function duplicate($p, $f, $i)
{
$fn = explode(".", $f);
$fn[0] = $fn[0] . $i;
$fn = implode(".", $fn);
if (file_exists($p . $fn)) {
duplicate($p, $f, ++$i);
} else {
full_copy($p . $f, $p . $fn);
}
}
param('results_city_page', 'integer', '', true);
param('results_city_order', 'string', '', true);
// Redirect so that a reload doesn't write to the DB twice:
header_redirect(regenerate_url('', '', '', '&'), 303);
// Will EXIT
// We have EXITed already at this point!!
break;
case 'new':
// Check permission:
$current_User->check_perm('options', 'edit', true);
if (!isset($edited_City)) {
// We don't have a model to use, start with blank object:
$edited_City = new City();
} else {
// Duplicate object in order no to mess with the cache:
$edited_City = duplicate($edited_City);
// PHP4/5 abstraction
$edited_City->ID = 0;
}
break;
case 'csv':
// Check permission:
$current_User->check_perm('options', 'edit', true);
break;
case 'edit':
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an city_ID:
param('city_ID', 'integer', true);
break;
case 'create':
unset($edited_UserfieldGroup);
forget_param('ufgp_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), T_('User field group')), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
// Check permission:
$current_User->check_perm('users', 'edit', true);
if (!isset($edited_UserfieldGroup)) {
// We don't have a model to use, start with blank object:
$edited_UserfieldGroup = new UserfieldGroup();
} else {
// Duplicate object in order no to mess with the cache:
$edited_UserfieldGroup = duplicate($edited_UserfieldGroup);
// PHP4/5 abstraction
$edited_UserfieldGroup->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('users', 'edit', true);
// Make sure we got an ufgp_ID:
param('ufgp_ID', 'integer', true);
break;
case 'create':
// Record new UserfieldGroup
// Record new UserfieldGroup
case 'create_new':
// Record UserfieldGroup and create new
exit;
}
if (isset($_GET["config-local"])) {
config_local();
exit;
}
if (isset($_GET["EditLocalDomain"])) {
config_local_edit();
exit;
}
if (isset($_GET["remote"])) {
save_routage();
exit;
}
if (isset($_GET["duplicate"])) {
duplicate();
exit;
}
if (isset($_GET["duplicate-server"])) {
duplicate_save();
exit;
}
if (isset($_GET["duplicate-delete"])) {
duplicate_delete();
exit;
}
if (isset($_GET["aliases"])) {
aliases();
exit;
}
if (isset($_GET["aliases-database"])) {
}
*/
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t (compcode,source,paymode,description,ccode,glaccno,paytype,cardflag,recstatus,valexpdate,\n\t\t\t lastuser,drpayment) \n\t\t\t \n\t\t\tVALUES \n\t\t\t\t( '{$compcode}',\n\t\t\t\t'{$s}', \n\t\t\t\t'" . clr($_POST['paymode']) . "', \n\t\t\t\t'" . clr($_POST['description']) . "',\n\t\t\t\t'" . clr($_POST['ccode']) . "',\n\t\t\t\t'" . clr($_POST['glaccno']) . "', \n\t\t\t\t'" . clr($_POST['paytype']) . "', \n\t\t\t\t'" . clr($_POST['cardflag']) . "', \n\t\t\t\t'" . clr($_POST['recstatus']) . "', \n\t\t\t\t'" . clr($_POST['valexpdate']) . "',\n\t\t\t\t'" . clr($_POST['lastuser']) . "',\n\t\t\t\t'" . clr($_POST['drpayment']) . "'\n\t\t\t\t)";
//'".clr($_POST['comrate'])."',
//'".clr($_POST['lastupdate'])."',
//'".clr($_POST['drcommrate'])."',
//'".clr($_POST['cardcent'])."'
} else {
if ($_POST['oper'] == 'edit') {
$sql = "UPDATE {$table} SET\n\t\t\t\t\n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tccode = '" . clr($_POST['ccode']) . "',\n\t\t\t\tglaccno = '" . clr($_POST['glaccno']) . "',\n\t\t\t\tpaytype = '" . clr($_POST['paytype']) . "',\n\t\t\t\tcardflag = '" . clr($_POST['cardflag']) . "',\n\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\tvalexpdate = '" . clr($_POST['valexpdate']) . "',\n\t\t\t\tlastupdate = '{$user}',\n\t\t\t\tdrcommrate = '" . clr($_POST['drcommrate']) . "',\t\n\t\t\t\tdrpayment = '" . clr($_POST['drpayment']) . "',\n\t\t\t\tcardcent = '" . clr($_POST['cardcent']) . "'\n\t\t\t\t\t\t\n\t\t\tWHERE \n\t\t\t\tpaymode='{$_POST['paymode']}'";
} else {
if ($_POST['oper'] == 'del') {
$sql = "DELETE FROM {$table} WHERE paymode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('paymode', $table, clr($_POST['paymode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
<?php
// duplicates a number
function duplicate($n)
{
return $n * 2;
}
$valueToDuplicate = 10;
echo duplicate($valueToDuplicate);
param('results_curr_page', 'integer', '', true);
param('results_curr_order', 'string', '', true);
// Redirect so that a reload doesn't write to the DB twice:
header_redirect(regenerate_url('', '', '', '&'), 303);
// Will EXIT
// We have EXITed already at this point!!
break;
case 'new':
// Check permission:
$current_User->check_perm('options', 'edit', true);
if (!isset($edited_Currency)) {
// We don't have a model to use, start with blank object:
$edited_Currency = new Currency();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Currency = duplicate($edited_Currency);
// PHP4/5 abstraction
$edited_Currency->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an curr_ID:
param('curr_ID', 'integer', true);
break;
case 'create':
// Record new currency
// Record new currency
case 'create_new':
// Record currency and create new
<?php
// What is wrong with the following code?
