ' WHERE tdesc=tdnumber and tdname="' . addslashes($name) . '"';
+ $res = sql_query($query);
+ while ($obj = sql_fetch_object($res))
+ $template[$obj->tpartname] = $obj->tcontent;
+
+ // set locale according to template:
+ if (isset($template['LOCALE']))
+ setlocale(LC_TIME,$template['LOCALE']);
+ else
+ setlocale(LC_TIME,'');
+
+ return $template;
+ }
+
+ /**
+ * fills a template with values
+ * (static)
+ *
+ * @param $template
+ * Template to be used
+ * @param $values
+ * Array of all the values
+ */
+ function fill($template, $values) {
+
+ if (sizeof($values) != 0) {
+ // go through all the values
+ for(reset($values); $key = key($values); next($values)) {
+ $template = str_replace("<%$key%>",$values[$key],$template);
+ }
+ }
+
+ // remove non matched template-tags
+ return preg_replace('/<%[a-zA-Z]+%>/','',$template);
+ }
+
+ // returns true if there is a template with the given shortname
+ // (static)
+ function exists($name) {
+ $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdname="'.addslashes($name).'"');
+ return (sql_num_rows($r) != 0);
+ }
+
+ // returns true if there is a template with the given ID
+ // (static)
+ function existsID($id) {
+ $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdnumber='.intval($id));
+ return (sql_num_rows($r) != 0);
+ }
+
+ // (static)
+ function getNameFromId($id) {
+ return quickQuery('SELECT tdname as result FROM '.sql_table('template_desc').' WHERE tdnumber=' . intval($id));
+ }
+
+ // (static)
+ function getDesc($id) {
+ $query = 'SELECT tddesc FROM '.sql_table('template_desc').' WHERE tdnumber='. intval($id);
+ $res = sql_query($query);
+ $obj = sql_fetch_object($res);
+ return $obj->tddesc;
+ }
+
+
+
+}
+
?>
\ No newline at end of file
// catch all output generated by plugins\r
ob_start();\r
$res = sql_query('SELECT pfile FROM '.sql_table('plugin'));\r
- while ($plugName = mysql_fetch_object($res)) {\r
+ while ($plugName = sql_fetch_object($res)) {\r
$plug =& $manager->getPlugin($plugName->pfile);\r
if ($plug) $tables = array_merge($tables, (array) $plug->getTableList());\r
}\r
// add command to drop table on restore\r
echo "DROP TABLE IF EXISTS $tablename;\n";\r
$result = sql_query("SHOW CREATE TABLE $tablename");\r
- $create = mysql_fetch_assoc($result);\r
+ $create = sql_fetch_assoc($result);\r
echo $create['Create Table'];\r
echo ";\n\n";\r
}\r
\r
$fields = array();\r
for ($j = 0; $j < $num_fields; $j++) {\r
- $fields[] = mysql_field_name($result, $j);\r
+ $fields[] = sql_field_name($result, $j);\r
}\r
\r
/* }*/\r
//\r
// Grab the data from the table.\r
//\r
- $result = mysql_query("SELECT * FROM $tablename");\r
+ $result = sql_query("SELECT * FROM $tablename");\r
\r
- if(mysql_num_rows($result) > 0)\r
+ if(sql_num_rows($result) > 0)\r
echo "\n#\n# " . sprintf(_BACKUP_BACKUPFILE_TABLEDATAFOR, $tablename) . "\n#\n";\r
\r
- $num_fields = mysql_num_fields($result);\r
+ $num_fields = sql_num_fields($result);\r
\r
//\r
// Compose fieldname list\r
//\r
// Loop through the resulting rows and build the sql statement.\r
//\r
- while ($row = mysql_fetch_array($result))\r
+ while ($row = sql_fetch_array($result))\r
{\r
// Start building the SQL statement.\r
\r
// DEBUG\r
// debug("Executing: " . htmlspecialchars($sql) . "\n");\r
\r
- $result = mysql_query($sql);\r
- if (!$result) debug(_BACKUP_RESTOR_SQL_ERROR . mysql_error());\r
+ $result = sql_query($sql);\r
+ if (!$result) debug(_BACKUP_RESTOR_SQL_ERROR . sql_error());\r
\r
}\r
}\r
}\r
\r
// include core classes that are needed for login & plugin handling\r
-include($DIR_LIBS . 'mysql.php');\r
+// added for 3.5 sql_* wrapper\r
+global $MYSQL_HANDLER;\r
+if (!isset($MYSQL_HANDLER))\r
