Beispiel #1
0
function Cat_Safe_Names()
{
    // this was moved out of dbtree.php because it's only needed when changing
    // category information
    global $db;
    $cats = $db->get_col("Select category_name from " . table_categories . ";");
    if ($cats) {
        foreach ($cats as $catname) {
            $db->query("UPDATE `" . table_categories . '` SET `category_name` = "' . safeAddSlashes($catname) . '"' . ", `category_safe_name` = '" . makeCategoryFriendly($catname) . "' WHERE `category_name` =" . '"' . safeAddSlashes($catname) . '";');
        }
    }
    $cats = $db->get_col("Select category__auto_id from " . table_categories . ";");
    if ($cats) {
        foreach ($cats as $catid) {
            $db->query("UPDATE `" . table_categories . "` SET `category_id` = " . $catid . " WHERE `category__auto_id` ='" . $catid . "';");
        }
    }
}
Beispiel #2
0
function Cat_Safe_Names()
{
    global $db;
    $cats = $db->get_col("Select category_name from " . table_categories . ";");
    if ($cats) {
        foreach ($cats as $catname) {
            $db->query("UPDATE `" . table_categories . '` SET `category_name` = "' . safeAddSlashes($catname) . '"' . ", `category_safe_name` = '" . makeCategoryFriendly($catname) . "' WHERE `category_name` =" . '"' . safeAddSlashes($catname) . '";');
        }
    }
    $cats = $db->get_col("Select category__auto_id from " . table_categories . ";");
    if ($cats) {
        foreach ($cats as $catid) {
            $db->query("UPDATE `" . table_categories . "` SET `category_id` = " . $catid . " WHERE `category__auto_id` ='" . $catid . "';");
        }
    }
}
 // put the category tree into an array for use in the qeip dropdown
 $action = isset($_REQUEST['action']) && sanitize($_REQUEST['action'], 3) != '' ? sanitize($_REQUEST['action'], 3) : "view";
 if ($action == "htaccess") {
     $htaccess = '../.htaccess';
     if (file_exists($htaccess)) {
         echo "The file {$htaccess} already exists. To protect you from accidentally removing it, you must manually remove it from your server before moving on.";
     } else {
         rename("../htaccess.default", "../.htaccess");
         echo "We have renamed htaccess.default to .htaccess for you. You still need to manually add the special category structure for it to fully work.";
     }
 }
 if ($action == "save") {
     $CSRF->check_expired('category_manager');
     if ($CSRF->check_valid(sanitize($_POST['token'], 3), 'category_manager')) {
         if (!$_POST['safename']) {
             $_POST['safename'] = makeCategoryFriendly($_POST['name']);
             $row = $db->get_row("SELECT * FROM " . table_categories . " WHERE category_safe_name='" . mysql_real_escape_string(sanitize($_POST['safename'], 4)) . "' AND category__auto_id!='{$_POST['auto_id']}'");
             $i = '';
             while ($row->category_id > 0) {
                 $i++;
                 $row = $db->get_row("SELECT * FROM " . table_categories . " WHERE category_safe_name='" . mysql_real_escape_string(sanitize($_POST['safename'] . $i, 4)) . "' AND category__auto_id!='{$_POST['auto_id']}'");
             }
             $_POST['safename'] .= $i;
         }
         if ($_POST['auto_id'] && is_numeric($_POST['auto_id'])) {
             $id = sanitize($_POST['auto_id'], 3);
             $parent = sanitize($_POST['parent'], 3);
             if (!is_numeric($id)) {
                 die;
             }
             if (!is_numeric($parent)) {
Beispiel #4
0
     $last_visit = txt_time_diff($pageview->last_visit(), $time);
 }
 $main_smarty->assign('last_visit', $last_visit);
 $pageview->insert();