function duplicate($obj)
{
$newObj = $obj;
return $newObj;
}
$a = new MyClass();
$a_copy = duplicate($a);
$a->setValue(10);
$a_copy->setValue(20);
/*
1) You must use return &$newObj instead
2) There is nothing wrong with this code
3) duplicate() must accept its parameter by reference
4) You must use the clone operator to make a copy of an object OK
5) duplicate() must return a reference
*/
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,glaccount,description,accgroup, recstatus, adduser,adddate) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}', '" . clr($_POST['glaccount']) . "', '" . clr($_POST['description']) . "', '" . clr($_POST['accgroup']) . "', '" . clr($_POST['recstatus']) . "', '{$user}', NOW())";
//(compcode,glaccount,description,acttype,repgroup,accgroup, recstatus, adduser,adddate, nprefid)
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\trecstatus = 'D',\n\t\t\t\t\taccgroup = '" . clr($_POST['accgroup']) . "',\n\t\t\t\t\tdeluser= '******', \n\t\t\t\t\tdeldate = NOW()\n\t\t\t\tWHERE \n\t\t\t\t\tsysno='{$_POST['sysno']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "', \n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\t\taccgroup = '" . clr($_POST['accgroup']) . "',\n\t\t\t\t\tupduser = '******',\n\t\t\t\t\tupddate = NOW()\n\t\t\t\tWHERE \n\t\t\t\t\tsysno='{$_POST['sysno']}'";
//echo"$sql";
}
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', deluser= '******', deldate = NOW()\n\t\t WHERE sysno='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('glaccount', $table, clr($_POST['glaccount']))) {
throw new Exception('Duplicate key');
}
//if($_POST['oper']=='add' && duplicate('compcode',$table,'$compcode') && duplicate('glaccount',$table,clr($_POST['glaccount']))){
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
$tpl=new templates();
echo "alert('". $tpl->javascript_parse_text("{ERROR_NO_PRIVS}")."');";
die();exit();
}
if(isset($_GET["tabs"])){tabs();exit;}
if(isset($_GET["config"])){config();exit;}
if(isset($_GET["config-local"])){config_local();exit;}
if(isset($_GET["EditLocalDomain"])){config_local_edit();exit;}
if(isset($_GET["trusted_smtp_domain"])){trusted_smtp_domain_save();exit;}
if(isset($_GET["remote"])){save_routage();exit;}
if(isset($_GET["duplicate"])){duplicate();exit;}
if(isset($_GET["duplicate-server"])){duplicate_save();exit;}
if(isset($_GET["duplicate-delete"])){duplicate_delete();exit;}
if(isset($_GET["aliases"])){aliases();exit;}
if(isset($_GET["aliases-database"])){aliases_database();exit;}
if(isset($_GET["aliases-import"])){aliases_import_form();exit;}
if(isset($_POST["aliases-import-perform"])){aliases_import_perform();exit;}
if(isset($_POST["aliase-delete-perform"])){aliases_delete_perform();exit;}
if(isset($_POST["aliase-empty-perform"])){aliases_empty_perform();exit;}
unset($edited_Organization);
forget_param('org_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), T_('Organization')), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
// Check permission:
$current_User->check_perm('users', 'edit', true);
if (!isset($edited_Organization)) {
// We don't have a model to use, start with blank object:
$edited_Organization = new Organization();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Organization = duplicate($edited_Organization);
// PHP4/5 abstraction
$edited_Organization->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('users', 'edit', true);
// Make sure we got an org_ID:
param('org_ID', 'integer', true);
break;
case 'create':
// Record new Organization
// Record new Organization
case 'create_new':
// Record Organization and create new
param('results_subrg_page', 'integer', '', true);
param('results_subrg_order', 'string', '', true);
// Redirect so that a reload doesn't write to the DB twice:
header_redirect(regenerate_url('', '', '', '&'), 303);
// Will EXIT
// We have EXITed already at this point!!
break;
case 'new':
// Check permission:
$current_User->check_perm('options', 'edit', true);
if (!isset($edited_Subregion)) {
// We don't have a model to use, start with blank object:
$edited_Subregion = new Subregion();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Subregion = duplicate($edited_Subregion);
// PHP4/5 abstraction
$edited_Subregion->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an subrg_ID:
param('subrg_ID', 'integer', true);
break;
case 'create':
// Record new subregion
// Record new subregion
case 'create_new':
// Record subregion and create new
// disable autocommit 'admin',NOW()
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,debtortycode,description,depccode,depglacc, actdebccode, actdebglacc,lastuser, lastupdate,\n\t\t\t\tregfees, typegrp, updpayername, updepisode, recstatus) \n\t\t\tVALUES \n\t\t\t\t('" . clr($compcode) . "',\n\t\t\t\t'" . clr($_POST['debtortycode']) . "',\n\t\t\t\t'" . clr($_POST['description']) . "', \n\t\t\t\t'" . clr($_POST['depccode']) . "',\n\t\t\t\t'" . clr($_POST['depglacc']) . "', \n\t\t\t\t'" . clr($_POST['actdebccode']) . "', \n\t\t\t\t'" . clr($_POST['actdebglacc']) . "', \n\t\t\t\t'" . clr($user) . "', \n\t\t\t\tNOW(),\n\t\t\t\t'" . clr($_POST['regfees']) . "', \n\t\t\t\t'" . clr($_POST['typegrp']) . "', \n\t\t\t\t'{$user}',\n\t\t\t\t'" . clr($_POST['updepisode']) . "',\n\t\t\t\t'{$recstatus}'\n\t\t\t\t)";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\tcompcode= '" . clr($compcode) . "',\n\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\tdepccode = '" . clr($_POST['depccode']) . "',\n\t\t\t\tdepglacc ='" . clr($_POST['depglacc']) . "',\n\t\t\t\tactdebccode = '" . clr($_POST['actdebccode']) . "',\n\t\t\t\tactdebglacc ='" . clr($_POST['actdebglacc']) . "',\n\t\t\t\tlastuser = '******', \n\t\t\t\tlastupdate = NOW(), \n\t\t\t\ttypegrp= '" . clr($_POST['typegrp']) . "', \n\t\t\t\trecstatus = 'D'\n\t\t\tWHERE \n\t\t\t\tdebtortycode='{$_POST['debtortycode']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\tdepccode = '" . clr($_POST['depccode']) . "',\n\t\t\t\t\tdepglacc ='" . clr($_POST['depglacc']) . "',\n\t\t\t\t\tactdebccode = '" . clr($_POST['actdebccode']) . "',\n\t\t\t\t\tactdebglacc ='" . clr($_POST['actdebglacc']) . "',\n\t\t\t\t\tlastuser = '******', \n\t\t\t\t\tlastupdate = NOW(),\n\t\t\t\t\ttypegrp= '" . clr($_POST['typegrp']) . "',\n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "'\n\t\t\t\tWHERE \n\t\t\t\t\tdebtortycode='{$_POST['debtortycode']}'";
