mt-admin
RSS
Merge pull request #16 from mt-admin dbal...
darkmorford -
17cb6fd19dbb merge
Not Reviewed
Show More
Add another comment
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
Show file before | Show file after | Show commentsHide comments
@@ -0,0 +1,14
1 # Topmost editor config for this site
2 root = true
3
4 # Global config settings
5 [*]
6 charset = utf-8
7 indent_style = tab
8 insert_final_newline = true
9 trim_trailing_whitespace = true
10
11 # Exceptions for specific files
12 [composer.{json,lock}]
13 indent_size = 4
14 indent_style = space
Show file before | Show file after | Show commentsHide comments
@@ -0,0 +1,5
1 {
2 "require": {
3 "doctrine/dbal": "v2.5.12"
4 }
5 }
Show file before | Show file after | Show commentsHide comments
@@ -0,0 +1,488
1 {
2 "_readme": [
3 "This file locks the dependencies of your project to a known state",
4 "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
5 "This file is @generated automatically"
6 ],
7 "content-hash": "6b362fc1ca79445eff7965b72a3e900b",
8 "packages": [
9 {
10 "name": "doctrine/annotations",
11 "version": "v1.4.0",
12 "source": {
13 "type": "git",
14 "url": "https://github.com/doctrine/annotations.git",
15 "reference": "54cacc9b81758b14e3ce750f205a393d52339e97"
16 },
17 "dist": {
18 "type": "zip",
19 "url": "https://api.github.com/repos/doctrine/annotations/zipball/54cacc9b81758b14e3ce750f205a393d52339e97",
20 "reference": "54cacc9b81758b14e3ce750f205a393d52339e97",
21 "shasum": ""
22 },
23 "require": {
24 "doctrine/lexer": "1.*",
25 "php": "^5.6 || ^7.0"
26 },
27 "require-dev": {
28 "doctrine/cache": "1.*",
29 "phpunit/phpunit": "^5.7"
30 },
31 "type": "library",
32 "extra": {
33 "branch-alias": {
34 "dev-master": "1.4.x-dev"
35 }
36 },
37 "autoload": {
38 "psr-4": {
39 "Doctrine\\Common\\Annotations\\": "lib/Doctrine/Common/Annotations"
40 }
41 },
42 "notification-url": "https://packagist.org/downloads/",
43 "license": [
44 "MIT"
45 ],
46 "authors": [
47 {
48 "name": "Roman Borschel",
49 "email": "roman@code-factory.org"
50 },
51 {
52 "name": "Benjamin Eberlei",
53 "email": "kontakt@beberlei.de"
54 },
55 {
56 "name": "Guilherme Blanco",
57 "email": "guilhermeblanco@gmail.com"
58 },
59 {
60 "name": "Jonathan Wage",
61 "email": "jonwage@gmail.com"
62 },
63 {
64 "name": "Johannes Schmitt",
65 "email": "schmittjoh@gmail.com"
66 }
67 ],
68 "description": "Docblock Annotations Parser",
69 "homepage": "http://www.doctrine-project.org",
70 "keywords": [
71 "annotations",
72 "docblock",
73 "parser"
74 ],
75 "time": "2017-02-24T16:22:25+00:00"
76 },
77 {
78 "name": "doctrine/cache",
79 "version": "v1.6.1",
80 "source": {
81 "type": "git",
82 "url": "https://github.com/doctrine/cache.git",
83 "reference": "b6f544a20f4807e81f7044d31e679ccbb1866dc3"
84 },
85 "dist": {
86 "type": "zip",
87 "url": "https://api.github.com/repos/doctrine/cache/zipball/b6f544a20f4807e81f7044d31e679ccbb1866dc3",
88 "reference": "b6f544a20f4807e81f7044d31e679ccbb1866dc3",
89 "shasum": ""
90 },
91 "require": {
92 "php": "~5.5|~7.0"
93 },
94 "conflict": {
95 "doctrine/common": ">2.2,<2.4"
96 },
97 "require-dev": {
98 "phpunit/phpunit": "~4.8|~5.0",
99 "predis/predis": "~1.0",
100 "satooshi/php-coveralls": "~0.6"
101 },
102 "type": "library",
103 "extra": {
104 "branch-alias": {
105 "dev-master": "1.6.x-dev"
106 }
107 },
108 "autoload": {
109 "psr-4": {
110 "Doctrine\\Common\\Cache\\": "lib/Doctrine/Common/Cache"
111 }
112 },
113 "notification-url": "https://packagist.org/downloads/",
114 "license": [
115 "MIT"
116 ],
117 "authors": [
118 {
119 "name": "Roman Borschel",
120 "email": "roman@code-factory.org"
121 },
122 {
123 "name": "Benjamin Eberlei",
124 "email": "kontakt@beberlei.de"
125 },
126 {
127 "name": "Guilherme Blanco",
128 "email": "guilhermeblanco@gmail.com"
129 },
130 {
131 "name": "Jonathan Wage",
132 "email": "jonwage@gmail.com"
133 },
134 {
135 "name": "Johannes Schmitt",
136 "email": "schmittjoh@gmail.com"
137 }
138 ],
139 "description": "Caching library offering an object-oriented API for many cache backends",
140 "homepage": "http://www.doctrine-project.org",
141 "keywords": [
142 "cache",
143 "caching"
144 ],
145 "time": "2016-10-29T11:16:17+00:00"
146 },
147 {
148 "name": "doctrine/collections",
149 "version": "v1.4.0",
150 "source": {
151 "type": "git",
152 "url": "https://github.com/doctrine/collections.git",
153 "reference": "1a4fb7e902202c33cce8c55989b945612943c2ba"
154 },
155 "dist": {
156 "type": "zip",
157 "url": "https://api.github.com/repos/doctrine/collections/zipball/1a4fb7e902202c33cce8c55989b945612943c2ba",
158 "reference": "1a4fb7e902202c33cce8c55989b945612943c2ba",
159 "shasum": ""
160 },
161 "require": {
162 "php": "^5.6 || ^7.0"
163 },
164 "require-dev": {
165 "doctrine/coding-standard": "~0.1@dev",
166 "phpunit/phpunit": "^5.7"
167 },
168 "type": "library",
169 "extra": {
170 "branch-alias": {
171 "dev-master": "1.3.x-dev"
172 }
173 },
174 "autoload": {
175 "psr-0": {
176 "Doctrine\\Common\\Collections\\": "lib/"
177 }
178 },
179 "notification-url": "https://packagist.org/downloads/",
180 "license": [
181 "MIT"
182 ],
183 "authors": [
184 {
185 "name": "Roman Borschel",
186 "email": "roman@code-factory.org"
187 },
188 {
189 "name": "Benjamin Eberlei",
190 "email": "kontakt@beberlei.de"
191 },
192 {
193 "name": "Guilherme Blanco",
194 "email": "guilhermeblanco@gmail.com"
195 },
196 {
197 "name": "Jonathan Wage",
198 "email": "jonwage@gmail.com"
199 },
200 {
201 "name": "Johannes Schmitt",
202 "email": "schmittjoh@gmail.com"
203 }
204 ],
205 "description": "Collections Abstraction library",
206 "homepage": "http://www.doctrine-project.org",
207 "keywords": [
208 "array",
209 "collections",
210 "iterator"
211 ],
212 "time": "2017-01-03T10:49:41+00:00"
213 },
214 {
215 "name": "doctrine/common",
216 "version": "v2.7.2",
217 "source": {
218 "type": "git",
219 "url": "https://github.com/doctrine/common.git",
220 "reference": "930297026c8009a567ac051fd545bf6124150347"
221 },
222 "dist": {
223 "type": "zip",
224 "url": "https://api.github.com/repos/doctrine/common/zipball/930297026c8009a567ac051fd545bf6124150347",
225 "reference": "930297026c8009a567ac051fd545bf6124150347",
226 "shasum": ""
227 },
228 "require": {
229 "doctrine/annotations": "1.*",
230 "doctrine/cache": "1.*",
231 "doctrine/collections": "1.*",
232 "doctrine/inflector": "1.*",
233 "doctrine/lexer": "1.*",
234 "php": "~5.6|~7.0"
235 },
236 "require-dev": {
237 "phpunit/phpunit": "^5.4.6"
238 },
239 "type": "library",
240 "extra": {
241 "branch-alias": {
242 "dev-master": "2.7.x-dev"
243 }
244 },
245 "autoload": {
246 "psr-4": {
247 "Doctrine\\Common\\": "lib/Doctrine/Common"
248 }
249 },
250 "notification-url": "https://packagist.org/downloads/",
251 "license": [
252 "MIT"
253 ],
254 "authors": [
255 {
256 "name": "Roman Borschel",
257 "email": "roman@code-factory.org"
258 },
259 {
260 "name": "Benjamin Eberlei",
261 "email": "kontakt@beberlei.de"
262 },
263 {
264 "name": "Guilherme Blanco",
265 "email": "guilhermeblanco@gmail.com"
266 },
267 {
268 "name": "Jonathan Wage",
269 "email": "jonwage@gmail.com"
270 },
271 {
272 "name": "Johannes Schmitt",
273 "email": "schmittjoh@gmail.com"
274 }
275 ],
276 "description": "Common Library for Doctrine projects",
277 "homepage": "http://www.doctrine-project.org",
278 "keywords": [
279 "annotations",
280 "collections",
281 "eventmanager",
282 "persistence",
283 "spl"
284 ],
285 "time": "2017-01-13T14:02:13+00:00"
286 },
287 {
288 "name": "doctrine/dbal",
289 "version": "v2.5.12",
290 "source": {
291 "type": "git",
292 "url": "https://github.com/doctrine/dbal.git",
293 "reference": "7b9e911f9d8b30d43b96853dab26898c710d8f44"
294 },
295 "dist": {
296 "type": "zip",
297 "url": "https://api.github.com/repos/doctrine/dbal/zipball/7b9e911f9d8b30d43b96853dab26898c710d8f44",
298 "reference": "7b9e911f9d8b30d43b96853dab26898c710d8f44",
299 "shasum": ""
300 },
301 "require": {
302 "doctrine/common": ">=2.4,<2.8-dev",
303 "php": ">=5.3.2"
304 },
305 "require-dev": {
306 "phpunit/phpunit": "4.*",
307 "symfony/console": "2.*||^3.0"
308 },
309 "suggest": {
310 "symfony/console": "For helpful console commands such as SQL execution and import of files."
