本文整理匯總了PHP中COM_makesid函數的典型用法代碼示例。如果您正苦於以下問題:PHP COM_makesid函數的具體用法?PHP COM_makesid怎麽用?PHP COM_makesid使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了COM_makesid函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: MG_beginSession
/**
* creates a new batch session id
*
* @parm char action to be performed
* @return int false if error, session_id if OK
*
*/
function MG_beginSession($action, $origin, $description, $flag0 = '', $flag1 = '', $flag2 = '', $flag3 = '', $flag4 = '')
{
global $_TABLES, $_USER, $_MG_CONF;
// create a new session_id
$session_id = COM_makesid();
$session_uid = intval($_USER['uid']);
$session_status = 1;
// 0 = complete, 1 = active, 2 = aborted ?? 0 not started, 1 started, 2 complete, 3 aborted?
$session_action = $action;
$session_start_time = time();
$session_end_time = time();
$session_description = addslashes($description);
$flag0 = addslashes($flag0);
$flag1 = addslashes($flag1);
$flag2 = addslashes($flag2);
$flag3 = addslashes($flag3);
$flag4 = addslashes($flag4);
$sql = "INSERT INTO {$_TABLES['mg_sessions']} " . "(session_id, session_uid, session_description, " . "session_status, session_action, session_origin, " . "session_start_time, session_end_time, session_var0, " . "session_var1, session_var2, session_var3, session_var4) " . "VALUES " . "('{$session_id}', {$session_uid}, '{$session_description}', " . "{$session_status}, '{$session_action}', '{$origin}', " . "{$session_start_time}, {$session_end_time}, '{$flag0}', " . "'{$flag1}', '{$flag2}', '{$flag3}', '{$flag4}')";
$result = DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("MediaGallery: Error - Unable to create new batch session");
return false;
}
return $session_id;
}
示例2: editlink
/**
* Shows the links editor
*
* @param string $mode Used to see if we are moderating a link or simply editing one
* @param string $lid ID of link to edit
* @global array core config vars
* @global array core group data
* @global array core table data
* @global array core user data
* @global array links plugin config vars
* @global array links plugin lang vars
* @global array core lang access vars
* @return string HTML for the link editor form
*
*/
function editlink($mode, $lid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $_LI_CONF, $LANG_LINKS_ADMIN, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
$retval = '';
$link_templates = COM_newTemplate(CTL_plugin_templatePath('links', 'admin'));
$link_templates->set_file('editor', 'linkeditor.thtml');
$link_templates->set_var('lang_pagetitle', $LANG_LINKS_ADMIN[28]);
$link_templates->set_var('lang_link_list', $LANG_LINKS_ADMIN[53]);
$link_templates->set_var('lang_new_link', $LANG_LINKS_ADMIN[51]);
$link_templates->set_var('lang_validate_links', $LANG_LINKS_ADMIN[26]);
$link_templates->set_var('lang_list_categories', $LANG_LINKS_ADMIN[50]);
$link_templates->set_var('lang_new_category', $LANG_LINKS_ADMIN[52]);
$link_templates->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
$link_templates->set_var('instructions', $LANG_LINKS_ADMIN[29]);
if ($mode != 'editsubmission' and !empty($lid)) {
$result = DB_query("SELECT * FROM {$_TABLES['links']} WHERE lid ='{$lid}'");
if (DB_numRows($result) !== 1) {
$msg = COM_showMessageText($LANG_LINKS_ADMIN[25], $LANG_LINKS_ADMIN[24]);
return $msg;
}
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 or $access == 2) {
$retval .= COM_showMessageText($LANG_LINKS_ADMIN[17], $LANG_LINKS_ADMIN[16]);
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit link {$lid}.");
return $retval;
}
} else {
if ($mode == 'editsubmission') {
$result = DB_query("SELECT * FROM {$_TABLES['linksubmission']} WHERE lid = '{$lid}'");
$A = DB_fetchArray($result);
} else {
$A['lid'] = COM_makesid();
$A['cid'] = '';
$A['url'] = '';
$A['description'] = '';
$A['title'] = '';
$A['owner_id'] = $_USER['uid'];
}
$A['hits'] = 0;
if (isset($_GROUPS['Links Admin'])) {
$A['group_id'] = $_GROUPS['Links Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('links.edit');
}
SEC_setDefaultPermissions($A, $_LI_CONF['default_permissions']);
$access = 3;
}
$token = SEC_createToken();
$retval .= COM_startBlock($LANG_LINKS_ADMIN[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= SEC_getTokenExpiryNotice($token);
$link_templates->set_var('link_id', $A['lid']);
if (!empty($lid) && SEC_hasRights('links.edit')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$link_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$link_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
if ($mode == 'editsubmission') {
$link_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
}
}
$link_templates->set_var('lang_linktitle', $LANG_LINKS_ADMIN[3]);
$link_templates->set_var('link_title', htmlspecialchars(stripslashes($A['title'])));
$link_templates->set_var('lang_linkid', $LANG_LINKS_ADMIN[2]);
$link_templates->set_var('lang_linkurl', $LANG_LINKS_ADMIN[4]);
$link_templates->set_var('max_url_length', 255);
$link_templates->set_var('link_url', $A['url']);
$link_templates->set_var('lang_includehttp', $LANG_LINKS_ADMIN[6]);
$link_templates->set_var('lang_category', $LANG_LINKS_ADMIN[5]);
$othercategory = links_select_box(3, $A['cid']);
$link_templates->set_var('category_options', $othercategory);
$link_templates->set_var('lang_ifotherspecify', $LANG_LINKS_ADMIN[20]);
$link_templates->set_var('category', $othercategory);
$link_templates->set_var('lang_linkhits', $LANG_LINKS_ADMIN[8]);
$link_templates->set_var('link_hits', $A['hits']);
$link_templates->set_var('lang_linkdescription', $LANG_LINKS_ADMIN[9]);
$link_templates->set_var('link_description', stripslashes($A['description']));
$allowed = COM_allowedHTML('links.edit') . COM_allowedAutotags();
$link_templates->set_var('lang_allowed_html', $allowed);
$link_templates->set_var('lang_save', $LANG_ADMIN['save']);
$link_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
// user access info
$link_templates->set_var('lang_accessrights', $LANG_ACCESS['accessrights']);
$link_templates->set_var('lang_owner', $LANG_ACCESS['owner']);
$ownername = COM_getDisplayName($A['owner_id']);
//.........這裏部分代碼省略.........
