/**
* Add "root" category and fix categories
*
*/
function links_update_set_categories()
{
global $_TABLES, $_LI_CONF;
if (empty($_LI_CONF['root'])) {
$_LI_CONF['root'] = 'site';
}
$root = DB_escapeString($_LI_CONF['root']);
DB_query("INSERT INTO {$_TABLES['linkcategories']} (cid, pid, category, description, tid, created, modified, group_id, owner_id, perm_owner, perm_group, perm_members, perm_anon) VALUES ('{$root}', 'root', 'Root', 'Website root', NULL, NOW(), NOW(), 5, 2, 3, 3, 2, 2)");
// get Links admin group number
$group_id = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Links Admin'");
// loop through adding to category table, then update links table with cids
$result = DB_query("SELECT DISTINCT cid AS category FROM {$_TABLES['links']}");
$nrows = DB_numRows($result);
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$category = DB_escapeString($A['category']);
$cid = $category;
DB_query("INSERT INTO {$_TABLES['linkcategories']} (cid,pid,category,description,tid,owner_id,group_id,created,modified) VALUES ('{$cid}','{$root}','{$category}','{$category}','all',2,'{$group_id}',NOW(),NOW())", 1);
if ($cid != $category) {
// still experimenting ...
DB_query("UPDATE {$_TABLES['links']} SET cid='{$cid}' WHERE cid='{$category}'", 1);
}
if (DB_error()) {
echo "Error inserting categories into linkcategories table";
return false;
}
}
}
/**
* Execute the SQL statement to perform a version upgrade.
* An empty SQL parameter will return success.
*
* @param string $version Version being upgraded to
* @param array $sql SQL statement to execute
* @return integer Zero on success, One on failure.
*/
function EXP_upgrade_sql($version = 'Undefined', $sql = '')
{
global $_TABLES, $_CONF_EXP;
// We control this, so it shouldn't happen, but just to be safe...
if ($version == 'Undefined') {
COM_errorLog("Error updating {$_CONF_EXP['pi_name']} - Undefined Version");
return 1;
}
// If no sql statements passed in, return success
if (!is_array($sql)) {
return 0;
}
// Execute SQL now to perform the upgrade
COM_errorLOG("--Updating External Pages to version {$version}");
for ($i = 1; $i <= count($sql); $i++) {
COM_errorLOG("External Pages Plugin {$version} update: Executing SQL => " . current($sql));
DB_query(current($sql), '1');
if (DB_error()) {
COM_errorLog("SQL Error during External Pages plugin update", 1);
return 1;
break;
}
next($sql);
}
return 0;
}
function update_150_to_151()
{
global $_TABLES, $_CONF, $_SP_CONF;
$P_SQL = array();
$P_SQL[] = "ALTER TABLE {$_TABLES['staticpage']} ADD sp_search tinyint(4) NOT NULL default '1' AFTER postmode";
// allow searching on all existing static pages
$P_SQL[] = "UPDATE {$_TABLES['staticpage']} SET sp_search = 1";
$P_SQL[] = "UPDATE {$_TABLES['plugins']} SET pi_version = '1.5.1', pi_gl_version = '1.1.0', pi_homepage='http://www.glfusion.org' WHERE pi_name = 'staticpages'";
foreach ($P_SQL as $sql) {
$rst = DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("StaticPage Update Error: Could not execute the following SQL: " . $sql);
return false;
}
}
$res = DB_query("SELECT * FROM {$_TABLES['vars']} WHERE name='sp_fix_01'");
if (DB_numRows($res) < 1) {
$sql = "SELECT * FROM {$_TABLES['staticpage']}";
$result = DB_query($sql);
while ($A = DB_fetchArray($result)) {
$newcontent = stripslashes($A['sp_content']);
$newcontent = mysql_real_escape_string($newcontent);
DB_query("UPDATE {$_TABLES['staticpage']} SET sp_content='" . $newcontent . "' WHERE sp_id='" . $A['sp_id'] . "'");
}
DB_query("INSERT INTO {$_TABLES['vars']} VALUES ('sp_fix_01', 1)", 1);
}
return true;
}
/**
* Disable incompatible plugins to prevent an error which will occur during
* the upgrade process.
*
* @link http://code.google.com/p/geeklog-jp/wiki/manage151
*/
function GEEKLOGJP_disablePlugins()
{
global $_TABLES;
/**
* Geeklog-1.5.xで動作確認の取れているプラグインのリスト。
* $allowed_plugins['プラグイン英語名'] = '動作する最低バージョン' のフォー
* マット。Geeklogに同梱されているプラグインはチェック不要なので、バージョン
* は '*' とする。
*/
$allowed_plugins = array('staticpages' => '*', 'links' => '*', 'polls' => '*', 'calendar' => '*', 'autotags' => '1.01', 'calendarjp' => '1.1.6', 'captcha' => '3.5.5', 'custommenu' => '0.2.2', 'dataproxy' => '2.0.0', 'dbman' => '0.7.1', 'filemgmt' => '1.6.0.jp3', 'forum' => '2.9.0hg', 'japanize' => '2.1.0', 'mycaljp' => '2.0.5', 'nmoxtopicown' => '1.0.12', 'sitemap' => '1.1.2', 'themedit' => '1.2.1');
$sqls = array();
$sql = "SELECT pi_name, pi_version " . "FROM {$_TABLES['plugins']} " . "WHERE (pi_enabled = '1') ";
$result = DB_query($sql);
if (!DB_error()) {
while (($A = DB_fetchArray($result)) !== false) {
$pi_name = $A['pi_name'];
$pi_version = $A['pi_version'];
if (array_key_exists($pi_name, $allowed_plugins)) {
if ($allowed_plugins[$pi_name] == '*' or version_compare($pi_version, $allowed_plugins[$pi_name]) >= 0) {
continue;
}
}
$sqls[] = "UPDATE {$_TABLES['plugins']} " . "SET pi_enabled = '0' " . "WHERE (pi_name = '" . addslashes($pi_name) . "') ";
}
if (count($sqls) > 0) {
foreach ($sqls as $sql) {
DB_query($sql);
}
}
}
}
function update_tables()
{
global $_TABLES;
global $_CONF;
//マスタのデータ
$_SQL = array();
//=====SQL 定義 ココから
// 更新が必要なところの条件を変更して使用してください
if (1 === 0) {
//カテゴリ定義に親カテゴリIDとグループID追加
$_SQL[] = "\n\t\tCREATE TABLE {$_TABLES['DATABOX_def_fieldset']} (\n\t\t`fieldset_id` int(11) NOT NULL,\n\t\t`name` varchar(64) NOT NULL,\n\t\t`description` mediumtext,\n\t\t`udatetime` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n\t\t`uuid` mediumint(8) NOT NULL,\n\t\tPRIMARY KEY (`fieldset_id`)\n\t\t) ENGINE=MyISAM\n\t\t";
//属性セット関連
$_SQL[] = "\n\t\tCREATE TABLE {$_TABLES['DATABOX_def_fieldset_assignments']} (\n\t\t`seq` int(11) NOT NULL AUTO_INCREMENT,\n\t\t`fieldset_id` int(11) NOT NULL,\n\t\t`field_id` int(11) NOT NULL,\n\t\tPRIMARY KEY (`seq`),\n\t\tKEY `fieldset_id` (`fieldset_id`)\n\t\t) ENGINE=MyISAM\n\t\t";
$_SQL[] = "\n ALTER TABLE {$_TABLES['DATABOX_base']}\n\t\tADD `fieldset_id` int(11) NOT NULL default 0 AFTER `orderno`,\n ";
}
//=====SQL 定義 ココまで
//------------------------------------------------------------------
for ($i = 1; $i <= count($_SQL); $i++) {
$w = current($_SQL);
DB_query(current($_SQL));
next($_SQL);
}
if (DB_error()) {
COM_errorLog("error DataBox table update ", 1);
return false;
}
COM_errorLog("Success - DataBox table update", 1);
return "end";
}
function show($e_code, $pages = 1)
{
global $_CONF;
$errmsg = array("0001" => "Could not connect to the forums database.", "0002" => "The forum you selected does not exist. Please go back and try again.", "0003" => "Password Incorrect.", "0004" => "Could not query the topics database.", "0005" => "Error getting messages from the database.", "0006" => "Please enter the Nickname and the Password.", "0007" => "You are not the Moderator of this forum therefore you can't perform this function.", "0008" => "You did not enter the correct password, please go back and try again.", "0009" => "Could not remove posts from the database.", "0010" => "Could not move selected topic to selected forum. Please go back and try again.", "0011" => "Could not lock the selected topic. Please go back and try again.", "0012" => "Could not unlock the selected topic. Please go back and try again.", "0013" => "Could not query the database. <BR>Error: " . DB_error() . "", "0014" => "No such user or post in the database.", "0015" => "Search Engine was unable to query the forums database.", "0016" => "That user does not exist. Please go back and search again.", "0017" => "You must type a subject to post. You can't post an empty subject. Go back and enter the subject", "0018" => "You must choose message icon to post. Go back and choose message icon.", "0019" => "You must type a message to post. You can't post an empty message. Go back and enter a message.", "0020" => "Could not enter data into the database. Please go back and try again.", "0021" => "Can't delete the selected message.", "0022" => "An error ocurred while querying the database.", "0023" => "Selected message was not found in the forum database.", "0024" => "You can't reply to that message. It wasn't sent to you.", "0025" => "You can't post a reply to this topic, it has been locked. Contact the administrator if you have any question.", "0026" => "The forum or topic you are attempting to post to does not exist. Please try again.", "0027" => "You must enter your username and password. Go back and do so.", "0028" => "You have entered an incorrect password. Go back and try again.", "0029" => "Couldn't update post count.", "0030" => "The forum you are attempting to post to does not exist. Please try again.", "0031" => "Unknown Error", "0035" => "You can't edit a post that's not yours.", "0036" => "You do not have permission to edit this post.", "0037" => "You did not supply the correct password or do not have permission to edit this post. Please go back and try again.", "1001" => "Please enter value for Title.", "1002" => "Please enter value for Phone.", "1003" => "Please enter value for Summary.", "1004" => "Please enter value for Address.", "1005" => "Please enter value for City.", "1006" => "Please enter value for State/Province.", "1007" => "Please enter value for Zipcode.", "1008" => "Please enter value for Description.", "1009" => "Vote for the selected resource only once.<br>All votes are logged and reviewed.", "1010" => "You cannot vote on the resource you submitted.<br>All votes are logged and reviewed.", "1011" => "No rating selected - no vote tallied.", "1013" => "Please enter a search query.", "1016" => "Please enter value for Filename.", "1017" => "The file was not uploaded - reported filesize of 0 bytes.", "1101" => "Upload approval Error: The temporary file was not found. Check error.log", "1102" => "Upload submit Error: The temporary filestore file was not created. Check error.log", "1103" => "The download info you provided is already in the database!", "1104" => "The download info was not complete - Need to enter a title for the new file", "1105" => "The download info was not complete - Need to enter a description for the new file", "1106" => "Upload Add Error: The new file was not created. Check error.log", "1107" => "Upload Add Error: The temporary file was not found. Check error.log", "1108" => "Duplicate file - already existing in filestore", "1109" => "File type not allowed", "1110" => "You must define and select a category for the uploaded file", "9999" => "Unknown Error");
// determine the destination of this request
$destination = COM_getCurrentURL();
// validate the destination is not blank and is part of our site...
