本文整理匯總了PHP中PLG_itemSaved函數的典型用法代碼示例。如果您正苦於以下問題:PHP PLG_itemSaved函數的具體用法?PHP PLG_itemSaved怎麽用?PHP PLG_itemSaved使用的例子?那麽, 這裏精選的函數代碼示例或許可以為您提供幫助。
在下文中一共展示了PLG_itemSaved函數的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的PHP代碼示例。
示例1: service_submit_story
//.........這裏部分代碼省略.........
$output .= COM_siteFooter();
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
$upload->setMaxFileSize($_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$filenames = array();
$sql = "SELECT MAX(ai_img_num) + 1 AS ai_img_num FROM " . $_TABLES['article_images'] . " WHERE ai_sid = '" . DB_escapeString($sid) . "'";
$result = DB_query($sql, 1);
$row = DB_fetchArray($result);
$ai_img_num = $row['ai_img_num'];
if ($ai_img_num < 1) {
$ai_img_num = 1;
}
for ($z = 0; $z < $_CONF['maximagesperarticle']; $z++) {
$curfile['name'] = '';
if (isset($_FILES['file']['name'][$z])) {
$curfile['name'] = $_FILES['file']['name'][$z];
}
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames[] = $sid . '_' . $ai_img_num . '.' . $fextension;
$ai_img_num++;
} else {
$filenames[] = '';
}
}
$upload->setFileNames($filenames);
$upload->uploadFiles();
//@TODO - better error handling
if ($upload->areErrors()) {
$retval = COM_siteHeader('menu', $LANG24[30]);
$retval .= COM_showMessageText($upload->printErrors(false), $LANG24[30], true);
$retval .= STORY_edit($sid, 'error');
$retval .= COM_siteFooter();
echo $retval;
exit;
}
for ($z = 0; $z < $_CONF['maximagesperarticle']; $z++) {
if ($filenames[$z] != '') {
$sql = "SELECT MAX(ai_img_num) + 1 AS ai_img_num FROM " . $_TABLES['article_images'] . " WHERE ai_sid = '" . DB_escapeString($sid) . "'";
$result = DB_query($sql, 1);
$row = DB_fetchArray($result);
$ai_img_num = $row['ai_img_num'];
if ($ai_img_num < 1) {
$ai_img_num = 1;
}
DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('" . DB_escapeString($sid) . "', {$ai_img_num}, '" . DB_escapeString($filenames[$z]) . "')");
}
}
}
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->checkImages();
if (count($errors) > 0) {
$output = COM_siteHeader('menu', $LANG24[54]);
$eMsg = $LANG24[55] . '<p>';
for ($i = 1; $i <= count($errors); $i++) {
$eMsg .= current($errors) . '<br />';
next($errors);
}
//@TODO - use return here...
$output .= COM_showMessageText($eMsg, $LANG24[54], true);
$output .= STORY_edit($sid, 'error');
$output .= COM_siteFooter();
echo $output;
exit;
}
}
}
$result = $story->saveToDatabase();
if ($result == STORY_SAVED) {
// see if any plugins want to act on that story
if (!empty($args['old_sid']) && $args['old_sid'] != $sid) {
PLG_itemSaved($sid, 'article', $args['old_sid']);
} else {
PLG_itemSaved($sid, 'article');
}
// update feed(s) and Older Stories block
COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid);
COM_olderStuff();
if ($story->type == 'submission') {
COM_setMessage(9);
echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
exit;
} else {
$output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9);
}
/* @TODO Set the object id here */
$svc_msg['id'] = $sid;
return PLG_RET_OK;
}
}
示例2: links_save_category
function links_save_category($cid, $old_cid, $pid, $category, $description, $tid, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
global $_CONF, $_TABLES, $_USER, $LANG_LINKS, $LANG_LINKS_ADMIN, $_LI_CONF, $PLG_links_MESSAGE17;
// Convert array values to numeric permission values
if (is_array($perm_owner) or is_array($perm_group) or is_array($perm_members) or is_array($perm_anon)) {
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
}
// clean 'em up
$description = addslashes(COM_checkHTML(COM_checkWords($description), 'links.edit'));
$category = addslashes(COM_checkHTML(COM_checkWords($category), 'links.edit'));
$pid = addslashes(strip_tags($pid));
$cid = addslashes(strip_tags($cid));
$old_cid = addslashes(strip_tags($old_cid));
if (empty($category) || empty($description)) {
return 7;
}
// Check cid to make sure not illegal
if ($cid == addslashes($_LI_CONF['root']) || $cid == 'user') {
return 11;
}
if (!empty($cid) && $cid != $old_cid) {
// this is either a new category or an attempt to change the cid
// - check that cid doesn't exist yet
$ctrl = DB_getItem($_TABLES['linkcategories'], 'cid', "cid = '{$cid}'");
if (!empty($ctrl)) {
if (isset($PLG_links_MESSAGE17)) {
return 17;
} else {
return 11;
}
}
}
// Check that they didn't delete the cid. If so, get the hidden one
if (empty($cid) && !empty($old_cid)) {
$cid = $old_cid;
}
// Make sure they aren't making a parent category child of one of it's own
// children. This would create orphans
if ($cid == DB_getItem($_TABLES['linkcategories'], 'pid', "cid='{$pid}'")) {
return 12;
}
$access = 0;
if (DB_count($_TABLES['linkcategories'], 'cid', $old_cid) > 0) {
// update existing item, but new cid so get access from database with old cid
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='{$old_cid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
// set flag
$update = "existing";
} else {
if (DB_count($_TABLES['linkcategories'], 'cid', $cid) > 0) {
// update existing item, same cid, so get access from database with existing cid
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group, perm_members,perm_anon FROM {$_TABLES['linkcategories']} WHERE cid='{$cid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
// set flag
$update = "same";
} else {
// new item, so use passed values
$access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
// set flag
$update = 'new';
}
}
if ($access < 3) {
// no access rights: user should not be here
COM_accessLog(sprintf($LANG_LINKS_ADMIN[60], $_USER['username'], $cid));
return 6;
} else {
// save item
if ($update == 'existing') {
// update an existing item but new cid
$sql = "UPDATE {$_TABLES['linkcategories']}\n SET cid='{$cid}',\n pid='{$pid}',\n tid='{$tid}',category='{$category}',\n description='{$description}',\n modified=NOW(),\n owner_id='{$owner_id}',group_id='{$group_id}',\n perm_owner='{$perm_owner}',perm_group='{$perm_group}',\n perm_members='{$perm_members}',perm_anon='{$perm_anon}'\n WHERE cid = '{$old_cid}'";
$result = DB_query($sql);
// Also need to update links for this category
$sql = "UPDATE {$_TABLES['links']} SET cid='{$cid}' WHERE cid='{$old_cid}'";
$result = DB_query($sql);
} else {
if ($update == 'same') {
// update an existing item
$sql = "UPDATE {$_TABLES['linkcategories']}\n SET pid='{$pid}',\n tid='{$tid}',category='{$category}',\n description='{$description}',\n modified=NOW(),\n owner_id='{$owner_id}',group_id='{$group_id}',\n perm_owner='{$perm_owner}',perm_group='{$perm_group}',\n perm_members='{$perm_members}',perm_anon='{$perm_anon}'\n WHERE cid = '{$cid}'";
$result = DB_query($sql);
} else {
// insert a new item
if (empty($cid)) {
$cid = COM_makeSid();
}
$sql = "INSERT INTO {$_TABLES['linkcategories']}\n (cid, pid, category, description, tid,\n created,modified,\n owner_id, group_id, perm_owner, perm_group,\n perm_members, perm_anon)\n VALUES\n ('{$cid}','{$pid}','{$category}',\n '{$description}','{$tid}',\n NOW(),NOW(),\n '{$owner_id}','{$group_id}','{$perm_owner}',\n '{$perm_group}','{$perm_members}','{$perm_anon}')";
$result = DB_query($sql);
}
}
if ($update == 'existing' && $cid != $old_cid) {
PLG_itemSaved($cid, 'links.category', $old_cid);
} else {
PLG_itemSaved($cid, 'links.category');
}
}
return 10;
// success message
}
示例3: service_submit_staticpages
//.........這裏部分代碼省略.........
