function getChapter($chapter_id) { assert(sectionExists($chapter_id)); global $database; $sql = $database->prepare('SELECT title, filename, number FROM sections WHERE number = :number'); $sql->bindParam(':number', $chapter_id); if ($sql->execute()) { return $sql->fetch(); } return ''; }
<?php require "../includes/include.php"; if (is_numeric($_POST["id"]) && intval($_POST["id"]) > 0 && !empty($_POST["name"])) { $sqlite = new SQLite3($db_str, SQLITE3_OPEN_READWRITE); $id = intval($_POST["id"]); $name = $_POST["name"]; $container = is_numeric($_POST["container"]) && intval($_POST["container"]) > 0 ? intval($_POST["container"]) : null; $position = is_numeric($_POST["position"]) && intval($_POST["position"]) > 0 ? intval($_POST["position"]) : 1; $section = findSectionById($id); if ($section !== false && sectionExists($container) && hack($container, $position, $section)) { $update = $sqlite->prepare("update sections set s_name=:name,s_container=:container,s_position=:position,s_updated=current_timestamp where s_id=:id"); $update->bindValue("name", $name, SQLITE3_TEXT); $update->bindValue("container", $container, SQLITE3_INTEGER); $update->bindValue("position", $position, SQLITE3_INTEGER); $update->bindValue("id", $id, SQLITE3_INTEGER); if ($update->execute() !== false) { $source = true; if ($section["container"] !== $container) { $source = sortSection($section["container"]); } $result = ["update" => $section, "success" => true, "message" => date("Y-m-d H:i:s"), "target" => findSectionById($id), "anchor" => "s{$id}"]; if (!$source) { $result["warning"] = "Section " . $section["container"] . " is corrupted"; } } else { $result = ["update" => $section, "success" => false, "message" => "Unable to execute query", "target" => ["name" => $name, "container" => $container, "position" => $position]]; } $update->close(); } else { if ($section === false) {
<?php require "../includes/include.php"; if (!empty($_POST["url"]) && is_numeric($_POST["section"]) && intval($_POST["section"]) > 0) { $sqlite = new SQLite3($db_str, SQLITE3_OPEN_READWRITE); $url = $_POST["url"]; $comment = $_POST["comment"]; $section = is_numeric($_POST["section"]) && intval($_POST["section"]) > 0 ? intval($_POST["section"]) : null; if (sectionExists($section)) { $insert = $sqlite->prepare("insert into links (l_url,l_comment,l_section) values (:url,:comment,:section)"); $insert->bindValue("url", $url, SQLITE3_TEXT); $insert->bindValue("comment", $comment, SQLITE3_TEXT); $insert->bindValue("section", $section, SQLITE3_INTEGER); if ($insert->execute() !== false) { $id = $sqlite->querySingle("select l_id from links where rowid=" . $sqlite->lastInsertRowId()); $result = ["insert" => findLinkById($id), "success" => true, "message" => date("Y-m-d H:i:s"), "anchor" => "s{$section}"]; } else { $result = ["insert" => ["url" => $url, "comment" => $comment, "section" => $section], "success" => false, "message" => "Unable to execute query", "anchor" => "s{$section}"]; } $insert->close(); } else { $result = ["insert" => ["url" => $url, "comment" => $comment, "section" => $section], "success" => false, "message" => "Section {$section} not found"]; } $sqlite->close(); } else { $result = ["insert" => $_POST, "success" => false, "message" => "Bad request"]; } print json_encode($result);
private function printNavigation($displayTitle = true) { $value = ""; $value .= "<p class='navigation'>"; // back if (sectionExists(intval($this->chapter["number"]) - 1)) { $previousChapter = getChapter(intval($this->chapter["number"]) - 1); if ($displayTitle) { $value .= "<span class='left'><a href='" . href("chapter/" . (intval($this->chapter["number"]) - 1)) . "'>"; $value .= "<< Chapter " . (intval($this->chapter["number"]) - 1) . ": " . parseAccents($previousChapter["title"]); } else { $value .= "<span class='left'><a href='" . href("chapter/" . (intval($this->chapter["number"]) - 1)) . "' title='Chapter " . $previousChapter["number"] . ": " . parseAccents($previousChapter["title"]) . "'>"; $value .= "<< Previous chapter"; } $value .= "</a></span>"; } // forward if (sectionExists(intval($this->chapter["number"]) + 1)) { $nextChapter = getChapter(intval($this->chapter["number"]) + 1); if ($displayTitle) { $value .= "<span class='right'><a href='" . href("chapter/" . (intval($this->chapter["number"]) + 1)) . "'>"; $value .= "Chapter " . (intval($this->chapter["number"]) + 1) . ": " . parseAccents($nextChapter["title"]) . " >>"; } else { $value .= "<span class='right'><a href='" . href("chapter/" . (intval($this->chapter["number"]) + 1)) . "' title='Chapter " . $nextChapter["number"] . ": " . parseAccents($nextChapter["title"]) . "'>"; $value .= "Next chapter >>"; } $value .= "</a></span>"; } $value .= "</p>"; return $value; }
