function _copyFile($chmod) { $matched = array(); if (!preg_match("/\\.([a-zA-Z0-9]+)\$/", $this->mediaName, $matched)) { $this->setErrors(_ER_UP_INVALIDFILENAME); return false; } if (isset($this->targetFileName)) { $this->savedFileName = $this->targetFileName; } else { if (isset($this->prefix)) { $this->savedFileName = uniqid($this->prefix) . '.' . strtolower($matched[1]); } else { $this->savedFileName = strtolower($this->mediaName); } } $fdata = pathinfo($this->savedFileName); $this->savedFileName = TextCleaner::sweetstring($fdata['filename']) . ($fdata['extension'] != '' ? '.' . $fdata['extension'] : ''); $fdata = pathinfo($this->savedFileName); if (file_exists($this->uploadDir . '/' . $this->savedFileName)) { $num = 1; while (file_exists($this->uploadDir . '/' . $this->savedFileName)) { $this->savedFileName = $fdata['filename'] . '-' . $num . ($fdata['extension'] != '' ? '.' . $fdata['extension'] : ''); $num++; } } $this->savedDestination = $this->uploadDir . '/' . $this->savedFileName; if (!move_uploaded_file($this->mediaTmpName, $this->savedDestination)) { $this->setErrors(sprintf(_ER_UP_FAILEDSAVEFILE, $this->savedDestination)); return false; } // Check IE XSS before returning success $ext = strtolower(substr(strrchr($this->savedDestination, '.'), 1)); if (in_array($ext, $this->imageExtensions)) { $info = @getimagesize($this->savedDestination); if ($info === false || $this->imageExtensions[(int) $info[2]] != $ext) { $this->setErrors(_ER_UP_SUSPICIOUSREFUSED); @unlink($this->savedDestination); return false; } } @chmod($this->savedDestination, $chmod); return true; }
/** * Agregamos nuevos editores a la base de datos */ function save_editor($edit = false) { global $xoopsConfig, $xoopsSecurity; $page = rmc_server_var($_POST, 'page', 1); if (!$xoopsSecurity->check()) { redirectMsg('editors.php?page=' . $page, __('Operation not allowed!', 'mywords'), 1); die; } if ($edit) { $id = rmc_server_var($_POST, 'id', 0); if ($id <= 0) { redirectMsg('editors.php?page=' . $page, __('Editor ID has not been provided!', 'mywords'), 1); die; } $editor = new MWEditor($id); if ($editor->isNew()) { redirectMsg('editors.php?page=' . $page, __('Editor has not been found!', 'mywords'), 1); die; } } else { $editor = new MWEditor(); } $name = rmc_server_var($_POST, 'name', ''); $bio = rmc_server_var($_POST, 'bio', ''); $uid = rmc_server_var($_POST, 'new_user', 0); $perms = rmc_server_var($_POST, 'perms', array()); $short = rmc_server_var($_POST, 'short', ''); if (trim($name) == '') { redirectMsg('editors.php?page=' . $page, __('You must provide a display name for this editor!', 'mywords'), 1); die; } if ($uid <= 0) { redirectMsg('editors.php?page=' . $page, __('You must specify a registered user ID for this editor!', 'mywords'), 1); die; } // Check if XoopsUser is already register $db = XoopsDatabaseFactory::getDatabaseConnection(); $sql = "SELECT COUNT(*) FROM " . $db->prefix("mw_editors") . " WHERE uid={$uid}"; if ($edit) { $sql .= " AND id_editor<>" . $editor->id(); } list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg('editors.php?page=' . $page, __('This user has been registered as editor before.', 'mywords'), 1); die; } $editor->setVar('name', $name); $editor->setVar('shortname', TextCleaner::sweetstring($short != '' ? $short : $name)); $editor->setVar('bio', $bio); $editor->setVar('uid', $uid); $editor->setVar('privileges', $perms); if (!$editor->save()) { redirectMsg('editors.php?page=' . $page, __('Errors occurs while trying to save editor data', 'mywords') . '<br />' . $editor->errors(), 1); die; } else { redirectMsg('editors.php?page=' . $page, __('Database updated succesfully!', 'mywords'), 0); die; } }