if ($sp_id != $sp_old_id) {
$duplicate_id = true;
}
} elseif (!empty($sp_old_id)) {
if ($sp_id != $sp_old_id) {
$delete_old_page = true;
}
}
if ($duplicate_id) {
$output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
$output .= COM_errorLog($LANG_STATIC['duplicate_id'], 2);
if (!$args['gl_svc']) {
$output .= PAGE_edit($sp_id);
}
$output .= COM_siteFooter();
$svc_msg['error_desc'] = 'Duplicate ID';
return PLG_RET_ERROR;
} elseif (!empty($sp_title) && !empty($sp_content)) {
if (empty($sp_hits)) {
$sp_hits = 0;
}
if ($sp_onmenu == 'on') {
$sp_onmenu = 1;
} else {
$sp_onmenu = 0;
}
if ($sp_nf == 'on') {
$sp_nf = 1;
} else {
$sp_nf = 0;
}
if ($sp_centerblock == 'on') {
$sp_centerblock = 1;
} else {
$sp_centerblock = 0;
}
if ($sp_inblock == 'on') {
$sp_inblock = 1;
} else {
$sp_inblock = 0;
}
// Clean up the text
if ($_SP_CONF['censor'] == 1) {
$sp_content = COM_checkWords($sp_content);
$sp_title = COM_checkWords($sp_title);
}
if ($_SP_CONF['filter_html'] == 1) {
$sp_content = COM_checkHTML($sp_content, 'staticpages.edit');
}
$sp_title = strip_tags($sp_title);
$sp_label = strip_tags($sp_label);
$sp_content = DB_escapeString($sp_content);
$sp_title = DB_escapeString($sp_title);
$sp_label = DB_escapeString($sp_label);
// If user does not have php edit perms, then set php flag to 0.
if ($_SP_CONF['allow_php'] != 1 || !SEC_hasRights('staticpages.PHP')) {
$sp_php = 0;
}
// make sure there's only one "entire page" static page per topic
if ($sp_centerblock == 1 && $sp_where == 0) {
$sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE sp_centerblock = 1 AND sp_where = 0 AND sp_tid = '" . DB_escapeString($sp_tid) . "'";
// multi-language configuration - allow one entire page
// centerblock for all or none per language
if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) {
$ids = explode('_', $sp_id);
if (count($ids) > 1) {
$lang_id = array_pop($ids);
$sql .= " AND sp_id LIKE '%\\_" . DB_escapeString($lang_id) . "'";
}
}
DB_query($sql);
}
$formats = array('allblocks', 'blankpage', 'leftblocks', 'rightblocks', 'noblocks');
if (!in_array($sp_format, $formats)) {
$sp_format = 'allblocks';
}
if (!$args['gl_svc']) {
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
}
DB_save($_TABLES['staticpage'], 'sp_id,sp_status,sp_uid,sp_title,sp_content,sp_date,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode,sp_search', "'{$sp_id}',{$sp_status}, {$sp_uid},'{$sp_title}','{$sp_content}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}',{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}',{$sp_search}");
if ($delete_old_page && !empty($sp_old_id)) {
DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id);
DB_change($_TABLES['comments'], 'sid', DB_escapeString($sp_id), array('sid', 'type'), array(DB_escapeString($sp_old_id), 'staticpages'));
PLG_itemDeleted($sp_old_id, 'staticpages');
}
PLG_itemSaved($sp_id, 'staticpages');
$url = COM_buildURL($_CONF['site_url'] . '/page.php?page=' . $sp_id);
$output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages');
$svc_msg['id'] = $sp_id;
return PLG_RET_OK;
} else {
$output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
$output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2);
if (!$args['gl_svc']) {
$output .= PAGE_edit($sp_id);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
}
}
示例4: service_submit_story
//.........這裏部分代碼省略.........
$upload->setMogrifyPath($_CONF['path_to_mogrify']);
} elseif ($_CONF['image_lib'] == 'netpbm') {
// using netPBM
$upload->setNetPBM($_CONF['path_to_netpbm']);
} elseif ($_CONF['image_lib'] == 'gdlib') {
// using the GD library
$upload->setGDLib();
}
$upload->setAutomaticResize(true);
if ($_CONF['keep_unscaled_image'] == 1) {
$upload->keepOriginalImage(true);
} else {
$upload->keepOriginalImage(false);
}
if (isset($_CONF['jpeg_quality'])) {
$upload->setJpegQuality($_CONF['jpeg_quality']);
}
}
$upload->setAllowedMimeTypes(array('image/gif' => '.gif', 'image/jpeg' => '.jpg,.jpeg', 'image/pjpeg' => '.jpg,.jpeg', 'image/x-png' => '.png', 'image/png' => '.png'));
if (!$upload->setPath($_CONF['path_images'] . 'articles')) {
$output = COM_showMessageText($upload->printErrors(false), $LANG24[30]);
$output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[30]));
echo $output;
exit;
}
// NOTE: if $_CONF['path_to_mogrify'] is set, the call below will
// force any images bigger than the passed dimensions to be resized.
