function FormatPropertiesForDatabaseInput() { $this->Label = FormatStringForDatabaseInput($this->Label); $this->Contents = FormatStringForDatabaseInput($this->Contents); $this->Contents = eregi_replace("<textarea>", "<textarea>", $this->Contents); $this->Contents = eregi_replace("<//textarea>", "</textarea>", $this->Contents); }
function GetIdentity() { if (!session_id()) { session_start(); } $UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0); if ($UserID == 0) { // UserID wasn't found in the session, so attempt to retrieve it from the cookies // Retrieve cookie values $EncryptedUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], ''); $VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], ''); if ($EncryptedUserID != '' && $VerificationKey != '') { // Compare against db values // Sadly, because this class is meant to be an interface for distributed objects, I can't use any of the error checking in the Lussumo Framework $Query = "select UserID\n from LUM_User\n where VerificationKey = '" . FormatStringForDatabaseInput($VerificationKey) . "'"; $Result = $this->Context->Database->Execute($Query, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials'); if ($Result) { $UserID = 0; while ($rows = $this->Context->Database->GetRow($Result)) { if ($EncryptedUserID == md5($rows['UserID'])) { $UserID = ForceInt($rows['UserID'], 0); $EncryptedUserID = $rows['EncryptedUserID']; break; } } if ($UserID > 0) { // 1. Set a new verification key $VerificationKey = DefineVerificationKey(); // 2. Update the user's information $this->UpdateLastVisit($UserID, $VerificationKey); // 3. Set the 'remember me' cookies $this->SetCookieCredentials($EncryptedUserID, $VerificationKey); // 4. Log the user's IP address $this->LogIp($UserID); } } } } // If it has now been found, set up the session. $this->AssignSessionUserID($UserID); return $UserID; }
function FormatPropertiesForDatabaseInput() { $this->RoleName = FormatStringForDatabaseInput($this->RoleName, 1); $this->Icon = FormatStringForDatabaseInput($this->Icon, 1); $this->Description = FormatStringForDatabaseInput($this->Description, 1); if (is_array($this->Permissions)) { // Make sure to remove the hard-coded permissions from the array before saving if (array_key_exists('PERMISSION_SIGN_IN', $this->Permissions)) { unset($this->Permissions['PERMISSION_SIGN_IN']); } if (array_key_exists('PERMISSION_HTML_ALLOWED', $this->Permissions)) { unset($this->Permissions['PERMISSION_HTML_ALLOWED']); } if (array_key_exists('PERMISSION_RECEIVE_APPLICATION_NOTIFICATION', $this->Permissions)) { unset($this->Permissions['PERMISSION_RECEIVE_APPLICATION_NOTIFICATION']); } // Now serialize the array $this->Permissions = SerializeArray($this->Permissions); } }
function FormatPropertiesForDatabaseInput() { $this->Name = FormatStringForDatabaseInput($this->Name, 1); $this->Url = FormatStringForDatabaseInput($this->Url, 1); $this->PreviewImage = FormatStringForDatabaseInput($this->PreviewImage, 1); }
function VerifyPasswordResetRequest($VerificationUserID, $EmailVerificationKey) { $VerificationUserID = ForceInt($VerificationUserID, 0); $EmailVerificationKey = ForceString($EmailVerificationKey, ''); $EmailVerificationKey = FormatStringForDatabaseInput($EmailVerificationKey); // Attempt to retrieve email address $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('UserID', 'u'); $s->AddWhere('u', 'UserID', '', $VerificationUserID, '='); $s->AddWhere('u', 'EmailVerificationKey', '', $EmailVerificationKey, '='); $UserResult = $this->Context->Database->Select($s, $this->Name, 'VerifyPasswordResetRequest', 'An error occurred while retrieving account information.'); if ($this->Context->Database->RowCount($UserResult) == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPasswordResetRequest')); } return $this->Context->WarningCollector->Iif(); }
