function find_extension($wantname) { $sql = 'select extname from alextreg_extensions where (1=1)'; if (!is_authorized_vendor()) { $sql .= " and (public=1)"; } if ($wantname) { $sqlwantname = db_escape_string($wantname); $sql .= " and (extname='{$sqlwantname}')"; } // if $sql .= ' order by extname'; $query = do_dbquery($sql); if ($query == false) { return; } else { render_extension_list($wantname, $query); } db_free_result($query); }
function op_renameext() { if (!welcome_here()) { return; } if (!get_input_string('newval', 'new extension name', $newval)) { return; } if (!get_input_string('extname', 'extension name', $extname)) { return; } if (!get_input_int('extid', 'extension id', $extid)) { return; } $sqlnewval = db_escape_string($newval); $sql = "select * from alextreg_extensions where extname='{$sqlnewval}'"; $query = do_dbquery($sql); if ($query == false) { return; } // error output is handled in database.php ... if (db_num_rows($query) > 0) { write_error('The new extension name is in use. Below is what a search turned up.'); render_extension_list($extname, $query); db_free_result($query); return; } // if db_free_result($query); // Just a small sanity check. $cookie = $_REQUEST['iamsure']; if (!empty($cookie) and $cookie == $_SERVER['REMOTE_ADDR']) { $sqlauthor = db_escape_string($_SERVER['REMOTE_USER']); // ok, nuke it. $sql = "update alextreg_extensions set extname='{$sqlnewval}'," . " lastedit=NOW(), lasteditauthor='{$sqlauthor}' where id={$extid}"; if (do_dbupdate($sql) == 1) { update_papertrail("Extension '{$extname}' renamed to '{$newval}'", $sql, NULL); do_showext($newval); } // if } else { $form = get_form_tag(); $htmlnewval = htmlentities($newval, ENT_QUOTES); $htmlextname = htmlentities($extname, ENT_QUOTES); echo "About to rename an extension named '{$htmlextname}' to '{$htmlnewval}'.<br>\n"; echo "...if you're sure, click 'Confirm'...<br>\n"; echo "{$form}\n"; echo "<input type='hidden' name='iamsure' value='{$_SERVER['REMOTE_ADDR']}'>\n"; echo "<input type='hidden' name='extid' value='{$extid}'>\n"; echo "<input type='hidden' name='newval' value='{$htmlnewval}'>\n"; echo "<input type='hidden' name='extname' value='{$htmlextname}'>\n"; echo "<input type='hidden' name='operation' value='op_renameext'>\n"; echo "<input type='submit' name='form_submit' value='Confirm'>\n"; echo "</form>\n"; } // else }