// If mogrify is not set, any images larger than these dimensions
// will get validation errors
$upload->setMaxDimensions($_CONF['max_image_width'], $_CONF['max_image_height']);
$upload->setMaxFileSize($_CONF['max_image_size']);
// size in bytes, 1048576 = 1MB
// Set file permissions on file after it gets uploaded (number is in octal)
$upload->setPerms('0644');
$filenames = array();
$end_index = $index_start + $upload->numFiles() - 1;
for ($z = $index_start; $z <= $end_index; $z++) {
$curfile = current($_FILES);
if (!empty($curfile['name'])) {
$pos = strrpos($curfile['name'], '.') + 1;
$fextension = substr($curfile['name'], $pos);
$filenames[] = $sid . '_' . $z . '.' . $fextension;
}
next($_FILES);
}
$upload->setFileNames($filenames);
reset($_FILES);
$upload->uploadFiles();
if ($upload->areErrors()) {
$retval = COM_showMessageText($upload->printErrors(false), $LANG24[30]);
$output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[30]));
echo $retval;
exit;
}
reset($filenames);
for ($z = $index_start; $z <= $end_index; $z++) {
DB_query("INSERT INTO {$_TABLES['article_images']} (ai_sid, ai_img_num, ai_filename) VALUES ('{$sid}', {$z}, '" . current($filenames) . "')");
next($filenames);
}
}
if ($_CONF['maximagesperarticle'] > 0) {
$errors = $story->checkAttachedImages();
if (count($errors) > 0) {
$output .= COM_startBlock($LANG24[54], '', COM_getBlockTemplate('_msg_block', 'header'));
$output .= $LANG24[55] . LB . '<ul>' . LB;
foreach ($errors as $err) {
$output .= '<li>' . $err . '</li>' . LB;
}
$output .= '</ul>' . LB;
$output .= COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'));
$output .= storyeditor($sid);
$output = COM_createHTMLDocument($output, array('pagetitle' => $LANG24[54]));
echo $output;
exit;
}
}
}
$result = $story->saveToDatabase();
if ($result == STORY_SAVED) {
// see if any plugins want to act on that story
if (!empty($args['old_sid']) && $args['old_sid'] != $sid) {
PLG_itemSaved($sid, 'article', $args['old_sid']);
} else {
PLG_itemSaved($sid, 'article');
}
// update feed(s)
COM_rdfUpToDateCheck('article', $story->DisplayElements('tid'), $sid);
COM_rdfUpToDateCheck('comment');
STORY_updateLastArticlePublished();
CMT_updateCommentcodes();
if ($story->type == 'submission') {
$output = COM_refresh($_CONF['site_admin_url'] . '/moderation.php?msg=9');
} else {
$output = PLG_afterSaveSwitch($_CONF['aftersave_story'], COM_buildURL("{$_CONF['site_url']}/article.php?story={$sid}"), 'story', 9);
}
/* @TODO Set the object id here */
$svc_msg['id'] = $sid;
return PLG_RET_OK;
}
}
示例5: service_submit_staticpages
//.........這裏部分代碼省略.........
$sp_label = "";
$sp_centerblock = 0;
$sp_php = 0;
$sp_inblock = 0;
$sp_nf = 0;
$sp_hits = 0;
$meta_description = "";
$meta_keywords = "";
} else {
// See if it was a template before, if so and option changed, remove use from other pages
if (DB_getItem($_TABLES['staticpage'], 'template_flag', "sp_id = '{$sp_old_id}'") == 1) {
$sql = "UPDATE {$_TABLES['staticpage']} SET template_id = '' WHERE template_id = '{$sp_old_id}'";
$result = DB_query($sql);
}
if ($template_id != '') {
// If using a template, make sure php disabled
$sp_php = 0;
// Double check template id exists and is still a template
$perms = SP_getPerms();
if (!empty($perms)) {
$perms = ' AND ' . $perms;
}
if (DB_getItem($_TABLES['staticpage'], 'COUNT(sp_id)', "sp_id = '{$template_id}' AND template_flag = 1 AND (draft_flag = 0)" . $perms) == 0) {
$template_id = '';
}
}
}
// make sure there's only one "entire page" static page per topic
if ($sp_centerblock == 1 && $sp_where == 0) {
$sql = "UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 0 WHERE (sp_centerblock = 1) AND (sp_where = 0) AND (sp_tid = '{$sp_tid}') AND (draft_flag = 0)";
// if we're in a multi-language setup, we need to allow one "entire
// page" centerblock for 'all' or 'none' per language
if (!empty($_CONF['languages']) && !empty($_CONF['language_files']) && ($sp_tid == 'all' || $sp_tid == 'none')) {
$ids = explode('_', $sp_id);
if (count($ids) > 1) {
$lang_id = array_pop($ids);
$sql .= " AND sp_id LIKE '%\\_{$lang_id}'";
}
}
DB_query($sql);
}
$formats = array('allblocks', 'blankpage', 'leftblocks', 'noblocks');
if (!in_array($sp_format, $formats)) {
$sp_format = 'allblocks';
}
if (!$args['gl_svc']) {
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
}
// Retrieve created date
$datecreated = DB_getItem($_TABLES['staticpage'], 'created', "sp_id = '{$sp_id}'");
if ($datecreated == '') {
$datecreated = date('Y-m-d H:i:s');
}
DB_save($_TABLES['staticpage'], 'sp_id,sp_title,sp_page_title, sp_content,created,modified,sp_hits,sp_format,sp_onmenu,sp_label,commentcode,meta_description,meta_keywords,template_flag,template_id,draft_flag,owner_id,group_id,' . 'perm_owner,perm_group,perm_members,perm_anon,sp_php,sp_nf,sp_centerblock,sp_help,sp_tid,sp_where,sp_inblock,postmode', "'{$sp_id}','{$sp_title}','{$sp_page_title}','{$sp_content}','{$datecreated}',NOW(),{$sp_hits},'{$sp_format}',{$sp_onmenu},'{$sp_label}','{$commentcode}','{$meta_description}','{$meta_keywords}',{$template_flag},'{$template_id}',{$draft_flag},{$owner_id},{$group_id}," . "{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$sp_php}','{$sp_nf}',{$sp_centerblock},'{$sp_help}','{$sp_tid}',{$sp_where}," . "'{$sp_inblock}','{$postmode}'");
if ($delete_old_page && !empty($sp_old_id)) {
// If a template and the id changed, update any staticpages that use it
if ($template_flag == 1) {
$sql = "UPDATE {$_TABLES['staticpage']} SET template_id = '{$sp_id}' WHERE template_id = '{$sp_old_id}'";
$result = DB_query($sql);
}
DB_delete($_TABLES['staticpage'], 'sp_id', $sp_old_id);
}
if (empty($sp_old_id) || $sp_id == $sp_old_id) {
if (!$template_flag) {
PLG_itemSaved($sp_id, 'staticpages');
} else {
// If template then have to notify of all pages that use this template that a change to the page happened
$sql = "SELECT sp_id FROM {$_TABLES['staticpage']} WHERE template_id = '{$sp_id}'";
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
PLG_itemSaved($A['sp_id'], 'staticpages');
}
}
} else {
DB_change($_TABLES['comments'], 'sid', addslashes($sp_id), array('sid', 'type'), array(addslashes($sp_old_id), 'staticpages'));
if (!$template_flag) {
PLG_itemSaved($sp_id, 'staticpages', $sp_old_id);
} else {
// If template then have to notify of all pages that use this template that a change to the page happened
$sql = "SELECT sp_id FROM {$_TABLES['staticpage']} WHERE template_id = '{$sp_id}'";
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
PLG_itemSaved($A['sp_id'], 'staticpages');
}
}
}
$url = COM_buildURL($_CONF['site_url'] . '/staticpages/index.php?page=' . $sp_id);
$output .= PLG_afterSaveSwitch($_SP_CONF['aftersave'], $url, 'staticpages', 19);
$svc_msg['id'] = $sp_id;
return PLG_RET_OK;
} else {
$output .= COM_siteHeader('menu', $LANG_STATIC['staticpageeditor']);
$output .= COM_errorLog($LANG_STATIC['no_title_or_content'], 2);
if (!$args['gl_svc']) {
$output .= staticpageeditor($sp_id);
}
$output .= COM_siteFooter();
return PLG_RET_ERROR;
}
}
示例6: MG_saveMediaEdit
function MG_saveMediaEdit($album_id, $media_id, $actionURL)
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST, $_FILES;
$back = COM_applyFilter($_POST['rpath']);
if ($back != '') {
$sLength = strlen($_CONF['site_url']);
if (substr($back, 0, $sLength) != $_CONF['site_url']) {
$back = $_CONF['site_url'];
}
$actionURL = $back;
}
$queue = COM_applyFilter($_POST['queue'], true);
if (isset($_POST['replacefile'])) {
$replacefile = COM_applyFilter($_POST['replacefile']);
} else {
$replacefile = 0;
}
if ($replacefile == 1) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$repfilename = $_FILES['repfilename'];
$filename = $repfilename['name'];
$file = $repfilename['tmp_name'];
list($rc, $msg) = MG_getFile($file, $filename, $album_id, '', '', 1, 0, '', 0, '', '', 0, 0, $media_id);
COM_errorLog($msg);
}
// see if we had an attached thumbnail before...