 // Set globals
 $globals['link_id'] = $link->id;
 $globals['category_id'] = $link->category;
 $globals['category_name'] = $link->category_name();
 check_actions('story_top');
 $main_smarty->assign('link_submitter', $link->username());
 // setup breadcrumbs and title
 $main_smarty->assign('posttitle', " - " . $link->title);
 $navwhere['text1'] = $globals['category_name'];
 $navwhere['link1'] = getmyurl('maincategory', makeCategoryFriendly($globals['category_name']));
 $navwhere['text2'] = $link->title;
 $navwhere['link2'] = getmyurl('storycattitle', makeCategoryFriendly($globals['category_name']), urlencode($link->title_url));
 $main_smarty->assign('navbar_where', $navwhere);
 // for the comment form
 $randkey = rand(1000000, 100000000);
 $main_smarty->assign('randkey', $randkey);
 $main_smarty->assign('link_id', $link->id);
 $main_smarty->assign('user_id', $current_user->user_id);
 $main_smarty->assign('randmd5', md5($current_user->user_id . $randkey));
 // for login to comment
 $main_smarty->assign('register_url', getmyurl("register", ''));
 $main_smarty->assign('login_url', getmyurl("login", $_SERVER['REQUEST_URI']));
 // for show who voted
 $main_smarty->assign('user_url', getmyurl('userblank', ""));
 $main_smarty->assign('voter', who_voted($id, 'small'));
 // misc smarty
 $main_smarty->assign('Enable_Comment_Voting', Enable_Comment_Voting);
Beispiel #5
0
     //---- Your database password.
     include_once '../libs/backup/mysql_backup/mysql_backup.class.php';
     $output = "upgrade_config_table.sql";
     // The data for the config table.
     $backup = new mysql_backup($db_host, $db_name, $db_user, $db_pass, $output, $structure_only);
     $backup->restore(";");
 }
 //---------------------------------------------------------
 $fieldexists = checkforfield('category_safe_name', table_categories);
 if (!$fieldexists) {
     $sql = 'ALTER TABLE `' . table_categories . '` ADD `category_safe_name`  varchar(64) default NULL ;';
     $db->query($sql);
     $cats = $db->get_col("Select category_name from " . table_categories . ";");
     if ($cats) {
         foreach ($cats as $catname) {
             $db->query("UPDATE `" . table_categories . "` SET `category_name` = '" . $catname . "', `category_safe_name` = '" . makeCategoryFriendly($catname) . "' WHERE `category_name` ='" . $catname . "';");
         }
     }
 }
 // Added SpellChecker #2
 $sql = "UPDATE `" . table_config . "` SET `var_defaultvalue` = '2', `var_optiontext` = '1 or 2 = on / 0 = off', `var_desc` = '1 = http://spellerpages.sourceforge.net/<br />2 = http://www.phpclasses.org/browse/package/2398.html (spell checker for people without aspell enabled in php.' WHERE `var_id` =57 LIMIT 1 ;";
 $db->query($sql);
 $result = mysql_query("select * from `" . table_config . "` where `var_name` = 'StorySummary_ContentTruncate';");
 if (mysql_num_rows($result) == 0) {
     $db->query("INSERT INTO `" . table_config . "` VALUES (58, 'Summary', 'StorySummary_ContentTruncate', '150', '150', 'number', 'Content Truncate', 'When showing the story in summary mode (like on the main page), truncate the content to this many characters', 'define', NULL);");
 }
 $result = mysql_query("select * from `" . table_config . "` where `var_name` = 'SubmitSummary_Allow_Edit';");
 if (mysql_num_rows($result) == 0) {
     $db->query("INSERT INTO `" . table_config . "` VALUES (59, 'Summary', 'SubmitSummary_Allow_Edit', '1', '1', 'number', 'Allow edit of Summary', 'Allow edit of Summary', 'define', NULL);");
 }
 $result = mysql_query("select * from `" . table_config . "` where `var_name` = 'Enable_User_Upload_Avatar';");