function process() { global $page_action; if ($page_action == "INSERT") { for ($i = 1; $i < 18; $i++) { addInsert($this->table, "quantity" . $i, $this->values[$i][0], "TEXT"); addInsert($this->table, "ingredient" . $i, $this->values[$i][1], "TEXT"); } } if ($page_action == "UPDATE") { for ($i = 1; $i < 18; $i++) { addUpdate($this->table, "quantity" . $i, $this->values[$i][0], $this->cond, "TEXT"); addUpdate($this->table, "ingredient" . $i, $this->values[$i][1], $this->cond, "TEXT"); } } }
/** * Checks, wheter a page is actually in INSERT or UPDATE mode an creates the corresponding * Saveset. */ function process() { global $page_action; $this->posFilter = str_replace("<chcat>", "CHID = " . getvar("chsel"), $this->posFilter); $pos = getDBCell($this->table, $this->column, $this->posFilter . " AND " . $this->column . "=" . $this->value); if ($pos != "") { freeRowPosition($this->table, $this->column, $this->value, $this->posFilter); } if ($page_action == "INSERT") { addInsert($this->table, $this->column, $this->value, $this->datatype); } else { if ($page_action == "UPDATE") { addUpdate($this->table, $this->column, $this->value, $this->row_identifier, $this->datatype); } } }
/** * Store the data */ function process() { // always update if ($this->value == 1) { $chid = 'NULL'; $chcatid = 'NULL'; } else { $tmp = getDBCell("channel_categories", "CHID", "CH_CAT_ID = " . $this->value); if ($tmp != 0 && $tmp != "") { $chid = $tmp; $chcatid = $this->value; } else { $chid = $this->value; $chcatid = 'NULL'; } } addUpdate($this->table, "CHID", $chid, $this->row_identifier, "NUMBER"); addUpdate($this->table, "CH_CAT_ID", $chcatid, $this->row_identifier, "NUMBER"); }
/** * determine the size of the image. write size to the database. * copy file to local folder */ function process() { global $c, $HTTP_POST_FILES, $HTTP_POST_VARS; // check, if upload. $delete = $HTTP_POST_VARS["REMOVE"]; if ($delete) { addUpdate("pgn_media", "FILENAME", "", "FKID = ".$this->fileId, "TEXT"); addUpdate("pgn_media", "WIDTH", -1, "FKID = ".$this->fileId, "NUMBER"); addUpdate("pgn_media", "HEIGHT", -1, "FKID = ".$this->fileId, "NUMBER"); } else { switch ($this->suffix) { case "swf": $image = $HTTP_POST_FILES[$this->name]['tmp_name']; $image_name = $HTTP_POST_FILES[$this->name]['name']; //determine image size $size = getimagesize($image); $width = $size[0]; $height= $size[1]; $oldfilename = getDBCell("pgn_media", "FILENAME", "FKID = ".$this->fileId); $filename = $this->fileId.".".$this->suffix; // updating the database addRawSQL( "UPDATE pgn_media SET FILENAME = '$filename', WIDTH=$width, HEIGHT=$height WHERE FKID = ".$this->fileId ); /* // loading up new item. if ($oldfile !="") unlink($c["uploadpath"].$oldfilename); copy($image, $c["uploadpath"].$filename); */ // loading up new item. if ($oldfile != "") unlink ($c["devfilespath"] . $oldfilename); move_uploaded_file($image, $c["devfilespath"] . $filename); // setting variables for further filtering $this->filename = $filename; $this->width = $width; $this->height = $height; // create a thumbnail //$this->createThumbnail(); //$this->createGrayCopy("t".$this->filename); break; case "pdf": case "rm": case "avi": case "mp3": case "mov": $image = $HTTP_POST_FILES[$this->name]['tmp_name']; $image_name = $HTTP_POST_FILES[$this->name]['name']; $oldfilename = getDBCell("pgn_media", "FILENAME", "FKID = ".