$thumb = $_FILES['attthumb'];
$thumbnail = $thumb['tmp_name'];
$att = isset($_POST['attachtn']) ? COM_applyFilter($_POST['attachtn'], true) : 0;
if ($att == 1) {
$attachtn = 1;
} else {
$attachtn = 0;
}
if ($queue) {
$old_attached_tn = DB_getItem($_TABLES['mg_mediaqueue'], 'media_tn_attached', 'media_id="' . DB_escapeString($media_id) . '"');
} else {
$old_attached_tn = DB_getItem($_TABLES['mg_media'], 'media_tn_attached', 'media_id="' . DB_escapeString($media_id) . '"');
}
if ($old_attached_tn == 0 && $att == 1 && $thumbnail == '') {
$attachtn = 0;
}
if ($old_attached_tn == 1 && $attachtn == 0) {
$remove_old_tn = 1;
} else {
$remove_old_tn = 0;
}
if ($queue) {
$remote_media = DB_getItem($_TABLES['mg_mediaqueue'], 'remote_media', 'media_id="' . DB_escapeString($media_id) . '"');
} else {
$remote_media = DB_getItem($_TABLES['mg_media'], 'remote_media', 'media_id="' . DB_escapeString($media_id) . '"');
}
if ($remote_media) {
$remote_url = isset($_POST['remoteurl']) ? DB_escapeString($_POST['remoteurl']) : '';
} else {
$remote_url = '';
}
if ($_MG_CONF['htmlallowed']) {
$media_title = COM_checkWords($_POST['media_title']);
$media_desc = COM_checkWords($_POST['media_desc']);
} else {
$media_title = htmlspecialchars(strip_tags(COM_checkWords($_POST['media_title'])));
$media_desc = htmlspecialchars(strip_tags(COM_checkWords($_POST['media_desc'])));
}
$media_time_month = COM_applyFilter($_POST['media_month']);
$media_time_day = COM_applyFilter($_POST['media_day']);
$media_time_year = COM_applyFilter($_POST['media_year']);
$media_time_hour = COM_applyFilter($_POST['media_hour']);
$media_time_minute = COM_applyFilter($_POST['media_minute']);
$original_filename = COM_applyFilter($_POST['original_filename']);
if ($replacefile == 1) {
$original_filename = $filename;
}
$cat_id = COM_applyFilter($_POST['cat_id'], true);
$media_keywords = $_POST['media_keywords'];
$media_keywords_safe = substr($media_keywords, 0, 254);
$media_keywords = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords($media_keywords_safe))));
$artist = isset($_POST['artist']) ? DB_escapeString(COM_applyFilter($_POST['artist'])) : '';
$musicalbum = isset($_POST['musicalbum']) ? DB_escapeString(COM_applyFilter($_POST['musicalbum'])) : '';
$genre = isset($_POST['genre']) ? DB_escapeString(COM_applyFilter($_POST['genre'])) : '';
$dtObject = new Date('now', $_USER['tzid']);
$dtObject->setDateTimestamp($media_time_year, $media_time_month, $media_time_day, $media_time_hour, $media_time_minute, 0);
$media_time = $dtObject->toUnix();
if (isset($_POST['owner_name'])) {
$owner_id = COM_applyFilter($_POST['owner_name'], true);
$owner_sql = ',media_user_id=' . $owner_id . ' ';
} else {
$owner_sql = '';
}
$sql = "UPDATE " . ($queue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media']) . "\n SET media_title='" . DB_escapeString($media_title) . "',\n media_desc='" . DB_escapeString($media_desc) . "',\n media_original_filename='" . DB_escapeString($original_filename) . "',\n media_time=" . $media_time . ",\n media_tn_attached=" . $attachtn . ",\n media_category=" . intval($cat_id) . ",\n media_keywords='" . $media_keywords . "',\n artist='" . $artist . "',\n album='" . $musicalbum . "',\n genre='" . $genre . "',\n remote_url='" . $remote_url . "' " . $owner_sql . "WHERE media_id='" . DB_escapeString($media_id) . "'";
DB_query($sql);
if (DB_error() != 0) {
echo COM_errorLog("Media Gallery: ERROR Updating image in media database");
}
PLG_itemSaved($media_id, 'mediagallery');
$media_id_db = DB_escapeString($media_id);
// process playback options if any...
if (isset($_POST['autostart'])) {
// asf
$playback_option['autostart'] = intval(COM_applyFilter($_POST['autostart'], true));
//.........這裏部分代碼省略.........
