primetime is an open source project powered by Assembla

Assembla offers free public and private SVN/Git repositories and project hosting with bug/issue tracking and collaboration tools.

Commit 824

User picture
  • Author: blitze
  • 2010-12-16 12:53 (over 3 years ago)

phpBB3 coding standards and data sanitization

Files Affected

 
823824
894
                    {
894
                    {
895
                        case 'delete':
895
                        case 'delete':
896
 
896
 
897
                            $npos = request_var('npos', '');
897
                            $npos = request_var('npos', 0);
898
                            $xfer = request_var('xfer_to', 0);
898
                            $xfer = request_var('xfer_to', 0);
899
                            $confirm = (isset($_POST['confirm'])) ? true : false;
899
                            $confirm = (isset($_POST['confirm'])) ? true : false;
900
                            $cancel = (isset($_POST['cancel'])) ? true : false;
900
                            $cancel = (isset($_POST['cancel'])) ? true : false;
823824
20
*/
20
*/
21
global $table_prefix;
21
global $table_prefix;
22
 
22
 
 
 
23
define('BLOCKS_LOADED', true);
 
 
24
 
23
define('BLOCKS_DISPLAY_FRONT', 0);
25
define('BLOCKS_DISPLAY_FRONT', 0);
24
define('BLOCKS_DISPLAY_MODE', 1);
26
define('BLOCKS_DISPLAY_MODE', 1);
25
define('BLOCKS_DISPLAY_FRONT_MODE', 2);
27
define('BLOCKS_DISPLAY_FRONT_MODE', 2);
823824
93
    }
93
    }
94
 
94
 
95
    $sql = 'SELECT name, module, position, weight, style 
95
    $sql = 'SELECT name, module, position, weight, style 
96
        FROM ' . BLOCKS_TABLE . " 
96
        FROM ' . BLOCKS_TABLE . ' 
97
        WHERE bid = $bid";
97
        WHERE bid = ' . (int) $bid;
98
    $result = $db->sql_query($sql);
98
    $result = $db->sql_query($sql);
99
    $row = $db->sql_fetchrow($result);
99
    $row = $db->sql_fetchrow($result);
100
    $db->sql_freeresult($result);
100
    $db->sql_freeresult($result);
101
 
101
 
102
    $sql = 'DELETE 
102
    $sql = 'DELETE 
103
        FROM ' . BLOCKS_TABLE . " 
103
        FROM ' . BLOCKS_TABLE . '
104
        WHERE bid = $bid";
104
        WHERE bid = ' . (int) $bid;
105
    $db->sql_query($sql);
105
    $db->sql_query($sql);
106
 
106
 
107
    $sql = 'UPDATE ' . BLOCKS_TABLE . ' 
107
    $sql = 'UPDATE ' . BLOCKS_TABLE . ' 
108
        SET weight = weight - 1 
108
        SET weight = weight - 1 
109
        WHERE weight > ' . $row['weight'] . ' 
109
        WHERE weight > ' . (int) $row['weight'] . ' 
110
            AND position = ' . $row['position'] . '
110
            AND position = ' . (int) $row['position'] . '
111
            AND style = ' .  $row['style'];
111
            AND style = ' .  (int) $row['style'];
112
    $db->sql_query($sql);
112
    $db->sql_query($sql);
113
    remove_cache_file($mod_list);
113
    remove_cache_file($mod_list);
114
    delete_block_config($bid);
114
    delete_block_config($bid);
823824
39
    {
39
    {
40
        global $db, $db_tools, $config, $phpbb_root_path, $phpEx, $user;
40
        global $db, $db_tools, $config, $phpbb_root_path, $phpEx, $user;
41
 
41
 
42
        include($phpbb_root_path . "modules/blocks/constants.$phpEx");
42
        if (!defined('BLOCKS_LOADED'))
 
 
43
        {
 
 
44
            include($phpbb_root_path . "modules/blocks/constants.$phpEx");
 
 
45
        }
43
 
46
 
44
        $user->add_mod_lang(array('core' => 'install'));
47
        $user->add_mod_lang(array('core' => 'install'));
45
 
48
 
823824
28
    var $date_var = 'date';
28
    var $date_var = 'date';
29
    var $cp_mode_var = 'display';
29
    var $cp_mode_var = 'display';
30
    var $cp_options = array('day', 'week', 'month', 'year');
30
    var $cp_options = array('day', 'week', 'month', 'year');
31
    var $days_ary = array('Sunday', 'Monday', 'Tuesday', 'Wednesday', 'Thursday', 'Friday', 'Saturday');
31
    var $days_ary = array('sunday', 'monday', 'tuesday', 'wednesday', 'thursday', 'friday', 'saturday');
32
 
32
 
33
    function calendar($u_action)
33
    function calendar($u_action)
34
    {
34
    {
...
 
