case "poll":
echo "<script type='text/javascript'>document.location.href='" . e_HTTP . "comment.php?comment.{$table}.{$redirectFlag}'</script>\n";
exit;
case "download":
echo "<script type='text/javascript'>document.location.href='" . e_HTTP . "download.php?view.{$redirectFlag}'</script>\n";
exit;
case "page":
echo "<script type='text/javascript'>document.location.href='" . e_HTTP . "page.php?{$redirectFlag}'</script>\n";
exit;
case 'user':
echo "<script type='text/javascript'>document.location.href='" . e107::getUrl()->create('user/profile/view', 'id=' . $redirectFlag) . "'</script>\n";
exit;
}
// Check plugin e_comment.php files
$plugin_redir = false;
$e_comment = $cobj->get_e_comment();
if ($table == $e_comment[$table]['eplug_comment_ids']) {
$plugin_redir = TRUE;
$reply_location = str_replace('{NID}', $redirectFlag, $e_comment[$table]['reply_location']);
}
if ($plugin_redir) {
echo "<script type='text/javascript'>document.location.href='{$reply_location}'</script>\n";
exit;
}
// No redirect found if we get here.
}
$comment_ob_start = FALSE;
if ($action == "reply") {
if (!$pref['nested_comments']) {
header('Location: ' . e_BASE . 'comment.php?comment.{$table}.{$nid}');
exit;
function verify_sql_record()
{
global $emessage, $sql, $sql2, $sql3, $frm, $e107, $tp;
$sql = e107::getDb();
$sql2 = e107::getDb('sql2');
$sql3 = e107::getDb('sql3');
$tables = array();
$tables[] = 'rate';
$tables[] = 'comments';
if (isset($_POST['delete_verify_sql_record'])) {
if (!varset($_POST['del_dbrec'])) {
$emessage->add('Nothing to delete', E_MESSAGE_DEBUG);
} else {
$msg = "ok, so you want to delete some records? not a problem at all!<br />";
$msg .= "but, since this is still an experimental procedure, i won't actually delete anything<br />";
$msg .= "instead, i will show you the queries that would be performed<br />";
$text .= "<br />";
$emessage->add($msg, E_MESSAGE_DEBUG);
foreach ($_POST['del_dbrec'] as $k => $v) {
if ($k == 'rate') {
$keys = implode(", ", array_keys($v));
$qry .= "DELETE * FROM rate WHERE rate_id IN (" . $keys . ")<br />";
} elseif ($k == 'comments') {
$keys = implode(", ", array_keys($v));
$qry .= "DELETE * FROM comments WHERE comment_id IN (" . $keys . ")<br />";
}
}
$emessage->add($qry, E_MESSAGE_DEBUG);
$emessage->add("<a href='" . e_SELF . "'>" . LAN_BACK . "</a>", E_MESSAGE_DEBUG);
}
}
//Nothing selected
if (isset($_POST['check_verify_sql_record']) && (!isset($_POST['table_rate']) && !isset($_POST['table_comments']))) {
$_POST['check_verify_sql_record'] = '';
unset($_POST['check_verify_sql_record']);
$emessage->add(DBLAN_53, E_MESSAGE_WARNING);
}
if (!isset($_POST['check_verify_sql_record'])) {
//select table to verify
$text = "\n\t\t\t<form method='post' action='" . e_SELF . "'>\n\t\t\t\t<fieldset id='core-db-verify-sql-tables'>\n\t\t\t\t\t<legend class='e-hideme'>" . DBLAN_39 . "</legend>\n\t\t\t\t\t<table class='table adminlist'>\n\t\t\t\t\t\t<colgroup>\n\t\t\t\t\t\t\t<col style='width: 100%' />\n\t\t\t\t\t\t</colgroup>\n\t\t\t\t\t\t<thead>\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<th class='last'>" . DBLAN_37 . "</th>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t</thead>\n\t\t\t\t\t\t<tbody>\n\t\t";
foreach ($tables as $t) {
$text .= "\n\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\t\t" . $frm->checkbox('table_' . $t, $t) . $frm->label($t, 'table_' . $t, $t) . "\n\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t";
}
$text .= "\n\t\t\t\t\t\t</tbody>\n\t\t\t\t\t</table>\n\t\t\t\t\t<div class='buttons-bar center'>\n\t\t\t\t\t\t" . $frm->admin_button('check_verify_sql_record', DBLAN_38) . "\n\t\t\t\t\t\t" . $frm->admin_button('back', LAN_BACK, 'back') . "\n\t\t\t\t\t</div>\n\t\t\t\t</fieldset>\n\t\t\t</form>\n\t\t";
