示例#1
0
require_once dirname(__FILE__) . '/template-functions.php';
admin_securityChecks(TAGS_RIGHTS, currentRelativeURL(__FILE__));
$gallery = new Gallery();
$_GET['page'] = 'tags';
if (isset($_REQUEST['tagsort'])) {
    $tagsort = sanitize($_REQUEST['tagsort'], 0);
    setOption('tagsort', $tagsort && true);
} else {
    $tagsort = getOption('tagsort');
}
if (count($_POST) > 0) {
    if (isset($_GET['newtags'])) {
        XSRFdefender('new_tags');
        foreach ($_POST as $value) {
            if (!empty($value)) {
                $value = zp_html_decode(sanitize($value, 3));
                $result = query_single_row('SELECT `id` FROM ' . prefix('tags') . ' WHERE `name`="' . db_quote($value) . '"');
                if (!is_array($result)) {
                    // it really is a new tag
                    query('INSERT INTO ' . prefix('tags') . ' (`name`) VALUES (' . db_quote($value) . ')');
                }
            }
        }
    }
    // newtags
    if (isset($_GET['delete'])) {
        XSRFdefender('tag_delete');
        $kill = array();
        foreach ($_POST as $key => $value) {
            $key = str_replace('tags_', '', postIndexDecode($key));
            $kill[] = $_zp_UTF8->strtolower($key);
function html_encode($this_string)
{
    $this_string = zp_html_decode($this_string, ENT_QUOTES);
    return htmlspecialchars($this_string, ENT_QUOTES, 'UTF-8');
}