311 },
312 "bin": [
313 "bin/doctrine-dbal"
314 ],
315 "type": "library",
316 "extra": {
317 "branch-alias": {
318 "dev-master": "2.5.x-dev"
319 }
320 },
321 "autoload": {
322 "psr-0": {
323 "Doctrine\\DBAL\\": "lib/"
324 }
325 },
326 "notification-url": "https://packagist.org/downloads/",
327 "license": [
328 "MIT"
329 ],
330 "authors": [
331 {
332 "name": "Roman Borschel",
333 "email": "roman@code-factory.org"
334 },
335 {
336 "name": "Benjamin Eberlei",
337 "email": "kontakt@beberlei.de"
338 },
339 {
340 "name": "Guilherme Blanco",
341 "email": "guilhermeblanco@gmail.com"
342 },
343 {
344 "name": "Jonathan Wage",
345 "email": "jonwage@gmail.com"
346 }
347 ],
348 "description": "Database Abstraction Layer",
349 "homepage": "http://www.doctrine-project.org",
350 "keywords": [
351 "database",
352 "dbal",
353 "persistence",
354 "queryobject"
355 ],
356 "time": "2017-02-08T12:53:47+00:00"
357 },
358 {
359 "name": "doctrine/inflector",
360 "version": "v1.1.0",
361 "source": {
362 "type": "git",
363 "url": "https://github.com/doctrine/inflector.git",
364 "reference": "90b2128806bfde671b6952ab8bea493942c1fdae"
365 },
366 "dist": {
367 "type": "zip",
368 "url": "https://api.github.com/repos/doctrine/inflector/zipball/90b2128806bfde671b6952ab8bea493942c1fdae",
369 "reference": "90b2128806bfde671b6952ab8bea493942c1fdae",
370 "shasum": ""
371 },
372 "require": {
373 "php": ">=5.3.2"
374 },
375 "require-dev": {
376 "phpunit/phpunit": "4.*"
377 },
378 "type": "library",
379 "extra": {
380 "branch-alias": {
381 "dev-master": "1.1.x-dev"
382 }
383 },
384 "autoload": {
385 "psr-0": {
386 "Doctrine\\Common\\Inflector\\": "lib/"
387 }
388 },
389 "notification-url": "https://packagist.org/downloads/",
390 "license": [
391 "MIT"
392 ],
393 "authors": [
394 {
395 "name": "Roman Borschel",
396 "email": "roman@code-factory.org"
397 },
398 {
399 "name": "Benjamin Eberlei",
400 "email": "kontakt@beberlei.de"
401 },
402 {
403 "name": "Guilherme Blanco",
404 "email": "guilhermeblanco@gmail.com"
405 },
406 {
407 "name": "Jonathan Wage",
408 "email": "jonwage@gmail.com"
409 },
410 {
411 "name": "Johannes Schmitt",
412 "email": "schmittjoh@gmail.com"
413 }
414 ],
415 "description": "Common String Manipulations with regard to casing and singular/plural rules.",
416 "homepage": "http://www.doctrine-project.org",
417 "keywords": [
418 "inflection",
419 "pluralize",
420 "singularize",
421 "string"
422 ],
423 "time": "2015-11-06T14:35:42+00:00"
424 },
425 {
426 "name": "doctrine/lexer",
427 "version": "v1.0.1",
428 "source": {
429 "type": "git",
430 "url": "https://github.com/doctrine/lexer.git",
431 "reference": "83893c552fd2045dd78aef794c31e694c37c0b8c"
432 },
433 "dist": {
434 "type": "zip",
435 "url": "https://api.github.com/repos/doctrine/lexer/zipball/83893c552fd2045dd78aef794c31e694c37c0b8c",
436 "reference": "83893c552fd2045dd78aef794c31e694c37c0b8c",
437 "shasum": ""
438 },
439 "require": {
440 "php": ">=5.3.2"
441 },
442 "type": "library",
443 "extra": {
444 "branch-alias": {
445 "dev-master": "1.0.x-dev"
446 }
447 },
448 "autoload": {
449 "psr-0": {
450 "Doctrine\\Common\\Lexer\\": "lib/"
451 }
452 },
453 "notification-url": "https://packagist.org/downloads/",
454 "license": [
455 "MIT"
456 ],
457 "authors": [
458 {
459 "name": "Roman Borschel",
460 "email": "roman@code-factory.org"
461 },
462 {
463 "name": "Guilherme Blanco",
464 "email": "guilhermeblanco@gmail.com"
465 },
466 {
467 "name": "Johannes Schmitt",
468 "email": "schmittjoh@gmail.com"
469 }
470 ],
471 "description": "Base library for a lexer that can be used in Top-Down, Recursive Descent Parsers.",
472 "homepage": "http://www.doctrine-project.org",
473 "keywords": [
474 "lexer",
475 "parser"
476 ],
477 "time": "2014-09-09T13:34:57+00:00"
478 }
479 ],
480 "packages-dev": [],
481 "aliases": [],
482 "minimum-stability": "stable",
483 "stability-flags": [],
484 "prefer-stable": false,
485 "prefer-lowest": false,
486 "platform": [],
487 "platform-dev": []
488 }
Show file before | Show file after | Show commentsHide comments
@@ -1,4 +1,7
1 # SASS artifacts
1 # Composer dependencies
2 vendor
3
4 # Stylesheet artifacts
2 5 *.css
3 6 *.css.map
4 7 .sass-cache
Show file before | Show file after | Show commentsHide comments
@@ -10,7 +10,8 if('post_twitter' == $_REQUEST['action'])
10 10 check_nonce('new-character-twitter');
11 11
12 12 #Fetch the password from the DB.
13 $acct = $mtdb->getRow(sprintf("SELECT username, password FROM twitter_user WHERE id = '%d'", $_REQUEST['twitter-account']));
13 $stmt = $dbConnection->executeQuery('SELECT username, password FROM twitter_user WHERE id = ?', array($_REQUEST['twitter-account']));
14 $acct = $stmt->fetch();
14 15
15 16 $post_at = strtotime($_REQUEST['date18']);
16 17
@@ -35,13 +36,8 if('post_twitter' == $_REQUEST['action'])
35 36 else
36 37 {
37 38 #No luck, gotta schedule.
38 $mtdb->query(
39 sprintf("INSERT INTO twitter_post (status, user, time, text)VALUES ('scheduled', '%d', FROM_UNIXTIME('%d'), '%s')",
40 mysqli_real_escape_string($mtdb->link, $_REQUEST['twitter-account']),
41 $post_at,
42 mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])
43 )
44 );
39 $dbConnection->executeUpdate('INSERT INTO twitter_post (status, user, time, text) VALUES (\'scheduled\', ?, FROM_UNIXTIME(?), ?)',
40 array($_REQUEST['twitter-account'], $post_at, $_REQUEST['message']));
45 41 $info .= "Your tweet for user " . htmlentities($acct->username) . " has been scheduled.";
46 42 adminlog('Tweet for account ' . $acct->username . ' has been scheduled.', MTS_TWITTER, MTA_ADD);
47 43 }
@@ -52,12 +48,11 if('post_twitter' == $_REQUEST['action'])
52 48 }
53 49 }
54 50
55 $characters = $mtdb->getAll("SELECT id, username FROM twitter_user ORDER BY username");
51 $characters = $dbConnection->fetchAll('SELECT id, username FROM twitter_user ORDER BY username');
56 52
57 $scheduled = $mtdb->getAll("SELECT username, text, status, twitter_post.id AS id, time
58 FROM twitter_post JOIN twitter_user
59 ON twitter_post.user = twitter_user.id
60 WHERE twitter_post.status = 'scheduled' ORDER BY time");
53 $scheduled = $dbConnection->fetchAll('SELECT username, text, status, twitter_post.id AS id, time ' .
54 'FROM twitter_post JOIN twitter_user ON twitter_post.user = twitter_user.id ' .
55 'WHERE twitter_post.status = \'scheduled\' ORDER BY time');
61 56
62 57 adminhead('Manage Character Twitters');
63 58 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-strip-'.(int)$_REQUEST['strip_id']);
9 9
10 10 if(!deletestrip( $_REQUEST['strip_id'] ))
11 11 {
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".mysqli_error(), MTS_STRIP, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".$dbConnection->errorCode(), MTS_STRIP, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified strip.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-page-'.$_REQUEST['page_name']);
9 9
10 10 if(!deletepage( $_REQUEST['page_name'] ))
11 11 {
12 adminlog("Error deleting page $_REQUEST[page_name]: ".mysqli_error(), MTS_PAGE, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting page $_REQUEST[page_name]: ".$dbConnection->errorCode(), MTS_PAGE, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified page.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-rant-'.(int)$_REQUEST['rant_id']);
9 9
10 10 if(!deleterant( $_REQUEST['rant_id'] ))
11 11 {
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".mysqli_error(), MTS_RANT, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".$dbConnection->errorCode(), MTS_RANT, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified rant.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 $victim = (int)$_REQUEST['tweet_id'];
12 12
13 13 if($victim)
14 14 {
15 $r = $mtdb->query("DELETE FROM twitter_post WHERE id = '$victim'");
15 $r = $dbConnection->executeUpdate('DELETE FROM twitter_post WHERE id = ?', array($victim));
16 16 if(!$r)
17 17 {
18 18 adminlog('Error deleting scheduled tweet ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 $victim = (int)$_REQUEST['id'];
12 12
13 13 if($victim)
14 14 {
15 $r = $mtdb->query("DELETE FROM twitter_user WHERE id = '$victim'");
15 $r = $dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($victim));
16 16 if(!$r)
17 17 {
18 18 adminlog('Error deleting specified twitter user ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
Show file before | Show file after | Show commentsHide comments
@@ -35,13 +35,13 if( $_POST ) {
35 35 if( !is_valid_upload('comicFile') )
36 36 {
37 37 adminlog("Image upload failed.", MTS_STRIP, MTA_ADD, E_WARNING);
38 mtdie('If you want to upload a new comic, you must provide said comic.','Strip upload failed.');
38 mtdie('If you want to upload a new comic, you must provide said comic.', 'Strip upload failed.');
39 39 }
40 40
41 41 // get image type and target extension
42 42 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
43 43 $strip->media = $imagedata[2];
44 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id = ' . (int)$strip->media );
44 $fileext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media), 0, array(PDO::PARAM_INT));
45 45
46 46 if(strlen($fileext) < 3)
47 47 {
@@ -53,8 +53,8 if( $_POST ) {
53 53 // Insert new strip into the database, get a real $strip->id
54 54 if(!insertstrip( $strip ))
55 55 {
56 adminlog("Error on insertion of new strip: ".mysqli_error(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.mysqli_error(), 'SQL Error');
56 adminlog("Error on insertion of new strip: ".$dbConnection->errorCode(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.$dbConnection->errorCode(), 'SQL Error');
58 58 }
59 59
60 60 // Store the uploaded file to xxxx-0.ext
@@ -86,7 +86,7 if( $_POST ) {
86 86 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
87 87 $strip->media = $imagedata[2];
88 88 }
89 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$strip->media );
89 $fileext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media), 0, array(PDO::PARAM_INT));
90 90
91 91 if(strlen($fileext) < 3)
92 92 {
@@ -99,7 +99,7 if( $_POST ) {
99 99 if(!updatestrip( $strip ) )
100 100 {
101 101 adminlog("Failed to update strip ".$strip->id.".", MTS_STRIP, MTA_UPDATE);
102 mtdie('Error updating strip: ' . mysqli_error(), 'SQL Error');
102 mtdie('Error updating strip: ' . $dbConnection->errorCode(), 'SQL Error');
103 103 }
104 104
105 105 if( is_valid_upload('comicFile') ) { // If uploading, store the uploaded file to xxxx-n.ext
@@ -178,7 +178,7 adminmenu('manage-comics.php');
178 178 <h3 class="dbx-handle">Comic Type</h3>
179 179 <div class="dbx-content"><select name="strip_type">
180 180 <?php
181 $types = $mtdb->getAll( 'SELECT id, description FROM strip_t ORDER BY id' );
181 $types = $dbConnection->fetchAll('SELECT id, description FROM strip_t ORDER BY id');
182 182 foreach( $types as $k=>$v )
183 183 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($strip->type == $v->id ? 'selected="selected"' : '' ), htmlentities($v->description));
184 184
Show file before | Show file after | Show commentsHide comments
@@ -4,7 +4,12 require_once('include/admin.inc.php');
4 4
5 5 auth_redirect(); // Require logged in user to access this page.