+ $MYSQL_HANDLER = array('mysql','');\r
+include_once($DIR_LIBS . 'sql/'.$MYSQL_HANDLER[0].'.php');\r
+// end new for 3.5 sql_* wrapper\r
+include_once($DIR_LIBS . 'mysql.php');\r
include($DIR_LIBS . 'MEMBER.php');\r
include($DIR_LIBS . 'ACTIONLOG.php');\r
include($DIR_LIBS . 'MANAGER.php');\r
include($DIR_LIBS . 'PLUGIN.php');\r
\r
-$manager = MANAGER::instance();\r
+$manager =& MANAGER::instance();\r
\r
// make sure there's no unnecessary escaping:\r
set_magic_quotes_runtime(0);\r
/**\r
* Connects to mysql server\r
*/\r
+/* moved to $DIR_LIBS/sql/*.php handler files\r
function sql_connect() {\r
global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_CONN;\r
\r
$MYSQL_CONN = @mysql_connect($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD) or startUpError('<p>Could not connect to MySQL database.</p>', 'Connect Error');\r
mysql_select_db($MYSQL_DATABASE) or startUpError('<p>Could not select database: ' . mysql_error() . '</p>', 'Connect Error');\r
\r
-/*/ <add for garble measure>\r
- $resource = sql_query("show variables LIKE 'character_set_database'");\r
- $fetchDat = mysql_fetch_assoc($resource);\r
- $charset = $fetchDat['Value'];\r
- $mySqlVer = implode('.', array_map('intval', explode('.', mysql_get_server_info($MYSQL_CONN))));\r
- if ($mySqlVer >= '5.0.7' && phpversion() >= '5.2.3') {\r
- mysql_set_charset($charset);\r
- } elseif ($mySqlVer >= '4.1.0') {\r
- sql_query("SET NAMES " . $charset);\r
- }\r
-// </add for garble measure>*/\r
-\r
return $MYSQL_CONN;\r
-}\r
+}*/\r
\r
/**\r
* returns a prefixed nucleus table name\r
/**\r
* disconnects from SQL server\r
*/\r
+/* moved to $DIR_LIBS/sql/*.php handler files\r
function sql_disconnect() {\r
@mysql_close();\r
-}\r
+}*/\r
\r
/**\r
* executes an SQL query\r
*/\r
+/* moved to $DIR_LIBS/sql/*.php handler files\r
function sql_query($query) {\r
global $SQLCount;\r
$SQLCount++;\r
$res = mysql_query($query) or print("mySQL error with query $query: " . mysql_error() . '<p />');\r
return $res;\r
-}\r
+}*/\r
\r
\r
/**\r
\r
function quickQuery($q) {\r
$res = sql_query($q);\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
return $obj->result;\r
}\r
\r
function getPluginNameFromPid($pid) {\r
$res = sql_query('SELECT pfile FROM ' . sql_table('plugin') . ' WHERE pid=' . intval($pid) );\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
return $obj->pfile;\r
}\r
\r
// 1. get timestamp, blogid and catid for item\r
$query = 'SELECT itime, iblog, icat FROM ' . sql_table('item') . ' WHERE inumber=' . intval($itemid);\r
$res = sql_query($query);\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
\r
// if a different blog id has been set through the request or selectBlog(),\r
// deny access\r
$query = 'SELECT inumber, ititle FROM ' . sql_table('item') . ' WHERE itime<' . mysqldate($timestamp) . ' and idraft=0 and iblog=' . $blogid . $catextra . ' ORDER BY itime DESC LIMIT 1';\r
$res = sql_query($query);\r
\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
\r
if ($obj) {\r
$itemidprev = $obj->inumber;\r
$query = 'SELECT inumber, ititle FROM ' . sql_table('item') . ' WHERE itime>' . mysqldate($timestamp) . ' and itime <= ' . mysqldate($b->getCorrectTime()) . ' and idraft=0 and iblog=' . $blogid . $catextra . ' ORDER BY itime ASC LIMIT 1';\r
$res = sql_query($query);\r
\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
\r
if ($obj) {\r
$itemidnext = $obj->inumber;\r
$query = 'SELECT * FROM ' . sql_table('config');\r
$res = sql_query($query);\r
\r
- while ($obj = mysql_fetch_object($res) ) {\r
+ while ($obj = sql_fetch_object($res) ) {\r
$CONF[$obj->name] = $obj->value;\r
}\r
}\r
$plugins=array();\r
$query='SELECT pfile FROM '.sql_table('plugin');\r