$this->fileId); $filename = $this->fileId.".".$this->suffix; // updating the database addUpdate("pgn_media", "FILENAME", $filename, "FKID = ".$this->fileId, "TEXT"); addUpdate("pgn_media", "WIDTH", -1, "FKID = ".$this->fileId, "NUMBER"); addUpdate("pgn_media", "HEIGHT", -1, "FKID = ".$this->fileId, "NUMBER"); /* // loading up new item. if ($oldfile !="") unlink($c["uploadpath"].$oldfilename); copy($image, $c["uploadpath"].$filename); */ // loading up new item. if ($oldfile != "") unlink ($c["devfilespath"] . $oldfilename); move_uploaded_file($image, $c["devfilespath"] . $filename); // setting variables for further filtering $this->filename = $filename; $this->width = $width; $this->height = $height; break; default: } } }
/** * Extract the text content and write it to the text-plugin. */ function process() { global $c; if ($this->suffix == "xml") { $parser = new ImportMSOffice($_FILES[$this->name]['tmp_name']); } else if ($this->suffix == "sxw") { $parser = new ImportOpenOffice($_FILES[$this->name]['tmp_name']); } else if ($this->suffix == "html") { $parser = new ImportHTML($_FILES[$this->name]['tmp_name']); } else if ($this->suffix == "txt") { $parser = new ImportText($_FILES[$this->name]['tmp_name']); } if (is_object($parser)) { $content = $parser->getParsedContent(); addUpdate("pgn_text", "CONTENT", $content, "FKID = ".$this->fileId, "TEXT"); $c["pgn_text_CONTENT".$this->fileId] = $content; } }
/** * Checks, wheter a page is actually in INSERT or UPDATE mode an creates the corresponding * Saveset. */ function process() { global $page_action; if ($page_action == "INSERT") { addInsert($this->table, $this->lng, $this->vlng, "NUMBER"); addInsert($this->table, $this->lat, $this->vlat, "NUMBER"); } else { if ($page_action == "UPDATE") { addUpdate($this->table, $this->lng, $this->vlng, $this->row_identifier, "NUMBER"); addUpdate($this->table, $this->lat, $this->vlat, $this->row_identifier, "NUMBER"); } } }
$SQL7 = addUpdate('aresmem', $DARESMEM, $SQL7); $SQL7 = addUpdate('aresmemchg', $DARESCHG, $SQL7); $SQL7 = addUpdate('localnetname', $DNETNAME, $SQL7); $SQL7 = addUpdate('netfrequency', $DNETFREQ, $SQL7); $SQL7 = addUpdate('ntsliaisons', $DNETLIA, $SQL7); $SQL7 = addUpdate('drillsnum', $DNUMNET, $SQL7); $SQL7 = addUpdate('drillshrs', $DPHNET, $SQL7); $SQL7 = addUpdate('psesnum', $DNUMPSE, $SQL7); $SQL7 = addUpdate('pseshrs', $DPHPSE, $SQL7); $SQL7 = addUpdate('eopsnum', $DNUMEOP, $SQL7); $SQL7 = addUpdate('eopshrs', $DPHEOP, $SQL7); $SQL7 = addUpdate('aresopsnum', $DNUMTOT, $SQL7); $SQL7 = addUpdate('aresops', $DPHTOT, $SQL7); $SQL7 = addUpdate('comments', $DCOMMENTS, $SQL7); $SQL7 = addUpdate('reportcall', $DREPORTCALL, $SQL7); $SQL7 = addUpdate('reportname', $DREPORTNAME, $SQL7); $SQL7 = substr($SQL7, 0, strlen($SQL7) - 2); $SQL7 = $SQL7 . ' WHERE period=' . $DPERIOD . ' AND county = ' . $DCOUNTY; // echo '<P><FONT FACE="Courier New" SIZE=3>' . $SQL7 . "</FONT></P>\n"; if (getResult($SQL7, $db)) { echo " <P>Your report has been updated in the database.</P>\n"; } } $SQL2 = "SELECT lastday FROM periods WHERE periodno=" . $PERIOD; $LASTDAY = singleResult($SQL2, $db); $SQL3 = "SELECT countyname FROM arpsc_counties WHERE countycode='" . $COUNTY . "'"; $COUNTYNAME = singleResult($SQL3, $db); echo " </TD>\n</TABLE>\n"; echo "<HR>\n"; echo "<TABLE CLASS=main_area>\n <TD>\n"; echo "<P CLASS=report_area><B>FSD-212 report from " . $REPORTNAME . ", " . $REPORTCALL . " <" . $REPORTEMAIL . ">" . ".</B></P>\n";
