/**
  *
  * @param type $param1 nombre
  * @param type $param2 clave
  * 
  * contructor que inicializa todas las variables, en un estado consistente
  * para evitar  futuros errores de asignacion
  */
 function __construct($param1, $param2, $empresa)
 {
     /*se crea una instancia  de la clase ExReg  que valida las cadenas a 
      * traves de expresiones regualres
      */
     $this->ExReg = new ExReg();
     if ($this->ExReg->funtionExpNomUs($param1) && $this->ExReg->funtionExpNomUs($param2) && $this->ExReg->funtionExpNomUs($empresa)) {
         /*  filtra los datos enviados por el susuario*/
         $this->nombre = htmlentities($param1, ENT_QUOTES);
         $this->pass = htmlentities($param2, ENT_QUOTES);
         $this->empresa = htmlentities($empresa, ENT_QUOTES);
         /*llama al constructor de la clase Heredada Database*/
         parent::__construct($this->nombre, $this->pass);
         /*filtra los datos de injeccion sql*/
         $this->nombre = parent::real_escape_string($this->nombre);
         $this->pass = parent::real_escape_string($this->pass);
         $this->empresa = parent::real_escape_string($this->empresa);
         $this->empresa = $this->loginEmpresa($this->empresa);
         $this->next_result();
         /*declara las variables como array*/
         $this->query = array();
         $this->row = array();
     } else {
         echo "<script>alert('Usuario o Contrase\\u00f1a Incorrecta')</script>";
         unset($_SESSION['id_control']);
         raiz();
         exit;
     }
 }
Example #2
0
$optionForm->addLabel('until', 'Revisions until');
$optionForm->addHTML('</td><td>');
$optionForm->addInput('until', $par['until'], '(Format: YYYY-MM-DD)');
$optionForm->addHTML('</td></tr>');
$optionForm->addHTML('<tr><td colspan="2">');
$optionForm->addButton('submit', 'Get revisions');
$optionForm->addHTML('</td></tr>');
$optionForm->addHTML('</table>');
$optionForm->output();
$page->closeBlock();
if ($rq->allRequiredDefined() == true) {
    $page->openBlock('div', 'iw-content');
    $page->addInline('h2', 'Results');
    $db->replicaConnect(Database::getName($par['lang'], $par['project']));
    $par['page'] = str_replace(' ', '_', $par['page']);
    $par['page'] = $db->real_escape_string($par['page']);
    $t1 = 'SELECT revision_userindex.rev_timestamp, revision_userindex.rev_user_text, revision_userindex.rev_comment, revision_userindex.rev_id FROM revision_userindex, page WHERE page.page_title = \'' . $par['page'] . '\' ';
    $t1 .= 'AND page.page_namespace = 0 AND revision_userindex.rev_page = page.page_id ';
    $t1 .= 'ORDER BY revision_userindex.rev_timestamp DESC;';
    $q1 = $db->query($t1);
    if ($q1->num_rows === 0) {
        $page->addInline('p', 'there were no results for this query', 'iw-info');
    } else {
        $page->addInline('p', 'found ' . $q1->num_rows . ' revisions for article ' . Hgz::buildWikilink($par['lang'], $par['project'], $par['page'], str_replace('_', ' ', $par['page'])) . '(<a href="https://' . $par['lang'] . '.' . $par['project'] . '.org/w/index.php?title=' . $par['page'] . '&action=history">History</a>).');
        $page->openBlock('div', 'iw-code');
        while ($l1 = $q1->fetch_assoc()) {
            $datetime = DateTime::createFromFormat('YmdHis', $l1['rev_timestamp']);
            $dateform = $datetime->format('Y-m-d H:i');
            $dateraw = $datetime->format('Ymd');
            if (isset($par['since']) && $par['since'] != '0000-00-00') {
                $timestamp = str_replace('-', '', $par['since']);
Example #3
0
// Copyright 2014 Peter Beverloo. All rights reserved.
// Use of this source code is governed by the MIT license, a copy of which can
// be found in the LICENSE file.
require_once __DIR__ . '/../services/framework/Database.php';
if (!isset($_GET['flag']) || !isset($_GET['project']) || !isset($_GET['revision']) || !isset($_GET['selected']) || !is_numeric($_GET['flag']) || !is_numeric($_GET['project']) || strlen($_GET['revision']) != 40) {
    die('Invalid request.');
}
if ($_GET['flag'] != Configuration::$controlKey) {
    exit;
}
$flag = intval($_GET['flag'], 10);
$project = intval($_GET['project'], 10);
$selected = $_GET['selected'] == 'true';
$database = new Database();
$revision = $database->real_escape_string($_GET['revision']);
$insertionStatement = $database->prepare('
    INSERT INTO
        tracking_flagged
        (revision_project_id, revision_sha, revision_date)
    VALUES
        (?, ?, (SELECT revision_date FROM tracking_revisions WHERE project_id = ? AND revision_sha = ?))');
$removalStatement = $database->prepare('
    DELETE FROM
        tracking_flagged
    WHERE
        revision_project_id = ? AND
        revision_sha = ?
    LIMIT
        1');
if ($selected) {