echo "{$sql}";
}
} else {
if ($_POST['oper'] == 'del') {
$sql = "DELETE FROM {$table} WHERE debtortycode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('debtortycode', $table, clr($_POST['debtortycode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
forget_param('goal_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), T_('Goal')), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
case 'copy':
// Check permission:
$current_User->check_perm('stats', 'edit', true);
if (!isset($edited_Goal)) {
// We don't have a model to use, start with blank object:
$edited_Goal = new Goal();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Goal = duplicate($edited_Goal);
// PHP4/5 abstraction
$edited_Goal->ID = 0;
}
break;
case 'edit':
// Edit file type form...:
// Check permission:
$current_User->check_perm('stats', 'edit', true);
// Make sure we got an ftyp_ID:
param('goal_ID', 'integer', true);
break;
case 'create':
// Record new goal
// Record new goal
case 'create_new':
}
}
break;
// **** Categories **** //
// **** Categories **** //
case 'cat_new':
case 'cat_copy':
// New goal category form...:
// Check permission:
$current_User->check_perm('stats', 'edit', true);
if (!isset($edited_GoalCategory)) {
// We don't have a model to use, start with blank object:
$edited_GoalCategory = new GoalCategory();
} else {
// Duplicate object in order no to mess with the cache:
$edited_GoalCategory = duplicate($edited_GoalCategory);
// PHP4/5 abstraction
$edited_GoalCategory->ID = 0;
}
break;
case 'cat_edit':
// Edit goal category form...:
// Check permission:
$current_User->check_perm('stats', 'edit', true);
// Make sure we got an ftyp_ID:
param('gcat_ID', 'integer', true);
break;
case 'cat_create':
// Record new goal category
// Record new goal category
case 'cat_create_new':
unset($edited_Invitation);
forget_param('ivc_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), T_('Invitation')), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
// Check permission:
$current_User->check_perm('users', 'edit', true);
if (!isset($edited_Invitation)) {
// We don't have a model to use, start with blank object:
$edited_Invitation = new Invitation();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Invitation = duplicate($edited_Invitation);
// PHP4/5 abstraction
$edited_Invitation->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('users', 'edit', true);
// Make sure we got an ivc_ID:
param('ivc_ID', 'integer', true);
break;
case 'create':
// Record new Invitation
// Record new Invitation
case 'create_new':
// Record Invitation and create new
unset($edited_Itemtype);
forget_param('ityp_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), 'Itemtype'), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
// Check permission:
$current_User->check_perm('options', 'edit', true);
if (!isset($edited_Itemtype)) {
// We don't have a model to use, start with blank object:
$edited_Itemtype = new ItemType();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Itemtype = duplicate($edited_Itemtype);
// PHP4/5 abstraction
// Load all custom fields of the copied post type
$edited_Itemtype->get_custom_fields();
// Reset ID of new post type
$edited_Itemtype->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an ityp_ID:
param('ityp_ID', 'integer', true);
break;
case 'create':
// Record new Itemtype
unset($edited_Userfield);
forget_param('ufdf_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), T_('User field')), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
// Check permission:
$current_User->check_perm('users', 'edit', true);
if (!isset($edited_Userfield)) {
// We don't have a model to use, start with blank object:
$edited_Userfield = new Userfield();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Userfield = duplicate($edited_Userfield);
// PHP4/5 abstraction
$edited_Userfield->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('users', 'edit', true);
// Make sure we got an ufdf_ID:
param('ufdf_ID', 'integer', true);
break;
case 'create':
// Record new Userfield
// Record new Userfield
case 'create_new':
// Record Userfield and create new
{
global $es;
foreach ($items as $item) {
$delete = $es->delete(['index' => $index, 'type' => $type, 'id' => $item['_id']]);
}
}
if (isset($_SESSION['email']) && $_SESSION['email'] === '*****@*****.**') {
if (!empty($origIndex)) {
if (!empty($origType)) {
//Get items in current index/type
$items = getItems($origIndex, $origType);
if (isset($items['hits']['hits'])) {
echo "Backing up " . $items['hits']['total'] . " items<br>";
//Backup and delete current items
$items = $items['hits']['hits'];
duplicate($items, $newIndex, $newType);
echo "Deleting items in original index<br>";
deleteAll($items, $origIndex, $origType);
//Delte original index
echo "Deleting original index<br>";
$delete = $es->indices()->deleteMapping(['index' => $origIndex, 'type' => $origType]);
echo $origIndex . "/" . $origType . " successfully moved to " . $newIndex . "/" . $newType . "<br>";
echo "<a href='moveIndex.php?origIndex=" . $newIndex . "&origType=" . $newType . "&newIndex=" . $origIndex . "&newType=" . $origType . "'>Undo move</a>";
} else {
echo "No documents found";
}
} else {
echo "Please pass a type.";
}
} else {
echo "Please pass an index.";
if ($pat && !preg_match("/^{$reg}\$/", $file)) {
continue;
}
$files[] = $path;
}
}
closedir($dh);
return $files;
}
if (!function_exists('file_put_contents')) {
// php 4.3.11 no have?
