function section_save() { global $txpcfg, $app_mode; extract(doSlash(psa(array('page', 'css', 'old_name')))); extract(psa(array('name', 'title'))); $prequel = ''; $sequel = ''; if (empty($title)) { $title = $name; } // Prevent non url chars on section names include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); $title = doSlash($textile->TextileThis($title, 1)); $name = doSlash(sanitizeForUrl($name)); if ($old_name && strtolower($name) != strtolower($old_name)) { if (safe_field('name', 'txp_section', "name='{$name}'")) { $message = array(gTxt('section_name_already_exists', array('{name}' => $name)), E_ERROR); if ($app_mode == 'async') { // TODO: Better/themeable popup send_script_response('window.alert("' . escape_js(strip_tags(gTxt('section_name_already_exists', array('{name}' => $name)))) . '")'); } else { sec_section_list($message); return; } } } if ($name == 'default') { safe_update('txp_section', "page = '{$page}', css = '{$css}'", "name = 'default'"); update_lastmod(); } else { extract(array_map('assert_int', psa(array('is_default', 'on_frontpage', 'in_rss', 'searchable')))); // note this means 'selected by default' not 'default page' if ($is_default) { safe_update("txp_section", "is_default = 0", "name != '{$old_name}'"); // switch off $is_default for all sections in async app_mode if ($app_mode == 'async') { $prequel = '$("input[name=\\"is_default\\"][value=\\"1\\"]").attr("checked", false);' . '$("input[name=\\"is_default\\"][value=\\"0\\"]").attr("checked", true);'; } } safe_update('txp_section', "\n\t\t\t\tname = '{$name}',\n\t\t\t\ttitle = '{$title}',\n\t\t\t\tpage = '{$page}',\n\t\t\t\tcss = '{$css}',\n\t\t\t\tis_default = {$is_default},\n\t\t\t\ton_frontpage = {$on_frontpage},\n\t\t\t\tin_rss = {$in_rss},\n\t\t\t\tsearchable = {$searchable}\n\t\t\t", "name = '{$old_name}'"); safe_update('textpattern', "Section = '{$name}'", "Section = '{$old_name}'"); update_lastmod(); } $message = gTxt('section_updated', array('{name}' => $name)); if ($app_mode == 'async') { // Caveat: Use unslashed params for DTO $s = psa(array('name', 'title', 'page', 'css')) + compact('is_default', 'on_frontpage', 'in_rss', 'searchable'); $s = section_detail_partial($s); send_script_response($prequel . '$("#section-form-' . $name . '").replaceWith("' . escape_js($s) . '");' . $sequel); } else { sec_section_list($message); } }
function section_save() { global $txpcfg; extract(doSlash(psa(array('page', 'css', 'old_name')))); extract(psa(array('name', 'title'))); if (empty($title)) { $title = $name; } // Prevent non url chars on section names include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); $title = doSlash($textile->TextileThis($title, 1)); $name = doSlash(sanitizeForUrl($name)); if ($old_name && strtolower($name) != strtolower($old_name)) { if (safe_field('name', 'txp_section', "name='{$name}'")) { $message = gTxt('section_name_already_exists', array('{name}' => $name)); sec_section_list($message); return; } } if ($name == 'default') { safe_update('txp_section', "page = '{$page}', css = '{$css}'", "name = 'default'"); update_lastmod(); } else { extract(array_map('assert_int', psa(array('is_default', 'on_frontpage', 'in_rss', 'searchable')))); // note this means 'selected by default' not 'default page' if ($is_default) { safe_update("txp_section", "is_default = 0", "name != '{$old_name}'"); } safe_update('txp_section', "\n\t\t\t\tname = '{$name}',\n\t\t\t\ttitle = '{$title}',\n\t\t\t\tpage = '{$page}',\n\t\t\t\tcss = '{$css}',\n\t\t\t\tis_default = {$is_default},\n\t\t\t\ton_frontpage = {$on_frontpage},\n\t\t\t\tin_rss = {$in_rss},\n\t\t\t\tsearchable = {$searchable}\n\t\t\t", "name = '{$old_name}'"); safe_update('textpattern', "Section = '{$name}'", "Section = '{$old_name}'"); update_lastmod(); } $message = gTxt('section_updated', array('{name}' => $name)); sec_section_list($message); }