示例3: MG_sendPostCard
function MG_sendPostCard()
{
global $MG_albums, $_MG_CONF, $_CONF, $_TABLES, $_USER, $LANG_MG00, $LANG_MG02, $LANG_MG03, $LANG_ACCESS, $_POST;
global $LANG_DIRECTION, $LANG_CHARSET;
$mid = COM_sanitizeID(COM_applyFilter($_POST['mid'], true));
$toname = COM_applyFilter($_POST['toname']);
$toemail = COM_applyFilter($_POST['toemail']);
$fromname = COM_applyFilter($_POST['fromname']);
$fromemail = COM_applyFilter($_POST['fromemail']);
$subject = strip_tags(COM_checkWords($_POST['subject']));
$message = htmlspecialchars(strip_tags(COM_checkWords($_POST['message'])));
$ccself = isset($_POST['ccself']) ? 1 : 0;
$errCount = 0;
$msg = '';
if (!COM_isEmail($toemail)) {
$errCount++;
}
if (!COM_isEmail($fromemail)) {
$errCount++;
}
if (empty($subject)) {
$errCount++;
}
if (empty($message)) {
$errCount++;
}
$captchaString = isset($_POST['captcha']) ? $_POST['captcha'] : '';
$msg = PLG_itemPreSave('mediagallery', $captchaString);
if ($msg != '') {
$errCount++;
}
if ($errCount > 0) {
return MG_editPostCard('edit', $mid, $msg);
}
$retval = '';
$aid = DB_getItem($_TABLES['mg_media_albums'], 'album_id', 'media_id="' . DB_escapeString($mid) . '"');
if ($MG_albums[$aid]->access == 0 || $MG_albums[$aid]->enable_postcard == 0 || COM_isAnonUser() && $MG_albums[$aid]->enable_postcard != 2) {
$retval = MG_siteHeader();
$retval .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true);
$retval .= MG_siteFooter();
echo $retval;
exit;
}
$sql = "SELECT * FROM {$_TABLES['mg_media_albums']} as ma LEFT JOIN " . $_TABLES['mg_media'] . " as m " . " ON ma.media_id=m.media_id WHERE m.media_id='" . DB_escapeString($mid) . "'";
$result = DB_query($sql);
$nRows = DB_numRows($result);
if ($nRows < 1) {
$retval = MG_siteHeader();
$retval .= COM_showMessageText($LANG_MG00['access_denied_msg'], $LANG_ACCESS['accessdenied'], true);
$retval .= MG_siteFooter();
echo $retval;
exit;
}
$M = DB_fetchArray($result);
// trim the database
$purgeDate = time() - $_MG_CONF['postcard_retention'] * 86400;
DB_query("DELETE FROM {$_TABLES['mg_postcard']} WHERE pc_time < " . $purgeDate);
// save this one in the database
$newsubject = DB_escapeString($subject);
$newmessage = DB_escapeString($message);
$pcId = COM_makesid();
$pc_time = time();
if (COM_isAnonUser()) {
$uid = 1;
} else {
$uid = (int) $_USER['uid'];
}
$sql = "INSERT INTO {$_TABLES['mg_postcard']} (pc_id,mid,to_name,to_email,from_name,from_email,subject,message,pc_time,uid) VALUES ('{$pcId}','" . DB_escapeString($mid) . "','" . DB_escapeString($toname) . "','" . DB_escapeString($toemail) . "','" . DB_escapeString($fromname) . "','" . DB_escapeString($fromemail) . "','{$newsubject}','{$newmessage}',{$pc_time},{$uid})";
$result = DB_query($sql);
if (DB_error()) {
COM_errorLog("Media Gallery: Error saving postcard");
}
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'mgpostcard');
$last = COM_checkSpeedlimit('mgpostcard');
if ($last > 0) {
$msg = sprintf($LANG_MG02['postcard_speedlimit'], $last);
return MG_errorHandler($msg);
}
$alternate_link = $_MG_CONF['site_url'] . '/getcard.php?id=' . $pcId;
// build the template...
$T = new Template(MG_getTemplatePath($aid));
$T->set_file('postcard', 'postcard.thtml');
$media_size = @getimagesize($_MG_CONF['path_mediaobjects'] . 'tn/' . $M['media_filename'][0] . '/' . $M['media_filename'] . '.jpg');
if (empty($LANG_DIRECTION)) {
// default to left-to-right
$direction = 'ltr';
} else {
$direction = $LANG_DIRECTION;
}
if (empty($LANG_CHARSET)) {
$charset = $_CONF['default_charset'];
if (empty($charset)) {
$charset = 'iso-8859-1';
}
} else {
$charset = $LANG_CHARSET;
}
$T->set_var(array('s_form_action' => $_MG_CONF['site_url'] . '/postcard.php', 'direction' => $direction, 'charset' => $charset, 'mid' => $mid, 'media_title' => $M['media_title'], 'alt_media_title' => htmlspecialchars(strip_tags($M['media_title'])), 'media_description' => isset($M['media_description']) ? $M['media_description'] : '', 'media_url' => $_MG_CONF['site_url'] . '/media.php?s=' . $mid, 'media_image' => $_MG_CONF['mediaobjects_url'] . '/disp/' . $M['media_filename'][0] . '/' . $M['media_filename'] . '.jpg', 'site_url' => $_MG_CONF['site_url'] . '/', 'postcard_subject' => $subject, 'postcard_message' => nl2br($message), 'from_email' => $fromemail, 'site_name' => $_CONF['site_name'], 'site_slogan' => $_CONF['site_slogan'], 'to_name' => $toname, 'from_name' => $fromname, 'pc_id' => $pcId, 'lang_to_name' => $LANG_MG03['to_name'], 'lang_to_email' => $LANG_MG03['to_email'], 'lang_from_name' => $LANG_MG03['from_name'], 'lang_from_email' => $LANG_MG03['from_email'], 'lang_subject' => $LANG_MG03['subject'], 'lang_send' => $LANG_MG03['send'], 'lang_cancel' => $LANG_MG03['cancel'], 'lang_preview' => $LANG_MG03['preview'], 'lang_unable_view' => $LANG_MG03['unable_to_view_postcard'], 'lang_postcard_from' => $LANG_MG03['postcard_from'], 'lang_to' => $LANG_MG03['to'], 'lang_from' => $LANG_MG03['from'], 'lang_visit' => $LANG_MG03['visit']));
$T->parse('output', 'postcard');
$retval .= $T->finish($T->get_var('output'));
//.........這裏部分代碼省略.........
