mt-admin
RSS
Finish (I think) refactoring to use DBAL.
darkmorford -
03778752b7d9
Not Reviewed
Show More
Add another comment
Collapse all files
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-strip-'.(int)$_REQUEST['strip_id']);
9 9
10 10 if(!deletestrip( $_REQUEST['strip_id'] ))
11 11 {
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".mysqli_error(), MTS_STRIP, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".$dbConnection->errorCode(), MTS_STRIP, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified strip.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-page-'.$_REQUEST['page_name']);
9 9
10 10 if(!deletepage( $_REQUEST['page_name'] ))
11 11 {
12 adminlog("Error deleting page $_REQUEST[page_name]: ".mysqli_error(), MTS_PAGE, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting page $_REQUEST[page_name]: ".$dbConnection->errorCode(), MTS_PAGE, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified page.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-rant-'.(int)$_REQUEST['rant_id']);
9 9
10 10 if(!deleterant( $_REQUEST['rant_id'] ))
11 11 {
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".mysqli_error(), MTS_RANT, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".$dbConnection->errorCode(), MTS_RANT, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified rant.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -53,8 +53,8 if( $_POST ) {
53 53 // Insert new strip into the database, get a real $strip->id
54 54 if(!insertstrip( $strip ))
55 55 {
56 adminlog("Error on insertion of new strip: ".mysqli_error(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.mysqli_error(), 'SQL Error');
56 adminlog("Error on insertion of new strip: ".$dbConnection->errorCode(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.$dbConnection->errorCode(), 'SQL Error');
58 58 }
59 59
60 60 // Store the uploaded file to xxxx-0.ext
@@ -99,7 +99,7 if( $_POST ) {
99 99 if(!updatestrip( $strip ) )
100 100 {
101 101 adminlog("Failed to update strip ".$strip->id.".", MTS_STRIP, MTA_UPDATE);
102 mtdie('Error updating strip: ' . mysqli_error(), 'SQL Error');
102 mtdie('Error updating strip: ' . $dbConnection->errorCode(), 'SQL Error');
103 103 }
104 104
105 105 if( is_valid_upload('comicFile') ) { // If uploading, store the uploaded file to xxxx-n.ext
Show file before | Show file after | Show commentsHide comments
@@ -62,7 +62,7 if( $_POST ) {
62 62 $rant->id = insertrant($rant);
63 63 if( $rant->id === false )
64 64 {
65 adminlog("Error on rant insertion: ".mysqli_error(), MTS_RANT, MTA_INSERT, E_ERROR);
65 adminlog("Error on rant insertion: ".$dbConnection->errorCode(), MTS_RANT, MTA_INSERT, E_ERROR);
66 66 mtdie('There was an error inserting the rant into the database.', 'SQL Error');
67 67 }
68 68
Show file before | Show file after | Show commentsHide comments
@@ -24,12 +24,8
24 24
25 25 for ($count = 0; $count < 5; $count++) {
26 26 $entry = $feed->getEntryByOffset($count);
27 $link = mysqli_real_escape_string($mtdb->link, $entry->link);
28 $title = mysqli_real_escape_string($mtdb->link, $entry->title);
29 $date = $entry->pubdate;
30 27
31 $mtdb->query("INSERT INTO fredart (pubdate, title, link)
32 VALUES (FROM_UNIXTIME($date), '$title', '$link')", false);
28 $dbConnection->executeUpdate('INSERT INTO fredart (pubdate, title, link) VALUES (FROM_UNIXTIME(?), ?, ?)', array($entry->pubdate, $entry->title, $entry->link));
33 29 }
34 30
35 31 header('Content-Type: text/xml');
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,6 require(__DIR__ . '/../vendor/autoload.php');
6 6
7 7 // Core lib
8 8 require_once('html.php');
9 require_once('mysql.php');
10 9 require_once('cookies.php');
11 10 require_once('functions.php');
12 11 require_once('error.php');
@@ -42,9 +41,6 $dbParams = array(
