mt-admin
RSS
Merge pull request #16 from mt-admin dbal...
darkmorford -
17cb6fd19dbb merge
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
Show file before | Show file after | Show commentsHide comments
@@ -0,0 +1,14
1 # Topmost editor config for this site
2 root = true
3
4 # Global config settings
5 [*]
6 charset = utf-8
7 indent_style = tab
8 insert_final_newline = true
9 trim_trailing_whitespace = true
10
11 # Exceptions for specific files
12 [composer.{json,lock}]
13 indent_size = 4
14 indent_style = space
Show file before | Show file after | Show commentsHide comments
@@ -0,0 +1,5
1 {
2 "require": {
3 "doctrine/dbal": "v2.5.12"
4 }
5 }
Show file before | Show file after | Show commentsHide comments
@@ -0,0 +1,488
1 {
2 "_readme": [
3 "This file locks the dependencies of your project to a known state",
4 "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
5 "This file is @generated automatically"
6 ],
7 "content-hash": "6b362fc1ca79445eff7965b72a3e900b",
8 "packages": [
9 {
10 "name": "doctrine/annotations",
11 "version": "v1.4.0",
12 "source": {
13 "type": "git",
14 "url": "https://github.com/doctrine/annotations.git",
15 "reference": "54cacc9b81758b14e3ce750f205a393d52339e97"
16 },
17 "dist": {
18 "type": "zip",
19 "url": "https://api.github.com/repos/doctrine/annotations/zipball/54cacc9b81758b14e3ce750f205a393d52339e97",
20 "reference": "54cacc9b81758b14e3ce750f205a393d52339e97",
21 "shasum": ""
22 },
23 "require": {
24 "doctrine/lexer": "1.*",
25 "php": "^5.6 || ^7.0"
26 },
27 "require-dev": {
28 "doctrine/cache": "1.*",
29 "phpunit/phpunit": "^5.7"
30 },
31 "type": "library",
32 "extra": {
33 "branch-alias": {
34 "dev-master": "1.4.x-dev"
35 }
36 },
37 "autoload": {
38 "psr-4": {
39 "Doctrine\\Common\\Annotations\\": "lib/Doctrine/Common/Annotations"
40 }
41 },
42 "notification-url": "https://packagist.org/downloads/",
43 "license": [
44 "MIT"
45 ],
46 "authors": [
47 {
48 "name": "Roman Borschel",
49 "email": "roman@code-factory.org"
50 },
51 {
52 "name": "Benjamin Eberlei",
53 "email": "kontakt@beberlei.de"
54 },
55 {
56 "name": "Guilherme Blanco",
57 "email": "guilhermeblanco@gmail.com"
58 },
59 {
60 "name": "Jonathan Wage",
61 "email": "jonwage@gmail.com"
62 },
63 {
64 "name": "Johannes Schmitt",
65 "email": "schmittjoh@gmail.com"
66 }
67 ],
68 "description": "Docblock Annotations Parser",
69 "homepage": "http://www.doctrine-project.org",
70 "keywords": [
71 "annotations",
72 "docblock",
73 "parser"
74 ],
75 "time": "2017-02-24T16:22:25+00:00"
76 },
77 {
78 "name": "doctrine/cache",
79 "version": "v1.6.1",
80 "source": {
81 "type": "git",
82 "url": "https://github.com/doctrine/cache.git",
83 "reference": "b6f544a20f4807e81f7044d31e679ccbb1866dc3"
84 },
85 "dist": {
86 "type": "zip",
87 "url": "https://api.github.com/repos/doctrine/cache/zipball/b6f544a20f4807e81f7044d31e679ccbb1866dc3",
88 "reference": "b6f544a20f4807e81f7044d31e679ccbb1866dc3",
89 "shasum": ""
90 },
91 "require": {
92 "php": "~5.5|~7.0"
93 },
94 "conflict": {
95 "doctrine/common": ">2.2,<2.4"
96 },
97 "require-dev": {
98 "phpunit/phpunit": "~4.8|~5.0",
99 "predis/predis": "~1.0",
100 "satooshi/php-coveralls": "~0.6"
101 },
102 "type": "library",
103 "extra": {
104 "branch-alias": {
105 "dev-master": "1.6.x-dev"
106 }
107 },
108 "autoload": {
109 "psr-4": {
110 "Doctrine\\Common\\Cache\\": "lib/Doctrine/Common/Cache"
111 }
112 },
113 "notification-url": "https://packagist.org/downloads/",
114 "license": [
115 "MIT"
116 ],
117 "authors": [
118 {
119 "name": "Roman Borschel",
120 "email": "roman@code-factory.org"
121 },
122 {
123 "name": "Benjamin Eberlei",
124 "email": "kontakt@beberlei.de"
125 },
126 {
127 "name": "Guilherme Blanco",
128 "email": "guilhermeblanco@gmail.com"
129 },
130 {
131 "name": "Jonathan Wage",
132 "email": "jonwage@gmail.com"
133 },
134 {
135 "name": "Johannes Schmitt",
136 "email": "schmittjoh@gmail.com"
137 }
138 ],
139 "description": "Caching library offering an object-oriented API for many cache backends",
140 "homepage": "http://www.doctrine-project.org",
141 "keywords": [
142 "cache",
143 "caching"
144 ],
145 "time": "2016-10-29T11:16:17+00:00"
146 },
147 {
148 "name": "doctrine/collections",
149 "version": "v1.4.0",
150 "source": {
151 "type": "git",
152 "url": "https://github.com/doctrine/collections.git",
153 "reference": "1a4fb7e902202c33cce8c55989b945612943c2ba"
154 },
155 "dist": {
156 "type": "zip",
157 "url": "https://api.github.com/repos/doctrine/collections/zipball/1a4fb7e902202c33cce8c55989b945612943c2ba",
158 "reference": "1a4fb7e902202c33cce8c55989b945612943c2ba",
159 "shasum": ""
160 },
161 "require": {
162 "php": "^5.6 || ^7.0"
163 },
164 "require-dev": {
165 "doctrine/coding-standard": "~0.1@dev",
166 "phpunit/phpunit": "^5.7"
167 },
168 "type": "library",
169 "extra": {
170 "branch-alias": {
171 "dev-master": "1.3.x-dev"
172 }
173 },
174 "autoload": {
175 "psr-0": {
176 "Doctrine\\Common\\Collections\\": "lib/"
177 }
178 },
179 "notification-url": "https://packagist.org/downloads/",
180 "license": [
181 "MIT"
182 ],
183 "authors": [
184 {
185 "name": "Roman Borschel",
186 "email": "roman@code-factory.org"
187 },
188 {
189 "name": "Benjamin Eberlei",
190 "email": "kontakt@beberlei.de"
191 },
192 {
193 "name": "Guilherme Blanco",
194 "email": "guilhermeblanco@gmail.com"
195 },
196 {
197 "name": "Jonathan Wage",
198 "email": "jonwage@gmail.com"
199 },
200 {
201 "name": "Johannes Schmitt",
202 "email": "schmittjoh@gmail.com"
203 }
204 ],
205 "description": "Collections Abstraction library",
206 "homepage": "http://www.doctrine-project.org",
207 "keywords": [
208 "array",
209 "collections",
210 "iterator"
211 ],
212 "time": "2017-01-03T10:49:41+00:00"
213 },
214 {
215 "name": "doctrine/common",
216 "version": "v2.7.2",
217 "source": {
218 "type": "git",
219 "url": "https://github.com/doctrine/common.git",
220 "reference": "930297026c8009a567ac051fd545bf6124150347"
221 },
222 "dist": {
223 "type": "zip",
224 "url": "https://api.github.com/repos/doctrine/common/zipball/930297026c8009a567ac051fd545bf6124150347",
225 "reference": "930297026c8009a567ac051fd545bf6124150347",
226 "shasum": ""
227 },
228 "require": {
229 "doctrine/annotations": "1.*",
230 "doctrine/cache": "1.*",
231 "doctrine/collections": "1.*",
232 "doctrine/inflector": "1.*",
233 "doctrine/lexer": "1.*",
234 "php": "~5.6|~7.0"
235 },
236 "require-dev": {
237 "phpunit/phpunit": "^5.4.6"
238 },
239 "type": "library",
240 "extra": {
241 "branch-alias": {
242 "dev-master": "2.7.x-dev"
243 }
244 },
245 "autoload": {
246 "psr-4": {
247 "Doctrine\\Common\\": "lib/Doctrine/Common"
248 }
249 },
250 "notification-url": "https://packagist.org/downloads/",
251 "license": [
252 "MIT"
253 ],
254 "authors": [
255 {
256 "name": "Roman Borschel",
257 "email": "roman@code-factory.org"
258 },
259 {
260 "name": "Benjamin Eberlei",
261 "email": "kontakt@beberlei.de"
262 },
263 {
264 "name": "Guilherme Blanco",
265 "email": "guilhermeblanco@gmail.com"
266 },
267 {
268 "name": "Jonathan Wage",
269 "email": "jonwage@gmail.com"
270 },
271 {
272 "name": "Johannes Schmitt",
273 "email": "schmittjoh@gmail.com"
274 }
275 ],
276 "description": "Common Library for Doctrine projects",
277 "homepage": "http://www.doctrine-project.org",
278 "keywords": [
279 "annotations",
280 "collections",
281 "eventmanager",
282 "persistence",
283 "spl"
284 ],
285 "time": "2017-01-13T14:02:13+00:00"
286 },
287 {
288 "name": "doctrine/dbal",
289 "version": "v2.5.12",
290 "source": {
291 "type": "git",
292 "url": "https://github.com/doctrine/dbal.git",
293 "reference": "7b9e911f9d8b30d43b96853dab26898c710d8f44"
294 },
295 "dist": {
296 "type": "zip",
297 "url": "https://api.github.com/repos/doctrine/dbal/zipball/7b9e911f9d8b30d43b96853dab26898c710d8f44",
298 "reference": "7b9e911f9d8b30d43b96853dab26898c710d8f44",
299 "shasum": ""
300 },
301 "require": {
302 "doctrine/common": ">=2.4,<2.8-dev",
303 "php": ">=5.3.2"
304 },
305 "require-dev": {
306 "phpunit/phpunit": "4.*",
307 "symfony/console": "2.*||^3.0"
308 },
309 "suggest": {
310 "symfony/console": "For helpful console commands such as SQL execution and import of files."
311 },
312 "bin": [
313 "bin/doctrine-dbal"
314 ],
315 "type": "library",
316 "extra": {
317 "branch-alias": {
318 "dev-master": "2.5.x-dev"
319 }
320 },
321 "autoload": {
322 "psr-0": {
323 "Doctrine\\DBAL\\": "lib/"
324 }
325 },
326 "notification-url": "https://packagist.org/downloads/",
327 "license": [
328 "MIT"
329 ],
330 "authors": [
331 {
332 "name": "Roman Borschel",
333 "email": "roman@code-factory.org"
334 },
335 {
336 "name": "Benjamin Eberlei",
337 "email": "kontakt@beberlei.de"
338 },
339 {
340 "name": "Guilherme Blanco",
341 "email": "guilhermeblanco@gmail.com"
342 },
343 {
344 "name": "Jonathan Wage",
345 "email": "jonwage@gmail.com"
346 }
347 ],
348 "description": "Database Abstraction Layer",
349 "homepage": "http://www.doctrine-project.org",
350 "keywords": [
351 "database",
352 "dbal",
353 "persistence",
354 "queryobject"
355 ],
356 "time": "2017-02-08T12:53:47+00:00"
357 },
358 {
359 "name": "doctrine/inflector",
360 "version": "v1.1.0",
361 "source": {
362 "type": "git",
363 "url": "https://github.com/doctrine/inflector.git",
364 "reference": "90b2128806bfde671b6952ab8bea493942c1fdae"
365 },
366 "dist": {
367 "type": "zip",
368 "url": "https://api.github.com/repos/doctrine/inflector/zipball/90b2128806bfde671b6952ab8bea493942c1fdae",
369 "reference": "90b2128806bfde671b6952ab8bea493942c1fdae",
370 "shasum": ""
371 },
372 "require": {
373 "php": ">=5.3.2"
374 },
375 "require-dev": {
376 "phpunit/phpunit": "4.*"
377 },
378 "type": "library",
379 "extra": {
380 "branch-alias": {
381 "dev-master": "1.1.x-dev"
382 }
383 },
384 "autoload": {
385 "psr-0": {
386 "Doctrine\\Common\\Inflector\\": "lib/"
387 }
388 },
389 "notification-url": "https://packagist.org/downloads/",
390 "license": [
391 "MIT"
392 ],
393 "authors": [
394 {
395 "name": "Roman Borschel",
396 "email": "roman@code-factory.org"
397 },
398 {
399 "name": "Benjamin Eberlei",
400 "email": "kontakt@beberlei.de"
401 },
402 {
403 "name": "Guilherme Blanco",
404 "email": "guilhermeblanco@gmail.com"
405 },
406 {
407 "name": "Jonathan Wage",
408 "email": "jonwage@gmail.com"
409 },
410 {
411 "name": "Johannes Schmitt",
412 "email": "schmittjoh@gmail.com"
413 }
414 ],
415 "description": "Common String Manipulations with regard to casing and singular/plural rules.",
416 "homepage": "http://www.doctrine-project.org",
417 "keywords": [
418 "inflection",
419 "pluralize",
420 "singularize",
421 "string"
422 ],
423 "time": "2015-11-06T14:35:42+00:00"
424 },
425 {
426 "name": "doctrine/lexer",
427 "version": "v1.0.1",
428 "source": {
429 "type": "git",
430 "url": "https://github.com/doctrine/lexer.git",
431 "reference": "83893c552fd2045dd78aef794c31e694c37c0b8c"
432 },
433 "dist": {
434 "type": "zip",
435 "url": "https://api.github.com/repos/doctrine/lexer/zipball/83893c552fd2045dd78aef794c31e694c37c0b8c",
436 "reference": "83893c552fd2045dd78aef794c31e694c37c0b8c",
437 "shasum": ""
438 },
439 "require": {
440 "php": ">=5.3.2"
441 },
442 "type": "library",
443 "extra": {
444 "branch-alias": {
445 "dev-master": "1.0.x-dev"
446 }
447 },
448 "autoload": {
449 "psr-0": {
450 "Doctrine\\Common\\Lexer\\": "lib/"
451 }
452 },
453 "notification-url": "https://packagist.org/downloads/",
454 "license": [
455 "MIT"
456 ],
457 "authors": [
458 {
459 "name": "Roman Borschel",
460 "email": "roman@code-factory.org"
461 },
462 {
463 "name": "Guilherme Blanco",
464 "email": "guilhermeblanco@gmail.com"
465 },
466 {
467 "name": "Johannes Schmitt",
468 "email": "schmittjoh@gmail.com"
469 }
470 ],
471 "description": "Base library for a lexer that can be used in Top-Down, Recursive Descent Parsers.",
472 "homepage": "http://www.doctrine-project.org",
473 "keywords": [
474 "lexer",
475 "parser"
476 ],
477 "time": "2014-09-09T13:34:57+00:00"
478 }
479 ],
480 "packages-dev": [],
481 "aliases": [],
482 "minimum-stability": "stable",
483 "stability-flags": [],
484 "prefer-stable": false,
485 "prefer-lowest": false,
486 "platform": [],
487 "platform-dev": []
488 }
Show file before | Show file after | Show commentsHide comments
@@ -1,4 +1,7
1 # SASS artifacts
1 # Composer dependencies
2 vendor
3
4 # Stylesheet artifacts
2 *.css
5 *.css
3 *.css.map
6 *.css.map
4 .sass-cache
7 .sass-cache
Show file before | Show file after | Show commentsHide comments
@@ -10,7 +10,8 if('post_twitter' == $_REQUEST['action'])
10 check_nonce('new-character-twitter');
10 check_nonce('new-character-twitter');
11
11
12 #Fetch the password from the DB.
12 #Fetch the password from the DB.
13 $acct = $mtdb->getRow(sprintf("SELECT username, password FROM twitter_user WHERE id = '%d'", $_REQUEST['twitter-account']));
13 $stmt = $dbConnection->executeQuery('SELECT username, password FROM twitter_user WHERE id = ?', array($_REQUEST['twitter-account']));
14 $acct = $stmt->fetch();
14
15
15 $post_at = strtotime($_REQUEST['date18']);
16 $post_at = strtotime($_REQUEST['date18']);
16
17
@@ -35,13 +36,8 if('post_twitter' == $_REQUEST['action'])
35 else
36 else
36 {
37 {
37 #No luck, gotta schedule.
38 #No luck, gotta schedule.
38 $mtdb->query(
39 $dbConnection->executeUpdate('INSERT INTO twitter_post (status, user, time, text) VALUES (\'scheduled\', ?, FROM_UNIXTIME(?), ?)',
39 sprintf("INSERT INTO twitter_post (status, user, time, text)VALUES ('scheduled', '%d', FROM_UNIXTIME('%d'), '%s')",
40 array($_REQUEST['twitter-account'], $post_at, $_REQUEST['message']));
40 mysqli_real_escape_string($mtdb->link, $_REQUEST['twitter-account']),
41 $post_at,
42 mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])
43 )
44 );
45 $info .= "Your tweet for user " . htmlentities($acct->username) . " has been scheduled.";
41 $info .= "Your tweet for user " . htmlentities($acct->username) . " has been scheduled.";
46 adminlog('Tweet for account ' . $acct->username . ' has been scheduled.', MTS_TWITTER, MTA_ADD);
42 adminlog('Tweet for account ' . $acct->username . ' has been scheduled.', MTS_TWITTER, MTA_ADD);
47 }
43 }
@@ -52,12 +48,11 if('post_twitter' == $_REQUEST['action'])
52 }
48 }
53 }
49 }
54
50
55 $characters = $mtdb->getAll("SELECT id, username FROM twitter_user ORDER BY username");
51 $characters = $dbConnection->fetchAll('SELECT id, username FROM twitter_user ORDER BY username');
56
52
57 $scheduled = $mtdb->getAll("SELECT username, text, status, twitter_post.id AS id, time
53 $scheduled = $dbConnection->fetchAll('SELECT username, text, status, twitter_post.id AS id, time ' .
58 FROM twitter_post JOIN twitter_user
54 'FROM twitter_post JOIN twitter_user ON twitter_post.user = twitter_user.id ' .