示例4: editbanner
/**
* Shows the banner editor
*
* @param string $mode Used to see if we are moderating a banner or simply editing one
* @param string $bid ID of banner to edit
* @global array core config vars
* @global array core group data
* @global array core table data
* @global array core user data
* @global array banner plugin config vars
* @global array banner plugin lang vars
* @global array core lang access vars
* @return string HTML for the banner editor form
*
*/
function editbanner($mode, $bid = '')
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $_BAN_CONF, $_PLUGINS, $LANG_BANNER_ADMIN, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
$retval = '';
$banner_templates = new Template($_CONF['path'] . 'plugins/banner/templates/admin/');
$banner_templates->set_file('editor', 'bannereditor.thtml');
$banner_templates->set_var('xhtml', XHTML);
$banner_templates->set_var('site_url', $_CONF['site_url']);
$banner_templates->set_var('site_admin_url', $_CONF['site_admin_url']);
$banner_templates->set_var('layout_url', $_CONF['layout_url']);
$banner_templates->set_var('lang_pagetitle', $LANG_BANNER_ADMIN[28]);
$banner_templates->set_var('lang_banner_list', $LANG_BANNER_ADMIN[53]);
$banner_templates->set_var('lang_new_banner', $LANG_BANNER_ADMIN[51]);
$banner_templates->set_var('lang_validate_banner', $LANG_BANNER_ADMIN[26]);
$banner_templates->set_var('lang_list_categories', $LANG_BANNER_ADMIN[50]);
$banner_templates->set_var('lang_new_category', $LANG_BANNER_ADMIN[52]);
$banner_templates->set_var('lang_admin_home', $LANG_ADMIN['admin_home']);
$banner_templates->set_var('instructions', $LANG_BANNER_ADMIN[29]);
$fcktoolbar_mg = '';
if (in_array('mediagallery', $_PLUGINS)) {
if (file_exists($_CONF['path_html'] . 'fckeditor/editor/plugins/mediagallery')) {
$fcktoolbar_mg = '-mg';
}
}
$banner_templates->set_var('mg', $fcktoolbar_mg);
if ($mode != 'editsubmission' and !empty($bid)) {
$result = DB_query("SELECT * FROM {$_TABLES['banner']} WHERE bid ='{$bid}'");
if (DB_numRows($result) !== 1) {
$msg = COM_startBlock($LANG_BANNER_ADMIN[24], '', COM_getBlockTemplate('_msg_block', 'header'));
$msg .= $LANG_BANNER_ADMIN[25];
$msg .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
return $msg;
}
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 or $access == 2) {
$retval .= COM_startBlock($LANG_BANNER_ADMIN[16], '', COM_getBlockTemplate('_msg_block', 'header'));
$retval .= $LANG_BANNER_ADMIN[17];
$retval .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit banner {$bid}.");
return $retval;
}
} else {
if ($mode == 'editsubmission') {
$result = DB_query("SELECT * FROM {$_TABLES['bannersubmission']} WHERE bid = '{$bid}'");
$A = DB_fetchArray($result);
} else {
$A['bid'] = COM_makesid();
$A['cid'] = '';
$A['url'] = '';
$A['description'] = '';
$A['title'] = '';
$A['publishstart'] = '';
$A['publishend'] = '';
$A['owner_id'] = $_USER['uid'];
}
$A['hits'] = 0;
if (isset($_GROUPS['Banner Admin'])) {
$A['group_id'] = $_GROUPS['Banner Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('banner.edit');
}
SEC_setDefaultPermissions($A, $_BAN_CONF['default_permissions']);
$access = 3;
}
$retval .= COM_startBlock($LANG_BANNER_ADMIN[1], '', COM_getBlockTemplate('_admin_block', 'header'));
$banner_templates->set_var('banner_id', $A['bid']);
if (!empty($bid) && SEC_hasRights('banner.edit')) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="mode"%s' . XHTML . '>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$banner_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$banner_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
if ($mode == 'editsubmission') {
$banner_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"' . XHTML . '>');
}
}
$banner_templates->set_var('lang_bannertitle', $LANG_BANNER_ADMIN[3]);
$banner_templates->set_var('banner_title', htmlspecialchars(stripslashes($A['title'])));
$banner_templates->set_var('lang_bannerid', $LANG_BANNER_ADMIN[2]);
$banner_templates->set_var('lang_bannerurl', $LANG_BANNER_ADMIN[4]);
$banner_templates->set_var('max_url_length', 255);
$banner_templates->set_var('banner_url', $A['url']);
$banner_templates->set_var('lang_includehttp', $LANG_BANNER_ADMIN[6]);
$banner_templates->set_var('lang_category', $LANG_BANNER_ADMIN[5]);
$othercategory = banner_select_box(3, $A['cid']);
//.........這裏部分代碼省略.........
示例5: storyeditor
//.........這裏部分代碼省略.........
}
}
if ($_CONF['wikitext_editor']) {
$postmode_list .= ',wikitext';
if ($story->EditElements('postmode') == 'wikitext') {
$post_options .= '<option value="wikitext" selected="selected">' . $LANG24[88] . '</option>';
} else {
$post_options .= '<option value="wikitext">' . $LANG24[88] . '</option>';
}
}
$story_templates->set_var('post_options', $post_options);
$postmode_array = explode(',', $postmode_list);
$allowed_html = '';
foreach ($postmode_array as $pm) {
$allowed_html .= COM_allowedHTML('story.edit', false, 1, $pm);
}
$allowed_tags = array('code', 'raw');
if ($_CONF['allow_page_breaks'] == 1) {
$allowed_tags = array_merge($allowed_tags, array('page_break'));
}
$allowed_html .= COM_allowedAutotags(false, $allowed_tags);
$story_templates->set_var('lang_allowed_html', $allowed_html);
$fileinputs = '';
$saved_images = '';
if ($_CONF['maximagesperarticle'] > 0) {
$story_templates->set_var('lang_images', $LANG24[47]);
$icount = DB_count($_TABLES['article_images'], 'ai_sid', $story->getSid());
if ($icount > 0) {
$result_articles = DB_query("SELECT * FROM {$_TABLES['article_images']} WHERE ai_sid = '" . $story->getSid() . "'");
for ($z = 1; $z <= $icount; $z++) {
$I = DB_fetchArray($result_articles);
$saved_images .= $z . ') ' . COM_createLink($I['ai_filename'], $_CONF['site_url'] . '/images/articles/' . $I['ai_filename']) . ' ' . $LANG_ADMIN['delete'] . ': <input type="checkbox" name="delete[' . $I['ai_img_num'] . ']"' . XHTML . '><br' . XHTML . '>';
}
}
$newallowed = $_CONF['maximagesperarticle'] - $icount;
for ($z = $icount + 1; $z <= $_CONF['maximagesperarticle']; $z++) {
$fileinputs .= $z . ') <input type="file" dir="ltr" name="file' . $z . '"' . XHTML . '>';
if ($z < $_CONF['maximagesperarticle']) {
$fileinputs .= '<br' . XHTML . '>';
}
}
$fileinputs .= '<br' . XHTML . '>' . $LANG24[51];
if ($_CONF['allow_user_scaling'] == 1) {
$fileinputs .= $LANG24[27];
}
$fileinputs .= $LANG24[28] . '<br' . XHTML . '>';
}
// Add JavaScript
$_SCRIPTS->setJavaScriptFile('story_editor', '/javascript/story_editor.js');
if ($_CONF['titletoid']) {
$_SCRIPTS->setJavaScriptFile('title_2_id', '/javascript/title_2_id.js');
$story_templates->set_var('titletoid', true);
}
$_SCRIPTS->setJavaScriptFile('postmode_control', '/javascript/postmode_control.js');
// Loads jQuery UI datepicker and timepicker-addon
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.slider');
// $_SCRIPTS->setJavaScriptLibrary('jquery.ui.button');
$_SCRIPTS->setJavaScriptLibrary('jquery.ui.datepicker');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-i18n');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon');
$_SCRIPTS->setJavaScriptLibrary('jquery-ui-timepicker-addon-i18n');
// $_SCRIPTS->setJavaScriptLibrary('jquery-ui-slideraccess');
$_SCRIPTS->setJavaScriptFile('datetimepicker', '/javascript/datetimepicker.js');
$langCode = COM_getLangIso639Code();
$toolTip = $MESSAGE[118];
$imgUrl = $_CONF['site_url'] . '/images/calendar.png';