function file_put_contents($file, $text)
{
$fp = fopen($file, "w");
fwrite($fp, $text);
fclose($fp);
}
}
$verb = false;
if ($argv[0] == '-v') {
array_shift($argv);
$verb = true;
}
foreach ($argv as $dir) {
if (preg_match('/^[a-zA-Z0-9_]+$/', $dir)) {
echo "Duplicate: {$dir}\n";
duplicate($dir, $writable, $modifies, $verb);
} else {
echo "Error dirname: {$dir}\n";
}
}
if ($_POST['active'] == 'Yes') {
$active = '1';
} else {
$active = '0';
}
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,authorid,name,password,deptcode, active, adddate,adduser, upddate,\n\t\t\t\tupduser) \n\t\t\tVALUES \n\t\t\t\t('" . clr($compcode) . "',\n\t\t\t\t'" . clr($_POST['authorid']) . "',\n\t\t\t\t'" . clr($_POST['name']) . "', \n\t\t\t\t'" . clr($_POST['password']) . "',\n\t\t\t\t'" . clr($_POST['deptcode']) . "', \n\t\t\t\t'{$active}', \n\t\t\t\tNOW(),\n\t\t\t\t'" . clr($user) . "', \n\t\t\t\tNOW(),\n\t\t\t\t'" . clr($user) . "'\n\t\t\t\t)";
} else {
if ($_POST['oper'] == 'edit') {
$sql = "UPDATE {$table} SET\n\t\t\t\tname = '" . clr($_POST['name']) . "',\n\t\t\t\tpassword = '******'password']) . "',\n\t\t\t\tdeptcode ='" . clr($_POST['deptcode']) . "',\n\t\t\t\tactive = '{$active}',\n\t\t\t\tadddate = NOW(), \n\t\t\t\tadduser = '******', \n\t\t\t\tadddate = NOW(), \n\t\t\t\tadduser = '******'\n\t\t\t\t\n\t\t\t\t\n\t\t\tWHERE \n\t\t\t\tauthorid='{$_POST['authorid']}'";
// debtortycode= '".clr($_POST['debtortycode'])."',
} else {
if ($_POST['oper'] == 'del') {
$sql = "DELETE FROM {$table} WHERE authorid='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('authorid', $table, clr($_POST['authorid']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
/**
* Read messages from server and create posts
*
* @param resource $mbox created by pbm_connect() (by reference)
* @param integer the number of messages to process
* @return boolean true on success
*/
function pbm_process_messages(&$mbox, $limit)
{
global $Settings;
global $pbm_item_files, $pbm_messages, $pbm_items, $post_cntr, $del_cntr, $is_cron_mode;
// No execution time limit
set_max_execution_time(0);
// Are we in test mode?
$test_mode_on = $Settings->get('eblog_test_mode');
$post_cntr = 0;
$del_cntr = 0;
for ($index = 1; $index <= $limit; $index++) {
pbm_msg('<hr /><h3>Processing message #' . $index . ':</h3>');
$strbody = '';
$hasAttachment = false;
$hasRelated = false;
$pbm_item_files = array();
// reset the value for each new Item
// Save email to hard drive, otherwise attachments may take a lot of RAM
if (!($tmpMIME = tempnam(sys_get_temp_dir(), 'b2evoMail'))) {
pbm_msg(T_('Could not create temporary file.'), true);
continue;
}
imap_savebody($mbox, $tmpMIME, $index);
// Create random temp directory for message parts
$tmpDirMIME = pbm_tempdir(sys_get_temp_dir(), 'b2evo_');
$mimeParser = new mime_parser_class();
$mimeParser->mbox = 0;
// Set to 0 for parsing a single message file
$mimeParser->decode_headers = 1;
$mimeParser->ignore_syntax_errors = 1;
$mimeParser->extract_addresses = 0;
$MIMEparameters = array('File' => $tmpMIME, 'SaveBody' => $tmpDirMIME, 'SkipBody' => 1);
if (!$mimeParser->Decode($MIMEparameters, $decodedMIME)) {
pbm_msg(sprintf('MIME message decoding error: %s at position %d.', $mimeParser->error, $mimeParser->error_position), true);
rmdir_r($tmpDirMIME);
unlink($tmpMIME);
continue;
} else {
pbm_msg('MIME message decoding successful');
if (!$mimeParser->Analyze($decodedMIME[0], $parsedMIME)) {
pbm_msg(sprintf('MIME message analyse error: %s', $mimeParser->error), true);
rmdir_r($tmpDirMIME);
unlink($tmpMIME);
continue;
}
// Get message $subject and $post_date from headers (by reference)
if (!pbm_process_header($parsedMIME, $subject, $post_date)) {
// Couldn't process message headers
rmdir_r($tmpDirMIME);
unlink($tmpMIME);
continue;
}
// TODO: handle type == "message" recursively
// sam2kb> For some reason imap_qprint() demages HTML text... needs more testing
if ($parsedMIME['Type'] == 'html') {
// Mail is HTML
if ($Settings->get('eblog_html_enabled')) {
// HTML posting enabled
pbm_msg('HTML message part saved as ' . $parsedMIME['DataFile']);
$html_body = file_get_contents($parsedMIME['DataFile']);
}
foreach ($parsedMIME['Alternative'] as $alternative) {
// First try to get HTML alternative (when possible)
if ($alternative['Type'] == 'html' && $Settings->get('eblog_html_enabled')) {
// HTML text
pbm_msg('HTML alternative message part saved as ' . $alternative['DataFile']);
// sam2kb> TODO: we may need to use $html_body here instead
$strbody = file_get_contents($alternative['DataFile']);