if ($destination == '') {
$destination = $_CONF['site_url'] . '/filemgmt/index.php';
}
if (substr($destination, 0, strlen($_CONF['site_url'])) != $_CONF['site_url']) {
$destination = $_CONF['site_url'] . '/filemgmt/index.php';
}
$errorno = array_keys($errmsg);
if (!in_array($e_code, $errorno)) {
$e_code = '9999';
}
include_once $_CONF['path'] . 'plugins/filemgmt/include/header.php';
$display = COM_siteHeader('menu');
$display .= '<table width="100%" class="plugin" border="0" cellspacing="0" cellpadding="1">';
$display .= '<tr><td class="pluginAlert" style="text-align:right;padding:5px;">File Management Plugin</td>';
$display .= "<td class=\"pluginAlert\" width=\"50%\" style=\"padding:5px 0px 5px 10px;\">Error Code: {$e_code}</td></tr>";
$display .= "<tr><td colspan=\"2\" class=\"pluginInfo\"><b>ERROR:</b> {$errmsg[$e_code]}</td></tr>";
$display .= '<tr><td colspan="2" class="pluginInfo" style="text-align:center;padding:10px;">';
$display .= '[ <a href="' . $destination . '">Go Back</a> ]</td></tr></table>';
$display .= COM_siteFooter();
echo $display;
die("");
}
function plugin_install_captcha()
{
global $pi_name, $pi_version, $gl_version, $pi_url, $NEWTABLE, $DEFVALUES, $NEWFEATURE;
global $_TABLES, $_CONF, $LANG_CP00, $_DB_dbms;
COM_errorLog("Attempting to install the {$pi_name} Plugin", 1);
$_SQL['cp_config'] = "CREATE TABLE {$_TABLES['cp_config']} ( " . " `config_name` varchar(255) NOT NULL default '', " . " `config_value` varchar(255) NOT NULL default '', " . " PRIMARY KEY (`config_name`) " . " );";
$_SQL['cp_sessions'] = "CREATE TABLE {$_TABLES['cp_sessions']} ( " . " `session_id` varchar(40) NOT NULL default '', " . " `cptime` INT(11) NOT NULL default 0, " . " `validation` varchar(40) NOT NULL default '', " . " `counter` TINYINT(4) NOT NULL default 0, " . " PRIMARY KEY (`session_id`) " . " );";
foreach ($_SQL as $table => $sql) {
COM_errorLog("Creating {$table} table", 1);
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog("Error Creating {$table} table", 1);
plugin_uninstall_captcha();
return false;
exit;
}
COM_errorLog("Success - Created {$table} table", 1);
}
$SQL_DEFAULTS = "INSERT INTO `{$_TABLES['cp_config']}` (`config_name`, `config_value`) VALUES " . " ('anonymous_only', '1'), " . " ('remoteusers','0'), " . " ('debug', '0'), " . " ('enable_comment', '0'), " . " ('enable_contact', '0'), " . " ('enable_emailstory', '0'), " . " ('enable_forum', '0'), " . " ('enable_registration', '0'), " . " ('enable_story', '0'), " . " ('gfxDriver', '2'), " . " ('gfxFormat', 'jpg'), " . " ('gfxPath', '');";
DB_query($SQL_DEFAULTS, 1);
// Register the plugin with Geeklog
COM_errorLog("Registering {$pi_name} plugin with Geeklog", 1);
DB_delete($_TABLES['plugins'], 'pi_name', 'captcha');
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) " . "VALUES ('{$pi_name}', '{$pi_version}', '{$gl_version}', '{$pi_url}', 1)");
if (DB_error()) {
COM_errorLog("Failure registering plugin with Geeklog");
plugin_uninstall_captcha();
return false;
exit;
}
// Create initial log entry
CAPTCHA_errorLog("CAPTCHA Plugin Successfully Installed");
COM_errorLog("Successfully installed the {$pi_name} Plugin!", 1);
return true;
}
function nexform_importForm($_SQL, $cntr)
{
global $CONF_FE, $_TABLES;
DB_query($_SQL[0], '1');
if (DB_error()) {
COM_errorLog("nexform SQL error importing form: {$_SQL[0]}");
}
$newformid = DB_insertID();
/* Delete any previous imported form field definition records
New field definition records will have a formid of '99999' assigned
Insert the new records and then update to match the new form definition
*/
DB_query("DELETE FROM {$_TABLES['nxform_fields']} WHERE formid='{$cntr}'");
next($_SQL);
// Increment to the field definition records
for ($i = 1; $i < count($_SQL); $i++) {
DB_query(current($_SQL), '1');
if (DB_error()) {
COM_errorLog("executing " . current($_SQL));
COM_errorLog("Error executing SQL", 1);
exit;
}
next($_SQL);
}
DB_query("UPDATE {$_TABLES['nxform_fields']} set formid='{$newformid}' WHERE formid='{$cntr}'");
// Need to cycle thru the fields now and update any fieldnames if auto fieldname used
$query = DB_query("SELECT id,type FROM {$_TABLES['nxform_fields']} WHERE formid='{$newformid}' AND field_name LIKE '%_frm%'");
while (list($fieldid, $fieldtype) = DB_fetchArray($query)) {
$fieldname = "{$CONF_FE['fieldtypes'][$fieldtype][0]}{$newformid}_{$fieldid}";
DB_query("UPDATE {$_TABLES['nxform_fields']} set field_name='{$fieldname}' WHERE id='{$fieldid}'");
}
}
function doValidLogin($login)
{
global $_CONF, $_TABLES, $status, $uid;
// Remote auth precludes usersubmission,
// and integrates user activation, see?;
$status = USER_ACCOUNT_ACTIVE;
// PHP replaces "." with "_"
$openid_identity = DB_escapeString($this->query['openid_identity']);
$openid_nickname = '';
if (isset($this->query['openid_sreg_nickname'])) {
$openid_nickname = $this->query['openid_sreg_nickname'];
}
// Check if that account is already registered.
$result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'");
$tmp = DB_error();
$nrows = DB_numRows($result);
if (!($tmp == 0) || !($nrows == 1)) {
// First time login with this OpenID, creating account...
if ($_CONF['disable_new_user_registration']) {
// not strictly correct - just to signal a failed login attempt
$status = USER_ACCOUNT_DISABLED;
$uid = 0;
return;
}
if (empty($openid_nickname)) {
$openid_nickname = $this->makeUsername($this->query['openid_identity']);
}
// we simply can't accept empty usernames ...
if (empty($openid_nickname)) {
COM_errorLog('Got an empty username for ' . $openid_identity);
// not strictly correct - just to signal a failed login attempt
$status = USER_ACCOUNT_DISABLED;
$uid = 0;
return;
}
// Ensure that remoteusername is unique locally.
$openid_nickname = USER_uniqueUsername($openid_nickname);
$openid_sreg_email = '';
if (isset($this->query['openid_sreg_email'])) {
$openid_sreg_email = $this->query['openid_sreg_email'];
}
$openid_sreg_fullname = '';
if (isset($this->query['openid_sreg_fullname'])) {
$openid_sreg_fullname = $this->query['openid_sreg_fullname'];
}
USER_createAccount($openid_nickname, $openid_sreg_email, '', $openid_sreg_fullname, '', $this->query['openid_identity'], 'openid');
$uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '******' AND remoteservice = 'openid'");
// Store full remote account name:
DB_query("UPDATE {$_TABLES['users']} SET remoteusername = '******', remoteservice = 'openid', status = 3 WHERE uid = {$uid}");
// Add to remote users:
$remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$remote_grp}, {$uid})");
} else {
$result = DB_query("SELECT uid,status FROM {$_TABLES['users']} WHERE remoteusername = '******' AND remoteservice = 'openid'");
list($uid, $status) = DB_fetchArray($result);
}
}
/**
* Returns DB server version
*/
function dbman_getDBVersion()
{
$rst = DB_query("SHOW VARIABLES");
if (!DB_error()) {
while (($r = DB_fetchArray($rst)) !== FALSE) {
if ($r['Variable_name'] === 'version') {
return $r['Value'];
}
}
}
return 'unavailable';
}
function update_tables()
{
global $_TABLES;
global $_CONF;
//マスタのデータ
$_SQL = array();
// 更新が必要なところの条件を変更して使用してください
//20110208
if (1 === 0) {
$_SQL[] = "\n ALTER TABLE {$_TABLES['USERBOX_base']}\n CHANGE `orderno` `orderno` INT( 2 ) NOT NULL DEFAULT '0'\n ";
$_SQL[] = "\n ALTER TABLE {$_TABLES['USERBOX_base']}\n CHANGE `expired` `expired` DATETIME NOT NULL DEFAULT '0000-00-00 00:00:00'\n ";
}
//20110622
// userbox.edit (gl_feature) add
if (1 === 0) {
$_SQL[] = "\n INSERT INTO {$_TABLES['features']} (\n `ft_name` ,\n `ft_descr` ,\n `ft_gl_core`\n )\n VALUES (\n\t\t'userbox.edit', 'can edit profile to userbox plugin', '0'\n )\n\t\t";
$_SQL[] = "\n INSERT INTO {$_TABLES['features']} (\n `ft_name` ,\n `ft_descr` ,\n `ft_gl_core`\n )\n VALUES (\n\t\t'userbox.joingroup', 'can edit join group to userbox plugin', '0'\n )\n\t\t";
}
//20110803
// group_id=0 add
if (1 === 0) {
$_SQL[] = "\n\t\tINSERT INTO {$_TABLES['USERBOX_def_group']} (\n\t\t`group_id` \n\t\t)\n\t\tVALUES (\n\t\t'0'\n\t\t);\n\t\t";
}
//20110826
// group_id=0 add
if (1 === 0) {
$_SQL[] = "\n\t\tALTER TABLE {$_TABLES['USERBOX_base']}\n\t\tADD `eyechatchingimage` MEDIUMTEXT NULL AFTER `defaulttemplatesdirectory` \n\t\t";
}
//20110915
// group_id=0 add
if (1 === 1) {
$_SQL[] = "\n INSERT INTO {$_TABLES['features']} (\n `ft_name` ,\n `ft_descr` ,\n `ft_gl_core`\n )\n VALUES (\n\t\t'userbox.user', 'Can register to UserBox', '0'\n )\n\t\t";
}
//------------------------------------------------------------------
for ($i = 1; $i <= count($_SQL); $i++) {
$w = current($_SQL);
DB_query(current($_SQL));
next($_SQL);
}
if (DB_error()) {
COM_errorLog("error UserBox table update ", 1);
return false;
}
COM_errorLog("Success - UserBox table update", 1);
return "end";
}
/**
* Delete an ad and associated photos
*
* @param integer $ad_id Ad ID number
* @param boolean $admin True if this is an administrator
*/
function adDelete($ad_id = '', $admin = false, $table = 'ad_ads')
{
global $_USER, $_TABLES, $_CONF_ADVT;
$ad_id = COM_sanitizeID($ad_id);
if ($ad_id == '') {
return 1;
}
if ($table != 'ad_ads' && $table != 'ad_submission') {
return 2;
}
// Check the user's access level. If this is an admin call,
// force access to read-write.
$myaccess = $admin ? 3 : CLASSIFIEDS_checkAccess($ad_id);
if ($myaccess < 3) {
return 3;
}
/* $selection = "ad_id = '$ad_id'";
if (!$admin) {
$selection.= " AND uid={$_USER['uid']}";
}
$ad = DB_getItem($_TABLES[$table], 'ad_id', $selection);
if ($ad == '')
return 5;*/
// If we've gotten this far, then the current user has access
// to delete this ad.
if ($table == 'ad_submission') {
// Do the normal plugin rejection stuff
plugin_moderationdelete_classifieds($ad_id);
} else {
// Do the extra cleanup manually
if (deletePhotos($ad_id) != 0) {
return 5;
}
}
// After the cleanup stuff, delete the ad record itself.