$_SCRIPTS->setJavaScript("jQuery(function () {" . " geeklog.hour_mode = {$_CONF['hour_mode']};" . " geeklog.datetimepicker.set('publish', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('expire', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . " geeklog.datetimepicker.set('cmt_close', '{$langCode}', '{$toolTip}', '{$imgUrl}');" . "});", TRUE, TRUE);
// Setup Advanced Editor
COM_setupAdvancedEditor('/javascript/storyeditor_adveditor.js');
$story_templates->set_var('saved_images', $saved_images);
$story_templates->set_var('image_form_elements', $fileinputs);
$story_templates->set_var('lang_hits', $LANG24[18]);
$story_templates->set_var('story_hits', $story->EditElements('hits'));
$story_templates->set_var('lang_comments', $LANG24[19]);
$story_templates->set_var('story_comments', $story->EditElements('comments'));
$story_templates->set_var('lang_trackbacks', $LANG24[29]);
$story_templates->set_var('story_trackbacks', $story->EditElements('trackbacks'));
$story_templates->set_var('lang_emails', $LANG24[39]);
$story_templates->set_var('story_emails', $story->EditElements('numemails'));
if ($mode == 'clone') {
$story_templates->set_var('story_id', COM_makesid());
} else {
$story_templates->set_var('story_id', $story->getSid());
$story_templates->set_var('old_story_id', $story->EditElements('originalSid'));
}
$story_templates->set_var('lang_sid', $LANG24[12]);
$story_templates->set_var('lang_save', $LANG_ADMIN['save']);
$story_templates->set_var('lang_preview', $LANG_ADMIN['preview']);
$story_templates->set_var('lang_cancel', $LANG_ADMIN['cancel']);
$story_templates->set_var('lang_delete', $LANG_ADMIN['delete']);
$story_templates->set_var('gltoken_name', CSRF_TOKEN);
$token = SEC_createToken();
$story_templates->set_var('gltoken', $token);
$story_templates->parse('output', 'editor');
$display .= COM_startBlock($LANG24[5], '', COM_getBlockTemplate('_admin_block', 'header'));
$display .= SEC_getTokenExpiryNotice($token, $LANG24[91]);
$display .= $story_templates->finish($story_templates->get_var('output'));
$display .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
return $display;
}
示例6: _unique_id
/**
* Return unique id
* @param string $extra additional entropy
*/
function _unique_id($extra = 'c')
{
static $dss_seeded = false;
global $_SYSTEM;
$rand_seed = COM_makesid();
$val = $rand_seed . microtime();
$val = md5($val);
$rand_seed = md5($rand_seed . $val . $extra);
return substr($val, 4, 16);
}
示例7: PAGE_edit
/**
* Displays the Static Page Editor
*
* @sp_id string ID of static page to edit
* @action string action (edit, clone or null)
* @editor string editor to use
*
*/
function PAGE_edit($sp_id, $action = '', $editor = '')
{
global $_CONF, $_SP_CONF, $_TABLES, $_USER, $LANG_STATIC;
if (!empty($sp_id) && $action == 'edit') {
$result = DB_query("SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate FROM {$_TABLES['staticpage']} WHERE sp_id = '{$sp_id}'" . COM_getPermSQL('AND', 0, 3));
$A = DB_fetchArray($result);
$A['sp_old_id'] = $A['sp_id'];
// // sp_old_id is not null, this is an existing page
} elseif ($action == 'edit') {
// we're creating a new staticpage, set default values
$A['sp_id'] = COM_makesid();
// make a default new/unique staticpage ID based upon the datetime
$A['sp_status'] = $_SP_CONF['status_flag'];
$A['sp_uid'] = $_USER['uid'];
// created by current user
$A['unixdate'] = time();
// date/time created
$A['sp_help'] = '';
// no help URL
$A['sp_old_id'] = '';
// sp_old_id is null, this is a new page
$A['commentcode'] = $_SP_CONF['comment_code'];
$A['sp_where'] = 1;
// top of page
$A['sp_search'] = $_SP_CONF['include_search'];
} elseif (!empty($sp_id) && $action == 'clone') {
// we're creating a new staticpage based upon an old one. get the page to be cloned
$result = DB_query("SELECT *,UNIX_TIMESTAMP(sp_date) AS unixdate FROM {$_TABLES['staticpage']} WHERE sp_id = '{$sp_id}'" . COM_getPermSQL('AND', 0, 2));
$A = DB_fetchArray($result);
// override old page values with values unique to this page
$A['sp_id'] = COM_makesid();
// make a default new/unique staticpage ID based upon the datetime
$sp_id = $A['sp_id'];
// to ensure value displayed in field reflects updated value
$sp_title = $A['sp_title'] . ' (' . $LANG_STATIC['copy'] . ')';
$A['sp_title'] = $sp_title;
// indicate in title that this is a cloned page
$A['sp_uid'] = $_USER['uid'];
// created by current user
$A['unixdate'] = time();
// date/time created
$A['sp_hits'] = 0;
// reset page hits
$A['sp_old_id'] = '';
// sp_old_id is null, this is a new page
} else {
$A = $_POST;
if (empty($A['unixdate'])) {
$A['unixdate'] = time();
// update date and time
}
$A['sp_content'] = COM_checkHTML(COM_checkWords($A['sp_content']));
}
if (isset($A['sp_title'])) {
$A['sp_title'] = strip_tags($A['sp_title']);
}
$A['editor'] = $editor;
return PAGE_form($A);
}
示例8: Save
/**
* Save the current values to the database.
* Appends error messages to the $Errors property.
*
* The $forceNew parameter is a hack to force this record to be saved
* as a new record even if it already has an ID. This is only to
* handle events imported from the Calendar plugin.
*
* @param array $A Optional array of values from $_POST
* @param string $table Table name (submission or production)
* @param boolean $forceNew Hack to force this record to be "new"
* @return boolean True if no errors, False otherwise
*/
public function Save($A = '', $table = 'evlist_submissions', $forceNew = false)
{
global $_TABLES, $LANG_EVLIST, $_EV_CONF, $_USER, $_CONF;
// This is a bit of a hack, but we're going to save the old schedule
// first before changing our own values. This is done so that we
// can determine whether we have to update the repeats table, and
// is only relevant for an existing record.
if (!$this->isNew) {
$this->old_schedule = array('date_start1' => $this->date_start1, 'date_end1' => $this->date_end1, 'time_start1' => $this->time_start1, 'time_end1' => $this->time_end1, 'time_start2' => $this->time_start2, 'time_end2' => $this->time_end2, 'allday' => $this->allday, 'recurring' => $this->recurring, 'rec_data' => $this->rec_data);
} else {
// submit privilege required to submit new events
if (!$this->isSubmitter) {
return false;
}
$this->old_schedule = array();
}
// Now we can update our main record with the new info
if (is_array($A)) {
$this->SetVars($A);
$this->MakeRecData();
}
if (isset($A['eid']) && !empty($A['eid']) && !$forceNew) {
$this->isNew = false;
$oldid = COM_sanitizeID($A['eid']);
}
// Authorized to bypass the queue
if ($this->isAdmin) {
$table = 'evlist_events';
}
$this->table = $table;
if ($this->id == '') {
// If we allow users to create IDs, this could happen
$this->id = COM_makesid();
}
$ev_id_DB = DB_escapeString($this->id);
// Used often, sanitize now
// Insert or update the record, as appropriate
if (!$this->isNew) {
// Existing event, we already have a Detail object instantiated
$this->Detail->SetVars($A);
$this->Detail->ev_id = $this->id;
if (!$this->isValidRecord()) {
return $this->PrintErrors();
}
// Delete the category lookups
DB_delete($_TABLES['evlist_lookup'], 'eid', $this->id);
// Save the main event record
$sql1 = "UPDATE {$_TABLES[$this->table]} SET ";
$sql2 = "WHERE id='{$ev_id_DB}'";
// Save the new detail record & get the ID
$this->det_id = $this->Detail->Save();
// Quit now if the detail record failed
if ($this->det_id == 0) {
return false;
}
// Determine if the schedule has changed so that we need to
// update the repeat tables. If we do, any customizations will
// be lost.
if ($this->NeedRepeatUpdate($A)) {
if ($this->old_schedule['recurring'] || $this->recurring) {
// If this was, or is now, a recurring event then clear
// out the repeats and update with new ones.