break;
// stop after first alternative
} elseif ($alternative['Type'] == 'text') {
// Plain text
pbm_msg('Text alternative message part saved as ' . $alternative['DataFile']);
$strbody = imap_qprint(file_get_contents($alternative['DataFile']));
break;
// stop after first alternative
}
}
} elseif ($parsedMIME['Type'] == 'text') {
// Mail is plain text
pbm_msg('Plain-text message part saved as ' . $parsedMIME['DataFile']);
$strbody = imap_qprint(file_get_contents($parsedMIME['DataFile']));
}
// Check for attachments
if (!empty($parsedMIME['Attachments'])) {
$hasAttachment = true;
foreach ($parsedMIME['Attachments'] as $file) {
pbm_msg('Attachment: ' . $file['FileName'] . ' stored as ' . $file['DataFile']);
}
}
// Check for inline images
if (!empty($parsedMIME['Related'])) {
$hasRelated = true;
foreach ($parsedMIME['Related'] as $file) {
pbm_msg('Related file with content ID: ' . $file['ContentID'] . ' stored as ' . $file['DataFile']);
}
}
if (count($mimeParser->warnings) > 0) {
pbm_msg(sprintf('<h4>%d warnings during decode:</h4>', count($mimeParser->warnings)));
foreach ($mimeParser->warnings as $k => $v) {
pbm_msg('Warning: ' . $v . ' at position ' . $k);
}
}
}
unlink($tmpMIME);
if (empty($html_body)) {
// Plain text message
pbm_msg('Message type: TEXT');
pbm_msg('Message body: <pre style="font-size:10px">' . htmlspecialchars($strbody) . '</pre>');
// Process body. First fix different line-endings (dos, mac, unix), remove double newlines
$content = str_replace(array("\r", "\n\n"), "\n", trim($strbody));
// First see if there's an <auth> tag with login and password
if (($auth = pbm_get_auth_tag($content)) === false) {
// No <auth> tag, let's detect legacy "username:password" on the first line
$a_body = explode("\n", $content, 2);
// tblue> splitting only into 2 parts allows colons in the user PW
// Note: login and password cannot include '<' !
$auth = explode(':', strip_tags($a_body[0]), 2);
// Drop the first line with username and password
$content = $a_body[1];
}
} else {
// HTML message
pbm_msg('Message type: HTML');
if (($parsed_message = pbm_prepare_html_message($html_body)) === false) {
// No 'auth' tag provided, skip to the next message
rmdir_r($tmpDirMIME);
continue;
}
list($auth, $content) = $parsed_message;
}
// TODO: dh> should the password really get trimmed here?!
$user_pass = isset($auth[1]) ? trim(remove_magic_quotes($auth[1])) : NULL;
$user_login = trim(evo_strtolower(remove_magic_quotes($auth[0])));
if (empty($user_login) || empty($user_pass)) {
pbm_msg(sprintf(T_('Please add username and password in message body in format %s.'), '"<auth>username:password</auth>"'), true);
rmdir_r($tmpDirMIME);
continue;
}
// Authenticate user
pbm_msg('Authenticating user: «' . $user_login . '»');
$pbmUser =& pbm_validate_user_password($user_login, $user_pass);
if (!$pbmUser) {
pbm_msg(sprintf(T_('Authentication failed for user «%s»'), htmlspecialchars($user_login)), true);
rmdir_r($tmpDirMIME);
continue;
}
$pbmUser->get_Group();
// Load group
if (!empty($is_cron_mode)) {
// Assign current User if we are in cron mode. This is needed in order to check user permissions
global $current_User;
$current_User = duplicate($pbmUser);
}
// Activate User's locale
locale_activate($pbmUser->get('locale'));
pbm_msg('<b class="green">Success</b>');
if ($post_categories = xmlrpc_getpostcategories($content)) {
$main_cat_ID = array_shift($post_categories);
$extra_cat_IDs = $post_categories;
pbm_msg('Extra categories: ' . implode(', ', $extra_cat_IDs));
} else {
$main_cat_ID = $Settings->get('eblog_default_category');
$extra_cat_IDs = array();
}
pbm_msg('Main category ID: ' . $main_cat_ID);
$ChapterCache =& get_ChapterCache();
$pbmChapter =& $ChapterCache->get_by_ID($main_cat_ID, false, false);
if (empty($pbmChapter)) {
pbm_msg(sprintf(T_('Requested category %s does not exist!'), $main_cat_ID), true);
rmdir_r($tmpDirMIME);
continue;
}
$blog_ID = $pbmChapter->blog_ID;
pbm_msg('Blog ID: ' . $blog_ID);
$BlogCache =& get_BlogCache();
$pbmBlog =& $BlogCache->get_by_ID($blog_ID, false, false);
if (empty($pbmBlog)) {
pbm_msg(sprintf(T_('Requested blog %s does not exist!'), $blog_ID), true);
rmdir_r($tmpDirMIME);
continue;
}
// Check permission:
pbm_msg(sprintf('Checking permissions for user «%s» to post to Blog #%d', $user_login, $blog_ID));
if (!$pbmUser->check_perm('blog_post!published', 'edit', false, $blog_ID)) {
pbm_msg(T_('Permission denied.'), true);
rmdir_r($tmpDirMIME);
continue;
}
if (($hasAttachment || $hasRelated) && !$pbmUser->check_perm('files', 'add', false, $blog_ID)) {