function FormatPropertiesForDatabaseInput() { $this->Label = FormatStringForDatabaseInput($this->Label); $this->Keywords = FormatStringForDatabaseInput($this->Keywords); $this->Query = FormatStringForDatabaseInput($this->Query); $this->AuthUsername = FormatStringForDatabaseInput($this->AuthUsername); $this->Categories = FormatStringForDatabaseInput($this->Categories); $this->Roles = FormatStringForDatabaseInput($this->Roles); }
} } if ($Type != "") { // Perform some http authentication if public browsing is not enabled. if (!agPUBLIC_BROWSING && $Context->Session->UserID == 0) { $UserIsAuthenticated = 0; // Assume user is not authenticated $PHP_AUTH_USER = ForceString(@$_SERVER["PHP_AUTH_USER"], ""); $PHP_AUTH_PW = ForceString(@$_SERVER["PHP_AUTH_PW"], ""); if ($PHP_AUTH_USER != "" && $PHP_AUTH_PW != "") { // Validate the inputs $s = $Context->ObjectFactory->NewContextObject($Context, "SqlBuilder"); $s->SetMainTable("User", "u"); $s->AddSelect("UserID", "u"); $s->AddWhere("Name", FormatStringForDatabaseInput($PHP_AUTH_USER), "="); $s->AddWhere("Password", FormatStringForDatabaseInput($PHP_AUTH_PW), "=", "and", "md5"); $ValidationData = $Context->Database->Select($Context, $s, "Feed", "ValidateCredentials", "An error occurred while validating user credentials."); if ($Context->Database->RowCount($ValidationData) > 0) { $UserIsAuthenticated = true; } } if (!$UserIsAuthenticated) { header('WWW-Authenticate: Basic realm="Private"'); header('HTTP/1.0 401 Unauthorized'); } } if ($UserIsAuthenticated) { // Create a new sqlbuilder to retrieve feed data $s = $Context->ObjectFactory->NewContextObject($Context, "SqlBuilder"); $s->SetMainTable("Discussion", "d"); $s->AddSelect(array("DiscussionID", "CategoryID", "AuthUserID", "Name", "DateCreated", "DateLastActive", "CountComments"), "d");
function ValidateWhisperUsername(&$Comment) { if ($Comment->WhisperUsername != '') { $Name = FormatStringForDatabaseInput($Comment->WhisperUsername); $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('UserID', 'u'); $s->AddWhere('u', 'Name', '', $Name, '='); $Result = $this->Context->Database->Select($s, $this->Name, 'ValidateWhisperUsername', 'An error occurred while attempting to validate the username entered as the whisper recipient.'); while ($Row = $this->Context->Database->GetRow($Result)) { $Comment->WhisperUserID = ForceInt($Row['UserID'], 0); } if ($Comment->WhisperUserID == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrWhisperInvalid')); } } return $this->Context->WarningCollector->Iif(); }
function ValidateWhisperUsername(&$Comment) { if ($Comment->WhisperUsername != "") { $Name = FormatStringForDatabaseInput($Comment->WhisperUsername); $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder"); $s->SetMainTable("User", "u"); $s->AddSelect("UserID", "u"); $s->AddWhere("Name", $Name, "="); $Result = $this->Context->Database->Select($this->Context, $s, $this->Name, "ValidateWhisperUsername", "An error occurred while attempting to validate the username entered as the whisper recipient."); while ($Row = $this->Context->Database->GetRow($Result)) { $Comment->WhisperUserID = ForceInt($Row["UserID"], 0); } if ($Comment->WhisperUserID == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrWhisperInvalid")); } } return $this->Context->WarningCollector->Iif(); }
function FormatPropertiesForDatabaseInput() { $this->Name = FormatStringForDatabaseInput($this->Name, 1); $this->Description = FormatStringForDatabaseInput($this->Description, 1); }