...
 
309
                        $offset++;
309
                        $offset++;
310
                    }    
310
                    }    
311
                }
311
                }
312
    
312
 
313
                $handle = $type = '';
313
                $handle = '';
 
 
314
                $type = 'full';
 
 
315
 
314
                if ($mode == 'mini')
316
                if ($mode == 'mini')
315
                {
317
                {
316
                    $type = '_mini';
318
                    $type = '_mini';
823824
50
    'PREV_DAY'        => 'Previous Day',
50
    'PREV_DAY'        => 'Previous Day',
51
 
51
 
52
    'datetime_mini'    => array(
52
    'datetime_mini'    => array(
53
        'Sunday'        => 'S',
53
        'sunday'        => 'S',
54
        'Monday'        => 'M',
54
        'monday'        => 'M',
55
        'Tuesday'        => 'T',
55
        'tuesday'        => 'T',
56
        'Wednesday'        => 'W',
56
        'wednesday'        => 'W',
57
        'Thursday'        => 'T',
57
        'thursday'        => 'T',
58
        'Friday'        => 'F',
58
        'friday'        => 'F',
59
        'Saturday'        => 'S',
59
        'saturday'        => 'S',
60
    ),
60
    ),
 
 
61
 
 
 
62
    'datetime_full'    => array(
 
 
63
        'sunday'        => 'Sunday',
 
 
64
        'monday'        => 'Monday',
 
 
65
        'tuesday'        => 'Tuesday',
 
 
66
        'wednesday'        => 'Wednesday',
 
 
67
        'thursday'        => 'Thursday',
 
 
68
        'friday'        => 'Friday',
 
 
69
        'saturday'        => 'Saturday',
 
 
70
    ),
61
));
71
));
62
 
72
 
63
?>
73
?>
823824
476
        global $db, $user;
476
        global $db, $user;
477
 
477
 
478
        $sql = 'SELECT *
478
        $sql = 'SELECT *
479
            FROM ' . CATEGORIES_TABLE . "
479
            FROM ' . CATEGORIES_TABLE . '
480
            WHERE cat_id = $cat_id";
480
            WHERE cat_id = ' . (int) $cat_id;
481
        $result = $db->sql_query($sql);
481
        $result = $db->sql_query($sql);
482
        $row = $db->sql_fetchrow($result);
482
        $row = $db->sql_fetchrow($result);
483
        $db->sql_freeresult($result);
483
        $db->sql_freeresult($result);
...
 
...
 
685
 
685
 
686
        // If not move
686
        // If not move
687
        $diff = 2;
687
        $diff = 2;
688
        $sql = 'DELETE FROM ' . CATEGORIES_TABLE . "
688
        $sql = 'DELETE FROM ' . CATEGORIES_TABLE . '
689
            WHERE cat_id = $cat_id";
689
            WHERE cat_id = ' . (int) $cat_id;
690
        $db->sql_query($sql);
690
        $db->sql_query($sql);
691
 
691
 
692
        $row['right_id'] = (int) $row['right_id'];
692
        $row['right_id'] = (int) $row['right_id'];
823824
21
 
21
 
22
global $table_prefix;
22
global $table_prefix;
23
 
23
 
 
 
24
define('CATEGORIES_LOADED', true);
 
 
25
 
24
define('CATEGORIES_TABLE',        $table_prefix . 'categories');
26
define('CATEGORIES_TABLE',        $table_prefix . 'categories');
25
define('CATEGORIES_DATA_TABLE',    $table_prefix . 'categories_data');
27
define('CATEGORIES_DATA_TABLE',    $table_prefix . 'categories_data');
26
define('CATEGORIES_CONFIG_TABLE',    $table_prefix . 'categories_config');
28
define('CATEGORIES_CONFIG_TABLE',    $table_prefix . 'categories_config');
823824
38
    {
38
    {
39
        global $db_tools, $phpbb_root_path, $phpEx;
39
        global $db_tools, $phpbb_root_path, $phpEx;
40
 
40
 
41
        include($phpbb_root_path . "modules/categories/constants.$phpEx");
41
        if (!defined('CATEGORIES_LOADED'))
 
 
42
        {
 
 
43
            include($phpbb_root_path . "modules/categories/constants.$phpEx");
 
 
44
        }
42
 
45
 
43
        $schema_data = array();
46
        $schema_data = array();
44
 
47
 
823824
20
*/
20
*/
21
global $table_prefix;
21
global $table_prefix;
22
 
22
 
 
 
