function store()
{
$myts =& MyTextSanitizer::getInstance();
$title = "";
$imgurl = "";
if (isset($this->topic_title) && $this->topic_title != "") {
$title = $myts->makeTboxData4Save($this->topic_title);
}
if (isset($this->topic_imgurl) && $this->topic_imgurl != "") {
$imgurl = $myts->makeTboxData4Save($this->topic_imgurl);
}
if (!isset($this->topic_pid) || !is_numeric($this->topic_pid)) {
$this->topic_pid = 0;
}
if (empty($this->topic_id)) {
$this->topic_id = $this->db->genId($this->table . "_topic_id_seq");
$sql = sprintf("INSERT INTO %s (topic_id, topic_pid, topic_imgurl, topic_title) VALUES (%u, %u, '%s', '%s')", $this->table, $this->topic_id, $this->topic_pid, $imgurl, $title);
} else {
$sql = sprintf("UPDATE %s SET topic_pid = %u, topic_imgurl = '%s', topic_title = '%s' WHERE topic_id = %u", $this->table, $this->topic_pid, $imgurl, $title, $this->topic_id);
}
if (!($result = $this->db->query($sql))) {
ErrorHandler::show('0022');
}
if ($this->use_permission == true) {
if (empty($this->topic_id)) {
$this->topic_id = $this->db->getInsertId();
}
$xt = new XoopsTree($this->table, "topic_id", "topic_pid");
$parent_topics = $xt->getAllParentId($this->topic_id);
if (!empty($this->m_groups) && is_array($this->m_groups)) {
foreach ($this->m_groups as $m_g) {
$moderate_topics = XoopsPerms::getPermitted($this->mid, "ModInTopic", $m_g);
$add = true;
// only grant this permission when the group has this permission in all parent topics of the created topic
foreach ($parent_topics as $p_topic) {
if (!in_array($p_topic, $moderate_topics)) {
$add = false;
continue;
}
}
if ($add == true) {
$xp = new XoopsPerms();
$xp->setModuleId($this->mid);
$xp->setName("ModInTopic");
$xp->setItemId($this->topic_id);
$xp->store();
$xp->addGroup($m_g);
}
}
}
if (!empty($this->s_groups) && is_array($this->s_groups)) {
foreach ($s_groups as $s_g) {
$submit_topics = XoopsPerms::getPermitted($this->mid, "SubmitInTopic", $s_g);
$add = true;
foreach ($parent_topics as $p_topic) {
if (!in_array($p_topic, $submit_topics)) {
$add = false;
continue;
}
}
if ($add == true) {
$xp = new XoopsPerms();
$xp->setModuleId($this->mid);
$xp->setName("SubmitInTopic");
$xp->setItemId($this->topic_id);
$xp->store();
$xp->addGroup($s_g);
}
}
}
if (!empty($this->r_groups) && is_array($this->r_groups)) {
foreach ($r_groups as $r_g) {
$read_topics = XoopsPerms::getPermitted($this->mid, "ReadInTopic", $r_g);
$add = true;
foreach ($parent_topics as $p_topic) {
if (!in_array($p_topic, $read_topics)) {
$add = false;
continue;
}
}
if ($add == true) {
$xp = new XoopsPerms();
$xp->setModuleId($this->mid);
$xp->setName("ReadInTopic");
$xp->setItemId($this->topic_id);
$xp->store();
$xp->addGroup($r_g);
}
}
}
}
return true;
}
include_once XOOPS_ROOT_PATH . "/class/xoopstree.php";
include_once XOOPS_ROOT_PATH . "/class/module.errorhandler.php";
$mytree = new XoopsTree($xoopsDB->prefix("mylinks_cat"), "cid", "pid");
if (!empty($HTTP_POST_VARS['submit'])) {
$eh = new ErrorHandler();
//ErrorHandler object
if (empty($xoopsUser)) {
redirect_header(XOOPS_URL . "/user.php", 2, _MD_MUSTREGFIRST);
exit;
} else {
