// { // $gametype_id = $db->insert('INSERT INTO gametype SET name="' . $_POST['gametype'] . '", guid="' . makeGuid($_POST['gametype']) . '"'); // $data['gametype_id'] = $gametype_id; // } $game_id = $data['game_id'] = $_POST['game']; $gametype_id = $data['gametype_id'] = $_POST['gametype']; // RETRIEVE HAUTHOR ID $rs = $db->select('SELECT id FROM author WHERE name="' . $_POST['author'] . '"'); if ($rs['total'] != 0) { $author_id = $rs['result'][0]['id']; } else { $author_id = $db->insert('INSERT INTO author SET name="' . $_POST['author'] . '", guid="' . makeGUID($_POST['author']) . '"'); $data['author_id'] = $author_id; } // DESCRIPTION if (isOk($_POST['description'])) { $description = ereg_replace("[\n\r]", "\t", $description); $description = ereg_replace("\t\t+", "\n", $description); $description = '<p>' . str_replace('<br /><br />', '</p><p>', nl2br(trim($_POST['description']))) . '</p>'; } else { $description = ''; } // INSERT $id = $db->insert(' INSERT INTO map SET date = "' . time() . '", date_created = "' . time() . '", title = "' . $_POST['title'] . '", guid = "' . makeGUID($_POST['title']) . '", description = "' . $description . '", game_id = "' . $game_id . '",
<?php require_once '../../inc/conf.php'; header("Cache-Control: no-cache"); $set = ''; foreach ($_POST['data'] as $key => $value) { $set .= $key . '="' . $value . '",'; } $set = substr($set, 0, -1); if (isOk($_POST['guid'])) { $set .= ',guid="' . makeGUID($_POST['data'][$_POST['guid']]) . '"'; } $db->update('UPDATE ' . $_POST['type'] . ' SET ' . $set . ' WHERE id=' . $_POST['id']);
$link .= isset($_GET['game']) && is_string($_GET['game']) ? $_GET['game'] . '/' : ''; $link .= isset($_GET['gametype']) && is_string($_GET['gametype']) ? $_GET['gametype'] . '/' : ''; $link .= isset($_GET['q']) && is_string($_GET['q']) ? 'search/' . $_GET['q'] . '/' : ''; $n = 1; if ($rs['total'] == 0) { if (isOk($_GET['q'])) { $inPageTitle = 'Oups ! no map found ...'; $tpl->assignVar(array('page_title' => 'Oups ! no map found ...', 'search_path' => str_replace(array('/', '-'), array(' >> ', ' '), preg_replace('#^(\\/*)(.*)(\\/*)$#isU', '$2', $link)))); if (isOk($_GET['game'])) { $tpl->assignSection('noResult_tip1'); } } else { if (isOk($_GET['limitto'])) { $inPageTitle = 'Oups ! no map found ...'; $tpl->assignVar(array('page_title' => 'Oups ! no map found ...', 'search_path' => str_replace(array('/', '-'), array(' >> ', ' '), preg_replace('#^(\\/*)(.*)(\\/*)$#isU', '$2', $link)), 'search_suggestion' => preg_replace('#^(\\/*)(.*)(\\/*)$#isU', '$2', $link))); if (isOk($_GET['game'])) { $tpl->assignSection('noResult_tip2'); } } else { $url = ROOT_PATH; if (isOK($_GET['game']) && $_GET['game'] == 'author' && (isOK($_GET['gametype']) && preg_match('#^[0-9]+-#', $_GET['gametype']) != 0)) { $info = explode('-', $_GET['gametype']); $url .= 'author/' . $info[1] . '-' . $info[0]; header('HTTP/1.1 301 Moved Permanently'); header('Location: ' . $url); exit; } if (isOK($_GET['game']) && preg_match('#^[0-9]+-#', $_GET['game']) != 0) { $url .= substr($_GET['game'], strpos($_GET['game'], '-') + 1); if (isOK($_GET['gametype']) && preg_match('#^[0-9]+-#', $_GET['gametype']) != 0) { $url .= '/' . substr($_GET['gametype'], strpos($_GET['gametype'], '-') + 1);
} //////////////////////////////////////////// // HARD CONF //////////////////////////////////////////// ini_set('session.use_trans_sid', '0'); //enlever le PHPSSID ini_set('url_rewriter.tags', ''); //enlever le PHPSSID //////////////////////////////////////////// // FUNCTIONS //////////////////////////////////////////// include ROOT_DIR . 'inc/function.php'; //////////////////////////////////////////// // EXEC STATS //////////////////////////////////////////// $start_time = microtime_float(); $sql_time = 0; //////////////////////////////////////////// // CLASS //////////////////////////////////////////// include ROOT_DIR . 'inc/class/templateEngine.php'; include ROOT_DIR . 'inc/class/mysqlDatabase.php'; $tpl = new templateEngine(); $db = new mysqlDatabase(); $tpl->cacheTimeCoef = CACHE_TIMECOEF; //////////////////////////////////////////// // MIS //////////////////////////////////////////// session_start(); $page = isOk($_GET['page']) ? $_GET['page'] : 'homepage'; $tpl->assignVar(array('PAGE_TITLE' => PAGE_TITLE, 'PAGE_DESCRIPTION' => PAGE_DESCRIPTION, 'PAGE_KEYWORDS' => PAGE_KEYWORDS, 'ROOT_PATH' => ROOT_PATH, 'VERSION' => VERSION));