$res=sql_query($query);\r
- while($row=mysql_fetch_row($res)) {\r
+ while($row=sql_fetch_row($res)) {\r
$name=substr($row[0],3);\r
$plugins[strtolower($name)]=$name;\r
}\r
- mysql_free_result($res);\r
+ sql_free_result($res);\r
if ($plugins[$path]) $plugin_name=$plugins[$path];\r
else if (in_array($path,$plugins)) $plugin_name=$path;\r
else {\r
function numberOfEventSubscriber($event) {\r
$query = 'SELECT COUNT(*) as count FROM ' . sql_table('plugin_event') . ' WHERE event=\'' . $event . '\'';\r
$res = sql_query($query);\r
- $obj = mysql_fetch_object($res);\r
+ $obj = sql_fetch_object($res);\r
return $obj->count;\r
}\r
\r
$res = sql_query($query);
// don't do anything if there are no results
- $numrows = mysql_num_rows($res);
+ $numrows = sql_num_rows($res);
if ($numrows == 0)
return 0;
call_user_func('listplug_' . $type, $template, 'HEAD');
- while($template['current'] = mysql_fetch_object($res))
+ while($template['current'] = sql_fetch_object($res))
call_user_func('listplug_' . $type, $template, 'BODY');
call_user_func('listplug_' . $type, $template, 'FOOT');
- mysql_free_result($res);
+ sql_free_result($res);
// return amount of results
return $numrows;
// check dependency require
$req = array();
$res = sql_query('SELECT pfile FROM ' . sql_table('plugin'));
- while($o = mysql_fetch_object($res)) {
+ while($o = sql_fetch_object($res)) {
$preq =& $manager->getPlugin($o->pfile);
if ($preq) {
$depList = $preq->getPluginDep();
// show list of defined parts
$r = sql_query('SELECT stype FROM '.sql_table('skin').' WHERE sdesc='.$current->sdnumber . ' ORDER BY stype');
$types = array();
- while ($o = mysql_fetch_object($r))
+ while ($o = sql_fetch_object($r))
array_push($types,$o->stype);
if (sizeof($types) > 0) {
$friendlyNames = SKIN::getFriendlyNames();
. ' WHERE'
. ' sdesc = ' . $skinId;
$res = sql_query($que);
- while ($partObj = mysql_fetch_object($res)) {
+ while ($partObj = sql_fetch_object($res)) {
$type = htmlspecialchars($partObj->stype, ENT_QUOTES);
$cdata = $this->escapeCDATA($partObj->scontent);
if (_CHARSET != 'UTF-8') {
. ' WHERE'
. ' tdesc = ' . $templateId;
$res = sql_query($que);
- while ($partObj = mysql_fetch_object($res)) {
+ while ($partObj = sql_fetch_object($res)) {
$type = htmlspecialchars($partObj->tpartname, ENT_QUOTES);
$cdata = $this->escapeCDATA($partObj->tcontent);
if (_CHARSET != 'UTF-8') {
--- /dev/null
+<?php
+
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2007 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+/**
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2007 The Nucleus Group
+ * @version $Id: mysql.php 1279 2008-10-23 08:18:26Z shizuki $
+ */
+
+/*
+ * complete sql_* wrappers for mysql functions
+ *
+ * functions moved from globalfunctions.php: sql_connect, sql_disconnect, sql_query
+ */
+
+$MYSQL_CONN = 0;
+
+if (function_exists('mysql_query') && !function_exists('sql_fetch_assoc'))
+{
+ /**
+ * Connects to mysql server with arguments
+ */
+ function sql_connect_args($mysql_host, $mysql_user, $mysql_password) {
+
+ $CONN = @mysql_connect($mysql_host, $mysql_user, $mysql_password);
+
+ return $CONN;
+ }
+
+ /**
+ * Connects to mysql server
+ */
+ function sql_connect() {
+ global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_CONN;
+
+ $MYSQL_CONN = @mysql_connect($MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD) or startUpError('<p>Could not connect to MySQL database.</p>', 'Connect Error');
+ mysql_select_db($MYSQL_DATABASE) or startUpError('<p>Could not select database: ' . mysql_error() . '</p>', 'Connect Error');
+
+/*/ <add for garble measure>
+ $resource = sql_query("show variables LIKE 'character_set_database'");