23
define('CBLOCKS_LOADED', true);
23
define('CUSTOM_BLOCKS_TABLE',    $table_prefix . 'custom_blocks');
24
define('CUSTOM_BLOCKS_TABLE',    $table_prefix . 'custom_blocks');
24
 
25
 
25
?>
26
?>
823824
38
    {
38
    {
39
        global $db_tools, $phpbb_root_path, $phpEx;
39
        global $db_tools, $phpbb_root_path, $phpEx;
40
 
40
 
41
        include($phpbb_root_path . "modules/cblocks/constants.$phpEx");
41
        if (!defined('CBLOCKS_LOADED'))
 
 
42
        {
 
 
43
            include($phpbb_root_path . "modules/cblocks/constants.$phpEx");
 
 
44
        }
42
 
45
 
43
        $schema_data = array();
46
        $schema_data = array();
44
 
47
 
823824
1033
 
1033
 
1034
        $sql = 'SELECT module_id 
1034
        $sql = 'SELECT module_id 
1035
            FROM ' . MODULES_TABLE . " 
1035
            FROM ' . MODULES_TABLE . " 
1036
            WHERE module_mode = '$content_mode' 
1036
            WHERE module_mode = '" . $db->sql_escape($content_mode) . "' 
1037
                AND module_basename = 'pages' 
1037
                AND module_basename = 'pages' 
1038
                AND module_class = 'cms'";
1038
                AND module_class = 'cms'";
1039
        $result = $db->sql_query_limit($sql, 1);
1039
        $result = $db->sql_query_limit($sql, 1);
823824
30
    $image_size_options = array();
30
    $image_size_options = array();
31
    foreach ($teaser_size as $size)
31
    foreach ($teaser_size as $size)
32
    {
32
    {
33
        $image_size_options[] = array('value' => $size, 'label' => $user->lang[strtoupper($size)]);
33
        $image_size_options[] = array('value' => $size, 'label' => $user->lang['TEASER_IMAGE_' . strtoupper($size)]);
34
    }
34
    }
35
 
35
 
36
    $fields_ary = get_content_fields();
36
    $fields_ary = get_content_fields();
823824
1100
        }
1100
        }
1101
 
1101
 
1102
        $unix_time = time();
1102
        $unix_time = time();
 
 
1103
        $poster_id = (int) $poster_id;
 
 
1104
 
1103
        $sql = 'SELECT count(*) as user_contents 
1105
        $sql = 'SELECT count(*) as user_contents 
1104
            FROM ' . TOPICS_TABLE . " 
1106
            FROM ' . TOPICS_TABLE . " 
1105
            WHERE topic_poster = $poster_id 
1107
            WHERE topic_poster = $poster_id 
...
 
...
 
1116
        {
1118
        {
1117
            switch ($data['user_gender'])
1119
            switch ($data['user_gender'])
1118
            {
1120
            {
1119
                case '1':
1121
                case GENDER_MALE:
1120
                    $lang = 'MALE';
1122
                    $lang = 'MALE';
1121
                break;
1123
                break;
1122
                case '2':
1124
                case GENDER_FEMALE:
1123
                    $lang = 'FEMALE';
1125
                    $lang = 'FEMALE';
1124
                break;
1126
                break;
1125
                default:
1127
                default:
823824
21
 
21
 
22
global $table_prefix;
22
global $table_prefix;
23
 
23
 
 
 
24
define('CONTENT_LOADED', true);
 
 
25
 
24
define('CONTENT_TYPES_TABLE',    $table_prefix . 'content_types');
26
define('CONTENT_TYPES_TABLE',    $table_prefix . 'content_types');
25
 
27
 
26
define('CONTENT_DISPLAY_BLOG', 0);
28
define('CONTENT_DISPLAY_BLOG', 0);
823824
71
        global $db, $db_tools, $user, $phpbb_root_path, $phpEx;
71
        global $db, $db_tools, $user, $phpbb_root_path, $phpEx;
72
 
72
 
73
        include($phpbb_root_path . 'modules/content/functions_properties.' . $phpEx);
73
        include($phpbb_root_path . 'modules/content/functions_properties.' . $phpEx);
74
        include($phpbb_root_path . 'modules/content/constants.' . $phpEx);
 
 
75
 
74
 
 
 
75
        if (!defined('CONTENT_LOADED'))
 
 
76
        {
 
 
77
            include($phpbb_root_path . 'modules/content/constants.' . $phpEx);
 
 
78
        }
 
 
79
 
76
        $user->add_mod_lang(array('content' => array('common', 'admin')));
80
        $user->add_mod_lang(array('content' => array('common', 'admin')));
77
 
