function store() { $myts =& MyTextSanitizer::getInstance(); $title = ""; $imgurl = ""; if (isset($this->topic_title) && $this->topic_title != "") { $title = $myts->makeTboxData4Save($this->topic_title); } if (isset($this->topic_imgurl) && $this->topic_imgurl != "") { $imgurl = $myts->makeTboxData4Save($this->topic_imgurl); } if (!isset($this->topic_pid) || !is_numeric($this->topic_pid)) { $this->topic_pid = 0; } if (empty($this->topic_id)) { $this->topic_id = $this->db->genId($this->table . "_topic_id_seq"); $sql = sprintf("INSERT INTO %s (topic_id, topic_pid, topic_imgurl, topic_title) VALUES (%u, %u, '%s', '%s')", $this->table, $this->topic_id, $this->topic_pid, $imgurl, $title); } else { $sql = sprintf("UPDATE %s SET topic_pid = %u, topic_imgurl = '%s', topic_title = '%s' WHERE topic_id = %u", $this->table, $this->topic_pid, $imgurl, $title, $this->topic_id); } if (!($result = $this->db->query($sql))) { ErrorHandler::show('0022'); } if ($this->use_permission == true) { if (empty($this->topic_id)) { $this->topic_id = $this->db->getInsertId(); } $xt = new XoopsTree($this->table, "topic_id", "topic_pid"); $parent_topics = $xt->getAllParentId($this->topic_id); if (!empty($this->m_groups) && is_array($this->m_groups)) { foreach ($this->m_groups as $m_g) { $moderate_topics = XoopsPerms::getPermitted($this->mid, "ModInTopic", $m_g); $add = true; // only grant this permission when the group has this permission in all parent topics of the created topic foreach ($parent_topics as $p_topic) { if (!in_array($p_topic, $moderate_topics)) { $add = false; continue; } } if ($add == true) { $xp = new XoopsPerms(); $xp->setModuleId($this->mid); $xp->setName("ModInTopic"); $xp->setItemId($this->topic_id); $xp->store(); $xp->addGroup($m_g); } } } if (!empty($this->s_groups) && is_array($this->s_groups)) { foreach ($s_groups as $s_g) { $submit_topics = XoopsPerms::getPermitted($this->mid, "SubmitInTopic", $s_g); $add = true; foreach ($parent_topics as $p_topic) { if (!in_array($p_topic, $submit_topics)) { $add = false; continue; } } if ($add == true) { $xp = new XoopsPerms(); $xp->setModuleId($this->mid); $xp->setName("SubmitInTopic"); $xp->setItemId($this->topic_id); $xp->store(); $xp->addGroup($s_g); } } } if (!empty($this->r_groups) && is_array($this->r_groups)) { foreach ($r_groups as $r_g) { $read_topics = XoopsPerms::getPermitted($this->mid, "ReadInTopic", $r_g); $add = true; foreach ($parent_topics as $p_topic) { if (!in_array($p_topic, $read_topics)) { $add = false; continue; } } if ($add == true) { $xp = new XoopsPerms(); $xp->setModuleId($this->mid); $xp->setName("ReadInTopic"); $xp->setItemId($this->topic_id); $xp->store(); $xp->addGroup($r_g); } } } } return true; }
include_once XOOPS_ROOT_PATH . "/class/xoopstree.php"; include_once XOOPS_ROOT_PATH . "/class/module.errorhandler.php"; $mytree = new XoopsTree($xoopsDB->prefix("mylinks_cat"), "cid", "pid"); if (!empty($HTTP_POST_VARS['submit'])) { $eh = new ErrorHandler(); //ErrorHandler object if (empty($xoopsUser)) { redirect_header(XOOPS_URL . "/user.php", 2, _MD_MUSTREGFIRST); exit; } else { $user = $xoopsUser->getVar('uid'); } $lid = intval($HTTP_POST_VARS["lid"]); // Check if Title exist if ($HTTP_POST_VARS["title"] == "") { $eh->show("1001"); } // Check if URL exist if ($HTTP_POST_VARS["url"] == "") { $eh->show("1016"); } // Check if Description exist if ($HTTP_POST_VARS['description'] == "") { $eh->show("1008"); } $url = $myts->makeTboxData4Save($HTTP_POST_VARS["url"]); $logourl = $myts->makeTboxData4Save($HTTP_POST_VARS["logourl"]); $cid = intval($HTTP_POST_VARS["cid"]); $title = $myts->makeTboxData4Save($HTTP_POST_VARS["title"]); $description = $myts->makeTareaData4Save($HTTP_POST_VARS["description"]); $newid = $xoopsDB->genId($xoopsDB->prefix("mylinks_mod") . "_requestid_seq");