6 6
7 $type = $mtdb->getRow( 'SELECT id, name FROM meta_t WHERE id=' . (int)$_GET['edit'] )
7 $sql = 'SELECT id, name FROM meta_t WHERE id = ?';
8 $stmt = $dbConnection->prepare($sql);
9 $stmt->bindValue(1, $_GET['edit'], PDO::PARAM_INT);
10 $stmt->execute();
11
12 $type = $stmt->fetch()
8 13 or mtdie("Invalid metatype number!");
9 14
10 15 adminhead('Metatypes');
Show file before | Show file after | Show commentsHide comments
@@ -59,10 +59,9 if( $_POST ) {
59 59
60 60 adminhead('Edit Static Page');
61 61 adminmenu('manage-pages.php');
62
63
64 62 ?>
65 63
64
66 65 <h2>Editing Page "<?php echo htmlentities($page->title, ENT_COMPAT, 'UTF-8') ; ?>"</h2>
67 66
68 67 <form enctype="multipart/form-data" action="edit-page.php" method="post" name="post" id="post">
Show file before | Show file after | Show commentsHide comments
@@ -62,7 +62,7 if( $_POST ) {
62 62 $rant->id = insertrant($rant);
63 63 if( $rant->id === false )
64 64 {
65 adminlog("Error on rant insertion: ".mysqli_error(), MTS_RANT, MTA_INSERT, E_ERROR);
65 adminlog("Error on rant insertion: ".$dbConnection->errorCode(), MTS_RANT, MTA_INSERT, E_ERROR);
66 66 mtdie('There was an error inserting the rant into the database.', 'SQL Error');
67 67 }
68 68
@@ -118,7 +118,7 if( $_POST ) {
118 118 foreach($_POST['delete_attachment'] as $attachment)
119 119 deleteattachment($attachment);
120 120
121 $existing_attachments = $mtdb->getAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = '.$rant->id.' ORDER BY id');
121 $existing_attachments = $dbConnection->fetchAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = ? ORDER BY id', array($rant->id));
122 122 for($i = 0; $i < count($existing_attachments); $i++) {
123 123 $rant->body = preg_replace('/(href|src)=\"([^\"]*?)\\{'.($i+1).'\\}(.*?)\"/', '\1="'.get_rantattachment_filename($existing_attachments[$i]->id).'"', $rant->body);
124 124 }
@@ -192,7 +192,7 adminmenu('manage-rants.php');
192 192 <fieldset id="authordiv" class="dbx-box">
193 193 <h3 class="dbx-handle">Author</h3>
194 194 <div class="dbx-content"><select name="rant_author"><?php
195 $contrib = $mtdb->getAll('select id,name from contributor');
195 $contrib = $dbConnection->fetchAll('SELECT id, name FROM contributor');
196 196 foreach( $contrib as $k=>$v ) {
197 197 printf('<option value="%s" %s>%s</option>', htmlentities($v->id, ENT_COMPAT, 'UTF-8'), ( $v->id == $rant->author ? 'selected="selected"' : '' ), htmlentities($v->name) );
198 198 } ?>
@@ -298,7 +298,7 adminmenu('manage-rants.php');
298 298 <p>Attach files:</p>
299 299 <ol id="rant_attachment_list">
300 300 <?php
301 $attachments = $mtdb->getAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = '.$rant->id.' ORDER BY id');
301 $attachments = $dbConnection->fetchAll('SELECT ra.id AS id, extension FROM rant_attachment ra JOIN media_t ON ra.media = media_t.id WHERE ra.rant = ? ORDER BY id', array($rant->id));
302 302 foreach($attachments as $k=>$v)
303 303 printf('<li><input type="checkbox" name="delete_attachment[]" value="%d" /> <a href="%s/%s/%s">%s</a></li>', $v->id, SITE_HOST, SITE_PATH, get_rantattachment_filename($v->id), get_rantattachment_filename($v->id));
304 304 ?>
Show file before | Show file after | Show commentsHide comments
@@ -24,12 +24,8
24 24
25 25 for ($count = 0; $count < 5; $count++) {
26 26 $entry = $feed->getEntryByOffset($count);
27 $link = mysqli_real_escape_string($mtdb->link, $entry->link);
28 $title = mysqli_real_escape_string($mtdb->link, $entry->title);
29 $date = $entry->pubdate;
30 27
31 $mtdb->query("INSERT INTO fredart (pubdate, title, link)
32 VALUES (FROM_UNIXTIME($date), '$title', '$link')", false);
28 $dbConnection->executeUpdate('INSERT INTO fredart (pubdate, title, link) VALUES (FROM_UNIXTIME(?), ?, ?)', array($entry->pubdate, $entry->title, $entry->link));
33 29 }
34 30
35 31 header('Content-Type: text/xml');
Show file before | Show file after | Show commentsHide comments
@@ -1,12 +1,11
1 1 <?php
2 2
3 3 /* Megatokyo Website Administration */
4
5 4 require_once('../LocalSettings.php');
5 require(__DIR__ . '/../vendor/autoload.php');
6 6
7 7 // Core lib
8 8 require_once('html.php');
9 require_once('mysql.php');
10 9 require_once('cookies.php');
11 10 require_once('functions.php');
12 11 require_once('error.php');
@@ -29,8 +28,18 require_once('rss.php');
29 28
30 29 require_once('twitteroauth/twitteroauth.php');
31 30
32 $mtdb = new MysqlStore();
33 $mtdb->connect( DB_SERVER, DB_WRITE_USER, DB_WRITE_PASS, DB_NAME );
31 // Initialize a connection to the database
32 $dbConfig = new \Doctrine\DBAL\Configuration();
33 $dbParams = array(
34 'dbname' => DB_NAME,
35 'user' => DB_WRITE_USER,
36 'password' => DB_WRITE_PASS,
37 'host' => DB_SERVER,
38 'driver' => 'pdo_mysql',
39 'charset' => 'utf8mb4'
40 );
41 $dbConnection = \Doctrine\DBAL\DriverManager::getConnection($dbParams, $dbConfig);
42 $dbConnection->setFetchMode(PDO::FETCH_OBJ);
34 43
35 44 /* TODO: Move these definitions to LocalSettings.php */
36 45 if ( !defined('RANTIMG') )
@@ -42,21 +51,20 define('USING_TIDY', false);
42 51
43 52 /* These function are all for core authentication. */
44 53
45 // Call mysql to hash a password
46 54 function mt_hash_password($password) {
47 global $mtdb;
48 return $mtdb->getOne('SELECT SHA1("' . mysqli_real_escape_string($mtdb->link, $password) . '")') ;
55 return sha1($password);
49 56 }
50 57
51 // Remove invalid characters from username. Permit only alpha, underscore, period, at, hypen
58 // Remove invalid characters from username. Permit only alpha, underscore, period, at, hyphen
52 59 function sanitize_username( $username ) {
53 60 return preg_replace('|[^a-z_.@-]|i', '', $username);
54 61 }
55 62
56 63 // Attempt to login with a username and password. If from cookies, set already_hashed = true.
57 64 function mt_login($username, $password, $already_hashed = false) {
58 global $error,$mtdb;
65 global $error, $dbConnection;
59 66
67 // Fail login if either user or pass is blank
60 68 if ( '' == $username )
61 69 return false;
62 70
@@ -67,7 +75,11 function mt_login($username, $password, $already_hashed = false) {
67 75
68 76 $username = sanitize_username( $username );
69 77
70 $login = $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link,password FROM contributor WHERE name = "' . mysqli_real_escape_string($mtdb->link, $username) . '"');
78 // Get user info from the database
79 $sql = 'SELECT * FROM contributor WHERE name LIKE ?';
80 $stmt = $dbConnection->executeQuery($sql, array($username));
81 $login = $stmt->fetch();
82
71 83 if (!$login) {
72 84 $error = ('<strong>ERROR</strong>: Invalid username or password.');
73 85 adminlog("Failed login attempt from ".$_SERVER['REMOTE_ADDR']." for $username.", MTS_LOGIN, MTA_CHANGE);
@@ -144,5 +156,4 function nocache_headers() {
144 156 @ header('Pragma: no-cache');
145 157 }
146 158
147
148 159 ?>
Show file before | Show file after | Show commentsHide comments
@@ -25,7 +25,6 function mt_get_cookie_login() {
25 25
26 26 // Store username and password in a cookie
27 27 function mt_setcookie($username, $password, $already_md5 = false, $siteurl = '', $remember = false) {
28 global $mtdb;
29 28 if ( !$already_md5 )
30 29 $password = mt_hash_password($password);
31 30
Show file before | Show file after | Show commentsHide comments
@@ -13,8 +13,7 define('MTS_TYPE_META', 8); // Changes in the metatype manager
13 13 define('MTS_TUMBLR', 10);
14 14
15 15
16
17 define('MTA_ADD', 'create'); // Creation action
16 define('MTA_ADD', 'create'); // Creation action
18 17 define('MTA_INSERT', 'create'); // Creation action
19 18 define('MTA_DELETE', 'delete'); // Deletion action
20 19 define('MTA_REMOVE', 'delete'); // Deletion action
@@ -24,21 +23,29 define('MTA_CHANGE', 'update'); // Modification action
24 23
25 24 function adminlog($msg, $section, $action, $level=E_USER_NOTICE, $email=false)
26 25 {
27 global $mtdb, $currentuser;
26 global $dbConnection, $currentuser;
28 27
29 $sql = sprintf('INSERT INTO admin_log (contributor, section, action, level, message) VALUES (%s, %d, "%s", %d, "%s")',
30 (is_numeric($currentuser->id) ? $currentuser->id : "NULL"), $section, mysqli_real_escape_string($mtdb->link, $action), $level, mysqli_real_escape_string($mtdb->link, $msg));
31 $mtdb->query( $sql ) or die($sql."<br>".mysqli_error($mtdb->link)."<br>\n".var_export(debug_backtrace()));
28 $sql = 'INSERT INTO admin_log (contributor, section, action, level, message) VALUES (?, ?, ?, ?, ?)';
29 $stmt = $dbConnection->prepare($sql);
30 $stmt->bindValue(1, is_numeric($currentuser->id) ? $currentuser->id : NULL);
31 $stmt->bindValue(2, $section);
32 $stmt->bindValue(3, $action);
33 $stmt->bindValue(4, $level);
34 $stmt->bindValue(5, $msg);
35 $stmt->execute() or die($sql . '<br>' . $stmt->errorCode() . '<br>' . var_export(debug_backtrace()));
32 36
33 37 // Log all important sorts of messages in the Apache log
34 if( $level & (E_USER_WARNING | E_USER_ERROR) ) {
38 if( $level & (E_USER_WARNING | E_USER_ERROR) )
39 {
35 40 error_log($msg, 0);
36 41 }
37 42
38 43 // Email critical messages and those for which email is requested
39 if($email || E_USER_ERROR == $level || E_ERROR == $level) {
44 if($email || E_USER_ERROR == $level || E_ERROR == $level)
45 {
40 46 // Pretty printing
41 switch($level) {
47 switch($level)
48 {
42 49 case E_USER_NOTICE:
43 50 case E_NOTICE:
44 51 $importance = 'Notice';
@@ -56,7 +63,8 function adminlog($msg, $section, $action, $level=E_USER_NOTICE, $email=false)
56 63 break;
57 64 }
58 65
59 switch($section) {
66 switch($section)
67 {
60 68 case MTS_LOGIN: $area = 'User login'; break;
61 69 case MTS_USER: $area = 'Modify user'; break;
62 70 case MTS_PAGE: $area = 'Modify page'; break;
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 function adminhead($title = '') {
12 12 <head>
13 13 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
14 14 <title>Megatokyo Administrative Dashboard<?php if( $title ) echo " &#8212; $title"; ?></title>
15 <link rel="stylesheet" href="<?php echo ADMIN_PATH; ?>/wp-admin.css" type="text/css" />
15 <link rel="stylesheet" href="<?php echo ADMIN_PATH; ?>/styles/wp-admin.css" type="text/css" />
16 16 <link type="application/rss+xml" rel="alternate" title="Admin Log" href="<?php printf('%s%s/%s/adminlog.xml', SITE_HOST, SITE_PATH, SITE_ADMIN) ?>" />
17 17 <link type="application/rss+xml" rel="alternate" title="Scratchpad" href="<?php printf('%s%s/%s/scratchpad.xml', SITE_HOST, SITE_PATH, SITE_ADMIN) ?>" />
18 18 </head>
@@ -41,7 +41,7 $submenu['manage-comics.php'] = array(
41 41 'manage-types.php' => 'Types',
42 42 'manage-twitter-users.php' => 'Twitter Users',
43 43 'manage-metatypes.php' => 'Metatypes',
44 'swap-comics.php' => 'Swap Comics',
44 //'swap-comics.php' => 'Swap Comics',
45 45 'character-twitter.php' => 'Character Twitters',
46 46 'view-adminlog.php' => 'View Admin Log'
47 47 );
@@ -155,6 +155,7 function handle_error($errno, $errstr, $errfile, $errline, $errcontext) {
155 155 case E_CORE_WARNING:
156 156 case E_COMPILE_WARNING:
157 157 break;
158
158 159 case E_USER_ERROR:
159 160 case E_ERROR:
160 161 case E_PARSE:
@@ -164,7 +165,7 function handle_error($errno, $errstr, $errfile, $errline, $errcontext) {