// First, delete all detail records except the master
DB_query("DELETE FROM {$_TABLES['evlist_detail']}\n WHERE ev_id = '{$this->id}'\n AND det_id <> '{$this->det_id}'");
// This function sets the rec_data value.
$this->UpdateRepeats();
} else {
// this is a one-time event, update the existing instance
$sql = "UPDATE {$_TABLES['evlist_repeat']} SET\n rp_date_start = '{$this->date_start1}',\n rp_date_end = '{$this->date_end1}',\n rp_time_start1 = '{$this->time_start1}',\n rp_time_end1 = '{$this->time_end1}',\n rp_time_start2 = '{$this->time_start2}',\n rp_time_end2 = '{$this->time_end2}'\n WHERE rp_ev_id = '{$this->id}'";
DB_query($sql, 1);
}
}
} else {
// New event
if (!$this->isAdmin) {
// Override any submitted permissions if user is not an admin
$this->perm_owner = $_EV_CONF['default_permissions'][0];
$this->perm_group = $_EV_CONF['default_permissions'][1];
$this->perm_members = $_EV_CONF['default_permissions'][2];
$this->perm_anon = $_EV_CONF['default_permissions'][3];
// Set the group_id to the default
$this->group_id = (int) DB_getItem($_TABLES['groups'], 'grp_id', 'grp_name="evList Admin"');
// Set the owner to the submitter
$this->owner_id = (int) $_USER['uid'];
}
// Create a detail record
$this->Detail = new evDetail();
//.........這裏部分代碼省略.........
示例9: CALENDAR_edit
/**
* Shows event editor
*
* @param string $action action we are performing: 'edit', 'clone' or 'moderate'
* @param array $A array holding the event's details
* @param string $msg an optional error message to display
* @return string HTML for event editor or error message
*
*/
function CALENDAR_edit($action, $A, $msg = '')
{
global $_CONF, $_USER, $_GROUPS, $_TABLES, $_USER, $_CA_CONF, $LANG_CAL_1, $LANG_CAL_ADMIN, $LANG10, $LANG12, $LANG_ACCESS, $LANG_ADMIN, $MESSAGE;
USES_lib_admin();
$retval = '';
$menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/plugins/calendar/index.php', 'text' => $LANG_CAL_ADMIN[40]), array('url' => $_CONF['site_admin_url'] . '/moderation.php', 'text' => $LANG_ADMIN['submissions']), array('url' => $_CONF['site_admin_url'] . '/plugins/calendar/index.php?batchadmin=x', 'text' => $LANG_CAL_ADMIN[38]), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
switch ($action) {
case 'edit':
case 'clone':
$blocktitle = $LANG_CAL_ADMIN[1];
// Event Editor
$saveoption = $LANG_ADMIN['save'];
// Save
break;
case 'moderate':
$blocktitle = $LANG_CAL_ADMIN[37];
// Moderate Event
$saveoption = $LANG_ADMIN['moderate'];
// Save & Approve
break;
}
if (!empty($msg)) {
$retval .= COM_showMessageText($msg, $LANG_CAL_ADMIN[2], true);
}
$event_templates = new Template($_CONF['path'] . 'plugins/calendar/templates/admin');
$event_templates->set_file('editor', 'eventeditor.thtml');
$event_templates->set_var('lang_allowed_html', COM_allowedHTML(SEC_getUserPermissions(), false, 'calendar', 'description'));
$event_templates->set_var('lang_postmode', $LANG_CAL_ADMIN[3]);
if (!isset($A['perm_owner'])) {
$A['perm_owner'][0] = "0";
}
if (!isset($A['perm_group'])) {
$A['perm_group'][0] = "0";
}
if (!isset($A['perm_members'])) {
$A['perm_members'][0] = "0";
}
if (!isset($A['perm_anon'])) {
$A['perm_anon'][0] = "0";
}
if ($action != 'moderate' and !empty($A['eid'])) {
// Get what level of access user has to this object
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
if ($access == 0 or $access == 2) {
// Uh, oh! User doesn't have access to this object
$retval .= COM_showMessageText($LANG_CAL_ADMIN[17], $LANG_ACCESS['accessdenied'], true);
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit event {$eid}.");
return $retval;
}
} else {
if (!isset($A['owner_id']) || $A['owner_id'] == '') {
$A['owner_id'] = $_USER['uid'];
}
if (isset($_GROUPS['Calendar Admin'])) {
$A['group_id'] = $_GROUPS['Calendar Admin'];
} else {
$A['group_id'] = SEC_getFeatureGroup('calendar.edit');
}
SEC_setDefaultPermissions($A, $_CA_CONF['default_permissions']);
$access = 3;
}
if ($action == 'moderate') {
$event_templates->set_var('post_options', COM_optionList($_TABLES['postmodes'], 'code,name', 'plaintext'));
} else {
if (!isset($A['postmode'])) {
$A['postmode'] = $_CONF['postmode'];
}
$event_templates->set_var('post_options', COM_optionList($_TABLES['postmodes'], 'code,name', $A['postmode']));
}
$retval .= COM_startBlock($blocktitle, '', COM_getBlockTemplate('_admin_block', 'header'));
$retval .= ADMIN_createMenu($menu_arr, $LANG_CAL_ADMIN[41], plugin_geticon_calendar());
if (!empty($A['eid'])) {
$delbutton = '<input type="submit" value="' . $LANG_ADMIN['delete'] . '" name="delete"%s/>';
$jsconfirm = ' onclick="return confirm(\'' . $MESSAGE[76] . '\');"';
$event_templates->set_var('lang_delete_confirm', $MESSAGE[76]);
$event_templates->set_var('delete_option', sprintf($delbutton, $jsconfirm));
$event_templates->set_var('delete_option_no_confirmation', sprintf($delbutton, ''));
if ($action == 'moderate') {
$event_templates->set_var('submission_option', '<input type="hidden" name="type" value="submission"/>');
}
} else {
// new event
$A['eid'] = COM_makesid();
$A['status'] = 1;
$A['title'] = '';
$A['description'] = '';
$A['url'] = '';
$A['hits'] = 0;
// in case a start date/time has been passed from the calendar,
// pick it up for the end date/time
if (empty($A['dateend'])) {
//.........這裏部分代碼省略.........