function clonePage() { $id = rmc_server_var($_GET, 'id', 0); $page = new QPPage($id); if ($page->isNew()) { redirectMsg('pages.php', __('Specified page does not exists!', 'qpages'), 1); die; } $page->setNew(); $page->setTitle($page->getTitle() . ' [cloned]'); $page->setFriendTitle(TextCleaner::sweetstring($page->getTitle())); if (!$page->save()) { redirectMsg('pages.php', __('Page could not be cloned!', 'qpages'), 1); die; } redirectMsg('pages.php?op=edit&id=' . $page->getID(), __('Page cloned successfully!', 'qpages'), 0); }
/** * Add tags to database * @param string|array Tags names * @return array Tags saved ID */ public function add_tags($tags) { if (!is_array($tags)) { $tags = array($tags); } if (empty($tags)) { return; } $db = XoopsDatabaseFactory::getDatabaseConnection(); $sql = "SELECT id_tag, shortname FROM " . $db->prefix('mw_tags') . " WHERE "; $sa = ''; foreach ($tags as $tag) { $sa .= $sa == '' ? "shortname='" . TextCleaner::sweetstring($tag) . "'" : " OR shortname='" . TextCleaner::sweetstring($tag) . "'"; } $result = $db->query($sql . $sa); $existing = array(); $ids = array(); while ($row = $db->fetchArray($result)) { $existing[$row['shortname']] = $row['id_tag']; $ids[] = $row['id_tag']; } $sa = ''; foreach ($tags as $tag) { if ($tag == '') { continue; } $short = TextCleaner::sweetstring($tag); if (isset($existing[$short])) { continue; } $sql = "INSERT INTO " . $db->prefix("mw_tags") . " (`tag`,`shortname`,`posts`) VALUES ('{$tag}','{$short}','0')"; if ($db->queryF($sql)) { $ids[] = $db->getInsertId(); } } return empty($ids) ? array() : $ids; }
function saveCategory($edit = 0) { global $db, $mc, $xoopsSecurity; foreach ($_POST as $k => $v) { ${$k} = $v; } if (!$xoopsSecurity->check()) { redirectMsg('./categos.php?op=' . ($edit ? 'edit&id=' . $id : 'new'), __('Session token expired!', 'works'), 1); die; } if ($edit) { //Verificamos si la categoría es válida if ($id <= 0) { redirectMsg('./categos.php?op=edit&id=' . $id, __('Wrong category ID!', 'works'), 1); die; } //Verificamos si la categoría existe $cat = new PWCategory($id); if ($cat->isNew()) { redirectMsg('./categos.php?op=edit&id=' . $id, __('Specified category does not exists!', 'works'), 1); die; } //Verificamos el nombre de la categoría $sql = "SELECT COUNT(*) FROM " . $db->prefix('pw_categos') . " WHERE name='{$name}' AND id_cat<>'{$id}'"; list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg('./categos.php?op=edit&id=' . $id, __('A category with same name already exists!', 'works'), 1); die; } if ($nameid) { $sql = "SELECT COUNT(*) FROM " . $db->prefix('pw_categos') . " WHERE nameid='{$nameid}' AND id_cat<>'" . $id . "'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { redirectMsg('./categos.php?op=edit&id=' . $id, __('There are already a category with same name id!', 'works'), 1); die; } } } else { $cat = new PWCategory(); } //Genera $nameid Nombre identificador $found = false; $i = 0; if ($name != $cat->name() || empty($nameid)) { do { $nameid = TextCleaner::sweetstring($name) . ($found ? $i : ''); $sql = "SELECT COUNT(*) FROM " . $db->prefix('pw_categos') . " WHERE nameid = '{$nameid}'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { $found = true; $i++; } else { $found = false; } } while ($found == true); } $cat->setName($name); $cat->setDesc($desc); $cat->setOrder($order); $cat->setActive($active); $cat->setNameId($nameid); $cat->isNew() ? $cat->setCreated(time()) : ''; $cat = RMEvents::get()->run_event('works.save.category', $cat); if (!$cat->save()) { redirectMsg('./categos.php', __('Errors ocurred while trying to update database!', 'works') . '<br />' . $cat->errors(), 1); die; } else { redirectMsg($return != '' ? XOOPS_URL . '/modules/works/' . urldecode($return) : './categos.php', __('Database updated successfully!', 'works'), 0); die; } }
