function mysql_fix_string($string) { if (get_magic_quotes_gpc()) { $string = stipslashes($string); } return mysql_real_escape_string($string); }
function serialisededitor_run() { page_header('Editing Serialised Array'); $op = httpget('op'); if ($op == 'source') { if (httpget('subop') == 'save') { $code = httppost('code'); // Don't serialise the array as it already is. set_module_setting('array', $code, 'serialisededitor'); output('`#Array has been serialised and saved.`0`n`n'); } else { // Don't unserialise, leave as is. $code = get_module_setting('array', 'serialisededitor'); } $size = translate_inline(array('Width', 'Height')); $submit = translate_inline('Submit'); rawoutput('<script language="JavaScript" type="text/javascript">function increase_row(target, value){target.rows = target.rows + value;}function increase_col(target, value){target.cols = target.cols + value;}</script>'); rawoutput('<form action="runmodule.php?module=serialisededitor&op=source&subop=save" method="POST">'); addnav('', 'runmodule.php?module=serialisededitor&op=source&subop=save'); rawoutput('<table border="0" cellpadding="0" cellspacing="0">'); rawoutput('<tr><td><textarea name="code" cols="40" rows="10" id="textarea">' . stripslashes($code) . '</textarea></td><td rowspan="2" valign="top"><input type="submit" onClick="increase_row(textarea,1);" value="+" /> <input type="submit" onClick="increase_row(textarea,-1);" value="-" /><br /><span class="colLtWhite">' . $size[1] . '</span></td></tr>'); rawoutput('<tr><td colspan="2"><input type="submit" onClick="increase_col(textarea,1);" value="+" /> <input type="submit" onClick="increase_col(textarea,-1);" value="-" /><br /><span class="colLtWhite">' . $size[0] . '</span></td></tr>'); rawoutput('<tr><td colspan="2"><input type="submit" class="button" value="' . $submit . '" /></td></tr>'); rawoutput('</table></form>'); } elseif ($op == 'find') { $subop = httpget('subop'); $name = httppost('name') ? httppost('name') : ''; $search = translate_inline('Search by name: '); $search2 = translate_inline('Search'); rawoutput('<form action="runmodule.php?module=serialisededitor&op=find&subop=search" method="POST">' . $search . '<input type="text" size="30" name="name" value="' . $name . '" /> <input type="submit" value="' . $search2 . '" class="button" /></form><br /><br />'); addnav('', 'runmodule.php?module=serialisededitor&op=find&subop=search'); if ($subop == 'search') { $search = "%"; for ($i = 0; $i < strlen($name); $i++) { $search .= substr($name, $i, 1) . "%"; } $sql = "SELECT acctid, name, level, login\r\n\t\t\t\t\tFROM " . db_prefix('accounts') . "\r\n\t\t\t\t\tWHERE (locked = 0 AND name LIKE '{$search}')\r\n\t\t\t\t\tORDER BY level DESC"; $result = db_query($sql); if (($max = db_num_rows($result)) > 0) { if ($max > 100) { output('`#Listing first 100:`n`n'); $max = 100; } $ops = translate_inline('Op'); $pname = translate_inline('Name'); $login = translate_inline('Login'); $acctid = translate_inline('AcctID'); $level = translate_inline('Level'); $submit = translate_inline('Submit'); $i = 0; rawoutput('<form action="runmodule.php?module=serialisededitor&op=find&subop=list" method="POST">'); addnav('', 'runmodule.php?module=serialisededitor&op=find&subop=list'); rawoutput('<table border="0" celpadding="0" cellspacing="1" align="center">'); rawoutput('<tr class="trhead"><td>' . $ops . '</td><td>' . $pname . '</td><td>' . $login . '</td><td>' . $acctid . '</td><td>' . $level . '</td></tr>'); while ($row = db_fetch_assoc($result)) { rawoutput('<tr class="' . ($i % 2 ? 'trdark' : 'trlight') . '"><td align="center"><input type="radio" name="userid" value="' . $row['acctid'] . '" /></td><td>'); output_notl('`&%s', $row['name']); rawoutput('</td><td>'); output_notl('%s', $row['login']); rawoutput('</td><td align="center">'); output_notl('%s', $row['acctid']); rawoutput('</td><td align="center">'); output_notl('`^%s', $row['level']); rawoutput('</td></tr>'); $i++; if ($i >= $max) { break; } } $sql = "SELECT modulename\r\n\t\t\t\t\t\tFROM " . db_prefix('modules') . "\r\n\t\t\t\t\t\r\n\t\t\t\t\t\tORDER BY modulename ASC"; $result = db_query($sql); $select = ''; while ($row = db_fetch_assoc($result)) { $select .