<?php // adds the current users to the $_cmd[1] club's members list if ($_auth["useid"] && !$_config["readOnly"]) { // check if this club exists $cluid = intval($_cmd[1]); $result = sql_query("SELECT `cluid`,`cluRequireAccept`,`cluCreator` FROM `clubs`,`cluExtData` WHERE `cluEid` = `cluid` AND `cluid` = '{$cluid}' LIMIT 1"); if ($cluData = mysql_fetch_assoc($result)) { // check if the user is already a member of this club $result = sql_query("SELECT `useCid` FROM `useClubs` WHERE `useCmember` = '" . $_auth["useid"] . "' AND `useCclub` = '{$cluid}' LIMIT 1"); if ($memData = mysql_fetch_assoc($result)) { // a member already? remove them from the club sql_query("DELETE FROM `useClubs` WHERE `useCid` = '" . $memData["useCid"] . "' LIMIT 1"); } else { // not a member? add them to the club's members list (probably pending) $pending = $cluData["cluRequireAccept"]; sql_query("INSERT INTO `useClubs`(`useCclub`,`useCmember`,`useCpending`) " . "VALUES('{$cluid}','" . $_auth["useid"] . "','{$pending}')"); // notify the club's owner about the new member addUpdate(updTypeMessageClubMember, $cluData["cluCreator"], $cluid, $_auth["useid"]); } } } // also add the club to the watch list, if not already watching redirect(url("watchclub/" . intval($_cmd[1]), array("disableUnwatch" => "yes")));
/** * determine the size of the image. write size to the database. * copy file to local folder */ function process() { global $c; $delete = $_POST["REMOVE".$this->fkid]; if ($delete) { addUpdate("pgn_image", "FILENAME", "", "FKID = ".$this->fileId, "TEXT"); addUpdate("pgn_image", "WIDTH", 0, "FKID = ".$this->fileId, "NUMBER"); addUpdate("pgn_image", "HEIGHT", 0, "FKID = ".$this->fileId, "NUMBER"); } else { // check, if upload. if ($this->suffix != "") { $image = $_FILES[$this->name]['tmp_name']; $image_name = $_FILES[$this->name]['name']; //determine image size $size = getimagesize($image); $width = $size[0]; $height = $size[1]; $oldfilename = getDBCell("pgn_image", "FILENAME", "FKID = " . $this->fileId); $filename = $this->fileId . "." . $this->suffix; // updating the database addUpdate("pgn_image", "FILENAME", $filename, "FKID = " . $this->fileId, "TEXT"); addUpdate("pgn_image", "WIDTH", $width, "FKID = " . $this->fileId, "NUMBER"); addUpdate("pgn_image", "HEIGHT", $height, "FKID = " . $this->fileId, "NUMBER"); // loading up new item. if ($oldfile != "") unlink ($c["devfilespath"] . $oldfilename); move_uploaded_file($image, $c["devfilespath"] . $filename); nxCopy($c["devfilespath"] . $filename, $c["devfilespath"], "orig_".$filename); // setting variables for further filtering $this->filename = $filename; $this->width = $width; $this->height = $height; // try creating thumbnails if ($c["useimagemagick"]) { $thumb = new NXImageApi($c["devfilespath"].$filename, $c["devfilespath"]."t".$filename); $thumb->resizeAbsolute(120, 120); $thumb->gravity = "Center"; $thumb->drawText("Preview"); $thumb->save(); $this->applyAutoMod($filename); } else { $thumb = new Img2Thumb($c["devfilespath"].$filename, 120, 120, $c["devfilespath"]."t".$filename); } //determine image size $size = getimagesize($c["devfilespath"] . $filename); $width = $size[0]; $height = $size[1]; $oldfilename = getDBCell("pgn_image", "FILENAME", "FKID = " . $this->fileId); $filename = $this->fileId . "." . $this->suffix; // updating the database addUpdate("pgn_image", "FILENAME", $filename, "FKID = " . $this->fileId, "TEXT"); addUpdate("pgn_image", "WIDTH", $width, "FKID = " . $this->fileId, "NUMBER"); addUpdate("pgn_image", "HEIGHT", $height, "FKID = " . $this->fileId, "NUMBER"); } } }
