function flickr_faves_add_fave(&$viewer, &$photo, $date_faved = 0)
{
    if (!$date_faved) {
        $date_faved = time();
    }
    $cluster_id = $viewer['cluster_id'];
    $fave = array('user_id' => $viewer['id'], 'photo_id' => $photo['id'], 'owner_id' => $photo['user_id'], 'date_faved' => $date_faved);
    $insert = array();
    foreach ($fave as $k => $v) {
        $insert[$k] = AddSlashes($v);
    }
    $rsp = db_insert_users($cluster_id, 'FlickrFaves', $insert);
    if (!$rsp['ok'] && $rsp['error_code'] != 1062) {
        return $rsp;
    }
    # now update the photo owner side of things
    $owner = users_get_by_id($photo['user_id']);
    $cluster_id = $owner['cluster_id'];
    $fave = array('user_id' => $owner['id'], 'photo_id' => $photo['id'], 'viewer_id' => $viewer['id']);
    $insert = array();
    foreach ($fave as $k => $v) {
        $insert[$k] = AddSlashes($v);
    }
    $rsp = db_insert_users($cluster_id, 'FlickrFavesUsers', $insert);
    if (!$rsp['ok'] && $rsp['error_code'] != 1062) {
        return $rsp;
    }
    # TO DO: index/update the photo in solr and insert $viewer['id']
    # into the faved_by column (20111123/straup)
    return okay();
}
Esempio n. 2
0
function read_invitations()
{
    global $TABLE_PREFIX, $admintpl, $language, $CURUSER, $STYLEPATH, $btit_settings;
    $scriptname = htmlspecialchars($_SERVER["PHP_SELF"] . "?page=admin&user="******"uid"] . "&code=" . $CURUSER["random"] . "&do=invitations");
    $addparam = "";
    $res = get_result("SELECT COUNT(*) as invites FROM {$TABLE_PREFIX}invitations", true);
    $count = $res[0]["invites"];
    list($pagertop, $pagerbottom, $limit) = pager('15', $count, $scriptname . "&");
    $admintpl->set("inv_pagertop", $pagertop);
    $admintpl->set("inv_pagerbottom", $pagerbottom);
    $results = get_result("SELECT * FROM {$TABLE_PREFIX}invitations ORDER BY id DESC {$limit}", true);
    $invitees = array();
    $i = 0;
    foreach ($results as $id => $data) {
        $res = do_sqlquery("SELECT username FROM {$TABLE_PREFIX}users WHERE id = " . $data["inviter"], true);
        if (mysql_num_rows($res) > 0) {
            $inviter_name = mysql_result($res, 0, 0);
        } else {
            $inviter_name = 'Unknown';
        }
        $invitees[$i]["inviter"] = "<a href=\"index.php?page=userdetails&amp;user="******"inviter"] . "\">" . $inviter_name . "</a>";
        $invitees[$i]["invitee"] = unesc($data["invitee"]);
        $invitees[$i]["hash"] = unesc($data["hash"]);
        $invitees[$i]["time_invited"] = $data["time_invited"];
        $invitees[$i]["delete"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=invitations&amp;action=delete&amp;id=" . $data["id"] . "\" onclick=\"return confirm('" . AddSlashes($language["DELETE_CONFIRM"]) . "')\">" . image_or_link("{$STYLEPATH}/images/delete.png", "", $language["DELETE"]) . "</a>";
        $i++;
    }
    $admintpl->set("invitees", $invitees);
    $admintpl->set("language", $language);
}
Esempio n. 3
0
function DecryptAll_SQL($s, $key)
{