$yesterday = time() - 86400 * $anonwaitdays; $result = $xoopsDB->query("select count(*) FROM " . $xoopsDB->prefix("mylinks_votedata") . " WHERE lid={$lid} AND ratinguser=0 AND ratinghostname = '{$ip}' AND ratingtimestamp > {$yesterday}"); list($anonvotecount) = $xoopsDB->fetchRow($result); if ($anonvotecount > 0) { redirect_header("index.php", 4, _MD_VOTEONCE2); exit; } } if ($rating > 10) { $rating = 10; } //All is well. Add to Line Item Rate to DB. $newid = $xoopsDB->genId($xoopsDB->prefix("mylinks_votedata") . "_ratingid_seq"); $datetime = time(); $sql = sprintf("INSERT INTO %s (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp) VALUES (%u, %u, %u, %u, '%s', %u)", $xoopsDB->prefix("mylinks_votedata"), $newid, $lid, $ratinguser, $rating, $ip, $datetime); $xoopsDB->query($sql) or $eh->show("0013"); //All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB. updaterating($lid); $ratemessage = _MD_VOTEAPPRE . "<br />" . sprintf(_MD_THANKURATE, $xoopsConfig[sitename]); redirect_header("index.php", 2, $ratemessage); exit; } else { $xoopsOption['template_main'] = 'mylinks_ratelink.html'; include XOOPS_ROOT_PATH . "/header.php"; $lid = intval($HTTP_GET_VARS['lid']); $cid = intval($HTTP_GET_VARS['cid']); $result = $xoopsDB->query("select title from " . $xoopsDB->prefix("mylinks_links") . " where lid={$lid}"); list($title) = $xoopsDB->fetchRow($result); $xoopsTpl->assign('link', array('id' => $lid, 'cid' => $cid, 'title' => $myts->htmlSpecialChars($title))); $xoopsTpl->assign('lang_voteonce', _MD_VOTEONCE); $xoopsTpl->assign('lang_ratingscale', _MD_RATINGSCALE);
<?php echo "<center><img src='../images/formulaire_slogo.png'><H1>Formulaire</H1></center>"; echo "Script de mise à jour, 3.1x vers 3.2<br />"; echo "Upgrade script, 3.1x to 3.2<br /><br />"; echo "script permettant le passage d'une version 3.1 à la version 3.2. Attention, veuillez éviter de modifier un de vos formulaires pour le faire passer en QCM.\r\nMieux vaut créer un nouveau formulaire et le déclarer QCM, afin d'éviter des pertes d'informations.<br /><br />"; echo "script to upgrade formulaire form a 3.1 version to the 3.2 version. Be careful, don't change one of your form to make it became a QCM.\r\nIf you want a QCM, create a new form as a QCM, to avoid to lose information.<br /><br />"; include "../../../mainfile.php"; include_once XOOPS_ROOT_PATH . "/class/module.errorhandler.php"; global $xoopsDB, $eh, $myts, $xoopsUser, $xoopsModule, $xoopsTpl, $xoopsConfig; $eh = new ErrorHandler(); $test = mysql_query("SELECT * FROM " . $xoopsDB->prefix("form_form")); $champs = mysql_num_fields($test); if ($champs > 10) { echo "l'upgrade de la table form_form a déjà été réalisé<br />\r\n\t the form_form table has already been upgraded<br /><br />"; } else { $sql = "ALTER TABLE " . $xoopsDB->prefix("form_form") . " ADD COLUMN rep text, ADD COLUMN nbrep int(5) default NULL, \r\nADD COLUMN nbtot int(5) default NULL, ADD COLUMN pos int(10) default NULL"; $res = $xoopsDB->queryF($sql) or $eh->show("error"); } $test = mysql_query("SELECT * FROM " . $xoopsDB->prefix("form_id")); $champs = mysql_num_fields($test); if ($champs > 21) { echo "l'upgrade de la table form_id a déjà été réalisé<br />\r\n\t the form_id table has already been upgraded<br /><br />"; } else { $sql = "ALTER TABLE " . $xoopsDB->prefix("form_id") . " ADD COLUMN qcm varchar(5) default NULL, ADD COLUMN affres varchar(5) default NULL,\r\nADD COLUMN affrep varchar(5) NOT NULL default ''"; $res = $xoopsDB->queryF($sql) or $eh->show("error"); } echo "<center><a href=" . XOOPS_URL . ">OK</a></center>";
