/**
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2006 The Nucleus Group
- * @version $Id: functions.inc.php 1624 2012-01-09 11:36:20Z sakamocchi $
+ * @version $Id: functions.inc.php 1889 2012-06-17 08:46:45Z sakamocchi $
*/
// try to set a long timeout time
}
// - call callback
- if ($this->strCallback && function_exists($this->strCallback)) {
- call_user_func_array($this->strCallback, array(&$aData));
+ if ( $this->strCallback && function_exists($this->strCallback) )
+ {
+ $params = array(&$aData);
+ call_user_func_array($this->strCallback, $params);
}
if ($this->bDebug) {
switch($what) {
// ----------------------------------------------------------------------------------------
case 'NucleusMemberOptions':
- $res = sql_query('SELECT mname as text, mnumber as value FROM '.sql_table('member'));
- while ($o = mysql_fetch_object($res)) {
- echo '<option value="'.i18n::hsc($o->value).'">'.i18n::hsc($o->text).'</option>';
+ $res = DB::getResult('SELECT mname as text, mnumber as value FROM '.sql_table('member'));
+ foreach ( $res as $row )
+ {
+ echo '<option value="'.Entity::hsc($row['value']).'">'.Entity::hsc($row['text']).'</option>';
}
break;
// ----------------------------------------------------------------------------------------
$query = 'SELECT bname as text, bnumber as value FROM '.sql_table('blog');
$template['name'] = 'blogid';
$template['selected'] = $CONF['DefaultBlog'];
- showlist($query,'select',$template);
+ echo showlist($query,'select',$template);
break;
// ----------------------------------------------------------------------------------------
case 'ConvertSelectMembers':
<tr>
<td>
<strong><?php echo $a_name?></strong>
- <input name="author[<?php echo $idx?>]" value="<?php echo i18n::hsc($a_name)?>" type="hidden"
+ <input name="author[<?php echo $idx?>]" value="<?php echo Entity::hsc($a_name)?>" type="hidden" />
</td>
<td>
<select name="memberid[<?php echo $idx?>]">
<tr>
<td><em>Default Member</em></td>
<td>
- <input name="author[<?php echo $idx?>]" value="_default" type="hidden"
+ <input name="author[<?php echo $idx?>]" value="_default" type="hidden" />
<select name="memberid[<?php echo $idx?>]">
<?php echo $optionsHtml; ?>
</select>
<tr>
<td>
<strong><?php echo $a_name?></strong>
- <input name="category[<?php echo $idx?>]" value="<?php echo i18n::hsc($a_name)?>" type="hidden"
+ <input name="category[<?php echo $idx?>]" value="<?php echo Entity::hsc($a_name)?>" type="hidden" />
</td>
<td>
<select name="catid[<?php echo $idx?>]">
if ($createnew == 1) {
// choose unique name
$shortname = 'import';
- if (BLOG::exists($shortname)) {
+ if (Blog::exists($shortname)) {
$idx = 1;
- while (BLOG::exists($shortname . $idx))
+ while (Blog::exists($shortname . $idx))
$idx++;
$shortname = $shortname . $idx;
}
* Called by XML parser for data inside elements
*/
function characterData ($parser, $data) {
- if ($this->bDebug) echo 'NEW DATA: ', i18n::hsc($data), '<br />';
+ if ($this->bDebug) echo 'NEW DATA: ', Entity::hsc($data), '<br />';
$this->cdata .= $data;
}
}
function sql_addToItem($title, $body, $more, $blogid, $authorid, $timestamp, $closed, $category, $karmapos, $karmaneg) {
- $title = trim(addslashes($title));
- $body = trim(addslashes($body));
- $more = trim(addslashes($more));
- $timestamp = date("Y-m-d H:i:s", $timestamp);
+ $title = DB::quoteValue(trim($title));
+ $body = DB::quoteValue(trim($body));
+ $more = DB::quoteValue(trim($more));
+ $timestamp = DB::formatDateTime($timestamp);
$query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IKARMAPOS, IKARMANEG, ICAT) '
- . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $karmapos, $karmaneg, $category)";
+ . "VALUES ($title, $body, $more, $blogid, $authorid, $timestamp, $closed, $karmapos, $karmaneg, $category)";
- mysql_query($query) or die("Error while executing query: " . $query);
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+ }
- return mysql_insert_id();
+ return DB::getInsertId();
}
function sql_addToBlog($name, $shortname, $ownerid) {
- $name = addslashes($name);
- $shortname = addslashes($shortname);
+ $name = DB::quoteValue($name);
+ $shortname = DB::quoteValue($shortname);
// create new category first
- mysql_query('INSERT INTO '.sql_table('category')." (CNAME, CDESC) VALUES ('General','Items that do not fit in another category')");
- $defcat = mysql_insert_id();
+ DB::execute('INSERT INTO '.sql_table('category')." (CNAME, CDESC) VALUES ('General','Items that do not fit in another category')");
+ $defcat = DB::getInsertId();
- $query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ('$name','$shortname',1 ,0, $defcat)";
- mysql_query($query) or die("Error while executing query: " . $query);
- $id = mysql_insert_id();
+ $query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ($name, $shortname, 1, 0, $defcat)";
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+ }
+ $id = DB::getInsertId();
// update category row so it links to blog
- mysql_query('UPDATE ' . sql_table('category') . ' SET cblog=' . intval($id). ' WHERE catid=' . intval($defcat));
+ DB::execute('UPDATE ' . sql_table('category') . ' SET cblog=' . intval($id). ' WHERE catid=' . intval($defcat));