<?php function isOk($id) { if (isset($_GET[$id])) { if (is_numeric($_GET[$id])) { return true; } return false; } return false; } if (isOk('id')) { ?> <!DOCTYPE html> <html lang="pl"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <title>Igor Santarek</title> <link rel="Shortcut icon" href="img/icon.png"/> <link rel="stylesheet" href="font-awesome/css/font-awesome.min.css"> <link href='https://fonts.googleapis.com/css?family=Oswald|Lato:400,700&subset=latin,latin-ext' rel='stylesheet' type='text/css'> <link href="css/bootstrap.min.css" rel="stylesheet">
<?php require_once '../inc/conf.php'; header('Content-Type: application/json; charset=utf-8'); header("Cache-Control: no-cache"); $rs = $db->select('SELECT ' . ($_POST['fullLoad'] ? '*' : 'id, ' . $_POST['previewField'] . ', status') . ' FROM ' . $_POST['type'] . (isOk($_POST['parent_id']) ? ' WHERE ' . $_POST['parent_type'] . '_id = ' . $_POST['parent_id'] : '') . ' ORDER BY ' . $_POST['orderBy'] . ' ' . $_POST['sortOrder'] . (isOK($_POST['limit']) ? ' LIMIT 0,' . $_POST['limit'] : '')); echo json_encode($rs['result']);
<?php require_once '../inc/conf.php'; header('Content-Type: application/json; charset=utf-8'); header("Cache-Control: no-cache"); $id = $db->insert('INSERT INTO ' . $_POST['type'] . ' SET ' . $_POST['previewField'] . '="' . $_POST['title'] . '"' . (isOk($_POST['guid']) ? ', guid="' . makeGUID($_POST['title']) . '"' : '') . (isOk($_POST['parentId']) && isOk($_POST['parentTable']) ? ', ' . $_POST['parentTable'] . '_id="' . $_POST['parentId'] . '"' : '')); $rs = $db->select('SELECT * FROM ' . $_POST['type'] . ' WHERE id=' . $id); echo json_encode($rs['result']);
// $db->delete('DELETE FROM gametype WHERE id=' . $_POST['gametype_id']); // } // } if (isOk($_POST['author_id'])) { $rs = $db->select('SELECT id FROM map WHERE author_id = ' . $_POST['author_id']); if ($rs['total'] == 0) { $db->delete('DELETE FROM author WHERE id=' . $_POST['author_id']); } } if (isOk($_POST['file_id'])) { $file = 'media/map/' . $_POST['file_id'] . '.zip'; if (file_exists(ROOT_DIR . $file)) { unlink(ROOT_DIR . $file); } } if (isOk($_POST['screenshot'])) { $screenshotList = explode(',', $_POST['screenshot']); foreach ($screenshotList as $id) { $dir = ROOT_DIR . 'media/image/screenshot/'; $image = $dir . 'original/' . $id . '.jpg'; if (file_exists($image)) { unlink($image); } $image = $dir . 'original/' . $id . '.png'; if (file_exists($image)) { unlink($image); } $image = $dir . 'original/' . $id . '.gif'; if (file_exists($image)) { unlink($image); }
<?php require_once '../inc/conf.php'; header('Content-Type: application/json; charset=utf-8'); header("Cache-Control: no-cache"); $id = $db->update('UPDATE ' . $_POST['type'] . ' SET ' . $_POST['previewField'] . '="' . $_POST['title'] . '"' . (isOk($_POST['guid']) ? ', guid="' . makeGUID($_POST['title']) . '"' : '') . 'WHERE id=' . $_POST['id']); echo json_encode(array('title' => $_POST['title']));
/** * Raises value from `ok` Result or throws an exception on `fail`. * * @param callable $result * @param string $exceptionClass * @return mixed */ function getOrThrow(callable $result, $exceptionClass = \Exception::class) { if (isOk($result)) { return valueOf($result); } throw new $exceptionClass(valueOf($result)); }
} else { print "<p>Deleted non-Active Member: " . $sql; } } else { print "<p>Will NOT be Deleted, memberID: $theirID"; } } //$UVMNetID = $REMOTE_USER; //$fldUVMId = $UVMNetID; $pkCourseID = $HTTP_GET_VARS['id']; $pkMemberId = $HTTP_GET_VARS['mid']; if (isOk()){ //checks to make sure page comes from cems if ($pkMemberId!=""){ //UVMNetID is set in first line of functions, retrieves it from https if (!isAdmin($pkMemberId)){ //check to be sure they own the course $sql = "SELECT fkCourseID"; $sql .= " FROM tblMemberCourse"; $sql .= " WHERE fkMemberId=" . $pkMemberId; $sql .= " AND fkCourseID=" . $pkCourseID; $rst = mysql_query($sql,$srvDB_Connection) or die ("<p>$sql<p>Finding member course Query failed with error message: \"" . mysql_error () . '"'); if (count($rst)!==1){ die("You cannot delete this course."); } } else { // we need to get member id for course? //apparently no