global $xoopsLogger; $xoopsLogger->renderingEnabled = false; error_reporting(0); $xoopsLogger->activated = false; extract($_POST); if (!$xoopsSecurity->check() || !$xoopsSecurity->checkReferer()) { $ret = array('error' => __('You are not allowed to do this operation!', 'mywords')); echo json_encode($ret); die; } if (!isset($name) || $name == '') { $ret = array('error' => __('A name is neccesary to create a new category!', 'mywords'), 'token' => $xoopsSecurity->createToken()); echo json_encode($ret); die; } $catego = new MWCategory(); $catego->setVar('name', $name); $catego->setVar('shortname', TextCleaner::sweetstring($name)); $catego->setVar('parent', $parent); if (MWFunctions::category_exists($catego)) { $ret = array('error' => __('There is already a category with same name!', 'mywords'), 'token' => $xoopsSecurity->createToken()); echo json_encode($ret); die; } if (!$catego->save()) { $ret = array('error' => __('Category could not inserted!', 'mywords') . "\n" . $catego->errors(), 'token' => $xoopsSecurity->createToken()); echo json_encode($ret); die; } $ret = array('message' => __('Category created successfully!', 'mywords'), 'token' => $xoopsSecurity->createToken(), 'id' => $catego->id()); echo json_encode($ret);
/** * Save a new tag or update an existing tag * @param bool Save or edit */ function save_tag($edit = false) { global $xoopsConfig, $xoopsSecurity; $page = rmc_server_var($_POST, 'page', 1); if (!$xoopsSecurity->check()) { redirectMsg('tags.php?page=' . $page, __('Operation not allowed!', 'mywords'), 1); die; } $name = rmc_server_var($_POST, 'name', ''); $short = rmc_server_var($_POST, 'short', ''); if ($name == '') { redirectMsg('tags.php?page=' . $page, __('You must provide a name!', 'mywords'), 1); die; } if ($edit) { $id = rmc_server_var($_POST, 'id', 0); if ($id <= 0) { redirectMsg('tags.php?page=' . $page, __('Tag id not provided!', 'mywords'), 1); die; } $tag = new MWTag($id); if ($tag->isNew()) { redirectMsg('tags.php?page=' . $page, __('Tag does not exists!', 'mywords'), 1); die; } } else { $tag = new MWTag(); } if (trim($short) == '') { $short = TextCleaner::sweetstring($name); } else { $short = TextCleaner::sweetstring($short); } // Check if tag exists $db = XoopsDatabaseFactory::getDatabaseConnection(); if ($edit) { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_tags") . " WHERE (tag='{$name}' OR shortname='{$short}') AND id_tag<>{$id}"; } else { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mod_mywords_tags") . " WHERE tag='{$name}' OR shortname='{$short}'"; } list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg('tags.php?page=' . $page, __('A tag with same name or same short name already exists!', 'mywords'), 1); die; } $tag->setVar('tag', $name); $tag->setVar('shortname', $short); if ($tag->save()) { redirectMsg('tags.php', __('Database updated successfully!', 'mywords'), 0); die; } else { redirectMsg('tags.php?page=' . $page, __('A problem occurs while trying to save tag.', 'mywords') . '<br />' . $tag->errors(), 1); die; } }
/** * Save a new or edited category */ function m_save_category($edit = 0) { global $xoopsSecurity; foreach ($_POST as $k => $v) { ${$k} = $v; } if (!$xoopsSecurity->check()) { redirectMsg('./categories.php?action=' . ($edit ? 'edit&id=' . $id : 'new'), __('Session token expired!', 'match'), 1); die; } $db = XoopsDatabaseFactory::getDatabaseConnection(); if ($edit) { //Verificamos si la categoría es válida if ($id <= 0) { redirectMsg('./categories.php?action=edit&id=' . $id, __('Wrong category ID!', 'match'), 1); die; } //Verificamos si la categoría existe $cat = new MCHCategory($id); if ($cat->isNew()) { redirectMsg('./categories.php?action=edit&id=' . $id, __('Specified category does not exists!', 'match'), 1); die; } //Verificamos el nombre de la categoría $sql = "SELECT COUNT(*) FROM " . $db->prefix('mch_categories') . " WHERE name='{$name}' AND id_cat<>'{$id}'"; list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg('./categories.php?action=edit&id=' . $id, __('A category with same name already exists!', 'match'), 1); die; } if ($nameid) { $sql = "SELECT COUNT(*) FROM " . $db->prefix('mch_categories') . " WHERE nameid='{$nameid}' AND id_cat<>'" . $id . "'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { redirectMsg('./categories.php?action=edit&id=' . $id, __('There are already a category with same name id!', 'match'), 1); die; } } } else { $cat = new MCHCategory(); } //Genera $nameid Nombre identificador $found = false; $i = 0; if ($name != $cat->getVar('name') || empty($nameid)) { do { $nameid = TextCleaner::sweetstring($name) . ($found ? $i : ''); $sql = "SELECT COUNT(*) FROM " . $db->prefix('mch_categories') . " WHERE nameid = '{$nameid}'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { $found = true; $i++; } else { $found = false; } } while ($found == true); } $cat->setVar('name', $name); $cat->setVar('description', $desc); $cat->setVar('active', $active); $cat->setVar('nameid', $nameid); $cat->setVar('parent', $parent); $cat = RMEvents::get()->run_event('match.save.category', $cat); if (!$cat->save()) { redirectMsg('./categories.php', __('Errors ocurred while trying to update database!', 'match') . '<br />' . $cat->errors(), 1); die; } else { redirectMsg('./categories.php', __('Database updated successfully!', 'match'), 0); die; } }
function m_save_team($edit = 0) { global $xoopsSecurity, $xoopsModuleConfig; $query = ''; foreach ($_POST as $k => $v) { ${$k} = $v; if ($k == 'XOOPS_TOKEN_REQUEST' || $k == 'action' || $k == 'sbt') { continue; } $query .= $query == '' ? "{$k}=" . urlencode($v) : "&{$k}=" . urlencode($v); } $action = $edit ? '?action=edit&id=' . $id : '?action=new&'; if (!$xoopsSecurity->check()) { redirectMsg('teams.php?action=' . ($edit ? 'edit&id=' . $id : 'new') . '&' . $query, __('Session token expired!', 'match'), 1); die; } if ($name == '' || $category <= 0) { redirectMsg('teams.php?action=' . ($edit ? 'edit&id=' . $id : 'new') . '&' . $query, __('Please fill all required data!', 'match'), 1); } if ($edit) { //Verificamos que el trabajo sea válido if ($id <= 0) { redirectMsg('./teams.php', __('Team ID not valid!', 'match'), 1); die; } //Verificamos que el trabajo exista $team = new MCHTeam($id); if ($team->isNew()) { redirectMsg('./teams.php', __('Specified team does not exists!', 'match'), 1); die; } } else { $team = new MCHTeam(); } $db = XoopsDatabaseFactory::getDatabaseConnection(); // Check if work exists already if ($edit) { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mch_teams") . " WHERE name='{$name}' and category='{$category}' and id_team<>'{$id}'"; } else { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mch_teams") . " WHERE name='{$name}' and category='{$category}'"; } list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg("teams.php" . $action . $query, __('A team with same name already exists!', 'match'), 1); die; } //Genera $nameid Nombre identificador $found = false; $i = 0; if ($name != $team->getVar('name') || empty($nameid)) { do { $nameid = TextCleaner::sweetstring($name) . ($found ? $i : ''); $sql = "SELECT COUNT(*) FROM " . $db->prefix('mch_teams') . " WHERE nameid = '{$nameid}'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { $found = true; $i++; } else { $found = false; } } while ($found == true); } $team->setVar('name', $name); $team->setVar('nameid', $nameid); $team->setVar('info', $info); $team->setVar('category', $category); $team->setVar('active', $active); $team->setVar('created', $created); //Logo include_once RMCPATH . '/class/uploader.php'; $folder = XOOPS_UPLOAD_PATH . '/teams'; if ($edit) { $image = $team->getVar('logo'); $filename = $team->getVar('logo'); } else { $filename = ''; } //Obtenemos el tamaño de la imagen $imgSize = $xoopsModuleConfig['logo_size']; $up = new RMFileUploader($folder, $xoopsModuleConfig['logo_file_size'] * 1024, array('jpg', 'png', 'gif')); if ($up->fetchMedia('logo')) { if (!