along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA For information about Extend-A-Story and its authors, please visit the website: http://www.sir-toby.com/extend-a-story/ */ require __DIR__ . "/include/Extend-A-Story.php"; use Extend_A_Story\HardStoryException; use Extend_A_Story\Util; Util::getSessionAndUserIDs($sessionID, $userID); $storyName = Util::getStringValue("StoryName"); $siteName = Util::getStringValue("SiteName"); $storyHome = Util::getStringValue("StoryHome"); $siteHome = Util::getStringValue("SiteHome"); $method = Util::getStringParam($_POST, "method"); $text = Util::getStringParamDefault($_POST, "text", ""); $days = Util::getIntParamDefault($_POST, "days", 0); $text = "%" . $text . "%"; $dbStatement; $queryPart1 = "SELECT EpisodeID, " . "Title, " . "AuthorName " . "FROM Episode " . "WHERE "; $queryPart2 = "AND ( Status = 2 OR Status = 3 ) " . "ORDER BY EpisodeID"; if ($method == "title") { $dbStatement = Util::getDbConnection()->prepare($queryPart1 . "Title LIKE :text " . $queryPart2); $dbStatement->bindParam(":text", $text, PDO::PARAM_STR); } else { if ($method == "text") { $dbStatement = Util::getDbConnection()->prepare($queryPart1 . "Text LIKE :text " . $queryPart2); $dbStatement->bindParam(":text", $text, PDO::PARAM_STR); } else { if ($method == "author") { $dbStatement = Util::getDbConnection()->prepare($queryPart1 . "AuthorName LIKE :text " . $queryPart2); $dbStatement->bindParam(":text", $text, PDO::PARAM_STR);
} } else { $linkCount = $maxLinks; for ($i = 0; $i < $linkCount; $i++) { $var1 = "linkID" . $i; $var2 = "targetEpisodeID" . $i; $var3 = "isBackLink" . $i; $var4 = "option" . $i; $var5 = "backlink" . $i; ${$var1} = 0; ${$var2} = 0; ${$var3} = "N"; ${$var4} = ""; ${$var5} = 0; ${$var4} = Util::getStringParamDefault($_POST, $var4, ""); ${$var5} = Util::getIntParamDefault($_POST, $var5, 0); } } for ($i = 0; $i < $linkCount; $i++) { $var1 = "option" . $i; $var2 = "backlink" . $i; $var3 = "isBackLink" . $i; if (!empty(${$var1})) { $linkFound = true; } if ($editing && empty(${$var1})) { $warning .= "You must provide a description for option " . ($i + 1) . ".<BR>"; } if (strlen(${$var1}) > 255) { $warning .= "The description for option " . ($i + 1) . " cannot be longer then 255 characters.<BR>"; }
$orphans = $dbStatement->fetchAll(PDO::FETCH_NUM); } if ($command == "listDeadEnds") { $dbStatement = Util::getDbConnection()->prepare("SELECT Episode.EpisodeID " . "FROM Link " . "RIGHT OUTER JOIN Episode " . "ON Link.SourceEpisodeID = Episode.EpisodeID " . "WHERE Link.LinkID IS NULL " . "AND ( Episode.Status = 2 OR Episode.Status = 3 ) " . "ORDER BY Episode.EpisodeID"); $dbStatement->execute(); $deadEnds = $dbStatement->fetchAll(PDO::FETCH_NUM); } if ($command == "listRecentEdits") { $dbStatement = Util::getDbConnection()->prepare("SELECT MAX( EpisodeEditLogID ) FROM EpisodeEditLog"); $dbStatement->execute(); $row = $dbStatement->fetch(PDO::FETCH_NUM); if (!$row) { throw new HardStoryException("Unable to fetch the max EpisodeEditLogID record from database."); } $maxEpisodeEditLogID = (int) $row[0]; $start = Util::getIntParamDefault($_GET, "start", 0); if ($start < 1 || $start > $maxEpisodeEditLogID) { $start = $maxEpisodeEditLogID; } $dbStatement = Util::getDbConnection()->prepare("SELECT EpisodeEditLogID, " . "EpisodeID, " . "EditDate, " . "EditLogEntry " . "FROM EpisodeEditLog " . "WHERE EpisodeEditLogID <= :start " . "ORDER BY EpisodeEditLogID DESC " . "LIMIT 20"); $dbStatement->bindParam(":start", $start, PDO::PARAM_INT); $dbStatement->execute(); $edits = $dbStatement->fetchAll(PDO::FETCH_NUM); } $dbStatement = Util::getDbConnection()->prepare("SELECT UserID, " . "LoginName " . "FROM User " . "ORDER BY LoginName"); $dbStatement->execute(); $users = $dbStatement->fetchAll(PDO::FETCH_NUM); if ($command == "listOrphans") { ?> <HTML><HEAD>
GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA For information about Extend-A-Story and its authors, please visit the website: http://www.sir-toby.com/extend-a-story/ */ require __DIR__ . "/include/Extend-A-Story.php"; use Extend_A_Story\HardStoryException; use Extend_A_Story\Util; Util::getSessionAndUserIDs($sessionID, $userID); $storyName = Util::getStringValue("StoryName"); $siteName = Util::getStringValue("SiteName"); $storyHome = Util::getStringValue("StoryHome"); $siteHome = Util::getStringValue("SiteHome"); $episode = Util::getIntParamDefault($_GET, "episode", 1); ?> <HTML><HEAD> <TITLE><?php echo $storyName; ?> : Story Tree</TITLE> </HEAD><BODY> <CENTER> <H1><?php echo $storyName; ?> : Story Tree</H1> <H2>