$user = $xoopsUser->getVar('uid');
}
$lid = intval($HTTP_POST_VARS["lid"]);
// Check if Title exist
if ($HTTP_POST_VARS["title"] == "") {
$eh->show("1001");
}
// Check if URL exist
if ($HTTP_POST_VARS["url"] == "") {
$eh->show("1016");
}
// Check if Description exist
if ($HTTP_POST_VARS['description'] == "") {
$eh->show("1008");
}
$url = $myts->makeTboxData4Save($HTTP_POST_VARS["url"]);
$logourl = $myts->makeTboxData4Save($HTTP_POST_VARS["logourl"]);
$cid = intval($HTTP_POST_VARS["cid"]);
$title = $myts->makeTboxData4Save($HTTP_POST_VARS["title"]);
$description = $myts->makeTareaData4Save($HTTP_POST_VARS["description"]);
$newid = $xoopsDB->genId($xoopsDB->prefix("mylinks_mod") . "_requestid_seq");
$yesterday = time() - 86400 * $anonwaitdays;
$result = $xoopsDB->query("select count(*) FROM " . $xoopsDB->prefix("mylinks_votedata") . " WHERE lid={$lid} AND ratinguser=0 AND ratinghostname = '{$ip}' AND ratingtimestamp > {$yesterday}");
list($anonvotecount) = $xoopsDB->fetchRow($result);
if ($anonvotecount > 0) {
redirect_header("index.php", 4, _MD_VOTEONCE2);
exit;
}
}
if ($rating > 10) {
$rating = 10;
}
//All is well. Add to Line Item Rate to DB.
$newid = $xoopsDB->genId($xoopsDB->prefix("mylinks_votedata") . "_ratingid_seq");
$datetime = time();
$sql = sprintf("INSERT INTO %s (ratingid, lid, ratinguser, rating, ratinghostname, ratingtimestamp) VALUES (%u, %u, %u, %u, '%s', %u)", $xoopsDB->prefix("mylinks_votedata"), $newid, $lid, $ratinguser, $rating, $ip, $datetime);
$xoopsDB->query($sql) or $eh->show("0013");
//All is well. Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
updaterating($lid);
$ratemessage = _MD_VOTEAPPRE . "<br />" . sprintf(_MD_THANKURATE, $xoopsConfig[sitename]);
redirect_header("index.php", 2, $ratemessage);
exit;
} else {
$xoopsOption['template_main'] = 'mylinks_ratelink.html';
include XOOPS_ROOT_PATH . "/header.php";
$lid = intval($HTTP_GET_VARS['lid']);
$cid = intval($HTTP_GET_VARS['cid']);
$result = $xoopsDB->query("select title from " . $xoopsDB->prefix("mylinks_links") . " where lid={$lid}");
list($title) = $xoopsDB->fetchRow($result);
$xoopsTpl->assign('link', array('id' => $lid, 'cid' => $cid, 'title' => $myts->htmlSpecialChars($title)));
$xoopsTpl->assign('lang_voteonce', _MD_VOTEONCE);
$xoopsTpl->assign('lang_ratingscale', _MD_RATINGSCALE);
<?php
echo "<center><img src='../images/formulaire_slogo.png'><H1>Formulaire</H1></center>";
echo "Script de mise à jour, 3.1x vers 3.2<br />";
echo "Upgrade script, 3.1x to 3.2<br /><br />";
echo "script permettant le passage d'une version 3.1 à la version 3.2. Attention, veuillez éviter de modifier un de vos formulaires pour le faire passer en QCM.\r\nMieux vaut créer un nouveau formulaire et le déclarer QCM, afin d'éviter des pertes d'informations.<br /><br />";
echo "script to upgrade formulaire form a 3.1 version to the 3.2 version. Be careful, don't change one of your form to make it became a QCM.\r\nIf you want a QCM, create a new form as a QCM, to avoid to lose information.<br /><br />";
include "../../../mainfile.php";
include_once XOOPS_ROOT_PATH . "/class/module.errorhandler.php";