$e107->ns->tablerender(DBLAN_10 . ' - ' . DBLAN_39, $emessage->render() . $text);
} else {
//function to sort the results
function verify_sql_record_cmp($a, $b)
{
$orderby = array('type' => 'asc', 'itemid' => 'asc');
$result = 0;
foreach ($orderby as $key => $value) {
if ($a[$key] == $b[$key]) {
continue;
}
$result = $a[$key] < $b[$key] ? -1 : 1;
if ($value == 'desc') {
$result = -$result;
}
break;
}
return $result;
}
//function to display the results
//$err holds the error data
//$ctype holds the tablename
function verify_sql_record_displayresult($err, $ctype)
{
global $frm;
usort($err, 'verify_sql_record_cmp');
$text = "\n\n\t\t\t\t\t<fieldset id='core-core-db-verify-sql-records-{$ctype}'>\n\t\t\t\t\t\t<legend>" . DBLAN_40 . " " . $ctype . "</legend>\n\t\t\t\t\t\t<table class='table adminlist'>\n\t\t\t\t\t\t\t<colgroup>\n\t\t\t\t\t\t\t\t<col style='width: 20%' />\n\t\t\t\t\t\t\t\t<col style='width: 10%' />\n\t\t\t\t\t\t\t\t<col style='width: 50%' />\n\t\t\t\t\t\t\t\t<col style='width: 20%' />\n\t\t\t\t\t\t\t</colgroup>\n\t\t\t\t\t\t\t<thead>\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<th>" . DBLAN_41 . "</th>\n\t\t\t\t\t\t\t\t\t<th>" . DBLAN_42 . "</th>\n\t\t\t\t\t\t\t\t\t<th>" . DBLAN_43 . "</th>\n\t\t\t\t\t\t\t\t\t<th class='center last'>" . LAN_OPTIONS . "</th>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</thead>\n\t\t\t\t\t\t\t<tbody>\n\t\t\t";
if (is_array($err) && !empty($err)) {
foreach ($err as $k => $v) {
$delkey = $v['sqlid'];
$text .= "\n\t\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t\t<td>{$v['type']}</td>\n\t\t\t\t\t\t\t\t\t\t<td>{$v['itemid']}</td>\n\t\t\t\t\t\t\t\t\t\t<td>" . ($v['table_exist'] ? DBLAN_45 : DBLAN_46) . "</td>\n\t\t\t\t\t\t\t\t\t\t<td class='center'>\n\t\t\t\t\t\t\t\t\t\t\t" . $frm->checkbox('del_dbrec[' . $ctype . '][' . $delkey . '][]', '1') . $frm->label(LAN_DELETE, 'del_dbrec[' . $ctype . '][' . $delkey . '][]', '1') . "\n\t\t\t\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t";
}
} else {
$text .= "\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td colspan='4'>{$err}</td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t";
}
$text .= "\n\t\t\t\t\t\t\t</tbody>\n\t\t\t\t\t\t</table>\n\t\t\t\t\t</fieldset>\n\t\t\t";
return $text;
}
function verify_sql_record_gettables()
{
global $sql2;
//array which will hold all db tables
$dbtables = array();
//get all tables in the db
$sql2->db_Select_gen("SHOW TABLES");
while ($row2 = $sql2->db_Fetch()) {
$dbtables[] = $row2[0];
}
return $dbtables;
}
$text = "<form method='post' action='" . e_SELF . (e_QUERY ? '?' . e_QUERY : '') . "'>";
//validate rate table records
if (isset($_POST['table_rate'])) {
$query = "\n\t\t\tSELECT r.*\n\t\t\tFROM #rate AS r\n\t\t\tWHERE r.rate_id!=''\n\t\t\tORDER BY r.rate_table, r.rate_itemid";
$data = array('type' => 'rate', 'table' => 'rate_table', 'itemid' => 'rate_itemid', 'id' => 'rate_id');
if (!$sql->db_Select_gen($query)) {
$text .= verify_sql_record_displayresult(DBLAN_49, $data['type']);
} else {
//the master error array
$err = array();
//array which will hold all db tables
$dbtables = verify_sql_record_gettables();
while ($row = $sql->db_Fetch()) {
$ctype = $data['type'];
$cid = $row[$data['id']];
$citemid = $row[$data['itemid']];
$ctable = $row[$data['table']];
//if the rate_table is an existing table, we need to do more validation
//else if the rate_table is not an existing table, this is an invalid reference
//FIXME Steve: table is never found without MPREFIX; Multi-language tables?
