/**
* Prepare comment data for storage in the database
*
* Nothing peculiar to HTML display is done at this stage. Essentially the
* comment is stored raw, for later manipulation for the display purposes.
*
* @param array $vars The comment data
* @param int $id The post id receiving this comment
* @param int $replyto If supplied, the id of the comment being replied to
*/
function prepFieldsForDB($vars, $id, $replyto = 0)
{
$rval['postername'] = StringHandling::removeMagicQuotes($vars["name"]);
if (empty($rval['postername'])) {
$rval['postername'] = "Anonymous";
}
$rval['posteremail'] = StringHandling::removeMagicQuotes($vars["email"]);
$rval['title'] = StringHandling::removeMagicQuotes($vars["title"]);
$rval['posterwebsite'] = StringHandling::removeMagicQuotes($vars["website"]);
$rval['commenttext'] = StringHandling::clean($vars["comment"]);
$rval['pubemail'] = $vars["public_email"] == 1 ? 1 : 0;
$rval['pubwebsite'] = $vars["public_website"] == 1 ? 1 : 0;
$rval['posternotify'] = $vars["notify"] == 1 ? 1 : 0;
$rval['posttime'] = time();
$rval['ip'] = $_SERVER['REMOTE_ADDR'];
$rval['onhold'] = $this->needsModeration($rval['commenttext']) ? 1 : 0;
$rval['postid'] = $id;
if ($replyto > 0) {
$rval['parentid'] = $replyto;
}
$rval['type'] = 'comment';
return $rval;
}
/**
* Authenticate the user
*
* @param string $user Username
* @param string $pass Password
* @param bool $setcookie If true, set a cookie
*/
function userauth($user, $pass, $setcookie = FALSE)
{
$query = "SELECT `id` FROM `" . T_AUTHORS . "` WHERE `nickname`='" . StringHandling::removeMagicQuotes(&$user) . "' AND `password`='" . StringHandling::removeMagicQuotes(&$pass) . "'";
$rs = $this->_adb->GetRow($query);
if ($rs) {
$_SESSION['user_id'] = $rs[0];
return true;
} else {
return false;
}
}
function admin_plugin_sections_run(&$bBlog)
{
// Again, the plugin API needs work.
if (isset($_GET['sectdo'])) {
$sectdo = $_GET['sectdo'];
} elseif (isset($_POST['sectdo'])) {
$sectdo = $_POST['sectdo'];
} else {
$sectdo = '';
}
switch ($sectdo) {
case 'new':
// sections are being editied
$nicename = StringHandling::removeMagicQuotes($_POST['nicename']);
$urlname = StringHandling::removeMagicQuotes($_POST['urlname']);
$bBlog->_adb->Execute("insert into " . T_SECTIONS . " set nicename=" . $bBlog->_adb->quote($nicename) . ", name=" . $bBlog->_adb->quote($urlname));
$insid = $bBlog->_adb->insert_id();
break;
case "Delete":
// delete section
// have to remove all references to the section in the posts
$sname = StringHandling::removeMagicQuotes($_POST['sname']);
$sect_id = $bBlog->section_ids_by_name[$sname];
if ($sect_id > 0) {
$ph = $bBlog->_ph;
$posts_in_section_q = $ph->make_post_query(array("sectionid" => $sect_id));
$posts_in_section = $ph->get_posts($posts_in_section_q, TRUE);
if ($posts_in_section) {
foreach ($posts_in_section as $post) {
unset($tmpr);
$tmpr = array();
$tmpsections = explode(":", $post->sections);
foreach ($tmpsections as $tmpsection) {
if ($tmpsection != $sect_id) {
$tmpr[] = $tmpsection;
}
}
$newsects = implode(":", $tmpr);
// update the posts to remove the section
$bBlog->_adb->Execute("update " . T_POSTS . " set sections='{$newsects}' where postid={$post->postid}");
}
// end foreach ($post_in_section as $post)
}
// end if($posts_in_section)
// delete the section
$bBlog->_adb->Execute("delete from " . T_SECTIONS . " where sectionid={$sect_id}");
}
// else show error
// else show error
case "Save":
$sect_id = $bBlog->sect_by_name[$_POST['sname']];
if ($sect_id < 1) {
break;
}
$sql = "update " . T_SECTIONS . " set nicename='" . my_addslashes($_POST['nicename']) . "' where sectionid='{$sect_id}'";
$bBlog->_adb->Execute($sql);
break;
default:
// show form
break;
}
$bBlog->get_sections();
$bBlog->assign('esections', $bBlog->sections);
}