global $xoopsDB, $eh, $myts, $xoopsUser, $xoopsModule, $xoopsTpl, $xoopsConfig;
$eh = new ErrorHandler();
$test = mysql_query("SELECT * FROM " . $xoopsDB->prefix("form_form"));
$champs = mysql_num_fields($test);
if ($champs > 10) {
echo "l'upgrade de la table form_form a déjà été réalisé<br />\r\n\t the form_form table has already been upgraded<br /><br />";
} else {
$sql = "ALTER TABLE " . $xoopsDB->prefix("form_form") . " ADD COLUMN rep text, ADD COLUMN nbrep int(5) default NULL, \r\nADD COLUMN nbtot int(5) default NULL, ADD COLUMN pos int(10) default NULL";
$res = $xoopsDB->queryF($sql) or $eh->show("error");
}
$test = mysql_query("SELECT * FROM " . $xoopsDB->prefix("form_id"));
$champs = mysql_num_fields($test);
if ($champs > 21) {
echo "l'upgrade de la table form_id a déjà été réalisé<br />\r\n\t the form_id table has already been upgraded<br /><br />";
} else {
$sql = "ALTER TABLE " . $xoopsDB->prefix("form_id") . " ADD COLUMN qcm varchar(5) default NULL, ADD COLUMN affres varchar(5) default NULL,\r\nADD COLUMN affrep varchar(5) NOT NULL default ''";
$res = $xoopsDB->queryF($sql) or $eh->show("error");
}
echo "<center><a href=" . XOOPS_URL . ">OK</a></center>";
function store(){
global $myts;
$myts =& MyTextSanitizer::getInstance();
$title = "";
$imgurl = "";
$description = "";
$catdescription = "";
$catfooter = "";
if ( isset($this->title) && $this->title != "" ) {
$title = $myts->makeTboxData4Save($this->title);
}
if ( isset($this->imgurl) && $this->imgurl != "" ) {
$imgurl = $myts->makeTboxData4Save($this->imgurl);
}
if ( isset($this->displayimg) && $this->displayimg != "" ) {
$displayimg = $myts->makeTboxData4Save($this->displayimg);
}
if ( isset($this->description) && $this->description != "" ) {
$description = $myts->makeTareaData4Save($this->description);
}
if ( isset($this->catdescription) && $this->catdescription != "" ) {
$catdescription = $myts->makeTareaData4Save($this->catdescription);
}
if ( isset($this->catfooter) && $this->catfooter != "" ) {
$catfooter = $myts->makeTareaData4Save($this->catfooter);
}
if ( !isset($this->pid) || !is_numeric($this->pid) ) {
$this->pid = 0;
}
if ( empty($this->id) ) {
$this->id = $this->db->genId($this->table."_id_seq");
$sql = "INSERT INTO ".$this->table." (id, pid, imgurl, displayimg, title, description, catdescription, groupid, catfooter, orders, editaccess) VALUES (".$this->id.", ".$this->pid.", '".$imgurl."', ".$displayimg.", '".$title."', '".$description."', '".$catdescription."','".$this->groupid."', '".$catfooter."', ".$this->orders.",'".$this->editaccess."')";
} else {
$sql = "UPDATE ".$this->table." SET pid=".$this->pid.", imgurl='".$imgurl."', displayimg=".$displayimg.", title='".$title."', description='".$description."', catdescription='".$catdescription."', groupid='".$this->groupid."', catfooter='".$catfooter."', orders='".$this->orders."', editaccess='".$this->editaccess."' WHERE id=".$this->id." ";
}
//echo "$sql<br>";
if ( !$result = $this->db->query($sql) ) {
ErrorHandler::show('0022');
}
return true;
}
$sql .= $groupsql;
list($catAccessCnt) = DB_fetchArray(DB_query($sql));