DB_delete($_TABLES[$table], 'ad_id', $ad_id);
CLASSIFIEDS_auditLog("Ad {$ad_id} deleted.");
if (DB_error()) {
COM_errorLog(DB_error());
return 4;
} else {
return 0;
}
}
function MG_batchDeleteSession()
{
global $_MG_CONF, $_CONF, $_TABLES;
if (!empty($_POST['sel'])) {
$numItems = count($_POST['sel']);
for ($i = 0; $i < $numItems; $i++) {
DB_delete($_TABLES['mg_session_items'], 'session_id', $_POST['sel'][$i]);
if (DB_error()) {
COM_errorLog("Media Gallery Error: Error removing session items");
}
DB_delete($_TABLES['mg_sessions'], 'session_id', $_POST['sel'][$i]);
if (DB_error()) {
COM_errorLog("Media Gallery Error: Error removing session");
}
}
}
echo COM_refresh($_MG_CONF['admin_url'] . 'sessions.php');
exit;
}
/**
* Hook up pollquestions with polltopics
*
*/
function polls_update_polltopics()
{
global $_TABLES;
$move_sql = "SELECT pid, topic FROM {$_TABLES['polltopics']}";
$move_rst = DB_query($move_sql);
$count_move = DB_numRows($move_rst);
for ($i = 0; $i < $count_move; $i++) {
$A = DB_fetchArray($move_rst);
$A[1] = mysql_real_escape_string($A[1]);
$P_SQL[] = "INSERT INTO {$_TABLES['pollquestions']} (pid, question) VALUES ('{$A[0]}','{$A[1]}');";
}
foreach ($P_SQL as $sql) {
$rst = DB_query($sql);
if (DB_error()) {
echo "There was an error upgrading the polls, SQL: {$sql}<br>";
return false;
}
}
}
function MG_batchDeleteSession()
{
global $_MG_CONF, $_CONF, $_TABLES, $_POST;
$numItems = count($_POST['sel']);
for ($i = 0; $i < $numItems; $i++) {
$sql = "DELETE FROM {$_TABLES['mg_session_items']} WHERE session_id='" . $_POST['sel'][$i] . "'";
$result = DB_query($sql);
if (DB_error()) {
COM_errorLog("Media Gallery Error: Error removing session items");
}
$sql = "DELETE FROM {$_TABLES['mg_sessions']} WHERE session_id='" . $_POST['sel'][$i] . "'";
$result = DB_query($sql);
if (DB_error()) {
COM_errorLog("Media Gallery Error: Error removing session");
}
}
echo COM_refresh($_MG_CONF['admin_url'] . 'sessions.php');
exit;
}
/**
* Return replacements for a given email address
*
* @param string $address
* @return array
*/
public function getReplacementsFor($address)
{
global $_CONF, $_TABLES;
$retval = array();
$address = DB_escapeString($address);
$sql = <<<SQL
SELECT u.*, i.location, i.lastgranted, i.lastlogin FROM {$_TABLES['users']} AS u
LEFT JOIN {$_TABLES['userinfo']} AS i
ON u.uid = i.uid
WHERE u.email = '{$address}'
SQL;
$resultSet = DB_query($sql);
if (!DB_error()) {
$A = DB_fetchArray($resultSet, false);
if (is_array($A) && count($A) > 0) {
$retval = array('{uid}' => $A['uid'], '{username}' => $A['username'], '{fullname}' => $A['fullname'], '{email}' => $A['email'], '{homepage}' => $A['homepage'], '{theme}' => $A['theme'], '{language}' => $A['language'], '{location}' => $A['location'], '{lastgranted}' => $A['lastgranted'], '{lastlogin}' => $A['lastlogin'], '{site_url}' => $_CONF['site_url'], '{site_name}' => $_CONF['site_name'], '{site_slogan}' => $_CONF['site_slogan'], '{owner_name}' => $_CONF['owner_name'], '{copyrightyear}' => $_CONF['copyrightyear'], '{site_mail}' => $_CONF['site_mail'], '{noreply_mail}' => $_CONF['noreply_mail']);
}
}
return $retval;
}
function upgrade_StaticpagesPlugin()
{
global $_CONF, $_TABLES;
$plugin_path = $_CONF['path'] . 'plugins/staticpages/';
$P_SQL = array();
$P_SQL[] = "ALTER TABLE {$_TABLES['staticpage']} ADD sp_search tinyint(4) NOT NULL default '1' AFTER postmode";
// allow searching on all existing static pages
$P_SQL[] = "UPDATE {$_TABLES['staticpage']} SET sp_search = 1";
$P_SQL[] = "UPDATE {$_TABLES['plugins']} SET pi_version = '1.5.1', pi_gl_version = '1.1.0', pi_homepage='http://www.glfusion.org' WHERE pi_name = 'staticpages'";
foreach ($P_SQL as $sql) {
$rst = DB_query($sql, 1);
if (DB_error()) {
echo "There was an error upgrading the Static Pages plugin, SQL: {$sql}<br>";
}
}
if (file_exists($plugin_path . 'config.php')) {
// Rename the existing config.php as it's not needed any more
$ren = @rename($plugin_path . 'config.php', $plugin_path . 'config-pre1.1.0.php');
}
return true;
}
/**
* Returns the content of a given staticpage
*
* @author mystral-kk - geeklog AT mystral-kk DOT net
* @license GPL v2
* @param $sp_id string an id of a staticpage
* @return string the content of the staticpage
*/
function CUSTOM_getStaticpage($sp_id)
{
global $_TABLES, $_PLUGINS, $_SP_CONF, $LANG_STATIC;
$retval = '';
if (!in_array('staticpages', $_PLUGINS)) {
return $retval;
}
$sql = "SELECT sp_php, sp_content FROM {$_TABLES['staticpage']} " . "WHERE (sp_id = '" . addslashes($sp_id) . "') " . "AND " . SP_getPerms();
$result = DB_query($sql);
if (DB_error() or DB_numRows($result) == 0) {
return $retval;
} else {
$A = DB_fetchArray($result);
$sp_php = $A['sp_php'];
$sp_content = stripslashes($A['sp_content']);
}
if ($_SP_CONF['allow_php'] == 1) {
// Check for type (i.e. html or php)
if ($sp_php == 1) {
$retval .= eval($sp_content);
} else {
if ($sp_php == 2) {
ob_start();
eval($sp_content);
$retval .= ob_get_contents();
ob_end_clean();
} else {
$retval .= PLG_replacetags($sp_content);
}
}
} else {
if ($sp_php != 0) {
COM_errorLog("PHP in static pages is disabled. Cannot display page '{$sp_id}'.", 1);
$retval .= $LANG_STATIC['deny_msg'];
} else {
$retval .= $sp_content;
}
}
return $retval;
}
/**
* Do the actual plugin auto install
*
* @param string $plugin Plugin name
* @param array $inst_parms Installation parameters for the plugin
* @param boolean $verbose true: enable verbose logging
* @return boolean true on success, false otherwise
*
*/
function plugin_do_autoinstall($plugin, $inst_parms, $verbose = true)
{
global $_CONF, $_TABLES, $_USER, $_DB_dbms, $_DB_table_prefix;
$base_path = $_CONF['path'] . 'plugins/' . $plugin . '/';
if ($verbose) {
COM_errorLog("Attempting to install the '{$plugin}' plugin", 1);
}
// sanity checks in $inst_parms
if (isset($inst_parms['info'])) {
$pi_name = $inst_parms['info']['pi_name'];
$pi_version = $inst_parms['info']['pi_version'];
$pi_gl_version = $inst_parms['info']['pi_gl_version'];
$pi_homepage = $inst_parms['info']['pi_homepage'];
}
if (empty($pi_name) || $pi_name != $plugin || empty($pi_version) || empty($pi_gl_version) || empty($pi_homepage)) {
COM_errorLog('Incomplete plugin info', 1);
return false;
}
// add plugin tables, if any
if (!empty($inst_parms['tables'])) {
$tables = $inst_parms['tables'];
foreach ($tables as $table) {
$_TABLES[$table] = $_DB_table_prefix . $table;
}
}
// Create the plugin's group(s), if any
$groups = array();
$admin_group_id = 0;
if (!empty($inst_parms['groups'])) {
$groups = $inst_parms['groups'];
foreach ($groups as $name => $desc) {
if ($verbose) {
COM_errorLog("Attempting to create '{$name}' group", 1);
}
$grp_name = addslashes($name);
$grp_desc = addslashes($desc);
$sql = array();
$sql['pgsql'] = "INSERT INTO {$_TABLES['groups']} (grp_id,grp_name, grp_descr) VALUES ((SELECT NEXTVAL('{$_TABLES['groups']}_grp_id_seq')),'{$grp_name}', '{$grp_desc}')";
$sql['mysql'] = "INSERT INTO {$_TABLES['groups']} (grp_name, grp_descr) VALUES ('{$grp_name}', '{$grp_desc}')";
$sql['mssql'] = "INSERT INTO {$_TABLES['groups']} (grp_name, grp_descr) VALUES ('{$grp_name}', '{$grp_desc}')";
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog('Error creating plugin group', 1);
PLG_uninstall($plugin);
return false;
}
// keep the new group's ID for use in the mappings section (below)
$groups[$name] = DB_insertId();
// assume that the first group is the plugin's Admin group
if ($admin_group_id == 0) {
$admin_group_id = $groups[$name];
}
}
}
// Create the plugin's table(s)
$_SQL = array();
$DEFVALUES = array();
if (file_exists($base_path . 'sql/' . $_DB_dbms . '_install.php')) {
require_once $base_path . 'sql/' . $_DB_dbms . '_install.php';
}
if (count($_SQL) > 0) {
$use_innodb = false;
if ($_DB_dbms == 'mysql' && DB_getItem($_TABLES['vars'], 'value', "name = 'database_engine'") == 'InnoDB') {
$use_innodb = true;
}
foreach ($_SQL as $sql) {
$sql = str_replace('#group#', $admin_group_id, $sql);
if ($use_innodb) {
$sql = str_replace('MyISAM', 'InnoDB', $sql);
}
DB_query($sql);
if (DB_error()) {
COM_errorLog('Error creating plugin table', 1);
PLG_uninstall($plugin);
return false;
}
}
}
// Add the plugin's features
if ($verbose) {
COM_errorLog("Attempting to add '{$plugin}' features", 1);
}
$features = array();
$mappings = array();
if (!empty($inst_parms['features'])) {
$features = $inst_parms['features'];
if (!empty($inst_parms['mappings'])) {
$mappings = $inst_parms['mappings'];
}
foreach ($features as $feature => $desc) {
$ft_name = addslashes($feature);
$ft_desc = addslashes($desc);
$sql = array();
$sql['pgsql'] = "INSERT INTO {$_TABLES['features']} (ft_id,ft_name, ft_descr)\n VALUES ((SELECT nextval('{$_TABLES['features']}_ft_id_seq')),'{$ft_name}', '{$ft_desc}')";
$sql['mysql'] = "INSERT INTO {$_TABLES['features']} (ft_name, ft_descr)\n VALUES ('{$ft_name}', '{$ft_desc}')";
$sql['mysql'] = "INSERT INTO {$_TABLES['features']} (ft_name, ft_descr)\n VALUES ('{$ft_name}', '{$ft_desc}')";
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog('Error adding plugin feature', 1);
PLG_uninstall($plugin);
return false;
}
$feat_id = DB_insertId();
if (isset($mappings[$feature])) {
foreach ($mappings[$feature] as $group) {
if ($verbose) {
COM_errorLog("Adding '{$feature}' feature to the '{$group}' group", 1);
}
DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES ({$feat_id}, {$groups[$group]})");
if (DB_error()) {
COM_errorLog('Error mapping plugin feature', 1);
PLG_uninstall($plugin);
return false;
}
}
}
}
}
// Add plugin's Admin group to the Root user group
// (assumes that the Root group's ID is always 1)
if (count($groups) > 0) {
if ($verbose) {
COM_errorLog("Attempting to give all users in the Root group access to the '{$plugin}' Admin group", 1);
}
foreach ($groups as $key => $value) {
DB_query("INSERT INTO {$_TABLES['group_assignments']} VALUES " . "({$value}, NULL, 1)");
if (DB_error()) {
COM_errorLog('Error adding plugin admin group to Root group', 1);
PLG_uninstall($plugin);
return false;
}
}
}
// Pre-populate tables or run any other SQL queries
if (count($DEFVALUES) > 0) {
if ($verbose) {
COM_errorLog('Inserting default data', 1);
}
foreach ($DEFVALUES as $sql) {
$sql = str_replace('#group#', $admin_group_id, $sql);
DB_query($sql, 1);
if (DB_error()) {
COM_errorLog('Error adding plugin default data', 1);
PLG_uninstall($plugin);
return false;
}
}
}
// Load the online configuration records
$load_config = 'plugin_load_configuration_' . $plugin;
if (function_exists($load_config)) {
if (!$load_config($plugin)) {
COM_errorLog('Error loading plugin configuration', 1);
PLG_uninstall($plugin);
return false;
}
require_once $_CONF['path'] . 'system/classes/config.class.php';
$config =& config::get_instance();
$config->initConfig();
// force re-reading, including new plugin conf
}
// Finally, register the plugin with Geeklog
if ($verbose) {
COM_errorLog("Registering '{$plugin}' plugin", 1);
}
// silently delete an existing entry
DB_delete($_TABLES['plugins'], 'pi_name', $plugin);
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled) VALUES " . "('{$plugin}', '{$pi_version}', '{$pi_gl_version}', '{$pi_homepage}', 1)");
if (DB_error()) {
COM_errorLog('Failed to register plugin', 1);
PLG_uninstall($plugin);
return false;
}
// give the plugin a chance to perform any post-install operations
$post_install = 'plugin_postinstall_' . $plugin;
if (function_exists($post_install)) {
if (!$post_install($plugin)) {
COM_errorLog('Plugin postinstall failed', 1);
PLG_uninstall($plugin);
return false;
}
}
if ($verbose) {
COM_errorLog("Successfully installed the '{$plugin}' plugin!", 1);
}
// load plugin here already, for any plugins wanting to act on
// PLG_pluginStateChange($plugin, 'installed') when we return from here
require_once $_CONF['path'] . 'plugins/' . $plugin . '/functions.inc';
return true;
}
function MG_saveMediaEdit($album_id, $media_id, $actionURL)
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03;
$back = COM_applyFilter($_POST['rpath']);
if ($back != '') {
$actionURL = $back;
}
$queue = COM_applyFilter($_POST['queue'], true);
$replacefile = 0;
if (isset($_POST['replacefile'])) {
$replacefile = COM_applyFilter($_POST['replacefile']);
}
if ($replacefile == 1) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$repfilename = $_FILES['repfilename'];
$filename = $repfilename['name'];
$file = $repfilename['tmp_name'];
$opt = array('replace' => $media_id);
list($rc, $msg) = MG_getFile($file, $filename, $album_id, $opt);
COM_errorLog($msg);
}
// see if we had an attached thumbnail before...