164 165 header('Content-Type: text/html; charset=utf-8');
165 166
166 167 if (eregi('^(sql)$', $errstr)) {
167 $errstr = "SQL Error " . mysqli_errno() . ': ' . mysqli_error();
168 // $errstr = "SQL Error " . mysqli_errno() . ': ' . mysqli_error();
168 169 }
169 170
170 171 $message = "Error#$errno: $errstr";
@@ -204,7 +205,7 function mtdie($message,$title='') {
204 205 font-dize: 18px;
205 206 font-weight: lighter;
206 207 }
207 h2 {
208 h2 {
208 209 font-size: 16px;
209 210 }
210 211 p, li, dt {
@@ -222,13 +223,12 function mtdie($message,$title='') {
222 223 </head>
223 224 <body>
224 225 <h1 id="Logo">Megatokyo Admin</h1>
225 <?php if($title) echo "<h2>$title</h2>\n"; ?>
226 <?php if($title) echo "<h2>$title</h2>\n"; ?>
226 227 <p><?php echo $message; ?></p>
227 228 </body>
228 229 </html>
229 230 <?php
230 231 die();
231
232 232 }
233 233
234 234 function numeric_entities($string){
Show file before | Show file after | Show commentsHide comments
@@ -73,7 +73,7 function wp_nonce_ays($action) {
73 73 }
74 74
75 75 function mt_explain_nonce($action) {
76 global $mtdb;
76 global $dbConnection;
77 77 $c = explode('-',$action);
78 78 $i = (int)$c[2];
79 79
@@ -110,12 +110,12 function mt_explain_nonce($action) {
110 110 if( false !== strpos( $t, '%' ) ) {
111 111
112 112 switch( $c[1] ) {
113 case 'rant': $v = $mtdb->getOne('SELECT title FROM rant WHERE id=' . $i); break;
114 case 'strip': $v = $mtdb->getOne('SELECT id FROM strip WHERE id=' . $i); break;
115 case 'type': $v = $mtdb->getOne('SELECT name FROM strip_t WHERE id=' . $i); break;
116 case 'metatype':$v = $mtdb->getOne('SELECT name FROM meta_t WHERE id=' . $i); break;
113 case 'rant': $v = $dbConnection->fetchColumn('SELECT title FROM rant WHERE id = ?', array($i)); break;
114 case 'strip': $v = $dbConnection->fetchColumn('SELECT id FROM strip WHERE id = ?', array($i)); break;
115 case 'type': $v = $dbConnection->fetchColumn('SELECT name FROM strip_t WHERE id = ?', array($i)); break;
116 case 'metatype':$v = $dbConnection->fetchColumn('SELECT name FROM meta_t WHERE id = ?', array($i)); break;
117 117 case 'extra': $temp = extra_file_from_inode($i); $v = $temp->name; break;
118 case 'twitteruser': $v = $mtdb->getOne('SELECT username FROM twitter_user WHERE id=' . $i); break;
118 case 'twitteruser': $v = $dbConnection->fetchColumn('SELECT username FROM twitter_user WHERE id = ?', array($i)); break;
119 119 default: $v = $i;
120 120 }
121 121
Show file before | Show file after | Show commentsHide comments
@@ -1,53 +1,84
1 1 <?php
2 2
3 class Page {
4 var $url_name, $status, $title, $body, $style;
3 class Page
4 {
5 public $url_name;
6 public $status;
7 public $title;
8 public $body;
9 public $style;
5 10 }
6 11
7 function savepage($page) {
8 if($page->url_name)
12 function savepage($page)
13 {
14 if ($page->url_name)
9 15 return updatepage($page);
10 16 else
11 17 return insertpage($page);
12 18 }
13 19
14 function insertpage($page) {
15 global $mtdb;
16 $sql = 'INSERT INTO static_page ( url_name, status, title, body, style ) VALUES ('
17 . ' "' . mysqli_real_escape_string($mtdb->link, $page->url_name)
18 . '", "' . mysqli_real_escape_string($mtdb->link, $page->status)
19 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )
20 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )
21 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )
22 . '")';
23 adminlog("Page '".$page->url_name."' has been added.", MTS_PAGE, MTA_ADD);
24 return $mtdb->query($sql);
20 function insertpage($page)
21 {
22 if ( !$page->url_name ) return false;
23 global $dbConnection;
24
25 $sql = 'INSERT INTO static_page (url_name, status, title, body, style) VALUES (:slug, :status, :title, :body, :style)';
26 $stmt = $dbConnection->prepare($sql);
27
28 $stmt->bindValue('slug', $page->url_name);
29 $stmt->bindValue('status', $page->status);
30 $stmt->bindValue('title', trim($page->title));
31 $stmt->bindValue('body', trim($page->body));
32 $stmt->bindValue('style', trim($page->style));
33
34 adminlog("Page '" . $page->url_name . "' has been added.", MTS_PAGE, MTA_ADD);
35 return $stmt->execute();
25 36 }
26 37
27 function updatepage($page) {
38 function updatepage($page)
39 {
28 40 if ( !$page->url_name ) return false;
29 global $mtdb;
30
31 $sql = 'UPDATE static_page SET url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name)
32 . '", status = "' . mysqli_real_escape_string($mtdb->link, $page->status)
33 . '", title = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )
34 . '", body = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )
35 . '", style = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )
36 . '" WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name) . '"';
37 adminlog("Page '".$page->url_name."' has been updated.", MTS_PAGE, MTA_MODIFY);
38 return $mtdb->query( $sql );
41 global $dbConnection;
42
43 $sql = 'UPDATE static_page SET url_name = :slug, status = :status, title = :title, body = :body, style = :style WHERE url_name = :slug';
44 $stmt = $dbConnection->prepare($sql);
45
46 $stmt->bindValue('slug', $page->url_name);
47 $stmt->bindValue('status', $page->status);
48 $stmt->bindValue('title', trim($page->title));
49 $stmt->bindValue('body', trim($page->body));
50 $stmt->bindValue('style', trim($page->style));
51
52 adminlog("Page '" . $page->url_name . "' has been updated.", MTS_PAGE, MTA_MODIFY);
53 return $stmt->execute();
39 54 }
40 55
41 function deletepage($url_name) {
56 function deletepage($url_name)
57 {
42 58 if ( !$url_name ) return false;
43 global $mtdb;
44 adminlog("Page '".$page->url_name."' has been deleted.", MTS_PAGE, MTA_DELETE);
45 return $mtdb->query( 'DELETE FROM static_page WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $url_name) . '"' );
59 global $dbConnection;
60
61 $sql = 'DELETE FROM static_page WHERE url_name = :slug';
62 $stmt = $dbConnection->prepare($sql);
63
64 $stmt->bindValue('slug', $url_name);
65
66 adminlog("Page '" . $page->url_name . "' has been deleted.", MTS_PAGE, MTA_DELETE);
67 return $stmt->execute();
46 68 }
47 69
48 function getpage($url_name) {
49 global $mtdb;
50 return $mtdb->getRow( 'SELECT url_name, status, title, body, style FROM static_page WHERE url_name = "'. mysqli_real_escape_string($mtdb->link, $url_name) . '"' );
70 function getpage($url_name)
71 {
72 if ( !$url_name ) return false;
73 global $dbConnection;
74
75 $sql = 'SELECT url_name, status, title, body, style FROM static_page WHERE url_name = :slug';
76 $stmt = $dbConnection->prepare($sql);
77
78 $stmt->bindValue('slug', $url_name);
79
80 $stmt->execute();
81 return $stmt->fetch();
51 82 }
52 83
53 84 ?>
Show file before | Show file after | Show commentsHide comments
@@ -1,119 +1,193
1 1 <?php
2 2
3 class Rant {
4 var $id, $published, $status, $side, $author, $title, $body, $link, $imagetype, $imagetext;
3 class Rant
4 {
5 public $id;
6 public $published;
7 public $status;
8 public $side;
9 public $author;
10 public $title;
11 public $body;
12 public $link;
13 public $imagetype;
14 public $imagetext;
5 15 }
6 16
7 function saverant($rant) {
8 if($rant->id)
17 function saverant($rant)
18 {
19 if ($rant->id)
9 20 return updaterant($rant);
10 21 else
11 22 return insertrant($rant);
12 23 }
13 24
14 function insertrant($rant) {
15 global $mtdb;
16 $sql = 'INSERT INTO rant ( published, status, side, author, title, body, link, imagetype, imagetext ) VALUES ( FROM_UNIXTIME('
17 . (int)$rant->published
18 . '), "' . mysqli_real_escape_string($mtdb->link, $rant->status)
19 . '", "' . mysqli_real_escape_string($mtdb->link, $rant->side)
20 . '", "' . (int)$rant->author
21 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->title) )
22 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->body ) )
23 . '", "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->link ) )
24 . '", ' . mysqli_real_escape_string($mtdb->link, $rant->imagetype)
25 . ', "' . mysqli_real_escape_string( $mtdb->link, trim( $rant->imagetext ) )
26 . '")';
27
28 if( $mtdb->query( $sql ) ) {
25 function insertrant($rant)
26 {
27 global $dbConnection;
28
29 $sql = 'INSERT INTO rant (published, status, side, author, title, body, link, imagetype, imagetext) VALUES ' .
30 '(FROM_UNIXTIME(:published), :status, :side, :author, :title, :body, :link, :imagetype, :imagetext)';
31 $stmt = $dbConnection->prepare($sql);
32
33 $stmt->bindValue('published', (int)$rant->published);
34 $stmt->bindValue('status', $rant->status);
35 $stmt->bindValue('side', $rant->side);
36 $stmt->bindValue('author', (int)$rant->author);
37 $stmt->bindValue('title', trim($rant->title));
38 $stmt->bindValue('body', trim($rant->body));
39 $stmt->bindValue('link', trim($rant->link));
40 $stmt->bindValue('imagetype', $rant->imagetype);
41 $stmt->bindValue('imagetext', trim($rant->imagetext));
42
43 if ($stmt->execute())
44 {
29 45 //logthis( 'Saved changes to rant ' . $rant->id );
30 $rant->id = mysqli_insert_id( $mtdb->link );
46 $rant->id = $dbConnection->lastInsertId();
31 47
32 adminlog("Rant ".$rant->id." saved.", MTS_RANT, MTA_ADD);
48 adminlog("Rant " . $rant->id . " saved.", MTS_RANT, MTA_ADD);
33 49
34 if($rant->status == "published")
50 if ($rant->status == "published")
35 51 {
52 adminlog("Rant " . $rant->id . " published.", MTS_RANT, MTA_ADD);
53
54 /*
36 55 $poster = get_userdatabyid($rant->author);
37 adminlog("Rant ".$rant->id." published.", MTS_RANT, MTA_ADD);
38 56 twitterpost("New rant posted by ".$poster->name.": ".SITE_HOST.SITE_PATH."/rant/".$rant->id);
39 57
40 58 if($rant->author === 1) {
41 59 tumblrpost($rant->title, $rant->body);
42 60 }
61 */
43 62 }
44 63
45 64 return $rant->id;
46 65 }
66
47 67 return false;
48 68 }
49 69
50 function updaterant($rant) {
70 function updaterant($rant)
71 {
51 72 if ( !(int)$rant->id ) return false;
52 global $mtdb;
53
54 #first, check if it's published already
55 $qr = $mtdb->query("SELECT status FROM rant WHERE id = ".$rant->id);
56 $row = mysqli_fetch_row($qr);
57 $status = $row[0];
58
59 adminlog("Rant ".$rant->id." updated.", MTS_RANT, MTA_UPDATE);
60
61 $sql = 'UPDATE rant SET published=FROM_UNIXTIME(' . (int)$rant->published
62 . '), status = "' . mysqli_real_escape_string($mtdb->link, $rant->status)
63 . '", side = "' . mysqli_real_escape_string($mtdb->link, $rant->side)
64 . '", author = ' . (int)$rant->author
65 . ', title = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->title) )
66 . '", body = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->body ) )
67 . '", link = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->link ) )
68 . '", imagetype = ' . (int)$rant->imagetype
69 . ', imagetext = "' . mysqli_real_escape_string( $mtdb->link, trim($rant->imagetext) )
70 . '" WHERE id=' . (int)$rant->id;
71
72 if($status == "draft" && $rant->status == "published")
73 global $dbConnection;
74
75 # First, check if it's published already
76 $sql = 'SELECT status FROM rant WHERE id = ?';
77 $stmt = $dbConnection->prepare($sql);
78
79 $stmt->bindValue(1, $rant->id);
80
81 $stmt->execute();
82 $status = $stmt->fetchColumn();
83
84 adminlog("Rant " . $rant->id . " updated.", MTS_RANT, MTA_UPDATE);
85
86 $sql = 'UPDATE rant SET published = FROM_UNIXTIME(:published), status = :status, side = :side, author = :author, ' .