if ($catAccessCnt < 1) {
COM_errorLOG("Submit.php => FileMgmt Plugin Access denied. Attempted user upload of a file, Remote address is:{$_SERVER['REMOTE_ADDR']}");
redirect_header($_CONF['site_url'] . "/index.php", 1, _GL_ERRORNOUPLOAD);
exit;
}
if (isset($_POST['submit']) && SEC_checkToken()) {
if (!COM_isAnonUser()) {
$submitter = (int) $_USER['uid'];
} else {
$submitter = 1;
}
// Check if Title entered
if (!isset($_POST['title']) || $_POST["title"] == '') {
$eh->show("1001");
}
// Check if filename entered
if ($_FILES['newfile']['name'] != '') {
$name = $_FILES['newfile']['name'];
$url = rawurlencode($name);
$name = $myts->makeTboxData4Save($name);
$url = $myts->makeTboxData4Save($url);
} else {
$eh->show("1016");
}
// Check if Description entered
if ($_POST['description'] == '') {
$eh->show("1008");
}
$uploadfilename = $myts->makeTboxData4Save($_FILES['newfile']['name']);
function store()
{
$myts =& MyTextSanitizer::getInstance();
$title = "";
$imgurl = "";
$topic_description=$myts->censorString($this->topic_description);
$topic_description= $myts->addSlashes($topic_description);
$topic_rssurl=$myts->addSlashes($this->topic_rssurl);
$topic_color=$myts->addSlashes($this->topic_color);
if ( isset($this->topic_title) && $this->topic_title != "" ) {
$title = $myts->addSlashes($this->topic_title);
}
if ( isset($this->topic_imgurl) && $this->topic_imgurl != "" ) {
$imgurl = $myts->addSlashes($this->topic_imgurl);
}
if ( !isset($this->topic_pid) || !is_numeric($this->topic_pid) ) {
$this->topic_pid = 0;
}
$topic_frontpage=intval($this->topic_frontpage);
$insert=false;
if ( empty($this->topic_id) ) {
$insert=true;
$this->topic_id = $this->db->genId($this->table."_topic_id_seq");
$sql = sprintf("INSERT INTO %s (topic_id, topic_pid, topic_imgurl, topic_title, menu, topic_description, topic_frontpage, topic_rssurl, topic_color) VALUES (%u, %u, '%s', '%s', %u, '%s', %d, '%s', '%s')", $this->table, intval($this->topic_id), intval($this->topic_pid), $imgurl, $title, intval($this->menu), $topic_description, $topic_frontpage, $topic_rssurl, $topic_color);
} else {
$sql = sprintf("UPDATE %s SET topic_pid = %u, topic_imgurl = '%s', topic_title = '%s', menu=%d, topic_description='%s', topic_frontpage=%d, topic_rssurl='%s', topic_color='%s' WHERE topic_id = %u", $this->table, intval($this->topic_pid), $imgurl, $title, intval($this->menu), $topic_description, $topic_frontpage, $topic_rssurl,$topic_color, intval($this->topic_id));
}
if ( !$result = $this->db->query($sql) ) {
// TODO: Replace with something else
ErrorHandler::show('0022');
} else {
if($insert) {
$this->topic_id = $this->db->getInsertId();
}
}
if ( $this->use_permission == true ) {
$xt = new XoopsTree($this->table, "topic_id", "topic_pid");
$parent_topics = $xt->getAllParentId($this->topic_id);
if ( !empty($this->m_groups) && is_array($this->m_groups) ){
foreach ( $this->m_groups as $m_g ) {
$moderate_topics = XoopsPerms::getPermitted($this->mid, "ModInTopic", $m_g);
$add = true;
// only grant this permission when the group has this permission in all parent topics of the created topic