$up->upload()) { redirectMsg('./teams.php' . $action . $query, $up->getErrors(), 1); die; } if ($edit && $team->getVar('logo') != '') { @unlink(XOOPS_UPLOAD_PATH . '/teams/' . $team->getVar('logo')); } $filename = $up->getSavedFileName(); $fullpath = $up->getSavedDestination(); // Redimensionamos la imagen $redim = new RMImageResizer($fullpath, $fullpath); //Redimensionar $redim->resizeWidth($imgSize); } $team->setVar('logo', $filename); if (!$team->save()) { redirectMsg('./teams.php' . $action . $query, __('Errors ocurred while trying to update database!', 'match') . $team->errors(), 1); die; } else { redirectMsg('./teams.php?id=' . $team->id(), __('Team saved successfully!', 'match'), 0); die; } }
function m_save_field($edit = 0) { global $xoopsModule, $xoopsModuleConfig, $xoopsSecurity; $query = ''; foreach ($_POST as $k => $v) { ${$k} = $v; if ($k == 'XOOPS_TOKEN_REQUEST' || $k == 'action' || $k == 'sbt') { continue; } $query .= $query == '' ? "{$k}=" . urlencode($v) : "&{$k}=" . urlencode($v); } $action = $edit ? '?action=edit&id=' . $id : '?action=new&'; if (!$xoopsSecurity->check()) { redirectMsg('fields.php?action=' . ($edit ? 'edit&id=' . $id : 'new') . '&' . $query, __('Session token expired!', 'match'), 1); die; } if ($name == '') { redirectMsg('fields.php?action=' . ($edit ? 'edit&id=' . $id : 'new') . '&' . $query, __('Please fill all required data!', 'match'), 1); } if ($edit) { if ($id <= 0) { redirectMsg('./fields.php', __('Field ID not valid!', 'match'), 1); die; } //Verificamos que el trabajo exista $field = new MCHField($id); if ($field->isNew()) { redirectMsg('./champ.php', __('Specified field does not exists!', 'match'), 1); die; } } else { $field = new MCHField(); } $db = XoopsDatabaseFactory::getDatabaseConnection(); // Check if work exists already if ($edit) { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mch_fields") . " WHERE name='{$name}' and id_field<>'{$id}'"; } else { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mch_fields") . " WHERE name='{$name}'"; } list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg("fields.php" . $action . $query, __('A field with same name already exists!', 'match'), 1); die; } //Genera $nameid Nombre identificador $found = false; $i = 0; if ($name != $field->getVar('name') || empty($nameid)) { do { $nameid = TextCleaner::sweetstring($name) . ($found ? $i : ''); $sql = "SELECT COUNT(*) FROM " . $db->prefix('mch_fields') . " WHERE nameid = '{$nameid}'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { $found = true; $i++; } else { $found = false; } } while ($found == true); } $field->setVar('name', $name); $field->setVar('nameid', $nameid); $field->setVar('description', $description); if (!$field->save()) { redirectMsg('./fields.php' . $action . $query, __('Errors ocurred while trying to update database!', 'match') . $field->errors(), 1); die; } else { redirectMsg('./fields.php?id=' . $field->id(), __('Field saved successfully!', 'match'), 0); die; } }