+ $fetchDat = sql_fetch_assoc($resource);
+ $charset = $fetchDat['Value'];
+ $mySqlVer = implode('.', array_map('intval', explode('.', sql_get_server_info($MYSQL_CONN))));
+ if ($mySqlVer >= '5.0.7' && phpversion() >= '5.2.3') {
+ mysql_set_charset($charset);
+ } elseif ($mySqlVer >= '4.1.0') {
+ sql_query("SET NAMES " . $charset);
+ }
+// </add for garble measure>*/
+
+ return $MYSQL_CONN;
+ }
+
+ /**
+ * disconnects from SQL server
+ */
+ function sql_disconnect() {
+ global $MYSQL_CONN;
+ @mysql_close($MYSQL_CONN);
+ }
+
+ function sql_close() {
+ global $MYSQL_CONN;
+ @mysql_close($MYSQL_CONN);
+ }
+
+ /**
+ * executes an SQL query
+ */
+ function sql_query($query) {
+ global $SQLCount,$MYSQL_CONN;
+ $SQLCount++;
+ $res = mysql_query($query,$MYSQL_CONN) or print("mySQL error with query $query: " . mysql_error() . '<p />');
+ return $res;
+ }
+
+ /**
+ * executes an SQL error
+ */
+ function sql_error()
+ {
+ global $MYSQL_CONN;
+ return mysql_error($MYSQL_CONN);
+ }
+
+ /**
+ * executes an SQL db select
+ */
+ function sql_select_db($db)
+ {
+ global $MYSQL_CONN;
+ return mysql_select_db($db,$MYSQL_CONN);
+ }
+
+ /**
+ * executes an SQL real escape
+ */
+ function sql_real_escape_string($val)
+ {
+ global $MYSQL_CONN;
+ return mysql_real_escape_string($val,$MYSQL_CONN);
+ }
+
+ /**
+ * executes an SQL insert id
+ */
+ function sql_insert_id()
+ {
+ global $MYSQL_CONN;
+ return mysql_insert_id($MYSQL_CONN);
+ }
+
+ /**
+ * executes an SQL result request
+ */
+ function sql_result($res, $row, $col)
+ {
+ return mysql_result($res,$row,$col);
+ }
+
+ /**
+ * frees sql result resources
+ */
+ function sql_free_result($res)
+ {
+ return mysql_free_result($res);
+ }
+
+ /**
+ * returns number of rows in SQL result
+ */
+ function sql_num_rows($res)
+ {
+ return mysql_num_rows($res);
+ }
+
+ /**
+ * returns number of rows affected by SQL query
+ */
+ function sql_affected_rows($res)
+ {
+ return mysql_affected_rows($res);
+ }
+
+ /**
+ * Get number of fields in result
+ */
+ function sql_num_fields($res)
+ {
+ return mysql_num_fields($res);
+ }
+
+ /**
+ * fetches next row of SQL result as an associative array
+ */
+ function sql_fetch_assoc($res)
+ {
+ return mysql_fetch_assoc($res);
+ }
+
+ /**
+ * Fetch a result row as an associative array, a numeric array, or both
+ */
+ function sql_fetch_array($res)
+ {
+ return mysql_fetch_array($res);
+ }
+
+ /**
+ * fetches next row of SQL result as an object
+ */
+ function sql_fetch_object($res)
+ {
+ return mysql_fetch_object($res);
+ }
+
+ /**
+ * Get a result row as an enumerated array
+ */
+ function sql_fetch_row($res)
+ {
+ return mysql_fetch_row($res);
+ }
+
+ /**
+ * Get column information from a result and return as an object
+ */
+ function sql_fetch_field($res,$offset = 0)
+ {
+ return mysql_fetch_field($res,$offset);
+ }
+
+ /**
+ * Get current system status (returns string)
+ */
+ function sql_stat()
+ {
+ global $MYSQL_CONN;
+ return mysql_stat();
+ }
+
+ /**
+ * Returns the name of the character set
+ */
+ function sql_client_encoding()
+ {
+ global $MYSQL_CONN;
+ return mysql_client_encoding();
+ }
+
+ /**
+ * Get SQL client version
+ */
+ function sql_get_client_info()
+ {
+ return mysql_get_client_info();
+ }
+
+ /**
+ * Get SQL server version
+ */
+ function sql_get_server_info()
+ {
+ global $MYSQL_CONN;
+ return mysql_get_server_info($MYSQL_CONN);
+ }
+
+ /**
+ * Returns a string describing the type of SQL connection in use for the connection or FALSE on failure
+ */
+ function sql_get_host_info()
+ {
+ global $MYSQL_CONN;
+ return mysql_get_host_info($MYSQL_CONN);
+ }
+
+ /**
+ * Returns the SQL protocol on success, or FALSE on failure.