59 ON twitter_post.user = twitter_user.id
55 'WHERE twitter_post.status = \'scheduled\' ORDER BY time');
60 WHERE twitter_post.status = 'scheduled' ORDER BY time");
61
56
62 adminhead('Manage Character Twitters');
57 adminhead('Manage Character Twitters');
63 adminmenu();
58 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-strip-'.(int)$_REQUEST['strip_id']);
9
9
10 if(!deletestrip( $_REQUEST['strip_id'] ))
10 if(!deletestrip( $_REQUEST['strip_id'] ))
11 {
11 {
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".mysqli_error(), MTS_STRIP, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".$dbConnection->errorCode(), MTS_STRIP, MTA_DELETE, E_ERROR);
13 mtdie('Error deleting the specified strip.','SQL Error');
13 mtdie('Error deleting the specified strip.','SQL Error');
14 }
14 }
15
15
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-page-'.$_REQUEST['page_name']);
9
9
10 if(!deletepage( $_REQUEST['page_name'] ))
10 if(!deletepage( $_REQUEST['page_name'] ))
11 {
11 {
12 adminlog("Error deleting page $_REQUEST[page_name]: ".mysqli_error(), MTS_PAGE, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting page $_REQUEST[page_name]: ".$dbConnection->errorCode(), MTS_PAGE, MTA_DELETE, E_ERROR);
13 mtdie('Error deleting the specified page.','SQL Error');
13 mtdie('Error deleting the specified page.','SQL Error');
14 }
14 }
15
15
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-rant-'.(int)$_REQUEST['rant_id']);
9
9
10 if(!deleterant( $_REQUEST['rant_id'] ))
10 if(!deleterant( $_REQUEST['rant_id'] ))
11 {
11 {
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".mysqli_error(), MTS_RANT, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".$dbConnection->errorCode(), MTS_RANT, MTA_DELETE, E_ERROR);
13 mtdie('Error deleting the specified rant.','SQL Error');
13 mtdie('Error deleting the specified rant.','SQL Error');
14 }
14 }
15
15
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 $victim = (int)$_REQUEST['tweet_id'];
12
12
13 if($victim)
13 if($victim)
14 {
14 {
15 $r = $mtdb->query("DELETE FROM twitter_post WHERE id = '$victim'");
15 $r = $dbConnection->executeUpdate('DELETE FROM twitter_post WHERE id = ?', array($victim));
16 if(!$r)
16 if(!$r)
17 {
17 {
18 adminlog('Error deleting scheduled tweet ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
18 adminlog('Error deleting scheduled tweet ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 $victim = (int)$_REQUEST['id'];
12
12
13 if($victim)
13 if($victim)
14 {
14 {
15 $r = $mtdb->query("DELETE FROM twitter_user WHERE id = '$victim'");
15 $r = $dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($victim));
16 if(!$r)
16 if(!$r)
17 {
17 {
18 adminlog('Error deleting specified twitter user ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
18 adminlog('Error deleting specified twitter user ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
Show file before | Show file after | Show commentsHide comments
@@ -35,13 +35,13 if( $_POST ) {
35 if( !is_valid_upload('comicFile') )
35 if( !is_valid_upload('comicFile') )
36 {
36 {
37 adminlog("Image upload failed.", MTS_STRIP, MTA_ADD, E_WARNING);
37 adminlog("Image upload failed.", MTS_STRIP, MTA_ADD, E_WARNING);
38 mtdie('If you want to upload a new comic, you must provide said comic.','Strip upload failed.');
38 mtdie('If you want to upload a new comic, you must provide said comic.', 'Strip upload failed.');
39 }
39 }
40
40
41 // get image type and target extension
41 // get image type and target extension
42 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
42 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
43 $strip->media = $imagedata[2];
43 $strip->media = $imagedata[2];
44 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id = ' . (int)$strip->media );
44 $fileext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media), 0, array(PDO::PARAM_INT));
45
45
46 if(strlen($fileext) < 3)
46 if(strlen($fileext) < 3)
47 {
47 {
@@ -53,8 +53,8 if( $_POST ) {
53 // Insert new strip into the database, get a real $strip->id
53 // Insert new strip into the database, get a real $strip->id
54 if(!insertstrip( $strip ))
54 if(!insertstrip( $strip ))
55 {
55 {
56 adminlog("Error on insertion of new strip: ".mysqli_error(), MTS_STRIP, MTA_ADD, E_ERROR);
56 adminlog("Error on insertion of new strip: ".$dbConnection->errorCode(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.mysqli_error(), 'SQL Error');
57 mtdie('Error on insertion of new strip: '.$dbConnection->errorCode(), 'SQL Error');
58 }
58 }
59
59
60 // Store the uploaded file to xxxx-0.ext
60 // Store the uploaded file to xxxx-0.ext
@@ -86,7 +86,7 if( $_POST ) {
86 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
86 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
87 $strip->media = $imagedata[2];
87 $strip->media = $imagedata[2];
88 }
88 }
89 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$strip->media );
89 $fileext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media), 0, array(PDO::PARAM_INT));
90
90
91 if(strlen($fileext) < 3)
91 if(strlen($fileext) < 3)
92 {
92 {
@@ -99,7 +99,7 if( $_POST ) {
99 if(!updatestrip( $strip ) )
99 if(!updatestrip( $strip ) )
100 {
100 {
101 adminlog("Failed to update strip ".$strip->id.".", MTS_STRIP, MTA_UPDATE);
101 adminlog("Failed to update strip ".$strip->id.".", MTS_STRIP, MTA_UPDATE);
102 mtdie('Error updating strip: ' . mysqli_error(), 'SQL Error');
102 mtdie('Error updating strip: ' . $dbConnection->errorCode(), 'SQL Error');
103 }
103 }
104
104
105 if( is_valid_upload('comicFile') ) { // If uploading, store the uploaded file to xxxx-n.ext
105 if( is_valid_upload('comicFile') ) { // If uploading, store the uploaded file to xxxx-n.ext
@@ -178,7 +178,7 adminmenu('manage-comics.php');
178 <h3 class="dbx-handle">Comic Type</h3>
178 <h3 class="dbx-handle">Comic Type</h3>
179 <div class="dbx-content"><select name="strip_type">
179 <div class="dbx-content"><select name="strip_type">
180 <?php
180 <?php
181 $types = $mtdb->getAll( 'SELECT id, description FROM strip_t ORDER BY id' );
181 $types = $dbConnection->fetchAll('SELECT id, description FROM strip_t ORDER BY id');
182 foreach( $types as $k=>$v )
182 foreach( $types as $k=>$v )
183 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($strip->type == $v->id ? 'selected="selected"' : '' ), htmlentities($v->description));
183 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($strip->type == $v->id ? 'selected="selected"' : '' ), htmlentities($v->description));
184
184
Show file before | Show file after | Show commentsHide comments
@@ -4,7 +4,12 require_once('include/admin.inc.php');
4
4
5 auth_redirect(); // Require logged in user to access this page.
5 auth_redirect(); // Require logged in user to access this page.
6
6
7 $type = $mtdb->getRow( 'SELECT id, name FROM meta_t WHERE id=' . (int)$_GET['edit'] )
7 $sql = 'SELECT id, name FROM meta_t WHERE id = ?';
8 $stmt = $dbConnection->prepare($sql);
9 $stmt->bindValue(1, $_GET['edit'], PDO::PARAM_INT);
10 $stmt->execute();
11
12 $type = $stmt->fetch()
8 or mtdie("Invalid metatype number!");
13 or mtdie("Invalid metatype number!");
9
14
10 adminhead('Metatypes');
15 adminhead('Metatypes');
Show file before | Show file after | Show commentsHide comments
@@ -59,10 +59,9 if( $_POST ) {
59
59
60 adminhead('Edit Static Page');
60 adminhead('Edit Static Page');
61 adminmenu('manage-pages.php');
61 adminmenu('manage-pages.php');
62
63
64 ?>
62 ?>
65
63
64
66 <h2>Editing Page "<?php echo htmlentities($page->title, ENT_COMPAT, 'UTF-8') ; ?>"</h2>
65 <h2>Editing Page "<?php echo htmlentities($page->title, ENT_COMPAT, 'UTF-8') ; ?>"</h2>
67
66
68 <form enctype="multipart/form-data" action="edit-page.php" method="post" name="post" id="post">
67 <form enctype="multipart/form-data" action="edit-page.php" method="post" name="post" id="post">
Show file before | Show file after | Show commentsHide comments
@@ -62,7 +62,7 if( $_POST ) {
62 $rant->id = insertrant($rant);
62 $rant->id = insertrant($rant);
63 if( $rant->id === false )
63 if( $rant->id === false )
64 {
64 {
65 adminlog("Error on rant insertion: ".mysqli_error(), MTS_RANT, MTA_INSERT, E_ERROR);
65 adminlog("Error on rant insertion: ".$dbConnection->errorCode(), MTS_RANT, MTA_INSERT, E_ERROR);
66 mtdie('There was an error inserting the rant into the database.', 'SQL Error');
66 mtdie('There was an error inserting the rant into the database.', 'SQL Error');
67 }
67 }
68
68
@@ -118,7 +118,7 if( $_POST ) {
118 foreach($_POST['delete_attachment'] as $attachment)
118 foreach($_POST['delete_attachment'] as $attachment)
119 deleteattachment($attachment);
119 deleteattachment($attachment);
120
120
121 $existing_attachments = $mtdb->getAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = '.$rant->id.' ORDER BY id');
121 $existing_attachments = $dbConnection->fetchAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = ? ORDER BY id', array($rant->id));
122 for($i = 0; $i < count($existing_attachments); $i++) {
122 for($i = 0; $i < count($existing_attachments); $i++) {
123 $rant->body = preg_replace('/(href|src)=\"([^\"]*?)\\{'.($i+1).'\\}(.*?)\"/', '\1="'.get_rantattachment_filename($existing_attachments[$i]->id).'"', $rant->body);
123 $rant->body = preg_replace('/(href|src)=\"([^\"]*?)\\{'.($i+1).'\\}(.*?)\"/', '\1="'.get_rantattachment_filename($existing_attachments[$i]->id).'"', $rant->body);
124 }
124 }
@@ -192,7 +192,7 adminmenu('manage-rants.php');
192 <fieldset id="authordiv" class="dbx-box">
192 <fieldset id="authordiv" class="dbx-box">
193 <h3 class="dbx-handle">Author</h3>
193 <h3 class="dbx-handle">Author</h3>
194 <div class="dbx-content"><select name="rant_author"><?php
194 <div class="dbx-content"><select name="rant_author"><?php
195 $contrib = $mtdb->getAll('select id,name from contributor');
195 $contrib = $dbConnection->fetchAll('SELECT id, name FROM contributor');
196 foreach( $contrib as $k=>$v ) {
196 foreach( $contrib as $k=>$v ) {
197 printf('<option value="%s" %s>%s</option>', htmlentities($v->id, ENT_COMPAT, 'UTF-8'), ( $v->id == $rant->author ? 'selected="selected"' : '' ), htmlentities($v->name) );
197 printf('<option value="%s" %s>%s</option>', htmlentities($v->id, ENT_COMPAT, 'UTF-8'), ( $v->id == $rant->author ? 'selected="selected"' : '' ), htmlentities($v->name) );
198 } ?>
198 } ?>
@@ -298,7 +298,7 adminmenu('manage-rants.php');
298 <p>Attach files:</p>
298 <p>Attach files:</p>
299 <ol id="rant_attachment_list">
299 <ol id="rant_attachment_list">
300 <?php
300 <?php
301 $attachments = $mtdb->getAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = '.$rant->id.' ORDER BY id');
301 $attachments = $dbConnection->fetchAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = ? ORDER BY id', array($rant->id));
302 foreach($attachments as $k=>$v)
302 foreach($attachments as $k=>$v)
303 printf('<li><input type="checkbox" name="delete_attachment[]" value="%d" /> <a href="%s/%s/%s">%s</a></li>', $v->id, SITE_HOST, SITE_PATH, get_rantattachment_filename($v->id), get_rantattachment_filename($v->id));
303 printf('<li><input type="checkbox" name="delete_attachment[]" value="%d" /> <a href="%s/%s/%s">%s</a></li>', $v->id, SITE_HOST, SITE_PATH, get_rantattachment_filename($v->id), get_rantattachment_filename($v->id));
304 ?>
304 ?>
Show file before | Show file after | Show commentsHide comments
@@ -24,12 +24,8
24
24
25 for ($count = 0; $count < 5; $count++) {
25 for ($count = 0; $count < 5; $count++) {
26 $entry = $feed->getEntryByOffset($count);
26 $entry = $feed->getEntryByOffset($count);
27 $link = mysqli_real_escape_string($mtdb->link, $entry->link);
28 $title = mysqli_real_escape_string($mtdb->link, $entry->title);
29 $date = $entry->pubdate;
30
27
31 $mtdb->query("INSERT INTO fredart (pubdate, title, link)
28 $dbConnection->executeUpdate('INSERT INTO fredart (pubdate, title, link) VALUES (FROM_UNIXTIME(?), ?, ?)', array($entry->pubdate, $entry->title, $entry->link));
32 VALUES (FROM_UNIXTIME($date), '$title', '$link')", false);
33 }
29 }
34
30
35 header('Content-Type: text/xml');
31 header('Content-Type: text/xml');
Show file before | Show file after | Show commentsHide comments
@@ -1,12 +1,11
1 <?php
1 <?php
2
2
3 /* Megatokyo Website Administration */
3 /* Megatokyo Website Administration */
4
5 require_once('../LocalSettings.php');
4 require_once('../LocalSettings.php');
5 require(__DIR__ . '/../vendor/autoload.php');
6
6
7 // Core lib
7 // Core lib
8 require_once('html.php');
8 require_once('html.php');
9 require_once('mysql.php');
10 require_once('cookies.php');
9 require_once('cookies.php');
11 require_once('functions.php');
10 require_once('functions.php');
12 require_once('error.php');
11 require_once('error.php');
@@ -29,8 +28,18 require_once('rss.php');
29
28
30 require_once('twitteroauth/twitteroauth.php');
29 require_once('twitteroauth/twitteroauth.php');
31
30
32 $mtdb = new MysqlStore();
31 // Initialize a connection to the database
33 $mtdb->connect( DB_SERVER, DB_WRITE_USER, DB_WRITE_PASS, DB_NAME );
32 $dbConfig = new \Doctrine\DBAL\Configuration();
33 $dbParams = array(
34 'dbname' => DB_NAME,
35 'user' => DB_WRITE_USER,
36 'password' => DB_WRITE_PASS,
37 'host' => DB_SERVER,
38 'driver' => 'pdo_mysql',
39 'charset' => 'utf8mb4'
40 );
41 $dbConnection = \Doctrine\DBAL\DriverManager::getConnection($dbParams, $dbConfig);
42 $dbConnection->setFetchMode(PDO::FETCH_OBJ);
34
43
35 /* TODO: Move these definitions to LocalSettings.php */
44 /* TODO: Move these definitions to LocalSettings.php */
36 if ( !defined('RANTIMG') )
45 if ( !defined('RANTIMG') )
@@ -42,21 +51,20 define('USING_TIDY', false);
42
51
43 /* These function are all for core authentication. */
52 /* These function are all for core authentication. */
44
53
45 // Call mysql to hash a password
46 function mt_hash_password($password) {
54 function mt_hash_password($password) {
47 global $mtdb;
55 return sha1($password);
48 return $mtdb->getOne('SELECT SHA1("' . mysqli_real_escape_string($mtdb->link, $password) . '")') ;
49 }
56 }
50
57
51 // Remove invalid characters from username. Permit only alpha, underscore, period, at, hypen
58 // Remove invalid characters from username. Permit only alpha, underscore, period, at, hyphen
52 function sanitize_username( $username ) {
59 function sanitize_username( $username ) {
53 return preg_replace('|[^a-z_.@-]|i', '', $username);
60 return preg_replace('|[^a-z_.@-]|i', '', $username);
54 }
61 }
55
62
56 // Attempt to login with a username and password. If from cookies, set already_hashed = true.
63 // Attempt to login with a username and password. If from cookies, set already_hashed = true.
