/**
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2006 The Nucleus Group
- * @version $Id: functions.inc.php 1624 2012-01-09 11:36:20Z sakamocchi $
+ * @version $Id: functions.inc.php 1889 2012-06-17 08:46:45Z sakamocchi $
*/
// try to set a long timeout time
}
// - call callback
- if ($this->strCallback && function_exists($this->strCallback)) {
- call_user_func_array($this->strCallback, array(&$aData));
+ if ( $this->strCallback && function_exists($this->strCallback) )
+ {
+ $params = array(&$aData);
+ call_user_func_array($this->strCallback, $params);
}
if ($this->bDebug) {
$query = 'SELECT bname as text, bnumber as value FROM '.sql_table('blog');
$template['name'] = 'blogid';
$template['selected'] = $CONF['DefaultBlog'];
- showlist($query,'select',$template);
+ echo showlist($query,'select',$template);
break;
// ----------------------------------------------------------------------------------------
case 'ConvertSelectMembers':
}
function sql_addToItem($title, $body, $more, $blogid, $authorid, $timestamp, $closed, $category, $karmapos, $karmaneg) {
- $title = trim(addslashes($title));
- $body = trim(addslashes($body));
- $more = trim(addslashes($more));
- $timestamp = date("Y-m-d H:i:s", $timestamp);
+ $title = DB::quoteValue(trim($title));
+ $body = DB::quoteValue(trim($body));
+ $more = DB::quoteValue(trim($more));
+ $timestamp = DB::formatDateTime($timestamp);
$query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IKARMAPOS, IKARMANEG, ICAT) '
- . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $karmapos, $karmaneg, $category)";
+ . "VALUES ($title, $body, $more, $blogid, $authorid, $timestamp, $closed, $karmapos, $karmaneg, $category)";
if ( DB::execute($query) === FALSE )
{
+<<<<<<< HEAD
die("Error while executing query: " . $query);
+=======
+ die('Error while executing query: ' . $query);
+>>>>>>> skinnable-master
}
return DB::getInsertId();
}
function sql_addToBlog($name, $shortname, $ownerid) {
- $name = addslashes($name);
- $shortname = addslashes($shortname);
+ $name = DB::quoteValue($name);
+ $shortname = DB::quoteValue($shortname);
// create new category first
DB::execute('INSERT INTO '.sql_table('category')." (CNAME, CDESC) VALUES ('General','Items that do not fit in another category')");
$defcat = DB::getInsertId();
+<<<<<<< HEAD
$query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ('$name','$shortname',1 ,0, $defcat)";
if ( DB::execute($query) === FALSE )
{
die("Error while executing query: " . $query);
+=======
+ $query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ($name, $shortname, 1, 0, $defcat)";
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+>>>>>>> skinnable-master
}
$id = DB::getInsertId();
}
function sql_addToComments($name, $url, $body, $blogid, $itemid, $memberid, $timestamp, $host, $ip='') {
- $name = addslashes($name);
- $url = addslashes($url);
- $body = trim(addslashes($body));
- $host = addslashes($host);
- $ip = addslashes($ip);
- $timestamp = date("Y-m-d H:i:s", $timestamp);
+ $name = DB::quoteValue($name);
+ $url = DB::quoteValue($url);
+ $body = DB::quoteValue(trim($body));
+ $host = DB::quoteValue($host);
+ $ip = DB::quoteValue($ip);
+ $timestamp = DB::formatDateTime($timestamp);
$query = 'INSERT INTO '.sql_table('comment')
. ' (CUSER, CMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CBLOG, CIP) '
- . "VALUES ('$name', '$url', $memberid, '$body', $itemid, '$timestamp', '$host', $blogid, '$ip')";
+ . "VALUES ($name, $url, $memberid, $body, $itemid, $timestamp, $host, $blogid, $ip)";
if ( DB::execute($query) === FALSE )
{
+<<<<<<< HEAD
die("Error while executing query: " . $query);
+=======
+ die('Error while executing query: ' . $query);
+>>>>>>> skinnable-master
}
return DB::getInsertId();
if ( DB::execute($query) === FALSE )
{
+<<<<<<< HEAD
die("Error while executing query: " . $query);
+=======
+ die('Error while executing query: ' . $query);
+>>>>>>> skinnable-master
}
return DB::getInsertId();
// TODO: remove this function (replaced by BlogImport::sql_addToItem)
function convert_addToItem($title, $body, $more, $blogid, $authorid, $timestamp, $closed, $category, $karmapos, $karmaneg) {
- $title = trim(addslashes($title));
- $body = trim(addslashes($body));
- $more = trim(addslashes($more));
+ $title = DB::quoteValue(trim($title));
+ $body = DB::quoteValue(trim($body));
+ $more = DB::quoteValue(trim($more));
$query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IKARMAPOS, IKARMANEG, ICAT) '
- . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $karmapos, $karmaneg, $category)";
+ . "VALUES ($title, $body, $more, $blogid, $authorid, '$timestamp', $closed, $karmapos, $karmaneg, $category)";
if ( DB::execute($query) === FALSE )
{
+<<<<<<< HEAD
die("Error while executing query: " . $query);
+=======
+ die('Error while executing query: ' . $query);
+>>>>>>> skinnable-master
}
return DB::getInsertId();
// TODO: remove this function (replaced by BlogImport::sql_addToBlog)
function convert_addToBlog($name, $shortname, $ownerid) {
- $name = addslashes($name);
- $shortname = addslashes($shortname);
+ $name = DB::quoteValue($name);
+ $shortname = DB::quoteValue($shortname);
// create new category first
DB::execute('INSERT INTO '.sql_table('category')." (CNAME, CDESC) VALUES ('General','Items that do not fit in another categort')");
$defcat = DB::getInsertId();
+<<<<<<< HEAD
$query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ('$name','$shortname',1 ,0, $defcat)";
if ( DB::execute($query) === FALSE )
{
die("Error while executing query: " . $query);
+=======
+ $query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ($name, $shortname, 1, 0, $defcat)";
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+>>>>>>> skinnable-master
}
$id = DB::getInsertId();
// TODO: remove this function (replaced by BlogImport::sql_addToComments)
function convert_addToComments($name, $url, $body, $blogid, $itemid, $memberid, $timestamp, $host, $ip='') {
- $name = addslashes($name);
- $url = addslashes($url);
- $body = trim(addslashes($body));
- $host = addslashes($host);
- $ip = addslashes($ip);
+ $name = DB::quoteValue($name);
+ $url = DB::quoteValue($url);
+ $body = DB::quoteValue(trim($body));
+ $host = DB::quoteValue($host);
+ $ip = DB::quoteValue($ip);
$query = 'INSERT INTO '.sql_table('comment')
. ' (CUSER, CMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CBLOG, CIP) '
- . "VALUES ('$name', '$url', $memberid, '$body', $itemid, '$timestamp', '$host', $blogid, '$ip')";
+ . "VALUES ($name, $url, $memberid, $body, $itemid, '$timestamp', $host, $blogid, $ip)";
if ( DB::execute($query) === FALSE )
{
<head>
<title>Nucleus Convert</title>
<style><!--
- @import url('../styles/manual.css');
+ @import url('../styles/documentation/manual.css');
--></style>
</head>
<body>