/** * Creates a preference string. * * When a string is created, will trigger a 'preference.create > done' callback event. * * @param string $name The name * @param string $val The value * @param string $event The section the preference appears in * @param int $type Either PREF_CORE, PREF_PLUGIN, PREF_HIDDEN * @param string $html The HTML control type the field uses. Can take a custom function name * @param int $position Used to sort the field on the Preferences panel * @param string|bool $user_name The user name, PREF_GLOBAL or PREF_PRIVATE * @return bool TRUE if the string exists, FALSE on error * @since 4.6.0 * @package Pref * @example * if (create_pref('myPref', 'value', 'site', PREF_PLUGIN, 'text_input', 25)) * { * echo "'myPref' created."; * } */ function create_pref($name, $val, $event = 'publish', $type = PREF_CORE, $html = 'text_input', $position = 0, $user_name = PREF_GLOBAL) { global $txp_user; if ($user_name === PREF_PRIVATE) { if (!$txp_user) { return false; } $user_name = $txp_user; } if (pref_exists($name, $user_name)) { return true; } if (safe_insert('txp_prefs', "prefs_id = 1,\n name = '" . doSlash($name) . "',\n val = '" . doSlash($val) . "',\n event = '" . doSlash($event) . "',\n html = '" . doSlash($html) . "',\n type = " . intval($type) . ",\n position = " . intval($position) . ",\n user_name = '" . doSlash((string) $user_name) . "'") === false) { return false; } callback_event('preference.create', 'done', 0, compact('name', 'val', 'event', 'type', 'html', 'position', 'user_name')); return true; }
function edit_post() { global $DB, $Security; if (!session('id')) { return to_index(); } if (strtolower(session('name')) != strtolower(post('name'))) { print "You may only change the case of your name."; exit_clean(); } else { $update = array(); $update['name'] = post('name'); $update['postalcode'] = post('postalcode'); $DB->update("member", "id", session('id'), $update); unset($_POST['name'], $_POST['postalcode']); } if (post("_current") && post("_pass") && post("_pass_confirm")) { if (strlen(post("_pass")) < 4) { print "Your password must be at least 4 characters."; exit_clean(); } if (post("_pass") != post("_pass_confirm")) { print "Your new passwords did not match."; exit_clean(); } if (!$Security->auth(session('name'), post('_current'))) { print "Your current password did not match our records."; exit_clean(); } $DB->query("UPDATE member SET pass=\$1 WHERE id=\$2", array(md5(post('_pass')), session('id'))); $Security->update_session(session('id')); $Security->setcookie(); } foreach ($_POST as $key => $value) { if (substr($key, 0, 1) == "_") { continue; } if ($pref_id = $DB->value("SELECT id FROM pref WHERE name=\$1", array($key))) { if (!pref_exists($pref_id, session('id'))) { if ($value == "") { continue; } $insert = array(); $insert['pref_id'] = $pref_id; $insert['member_id'] = session('id'); $insert['value'] = $value; $DB->insert("member_pref", $insert); } else { if ($value == "") { $DB->query("DELETE FROM member_pref WHERE member_id=\$1 AND pref_id=\$2", array(session('id'), $pref_id)); } else { $DB->query("UPDATE\r\n member_pref\r\n SET\r\n value=\$1\r\n WHERE\r\n member_id=\$2\r\n AND\r\n pref_id=\$3", array($value, session('id'), $pref_id)); } } } } $Security->update_session(session('id')); exit_clean(); }