$this->description = stripslashes($this->description);\r
$this->description = addslashes($this->description);\r
sql_query("insert into ".sql_table('plug_gallery_picture')\r
- ." values (NULL, '{$this->title}' , '{$this->description}' , {$this->ownerid} , "\r
- ."NULL , {$this->albumid} , '{$this->filename}' , '{$this->int_filename}' , '{$this->thumb_filename}', '{$this->keywords}' )" );\r
+ ." values (NULL, '{$this->title}' , '{$this->description}' , ".intval($this->ownerid)." , "\r
+ ."NULL , ".intval($this->albumid)." , '".addslashes($this->filename)."' , '".addslashes($this->int_filename)."' , '".addslashes($this->thumb_filename)."', '".addslashes($this->keywords)."' )" );\r
\r
//picture id of most recently added -- could be referenced by calling fuction (or PICTURE->getID()\r
$this->id = mysql_insert_id(); \r
\r
//increment album number of images -- consider rewrite as an album method that actually counts number of images?\r
- sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages + 1 where albumid = {$this->albumid}");\r
+ sql_query("update ".sql_table('plug_gallery_album')." set numberofimages = numberofimages + 1 where albumid = ".intval($this->albumid));\r
} \r
//present, so just update values\r
else { \r
$this->description = stripslashes($this->description);\r
$this->description = addslashes($this->description);\r
sql_query("update ".sql_table('plug_gallery_picture')\r
- ." set title='{$this->title}', "\r
- ."description='{$this->description}', " \r
- ."keywords='{$this->keywords}',"\r
- ."albumid={$this->albumid} "\r
- ."where pictureid={$this->id}" );\r
+ ." set title='".addslashes($this->title)."', "\r
+ ."description='".addslashes($this->description)."', " \r
+ ."keywords='".addslashes($this->keywords)."',"\r
+ ."albumid=".intval($this->albumid)." "\r
+ ."where pictureid=".intval($this->id) );\r
}\r
\r
}\r
\r
function get_data($id) {\r
- $result = sql_query("select a.*, b.mname from ".sql_table('plug_gallery_picture').' as a left join '.sql_table('member')." as b on a.ownerid=b.mnumber where a.pictureid=$id" );\r
+ $result = sql_query("select a.*, b.mname from ".sql_table('plug_gallery_picture').' as a left join '.sql_table('member')." as b on a.ownerid=b.mnumber where a.pictureid=".intval($id) );\r
if(mysql_num_rows($result)) {\r
if(mysql_num_rows($result)){\r
$data = mysql_fetch_object($result);\r
if(!$data->mname) $data->mname = 'guest';\r
\r
//get number of views\r
- $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.$data->pictureid);\r
+ $res = sql_query('select views from '.sql_table('plug_gallery_views').' where vpictureid = '.intval($data->pictureid));\r
if(mysql_num_rows($res)) {\r
$row = mysql_fetch_object($res);\r
$data->views = $row->views;\r
else $data->views = 0;\r
\r
//get albumtitle for breadcrumb\r
- $res = sql_query('select title from '.sql_table('plug_gallery_album').' where albumid='.$data->albumid);\r
+ $res = sql_query('select title from '.sql_table('plug_gallery_album').' where albumid='.intval($data->albumid));\r
if(mysql_num_rows($res)) {\r
$row = mysql_fetch_object($res);\r
$data->albumtitle = $row->title;\r
else {\r
$so = 'order by '.$sorting[$defaultorder].', pictureid DESC';\r
}\r
- if(!$query) $this->query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid='.$this->albumid.$so;\r
+ if(!$query) $this->query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid='.intval($this->albumid).$so;\r
else $this->query = $query;\r
\r
//sql_query('create temporary table temptableview (tempid int unsigned not null auto_increment primary key) '.$this->query);\r
\r
- //$result = sql_query('select tempid from temptableview where pictureid='.$this->id);\r
+ //$result = sql_query('select tempid from temptableview where pictureid='.intval($this->id));\r
//$tid = mysql_fetch_object($result);\r
\r
\r
\r
\r
//next thumb\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid > '.$pid.' '.$so.' '.$sortingascdesc[$sort].' and albumid = '.$this->albumid.' limit 0,1';\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid > '.intval($pid).' '.$so.' '.$sortingascdesc[$sort].' and albumid = '.intval($this->albumid).' limit 0,1';\r