57 function mt_login($username, $password, $already_hashed = false) {
64 function mt_login($username, $password, $already_hashed = false) {
58 global $error,$mtdb;
65 global $error, $dbConnection;
59
66
67 // Fail login if either user or pass is blank
60 if ( '' == $username )
68 if ( '' == $username )
61 return false;
69 return false;
62
70
@@ -67,7 +75,11 function mt_login($username, $password, $already_hashed = false) {
67
75
68 $username = sanitize_username( $username );
76 $username = sanitize_username( $username );
69
77
70 $login = $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link,password FROM contributor WHERE name = "' . mysqli_real_escape_string($mtdb->link, $username) . '"');
78 // Get user info from the database
79 $sql = 'SELECT * FROM contributor WHERE name LIKE ?';
80 $stmt = $dbConnection->executeQuery($sql, array($username));
81 $login = $stmt->fetch();
82
71 if (!$login) {
83 if (!$login) {
72 $error = ('<strong>ERROR</strong>: Invalid username or password.');
84 $error = ('<strong>ERROR</strong>: Invalid username or password.');
73 adminlog("Failed login attempt from ".$_SERVER['REMOTE_ADDR']." for $username.", MTS_LOGIN, MTA_CHANGE);
85 adminlog("Failed login attempt from ".$_SERVER['REMOTE_ADDR']." for $username.", MTS_LOGIN, MTA_CHANGE);
@@ -144,5 +156,4 function nocache_headers() {
144 @ header('Pragma: no-cache');
156 @ header('Pragma: no-cache');
145 }
157 }
146
158
147
148 ?>
159 ?>
Show file before | Show file after | Show commentsHide comments
@@ -25,7 +25,6 function mt_get_cookie_login() {
25
25
26 // Store username and password in a cookie
26 // Store username and password in a cookie
27 function mt_setcookie($username, $password, $already_md5 = false, $siteurl = '', $remember = false) {
27 function mt_setcookie($username, $password, $already_md5 = false, $siteurl = '', $remember = false) {
28 global $mtdb;
29 if ( !$already_md5 )
28 if ( !$already_md5 )
30 $password = mt_hash_password($password);
29 $password = mt_hash_password($password);
31
30
Show file before | Show file after | Show commentsHide comments
@@ -13,8 +13,7 define('MTS_TYPE_META', 8); // Changes in the metatype manager
13 define('MTS_TUMBLR', 10);
13 define('MTS_TUMBLR', 10);
14
14
15
15
16
16 define('MTA_ADD', 'create'); // Creation action
17 define('MTA_ADD', 'create'); // Creation action
18 define('MTA_INSERT', 'create'); // Creation action
17 define('MTA_INSERT', 'create'); // Creation action
19 define('MTA_DELETE', 'delete'); // Deletion action
18 define('MTA_DELETE', 'delete'); // Deletion action
20 define('MTA_REMOVE', 'delete'); // Deletion action
19 define('MTA_REMOVE', 'delete'); // Deletion action
@@ -24,21 +23,29 define('MTA_CHANGE', 'update'); // Modification action
24
23
25 function adminlog($msg, $section, $action, $level=E_USER_NOTICE, $email=false)
24 function adminlog($msg, $section, $action, $level=E_USER_NOTICE, $email=false)
26 {
25 {
27 global $mtdb, $currentuser;
26 global $dbConnection, $currentuser;
28
27
29 $sql = sprintf('INSERT INTO admin_log (contributor, section, action, level, message) VALUES (%s, %d, "%s", %d, "%s")',
28 $sql = 'INSERT INTO admin_log (contributor, section, action, level, message) VALUES (?, ?, ?, ?, ?)';
30 (is_numeric($currentuser->id) ? $currentuser->id : "NULL"), $section, mysqli_real_escape_string($mtdb->link, $action), $level, mysqli_real_escape_string($mtdb->link, $msg));
29 $stmt = $dbConnection->prepare($sql);
31 $mtdb->query( $sql ) or die($sql."<br>".mysqli_error($mtdb->link)."<br>\n".var_export(debug_backtrace()));
30 $stmt->bindValue(1, is_numeric($currentuser->id) ? $currentuser->id : NULL);
31 $stmt->bindValue(2, $section);
32 $stmt->bindValue(3, $action);
33 $stmt->bindValue(4, $level);
34 $stmt->bindValue(5, $msg);
35 $stmt->execute() or die($sql . '<br>' . $stmt->errorCode() . '<br>' . var_export(debug_backtrace()));
32
36
33 // Log all important sorts of messages in the Apache log
37 // Log all important sorts of messages in the Apache log
34 if( $level & (E_USER_WARNING | E_USER_ERROR) ) {
38 if( $level & (E_USER_WARNING | E_USER_ERROR) )
39 {
35 error_log($msg, 0);
40 error_log($msg, 0);
36 }
41 }
37
42
38 // Email critical messages and those for which email is requested
43 // Email critical messages and those for which email is requested
39 if($email || E_USER_ERROR == $level || E_ERROR == $level) {
44 if($email || E_USER_ERROR == $level || E_ERROR == $level)
45 {
40 // Pretty printing
46 // Pretty printing
41 switch($level) {
47 switch($level)
48 {
42 case E_USER_NOTICE:
49 case E_USER_NOTICE:
43 case E_NOTICE:
50 case E_NOTICE:
44 $importance = 'Notice';
51 $importance = 'Notice';
@@ -56,7 +63,8 function adminlog($msg, $section, $action, $level=E_USER_NOTICE, $email=false)
56 break;
63 break;
57 }
64 }
58
65
59 switch($section) {
66 switch($section)
67 {
60 case MTS_LOGIN: $area = 'User login'; break;
68 case MTS_LOGIN: $area = 'User login'; break;
61 case MTS_USER: $area = 'Modify user'; break;
69 case MTS_USER: $area = 'Modify user'; break;
62 case MTS_PAGE: $area = 'Modify page'; break;
70 case MTS_PAGE: $area = 'Modify page'; break;
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 function adminhead($title = '') {
12 <head>
12 <head>
13 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
13 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
14 <title>Megatokyo Administrative Dashboard<?php if( $title ) echo " &#8212; $title"; ?></title>
14 <title>Megatokyo Administrative Dashboard<?php if( $title ) echo " &#8212; $title"; ?></title>
15 <link rel="stylesheet" href="<?php echo ADMIN_PATH; ?>/wp-admin.css" type="text/css" />
15 <link rel="stylesheet" href="<?php echo ADMIN_PATH; ?>/styles/wp-admin.css" type="text/css" />
16 <link type="application/rss+xml" rel="alternate" title="Admin Log" href="<?php printf('%s%s/%s/adminlog.xml', SITE_HOST, SITE_PATH, SITE_ADMIN) ?>" />
16 <link type="application/rss+xml" rel="alternate" title="Admin Log" href="<?php printf('%s%s/%s/adminlog.xml', SITE_HOST, SITE_PATH, SITE_ADMIN) ?>" />
17 <link type="application/rss+xml" rel="alternate" title="Scratchpad" href="<?php printf('%s%s/%s/scratchpad.xml', SITE_HOST, SITE_PATH, SITE_ADMIN) ?>" />
17 <link type="application/rss+xml" rel="alternate" title="Scratchpad" href="<?php printf('%s%s/%s/scratchpad.xml', SITE_HOST, SITE_PATH, SITE_ADMIN) ?>" />
18 </head>
18 </head>
@@ -41,7 +41,7 $submenu['manage-comics.php'] = array(
41 'manage-types.php' => 'Types',
41 'manage-types.php' => 'Types',
42 'manage-twitter-users.php' => 'Twitter Users',
42 'manage-twitter-users.php' => 'Twitter Users',
43 'manage-metatypes.php' => 'Metatypes',
43 'manage-metatypes.php' => 'Metatypes',
44 'swap-comics.php' => 'Swap Comics',
44 //'swap-comics.php' => 'Swap Comics',
45 'character-twitter.php' => 'Character Twitters',
45 'character-twitter.php' => 'Character Twitters',
46 'view-adminlog.php' => 'View Admin Log'
46 'view-adminlog.php' => 'View Admin Log'
47 );
47 );
@@ -155,6 +155,7 function handle_error($errno, $errstr, $errfile, $errline, $errcontext) {
155 case E_CORE_WARNING:
155 case E_CORE_WARNING:
156 case E_COMPILE_WARNING:
156 case E_COMPILE_WARNING:
157 break;
157 break;
158
158 case E_USER_ERROR:
159 case E_USER_ERROR:
159 case E_ERROR:
160 case E_ERROR:
160 case E_PARSE:
161 case E_PARSE:
@@ -164,7 +165,7 function handle_error($errno, $errstr, $errfile, $errline, $errcontext) {
164 header('Content-Type: text/html; charset=utf-8');
165 header('Content-Type: text/html; charset=utf-8');
165
166
166 if (eregi('^(sql)$', $errstr)) {
167 if (eregi('^(sql)$', $errstr)) {
167 $errstr = "SQL Error " . mysqli_errno() . ': ' . mysqli_error();
168 // $errstr = "SQL Error " . mysqli_errno() . ': ' . mysqli_error();
168 }
169 }
169
170
170 $message = "Error#$errno: $errstr";
171 $message = "Error#$errno: $errstr";
@@ -204,7 +205,7 function mtdie($message,$title='') {
204 font-dize: 18px;
205 font-dize: 18px;
205 font-weight: lighter;
206 font-weight: lighter;
206 }
207 }
207 h2 {
208 h2 {
208 font-size: 16px;
209 font-size: 16px;
209 }
210 }
210 p, li, dt {
211 p, li, dt {
@@ -222,13 +223,12 function mtdie($message,$title='') {
222 </head>
223 </head>
223 <body>
224 <body>
224 <h1 id="Logo">Megatokyo Admin</h1>
225 <h1 id="Logo">Megatokyo Admin</h1>
225 <?php if($title) echo "<h2>$title</h2>\n"; ?>
226 <?php if($title) echo "<h2>$title</h2>\n"; ?>
226 <p><?php echo $message; ?></p>
227 <p><?php echo $message; ?></p>
227 </body>
228 </body>
228 </html>
229 </html>
229 <?php
230 <?php
230 die();
231 die();
231
232 }
232 }
233
233
234 function numeric_entities($string){
234 function numeric_entities($string){
Show file before | Show file after | Show commentsHide comments
@@ -73,7 +73,7 function wp_nonce_ays($action) {
73 }
73 }
74
74
75 function mt_explain_nonce($action) {
75 function mt_explain_nonce($action) {
76 global $mtdb;
76 global $dbConnection;
77 $c = explode('-',$action);
77 $c = explode('-',$action);
78 $i = (int)$c[2];
78 $i = (int)$c[2];
79
79
@@ -110,12 +110,12 function mt_explain_nonce($action) {
110 if( false !== strpos( $t, '%' ) ) {
110 if( false !== strpos( $t, '%' ) ) {
111
111
112 switch( $c[1] ) {
112 switch( $c[1] ) {
113 case 'rant': $v = $mtdb->getOne('SELECT title FROM rant WHERE id=' . $i); break;
113 case 'rant': $v = $dbConnection->fetchColumn('SELECT title FROM rant WHERE id = ?', array($i)); break;
114 case 'strip': $v = $mtdb->getOne('SELECT id FROM strip WHERE id=' . $i); break;
114 case 'strip': $v = $dbConnection->fetchColumn('SELECT id FROM strip WHERE id = ?', array($i)); break;
115 case 'type': $v = $mtdb->getOne('SELECT name FROM strip_t WHERE id=' . $i); break;
115 case 'type': $v = $dbConnection->fetchColumn('SELECT name FROM strip_t WHERE id = ?', array($i)); break;
116 case 'metatype':$v = $mtdb->getOne('SELECT name FROM meta_t WHERE id=' . $i); break;
116 case 'metatype':$v = $dbConnection->fetchColumn('SELECT name FROM meta_t WHERE id = ?', array($i)); break;
117 case 'extra': $temp = extra_file_from_inode($i); $v = $temp->name; break;
117 case 'extra': $temp = extra_file_from_inode($i); $v = $temp->name; break;
118 case 'twitteruser': $v = $mtdb->getOne('SELECT username FROM twitter_user WHERE id=' . $i); break;
118 case 'twitteruser': $v = $dbConnection->fetchColumn('SELECT username FROM twitter_user WHERE id = ?', array($i)); break;
119 default: $v = $i;
119 default: $v = $i;
120 }
120 }
121
121
Show file before | Show file after | Show commentsHide comments
@@ -1,53 +1,84
1 <?php
1 <?php
2
2
3 class Page {
3 class Page
4 var $url_name, $status, $title, $body, $style;
4 {
5 public $url_name;
6 public $status;
7 public $title;
8 public $body;
9 public $style;
5 }
10 }
6
11
7 function savepage($page) {
12 function savepage($page)
8 if($page->url_name)
13 {
14 if ($page->url_name)
9 return updatepage($page);
15 return updatepage($page);
10 else
16 else
11 return insertpage($page);
17 return insertpage($page);
12 }
18 }
13
19
14 function insertpage($page) {
20 function insertpage($page)
15 global $mtdb;
21 {
16 $sql = 'INSERT INTO static_page ( url_name, status, title, body, style ) VALUES ('
22 if ( !$page->url_name ) return false;
17 . ' "' . mysqli_real_escape_string($mtdb->link, $page->url_name)
23 global $dbConnection;
18 . '", "' . mysqli_real_escape_string($mtdb->link, $page->status)
24
19 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )
25 $sql = 'INSERT INTO static_page (url_name, status, title, body, style) VALUES (:slug, :status, :title, :body, :style)';
20 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )
26 $stmt = $dbConnection->prepare($sql);
21 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )
27
22 . '")';
28 $stmt->bindValue('slug', $page->url_name);
23 adminlog("Page '".$page->url_name."' has been added.", MTS_PAGE, MTA_ADD);
29 $stmt->bindValue('status', $page->status);
24 return $mtdb->query($sql);
30 $stmt->bindValue('title', trim($page->title));
31 $stmt->bindValue('body', trim($page->body));
32 $stmt->bindValue('style', trim($page->style));
33
34 adminlog("Page '" . $page->url_name . "' has been added.", MTS_PAGE, MTA_ADD);
35 return $stmt->execute();
25 }
36 }
26
37
27 function updatepage($page) {
38 function updatepage($page)
39 {
28 if ( !$page->url_name ) return false;
40 if ( !$page->url_name ) return false;
29 global $mtdb;
41 global $dbConnection;
30
42
31 $sql = 'UPDATE static_page SET url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name)
43 $sql = 'UPDATE static_page SET url_name = :slug, status = :status, title = :title, body = :body, style = :style WHERE url_name = :slug';
32 . '", status = "' . mysqli_real_escape_string($mtdb->link, $page->status)
44 $stmt = $dbConnection->prepare($sql);
33 . '", title = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )
45
34 . '", body = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )
46 $stmt->bindValue('slug', $page->url_name);
35 . '", style = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )
47 $stmt->bindValue('status', $page->status);
36 . '" WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name) . '"';
48 $stmt->bindValue('title', trim($page->title));
37 adminlog("Page '".$page->url_name."' has been updated.", MTS_PAGE, MTA_MODIFY);
49 $stmt->bindValue('body', trim($page->body));
38 return $mtdb->query( $sql );
50 $stmt->bindValue('style', trim($page->style));
51
52 adminlog("Page '" . $page->url_name . "' has been updated.", MTS_PAGE, MTA_MODIFY);
53 return $stmt->execute();
39 }
54 }
40
55
41 function deletepage($url_name) {
56 function deletepage($url_name)
57 {
42 if ( !$url_name ) return false;
58 if ( !$url_name ) return false;
43 global $mtdb;
59 global $dbConnection;
44 adminlog("Page '".$page->url_name."' has been deleted.", MTS_PAGE, MTA_DELETE);
60
45 return $mtdb->query( 'DELETE FROM static_page WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $url_name) . '"' );
61 $sql = 'DELETE FROM static_page WHERE url_name = :slug';
62 $stmt = $dbConnection->prepare($sql);
63
64 $stmt->bindValue('slug', $url_name);
65
66 adminlog("Page '" . $page->url_name . "' has been deleted.", MTS_PAGE, MTA_DELETE);
67 return $stmt->execute();
46 }
68 }
47
69
48 function getpage($url_name) {
70 function getpage($url_name)
49 global $mtdb;
71 {
50 return $mtdb->getRow( 'SELECT url_name, status, title, body, style FROM static_page WHERE url_name = "'. mysqli_real_escape_string($mtdb->link, $url_name) . '"' );
72 if ( !$url_name ) return false;
73 global $dbConnection;
74
75 $sql = 'SELECT url_name, status, title, body, style FROM static_page WHERE url_name = :slug';
76 $stmt = $dbConnection->prepare($sql);
77
78 $stmt->bindValue('slug', $url_name);
79
80 $stmt->execute();
81 return $stmt->fetch();
51 }
82 }
52
83
53 ?>
84 ?>
Show file before | Show file after | Show commentsHide comments
@@ -1,119 +1,193
1 <?php
1 <?php
2
2
3 class Rant {
3 class Rant
4 var $id, $published, $status, $side, $author, $title, $body, $link, $imagetype, $imagetext;
4 {
5 public $id;
6 public $published;
7 public $status;
8 public $side;
9 public $author;
10 public $title;
11 public $body;
12 public $link;
13 public $imagetype;
14 public $imagetext;
5 }
15 }
6
16
7 function saverant($rant) {
17 function saverant($rant)
8 if($rant->id)
18 {
19 if ($rant->id)
9 return updaterant($rant);
20 return updaterant($rant);
10 else
21 else
11 return insertrant($rant);
22 return insertrant($rant);
12 }
23 }
13
24
14 function insertrant($rant) {
25 function insertrant($rant)
15 global $mtdb;
26 {
16 $sql = 'INSERT INTO rant ( published, status, side, author, title, body, link, imagetype, imagetext ) VALUES ( FROM_UNIXTIME('
27 global $dbConnection;
17 . (int)$rant->published
28
18 . '), "' . mysqli_real_escape_string($mtdb->link, $rant->status)
29 $sql = 'INSERT INTO rant (published, status, side, author, title, body, link, imagetype, imagetext) VALUES ' .
19 . '", "' . mysqli_real_escape_string($mtdb->link, $rant->side)
30 '(FROM_UNIXTIME(:published), :status, :side, :author, :title, :body, :link, :imagetype, :imagetext)';
20 . '", "' . (int)$rant->author
31 $stmt = $dbConnection->prepare($sql);
21 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->title) )
32
22 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->body ) )
33 $stmt->bindValue('published', (int)$rant->published);
23 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->link ) )
34 $stmt->bindValue('status', $rant->status);
24 . '", ' . mysqli_real_escape_string($mtdb->link, $rant->imagetype)
35 $stmt->bindValue('side', $rant->side);
25 . ', "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->imagetext ) )
36 $stmt->bindValue('author', (int)$rant->author);
26 . '")';
37 $stmt->bindValue('title', trim($rant->title));
27
38 $stmt->bindValue('body', trim($rant->body));
28 if( $mtdb->query( $sql ) ) {
39 $stmt->bindValue('link', trim($rant->link));
40 $stmt->bindValue('imagetype', $rant->imagetype);
41 $stmt->bindValue('imagetext', trim($rant->imagetext));
42
43 if ($stmt->execute())
44 {
29 //logthis( 'Saved changes to rant ' . $rant->id );
45 //logthis( 'Saved changes to rant ' . $rant->id );
30 $rant->id = mysqli_insert_id( $mtdb->link );
46 $rant->id = $dbConnection->lastInsertId();
31
47
32 adminlog("Rant ".$rant->id." saved.", MTS_RANT, MTA_ADD);
48 adminlog("Rant " . $rant->id . " saved.", MTS_RANT, MTA_ADD);
33
49
34 if($rant->status == "published")
50 if ($rant->status == "published")
35 {
51 {
52 adminlog("Rant " . $rant->id . " published.", MTS_RANT, MTA_ADD);
53
54 /*
36 $poster = get_userdatabyid($rant->author);
55 $poster = get_userdatabyid($rant->author);
37 adminlog("Rant ".$rant->id." published.", MTS_RANT, MTA_ADD);
38 twitterpost("New rant posted by ".$poster->name.": ".SITE_HOST.SITE_PATH."/rant/".$rant->id);
56 twitterpost("New rant posted by ".$poster->name.": ".SITE_HOST.SITE_PATH."/rant/".$rant->id);
39
57
40 if($rant->author === 1) {
58 if($rant->author === 1) {
41 tumblrpost($rant->title, $rant->body);
59 tumblrpost($rant->title, $rant->body);
42 }
60 }
61 */
43 }
62 }
44
63
45 return $rant->id;
64 return $rant->id;
46 }
65 }
66
47 return false;
67 return false;
48 }
68 }
49
69
50 function updaterant($rant) {
70 function updaterant($rant)
71 {
51 if ( !(int)$rant->id ) return false;
72 if ( !(int)$rant->id ) return false;
52 global $mtdb;
73 global $dbConnection;
53
74
54 #first, check if it's published already
75 # First, check if it's published already
55 $qr = $mtdb->query("SELECT status FROM rant WHERE id = ".$rant->id);
76 $sql = 'SELECT status FROM rant WHERE id = ?';
56 $row = mysqli_fetch_row($qr);
77 $stmt = $dbConnection->prepare($sql);
57 $status = $row[0];
78
58
79 $stmt->bindValue(1, $rant->id);
59 adminlog("Rant ".$rant->id." updated.", MTS_RANT, MTA_UPDATE);
80
60
81 $stmt->execute();
61 $sql = 'UPDATE rant SET published=FROM_UNIXTIME(' . (int)$rant->published
82 $status = $stmt->fetchColumn();
62 . '), status = "' . mysqli_real_escape_string($mtdb->link, $rant->status)
83
63 . '", side = "' . mysqli_real_escape_string($mtdb->link, $rant->side)
84 adminlog("Rant " . $rant->id . " updated.", MTS_RANT, MTA_UPDATE);
64 . '", author = ' . (int)$rant->author
85
65 . ', title = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->title) )
86 $sql = 'UPDATE rant SET published = FROM_UNIXTIME(:published), status = :status, side = :side, author = :author, ' .