81
 
78
        $forum_data = array(
82
        $forum_data = array(
823824
180
    'CATEGORIES_FIELD_ADDED'    => 'The categories field is <strong>required</strong> if display type is categories. This has been
added automatically.',
180
    'CATEGORIES_FIELD_ADDED'    => 'The categories field is <strong>required</strong> if display type is categories. This has been
added automatically.',
181
 
181
 
182
    // blocks config
182
    // blocks config
183
    'SMALL'                => 'Small',
183
    'TEASER_IMAGE_SMALL'    => 'Small',
184
    'MEDIUM'            => 'Medium',
184
    'TEASER_IMAGE_MEDIUM'    => 'Medium',
185
    'LARGE'                => 'Large',
185
    'TEASER_IMAGE_LARGE'    => 'Large',
186
    'TEASER_IMAGE_SIZE'    => 'Image size',
186
    'TEASER_IMAGE_SIZE'        => 'Image size',
187
    'NUM_POSTS'            => 'Maximum number of posts',
187
    'NUM_POSTS'                => 'Maximum number of posts',
188
    'NUM_RELATED'        => 'Maximum number of related content',
188
    'NUM_RELATED'            => 'Maximum number of related content',
189
    'NUM_COMMENTS'        => 'Maximum number of comments',
189
    'NUM_COMMENTS'            => 'Maximum number of comments',
190
    'MAX_WORDS'            => 'Maximum number of words',
190
    'MAX_WORDS'                => 'Maximum number of words',
191
    'TITLE_CHAR_LIMIT'    => 'Maximum number of title characters',
191
    'TITLE_CHAR_LIMIT'        => 'Maximum number of title characters',
192
    'COMMENT_CHAR_LIMIT'    => 'Maximum number of comment characters',
192
    'COMMENT_CHAR_LIMIT'    => 'Maximum number of comment characters',
193
    'RATINGS_MOD_REQUIRED'    => 'This block requires the ratings mod. Please install it before adding this block',
193
    'RATINGS_MOD_REQUIRED'    => 'This block requires the ratings mod. Please install it before adding this block',
194
    'NUM_RELATED_EXPLAIN'    => 'Requires categories module. Set to zero if you do not want to display related content',
194
    'NUM_RELATED_EXPLAIN'    => 'Requires categories module. Set to zero if you do not want to display related content',
823824
31
 
31
 
32
        $user->add_mod_lang(array('content' => array('content', 'admin')));
32
        $user->add_mod_lang(array('content' => array('content', 'admin')));
33
 
33
 
 
 
34
        $topic_id    = request_var('t', 0);
34
        $post_id    = request_var('p', 0);
35
        $post_id    = request_var('p', 0);
35
        $action        = request_var('action', '');
36
        $action        = request_var('action', '');
36
        $save        = (isset($_POST['save'])) ? true : false;
37
        $save        = (isset($_POST['save'])) ? true : false;
823824
112
        $this->get_modules_list();
112
        $this->get_modules_list();
113
        if ($imod && $action)
113
        if ($imod && $action)
114
        {
114
        {
115
            include_once($phpbb_root_path . 'includes/db/db_tools.' . $phpEx);
115
            if (!class_exists('phpbb_db_tools'))
116
            include_once($phpbb_root_path . 'modules/core/functions_db_tools.' . $phpEx);
116
            {
117
            include_once($phpbb_root_path . 'modules/core/functions_permissions.' . $phpEx);
117
                include($phpbb_root_path . 'includes/db/db_tools.' . $phpEx);
118
            include_once($phpbb_root_path . 'includes/acp/acp_modules.' . $phpEx);
118
            }
119
 
119
 
 
 
120
            if (!class_exists('acp_modules'))
 
 
121
            {
 
 
122
                include($phpbb_root_path . 'includes/acp/acp_modules.' . $phpEx);
 
 
123
            }
 
 
124
 
 
 
125
            if (!class_exists('cms_db_tools'))
 
 
126
            {
 
 
127
                include($phpbb_root_path . 'modules/core/functions_db_tools.' . $phpEx);
 
 
128
            }
 
 
129
 
 
 
130
            if (!function_exists('add_mod_permissions'))
 
 
131
            {
 
 
132
                include($phpbb_root_path . 'modules/core/functions_permissions.' . $phpEx);
 
 
133
            }
 
 
134
 
120
            $_module = &new acp_modules();
135
            $_module = &new acp_modules();
121
            $db_tools = new cms_db_tools($db);
136
            $db_tools = new cms_db_tools($db);
122
 
137
 
823824
21
 
21
 
22
global $table_prefix;
22
global $table_prefix;
23
 
23
 
 
 
24
define('CORE_LOADED', true);
 
 
25
 
24
define('GENDER_MALE', 1);
26
define('GENDER_MALE', 1);
25
define('GENDER_FEMALE', 2);
27
define('GENDER_FEMALE', 2);
26
 