function stripSpace($text, $force = 0) { global $prefs; if ($force or !empty($prefs['attach_titles_to_permalinks'])) { $text = trim(sanitizeForUrl($text), '-'); if ($prefs['permalink_title_format']) { return function_exists('mb_strtolower') ? mb_strtolower($text, 'UTF-8') : strtolower($text); } else { return str_replace('-', '', $text); } } }
function section_save() { global $app_mode; $in = array_map('assert_string', psa(array('name', 'title', 'old_name', 'section_page', 'css'))); if (empty($in['title'])) { $in['title'] = $in['name']; } // Prevent non url chars on section names include_once txpath . '/lib/classTextile.php'; $textile = new Textile(); $in['title'] = $textile->TextileThis($in['title'], 1); $in['name'] = strtolower(sanitizeForUrl($in['name'])); extract($in); $in = doSlash($in); extract($in, EXTR_PREFIX_ALL, 'safe'); if ($name != strtolower($old_name)) { if (safe_field('name', 'txp_section', "name='{$safe_name}'")) { // Invalid input. Halt all further processing (e.g. plugin event handlers). $message = array(gTxt('section_name_already_exists', array('{name}' => $name)), E_ERROR); // modal_halt($message); sec_section_list($message); return; } } $ok = false; if ($name == 'default') { $ok = safe_update('txp_section', "page = '{$safe_section_page}', css = '{$safe_css}'", "name = 'default'"); } else { if ($name) { extract(array_map('assert_int', psa(array('on_frontpage', 'in_rss', 'searchable')))); if ($safe_old_name) { $ok = safe_update('txp_section', "\n\t\t\t\t\tname = '{$safe_name}',\n\t\t\t\t\ttitle = '{$safe_title}',\n\t\t\t\t\tpage = '{$safe_section_page}',\n\t\t\t\t\tcss = '{$safe_css}',\n\t\t\t\t\ton_frontpage = {$on_frontpage},\n\t\t\t\t\tin_rss = {$in_rss},\n\t\t\t\t\tsearchable = {$searchable}\n\t\t\t\t\t", "name = '{$safe_old_name}'"); // Manually maintain referential integrity if ($ok) { $ok = safe_update('textpattern', "Section = '{$safe_name}'", "Section = '{$safe_old_name}'"); } } else { $ok = safe_insert('txp_section', "\n\t\t\t\t\tname = '{$safe_name}',\n\t\t\t\t\ttitle = '{$safe_title}',\n\t\t\t\t\tpage = '{$safe_section_page}',\n\t\t\t\t\tcss = '{$safe_css}',\n\t\t\t\t\ton_frontpage = {$on_frontpage},\n\t\t\t\t\tin_rss = {$in_rss},\n\t\t\t\t\tsearchable = {$searchable}"); } } } if ($ok) { update_lastmod(); } if ($ok) { sec_section_list(gTxt($safe_old_name ? 'section_updated' : 'section_created', array('{name}' => $name))); } else { sec_section_list(array(gTxt('section_save_failed'), E_ERROR)); } }
/** * Saves a section. */ function section_save() { $in = array_map('assert_string', psa(array('name', 'title', 'description', 'old_name', 'section_page', 'css'))); if (empty($in['title'])) { $in['title'] = $in['name']; } // Prevent non-URL characters on section names. $in['name'] = strtolower(sanitizeForUrl($in['name'])); extract($in); $in = doSlash($in); extract($in, EXTR_PREFIX_ALL, 'safe'); if ($name != strtolower($old_name)) { if (safe_field('name', 'txp_section', "name='{$safe_name}'")) { // Invalid input. Halt all further processing (e.g. plugin event // handlers). $message = array(gTxt('section_name_already_exists', array('{name}' => $name)), E_ERROR); // modal_halt($message); sec_section_list($message); return; } } $ok = false; if ($name == 'default') { $ok = safe_update('txp_section', "page = '{$safe_section_page}', css = '{$safe_css}', description = '{$safe_description}'", "name = 'default'"); } elseif ($name) { extract(array_map('assert_int', psa(array('on_frontpage', 'in_rss', 'searchable')))); if ($safe_old_name) { $ok = safe_update('txp_section', "\n name = '{$safe_name}',\n title = '{$safe_title}',\n page = '{$safe_section_page}',\n css = '{$safe_css}',\n description = '{$safe_description}',\n on_frontpage = {$on_frontpage},\n in_rss = {$in_rss},\n searchable = {$searchable}\n ", "name = '{$safe_old_name}'"); // Manually maintain referential integrity. if ($ok) { $ok = safe_update('textpattern', "Section = '{$safe_name}'", "Section = '{$safe_old_name}'"); } } else { $ok = safe_insert('txp_section', "\n name = '{$safe_name}',\n title = '{$safe_title}',\n page = '{$safe_section_page}',\n css = '{$safe_css}',\n description = '{$safe_description}',\n on_frontpage = {$on_frontpage},\n in_rss = {$in_rss},\n searchable = {$searchable}"); } } if ($ok) { update_lastmod('section_saved', compact('name', 'title', 'page', 'css', 'description', 'on_frontpage', 'in_rss', 'searchable')); } if ($ok) { sec_section_list(gTxt($safe_old_name ? 'section_updated' : 'section_created', array('{name}' => $name))); } else { sec_section_list(array(gTxt('section_save_failed'), E_ERROR)); } }
function cat_event_category_save($event, $table_name) { global $txpcfg; extract(doSlash(psa(array('id', 'name', 'old_name', 'parent', 'title')))); $id = assert_int($id); $name = sanitizeForUrl($name); // make sure the name is valid if (!$name) { $message = array(gTxt($event . '_category_invalid', array('{name}' => $name)), E_ERROR); return cat_category_list($message); } // don't allow rename to clobber an existing category $existing_id = safe_field('id', 'txp_category', "name = '{$name}' and type = '{$event}'"); if ($existing_id and $existing_id != $id) { $message = array(gTxt($event . '_category_already_exists', array('{name}' => $name)), E_ERROR); return cat_category_list($message); } $parent = $parent ? $parent : 'root'; if (safe_update('txp_category', "name = '{$name}', parent = '{$parent}', title = '{$title}'", "id = {$id}")) { safe_update('txp_category', "parent = '{$name}'", "parent = '{$old_name}'"); } rebuild_tree_full($event); if ($event == 'article') { safe_update('textpattern', "Category1 = '{$name}'", "Category1 = '{$old_name}'"); safe_update('textpattern', "Category2 = '{$name}'", "Category2 = '{$old_name}'"); } else { safe_update($table_name, "category = '{$name}'", "category = '{$old_name}'"); } $message = gTxt($event . '_category_updated', array('{name}' => doStrip($name))); cat_category_list($message); }
/** * Sanitises a string for use in an article's URL title. * * @param string $text The title or an URL * @param bool $force Force sanitisation * @return string|null * @package URL */ function stripSpace($text, $force = false) { if ($force || get_pref('attach_titles_to_permalinks')) { $text = trim(sanitizeForUrl($text), '-'); if (get_pref('permalink_title_format')) { return function_exists('mb_strtolower') ? mb_strtolower($text, 'UTF-8') : strtolower($text); } else { return str_replace('-', '', $text); } } }
function stripSpace($text, $force = 0) { global $prefs; if ($force or !empty($prefs['attach_titles_to_permalinks'])) { $text = sanitizeForUrl($text); if ($prefs['permalink_title_format']) { return strtolower($text); } else { return str_replace('-', '', $text); } } }