+ */
+ function sql_get_proto_info()
+ {
+ global $MYSQL_CONN;
+ return mysql_get_proto_info($MYSQL_CONN);
+ }
+
+}
+
+/**************************************************************************
+ Unimplemented mysql_* functions
+
+# mysql_ change_ user
+# mysql_ create_ db
+# mysql_ data_ seek
+# mysql_ db_ name
+# mysql_ db_ query
+# mysql_ drop_ db
+# mysql_ errno
+# mysql_ escape_ string
+# mysql_ fetch_ lengths
+# mysql_ field_ flags
+# mysql_ field_ len
+# mysql_ field_ name
+# mysql_ field_ seek
+# mysql_ field_ table
+# mysql_ field_ type
+# mysql_ info
+# mysql_ list_ dbs
+# mysql_ list_ fields
+# mysql_ list_ processes
+# mysql_ list_ tables
+# mysql_ pconnect
+# mysql_ ping
+# mysql_ set_ charset
+# mysql_ tablename
+# mysql_ thread_ id
+# mysql_ unbuffered_ query
+*******************************************************************/
+
+
+
+?>
\ No newline at end of file
--- /dev/null
+<?php
+
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2007 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+/**
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2007 The Nucleus Group
+ * @version $Id: mysql.php 1279 2008-10-23 08:18:26Z shizuki $
+ */
+
+/*
+ * complete sql_* wrappers for mysql functions
+ *
+ * functions moved from globalfunctions.php: sql_connect, sql_disconnect, sql_query
+ */
+
+$MYSQL_CONN = 0;
+global $SQL_DBH;
+$SQL_DBH = NULL;
+
+if (function_exists('mysql_query') && !function_exists('sql_fetch_assoc'))
+{
+ /**
+ * Connects to mysql server
+ */
+ function sql_connect_args($mysql_host, $mysql_user, $mysql_password) {
+ global $MYSQL_HANDLER;
+
+ try {
+ if (strpos($mysql_host,':') === false) {
+ $host = $mysql_host;
+ $port = '';
+ }
+ else {
+ list($host,$port) = explode(":",$mysql_host);
+ if (isset($port))
+ $port = ';port='.trim($port);
+ else
+ $port = '';
+ }
+
+ $DBH = new PDO($MYSQL_HANDLER[1].':host='.$host.$port, $mysql_user, $mysql_password);
+
+ } catch (PDOException $e) {
+ startUpError('<p>Error!: ' . $e->getMessage() . '</p>', 'Connect Error');
+ }
+
+ return $DBH;
+
+ }
+
+ /**
+ * Connects to mysql server
+ */
+ function sql_connect() {
+ global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_CONN, $MYSQL_HANDLER, $SQL_DBH;
+
+ try {
+ if (strpos($MYSQL_HOST,':') === false) {
+ $host = $MYSQL_HOST;
+ $port = '';
+ }
+ else {
+ list($host,$port) = explode(":",$MYSQL_HOST);
+ if (isset($port))
+ $port = ';port='.trim($port);
+ else
+ $port = '';
+ }
+
+ $SQL_DBH = new PDO($MYSQL_HANDLER[1].':host='.$host.$port.';dbname='.$MYSQL_DATABASE, $MYSQL_USER, $MYSQL_PASSWORD);
+
+ } catch (PDOException $e) {
+ startUpError('<p>Error!: ' . $e->getMessage() . '</p>', 'Connect Error');
+ }
+
+/*/ <add for garble measure>
+ $resource = sql_query("show variables LIKE 'character_set_database'");
+ $fetchDat = sql_fetch_assoc($resource);
+ $charset = $fetchDat['Value'];
+ $mySqlVer = implode('.', array_map('intval', explode('.', sql_get_server_info($MYSQL_CONN))));
+ if ($mySqlVer >= '5.0.7' && phpversion() >= '5.2.3') {
+ mysql_set_charset($charset);
+ } elseif ($mySqlVer >= '4.1.0') {
+ sql_query("SET NAMES " . $charset);
+ }
+// </add for garble measure>*/
+
+ return $MYSQL_CONN;
+
+ }
+
+ /**
+ * disconnects from SQL server
+ */
+ function sql_disconnect() {
+ global $SQL_DBH;
+ $SQL_DBH = NULL;
+ }
+
+ function sql_close() {
+ global $SQL_DBH;
+ $SQL_DBH = NULL;
+ }
+
+ /**
+ * executes an SQL query
+ */
+ function sql_query($query) {
+ global $SQLCount,$SQL_DBH;
+ $SQLCount++;
+ $res = $SQL_DBH->query($query);
+ if ($res->errorCode() != '00000') {
+ $errors = $res->errorInfo();
+ }
+
+ return $res;
+ }
+
+ /**
+ * executes an SQL error
+ */
+ function sql_error()
