function recountTagReferences($tagid) { sql_where(array("hfmTag" => $tagid)); $count = sql_count("helpdeskFAQTagMap"); if ($count > 0) { sql_values(array("hftCount" => $count)); sql_where(array("hftid" => $tagid)); sql_update("helpdeskFAQTags"); } else { sql_where(array("hftid" => $tagid)); sql_delete("helpdeskFAQTags"); } }
<?php if (!isLoggedIn()) { echo _REQUIRE_LOGIN; return; } if (!atLeastSModerator()) { echo formatText("Sorry, the Helpdesk is currently in development. If you have a request, please send it to [c=1]."); return; } if (isset($_POST["summary"])) { sql_values(array("hlpSummary" => $_POST["summary"], "hlpCategory" => $_POST["category"], "hlpSubmitDate!" => "NOW()", "hlpSubmitter" => $_auth["useid"], "hlpReferenceType" => $_POST["referenceType"], "hlpReferenceId" => $_POST["referenceID"], "hlpOwner" => getRequestRefOwner($_POST["referenceType"], $_POST["referenceID"]))); $helpdeskItem = sql_insert("helpdesk"); addRequestDetail($helpdeskItem, "publicDetail", "publicFile", "all"); addRequestDetail($helpdeskItem, "privateDetail", "privateFile", "submitter"); redirect(url("helpdesk")); } $requestCat = strtolower($_cmd[2]); $requestRef = strtolower($_cmd[3]); $requestRefId = intval($_cmd[4]); $cats = array(); $catsResult = sql_rowset("helpdeskCats"); while ($catsData = sql_next($catsResult)) { $cats[$catsData["hdcid"]] = array("name" => $catsData["hdcName"], "type" => $catsData["hdcType"]); } sql_free($catsResult); ?> <div class="header"> Add a Request </div> <form action="<?php
if (0) { // Store profiler information. $time_start = $_stats["startTime"]; $time_end = gettimeofday(); $secdiff = $time_end["sec"] - $time_start["sec"]; $usecdiff = $time_end["usec"] - $time_start["usec"]; $generationTime = round(($secdiff * 1000000 + $usecdiff) / 1000000, 3); $page = $_cmd[0]; if ($_isSearchBot) { $page .= " (bot)"; } sql_where(array("prfPage" => $page)); if (sql_count("profiler") > 0) { sql_query("UPDATE `profiler` SET `prfCount` = `prfCount` + 1, " . "`prfTime` = `prfTime` + '" . $generationTime . "' " . "WHERE `prfPage` = '" . addslashes($page) . "'"); } else { sql_values(array("prfPage" => $page, "prfCount" => 1, "prfTime" => $generationTime)); sql_insert("profiler"); } } // Show "Page generated in N seconds" if the user is at least // a moderator. if (atLeastSModerator() || $_auth["useid"] == 34814) { include_once "serverload.php"; $time_start = $_stats["startTime"]; $time_end = gettimeofday(); $secdiff = $time_end["sec"] - $time_start["sec"]; $usecdiff = $time_end["usec"] - $time_start["usec"]; $generationTime = round(($secdiff * 1000000 + $usecdiff) / 1000000, 3); $mysqlStat = mysql_stat(); $queriesPerSecond = round(preg_replace('/.*' . preg_quote("Queries per second avg: ") . '([0-9\\.]+).*/', "\\1", $mysqlStat), 2); //if( isset( $_stats[ "startQueries" ]))