42 41 $dbConnection = \Doctrine\DBAL\DriverManager::getConnection($dbParams, $dbConfig);
43 42 $dbConnection->setFetchMode(PDO::FETCH_OBJ);
44 43
45 $mtdb = new MysqlStore();
46 $mtdb->connect( DB_SERVER, DB_WRITE_USER, DB_WRITE_PASS, DB_NAME );
47
48 44 /* TODO: Move these definitions to LocalSettings.php */
49 45 if ( !defined('RANTIMG') )
50 46 define('RANTIMG', '../rantimgs/');
Show file before | Show file after | Show commentsHide comments
@@ -53,7 +53,7 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
53 53
54 54
55 55 function setOAuthTokens($userid,$oauth_token,$oauth_token_secret, $username) {
56 global $mtdb;
56 global $dbConnection;
57 57 $id = (int)$userid;
58 58 if ($dbConnection->executeUpdate('UPDATE twitter_user SET oauth_token = ?, oauth_token_secret = ?, username = ? WHERE id = ?', array($oauth_token, $oauth_token_secret, $username, $id)))
59 59 return true;
Show file before | Show file after | Show commentsHide comments
@@ -46,7 +46,7 adminmenu();
46 46 <?php nonce_field('new-scratchpad'); ?>
47 47 <ul class="historic">
48 48 <?php
49 $strips = array_reverse( $mtdb->getAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name, s.message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT 5') );
49 $strips = array_reverse( $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name, s.message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT 5') );
50 50
51 51 foreach($strips as $k=>$v)
52 52 {
@@ -63,7 +63,7 adminmenu();
63 63 <h2>Recent Strips</h2>
64 64 <ul class="historic">
65 65 <?php
66 $strips = $mtdb->getAll("SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published <= NOW() order by id DESC LIMIT 5");
66 $strips = $dbConnection->fetchAll('SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published <= NOW() order by id DESC LIMIT 5');
67 67
68 68 foreach($strips as $k=>$v) {
69 69 printf( '<li>%d: <a href="%s/index.php?strip_id=%d">%s</a>, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
@@ -74,7 +74,7 foreach($strips as $k=>$v) {
74 74 <h2>Upcoming Strips</h2>
75 75 <ul class="historic">
76 76 <?php
77 $strips = $mtdb->getAll("SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published > NOW() order by id ASC LIMIT 5");
77 $strips = $dbConnection->fetchAll('SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published > NOW() order by id ASC LIMIT 5');
78 78
79 79 foreach($strips as $k=>$v) {
80 80 printf( '<li>%d: <a href="%s/edit-comic.php?strip_id=%d">%s</a>, in %s</li>', $v->id, SITE_HOST . SITE_PATH . '/' . SITE_ADMIN, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
@@ -85,7 +85,7 foreach($strips as $k=>$v) {
85 85 <h2>Recent Published Rants</h2>
86 86 <ul class="historic">
87 87 <?php
88 $rants = $mtdb->getAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'published\' ORDER BY rant.published DESC limit 5');
88 $rants = $dbConnection->fetchAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'published\' ORDER BY rant.published DESC limit 5');
89 89
90 90 foreach($rants as $k=>$v) {
91 91 printf( '<li>%d: <a href="%s/index.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
@@ -96,7 +96,7 foreach($rants as $k=>$v) {
96 96 <h2>Recent Draft Rants</h2>
97 97 <ul class="historic">
98 98 <?php
99 $rants = $mtdb->getAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'draft\' ORDER BY rant.published DESC limit 5');
99 $rants = $dbConnection->fetchAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'draft\' ORDER BY rant.published DESC limit 5');
100 100
101 101 foreach($rants as $k=>$v) {
102 102 printf( '<li>%d: <a href="%s/edit-rant.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . ADMIN_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
Show file before | Show file after | Show commentsHide comments
@@ -7,13 +7,13 auth_redirect(); // Require logged in user to access this page.