$thumb = $_FILES['attthumb'];
$thumbnail = $thumb['tmp_name'];
$att = isset($_POST['attachtn']) ? COM_applyFilter($_POST['attachtn'], true) : 0;
$attachtn = $att == 1 ? 1 : 0;
$table = $queue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media'];
$old_attached_tn = DB_getItem($table, 'media_tn_attached', 'media_id="' . addslashes($media_id) . '"');
if ($old_attached_tn == 0 && $att == 1 && $thumbnail == '') {
$attachtn = 0;
}
$remove_old_tn = 0;
if ($old_attached_tn == 1 && $attachtn == 0) {
$remove_old_tn = 1;
}
$remote_media = DB_getItem($table, 'remote_media', 'media_id="' . addslashes($media_id) . '"');
$remote_url = addslashes(COM_stripslashes($_POST['remoteurl']));
if ($_MG_CONF['htmlallowed']) {
$media_title = COM_checkWords(COM_stripslashes($_POST['media_title']));
$media_desc = COM_checkWords(COM_stripslashes($_POST['media_desc']));
} else {
$media_title = htmlspecialchars(strip_tags(COM_checkWords(COM_stripslashes($_POST['media_title']))));
$media_desc = htmlspecialchars(strip_tags(COM_checkWords(COM_stripslashes($_POST['media_desc']))));
}
$media_time_month = COM_applyFilter($_POST['media_month']);
$media_time_day = COM_applyFilter($_POST['media_day']);
$media_time_year = COM_applyFilter($_POST['media_year']);
$media_time_hour = COM_applyFilter($_POST['media_hour']);
$media_time_minute = COM_applyFilter($_POST['media_minute']);
$original_filename = COM_applyFilter(COM_stripslashes($_POST['original_filename']));
if ($replacefile == 1) {
$original_filename = $filename;
}
$cat_id = COM_applyFilter($_POST['cat_id'], true);
$media_keywords = COM_stripslashes($_POST['media_keywords']);
$media_keywords_safe = substr($media_keywords, 0, 254);
$media_keywords = addslashes(htmlspecialchars(strip_tags(COM_checkWords($media_keywords_safe))));
$artist = addslashes(COM_applyFilter(COM_stripslashes($_POST['artist'])));
$musicalbum = addslashes(COM_applyFilter(COM_stripslashes($_POST['musicalbum'])));
$genre = addslashes(COM_applyFilter(COM_stripslashes($_POST['genre'])));
$media_time = mktime($media_time_hour, $media_time_minute, 0, $media_time_month, $media_time_day, $media_time_year, 1);
$owner_sql = '';
if (isset($_POST['owner_name'])) {
$owner_id = COM_applyFilter($_POST['owner_name'], true);
$owner_sql = ',media_user_id=' . $owner_id . ' ';
}
$sql = "UPDATE " . $table . "\n SET media_title='" . addslashes($media_title) . "',\n media_desc='" . addslashes($media_desc) . "',\n media_original_filename='" . addslashes($original_filename) . "',\n media_time=" . $media_time . ",\n media_tn_attached=" . $attachtn . ",\n media_category=" . intval($cat_id) . ",\n media_keywords='" . $media_keywords . "',\n artist='" . $artist . "',\n album='" . $musicalbum . "',\n genre='" . $genre . "',\n remote_url='" . $remote_url . "' " . $owner_sql . "WHERE media_id='" . addslashes($media_id) . "'";
DB_query($sql);
if (DB_error() != 0) {
echo COM_errorLog("Media Gallery: ERROR Updating image in media database");
}
PLG_itemSaved($media_id, 'mediagallery');
// process playback options if any...
if (isset($_POST['autostart'])) {
// asf
$opt['autostart'] = COM_applyFilter($_POST['autostart'], true);
$opt['enablecontextmenu'] = COM_applyFilter($_POST['enablecontextmenu'], true);
$opt['stretchtofit'] = isset($_POST['stretchtofit']) ? COM_applyFilter($_POST['stretchtofit'], true) : 0;
$opt['showstatusbar'] = COM_applyFilter($_POST['showstatusbar'], true);
$opt['uimode'] = COM_applyFilter($_POST['uimode']);
$opt['height'] = isset($_POST['height']) ? COM_applyFilter($_POST['height'], true) : 0;
$opt['width'] = isset($_POST['width']) ? COM_applyFilter($_POST['width'], true) : 0;
$opt['bgcolor'] = isset($_POST['bgcolor']) ? COM_applyFilter($_POST['bgcolor']) : 0;
$opt['playcount'] = isset($_POST['playcount']) ? COM_applyFilter($_POST['playcount'], true) : 0;
$opt['loop'] = isset($_POST['loop']) ? COM_applyFilter($_POST['loop'], true) : 0;
if ($opt['playcount'] < 1) {
$opt['playcount'] = 1;
}
MG_savePBOption($media_id, 'autostart', $opt['autostart'], true);
MG_savePBOption($media_id, 'enablecontextmenu', $opt['enablecontextmenu'], true);
if ($opt['stretchtofit'] != '') {
MG_savePBOption($media_id, 'stretchtofit', $opt['stretchtofit'], true);
}
MG_savePBOption($media_id, 'showstatusbar', $opt['showstatusbar'], true);
MG_savePBOption($media_id, 'uimode', $opt['uimode']);
MG_savePBOption($media_id, 'height', $opt['height'], true);
MG_savePBOption($media_id, 'width', $opt['width'], true);
MG_savePBOption($media_id, 'bgcolor', $opt['bgcolor']);
MG_savePBOption($media_id, 'playcount', $opt['playcount'], true);
MG_savePBOption($media_id, 'loop', $opt['loop'], true);
}
if (isset($_POST['play'])) {
// swf
$opt['play'] = COM_applyFilter($_POST['play'], true);
$opt['menu'] = isset($_POST['menu']) ? COM_applyFilter($_POST['menu'], true) : 0;
$opt['quality'] = isset($_POST['quality']) ? COM_applyFilter($_POST['quality']) : '';
$opt['flashvars'] = isset($_POST['flashvars']) ? COM_applyFilter($_POST['flashvars']) : '';
$opt['height'] = COM_applyFilter($_POST['height'], true);
$opt['width'] = COM_applyFilter($_POST['width'], true);
$opt['loop'] = isset($_POST['loop']) ? COM_applyFilter($_POST['loop'], true) : 0;
$opt['scale'] = isset($_POST['scale']) ? COM_applyFilter($_POST['scale']) : '';
$opt['wmode'] = isset($_POST['wmode']) ? COM_applyFilter($_POST['wmode']) : '';
$opt['allowscriptaccess'] = isset($_POST['allowscriptaccess']) ? COM_applyFilter($_POST['allowscriptaccess']) : '';
$opt['bgcolor'] = isset($_POST['bgcolor']) ? COM_applyFilter($_POST['bgcolor']) : '';
$opt['swf_version'] = isset($_POST['swf_version']) ? COM_applyFilter($_POST['swf_version'], true) : 9;
MG_savePBOption($media_id, 'play', $opt['play'], true);
if ($opt['menu'] != '') {
MG_savePBOption($media_id, 'menu', $opt['menu'], true);
}
MG_savePBOption($media_id, 'quality', $opt['quality']);
MG_savePBOption($media_id, 'flashvars', $opt['flashvars']);
MG_savePBOption($media_id, 'height', $opt['height'], true);
MG_savePBOption($media_id, 'width', $opt['width'], true);
MG_savePBOption($media_id, 'loop', $opt['loop'], true);
MG_savePBOption($media_id, 'scale', $opt['scale']);
MG_savePBOption($media_id, 'wmode', $opt['wmode']);
MG_savePBOption($media_id, 'allowscriptaccess', $opt['allowscriptaccess']);
MG_savePBOption($media_id, 'bgcolor', $opt['bgcolor']);
MG_savePBOption($media_id, 'swf_version', $opt['swf_version'], true);
}
if (isset($_POST['autoplay'])) {
// quicktime
$opt['autoplay'] = COM_applyFilter($_POST['autoplay'], true);
$opt['autoref'] = COM_applyFilter($_POST['autoref'], true);
$opt['controller'] = COM_applyFilter($_POST['controller'], true);
$opt['kioskmode'] = COM_applyFilter($_POST['kioskmode'], true);
$opt['scale'] = COM_applyFilter($_POST['scale']);
$opt['height'] = COM_applyFilter($_POST['height'], true);
$opt['width'] = COM_applyFilter($_POST['width'], true);
$opt['bgcolor'] = COM_applyFilter($_POST['bgcolor']);
$opt['loop'] = COM_applyFilter($_POST['loop'], true);
MG_savePBOption($media_id, 'autoref', $opt['autoref'], true);
MG_savePBOption($media_id, 'autoplay', $opt['autoplay'], true);
MG_savePBOption($media_id, 'controller', $opt['controller'], true);
MG_savePBOption($media_id, 'kioskmode', $opt['kioskmode'], true);
MG_savePBOption($media_id, 'scale', $opt['scale']);
MG_savePBOption($media_id, 'height', $opt['height'], true);
MG_savePBOption($media_id, 'width', $opt['width'], true);
MG_savePBOption($media_id, 'bgcolor', $opt['bgcolor'], true);
MG_savePBOption($media_id, 'loop', $opt['loop'], true);
}
if ($attachtn == 1 && $thumbnail != '') {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$media_filename = DB_getItem($_TABLES['mg_media'], 'media_filename', 'media_id="' . addslashes($media_id) . '"');
$thumbFilename = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $thumbnail, $thumbFilename);
}
if ($remove_old_tn == 1) {
$media_filename = DB_getItem($_TABLES['mg_media'], 'media_filename', 'media_id="' . addslashes($media_id) . '"');
$tmpstr = 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
$ext = Media::getMediaExt($_MG_CONF['path_mediaobjects'] . $tmpstr);
if (!empty($ext)) {
@unlink($_MG_CONF['path_mediaobjects'] . $tmpstr . $ext);
}
}
if ($queue) {
echo COM_refresh($actionURL);
} else {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildAlbumRSS($album_id);
echo COM_refresh($actionURL);
}
exit;
}
function INSTALLER_install_block($step, &$vars)
{
global $_TABLES, $_CONF, $_USER;
COM_errorLog("AutoInstall: Creating block {$step['name']}...");
$is_enabled = isset($step['is_enabled']) ? intval($step['is_enabled']) : 1;
$rdflimit = isset($step['rdflimit']) ? intval($step['rdflimit']) : 0;
$onleft = isset($step['onleft']) ? intval($step['onleft']) : 0;
$allow_autotags = isset($step['allow_autotags']) ? intval($step['allow_autotags']) : 0;
$name = isset($step['name']) ? DB_escapeString($step['name']) : '';
$title = isset($step['title']) ? DB_escapeString($step['title']) : '';
$type = isset($step['block_type']) ? DB_escapeString($step['block_type']) : 'unknown';
$phpblockfn = isset($step['phpblockfn']) ? DB_escapeString($step['phpblockfn']) : '';
$help = isset($step['help']) ? DB_escapeString($step['help']) : '';
$content = isset($step['content']) ? DB_escapeString($step['content']) : '';
