function ProcessCommand($GETCommand, $POSTCommand = null, $RequiresSession = false, $Permission = 0, $Parameters = null) { /*///////////////////////////////////////////////////////////// Author: Plottery Corp. Created: v1.0.0 - 2009-06-12 Revisions: None Purpose: Checks current query string and POST data and redirects based on provided criteria Returns: Nothing */ ///////////////////////////////////////////////////////////// global $UserID; global $UserFlags; global $SessionID; global $SignInFunction; global $BadCommandFunction; global $Response; if ($RequiresSession && $SessionID == 0) { $Response->J = 'RstVar(); F5();'; $Response->Send(); /* if (!CheckFunction($SignInFunction)) { GlobalFail('E1000 - Signin function is not properly configured.'); } call_user_func($SignInFunction, $_SERVER['QUERY_STRING']); return; */ } if ($Permission > 0) { if ($UserID == 0 || ($UserFlags & $Permission) != $Permission) { /* if (!CheckFunction($SignInFunction)) { GlobalFail('E1000 - Signin function is not properly configured.'); } call_user_func($SignInFunction, $_SERVER['QUERY_STRING']); return; */ $Response->J = 'F5();'; $Response->Send(); } } if ($_SERVER['REQUEST_METHOD'] == 'POST') { if (!CheckFunction($POSTCommand)) { GlobalFail('E1004 - Function specified in POSTCommand is invalid.'); } $Command = $POSTCommand; } else { if (!CheckFunction($GETCommand)) { GlobalFail('E1006 - Function specified in GETCommand is invalid.'); } $Command = $GETCommand; } if (is_null($Parameters)) { call_user_func($Command); } else { call_user_func($Command, $Parameters); } }
function OpenDB() { /*///////////////////////////////////////////////////////////// Author: Plottery Corp. Created: v1.0.0 - 2009-07-07 Revisions: None Purpose: Opens the database Returns: Nothing */ ///////////////////////////////////////////////////////////// global $DBConnection; $DBConnection = mysql_connect('localhost', 'root', 'XXX') or GlobalFail('E1015 - Unable to connect to database.'); mysql_set_charset('utf8', $DBConnection); mysql_select_db("dealplotter", $DBConnection) or GlobalFail('E1016 - Unable to select database.'); }
function Pacify($String, $Strip = false) { /*///////////////////////////////////////////////////////////// Author: Plottery Corp. Created: v1.0.0 - 2009-08-04 Revisions: None Purpose: Cleans up a string to prevent injection/corruption Returns: Secured string */ ///////////////////////////////////////////////////////////// if (function_exists("mysql_real_escape_string")) { if ($Strip) { return trim(mysql_real_escape_string(stripslashes($String))); } return trim(mysql_real_escape_string($String)); } else { GlobalFail('E1022 - Critical security libraries missing.'); } }