7 7 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
8 8 check_nonce('new-twitter-user');
9 9
10 if(! $mtdb->query( sprintf('INSERT INTO twitter_user(username) VALUES("%s")', mysqli_real_escape_string( $mtdb->link, md5( microtime() )) ) ) ) {
10 if(! $dbConnection->executeUpdate('INSERT INTO twitter_user (username) VALUES (?)', array(md5( microtime() ) )) {
11 11 adminlog("Error on insertion of new twitter user.", MTS_TWITTER, MTA_INSERT, E_WARNING);
12 mtdie("Error on insertion of new twitter user: ". htmlentities(mysqli_error()), 'SQL Error');
12 mtdie("Error on insertion of new twitter user: ". $dbConnection->errorCode(), 'SQL Error');
13 13 } else {
14 14 //$name = sanitize_username($_POST['name']);
15 15
16 $id = mysqli_insert_id();
16 $id = $dbConnection->lastInsertId();
17 17
18 18 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
19 19 $request_token = $connection->getRequestToken(OAUTH_CALLBACK . "&id=$id");
@@ -40,12 +40,12 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
40 40 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && isset($_REQUEST['id'])) {
41 41 # twitter userID = ID
42 42 $id = (int)$_REQUEST['id'];
43 $row = $mtdb->getRow( sprintf('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id=%d LIMIT 1', $id));
43 $row = $dbConnection->executeQuery('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id = ? LIMIT 1', array($id))->fetch();
44 44
45 45 # Compare token in database with token from twitter. If they differ, bail.
46 46 if( $row->oauth_token != $_REQUEST['oauth_token'] ) {
47 47 # token is old, drop from database
48 if(!$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
48 if(!$dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($id))) {
49 49 adminlog('Error deleting temporary twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
50 50 mtdie('Error deleting temporary twitter user.', 'SQL Error');
51 51 }
@@ -69,7 +69,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
69 69
70 70 } else {
71 71 # fail
72 if( !$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
72 if( !$dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($id))) {
73 73 adminlog('Error deleting specified twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
74 74 mtdie('Error deleting the specified twitter user.', 'SQL Error');
75 75 }
@@ -80,7 +80,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
80 80 }
81 81 }
82 82
83 $twitter_users = $mtdb->getAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
83 $twitter_users = $dbConnection->fetchAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
84 84
85 85 adminhead('Manage Twitter Users');
86 86 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -6,15 +6,15 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
8 8 check_nonce('delete-type-' . (int)$_GET['delete']);
9 if(! $mtdb->query( 'DELETE FROM strip_t WHERE id=' . (int)$_GET['delete'] ) )
9 if(! $dbConnection->executeUpdate('DELETE FROM strip_t WHERE id = ?', array($_GET['delete'])))
10 10 {
11 11 adminlog("Error deleting type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE, E_WARNING);
12 mtdie("Error on deletion of existing type: " . htmlentities(mysqli_error()), 'SQL Error');
12 mtdie("Error on deletion of existing type: " . $dbConnection->errorCode(), 'SQL Error');
13 13 }
14 if(! $mtdb->query( 'DELETE FROM meta WHERE type=' . (int)$_GET['delete'] ) )
14 if(! $dbConnection->executeUpdate('DELETE FROM meta WHERE type = ?', array($_GET['delete'])))
15 15 {
16 16 adminlog("Error on deletion of type ".(int)$_GET['delete']."'s metadata.", MTS_TYPE, MTA_DELETE, E_WARNING);
17 mtdie("Error on deletion of existing type's metadata: " . htmlentities(mysqli_error()), 'SQL Error');
17 mtdie("Error on deletion of existing type's metadata: " . $dbConnection->errorCode(), 'SQL Error');
18 18 }
19 19 $info.='<p>Deleted type successfully.<p>';
20 20 adminlog("Deleted type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE);
@@ -27,10 +27,10 if( isset($_POST['action']) && $_POST['action'] == 'new_type' ) {