<?php require "../includes/include.php"; if (!empty($_POST["name"])) { $sqlite = new SQLite3($db_str, SQLITE3_OPEN_READWRITE); $name = $_POST["name"]; $container = is_numeric($_POST["container"]) && intval($_POST["container"]) > 0 ? intval($_POST["container"]) : null; $position = is_numeric($_POST["position"]) && intval($_POST["position"]) > 0 ? intval($_POST["position"]) : 1; if (sectionExists($container) && hack($container, $position)) { $insert = $sqlite->prepare("insert into sections(s_name,s_container,s_position) values(:name,:container,:position)"); $insert->bindValue("name", $name, SQLITE3_TEXT); $insert->bindValue("container", $container, SQLITE3_INTEGER); $insert->bindValue("position", $position, SQLITE3_INTEGER); if ($insert->execute() !== false) { $id = $sqlite->querySingle("select s_id from sections where rowid=" . $sqlite->lastInsertRowId()); $result = ["insert" => findSectionById($id), "success" => true, "message" => date("Y-m-d H:i:s"), "anchor" => "s{$id}"]; } else { $result = ["insert" => ["name" => $name, "container" => $container, "position" => $position], "success" => false, "message" => "Unable to execute query", "anchor" => "s" . ($container != null ? $container : "null")]; } $insert->close(); } else { $result = ["insert" => ["name" => $name, "container" => $container, "position" => $position], "success" => false, "message" => "Container {$container} not found or not accesible"]; } $sqlite->close(); } else { $result = ["insert" => $_POST, "success" => false, "message" => "Bad request"]; } print json_encode($result);
} else { $page = new NotFoundPage("<p>The bibliography item with the key <var>" . htmlentities($_GET["key"]) . "</var> does not exist."); } } else { $page = new BibliographyPage($database); } break; case "browse": $page = new BrowsePage($database); break; case "chapter": if (!is_numeric($_GET["chapter"]) or strstr($_GET["chapter"], ".") or intval($_GET["chapter"]) <= 0) { $page = new NotFoundPage("<p>The keys for a chapter should be (strictly) positive integers, but <var>" . htmlentities($_GET["chapter"]) . "</var> was provided."); break; } if (sectionExists($_GET["chapter"])) { $page = new ChapterPage($database, intval($_GET["chapter"])); } else { $page = new NotFoundPage("<p>The chapter with the key <var>" . htmlentities($_GET["chapter"]) . "</var> does not exist."); } break; case "contribute": $page = new ContributePage($database); break; case "index": $page = new IndexPage($database); break; case "history": if (!empty($_GET["tag"])) { $tag = strtoupper($_GET['tag']); if (!isValidTag($tag)) {
<?php require "../includes/include.php"; if (is_numeric($_POST["id"]) && intval($_POST["id"]) > 0 && !empty($_POST["url"]) && is_numeric($_POST["section"]) && intval($_POST["section"]) > 0) { $sqlite = new SQLite3($db_str, SQLITE3_OPEN_READWRITE); $id = intval($_POST["id"]); $url = $_POST["url"]; $comment = $_POST["comment"]; $section = intval($_POST["section"]); $link = findLinkById($id); if ($link !== false && sectionExists($section)) { $update = $sqlite->prepare("update links set l_url=:url,l_comment=:comment,l_section=:section,l_updated=current_timestamp,l_accessed=current_timestamp where l_id=:id"); $update->bindValue("id", $id, SQLITE3_INTEGER); $update->bindValue("url", $url, SQLITE3_TEXT); $update->bindValue("comment", $comment, SQLITE3_TEXT); $update->bindValue("section", $section, SQLITE3_INTEGER); if ($update->execute() !== false) { $result = ["update" => $link, "success" => true, "message" => date("Y-m-d H:i:s"), "target" => findLinkById($id), "anchor" => "s" . $link["section"]]; } else { $result = ["update" => $link, "success" => false, "message" => "Unable to execute query", "target" => ["url" => $url, "comment" => $comment, "section" => $section], "anchor" => "s" . $link["section"]]; } $update->close(); } else { $result = ["success" => false, "target" => ["url" => $url, "comment" => $comment, "section" => $section]]; if ($link === false) { $result["update"] = id; $result["message"] = "Identifier {$id} not found"; } else { $result["update"] = $link; $result["message"] = "Section {$section} not found"; $result["anchor"] = "s" . ($link["section"] != null ? $link["section"] : "null");