示例7: nexdoc_moveQueuefile
function nexdoc_moveQueuefile($id, $newcid)
{
global $_CONF, $_TABLES, $_USER, $_FMCONF;
$filemoved = false;
if ($newcid > 0) {
$query = DB_query("SELECT orig_filename,queue_filename,timestamp,uid,size,mimetype FROM {$_TABLES['nxfile_import_queue']} WHERE id={$id}");
list($fname, $qname, $date, $submitter, $filesize, $mimetype) = DB_fetchArray($query);
$sourcefile = $_FMCONF['storage_path'] . "queue/{$qname}";
$targetfile = $_FMCONF['storage_path'] . "{$newcid}/{$fname}";
if (!empty($qname) and !empty($fname) and file_exists($sourcefile)) {
if ($submitter == $_USER['uid'] or fm_getPermission($newcid, 'admin')) {
/* Need to move the file */
$pos = strrpos($fname, '.') + 1;
$fileExtension = substr($fname, $pos);
$ret = @rename($sourcefile, $targetfile);
if ($ret and file_exists($targetfile)) {
@unlink($sourcefile);
$filemoved = true;
} elseif (file_exists($targetfile)) {
COM_errorLog("Move failed - file of same name exists - {$sourcefile}");
// Let's give the new file a random name and try the move again - add the numerical MonthDayHourSecond
$targetfile = $_FMCONF['storage_path'] . "{$newcid}/{$fname}-" . date('mdHms');
COM_errorLog("Attempting to move with a random name - {$targetfile}");
$ret = @rename($sourcefile, $targetfile);
if ($ret and file_exists($targetfile)) {
@unlink($sourcefile);
$filemoved = true;
} else {
COM_errorLog("Move with random filename also failed");
}
}
if ($filemoved) {
// File successfully moved - create new records
// Set status of file to 1 - online
$fname = addslashes($fname);
$qname = addslashes($qname);
$sql = "INSERT INTO {$_TABLES['nxfile_files']} (cid,fname,title,version,ftype,size,mimetype,extension,submitter,status,date) ";
$sql .= "VALUES ({$newcid},'{$fname}','{$fname}','1','file',";
$sql .= "'{$filesize}','{$mimetype}','{$fileExtension}',{$submitter},1,'{$date}')";
DB_query($sql);
$fid = DB_insertId();
// New File ID
DB_query("INSERT INTO {$_TABLES['nxfile_filedetail']} (fid,description,hits,rating,votes,comments)\r\n VALUES ('{$fid}','File uploaded with no description','0','0','0','0')");
DB_query("INSERT INTO {$_TABLES['nxfile_fileversions']} (fid,fname,ftype,version,notes,size,date,uid,status)\r\n VALUES ('{$fid}','{$fname}','file','1','','{$filesize}','{$date}','{$submitter}','1')");
PLG_itemSaved($fid, 'nexfile_filesaved');
// Optionally add notification records and send out notifications to all users with view access to this new file
if (DB_getItem($_TABLES['nxfile_categories'], 'auto_create_notifications', "cid={$newcid}") == 1) {
fm_autoCreateNotifications($fid, $newcid);
}
// Send out notifications of update
if ($_POST['notification'] == 1) {
fm_sendNotification($fid);
}
fm_updateAuditLog("Direct upload of File ID: {$fid}, in Category: {$newcid}");
// Remove the incoming queue file
DB_query("DELETE FROM {$_TABLES['nxfile_import_queue']} WHERE id={$id}");
} else {
$GLOBALS['fm_errmsg'] = 'Error moving file';
}
} else {
COM_errorLog("User {$_USER['username']} does not have access to move file: {$fid} {$fname} to category: {$newcid}");
}
} else {
$GLOBALS['fm_errmsg'] = "Error moving file - source file {$gname} missing";
COM_errorLog("Nexfile: {$GLOBALS['fm_errmsg']}");
}
}
return $filemoved;
}
示例8: savepoll
//.........這裏部分代碼省略.........
if ($created_date == '') {
$created_date = date('Y-m-d H:i:s');
}
DB_delete($_TABLES['polltopics'], 'pid', $del_pid);
DB_delete($_TABLES['pollanswers'], 'pid', $del_pid);
DB_delete($_TABLES['pollquestions'], 'pid', $del_pid);
$topic = GLText::remove4byteUtf8Chars($topic);
$topic = DB_escapeString($topic);
$topic_description = GLText::remove4byteUtf8Chars($topic_description);
$topic_description = DB_escapeString($topic_description);
$meta_description = GLText::remove4byteUtf8Chars($meta_description);
$meta_description = DB_escapeString($meta_description);
$meta_keywords = GLText::remove4byteUtf8Chars($meta_keywords);
$meta_keywords = DB_escapeString($meta_keywords);
$k = 0;
// set up a counter to make sure we do assign a straight line of question id's
// first dimension of array are the questions
$num_questions = count($Q);
$num_total_votes = 0;
$num_questions_exist = 0;
for ($i = 0; $i < $num_questions; $i++) {
$Q[$i] = COM_stripslashes($Q[$i]);
$Q[$i] = COM_checkHTML($Q[$i]);
$Q[$i] = GLText::remove4byteUtf8Chars($Q[$i]);
$allow_multipleanswers[$i] = GLText::remove4byteUtf8Chars(COM_stripslashes($allow_multipleanswers[$i]));
$description[$i] = GLText::remove4byteUtf8Chars(COM_checkHTML(COM_stripslashes($description[$i])));
if ($allow_multipleanswers[$i] == 'on') {
$allow_multipleanswers[$i] = 1;
} else {
$allow_multipleanswers[$i] = 0;
}
if (strlen($Q[$i]) > 0) {
// only insert questions that exist
$num_questions_exist++;
$Q[$i] = DB_escapeString($Q[$i]);
DB_save($_TABLES['pollquestions'], 'qid, pid, question,allow_multipleanswers,description', "'{$k}', '{$pid}', '{$Q[$i]}','{$allow_multipleanswers[$i]}','{$description[$i]}'");
// within the questions, we have another dimensions with answers,
// votes and remarks
$num_answers = count($A[$i]);
for ($j = 0; $j < $num_answers; $j++) {
$A[$i][$j] = COM_stripslashes($A[$i][$j]);
$A[$i][$j] = COM_checkHTML($A[$i][$j]);
$A[$i][$j] = GLText::remove4byteUtf8Chars($A[$i][$j]);
$R[$i][$j] = COM_stripslashes($R[$i][$j]);
$R[$i][$j] = COM_checkHTML($R[$i][$j]);
$R[$i][$j] = GLText::remove4byteUtf8Chars($R[$i][$j]);
if (strlen($A[$i][$j]) > 0) {
// only insert answers etc that exist
if (!is_numeric($V[$i][$j])) {
$V[$i][$j] = "0";
}
$A[$i][$j] = DB_escapeString($A[$i][$j]);
$R[$i][$j] = DB_escapeString($R[$i][$j]);
$sql = "INSERT INTO {$_TABLES['pollanswers']} (pid, qid, aid, answer, votes, remark) VALUES " . "('{$pid}', '{$k}', " . ($j + 1) . ", '{$A[$i][$j]}', {$V[$i][$j]}, '{$R[$i][$j]}');";
DB_query($sql);
$num_total_votes = $num_total_votes + $V[$i][$j];
}
}
$k++;
}
}
// determine the number of voters (cannot use records in pollvoters table since they get deleted after a time $_PO_CONF['polladdresstime'])
if ($num_questions_exist > 0) {
$numVoters = $num_total_votes / $num_questions_exist;
} else {
// This shouldn't happen
$numVoters = $num_total_votes;
}
// save topics after the questions so we can include question count into table
$sql = "'{$pid}','{$topic}','{$meta_description}','{$meta_keywords}',{$numVoters}, {$k}, '{$created_date}', '" . date('Y-m-d H:i:s');
if ($mainPage == 'on') {
$sql .= "',1";
} else {
$sql .= "',0";
}
if ($open == 'on') {
$sql .= ",1";
} else {
$sql .= ",0";
}
if ($hideResults == 'on') {
$sql .= ",1";
} else {
$sql .= ",0";
}
$sql .= ",'{$statusCode}','{$commentCode}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon},'{$topic_description}'";
// Save poll topic
DB_save($_TABLES['polltopics'], "pid, topic, meta_description, meta_keywords, voters, questions, created, modified, display, is_open, hideresults, statuscode, commentcode, owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon,description", $sql);
if (empty($old_pid) || $old_pid == $pid) {
PLG_itemSaved($pid, 'polls');
} else {
DB_change($_TABLES['comments'], 'sid', DB_escapeString($pid), array('sid', 'type'), array(DB_escapeString($old_pid), 'polls'));
DB_change($_TABLES['pollvoters'], 'pid', DB_escapeString($pid), 'pid', DB_escapeString($old_pid));
PLG_itemSaved($pid, 'polls', $old_pid);
}
if ($_POLL_VERBOSE) {
COM_errorLog('**** Leaving savepoll() in ' . $_CONF['site_admin_url'] . '/plugins/polls/index.php ***');
}
return PLG_afterSaveSwitch($_PO_CONF['aftersave'], $_CONF['site_url'] . '/polls/index.php?pid=' . $pid, 'polls', 19);
}
示例9: CALENDAR_toggleStatus
/**
* Toggle status of a staticpage from enabled to disabled and back
*
* @param array $enabledstaticpages array of sp_id's available
* @param array $spidarray array of status (1/0)
* @return void
*
*/
function CALENDAR_toggleStatus($enabledevents, $eidarray)
{
global $_TABLES, $_DB_table_prefix;
if (isset($eidarray) && is_array($eidarray)) {
foreach ($eidarray as $eid => $junk) {
$eid = COM_applyFilter($eid);
if (isset($enabledevents[$eid])) {
DB_query("UPDATE {$_TABLES['events']} SET status = '1' WHERE eid = '" . DB_escapeString($eid) . "'");
} else {
DB_query("UPDATE {$_TABLES['events']} SET status = '0' WHERE eid = '" . DB_escapeString($eid) . "'");
}
}
}
PLG_itemSaved($eid, 'calendar');
CTL_clearCache();
/* fixme - add logic to update personal events table as well */
/* logic should enable/disable all personal_event 'children' */
}
示例10: FF_saveTopic
//.........這裏部分代碼省略.........