28
 
823824
446
 
446
 
447
        $sql = 'SELECT auth_option_id
447
        $sql = 'SELECT auth_option_id
448
            FROM ' . GROUP_ACL_OPTIONS_TABLE . "
448
            FROM ' . GROUP_ACL_OPTIONS_TABLE . "
449
            WHERE module = '$module'";
449
            WHERE module = '" . $db->sql_escape($module) . "'";
450
        $result = $db->sql_query($sql);
450
        $result = $db->sql_query($sql);
451
 
451
 
452
        $acl_options_ids = array();
452
        $acl_options_ids = array();
823824
43
    'CMS_INSTALL_BEGIN'        => 'Begin Installation',
43
    'CMS_INSTALL_BEGIN'        => 'Begin Installation',
44
    'CMS_UNINSTALL_BEGIN'    => 'Begin Uninstalling',
44
    'CMS_UNINSTALL_BEGIN'    => 'Begin Uninstalling',
45
    'CMS_OVERALL_PROGRESS'    => 'Overall progress',
45
    'CMS_OVERALL_PROGRESS'    => 'Overall progress',
 
 
46
    'CMS_NO_MODULES'        => 'No modules to install',
46
    'CMS_NO_UPDATES'        => 'No updates available/required at this time',
47
    'CMS_NO_UPDATES'        => 'No updates available/required at this time',
47
    'CMS_DB_UPDATE'            => 'This will update your database to the latest version of phpbb primetime. Please be sure to backup your
database and make any required file edits',
48
    'CMS_DB_UPDATE'            => 'This will update your database to the latest version of phpbb primetime. Please be sure to backup your
database and make any required file edits',
48
    'CMS_UPDATED_VERSION'    => 'Phpbb Primetime has been successfully updated to the latest version. You may now delete this file.',
49
    'CMS_UPDATED_VERSION'    => 'Phpbb Primetime has been successfully updated to the latest version. You may now delete this file.',
...
 
...
 
89
    'CMS_NO_AUTH_INSTALLER'            => 'Access to the Phpbb Primetime Installer is not allowed as you do not have administrative
permissions.',
90
    'CMS_NO_AUTH_INSTALLER'            => 'Access to the Phpbb Primetime Installer is not allowed as you do not have administrative
permissions.',
90
    'CMS_PROCEED_TO_INSTALLER'         => '%sProceed to the Phpbb Primetime Installer%s.',
91
    'CMS_PROCEED_TO_INSTALLER'         => '%sProceed to the Phpbb Primetime Installer%s.',
91
    'CMS_PHPBB_NOT_COMPAT'            => 'Oops! Your phpbb version (%1$s) is not compatible with this version of Phpbb Primetime. Please
update your Phpbb board to at least Phpbb %2$s.',
92
    'CMS_PHPBB_NOT_COMPAT'            => 'Oops! Your phpbb version (%1$s) is not compatible with this version of Phpbb Primetime. Please
update your Phpbb board to at least Phpbb %2$s.',
 
 
93
    'CMS_MISSING_MODULE_DIR'        => 'Missing root/modules/ directory',
 
 
94
    'CMS_MISSING_FILE_EDITS'        => 'You must make the required file edits in install.xml before attempting to run this script',
 
 
95
    'CMS_UNSUPPORTED_PHP_VERSION'    => 'You are running an unsupported PHP version. Please upgrade to PHP 4.3.3 or higher before trying to
install phpBB Primetime',
 
 
96
    'CMS_MOD_INSTALL_FAILED'        => 'Could not install %s',
92
 
97
 
93
    'CMS_SAMPLE_TITLE1'        => 'Starting out with phpbb Primetime',
98
    'CMS_SAMPLE_TITLE1'        => 'Starting out with phpbb Primetime',
94
    'CMS_SAMPLE_TITLE2'        => 'Managing blocks in phpbb Primetime',
99
    'CMS_SAMPLE_TITLE2'        => 'Managing blocks in phpbb Primetime',
823824
52
// happen to have a current session it will output nothing. 
52
// happen to have a current session it will output nothing. 
53
if (empty($dbms))
53
if (empty($dbms))
54
{
54
{
55
    die('Hacking attempt');
55
    die();
56
}
56
}
57
 
57
 
58
define('MAGPIE_CACHE_DIR', $phpbb_root_path . 'cache');
58
define('MAGPIE_CACHE_DIR', $phpbb_root_path . 'cache');
...
 
...
 