if (in_array(MPREFIX . $ctable, $dbtables)) {
$sql3->db_Select_gen("SHOW COLUMNS FROM " . MPREFIX . $ctable);
while ($row3 = $sql3->db_Fetch()) {
//find the auto_increment field, since that's the most likely key used
if ($row3['Extra'] == 'auto_increment') {
$aif = $row3['Field'];
break;
}
}
//we need to check if the itemid (still) exists in this table
//if the record is not found, this could well be an obsolete record
//if the record is found, we need to keep this record since it's a valid reference
if (!$sql2->db_Select("{$ctable}", "*", "{$aif}='{$citemid}' ORDER BY {$aif} ")) {
$err[] = array('type' => $ctable, 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
} else {
$err[] = array('type' => $ctable, 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => FALSE);
}
}
$text .= verify_sql_record_displayresult($err ? $err : DBLAN_54, $ctype);
}
}
//validate comments table records
if (isset($_POST['table_comments'])) {
$query = "\n\t\t\tSELECT c.*\n\t\t\tFROM #comments AS c\n\t\t\tWHERE c.comment_id!=''\n\t\t\tORDER BY c.comment_type, c.comment_item_id";
$data = array('type' => 'comments', 'table' => 'comment_type', 'itemid' => 'comment_item_id', 'id' => 'comment_id');
if (!$sql->db_Select_gen($query)) {
$text .= verify_sql_record_displayresult(DBLAN_49, $data['type']);
} else {
//the master error array
$err = array();
//array which will hold all db tables
$dbtables = verify_sql_record_gettables();
//get all e_comment files and variables
require_once e_HANDLER . "comment_class.php";
$cobj = new comment();
$e_comment = $cobj->get_e_comment();
while ($row = $sql->db_Fetch()) {
$ctype = $data['type'];
$cid = $row[$data['id']];
$citemid = $row[$data['itemid']];
$ctable = $row[$data['table']];
//for each comment we need to validate the referencing record exists
//we need to check if the itemid (still) exists in this table
//if the record is not found, this could well be an obsolete record
//if the record is found, we need to keep this record since it's a valid reference
// news
if ($ctable == "0") {
if (!$sql2->db_Select("news", "*", "news_id='{$citemid}' ")) {
$err[] = array('type' => 'news', 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
// article, review or content page
} elseif ($ctable == "1") {
// downloads
} elseif ($ctable == "2") {
if (!$sql2->db_Select("download", "*", "download_id='{$citemid}' ")) {
$err[] = array('type' => 'download', 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
// poll
} elseif ($ctable == "4") {
if (!$sql2->db_Select("polls", "*", "poll_id='{$citemid}' ")) {
$err[] = array('type' => 'polls', 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
// userprofile
} elseif ($ctable == "profile") {
if (!$sql2->db_Select("user", "*", "user_id='{$citemid}' ")) {
$err[] = array('type' => 'user', 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
//else if this is a plugin comment
} elseif (isset($e_comment[$ctable]) && is_array($e_comment[$ctable])) {
$var = $e_comment[$ctable];
$qryp = '';
//new method must use the 'qry' variable
if (isset($var) && $var['qry'] != '') {
if ($installed = $sql2->db_Select("plugin", "*", "plugin_path = '" . $var['plugin_path'] . "' AND plugin_installflag = '1' ")) {
$qryp = str_replace("{NID}", $citemid, $var['qry']);
if (!$sql2->db_Select_gen($qryp)) {
$err[] = array('type' => $ctable, 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
}
//old method
} else {
if (!$sql2->db_Select($var['db_table'], $var['db_title'], $var['db_id'] . " = '{$citemid}' ")) {
$err[] = array('type' => $ctable, 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => TRUE);
}
}
//in all other cases
} else {
$err[] = array('type' => $ctable, 'sqlid' => $cid, 'table' => $ctable, 'itemid' => $citemid, 'table_exist' => FALSE);
}
}
$text .= verify_sql_record_displayresult($err ? $err : DBLAN_54, $ctype);
}
}
$text .= "\n\t\t\t\t<div class='buttons-bar center'>\n\t\t\t\t\t" . $frm->admin_button('delete_verify_sql_record', LAN_DELCHECKED, 'delete') . "\n\t\t\t\t\t" . $frm->admin_button('verify_sql_record', LAN_BACK, 'back') . "\n\n\t\t\t\t</div>\n\t\t\t</form>\n\t\t";
$e107->ns->tablerender(DBLAN_10 . ' - ' . DBLAN_50, $emessage->render() . $text);
}
}