87 'title = :title, body = :body, link = :link, imagetype = :imagetype, imagetext = :imagetext WHERE id = :id';
88 $stmt = $dbConnection->prepare($sql);
89
90 $stmt->bindValue('id', (int)$rant->id);
91 $stmt->bindValue('published', (int)$rant->published);
92 $stmt->bindValue('status', $rant->status);
93 $stmt->bindValue('side', $rant->side);
94 $stmt->bindValue('author', (int)$rant->author);
95 $stmt->bindValue('title', trim($rant->title));
96 $stmt->bindValue('body', trim($rant->body));
97 $stmt->bindValue('link', trim($rant->link));
98 $stmt->bindValue('imagetype', (int)$rant->imagetype);
99 $stmt->bindValue('imagetext', trim($rant->imagetext));
100
101 if ($status == "draft" && $rant->status == "published")
73 102 {
103 adminlog("Rant " . $rant->id . " published.", MTS_RANT, MTA_UPDATE);
104
105 /*
74 106 $poster = get_userdatabyid($rant->author);
75 adminlog("Rant ".$rant->id." published.", MTS_RANT, MTA_UPDATE);
76 107 twitterpost("New rant posted by ".$poster->name.": ".SITE_HOST.SITE_PATH."/rant/".$rant->id);
77 108
78 109 if($rant->author === 1) {
79 110 tumblrpost($rant->title, $rant->body);
80 111 }
112 */
81 113 }
82 114
83 return $mtdb->query( $sql );
115 return $stmt->execute();
84 116 }
85 117
86 function deleterant($rantid) {
118 function deleterant($rantid)
119 {
87 120 if ( !(int)$rantid ) return false;
88 global $mtdb;
89 adminlog("Rant ".$rantid." deleted.", MTS_RANT, MTA_DELETE);
90 return $mtdb->query( 'DELETE FROM rant WHERE id=' . $rantid );
121 global $dbConnection;
122
123 $sql = 'DELETE FROM rant WHERE id = ?';
124 $stmt = $dbConnection->prepare($sql);
125
126 $stmt->bindValue(1, $rantid);
127
128 adminlog("Rant " . $rantid . " deleted.", MTS_RANT, MTA_DELETE);
129 return $stmt->execute();
91 130 }
92 131
93 132 function deleteattachment($id)
94 133 {
95 global $mtdb;
96 $file = SITE_PATH_ABS.'/'.get_rantattachment_filename($id);
97 unlink( $file ) or adminlog("Could not delete $file", MTS_RANT, MTA_DELETE, E_USER_WARNING);
98 $mtdb->query( 'DELETE FROM rant_attachment WHERE id = ' . $id );
134 global $dbConnection;
135
136 // Remove attachment from filesystem
137 $file = SITE_PATH_ABS . '/' . get_rantattachment_filename($id);
138 unlink($file) or adminlog("Could not delete $file", MTS_RANT, MTA_DELETE, E_USER_WARNING);
139
140 // Remove from database
141 $sql = 'DELETE FROM rant_attachment WHERE id = ?';
142 $stmt = $dbConnection->prepare($sql);
143
144 $stmt->bindValue(1, $id);
145
146 $stmt->execute();
99 147 adminlog("Deleted attachment $id", MTS_RANT, MTA_DELETE);
100 148 }
101 149
102 function getrant($id) {
103 global $mtdb;
104 return $mtdb->getRow( 'SELECT id, UNIX_TIMESTAMP(published) as published, status, side, author, title, body, link, imagetype, imagetext FROM rant WHERE id = '. (int)$id );
150 function getrant($id)
151 {
152 global $dbConnection;
153
154 $sql = 'SELECT id, UNIX_TIMESTAMP(published) as published, status, side, author, title, body, link, imagetype, imagetext FROM rant WHERE id = ?';
155 $stmt = $dbConnection->prepare($sql);
156
157 $stmt->bindValue(1, (int)$id);
158
159 $stmt->execute();
160 return $stmt->fetch();
105 161 }
106 162
107 function get_rantimage_filename( $rant ) {
108 global $mtdb;
109 $ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$rant->imagetype ); // filename extension
110 return sprintf( '%s/%04d.%s',SITE_RANT, (int)$rant->id, $ext );
163 function get_rantimage_filename($rant)
164 {
165 global $dbConnection;
166
167 $sql = 'SELECT extension FROM media_t WHERE id = ?';
168 $stmt = $dbConnection->prepare($sql);
169
170 $stmt->bindValue(1, (int)$rant->imagetype);
171
172 $stmt->execute();
173 $ext = $stmt->fetchColumn(); // filename extension
174
175 return sprintf('%s/%04d.%s', SITE_RANT, (int)$rant->id, $ext);
111 176 }
112 177
113 function get_rantattachment_filename( $id ) {
114 global $mtdb;
115 $ext = $mtdb->getOne( 'SELECT extension FROM media_t JOIN rant_attachment ra ON ra.media = media_t.id WHERE ra.id=' . (int)$id ); // filename extension
116 return sprintf( '%s/%d.%s',SITE_RANT_ATTACHMENT, (int)$id, $ext );
178 function get_rantattachment_filename($id)
179 {
180 global $dbConnection;
181
182 $sql = 'SELECT extension FROM media_t JOIN rant_attachment ra ON ra.media = media_t.id WHERE ra.id = ?';
183 $stmt = $dbConnection->prepare($sql);
184
185 $stmt->bindValue(1, (int)$id);
186
187 $stmt->execute();
188 $ext = $stmt->fetchColumn(); // filename extension
189
190 return sprintf('%s/%d.%s', SITE_RANT_ATTACHMENT, (int)$id, $ext );
117 191 }
118 192
119 193 ?>
Show file before | Show file after | Show commentsHide comments
@@ -2,13 +2,14
2 2
3 3 function rsspost($body, $url)
4 4 {
5 global $mtdb;
5 global $dbConnection;
6 6
7 $mtdb->query('INSERT INTO rss_comment (body, url)
8 VALUES ("'.mysqli_real_escape_string($mtdb->link, $body).'",
9 "'.mysqli_real_escape_string($mtdb->link, $url).'")');
7 $sql = 'INSERT INTO rss_comment (body, url) VALUES (?, ?)';
8 $stmt = $dbConnection->prepare($sql);
9 $stmt->bindValue(1, $body);
10 $stmt->bindValue(2, $url);
10 11
11 return true;
12 return $stmt->execute();
12 13 }
13 14
14 15 ?>
Show file before | Show file after | Show commentsHide comments
@@ -3,8 +3,16
3 3 // Book: The offset from 0 at the beginning of time
4 4 // Page: The offset from 0 at the beginning of the volume
5 5
6 class Strip {
7 var $id, $old_id, $published, $media, $type, $title, $book, $page;
6 class Strip
7 {
8 public $id;
9 public $old_id;
10 public $published;
11 public $media;
12 public $type;
13 public $title;
14 public $book;
15 public $page;
8 16 }
9 17
10 18 // old_id is used to detect alterations to the strip id in forms. Not saved in database.
@@ -12,29 +20,31 class Strip {
12 20
13 21 // Strip id is automatically incremented
14 22 function insertstrip(&$strip) {
15 global $mtdb;
16
17 $strip->book = ($strip->book == '') ? 'NULL' : (int)$strip->book;
18 $strip->page = ($strip->page == '') ? 'NULL' : (int)$strip->page;
19
20 $mtdb->query('START TRANSACTION');
21 $newid = $mtdb->getOne('SELECT MAX(id) FROM strip') + 1;
22 $sql = 'INSERT INTO strip ( id, published, media, type, title, book, page ) VALUES ('
23 . $newid
24 . ', FROM_UNIXTIME(' . (int)$strip->published
25 . '), '. (int)$strip->media
26 . ', ' . (int)$strip->type
27 . ', "' . mysqli_real_escape_string( $mtdb->link, trim($strip->title) )
28 . '", '. $strip->book
29 . ', ' . $strip->page
30 . ')';
31
32 $r = $mtdb->query( $sql );
23 global $dbConnection;
24
25 $strip->book = ($strip->book == '') ? NULL : (int)$strip->book;
26 $strip->page = ($strip->page == '') ? NULL : (int)$strip->page;
27
28 $dbConnection->beginTransaction();
29 $newid = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip') + 1;
30
31 $sql = 'INSERT INTO strip (id, published, media, type, title, book, page) VALUES(?, FROM_UNIXTIME(?), ?, ?, ?, ?, ?)';
32 $stmt = $dbConnection->prepare($sql);
33
34 $stmt->bindValue(1, $newid);
35 $stmt->bindValue(2, $strip->published, PDO::PARAM_INT);
36 $stmt->bindValue(3, $strip->media, PDO::PARAM_INT);
37 $stmt->bindValue(4, $strip->type, PDO::PARAM_INT);
38 $stmt->bindValue(5, trim($strip->title));
39 $stmt->bindValue(6, $strip->book);
40 $stmt->bindValue(7, $strip->page);
41
42 $r = $stmt->execute();
33 43 if( !$r ) {
34 $mtdb->query('ROLLBACK');
44 $dbConnection->rollback();
35 45 return false;
36 46 }
37 $mtdb->query('COMMIT');
47 $dbConnection->commit();
38 48 adminlog("Comic ".$newid." posted.", MTS_STRIP, MTA_ADD);
39 49
40 50 $strip->id = $newid;
@@ -43,22 +53,26 function insertstrip(&$strip) {
43 53 }
44 54
45 55 function updatestrip(&$strip) {
46 global $mtdb;
47
48 $strip->book = ($strip->book === '') ? 'NULL' : (int)$strip->book;
49 $strip->page = ($strip->page === '') ? 'NULL' : (int)$strip->page;
50
51 $mtdb->query('START TRANSACTION');
52 $sql = 'UPDATE strip SET
53 published = FROM_UNIXTIME(' . (int)$strip->published .')
54 , media = '. (int)$strip->media .'
55 , type = ' . (int)$strip->type .'
56 , title = "' . mysqli_real_escape_string( $mtdb->link, trim($strip->title) ) .'"
57 , book = ' . (int)$strip->book .'
58 , page = ' . (int)$strip->page .'
59 WHERE id = ' . (int)$strip->id;
60 $mtdb->query( $sql );
61 $mtdb->query('COMMIT');
56 global $dbConnection;
57
58 $strip->book = ($strip->book === '') ? NULL : (int)$strip->book;
59 $strip->page = ($strip->page === '') ? NULL : (int)$strip->page;
60
61 $dbConnection->beginTransaction();
62
63 $sql = 'UPDATE strip SET published = FROM_UNIXTIME(?), media = ?, type = ?, title = ?, book = ?, page = ? WHERE id = ?';
64 $stmt = $dbConnection->prepare($sql);
65
66 $stmt->bindValue(1, $strip->published, PDO::PARAM_INT);
67 $stmt->bindValue(2, $strip->media, PDO::PARAM_INT);
68 $stmt->bindValue(3, $strip->type, PDO::PARAM_INT);
69 $stmt->bindValue(4, trim($strip->title));
70 $stmt->bindValue(5, $strip->book, PDO::PARAM_INT);
71 $stmt->bindValue(6, $strip->page, PDO::PARAM_INT);
72 $stmt->bindValue(7, $strip->id, PDO::PARAM_INT);
73
74 $stmt->execute();
75 $dbConnection->commit();
62 76 adminlog("Comic ".$strip->id." modified.", MTS_STRIP, MTA_MODIFY);
63 77 return true;
64 78 }
@@ -66,12 +80,12 function updatestrip(&$strip) {
66 80 // Delete destination strip from DB and FS, and Update/Rename the source strip into place. Destructive Move!