+ {
+ return '';
+ }
+
+ /**
+ * executes an SQL db select
+ */
+ function sql_select_db($db)
+ {
+ global $MYSQL_HOST, $MYSQL_USER, $MYSQL_PASSWORD, $MYSQL_DATABASE, $MYSQL_CONN, $MYSQL_HANDLER, $SQL_DBH;
+ $SQL_DBH = NULL;
+ try {
+ list($host,$port) = explode(":",$MYSQL_HOST);
+ if (isset($port))
+ $port = ';port='.trim($port);
+ else
+ $port = '';
+ $SQL_DBH = new PDO($MYSQL_HANDLER[1].':host='.trim($host).$port.';dbname='.$db, $MYSQL_USER, $MYSQL_PASSWORD);
+
+ } catch (PDOException $e) {
+ startUpError('<p>Error!: ' . $e->getMessage() . '</p>', 'Connect Error');
+ }
+ }
+
+ /**
+ * executes an SQL real escape
+ */
+ function sql_real_escape_string($val)
+ {
+ return addslashes($val);
+ }
+
+ /**
+ * executes an SQL insert id
+ */
+ function sql_insert_id()
+ {
+ global $SQL_DBH;
+
+ return $SQL_DBH->lastInsertId();
+ }
+
+ /**
+ * executes an SQL result request
+ */
+ function sql_result($res, $row = 0, $col = 0)
+ {
+ $results = array();
+ if (intval($row) < 1) {
+ $results = $res->fetch(PDO::FETCH_BOTH);
+ return $results[$col];
+ }
+ else {
+ for ($i = 0; $i < intval($row); $i++) {
+ $results = $res->fetch(PDO::FETCH_BOTH);
+ }
+ $results = $res->fetch(PDO::FETCH_BOTH);
+ return $results[$col];
+ }
+ }
+
+ /**
+ * frees sql result resources
+ */
+ function sql_free_result($res)
+ {
+ $res = NULL;
+ return true;
+ }
+
+ /**
+ * returns number of rows in SQL result
+ */
+ function sql_num_rows($res)
+ {
+ return $res->rowCount();
+ }
+
+ /**
+ * returns number of rows affected by SQL query
+ */
+ function sql_affected_rows($res)
+ {
+ return $res->rowCount();
+ }
+
+ /**
+ * Get number of fields in result
+ */
+ function sql_num_fields($res)
+ {
+ return $res->columnCount();
+ }
+
+ /**
+ * fetches next row of SQL result as an associative array
+ */
+ function sql_fetch_assoc($res)
+ {
+ $results = array();
+ $results = $res->fetch(PDO::FETCH_ASSOC);
+ return $results;
+ }
+
+ /**
+ * Fetch a result row as an associative array, a numeric array, or both
+ */
+ function sql_fetch_array($res)
+ {
+ $results = array();
+ $results = $res->fetch(PDO::FETCH_BOTH);
+ return $results;
+ }
+
+ /**
+ * fetches next row of SQL result as an object
+ */
+ function sql_fetch_object($res)
+ {
+ $results = NULL;
+ $results = $res->fetchObject();
+ return $results;
+ }
+
+ /**
+ * Get a result row as an enumerated array
+ */
+ function sql_fetch_row($res)
+ {
+ $results = array();
+ $results = $res->fetch(PDO::FETCH_NUM);
+ return $results;
+ }
+
+ /**
+ * Get column information from a result and return as an object
+ */
+ function sql_fetch_field($res,$offset = 0)
+ {
+ $results = array();
+ $obj = NULL;
+ $results = $res->getColumnMeta($offset);
+ foreach($results as $key=>$value) {
+ $obj->$key = $value;
+ }
+ return $obj;
+ }
+
+ /**
+ * Get current system status (returns string)
+ */
+ function sql_stat()
+ {
+ //not implemented
+ return '';
+ }
+
+ /**
+ * Returns the name of the character set
+ */
+ function sql_client_encoding()
+ {
+ //not implemented
+ return '';
+ }
+
+ /**
+ * Get SQL client version
+ */
+ function sql_get_client_info()
+ {
+ global $SQL_DBH;
+ return $SQL_DBH->getAttribute(constant("PDO::ATTR_CLIENT_VERSION"));
+ }
+
+ /**
+ * Get SQL server version
+ */
+ function sql_get_server_info()
+ {
+ global $SQL_DBH;
+ return $SQL_DBH->getAttribute(constant("PDO::ATTR_SERVER_VERSION"));
+ }
+
+ /**
+ * Returns a string describing the type of SQL connection in use for the connection or FALSE on failure
+ */
+ function sql_get_host_info()
+ {
+ global $SQL_DBH;
+ return $SQL_DBH->getAttribute(constant("PDO::ATTR_SERVER_INFO"));
+ }
+
+ /**
+ * Returns the SQL protocol on success, or FALSE on failure.