function SaveDiscussion($Discussion) { if (!$this->Context->Session->User->Permission('PERMISSION_START_DISCUSSION')) { $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionStartDiscussions')); } else { // If not editing, and the posted discussion count is less than the // user's current discussion count, silently skip the posting and // redirect as if everything is normal. if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) { // Silently fail to post the data // Need to get the user's last posted discussionID and direct them to it $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('Discussion', 'd'); $s->AddSelect('DiscussionID', 'd'); $s->AddWhere('c', 'AuthUserID', '', $this->Context->Session->UserID, '='); $s->AddOrderBy('DateCreated', 'd', 'desc'); $s->AddLimit(0, 1); $LastDiscussionData = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while retrieving your last discussion.'); while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) { $Discussion->DiscussionID = ForceInt($Row['DiscussionID'], 0); } // Make sure we got it if ($Discussion->DiscussionID == 0) { $this->Context->ErrorManager->AddError($this->Context, $this->Name, 'SaveDiscussion', 'Your last discussion could not be found.'); } } else { $NewDiscussion = 0; $OldDiscussion = false; if ($Discussion->DiscussionID == 0) { $NewDiscussion = 1; } else { $OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID); } // Validate the Discussion topic $Name = FormatStringForDatabaseInput($Discussion->Name); Validate($this->Context->GetDefinition('DiscussionTopicLower'), 1, $Name, 100, '', $this->Context); //Validate the category ID and role $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('Category', 'c'); $s->AddSelect('CategoryID', 'c'); $s->AddJoin('CategoryRoleBlock', 'crb', 'CategoryID', 'c', 'CategoryID', 'left join', ' and crb.' . $this->Context->DatabaseColumns['CategoryRoleBlock']['RoleID'] . ' = ' . $this->Context->Session->User->RoleID); $s->AddWhere('crb', 'Blocked', '', '0', '=', 'and', '', 1, 1); $s->AddWhere('crb', 'Blocked', '', '0', '=', 'or', '', 0, 0); $s->AddWhere('crb', 'Blocked', '', 'null', 'is', 'or', '', 0, 0); $s->AddWhere('c', 'CategoryID', '', $Discussion->CategoryID, '=', 'and'); $s->EndWhereGroup(); $CategoryAllowed = $this->Context->Database->Select($s, $this->Name, 'SaveDiscussion', 'An error occurred while validating category permissions.'); if ($this->Context->Database->RowCount($CategoryAllowed) < 1) { $Discussion->CategoryID = 0; } if ($Discussion->CategoryID <= 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrSelectCategory')); } // Validate first comment $Discussion->Comment->DiscussionID = $Discussion->DiscussionID; if ($OldDiscussion) { $Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID; } else { $Discussion->Comment->CommentID = 0; } $CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'CommentManager'); $CommentManager->ValidateComment($Discussion->Comment, 0); // Validate the whisperusername $CommentManager->ValidateWhisperUsername($Discussion); // If updating, validate that this is admin or the author if (!$NewDiscussion) { if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->Permission('PERMISSION_EDIT_DISCUSSIONS')) { $this->Context->WarningCollector->Add($this->Context->GetDefinition('ErrPermissionEditComments')); } } // If validation was successful, then reset the properties to db safe values for saving if ($this->Context->WarningCollector->Count() == 0) { $Discussion->Name = $Name; } if ($this->Context->WarningCollector->Iif()) { $s->Clear(); // Update the user info & check for spam if ($NewDiscussion) { $UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, 'UserManager'); $UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID); } // Proceed with the save if there are no warnings if ($this->Context->WarningCollector->Count() == 0) { $this->DelegateParameters['SqlBuilder'] =& $s; $this->CallDelegate('PreSaveDiscussion'); $s->SetMainTable('Discussion', 'd'); $s->AddFieldNameValue('Name', $Discussion->Name); $s->AddFieldNameValue('CategoryID', $Discussion->CategoryID); if ($NewDiscussion) { $s->AddFieldNameValue('AuthUserID', $this->Context->Session->UserID); $s->AddFieldNameValue('DateCreated', MysqlDateTime()); $s->AddFieldNameValue('DateLastActive', MysqlDateTime()); $s->AddFieldNameValue('CountComments', 0); $s->AddFieldNameValue('WhisperUserID', $Discussion->WhisperUserID); if ($Discussion->WhisperUserID != '0') { $s->AddFieldNameValue('DateLastWhisper', MysqlDateTime()); } $Discussion->DiscussionID = $this->Context->Database->Insert($s, $this->Name, 'NewDiscussion', 'An error occurred while creating a new discussion.'); $Discussion->Comment->DiscussionID = $Discussion->DiscussionID; } else { $s->AddWhere('d', 'DiscussionID', '', $Discussion->DiscussionID, '='); $this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating the discussion.'); } } // Now save the associated Comment if ($Discussion->Comment->DiscussionID > 0) { $CommentManager->SaveComment($Discussion->Comment, 1); // Now update the topic table so that we know what the first comment in the discussion was if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) { $s->Clear(); $s->SetMainTable('Discussion', 'd'); $s->AddFieldNameValue('FirstCommentID', $Discussion->Comment->CommentID); $s->AddWhere('d', 'DiscussionID', '', $Discussion->Comment->DiscussionID, '='); $this->Context->Database->Update($s, $this->Name, 'NewDiscussion', 'An error occurred while updating discussion properties.'); } } } } } return $this->Context->WarningCollector->Iif($Discussion, false); }
$Connection = @mysql_connect($DBHost, $DBUser, $DBPass); if (!$Connection) { $WarningCollector->Add("We couldn't connect to the server you provided (" . $DBHost . "). Are you sure you entered the right server, username and password?"); } elseif (!mysql_select_db($DBName, $Connection)) { $WarningCollector->Add("We connected to the server, but we couldn't access the \"" . $DBName . "\" database. Are you sure it exists and that the specified user has access to it?"); } } // Create the administrative user if ($WarningCollector->Count() == 0 && $Connection) { $Username = FormatStringForDatabaseInput($Username); $Password = FormatStringForDatabaseInput($Password); $s = new SqlBuilder($Context); $s->SetMainTable("User", "u"); $s->AddFieldNameValue("FirstName", "Administrative"); $s->AddFieldNameValue("LastName", "User"); $s->AddFieldNameValue("Email", FormatStringForDatabaseInput($SupportEmail)); $s->AddFieldNameValue("Name", $Username); $s->AddFieldNameValue("Password", $Password, 1, "md5"); $s->AddFieldNameValue("DateFirstVisit", MysqlDateTime()); $s->AddFieldNameValue("DateLastActive", MysqlDateTime()); $s->AddFieldNameValue("CountVisit", 0); $s->AddFieldNameValue("CountDiscussions", 0); $s->AddFieldNameValue("CountComments", 0); $s->AddFieldNameValue("RoleID", 6); $s->AddFieldNameValue("StyleID", 1); $s->AddFieldNameValue("UtilizeEmail", 0); $s->AddFieldNameValue("RemoteIP", GetRemoteIp(1)); if (!@mysql_query($s->GetInsert(), $Connection)) { $WarningCollector->Add("Something bad happened when we were trying to create your administrative user account. Mysql said: " . mysql_error($Connection)); } else { // Now insert the role history assignment
function VerifyPasswordResetRequest($VerificationUserID, $EmailVerificationKey) { $VerificationUserID = ForceInt($VerificationUserID, 0); $EmailVerificationKey = ForceString($EmailVerificationKey, ""); $EmailVerificationKey = FormatStringForDatabaseInput($EmailVerificationKey); // Attempt to retrieve email address $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder"); $s->SetMainTable("User"); $s->AddSelect("UserID"); $s->AddWhere("UserID", $VerificationUserID, "="); $s->AddWhere("EmailVerificationKey", $EmailVerificationKey, "="); $UserResult = $this->Context->Database->Select($this->Context, $s, $this->Name, "VerifyPasswordResetRequest", "An error occurred while retrieving account information."); if ($this->Context->Database->RowCount($UserResult) == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPasswordResetRequest")); } return $this->Context->WarningCollector->Iif(); }