echo $query;\r
$result = sql_query($query);\r
if(!mysql_num_rows($result)) \r
$this->nextid = $row->pictureid;\r
}\r
//previous thumb\r
- $result = sql_query('select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid < '.$pid.' '.$so.' '.$oppositeorder.' and albumid = '.$albumid.' limit 0,1');\r
+ $result = sql_query('select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where pictureid < '.intval($pid).' '.$so.' '.$oppositeorder.' and albumid = '.intval($albumid).' limit 0,1');\r
if(!mysql_num_rows($result)) \r
$this->previous = 0;\r
else {\r
//if someone can figure out a better way of doing this, please do it!\r
\r
//getting forward offset\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$order[$sort];\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$order[$sort];\r
$result = sql_query($query);\r
$i=0;\r
while ($row = mysql_fetch_object($result)){\r
}\r
//next thumb \r
\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$order[$sort].' limit '.$offset.',1';\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$order[$sort].' limit '.intval($offset).',1';\r
$result = sql_query($query);\r
\r
//echo $query;\r
$this->nextid = $row->pictureid;\r
}\r
//getting backwards offset\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$oppositeorder;\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$oppositeorder;\r
$result = sql_query($query);\r
$i=0;\r
while ($row = mysql_fetch_object($result)){\r
}\r
\r
//previous thumb\r
- $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.$this->albumid.' order by '.$sorting[$sort].$oppositeorder.' limit '.$offset.',1';\r
+ $query = 'select pictureid, thumb_filename from '.sql_table('plug_gallery_picture').' where albumid = '.intval($this->albumid).' order by '.$sorting[$sort].$oppositeorder.' limit '.intval($offset).',1';\r
//echo $query;\r
$result = sql_query($query);\r
if(!mysql_num_rows($result)) \r
$returnval['message'] = 'ID is null in PICTURE::delete';\r
return $returnval;\r
}\r
- $query = 'select * from '.sql_table('plug_gallery_picture').' where pictureid='.$id;\r
+ $query = 'select * from '.sql_table('plug_gallery_picture').' where pictureid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) {\r
$returnval['status'] = 'error';\r
if(@ !unlink($NP_BASE_DIR.$row->filename)) echo 'file: '.$row->filename.' could not be deleted<br/>';\r
if(@ !unlink($NP_BASE_DIR.$row->int_filename)) echo 'file: '.$row->int_filename.' could not be deleted<br/>';\r
if(@ !unlink($NP_BASE_DIR.$row->thumb_filename)) echo 'file: '.$row->thumb_filename.' could not be deleted<br/>';\r
- $query = 'delete from '.sql_table('plug_gallery_picture').' where pictureid='.$row->pictureid;\r
+ $query = 'delete from '.sql_table('plug_gallery_picture').' where pictureid='.intval($row->pictureid);\r
$result2 = mysql_query($query);\r
if(!$result2) {\r
$returnval['status'] = 'error';\r
\r
$manager->loadClass('ITEM');\r
\r
- $query = 'select * from '.sql_table('plug_gallery_promo').' where ppictureid='.$id;\r
+ $query = 'select * from '.sql_table('plug_gallery_promo').' where ppictureid='.intval($id);\r
$result = mysql_query($query);\r
if(!$result) {\r
$returnval['status'] = 'error';\r
while ($row = mysql_fetch_object($result) ){\r
ITEM::delete($row->pblogitemid);\r
}\r
- sql_query('delete from '.sql_table('plug_gallery_promo').' where ppictureid='.$id);\r
+ sql_query('delete from '.sql_table('plug_gallery_promo').' where ppictureid='.intval($id));\r
$returnval['status'] = 'success';\r
return $returnval;\r
}\r
}\r
function tagaccept($left,$top,$width,$height,$text){\r
sql_query("INSERT INTO ".sql_table('plug_gallery_picturetag')." ( `pictureid` , `top` , `left` , `height` , `width` , `text` )\r
- VALUES ( '" . $this->id ." ', '" .$top."', '" .$left." ' , '" .$height."' , '" .$width."' , '" .$text."' ); ");\r
+ VALUES ( '" . addslashes($this->id) ." ', '" .addslashes($top)."', '" .addslashes($left)." ' , '" .addslashes($height)."' , '" .addslashes($width)."' , '" .addslashes($text)."' ); ");\r
echo "<SCRIPT LANGUAGE=\"JavaScript\">\r