27 27 $desc = trim($_POST['description']);
28 28
29 29 if( check_type_name($name) ) {
30 if(! $mtdb->query( sprintf( 'INSERT INTO strip_t(name, description) VALUES("%s", "%s")', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc)) ) )
30 if(! $dbConnection->executeUpdate('INSERT INTO strip_t (name, description) VALUES (?, ?)', array($name, $desc)))
31 31 {
32 32 adminlog("Error on insertion of new type.", MTS_TYPE, MTA_INSERT, E_WARNING);
33 mtdie("Error on insertion of new type: ". htmlentities(mysqli_error()), 'SQL Error');
33 mtdie("Error on insertion of new type: ". $dbConnection->errorCode(), 'SQL Error');
34 34 }
35 35 }
36 36 $info.='<p>New type created successfully.<p>';
@@ -47,7 +47,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
47 47
48 48 $meta = $_POST['meta'];
49 49
50 $m_delete = $mtdb->getAll("SELECT meta FROM meta WHERE type = $id");
50 $m_delete = $dbConnection->fetchAll('SELECT meta FROM meta WHERE type = ?', array($id));
51 51
52 52 $m_insert = array();
53 53
@@ -67,31 +67,31 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
67 67 }
68 68
69 69 if( check_type_name( $name ) ) {
70 if( !$mtdb->query( sprintf( 'UPDATE strip_t SET name = "%s", description = "%s" WHERE id = %s', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc), $id)) )
70 if( !$dbConnection->executeUpdate('UPDATE strip_t SET name = ?, description = ? WHERE id = ?', array($name, $desc, $id)))
71 71 {
72 72 adminlog("Error on updating type ".$id, MTS_TYPE, MTA_UPDATE, E_WARNING);
73 mtdie("Error on update of existing type: ". htmlentities(mysqli_error()), 'SQL Error');
73 mtdie("Error on update of existing type: ". $dbConnection->errorCode(), 'SQL Error');
74 74 }
75 75
76 76 $sql_insert = "INSERT INTO meta (type,meta) VALUES " . implode(',',$m_insert);
77 77 $sql_delete = "DELETE FROM meta WHERE type=$id AND ( " . implode(' OR ',$m_delete) . ' )';
78 78
79 $mtdb->query('START TRANSACTION');
79 $dbConnection->beginTransaction();
80 80
81 81 if( count($m_insert) )
82 if(! $mtdb->query( $sql_insert ) )
82 if(! $dbConnection->executeUpdate( $sql_insert ) )
83 83 {
84 84 adminlog("Error inserting new metatype association data for type ".$id, MTS_TYPE, MTA_INSERT, E_WARNING);
85 85 mtdie("There was an error inserting new metatype association data. Transaction aborted. $sql_insert");
86 86 }
87 87 if( count($m_delete) )
88 if(! $mtdb->query( $sql_delete ) )
88 if(! $dbConnection->executeUpdate( $sql_delete ) )
89 89 {
90 90 adminlog("Error deleting old metatype association data for type ".$id, MTS_TYPE, MTA_REMOVE, E_WARNING);
91 91 mtdie("There was an error deleting old metatype data. Transaction aborted. $sql_delete");
92 92 }
93 93
94 $mtdb->query('COMMIT');
94 $dbConnection->commit();
95 95
96 96 } else {
97 97 $error.='<p>Invalid type name!</p>';
@@ -101,7 +101,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
101 101 }
102 102
103 103 //display all types
104 $types = $mtdb->getAll("SELECT strip_t.id AS id, strip_t.name AS name, strip_t.description AS description, COUNT(strip.id) AS strips FROM strip_t LEFT JOIN strip ON strip.type = strip_t.id GROUP BY strip_t.id");
104 $types = $dbConnection->fetchAll('SELECT strip_t.id AS id, strip_t.name AS name, strip_t.description AS description, COUNT(strip.id) AS strips FROM strip_t JOIN strip ON strip.type = strip_t.id GROUP BY strip_t.id');
105 105
106 106 adminhead('Types');
107 107 adminmenu();
@@ -130,9 +130,9 adminmenu();
130 130 foreach( $types as $s ) {
131 131 $alternate=!$alternate;
132 132
133 $metas = $mtdb->getAll("SELECT meta_t.name AS name FROM strip_t
133 $metas = $dbConnection->fetchAll('SELECT meta_t.name AS name FROM strip_t
134 134 JOIN meta ON meta.type = strip_t.id JOIN meta_t ON meta.meta = meta_t.id
135 WHERE strip_t.id = $s->id");
135 WHERE strip_t.id = ?', array($s->id));
136 136
137 137 $meta = implode(', ', array_map('_getMetaNameFromObject', $metas) );
138 138
Comments 0
You need to be logged in to leave comments. Login now