/** * Saves a category from HTTP POST data. * * @param string $event Type of category * @param string $table Affected database table */ function cat_event_category_save($event, $table_name) { extract(doSlash(array_map('assert_string', psa(array('id', 'name', 'description', 'old_name', 'parent', 'title'))))); $id = assert_int($id); $rawname = $name; $name = sanitizeForUrl($rawname); // Make sure the name is valid. if (!$name) { $message = array(gTxt($event . '_category_invalid', array('{name}' => $rawname)), E_ERROR); return cat_event_category_edit($event, $message); } // Don't allow rename to clobber an existing category. $existing_id = safe_field("id", 'txp_category', "name = '{$name}' AND type = '{$event}'"); if ($existing_id and $existing_id != $id) { $message = array(gTxt($event . '_category_already_exists', array('{name}' => $name)), E_ERROR); return cat_event_category_edit($event, $message); } // TODO: validate parent? $parent = $parent ? $parent : 'root'; $message = array(gTxt('category_save_failed'), E_ERROR); if (safe_update('txp_category', "name = '{$name}', parent = '{$parent}', title = '{$title}', description = '{$description}'", "id = {$id}") && safe_update('txp_category', "parent = '{$name}'", "parent = '{$old_name}' AND type = '{$event}'")) { rebuild_tree_full($event); if ($event == 'article') { if (safe_update('textpattern', "Category1 = '{$name}'", "Category1 = '{$old_name}'") && safe_update('textpattern', "Category2 = '{$name}'", "Category2 = '{$old_name}'")) { $message = gTxt($event . '_category_updated', array('{name}' => doStrip($name))); } } else { if (safe_update($table_name, "category = '{$name}'", "category = '{$old_name}'")) { $message = gTxt($event . '_category_updated', array('{name}' => doStrip($name))); } } } cat_category_list($message); }
function sed_cleaner_addsection_action($args, $debug) { $section_title = doSlash(array_shift($args)); $section_name = strtolower(sanitizeForUrl($section_title)); if (!empty($args)) { $page = doSlash(array_shift($args)); } else { $page = $default['page']; } if (!empty($args)) { $css = doSlash(array_shift($args)); } else { $css = $default['css']; } if (!empty($args)) { $rss = doSlash(array_shift($args)); } else { $rss = 0; } if (!empty($args)) { $frontpage = doSlash(array_shift($args)); } else { $frontpage = 0; } if (!empty($args)) { $searchable = doSlash(array_shift($args)); } else { $searchable = 0; } $default = doSlash(safe_row('page, css', 'txp_section', "name = 'default'")); if ($debug) { echo " attempting to add a section entitled '{$section_title}'."; } safe_insert('txp_section', "`name` = '{$section_name}',\n\t\t`title` = '{$section_title}',\n\t\t`page` = '{$page}',\n\t\t`css` = '{$css}',\n\t\t`is_default` = 0,\n\t\t`in_rss` = {$rss},\n\t\t`on_frontpage` = {$frontpage},\n\t\t`searchable` = {$searchable}", $debug); }
/** * Create category * @param string $title The title used for the category * @return string name field of the created category */ private function create_category($title) { $name = strtolower(sanitizeForUrl($title)); if (!$name) { return ''; } $exists = safe_field('name', 'txp_category', "name = '" . doSlash($name) . "' and type = 'image'"); if ($exists) { return $name; } $q = safe_insert('txp_category', "name = '" . doSlash($name) . "', title = '" . doSlash($title) . "', type = 'image', parent = 'root'"); if ($q) { rebuild_tree_full('image'); return $name; } return ''; }
