$dbStatement->execute(); $rows = $dbStatement->fetchAll(PDO::FETCH_NUM); $linkCount = count($rows); for ($i = 0; $i < $linkCount; $i++) { $row = $rows[$i]; $var1 = "linkID" . $i; $var2 = "targetEpisodeID" . $i; $var3 = "isBackLink" . $i; $var4 = "option" . $i; $var5 = "backlink" . $i; ${$var1} = $row[0]; ${$var2} = $row[1]; ${$var3} = $row[2]; // if we are previewing or saving, read the option description from the form, // otherwise read it from the database ${$var4} = $command == "EditPreview" || $command == "EditSave" ? Util::getStringParam($_POST, $var4) : $row[3]; // if we are previewing or saving, read the backlinked episode from the form, // otherwise read it from the database ${$var5} = $command == "EditPreview" || $command == "EditSave" ? Util::getIntParamDefault($_POST, $var5, 0) : ${$var2}; } } else { $linkCount = $maxLinks; for ($i = 0; $i < $linkCount; $i++) { $var1 = "linkID" . $i; $var2 = "targetEpisodeID" . $i; $var3 = "isBackLink" . $i; $var4 = "option" . $i; $var5 = "backlink" . $i; ${$var1} = 0; ${$var2} = 0; ${$var3} = "N";
$command = ""; } else { $oldPermissionLevel = $row[0]; $oldLoginName = $row[1]; $oldUserName = $row[2]; } } } } if ($command == "editUserSave") { $newLoginName = Util::getStringParam($_POST, "newLoginName"); $newUserName = Util::getStringParam($_POST, "newUserName"); $newPermissionLevel = Util::getIntParam($_POST, "newPermissionLevel"); $setNewPassword = Util::getIntParamDefault($_POST, "setNewPassword", 0); $newPassword1 = Util::getStringParam($_POST, "newPassword1"); $newPassword2 = Util::getStringParam($_POST, "newPassword2"); if (empty($newLoginName)) { $message .= "You must enter the login name.<BR>"; } if (empty($newUserName)) { $message .= "You must enter the user name.<BR>"; } if (strlen($newLoginName) > 255) { $message .= "The login name cannot exceed 255 characters.<BR>"; } if (strlen($newUserName) > 255) { $message .= "The user name cannot exceed 255 characters.<BR>"; } if ($setNewPassword == 1) { if (empty($newPassword1) && empty($newPassword2)) { $message .= "You must enter a password when setting a new password.<BR>";
GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA For information about Extend-A-Story and its authors, please visit the website: http://www.sir-toby.com/extend-a-story/ */ require __DIR__ . "/include/Extend-A-Story.php"; use Extend_A_Story\HardStoryException; use Extend_A_Story\Util; Util::getSessionAndUserIDs($sessionID, $userID); $storyName = Util::getStringValue("StoryName"); $siteName = Util::getStringValue("SiteName"); $storyHome = Util::getStringValue("StoryHome"); $siteHome = Util::getStringValue("SiteHome"); $method = Util::getStringParam($_POST, "method"); $text = Util::getStringParamDefault($_POST, "text", ""); $days = Util::getIntParamDefault($_POST, "days", 0); $text = "%" . $text . "%"; $dbStatement; $queryPart1 = "SELECT EpisodeID, " . "Title, " . "AuthorName " . "FROM Episode " . "WHERE "; $queryPart2 = "AND ( Status = 2 OR Status = 3 ) " . "ORDER BY EpisodeID"; if ($method == "title") { $dbStatement = Util::getDbConnection()->prepare($queryPart1 . "Title LIKE :text " . $queryPart2); $dbStatement->bindParam(":text", $text, PDO::PARAM_STR); } else { if ($method == "text") { $dbStatement = Util::getDbConnection()->prepare($queryPart1 . "Text LIKE :text " . $queryPart2); $dbStatement->bindParam(":text", $text, PDO::PARAM_STR); } else { if ($method == "author") {
} $lockDate = date("n/j/Y g:i:s A"); $dbStatement = Util::getDbConnection()->prepare("UPDATE Episode " . "SET EditorSessionID = :sessionID, " . "LockDate = :lockDate " . "WHERE EpisodeID = :episode"); $dbStatement->bindParam(":sessionID", $sessionID, PDO::PARAM_INT); $dbStatement->bindParam(":lockDate", $lockDate, PDO::PARAM_STR); $dbStatement->bindParam(":episode", $episode, PDO::PARAM_INT); $dbStatement->execute(); if ($dbStatement->rowCount() != 1) { throw new HardStoryException("Unable to update the lock on the episode."); } } $message = ""; $linkDescription = ""; $linkEpisode = 0; if ($command == "AddLinkSave") { $linkDescription = Util::getStringParam($_POST, "description"); $linkEpisode = Util::getIntParamDefault($_POST, "linkedEpisode", 0); if (empty($linkDescription)) { $message .= "You must enter the link description.<BR>"; } if (strlen($linkDescription) > 255) { $message .= "The link description cannot be longer then 255 characters.<BR>"; } if (Util::maximumWordLength($linkDescription) > 30) { $message .= "The link description cannot contain a word with more than 30 characters.<BR>"; } if ($linkEpisode != 0) { if ($linkEpisode == $episode) { $message .= "The link cannot link back to the same episode you are editing.<BR>"; } $dbStatement = Util::getDbConnection()->prepare("SELECT COUNT( * ) " . "FROM Link " . "WHERE SourceEpisodeID = :episode " . "AND TargetEpisodeID = :linkEpisode");