PHP wppa_sanitize_searchstring Beispiele

Beispiel #1

Datei: wppa-photo-admin-autosave.php Projekt: msayagh/Quercus-source-code-Maven

function wppa_get_edit_search_photos($limit = '', $count_only = false)
{
    global $wpdb;
    global $wppa_search_stats;
    $doit = false;
    //	if ( wppa_user_is( 'administrator' ) ) $doit = true;
    if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
        $doit = true;
    }
    if (wppa_switch('upload_edit')) {
        $doit = true;
    }
    if (!$doit) {
        // Should never get here. Only when url is manipulted manually.
        die('Security check failure #309');
    }
    $words = explode(',', wppa_sanitize_searchstring($_REQUEST['wppa-searchstring']));
    $wppa_search_stats = array();
    $first = true;
    foreach ($words as $word) {
        // Find lines in index db table
        if (wppa_switch('wild_front')) {
            $pidxs = $wpdb->get_results("SELECT `slug`, `photos` FROM `" . WPPA_INDEX . "` WHERE `slug` LIKE '%" . $word . "%'", ARRAY_A);
        } else {
            $pidxs = $wpdb->get_results("SELECT `slug`, `photos` FROM `" . WPPA_INDEX . "` WHERE `slug` LIKE '" . $word . "%'", ARRAY_A);
        }
        $photos = '';
        foreach ($pidxs as $pi) {
            $photos .= $pi['photos'] . ',';
        }
        if ($first) {
            $photo_array = wppa_index_array_remove_dups(wppa_index_string_to_array(trim($photos, ',')));
            $count = empty($photo_array) ? '0' : count($photo_array);
            $list = implode(',', $photo_array);
            if (!$list) {
                $list = '0';
            }
            //			if ( wppa_user_is( 'administrator' ) ) {
            if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
                $real_count = $wpdb->get_var("SELECT COUNT(*) FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") ");
                if ($count != $real_count) {
                    update_option('wppa_remake_index_photos_status', __('Required', 'wp-photo-album-plus'));
                    // 					echo 'realcount mismatch:1';
                    //					echo ' count='.$count.', realcount='.$real_count.'<br/>';
                }
            } else {
                // Not admin, can edit own photos only
                $real_count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") AND `owner` = %s", wppa_get_user()));
            }
            $wppa_search_stats[] = array('word' => $word, 'count' => $real_count);
            $first = false;
        } else {
            $temp_array = wppa_index_array_remove_dups(wppa_index_string_to_array(trim($photos, ',')));
            $count = empty($temp_array) ? '0' : count($temp_array);
            $list = implode(',', $temp_array);
            //			if ( wppa_user_is( 'administrator' ) ) {
            if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
                $real_count = $wpdb->get_var("SELECT COUNT(*) FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") ");
                if ($count != $real_count) {
                    update_option('wppa_remake_index_photos_status', __('Required', 'wp-photo-album-plus'));
                    //					echo 'realcount mismatch:2';
                    //					echo ' count='.$count.', realcount='.$real_count.'<br/>';
                }
            } else {
                // Not admin, can edit own photos only
                $real_count = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") AND `owner` = %s", wppa_get_user()));
            }
            $wppa_search_stats[] = array('word' => $word, 'count' => $real_count);
            $photo_array = array_intersect($photo_array, $temp_array);
        }
    }
    if (!empty($photo_array)) {
        $list = implode(',', $photo_array);
        //		if ( wppa_user_is( 'administrator' ) ) {
        if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
            $totcount = $wpdb->get_var("SELECT COUNT(*) FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") ");
        } else {
            // Not admin, can edit own photos only
            $totcount = $wpdb->get_var($wpdb->prepare("SELECT COUNT(*) FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") AND `owner` = %s", wppa_get_user()));
        }
        $wppa_search_stats[] = array('word' => __('Combined', 'wp-photo-album-plus'), 'count' => $totcount);
        //		if ( wppa_user_is( 'administrator' ) ) {
        if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
            $photos = $wpdb->get_results("SELECT * FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") " . wppa_get_photo_order('0', 'norandom') . $limit, ARRAY_A);
        } else {
            // Not admin, can edit own photos only
            $photos = $wpdb->get_results($wpdb->prepare("SELECT * FROM `" . WPPA_PHOTOS . "` WHERE `id` IN (" . $list . ") AND `owner` = %s" . wppa_get_photo_order('0', 'norandom') . $limit, wppa_get_user()), ARRAY_A);
        }
    } else {
        $photos = false;
    }
    if ($count_only) {
        if (is_array($photos)) {
            return count($photos);
        } else {
            return '0';
        }
    } else {
        return $photos;
    }
}