示例10: MAPS_importCSV
function MAPS_importCSV($FILES = '', $map_id, $separator = ';', $fields, $valid = false, $filename = '')
{
global $_CONF, $_TABLES, $LANG24, $LANG_MAPS_1, $_USER;
if ($map_id == '') {
return MAPS_message('Map ID is missing');
}
if (!in_array($separator, array(',', 'tab', ';'))) {
echo COM_refresh($_CONF['site_admin_url'] . '/plugins/maps/import_export.php');
exit;
}
if ($valid == false) {
// OK, let's upload csv file
require_once $_CONF['path_system'] . 'classes/upload.class.php';
$upload = new upload();
//Debug with story debug function
if (isset($_CONF['debug_image_upload']) && $_CONF['debug_image_upload']) {
$upload->setLogFile($_CONF['path'] . 'logs/error.log');
$upload->setDebug(true);
}
$upload->setMaxFileUploads(1);
$upload->setAllowedMimeTypes(array('text/csv' => '.csv', 'text/comma-separated-values' => '.csv', 'application/vnd.ms-excel' => '.csv'));
if (!$upload->setPath($_CONF['path_data'])) {
$output = COM_siteHeader('menu', $LANG24[30]);
$output .= COM_startBlock($LANG24[30], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $upload->printErrors(false);
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= COM_siteFooter();
echo $output;
exit;
}
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$curfile = current($FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filename = 'import_markers_' . COM_makesid() . '.' . $fextension;
}
if ($filename == '') {
return MAPS_message('Houston, we have a problem.');
}
$upload->setFileNames($filename);
reset($FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$msg = $upload->printErrors(false);
return MAPS_message($msg, $LANG24[30]);
}
$retval = '<p>' . $LANG_MAPS_1['markers_to_add'] . ' ' . DB_getItem($_TABLES['maps_maps'], 'name', "mid={$map_id}") . '</p><ul>';
} else {
$retval = '<p>' . $LANG_MAPS_1['markers_added'] . ' ' . DB_getItem($_TABLES['maps_maps'], 'name', "mid={$map_id}") . '</p><ul>';
}
//open file and record markers
$row = 1;
$marker = array();
$valid_fields = MAPS_getFieldsImportExport();
if (($handle = fopen($_CONF['path_data'] . $filename, "r")) !== FALSE) {
if ($separator == 'tab') {
$separator = "\t";
}
$iteration = 0;
while (($field_read = fgetcsv($handle, 0, $separator)) !== FALSE) {
$iteration++;
for ($i = 27; $i > -1; $i = $i - 1) {
if ($fields[$i] == $valid_fields[$i]) {
$marker[$i] = $field_read[$i];
} else {
if (!isset($marker[$i])) {
$marker[$i] = '';
}
while ($position = current($valid_fields)) {
if ($position == $fields[$i]) {
$key = key($valid_fields);
$marker[$key] = $field_read[$i];
}
next($valid_fields);
}
reset($valid_fields);
}
}
if ($marker[3] == '') {
ksort($marker);
$retval = '<table style="margin:20px;" border="1">';
foreach ($marker as $key => $val) {
$retval .= "<tr><td><font size=2>" . $key . "</td><td><font size=2>" . $val . "</td></tr>";
}
$retval .= "</table>";
return MAPS_message($LANG_MAPS_1['name_missing'] . ' | Line: ' . $iteration . $retval);
}
if ($marker[0] == '' && $marker[1] == '') {
return MAPS_message($LANG_MAPS_1['need_address']);
}
if ($valid == false) {
$retval .= '<li>#' . $iteration . ' Name: ' . $marker[3] . '<br' . XHTML . '>Address: ' . $marker[0] . '<br' . XHTML . '>Lat: ' . $marker[1] . ' | Lng: ' . $marker[2] . '<br' . XHTML . '>Description: ' . $marker[4] . '<br' . XHTML . '>mk_default: ' . $marker[5] . ' | mk_pcolor: ' . $marker[6] . ' | mk_scolor: ' . $marker[7] . ' | mk_label: ' . $marker[8] . ' | mk_label_color: ' . $marker[9] . '<br' . XHTML . '>street: ' . $marker[10] . '<br' . XHTML . '>code: ' . $marker[11] . ' | city: ' . $marker[12] . '<br' . XHTML . '>state: ' . $marker[13] . ' | country: ' . $marker[14] . '<br' . XHTML . '>tel: ' . $marker[15] . ' | fax: ' . $marker[16] . '<br' . XHTML . '>web: ' . $marker[17] . '<br' . XHTML . '>item_1: ' . $marker[18] . ' | item_2: ' . $marker[19] . ' | item_3: ' . $marker[20] . ' | item_4: ' . $marker[21] . ' | item_5: ' . $marker[22] . ' | item_6: ' . $marker[23] . ' | item_7: ' . $marker[24] . ' | item_8: ' . $marker[25] . ' | item_9: ' . $marker[26] . ' | item_10: |' . $marker[27] . '<br' . XHTML . '>Map id: ' . $map_id . ' | ' . 'Owner id: ' . $_USER['uid'] . '<br' . XHTML . '> ';
} else {
ksort($marker);
$markers = '';
foreach ($marker as $key => $value) {
if ($key != 0) {
$markers .= ",";
//.........這裏部分代碼省略.........
示例11: _createID
/**
* Create session id
*
* Creates session id
*
* @return string Session ID
*
*/
function _createID()
{
global $_SYSTEM;
$rand_seed = COM_makesid();
$val = $rand_seed . microtime();
$val = md5($val);
$rand_seed = md5($rand_seed . $val);
$id = substr($val, 3, 18);
return $id;
}
示例12: _MG_getFile
function _MG_getFile($filename, $file, $albums, $caption = '', $description = '', $upload = 1, $purgefiles = 0, $filetype, $atttn, $thumbnail, $keywords = '', $category = 0, $dnc = 0, $replace = 0, $userid)
{
global $MG_albums, $_CONF, $_MG_CONF, $_USER, $_TABLES, $LANG_MG00, $LANG_MG01, $LANG_MG02, $new_media_id;
$artist = '';
$musicAlbum = '';
$genre = '';
$video_attached_thumbnail = 0;
$successfulWatermark = 0;
$dnc = 1;
$errors = 0;
$errMsg = '';
clearstatcache();
if (!file_exists($filename)) {
$errMsg = $LANG_MG02['upload_not_found'];
return array(false, $errMsg);
}
clearstatcache();
if (!is_readable($filename)) {
$errMsg = $LANG_MG02['upload_not_readable'];
return array(false, $errMsg);
}
// make sure we have the proper permissions to upload to this album....
if (!isset($MG_albums[$albums]->id)) {
$errMsg = $LANG_MG02['album_nonexist'];
// "Album does not exist, unable to process uploads";
return array(false, $errMsg);
}
sleep(1);
// We do this to make sure we don't get dupe sid's
/*
* The following section of code will generate a unique name for a temporary
* file and copy the uploaded file to the Media Gallery temp directory.
* We do this to prevent any SAFE MODE issues when we later open the
* file to determine the mime type.
*/
if (empty($_USER['username']) || $_USER['username'] == '') {
$_USER['username'] = 'guestuser';
}
$tmpPath = $_MG_CONF['tmp_path'] . '/' . $_USER['username'] . COM_makesid() . '.tmp';
if ($upload) {
$rc = @move_uploaded_file($filename, $tmpPath);
} else {
$rc = @copy($filename, $tmpPath);
$importSource = $filename;
}
if ($rc != 1) {
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
@unlink($tmpPath);
return array(false, $errMsg);
}
$filename = $tmpPath;
if ($replace > 0) {
$new_media_id = $replace;
} else {
$new_media_id = COM_makesid();
}
$media_time = time();
$media_upload_time = time();
$media_user_id = $userid;
$mimeInfo = IMG_getMediaMetaData($filename);
$mimeExt = strtolower(substr(strrchr($file, "."), 1));
$mimeInfo['type'] = $mimeExt;
if (!isset($mimeInfo['mime_type']) || $mimeInfo['mime_type'] == '') {
$mimeInfo['mime_type'] = $filetype;
}
$gotTN = 0;
if (isset($mimeInfo['id3v2']['APIC'][0]['mime']) && $mimeInfo['id3v2']['APIC'][0]['mime'] == 'image/jpeg') {
$mp3AttachdedThumbnail = $mimeInfo['id3v2']['APIC'][0]['data'];
$gotTN = 1;
}
if ($mimeExt == '' || $mimeInfo['mime_type'] == 'application/octet-stream' || $mimeInfo['mime_type'] == '') {
// assume format based on file upload info...