function submitModifiedTitle($objid, $title, $comment, $mature, $forClub, $folder = 0, $collab = 0, $gift = 0, $forClub2 = 0, $forClub3 = 0) { $oldCollab = 0; $collabConfirmed = 0; $objCreator = 0; $sql = "SELECT `objCollab`, `objCollabConfirmed`, `objCreator` " . "FROM `objects`, `objExtData`" . dbWhere(array("objid*" => "objEid", "objid" => $objid)); $objResult = sql_query($sql); if ($objData = mysql_fetch_assoc($objResult)) { $oldCollab = $objData["objCollab"]; $collabConfirmed = $objData["objCollabConfirmed"]; $objCreator = $objData["objCreator"]; } mysql_free_result($objResult); if ($forClub2 == $forClub) { $forClub2 = 0; } if ($forClub3 == $forClub || $forClub3 == $forClub2) { $forClub3 = 0; } sql_where(array("cloObject" => $objid)); sql_delete("clubObjects"); if ($forClub > 0) { sql_values(array("cloObject" => $objid, "cloClub" => $forClub)); sql_insert("clubObjects"); } if ($forClub2 > 0) { sql_values(array("cloObject" => $objid, "cloClub" => $forClub2)); sql_insert("clubObjects"); } if ($forClub3 > 0) { sql_values(array("cloObject" => $objid, "cloClub" => $forClub3)); sql_insert("clubObjects"); } $values = array("objTitle" => $title, "objMature" => $mature, "objForClub" => $forClub, "objForClub2" => $forClub2, "objForClub3" => $forClub3, "objFolder" => $folder); if (!$collabConfirmed || atLeastSModerator()) { $values["objCollab"] = $collab; } $values["objForUser"] = $gift; $sql = "UPDATE `objects`" . dbSet($values) . dbWhere(array("objid" => $objid)); sql_query($sql); $values = array("objComment" => $comment); if ($collab == 0 && atLeastSModerator()) { $values["objCollabConfirmed"] = 0; } $sql = "UPDATE `objExtData`" . dbSet($values) . dbWhere(array("objEid" => $objid)); sql_query($sql); updateSearchCache($objid); updateObjCount($objCreator); updateObjCount($collab); if ($collab != $oldCollab) { updateObjCount($oldCollab); } }
// Adds club $_cmd[ 1 ] to the current user's watch list. // watCreator in the `watches` table is the club that we watch. // watUser is the user who is watching the club. if ($_auth["useid"] && !$_config["readOnly"]) { // Check if this club exists. $result = sql_query("SELECT `cluid`,`cluCreator` FROM `clubs`,`cluExtData` " . "WHERE `cluEid` = `cluid` AND `cluid` = '" . intval($_cmd[1]) . "' LIMIT 1"); if ($cluData = mysql_fetch_assoc($result)) { // Check if the club is already +watch'd. $result = sql_query("SELECT `watid` FROM `watches` " . "WHERE `watUser` = '" . $_auth["useid"] . "' " . "AND `watCreator` = '" . $cluData["cluid"] . "' " . "AND `watType` = 'clu' LIMIT 1"); if ($watData = mysql_fetch_assoc($result)) { // +watch'd already? remove them from the watches. if (!isset($_GET["disableUnwatch"])) { sql_query("DELETE FROM `watches` WHERE `watid` = '" . $watData["watid"] . "' LIMIT 1"); } } else { // It's not watch'd? add it to the watches then. sql_query("INSERT INTO `watches`(`watCreator`,`watUser`,`watSubmitDate`,`watType`) " . "VALUES('" . $cluData["cluid"] . "','" . $_auth["useid"] . "',NOW(),'clu')"); // Notify the club's owner about the +watch. addUpdate(updTypeMessageWatchClub, $cluData["cluCreator"], $cluData["cluid"], $_auth["useid"]); } // Recalculate club watcher-count sql_where(array("watType" => "clu", "watCreator" => $cluData["cluid"])); $watcherCount = sql_count("watches"); sql_where(array("cluEid" => $cluData["cluid"])); sql_values(array("cluWatcherCount" => $watcherCount)); sql_update("cluExtData"); } } redirect(url("club/" . intval($_cmd[1]))); // Get back to the club page.