function FormatPropertiesForDatabaseInput() { $this->CustomStyle = FormatStringForDatabaseInput($this->CustomStyle, 1); $this->Name = FormatStringForDatabaseInput($this->Name, 1); $this->FirstName = FormatStringForDatabaseInput($this->FirstName, 1); $this->LastName = FormatStringForDatabaseInput($this->LastName, 1); $this->Email = FormatStringForDatabaseInput($this->Email, 1); $this->Icon = FormatStringForDatabaseInput($this->Icon, 1); $this->Picture = FormatStringForDatabaseInput($this->Picture, 1); $this->Password = FormatStringForDatabaseInput($this->Password, 1); $this->OldPassword = FormatStringForDatabaseInput($this->OldPassword, 1); $this->NewPassword = FormatStringForDatabaseInput($this->NewPassword, 1); $this->ConfirmPassword = FormatStringForDatabaseInput($this->ConfirmPassword, 1); $this->VerificationKey = FormatStringForDatabaseInput($this->VerificationKey); $this->Attributes = SerializeArray($this->Attributes); $this->Discovery = FormatStringForDatabaseInput($this->Discovery, 1); }
function GetIdentity() { if (!session_id()) { session_set_cookie_params(0, $this->Context->Configuration['COOKIE_PATH'], $this->Context->Configuration['COOKIE_DOMAIN']); session_start(); } $UserID = ForceInt(@$_SESSION[$this->Context->Configuration['SESSION_USER_IDENTIFIER']], 0); if ($UserID == 0) { // UserID wasn't found in the session, so attempt to retrieve it from the cookies // Retrieve cookie values $CookieUserID = ForceIncomingCookieString($this->Context->Configuration['COOKIE_USER_KEY'], ''); $VerificationKey = ForceIncomingCookieString($this->Context->Configuration['COOKIE_VERIFICATION_KEY'], ''); if ($CookieUserID != '' && $VerificationKey != '') { // Compare against db values $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddJoin('Role', 'r', 'RoleID', 'u', 'RoleID', 'inner join'); $s->AddSelect('UserID', 'u'); $s->AddWhere('u', 'UserID', '', FormatStringForDatabaseInput($CookieUserID), '='); $s->AddWhere('u', 'VerificationKey', '', FormatStringForDatabaseInput($VerificationKey), '='); $Result = $this->Context->Database->Select($s, 'Authenticator', 'GetIdentity', 'An error occurred while attempting to validate your remember me credentials'); if ($Result) { while ($rows = $this->Context->Database->GetRow($Result)) { $UserID = ForceInt($rows['UserID'], 0); } if ($UserID > 0) { // 1. Update the user's information $this->UpdateLastVisit($UserID); // 2. Log the user's IP address $this->LogIp($UserID); } } } } // If it has now been found, set up the session. $this->AssignSessionUserID($UserID); return $UserID; }
function FormatPropertiesForDatabaseInput() { $this->Username = FormatStringForDatabaseInput($this->Username, 1); $this->Password = FormatStringForDatabaseInput($this->Password, 1); }
function ValidateComment(&$Comment, $DiscussionIDRequired = "1") { $DiscussionIDRequired = ForceBool($DiscussionIDRequired, 0); if ($DiscussionIDRequired) { $Comment->DiscussionID = ForceInt($Comment->DiscussionID, 0); if ($Comment->DiscussionID == 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrDiscussionID")); } } // First update the values so they are safe for db input $Body = FormatStringForDatabaseInput($Comment->Body); // Instantiate a new validator for each field Validate($this->Context->GetDefinition("CommentsLower"), 1, $Body, agMAX_COMMENT_LENGTH, "", $this->Context); return $this->Context->WarningCollector->Iif(); }
function GetRemoteIp($FormatIpForDatabaseInput = '0') { $FormatIpForDatabaseInput = ForceBool($FormatIpForDatabaseInput, 0); $sReturn = ForceString(@$_SERVER['REMOTE_ADDR'], ''); if (strlen($sReturn) > 20) { $sReturn = substr($sReturn, 0, 19); } if ($FormatIpForDatabaseInput) { $sReturn = FormatStringForDatabaseInput($sReturn, 1); } return $sReturn; }