window.location=\"" . $NP_BASE_DIR . "action.php?action=plugin&name=gallery&type=item&id=". $this->id . "\"" .\r
"</script>";\r
}\r
\r
function tagdelete(){\r
- sql_query("DELETE FROM ".sql_table('plug_gallery_picturetag'). " WHERE `pictureid` = '" . $this->id . "' LIMIT 1; ");\r
+ sql_query("DELETE FROM ".sql_table('plug_gallery_picturetag'). " WHERE `pictureid` = '" . intval($this->id) . "' LIMIT 1; ");\r
echo "<SCRIPT LANGUAGE=\"JavaScript\">\r
window.location=\"" . $NP_BASE_DIR . "action.php?action=plugin&name=gallery&type=item&id=". $this->id . " \"" .\r
"</script>";\r
if(!$NPG_CONF['viewtime']) $NPG_CONF['viewtime'] = 30 ;\r
$cuttime = $NPG_CONF['viewtime'];\r
//first test for duplicates\r
- $query = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = $pictureid";\r
+ $query = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".($pictureid);\r
//$result = mysql_query($query);\r
//print_r($result);\r
//$numrows= mysql_num_rows($result);\r
//echo $numrows;\r
if(@mysql_num_rows($result)>1){\r
//if theres more than one\r
- $query= 'DELETE FROM '.sql_table('plug_gallery_views').' WHERE vpictureid = $pictureid ORDER BY views LIMIT 1' ;\r
+ $query= 'DELETE FROM '.sql_table('plug_gallery_views').' WHERE vpictureid = '.intval($pictureid).' ORDER BY views LIMIT 1' ;\r
mysql_query($query);\r
}\r
\r
- $query = 'select time from '.sql_table('plug_gallery_views_log')." where ip = '$remoteip' and vlpictureid = $pictureid";\r
+ $query = 'select time from '.sql_table('plug_gallery_views_log')." where ip = '".addslashes($remoteip)."' and vlpictureid = ".intval($pictureid);\r
$result = sql_query($query);\r
if(mysql_num_rows($result)) {\r
$row = mysql_fetch_object($result);\r
- $query2 = 'update '.sql_table('plug_gallery_views_log')." set time = NOW() where ip = '$remoteip' and vlpictureid = $pictureid";\r
+ $query2 = 'update '.sql_table('plug_gallery_views_log')." set time = NOW() where ip = '".addslashes($remoteip)."' and vlpictureid = ".intval($pictureid);\r
$result2 = sql_query($query2);\r
if( ($curtime - (intval($NPG_CONF['viewtime']) * 60) ) > converttimestamp($row->time) ) {\r
- $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = $pictureid";\r
+ $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".intval($pictureid);\r
$result3 = mysql_query($query3);\r
if(mysql_num_rows($result3))\r
- sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = $pictureid");\r
- else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values ($pictureid, 1)");\r
+ sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = ".intval($pictureid));\r
+ else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values (".intval($pictureid).", 1)");\r
}\r
} else {\r
- $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = $pictureid";\r
+ $query3 = 'select * from '.sql_table('plug_gallery_views')." where vpictureid = ".intval($pictureid);\r
$result3 = mysql_query($query3);\r
if(mysql_num_rows($result3))\r
- sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = $pictureid");\r
- else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values ($pictureid, 1)");\r
- sql_query('insert into '.sql_table('plug_gallery_views_log')." (vlpictureid, ip, time) values ($pictureid, '$remoteip', NULL)");\r
+ sql_query('update '.sql_table('plug_gallery_views')." set views = views + 1 where vpictureid = ".intval($pictureid));\r
+ else sql_query('insert into '.sql_table('plug_gallery_views')." (vpictureid, views) values (".intval($pictureid).", 1)");\r
+ sql_query('insert into '.sql_table('plug_gallery_views_log')." (vlpictureid, ip, time) values (".intval($pictureid).", '".addslashes($remoteip)."', NULL)");\r
} \r
\r
}\r
function parse_tooltip() {\r
//get picture tag infor\r
$gid = requestVar('id');\r
- $res = sql_query('select * from '.sql_table('plug_gallery_picturetag').' where pictureid= '. $gid .' ');\r
+ $res = sql_query('select * from '.sql_table('plug_gallery_picturetag').' where pictureid= '. intval($gid) .' ');\r
$numrows = @mysql_num_rows($res);\r
echo "<div id=\"tooltip2\">";\r
for ($i=0 ; $i<$numrows;$i++) {\r