    $s = DecryptROT($s);
    $s = SaXoro($s, $key);
    $s = Decrypt($s);
    return AddSlashes(trim(str_replace("^(**)^", "&", $s)));
}
function flickr_contacts_purge_contacts(&$user)
{
    $cluster_id = $user['cluster_id'];
    $enc_id = AddSlashes($user['id']);
    $sql = "DELETE FROM FlickrContacts WHERE user_id='{$enc_id}'";
    $rsp = db_write_users($cluster_id, $sql);
    return $rsp;
}
Esempio n. 5
0
File: lib.php Progetto: lursu/morgue
 private static function db_escape_terms($terms)
 {
     $out = array();
     foreach ($terms as $term) {
         $out[] = '[[:<:]]' . AddSlashes(Search::escape_rlike($term)) . '[[:>:]]';
     }
     return $out;
 }
function flickr_geobookmarks_purge_for_user(&$user)
{
    $cluster_id = $user['cluster_id'];
    $enc_id = AddSlashes($user['id']);
    $sql = "DELETE FROM FlickrGeoBookmarks WHERE user_id='{$enc_id}'";
    $rsp = db_write_users($cluster_id, $sql);
    return $rsp;
}
function fixQuotes($inp)
{
    if (get_magic_quotes_gpc()) {
        return $inp;
    } else {
        return AddSlashes($inp);
    }
}
Esempio n. 8
0
function SqlString(&$value){
//我写的,好简陋,直接调用特殊字符加反斜杠的函数(只作用于单引号,双引号,反斜线)
	if(is_array($value)){
		array_walk($value,'SqlString');
	}else{
		$value=AddSlashes($value);
		//echo $value;
	}
}
Esempio n. 9
0
 function display($str)
 {
     echo "<script type='text/javascript'>\n";
     echo "var line = document.createElement('SPAN');";
     echo "line.innerHTML = '" . str_replace("\n", "<br>", AddSlashes(htmlspecialchars($str))) . "';\n";
     echo "document.getElementById('progress_verbose').appendChild(line);\n";
     echo "</script>";
     flush();
 }
function api_oauth2_grant_tokens_delete(&$token)
{
    $enc_code = AddSlashes($token['code']);
    $sql = "DELETE FROM OAuth2GrantTokens WHERE code='{$enc_code}'";
    $rsp = db_write($sql);
    if ($rsp['ok']) {
        api_oauth2_grant_tokens_purge_cache($token);
    }
    return $rsp;
}
Esempio n. 11
0
	function search_db_escape_terms($terms){
		$out = array();
		foreach($terms as $term){
		$out[] = '[[:<:]]'.AddSlashes(hwd_vs_search::search_escape_rlike($term)).'[[:>:]]';
		// 20110119 dhorsfall
		// optional partial word search
		// $out[] = AddSlashes(hwd_vs_search::search_escape_rlike($term));
		}
		return $out;
	}
function flickr_push_photos_purge()
{
    $now = time();
    $then = $now - 60 * 60 * 24;
    $enc_then = AddSlashes($then);
    $sql = "DELETE FROM FlickrPushPhotos WHERE created < {$enc_then}";
    foreach ($GLOBALS['cfg']['db_users']['host'] as $cluster_id => $ignore) {
        db_write_users($cluster_id, $sql);
    }
}
function dots_search_extras_remove_dot(&$dot)
{
    $enc_id = AddSlashes($dot['id']);
    $sql = "DELETE FROM DotsSearchExtras WHERE dot_id='{$enc_id}'";
    $rsp = db_write($sql);
    if ($rsp['ok']) {
        $cache_key = "dots_search_extras_{$dot['id']}";
        cache_unset($cache_key);
    }
    return $rsp;
}
Esempio n. 14
0
	public function BuildUrl($page) {
		// Método encargado de armar la url asociada a los links de las páginas..