67 81 function move_strip($from_id, $to_id)
68 82 {
69 global $mtdb;
83 global $dbConnection;
70 84 $from_id = (int) $from_id;
71 85 $to_id = (int) $to_id;
72 86
73 87 // Ensure our source exists
74 $num_strips = $mtdb->getOne( "SELECT COUNT(*) FROM strip WHERE id = $from_id" );
88 $num_strips = $dbConnection->fetchColumn('SELECT COUNT(*) FROM strip WHERE id = ?', array($from_id));
75 89 if($num_strips < 1)
76 90 mtdie("Cannot move strip number $from_id, because it cannot be found in database.");
77 91
@@ -79,8 +93,8 function move_strip($from_id, $to_id)
79 93 deletestrip( $to_id );
80 94
81 95 // Update database
82 $mtdb->query( "UPDATE strip SET id = $to_id WHERE id = $from_id" );
83 $strip = $mtdb->getRow( "SELECT strip.id, extension FROM strip, media_t WHERE media_t.id = strip.media AND strip.id = $to_id" );
96 $dbConnection->executeUpdate('UPDATE strip SET id = ? WHERE id = ?', array($to_id, $from_id));
97 $strip = $dbConnection->executeQuery('SELECT strip.id, extension FROM strip, media_t WHERE media_t.id = strip.media AND strip.id = ?', array($to_id))->fetch();
84 98
85 99 // Update filesystem
86 100 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d.*', $from_id)) as $item) {
@@ -101,8 +115,8 function deletestrip($id) {
101 115 $id = (int)$id;
102 116 if ( !$id ) return false;
103 117
104 global $mtdb;
105 $r = $mtdb->query( 'DELETE FROM strip WHERE id=' . $id );
118 global $dbConnection;
119 $r = $dbConnection->executeUpdate('DELETE FROM strip WHERE id = ?', array($id));
106 120 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d*.*', $id)) as $item)
107 121 unlink($item);
108 122 foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/restricted/%04d*.*', $id)) as $item)
@@ -112,19 +126,19 function deletestrip($id) {
112 126 }
113 127
114 128 function getstrip($id) {
115 global $mtdb;
116 return $mtdb->getRow( 'SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip WHERE id=' . (int)$id);
129 global $dbConnection;
130 return $dbConnection->executeQuery('SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip WHERE id = ?', array($id))->fetch();
117 131 }
118 132
119 133 function get_stripimage_filename( $strip ) {
120 global $mtdb;
121 $ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$strip->media ); // filename extension
134 global $dbConnection;
135 $ext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media)); // filename extension
122 136 return sprintf( '%s/%04d.%s', SITE_STRIP, $strip->id, $ext );
123 137 }
124 138
125 139 function get_stripid_by_rantid($rantid) {
126 global $mtdb;
127 return $mtdb->getOne('SELECT MAX(strip.id) FROM strip,rant WHERE strip.published<=rant.published AND rant.id=' . (int)$rantid);
140 global $dbConnection;
141 return $dbConnection->fetchColumn('SELECT MAX(strip.id) FROM strip, rant WHERE strip.published <= rant.published AND rant.id = ?', array($rantid));
128 142 }
129 143
130 144 ?>
Show file before | Show file after | Show commentsHide comments
@@ -17,9 +17,9 function bracketbalance($line)
17 17 // Retrieve transcript for this strip from the database, modifying the strip object.
18 18 function gettranscript(&$strip)
19 19 {
20 global $mtdb;
20 global $dbConnection;
21 21
22 $result = $mtdb->query('SELECT strip FROM transcript WHERE strip=' . (int)$strip->id );
22 $result = $dbConnection->executeQuery('SELECT strip FROM transcript WHERE strip = ?', array($strip->id));
23 23
24 24 if($result)
25 25 {
@@ -30,16 +30,16 function gettranscript(&$strip)
30 30 # either way, I care not
31 31 Might be able to exchange this loop of getOne()s for a getAll() call.
32 32 */
33 $numPanels = $mtdb->getOne( 'SELECT MAX(panel) FROM transcript WHERE transcript.strip=' . (int)$strip->id );
33 $numPanels = $dbConnection->fetchColumn('SELECT MAX(panel) FROM transcript WHERE strip = ?', array($strip->id));
34 34 if( $numPanels ) {
35 35 for($i = 1; $i <= $numPanels; $i++) {
36 $result = $mtdb->query( 'SELECT speaker, speech FROM transcript WHERE transcript.strip=' . (int)$strip->id . ' AND panel=' .$i.' ORDER BY line')
37 or mtdie("There was an error fetching the panel count in the transcript for $strip->id, panel $i. " . mysqli_error(), 'SQL Error');
36 $result = $dbConnection->executeQuery('SELECT speaker, speech FROM transcript WHERE transcript.strip = ? AND panel = ? ORDER BY line', array($strip->id, $i))
37 or mtdie("There was an error fetching the panel count in the transcript for $strip->id, panel $i. " . $dbConnection->errorCode(), 'SQL Error');
38 38
39 39 if(!$result) continue;
40 40
41 41 $output.= "\nnewpanel\n";
42 while($row = mysqli_fetch_row($result)) {
42 while($row = $result->fetch(PDO::FETCH_NUM)) {
43 43 if(strlen($row[0]) < 1) continue;
44 44
45 45 $output.= $row[0];
@@ -56,16 +56,17 function gettranscript(&$strip)
56 56
57 57 // Parse submitted transcript from strip object, and insert it into the database.
58 58 function savetranscript( &$strip ) {
59 global $mtdb;
59 global $dbConnection;
60 60 $info = '';
61 61
62 $mtdb->query('START TRANSACTION');
62 $dbConnection->beginTransaction();
63 63
64 64 //remove any old transcript data - it's being replaced
65 $mtdb->query( 'DELETE FROM transcript WHERE transcript.strip=' . (int)$strip->id );
65 $dbConnection->executeUpdate('DELETE FROM transcript WHERE transcript.strip = ?', array($strip->id));
66 66
67 67 if( $strip->transcript_posted ) {
68 $inserter = 'INSERT INTO transcript (strip,panel,line,speaker,speech,search) VALUES (%d,%d,%d,"%s","%s","%s")';
68 $insert_sql = 'INSERT INTO transcript (strip, panel, line, speaker, speech, search) VALUES (?, ?, ?, ?, ?, ?)';
69 $inserter_types = array(PDO::PARAM_INT, PDO::PARAM_INT, PDO::PARAM_INT, PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_STR);
69 70
70 71 if(strpos($strip->transcript_posted, 'Panel <$n>') !== FALSE) {
71 72 # This is probably a scrivener script
@@ -83,11 +84,11 function savetranscript( &$strip ) {
83 84 $has_spoken = true;
84 85
85 86 for($j = 0; $j < count($lines); $j++) {
86 $insert_sql = '';
87 $inserter_values = array();
87 88
88 89 if(strpos($lines[$j], '(') === 0) {
89 90 # Line is a note, add it as a comment
90 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, '#', mysqli_real_escape_string($mtdb->link, $lines[$j]), '');
91 $inserter_values = array($strip->id, $i, $j, '#', $lines[$j], '');
91 92 } elseif(strpos($lines[$j], '[') === 0 || strlen($lines[$j]) == 0) {
92 93 # Line is an annotation or blank, do nothing
93 94 continue;
@@ -95,13 +96,13 function savetranscript( &$strip ) {
95 96 # Line contains a list of nonspeaking characters
96 97 array_splice($lines, $j, 1, array_map('_nospeaker', explode(',', substr($lines[$j], 11))));
97 98 $speaker = trim(substr($lines[$j], 11));
98 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), '', '');
99 $inserter_values = array($strip->id, $i, $j, $speaker, '', '');
99 100 } elseif($i > 0 && $lines[$j] == strtoupper($lines[$j])) {
100 101 # Line designates a new speaker, note speaker
101 102
102 103 # Handle speakers who did not say anything
103 104 if(null !== $speaker && !$has_spoken)
104 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), '', '');
105 $inserter_values = array($strip->id, $i, $j, $speaker, '', '');
105 106
106 107 $speaker = ucfirst(strtolower($lines[$j]));
107 108 $has_spoken = false;
@@ -111,25 +112,24 function savetranscript( &$strip ) {
111 112 $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($speaker).'</p>';
112 113
113 114 $search = preg_replace( '/[[:punct:]]|(?<=\s)\s+/', ' ', strtolower($lines[$j]) );
114 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker),
115 mysqli_real_escape_string($mtdb->link, $lines[$j]), mysqli_real_escape_string($mtdb->link, $search));
115 $inserter_values = array($strip->id, $i, $j, $speaker, $lines[$j], $search);
116 116 $has_spoken = true;
117 117 } else {
118 118 # Line is unrecognized, add it as a comment
119 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, '#', mysqli_real_escape_string($mtdb->link, $lines[$j]), '');
119 $inserter_values = array($strip->id, $i, $j, '#', $lines[$j], '');
120 120 }
121 121
122 if( $insert_sql && false === $mtdb->query( $insert_sql ) ) {
123 $mtdb->query('ROLLBACK');
124 mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.');
122 if( $inserter_values && false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) {
123 $dbConnection->rollback();
124 mtdie ($dbConnection->errorCode(), 'Error inserting transcript.');
125 125 }
126 126 }
127 127
128 128 if(null !== $speaker && !$has_spoken) {
129 $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), '', '');
130 if( false === $mtdb->query( $insert_sql ) ) {
131 $mtdb->query('ROLLBACK');
132 mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.');
129 $inserter_values = array($strip->id, $i, $j, $speaker, '', '');
130 if( false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) {
131 $dbConnection->rollback();
132 mtdie ($dbConnection->errorCode(), 'Error inserting transcript.');
133 133 }
134 134 }
135 135 }
@@ -160,17 +160,16 function savetranscript( &$strip ) {
160 160 if(!bracketbalance($spoken[1]))
161 161 $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($spoken[0]).'</p>';
162 162
163 $insert_sql = sprintf($inserter, (int)$strip->id, (int)$i, (int)$j, mysqli_real_escape_string($mtdb->link, $spoken[0]),
164 mysqli_real_escape_string($mtdb->link, $spoken[1]), mysqli_real_escape_string($mtdb->link, $spoken[2]) );
165 if( false === $mtdb->query( $insert_sql ) ) {
166 $mtdb->query('ROLLBACK');
167 mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.');
163 $inserter_values = array($strip->id, $i, $j, $spoken[0], $spoken[1], $spoken[2]);
164 if( false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) {
165 $dbConnection->rollback();
166 mtdie ($dbConnection->errorCode(), 'Error inserting transcript.');
168 167 }
169 168 }
170 169 }
171 170 }
172 171 }
173 $mtdb->query('COMMIT');
172 $dbConnection->commit();
174 173 return $info;
175 174 }
176 175
Show file before | Show file after | Show commentsHide comments
@@ -2,7 +2,9
2 2
3 3 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
4 4 {
5 global $mtdb, $info, $error;
5 if (!TWITTER_ENABLED) return;
6
7 global $dbConnection, $info, $error;
6 8 if( $user == '' ) {
7 9 # preserve existing twitterpost(message) style posting until OAuth has been vetted.