61
// Include files
61
// Include files
62
require($phpbb_root_path . 'includes/functions.' . $phpEx);
62
require($phpbb_root_path . 'includes/functions.' . $phpEx);
63
require($phpbb_root_path . 'includes/constants.' . $phpEx);
63
require($phpbb_root_path . 'includes/constants.' . $phpEx);
64
require_once(MAGPIE_DIR.'rss_fetch.inc');
64
require(MAGPIE_DIR . 'rss_fetch.inc');
65
 
65
 
66
$rss_feed = request_var('f', '');
66
$rss_feed = request_var('f', '');
67
 
67
 
823824
18
 
18
 
19
/**
19
/**
20
*/
20
*/
 
 
21
define('FORUMS_LOADED', true);
21
 
22
 
22
define('FORUMS_PREVIEW_FIRST_POST', 1);
23
define('FORUMS_PREVIEW_FIRST_POST', 1);
23
define('FORUMS_PREVIEW_LAST_POST', 2);
24
define('FORUMS_PREVIEW_LAST_POST', 2);
823824
61
    trigger_error('NO_FORUM');
61
    trigger_error('NO_FORUM');
62
}
62
}
63
 
63
 
 
 
64
$forum_id = (int) $forum_id;
 
 
65
 
64
// We need to know some basic information in all cases before we do anything.
66
// We need to know some basic information in all cases before we do anything.
65
switch ($pmode)
67
switch ($pmode)
66
{
68
{
823824
599
        global $db, $user;
599
        global $db, $user;
600
 
600
 
601
        $sql = 'SELECT *
601
        $sql = 'SELECT *
602
            FROM ' . MENU_ITEMS_TABLE . "
602
            FROM ' . MENU_ITEMS_TABLE . '
603
            WHERE item_id = $item_id";
603
            WHERE item_id = ' . (int) $item_id;
604
        $result = $db->sql_query($sql);
604
        $result = $db->sql_query($sql);
605
        $row = $db->sql_fetchrow($result);
605
        $row = $db->sql_fetchrow($result);
606
        $db->sql_freeresult($result);
606
        $db->sql_freeresult($result);
...
 
...
 
635
            break;
635
            break;
636
        }
636
        }
637
 
637
 
638
        $rows = array();
 
 
639
 
638
 
640
        $sql = 'SELECT m2.*
639
        $sql = 'SELECT m2.*
641
            FROM ' . MENU_ITEMS_TABLE . ' m1
640
            FROM ' . MENU_ITEMS_TABLE . ' m1
642
            LEFT JOIN ' . MENU_ITEMS_TABLE . " m2 ON ($condition)
641
            LEFT JOIN ' . MENU_ITEMS_TABLE . " m2 ON ($condition)
643
            WHERE m1.item_id = $item_id
642
            WHERE m1.item_id = " . (int) $item_id . '
644
                AND m1.menu_id = $menu_id
643
                AND m1.menu_id = ' . (int) $menu_id . '
645
            ORDER BY m2.left_id " . (($order == 'descending') ? 'ASC' : 'DESC');
644
            ORDER BY m2.left_id ' . (($order == 'descending') ? 'ASC' : 'DESC');
646
        $result = $db->sql_query($sql);
645
        $result = $db->sql_query($sql);
647
 
646
 
 
 
647
        $rows = array();
648
        while ($row = $db->sql_fetchrow($result))
648
        while ($row = $db->sql_fetchrow($result))
649
        {
649
        {
650
            if (!$include_item && $row['item_id'] == $item_id)
650
            if (!$include_item && $row['item_id'] == $item_id)
...
 
...
 
666
    {
666
    {
667
        global $db;
667
        global $db;
668
 
668
 
 
 
669
        $menu_id = (int) $menu_id;
669
        $moved_items = $this->get_menu_items_branch($from_menu_item_id, $menu_id, 'children', 'descending');
670
        $moved_items = $this->get_menu_items_branch($from_menu_item_id, $menu_id, 'children', 'descending');
670
        $from_data = $moved_items[0];
671
        $from_data = $moved_items[0];
671
        $diff = sizeof($moved_items) * 2;
672
        $diff = sizeof($moved_items) * 2;
...
 
...
 
749
    {
750
    {
750
        global $db, $user;
751
        global $db, $user;
751
 
752
 
 
 
753
        $item_id = (int) $item_id;
752
        $row = $this->get_menu_items_row($item_id);
754
        $row = $this->get_menu_items_row($item_id);
753
 
755
 
754
        $menu_id = $row['menu_id'];
756
        $menu_id = (int) $row['menu_id'];
755
        $branch = $this->get_menu_items_branch($item_id, $menu_id, 'children', 'descending', false);
757
        $branch = $this->get_menu_items_branch($item_id, $menu_id, 'children', 'descending', false);
756
 
758
 
757
        if (sizeof($branch))
759
        if (sizeof($branch))
823824
21
 
21
 
22
global $table_prefix;
22
global $table_prefix;
23
 
23
 
 
 