function SaveDiscussion($Discussion) { if (!$this->Context->Session->User->CanPostDiscussion) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionStartDiscussions")); } else { // If not editing, and the posted discussion count is less than the // user's current discussion count, silently skip the posting and // redirect as if everything is normal. if ($Discussion->DiscussionID == 0 && $Discussion->UserDiscussionCount < $this->Context->Session->User->CountDiscussions) { // Silently fail to post the data // Need to get the user's last posted discussionID and direct them to it $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder"); $s->SetMainTable("Discussion", "d"); $s->AddSelect("DiscussionID", "d"); $s->AddWhere("AuthUserID", $this->Context->Session->UserID, "="); $s->AddOrderBy("DateCreated", "d", "desc"); $s->AddLimit(0, 1); $LastDiscussionData = $this->Context->Database->Select($this->Context, $s, $this->Name, "SaveDiscussion", "An error occurred while retrieving your last discussion."); while ($Row = $this->Context->Database->GetRow($LastDiscussionData)) { $Discussion->DiscussionID = ForceInt($Row["DiscussionID"], 0); } // Make sure we got it if ($Discussion->DiscussionID == 0) { $this->Context->ErrorManager->AddError($this->Context, $this->Name, "SaveDiscussion", "Your last discussion could not be found."); } } else { $NewDiscussion = 0; $OldDiscussion = false; if ($Discussion->DiscussionID == 0) { $NewDiscussion = 1; } else { $OldDiscussion = $this->GetDiscussionById($Discussion->DiscussionID); } // Validate the Discussion topic $Name = FormatStringForDatabaseInput($Discussion->Name); Validate($this->Context->GetDefinition("DiscussionTopicLower"), 1, $Name, 100, "", $this->Context); if ($Discussion->CategoryID <= 0) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrSelectCategory")); } // Validate first comment $Discussion->Comment->DiscussionID = $Discussion->DiscussionID; if ($OldDiscussion) { $Discussion->Comment->CommentID = $OldDiscussion->FirstCommentID; } else { $Discussion->Comment->CommentID = 0; } $CommentManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "CommentManager"); $CommentManager->ValidateComment($Discussion->Comment, 0); // If updating, validate that this is admin or the author if (!$NewDiscussion) { if ($OldDiscussion->AuthUserID != $this->Context->Session->UserID && !$this->Context->Session->User->AdminCategories) { $this->Context->WarningCollector->Add($this->Context->GetDefinition("ErrPermissionEditComments")); } } // If validation was successful, then reset the properties to db safe values for saving if ($this->Context->WarningCollector->Count() == 0) { $Discussion->Name = $Name; } if ($this->Context->WarningCollector->Iif()) { $s = $this->Context->ObjectFactory->NewContextObject($this->Context, "SqlBuilder"); // Update the user info & check for spam if ($NewDiscussion) { $UserManager = $this->Context->ObjectFactory->NewContextObject($this->Context, "UserManager"); $UserManager->UpdateUserDiscussionCount($this->Context->Session->UserID); } // Proceed with the save if there are no warnings if ($this->Context->WarningCollector->Count() == 0) { $s->SetMainTable("Discussion"); $s->AddFieldNameValue("Name", $Discussion->Name); $s->AddFieldNameValue("CategoryID", $Discussion->CategoryID); if ($NewDiscussion) { $s->AddFieldNameValue("AuthUserID", $this->Context->Session->UserID); $s->AddFieldNameValue("DateCreated", MysqlDateTime()); $s->AddFieldNameValue("DateLastactive", MysqlDateTime()); $s->AddFieldNameValue("CountComments", 0); $Discussion->DiscussionID = $this->Context->Database->Insert($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while creating a new discussion."); $Discussion->Comment->DiscussionID = $Discussion->DiscussionID; if ($this->Context->WarningCollector->Count() == 