function store(){ global $myts; $myts =& MyTextSanitizer::getInstance(); $title = ""; $imgurl = ""; $description = ""; $catdescription = ""; $catfooter = ""; if ( isset($this->title) && $this->title != "" ) { $title = $myts->makeTboxData4Save($this->title); } if ( isset($this->imgurl) && $this->imgurl != "" ) { $imgurl = $myts->makeTboxData4Save($this->imgurl); } if ( isset($this->displayimg) && $this->displayimg != "" ) { $displayimg = $myts->makeTboxData4Save($this->displayimg); } if ( isset($this->description) && $this->description != "" ) { $description = $myts->makeTareaData4Save($this->description); } if ( isset($this->catdescription) && $this->catdescription != "" ) { $catdescription = $myts->makeTareaData4Save($this->catdescription); } if ( isset($this->catfooter) && $this->catfooter != "" ) { $catfooter = $myts->makeTareaData4Save($this->catfooter); } if ( !isset($this->pid) || !is_numeric($this->pid) ) { $this->pid = 0; } if ( empty($this->id) ) { $this->id = $this->db->genId($this->table."_id_seq"); $sql = "INSERT INTO ".$this->table." (id, pid, imgurl, displayimg, title, description, catdescription, groupid, catfooter, orders, editaccess) VALUES (".$this->id.", ".$this->pid.", '".$imgurl."', ".$displayimg.", '".$title."', '".$description."', '".$catdescription."','".$this->groupid."', '".$catfooter."', ".$this->orders.",'".$this->editaccess."')"; } else { $sql = "UPDATE ".$this->table." SET pid=".$this->pid.", imgurl='".$imgurl."', displayimg=".$displayimg.", title='".$title."', description='".$description."', catdescription='".$catdescription."', groupid='".$this->groupid."', catfooter='".$catfooter."', orders='".$this->orders."', editaccess='".$this->editaccess."' WHERE id=".$this->id." "; } //echo "$sql<br>"; if ( !$result = $this->db->query($sql) ) { ErrorHandler::show('0022'); } return true; }
$sql .= $groupsql; list($catAccessCnt) = DB_fetchArray(DB_query($sql)); if ($catAccessCnt < 1) { COM_errorLOG("Submit.php => FileMgmt Plugin Access denied. Attempted user upload of a file, Remote address is:{$_SERVER['REMOTE_ADDR']}"); redirect_header($_CONF['site_url'] . "/index.php", 1, _GL_ERRORNOUPLOAD); exit; } if (isset($_POST['submit']) && SEC_checkToken()) { if (!COM_isAnonUser()) { $submitter = (int) $_USER['uid']; } else { $submitter = 1; } // Check if Title entered if (!isset($_POST['title']) || $_POST["title"] == '') { $eh->show("1001"); } // Check if filename entered if ($_FILES['newfile']['name'] != '') { $name = $_FILES['newfile']['name']; $url = rawurlencode($name); $name = $myts->makeTboxData4Save($name); $url = $myts->makeTboxData4Save($url); } else { $eh->show("1016"); } // Check if Description entered if ($_POST['description'] == '') { $eh->show("1008"); } $uploadfilename = $myts->makeTboxData4Save($_FILES['newfile']['name']);
function store() { $myts =& MyTextSanitizer::getInstance(); $title = ""; $imgurl = ""; $topic_description=$myts->censorString($this->topic_description); $topic_description= $myts->addSlashes($topic_description); $topic_rssurl=$myts->addSlashes($this->topic_rssurl); $topic_color=$myts->addSlashes($this->topic_color); if ( isset($this->topic_title) && $this->topic_title != "" ) { $title = $myts->addSlashes($this->topic_title); } if ( isset($this->topic_imgurl) && $this->topic_imgurl != "" ) { $imgurl = $myts->addSlashes($this->topic_imgurl); } if ( !isset($this->topic_pid) || !is_numeric($this->topic_pid) ) { $this->topic_pid = 0; } $topic_frontpage=intval($this->topic_frontpage); $insert=false; if ( empty($this->topic_id) ) { $insert=true; $this->topic_id = $this->db->genId($this->table."_topic_id_seq"); $sql = sprintf("INSERT INTO %s (topic_id, topic_pid, topic_imgurl, topic_title, menu, topic_description, topic_frontpage, topic_rssurl, topic_color) VALUES (%u, %u, '%s', '%s', %u, '%s', %d, '%s', '%s')", $this->table, intval($this->topic_id), intval($this->topic_pid), $imgurl, $title, intval($this->menu), $topic_description, $topic_frontpage, $topic_rssurl, $topic_color); } else { $sql = sprintf("UPDATE %s SET topic_pid = %u, topic_imgurl = '%s', topic_title = '%s', menu=%d, topic_description='%s', topic_frontpage=%d, topic_rssurl='%s', topic_color='%s' WHERE topic_id = %u", $this->table, intval($this->topic_pid), $imgurl, $title, intval($this->menu), $topic_description, $topic_frontpage, $topic_rssurl,$topic_color, intval($this->topic_id)); } if ( !