8 10 $user = TWITTER_USER;
@@ -25,7 +27,7 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
25 27
26 28 } else {
27 29 # OAuth Mode
28 $row = $mtdb->getRow( sprintf('SELECT id, username, oauth_token, oauth_token_secret FROM twitter_user WHERE username="%s"', mysqli_real_escape_string($mtdb->link, $user)));
30 $row = $dbConnection->executeQuery('SELECT id, username, oauth_token, oauth_token_secret FROM twitter_user WHERE username = ?', array($user))->fetch();
29 31
30 32 $username = $row->username;
31 33 $oauth_token = $row->oauth_token;
@@ -53,9 +55,9 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
53 55
54 56
55 57 function setOAuthTokens($userid,$oauth_token,$oauth_token_secret, $username) {
56 global $mtdb;
58 global $dbConnection;
57 59 $id = (int)$userid;
58 if( $mtdb->query( sprintf('UPDATE twitter_user SET oauth_token="%s", oauth_token_secret="%s", username="%s" WHERE id=%d', mysqli_real_escape_string($mtdb->link, $oauth_token), mysqli_real_escape_string($mtdb->link, $oauth_token_secret), mysqli_real_escape_string($mtdb->link, $username), $id )) )
60 if ($dbConnection->executeUpdate('UPDATE twitter_user SET oauth_token = ?, oauth_token_secret = ?, username = ? WHERE id = ?', array($oauth_token, $oauth_token_secret, $username, $id)))
59 61 return true;
60 62 return false;
61 63 }
Show file before | Show file after | Show commentsHide comments
@@ -3,21 +3,23
3 3 /* Types */
4 4
5 5 function get_typeByID( $id ) {
6 global $mtdb;
6 global $dbConnection;
7 7 $id = (int)$id;
8 $r = $mtdb->getRow( 'SELECT id, name, description FROM strip_t WHERE id=' . $id );
9 $r->meta = $mtdb->getAll( 'SELECT meta as id from meta where type=' . $id);
8 $stmt = $dbConnection->executeQuery('SELECT id, name, description FROM strip_t WHERE id = ?', array($id));
9 $r = $stmt->fetch();
10 $r->meta = $dbConnection->fetchAll('SELECT meta AS id FROM meta WHERE type = ?', array($id));
10 11 return $r;
11 12 }
12 13
13 14 function get_allTypes() {
14 global $mtdb;
15 return $mtdb->getRow( 'SELECT id, name, description, meta FROM strip_t' );
15 global $dbConnection;
16 $stmt = $dbConnection->executeQuery('SELECT id, name, description, meta FROM strip_t');
17 return $stmt->fetch();
16 18 }
17 19
18 20 function get_allMetaTypes() {
19 global $mtdb;
20 return $mtdb->getAll("SELECT id, name FROM meta_t");
21 global $dbConnection;
22 return $dbConnection->fetchAll('SELECT id, name FROM meta_t');
21 23 }
22 24
23 25 function _getMetaNameFromObject($obj) {
Show file before | Show file after | Show commentsHide comments
@@ -86,11 +86,11 function save_upload_rant_image( $source, $rant ) {
86 86
87 87 function save_upload_rant_attachment( $source, $rant )
88 88 {
89 global $mtdb;
89 global $dbConnection;
90 90
91 91 $image_data = getimagesize( $source );
92 $mtdb->query( "INSERT INTO rant_attachment (rant, media) VALUES ($rant, $image_data[2])" );
93 $rant_attachment_id = mysqli_insert_id( $mtdb->link );
92 $dbConnection->executeUpdate('INSERT INTO rant_attachment (rant, media) VALUES (?, ?)', array($rant, $image_data[2]));
93 $rant_attachment_id = $dbConnection->lastInsertId();
94 94
95 95 if( move_uploaded_file($source, SITE_PATH_ABS.'/'.get_rantattachment_filename($rant_attachment_id) ) ) {
96 96 $upload_info='<p>New rant attachment uploaded for rant '. $rant .'.</p>';
Show file before | Show file after | Show commentsHide comments
@@ -1,6 +1,6
1 1 <?php
2 2
3 $currentuser=false;
3 $currentuser = false;
4 4
5 5 function getCurrentUser() {
6 6 global $currentuser;
@@ -8,28 +8,28 function getCurrentUser() {
8 8 }
9 9
10 10 function get_userdatabyid( $id ) {
11 global $mtdb;
12 return $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link FROM contributor WHERE id = ' . (int)$id );
11 global $dbConnection;
12 return $dbConnection->executeQuery('SELECT id, name, email, nameplate, default_image, default_link FROM contributor WHERE id = ?', array($id))->fetch();
13 13 }
14 14
15 15 function get_userdatabylogin( $username ) {
16 global $mtdb;
17 return $mtdb->getRow( 'SELECT id,name,email,nameplate,default_image,default_link FROM contributor WHERE name = "' . mysqli_real_escape_string($mtdb->link, $username) . '"' );
16 global $dbConnection;
17 return $dbConnection->executeQuery('SELECT id, name, email, nameplate, default_image, default_link FROM contributor WHERE name LIKE ?', array($username))->fetch();
18 18 }
19 19
20 20 function save_userdata( $user ) {
21 21 adminlog("Saved changes to user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE);
22 global $mtdb;
23 return $mtdb->query( sprintf( 'UPDATE contributor SET email="%s", nameplate="%s", default_image="%s", default_link="%s" WHERE id=%d',
24 mysqli_real_escape_string($mtdb->link, $user->email), mysqli_real_escape_string($mtdb->link, $user->nameplate),
25 mysqli_real_escape_string($mtdb->link, $user->default_image), mysqli_real_escape_string($mtdb->link, $user->default_link), $user->id) );
22 global $dbConnection;
23
24 return $dbConnection->executeUpdate('UPDATE contributor SET email = ?, nameplate = ?, default_image = ?, default_link = ? WHERE id = ?',
25 array($user->email, $user->nameplate, $user->default_image, $user->default_link, $user->id));
26 26 }
27 27
28 28 function change_password( $user ) {
29 29 adminlog("Changed password for user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE);
30 global $mtdb, $currentuser;
30 global $dbConnection, $currentuser;
31 31 if( $currentuser->id === $user->id ) mt_setcookie($user->name, $user->password, false, ADMINURL, FALSE );
32 return $mtdb->query( 'UPDATE contributor SET password=SHA1( "' . mysqli_real_escape_string($mtdb->link, $user->password) . '" ) WHERE id = "' . mysqli_real_escape_string($mtdb->link, $user->id) . '"' );
32 return $dbConnection->executeUpdate('UPDATE contributor SET password = SHA1(?) WHERE id = ?', array($user->password, $user->id));
33 33 }
34 34
35 35 ?>
Show file before | Show file after | Show commentsHide comments
@@ -46,7 +46,7 adminmenu();
46 46 <?php nonce_field('new-scratchpad'); ?>
47 47 <ul class="historic">
48 48 <?php
49 $strips = array_reverse( $mtdb->getAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name, s.message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT 5') );
49 $strips = array_reverse( $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name, s.message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT 5') );
50 50
51 51 foreach($strips as $k=>$v)
52 52 {
@@ -63,7 +63,7 adminmenu();
63 63 <h2>Recent Strips</h2>
64 64 <ul class="historic">
65 65 <?php
66 $strips = $mtdb->getAll("SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published <= NOW() order by id DESC LIMIT 5");
66 $strips = $dbConnection->fetchAll('SELECT id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published <= NOW() order by id DESC LIMIT 5');
67 67
68 68 foreach($strips as $k=>$v) {
69 69 printf( '<li>%d: <a href="%s/index.php?strip_id=%d">%s</a>, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
@@ -74,7 +74,7 foreach($strips as $k=>$v) {
74 74 <h2>Upcoming Strips</h2>
75 75 <ul class="historic">
76 76 <?php
77 $strips = $mtdb->getAll("SELECT distinct id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published > NOW() order by id ASC LIMIT 5");
77 $strips = $dbConnection->fetchAll('SELECT id, title, UNIX_TIMESTAMP(published) as date FROM strip WHERE published > NOW() order by id ASC LIMIT 5');
78 78
79 79 foreach($strips as $k=>$v) {
80 80 printf( '<li>%d: <a href="%s/edit-comic.php?strip_id=%d">%s</a>, in %s</li>', $v->id, SITE_HOST . SITE_PATH . '/' . SITE_ADMIN, $v->id, htmlspecialchars($v->title), human_time_diff($v->date) );
@@ -85,7 +85,7 foreach($strips as $k=>$v) {
85 85 <h2>Recent Published Rants</h2>
86 86 <ul class="historic">
87 87 <?php
88 $rants = $mtdb->getAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'published\' ORDER BY rant.published DESC limit 5');
88 $rants = $dbConnection->fetchAll('SELECT rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'published\' ORDER BY rant.published DESC limit 5');
89 89
90 90 foreach($rants as $k=>$v) {
91 91 printf( '<li>%d: <a href="%s/index.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . SITE_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
@@ -96,7 +96,7 foreach($rants as $k=>$v) {
96 96 <h2>Recent Draft Rants</h2>
97 97 <ul class="historic">
98 98 <?php
99 $rants = $mtdb->getAll('SELECT distinct rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'draft\' ORDER BY rant.published DESC limit 5');
99 $rants = $dbConnection->fetchAll('SELECT rant.id,UNIX_TIMESTAMP(rant.published) as date,rant.title,contributor.name from rant,contributor where rant.author=contributor.id AND rant.status=\'draft\' ORDER BY rant.published DESC limit 5');
100 100
101 101 foreach($rants as $k=>$v) {
102 102 printf( '<li>%d: <a href="%s/edit-rant.php?rant_id=%d">%s</a> by %s, %s ago</li>', $v->id, SITE_HOST . ADMIN_PATH, $v->id, htmlspecialchars($v->title), htmlspecialchars($v->name), human_time_diff($v->date) );
Show file before | Show file after | Show commentsHide comments
@@ -47,7 +47,7 switch( $_REQUEST['action'] ) {
47 47 <title>Megatokyo Admin &rsaquo; Login</title>
48 48 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
49 49 <meta name="generator" content="Alan J Castonguay, Robert Sherby, Jeremy Wagner-Kaiser, Shawn Morford (!! nathanbp, jrl !!)" />
50 <link rel="stylesheet" href="wp-admin.css" type="text/css" />
50 <link rel="stylesheet" href="styles/wp-admin.css" type="text/css" />
51 51 <!--[if IE]><style type="text/css">#login h1 a { margin-top: 35px; } #login ul { padding-bottom: 65px; }</style><![endif]--><!-- Curse you, IE! -->
52 52 <script type="text/javascript">
53 53 function focusit() {
Show file before | Show file after | Show commentsHide comments
@@ -17,11 +17,11 $page = 1;
17 17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18 18
19 19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21 21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT id) FROM strip") / $perpage );
23 $strips = $mtdb->getAll("SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip GROUP BY id ORDER BY id DESC LIMIT $start,$perpage");
24 $types_db = $mtdb->getAll("SELECT id,description FROM strip_t");
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(id) FROM strip') / $perpage );
23 $strips = $dbConnection->fetchAll('SELECT id, UNIX_TIMESTAMP(published) AS published, type, media, title, book, page FROM strip ORDER BY id DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24 $types_db = $dbConnection->fetchAll('SELECT id, description FROM strip_t');
25 25
26 26 $type = array();
27 27 foreach( $types_db as $k ) $type[$k->id]=$k->description;
Show file before | Show file after | Show commentsHide comments
@@ -6,10 +6,10 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
8 8 check_nonce('delete-metatype-'.(int)$_GET['delete']);
9 if(! $mtdb->query( 'DELETE FROM meta_t WHERE id=' . (int)$_GET['delete'] ) )
9 if(! $dbConnection->executeUpdate('DELETE FROM meta_t WHERE id = ?', array($_GET['delete'])))
10 10 {
11 11 adminlog("Error on deleting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_DELETE, E_WARNING);
12 mtdie("Error on update: ". htmlentities(mysqli_error()));
12 mtdie("Error on update: ". $dbConnection->errorCode());
13 13 }
14 14 $info.='<p>Deleted metatype successfully.<p>';
15 15 adminlog("Metatype ".(int)$_GET['delete']." deleted.", MTS_TYPE_META, MTA_DELETE);
@@ -21,10 +21,10 if( isset($_POST['action']) && $_POST['action'] == 'new_meta' ) {
21 21 $name = trim($_POST['name']);
22 22
23 23 if( check_type_name( $name ) ) {
24 if(! $mtdb->query( 'INSERT INTO meta_t(name) VALUES("'. mysqli_real_escape_string($mtdb->link, $name) . '")' ) )
24 if(! $dbConnection->executeUpdate('INSERT INTO meta_t (name) VALUES (?)', array($name)))
25 25 {
26 26 adminlog("Error on inserting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_INSERT, E_WARNING);
27 mtdie("Error on insertion: ". htmlentities(mysqli_error()));
27 mtdie("Error on insertion: ". $dbConnection->errorCode());
28 28 }
29 29 }
30 30 $info.='<p>New metatype created successfully.<p>';
@@ -37,10 +37,10 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
37 37 $name = trim($_POST['name']);
38 38
39 39 if( check_type_name( $name ) ) {
40 if(! $mtdb->query( 'UPDATE meta_t SET name = "' . mysqli_real_escape_string($mtdb->link, $name) . '" WHERE id=' . (int)$_POST['type_id']) )
40 if(! $dbConnection->executeUpdate('UPDATE meta_t SET name = ? WHERE id = ?', array($name, $_POST['type_id'])))
41 41 {
42 42 adminlog("Error updating metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_UPDATE, E_WARNING);
43 mtdie("Error on update: ". htmlentities(mysqli_error()));
43 mtdie("Error on update: ". $dbConnection->errorCode());
44 44 }
45 45 }
46 46 $info.='<p>Changes to metatype saved successfully.<p>';
@@ -48,7 +48,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
48 48 }
49 49
50 50 //get all metatypes
51 $metas = $mtdb->getAll("SELECT id, name FROM meta_t");
51 $metas = $dbConnection->fetchAll('SELECT id, name FROM meta_t');
52 52
53 53 adminhead('Metatypes');
54 54 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -17,10 +17,10 $page = 1;
17 17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18 18
19 19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21 21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT url_name) FROM static_page") / $perpage );
23 $pages = $mtdb->getAll("SELECT url_name, pubdate, status, title, body FROM static_page ORDER BY url_name ASC LIMIT $start,$perpage");
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(url_name) FROM static_page') / $perpage );
23 $pages = $dbConnection->fetchAll('SELECT url_name, pubdate, status, title, body FROM static_page ORDER BY url_name ASC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24 24
25 25 pagination( $page, $total );
26 26
Show file before | Show file after | Show commentsHide comments
@@ -17,10 +17,10 $page = 1;
17 17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18 18
19 19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21 21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT id) FROM rant") / $perpage );
23 $rants = $mtdb->getAll("SELECT r.id,UNIX_TIMESTAMP(r.published) AS published,c.name,r.title,r.body, r.status FROM rant r,contributor c WHERE c.id=r.author GROUP BY id ORDER BY id DESC LIMIT $start,$perpage");
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(id) FROM rant') / $perpage );
23 $rants = $dbConnection->fetchAll('SELECT r.id, UNIX_TIMESTAMP(r.published) AS published, c.name, r.title, r.body, r.status FROM rant r JOIN contributor c ON r.author = c.id ORDER BY r.id DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24 24
25 25 pagination( $page, $total );
26 26
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 auth_redirect(); // Require logged in user to access this page.