66 . '", body = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->body ) )
87 'title = :title, body = :body, link = :link, imagetype = :imagetype, imagetext = :imagetext WHERE id = :id';
67 . '", link = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->link ) )
88 $stmt = $dbConnection->prepare($sql);
68 . '", imagetype = ' . (int)$rant->imagetype
89
69 . ', imagetext = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->imagetext) )
90 $stmt->bindValue('id', (int)$rant->id);
70 . '" WHERE id=' . (int)$rant->id;
91 $stmt->bindValue('published', (int)$rant->published);
71
92 $stmt->bindValue('status', $rant->status);
72 if($status == "draft" && $rant->status == "published")
93 $stmt->bindValue('side', $rant->side);
94 $stmt->bindValue('author', (int)$rant->author);
95 $stmt->bindValue('title', trim($rant->title));
96 $stmt->bindValue('body', trim($rant->body));
97 $stmt->bindValue('link', trim($rant->link));
98 $stmt->bindValue('imagetype', (int)$rant->imagetype);
99 $stmt->bindValue('imagetext', trim($rant->imagetext));
100
101 if ($status == "draft" && $rant->status == "published")
73 {
102 {
103 adminlog("Rant " . $rant->id . " published.", MTS_RANT, MTA_UPDATE);
104
105 /*
74 $poster = get_userdatabyid($rant->author);
106 $poster = get_userdatabyid($rant->author);
75 adminlog("Rant ".$rant->id." published.", MTS_RANT, MTA_UPDATE);
76 twitterpost("New rant posted by ".$poster->name.": ".SITE_HOST.SITE_PATH."/rant/".$rant->id);
107 twitterpost("New rant posted by ".$poster->name.": ".SITE_HOST.SITE_PATH."/rant/".$rant->id);
77
108
78 if($rant->author === 1) {
109 if($rant->author === 1) {
79 tumblrpost($rant->title, $rant->body);
110 tumblrpost($rant->title, $rant->body);
80 }
111 }
112 */
81 }
113 }
82
114
83 return $mtdb->query( $sql );
115 return $stmt->execute();
84 }
116 }
85
117
86 function deleterant($rantid) {
118 function deleterant($rantid)
119 {
87 if ( !(int)$rantid ) return false;
120 if ( !(int)$rantid ) return false;
88 global $mtdb;
121 global $dbConnection;
89 adminlog("Rant ".$rantid." deleted.", MTS_RANT, MTA_DELETE);
122
90 return $mtdb->query( 'DELETE FROM rant WHERE id=' . $rantid );
123 $sql = 'DELETE FROM rant WHERE id = ?';
124 $stmt = $dbConnection->prepare($sql);
125
126 $stmt->bindValue(1, $rantid);
127
128 adminlog("Rant " . $rantid . " deleted.", MTS_RANT, MTA_DELETE);
129 return $stmt->execute();
91 }
130 }
92
131
93 function deleteattachment($id)
132 function deleteattachment($id)
94 {
133 {
95 global $mtdb;
134 global $dbConnection;
96 $file = SITE_PATH_ABS.'/'.get_rantattachment_filename($id);
135
97 unlink( $file ) or adminlog("Could not delete $file", MTS_RANT, MTA_DELETE, E_USER_WARNING);
136 // Remove attachment from filesystem
98 $mtdb->query( 'DELETE FROM rant_attachment WHERE id = ' . $id );
137 $file = SITE_PATH_ABS . '/' . get_rantattachment_filename($id);
138 unlink($file) or adminlog("Could not delete $file", MTS_RANT, MTA_DELETE, E_USER_WARNING);
139
140 // Remove from database
141 $sql = 'DELETE FROM rant_attachment WHERE id = ?';
142 $stmt = $dbConnection->prepare($sql);
143
144 $stmt->bindValue(1, $id);
145
146 $stmt->execute();
99 adminlog("Deleted attachment $id", MTS_RANT, MTA_DELETE);
147 adminlog("Deleted attachment $id", MTS_RANT, MTA_DELETE);
100 }
148 }
101
149
102 function getrant($id) {
150 function getrant($id)
103 global $mtdb;
151 {
104 return $mtdb->getRow( 'SELECT id, UNIX_TIMESTAMP(published) as published, status, side, author, title, body, link, imagetype, imagetext FROM rant WHERE id = '. (int)$id );
152 global $dbConnection;
153
154 $sql = 'SELECT id, UNIX_TIMESTAMP(published) as published, status, side, author, title, body, link, imagetype, imagetext FROM rant WHERE id = ?';
155 $stmt = $dbConnection->prepare($sql);
156
157 $stmt->bindValue(1, (int)$id);
158
159 $stmt->execute();
160 return $stmt->fetch();
105 }
161 }
106
162
107 function get_rantimage_filename( $rant ) {
163 function get_rantimage_filename($rant)
108 global $mtdb;
164 {
109 $ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$rant->imagetype ); // filename extension
165 global $dbConnection;
110 return sprintf( '%s/%04d.%s',SITE_RANT, (int)$rant->id, $ext );
166
167 $sql = 'SELECT extension FROM media_t WHERE id = ?';
168 $stmt = $dbConnection->prepare($sql);
169
170 $stmt->bindValue(1, (int)$rant->imagetype);
171
172 $stmt->execute();
173 $ext = $stmt->fetchColumn(); // filename extension
174
175 return sprintf('%s/%04d.%s', SITE_RANT, (int)$rant->id, $ext);
111 }
176 }
112
177
113 function get_rantattachment_filename( $id ) {
178 function get_rantattachment_filename($id)
114 global $mtdb;
179 {
115 $ext = $mtdb->getOne( 'SELECT extension FROM media_t JOIN rant_attachment ra ON ra.media = media_t.id WHERE ra.id=' . (int)$id ); // filename extension
180 global $dbConnection;
116 return sprintf( '%s/%d.%s',SITE_RANT_ATTACHMENT, (int)$id, $ext );
181
182 $sql = 'SELECT extension FROM media_t JOIN rant_attachment ra ON ra.media = media_t.id WHERE ra.id = ?';
183 $stmt = $dbConnection->prepare($sql);
184
185 $stmt->bindValue(1, (int)$id);
186
187 $stmt->execute();
188 $ext = $stmt->fetchColumn(); // filename extension
189
190 return sprintf('%s/%d.%s', SITE_RANT_ATTACHMENT, (int)$id, $ext );
117 }
191 }
118
192
119 ?>
193 ?>
Show file before | Show file after | Show commentsHide comments
@@ -2,13 +2,14
2
2
3 function rsspost($body, $url)
3 function rsspost($body, $url)
4 {
4 {
5 global $mtdb;
5 global $dbConnection;
6
6
7 $mtdb->query('INSERT INTO rss_comment (body, url)
7 $sql = 'INSERT INTO rss_comment (body, url) VALUES (?, ?)';
8 VALUES ("'.mysqli_real_escape_string($mtdb->link, $body).'",
8 $stmt = $dbConnection->prepare($sql);
9 "'.mysqli_real_escape_string($mtdb->link, $url).'")');
9 $stmt->bindValue(1, $body);
10 $stmt->bindValue(2, $url);
10
11
11 return true;
12 return $stmt->execute();
12 }
13 }
13
14
14 ?>
15 ?>
Show file before | Show file after | Show commentsHide comments
@@ -3,8 +3,16
3 // Book: The offset from 0 at the beginning of time
3 // Book: The offset from 0 at the beginning of time
4 // Page: The offset from 0 at the beginning of the volume
4 // Page: The offset from 0 at the beginning of the volume
5
5
6 class Strip {
6 class Strip
7 var $id, $old_id, $published, $media, $type, $title, $book, $page;
7 {
8 public $id;
9 public $old_id;
10 public $published;
11 public $media;
12 public $type;
13 public $title;
14 public $book;
15 public $page;
8 }
16 }
9
17
10 // old_id is used to detect alterations to the strip id in forms. Not saved in database.
18 // old_id is used to detect alterations to the strip id in forms. Not saved in database.
@@ -12,29 +20,31 class Strip {
12
20
13 // Strip id is automatically incremented
21 // Strip id is automatically incremented
14 function insertstrip(&$strip) {
22 function insertstrip(&$strip) {
15 global $mtdb;
23 global $dbConnection;
16
24
17 $strip->book = ($strip->book == '') ? 'NULL' : (int)$strip->book;
25 $strip->book = ($strip->book == '') ? NULL : (int)$strip->book;
18 $strip->page = ($strip->page == '') ? 'NULL' : (int)$strip->page;
26 $strip->page = ($strip->page == '') ? NULL : (int)$strip->page;
19
27
20 $mtdb->query('START TRANSACTION');
28 $dbConnection->beginTransaction();
21 $newid = $mtdb->getOne('SELECT MAX(id) FROM strip') + 1;
29 $newid = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip') + 1;
22 $sql = 'INSERT INTO strip ( id, published, media, type, title, book, page ) VALUES ('
30
23 . $newid
31 $sql = 'INSERT INTO strip (id, published, media, type, title, book, page) VALUES(?, FROM_UNIXTIME(?), ?, ?, ?, ?, ?)';
24 . ', FROM_UNIXTIME(' . (int)$strip->published
32 $stmt = $dbConnection->prepare($sql);
25 . '), '. (int)$strip->media
33
26 . ', ' . (int)$strip->type
34 $stmt->bindValue(1, $newid);
27 . ', "' . mysqli_real_escape_string( $mtdb->link, trim($strip->title) )
35 $stmt->bindValue(2, $strip->published, PDO::PARAM_INT);
28 . '", '. $strip->book
36 $stmt->bindValue(3, $strip->media, PDO::PARAM_INT);
29 . ', ' . $strip->page
37 $stmt->bindValue(4, $strip->type, PDO::PARAM_INT);
30 . ')';
38 $stmt->bindValue(5, trim($strip->title));
31
39 $stmt->bindValue(6, $strip->book);
32 $r = $mtdb->query( $sql );
40 $stmt->bindValue(7, $strip->page);
41
42 $r = $stmt->execute();
33 if( !$r ) {
43 if( !$r ) {
34 $mtdb->query('ROLLBACK');
44 $dbConnection->rollback();
35 return false;
45 return false;
36 }
46 }
37 $mtdb->query('COMMIT');
47 $dbConnection->commit();
38 adminlog("Comic ".$newid." posted.", MTS_STRIP, MTA_ADD);
48 adminlog("Comic ".$newid." posted.", MTS_STRIP, MTA_ADD);
39
49
40 $strip->id = $newid;
50 $strip->id = $newid;
@@ -43,22 +53,26 function insertstrip(&$strip) {
43 }
53 }
44
54
45 function updatestrip(&$strip) {
55 function updatestrip(&$strip) {
46 global $mtdb;
56 global $dbConnection;
47
57
48 $strip->book = ($strip->book === '') ? 'NULL' : (int)$strip->book;
58 $strip->book = ($strip->book === '') ? NULL : (int)$strip->book;
49 $strip->page = ($strip->page === '') ? 'NULL' : (int)$strip->page;
59 $strip->page = ($strip->page === '') ? NULL : (int)$strip->page;
50
60
51 $mtdb->query('START TRANSACTION');
61 $dbConnection->beginTransaction();
52 $sql = 'UPDATE strip SET
62
53 published = FROM_UNIXTIME(' . (int)$strip->published .')
63 $sql = 'UPDATE strip SET published = FROM_UNIXTIME(?), media = ?, type = ?, title = ?, book = ?, page = ? WHERE id = ?';
54 , media = '. (int)$strip->media .'
64 $stmt = $dbConnection->prepare($sql);
55 , type = ' . (int)$strip->type .'
65
56 , title = "' . mysqli_real_escape_string( $mtdb->link, trim($strip->title) ) .'"
66 $stmt->bindValue(1, $strip->published, PDO::PARAM_INT);
57 , book = ' . (int)$strip->book .'
67 $stmt->bindValue(2, $strip->media, PDO::PARAM_INT);
58 , page = ' . (int)$strip->page .'
68 $stmt->bindValue(3, $strip->type, PDO::PARAM_INT);
59 WHERE id = ' . (int)$strip->id;
69 $stmt->bindValue(4, trim($strip->title));
60 $mtdb->query( $sql );
70 $stmt->bindValue(5, $strip->book, PDO::PARAM_INT);
61 $mtdb->query('COMMIT');
71 $stmt->bindValue(6, $strip->page, PDO::PARAM_INT);
72 $stmt->bindValue(7, $strip->id, PDO::PARAM_INT);
73
74 $stmt->execute();
75 $dbConnection->commit();
62 adminlog("Comic ".$strip->id." modified.", MTS_STRIP, MTA_MODIFY);
76 adminlog("Comic ".$strip->id." modified.", MTS_STRIP, MTA_MODIFY);
63 return true;
77 return true;
64 }
78 }
@@ -66,12 +80,12 function updatestrip(&$strip) {
66 // Delete destination strip from DB and FS, and Update/Rename the source strip into place. Destructive Move!
80 // Delete destination strip from DB and FS, and Update/Rename the source strip into place. Destructive Move!
67 function move_strip($from_id, $to_id)
81 function move_strip($from_id, $to_id)
68 {
82 {
69 global $mtdb;
83 global $dbConnection;
70 $from_id = (int) $from_id;
84 $from_id = (int) $from_id;
71 $to_id = (int) $to_id;
85 $to_id = (int) $to_id;
72
86
73 // Ensure our source exists
87 // Ensure our source exists
74 $num_strips = $mtdb->getOne( "SELECT COUNT(*) FROM strip WHERE id = $from_id" );
88 $num_strips = $dbConnection->fetchColumn('SELECT COUNT(*) FROM strip WHERE id = ?', array($from_id));
75 if($num_strips < 1)
89 if($num_strips < 1)
76 mtdie("Cannot move strip number $from_id, because it cannot be found in database.");
90 mtdie("Cannot move strip number $from_id, because it cannot be found in database.");
77
91
@@ -79,8 +93,8 function move_strip($from_id, $to_id)
79 deletestrip( $to_id );
93 deletestrip( $to_id );
80
94
81 // Update database
95 // Update database
82 $mtdb->query( "UPDATE strip SET id = $to_id WHERE id = $from_id" );
96 $dbConnection->executeUpdate('UPDATE strip SET id = ? WHERE id = ?', array($to_id, $from_id));
83 $strip = $mtdb->getRow( "SELECT strip.id, extension FROM strip, media_t WHERE media_t.id = strip.media AND strip.id = $to_id" );
97 $strip = $dbConnection->executeQuery('SELECT strip.id, extension FROM strip, media_t WHERE media_t.id = strip.media AND strip.id = ?', array($to_id))->fetch();
84
98
85 // Update filesystem
99 // Update filesystem
86 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d.*', $from_id)) as $item) {
100 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d.*', $from_id)) as $item) {
@@ -101,8 +115,8 function deletestrip($id) {
101 $id = (int)$id;
115 $id = (int)$id;
102 if ( !$id ) return false;
116 if ( !$id ) return false;
103
117
104 global $mtdb;
118 global $dbConnection;
105 $r = $mtdb->query( 'DELETE FROM strip WHERE id=' . $id );
119 $r = $dbConnection->executeUpdate('DELETE FROM strip WHERE id = ?', array($id));
106 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d*.*', $id)) as $item)
120 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d*.*', $id)) as $item)
107 unlink($item);
121 unlink($item);
108 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/restricted/%04d*.*', $id)) as $item)
122 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/restricted/%04d*.*', $id)) as $item)
@@ -112,19 +126,19 function deletestrip($id) {
112 }
126 }
113
127
114 function getstrip($id) {
128 function getstrip($id) {
115 global $mtdb;
129 global $dbConnection;
116 return $mtdb->getRow( 'SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip WHERE id=' . (int)$id);
130 return $dbConnection->executeQuery('SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip WHERE id = ?', array($id))->fetch();
117 }
131 }
118
132
119 function get_stripimage_filename( $strip ) {
133 function get_stripimage_filename( $strip ) {
120 global $mtdb;
134 global $dbConnection;
121 $ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$strip->media ); // filename extension
135 $ext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media)); // filename extension
122 return sprintf( '%s/%04d.%s', SITE_STRIP, $strip->id, $ext );
136 return sprintf( '%s/%04d.%s', SITE_STRIP, $strip->id, $ext );
123 }
137 }
124
138
125 function get_stripid_by_rantid($rantid) {
139 function get_stripid_by_rantid($rantid) {
126 global $mtdb;
140 global $dbConnection;
127 return $mtdb->getOne('SELECT MAX(strip.id) FROM strip,rant WHERE strip.published<=rant.published AND rant.id=' . (int)$rantid);
141 return $dbConnection->fetchColumn('SELECT MAX(strip.id) FROM strip, rant WHERE strip.published <= rant.published AND rant.id = ?', array($rantid));
128 }
142 }
129
143
130 ?>
144 ?>
Show file before | Show file after | Show commentsHide comments
@@ -17,9 +17,9 function bracketbalance($line)
17 // Retrieve transcript for this strip from the database, modifying the strip object.
17 // Retrieve transcript for this strip from the database, modifying the strip object.
18 function gettranscript(&$strip)
18 function gettranscript(&$strip)
19 {
19 {
20 global $mtdb;
20 global $dbConnection;
21
21
22 $result = $mtdb->query('SELECT strip FROM transcript WHERE strip=' . (int)$strip->id );
22 $result = $dbConnection->executeQuery('SELECT strip FROM transcript WHERE strip = ?', array($strip->id));
23
23
24 if($result)
24 if($result)
25 {
25 {
@@ -30,16 +30,16 function gettranscript(&$strip)
30 # either way, I care not
30 # either way, I care not
31 Might be able to exchange this loop of getOne()s for a getAll() call.
31 Might be able to exchange this loop of getOne()s for a getAll() call.
32 */
32 */
33 $numPanels = $mtdb->getOne( 'SELECT MAX(panel) FROM transcript WHERE transcript.strip=' . (int)$strip->id );
33 $numPanels = $dbConnection->fetchColumn('SELECT MAX(panel) FROM transcript WHERE strip = ?', array($strip->id));
34 if( $numPanels ) {
34 if( $numPanels ) {
35 for($i = 1; $i <= $numPanels; $i++) {
35 for($i = 1; $i <= $numPanels; $i++) {
36 $result = $mtdb->query( 'SELECT speaker, speech FROM transcript WHERE transcript.strip=' . (int)$strip->id . ' AND panel=' .$i.' ORDER BY line')
36 $result = $dbConnection->executeQuery('SELECT speaker, speech FROM transcript WHERE transcript.strip = ? AND panel = ? ORDER BY line', array($strip->id, $i))
37 or mtdie("There was an error fetching the panel count in the transcript for $strip->id, panel $i. " . mysqli_error(), 'SQL Error');
37 or mtdie("There was an error fetching the panel count in the transcript for $strip->id, panel $i. " . $dbConnection->errorCode(), 'SQL Error');
38
38
39 if(!$result) continue;
39 if(!$result) continue;
40
40
41 $output.= "\nnewpanel\n";
41 $output.= "\nnewpanel\n";
42 while($row = mysqli_fetch_row($result)) {
42 while($row = $result->fetch(PDO::FETCH_NUM)) {
43 if(strlen($row[0]) < 1) continue;
43 if(strlen($row[0]) < 1) continue;
44
44
45 $output.= $row[0];
45 $output.= $row[0];
@@ -56,16 +56,17 function gettranscript(&$strip)
56
56
57 // Parse submitted transcript from strip object, and insert it into the database.
57 // Parse submitted transcript from strip object, and insert it into the database.