Beispiel #2

Datei: wppa-album-admin-autosave.php Projekt: msayagh/Quercus-source-code-Maven

function wppa_search_edit($collapsable = false)
{
    $doit = false;
    //	if ( wppa_user_is( 'administrator' ) ) $doit = true;
    if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
        $doit = true;
    }
    if (wppa_switch('upload_edit')) {
        $doit = true;
    }
    if (!$doit) {
        return;
    }
    ?>
	<tr>
		<td colspan="<?php 
    echo $collapsable ? 19 : 13;
    ?>
" >
			<em><?php 
    _e('Search for photos to edit', 'wp-photo-album-plus');
    ?>
</em>
			<small><?php 
    _e('Enter search words seperated by commas. Photos will meet all search words by their names, descriptions, translated keywords and/or tags.', 'wp-photo-album-plus');
    ?>
</small>
		</td>
	</tr>
	<tr class="alternate" >
		<?php 
    if ($collapsable) {
        echo '<td></td>';
    }
    ?>
		<td>
			<?php 
    _e('Any', 'wppa', 'wp-photo-album-plus');
    ?>
		</td>
		<?php 
    if ($collapsable) {
        echo '<td></td><td></td><td></td><td></td><td></td>';
    }
    ?>
		<td>
			<?php 
    _e('Search for', 'wp-photo-album-plus');
    ?>
		</td>
		<td colspan="4" >
			<?php 
    /* if ( wppa_switch( 'indexed_search' ) ) { */
    ?>
				<?php 
    $value = isset($_REQUEST['wppa-searchstring']) ? wppa_sanitize_searchstring($_REQUEST['wppa-searchstring']) : '';
    ?>
				<a id="wppa-edit-search-tag" />
				<input type="text" id="wppa-edit-search" name="wppa-edit-search" style="width:100%; padding:2px; color:black; background-color:#ccffcc;" value="<?php 
    echo $value;
    ?>
" />
			<?php 
    /* }  else { ?>
    				<small style="color:red;" ><?php _e('To use this feature, enable indexed search in Table IX-E7') ?></small>
    			<?php } */
    ?>

		</td>
		<?php 
    if (current_user_can('wppa_admin') && current_user_can('wppa_moderate')) {
        echo '<td></td>';
    }
    ?>
		<td>
			<a class="wppaedit" onclick="wppaEditSearch('<?php 
    echo wppa_ea_url('search');
    ?>
', 'wppa-edit-search' )" >
				<b><?php 
    _e('Edit', 'wp-photo-album-plus');
    ?>
</b>
			</a>
		</td>
		<td>
			<a class="wppaedit" onclick="wppaEditSearch('<?php 
    echo wppa_ea_url('search') . '&amp;quick';
    ?>
', 'wppa-edit-search' )" >
				<b><?php 
    _e('Quick', 'wp-photo-album-plus');
    ?>
</b>
			</a>
		</td>
		<td>
			<a class="wppaedit" onclick="wppaEditSearch('<?php 
    echo wppa_ea_url('search') . '&amp;bulk';
    ?>
', 'wppa-edit-search' )" >
				<b><?php 
    _e('Bulk', 'wp-photo-album-plus');
    ?>
</b>
			</a>
		</td>
		<td></td><td></td><td></td>
	</tr>

<?php 
}