		$_REQUEST["pagina"] = $page;

		$result = $_SERVER["PHP_SELF"]."?";
		foreach ($_REQUEST as $key => $value)
			$result.= $key."=".$value."&";

		return AddSlashes($result);
	}
function dots_lookup_add_lots_of_dots(&$dots, $add_offline = 0)
{
    $_dots = array();
    foreach ($dots as $d) {
        $hash = array();
        foreach ($d as $key => $value) {
            $hash[$key] = AddSlashes($value);
        }
        $_dots[] = $hash;
    }
    return db_insert_many('DotsLookup', $_dots);
}
function foursquare_venues_add_venue($venue)
{
    $insert = array();
    foreach ($venue as $k => $v) {
        $insert[$k] = AddSlashes($v);
    }
    $rsp = db_insert('FoursquareVenues', $insert);
    if ($rsp['ok'] || $rsp['error_code'] == 1062) {
        $rsp['venue'] = $venue;
    }
    return $rsp;
}
function sheets_lookup_update(&$sheet, &$update)
{
    $cache_key = "sheets_lookup_{$sheet['id']}";
    cache_unset($cache_key);
    $hash = array();
    foreach ($update as $key => $value) {
        $hash[$key] = AddSlashes($value);
    }
    $enc_id = AddSlashes($sheet['id']);
    $where = "sheet_id={$enc_id}";
    return db_update('SheetsLookup', $update, $where);
}
Esempio n. 18
0
function login_check_login()
{
    $auth_cookie = $_COOKIE[$GLOBALS['cfg']['auth_cookie_name']];
    if (!$auth_cookie) {
        return;
    }
    $auth_cookie_enc = AddSlashes($auth_cookie);
    $user = db_single(db_fetch("SELECT * FROM glitchmash_players WHERE oauth_token='{$auth_cookie_enc}'"));
    if (!$user['tsid']) {
        return;
    }
    $GLOBALS['cfg']['user'] = $user;
}
Esempio n. 19
0
function login()
{
    global $language, $logintpl;
    $logintpl->set("language", $language);
    $language["INSERT_USERNAME"] = AddSlashes($language["INSERT_USERNAME"]);
    $language["INSERT_PASSWORD"] = AddSlashes($language["INSERT_PASSWORD"]);
    $login = array();
    $login["action"] = "index.php?page=login&amp;returnto=" . urlencode("index.php") . "";
    $login["username"] = $user;
    $login["create"] = "index.php?page=signup";
    $login["recover"] = "index.php?page=recover";
    $logintpl->set("login", $login);
}
Esempio n. 20
0
 public static function friendly_url($text)
 {
     $friendlyurl = Str_Replace(' ', '-', AddSlashes($text));
     $tbl = array("á" => "a", "ä" => "a", "č" => "c", "ď" => "d", "é" => "e", "ě" => "e", "í" => "i", "ľ" => "l", "ĺ" => "l", "ň" => "n", "ó" => "o", "ö" => "o", "ő" => "o", "ô" => "o", "ř" => "r", "ŕ" => "r", "š" => "s", "ť" => "t", "ú" => "u", "ů" => "u", "ü" => "u", "ű" => "u", "ý" => "y", "ž" => "z", "Á" => "A", "Ä" => "A", "Č" => "C", "Ď" => "D", "É" => "E", "Ě" => "E", "Í" => "I", "Ľ" => "L", "Ĺ" => "L", "Ň" => "N", "Ó" => "O", "Ö" => "O", "Ő" => "O", "Ô" => "O", "Ř" => "R", "Ŕ" => "R", "Š" => "S", "Ť" => "T", "Ú" => "U", "Ů" => "U", "Ü" => "U", "Ű" => "U", "Ý" => "Y", "Ž" => "Z", "'" => "", ",-" => "kc");
     $url = StrTr($friendlyurl, $tbl);
     $text = StrTr($url, "ÁÄČÇĎÉĚËÍŇÓÖŘŠŤÚŮÜÝŽáäčçďéěëíňóöřšťúůüýž", "AACCDEEEINOORSTUUUYZaaccdeeeinoorstuuuyz");
     // somehow I wasnt able to add following characters to previous StrTr strings:
     $text = StrTr($text, "& .,?!_+", "--------");
     //$text = Preg_Replace ("/[^[:alpha:][:digit:]]/", "-", $text);
     $text = Trim($text, "-");
     $text = Preg_Replace("/[-]+/", "-", $text);
     return strtolower($text);
 }
function reverse_geoplanet_add($data)
{
    $insert = array();
    foreach ($data as $key => $value) {
        $insert[$key] = AddSlashes($value);
    }
    $rsp = db_insert('reverse_geoplanet', $insert);
    if ($rsp['ok']) {
        $cache_key = _reverse_geoplanet_cache_key($data['latitude'], $data['longitude']);