+ */
+ function sql_get_proto_info()
+ {
+ //not implemented
+ return '';
+ }
+
+}
+
+/**************************************************************************
+ Unimplemented mysql_* functions
+
+# mysql_ change_ user
+# mysql_ create_ db
+# mysql_ data_ seek
+# mysql_ db_ name
+# mysql_ db_ query
+# mysql_ drop_ db
+# mysql_ errno
+# mysql_ escape_ string
+# mysql_ fetch_ lengths
+# mysql_ field_ flags
+# mysql_ field_ len
+# mysql_ field_ name
+# mysql_ field_ seek
+# mysql_ field_ table
+# mysql_ field_ type
+# mysql_ info
+# mysql_ list_ dbs
+# mysql_ list_ fields
+# mysql_ list_ processes
+# mysql_ list_ tables
+# mysql_ pconnect
+# mysql_ ping
+# mysql_ set_ charset
+# mysql_ tablename
+# mysql_ thread_ id
+# mysql_ unbuffered_ query
+*******************************************************************/
+
+
+
+?>
\ No newline at end of file
// check if member is on at least one teamlist
$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
-$teams = mysql_query($query);
-if (mysql_num_rows($teams) == 0)
+$teams = sql_query($query);
+if (sql_num_rows($teams) == 0)
media_doError(_ERROR_DISALLOWEDUPLOAD);
// get action
sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE lastfail < ".(time() - ($this->login_lockout * 60)));
$query = "SELECT fails as result FROM ".sql_table('plug_securityenforcer')." ";
// $query .= "WHERE login='".addslashes($login)."'";
- $query .= "WHERE login='".mysql_real_escape_string($login)."'";
+ $query .= "WHERE login='".sql_real_escape_string($login)."'";
$flogin = quickQuery($query);
$query = "SELECT fails as result FROM ".sql_table('plug_securityenforcer')." ";
// $query .= "WHERE login='".addslashes($ip)."'";
- $query .= "WHERE login='".mysql_real_escape_string($ip)."'";
+ $query .= "WHERE login='".sql_real_escape_string($ip)."'";
$fip = quickQuery($query);
if ($flogin >= $this->max_failed_login || $fip >= $this->max_failed_login) {
$data['success'] = 0;
$login = $data['username'];
$ip = $_SERVER['REMOTE_ADDR'];
// sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".addslashes($login)."'");
- sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".mysql_real_escape_string($login)."'");
+ sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($login)."'");
// sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".addslashes($ip)."'");
- sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".mysql_real_escape_string($ip)."'");
+ sql_query("DELETE FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($ip)."'");
}
}
$ip = $_SERVER['REMOTE_ADDR'];
//sql_table('plug_securityenforcer')
// $lres = sql_query("SELECT * FROM ".sql_table('plug_securityenforcer')." WHERE login='".addslashes($login)."'");
- $lres = sql_query("SELECT * FROM ".sql_table('plug_securityenforcer')." WHERE login='".mysql_real_escape_string($login)."'");
- if (mysql_num_rows($lres)) {
+ $lres = sql_query("SELECT * FROM ".sql_table('plug_securityenforcer')." WHERE login='".sql_real_escape_string($login)."'");
+ if (sql_num_rows($lres)) {
// sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".addslashes($login)."'");
- sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".mysql_real_escape_string($login)."'");
+ sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".sql_real_escape_string($login)."'");
}
else {
// sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".addslashes($login)."',1,".time().")");
- sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".mysql_real_escape_string($login)."',1,".time().")");
+ sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".sql_real_escape_string($login)."',1,".time().")");
}
$lres = sql_query("SELECT * FROM ".sql_table('plug_securityenforcer')." WHERE login='".addslashes($ip)."'");
- if (mysql_num_rows($lres)) {
+ if (sql_num_rows($lres)) {
// sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".addslashes($ip)."'");
- sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".mysql_real_escape_string($ip)."'");
+ sql_query("UPDATE ".sql_table('plug_securityenforcer')." SET fails=fails+1, lastfail=".time()." WHERE login='".sql_real_escape_string($ip)."'");
}
else {
// sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".addslashes($ip)."',1,".time().")");
- sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".mysql_real_escape_string($ip)."',1,".time().")");
+ sql_query("INSERT INTO ".sql_table('plug_securityenforcer')." (login,fails,lastfail) VALUES ('".sql_real_escape_string($ip)."',1,".time().")");
}
}
}
function skin_incmodepref() {
global $currentSkinName;
$sql = "SELECT * FROM ".sql_table("skin_desc")." WHERE sdname = '".$currentSkinName."'";