BlogImport::sql_addToTeam($id,$ownerid,1);
}
function sql_addToComments($name, $url, $body, $blogid, $itemid, $memberid, $timestamp, $host, $ip='') {
- $name = addslashes($name);
- $url = addslashes($url);
- $body = trim(addslashes($body));
- $host = addslashes($host);
- $ip = addslashes($ip);
- $timestamp = date("Y-m-d H:i:s", $timestamp);
+ $name = DB::quoteValue($name);
+ $url = DB::quoteValue($url);
+ $body = DB::quoteValue(trim($body));
+ $host = DB::quoteValue($host);
+ $ip = DB::quoteValue($ip);
+ $timestamp = DB::formatDateTime($timestamp);
$query = 'INSERT INTO '.sql_table('comment')
. ' (CUSER, CMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CBLOG, CIP) '
- . "VALUES ('$name', '$url', $memberid, '$body', $itemid, '$timestamp', '$host', $blogid, '$ip')";
+ . "VALUES ($name, $url, $memberid, $body, $itemid, $timestamp, $host, $blogid, $ip)";
- mysql_query($query) or die("Error while executing query: " . $query);
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+ }
- return mysql_insert_id();
+ return DB::getInsertId();
}
function sql_addToTeam($blogid, $memberid, $admin) {
$query = 'INSERT INTO '.sql_table('team').' (TMEMBER, TBLOG, TADMIN) '
. "VALUES ($memberid, $blogid, $admin)";
- mysql_query($query) or die("Error while executing query: " . $query);
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+ }
- return mysql_insert_id();
+ return DB::getInsertId();
}
-
-
}
// some sort of version checking
// TODO: remove this function (replaced by BlogImport::sql_addToItem)
function convert_addToItem($title, $body, $more, $blogid, $authorid, $timestamp, $closed, $category, $karmapos, $karmaneg) {
- $title = trim(addslashes($title));
- $body = trim(addslashes($body));
- $more = trim(addslashes($more));
+ $title = DB::quoteValue(trim($title));
+ $body = DB::quoteValue(trim($body));
+ $more = DB::quoteValue(trim($more));
$query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IKARMAPOS, IKARMANEG, ICAT) '
- . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $karmapos, $karmaneg, $category)";
+ . "VALUES ($title, $body, $more, $blogid, $authorid, '$timestamp', $closed, $karmapos, $karmaneg, $category)";
- mysql_query($query) or die("Error while executing query: " . $query);
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+ }
- return mysql_insert_id();
+ return DB::getInsertId();
}
// TODO: remove this function (replaced by BlogImport::sql_addToBlog)
function convert_addToBlog($name, $shortname, $ownerid) {
- $name = addslashes($name);
- $shortname = addslashes($shortname);
+ $name = DB::quoteValue($name);
+ $shortname = DB::quoteValue($shortname);
// create new category first
- mysql_query('INSERT INTO '.sql_table('category')." (CNAME, CDESC) VALUES ('General','Items that do not fit in another categort')");
- $defcat = mysql_insert_id();
+ DB::execute('INSERT INTO '.sql_table('category')." (CNAME, CDESC) VALUES ('General','Items that do not fit in another categort')");
+ $defcat = DB::getInsertId();
- $query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ('$name','$shortname',1 ,0, $defcat)";
- mysql_query($query) or die("Error while executing query: " . $query);
- $id = mysql_insert_id();
+ $query = 'INSERT INTO '.sql_table('blog')." (BNAME, BSHORTNAME, BCOMMENTS, BMAXCOMMENTS, BDEFCAT) VALUES ($name, $shortname, 1, 0, $defcat)";
+ if ( DB::execute($query) === FALSE )
+ {
+ die('Error while executing query: ' . $query);
+ }
+ $id = DB::getInsertId();
convert_addToTeam($id,$ownerid,1);
-
return $id;
}
// TODO: remove this function (replaced by BlogImport::sql_addToComments)
function convert_addToComments($name, $url, $body, $blogid, $itemid, $memberid, $timestamp, $host, $ip='') {
- $name = addslashes($name);
- $url = addslashes($url);
- $body = trim(addslashes($body));
- $host = addslashes($host);
- $ip = addslashes($ip);
+ $name = DB::quoteValue($name);
+ $url = DB::quoteValue($url);
+ $body = DB::quoteValue(trim($body));
+ $host = DB::quoteValue($host);
+ $ip = DB::quoteValue($ip);
$query = 'INSERT INTO '.sql_table('comment')
. ' (CUSER, CMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CBLOG, CIP) '
- . "VALUES ('$name', '$url', $memberid, '$body', $itemid, '$timestamp', '$host', $blogid, '$ip')";
+ . "VALUES ($name, $url, $memberid, $body, $itemid, '$timestamp', $host, $blogid, $ip)";
- mysql_query($query) or die("Error while executing query: " . $query);
+ if ( DB::execute($query) === FALSE )
+ {
+ die("Error while executing query: " . $query);
+ }
- return mysql_insert_id();
+ return DB::getInsertId();
}
// TODO: remove this function (replaced by BlogImport::sql_addToTeam)
$query = 'INSERT INTO '.sql_table('team').' (TMEMBER, TBLOG, TADMIN) '
. "VALUES ($memberid, $blogid, $admin)";
- mysql_query($query) or die("Error while executing query: " . $query);
-
- return mysql_insert_id();
+ if ( DB::execute($query) === FALSE )
+ {
+ die("Error while executing query: " . $query);
+ }
+
+ return DB::getInsertId();
}
function convert_showLogin($type) {
<head>
<title>Nucleus Convert</title>
<style><!--
- @import url('../styles/manual.css');
+ @import url('../styles/documentation/manual.css');
--></style>
</head>
<body>