function operationWatch($useid) { global $_auth; $useid = intval($useid); if ($useid == 0 || $useid == $_auth["useid"]) { return; } $values = array("watUser" => $_auth["useid"], "watCreator" => $useid, "watType" => "use"); $sql = "SELECT COUNT(*) FROM `watches`" . dbWhere($values); $result = sql_query($sql); if (mysql_result($result, 0) == 0) { $values["watSubmitDate!"] = "NOW()"; $sql = "INSERT IGNORE INTO `watches`" . dbValues($values); sql_query($sql); // Notify the artist about the +watch. addUpdate(updTypeMessageWatch, $useid, 0, $_auth["useid"]); } }
/** * Functions reads the POST data and adds a new comment to the database. */ function processCommentReply($objid, $objType) { global $_auth, $_config; $noEmoticons = isset($_POST["commentNoEmoticons"]) ? 1 : 0; $noSig = isset($_POST["commentNoSig"]) ? 1 : 0; $noBBCode = isset($_POST["commentNoBBCode"]) ? 1 : 0; $root_objid = $objid; $root_objType = $objType; $parent_objid = $objid; $parent_objType = $objType; if ($objType == "com") { $comResult = sql_query("SELECT `comRootObj`,`comRootObjType`,`comObj`,`comObjType` " . "FROM `comments`" . dbWhere(array("comid" => $objid))); if ($comData = mysql_fetch_row($comResult)) { $root_objid = $comData[0]; $root_objType = $comData[1]; $parent_objid = $comData[2]; $parent_objType = $comData[3]; } mysql_free_result($comResult); if ($parent_objid != $objid && $parent_objid != $root_objid) { $comResult = sql_query("SELECT `comObj`,`comObjType` " . "FROM `comments`" . dbWhere(array("comid" => $parent_objid))); if ($comData = mysql_fetch_row($comResult)) { $parent_objid = $comData[0]; $parent_objType = $comData[1]; } mysql_free_result($comResult); } } // 16000 characters maximum. $commentText = substr($_POST["comment"], 0, 16000); $userIp = getHexIp($_SERVER["REMOTE_ADDR"]); // Add the comment to the database. sql_query("INSERT INTO `comments`" . dbValues(array("comObj" => $objid, "comObjType" => $objType, "comRootObj" => $root_objid, "comRootObjType" => $root_objType, "comCreator" => $_auth["useid"], "comSubmitDate!" => "NOW()", "comComment" => $commentText, "comSubmitIp" => $userIp, "comEditIp" => $userIp, "comNoEmoticons" => $noEmoticons, "comNoSig" => $noSig, "comNoBBCode" => $noBBCode))); $comid = mysql_insert_id(); // Now let's find out who created the parent object for this comment // (that would be a user id). $parentCreator = 0; switch ($objType) { case "obj": $collab = 0; $result = sql_query("SELECT `objCreator`, `objCollab`, `objCollabConfirmed` " . "FROM `objects`, `objExtData`" . dbWhere(array("objid*" => "objEid", "objid" => $objid))); if ($data = mysql_fetch_assoc($result)) { $parentCreator = $data["objCreator"]; $collab = $data["objCollabConfirmed"] ? $data["objCollab"] : 0; // Also gather Fan-to-Artist statistics... $where = array("fanUser" => $_auth["useid"], "fanArtist" => $parentCreator); sql_where($where); if (sql_count("fans") == 0) { $where["fanNumComments"] = 1; sql_values($where); sql_insert("fans"); } else { sql_where($where); sql_values(array("fanNumComments!" => "`fanNumComments` + 1")); sql_update("fans"); } if ($collab > 0) { $where = array("fanUser" => $_auth["useid"], "fanArtist" => $collab); sql_where($where); if (sql_count("fans") == 0) { $where["fanNumComments"] = 1; sql_values($where); sql_insert("fans"); } else { sql_where($where); sql_values(array("fanNumComments!" => "`fanNumComments` + 1")); sql_update("fans"); } } } // If this submission is in user's updates, mark it as viewed // automatically. markAsRead(updTypeArt, $objid); updateSearchCache($objid); if ($collab > 0 && $collab != $_auth["useid"]) { addUpdate(updTypeComment, $collab, $comid, $_auth["useid"]); } break; case "ext": // extra objects $result = sql_query("SELECT `objCreator` FROM `extras` " . "WHERE `objid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; // If this submission is in user's updates, mark it as viewed // automatically. markAsRead(updTypeArtExtra, $objid); break; case "com": // comments $result = sql_query("SELECT `comCreator` FROM `comments` " . "WHERE `comid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; // If this comment is in user's updates, mark it as read automatically. markAsRead(updTypeComment, $objid); break; case "clu": // clubs $result = sql_query("SELECT `cluCreator` FROM `cluExtData` " . "WHERE `cluEid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; break; case "jou": // journals $result = sql_query("SELECT `jouCreator` FROM `journals` " . "WHERE `jouCreatorType` = 'use' AND `jouid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; if ($parentCreator == 0) { // Not found? Maybe that journal is actually an announcement. $result = sql_query("SELECT `jouAnnCreator` FROM `journals` " . "WHERE `jouCreatorType` = 'clu' AND `jouid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; } // If this journal/announcement is in user's updates, mark it as read // automatically. markAsRead(updTypeJournal, $objid); break; case "pol": // polls $result = sql_query("SELECT `polCreator` FROM `polls` " . "WHERE `polid` = '{$objid}' LIMIT 1"); $parentCreator = mysql_num_rows($result) > 0 ? mysql_result($result, 0) : 0; // If this poll is in user's updates, mark it as read automatically. markAsRead(updTypeJournalPoll, $objid); break; case "new": // news // Those who posted news on the front page should not receive // comments on that news to their updates. $parentCreator = 0; break; case "use": // user pages $parentCreator = $objid; break; } // Notify the parent object's creator about the new comment on their creation. // If the creator is not the current user, of course. if ($parentCreator > 0 && $parentCreator != $_auth["useid"]) { addUpdate(updTypeComment, $parentCreator, $comid, $_auth["useid"]); } // Redirect to the same page to clean up POST variables. $focus = "#comment" . ($objType == "com" ? $objid : $comid); if (isset($_POST["refererURL"])) { if (preg_match('/\\/updates\\//', $_POST["refererURL"])) { $focus = ""; } redirect($_POST["refererURL"] . $focus); } else { redirect(url(".", array("replied" => "yes")) . $focus); } }