58 function savetranscript( &$strip ) {
58 function savetranscript( &$strip ) {
59 global $mtdb;
59 global $dbConnection;
60 $info = '';
60 $info = '';
61
61
62 $mtdb->query('START TRANSACTION');
62 $dbConnection->beginTransaction();
63
63
64 //remove any old transcript data - it's being replaced
64 //remove any old transcript data - it's being replaced
65 $mtdb->query( 'DELETE FROM transcript WHERE transcript.strip=' . (int)$strip->id );
65 $dbConnection->executeUpdate('DELETE FROM transcript WHERE transcript.strip = ?', array($strip->id));
66
66
67 if( $strip->transcript_posted ) {
67 if( $strip->transcript_posted ) {
68 $inserter = 'INSERT INTO transcript (strip,panel,line,speaker,speech,search) VALUES (%d,%d,%d,"%s","%s","%s")';
68 $insert_sql = 'INSERT INTO transcript (strip, panel, line, speaker, speech, search) VALUES (?, ?, ?, ?, ?, ?)';
69 $inserter_types = array(PDO::PARAM_INT, PDO::PARAM_INT, PDO::PARAM_INT, PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_STR);
69
70
70 if(strpos($strip->transcript_posted, 'Panel <$n>') !== FALSE) {
71 if(strpos($strip->transcript_posted, 'Panel <$n>') !== FALSE) {
71 # This is probably a scrivener script
72 # This is probably a scrivener script
@@ -83,11 +84,11 function savetranscript( &$strip ) {
83 $has_spoken = true;
84 $has_spoken = true;
84
85
85 for($j = 0; $j < count($lines); $j++) {
86 for($j = 0; $j < count($lines); $j++) {
86 $insert_sql = '';
87 $inserter_values = array();
87
88
88 if(strpos($lines[$j], '(') === 0) {
89 if(strpos($lines[$j], '(') === 0) {
89 # Line is a note, add it as a comment
90 # Line is a note, add it as a comment
90 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, '#', mysqli_real_escape_string($mtdb->link, $lines[$j]), '');
91 $inserter_values = array($strip->id, $i, $j, '#', $lines[$j], '');
91 } elseif(strpos($lines[$j], '[') === 0 || strlen($lines[$j]) == 0) {
92 } elseif(strpos($lines[$j], '[') === 0 || strlen($lines[$j]) == 0) {
92 # Line is an annotation or blank, do nothing
93 # Line is an annotation or blank, do nothing
93 continue;
94 continue;
@@ -95,13 +96,13 function savetranscript( &$strip ) {
95 # Line contains a list of nonspeaking characters
96 # Line contains a list of nonspeaking characters
96 array_splice($lines, $j, 1, array_map('_nospeaker', explode(',', substr($lines[$j], 11))));
97 array_splice($lines, $j, 1, array_map('_nospeaker', explode(',', substr($lines[$j], 11))));
97 $speaker = trim(substr($lines[$j], 11));
98 $speaker = trim(substr($lines[$j], 11));
98 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), '', '');
99 $inserter_values = array($strip->id, $i, $j, $speaker, '', '');
99 } elseif($i > 0 && $lines[$j] == strtoupper($lines[$j])) {
100 } elseif($i > 0 && $lines[$j] == strtoupper($lines[$j])) {
100 # Line designates a new speaker, note speaker
101 # Line designates a new speaker, note speaker
101
102
102 # Handle speakers who did not say anything
103 # Handle speakers who did not say anything
103 if(null !== $speaker && !$has_spoken)
104 if(null !== $speaker && !$has_spoken)
104 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), '', '');
105 $inserter_values = array($strip->id, $i, $j, $speaker, '', '');
105
106
106 $speaker = ucfirst(strtolower($lines[$j]));
107 $speaker = ucfirst(strtolower($lines[$j]));
107 $has_spoken = false;
108 $has_spoken = false;
@@ -111,25 +112,24 function savetranscript( &$strip ) {
111 $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($speaker).'</p>';
112 $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($speaker).'</p>';
112
113
113 $search = preg_replace( '/[[:punct:]]|(?<=\s)\s+/', ' ', strtolower($lines[$j]) );
114 $search = preg_replace( '/[[:punct:]]|(?<=\s)\s+/', ' ', strtolower($lines[$j]) );
114 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker),
115 $inserter_values = array($strip->id, $i, $j, $speaker, $lines[$j], $search);
115 mysqli_real_escape_string($mtdb->link, $lines[$j]), mysqli_real_escape_string($mtdb->link, $search));
116 $has_spoken = true;
116 $has_spoken = true;
117 } else {
117 } else {
118 # Line is unrecognized, add it as a comment
118 # Line is unrecognized, add it as a comment
119 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, '#', mysqli_real_escape_string($mtdb->link, $lines[$j]), '');
119 $inserter_values = array($strip->id, $i, $j, '#', $lines[$j], '');
120 }
120 }
121
121
122 if( $insert_sql && false === $mtdb->query( $insert_sql ) ) {
122 if( $inserter_values && false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) {
123 $mtdb->query('ROLLBACK');
123 $dbConnection->rollback();
124 mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.');
124 mtdie ($dbConnection->errorCode(), 'Error inserting transcript.');
125 }
125 }
126 }
126 }
127
127
128 if(null !== $speaker && !$has_spoken) {
128 if(null !== $speaker && !$has_spoken) {
129 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), '', '');
129 $inserter_values = array($strip->id, $i, $j, $speaker, '', '');
130 if( false === $mtdb->query( $insert_sql ) ) {
130 if( false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) {
131 $mtdb->query('ROLLBACK');
131 $dbConnection->rollback();
132 mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.');
132 mtdie ($dbConnection->errorCode(), 'Error inserting transcript.');
133 }
133 }
134 }
134 }
135 }
135 }
@@ -160,17 +160,16 function savetranscript( &$strip ) {
160 if(!bracketbalance($spoken[1]))
160 if(!bracketbalance($spoken[1]))
161 $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($spoken[0]).'</p>';
161 $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($spoken[0]).'</p>';
162
162
163 $insert_sql = sprintf($inserter, (int)$strip->id, (int)$i, (int)$j, mysqli_real_escape_string($mtdb->link, $spoken[0]),
163 $inserter_values = array($strip->id, $i, $j, $spoken[0], $spoken[1], $spoken[2]);
164 mysqli_real_escape_string($mtdb->link, $spoken[1]), mysqli_real_escape_string($mtdb->link, $spoken[2]) );
164 if( false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) {
165 if( false === $mtdb->query( $insert_sql ) ) {
165 $dbConnection->rollback();
166 $mtdb->query('ROLLBACK');
166 mtdie ($dbConnection->errorCode(), 'Error inserting transcript.');
167 mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.');
168 }
167 }
169 }
168 }
170 }
169 }
171 }
170 }
172 }
171 }
173 $mtdb->query('COMMIT');
172 $dbConnection->commit();
174 return $info;
173 return $info;
175 }
174 }
176
175
Show file before | Show file after | Show commentsHide comments
@@ -2,7 +2,9
2
2
3 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
3 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
4 {
4 {
5 global $mtdb, $info, $error;
5 if (!TWITTER_ENABLED) return;
6
7 global $dbConnection, $info, $error;
6 if( $user == '' ) {
8 if( $user == '' ) {
7 # preserve existing twitterpost(message) style posting until OAuth has been vetted.
9 # preserve existing twitterpost(message) style posting until OAuth has been vetted.
8 $user = TWITTER_USER;
10 $user = TWITTER_USER;
@@ -25,7 +27,7 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
25
27
26 } else {
28 } else {
27 # OAuth Mode
29 # OAuth Mode
28 $row = $mtdb->getRow( sprintf('SELECT id, username, oauth_token, oauth_token_secret FROM twitter_user WHERE username="%s"', mysqli_real_escape_string($mtdb->link, $user)));
30 $row = $dbConnection->executeQuery('SELECT id, username, oauth_token, oauth_token_secret FROM twitter_user WHERE username = ?', array($user))->fetch();
29
31
30 $username = $row->username;
32 $username = $row->username;
31 $oauth_token = $row->oauth_token;
33 $oauth_token = $row->oauth_token;
@@ -53,9 +55,9 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
53
55
54
56
55 function setOAuthTokens($userid,$oauth_token,$oauth_token_secret, $username) {
57 function setOAuthTokens($userid,$oauth_token,$oauth_token_secret, $username) {
56 global $mtdb;
58 global $dbConnection;
57 $id = (int)$userid;
59 $id = (int)$userid;
58 if( $mtdb->query( sprintf('UPDATE twitter_user SET oauth_token="%s", oauth_token_secret="%s", username="%s" WHERE id=%d', mysqli_real_escape_string($mtdb->link, $oauth_token), mysqli_real_escape_string($mtdb->link, $oauth_token_secret), mysqli_real_escape_string($mtdb->link, $username), $id )) )
60 if ($dbConnection->executeUpdate('UPDATE twitter_user SET oauth_token = ?, oauth_token_secret = ?, username = ? WHERE id = ?', array($oauth_token, $oauth_token_secret, $username, $id)))
59 return true;
61 return true;
60 return false;
62 return false;
61 }
63 }
Show file before | Show file after | Show commentsHide comments
@@ -3,21 +3,23
3 /* Types */
3 /* Types */
4
4
5 function get_typeByID( $id ) {
5 function get_typeByID( $id ) {
6 global $mtdb;
6 global $dbConnection;
7 $id = (int)$id;
7 $id = (int)$id;
8 $r = $mtdb->getRow( 'SELECT id, name, description FROM strip_t WHERE id=' . $id );
8 $stmt = $dbConnection->executeQuery('SELECT id, name, description FROM strip_t WHERE id = ?', array($id));
9 $r->meta = $mtdb->getAll( 'SELECT meta as id from meta where type=' . $id);
9 $r = $stmt->fetch();
10 $r->meta = $dbConnection->fetchAll('SELECT meta AS id FROM meta WHERE type = ?', array($id));
10 return $r;
11 return $r;
11 }
12 }
12
13
13 function get_allTypes() {
14 function get_allTypes() {
14 global $mtdb;
15 global $dbConnection;
15 return $mtdb->getRow( 'SELECT id, name, description, meta FROM strip_t' );
16 $stmt = $dbConnection->executeQuery('SELECT id, name, description, meta FROM strip_t');
17 return $stmt->fetch();
16 }
18 }
17
19
18 function get_allMetaTypes() {
20 function get_allMetaTypes() {
19 global $mtdb;
21 global $dbConnection;
20 return $mtdb->getAll("SELECT id, name FROM meta_t");
22 return $dbConnection->fetchAll('SELECT id, name FROM meta_t');
21 }
23 }
22
24
23 function _getMetaNameFromObject($obj) {
25 function _getMetaNameFromObject($obj) {
Show file before | Show file after | Show commentsHide comments
@@ -86,11 +86,11 function save_upload_rant_image( $source, $rant ) {
86
86
87 function save_upload_rant_attachment( $source, $rant )
87 function save_upload_rant_attachment( $source, $rant )
88 {
88 {
89 global $mtdb;
89 global $dbConnection;
90
90
91 $image_data = getimagesize( $source );
91 $image_data = getimagesize( $source );
92 $mtdb->query( "INSERT INTO rant_attachment (rant, media) VALUES ($rant, $image_data[2])" );
92 $dbConnection->executeUpdate('INSERT INTO rant_attachment (rant, media) VALUES (?, ?)', array($rant, $image_data[2]));
93 $rant_attachment_id = mysqli_insert_id( $mtdb->link );
93 $rant_attachment_id = $dbConnection->lastInsertId();
94
94
95 if( move_uploaded_file($source, SITE_PATH_ABS.'/'.get_rantattachment_filename($rant_attachment_id) ) ) {
95 if( move_uploaded_file($source, SITE_PATH_ABS.'/'.get_rantattachment_filename($rant_attachment_id) ) ) {
96 $upload_info='<p>New rant attachment uploaded for rant '. $rant .'.</p>';
96 $upload_info='<p>New rant attachment uploaded for rant '. $rant .'.</p>';
Show file before | Show file after | Show commentsHide comments
@@ -1,6 +1,6
1 <?php
1 <?php
2
2
3 $currentuser=false;
3 $currentuser = false;
4
4
5 function getCurrentUser() {
5 function getCurrentUser() {
6 global $currentuser;
6 global $currentuser;
@@ -8,28 +8,28 function getCurrentUser() {
8 }
8 }
9
9
10 function get_userdatabyid( $id ) {
10 function get_userdatabyid( $id ) {
11 global $mtdb;
11 global $dbConnection;
12 return $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link FROM contributor WHERE id = ' . (int)$id );
12 return $dbConnection->executeQuery('SELECT id, name, email, nameplate, default_image, default_link FROM contributor WHERE id = ?', array($id))->fetch();
13 }
13 }
14
14
15 function get_userdatabylogin( $username ) {
15 function get_userdatabylogin( $username ) {
16 global $mtdb;
16 global $dbConnection;
17 return $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link FROM contributor WHERE name = "' . mysqli_real_escape_string($mtdb->link, $username) . '"' );
17 return $dbConnection->executeQuery('SELECT id, name, email, nameplate, default_image, default_link FROM contributor WHERE name LIKE ?', array($username))->fetch();
18 }
18 }
19
19
20 function save_userdata( $user ) {
20 function save_userdata( $user ) {
21 adminlog("Saved changes to user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE);
21 adminlog("Saved changes to user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE);
22 global $mtdb;
22 global $dbConnection;
23 return $mtdb->query( sprintf( 'UPDATE contributor SET email="%s", nameplate="%s", default_image="%s", default_link="%s" WHERE id=%d',
23
24 mysqli_real_escape_string($mtdb->link, $user->email), mysqli_real_escape_string($mtdb->link, $user->nameplate),
24 return $dbConnection->executeUpdate('UPDATE contributor SET email = ?, nameplate = ?, default_image = ?, default_link = ? WHERE id = ?',
25 mysqli_real_escape_string($mtdb->link, $user->default_image), mysqli_real_escape_string($mtdb->link, $user->default_link), $user->id) );
25 array($user->email, $user->nameplate, $user->default_image, $user->default_link, $user->id));
26 }
26 }
27
27
28 function change_password( $user ) {
28 function change_password( $user ) {
29 adminlog("Changed password for user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE);
29 adminlog("Changed password for user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE);
30 global $mtdb, $currentuser;
30 global $dbConnection, $currentuser;
31 if( $currentuser->id === $user->id ) mt_setcookie($user->name, $user->password, false, ADMINURL, FALSE );
31 if( $currentuser->id === $user->id ) mt_setcookie($user->name, $user->password, false, ADMINURL, FALSE );
32 return $mtdb->query( 'UPDATE contributor SET password=SHA1( "' . mysqli_real_escape_string($mtdb->link, $user->password) . '" ) WHERE id = "' . mysqli_real_escape_string($mtdb->link, $user->id) . '"' );
32 return $dbConnection->executeUpdate('UPDATE contributor SET password = SHA1(?) WHERE id = ?', array($user->password, $user->id));
33 }
33 }
34
34
35 ?>
35 ?>
Show file before | Show file after | Show commentsHide comments
@@ -46,7 +46,7 adminmenu();
46 <?php nonce_field('new-scratchpad'); ?>
46 <?php nonce_field('new-scratchpad'); ?>
47 <ul class="historic">
47 <ul class="historic">
48 <?php
48 <?php
49 $strips = array_reverse( $mtdb->getAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name, s.message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT 5') );
49 $strips = array_reverse( $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name, s.message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT 5') );
50
50
51 foreach($strips as $k=>$v)
51 foreach($strips as $k=>$v)
52 {
52 {
@@ -63,7 +63,7 adminmenu();
63 <h2>Recent Strips</h2>
63 <h2>Recent Strips</h2>
64 <ul class="historic">
64 <ul class="historic">
65 <?php
65 <?php
66 $strips = $mtdb->getAll("SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published <= NOW() order by id DESC LIMIT 5");
66 $strips = $dbConnection->fetchAll('SELECT id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published <= NOW() order by id DESC LIMIT 5');
67
67
68 foreach($strips as $k=>$v) {
68 foreach($strips as $k=>$v) {
69 printf( '<li>%d: <a href="%s/index.php?strip_id=%d">%s</a>, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
69 printf( '<li>%d: <a href="%s/index.php?strip_id=%d">%s</a>, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
@@ -74,7 +74,7 foreach($strips as $k=>$v) {
74 <h2>Upcoming Strips</h2>
74 <h2>Upcoming Strips</h2>
75 <ul class="historic">
75 <ul class="historic">
76 <?php
76 <?php
77 $strips = $mtdb->getAll("SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published > NOW() order by id ASC LIMIT 5");
77 $strips = $dbConnection->fetchAll('SELECT id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published > NOW() order by id ASC LIMIT 5');
78
78
79 foreach($strips as $k=>$v) {
79 foreach($strips as $k=>$v) {
80 printf( '<li>%d: <a href="%s/edit-comic.php?strip_id=%d">%s</a>, in %s</li>', $v->id, SITE_HOST . SITE_PATH . '/' . SITE_ADMIN, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
80 printf( '<li>%d: <a href="%s/edit-comic.php?strip_id=%d">%s</a>, in %s</li>', $v->id, SITE_HOST . SITE_PATH . '/' . SITE_ADMIN, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
@@ -85,7 +85,7 foreach($strips as $k=>$v) {
85 <h2>Recent Published Rants</h2>
85 <h2>Recent Published Rants</h2>
86 <ul class="historic">
86 <ul class="historic">
87 <?php
87 <?php
88 $rants = $mtdb->getAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'published\' ORDER BY rant.published DESC limit 5');
88 $rants = $dbConnection->fetchAll('SELECT rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'published\' ORDER BY rant.published DESC limit 5');
89
89
90 foreach($rants as $k=>$v) {
90 foreach($rants as $k=>$v) {
91 printf( '<li>%d: <a href="%s/index.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
91 printf( '<li>%d: <a href="%s/index.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
@@ -96,7 +96,7 foreach($rants as $k=>$v) {
96 <h2>Recent Draft Rants</h2>
96 <h2>Recent Draft Rants</h2>
97 <ul class="historic">
97 <ul class="historic">
98 <?php
98 <?php
99 $rants = $mtdb->getAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'draft\' ORDER BY rant.published DESC limit 5');
99 $rants = $dbConnection->fetchAll('SELECT rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'draft\' ORDER BY rant.published DESC limit 5');
100
100
101 foreach($rants as $k=>$v) {
101 foreach($rants as $k=>$v) {
102 printf( '<li>%d: <a href="%s/edit-rant.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . ADMIN_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
102 printf( '<li>%d: <a href="%s/edit-rant.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . ADMIN_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
Show file before | Show file after | Show commentsHide comments
@@ -47,7 +47,7 switch( $_REQUEST['action'] ) {
47 <title>Megatokyo Admin &rsaquo; Login</title>
47 <title>Megatokyo Admin &rsaquo; Login</title>
48 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
48 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
49 <meta name="generator" content="Alan J Castonguay, Robert Sherby, Jeremy Wagner-Kaiser, Shawn Morford (!! nathanbp, jrl !!)" />
49 <meta name="generator" content="Alan J Castonguay, Robert Sherby, Jeremy Wagner-Kaiser, Shawn Morford (!! nathanbp, jrl !!)" />
50 <link rel="stylesheet" href="wp-admin.css" type="text/css" />
50 <link rel="stylesheet" href="styles/wp-admin.css" type="text/css" />
51 <!--[if IE]><style type="text/css">#login h1 a { margin-top: 35px; } #login ul { padding-bottom: 65px; }</style><![endif]--><!-- Curse you, IE! -->
51 <!--[if IE]><style type="text/css">#login h1 a { margin-top: 35px; } #login ul { padding-bottom: 65px; }</style><![endif]--><!-- Curse you, IE! -->
52 <script type="text/javascript">
52 <script type="text/javascript">
53 function focusit() {
53 function focusit() {
Show file before | Show file after | Show commentsHide comments
@@ -17,11 +17,11 $page = 1;
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18
18
19 $perpage = 15;
19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21
21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT id) FROM strip") / $perpage );
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(id) FROM strip') / $perpage );
23 $strips = $mtdb->getAll("SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip GROUP BY id ORDER BY id DESC LIMIT $start,$perpage");
23 $strips = $dbConnection->fetchAll('SELECT id, UNIX_TIMESTAMP(published) AS published, type, media, title, book, page FROM strip ORDER BY id DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24 $types_db = $mtdb->getAll("SELECT id,description FROM strip_t");
24 $types_db = $dbConnection->fetchAll('SELECT id, description FROM strip_t');
25
25
26 $type = array();
26 $type = array();
27 foreach( $types_db as $k ) $type[$k->id]=$k->description;
27 foreach( $types_db as $k ) $type[$k->id]=$k->description;
Show file before | Show file after | Show commentsHide comments
@@ -6,10 +6,10 auth_redirect(); // Require logged in user to access this page.