$blockorder = isset($step['blockorder']) ? intval($step['blockorder']) : 9999;
$owner_id = isset($_USER['uid']) ? $_USER['uid'] : 2;
$group_id = isset($vars[$step['group_id']]) ? $vars[$step['group_id']] : 1;
list($perm_owner, $perm_group, $perm_members, $perm_anon) = $_CONF['default_permissions_block'];
DB_query("INSERT INTO {$_TABLES['blocks']} " . "(is_enabled,name,type,title,tid,blockorder,content,allow_autotags,rdflimit,onleft,phpblockfn,help,owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon)" . " VALUES ({$is_enabled},'{$name}','{$type}','{$title}','all',{$blockorder},'{$content}',{$allow_autotags},{$rdflimit},{$onleft},'{$phpblockfn}','{$help}',{$owner_id},{$group_id},{$perm_owner},{$perm_group},{$perm_members},{$perm_anon})", 1);
if (DB_error()) {
COM_errorLog("AutoInstall: Block creation failed!");
return 1;
}
$bid = DB_insertId();
if (isset($step['variable'])) {
$vars[$step['variable']] = $bid;
}
return "DELETE FROM {$_TABLES['blocks']} WHERE bid = {$bid}";
}
/**
* Saves user to the database
*
* @param int $uid user id
* @param string $usernmae (short) username
* @param string $fullname user's full name
* @param string $email user's email address
* @param string $regdate date the user registered with the site
* @param string $homepage user's homepage URL
* @param array $groups groups the user belongs to
* @param string $delete_photo delete user's photo if == 'on'
* @return string HTML redirect or error message
*
*/
function saveusers($uid, $username, $fullname, $passwd, $passwd_conf, $email, $regdate, $homepage, $groups, $delete_photo = '', $userstatus = 3, $oldstatus = 3)
{
global $_CONF, $_TABLES, $_USER, $LANG28, $_USER_VERBOSE;
$retval = '';
$userChanged = false;
if ($_USER_VERBOSE) {
COM_errorLog("**** entering saveusers****", 1);
COM_errorLog("group size at beginning = " . count($groups), 1);
}
$service = DB_getItem($_TABLES['users'], 'remoteservice', "uid = {$uid}");
// If remote service then assume blank password
if (!empty($service)) {
$passwd = '';
$passwd_conf = '';
}
$passwd_changed = true;
if (empty($service) && SEC_encryptUserPassword($passwd, $uid) === 0 && $passwd_conf === '') {
$passwd_changed = false;
}
if ($passwd_changed && $passwd != $passwd_conf) {
// passwords don't match
return edituser($uid, 67);
}
$nameAndEmailOkay = true;
if (empty($username)) {
$nameAndEmailOkay = false;
} elseif (empty($email)) {
if (empty($uid)) {
$nameAndEmailOkay = false;
// new users need an email address
} else {
if (empty($service)) {
$nameAndEmailOkay = false;
// not a remote user - needs email
}
}
}
if ($nameAndEmailOkay) {
if (!empty($email) && !COM_isEmail($email)) {
return edituser($uid, 52);
}
$uname = DB_escapeString($username);
if (empty($uid)) {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******'");
} else {
if (!empty($service)) {
$uservice = DB_escapeString($service);
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND remoteservice = '{$uservice}'");
} else {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "username = '******' AND uid <> {$uid} AND (remoteservice = '' OR remoteservice IS NULL)");
}
}
if ($ucount > 0) {
// Admin just changed a user's username to one that already exists
return edituser($uid, 51);
}
$emailaddr = DB_escapeString($email);
$exclude_remote = " AND (remoteservice IS NULL OR remoteservice = '')";
if (empty($uid)) {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}'" . $exclude_remote);
} else {
$old_email = DB_getItem($_TABLES['users'], 'email', "uid = '{$uid}'");
if ($old_email == $email) {
// email address didn't change so don't care
$ucount = 0;
} else {
$ucount = DB_getItem($_TABLES['users'], 'COUNT(*)', "email = '{$emailaddr}' AND uid <> {$uid}" . $exclude_remote);
}
}
if ($ucount > 0) {
// Admin just changed a user's email to one that already exists
return edituser($uid, 56);
}
if ($_CONF['custom_registration'] && function_exists('CUSTOM_userCheck')) {
$ret = CUSTOM_userCheck($username, $email);
if (!empty($ret)) {
// need a numeric return value - otherwise use default message
if (!is_numeric($ret['number'])) {
$ret['number'] = 400;
}
return edituser($uid, $ret['number']);
}
}
if (empty($uid)) {
if (empty($passwd)) {
// no password? create one ...
$passwd = SEC_generateRandomPassword();
}
$uid = USER_createAccount($username, $email, $passwd, $fullname, $homepage);
if ($uid > 1) {
DB_query("UPDATE {$_TABLES['users']} SET status = {$userstatus} WHERE uid = {$uid}");
}
} else {
$fullname = DB_escapeString($fullname);
$homepage = DB_escapeString($homepage);
$curphoto = DB_getItem($_TABLES['users'], 'photo', "uid = {$uid}");
if (!empty($curphoto) && $delete_photo == 'on') {
USER_deletePhoto($curphoto);
$curphoto = '';
}
if ($_CONF['allow_user_photo'] == 1 && !empty($curphoto)) {
$curusername = DB_getItem($_TABLES['users'], 'username', "uid = {$uid}");
if ($curusername != $username) {
// user has been renamed - rename the photo, too
$newphoto = preg_replace('/' . $curusername . '/', $username, $curphoto, 1);
$imgpath = $_CONF['path_images'] . 'userphotos/';
if (@rename($imgpath . $curphoto, $imgpath . $newphoto) === false) {
$retval .= COM_errorLog('Could not rename userphoto "' . $curphoto . '" to "' . $newphoto . '".');
return $retval;
}
$curphoto = $newphoto;
}
}
$curphoto = DB_escapeString($curphoto);
DB_query("UPDATE {$_TABLES['users']} SET username = '******', fullname = '{$fullname}', email = '{$email}', homepage = '{$homepage}', photo = '{$curphoto}', status='{$userstatus}' WHERE uid = {$uid}");
if ($passwd_changed && !empty($passwd)) {
SEC_updateUserPassword($passwd, $uid);
}
if ($_CONF['custom_registration'] and function_exists('CUSTOM_userSave')) {
CUSTOM_userSave($uid);
}
if ($_CONF['usersubmission'] == 1 && $oldstatus == USER_ACCOUNT_AWAITING_APPROVAL && $userstatus == USER_ACCOUNT_ACTIVE) {
USER_createAndSendPassword($username, $email, $uid);
}
if ($userstatus == USER_ACCOUNT_DISABLED) {
SESS_endUserSession($uid);
}
$userChanged = true;
}
// check that the user is allowed to change group assignments
if (is_array($groups) && SEC_hasRights('group.assign')) {
if (!SEC_inGroup('Root')) {
$rootgrp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Root'");
if (in_array($rootgrp, $groups)) {
COM_accessLog("User {$_USER['username']} ({$_USER['uid']}) just tried to give Root permissions to user {$username}.");
echo COM_refresh($_CONF['site_admin_url'] . '/index.php');
exit;
}
}
// make sure the Remote Users group is in $groups
if (SEC_inGroup('Remote Users', $uid)) {
$remUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Remote Users'");
if (!in_array($remUsers, $groups)) {
$groups[] = $remUsers;
}
}
if ($_USER_VERBOSE) {
COM_errorLog("deleting all group_assignments for user {$uid}/{$username}", 1);
}
// remove user from all groups that the User Admin is a member of
$UserAdminGroups = SEC_getUserGroups();
$whereGroup = 'ug_main_grp_id IN (' . implode(',', $UserAdminGroups) . ')';
DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_uid = {$uid}) AND " . $whereGroup);
// make sure to add user to All Users and Logged-in Users groups
$allUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'All Users'");
if (!in_array($allUsers, $groups)) {
$groups[] = $allUsers;
}
$logUsers = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Logged-in Users'");
if (!in_array($logUsers, $groups)) {
$groups[] = $logUsers;
}
foreach ($groups as $userGroup) {
if (in_array($userGroup, $UserAdminGroups)) {
if ($_USER_VERBOSE) {
COM_errorLog("adding group_assignment " . $userGroup . " for {$username}", 1);
}
$sql = "INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id, ug_uid) VALUES ({$userGroup}, {$uid})";
DB_query($sql);
}
}
}
if ($userChanged) {
PLG_userInfoChanged($uid);
}
$errors = DB_error();
if (empty($errors)) {
echo PLG_afterSaveSwitch($_CONF['aftersave_user'], "{$_CONF['site_url']}/users.php?mode=profile&uid={$uid}", 'user', 21);
} else {
$retval .= COM_errorLog('Error in saveusers in ' . $_CONF['site_admin_url'] . '/user.php');
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[22]));
echo $retval;
exit;
}
} else {
$retval .= COM_showMessageText($LANG28[10]);
if (!empty($uid) && $uid > 1 && DB_count($_TABLES['users'], 'uid', $uid) > 0) {
$retval .= edituser($uid);
} else {
$retval .= edituser();
}
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG28[1]));
COM_output($retval);
exit;
}
if ($_USER_VERBOSE) {
COM_errorLog("***************leaving saveusers*****************", 1);
}
return $retval;
}
/**
* Puts the datastructures for this plugin into the Geeklog database
*
*/
function plugin_install_gus()
{
global $pi_version, $gl_version, $pi_url, $_FEATURE, $_TABLES, $_CONF, $LANG_GUS00, $LANG_GUS_wo, $_GUS_VARS;
COM_errorLog('Installing the GUS plugin', 1);
// DB_setdebug( true );
// Create the Plugin Tables
GUS_createDatabaseStructures();
// Create the plugin admin security group
$group_id = DB_getItem($_TABLES['groups'], 'grp_id ', "grp_name = 'GUS Admin'");
if ($group_id == '') {
COM_errorLog('Creating GUS admin group', 1);
DB_query("INSERT INTO {$_TABLES['groups']} (grp_name, grp_descr)\n\t\t\t\t\tVALUES ('GUS Admin', 'Users in this group can administer the GUS plugin')", 1);
if (DB_error()) {
return FALSE;
}
$result = DB_query("SELECT LAST_INSERT_ID() AS group_id");