echo formatText($objData["objTitle"]); ?> </div> </div> <div class="clear"> </div> </div> <div class="container"> <?php if (isset($_POST["submit"]) && $_POST["comment"]) { // create an abuse entry sql_query("INSERT INTO `abuses`(`abuObj`,`abuIsExtras`,`abuSubmitter`,`abuSubmitDate`,`abuComment`,`abuCreator`) " . "VALUES('{$objid}','" . ($isExtras ? 1 : 0) . "','" . $_auth["useid"] . "',NOW(),'" . addslashes($_POST["comment"]) . "','" . $objData['objCreator'] . "')"); // put the object into pending mode sql_query("UPDATE {$_objects} SET `objPending` = '1' WHERE `objid` = '{$objid}' LIMIT 1"); // send the message to the artist that their work has been reported addUpdate(updTypeMessageAbuse, $useData["useid"], $objid, $isExtras); /* // remove this submission from users updates, if any if( $isExtras ) { $result = sql_query("SELECT DISTINCT `useid` FROM `updates`,`users` WHERE `useid` = `updCreator` AND `updObj` = '$objid' AND `updType` = '".updTypeArtExtra."'"); while($rowData = mysql_fetch_assoc($result)) recountUpdates(updTypeArtExtra, $rowData["useid"]); } else { $result = sql_query("SELECT DISTINCT `useid` FROM `updatesArt`,`users` WHERE `useid` = `updCreator` AND `updObj` = '$objid'"); while($rowData = mysql_fetch_assoc($result)) recountUpdates(updTypeArt, $rowData["useid"]); }
// Confirm/Refuse a collaborative work. $accept = isset($_GET["accept"]) ? $_GET["accept"] != "0" : false; $sql = "SELECT `objid`, `objCreator` FROM `objects`, `objExtData`" . dbWhere(array("objid*" => "objEid", "objid" => intval($_cmd[1]), "objCollab" => $_auth["useid"], "objCollabConfirmed" => 0, "objPending" => 0, "objDeleted" => 0)); $objResult = sql_query($sql); if (!($objData = mysql_fetch_assoc($objResult))) { include INCLUDES . "p_notfound.php"; return; } mysql_free_result($objResult); if ($accept) { $sql = "UPDATE `objExtData`" . dbSet(array("objCollabConfirmed" => 1)) . dbWhere(array("objEid" => $objData["objid"])); sql_query($sql); // Send to watchers. addArtUpdateToWatchers($_auth["useid"], $objData["objid"], 0, $objData["objCreator"]); removeDupeArtUpdates($objData["objid"]); // Move all associated comments from the last 10 days to Updates. $sql = "SELECT `comid`, `comCreator` FROM `comments`" . dbWhere(array("|1" => "`comSubmitDate` > DATE_SUB( CURDATE(), INTERVAL 10 DAY )", "comObj" => $objData["objid"], "comObjType" => "obj")); $comResult = sql_query($sql); while ($comData = mysql_fetch_assoc($comResult)) { if ($comData["comCreator"] == $_auth["useid"]) { continue; } addUpdate(updTypeComment, $_auth["useid"], $comData["comid"], $comData["comCreator"]); } mysql_free_result($comResult); } else { $sql = "UPDATE `objects`" . dbSet(array("objCollab" => 0)) . dbWhere(array("objid" => $objData["objid"])); sql_query($sql); } redirect(url("view/" . $objData["objid"]));
<?php $cluid = intval($_cmd[1]); $useUsername = $_cmd[2]; if (!isset($_GET["accept"])) { redirect(url("club/" . intval($cluid))); } $accept = $_GET["accept"] == 1; $result = sql_query("SELECT * FROM `clubs`,`cluExtData` WHERE `cluid` = '{$cluid}' AND `cluEid` = `cluid` AND `cluCreator` = '" . $_auth["useid"] . "' LIMIT 1"); if (!($cluData = mysql_fetch_assoc($result))) { redirect(url("club/" . intval($cluid))); } $result = sql_query("SELECT `useid`,`useCid` FROM `users`,`useClubs` WHERE `useUsername` = '" . addslashes($useUsername) . "' AND `useCclub` = '{$cluid}' AND `useCmember` = `useid` AND `useCpending` = '1' LIMIT 1"); if (!