24
define('MENU_LOADED', true);
 
 
25
 
24
define('MENU_TABLE',        $table_prefix . 'menus');
26
define('MENU_TABLE',        $table_prefix . 'menus');
25
define('MENU_ITEMS_TABLE',    $table_prefix . 'menu_items');
27
define('MENU_ITEMS_TABLE',    $table_prefix . 'menu_items');
26
?>
28
?>
823824
38
    {
38
    {
39
        global $db_tools, $phpbb_root_path, $phpEx;
39
        global $db_tools, $phpbb_root_path, $phpEx;
40
 
40
 
41
        include($phpbb_root_path . "modules/menu/constants.$phpEx");
41
        if (!defined('MENU_LOADED'))
 
 
42
        {
 
 
43
            include($phpbb_root_path . "modules/menu/constants.$phpEx");
 
 
44
        }
42
 
45
 
43
        $schema_data = array();
46
        $schema_data = array();
44
 
47
 
823824
819
                        {
819
                        {
820
                            if (!($fp = @fopen($file, 'r')))
820
                            if (!($fp = @fopen($file, 'r')))
821
                            {
821
                            {
822
                                trigger_error("Could not open $file", E_USER_ERROR);
822
                                trigger_error(sprintf($user->lang['CANNOT_OPEN_TEMPLATE'], $file), E_USER_ERROR);
823
                            }
823
                            }
824
                            $template_data = fread($fp, filesize($file));
824
                            $template_data = fread($fp, filesize($file));
825
                            fclose($fp);
825
                            fclose($fp);
...
 
...
 
1658
 
1658
 
1659
        $sql = 'SELECT module_id 
1659
        $sql = 'SELECT module_id 
1660
            FROM ' . MODULES_TABLE . " 
1660
            FROM ' . MODULES_TABLE . " 
1661
            WHERE module_mode = '$page_mode' 
1661
            WHERE module_basename = 'pages' 
1662
                AND module_basename = 'pages' 
1662
                AND module_class = 'cms'
1663
                AND module_class = 'cms'";
1663
                AND module_mode = '" . $db->sql_escape($page_mode) . "'";
1664
        $result = $db->sql_query_limit($sql, 1);
1664
        $result = $db->sql_query_limit($sql, 1);
1665
        $module_id = $db->sql_fetchfield('module_id');
1665
        $module_id = $db->sql_fetchfield('module_id');
1666
        $db->sql_freeresult($result);
1666
        $db->sql_freeresult($result);
823824
20
*/
20
*/
21
global $table_prefix;
21
global $table_prefix;
22
 
22
 
 
 
23
define('PAGES_LOADED', true);
 
 
24
 
23
define('PAGE_TYPE_PAGE', 0);
25
define('PAGE_TYPE_PAGE', 0);
24
define('PAGE_TYPE_WIKI', 1);
26
define('PAGE_TYPE_WIKI', 1);
25
define('PAGE_TYPE_LINK', 2);
27
define('PAGE_TYPE_LINK', 2);
823824
38
    {
38
    {
39
        global $db_tools, $phpbb_root_path, $phpEx;
39
        global $db_tools, $phpbb_root_path, $phpEx;
40
 
40
 
41
        include($phpbb_root_path . 'modules/pages/constants.' . $phpEx);
41
        if (!defined('PAGES_LOADED'))
 
 
42
        {
 
 
43
            include($phpbb_root_path . 'modules/pages/constants.' . $phpEx);
 
 
44
        }
42
 
45
 
43
        $schema_data = array();
46
        $schema_data = array();
44
 
47
 
823824
21
 
21
 
22
global $table_prefix;
22
global $table_prefix;
23
 
23
 
 
 
24
define('RATINGS_LOADED', true);
 
 
25
 
24
define('RATINGS_TABLE',        $table_prefix . 'ratings');
26
define('RATINGS_TABLE',        $table_prefix . 'ratings');
25
 
27
 
26
?>
28
?>
823824
19
/**
19
/**
20
* Get topic rating
20
* Get topic rating
21
*/
21
*/
22
function get_topic_rating($forum_id, $topic_id, $u_action = '', $topic_poster = 0, $display_only = true, $limit = false, $sql_array = array(), $num_stars = false)
22
function get_topic_rating($topic_id, $u_action = '', $topic_poster = 0, $display_only = true, $limit = false, $sql_array = array(), $num_stars =
false)
23
{
23
{
24
    global $auth, $db, $config, $user, $phpbb_root_path, $template;
24
    global $auth, $db, $config, $user, $phpbb_root_path, $template;
25
 
25
 
...
 
...
 