0) { $n = $this->Context->ObjectFactory->NewContextObject($this->Context, "Notify"); $n->NotifyDiscussion($Discussion->DiscussionID, $this); } } else { $s->AddWhere("DiscussionID", $Discussion->DiscussionID, "="); $this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating the discussion."); } } // Now save the associated Comment if ($Discussion->Comment->DiscussionID > 0) { $CommentManager->SaveComment($Discussion->Comment, 1); // Now update the topic table so that we know what the first comment in the discussion was if ($Discussion->Comment->CommentID > 0 && $NewDiscussion) { $s->Clear(); $s->SetMainTable("Discussion", "d"); $s->AddFieldNameValue("FirstCommentID", $Discussion->Comment->CommentID); $s->AddWhere("DiscussionID", $Discussion->Comment->DiscussionID, "="); $this->Context->Database->Update($this->Context, $s, $this->Name, "NewDiscussion", "An error occurred while updating discussion properties."); } } } } } return $this->Context->WarningCollector->Iif($Discussion, false); }
/* * Copyright 2003 Mark O'Sullivan * This file is part of Vanilla. * Vanilla is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. * Vanilla is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. * You should have received a copy of the GNU General Public License along with Vanilla; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * The latest source code for Vanilla is available at www.lussumo.com * Contact Mark O'Sullivan at mark [at] lussumo [dot] com * * Description: File used by Dynamic Data Management object to fill autocomplete data on user input field */ include '../appg/settings.php'; include '../appg/init_ajax.php'; $Search = ForceIncomingString('Search', ''); $Search = urldecode($Search); $Search = FormatStringForDatabaseInput($Search); if ($Search != '') { $s = $Context->ObjectFactory->NewContextObject($Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('Name', 'u'); $s->AddWhere('u', 'Name', '', $Search . '%', 'like'); $s->AddOrderBy('Name', 'u', 'asc'); $s->AddLimit(0, 10); $ResultSet = $Context->Database->Select($s, 'Ajax', 'AutoComplete', 'An error occurred while retrieving autocomplete items.', 0); $Name = ''; $Loop = 1; if ($ResultSet) { while ($row = $Context->Database->GetRow($ResultSet)) { if ($Loop > 1) { echo ','; }
function FormatPropertiesForDatabaseInput() { // Pass the body into a formatter for db input $this->Body = $this->Context->FormatString($this->Body, $this, $this->FormatType, FORMAT_STRING_FOR_DATABASE); $this->Body = FormatStringForDatabaseInput($this->Body); $this->WhisperUsername = FormatStringForDatabaseInput($this->WhisperUsername); }
/** * Validate user's Verification * * Return user's id * * @param int $UserID * @param string $VerificationKey * @return unknown */ function ValidateVerificationKey($UserID, $VerificationKey) { $UserID = ForceInt($UserID, 0); $VerificationKey = FormatStringForDatabaseInput($VerificationKey); if ($UserID && $VerificationKey) { $s = $this->Context->ObjectFactory->NewContextObject($this->Context, 'SqlBuilder'); $s->SetMainTable('User', 'u'); $s->AddSelect('UserID', 'u'); $s->AddWhere('u', 'UserID', '', $UserID, '='); $s->AddWhere('u', 'VerificationKey', '', $VerificationKey, '='); $Result = $this->Context->Database->Select($s, $this->Name, 'VerifyVerificationKey', 'An error occurred while attempting to validate your remember me credentials'); if ($Result) { $UserID = 0; while ($rows = $this->Context->Database->GetRow($Result)) { $UserID = ForceInt($rows['UserID'], 0); } return $UserID; } } return 0; }
function FormatPropertiesForDatabaseInput() { $this->Name = FormatStringForDatabaseInput($this->Name); $this->Title = FormatStringForDatabaseInput($this->Title); $this->Description = FormatStringForDatabaseInput($this->Description); $this->Path = FormatStringForDatabaseInput($this->Path); }