6
6
7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
8 check_nonce('delete-metatype-'.(int)$_GET['delete']);
8 check_nonce('delete-metatype-'.(int)$_GET['delete']);
9 if(! $mtdb->query( 'DELETE FROM meta_t WHERE id=' . (int)$_GET['delete'] ) )
9 if(! $dbConnection->executeUpdate('DELETE FROM meta_t WHERE id = ?', array($_GET['delete'])))
10 {
10 {
11 adminlog("Error on deleting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_DELETE, E_WARNING);
11 adminlog("Error on deleting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_DELETE, E_WARNING);
12 mtdie("Error on update: ". htmlentities(mysqli_error()));
12 mtdie("Error on update: ". $dbConnection->errorCode());
13 }
13 }
14 $info.='<p>Deleted metatype successfully.<p>';
14 $info.='<p>Deleted metatype successfully.<p>';
15 adminlog("Metatype ".(int)$_GET['delete']." deleted.", MTS_TYPE_META, MTA_DELETE);
15 adminlog("Metatype ".(int)$_GET['delete']." deleted.", MTS_TYPE_META, MTA_DELETE);
@@ -21,10 +21,10 if( isset($_POST['action']) && $_POST['action'] == 'new_meta' ) {
21 $name = trim($_POST['name']);
21 $name = trim($_POST['name']);
22
22
23 if( check_type_name( $name ) ) {
23 if( check_type_name( $name ) ) {
24 if(! $mtdb->query( 'INSERT INTO meta_t(name) VALUES("'. mysqli_real_escape_string($mtdb->link, $name) . '")' ) )
24 if(! $dbConnection->executeUpdate('INSERT INTO meta_t (name) VALUES (?)', array($name)))
25 {
25 {
26 adminlog("Error on inserting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_INSERT, E_WARNING);
26 adminlog("Error on inserting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_INSERT, E_WARNING);
27 mtdie("Error on insertion: ". htmlentities(mysqli_error()));
27 mtdie("Error on insertion: ". $dbConnection->errorCode());
28 }
28 }
29 }
29 }
30 $info.='<p>New metatype created successfully.<p>';
30 $info.='<p>New metatype created successfully.<p>';
@@ -37,10 +37,10 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
37 $name = trim($_POST['name']);
37 $name = trim($_POST['name']);
38
38
39 if( check_type_name( $name ) ) {
39 if( check_type_name( $name ) ) {
40 if(! $mtdb->query( 'UPDATE meta_t SET name = "' . mysqli_real_escape_string($mtdb->link, $name) . '" WHERE id=' . (int)$_POST['type_id']) )
40 if(! $dbConnection->executeUpdate('UPDATE meta_t SET name = ? WHERE id = ?', array($name, $_POST['type_id'])))
41 {
41 {
42 adminlog("Error updating metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_UPDATE, E_WARNING);
42 adminlog("Error updating metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_UPDATE, E_WARNING);
43 mtdie("Error on update: ". htmlentities(mysqli_error()));
43 mtdie("Error on update: ". $dbConnection->errorCode());
44 }
44 }
45 }
45 }
46 $info.='<p>Changes to metatype saved successfully.<p>';
46 $info.='<p>Changes to metatype saved successfully.<p>';
@@ -48,7 +48,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
48 }
48 }
49
49
50 //get all metatypes
50 //get all metatypes
51 $metas = $mtdb->getAll("SELECT id, name FROM meta_t");
51 $metas = $dbConnection->fetchAll('SELECT id, name FROM meta_t');
52
52
53 adminhead('Metatypes');
53 adminhead('Metatypes');
54 adminmenu();
54 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -17,10 +17,10 $page = 1;
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18
18
19 $perpage = 15;
19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21
21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT url_name) FROM static_page") / $perpage );
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(url_name) FROM static_page') / $perpage );
23 $pages = $mtdb->getAll("SELECT url_name, pubdate, status, title, body FROM static_page ORDER BY url_name ASC LIMIT $start,$perpage");
23 $pages = $dbConnection->fetchAll('SELECT url_name, pubdate, status, title, body FROM static_page ORDER BY url_name ASC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24
24
25 pagination( $page, $total );
25 pagination( $page, $total );
26
26
Show file before | Show file after | Show commentsHide comments
@@ -17,10 +17,10 $page = 1;
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18
18
19 $perpage = 15;
19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21
21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT id) FROM rant") / $perpage );
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(id) FROM rant') / $perpage );
23 $rants = $mtdb->getAll("SELECT r.id,UNIX_TIMESTAMP(r.published) AS published,c.name,r.title,r.body, r.status FROM rant r,contributor c WHERE c.id=r.author GROUP BY id ORDER BY id DESC LIMIT $start,$perpage");
23 $rants = $dbConnection->fetchAll('SELECT r.id, UNIX_TIMESTAMP(r.published) AS published, c.name, r.title, r.body, r.status FROM rant r JOIN contributor c ON r.author = c.id ORDER BY r.id DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24
24
25 pagination( $page, $total );
25 pagination( $page, $total );
26
26
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 auth_redirect(); // Require logged in user to access this page.
12 /* Handle form submission of new updates */
12 /* Handle form submission of new updates */
13
13
14 function handle_update_form() {
14 function handle_update_form() {
15 global $error,$info,$mtdb;
15 global $error,$info,$dbConnection;
16
16
17 check_nonce('update-statusbox');
17 check_nonce('update-statusbox');
18 $percent = $_POST['update_percentage'];
18 $percent = $_POST['update_percentage'];
@@ -36,7 +36,7 function handle_update_form() {
36 return;
36 return;
37 }
37 }
38
38
39 $mtdb->query( 'INSERT INTO status (published,eta,percentage,text) VALUES( NOW(), FROM_UNIXTIME(' . (int)$eta . '), '. (int)$percent . ', "' . mysqli_real_escape_string($mtdb->link, $text) . '")' );
39 $dbConnection->executeUpdate('INSERT INTO status (published, eta, percentage, text) VALUES (NOW(), FROM_UNIXTIME(?), ?, ?)', array($eta, $percent, $text));
40
40
41 $_POST['update_percentage']=$_POST['update_eta']=$_POST['update_text']='';
41 $_POST['update_percentage']=$_POST['update_eta']=$_POST['update_text']='';
42 $info = '<p>Statusbox updated successfully.</p>';
42 $info = '<p>Statusbox updated successfully.</p>';
@@ -55,7 +55,7 adminmenu('manage-statusbox.php');
55 /* Simple Presets, Select things said before */
55 /* Simple Presets, Select things said before */
56
56
57
57
58 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percentage, "% - ", text ) as p FROM status GROUP BY p HAVING c>1 ORDER BY c DESC');
58 $presets = $dbConnection->fetchAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percentage, "% - ", text ) as p FROM status GROUP BY p HAVING c > 1 ORDER BY c DESC');
59
59
60 ?>
60 ?>
61
61
@@ -129,7 +129,7 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percen
129
129
130 <?php
130 <?php
131
131
132 $stats = $mtdb->getAll("SELECT published,eta,percentage,text FROM status ORDER BY published DESC limit 5");
132 $stats = $dbConnection->fetchAll("SELECT published, eta, percentage, text FROM status ORDER BY published DESC LIMIT 5");
133
133
134 ?>
134 ?>
135
135
Show file before | Show file after | Show commentsHide comments
@@ -17,20 +17,20 if( isset($_REQUEST['action']) && 'edit_twitter' == $_REQUEST['action']) {
17
17
18 if(0 == $id && !empty($msg)) {
18 if(0 == $id && !empty($msg)) {
19 // Add a new preset
19 // Add a new preset
20 $mtdb->query( sprintf('INSERT INTO twitter_status (position, message) VALUES (%d, "%s")', $position, mysqli_real_escape_string($mtdb->link, $msg)) );
20 $dbConnection->executeUpdate('INSERT INTO twitter_status (position, message) VALUES (?, ?)', array($position, $msg));
21 adminlog("Added new preset: $msg", MTS_TWITTER, MTA_ADD);
21 adminlog("Added new preset: $msg", MTS_TWITTER, MTA_ADD);
22 } elseif(empty($msg)) {
22 } elseif(empty($msg)) {
23 // Delete an existing preset
23 // Delete an existing preset
24 $mtdb->query( "DELETE FROM twitter_status WHERE id = $id" );
24 $dbConnection->executeUpdate('DELETE FROM twitter_status WHERE id = ?', array($id));
25 adminlog("Removed preset: $id", MTS_TWITTER, MTA_ADD);
25 adminlog("Removed preset: $id", MTS_TWITTER, MTA_ADD);
26 } else {
26 } else {
27 // Modify an existing preset
27 // Modify an existing preset
28 $mtdb->query( sprintf('UPDATE twitter_status SET position = %d, message = "%s" WHERE id = %d', $position, mysqli_real_escape_string($mtdb->link, $msg), $id) );
28 $dbConnection->executeUpdate('UPDATE twitter_status SET position = ?, message = ? WHERE id = ?', array($position, $msg, $id));
29 }
29 }
30 }
30 }
31 }
31 }
32
32
33 $statuses = $mtdb->getAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
33 $statuses = $dbConnection->fetchAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
34
34
35 adminhead('Manage Twitter Presets');
35 adminhead('Manage Twitter Presets');
36 adminmenu();
36 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -7,13 +7,13 auth_redirect(); // Require logged in user to access this page.
7 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
7 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
8 check_nonce('new-twitter-user');
8 check_nonce('new-twitter-user');
9
9
10 if(! $mtdb->query( sprintf('INSERT INTO twitter_user(username) VALUES("%s")', mysqli_real_escape_string( $mtdb->link, md5( microtime() )) ) ) ) {
10 if(! $dbConnection->executeUpdate('INSERT INTO twitter_user (username) VALUES (?)', array(md5( microtime() ) ))) {
11 adminlog("Error on insertion of new twitter user.", MTS_TWITTER, MTA_INSERT, E_WARNING);
11 adminlog("Error on insertion of new twitter user.", MTS_TWITTER, MTA_INSERT, E_WARNING);
12 mtdie("Error on insertion of new twitter user: ". htmlentities(mysqli_error()), 'SQL Error');
12 mtdie("Error on insertion of new twitter user: ". $dbConnection->errorCode(), 'SQL Error');
13 } else {
13 } else {
14 //$name = sanitize_username($_POST['name']);
14 //$name = sanitize_username($_POST['name']);
15
15
16 $id = mysqli_insert_id();
16 $id = $dbConnection->lastInsertId();
17
17
18 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
18 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
19 $request_token = $connection->getRequestToken(OAUTH_CALLBACK . "&id=$id");
19 $request_token = $connection->getRequestToken(OAUTH_CALLBACK . "&id=$id");
@@ -40,12 +40,12 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
40 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && isset($_REQUEST['id'])) {
40 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && isset($_REQUEST['id'])) {
41 # twitter userID = ID
41 # twitter userID = ID
42 $id = (int)$_REQUEST['id'];
42 $id = (int)$_REQUEST['id'];
43 $row = $mtdb->getRow( sprintf('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id=%d LIMIT 1', $id));
43 $row = $dbConnection->executeQuery('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id = ? LIMIT 1', array($id))->fetch();
44
44
45 # Compare token in database with token from twitter. If they differ, bail.
45 # Compare token in database with token from twitter. If they differ, bail.
46 if( $row->oauth_token != $_REQUEST['oauth_token'] ) {
46 if( $row->oauth_token != $_REQUEST['oauth_token'] ) {
47 # token is old, drop from database
47 # token is old, drop from database
48 if(!$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
48 if(!$dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($id))) {
49 adminlog('Error deleting temporary twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
49 adminlog('Error deleting temporary twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
50 mtdie('Error deleting temporary twitter user.', 'SQL Error');
50 mtdie('Error deleting temporary twitter user.', 'SQL Error');
51 }
51 }
@@ -69,7 +69,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
69
69
70 } else {
70 } else {
71 # fail
71 # fail
72 if( !$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
72 if( !$dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($id))) {
73 adminlog('Error deleting specified twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
73 adminlog('Error deleting specified twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
74 mtdie('Error deleting the specified twitter user.', 'SQL Error');
74 mtdie('Error deleting the specified twitter user.', 'SQL Error');
75 }
75 }
@@ -80,7 +80,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
80 }
80 }
81 }
81 }
82
82
83 $twitter_users = $mtdb->getAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
83 $twitter_users = $dbConnection->fetchAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
84
84
85 adminhead('Manage Twitter Users');
85 adminhead('Manage Twitter Users');
86 adminmenu();
86 adminmenu();
@@ -98,7 +98,6 adminmenu();
98 <th scope="col" style="text-align: center;">ID #</th>
98 <th scope="col" style="text-align: center;">ID #</th>
99 <th scope="col">Twitter.com Username</th>
99 <th scope="col">Twitter.com Username</th>
100 <th scope="col">oauth_token</th>
100 <th scope="col">oauth_token</th>
101 <th scope="col">oauth_token_secret</th>
102 <th scope="col">Authorized</th>
101 <th scope="col">Authorized</th>
103 <th scope="col"></th>
102 <th scope="col"></th>
104 </tr>
103 </tr>
@@ -115,7 +114,6 adminmenu();
115 <th scope="row" style="text-align: center;"><?php echo $s->id; ?></th>
114 <th scope="row" style="text-align: center;"><?php echo $s->id; ?></th>
116 <td><?php echo htmlentities($s->username); ?></td>
115 <td><?php echo htmlentities($s->username); ?></td>
117 <td><?php echo htmlentities($s->oauth_token); ?></td>
116 <td><?php echo htmlentities($s->oauth_token); ?></td>
118 <td><?php echo htmlentities($s->oauth_token_secret); ?></td>
119 <td><?php
117 <td><?php
120 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $s->oauth_token, $s->oauth_token_secret);
118 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $s->oauth_token, $s->oauth_token_secret);
121 $content = $connection->get('account/verify_credentials');
119 $content = $connection->get('account/verify_credentials');
Show file before | Show file after | Show commentsHide comments
@@ -6,15 +6,15 auth_redirect(); // Require logged in user to access this page.
6
6
7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
8 check_nonce('delete-type-' . (int)$_GET['delete']);
8 check_nonce('delete-type-' . (int)$_GET['delete']);
9 if(! $mtdb->query( 'DELETE FROM strip_t WHERE id=' . (int)$_GET['delete'] ) )
9 if(false === $dbConnection->executeUpdate('DELETE FROM strip_t WHERE id = ?', array($_GET['delete'])))
10 {
10 {
11 adminlog("Error deleting type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE, E_WARNING);
11 adminlog("Error deleting type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE, E_WARNING);
12 mtdie("Error on deletion of existing type: " . htmlentities(mysqli_error()), 'SQL Error');
12 mtdie("Error on deletion of existing type: " . $dbConnection->errorCode(), 'SQL Error');
13 }
13 }
14 if(! $mtdb->query( 'DELETE FROM meta WHERE type=' . (int)$_GET['delete'] ) )
14 if(false === $dbConnection->executeUpdate('DELETE FROM meta WHERE type = ?', array($_GET['delete'])))
15 {
15 {
16 adminlog("Error on deletion of type ".(int)$_GET['delete']."'s metadata.", MTS_TYPE, MTA_DELETE, E_WARNING);
16 adminlog("Error on deletion of type ".(int)$_GET['delete']."'s metadata.", MTS_TYPE, MTA_DELETE, E_WARNING);
17 mtdie("Error on deletion of existing type's metadata: " . htmlentities(mysqli_error()), 'SQL Error');
17 mtdie("Error on deletion of existing type's metadata: " . $dbConnection->errorCode(), 'SQL Error');
18 }
18 }
19 $info.='<p>Deleted type successfully.<p>';
19 $info.='<p>Deleted type successfully.<p>';
20 adminlog("Deleted type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE);
20 adminlog("Deleted type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE);
@@ -27,10 +27,10 if( isset($_POST['action']) && $_POST['action'] == 'new_type' ) {
27 $desc = trim($_POST['description']);
27 $desc = trim($_POST['description']);
28
28
29 if( check_type_name($name) ) {
29 if( check_type_name($name) ) {
30 if(! $mtdb->query( sprintf( 'INSERT INTO strip_t(name, description) VALUES("%s", "%s")', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc)) ) )
30 if(! $dbConnection->executeUpdate('INSERT INTO strip_t (name, description) VALUES (?, ?)', array($name, $desc)))
31 {
31 {
32 adminlog("Error on insertion of new type.", MTS_TYPE, MTA_INSERT, E_WARNING);
32 adminlog("Error on insertion of new type.", MTS_TYPE, MTA_INSERT, E_WARNING);
33 mtdie("Error on insertion of new type: ". htmlentities(mysqli_error()), 'SQL Error');
33 mtdie("Error on insertion of new type: ". $dbConnection->errorCode(), 'SQL Error');
34 }
34 }
35 }
35 }
36 $info.='<p>New type created successfully.<p>';
36 $info.='<p>New type created successfully.<p>';
@@ -47,7 +47,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
47
47
48 $meta = $_POST['meta'];
48 $meta = $_POST['meta'];
49
49
50 $m_delete = $mtdb->getAll("SELECT meta FROM meta WHERE type = $id");
50 $m_delete = $dbConnection->fetchAll('SELECT meta FROM meta WHERE type = ?', array($id));
51
51
52 $m_insert = array();
52 $m_insert = array();
53
53
@@ -67,31 +67,31 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
67 }
67 }
68
68
69 if( check_type_name( $name ) ) {
69 if( check_type_name( $name ) ) {
70 if( !$mtdb->query( sprintf( 'UPDATE strip_t SET name = "%s", description = "%s" WHERE id = %s', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc), $id)) )
70 if( !$dbConnection->executeUpdate('UPDATE strip_t SET name = ?, description = ? WHERE id = ?', array($name, $desc, $id)))
71 {
71 {
72 adminlog("Error on updating type ".$id, MTS_TYPE, MTA_UPDATE, E_WARNING);
72 adminlog("Error on updating type ".$id, MTS_TYPE, MTA_UPDATE, E_WARNING);
73 mtdie("Error on update of existing type: ". htmlentities(mysqli_error()), 'SQL Error');
73 mtdie("Error on update of existing type: ". $dbConnection->errorCode(), 'SQL Error');
74 }
74 }
75
75
76 $sql_insert = "INSERT INTO meta (type,meta) VALUES " . implode(',',$m_insert);
76 $sql_insert = "INSERT INTO meta (type,meta) VALUES " . implode(',',$m_insert);
77 $sql_delete = "DELETE FROM meta WHERE type=$id AND ( " . implode(' OR ',$m_delete) . ' )';
77 $sql_delete = "DELETE FROM meta WHERE type=$id AND ( " . implode(' OR ',$m_delete) . ' )';
78
78
79 $mtdb->query('START TRANSACTION');
79 $dbConnection->beginTransaction();
80
80
81 if( count($m_insert) )
81 if( count($m_insert) )
82 if(! $mtdb->query( $sql_insert ) )
82 if(! $dbConnection->executeUpdate( $sql_insert ) )
83 {
83 {
84 adminlog("Error inserting new metatype association data for type ".$id, MTS_TYPE, MTA_INSERT, E_WARNING);
84 adminlog("Error inserting new metatype association data for type ".$id, MTS_TYPE, MTA_INSERT, E_WARNING);
85 mtdie("There was an error inserting new metatype association data. Transaction aborted. $sql_insert");
85 mtdie("There was an error inserting new metatype association data. Transaction aborted. $sql_insert");
86 }
86 }
87 if( count($m_delete) )
87 if( count($m_delete) )
88 if(! $mtdb->query( $sql_delete ) )
88 if(! $dbConnection->executeUpdate( $sql_delete ) )
89 {
89 {
90 adminlog("Error deleting old metatype association data for type ".$id, MTS_TYPE, MTA_REMOVE, E_WARNING);
90 adminlog("Error deleting old metatype association data for type ".$id, MTS_TYPE, MTA_REMOVE, E_WARNING);
91 mtdie("There was an error deleting old metatype data. Transaction aborted. $sql_delete");
91 mtdie("There was an error deleting old metatype data. Transaction aborted. $sql_delete");
92 }
92 }
93
93
94 $mtdb->query('COMMIT');
94 $dbConnection->commit();
95
95
96 } else {
96 } else {
97 $error.='<p>Invalid type name!</p>';
97 $error.='<p>Invalid type name!</p>';
@@ -101,7 +101,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
101 }
101 }
102
102
103 //display all types
103 //display all types
104 $types = $mtdb->getAll("SELECT strip_t.id AS id, strip_t.name AS name, strip_t.description AS description, COUNT(strip.id) AS strips FROM strip_t LEFT JOIN strip ON strip.type = strip_t.id GROUP BY strip_t.id");
104 $types = $dbConnection->fetchAll('SELECT strip_t.id AS id, strip_t.name AS name, strip_t.description AS description, COUNT(strip.id) AS strips FROM strip_t LEFT JOIN strip ON strip.type = strip_t.id GROUP BY strip_t.id');
105
105
106 adminhead('Types');
106 adminhead('Types');
107 adminmenu();
107 adminmenu();
@@ -130,9 +130,9 adminmenu();
130 foreach( $types as $s ) {
130 foreach( $types as $s ) {
131 $alternate=!$alternate;
131 $alternate=!$alternate;
132
132
133 $metas = $mtdb->getAll("SELECT meta_t.name AS name FROM strip_t
133 $metas = $dbConnection->fetchAll('SELECT meta_t.name AS name FROM strip_t
134 JOIN meta ON meta.type = strip_t.id JOIN meta_t ON meta.meta = meta_t.id
134 JOIN meta ON meta.type = strip_t.id JOIN meta_t ON meta.meta = meta_t.id
135 WHERE strip_t.id = $s->id");
135 WHERE strip_t.id = ?', array($s->id));
136
136
137 $meta = implode(', ', array_map('_getMetaNameFromObject', $metas) );
137 $meta = implode(', ', array_map('_getMetaNameFromObject', $metas) );
138
138
Show file before | Show file after | Show commentsHide comments
@@ -4,8 +4,8 require_once('include/admin.inc.php');
4
4
5 auth_redirect(); // Require logged in user to access this page.