if (DB_error()) {
return FALSE;
}
$row = DB_fetchArray($result, FALSE);
$group_id = $row['group_id'];
} else {
DB_query("UPDATE {$_TABLES['groups']} SET grp_gl_core = 0 WHERE grp_id = {$group_id}", 1);
}
COM_errorLog(" GUS group ID is {$group_id}", 1);
// Save the group id for later uninstall
COM_errorLog('Saving group_id to vars table for use during uninstall', 1);
$sql = "INSERT INTO {$_TABLES['vars']} VALUES ('gus_group_id', {$group_id})";
// ON DUPLICATE KEY UPDATE only exists on MySQL >= 4.1
// See: http://dev.mysql.com/doc/mysql/en/insert.html
if ($_GUS_VARS['sql_version']['major'] >= 4 && $_GUS_VARS['sql_version']['minor'] >= 1) {
$sql .= " ON DUPLICATE KEY UPDATE value={$group_id} ";
}
DB_query($sql, 1);
if (DB_error()) {
return FALSE;
}
// Add plugin Features
foreach ($_FEATURE as $feature => $desc) {
$feat_id = DB_getItem($_TABLES['features'], 'ft_id ', "ft_name = '{$feature}'");
if ($feat_id == '') {
COM_errorLog("Adding {$feature} feature", 1);
DB_query("INSERT INTO {$_TABLES['features']} (ft_name, ft_descr) \n\t\t\t\t\t\tVALUES ('{$feature}','{$desc}')", 1);
if (DB_error()) {
COM_errorLog("Failure adding {$feature} feature", 1);
return FALSE;
}
$result = DB_query("SELECT LAST_INSERT_ID() AS feat_id ");
if (DB_error()) {
return FALSE;
}
$row = DB_fetchArray($result, FALSE);
$feat_id = $row['feat_id'];
} else {
DB_query("UPDATE {$_TABLES['features']} SET ft_gl_core = 0 WHERE ft_id = {$feat_id}", 1);
}
COM_errorLog("Feature '{$feature}' has ID {$feat_id}", 1);
COM_errorLog("Adding {$feature} feature to admin group", 1);
DB_query("INSERT IGNORE INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id)\n\t\t\tVALUES ({$feat_id}, {$group_id})");
// In case the previous INSERT was IGNORED, we update the group id for the feature
DB_query("UPDATE {$_TABLES['access']} SET acc_grp_id = {$group_id} WHERE acc_ft_id = {$feat_id}", 1);
if (DB_error()) {
COM_errorLog("Failure adding {$feature} feature to admin group", 1);
return FALSE;
}
}
// add the block
/*
COM_errorLog('Adding Who\'s Online block', 1);
$block_id = DB_getItem($_TABLES['blocks'], 'bid ', "phpblockfn = 'phpblock_gusstats'");
if ($block_id == '') {
$block_title = addslashes($LANG_GUS_wo['title']);
$sql = "INSERT INTO {$_TABLES['blocks']}
( is_enabled, name, type, title, blockorder, onleft, phpblockfn, group_id, owner_id )
VALUES( 1, 'gus_block', 'phpblock', '{$block_title}', 10, 0, 'phpblock_gusstats', {$group_id}, 2 )
";
DB_query($sql, 1);
if (DB_error()) {
return FALSE;
}
} else {
DB_query("UPDATE {$_TABLES['blocks']} SET group_id = {$group_id} WHERE bid = {$block_id} LIMIT 1", 1);
}
*/
// OK, now give Root users access to this plugin now! NOTE: Root group should always be 1
COM_errorLog("Giving all users in Root group access to GUS admin group", 1);
DB_query("INSERT IGNORE INTO {$_TABLES['group_assignments']} VALUES ({$group_id}, NULL, 1)");
if (DB_error()) {
return FALSE;
}
// Register the plugin with Geeklog
COM_errorLog("Registering GUS plugin with Geeklog", 1);
DB_query("DELETE FROM {$_TABLES['plugins']} WHERE pi_name = 'gus'");
DB_query("INSERT INTO {$_TABLES['plugins']} (pi_name, pi_version, pi_gl_version, pi_homepage, pi_enabled)\n\t\t\t\tVALUES ('gus', '{$pi_version}', '{$gl_version}', '{$pi_url}', 1)");
if (DB_error()) {
return FALSE;
}
COM_errorLog("Succesfully installed the GUS Plugin!", 1);
return TRUE;
}
/**
* Check to see if we can authenticate this user with a remote server
* A user has not managed to login localy, but has an @ in their user
* name and we have enabled distributed authentication. Firstly, try to
* see if we have cached the module that we used to authenticate them
* when they signed up (i.e. they've actualy changed their password
* elsewhere and we need to synch.) If not, then try to authenticate
* them with /every/ authentication module. If this suceeds, create
* a user for them.
*
* @param string $loginname Their username
* @param string $passwd The password entered
* @param string $service The service portion of $username
* @param string $uid OUTPUT parameter, pass it by ref to get uid back.
* @return int user status, -1 for fail.
*/
function SEC_remoteAuthentication(&$loginname, $passwd, $service, &$uid)
{
global $_CONF, $_TABLES;
/* First try a local cached login */
$remoteusername = DB_escapeString($loginname);
$remoteservice = DB_escapeString($service);
$result = DB_query("SELECT passwd, status, uid FROM {$_TABLES['users']} WHERE remoteusername='******' AND remoteservice='{$remoteservice}'");
$tmp = DB_error();
$nrows = DB_numRows($result);
if ($tmp == 0 && $nrows == 1) {
$U = DB_fetchArray($result);
$uid = $U['uid'];
$mypass = $U['passwd'];
// also used to see if the user existed later.
if ($mypass == SEC_encryptPassword($passwd)) {
/* Valid password for cached user, return status */
return $U['status'];
}
}
$service = COM_sanitizeFilename($service);
$servicefile = $_CONF['path_system'] . 'classes/authentication/' . $service . '.auth.class.php';
if (file_exists($servicefile)) {
require_once $servicefile;
$authmodule = new $service();
if ($authmodule->authenticate($loginname, $passwd)) {
/* check to see if they have logged in before: */
if (empty($mypass)) {
// no such user, create them
// Check to see if their remoteusername is unique locally
$checkName = DB_getItem($_TABLES['users'], 'username', "username='******'");
if (!empty($checkName)) {
// no, call custom function.
if (function_exists('CUSTOM_uniqueRemoteUsername')) {
$loginname = CUSTOM_uniqueRemoteUsername($loginname, $service);
}
}
USER_createAccount($loginname, $authmodule->email, $passwd, $authmodule->fullname, $authmodule->homepage, $remoteusername, $remoteservice);
$uid = DB_getItem($_TABLES['users'], 'uid', "remoteusername = '******' AND remoteservice='{$remoteservice}'");
// Store full remote account name:
DB_query("UPDATE {$_TABLES['users']} SET remoteusername='******', remoteservice='{$remoteservice}', status=3 WHERE uid='{$uid}'");
// Add to remote users:
$remote_grp = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name='Remote Users'");
DB_query("INSERT INTO {$_TABLES['group_assignments']} (ug_main_grp_id,ug_uid) VALUES ({$remote_grp}, {$uid})");
return 3;
// Remote auth precludes usersubmission,
// and integrates user activation, see?
} else {
// user existed, update local password:
DB_change($_TABLES['users'], 'passwd', SEC_encryptPassword($passwd), array('remoteusername', 'remoteservice'), array($remoteusername, $remoteservice));
// and return their status
return DB_getItem($_TABLES['users'], 'status', "remoteusername='******' AND remoteservice='{$remoteservice}'");
}
} else {
return -1;
}
} else {
return -1;
}
}
/**
* Save a route into database
*
* @param int $rid
* @param int $method
* @param string $rule
* @param string $route
* @param int $priority
* @return string
*/
function saveRoute($rid, $method, $rule, $route, $priority)
{
global $_CONF, $_TABLES, $MESSAGE, $LANG_ROUTER;
$messageText = '';
$rid = intval($rid, 10);
$method = intval($method, 10);
$rule = trim($rule);
$route = trim($route);
$priority = intval($priority, 10);
if ($method < Router::HTTP_REQUEST_GET || $method > Router::HTTP_REQUEST_HEAD) {
$messageText = $LANG_ROUTER[12];
} elseif ($rule === '') {
$messageText = $LANG_ROUTER[13];
} elseif ($route === '') {
$messageText = $LANG_ROUTER[14];
} elseif (substr_count($rule, '@') !== substr_count($route, '@')) {
$messageText = $LANG_ROUTER[15];
}
// If a rule doesn't begin with a slash, then add one silently
if (strpos($rule, '/') !== 0) {
$rule = '/' . $rule;
}
// If a rule starts with "/index.php", then remove it silently
if (stripos($rule, '/index.php') === 0) {
$rule = preg_replace('|^/index\\.php|i', '', $rule);
}
// If a route doesn't begin with a slash, then add one silently
if (strpos($route, '/') !== 0) {
$route = '/' . $route;
}
// If a route starts with "/index.php/", then make it an error to prevent the script
// from going an infinite loop
if (stripos($route, '/index.php/') === 0) {
$messageText = $LANG_ROUTER[16];
}
// Replace & with &
$rule = str_ireplace('&', '&', $rule);
$route = str_ireplace('&', '&', $route);
// Check if placeholders are the same
$numPlaceHoldersInRule = preg_match_all(Router::PLACEHOLDER_MATCH, $rule, $matchesRule, PREG_SET_ORDER);
$numPlaceHoldersInRoute = preg_match_all(Router::PLACEHOLDER_MATCH, $route, $matchesRoute, PREG_SET_ORDER);
if ($numPlaceHoldersInRule === $numPlaceHoldersInRoute) {
if ($numPlaceHoldersInRule > 0) {
array_shift($matchesRule);
array_shift($matchesRoute);
foreach ($matchesRule as $r) {
if (!in_array($r, $matchesRoute)) {
$messageText = $LANG_ROUTER[15];
break;
}
}
}
} else {
$messageText = $LANG_ROUTER[15];
}
// If priority is out of range, then fix it silently
if ($priority < 1 || $priority > 65535) {
$priority = Router::DEFAULT_PRIORITY;
}
if ($messageText !== '') {
$content = COM_showMessageText($messageText, $MESSAGE[122]) . getRouteEditor($rid);
$retval = COM_createHTMLDocument($content, array('pagetitle' => $MESSAGE[122]));
return $retval;
}
// Save data into database
$rid = DB_escapeString($rid);
$method = DB_escapeString($method);
$rule = DB_escapeString($rule);
$route = DB_escapeString($route);
$priority = DB_escapeString($priority);