pbm_msg(T_('You have no permission to add/upload files.'), true);
rmdir_r($tmpDirMIME);
continue;
}
pbm_msg('<b class="green">Success</b>');
// Remove content after terminator
$eblog_terminator = $Settings->get('eblog_body_terminator');
if (!empty($eblog_terminator) && ($os_terminator = evo_strpos($content, $eblog_terminator)) !== false) {
$content = evo_substr($content, 0, $os_terminator);
}
$post_title = pbm_get_post_title($content, $subject);
// Remove 'title' and 'category' tags
$content = xmlrpc_removepostdata($content);
// Remove <br> tags from string start and end
// We do it here because there might be extra <br> left after deletion of <auth>, <category> and <title> tags
$content = preg_replace(array('~^(\\s*<br[\\s/]*>\\s*){1,}~i', '~(\\s*<br[\\s/]*>\\s*){1,}$~i'), '', $content);
if ($hasAttachment || $hasRelated) {
// Handle attachments
if (isset($GLOBALS['files_Module'])) {
if ($mediadir = $pbmBlog->get_media_dir()) {
if ($hasAttachment) {
pbm_process_attachments($content, $parsedMIME['Attachments'], $mediadir, $pbmBlog->get_media_url(), $Settings->get('eblog_add_imgtag'), 'attach');
}
if ($hasRelated) {
pbm_process_attachments($content, $parsedMIME['Related'], $mediadir, $pbmBlog->get_media_url(), true, 'related');
}
} else {
pbm_msg(T_('Unable to access media directory. No attachments processed.'), true);
}
} else {
pbm_msg(T_('Files module is disabled or missing!'), true);
}
}
// CHECK and FORMAT content
global $Plugins;
$renderer_params = array('Blog' => &$pbmBlog, 'setting_name' => 'coll_apply_rendering');
$renderers = $Plugins->validate_renderer_list($Settings->get('eblog_renderers'), $renderer_params);
pbm_msg('Applying the following text renderers: ' . implode(', ', $renderers));
// Do some optional filtering on the content
// Typically stuff that will help the content to validate
// Useful for code display
// Will probably be used for validation also
$Plugins_admin =& get_Plugins_admin();
$params = array('object_type' => 'Item', 'object_Blog' => &$pbmBlog);
$Plugins_admin->filter_contents($post_title, $content, $renderers, $params);
pbm_msg('Filtered post content: <pre style="font-size:10px">' . htmlspecialchars($content) . '</pre>');
$context = $Settings->get('eblog_html_tag_limit') ? 'commenting' : 'posting';
$post_title = check_html_sanity($post_title, $context, $pbmUser);
$content = check_html_sanity($content, $context, $pbmUser);
global $Messages;
if ($Messages->has_errors()) {
// Make it easier for user to find and correct the errors
pbm_msg("\n" . sprintf(T_('Processing message: %s'), $post_title), true);
pbm_msg($Messages->get_string(T_('Cannot post, please correct these errors:'), 'error'), true);
$Messages->clear();
rmdir_r($tmpDirMIME);
continue;
}
if ($test_mode_on) {
// Test mode
pbm_msg('<b class="green">It looks like the post can be successfully saved in the database. However we will not do it in test mode.</b>');
} else {
load_class('items/model/_item.class.php', 'Item');
global $pbm_items, $DB, $localtimenow;
$post_status = 'published';
pbm_msg(sprintf('<h4>Saving item "%s" in the database</h4>', $post_title));
// INSERT NEW POST INTO DB:
$edited_Item = new Item();
$edited_Item->set_creator_User($pbmUser);
$edited_Item->set($edited_Item->lasteditor_field, $pbmUser->ID);
$edited_Item->set('title', $post_title);
$edited_Item->set('content', $content);
$edited_Item->set('datestart', $post_date);
$edited_Item->set('datemodified', date('Y-m-d H:i:s', $localtimenow));
$edited_Item->set('main_cat_ID', $main_cat_ID);
$edited_Item->set('extra_cat_IDs', $extra_cat_IDs);
$edited_Item->set('status', $post_status);
$edited_Item->set('locale', $pbmUser->locale);
$edited_Item->set('renderers', $renderers);
// INSERT INTO DB:
$edited_Item->dbinsert('through_email');
pbm_msg(sprintf('Item created?: ' . (isset($edited_Item->ID) ? 'yes' : 'no')));
// Execute or schedule notifications & pings:
$edited_Item->handle_post_processing(true);
if (!empty($pbm_item_files)) {
// Attach files
$FileCache =& get_FileCache();
$order = 1;
foreach ($pbm_item_files as $filename) {
pbm_msg(sprintf('Saving file "%s" in the database', $filename));
$pbmFile =& $FileCache->get_by_root_and_path('collection', $pbmBlog->ID, $filename);
$pbmFile->meta = 'notfound';
// Save time and don't try to load meta from DB, it's not there anyway
$pbmFile->dbsave();
pbm_msg(sprintf('File saved?: ' . (isset($pbmFile->ID) ? 'yes' : 'no')));
pbm_msg(sprintf('Attaching file "%s" to the post', $filename));
// Let's make the link!