$lockDate = date("n/j/Y g:i:s A"); $dbStatement = Util::getDbConnection()->prepare("UPDATE Episode " . "SET EditorSessionID = :sessionID, " . "LockDate = :lockDate " . "WHERE EpisodeID = :episode"); $dbStatement->bindParam(":sessionID", $sessionID, PDO::PARAM_INT); $dbStatement->bindParam(":lockDate", $lockDate, PDO::PARAM_STR); $dbStatement->bindParam(":episode", $episode, PDO::PARAM_INT); $dbStatement->execute(); if ($dbStatement->rowCount() != 1) { throw new HardStoryException("Unable to update the lock on the episode."); } } $message = ""; $linkDescription = ""; $linkEpisode = 0; if ($command == "AddLinkSave") { $linkDescription = Util::getStringParam($_POST, "description"); $linkEpisode = Util::getIntParamDefault($_POST, "linkedEpisode", 0); if (empty($linkDescription)) { $message .= "You must enter the link description.<BR>"; } if (strlen($linkDescription) > 255) { $message .= "The link description cannot be longer then 255 characters.<BR>"; } if (Util::maximumWordLength($linkDescription) > 30) { $message .= "The link description cannot contain a word with more than 30 characters.<BR>"; } if ($linkEpisode != 0) { if ($linkEpisode == $episode) { $message .= "The link cannot link back to the same episode you are editing.<BR>"; } $dbStatement = Util::getDbConnection()->prepare("SELECT COUNT( * ) " . "FROM Link " . "WHERE SourceEpisodeID = :episode " . "AND TargetEpisodeID = :linkEpisode"); $dbStatement->bindParam(":episode", $episode, PDO::PARAM_INT);
public static function getSessionAndUserIDs(&$sessionID, &$userID) { // log out all users after one hour of inactivity $dbStatement = Util::getDbConnection()->prepare("UPDATE Session " . "SET UserID = 0 " . "WHERE AccessDate < SUBDATE( NOW(), INTERVAL 1 HOUR )"); $dbStatement->execute(); $originalSessionID = Util::getIntParamDefault($_COOKIE, "sessionID", 0); $originalSessionKey = Util::getIntParamDefault($_COOKIE, "sessionKey", 0); $actualSessionID = 0; $actualUserID = 0; $actualSessionKey = 0; $dbStatement = Util::getDbConnection()->prepare("SELECT UserID, " . "SessionKey " . "FROM Session " . "WHERE SessionID = :originalSessionID"); $dbStatement->bindParam(":originalSessionID", $originalSessionID, PDO::PARAM_INT); $dbStatement->execute(); $row = $dbStatement->fetch(PDO::FETCH_NUM); if ($row) { if ($row[1] == $originalSessionKey) { $actualSessionID = $originalSessionID; $actualUserID = $row[0]; $actualSessionKey = $originalSessionKey; $dbStatement = Util::getDbConnection()->prepare("UPDATE Session " . "SET AccessDate = NOW() " . "WHERE SessionID = :originalSessionID"); $dbStatement->bindParam(":originalSessionID", $originalSessionID, PDO::PARAM_INT); $dbStatement->execute(); if ($dbStatement->rowCount() != 1) { throw new HardStoryException("Unable to update your session."); } } } if ($actualSessionID == 0) { // generate random session key $newSessionKey = mt_rand(); // insert the session into the database $dbStatement = Util::getDbConnection()->prepare("INSERT " . "INTO Session " . "( " . "UserID, " . "SessionKey, " . "AccessDate " . ") " . "VALUES " . "( " . "0, " . ":newSessionKey, " . "NOW() " . ")"); $dbStatement->bindParam(":newSessionKey", $newSessionKey, PDO::PARAM_INT); $dbStatement->execute(); $actualSessionID = Util::getLastInsertId(); $actualSessionKey = $newSessionKey; } setcookie("sessionID", $actualSessionID, time() + 60 * 60 * 24 * 370); setcookie("sessionKey", $actualSessionKey, time() + 60 * 60 * 24 * 370); // delete all sessions over 370 days old $dbStatement = Util::getDbConnection()->prepare("DELETE " . "FROM Session " . "WHERE AccessDate < SUBDATE( NOW(), INTERVAL 370 DAY )"); $dbStatement->execute(); $sessionID = $actualSessionID; $userID = $actualUserID; }
GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA For information about Extend-A-Story and its authors, please visit the website: http://www.sir-toby.com/extend-a-story/ */ require __DIR__ . "/include/Extend-A-Story.php"; use Extend_A_Story\HardStoryException; use Extend_A_Story\Util; Util::getSessionAndUserIDs($sessionID, $userID); $storyName = Util::getStringValue("StoryName"); $siteName = Util::getStringValue("SiteName"); $storyHome = Util::getStringValue("StoryHome"); $siteHome = Util::getStringValue("SiteHome"); $scheme = Util::getIntParamDefault($_POST, "scheme", null); if (!isset($scheme)) { $dbStatement = Util::getDbConnection()->prepare("SELECT SchemeID FROM Scheme ORDER BY SchemeID"); $dbStatement->execute(); $row = $dbStatement->fetch(PDO::FETCH_NUM); if (!$row) { throw new HardStoryException("Unable to fetch the lowest scheme ID."); } $scheme = $row[0]; } $dbStatement = Util::getDbConnection()->prepare("SELECT SchemeName, " . "bgcolor, " . "text, " . "link, " . "vlink, " . "alink, " . "background, " . "UncreatedLink, " . "CreatedLink, " . "BackLinkedLink " . "FROM Scheme " . "WHERE SchemeID = :scheme"); $dbStatement->bindParam(":scheme", $scheme, PDO::PARAM_INT); $dbStatement->execute(); $row = $dbStatement->fetch(PDO::FETCH_NUM); if (!$row) { throw new HardStoryException("Problem fetching scheme row from the database.");