82
 
82
 
83
                $data[$topic_id]['score'] = sprintf($user->lang['RATINGS_SCORE'], $score, $num_stars);
83
                $data[$topic_id]['score'] = sprintf($user->lang['RATINGS_SCORE'], $score, $num_stars);
84
                $data[$topic_id]['voters'] = sprintf($user->lang['RATINGS_' . $lang_var],
$ratings_ary[$topic_id]['total_voters']);
84
                $data[$topic_id]['voters'] = sprintf($user->lang['RATINGS_' . $lang_var],
$ratings_ary[$topic_id]['total_voters']);
85
 
 
 
86
            }
85
            }
87
            else
86
            else
88
            {
87
            {
...
 
...
 
100
    else
99
    else
101
    {
100
    {
102
        $can_rate = false;
101
        $can_rate = false;
 
 
102
        $topic_id = (int) $topic_id;
103
        $display_only = (!$display_only && $user->data['user_id'] == $topic_poster) ? true : (bool) $display_only;
103
        $display_only = (!$display_only && $user->data['user_id'] == $topic_poster) ? true : (bool) $display_only;
104
        $authorized = ($display_only === false && !$user->data['is_bot'] && $auth->acl_get('f_can_rate', $forum_id)) ?
true : false;
104
        $authorized = ($display_only === false && !$user->data['is_bot'] && $auth->acl_get('f_can_rate', $forum_id)) ?
true : false;
105
 
105
 
...
 
...
 
127
            if ($rating && $can_rate === true)
127
            if ($rating && $can_rate === true)
128
            {
128
            {
129
                $current = (isset($ratings_ary[$topic_id])) ? $ratings_ary[$topic_id]['rating'] : 0;
129
                $current = (isset($ratings_ary[$topic_id])) ? $ratings_ary[$topic_id]['rating'] : 0;
130
                set_topic_rating($forum_id, $topic_id, $current, $rating, $topic_poster, $update);
130
                set_topic_rating($topic_id, $current, $rating, $topic_poster, $update);
131
                redirect($u_action);
131
                redirect($u_action);
132
            }
132
            }
133
        }
133
        }
...
 
...
 
168
    return $data;
168
    return $data;
169
}
169
}
170
 
170
 
171
function set_topic_rating($forum_id, $topic_id, $current, $rating, $topic_poster, $voted, $num_stars = false)
171
function set_topic_rating($topic_id, $current, $rating, $topic_poster, $voted, $num_stars = false)
172
{
172
{
173
    global $auth, $config, $db, $user;
173
    global $auth, $config, $db, $user;
174
 
174
 
 
 
175
    $topic_id = (int) $topic_id;
 
 
176
    $topic_poster = (int) $topic_poster;
 
 
177
 
175
    $num_stars = ($num_stars && in_array(2, 3, 5, 10)) ? $num_stars : $config['number_of_stars'];
178
    $num_stars = ($num_stars && in_array(2, 3, 5, 10)) ? $num_stars : $config['number_of_stars'];
176
 
179
 
177
    $sql_ary = array(
180
    $sql_ary = array(
178
        'topic_id'    => (int) $topic_id,
181
        'topic_id'    => $topic_id,
179
        'user_id'    => 0,
182
        'user_id'    => 0,
180
        'user_ip'    => '',
183
        'user_ip'    => '',
181
    );
184
    );
823824
38
    {
38
    {
39
        global $db, $db_tools, $phpbb_root_path, $phpEx;
39
        global $db, $db_tools, $phpbb_root_path, $phpEx;
40
 
40
 
41
        include($phpbb_root_path . 'modules/ratings/constants.' . $phpEx);
41
        if (!defined('RATINGS_LOADED'))
 
 
42
        {
 
 
43
            include($phpbb_root_path . 'modules/ratings/constants.' . $phpEx);
 
 
44
        }
42
 
45
 
43
        $schema_data = array();
46
        $schema_data = array();
44
 
47
 
...
 
...
 
63
            WHERE ' . $db->sql_in_set('forum_type', array(FORUM_POST, FORUM_HIDDEN));
66
            WHERE ' . $db->sql_in_set('forum_type', array(FORUM_POST, FORUM_HIDDEN));
64
        $result = $db->sql_query($sql);
67
        $result = $db->sql_query($sql);
65
 
68
 
66
        $forum_id = array();
69
        $forum_ids = array();
67
        while ($row = $db->sql_fetchrow($result))
70
        while ($row = $db->sql_fetchrow($result))
68
        {
71
        {
69
            $forum_id[] = $row['forum_id'];
72
            $forum_ids[] = $row['forum_id'];
70
        }
73
        }
71
        $db->sql_freeresult($result);
74
        $db->sql_freeresult($result);
72
 
75