$pbmLink = new Link();
$pbmLink->set('itm_ID', $edited_Item->ID);
$pbmLink->set('file_ID', $pbmFile->ID);
$pbmLink->set('position', 'aftermore');
$pbmLink->set('order', $order++);
$pbmLink->dbinsert();
pbm_msg(sprintf('File attached?: ' . (isset($pbmLink->ID) ? 'yes' : 'no')));
}
}
// Save posted items sorted by author user for reports
$pbm_items['user_' . $pbmUser->ID][] = $edited_Item;
++$post_cntr;
}
pbm_msg('Message posting successful');
// Delete temporary directory
rmdir_r($tmpDirMIME);
if (!$test_mode_on && $Settings->get('eblog_delete_emails')) {
pbm_msg('Marking message for deletion from inbox: ' . $index);
imap_delete($mbox, $index);
++$del_cntr;
}
}
// Expunge messages marked for deletion
imap_expunge($mbox);
return true;
}
$mysqli->autocommit(FALSE);
if ($_POST['oper'] == 'add') {
$sql = "INSERT INTO {$table} \n\t\t\t\t(compcode,uomcode,description,convfactor,adduser,adddate,recstatus)\n\t\t\tVALUES \n\t\t\t\t('{$compcode}', \n\t\t\t\t'" . clr($_POST['uomcode']) . "',\n\t\t\t\t'" . clr($_POST['description']) . "', \n\t\t\t\t'" . clr($_POST['convfactor']) . "', \n\t\t\t\t'{$user}', \n\t\t\t\tNOW(), \n\t\t\t\t'" . clr($_POST['recstatus']) . "')";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET \t\n\t\t\t\tconvfactor = '" . clr($_POST['convfactor']) . "',\n\t\t\t\tupduser = '******',\n\t\t\t\tupddate = NOW(),\n\t\t\t\tdeluser= '******',\n\t\t\t\tdeldate = NOW(),\n\t\t\t\trecstatus = 'D'\n\t\t\tWHERE \n\t\t\t\tcompcode = '{$compcode}' AND uomcode='{$_POST['uomcode']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\t\tdescription = '" . clr($_POST['description']) . "',\n\t\t\t\t\tconvfactor = '" . clr($_POST['convfactor']) . "', \n\t\t\t\t\tupduser = '******',\n\t\t\t\t\tupddate = NOW(),\n\t\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "'\n\t\t\t\tWHERE \n\t\t\t\t\tcompcode = '{$compcode}' AND uomcode='{$_POST['uomcode']}'";
}
//echo "$sql";break;
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', deluser= '******', deldate = NOW()\n\t\t WHERE compcode = '{$compcode}' AND uomcode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('uomcode', $table, clr($_POST['uomcode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
<?php
session_start();
include "includes/connect.php";
include "includes/functions.php";
//intialising variables
$error = "";
$username = "";
$pass = "";
$email = "";
if (isset($_POST['submit'])) {
//username
if (!empty($_POST['username'])) {
if (ctype_alnum($_POST['username'])) {
if (duplicate($_POST['username'])) {
$username = htmlentities($_POST['username']);
} else {
$error .= "Sorry, username allready occupied. ";
}
} else {
$error .= "Username must be alphanumeric. ";
}
} else {
$error .= "Please enter username. ";
}
//password
if (!empty($_POST['pass'])) {
if (!empty($_POST['c_pass'])) {
if ($_POST['pass'] == $_POST['c_pass']) {
$pass = mysql_real_escape_string($_POST['pass']);
} else {
$sql = "INSERT INTO {$table} \n\t\t\t\t(CompCode, SuppCode, SuppGroup, Name, ContPers ,Addr1,Addr2, Addr3, Addr4, TelNo, Faxno, TermOthers, TermNonDisp, TermDisp, CostCode, GlAccNo, AccNo, AddUser, AddDate, SuppFlg, recstatus) \n\t\t\tVALUES \n\t\t\t\t('{$compcode}','" . clr($_POST['SuppCode']) . "','" . clr($_POST['SuppGroup']) . "', '" . clr($_POST['Name']) . "', '" . clr($_POST['ContPers']) . "', '" . clr($_POST['Addr1']) . "', '" . clr($_POST['Addr2']) . "', '" . clr($_POST['Addr3']) . "', '" . clr($_POST['Addr4']) . "', '" . clr($_POST['TelNo']) . "', '" . clr($_POST['Faxno']) . "', '" . clr($_POST['TermOthers']) . "', '" . clr($_POST['TermNonDisp']) . "', '" . clr($_POST['TermDisp']) . "', '" . clr($_POST['CostCode']) . "', '" . clr($_POST['GlAccNo']) . "', '" . clr($_POST['AccNo']) . "', '{$user}', NOW(), '" . clr($_POST['SuppFlg']) . "', '" . clr($_POST['recstatus']) . "')";
// OutAmt, DepAmt, MiscAmt, Advccode, AdvGlaccnorecstatus
echo "{$sql}";
} else {
if ($_POST['oper'] == 'edit') {
if ($_POST['recstatus'] == 'D') {
$sql = "UPDATE {$table} SET\n\t\t\t\tSuppGroup = '" . clr($_POST['SuppGroup']) . "', \n\t\t\t\tName = '" . clr($_POST['Name']) . "',\n\t\t\t\tContPers = '" . clr($_POST['ContPers']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr2 = '" . clr($_POST['Addr2']) . "',\n\t\t\t\tAddr3 = '" . clr($_POST['Addr3']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr4 = '" . clr($_POST['Addr4']) . "',\n\t\t\t\tTelNo = '" . clr($_POST['TelNo']) . "',\n\t\t\t\tFaxno = '" . clr($_POST['Faxno']) . "',\n\t\t\t\tTermOthers = '" . clr($_POST['TermOthers']) . "',\n\t\t\t\tTermNonDisp = '" . clr($_POST['TermNonDisp']) . "',\n\t\t\t\tTermDisp = '" . clr($_POST['TermDisp']) . "',\n\t\t\t\tCostCode = '" . clr($_POST['CostCode']) . "',\n\t\t\t\tGlAccNo = '" . clr($_POST['GlAccNo']) . "',\n\t\t\t\tAccNo = '" . clr($_POST['AccNo']) . "',\n\t\t\t\trecstatus ='D',\n\t\t\t\tDelUser = '******',\n\t\t\t\tDelDate = NOW()\n\t\t\t\tWHERE \n\t\t\t\tcompcode = '{$compcode}' AND SuppCode='{$_POST['SuppCode']}'";
} else {
$sql = "UPDATE {$table} SET\n\t\t\t\tSuppGroup = '" . clr($_POST['SuppGroup']) . "', \n\t\t\t\tName = '" . clr($_POST['Name']) . "',\n\t\t\t\tContPers = '" . clr($_POST['ContPers']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr2 = '" . clr($_POST['Addr2']) . "',\n\t\t\t\tAddr3 = '" . clr($_POST['Addr3']) . "',\n\t\t\t\tAddr1 = '" . clr($_POST['Addr1']) . "',\n\t\t\t\tAddr4 = '" . clr($_POST['Addr4']) . "',\n\t\t\t\tTelNo = '" . clr($_POST['TelNo']) . "',\n\t\t\t\tFaxno = '" . clr($_POST['Faxno']) . "',\n\t\t\t\tTermOthers = '" . clr($_POST['TermOthers']) . "',\n\t\t\t\tTermNonDisp = '" . clr($_POST['TermNonDisp']) . "',\n\t\t\t\tTermDisp = '" . clr($_POST['TermDisp']) . "',\n\t\t\t\tCostCode = '" . clr($_POST['CostCode']) . "',\n\t\t\t\tGlAccNo = '" . clr($_POST['GlAccNo']) . "',\n\t\t\t\tAccNo = '" . clr($_POST['AccNo']) . "',\n\t\t\t\trecstatus = '" . clr($_POST['recstatus']) . "',\n\t\t\t\tUpdUser = '******',\n\t\t\t\tUpdDate = NOW()\n\t\t\t\tWHERE \n\t\t\t\tcompcode = '{$compcode}' AND SuppCode='{$_POST['SuppCode']}'";