/** * Executes an SQL replace-into query with the provided array mapping columns to values. * Returns the value of the primary key at which the value was inserted. */ protected function exec($table, $data) { $stmt = $this->db->prepare("REPLACE INTO `" . $table . "` (" . sql_keys($data) . ") VALUES (" . sql_values($data) . ");"); $res = $stmt->execute(sql_parameters($data)); return $res->insertId; }
/** * Functions reads the POST data and adds a new comment to the database. */ function processCommentReply($objid, $objType) { global $_auth, $_config; $noEmoticons = isset($_POST["commentNoEmoticons"]) ? 1 : 0; $noSig = isset($_POST["commentNoSig"]) ? 1 : 0; $noBBCode = isset($_POST["commentNoBBCode"]) ? 1 : 0; $root_objid = $objid; $root_objType = $objType; $parent_objid = $objid; $parent_objType = $objType; if ($objType == "com") { $comResult = sql_query("SELECT `comRootObj`,`comRootObjType`,`comObj`,`comObjType` " . "FROM `comments`" . dbWhere(array("comid" => $objid))); if ($comData = mysql_fetch_row($comResult)) { $root_objid = $comData[0]; $root_objType = $comData[1]; $parent_objid = $comData[2]; $parent_objType = $comData[3]; } mysql_free_result($comResult); if ($parent_objid != $objid && $parent_objid != $root_objid) { $comResult = sql_query("SELECT `comObj`,`comObjType` " . "FROM `comments`" . dbWhere(array("comid" => $parent_objid))); if ($comData = mysql_fetch_row($comResult)) { $parent_objid = $comData[0]; $parent_objType = $comData[1]; } mysql_free_result($comResult); } } // 16000 characters maximum. $commentText = substr($_POST["comment"], 0, 16000); $userIp = getHexIp($_SERVER["REMOTE_ADDR"]); // Add the comment to the database. sql_query("INSERT INTO `comments`" . dbValues(array("comObj" => $objid, "comObjType" => $objType, "comRootObj" => $root_objid, "comRootObjType" => $root_objType, "comCreator" => $_auth["useid"], "comSubmitDate!" => "NOW()", "comComment" => $commentText, "comSubmitIp" => $userIp, "comEditIp" => $userIp, "comNoEmoticons" => $noEmoticons, "comNoSig" => $noSig, "comNoBBCode" => $noBBCode))); $comid = mysql_insert_id(); // Now let's find out who created the parent object for this comment // (that would be a user id). $parentCreator = 0; switch ($objType) { case "obj": $collab = 0; $result = sql_query("SELECT `objCreator`, `objCollab`, `objCollabConfirmed` " . "FROM `objects`, `objExtData`" . dbWhere(array("objid*" => "objEid", "objid" => $objid))); if ($data = mysql_fetch_assoc($result)) { $parentCreator = $data["objCreator"]; $collab = $data["objCollabConfirmed"] ? $data["objCollab"] : 0; // Also gather Fan-to-Artist statistics... $where = array("fanUser" => $_auth["useid"], "fanArtist" => $parentCreator); sql_where($where); if (sql_count("fans") == 0) { $where["fanNumComments"] = 1; sql_values($where); sql_insert("fans"); } else { sql_where($where); sql_values(array("fanNumComments!" => "`fanNumComments` + 1")); sql_update("fans"); } if ($collab > 0) { $where = array("fanUser" => $_auth["useid"], "fanArtist" => $collab); sql_where($where); if (sql_count("fans") == 0) { $where["fanNumComments"] = 1; sql_values($where); sql_insert("fans"); } else { sql_where($where); sql_values(array("fanNumComments!" => "`fanNumComments` + 1")); sql_update("fans"); } } } // If this submission is in user's updates, mark it as viewed // automatically. markAsRead(updTypeArt, $objid); updateSearchCache($objid); if ($collab > 0 && $collab != $_auth["useid"]) { addUpdate(updTypeComment, $collab, $comid, $_auth["useid"]); } break; case "ext": // extra objects $result = sql_query("SELECT `objCreator` FROM `extras` " . "WHERE `objid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; // If this submission is in user's updates, mark it as viewed // automatically. markAsRead(updTypeArtExtra, $objid); break; case "com": // comments $result = sql_query("SELECT `comCreator` FROM `comments` " . "WHERE `comid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; // If this comment is in user's updates, mark it as read automatically. markAsRead(updTypeComment, $objid); break; case "clu": // clubs $result = sql_query("SELECT `cluCreator` FROM `cluExtData` " . "WHERE `cluEid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; break; case "jou": // journals $result = sql_query("SELECT `jouCreator` FROM `journals` " . "WHERE `jouCreatorType` = 'use' AND `jouid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; if ($parentCreator == 0) { // Not found? Maybe that journal is actually an announcement. $result = sql_query("SELECT `jouAnnCreator` FROM `journals` " . "WHERE `jouCreatorType` = 'clu' AND `jouid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; } // If this journal/announcement is in user's updates, mark it as read // automatically. markAsRead(updTypeJournal, $objid); break; case "pol": // polls $result = sql_query("SELECT `polCreator` FROM `polls` " . "WHERE `polid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; // If this poll is in user's updates, mark it as read automatically. markAsRead(updTypeJournalPoll, $objid); break; case "new": // news // Those who posted news on the front page should not receive // comments on that news to their updates. $parentCreator = 0; break; case "use": // user pages $parentCreator = $objid; break; } // Notify the parent object's creator about the new comment on their creation. // If the creator is not the current user, of course. if ($parentCreator > 0 && $parentCreator != $_auth["useid"]) { addUpdate(updTypeComment, $parentCreator, $comid, $_auth["useid"]); } // Redirect to the same page to clean up POST variables. $focus = "#comment" . ($objType == "com" ? $objid : $comid); if (isset($_POST["refererURL"])) { if (preg_match('/\\/updates\\//', $_POST["refererURL"])) { $focus = ""; } redirect($_POST["refererURL"] . $focus); } else { redirect(url(".", array("replied" => "yes")) . $focus); } }
function addRequestDetail($helpdeskItem, $detailPostVar, $detailFileVar, $detailPrivacy) { global $_auth; $detailText = isset($_POST[$detailPostVar]) ? trim($_POST[$detailPostVar]) : ""; $fileName = ""; $fileNameOrig = ""; include_once INCLUDES . "files.php"; $uploadError = checkUploadedFile($detailFileVar); if ($uploadError != _UPL_NO_FILE && $uploadError != "") { return $uploadError; } if ($uploadError == "") { $fileNameOrig = $_FILES[$detailFileVar]["name"]; $fileName = applyIdToPath("files/helpdesk/", $helpdeskItem); $fileName .= "-" . substr(sha1(mt_rand() * (microtime() * 0.001)), 1, 16); uploadFile($detailFileVar, $fileName, $extension); $fileName .= "." . $extension; if ($detailText == "") { $detailText = "There is no text message in this detail."; } } if ($detailText != "") { sql_values(array("hddItem" => $helpdeskItem, "hddSubmitDate!" => "NOW()", "hddPrivacy" => $detailPrivacy, "hddCreator" => $_auth["useid"], "hddMessage" => $detailText, "hddAttachment" => $fileName, "hddAttachOrigName" => $fileNameOrig)); sql_insert("helpdeskDetails"); } return ""; }
<?php if (!$isEditMode) { return; } if (!isset($catKey)) { $catKey = ""; } if (isset($_POST[$editAction . "Category" . $catKey])) { sql_values(array("hfcName" => $_POST[$editAction . "Category" . $catKey], "hfcIdent" => $_POST["ident"], "hfcIsGeneral" => isset($_POST["isGeneral"]))); if ($editAction == "Add") { sql_insert("helpdeskFAQCats"); } if ($editAction == "Edit" && $catKey != "") { sql_where(array("hfcid" => $catKey)); sql_update("helpdeskFAQCats"); } redirect(url(".")); } ?> <div><br /></div> <div class="container2 notsowide"> <?php $editCatTitle = isset($catInfo["name"]) ? $catInfo["name"] : ""; $editCatIdent = isset($catInfo["ident"]) ? $catInfo["ident"] : ""; $editCatGeneral = isset($catInfo["general"]) ? $catInfo["general"] : 1; ?> <form action="<?php echo url(".", array("enableEditMode" => "yes")); ?> " method="post">
sql_insert("fans"); } else { sql_where($where); sql_values(array("fanNumViews!" => "`fanNumViews` + 1")); sql_update("fans"); } if ($objData["objCollab"] > 0) { $where = array("fanUser" => $_auth["useid"], "fanArtist" => $objData["objCollab"]); sql_where($where); if (sql_count("fans") == 0) { $where["fanNumViews"] = 1; sql_values($where); sql_insert("fans"); } else { sql_where($where); sql_values(array("fanNumViews!" => "`fanNumViews` + 1")); sql_update("fans"); } } } $_pollUser = $useData["useid"]; $_documentTitle = _SUBMISSION . ": " . $objData["objTitle"]; ?> <div class="header"> <?php if ($objData["objCollab"] > 0) { ?> <div class="f_right a_center normaltext" style="margin-left: 20px"> <?php echo getUserAvatar("", $objData["objCollab"], true); ?>