= '<option>' . $row['modulename'] . '</option>'; } rawoutput('<tr class="trlight"><td colspan="5">'); output('`#Please select a module: '); rawoutput('<select name="modulename">' . $select . '</select></td></tr>'); rawoutput('<tr class="trdark"><td align="center" colspan="5"><input type="hidden" name="name" value="' . $name . '" /><input type="submit" class="button" value="' . $submit . '" /></td></tr></table></form><br /><br />'); } else { output('`#Sorry, but there were no matches. Please try again.`0`n'); } } elseif ($subop == 'list') { $userid = httppost('userid'); $module = httppost('modulename'); $sql = "SELECT a.name, b.setting, b.value\r\n\t\t\t\t\tFROM " . db_prefix('accounts') . " a, " . db_prefix('module_userprefs') . " b\r\n\t\t\t\t\tWHERE b.modulename = '" . $module . "'\r\n\t\t\t\t\t\tAND a.acctid = b.userid\r\n\t\t\t\t\t\tAND a.acctid = '" . $userid . "'"; $result = db_query($sql); if (db_num_rows($result) > 0) { output('`#The data in the boxes should still be serialised, if it is not, then it isn\'t a serialised array.`0`n`n'); $edit = translate_inline('Edit This Array'); $i = 0; while ($row = db_fetch_assoc($result)) { $array = unserialize($row['value']); if (is_array($array)) { rawoutput('<form action="runmodule.php?module=serialisededitor&op=find&subop=push" method="POST">'); addnav('', 'runmodule.php?module=serialisededitor&op=find&subop=push'); rawoutput('<textarea name="array" cols="40" rows="6">' . $row['value'] . '</textarea><br />'); rawoutput('<input type="hidden" name="data" value="' . $module . '|' . $row['setting'] . '|' . $userid . '" /><input type="submit" class="button" value="' . $edit . '" /></form><br /><br />'); $i++; } } if ($i == 0) { output('`#This module has no serialised arrays. Please try another.`0`n'); } } else { output('`#This user does not have any prefs with this module. Please try another.`0`n'); } } elseif ($subop == 'push') { $data = httppost('data'); $array = httppost('array'); if (!empty($data) && !empty($array)) { set_module_setting('data', $data, 'serialisededitor'); set_module_setting('array', stripslashes($array), 'serialisededitor'); output('`#The array data has been saved and is ready for editing. Click the Editor link to the side to begin.`0`n'); } else { output('`$Error: `4No array data could be found. Please try again.`0`n'); } } elseif ($subop == 'pop') { if (httpget('subop2') == 'return') { $array = get_module_setting('array', 'serialisededitor'); $data = get_module_setting('data', 'serialisededitor'); if (!empty($data)) { list($modulename, $setting, $userid) = explode('|', $data); db_query("UPDATE " . db_prefix('module_userprefs') . " SET value = '" . $array . "' WHERE modulename = '" . $modulename . "' AND setting = '" . $setting . "' AND userid = '" . $userid . "'"); output("`#The array data has been saved back to its original location.`0`n`n"); set_module_setting('data', '', 'serialisededitor'); set_module_setting('array', '', 'serialisededitor'); } else { output('`$Error: `4The data was missing, could not put the array back.`0`n'); } } else { output('`#If you have finished editing the array then you can return the data back to its original location.`n`n'); output('Click the link to the side to put it back.'); addnav('Put Back'); addnav('Continue', 'runmodule.php?module=serialisededitor&op=find&subop=push&subop2=return'); } } } else { $sarray = unserialize(get_module_setting('array', 'serialisededitor')); // The unserialised array gets added to a new array with the key '0'. $names[] = !is_array($sarray) ? array('population' => 'you') : $sarray; $keyid = httpget('key') ? httpget('key') : httppost('key'); if (!empty($keyid)) { $urls = ''; $parts = ''; $i = 1; $keyids = explode('|', $keyid); foreach ($keyids as $key => $value) { // Take a specific array from the multi-dimensional array and add it back with its own key. // Only with a specific branch of the tree. $names[] = $names[$i - 1][$value]; // This makes the links for under the form. $parts .