switch ($filetype) {
case 'audio/mpeg':
$mimeInfo['type'] = 'mp3';
$mimeInfo['mime_type'] = 'audio/mpeg';
$mimeExt = 'mp3';
break;
case 'image/tga':
$mimeInfo['type'] = 'tga';
$mimeInfo['mime_type'] = 'image/tga';
$mimeExt = 'tga';
break;
case 'image/psd':
$mimeInfo['type'] = 'psd';
$mimeInfo['mime_type'] = 'image/psd';
$mimeExt = 'psd';
break;
case 'image/gif':
$mimeInfo['type'] = 'gif';
$mimeInfo['mime_type'] = 'image/gif';
$mimeExt = 'gif';
break;
case 'image/jpeg':
case 'image/jpg':
$mimeInfo['type'] = 'jpg';
$mimeInfo['mime_type'] = 'image/jpeg';
$mimeExt = 'jpg';
break;
//.........這裏部分代碼省略.........
示例13: loadFromDatabase
/**
* Load a Story object from the sid specified, returning a status result.
* The result will either be a permission denied message, invalid SID
* message, or a loaded ok message. If it's loaded ok, then we've got all
* the exciting gubbins here.
* Only used from story admin and submit.php!
*
* @param string $sid Story Identifier, valid geeklog story id from the db.
* @param string $mode 'edit'|'view'|'clone'|'editsubmission'
* @return int from a constant.
*/
public function loadFromDatabase($sid, $mode = 'edit')
{
global $_TABLES, $_CONF, $_USER, $topic;
$sid = DB_escapeString(COM_applyFilter($sid));
$sql = array();
if (!empty($sid) && ($mode === 'edit' || $mode === 'view' || $mode === 'clone')) {
if (empty($topic)) {
$topic_sql = ' AND ta.tdefault = 1';
} else {
$topic_sql = " AND ta.tid = '{$topic}'";
}
/* Original
$sql['mysql'] = "SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, UNIX_TIMESTAMP(s.expire) AS expireunix, UNIX_TIMESTAMP(s.comment_expire) AS cmt_expire_unix, "
. "u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t " . "WHERE (s.uid = u.uid) AND (s.tid = t.tid) AND (sid = '$sid')";
*/
$sql['mysql'] = "SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, UNIX_TIMESTAMP(s.expire) AS expireunix, UNIX_TIMESTAMP(s.comment_expire) AS cmt_expire_unix, u.username, u.fullname, u.photo, u.email, t.tid, t.topic, t.imageurl\n FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t, {$_TABLES['topic_assignments']} AS ta\n WHERE ta.type = 'article' AND ta.id = sid {$topic_sql} AND (s.uid = u.uid) AND (ta.tid = t.tid) AND (sid = '{$sid}')";
$sql['pgsql'] = "SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, UNIX_TIMESTAMP(s.expire) as expireunix, UNIX_TIMESTAMP(s.comment_expire) as cmt_expire_unix, u.username, u.fullname, u.photo, u.email, t.tid, t.topic, t.imageurl\n FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t, {$_TABLES['topic_assignments']} AS ta\n WHERE ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 AND (s.uid = u.uid) AND (ta.tid = t.tid) AND (sid = '{$sid}')";
} elseif (!empty($sid) && $mode === 'editsubmission') {
/* Original
$sql['mysql'] = 'SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, '
. 'u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl, t.group_id, ' . 't.perm_owner, t.perm_group, t.perm_members, t.perm_anon ' . 'FROM ' . $_TABLES['storysubmission'] . ' AS s, ' . $_TABLES['users'] . ' AS u, ' . $_TABLES['topics'] . ' AS t WHERE (s.uid = u.uid) AND' . ' (s.tid = t.tid) AND (sid = \'' . $sid . '\')';
$sql['pgsql'] = 'SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, '
. 'u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl, t.group_id, ' . 't.perm_owner, t.perm_group, t.perm_members, t.perm_anon ' . 'FROM ' . $_TABLES['storysubmission'] . ' AS s, ' . $_TABLES['users'] . ' AS u, ' . $_TABLES['topics'] . ' AS t WHERE (s.uid = u.uid) AND' . ' (s.tid = t.tid) AND (sid = \'' . $sid . '\')';
*/
$sql['mysql'] = "SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, u.username, u.fullname, u.photo, u.email, t.tid, t.topic, t.imageurl, t.group_id, t.perm_owner, t.perm_group, t.perm_members, t.perm_anon\n FROM {$_TABLES['storysubmission']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t, {$_TABLES['topic_assignments']} AS ta\n WHERE (s.uid = u.uid) AND (ta.tid = t.tid) AND (sid = '{$sid}')\n AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1";
$sql['pgsql'] = "SELECT s.*, UNIX_TIMESTAMP(s.date) AS unixdate, u.username, u.fullname, u.photo, u.email, t.tid, t.topic, t.imageurl, t.group_id, t.perm_owner, t.perm_group, t.perm_members, t.perm_anon\n FROM {$_TABLES['storysubmission']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t, {$_TABLES['topic_assignments']} AS ta\n WHERE (s.uid = u.uid) AND (ta.tid = t.tid) AND (sid = '{$sid}')\n AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1";
} elseif ($mode === 'edit') {
$this->_sid = COM_makesid();
$this->_old_sid = $this->_sid;
if (isset($_CONF['draft_flag'])) {
$this->_draft_flag = $_CONF['draft_flag'];
} else {
$this->_draft_flag = 0;
}
if (isset($_CONF['show_topic_icon'])) {
$this->_show_topic_icon = $_CONF['show_topic_icon'];
} else {
$this->_show_topic_icon = 1;
}
if (isset($_CONF['default_cache_time_article'])) {
$this->_cache_time = $_CONF['default_cache_time_article'];
} else {
$this->_cache_time = 0;
}
if (COM_isAnonUser()) {
$this->_uid = 1;
} else {
$this->_uid = $_USER['uid'];
}
$this->_date = $this->_expire = time();
if ($_CONF['article_comment_close_enabled']) {
$this->_comment_expire = time() + $_CONF['article_comment_close_days'] * 86400;
} else {
$this->_comment_expire = 0;
}
$this->_commentcode = $_CONF['comment_code'];
$this->_trackbackcode = $_CONF['trackback_code'];
$this->_title = '';
$this->_page_title = '';
$this->_meta_description = '';
$this->_meta_keywords = '';
$this->_introtext = '';
$this->_bodytext = '';
if (isset($_CONF['frontpage'])) {
$this->_frontpage = $_CONF['frontpage'];
} else {
$this->_frontpage = 1;
}
$this->_text_version = GLTEXT_LATEST_VERSION;
$this->_hits = 0;
$this->_comments = 0;
$this->_trackbacks = 0;
$this->_numemails = 0;
if ($_CONF['advanced_editor'] && $_USER['advanced_editor'] && $_CONF['postmode'] !== 'plaintext' && $_CONF['postmode'] !== 'wikitext') {
$this->_advanced_editor_mode = 1;
$this->_postmode = 'adveditor';
} else {
$this->_postmode = $_CONF['postmode'];
$this->_advanced_editor_mode = 0;
}
$this->_statuscode = 0;
$this->_featured = 0;
$this->_cache_time = $_CONF['default_cache_time_article'];
if (COM_isAnonUser()) {
$this->_owner_id = 1;
} else {
$this->_owner_id = $_USER['uid'];
}
if (isset($_GROUPS['Story Admin'])) {
//.........這裏部分代碼省略.........