        cache_set($cache_key, $data, 'cache locally');
        $rsp['data'] = $data;
    }
    return $rsp;
}
function flickr_users_path_aliases_update(&$path_alias, &$update)
{
    $insert = array();
    foreach ($update as $k => $v) {
        $insert[$k] = AddSlashes($v);
    }
    $enc_alias = AddSlashes($path_alias['path_alias']);
    $where = "path_alias='{$enc_alias}'";
    $rsp = db_update('FlickrUsersPathAliases', $update, $where);
    if ($rsp['ok']) {
        $cache_key = "flickr_users_path_alias_{$path_alias['path_alias']}";
        cache_unset($cache_key);
    }
    return $rsp;
}
Esempio n. 23
0
function faq_read()
{
    global $admintpl, $language, $STYLEURL, $CURUSER, $STYLEPATH;
    $admintpl->set("faq_add", false, true);
    $admintpl->set("language", $language);
    $cres = genrelistfaq('', 'faq_group');
    for ($i = 0; $i < count($cres); $i++) {
        $cres[$i]["name"] = unesc($cres[$i]["title"]);
        $cres[$i]["edit"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=faq_group&amp;action=edit&amp;id=" . $cres[$i]["id"] . "\">" . image_or_link("{$STYLEPATH}/images/edit.png", "", $language["EDIT"]) . "</a>";
        $cres[$i]["delete"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=faq_group&amp;action=delete&amp;id=" . $cres[$i]["id"] . "\" onclick=\"return confirm('" . AddSlashes($language["DELETE_CONFIRM"]) . "')\">" . image_or_link("{$STYLEPATH}/images/delete.png", "", $language["DELETE"]) . "</a>";
    }
    $admintpl->set("faq", $cres);
    $admintpl->set("faq_add_new", "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=faq_group&amp;action=add\">" . $language["FAQ_ADD"] . "</a>");
    unset($cres);
}
Esempio n. 24
0
function category_read()
{
    global $admintpl, $language, $STYLEURL, $CURUSER, $STYLEPATH;
    $admintpl->set("category_add", false, true);
    $admintpl->set("language", $language);
    $cres = genrelist();
    for ($i = 0; $i < count($cres); $i++) {
        $cres[$i]["name"] = unesc($cres[$i]["name"]);
        $cres[$i]["image"] = "<img src=\"{$STYLEURL}/images/categories/" . $cres[$i]["image"] . "\" alt=\"\" border=\"0\" />";
        $cres[$i]["edit"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=category&amp;action=edit&amp;id=" . $cres[$i]["id"] . "\">" . image_or_link("{$STYLEPATH}/images/edit.png", "", $language["EDIT"]) . "</a>";
        $cres[$i]["delete"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=category&amp;action=delete&amp;id=" . $cres[$i]["id"] . "\" onclick=\"return confirm('" . AddSlashes($language["DELETE_CONFIRM"]) . "')\">" . image_or_link("{$STYLEPATH}/images/delete.png", "", $language["DELETE"]) . "</a>";
    }
    $admintpl->set("categories", $cres);
    $admintpl->set("category_add_new", "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=category&amp;action=add\">" . $language["CATEGORY_ADD"] . "</a>");
    unset($cres);
}
function flickr_backups_for_user(&$user, $type_id = null)
{
    $enc_user = AddSlashes($user['id']);
    $sql = "SELECT * FROM FlickrBackups WHERE user_id='{$enc_user}'";
    if (isset($type_id)) {
        $enc_type = AddSlashes($type_id);
        $sql .= " AND type_id='{$enc_type}'";
    }
    $rsp = db_fetch($sql);
    $backups = array();
    $map = flickr_backups_type_map();
    foreach ($rsp['rows'] as $row) {
        $type = $map[$row['type_id']];
        $backups[$type] = $row;
    }
    return $backups;
}
Esempio n. 26
0
function api_keys_create(&$user)
{
    $id = dbtickets_create(64);
    $key = api_keys_generate_key();
    $secret = random_string(64);
    $now = time();
    $key_row = array('id' => $id, 'user_id' => $user['id'], 'app_key' => $key, 'app_secret' => $secret, 'created' => $now);