foreach($parent_topics as $p_topic){
if ( !in_array($p_topic, $moderate_topics) ) {
$add = false;
continue;
}
}
if ( $add == true ) {
$xp = new XoopsPerms();
$xp->setModuleId($this->mid);
$xp->setName("ModInTopic");
$xp->setItemId($this->topic_id);
$xp->store();
$xp->addGroup($m_g);
}
}
}
if ( !empty($this->s_groups) && is_array($this->s_groups) ){
foreach ($this->s_groups as $s_g ) {
$submit_topics = XoopsPerms::getPermitted($this->mid, "SubmitInTopic", $s_g);
$add = true;
foreach($parent_topics as $p_topic){
if ( !in_array($p_topic, $submit_topics) ) {
$add = false;
continue;
}
}
if ( $add == true ) {
$xp = new XoopsPerms();
$xp->setModuleId($this->mid);
$xp->setName("SubmitInTopic");
$xp->setItemId($this->topic_id);
$xp->store();
$xp->addGroup($s_g);
}
}
}
if ( !empty($this->r_groups) && is_array($this->r_groups) ){
foreach ( $this->s_groups as $r_g ) {
$read_topics = XoopsPerms::getPermitted($this->mid, "ReadInTopic", $r_g);
$add = true;
foreach($parent_topics as $p_topic){
if ( !in_array($p_topic, $read_topics) ) {
$add = false;
continue;
}
}
if ( $add == true ) {
$xp = new XoopsPerms();
$xp->setModuleId($this->mid);
$xp->setName("ReadInTopic");
$xp->setItemId($this->topic_id);
$xp->store();
$xp->addGroup($r_g);
}
}
}
}
return true;
}
$eh = new ErrorHandler();
//ErrorHandler object
$submitter = !empty($xoopsUser) ? $xoopsUser->getVar('uid') : 0;
// RMV - why store submitter on form??
/*
if (!$_POST['submitter'] and $xoopsUser) {
$submitter = $xoopsUser->uid();
}elseif(!$_POST['submitter'] and !$xoopsUser) {
$submitter = 0;
}else{
$submitter = intval($_POST['submitter']);
}
*/
// Check if Title exist
if (!isset($_POST['title']) || '' == $_POST['title']) {
$eh->show('1001');
}
$title = $myts->addSlashes($_POST['title']);
// Check if URL exist
$url = $_POST['url'];
if (!isset($url) || '' == $url) {
$eh->show('1016');
}
$url = $myts->addSlashes($url);
// Check if Description exist
if ('' == $_POST['message']) {
$eh->show('1008');
}
$notify = !empty($_POST['notify']) ? 1 : 0;
$cid = mylinksUtility::mylinks_cleanVars($_POST, 'cid', 0, 'int', array('min' => 0));
$description = $myts->addSlashes($_POST['message']);
$_GROUPS = SEC_getUserGroups($uid);
$myts = new MyTextSanitizer();
// MyTextSanitizer object
$eh = new ErrorHandler();
//ErrorHandler object
$mytree = new XoopsTree($_DB_name, $_FM_TABLES['filemgmt_cat'], "cid", "pid");
$mytree->setGroupAccessFilter($_GROUPS);
if ($_POST['submit']) {
if (isset($_USER['uid']) and $_USER['uid'] > 1) {
$submitter = $_USER['uid'];
} else {
$submitter = 1;
}
// Check if Title entered
if ($_POST["title"] == '') {
$eh->show("1001");
}
// Check if filename entered
if ($_FILES['newfile']['name'] != '') {
$name = $_FILES['newfile']['name'];
$url = rawurlencode($name);
$name = $myts->makeTboxData4Save($name);
$url = $myts->makeTboxData4Save($url);
} else {
$eh->show("1016");
}
// Check if Description entered
if ($_POST['description'] == '') {
$eh->show("1008");
}
$uploadfilename = $myts->makeTboxData4Save($_FILES['newfile']['name']);
public static function setShowErrors($show)
{
self::$show = $show;
}