} else {
if ($action == 'savereply') {
$fields = "name,email,date,subject,comment,postmode,ip,mood,uid,pid,forum,status";
$sql = "INSERT INTO {$_TABLES['ff_topic']} ({$fields}) ";
$sql .= "VALUES (" . "'" . DB_escapeString($name) . "'," . "'" . DB_escapeString($email) . "'," . "'" . DB_escapeString($date) . "'," . "'{$subject}'," . "'{$comment}'," . "'" . DB_escapeString($postmode) . "'," . "'" . DB_escapeString($REMOTE_ADDR) . "'," . "'" . DB_escapeString($mood) . "'," . (int) $uid . "," . (int) $id . "," . (int) $forum . "," . (int) $status . ")";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['ff_topic']} "));
$savedPostID = $lastid;
$topicPID = $id;
/* Check for any uploaded files - during adding reply post */
$uploadErrors = _ff_check4files($lastid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $lastid;
if ($imagerecs != '') {
$sql .= " AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
DB_query("UPDATE {$_TABLES['ff_topic']} SET replies=replies+1, lastupdated='" . DB_escapeString($date) . "',last_reply_rec=" . (int) $lastid . " WHERE id=" . (int) $id);
DB_query("UPDATE {$_TABLES['ff_forums']} SET post_count=post_count+1, last_post_rec=" . (int) $lastid . " WHERE forum_id=" . (int) $forum);
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $lastid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $id);
}
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
} elseif ($action == 'saveedit') {
$sql = "UPDATE {$_TABLES['ff_topic']} SET " . "subject='{$subject}'," . "comment='{$comment}'," . "postmode='" . DB_escapeString($postmode) . "'," . "mood='" . DB_escapeString($mood) . "'," . "sticky=" . (int) $sticky . "," . "locked=" . (int) $locked . "," . "status=" . (int) $status . " " . "WHERE (id=" . (int) $editid . ")";
DB_query($sql);
/* Check for any uploaded files - during save of edit */
$uploadErrors = _ff_check4files($editid);
// Check and see if there are no [file] bbcode tags in content and reset the show_inline value
// This is needed in case user had used the file bbcode tag and then removed it
$imagerecs = '';
$imagerecs = implode(',', $forumfiles);
$sql = "UPDATE {$_TABLES['ff_attachments']} SET show_inline = 0 WHERE topic_id=" . (int) $editid . " ";
if ($imagerecs != '') {
$sql .= "AND id NOT IN ({$imagerecs})";
}
DB_query($sql);
$topicPID = DB_getITEM($_TABLES['ff_topic'], "pid", "id=" . (int) $editid);
if ($topicPID == 0) {
$topicPID = $editid;
}
$savedPostID = $editid;
if ($postData['silentedit'] != 1) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET lastupdated='" . DB_escapeString($date) . "' WHERE id=" . (int) $topicPID);
//Remove any lastviewed records in the log so that the new updated topic indicator will appear
DB_query("DELETE FROM {$_TABLES['ff_log']} WHERE topic=" . (int) $topicPID . " and time > 0");
}
if (DB_Count($_TABLES['ff_attachments'], 'topic_id', (int) $editid)) {
DB_query("UPDATE {$_TABLES['ff_topic']} SET attachments=1 WHERE id=" . (int) $topicPID);
}
$topicparent = $topicPID;
}
}
COM_updateSpeedLimit('forum');
PLG_itemSaved($savedPostID, 'forum');
CACHE_remove_instance('forumcb');
if (!COM_isAnonUser()) {
//NOTIFY - Checkbox variable in form set to "on" when checked and they don't already have subscribed to forum or topic
$nid = -$topicPID;
$currentForumNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id=0 AND uid=" . (int) $uid);
$currentTopicNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($topicPID) . "' AND uid=" . (int) $uid);
$currentTopicUnNotifyRecID = (int) DB_getItem($_TABLES['subscriptions'], 'sub_id', "type='forum' AND category='" . DB_escapeString($forum) . "' AND id='" . DB_escapeString($nid) . "' AND uid=" . (int) $uid);
$forum_name = DB_getItem($_TABLES['ff_forums'], 'forum_name', 'forum_id=' . (int) $forum);
$topic_name = $subject;
if ($notify == 'on' and ($currentForumNotifyRecID < 1 and $currentTopicNotifyRecID < 1)) {
$sql = "INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) ";
$sql .= "VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($topicPID) . "','" . $subject . "'," . (int) $uid . ",now() )";
DB_query($sql);
} elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) {
// Had un-subcribed to topic and now wants to subscribe
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE sub_id=" . (int) $currentTopicUnNotifyRecID);
} elseif ($notify == '' and $currentTopicNotifyRecID > 1) {
// Subscribed to topic - but does not want to be notified anymore
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'");
} elseif ($notify == '' and $currentForumNotifyRecID > 1) {
// Subscribed to forum - but does not want to be notified about this topic
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($topicPID) . "'");
DB_query("DELETE FROM {$_TABLES['subscriptions']} WHERE type='forum' AND uid=" . (int) $uid . " AND category='" . DB_escapeString($forum) . "' and id = '" . DB_escapeString($nid) . "'");
DB_query("INSERT INTO {$_TABLES['subscriptions']} (type,category,category_desc,id,id_desc,uid,date_added) VALUES ('forum','" . DB_escapeString($forum) . "','" . DB_escapeString($forum_name) . "','" . DB_escapeString($nid) . "','" . $subject . "'," . (int) $uid . ",now() )");
}
}
if ($action != 'saveedit') {
_ff_chknotifications($forum, $savedPostID, $uid);
}
$link = $_CONF['site_url'] . '/forum/viewtopic.php?showtopic=' . $topicPID . '&topic=' . $savedPostID . '#' . $savedPostID;
if ($uploadErrors != '') {
$autorefresh = false;
} else {
$autorefresh = true;
}
$retval .= FF_statusMessage($uploadErrors . $LANG_GF02['msg19'], $link, $LANG_GF02['msg19'], false, '', $autorefresh);
} else {
$retval .= _ff_alertMessage($LANG_GF02['msg18']);
}
return array(true, $retval);
}
示例11: saveSubmission
/**
* Saves a story submission.
