function qa_db_user_set($userid, $field, $value) { qa_db_query_sub('UPDATE ^users SET ' . qa_db_escape_string($field) . '=$ WHERE userid=$', $value, $userid); }
function qa_db_default_userfields_sql() { $oldprofileflags = array('name' => 0, 'location' => 0, 'website' => QA_FIELD_FLAGS_LINK_URL, 'about' => QA_FIELD_FLAGS_MULTI_LINE); $sql = 'INSERT INTO ^userfields (title, position, flags) VALUES '; // content column will be NULL, meaning use default from lang files $index = 0; foreach ($oldprofileflags as $title => $flags) { $sql .= ($index ? ', ' : '') . "('" . qa_db_escape_string($title) . "', " . ++$index . ", " . (int) @$oldprofileflags[$title] . ")"; } return $sql; }
/** * Return the data specified by each element of $selectspecs, where the keys of the * returned array match the keys of the supplied $selectspecs array. See long comment above. */ function qa_db_multi_select($selectspecs) { if (!count($selectspecs)) { return array(); } // Perform simple queries if the database is local or there are only 0 or 1 selectspecs if (QA_OPTIMIZE_LOCAL_DB || count($selectspecs) <= 1) { $outresults = array(); foreach ($selectspecs as $selectkey => $selectspec) { $outresults[$selectkey] = qa_db_single_select($selectspec); } return $outresults; } // Otherwise, parse columns for each spec to deal with columns without an 'AS' specification foreach ($selectspecs as $selectkey => $selectspec) { $selectspecs[$selectkey]['outcolumns'] = array(); $selectspecs[$selectkey]['autocolumn'] = array(); foreach ($selectspec['columns'] as $columnas => $columnfrom) { if (is_int($columnas)) { $periodpos = strpos($columnfrom, '.'); $columnas = is_numeric($periodpos) ? substr($columnfrom, $periodpos + 1) : $columnfrom; $selectspecs[$selectkey]['autocolumn'][$columnas] = true; } if (isset($selectspecs[$selectkey]['outcolumns'][$columnas])) { qa_fatal_error('Duplicate column name in qa_db_multi_select()'); } $selectspecs[$selectkey]['outcolumns'][$columnas] = $columnfrom; } if (isset($selectspec['arraykey'])) { if (!isset($selectspecs[$selectkey]['outcolumns'][$selectspec['arraykey']])) { qa_fatal_error('Used arraykey not in columns in qa_db_multi_select()'); } } if (isset($selectspec['arrayvalue'])) { if (!isset($selectspecs[$selectkey]['outcolumns'][$selectspec['arrayvalue']])) { qa_fatal_error('Used arrayvalue not in columns in qa_db_multi_select()'); } } } // Work out the full list of columns used $outcolumns = array(); foreach ($selectspecs as $selectspec) { $outcolumns = array_unique(array_merge($outcolumns, array_keys($selectspec['outcolumns']))); } // Build the query based on this full list $query = ''; foreach ($selectspecs as $selectkey => $selectspec) { $subquery = "(SELECT '" . qa_db_escape_string($selectkey) . "'" . (empty($query) ? ' AS selectkey' : ''); foreach ($outcolumns as $columnas) { $subquery .= ', ' . (isset($selectspec['outcolumns'][$columnas]) ? $selectspec['outcolumns'][$columnas] : 'NULL'); if (empty($query) && !isset($selectspec['autocolumn'][$columnas])) { $subquery .= ' AS ' . $columnas; } } if (strlen(@$selectspec['source'])) { $subquery .= ' FROM ' . $selectspec['source']; } $subquery .= ')'; if (strlen($query)) { $query .= ' UNION ALL '; } $query .= qa_db_apply_sub($subquery, @$selectspec['arguments']); } // Perform query and extract results $rawresults = qa_db_read_all_assoc(qa_db_query_raw($query)); $outresults = array(); foreach ($selectspecs as $selectkey => $selectspec) { $outresults[$selectkey] = array(); } foreach ($rawresults as $rawresult) { $selectkey = $rawresult['selectkey']; $selectspec = $selectspecs[$selectkey]; $keepresult = array(); foreach ($selectspec['outcolumns'] as $columnas => $columnfrom) { $keepresult[$columnas] = $rawresult[$columnas]; } if (isset($selectspec['arraykey'])) { $outresults[$selectkey][$keepresult[$selectspec['arraykey']]] = $keepresult; } else { $outresults[$selectkey][] = $keepresult; } } // Post-processing to apply various stuff include sorting request, since we can't rely on ORDER BY due to UNION foreach ($selectspecs as $selectkey => $selectspec) { qa_db_post_select($outresults[$selectkey], $selectspec); } // Return results return $outresults; }