5 auth_redirect(); // Require logged in user to access this page.
6
6
7 $last_type = $mtdb->getOne( 'SELECT type FROM strip ORDER BY id DESC limit 1' );
7 $last_type = $dbConnection->fetchColumn('SELECT type FROM strip ORDER BY id DESC LIMIT 1');
8 $last_strip_id = $mtdb->getOne( 'SELECT MAX(id) FROM strip' );
8 $last_strip_id = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip');
9
9
10 adminhead('Post Comic');
10 adminhead('Post Comic');
11 adminmenu('post-comic.php');
11 adminmenu('post-comic.php');
@@ -44,7 +44,7 if(isset($_REQUEST['next']) && $_REQUEST['next'] == "yes")
44 <h3 class="dbx-handle">Comic Type</h3>
44 <h3 class="dbx-handle">Comic Type</h3>
45 <div class="dbx-content"><select name="strip_type">
45 <div class="dbx-content"><select name="strip_type">
46 <?php
46 <?php
47 $types = $mtdb->getAll( 'SELECT id, description FROM strip_t ORDER BY id' );
47 $types = $dbConnection->fetchAll('SELECT id, description FROM strip_t ORDER BY id');
48 foreach( $types as $k=>$v )
48 foreach( $types as $k=>$v )
49 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($last_type == $v->id ? 'selected="selected"' : '' ), $v->description);
49 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($last_type == $v->id ? 'selected="selected"' : '' ), $v->description);
50 ?>
50 ?>
Show file before | Show file after | Show commentsHide comments
@@ -11,7 +11,7 auth_redirect(); // Require logged in user to access this page.
11 adminhead('Write Rant');
11 adminhead('Write Rant');
12 adminmenu('post-rant.php');
12 adminmenu('post-rant.php');
13
13
14 $rant_image_ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$currentuser->imagetype );
14 $rant_image_ext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array((int)$currentuser->imagetype));
15
15
16 ?>
16 ?>
17
17
@@ -32,10 +32,10 $rant_image_ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (in
32 <div class="dbx-content"><select name="rant_side">
32 <div class="dbx-content"><select name="rant_side">
33 <?php
33 <?php
34 // What side does this author usually post on?
34 // What side does this author usually post on?
35 $usual = $mtdb->getOne( 'SELECT side,count(*) c FROM rant WHERE author=' . (int)$currentuser->id . ' GROUP BY side ORDER BY c DESC limit 1' );
35 $usual = $dbConnection->fetchColumn('SELECT side, COUNT(*) AS c FROM rant WHERE author = ? GROUP BY side ORDER BY c DESC LIMIT 1', array((int)$currentuser->id));
36
36
37 $sides = array('left'=>'Left','right'=>'Right');
37 $sides = array('left'=>'Left', 'right'=>'Right');
38 foreach( $sides as $k=>$v ) {
38 foreach( $sides as $k => $v ) {
39 printf('<option value="%s" %s>%s</option>', htmlentities($k), ($usual == $k ? 'selected="selected"' : '' ), $v );
39 printf('<option value="%s" %s>%s</option>', htmlentities($k), ($usual == $k ? 'selected="selected"' : '' ), $v );
40 }
40 }
41 ?>
41 ?>
@@ -45,8 +45,9 $rant_image_ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (in
45 <fieldset id="authordiv" class="dbx-box">
45 <fieldset id="authordiv" class="dbx-box">
46 <h3 class="dbx-handle">Author</h3>
46 <h3 class="dbx-handle">Author</h3>
47 <div class="dbx-content"><select name="rant_author"><?php
47 <div class="dbx-content"><select name="rant_author"><?php
48 $contrib = $mtdb->getAll('select id,name from contributor');
48 $contrib = $dbConnection->fetchAll('SELECT id, name FROM contributor');
49 foreach( $contrib as $k=>$v ) {
49 foreach( $contrib as $k => $v )
50 {
50 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ( $currentuser->id == $v->id ? 'selected="selected"' : '' ), $v->name );
51 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ( $currentuser->id == $v->id ? 'selected="selected"' : '' ), $v->name );
51 } ?>
52 } ?>
52 </select></div>
53 </select></div>
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_redirect(); // Require logged in user to access this page.
6
6
7 check_nonce('new-scratchpad');
7 check_nonce('new-scratchpad');
8
8
9 $mtdb->query( sprintf( 'INSERT INTO scratchpad (contributor, message) VALUES (%d, "%s")', (int)$currentuser->id, mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])) );
9 $dbConnection->executeUpdate('INSERT INTO scratchpad (contributor, message) VALUES (?, ?)', array($currentuser->id, $_REQUEST['message']));
10
10
11 adminlog("User posted to scratchpad.", MTS_SCRATCH, MTA_INSERT);
11 adminlog("User posted to scratchpad.", MTS_SCRATCH, MTA_INSERT);
12 _redirect( ADMIN_PATH . '/index.php' );
12 _redirect( ADMIN_PATH . '/index.php' );
Show file before | Show file after | Show commentsHide comments
@@ -14,13 +14,13 if('post_twitter' == $_REQUEST['action'])
14 if( strlen($_REQUEST['message']) ) $postmessage = trim($_REQUEST['message']);
14 if( strlen($_REQUEST['message']) ) $postmessage = trim($_REQUEST['message']);
15
15
16 #string replacement macros
16 #string replacement macros
17 $next_strip_id = $mtdb->getOne( 'SELECT MAX(id) FROM strip' );
17 $next_strip_id = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip');
18 $next_strip_id += 1;
18 $next_strip_id += 1;
19 $postmessage = str_replace("#nextcomic", $next_strip_id, $postmessage);
19 $postmessage = str_replace("#nextcomic", $next_strip_id, $postmessage);
20
20
21 if('' == $postmessage) _redirect( ADMIN_PATH . '/post-twitter.php?tweet=missing');
21 if('' == $postmessage) _redirect( ADMIN_PATH . '/post-twitter.php?tweet=missing');
22 $username = sanitize_username($_REQUEST['twitter_user']);
22 $username = sanitize_username($_REQUEST['twitter_user']);
23 $postasuser = $mtdb->getOne( sprintf('SELECT username FROM twitter_user WHERE username="%s"', mysqli_real_escape_string($mtdb->link, $username)));
23 $postasuser = $dbConnection->fetchColumn('SELECT username FROM twitter_user WHERE username = ?', array($username));
24
24
25 if( in_array('twitter', $_REQUEST['service']) )
25 if( in_array('twitter', $_REQUEST['service']) )
26 $rc = twitterpost( numeric_entities(utfentities($postmessage)), $postasuser );
26 $rc = twitterpost( numeric_entities(utfentities($postmessage)), $postasuser );
@@ -43,8 +43,8 if( isset($_REQUEST['tweet']) && 'missing' == $_REQUEST['tweet'] )
43 $error.='Oops~ Looks like you forgot to enter a message.';
43 $error.='Oops~ Looks like you forgot to enter a message.';
44
44
45
45
46 $statuses = $mtdb->getAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
46 $statuses = $dbConnection->fetchAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
47 $twitter_users = $mtdb->getAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
47 $twitter_users = $dbConnection->fetchAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
48
48
49 adminhead('Update Twitter');
49 adminhead('Update Twitter');
50 adminmenu();
50 adminmenu();
@@ -86,7 +86,6 adminmenu();
86 </form>
86 </form>
87
87
88 <script type="text/javascript">
88 <script type="text/javascript">
89 <!--
90 function copyPreset() {
89 function copyPreset() {
91 var preset = document.statusform.stdmessage;
90 var preset = document.statusform.stdmessage;
92 var status = document.statusform.message
91 var status = document.statusform.message
@@ -98,7 +97,6 adminmenu();
98 var charactersremaining = document.getElementById('charactersremaining');
97 var charactersremaining = document.getElementById('charactersremaining');
99 charactersremaining.innerHTML = 140 - status.value.length
98 charactersremaining.innerHTML = 140 - status.value.length
100 }
99 }
101 -->
102 </script>
100 </script>
103
101
104 <?php /*?>
102 <?php /*?>
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_basic();
6
6
7 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
7 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
8
8
9 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, c.name AS cname, c.email AS cmail, s.name AS section, action, level, message FROM admin_log l JOIN admin_section s ON l.section = s.id LEFT JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT $count");
9 $entries = $dbConnection->fetchAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, c.name AS cname, c.email AS cmail, s.name AS section, action, level, message FROM admin_log l JOIN admin_section s ON l.section = s.id JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT ?", array($count), array(PDO::PARAM_INT));
10
10
11 header("Content-Type: application/rss+xml;charset=utf-8");
11 header("Content-Type: application/rss+xml;charset=utf-8");
12
12
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_basic();
6
6
7 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
7 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
8
8
9 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name AS cname, c.email AS cmail, message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY s.published DESC LIMIT $count");
9 $entries = $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name AS cname, c.email AS cmail, message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT ?', array($count), array(PDO::PARAM_INT));
10
10
11 header("Content-Type: application/rss+xml;charset=utf-8");
11 header("Content-Type: application/rss+xml;charset=utf-8");
12
12
Show file before | Show file after | Show commentsHide comments
@@ -4,7 +4,7 require_once('include/admin.inc.php');
4
4
5 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
5 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
6
6
7 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, s.name AS section, action, message FROM admin_log l JOIN admin_section s ON l.section = s.id WHERE s.name = 'strip' ORDER BY l.logdate DESC LIMIT $count");
7 $entries = $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, s.name AS section, action, message FROM admin_log l JOIN admin_section s ON l.section = s.id WHERE s.name = \'strip\' ORDER BY l.logdate DESC LIMIT ?', array($count), array(PDO::PARAM_INT));
8
8
9 header("Content-Type: application/rss+xml;charset=utf-8");
9 header("Content-Type: application/rss+xml;charset=utf-8");
10
10
Show file before | Show file after | Show commentsHide comments
@@ -1,5 +1,9
1 @charset "utf-8";
1 @charset "utf-8";
2
2
3 $fonts-main: "Lucida Grande", "Lucida Sans Unicode", Tahoma, Verdana;
4 $fonts-news: Georgia, "Times New Roman", Times, serif;
5 $fonts-input: Verdana, Arial, Helvetica, sans-serif;
6 $fonts-code: "Courier New", Courier, monospace;
3 $font-stack: Verdana, Arial, Helvetica, sans-serif;
7 $font-stack: Verdana, Arial, Helvetica, sans-serif;
4 $banner-font: monospace;
8 $banner-font: monospace;
5 $credits-font: Arial, Helvetica, sans-serif;
9 $credits-font: Arial, Helvetica, sans-serif;
Show file before | Show file after | Show commentsHide comments
@@ -1,14 +1,21
1 @charset "utf-8";
1 @charset "utf-8";
2
2
3 $background-color: #F9FCFE;
4 $input-background: #F4F4F4;
3 $background: #4C565E;
5 $background: #4C565E;
4 $foreground: #757B81;
6 $foreground: #757B81;
5 $infobox: #23272B;
7 $infobox: #23272B;
6
8
9 $font-color-normal: #000000;
7 $nl-background: #000000;
10 $nl-background: #000000;
8 $comic-background: #FFFFFF;
11 $comic-background: #FFFFFF;
9
12
10 $percent-border: #556677;
13 $percent-border: #556677;
14 $input-border: #B2B2B2;
15 $button-normal-border: #CCCCCC;
16 $button-down-border: #999999;
11
17
18 $button-label: #333333;
12 $text-normal: #B7BFC7;
19 $text-normal: #B7BFC7;
13 $text-accent: #F6B33D;
20 $text-accent: #F6B33D;
14 $text-credits: #E4E4D6;
21 $text-credits: #E4E4D6;
Show file before | Show file after | Show commentsHide comments
@@ -1,3 +1,7
1 @charset "utf-8";
2 @import "fonts";
3 @import "palette";
4
1 * html #poststuff {
5 * html #poststuff {
2 height: 100%; /* kill peekaboo bug in IE */
6 height: 100%; /* kill peekaboo bug in IE */
3 }
7 }
@@ -9,6 +13,7
9 body {
13 body {
10 border: none;
14 border: none;
11 }
15 }
16
12 a {
17 a {
13 border-bottom: 1px solid #69c;
18 border-bottom: 1px solid #69c;
14 color: #00019b;
19 color: #00019b;
@@ -21,45 +26,47 a.delete:hover {
21 }
26 }
22
27
23 #devnews h4 {
28 #devnews h4 {
24 font-family: Georgia, "Times New Roman", Times, serif;
29 font-family: $fonts-news;
25 font-size: 18px;
30 font-size: 18px;
26 font-weight: normal;
31 font-weight: normal;
27 }
32 }
28
33
29 #planetnews ul {
34 #planetnews {
30 list-style: none;
35 ul {
31 margin: 0;
36 list-style: none;
32 padding: 0;
37 margin: 0;
33 }
38 padding: 0;
34
39 }
35 #planetnews li {
40
36 width: 17%;
41 li {
37 margin: 1%;
42 width: 17%;
38 float: left;
43 margin: 1%;
39 }
44 float: left;
40
45
41 #planetnews li a {
46 a {
42 display: block;
47 display: block;
43 padding: .5em;
48 padding: .5em;
44 background: #ddd;
49 background: #ddd;
45 height: 6em;
50 height: 6em;
46 overflow: hidden;
51 overflow: hidden;
47 }
52 }
48
53
49 #planetnews cite {
54 .post {
50 font-size: 11px;
55 font-family: $fonts-news;
51 }
56 font-size: 18px;
52
57 display: block;
53 #planetnews li .post {
58 height: 60px;
54 font-family: Georgia, "Times New Roman", Times, serif;
59 overflow: hidden;
55 font-size: 18px;
60 }
56 display: block;
61 }
57 height: 60px;
62
58 overflow: hidden;
63 cite {
59 }
64 font-size: 11px;
60
65 }
61 #planetnews .hidden {
66
62 display: none;
67 .hidden {
68 display: none;
69 }
63 }
70 }
64
71
65 .readmore {
72 .readmore {
@@ -125,43 +132,43 a:hover {
125 }
132 }
126
133
127 body {
134 body {
128 background: #f9fcfe;
135 background: $background-color;
129 color: #000;
136 color: $font-color-normal;
130 margin: 0;
137 margin: 0;
131 padding: 0;
138 padding: 0;
132 }
139 }
133
140
134 body, td {
141 body, td {
135 font: 13px "Lucida Grande", "Lucida Sans Unicode", Tahoma, Verdana;
142 font: 13px $fonts-main;
136 }
143 }
137
144
138 fieldset {
145 fieldset {
139 border: none;
146 border: none;
140 padding: 3px;
147 padding: 3px;
141 }
142
148
143 fieldset label.selectit {
149 label.selectit {
144 display: block;
150 display: block;
145 font-size: 11px;
151 font-size: 11px;
146 padding: 0 2px;
152 padding: 0 2px;
147 }
148
153
149 fieldset label.selectit:hover {
154 &:hover {
150 background: #e9e9e9;
155 background: #e9e9e9;
151 }
156 }
157 }
152
158
153 fieldset legend {
159 legend {
154 padding: .1em .3em;
160 padding: .1em .3em;
155 }
161 }
156
162
157 fieldset.options {
163 &.options {
158 padding: 1em;
164 padding: 1em;
159 }
160
165
161 fieldset.options legend {
166 legend {
162 font-size: 1.5em;
167 font-size: 1.5em;
163 font-weight: bold;
168 font-weight: bold;
164 font-family: Georgia, "Times New Roman", Times, serif;
169 font-family: $fonts-news;
170 }
171 }
165 }
172 }
166
173
167 form, label input {
174 form, label input {
@@ -198,10 +205,10 p, li, dl, dd, dt {
198 }
205 }
199
206
200 textarea, input, select {
207 textarea, input, select {
201 background: #f4f4f4;
208 background: $input-background;
202 border: 1px solid #b2b2b2;
209 border: 1px solid $input-border;
203 color: #000;
210 color: $font-color-normal;
204 font: 13px Verdana, Arial, Helvetica, sans-serif;
211 font: 13px $fonts-input;
205 margin: 1px;
212 margin: 1px;
206 padding: 3px;
213 padding: 3px;
207 }
214 }
@@ -283,7 +290,7 form#upload #post_content {
283 }
290 }
284
291
285 .code {
292 .code {
286 font-family: "Courier New", Courier, monospace;
293 font-family: $fonts-code;
287 }
294 }
288
295
289 .commentlist li {
296 .commentlist li {
@@ -325,24 +332,24 form#upload #post_content {
325
332
326 .quicktags, .search {
333 .quicktags, .search {
327 background: #ccc;
334 background: #ccc;
328 color: #000;
335 color: $font-color-normal;
329 font: 12px Georgia, "Times New Roman", Times, serif;
336 font: 12px $fonts-news;
330 }
337 }
331
338
332 .submit input, .submit input:focus, .button, .button:focus {
339 .submit input, .submit input:focus, .button, .button:focus {
333 background: url( images/fade-butt.png );