$count = intval(DB_count($_TABLES['routes'], 'rid', $rid), 10);
if ($count === 0) {
$sql = "INSERT INTO {$_TABLES['routes']} (rid, method, rule, route, priority) " . "VALUES (NULL, {$method}, '{$rule}', '{$route}', {$priority})";
} else {
$sql = "UPDATE {$_TABLES['routes']} " . "SET method = {$method}, rule = '{$rule}', route = '{$route}', priority = {$priority} " . "WHERE rid = {$rid} ";
}
for ($i = 0; $i < 5; $i++) {
DB_query($sql);
if (!DB_error()) {
reorderRoutes();
return COM_refresh($_CONF['site_admin_url'] . '/router.php?msg=121');
}
// Retry
}
$content = COM_showMessageText($LANG_ROUTER[17], DB_error()) . getRouteEditor($rid);
$retval = COM_createHTMLDocument($content, array('pagetitle' => $MESSAGE[122]));
return $retval;
}
function setAcknowledgedModified($startStamp, $endStamp, $uid)
{
$sql = "UPDATE {$this->fulltablename} SET ack_modified=1 WHERE uid={$uid} AND (datestamp>={$startStamp} OR datestamp>=({$startStamp}-3600)) AND (datestamp<={$endStamp} OR datestamp<=({$endStamp}+3600) )";
DB_query($sql);
if (DB_error()) {
return false;
} else {
return true;
}
}
/**
* Returns an array of (
* 'id' => $id (string),
* 'title' => $title (string),
* 'uri' => $uri (string),
* 'date' => $date (int: Unix timestamp),
* 'image_uri' => $image_uri (string)
* )
*/
public function getItemsByDate($category = '', $all_langs = FALSE)
{
global $_CONF, $_TABLES;
$entries = array();
if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
return $entries;
}
$sql_date = "AND (UNIX_TIMESTAMP(date) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
if (Dataproxy::$isGL150) {
if (Dataproxy::$isGL170) {
$sql = "SELECT pid, topic, UNIX_TIMESTAMP(modified) AS day " . " FROM {$_TABLES['polltopics']} " . "WHERE (UNIX_TIMESTAMP(modified) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
} else {
$sql = "SELECT pid, topic, UNIX_TIMESTAMP(date) AS day " . " FROM {$_TABLES['polltopics']} " . "WHERE (1 = 1) " . $sql_date;
}
if (!Dataproxy::isRoot()) {
$sql .= COM_getPermSQL('AND', Dataproxy::uid());
}
$sql .= " ORDER BY pid";
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
$entry = array();
$entry['id'] = $A['pid'];
$entry['title'] = stripslashes($A['topic']);
$entry['uri'] = $_CONF['site_url'] . '/polls/index.php?pid=' . urlencode($entry['id']);
$entry['date'] = $A['day'];
$entry['image_uri'] = FALSE;
$entries[] = $entry;
}
} else {
$sql = "SELECT qid, question, UNIX_TIMESTAMP(date) AS day " . "FROM {$_TABLES['pollquestions']} " . "WHERE (1 = 1) " . $sql_date;
if (!Dataproxy::isRoot()) {
$sql .= COM_getPermSQL('AND', Dataproxy::uid());
}
$sql .= " ORDER BY qid";
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
$entry = array();
$entry['id'] = $A['qid'];
$entry['title'] = stripslashes($A['question']);
$entry['uri'] = $_CONF['site_url'] . '/polls/index.php?qid=' . urlencode($entry['id']) . '&aid=-1';
$entry['date'] = $A['day'];
$entry['image_uri'] = FALSE;
$entries[] = $entry;
}
}
return $entries;
}
/**
* Returns an array of (
* 'id' => $id (string),
* 'title' => $title (string),
* 'uri' => $uri (string),
* 'date' => $date (int: Unix timestamp),
* 'image_uri' => $image_uri (string)
* )
*/
public function getItemsByDate($tid = '', $all_langs = FALSE)
{
global $_CONF, $_TABLES;
$entries = array();
if (empty(Dataproxy::$startDate) or empty(Dataproxy::$endDate)) {
return $entries;
}
$sql = "SELECT sid, title, UNIX_TIMESTAMP(date) AS day " . " FROM {$_TABLES['stories']} " . "WHERE (draft_flag = 0) AND (date <= NOW()) " . " AND (UNIX_TIMESTAMP(date) BETWEEN '" . Dataproxy::$startDate . "' AND '" . Dataproxy::$endDate . "') ";
if (!empty($tid)) {
$sql .= "AND (tid = '" . addslashes($tid) . "') ";
}
if (!Dataproxy::isRoot()) {
$sql .= COM_getTopicSql('AND', Dataproxy::uid()) . COM_getPermSql('AND', Dataproxy::uid());
if (function_exists('COM_getLangSQL') and $all_langs === FALSE) {
$sql .= COM_getLangSQL('sid', 'AND');
}
}
$result = DB_query($sql);
if (DB_error()) {
return $entries;
}
while (($A = DB_fetchArray($result, FALSE)) !== FALSE) {
$entry = array();
$entry['id'] = stripslashes($A['sid']);
$entry['title'] = stripslashes($A['title']);
$entry['uri'] = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . stripslashes($A['sid']));
$entry['date'] = $A['day'];
$entry['imageurl'] = FALSE;
$entries[] = $entry;
}
return $entries;
}
/**
* Perform database upgrades
*
* @param string $currentGlVersion Current Geeklog version
* @return bool True if successful
*/
private function doDatabaseUpgrades($currentGlVersion)
{
global $_TABLES, $_CONF, $_SP_CONF, $_DB, $_DB_dbms, $_DB_table_prefix;
$_DB->setDisplayError(true);
// Because the upgrade sql syntax can vary from dbms-to-dbms we are
// leaving that up to each Geeklog database driver
$done = false;
$progress = '';
$_SQL = array();
while (!$done) {
switch ($currentGlVersion) {
case '1.2.5-1':
// Get DMBS-specific update sql
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.2.5-1_to_1.3.php';
$this->updateDB($_SQL, $progress);
// OK, now we need to add all users except anonymous to the All Users group and Logged in users group
// I can hard-code these group numbers because the group table was JUST created with these numbers
$result = DB_query("SELECT uid FROM {$_TABLES['users']} WHERE uid <> 1");
$numRows = DB_numRows($result);
for ($i = 1; $i <= $numRows; $i++) {
$U = DB_fetchArray($result);
DB_query("INSERT INTO {$_TABLES['group_assignments']} VALUES (2, {$U['uid']}, NULL)");
DB_query("INSERT INTO {$_TABLES['group_assignments']} VALUES (13, {$U['uid']}, NULL)");
}
// Now take care of any orphans off the user table...and let me curse MySQL lack for supporting foreign
// keys at this time ;-)
$result = DB_query("SELECT MAX(uid) FROM {$_TABLES['users']}");
$ITEM = DB_fetchArray($result);
$max_uid = $ITEM[0];
if (!empty($max_uid) && $max_uid != 0) {
DB_query("DELETE FROM {$_TABLES['userindex']} WHERE uid > {$max_uid}");
DB_query("DELETE FROM {$_TABLES['userinfo']} WHERE uid > {$max_uid}");
DB_query("DELETE FROM {$_TABLES['userprefs']} WHERE uid > {$max_uid}");
DB_query("DELETE FROM {$_TABLES['usercomment']} WHERE uid > {$max_uid}");
}
$currentGlVersion = '1.3';
$_SQL = array();
break;
case '1.3':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3_to_1.3.1.php';
$this->updateDB($_SQL, $progress);
$currentGlVersion = '1.3.1';
$_SQL = array();
break;
case '1.3.1':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.1_to_1.3.2.php';
$this->updateDB($_SQL, $progress);
$currentGlVersion = '1.3.2-1';
$_SQL = array();
break;
case '1.3.2':
case '1.3.2-1':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.2-1_to_1.3.3.php';
$this->updateDB($_SQL, $progress);
// Now we need to switch how user blocks are stored. Right now we only store the blocks the
// user wants. This will switch it to store the ones they don't want which allows us to add
// new blocks and ensure they are shown to the user.
$result = DB_query("SELECT {$_TABLES['users']}.uid,boxes FROM {$_TABLES['users']},{$_TABLES['userindex']} WHERE boxes IS NOT NULL AND boxes <> '' AND {$_TABLES['users']}.uid = {$_TABLES['userindex']}.uid");
$numRows = DB_numRows($result);
for ($i = 1; $i <= $numRows; $i++) {
$row = DB_fetchArray($result);
$uBlocks = str_replace(' ', ',', $row['boxes']);
$result2 = DB_query("SELECT bid,name FROM {$_TABLES['blocks']} WHERE bid NOT IN ({$uBlocks})");
$newBlocks = '';
for ($x = 1; $x <= DB_numRows($result2); $x++) {
$currentBlock = DB_fetchArray($result2);
if ($currentBlock['name'] !== 'user_block' && $currentBlock['name'] !== 'admin_block' && $currentBlock['name'] !== 'section_block') {
$newBlocks .= $currentBlock['bid'];
if ($x != DB_numRows($result2)) {
$newBlocks .= ' ';
}
}
}
DB_query("UPDATE {$_TABLES['userindex']} SET boxes = '{$newBlocks}' WHERE uid = {$row['uid']}");
}
$currentGlVersion = '1.3.3';
$_SQL = array();
break;
case '1.3.3':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.3_to_1.3.4.php';
$this->updateDB($_SQL, $progress);
$currentGlVersion = '1.3.4';
$_SQL = array();
break;
case '1.3.4':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.4_to_1.3.5.php';
$this->updateDB($_SQL, $progress);
$result = DB_query("SELECT ft_id FROM {$_TABLES['features']} WHERE ft_name = 'user.mail'");
$row = DB_fetchArray($result);
$mail_ft = $row['ft_id'];
$result = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_name = 'Mail Admin'");
$row = DB_fetchArray($result);
$group_id = $row['grp_id'];
DB_query("INSERT INTO {$_TABLES['access']} (acc_grp_id, acc_ft_id) VALUES ({$group_id}, {$mail_ft})");
$currentGlVersion = '1.3.5';
$_SQL = array();
break;
case '1.3.5':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.5_to_1.3.6.php';
$this->updateDB($_SQL, $progress);
if (!empty($_DB_table_prefix)) {
DB_query("RENAME TABLE staticpage TO {$_TABLES['staticpage']}");
}
$currentGlVersion = '1.3.6';
$_SQL = array();
break;
case '1.3.6':
// fix wrong permissions value
DB_query("UPDATE {$_TABLES['topics']} SET perm_anon = 2 WHERE perm_anon = 3");
// check for existence of 'date' field in gl_links table
DB_query("SELECT date FROM {$_TABLES['links']}", 1);
if (strpos(DB_error(), 'date') > 0) {
DB_query("ALTER TABLE {$_TABLES['links']} ADD date datetime default NULL");
}
// Fix primary key so that more than one user can add an event
// to his/her personal calendar.