= $i == 1 ? $value : '|' . $value; $urls .= '[<a href="runmodule.php?module=serialisededitor&key=' . $parts . '">' . $value . '</a>]'; addnav('', 'runmodule.php?module=serialisededitor&key=' . $parts); $i++; } // Reverse the array because we want the last to be first and have the key '0'. $names = array_reverse($names); } if (httpget('subop') == 'save') { // These are arrays! $keyname = httppost('keyname'); $keyvalue = httppost('keyvalue'); $keynameorig = httppost('keynameorig'); $keyvalueorig = httppost('keyvalueorig'); // Chars to strip out. $find = array('"', "'"); $messages = '`#'; foreach ($keyname as $key => $value) { if (!empty($value)) { // Strip out quotes from key name. $value = str_replace($find, '', $value); if (isset($keynameorig[$key]) && $value != $keynameorig[$key]) { // Key name changed, do this first. if (!isset($names[0][$value])) { // Easiest way to rename is to create a new key with the same value and delete the old key. // This is the reason why renamed keys get put last, they're new. :) $names[0][$value] = $names[0][$keynameorig[$key]]; unset($names[0][$keynameorig[$key]]); $messages .= 'The key name `b' . $keynameorig[$key] . '`b has been renamed to `b' . $value . '`b.`n'; } else { $messages .= '`$The key name `b' . $value . '`b already exists in this array branch. Please use another.`#`n'; } } if (!empty($keyvalue[$key])) { if ($keyvalue[$key] == 'ARRAY') { // Add a new array. if (!empty($keynameorig[$key])) { $messages .= 'Existing key name `b' . $value . '`b has been turned into an array.`n'; } else { $messages .= 'The key name `b' . $value . '`b has been added and made an array.`n'; } $names[0][$value] = array('populate' => 'me'); } else { // Only did this part for the messages. if (!empty($keyvalueorig[$key])) { // Old value exists, check to see if it matches the new. if ($keyvalueorig[$key] != $keyvalue[$key]) { $names[0][$value] = $keyvalue[$key]; $messages .= 'The value of key `b' . $value . '`b has been changed from `b' . $keyvalueorig[$key] . '`b to `b' . stripslashes($keyvalue[$key]) . '`b.`n'; } } else { // Again for the messages. if (isset($names[0][$value]) && isset($keynameorig[$key])) { // Existing key has had it's value changed from nothing to something. $messages .= 'The value of key name `b' . $value . '`b has been changed from nothing to `b' . stripslashes($keyvalue[$key]) . '`b.`n'; } else { // New key has been added with a value. $messages .= 'The key name `b' . $value . '`b has been added with a value of `b' . stipslashes($keyvalue[$key]) . '`b.`n'; } $names[0][$value] = $keyvalue[$key]; } } } else { // Array keynames don't have any values so check before making null. if (!is_array($names[0][$value])) { if (empty($keyvalue[$key]) && !empty($keyvalueorig[$key])) { // key had a value, but no it doesn't. $messages .= 'The value of key name `b' . $value . '`b has been changed from `b' . $keyvalueorig[$key] . '`b to nothing.`n'; } elseif (empty($keynameorig[$key]) && empty($keyvalue[$key]) && empty($keyvalueorig[$key])) { // New key has been added, but with no value. $messages .= 'The key name `b' . $value . '`b has been created and saved with no value.`n'; } $names[0][$value] = ''; } } } else { // Delete. if (isset($names[0][$keynameorig[$key]])) { unset($names[0][$keynameorig[$key]]); $messages .= 'The key name `b' . $keynameorig[$key] . '`b and its value have been deleted.`n'; } } } // $names is used further down to build the display so make a copy and alter it instead. $pass_over = $names[0]; if (!empty($keyids)) { $keyids = array_reverse($keyids); $count = count($names); for ($i = 0; $i < $count; $i++) { if (isset($names[1])) { $shift = array_shift($names); $names[0][$keyids[$i]] = $shift; } } } set_module_setting('array', serialize($names[0]), 'serialisededitor'); $message .