*
* @return integer result code explaining behaviour.
*/
public function saveSubmission()
{
global $_USER, $_CONF, $_TABLES;
$this->_sid = COM_makeSid();
if (COM_isAnonUser()) {
$this->_uid = 1;
} else {
$this->_uid = $_USER['uid'];
}
// Remove any autotags the user doesn't have permission to use
$introText = PLG_replaceTags($this->_introtext, '', true);
$bodyText = PLG_replaceTags($this->_bodytext, '', true);
if (!TOPIC_hasMultiTopicAccess('topic')) {
// user doesn't have access to one or more topics - bail
return STORY_NO_ACCESS_TOPIC;
}
if ($_CONF['storysubmission'] == 1 && !SEC_hasRights('story.submit')) {
$sid = DB_escapeString($this->_sid);
$title = DB_escapeString($this->_title);
$introText = DB_escapeString($introText);
$bodyText = DB_escapeString($bodyText);
$postMode = DB_escapeString($this->_postmode);
DB_save($_TABLES['storysubmission'], 'sid,uid,title,introtext,bodytext,date,postmode,text_version', "{$sid},{$this->_uid},'{$title}'," . "'{$introText}','{$bodyText}',NOW(),'{$postMode}','{$this->_text_version}'");
// Save Topics selected
TOPIC_saveTopicSelectionControl('article', $sid);
return STORY_SAVED_SUBMISSION;
} else {
// post this story directly. First establish the necessary missing data.
$this->sanitizeData();
if (!isset($_CONF['show_topic_icon'])) {
$_CONF['show_topic_icon'] = 1;
}
/*
if (DB_getItem($_TABLES['topics'], 'archive_flag', "tid = '{$tmptid}'") == 1) { // A bug using undefined variable $tmptid
$this->_frontpage = 0;
} elseif (isset($_CONF['frontpage'])) {
$this->_frontpage = $_CONF['frontpage'];
} else {
$this->_frontpage = 1;
}
$this->_oldsid = $this->_sid; // dead code
*/
$this->_date = mktime();
$this->_featured = 0;
$this->_commentcode = $_CONF['comment_code'];
$this->_trackbackcode = $_CONF['trackback_code'];
$this->_statuscode = 0;
$this->_show_topic_icon = $_CONF['show_topic_icon'];
$this->_cache_time = $_CONF['default_cache_time_article'];
if (COM_isAnonUser()) {
$this->_owner_id = 1;
} else {
$this->_owner_id = $_USER['uid'];
}
/*
$this->_group_id = $T['group_id'];
$this->_perm_owner = $T['perm_owner'];
$this->_perm_group = $T['perm_group'];
$this->_perm_members = $T['perm_members'];
$this->_perm_anon = $T['perm_anon'];
*/
// Save Topics selected
TOPIC_saveTopicSelectionControl('article', $this->_sid);
$sql = "SELECT group_id,perm_owner,perm_group,perm_members,perm_anon,archive_flag " . "FROM {$_TABLES['topics']} t, {$_TABLES['topic_assignments']} ta " . "WHERE ta.type = 'article' AND ta.id = '{$this->_sid}' " . "AND ta.tdefault = 1 AND ta.tid = t.tid";
$result = DB_query($sql);
$A = DB_fetchArray($result);
if ($A['archive_flag'] == 1) {
$this->_frontpage = 0;
} elseif (isset($_CONF['frontpage'])) {
$this->_frontpage = $_CONF['frontpage'];
} else {
$this->_frontpage = 1;
}
$this->_group_id = $A['group_id'];
$this->_perm_owner = $A['perm_owner'];
$this->_perm_group = $A['perm_group'];
$this->_perm_members = $A['perm_members'];
$this->_perm_anon = $A['perm_anon'];
$this->saveToDatabase();
PLG_itemSaved($this->_sid, 'article');
COM_rdfUpToDateCheck('article');
COM_rdfUpToDateCheck('comment');
STORY_updateLastArticlePublished();
return STORY_SAVED;
}
}
示例12: array
$filter->cleanData('int', array('catparent' => $_POST['catparent'], 'catinherit' => $_POST['catinherit']));
$filter->cleanData('text', array('catname' => $_POST['catname'], 'catdesc' => $_POST['catdesc']));
$_CLEAN = $filter->getDbData();
$catpid = $_CLEAN['int']['catparent'];
$catname = $_CLEAN['text']['catname'];
$catdesc = $_CLEAN['text']['catdesc'];
$catinherit = $_CLEAN['int']['catinherit'];
if (fm_getPermission($catpid, 'admin')) {
$catresult = fm_createCategory($catpid, $catname, $catdesc);
if ($catresult['0'] > 0) {
$newcid = $catresult['0'];
if ($autonotify == 1) {
// Version 3.0 -- not presently being used
DB_query("UPDATE {$_TABLES['nxfile_categories']} set auto_create_notifications='1' WHERE cid='{$newcid}'");
}
PLG_itemSaved($newcid, 'nexfile_folder_create');
fm_updateAuditLog("New Category: {$newcid} created");
$data['retcode'] = 200;
$data['cid'] = $newcid;
if ($catpid == 0) {
$data['displaycid'] = $newcid;
} else {
$data['displaycid'] = $catpid;
}
} else {
$data['retcode'] = 500;
$data['errmsg'] = $catresult['1'];
COM_errorLog("nexfile: Error creating new folder -> {$catresult['1']}");
}
} else {
$data['errmsg'] = 'Insufficent Permissions';
示例13: MG_batchCaptionSave
function MG_batchCaptionSave($album_id, $actionURL)
{
global $_CONF, $_TABLES, $_MG_CONF;
$media_title = array();
$media_desc = array();
$media_id = array();
$media_title = $_POST['media_title'];
$media_desc = $_POST['media_desc'];
$media_id = $_POST['media_id'];
$total_media = count($media_id);
$table = $_TABLES['mg_media'];
$id = DB_getItem($table, 'media_id', 'media_id="' . addslashes($media_id[0]) . '"');
if (empty($id)) {
$table = $_TABLES['mg_mediaqueue'];
}
for ($i = 0; $i < $total_media; $i++) {
if ($_MG_CONF['htmlallowed']) {
$title = addslashes(COM_checkWords(COM_stripslashes($media_title[$i])));
$desc = addslashes(COM_checkWords(COM_stripslashes($media_desc[$i])));
} else {
$title = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_stripslashes($media_title[$i])))));
$desc = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_stripslashes($media_desc[$i])))));
}
$media_time = time();
$sql = "UPDATE " . $table . " SET media_title='" . $title . "', media_time='" . $media_time . "', media_upload_time='" . $media_time . "', media_desc='" . $desc . "' WHERE media_id='" . addslashes(COM_applyFilter($media_id[$i])) . "'";
DB_query($sql);
PLG_itemSaved($media_id[$i], 'mediagallery');
}
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildAlbumRSS($album_id);
echo COM_refresh($actionURL);
exit;
}
示例14: DB_query
}
}
DB_query("DELETE FROM {$_TABLES['forum_log']} WHERE topic='{$id}' and time > 0");
// Check for any users subscribed notifications
gf_chknotifications($forum, $id, $uid);
