/** * * @param type $param1 nombre * @param type $param2 clave * * contructor que inicializa todas las variables, en un estado consistente * para evitar futuros errores de asignacion */ function __construct($param1, $param2, $empresa) { /*se crea una instancia de la clase ExReg que valida las cadenas a * traves de expresiones regualres */ $this->ExReg = new ExReg(); if ($this->ExReg->funtionExpNomUs($param1) && $this->ExReg->funtionExpNomUs($param2) && $this->ExReg->funtionExpNomUs($empresa)) { /* filtra los datos enviados por el susuario*/ $this->nombre = htmlentities($param1, ENT_QUOTES); $this->pass = htmlentities($param2, ENT_QUOTES); $this->empresa = htmlentities($empresa, ENT_QUOTES); /*llama al constructor de la clase Heredada Database*/ parent::__construct($this->nombre, $this->pass); /*filtra los datos de injeccion sql*/ $this->nombre = parent::real_escape_string($this->nombre); $this->pass = parent::real_escape_string($this->pass); $this->empresa = parent::real_escape_string($this->empresa); $this->empresa = $this->loginEmpresa($this->empresa); $this->next_result(); /*declara las variables como array*/ $this->query = array(); $this->row = array(); } else { echo "<script>alert('Usuario o Contrase\\u00f1a Incorrecta')</script>"; unset($_SESSION['id_control']); raiz(); exit; } }
$optionForm->addLabel('until', 'Revisions until'); $optionForm->addHTML('</td><td>'); $optionForm->addInput('until', $par['until'], '(Format: YYYY-MM-DD)'); $optionForm->addHTML('</td></tr>'); $optionForm->addHTML('<tr><td colspan="2">'); $optionForm->addButton('submit', 'Get revisions'); $optionForm->addHTML('</td></tr>'); $optionForm->addHTML('</table>'); $optionForm->output(); $page->closeBlock(); if ($rq->allRequiredDefined() == true) { $page->openBlock('div', 'iw-content'); $page->addInline('h2', 'Results'); $db->replicaConnect(Database::getName($par['lang'], $par['project'])); $par['page'] = str_replace(' ', '_', $par['page']); $par['page'] = $db->real_escape_string($par['page']); $t1 = 'SELECT revision_userindex.rev_timestamp, revision_userindex.rev_user_text, revision_userindex.rev_comment, revision_userindex.rev_id FROM revision_userindex, page WHERE page.page_title = \'' . $par['page'] . '\' '; $t1 .= 'AND page.page_namespace = 0 AND revision_userindex.rev_page = page.page_id '; $t1 .= 'ORDER BY revision_userindex.rev_timestamp DESC;'; $q1 = $db->query($t1); if ($q1->num_rows === 0) { $page->addInline('p', 'there were no results for this query', 'iw-info'); } else { $page->addInline('p', 'found ' . $q1->num_rows . ' revisions for article ' . Hgz::buildWikilink($par['lang'], $par['project'], $par['page'], str_replace('_', ' ', $par['page'])) . '(<a href="https://' . $par['lang'] . '.' . $par['project'] . '.org/w/index.php?title=' . $par['page'] . '&action=history">History</a>).'); $page->openBlock('div', 'iw-code'); while ($l1 = $q1->fetch_assoc()) { $datetime = DateTime::createFromFormat('YmdHis', $l1['rev_timestamp']); $dateform = $datetime->format('Y-m-d H:i'); $dateraw = $datetime->format('Ymd'); if (isset($par['since']) && $par['since'] != '0000-00-00') { $timestamp = str_replace('-', '', $par['since']);
// Copyright 2014 Peter Beverloo. All rights reserved. // Use of this source code is governed by the MIT license, a copy of which can // be found in the LICENSE file. require_once __DIR__ . '/../services/framework/Database.php'; if (!isset($_GET['flag']) || !isset($_GET['project']) || !isset($_GET['revision']) || !isset($_GET['selected']) || !is_numeric($_GET['flag']) || !is_numeric($_GET['project']) || strlen($_GET['revision']) != 40) { die('Invalid request.'); } if ($_GET['flag'] != Configuration::$controlKey) { exit; } $flag = intval($_GET['flag'], 10); $project = intval($_GET['project'], 10); $selected = $_GET['selected'] == 'true'; $database = new Database(); $revision = $database->real_escape_string($_GET['revision']); $insertionStatement = $database->prepare(' INSERT INTO tracking_flagged (revision_project_id, revision_sha, revision_date) VALUES (?, ?, (SELECT revision_date FROM tracking_revisions WHERE project_id = ? AND revision_sha = ?))'); $removalStatement = $database->prepare(' DELETE FROM tracking_flagged WHERE revision_project_id = ? AND revision_sha = ? LIMIT 1'); if ($selected) {