= 'Array has been serialized and saved.`0'; $names[0] = $pass_over; debug($names[0]); } output('%s`0`n`n', translate_inline($messages)); output('`n`c`#Do not use numbers to name the keys, use words only.`0`c`n`n'); $trans = translate_inline(array('Key Name', 'Value', 'This value is an array.', 'Extra Boxes', 'Submit', 'Click to Edit', 'Array Tree Branch Links')); rawoutput('<form action="runmodule.php?module=serialisededitor&subop=save" method="POST">'); addnav('', 'runmodule.php?module=serialisededitor&subop=save'); rawoutput('<table border="0" width="450" cellpadding="1" cellspacing="1" align="center">'); rawoutput('<tr class="trhead"><td>' . $trans[0] . '</td><td>' . $trans[1] . '</td></tr>'); rawoutput('<tr class="' . (0 % 2 ? 'trlight' : 'trdark') . '"><td colspan="2">'); output('`3To delete any of the following, simply delete the key name before submitting. Renaming a key will force it to the bottom.`0'); rawoutput('</td></tr>'); // Build the form for the current array tree branch. if (!empty($names[0])) { $i = 1; foreach ($names[0] as $key => $value) { rawoutput('<tr class="' . ($i % 2 ? 'trlight' : 'trdark') . '"><td><input type="text" name="keyname[]" value="' . $key . '" /><input type="hidden" name="keynameorig[]" value="' . $key . '" /></td>'); if (is_array($value)) { // Don't over write $keyid as it's used below! $keyid2 = empty($keyid) ? '' : $keyid . '|'; rawoutput('<td>' . $trans[2] . ' <a href="runmodule.php?module=serialisededitor&key=' . $keyid2 . $key . '">' . $trans[5] . '</a><input type="hidden" name="keyvalue[]" value="" /><input type="hidden" name="keyvalueorig[]" value="" /></td></tr>'); addnav('', 'runmodule.php?module=serialisededitor&key=' . $keyid2 . $key); } else { rawoutput('<td><textarea name="keyvalue[]" col="20" row="5">' . stripslashes($value) . '</textarea><input type="hidden" name="keyvalueorig[]" value="' . stripslashes($value) . '" /></td></tr>'); } $i++; } } else { rawoutput('<tr class="trlight"><td><input type="text" name="keyname[]" value="" /></td><td><textarea name="keyvalue[]" col="20" row="5"></textarea></td></tr>'); } rawoutput('<tr class="trhead"><td colspan="2">' . $trans[3] . '</td></tr>'); rawoutput('<tr class="trdark"><td colspan="2">'); output('`3To add another array, simply type `#`bARRAY`b `3into the box and submit. You can do this with existing values, but there\'s no way to convert back once this is done.`0'); rawoutput('</td></tr><tr class="trlight"><td><input type="text" name="keyname[]" value="" /></td><td><textarea name="keyvalue[]" col="20" row="5"></textarea></td></tr>'); rawoutput('<tr class="trdark"><td><input type="text" name="keyname[]" value="" /></td><td><textarea name="keyvalue[]" col="20" row="5"></textarea></td></tr>'); rawoutput('<tr class="trhead"><td colspan="2">' . $trans[6] . '</td></tr>'); rawoutput('<tr class="trlight"><td colspan="2"><a href="runmodule.php?module=serialisededitor">$array</a>' . $urls . '</td></tr>'); addnav('', 'runmodule.php?module=serialisededitor'); rawoutput('<tr class="trdark"><td align="center" colspan="2"><input type="hidden" name="key" value="' . $keyid . '" /><input type="submit" class="button" value="' . $trans[4] . '" /></td></tr></table></form><br /><br />'); rawoutput('<table border="0" cellpadding="2" cellspacing="1" align="center">'); $text = display_array($names[0]); rawoutput("{$text}"); rawoutput('</table>'); } addnav('Options'); addnav('Array Editor', 'runmodule.php?module=serialisededitor'); addnav('Find Array To Edit', 'runmodule.php?module=serialisededitor&op=find'); addnav('View Array Source', 'runmodule.php?module=serialisededitor&op=source'); addnav('Put Array Back', 'runmodule.php?module=serialisededitor&op=find&subop=pop'); addnav('Back'); addnav('Back to the Grotto', 'superuser.php'); page_footer(); }