340 background: url( ../images/fade-butt.png );
334 border: 3px double #999;
341 border: 3px double $button-down-border;
335 border-left-color: #ccc;
342 border-left-color: $button-normal-border;
336 border-top-color: #ccc;
343 border-top-color: $button-normal-border;
337 color: #333;
344 color: $button-label;
338 padding: 0.25em;
345 padding: 0.25em;
339 }
346 }
340
347
341 .submit input:active, .button:active {
348 .submit input:active, .button:active {
342 background: #f4f4f4;
349 background: $input-background;
343 border: 3px double #ccc;
350 border: 3px double $button-normal-border;
344 border-left-color: #999;
351 border-left-color: $button-down-border;
345 border-top-color: #999;
352 border-top-color: $button-down-border;
346 }
353 }
347
354
348 .button, .button:focus {
355 .button, .button:focus {
@@ -401,7 +408,7 form#upload #post_content {
401 }
408 }
402
409
403 .updated, .confirm {
410 .updated, .confirm {
404 background: #CFEBF7 url(images/notice.gif) no-repeat 1em;
411 background: #CFEBF7 url(../images/notice.gif) no-repeat 1em;
405 border: 1px solid #2580B2;
412 border: 1px solid #2580B2;
406 margin: 1em 5% 10px;
413 margin: 1em 5% 10px;
407 padding: 0 1em 0 3em;
414 padding: 0 1em 0 3em;
@@ -466,7 +473,7 input.disabled, textarea.disabled {
466 }
473 }
467
474
468 #adminmenu a {
475 #adminmenu a {
469 color: #000;
476 color: $font-color-normal;
470 font-size: 14px;
477 font-size: 14px;
471 font-weight: normal;
478 font-weight: normal;
472 margin: 0;
479 margin: 0;
@@ -506,7 +513,7 input.disabled, textarea.disabled {
506 }
513 }
507
514
508 #submenu .current {
515 #submenu .current {
509 background: #f9fcfe;
516 background: $background-color;
510 border-top: 1px solid #045290;
517 border-top: 1px solid #045290;
511 border-right: 2px solid #045290;
518 border-right: 2px solid #045290;
512 color: #000;
519 color: #000;
@@ -597,7 +604,7 input.delete:hover {
597 }
604 }
598
605
599 #ed_toolbar input {
606 #ed_toolbar input {
600 background: #fff url( images/fade-butt.png ) repeat-x 0px -2px;
607 background: #fff url( ../images/fade-butt.png ) repeat-x 0px -2px;
601 margin: 3px 2px 2px;
608 margin: 3px 2px 2px;
602 }
609 }
603
610
@@ -619,7 +626,7 input.delete:hover {
619 }
626 }
620
627
621 #quicktags #ed_code {
628 #quicktags #ed_code {
622 font-family: "Courier New", Courier, mono;
629 font-family: $fonts-code;
623 margin-bottom: 3px;
630 margin-bottom: 3px;
624 }
631 }
625
632
@@ -673,7 +680,7 input.delete:hover {
673
680
674 #login {
681 #login {
675 position: relative;
682 position: relative;
676 background: url('images/login-bkg-tile.gif') no-repeat top center;
683 background: url('../images/login-bkg-tile.gif') no-repeat top center;
677 color: #fff;
684 color: #fff;
678 margin: 5em auto 1em;
685 margin: 5em auto 1em;
679 padding: 20px 0 0;
686 padding: 20px 0 0;
@@ -681,7 +688,7 input.delete:hover {
681 }
688 }
682
689
683 #login form {
690 #login form {
684 background: url('images/login-bkg-bottom.gif') no-repeat bottom center;
691 background: url('../images/login-bkg-bottom.gif') no-repeat bottom center;
685 padding: 0 50px 25px;
692 padding: 0 50px 25px;
686 }
693 }
687
694
@@ -697,11 +704,11 input.delete:hover {
697 text-align: center;
704 text-align: center;
698 }
705 }
699
706
700 #login p {
707 #login p {
701 font-size: 12px;
708 font-size: 12px;
702 }
709 }
703
710
704 #login p.message {
711 #login p.message {
705 width: 310px;
712 width: 310px;
706 margin: 0 auto 1em;
713 margin: 0 auto 1em;
707 }
714 }
@@ -773,12 +780,12 input.delete:hover {
773 width: 97%;
780 width: 97%;
774 }
781 }
775
782
776 #login p label {
783 #login p label {
777 font-size: 11px;
784 font-size: 11px;
778 }
785 }
779
786
780 #login input#rememberme {
787 #login input#rememberme {
781 background-color: 0e3757;
788 background-color: #0e3757;
782 }
789 }
783
790
784 #login #submit {
791 #login #submit {
@@ -846,7 +853,7 input.delete:hover {
846 }
853 }
847
854
848 #template textarea {
855 #template textarea {
849 font: small 'Courier New', Courier, monospace;
856 font: small $fonts-code;
850 width: 97%;
857 width: 97%;
851 }
858 }
852
859
@@ -893,7 +900,7 input.delete:hover {
893 font-weight: normal;
900 font-weight: normal;
894 letter-spacing: -.05em;
901 letter-spacing: -.05em;
895 margin: 0;
902 margin: 0;
896 font-family: Georgia, "Times New Roman", Times, serif
903 font-family: $fonts-news;
897 }
904 }
898
905
899 #wphead h1 span {
906 #wphead h1 span {
@@ -1098,7 +1105,7 overall, dbx-box is best left as visually unstyled as possible
1098 }
1105 }
1099
1106
1100 #your-profile legend {
1107 #your-profile legend {
1101 font-family: Georgia, "Times New Roman", Times, serif;
1108 font-family: $fonts-news;
1102 font-size: 22px;
1109 font-size: 22px;
1103 }
1110 }
1104
1111
@@ -1113,13 +1120,13 overall, dbx-box is best left as visually unstyled as possible
1113 }
1120 }
1114
1121
1115 #moremeta .dbx-content {
1122 #moremeta .dbx-content {
1116 background: url(images/box-butt.gif) no-repeat bottom right;
1123 background: url(../images/box-butt.gif) no-repeat bottom right;
1117 padding-bottom: 10px;
1124 padding-bottom: 10px;
1118 padding-right: 2px;
1125 padding-right: 2px;
1119 }
1126 }
1120
1127
1121 #moremeta fieldset.dbx-box-closed {
1128 #moremeta fieldset.dbx-box-closed {
1122 background: url(images/box-butt.gif) no-repeat bottom;
1129 background: url(../images/box-butt.gif) no-repeat bottom;
1123 padding-bottom: 9px;
1130 padding-bottom: 9px;
1124 }
1131 }
1125
1132
@@ -1136,11 +1143,11 overall, dbx-box is best left as visually unstyled as possible
1136 #moremeta .dbx-handle {
1143 #moremeta .dbx-handle {
1137 padding: 6px 1em 2px;
1144 padding: 6px 1em 2px;
1138 font-size: 12px;
1145 font-size: 12px;
1139 background: #2685af url(images/box-head.gif) no-repeat right;
1146 background: #2685af url(../images/box-head.gif) no-repeat right;
1140 }
1147 }
1141
1148
1142 #moremeta .dbx-box {
1149 #moremeta .dbx-box {
1143 background: url(images/box-bg.gif) repeat-y right;
1150 background: url(../images/box-bg.gif) repeat-y right;
1144 }
1151 }
1145
1152
1146 #advancedstuff h3.dbx-handle {
1153 #advancedstuff h3.dbx-handle {
@@ -1149,17 +1156,17 overall, dbx-box is best left as visually unstyled as possible
1149 padding: 6px 1em 0 3px;
1156 padding: 6px 1em 0 3px;
1150 height: 19px;
1157 height: 19px;
1151 font-size: 12px;
1158 font-size: 12px;
1152 background: #2685af url(images/box-head-right.gif) no-repeat top right;
1159 background: #2685af url(../images/box-head-right.gif) no-repeat top right;
1153 }
1160 }
1154
1161
1155 #advancedstuff div.dbx-handle-wrapper {
1162 #advancedstuff div.dbx-handle-wrapper {
1156 margin: 0 0 0 -7px;
1163 margin: 0 0 0 -7px;
1157 background: #fff url(images/box-head-left.gif) no-repeat top left;
1164 background: #fff url(../images/box-head-left.gif) no-repeat top left;
1158 }
1165 }
1159
1166
1160 #advancedstuff div.dbx-content {
1167 #advancedstuff div.dbx-content {
1161 margin-left: 8px;
1168 margin-left: 8px;
1162 background: url(images/box-bg-right.gif) repeat-y right;
1169 background: url(../images/box-bg-right.gif) repeat-y right;
1163 padding: 10px 10px 15px 0px;
1170 padding: 10px 10px 15px 0px;
1164 }
1171 }
1165
1172
@@ -1171,26 +1178,26 overall, dbx-box is best left as visually unstyled as possible
1171 #advancedstuff div.dbx-content-wrapper {
1178 #advancedstuff div.dbx-content-wrapper {
1172 margin-left: -7px;
1179 margin-left: -7px;
1173 margin-right: 0;
1180 margin-right: 0;
1174 background: url(images/box-bg-left.gif) repeat-y left;
1181 background: url(../images/box-bg-left.gif) repeat-y left;
1175 }
1182 }
1176
1183
1177 #advancedstuff fieldset.dbx-box {
1184 #advancedstuff fieldset.dbx-box {
1178 padding-bottom: 9px;
1185 padding-bottom: 9px;
1179 margin-left: 6px;
1186 margin-left: 6px;
1180 background: url(images/box-butt-right.gif) no-repeat bottom right;
1187 background: url(../images/box-butt-right.gif) no-repeat bottom right;
1181 }
1188 }
1182
1189
1183 #advancedstuff div.dbx-box-wrapper {
1190 #advancedstuff div.dbx-box-wrapper {
1184 background: url(images/box-butt-left.gif) no-repeat bottom left;
1191 background: url(../images/box-butt-left.gif) no-repeat bottom left;
1185 }
1192 }
1186
1193
1187 #advancedstuff .dbx-box-closed div.dbx-content-wrapper {
1194 #advancedstuff .dbx-box-closed div.dbx-content-wrapper {
1188 padding-bottom: 2px;
1195 padding-bottom: 2px;
1189 background: url(images/box-butt-left.gif) no-repeat bottom left;
1196 background: url(../images/box-butt-left.gif) no-repeat bottom left;
1190 }
1197 }
1191
1198
1192 #advancedstuff .dbx-box {
1199 #advancedstuff .dbx-box {
1193 background: url(images/box-butt-right.gif) no-repeat bottom right;
1200 background: url(../images/box-butt-right.gif) no-repeat bottom right;
1194 }
1201 }
1195
1202
1196
1203
@@ -1203,7 +1210,7 overall, dbx-box is best left as visually unstyled as possible
1203 a.dbx-toggle, a.dbx-toggle:visited {
1210 a.dbx-toggle, a.dbx-toggle:visited {
1204 display:block;
1211 display:block;
1205 overflow: hidden;
1212 overflow: hidden;
1206 background-image: url( images/toggle.gif );
1213 background-image: url( ../images/toggle.gif );
1207 position: absolute;
1214 position: absolute;
1208 top: 0px;
1215 top: 0px;
1209 right: 0px;
1216 right: 0px;
@@ -1308,7 +1315,7 input #catadd {
1308 }
1315 }
1309
1316
1310 #edButtons input.edButtonBack, #edButtons input.edButtonBack:active {
1317 #edButtons input.edButtonBack, #edButtons input.edButtonBack:active {
1311 background: #fff url( images/fade-butt.png ) repeat-x 0px 15px;
1318 background: #fff url( ../images/fade-butt.png ) repeat-x 0px 15px;
1312 border-bottom: 1px solid #ccc;
1319 border-bottom: 1px solid #ccc;
1313 }
1320 }
1314
1321
@@ -1336,6 +1343,6 a.page-numbers:hover {
1336 margin: 0 6px;
1343 margin: 0 6px;
1337 }
1344 }
1338
1345
1339 ul.historic {
1346 ul.historic {
1340 margin-bottom: 1em;
1347 margin-bottom: 1em;
1341 } No newline at end of file
1348 }
Show file before | Show file after | Show commentsHide comments
@@ -19,9 +19,9 if($_POST)
19
19
20 swap_strips( $a, $b );
20 swap_strips( $a, $b );
21
21
22 close($f);
22 fclose($f);
23
23
24 $info.='<p>Strips $a and $b swapped successfully.</p>';
24 $info.="<p>Strips $a and $b swapped successfully.</p>";
25 adminlog("Strips $a and $b have been swapped.", MTS_STRIP, MTA_MODIFY);
25 adminlog("Strips $a and $b have been swapped.", MTS_STRIP, MTA_MODIFY);
26 }
26 }
27
27
Show file before | Show file after | Show commentsHide comments
@@ -4,13 +4,8 require_once('include/admin.inc.php');
4
4
5 // First, the quick hack way. May become neccessary to parallelize later.
5 // First, the quick hack way. May become neccessary to parallelize later.
6
6
7 $tweets = $mtdb->getAll("SELECT username, password, text, status, twitter_post.id AS id
7 $tweets = $dbConnection->fetchAll('SELECT username, password, text, status, tp.id AS id FROM twitter_post tp JOIN twitter_user tu ON tp.user = tu.id ' .
8 FROM twitter_post JOIN twitter_user
8 'WHERE tp.status = \'scheduled\' AND time >= NOW() AND time < TIMESTAMPADD(?, NOW())', array(RUN_INTERVAL));
9 ON twitter_post.user = twitter_user.id
10 WHERE twitter_post.status = 'scheduled'
11 AND time >= NOW()
12 AND time < TIMESTAMPADD(" . RUN_INTERVAL . ", NOW())
13 ");
14
9
15 // Check if we actually have any tweets. If not, bail.
10 // Check if we actually have any tweets. If not, bail.
16 if(count($tweets) === 0)
11 if(count($tweets) === 0)
@@ -23,7 +18,7 if(count($tweets) === 0)
23 foreach($tweets as $t)
18 foreach($tweets as $t)
24 {
19 {
25 // Lock the tweet
20 // Lock the tweet
26 $mtdb->query("UPDATE twitter_post SET status = 'locked' WHERE id = ".(int)$t->id." AND status = 'scheduled'", false);
21 $dbConnection->executeUpdate('UPDATE twitter_post SET status = \'locked\' WHERE id = ? AND status = \'scheduled\'', array($t->id));
27
22
28 if(twitterpost($t->text, $t->username, $t->password))
23 if(twitterpost($t->text, $t->username, $t->password))
29 {
24 {
@@ -39,7 +34,7 foreach($tweets as $t)
39 }
34 }
40
35
41 // Unlock tweet, update db.
36 // Unlock tweet, update db.
42 $mtdb->query("UPDATE twitter_post SET status = '".mysqli_real_escape_string($mtdb->link, $t->status)."' WHERE status = 'locked' AND id = ".(int)$t->id, false);
37 $dbConnection->executeUpdate('UPDATE twitter_post SET status = ? WHERE status = \'locked\' AND id = ?', array($t->status, $t->id));
43 }
38 }
44
39
45 ?>
40 ?>
Show file before | Show file after | Show commentsHide comments
@@ -15,7 +15,7 if( isset($_POST['edit']) ) {
15
15
16 copy(RANTIMG.'default', RANTIMG.$username.'.png');
16 copy(RANTIMG.'default', RANTIMG.$username.'.png');
17
17
18 $mtdb->query( 'INSERT INTO contributor (name, default_image) VALUES ("' . mysqli_real_escape_string($mtdb->link, $username) . '", "'.$username.'.png")' );
18 $dbConnection->executeUpdate('INSERT INTO contributor (name, default_image) VALUES (?, ?)', array($username, $username . '.png'));
19 $user = get_userdatabylogin( $username );
19 $user = get_userdatabylogin( $username );
20 $userid = $user->id;
20 $userid = $user->id;
21 $info.='<p>User Account Created</p>';
21 $info.='<p>User Account Created</p>';
@@ -37,7 +37,7 if( isset($_POST['edit']) ) {
37 $error.='<p>New passwords do not match.</p>';
37 $error.='<p>New passwords do not match.</p>';
38 } else {
38 } else {
39 /* password change */
39 /* password change */
40 if( ! $mtdb->getOne( 'SELECT id FROM contributor WHERE id = "' . (int)$user->id . '" AND (password = SHA1("' . mysqli_real_escape_string($mtdb->link, $_POST['password_old']) . '") OR password = "")' )) {
40 if( ! $dbConnection->fetchColumn('SELECT id FROM contributor WHERE id = ? AND (password = SHA1(?) OR password = "")', array((int)$user->id, $_POST['password_old']))) {
41 $error.='<p>Specified password is incorrect.</p>';
41 $error.='<p>Specified password is incorrect.</p>';
42 } else {
42 } else {
43 /* Password match */
43 /* Password match */
Show file before | Show file after | Show commentsHide comments
@@ -10,11 +10,11 adminhead('Users');
10 adminmenu();
10 adminmenu();
11 ?>
11 ?>
12 <h2>User Administration</h2>
12 <h2>User Administration</h2>
13 <p>Make changes to accounts for contributers to the website.</p>
13 <p>Make changes to accounts for contributors to the website.</p>
14
14
15 <?php
15 <?php
16
16
17 $users = $mtdb->getAll("SELECT id,name,email,nameplate FROM contributor");
17 $users = $dbConnection->fetchAll('SELECT id, name, email, nameplate FROM contributor');
18
18
19 ?>
19 ?>
20
20
Show file before | Show file after | Show commentsHide comments
@@ -17,10 +17,11 $page = 1;
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18
18
19 $perpage = 15;
19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21
21
22 $total = ceil( $mtdb->getOne("SELECT COUNT(*) FROM admin_log") / $perpage );
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(*) FROM admin_log') / $perpage );
23 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logstamp, l.logdate AS logdate, c.name AS cname, c.email AS cmail, s.name AS section, action, level, message FROM admin_log l JOIN admin_section s ON l.section = s.id LEFT JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT $start,$perpage");
23 $entries = $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(l.logdate) AS logstamp, l.logdate AS logdate, c.name AS cname, s.name AS section, action, level, message ' .
24 'FROM admin_log l JOIN admin_section s ON l.section = s.id JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24
25
25 pagination( $page, $total );
26 pagination( $page, $total );
26
27
Comments 0
You need to be logged in to leave comments. Login now