($useData = mysql_fetch_assoc($result))) { redirect(url("club/" . intval($cluid))); } if ($accept) { // accept the user as a member of the club sql_query("UPDATE `useClubs` SET `useCpending` = '0' WHERE `useCid` = '" . $useData["useCid"] . "' LIMIT 1"); // notify the user that they are accepted addUpdate(updTypeMessageClub, $useData["useid"], $cluid); } else { // remove the user from the club's members list sql_query("DELETE FROM `useClubs` WHERE `useCid` = '" . $useData["useCid"] . "' LIMIT 1"); // notify the user that they are not accepted addUpdate(updTypeMessageClubDeclined, $useData["useid"], $cluid); } redirect(url("club/" . intval($cluid)));
/** * determine the size of the image. write size to the database. * copy file to local folder */ function process() { global $c, $HTTP_POST_FILES, $HTTP_POST_VARS; // check, if upload. $delete = $HTTP_POST_VARS["REMOVE"]; if ($delete) { addUpdate("pgn_file", "FILENAME", "", "FKID = " . $this->fileId, "TEXT"); addUpdate("pgn_file", "FILETYPE", "", "FKID = " . $this->fileId, "TEXT"); } else { if ($this->suffix != "") { $file = $HTTP_POST_FILES[$this->name]['tmp_name']; $file_name = $HTTP_POST_FILES[$this->name]['name']; $oldfilename = getDBCell("pgn_file", "FILENAME", "FKID = " . $this->fileId); $filename = $this->fileId . "." . $this->suffix; // updating the database addUpdate("pgn_file", "FILENAME", $filename, "FKID = " . $this->fileId, "TEXT"); addUpdate("pgn_file", "FILETYPE", $this->suffix, "FKID = " . $this->fileId, "TEXT"); // loading up new item. if ($oldfile != "") unlink ($c["devfilespath"] . $oldfilename); copy($file, $c["devfilespath"] . $filename); // setting variables for further filtering $this->filename = $filename; } } }
// Adds club $_cmd[ 1 ] to the current user's watch list. // watCreator in the `watches` table is the club that we watch. // watUser is the user who is watching the club. if ($_auth["useid"] && !$_config["readOnly"]) { // Check if this club exists. $result = sql_query("SELECT `cluid`,`cluCreator` FROM `clubs`,`cluExtData` " . "WHERE `cluEid` = `cluid` AND `cluid` = '" . intval($_cmd[1]) . "' LIMIT 1"); if ($cluData = mysql_fetch_assoc($result)) { // Check if the club is already +watch'd. $result = sql_query("SELECT `watid` FROM `watches` " . "WHERE `watUser` = '" . $_auth["useid"] . "' " . "AND `watCreator` = '" . $cluData["cluid"] . "' " . "AND `watType` = 'clu' LIMIT 1"); if ($watData = mysql_fetch_assoc($result)) { // +watch'd already? remove them from the watches. if (!isset($_GET["disableUnwatch"])) { sql_query("DELETE FROM `watches` WHERE `watid` = '" . $watData["watid"] . "' LIMIT 1"); } } else { // It's not watch'd? add it to the watches then. sql_query("INSERT INTO `watches`(`watCreator`,`watUser`,`watSubmitDate`,`watType`) " . "VALUES('" . $cluData["cluid"] . "','" . $_auth["useid"] . "',NOW(),'clu')"); // Notify the club's owner about the +watch. addUpdate(updTypeMessageWatchClub, $cluData["cluCreator"], $cluData["cluid"], $_auth["useid"]); } // Recalculate club watcher-count sql_where(array("watType" => "clu", "watCreator" => $cluData["cluid"])); $watcherCount = sql_count("watches"); sql_where(array("cluEid" => $cluData["cluid"])); sql_values(array("cluWatcherCount" => $watcherCount)); sql_update("cluExtData"); } } redirect(url("club/" . intval($_cmd[1]))); // Get back to the club page.