function edit_post() { extract(doSlash(psa(array('name', 'old_name', 'title', 'type')))); $id = $this->psi('id'); $parent = $this->ps('parent'); if (!$parent) { $parent = tree_root_id('txp_category', "type='" . doSlash($type) . "'"); } $name = sanitizeForUrl($name); // make sure the name is valid if (!$name) { $this->_error(gTxt($type . '_category_invalid', array('{name}' => $name))); return; } // don't allow rename to clobber an existing category if (safe_field('id', 'txp_category', "name = '{$name}' and type = '{$type}' and id != {$id}")) { $this->_error(gTxt($type . '_category_already_exists', array('{name}' => $name))); return; } safe_update('txp_category', "name = '{$name}', parent = '{$parent}', title = '{$title}'", "id = {$id}"); tree_rebuild_full('txp_category', "type='{$type}'"); if ($type == 'article') { safe_update('textpattern', "Category1 = '{$name}'", "Category1 = '{$old_name}'"); safe_update('textpattern', "Category2 = '{$name}'", "Category2 = '{$old_name}'"); } elseif ($type == 'link') { safe_update('txp_link', "category = '{$name}'", "category = '{$old_name}'"); } elseif ($type == 'image') { safe_update('txp_image', "category = '{$name}'", "category = '{$old_name}'"); } elseif ($type == 'file') { safe_update('txp_file', "category = '{$name}'", "category = '{$old_name}'"); } // show a success message and switch back to the list view $this->_message(gTxt($type . '_category_updated', array('{name}' => doStrip($name)))); $this->_set_view('list'); }
function build_options($table, $valueCol, $displayCol, $selected = '', $where = '1', $order_by = '') { $returnData = ''; $datas = safe_rows("*", $table, $where . " " . $order_by); foreach ($datas as $data) { if ($data[$valueCol] == sanitizeForUrl($selected)) { $selectOption = " selected=\"selected\""; } else { $selectOption = ""; } $returnData .= "<option value=\"" . $data[$valueCol] . "\"{$selectOption}>" . $data[$displayCol] . "</option>" . n; } return $returnData; }
function cnk_section_create() { // get name $name = sanitizeForUrl(ps('name')); // if new section was created, add to node to default $chk = safe_field('name', 'txp_section', "name='" . $name . "' and lft is null"); if ($chk) { cnk_st_add_node($name, 'default'); } }
function _l10n_post_sectionsave($event, $step) { //echo br , "_l10n_post_sectionsave( $event , $step )"; $old_name = doSlash(ps('old_name')); $name = doSlash(sanitizeForUrl(ps('name'))); if ($name !== $old_name) { $langs = MLPLanguageHandler::get_site_langs(); foreach ($langs as $lang) { $table = _l10n_make_textpattern_name(array('long' => $lang)); @safe_update($table, "Section = '{$name}'", "Section = '{$old_name}'"); } } }
function zem_event_cat_tab_save() { global $txpcfg; extract(doSlash(psa(array('id', 'name', 'old_name', 'parent', 'title')))); $id = assert_int($id); $name = sanitizeForUrl($name); // make sure the name is valid if (!$name) { $message = zem_event_gTxt('category_invalid', array('{name}' => $name)); return zem_event_cat_tab_list($message); } // don't allow rename to clobber an existing category $existing_id = safe_field('id', 'txp_category', "type = 'event' and name = '{$name}'"); if ($existing_id and $existing_id != $id) { $message = zem_event_gTxt('category_already_exists', array('{name}' => $name)); return zem_event_cat_tab_list($message); } $parent = $parent ? $parent : 'root'; if (safe_update('txp_category', "parent = '{$parent}', name = '{$name}', title = '{$title}'", "id = {$id}")) { safe_update('txp_category', "parent = '{$name}'", "parent = '{$old_name}'"); } if (function_exists('rebuild_tree_full')) { rebuild_tree_full('event'); } else { rebuild_tree('root', 1, 'event'); } $message = zem_event_gTxt('category_updated', array('{name}' => doStrip($name))); zem_event_cat_tab_list($message); }