示例14: loadFromDatabase
/**
* Load a Story object from the sid specified, returning a status result.
* The result will either be a permission denied message, invalid SID
* message, or a loaded ok message. If it's loaded ok, then we've got all
* the exciting gubbins here.
*
* Only used from story admin and submit.php!
*
* @param $sid string Story Identifier, valid glFusion story id from the db.
* @return Integer from a constant.
*/
function loadFromDatabase($sid, $mode = 'edit')
{
global $_TABLES, $_CONF, $_USER, $_GROUPS;
$dtPublish = new Date('now', $_USER['tzid']);
$dtExpire = new Date('now', $_USER['tzid']);
$dtCmtclose = new Date('now', $_USER['tzid']);
$sid = DB_escapeString(COM_applyFilter($sid));
if (!empty($sid) && ($mode == 'edit' || $mode == 'view' || $mode == 'clone')) {
$sql = "SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, UNIX_TIMESTAMP(s.expire) as expireunix, UNIX_TIMESTAMP(s.comment_expire) as cmt_expire_unix, " . "u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl " . "FROM {$_TABLES['stories']} AS s, {$_TABLES['users']} AS u, {$_TABLES['topics']} AS t " . "WHERE (s.uid = u.uid) AND (s.tid = t.tid) AND (sid = '{$sid}')";
} elseif (!empty($sid) && $mode == 'moderate') {
$sql = 'SELECT STRAIGHT_JOIN s.*, UNIX_TIMESTAMP(s.date) AS unixdate, ' . 'u.username, u.fullname, u.photo, u.email, t.topic, t.imageurl, t.group_id, ' . 't.perm_owner, t.perm_group, t.perm_members, t.perm_anon ' . 'FROM ' . $_TABLES['storysubmission'] . ' AS s, ' . $_TABLES['users'] . ' AS u, ' . $_TABLES['topics'] . ' AS t WHERE (s.uid = u.uid) AND' . ' (s.tid = t.tid) AND (sid = \'' . $sid . '\')';
} elseif ($mode == 'edit') {
$this->_sid = COM_makesid();
$this->_old_sid = $this->_sid;
if (isset($_CONF['draft_flag'])) {
$this->_draft_flag = $_CONF['draft_flag'];
} else {
$this->_draft_flag = 0;
}
if (isset($_CONF['show_topic_icon'])) {
$this->_show_topic_icon = $_CONF['show_topic_icon'];
} else {
$this->_show_topic_icon = 1;
}
if (COM_isAnonUser()) {
$this->_uid = 1;
} else {
$this->_uid = $_USER['uid'];
}
$this->_date = $dtPublish->toUnix();
$this->_expire = $dtExpire->toUnix();
if ($_CONF['article_comment_close_enabled']) {
$this->_comment_expire = $dtCmtclose->toUnix() + $_CONF['article_comment_close_days'] * 86400;
} else {
$this->_comment_expire = 0;
}
$this->_commentcode = $_CONF['comment_code'];
$this->_trackbackcode = $_CONF['trackback_code'];
$this->_title = '';
$this->_introtext = '';
$this->_bodytext = '';
if (isset($_CONF['frontpage'])) {
$this->_frontpage = $_CONF['frontpage'];
} else {
$this->_frontpage = 1;
}
$this->_hits = 0;
$this->_rating = 0.0;
$this->_votes = 0;
$this->_comments = 0;
$this->_trackbacks = 0;
$this->_numemails = 0;
if ($_CONF['postmode'] != 'plaintext') {
$this->_postmode = 'html';
} else {
$this->_postmode = $_CONF['postmode'];
}
$this->_statuscode = 0;
$this->_featured = 0;
if (COM_isAnonUser()) {
$this->_owner_id = 1;
} else {
$this->_owner_id = $_USER['uid'];
}
if (isset($_GROUPS['Story Admin'])) {
$this->_group_id = $_GROUPS['Story Admin'];
} else {
$this->_group_id = SEC_getFeatureGroup('story.edit');
}
$array = array();
SEC_setDefaultPermissions($array, $_CONF['default_permissions_story']);
$this->_perm_owner = $array['perm_owner'];
$this->_perm_group = $array['perm_group'];
$this->_perm_anon = $array['perm_anon'];
$this->_perm_members = $array['perm_members'];
} else {
$this->loadFromArgsArray($_POST);
}
/* if we have SQL, load from it */
if (!empty($sql)) {
$result = DB_query($sql);
if ($result) {
$story = DB_fetchArray($result, false);
if ($story == null) {
return STORY_INVALID_SID;
}
$this->loadFromArray($story);
if (!isset($story['owner_id'])) {
$story['owner_id'] = 1;
//.........這裏部分代碼省略.........
示例15: service_submit_story
//.........這裏部分代碼省略.........
}
if (!isset($args['perm_group'])) {
$args['perm_group'] = $_CONF['default_permissions_story'][1];
} else {
$args['perm_group'] = COM_applyBasicFilter($args['perm_group'], true);
}
if (!isset($args['perm_members'])) {
$args['perm_members'] = $_CONF['default_permissions_story'][2];
} else {
$args['perm_members'] = COM_applyBasicFilter($args['perm_members'], true);
}
if (!isset($args['perm_anon'])) {
$args['perm_anon'] = $_CONF['default_permissions_story'][3];
} else {
$args['perm_anon'] = COM_applyBasicFilter($args['perm_anon'], true);
}
if (!isset($args['draft_flag'])) {
$args['draft_flag'] = $_CONF['draft_flag'];
}
if (empty($args['frontpage'])) {
$args['frontpage'] = $_CONF['frontpage'];
}
if (empty($args['show_topic_icon'])) {
$args['show_topic_icon'] = $_CONF['show_topic_icon'];
}
}
/* - END: Set all the defaults - */
if (!isset($args['sid'])) {
$args['sid'] = '';
}
$args['sid'] = COM_sanitizeID($args['sid']);
if (!$gl_edit) {
if (strlen($args['sid']) > STORY_MAX_ID_LENGTH) {
$args['sid'] = COM_makesid();
}
}
$story = new Story();
$gl_edit = false;
if (isset($args['gl_edit'])) {
$gl_edit = $args['gl_edit'];
}
if ($gl_edit && !empty($args['gl_etag'])) {
/* First load the original story to check if it has been modified */
$result = $story->loadFromDatabase($args['sid']);
if ($result == STORY_LOADED_OK) {
if ($args['gl_etag'] != date('c', $story->_date)) {
$svc_msg['error_desc'] = 'A more recent version of the story is available';
return PLG_RET_PRECONDITION_FAILED;
}
} else {
$svc_msg['error_desc'] = 'Error loading story';
return PLG_RET_ERROR;
}
}
/* This function is also doing the security checks */
$result = $story->loadFromArgsArray($args);
$sid = $story->getSid();
switch ($result) {
case STORY_DUPLICATE_SID:
if (!$args['gl_svc']) {
if (isset($args['type']) && $args['type'] == 'submission') {
$output .= STORY_edit($sid, 'moderate');
} else {
$output .= STORY_edit($sid, 'error');
}
}