$postmode = gf_chkpostmode($postmode, $mode_switch);
$subject = gf_preparefordb($_POST['subject'], 'text');
$comment = gf_preparefordb($_POST['comment'], $postmode);
$fields = "name,date,subject,comment,postmode,ip,mood,uid,pid,forum";
$sql = "INSERT INTO {$_TABLES['forum_topic']} ({$fields}) ";
$sql .= "VALUES ('{$name}','{$date}','{$subject}','{$comment}',";
$sql .= "'{$postmode}','{$REMOTE_ADDR}','{$mood}','{$uid}','{$id}','{$forum}')";
DB_query($sql);
// Find the id of the last inserted topic
list($lastid) = DB_fetchArray(DB_query("SELECT max(id) FROM {$_TABLES['forum_topic']} "));
PLG_itemSaved($lastid, 'forum');
DB_query("UPDATE {$_TABLES['forum_topic']} SET replies=replies + 1, lastupdated = {$date},last_reply_rec={$lastid} WHERE id={$id}");
DB_query("UPDATE {$_TABLES['forum_forums']} SET post_count=post_count+1, last_post_rec={$lastid} WHERE forum_id={$forum}");
//NOTIFY - Checkbox variable in form set to "on" when checked and they don't already have subscribed to forum or topic
$nid = -$id;
// Negative Topic ID Value
$currentForumNotifyRecID = DB_getItem($_TABLES['forum_watch'], 'id', "forum_id='{$forum}' AND topic_id=0 AND uid='{$uid}'");
$currentTopicNotifyRecID = DB_getItem($_TABLES['forum_watch'], 'id', "forum_id='{$forum}' AND topic_id={$id} AND uid='{$uid}'");
$currentTopicUnNotifyRecID = DB_getItem($_TABLES['forum_watch'], 'id', "forum_id='{$forum}' AND topic_id={$nid} AND uid='{$uid}'");
if ($notify == 'on' and $currentForumNotifyRecID < 1) {
$sql = "INSERT INTO {$_TABLES['forum_watch']} (forum_id,topic_id,uid,date_added) ";
$sql .= "VALUES ('{$forum}','{$id}','{$_USER['uid']}',now() )";
DB_query($sql);
} elseif ($notify == 'on' and $currentTopicUnNotifyRecID > 1) {
// Had un-subcribed to topic and now wants to subscribe
DB_query("DELETE FROM {$_TABLES['forum_watch']} WHERE id={$currentTopicUnNotifyRecID}");
示例15: savelink
/**
* Saves link to the database
*
* @param string $lid ID for link
* @param string $old_lid old ID for link
* @param string $cid cid of category link belongs to
* @param string $categorydd Category links belong to
* @param string $url URL of link to save
* @param string $description Description of link
* @param string $title Title of link
* @param int $hits Number of hits for link
* @param int $owner_id ID of owner
* @param int $group_id ID of group link belongs to
* @param int $perm_owner Permissions the owner has
* @param int $perm_group Permissions the group has
* @param int $perm_members Permissions members have
* @param int $perm_anon Permissions anonymous users have
* @return string HTML redirect or error message
* @global array core config vars
* @global array core group data
* @global array core table data
* @global array core user data
* @global array core msg data
* @global array links plugin lang admin vars
*
*/
function savelink($lid, $old_lid, $cid, $categorydd, $url, $description, $title, $hits, $owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon)
{
global $_CONF, $_GROUPS, $_TABLES, $_USER, $MESSAGE, $LANG_LINKS_ADMIN, $_LI_CONF;
$retval = '';
// Convert array values to numeric permission values
if (is_array($perm_owner) or is_array($perm_group) or is_array($perm_members) or is_array($perm_anon)) {
list($perm_owner, $perm_group, $perm_members, $perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
}
// Remove any autotags the user doesn't have permission to use
$description = PLG_replaceTags($description, '', true);
// clean 'em up
$description = DB_escapeString(COM_checkHTML(COM_checkWords($description), 'links.edit'));
$title = DB_escapeString(strip_tags(COM_checkWords($title)));
$cid = DB_escapeString($cid);
if (empty($owner_id)) {
// this is new link from admin, set default values
$owner_id = $_USER['uid'];
if (isset($_GROUPS['Links Admin'])) {
$group_id = $_GROUPS['Links Admin'];
} else {
$group_id = SEC_getFeatureGroup('links.edit');
}
$perm_owner = 3;
$perm_group = 2;
$perm_members = 2;
$perm_anon = 2;
}
$lid = COM_sanitizeID($lid);
$old_lid = COM_sanitizeID($old_lid);
if (empty($lid)) {
if (empty($old_lid)) {
$lid = COM_makeSid();
} else {
$lid = $old_lid;
}
}
// check for link id change
if (!empty($old_lid) && $lid != $old_lid) {
// check if new lid is already in use
if (DB_count($_TABLES['links'], 'lid', $lid) > 0) {
// TBD: abort, display editor with all content intact again
$lid = $old_lid;
// for now ...
}
}
$access = 0;
$old_lid = DB_escapeString($old_lid);
if (DB_count($_TABLES['links'], 'lid', $old_lid) > 0) {
$result = DB_query("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['links']} WHERE lid = '{$old_lid}'");
$A = DB_fetchArray($result);
$access = SEC_hasAccess($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']);
} else {
$access = SEC_hasAccess($owner_id, $group_id, $perm_owner, $perm_group, $perm_members, $perm_anon);
}
if ($access < 3 || !SEC_inGroup($group_id)) {
$display .= COM_showMessageText($MESSAGE[29], $MESSAGE[30]);
$display = COM_createHTMLDocument($display, array('pagetitle' => $MESSAGE[30]));
COM_accessLog("User {$_USER['username']} tried to illegally submit or edit link {$lid}.");
COM_output($display);
exit;
} elseif (!empty($title) && !empty($description) && !empty($url)) {
if ($categorydd != $LANG_LINKS_ADMIN[7] && !empty($categorydd)) {
$cid = DB_escapeString($categorydd);
} else {
if ($categorydd != $LANG_LINKS_ADMIN[7]) {
echo COM_refresh($_CONF['site_admin_url'] . '/plugins/links/index.php');
}
}
DB_delete($_TABLES['linksubmission'], 'lid', $old_lid);
DB_delete($_TABLES['links'], 'lid', $old_lid);
DB_save($_TABLES['links'], 'lid,cid,url,description,title,date,hits,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon', "'{$lid}','{$cid}','{$url}','{$description}','{$title}',NOW(),'{$hits}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon}");
if (empty($old_lid) || $old_lid == $lid) {
PLG_itemSaved($lid, 'links');
} else {
//.........這裏部分代碼省略.........