if (isset($_POST["sendReply"])) { $title = $_POST["title"]; if ($title == "") { // Make sure the title is not blank. $title = _PM_UNTITLED; } $comment = substr($_POST["comment"], 0, 40000); // Add the comment to the database. $composeFor = intval($_POST["composeFor"]); if ($composeFor != 0) { $userIp = getHexIp($_SERVER["REMOTE_ADDR"]); sql_query("INSERT INTO `pms`" . dbValues(array("pmsObj" => intval($_POST["parentComment"]), "pmsCreator" => $_auth["useid"], "pmsPmUser" => $composeFor, "pmsSubmitDate!" => "NOW()", "pmsTitle" => $title, "pmsComment" => $comment, "pmsSubmitIp" => $userIp, "pmsEditIp" => $userIp, "pmsNoEmoticons" => isset($_POST["commentNoEmoticons"]) ? 1 : 0, "pmsNoSig" => isset($_POST["commentNoSig"]) ? 1 : 0, "pmsNoBBCode" => isset($_POST["commentNoBBCode"]) ? 1 : 0))); $comid = mysql_insert_id(); // Add the unread message notification to the target user's // updates. addUpdate(updTypePM, $composeFor, $comid, $_auth["useid"]); // Redirect the browser to the newly created message. redirect(url("pm/read/" . $comid)); } } if (isset($_GET["composeFor"])) { $composeFor = preg_replace('/[^a-zA-Z0-9]/', "", $_GET["composeFor"]); $result = sql_query("SELECT `useid` FROM `users` " . "WHERE `useUsername` = '{$composeFor}' LIMIT 1"); if (mysql_num_rows($result) > 0) { $composeFor = mysql_result($result, 0); } else { $composeFor = 0; } $parentComment = isset($_GET["replyTo"]) ? intval($_GET["replyTo"]) : 0; $userLink = getUserLink($composeFor); if ($userLink == "???") {
/** * Sets an item to be staged. * @param integer specifies the id of the item to update. * @param integer specifies the User-ID of the User who staged the item. */ function stage() { $stagetime = time(); addUpdate("journal", "STAGED", $stagetime, "ITEM_ID = $this->id", "NUMBER"); addUpdate("journal", "STAGED_BY", $this->userId, "ITEM_ID = $this->id", "NUMBER"); $this->itemStatus["staged"]["time"] = $stagetime; $this->itemStatus["staged"]["by"] = $this->userId; }
function abuseRestore($objid, $useid, $abuid) { global $_objects, $_objExtData, $isExtras; sql_query("UPDATE {$_objects} SET `objDeleted` = '0', `objPending` = '0', `objPendingUser`='0'" . "WHERE `objid` = '{$objid}' LIMIT 1"); sql_query("UPDATE {$_objExtData} SET `objNoAbuse` = '1' " . "WHERE `objEid` = '{$objid}' LIMIT 1"); // Send the message to the artist that their work has been restored. addUpdate(updTypeMessageRestored, $useid, $objid, $isExtras); // Put this submission back to users updates. if ($isExtras) { $result = sql_query("SELECT DISTINCT `useid` FROM `updates`,`users` " . "WHERE `useid` = `updCreator` AND `updObj` = '{$objid}' " . "AND `updType` = '" . updTypeArtExtra . "'"); while ($rowData = mysql_fetch_assoc($result)) { // recountUpdates( updTypeArtExtra, $rowData[ "useid" ]); sql_query("UPDATE `useExtData` SET `useUpdExt` = `useUpdExt` + 1 " . "WHERE `useEid` = '" . intval($rowData["useid"]) . "' LIMIT 1"); } } else { $result = sql_query("SELECT DISTINCT `useid` FROM `updatesArt`,`users` " . "WHERE `useid` = `updCreator` AND `updObj` = '{$objid}'"); while ($rowData = mysql_fetch_assoc($result)) { // recountUpdates( updTypeArt, $rowData[ "useid" ]); sql_query("UPDATE `useExtData` SET `useUpdObj` = `useUpdObj` + 1 " . "WHERE `useEid` = '" . intval($rowData["useid"]) . "' LIMIT 1"); } } // Update object count. include_once INCLUDES . "submission.php"; updateObjCount($useid); // Set the abuse case to the "resolved" state. sql_query("UPDATE `abuses` SET `abuResolved` = '1', `abuFinal`='+', `abuCloseDate`=NOW() " . "WHERE `abuid` = '{$abuid}' LIMIT 1"); }
/** * Checks, wheter a page is actually in INSERT or UPDATE mode an creates the corresponding * Saveset. */ function process() { global $page_action, $c; $parser = new HTML2NX(); $this->cleanTags(); $value = $parser->parseText($this->value); if ($page_action == "INSERT") addInsert($this->table, $this->column, $value, $this->datatype); if ($page_action == "UPDATE") { if (! isset($c[$this->name])) { addUpdate($this->table, $this->column, $value, $this->row_identifier, $this->datatype); } else { $this->v_wuiobject->value = $c[$this->name]; } } }