DB_query("ALTER TABLE {$_TABLES['personal_events']} DROP PRIMARY KEY, ADD PRIMARY KEY (eid,uid)");
$currentGlVersion = '1.3.7';
$_SQL = array();
break;
case '1.3.7':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.7_to_1.3.8.php';
$this->updateDB($_SQL, $progress);
// upgrade Static Pages plugin
$spVersion = $this->getStaticPagesVersion();
if ($spVersion == 1) {
// original version
DB_query("ALTER TABLE {$_TABLES['staticpage']} " . "ADD COLUMN group_id mediumint(8) unsigned DEFAULT '1'," . "ADD COLUMN owner_id mediumint(8) unsigned DEFAULT '1'," . "ADD COLUMN perm_owner tinyint(1) unsigned DEFAULT '3'," . "ADD COLUMN perm_group tinyint(1) unsigned DEFAULT '2'," . "ADD COLUMN perm_members tinyint(1) unsigned DEFAULT '2'," . "ADD COLUMN perm_anon tinyint(1) unsigned DEFAULT '2'," . "ADD COLUMN sp_php tinyint(1) unsigned DEFAULT '0'," . "ADD COLUMN sp_nf tinyint(1) unsigned DEFAULT '0'," . "ADD COLUMN sp_centerblock tinyint(1) unsigned NOT NULL default '0'," . "ADD COLUMN sp_tid varchar(20) NOT NULL default 'none'," . "ADD COLUMN sp_where tinyint(1) unsigned NOT NULL default '1'");
DB_query("INSERT INTO {$_TABLES['features']} (ft_name, ft_descr) VALUES ('staticpages.PHP','Ability to use PHP in static pages')");
$php_id = DB_insertId();
$group_id = DB_getItem($_TABLES['groups'], 'grp_id', "grp_name = 'Static Page Admin'");
DB_query("INSERT INTO {$_TABLES['access']} (acc_ft_id, acc_grp_id) VALUES ({$php_id}, {$group_id})");
} elseif ($spVersion == 2) {
// extended version by Phill or Tom
DB_query("ALTER TABLE {$_TABLES['staticpage']} " . "DROP COLUMN sp_pos," . "DROP COLUMN sp_search_keywords," . "ADD COLUMN sp_nf tinyint(1) unsigned DEFAULT '0'," . "ADD COLUMN sp_centerblock tinyint(1) unsigned NOT NULL default '0'," . "ADD COLUMN sp_tid varchar(20) NOT NULL default 'none'," . "ADD COLUMN sp_where tinyint(1) unsigned NOT NULL default '1'");
}
if ($spVersion > 0) {
// update plugin version number
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.3', pi_gl_version = '1.3.8' WHERE pi_name = 'staticpages'");
// remove Static Pages 'lock' flag
DB_query("DELETE FROM {$_TABLES['vars']} WHERE name = 'staticpages'");
// remove Static Pages Admin group id
DB_query("DELETE FROM {$_TABLES['vars']} WHERE name = 'sp_group_id'");
if ($spVersion == 1) {
$result = DB_query("SELECT DISTINCT sp_uid FROM {$_TABLES['staticpage']}");
$authors = DB_numRows($result);
for ($i = 0; $i < $authors; $i++) {
$A = DB_fetchArray($result);
DB_query("UPDATE {$_TABLES['staticpage']} SET owner_id = '{$A['sp_uid']}' WHERE sp_uid = '{$A['sp_uid']}'");
}
}
$result = DB_query("SELECT sp_label FROM {$_TABLES['staticpage']} WHERE sp_title = 'Frontpage'");
if (DB_numRows($result) > 0) {
$A = DB_fetchArray($result);
if ($A['sp_label'] == 'nonews') {
DB_query("UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 1, sp_where = 0 WHERE sp_title = 'Frontpage'");
} elseif (!empty($A['sp_label'])) {
DB_query("UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 1, sp_title = '{$A['sp_label']}' WHERE sp_title = 'Frontpage'");
} else {
DB_query("UPDATE {$_TABLES['staticpage']} SET sp_centerblock = 1 WHERE sp_title = 'Frontpage'");
}
}
}
$currentGlVersion = '1.3.8';
$_SQL = array();
break;
case '1.3.8':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.8_to_1.3.9.php';
$this->updateDB($_SQL, $progress);
$pos = strrpos($_CONF['rdf_file'], '/');
$filename = substr($_CONF['rdf_file'], $pos + 1);
$siteName = DB_escapeString($_CONF['site_name']);
$siteSlogan = DB_escapeString($_CONF['site_slogan']);
DB_query("INSERT INTO {$_TABLES['syndication']} (title, description, limits, content_length, filename, charset, language, is_enabled, updated, update_info) VALUES ('{$siteName}', '{$siteSlogan}', '{$_CONF['rdf_limit']}', {$_CONF['rdf_storytext']}, '{$filename}', '{$_CONF['default_charset']}', '{$_CONF['rdf_language']}', {$_CONF['backend']}, CURRENT_TIMESTAMP, NULL)");
// upgrade static pages plugin
$spVersion = $this->getStaticPagesVersion();
if ($spVersion > 0) {
if ($spVersion < 4) {
if (!isset($_SP_CONF['in_block'])) {
$_SP_CONF['in_block'] = 1;
} elseif ($_SP_CONF['in_block'] > 1) {
$_SP_CONF['in_block'] = 1;
} elseif ($_SP_CONF['in_block'] < 0) {
$_SP_CONF['in_block'] = 0;
}
DB_query("ALTER TABLE {$_TABLES['staticpage']} ADD COLUMN sp_inblock tinyint(1) unsigned DEFAULT '{$_SP_CONF['in_block']}'");
}
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.4', pi_gl_version = '1.3.9' WHERE pi_name = 'staticpages'");
}
// recreate 'date' field for old links
$result = DB_query("SELECT lid FROM {$_TABLES['links']} WHERE date IS NULL");
$num = DB_numRows($result);
if ($num > 0) {
for ($i = 0; $i < $num; $i++) {
$A = DB_fetchArray($result);
$myYear = substr($A['lid'], 0, 4);
$myMonth = substr($A['lid'], 4, 2);
$myDay = substr($A['lid'], 6, 2);
$myHour = substr($A['lid'], 8, 2);
$myMin = substr($A['lid'], 10, 2);
$mySec = substr($A['lid'], 12, 2);
$mTime = mktime($myHour, $myMin, $mySec, $myMonth, $myDay, $myYear);
$date = date('Y-m-d H:i:s', $mTime);
DB_query("UPDATE {$_TABLES['links']} SET date = '{$date}' WHERE lid = '{$A['lid']}'");
}
}
// remove unused entries left over from deleted groups
$result = DB_query("SELECT grp_id FROM {$_TABLES['groups']}");
$num = DB_numRows($result);
$groups = array();
for ($i = 0; $i < $num; $i++) {
$A = DB_fetchArray($result);
$groups[] = $A['grp_id'];
}
$groupList = '(' . implode(',', $groups) . ')';
DB_query("DELETE FROM {$_TABLES['group_assignments']} WHERE (ug_main_grp_id NOT IN {$groupList}) OR (ug_grp_id NOT IN {$groupList})");
$currentGlVersion = '1.3.9';
$_SQL = array();
break;
case '1.3.9':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.9_to_1.3.10.php';
$this->updateDB($_SQL, $progress);
commentsToPreorderTree();
$result = DB_query("SELECT sid,introtext,bodytext FROM {$_TABLES['stories']}");
$numStories = DB_numRows($result);
for ($i = 0; $i < $numStories; $i++) {
$A = DB_fetchArray($result);
$related = DB_escapeString(implode("\n", UPDATE_extractLinks($A['introtext'] . ' ' . $A['bodytext'])));
if (empty($related)) {
DB_query("UPDATE {$_TABLES['stories']} SET related = NULL WHERE sid = '{$A['sid']}'");
} else {
DB_query("UPDATE {$_TABLES['stories']} SET related = '{$related}' WHERE sid = '{$A['sid']}'");
}
}
$spVersion = $this->getStaticPagesVersion();
if ($spVersion > 0) {
// no database changes this time, but set new version number
DB_query("UPDATE {$_TABLES['plugins']} SET pi_version = '1.4.1', pi_gl_version = '1.3.10' WHERE pi_name = 'staticpages'");
}
// install SpamX plugin
// (also handles updates from version 1.0)
install_spamx_plugin();
$currentGlVersion = '1.3.10';
$_SQL = array();
break;
case '1.3.10':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.10_to_1.3.11.php';
$this->updateDB($_SQL, $progress);
$currentGlVersion = '1.3.11';
$_SQL = array();
break;
case '1.3.11':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.3.11_to_1.4.0.php';
$this->updateDB($_SQL, $progress);
upgrade_addFeature();
upgrade_uniqueGroupNames();
$currentGlVersion = '1.4.0';
$_SQL = array();
break;
case '1.4.0':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.4.0_to_1.4.1.php';
$this->updateDB($_SQL, $progress);
upgrade_addSyndicationFeature();
upgrade_ensureLastScheduledRunFlag();
upgrade_plugins_141();
$currentGlVersion = '1.4.1';
$_SQL = array();
break;
case '1.4.1':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.4.1_to_1.5.0.php';
$this->updateDB($_SQL, $progress);
upgrade_addWebservicesFeature();
create_ConfValues();
require_once $_CONF['path_system'] . 'classes/config.class.php';
$config = config::get_instance();
if (file_exists($_CONF['path'] . 'config.php')) {
// Read the values from config.php and use them to populate conf_values
$tempPath = $_CONF['path'];
// We'll need this to remember what the correct path is.
// Including config.php will overwrite all our $_CONF values.
require $tempPath . 'config.php';
// Load some important values from config.php into conf_values
foreach ($_CONF as $key => $val) {
$config->set($key, $val);
}
if (!$this->setDefaultCharset($this->env['siteconfig_path'], $_CONF['default_charset'])) {
exit($this->LANG['INSTALL'][26] . ' ' . $this->env['siteconfig_path'] . $this->LANG['INSTALL'][58]);
}
require $this->env['siteconfig_path'];
require $this->env['dbconfig_path'];
}
// Update the GL configuration with the correct paths.
$config->set('path_html', $this->env['html_path']);
$config->set('path_log', $_CONF['path'] . 'logs/');
$config->set('path_language', $_CONF['path'] . 'language/');
$config->set('backup_path', $_CONF['path'] . 'backups/');
$config->set('path_data', $_CONF['path'] . 'data/');
$config->set('path_images', $this->env['html_path'] . 'images/');
$config->set('path_themes', $this->env['html_path'] . 'layout/');
$config->set('path_editors', $this->env['html_path'] . 'editors/');
$config->set('rdf_file', $this->env['html_path'] . 'backend/geeklog.rss');
$config->set('path_pear', $_CONF['path_system'] . 'pear/');
// core plugin updates are done in the plugins themselves
$currentGlVersion = '1.5.0';
$_SQL = array();
break;
case '1.5.0':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.5.0_to_1.5.1.php';
$this->updateDB($_SQL, $progress);
$currentGlVersion = '1.5.1';
$_SQL = array();
break;
case '1.5.1':
// there were no core database changes in 1.5.2
$currentGlVersion = '1.5.2';
$_SQL = array();
break;
case '1.5.2':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.5.2_to_1.6.0.php';
$this->updateDB($_SQL, $progress);
update_ConfValues();
upgrade_addNewPermissions();
upgrade_addIsoFormat();
$this->fixOptionalConfig();
$currentGlVersion = '1.6.0';
$_SQL = array();
break;
case '1.6.0':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.6.0_to_1.6.1.php';
$this->updateDB($_SQL, $progress);
update_ConfValuesFor161();
$currentGlVersion = '1.6.1';
$_SQL = array();
break;
case '1.6.1':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.6.1_to_1.7.0.php';
$this->updateDB($_SQL, $progress);
update_ConfValuesFor170();
$currentGlVersion = '1.7.0';
$_SQL = array();
break;
case '1.7.0':
$currentGlVersion = '1.7.2';
// skip ahead
$_SQL = array();
break;
case '1.7.1':
// there were no database changes in 1.7.1
// there were no database changes in 1.7.1
case '1.7.2':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.7.2_to_1.8.0.php';
$this->updateDB($_SQL, $progress);
update_ConfValuesFor180();
update_ConfigSecurityFor180();
update_UsersFor180();
$currentGlVersion = '1.8.0';
$_SQL = array();
break;
case '1.8.0':
case '1.8.1':
case '1.8.2':
// there were no database changes in 1.8.x
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_1.8.2_to_2.0.0.php';
$this->updateDB($_SQL, $progress);
update_ConfValuesFor200();
update_BlockTopicAssignmentsFor200();
update_StoryTopicAssignmentsFor200();
$currentGlVersion = '2.0.0';
$_SQL = array();
break;
case '2.0.0':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_2.0.0_to_2.1.0.php';
$this->updateDB($_SQL, $progress);
update_addFilemanager();
update_ConfValuesFor210();
$currentGlVersion = '2.1.0';
$_SQL = array();
break;
case '2.1.1':
require_once $_CONF['path'] . 'sql/updates/' . $_DB_dbms . '_2.1.1_to_2.1.2.php';
$this->updateDB($_SQL, $progress);
update_ConfValuesFor212();
$currentGlVersion = '2.1.2';
$_SQL = array();
break;
default:
$done = true;
}
}
$this->setVersion($this->env['siteconfig_path']);
// delete the security check flag on every update to force the user
// to run admin/sectest.php again
DB_delete($_TABLES['vars'], 'name', 'security_check');
return true;
}
if ($users > 0) {
$sqltmp .= " AND m.media_user_id=" . $users;
}
$sqltmp = DB_escapeString($sqltmp);
$sort_id = COM_makesid();
if (COM_isAnonUser()) {
$sort_user = 1;
} else {
$sort_user = $_USER['uid'];
}
$sort_datetime = time();
$referer = DB_escapeString($referer);
$keywords = DB_escapeString($keywords);
$sql = "INSERT INTO {$_TABLES['mg_sort']} (sort_id,sort_user,sort_query,sort_results,sort_datetime,referer,keywords)\n VALUES ('{$sort_id}',{$sort_user},'{$sqltmp}',{$numresults},{$sort_datetime},'{$referer}','{$keywords}')";
$result = DB_query($sql);
if (DB_error()) {
COM_errorLog("Media Gallery: Error placing sort query into database");
}
$sort_purge = time() - 3660;
// 43200;
DB_query("DELETE FROM {$_TABLES['mg_sort']} WHERE sort_datetime < " . $sort_purge);
$pageBody .= MG_search($sort_id, 1);
} elseif ($mode == $LANG_MG01['cancel']) {
echo COM_refresh($_MG_CONF['site_url'] . '/index.php');
exit;
} elseif (isset($_GET['id'])) {
$id = COM_applyFilter($_GET['id']);
$page = COM_applyFilter($_GET['page'], true);
if ($page < 1) {
$page = 1;
}