}
//echo "$sql";
} else {
if ($_POST['oper'] == 'del') {
$sql = "UPDATE {$table} SET recstatus = 'D', DelUser= '******', DelDate = NOW()\n\t\t WHERE compcode = '{$compcode}' AND SuppCode='{$_POST['id']}'";
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate('SuppCode', $table, clr($_POST['SuppCode']))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
}
}
$string .= " WHERE " . $columnid . " = '" . $_POST[$columnid] . "'";
return $string;
}
$mysqli->autocommit(FALSE);
if ($_POST['oper'] == 'add') {
$sql = autoSyntaxAdd(['compcode', 'adduser', 'adddate', 'recstatus'], [$compcode, $user, 'NOW()', 'A']);
} else {
if ($_POST['oper'] == 'edit') {
$sql = autoSyntaxUpd(['compcode', 'upduser', 'upddate'], [$compcode, $user, 'NOW()']);
} else {
if ($_POST['oper'] == 'del') {
$sql = autoSyntaxUpd(['compcode', 'deluser', 'deldate', 'recstatus'], [$compcode, $user, 'NOW()', 'D']);
}
}
}
try {
if ($_POST['oper'] == 'add' && duplicate($columnid, $table, clr($_POST[$columnid]))) {
throw new Exception('Duplicate key');
}
if (!$mysqli->query($sql)) {
throw new Exception($mysqli->error . '</br>' . $sql);
}
$mysqli->commit();
} catch (Exception $e) {
http_response_code(400);
echo $e->getMessage();
$mysqli->rollback();
}
$mysqli->close();
switch ($action) {
case 'new':
if (check_create_thread_limit(true)) {
// user has already reached his limit, don't allow to create new thread
$action = '';
break;
}
if (!isset($edited_Message)) {
// We don't have a model to use, start with blank object:
$edited_Thread = new Thread();
$edited_Message = new Message();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Thread = duplicate($edited_Message->Thread);
// PHP4/5 abstraction
$edited_Message = duplicate($edited_Message);
// PHP4/5 abstraction
$edited_Message->ID = 0;
}
$edited_Message->Thread =& $edited_Thread;
init_tokeninput_js();
break;
case 'create':
// Record new thread
if (check_create_thread_limit()) {
// max new threads limit reached, don't allow to create new thread
debug_die('Invalid request, new conversation limit already reached!');
}
// the create_new_thread() funciton will create required Thread and Message objects
if (create_new_thread()) {
// new thread has been created successful
/**
* Mass create.
*
* Create multiple posts from one post.
*
* @param object Instance of Item class (by reference).
* @param boolean true if create paragraphs at each line break
* @return array The posts, by reference.
*/
function &create_multiple_posts(&$Item, $linebreak = false)
{
$Items = array();
// Parse text into titles and contents:
$current_title = '';
$current_data = '';
// Append a newline to the end of the original contents to make sure
// that the last item gets created - this saves a second loop.
foreach (explode("\n", $Item->content . "\n") as $line) {
$line = trim(strip_tags($line));
if ($current_title === '' && $line !== '') {
// We got a new title:
$current_title = $line;
} elseif ($current_title !== '') {
if ($line !== '') {
// We got a new paragraph for this post:
if ($linebreak) {
$current_data .= '<p>' . $line . '</p>';
} else {
$current_data .= $line . ' ';
}
} else {
// End of this post:
$new_Item = duplicate($Item);
$new_Item->set_param('title', 'string', $current_title);
if (!$linebreak) {
$current_data = trim($current_data);
}
$new_Item->set_param('content', 'string', $current_data);
$Items[] = $new_Item;
$current_title = '';
$current_data = '';
}
}
}
return $Items;
}
param('results_ctry_page', 'integer', '', true);
param('results_ctry_order', 'string', '', true);
// Redirect so that a reload doesn't write to the DB twice:
header_redirect(regenerate_url('', '', '', '&'), 303);
// Will EXIT
// We have EXITed already at this point!!
break;
case 'new':
// Check permission:
$current_User->check_perm('options', 'edit', true);
if (!isset($edited_Country)) {
// We don't have a model to use, start with blank object:
$edited_Country = new Country();
} else {
// Duplicate object in order no to mess with the cache:
$edited_Country = duplicate($edited_Country);
// PHP4/5 abstraction
$edited_Country->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an ctry_ID:
param('ctry_ID', 'integer', true);
break;
case 'create':
// Record new country
// Record new country
case 'create_new':
// Record country and create new
unset($edited_ItemStatus);
forget_param('pst_ID');
$Messages->add(sprintf(T_('Requested «%s» object does not exist any longer.'), T_('Post status')), 'error');
$action = 'nil';
}
}
switch ($action) {
case 'new':
// Check permission:
$current_User->check_perm('options', 'edit', true);
if (!isset($edited_ItemStatus)) {
// We don't have a model to use, start with blank object:
$edited_ItemStatus = new ItemStatus();
} else {
// Duplicate object in order no to mess with the cache:
$edited_ItemStatus = duplicate($edited_ItemStatus);
// PHP4/5 abstraction
// Reset ID of new post status:
$edited_ItemStatus->ID = 0;
}
break;
case 'edit':
// Check permission:
$current_User->check_perm('options', 'edit', true);
// Make sure we got an pst_ID:
param('pst_ID', 'integer', true);
break;
case 'create':
// Record new ItemStatus
// Record new ItemStatus
case 'create_new':