$result = $this->db->query($sql) ) { // TODO: Replace with something else ErrorHandler::show('0022'); } else { if($insert) { $this->topic_id = $this->db->getInsertId(); } } if ( $this->use_permission == true ) { $xt = new XoopsTree($this->table, "topic_id", "topic_pid"); $parent_topics = $xt->getAllParentId($this->topic_id); if ( !empty($this->m_groups) && is_array($this->m_groups) ){ foreach ( $this->m_groups as $m_g ) { $moderate_topics = XoopsPerms::getPermitted($this->mid, "ModInTopic", $m_g); $add = true; // only grant this permission when the group has this permission in all parent topics of the created topic foreach($parent_topics as $p_topic){ if ( !in_array($p_topic, $moderate_topics) ) { $add = false; continue; } } if ( $add == true ) { $xp = new XoopsPerms(); $xp->setModuleId($this->mid); $xp->setName("ModInTopic"); $xp->setItemId($this->topic_id); $xp->store(); $xp->addGroup($m_g); } } } if ( !empty($this->s_groups) && is_array($this->s_groups) ){ foreach ($this->s_groups as $s_g ) { $submit_topics = XoopsPerms::getPermitted($this->mid, "SubmitInTopic", $s_g); $add = true; foreach($parent_topics as $p_topic){ if ( !in_array($p_topic, $submit_topics) ) { $add = false; continue; } } if ( $add == true ) { $xp = new XoopsPerms(); $xp->setModuleId($this->mid); $xp->setName("SubmitInTopic"); $xp->setItemId($this->topic_id); $xp->store(); $xp->addGroup($s_g); } } } if ( !empty($this->r_groups) && is_array($this->r_groups) ){ foreach ( $this->s_groups as $r_g ) { $read_topics = XoopsPerms::getPermitted($this->mid, "ReadInTopic", $r_g); $add = true; foreach($parent_topics as $p_topic){ if ( !in_array($p_topic, $read_topics) ) { $add = false; continue; } } if ( $add == true ) { $xp = new XoopsPerms(); $xp->setModuleId($this->mid); $xp->setName("ReadInTopic"); $xp->setItemId($this->topic_id); $xp->store(); $xp->addGroup($r_g); } } } } return true; }
$eh = new ErrorHandler(); //ErrorHandler object $submitter = !empty($xoopsUser) ? $xoopsUser->getVar('uid') : 0; // RMV - why store submitter on form?? /* if (!$_POST['submitter'] and $xoopsUser) { $submitter = $xoopsUser->uid(); }elseif(!$_POST['submitter'] and !$xoopsUser) { $submitter = 0; }else{ $submitter = intval($_POST['submitter']); } */ // Check if Title exist if (!isset($_POST['title']) || '' == $_POST['title']) { $eh->show('1001'); } $title = $myts->addSlashes($_POST['title']); // Check if URL exist $url = $_POST['url']; if (!isset($url) || '' == $url) { $eh->show('1016'); } $url = $myts->addSlashes($url); // Check if Description exist if ('' == $_POST['message']) { $eh->show('1008'); } $notify = !empty($_POST['notify']) ? 1 : 0; $cid = mylinksUtility::mylinks_cleanVars($_POST, 'cid', 0, 'int', array('min' => 0)); $description = $myts->addSlashes($_POST['message']);
$_GROUPS = SEC_getUserGroups($uid); $myts = new MyTextSanitizer(); // MyTextSanitizer object $eh = new ErrorHandler(); //ErrorHandler object $mytree = new XoopsTree($_DB_name, $_FM_TABLES['filemgmt_cat'], "cid", "pid"); $mytree->setGroupAccessFilter($_GROUPS); if ($_POST['submit']) { if (isset($_USER['uid']) and $_USER['uid'] > 1) { $submitter = $_USER['uid']; } else { $submitter = 1; } // Check if Title entered if ($_POST["title"] == '') { $eh->show("1001"); } // Check if filename entered if ($_FILES['newfile']['name'] != '') { $name = $_FILES['newfile']['name']; $url = rawurlencode($name); $name = $myts->makeTboxData4Save($name); $url = $myts->makeTboxData4Save($url); } else { $eh->show("1016"); } // Check if Description entered if ($_POST['description'] == '') { $eh->show("1008"); } $uploadfilename = $myts->makeTboxData4Save($_FILES['newfile']['name']);
public static function setShowErrors($show) { self::$show = $show; }