function isAlsoSet($value)
{
$query = "SELECT option_value FROM c_options WHERE option_name = 'can_comment'";
$conn = MySQL::open_conn();
$res = $conn->query($query)->fetch_row();
if ($value == $res[0]) {
return 'selected="selected"';
}
return '';
}
static function getMailOptions()
{
$conn = MySQL::open_conn();
$query = "SELECT * FROM c_options WHERE option_name LIKE 'smtp%'";
$res = $conn->query($query);
dbQueryCheck($res, $conn);
$smtp_op = [];
while ($row = $res->fetch_assoc()) {
$smtp_op[$row['option_name']] = $row['option_value'];
}
return $smtp_op;
}
function alreadyInstalled()
{
if (isset($_SESSION['force_install'])) {
return 0;
}
$query = "SELECT option_value FROM c_options WHERE option_name = 'installation_date'";
$installation_date = MySQL::open_conn()->query($query)->fetch_assoc()['option_value'];
if ($installation_date != 'None') {
$query = "SELECT option_value FROM c_options WHERE option_name = 'version'";
$version = MySQL::open_conn()->query($query)->fetch_assoc()['option_value'];
$_SESSION['date_installed'] = $installation_date;
$_SESSION['version_installed'] = $version;
ob_end_clean();
redirectTo('warning.php');
}
}
static function setLoginCookies($user_id, $time)
{
$user_id_cookie = 'user_id';
$nonce_cookie = 'token';
$user_id = test_input($user_id);
$token = md5(mt_rand());
$user_ip = $_SERVER['REMOTE_ADDR'];
$expire_date = strtotime('+' . $time . ' days', time());
setcookie($user_id_cookie, $user_id, time() + 86400 * $time, "/");
// 86400 = 1 day
setcookie($nonce_cookie, $token, time() + 86400 * $time, "/");
// 86400 = 1 day
$query = "INSERT INTO c_nonce (user_id, token, user_ip, expire_date) VALUES ({$user_id}, '{$token}', '{$user_ip}', '{$expire_date}')";
$conn = MySQL::open_conn();
$conn->query($query);
$cookie_names = [$user_id_cookie, $nonce_cookie];
return $cookie_names;
}
function importDatabase()
{
$_SESSION['db_import_started'] = 1;
// Name of the file
$filename = DOC_ROOT . '/c_install/ccms.sql';
// Connect to MySQL server
$conn = MySQL::open_conn();
// Temporary variable, used to store current query
$templine = '';
try {
// Read in entire file
$lines = file($filename);
// Loop through each line
foreach ($lines as $line) {
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '') {
continue;
}
// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';') {
// Perform the query
if (!$conn->query($templine)) {
return false;
}
// Reset temp variable to empty
$templine = '';
}
}
} catch (Exception $ex) {
$_SESSION['db_import_done'] = 1;
ob_end_clean();
redirectTo('index.php?switch=1');
}
}
static function makeComment($post_id, $user_id, $content)
{
$conn = MySQL::open_conn();
$conn->begin_transaction();
$content = strip_tags($content, '<b><i><strong><em><p>');
if (mb_strlen($content) < 8) {
return false;
}
if (!Users::userExistsById($user_id)) {
return false;
}
$res1 = $conn->prepare("INSERT INTO c_comments (post_id, user_id, content, status) VALUES (?, ?, ?, ?)");
$stat = 'Published';
$res1->bind_param('iiss', $post_id, $user_id, $content, $stat);
$res1->execute();
$res2 = $conn->query("UPDATE c_posts SET comment_count = comment_count + 1 WHERE ID = {$post_id}");
if ($res1 && $res2) {
$conn->commit();
return true;
} else {
$conn->rollback();
return false;
}
}
<?php
$conn = MySQL::open_conn();
$query = "SELECT * FROM c_comments ORDER BY date DESC";
$res = $conn->query($query);
dbQueryCheck($res, $conn);
if (isset($_GET['sub']) && $_GET['sub'] == 'delete_comment') {
$id = $_GET['id'];
$query = "DELETE FROM c_comments WHERE ID = {$id} LIMIT 1";
$res = $conn->query($query);
dbQueryCheck($res, $conn);
ob_end_clean();
redirectTo('index.php?switch=comments');
}
if (isset($_GET['sub']) && $_GET['sub'] == 'trash_comment') {
$id = $_GET['id'];
$query = "UPDATE c_comments SET status = 'Trashed' WHERE ID = {$id} LIMIT 1";
$res = $conn->query($query);
dbQueryCheck($res, $conn);
ob_end_clean();
redirectTo('index.php?switch=comments');
}
if (isset($_GET['sub']) && $_GET['sub'] == 'clean_comment') {
$id = $_GET['id'];
$query = "UPDATE c_comments SET status = 'Published' WHERE ID = {$id} LIMIT 1";
$res = $conn->query($query);
dbQueryCheck($res, $conn);
ob_end_clean();
redirectTo('index.php?switch=comments');
}
?>
function getTodayVisitorsCount()
{
$conn = MySQL::open_conn();
$query = "SELECT date_time FROM c_user_stats";
$res = $conn->query($query);
$i = 0;
while ($row = $res->fetch_row()) {
$visited_date = date('Ymd', strtotime($row[0]));
$today = date('Ymd');
if ($today == $visited_date) {
$i++;
}
}
return $i;
}
static function submitSimpleUserForComments($name, $email)
{
if ($id = self::getSimpleUserForComments($email)) {
return $id;
} elseif (self::emailExist($email)) {
return false;
} elseif (self::makeSimpleUser($name, $email) == 0) {
$query = "SELECT ID FROM c_users WHERE user_email = '{$email}' LIMIT 1";
$conn = MySQL::open_conn();
return $conn->query($query)->fetch_row()[0];
} else {
return false;
// set default maybe?
}
}
static function handleSiteViewsStatic()
{
$conn = MySQL::open_conn();
if (!isset($_SESSION['user_ip_main'])) {
$_SESSION['user_ip_main'] = $_SERVER['REMOTE_ADDR'];
} else {
return 0;
}
$user_ip = getVisitorIP();
$user_agent = $_SERVER['HTTP_USER_AGENT'];
$query = "INSERT INTO c_user_stats (user_ip, user_agent) VALUES ('{$user_ip}', '{$user_agent}')";
$conn->query($query);
$conn->close();
}