- $result = mysql_query($sql);
- $row = mysql_fetch_array($result, MYSQL_ASSOC);
+ $result = sql_query($sql);
+ $row = sql_fetch_array($result, MYSQL_ASSOC);
return array($row['sdincmode'], $row['sdincpref']);
}
echo '<tr><td colspan="2" class="submit"><input type="submit" value="'._SECURITYENFORCER_UNLOCK.'" /></td></tr>';\r
// do query to get all entries, loop\r
$result = sql_query("SELECT * FROM ".sql_table("plug_securityenforcer")." WHERE fails >= ".$plug->max_failed_login);\r
- if(mysql_num_rows($result)) {\r
- while($row = mysql_fetch_assoc($result)) {\r
+ if(sql_num_rows($result)) {\r
+ while($row = sql_fetch_assoc($result)) {\r
echo '<tr>';\r
echo '<td>'.htmlspecialchars($row['login']).'</td>';\r
echo '<td><input type="checkbox" name="unlock[]" value="'.htmlspecialchars($row['login']).'" />'._SECURITYENFORCER_UNLOCK.'</td>';\r
." LIMIT $amount";
$r = sql_query($query);
- while ($row = mysql_fetch_assoc($r)) {
+ while ($row = sql_fetch_assoc($r)) {
// remove linebreaks if needed
if ($blog->convertBreaks())
$category = _getArrayVal($catlist, 0);
-// $comments = (int) _getStructVal($struct, 'mt_allow_comments') ? 0 : 1;\r
- $comments = $struct->structmem('mt_allow_comments');\r
- if ($comments) {\r
- $closed = (intval(_getStructVal($struct, 'mt_allow_comments')) == 1) ? 0 : 1;\r
- } else {\r
- $closed = 0;\r
- }\r
+// $comments = (int) _getStructVal($struct, 'mt_allow_comments') ? 0 : 1;
+ $comments = $struct->structmem('mt_allow_comments');
+ if ($comments) {
+ $closed = (intval(_getStructVal($struct, 'mt_allow_comments')) == 1) ? 0 : 1;
+ } else {
+ $closed = 0;
+ }
$publish = _getScalar($m,4);
// Add item
-// $res = _addItem($blogid, $username, $password, $title, $content, $more, $publish, $comments, $category);\r
- $res = _addItem($blogid, $username, $password, $title, $content, $more, $publish, $closed, $category);\r
+// $res = _addItem($blogid, $username, $password, $title, $content, $more, $publish, $comments, $category);
+ $res = _addItem($blogid, $username, $password, $title, $content, $more, $publish, $closed, $category);
// Handle trackbacks
$trackbacks = array();
$comments = $struct->structmem('mt_allow_comments');
if ($comments) {
-// $comments = (int) _getStructVal($struct, 'mt_allow_comments') ? 0 : 1;\r
- $closed = (intval(_getStructVal($struct, 'mt_allow_comments')) == 1) ? 0 : 1;\r
+// $comments = (int) _getStructVal($struct, 'mt_allow_comments') ? 0 : 1;
+ $closed = (intval(_getStructVal($struct, 'mt_allow_comments')) == 1) ? 0 : 1;
} else {
-// $comments = $old['closed'];\r
- $closed = $old['closed'];\r
+// $comments = $old['closed'];
+ $closed = $old['closed'];
}
-// $res = _edititem($itemid, $username, $password, $catid, $title, $content, $more, $wasdraft, $publish, $comments);\r
+// $res = _edititem($itemid, $username, $password, $catid, $title, $content, $more, $wasdraft, $publish, $comments);
$res = _edititem($itemid, $username, $password, $catid, $title, $content, $more, $wasdraft, $publish, $closed);
// Handle trackbacks
$trackbacks = array();
." LIMIT $amount";
$r = sql_query($query);
- while ($row = mysql_fetch_assoc($r)) {
+ while ($row = sql_fetch_assoc($r)) {
// remove linebreaks if needed
if ($blog->convertBreaks()) {
. " ORDER BY cname";
$r = sql_query($query);
- while ($obj = mysql_fetch_object($r)) {
+ while ($obj = sql_fetch_object($r)) {
$categorystruct[$obj->cname] = new xmlrpcval(
array(
*
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2009 The Nucleus Group
- * @version $Id$\r
+ * @version $Id$
* * $NucleusJP: api_mt.inc.php,v 1.5 2006/07/17 20:03:45 kimitake Exp $
*/
. " ORDER BY cname";
$r = sql_query($query);
- while ($obj = mysql_fetch_object($r)) {
+ while ($obj = sql_fetch_object($r)) {
$categorystruct[] = new xmlrpcval(
array(
." LIMIT $iAmount";
$r = sql_query($query);
- while ($row = mysql_fetch_assoc($r)) {
+ while ($row = sql_fetch_assoc($r)) {
$newstruct = new xmlrpcval(array(
"dateCreated" => new xmlrpcval(iso8601_encode(strtotime($row['itime'])),"dateTime.iso8601"),
." ORDER BY itime DESC"
." LIMIT $amount";
$r = sql_query($query);
- while ($obj = mysql_fetch_object($r)) {
+ while ($obj = sql_fetch_object($r)) {
$newstruct = new xmlrpcval(array(
"publishDate" => new xmlrpcval(iso8601_encode(strtotime($obj->itime)),"dateTime.iso8601"),
"userid" => new xmlrpcval($obj->iauthor,"string"),
. " ORDER BY bname";
$r = sql_query($query);
- while ($obj = mysql_fetch_object($r)) {
+ while ($obj = sql_fetch_object($r)) {
if ($obj->burl)
$blogurl = $obj->burl;
else
OSDN Git Service