/** * Vote Call. * * @param array $args ($username, $password, $data['sort', 'start', 'cats', 'full', 'size', 'action', 'action_id', 'action_data']) * @return array (questions); * */ function call_vote($args) { // Parse the arguments, assuming they're in the correct order $username = qa_db_escape_string($args[0]); $password = qa_db_escape_string($args[1]); $data = @$args[2]; $type = @$data['action_data']['type']; $vote = @$data['action_data']['vote']; if (!$this->login($username, $password)) { return $this->error; } $userid = qa_get_logged_in_userid(); $output = array(); if (isset($data['meta_data'])) { $output['meta_data'] = $this->get_meta_data(); } $output['confirmation'] = $this->do_vote($data); if ($output['confirmation']) { $output['message'] = qa_lang('xmlrpc/voted'); $output['confirmation'] = true; $info = @$data['action_data']; $questionid = (int) @$info['questionid']; if ($questionid) { $question = qa_db_read_one_assoc(qa_db_query_sub("SELECT ^posts.*, LEFT(^posts.type, 1) AS basetype, UNIX_TIMESTAMP(^posts.created) AS created, ^uservotes.vote as uservote FROM ^posts LEFT JOIN ^uservotes ON ^posts.postid=^uservotes.postid AND ^uservotes.userid=\$ WHERE ^posts.type='Q' AND ^posts.postid=#", $userid, $questionid), true); if ($question) { $output['data'] = $this->get_single_question($data, $question); } } } else { $output['message'] = qa_lang('xmlrpc/vote_error'); } return $output; }
function qa_db_user_login_set__open($source, $identifier, $field, $value) { // update an arbitrary field on userlogins table qa_db_query_sub('UPDATE ^userlogins SET ' . qa_db_escape_string($field) . '=$ WHERE source=$ and identifier=$', $value, $source, $identifier); }
function qa_db_points_update_ifuser($userid, $columns) { if (qa_to_override(__FUNCTION__)) { $args = func_get_args(); return qa_call_override(__FUNCTION__, $args); } if (qa_should_update_counts() && isset($userid)) { require_once QA_INCLUDE_DIR . 'app/options.php'; require_once QA_INCLUDE_DIR . 'app/cookies.php'; $calculations = qa_db_points_calculations(); if ($columns === true) { $keycolumns = $calculations; } elseif (empty($columns)) { $keycolumns = array(); } elseif (is_array($columns)) { $keycolumns = array_flip($columns); } else { $keycolumns = array($columns => true); } $insertfields = 'userid, '; $insertvalues = '$, '; $insertpoints = (int) qa_opt('points_base'); $updates = ''; $updatepoints = $insertpoints; foreach ($calculations as $field => $calculation) { $multiple = (int) $calculation['multiple']; if (isset($keycolumns[$field])) { $insertfields .= $field . ', '; $insertvalues .= '@_' . $field . ':=(SELECT ' . $calculation['formula'] . '), '; $updates .= $field . '=@_' . $field . ', '; $insertpoints .= '+(' . (int) $multiple . '*@_' . $field . ')'; } $updatepoints .= '+(' . $multiple . '*' . (isset($keycolumns[$field]) ? '@_' : '') . $field . ')'; } $query = 'INSERT INTO ^userpoints (' . $insertfields . 'points) VALUES (' . $insertvalues . $insertpoints . ') ' . 'ON DUPLICATE KEY UPDATE ' . $updates . 'points=' . $updatepoints . '+bonus'; qa_db_query_raw(str_replace('~', "='" . qa_db_escape_string($userid) . "'", qa_db_apply_sub($query, array($userid)))); // build like this so that a #, $ or ^ character in the $userid (if external integration) isn't substituted if (qa_db_insert_on_duplicate_inserted()) { qa_db_userpointscount_update(); } } }
function qa_db_points_update_ifuser($userid, $columns) { if (qa_should_update_counts() && isset($userid)) { require_once QA_INCLUDE_DIR . 'qa-app-options.php'; $calculations = qa_db_points_calculations(); if ($columns === true) { $keycolumns = $calculations; } elseif (empty($columns)) { $keycolumns = array(); } elseif (is_array($columns)) { $keycolumns = array_flip($columns); } else { $keycolumns = array($columns => true); } $insertfields = 'userid, '; $insertvalues = '$, '; $insertpoints = (int) qa_opt('points_base'); $updates = ''; $updatepoints = $insertpoints; foreach ($calculations as $field => $calculation) { $multiple = (int) $calculation['multiple']; if (isset($keycolumns[$field])) { $insertfields .= $field . ', '; $insertvalues .= '@_' . $field . ':=(SELECT ' . $calculation['formula'] . '), '; $updates .= $field . '=@_' . $field . ', '; $insertpoints .= '+(' . $multiple . '*@_' . $field . ')'; } $updatepoints .= '+(' . $multiple . '*' . (isset($keycolumns[$field]) ? '@_' : '') . $field . ')'; } $query = 'INSERT INTO ^userpoints (' . $insertfields . 'points) VALUES (' . $insertvalues . $insertpoints . ') ' . 'ON DUPLICATE KEY UPDATE ' . $updates . 'points=' . $updatepoints; qa_db_query_sub(str_replace('~', "=_utf8 '" . qa_db_escape_string($userid) . "'", $query), $userid); if (qa_db_insert_on_duplicate_inserted()) { qa_db_userpointscount_update(); } } }