/** * Almacenamos la categoría en la base de datos */ function saveCatego($edit = 0) { global $xoopsSecurity, $db; if (!$xoopsSecurity->check()) { redirectMsg('categories.php', __('Sorry, session token expired!', 'mywords'), 1); die; } $query = ''; foreach ($_POST as $k => $v) { ${$k} = $v; if ($k == 'op' || $k == 'XOOPS_TOKEN_REQUEST') { continue; } $query .= $query == '' ? "{$k}=" . urlencode($v) : '&' . $k . '=' . urlencode($v); } $query = $edit ? '&op=edit' : ''; if ($edit) { if ($id <= 0) { redirectMsg('categories.php', __('You must specify a valid category', 'mywords'), 1); die; } $catego = new MWCategory($id); if ($catego->isNew()) { redirectMsg('categories.php', __('Specified category not exists!', 'mywords'), 1); die; } } else { $catego = new MWCategory(); } if ($name == '') { redirectMsg('categories.php?' . $query, __('Please specify a name for this category!', 'mywords'), 1); die; } $shortname = $shortname == '' ? TextCleaner::sweetstring($name) : $shortname; # Verificamos que no exista la categoría $result = $db->query("SELECT COUNT(*) FROM " . $db->prefix("mw_categories") . " WHERE parent='{$parent}'" . ($edit ? " AND id_cat<>{$id}" : '') . " AND (name='{$name}' OR shortname='{$shortname}')"); list($num) = $db->fetchRow($result); if ($num > 0) { redirectMsg('categories.php?' . $query, __('There is already a category with the same name!', 'mywords'), 1); die; } # Si todo esta bien guardamos la categoría $catego->setVar('name', $name); $catego->setVar('shortname', $shortname); $catego->setVar('description', $desc); $catego->setVar('parent', $parent); if (!$edit) { $catego->setVar('posts', 0); } $result = $catego->save(); if ($result) { redirectMsg('categories.php', __('Category created succesfully!', 'mywords'), 0); } else { redirectMsg('categories.php?' . $query, __('There was an error!', 'mywords') . "<br />" . $catego->errors(), 1); } }
function m_save_player($edit) { global $xoopsSecurity, $xoopsModuleConfig; $query = ''; foreach ($_POST as $k => $v) { ${$k} = $v; if ($k == 'XOOPS_TOKEN_REQUEST' || $k == 'action' || $k == 'sbt') { continue; } $query .= $query == '' ? "{$k}=" . urlencode($v) : "&{$k}=" . urlencode($v); } $action = $edit ? '?action=edit&id=' . $id : '?action=new&'; if (!$xoopsSecurity->check()) { redirectMsg('roster.php?action=' . ($edit ? 'edit&id=' . $id : 'new') . '&' . $query, __('Session token expired!', 'match'), 1); die; } if ($name == '' || $birth <= 0 || $team <= 0 || $lastname == '' || $surname == '') { echo "{$name}<br />{$birth}<br />{$team}<br />{$lastname}<br />{$surname}"; die; //redirectMsg('roster.php?action='.($edit ? 'edit&id='.$id : 'new').'&'.$query, __('Please fill all required data!','match'), 1); } if ($edit) { if ($id <= 0) { redirectMsg('./roster.php', __('Player ID not valid!', 'match'), 1); die; } //Verificamos que el trabajo exista $player = new MCHPlayer($id); if ($player->isNew()) { redirectMsg('./roster.php', __('Specified player does not exists!', 'match'), 1); die; } } else { $player = new MCHPlayer(); } $db = XoopsDatabaseFactory::getDatabaseConnection(); // Check if work exists already if ($edit) { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mch_players") . " WHERE name='{$name}' and team='{$team}' and id_player<>'{$id}'"; } else { $sql = "SELECT COUNT(*) FROM " . $db->prefix("mch_players") . " WHERE name='{$name}' and team='{$team}'"; } list($num) = $db->fetchRow($db->query($sql)); if ($num > 0) { redirectMsg("roster.php" . $action . $query, __('A player with same name already exists!', 'match'), 1); die; } //Genera $nameid Nombre identificador $found = false; $i = 0; if ($name != $player->getVar('name') || empty($nameid)) { do { $nameid = TextCleaner::sweetstring($lastname . ' ' . $surname . ' ' . $name) . ($found ? $i : ''); $sql = "SELECT COUNT(*) FROM " . $db->prefix('mch_players') . " WHERE nameid = '{$nameid}'"; list($num) = $db->fetchRow($db->queryF($sql)); if ($num > 0) { $found = true; $i++; } else { $found = false; } } while ($found == true); } $player->setVar('name', $name); $player->setVar('lastname', $lastname); $player->setVar('surname', $surname); $player->setVar('nameid', $nameid); $player->setVar('bio', $bio); $player->setVar('team', $team); $player->setVar('created', $created > 0 ? $created : time()); $player->setVar('position', $position); $player->setVar('birth', $birth); //Logo include_once RMCPATH . '/class/uploader.php'; $folder = XOOPS_UPLOAD_PATH . '/teams/players'; if ($edit) { $image = $player->getVar('photo'); $filename = $player->getVar('photo'); } else { $filename = ''; } //Obtenemos el tamaño de la imagen $imgSize = $xoopsModuleConfig['photo_size']; $thSize = $xoopsModuleConfig['th_size']; $up = new RMFileUploader($folder, $xoopsModuleConfig['logo_file_size'] * 1024, array('jpg', 'png', 'gif')); if ($up->fetchMedia('photo')) { if (!$up->upload()) { redirectMsg('./roster.php' . $action . $query, $up->getErrors(), 1); die; } if ($edit && $player->getVar('photo') != '') { @unlink(XOOPS_UPLOAD_PATH . '/teams/players/' . $player->getVar('photo')); @unlink(XOOPS_UPLOAD_PATH . '/teams/players/ths/' . $player->getVar('photo')); } $filename = $up->getSavedFileName(); $fullpath = $up->getSavedDestination(); // Redimensionamos la imagen $redim = new RMImageResizer($fullpath, $fullpath); //Redimensionar $redim->resizeWidth($imgSize); $redim->setTargetFile($folder . '/ths/' . $filename); $redim->resizeAndCrop($thSize, $thSize); } $player->setVar('photo', $filename); if (!$player->save()) { redirectMsg('./roster.php' . $action . $query, __('Errors ocurred while trying to update database!', 'match') . $player->errors(), 1); die; } else { redirectMsg('./roster.php?id=' . $player->id(), __('Player saved successfully!', 'match'), 0); die; } }
if (!defined("XOOPS_MAINFILE_INCLUDED")) { require '../../mainfile.php'; $header = array(); foreach ($_REQUEST as $k => $v) { $header[$k] = $v; } } load_mod_locale('qpages'); $xoopsOption['template_main'] = 'qpages_page.html'; $xoopsOption['module_subpage'] = 'page'; if (isset($_REQUEST['page'])) { $nombre = explode('/', $_REQUEST['page']); } else { $nombre = explode('/', $request); } $nombre[0] = TextCleaner::sweetstring($nombre[0]); $page = new QPPage($nombre[0]); if ($page->isNew() || $page->getAccess() == 0) { redirect_header(QP_URL, 2, _MS_QP_NOTFOUNDPAGE); die; } if (!in_array(0, $page->getGroups())) { if (empty($xoopsUser)) { redirect_header(QP_URL, 2, _MS_QP_NOALLOWED); die; } else { $ok = false; foreach ($xoopsUser->getGroups() as $k) { if ($ok) { continue; }
function works_save_meta() { global $xoopsSecurity; $id = rmc_server_var($_POST, 'id', 0); if ($id <= 0) { redirectMsg('works.php', __('You must provide a work ID!', 'works'), 1); die; } $work = new PWWork($id); if ($work->isNew()) { redirectMsg('works.php', __('Specified work does not exists!', 'works'), 1); die; } if (!$xoopsSecurity->check()) { redirectMsg('works.php?id=' . $id . '&op=meta', __('Session token expired!', 'works'), 1); die; } $name = rmc_server_var($_POST, 'name', ''); $value = rmc_server_var($_POST, 'value', ''); if ($name == '' || $value == '') { redirectMsg('works.php?id=' . $id . '&op=meta', __('Please, fill all data!', 'works'), 1); die; } $name = TextCleaner::sweetstring($name); $db = XoopsDatabaseFactory::getDatabaseConnection(); $sql = "SELECT COUNT(*) FROM " . $db->prefix("pw_meta") . " WHERE name='{$name}' AND work='{$id}'"; list($num) = $db->fetchRow($db->query($sql)); $value = TextCleaner::addslashes($value); if ($num > 0) { $sql = "UPDATE " . $db->prefix("pw_meta") . " SET value='{$value}' WHERE name='{$name}' AND work='{$id}'"; } else { $sql = "INSERT INTO " . $db->prefix("pw_meta") . " (`value`,`name`,`work`) VALUES ('{$value}','{$name}','{$id}')"; } if ($db->queryF($sql)) { redirectMsg('works.php?id=' . $id . '&op=meta', __('Custom field added successfully!', 'works'), 0); } else { redirectMsg('works.php?id=' . $id . '&op=meta', __('Custom field could not be added. Please try again!', 'works') . '<br />' . $db->error(), 1); } }