    # TO DO: callbacks and other stuff (what?)
    $insert = array();
    foreach ($key_row as $k => $v) {
        $insert[$k] = AddSlashes($v);
    }
    $rsp = db_insert('ApiKeys', $insert);
    if ($rsp['ok']) {
        $rsp['key'] = $key_row;
    }
    return $rsp;
}
function flickr_photos_geo_corrections_create($correction)
{
    $user = users_get_by_id($correction['user_id']);
    if (!$user['id']) {
        return not_okay("Invalid user ID");
    }
    $cluster_id = $user['cluster_id'];
    $correction['created'] = time();
    $insert = array();
    foreach ($correction as $k => $v) {
        $insert[$k] = AddSlashes($v);
    }
    $rsp = db_insert_users($cluster_id, 'FlickrPhotosGeoCorrections', $insert);
    if ($rsp['ok']) {
        $rsp['correction'] = $correction;
    }
    return $rsp;
}
Esempio n. 28
0
function Add($row)
{
    if (get_magic_quotes_gpc()) {
        return $row;
    }
    if (is_Array($row)) {
        foreach ($row as $key => $value) {
            if (is_Array($row[$key])) {
                $row[$key] = Add($row[$key]);
            } else {
                $row[$key] = AddSlashes($value);
            }
        }
    } else {
        $row = AddSlashes($row);
    }
    return $row;
}
function foursquare_users_update_user(&$foursquare_user, $update)
{
    $hash = array();
    foreach ($update as $k => $v) {
        $hash[$k] = AddSlashes($v);
    }
    $enc_id = AddSlashes($foursquare_user['user_id']);
    $where = "user_id='{$enc_id}'";
    $rsp = db_update('FoursquareUsers', $hash, $where);
    if ($rsp['ok']) {
        $foursquare_user = array_merge($foursquare_user, $update);
        # $cache_key = "foursquare_user_{$foursquare_user['foursquare_id']}";
        # cache_unset($cache_key);
        $cache_key = "foursquare_user_{$foursquare_user['user_id']}";
        cache_unset($cache_key);
    }
    return $rsp;
}
Esempio n. 30
0
function read_styles()
{
    global $TABLE_PREFIX, $language, $CURUSER, $admintpl, $STYLEPATH;
    $sres = style_list();
    for ($i = 0; $i < count($sres); $i++) {
        $res = do_sqlquery("SELECT COUNT(*) FROM {$TABLE_PREFIX}users WHERE style = " . $sres[$i]["id"], true);
        $sres[$i]["style_users"] = mysql_result($res, 0, 0);
        $sres[$i]["style"] = unesc($sres[$i]["style"]);
        $sres[$i]["style_url"] = unesc($sres[$i]["style_url"]);
        $sres[$i]["edit"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=style&amp;action=edit&amp;id=" . $sres[$i]["id"] . "\">" . image_or_link("{$STYLEPATH}/images/edit.png", "", $language["EDIT"]) . "</a>";
        $sres[$i]["delete"] = "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=style&amp;action=delete&amp;id=" . $sres[$i]["id"] . "\" onclick=\"return confirm('" . AddSlashes($language["DELETE_CONFIRM"]) . "')\">" . image_or_link("{$STYLEPATH}/images/delete.png", "", $language["DELETE"]) . "</a>";
    }
    $admintpl->set("style_add", false, true);
    $admintpl->set("language", $language);
    $admintpl->set("styles", $sres);
    $admintpl->set("style_add_new", "<a href=\"index.php?page=admin&amp;user="******"uid"] . "&amp;code=" . $CURUSER["random"] . "&amp;do=style&amp;action=add\">" . $language["STYLE_ADD"] . "</a>");
    unset($sres);
    mysql_free_result($res);
}