12 12 /* Handle form submission of new updates */
13 13
14 14 function handle_update_form() {
15 global $error,$info,$mtdb;
15 global $error,$info,$dbConnection;
16 16
17 17 check_nonce('update-statusbox');
18 18 $percent = $_POST['update_percentage'];
@@ -36,7 +36,7 function handle_update_form() {
36 36 return;
37 37 }
38 38
39 $mtdb->query( 'INSERT INTO status (published,eta,percentage,text) VALUES( NOW(), FROM_UNIXTIME(' . (int)$eta . '), '. (int)$percent . ', "' . mysqli_real_escape_string($mtdb->link, $text) . '")' );
39 $dbConnection->executeUpdate('INSERT INTO status (published, eta, percentage, text) VALUES (NOW(), FROM_UNIXTIME(?), ?, ?)', array($eta, $percent, $text));
40 40
41 41 $_POST['update_percentage']=$_POST['update_eta']=$_POST['update_text']='';
42 42 $info = '<p>Statusbox updated successfully.</p>';
@@ -55,7 +55,7 adminmenu('manage-statusbox.php');
55 55 /* Simple Presets, Select things said before */
56 56
57 57
58 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percentage, "% - ", text ) as p FROM status GROUP BY p HAVING c>1 ORDER BY c DESC');
58 $presets = $dbConnection->fetchAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percentage, "% - ", text ) as p FROM status GROUP BY p HAVING c > 1 ORDER BY c DESC');
59 59
60 60 ?>
61 61
@@ -129,7 +129,7 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percen
129 129
130 130 <?php
131 131
132 $stats = $mtdb->getAll("SELECT published,eta,percentage,text FROM status ORDER BY published DESC limit 5");
132 $stats = $dbConnection->fetchAll("SELECT published, eta, percentage, text FROM status ORDER BY published DESC LIMIT 5");
133 133
134 134 ?>
135 135
Show file before | Show file after | Show commentsHide comments
@@ -17,20 +17,20 if( isset($_REQUEST['action']) && 'edit_twitter' == $_REQUEST['action']) {
17 17
18 18 if(0 == $id && !empty($msg)) {
19 19 // Add a new preset
20 $mtdb->query( sprintf('INSERT INTO twitter_status (position, message) VALUES (%d, "%s")', $position, mysqli_real_escape_string($mtdb->link, $msg)) );
20 $dbConnection->executeUpdate('INSERT INTO twitter_status (position, message) VALUES (?, ?)', array($position, $msg));
21 21 adminlog("Added new preset: $msg", MTS_TWITTER, MTA_ADD);
22 22 } elseif(empty($msg)) {
23 23 // Delete an existing preset
24 $mtdb->query( "DELETE FROM twitter_status WHERE id = $id" );
24 $dbConnection->executeUpdate('DELETE FROM twitter_status WHERE id = ?', array($id));
25 25 adminlog("Removed preset: $id", MTS_TWITTER, MTA_ADD);
26 26 } else {
27 27 // Modify an existing preset
28 $mtdb->query( sprintf('UPDATE twitter_status SET position = %d, message = "%s" WHERE id = %d', $position, mysqli_real_escape_string($mtdb->link, $msg), $id) );
28 $dbConnection->executeUpdate('UPDATE twitter_status SET position = ?, message = ? WHERE id = ?', array($position, $msg, $id));
29 29 }
30 30 }
31 31 }
32 32
33 $statuses = $mtdb->getAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
33 $statuses = $dbConnection->fetchAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
34 34
35 35 adminhead('Manage Twitter Presets');
36 36 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -7,13 +7,13 auth_redirect(); // Require logged in user to access this page.
7 7 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
8 8 check_nonce('new-twitter-user');
9 9
10 if(! $mtdb->query( sprintf('INSERT INTO twitter_user(username) VALUES("%s")', mysqli_real_escape_string( $mtdb->link, md5( microtime() )) ) ) ) {
10 if(! $dbConnection->executeUpdate('INSERT INTO twitter_user (username) VALUES (?)', array(md5( microtime() ) ))) {
11 11 adminlog("Error on insertion of new twitter user.", MTS_TWITTER, MTA_INSERT, E_WARNING);
12 mtdie("Error on insertion of new twitter user: ". htmlentities(mysqli_error()), 'SQL Error');
12 mtdie("Error on insertion of new twitter user: ". $dbConnection->errorCode(), 'SQL Error');
13 13 } else {
14 14 //$name = sanitize_username($_POST['name']);
15 15
16 $id = mysqli_insert_id();
16 $id = $dbConnection->lastInsertId();
17 17
18 18 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
19 19 $request_token = $connection->getRequestToken(OAUTH_CALLBACK . "&id=$id");
@@ -40,12 +40,12 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
40 40 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && isset($_REQUEST['id'])) {
41 41 # twitter userID = ID
42 42 $id = (int)$_REQUEST['id'];
43 $row = $mtdb->getRow( sprintf('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id=%d LIMIT 1', $id));
43 $row = $dbConnection->executeQuery('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id = ? LIMIT 1', array($id))->fetch();
44 44
45 45 # Compare token in database with token from twitter. If they differ, bail.
46 46 if( $row->oauth_token != $_REQUEST['oauth_token'] ) {
47 47 # token is old, drop from database
48 if(!$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
48 if(!$dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($id))) {
49 49 adminlog('Error deleting temporary twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
50 50 mtdie('Error deleting temporary twitter user.', 'SQL Error');
51 51 }
@@ -69,7 +69,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
69 69
70 70 } else {
71 71 # fail
72 if( !$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
72 if( !$dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($id))) {
73 73 adminlog('Error deleting specified twitter user ' . $id, MTS_TWITTER, MTA_DELETE, E_ERROR);
74 74 mtdie('Error deleting the specified twitter user.', 'SQL Error');
75 75 }
@@ -80,7 +80,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
80 80 }
81 81 }
82 82
83 $twitter_users = $mtdb->getAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
83 $twitter_users = $dbConnection->fetchAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
84 84
85 85 adminhead('Manage Twitter Users');
86 86 adminmenu();
@@ -98,7 +98,6 adminmenu();
98 98 <th scope="col" style="text-align: center;">ID #</th>
99 99 <th scope="col">Twitter.com Username</th>
100 100 <th scope="col">oauth_token</th>
101 <th scope="col">oauth_token_secret</th>
102 101 <th scope="col">Authorized</th>
103 102 <th scope="col"></th>
104 103 </tr>
@@ -115,7 +114,6 adminmenu();
115 114 <th scope="row" style="text-align: center;"><?php echo $s->id; ?></th>
116 115 <td><?php echo htmlentities($s->username); ?></td>
117 116 <td><?php echo htmlentities($s->oauth_token); ?></td>
118 <td><?php echo htmlentities($s->oauth_token_secret); ?></td>
119 117 <td><?php
120 118 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $s->oauth_token, $s->oauth_token_secret);
121 119 $content = $connection->get('account/verify_credentials');
Show file before | Show file after | Show commentsHide comments
@@ -6,15 +6,15 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
8 8 check_nonce('delete-type-' . (int)$_GET['delete']);
9 if(! $mtdb->query( 'DELETE FROM strip_t WHERE id=' . (int)$_GET['delete'] ) )
9 if(false === $dbConnection->executeUpdate('DELETE FROM strip_t WHERE id = ?', array($_GET['delete'])))
10 10 {
11 11 adminlog("Error deleting type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE, E_WARNING);
12 mtdie("Error on deletion of existing type: " . htmlentities(mysqli_error()), 'SQL Error');
12 mtdie("Error on deletion of existing type: " . $dbConnection->errorCode(), 'SQL Error');
13 13 }
14 if(! $mtdb->query( 'DELETE FROM meta WHERE type=' . (int)$_GET['delete'] ) )
14 if(false === $dbConnection->executeUpdate('DELETE FROM meta WHERE type = ?', array($_GET['delete'])))
15 15 {
16 16 adminlog("Error on deletion of type ".(int)$_GET['delete']."'s metadata.", MTS_TYPE, MTA_DELETE, E_WARNING);
17 mtdie("Error on deletion of existing type's metadata: " . htmlentities(mysqli_error()), 'SQL Error');
17 mtdie("Error on deletion of existing type's metadata: " . $dbConnection->errorCode(), 'SQL Error');
18 18 }
19 19 $info.='<p>Deleted type successfully.<p>';
20 20 adminlog("Deleted type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE);
@@ -27,10 +27,10 if( isset($_POST['action']) && $_POST['action'] == 'new_type' ) {
27 27 $desc = trim($_POST['description']);
28 28
29 29 if( check_type_name($name) ) {
30 if(! $mtdb->query( sprintf( 'INSERT INTO strip_t(name, description) VALUES("%s", "%s")', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc)) ) )
30 if(! $dbConnection->executeUpdate('INSERT INTO strip_t (name, description) VALUES (?, ?)', array($name, $desc)))
31 31 {
32 32 adminlog("Error on insertion of new type.", MTS_TYPE, MTA_INSERT, E_WARNING);
33 mtdie("Error on insertion of new type: ". htmlentities(mysqli_error()), 'SQL Error');
33 mtdie("Error on insertion of new type: ". $dbConnection->errorCode(), 'SQL Error');
34 34 }
35 35 }
36 36 $info.='<p>New type created successfully.<p>';
@@ -47,7 +47,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
47 47
48 48 $meta = $_POST['meta'];
49 49
50 $m_delete = $mtdb->getAll("SELECT meta FROM meta WHERE type = $id");
50 $m_delete = $dbConnection->fetchAll('SELECT meta FROM meta WHERE type = ?', array($id));
51 51
52 52 $m_insert = array();
53 53
@@ -67,31 +67,31 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
67 67 }
68 68
69 69 if( check_type_name( $name ) ) {
70 if( !$mtdb->query( sprintf( 'UPDATE strip_t SET name = "%s", description = "%s" WHERE id = %s', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc), $id)) )
70 if( !$dbConnection->executeUpdate('UPDATE strip_t SET name = ?, description = ? WHERE id = ?', array($name, $desc, $id)))
71 71 {
72 72 adminlog("Error on updating type ".$id, MTS_TYPE, MTA_UPDATE, E_WARNING);
73 mtdie("Error on update of existing type: ". htmlentities(mysqli_error()), 'SQL Error');
73 mtdie("Error on update of existing type: ". $dbConnection->errorCode(), 'SQL Error');
74 74 }
75 75
76 76 $sql_insert = "INSERT INTO meta (type,meta) VALUES " . implode(',',$m_insert);
77 77 $sql_delete = "DELETE FROM meta WHERE type=$id AND ( " . implode(' OR ',$m_delete) . ' )';
78 78
79 $mtdb->query('START TRANSACTION');
79 $dbConnection->beginTransaction();
80 80
81 81 if( count($m_insert) )
82 if(! $mtdb->query( $sql_insert ) )
82 if(! $dbConnection->executeUpdate( $sql_insert ) )
83 83 {
84 84 adminlog("Error inserting new metatype association data for type ".$id, MTS_TYPE, MTA_INSERT, E_WARNING);
85 85 mtdie("There was an error inserting new metatype association data. Transaction aborted. $sql_insert");
86 86 }
87 87 if( count($m_delete) )
88 if(! $mtdb->query( $sql_delete ) )
88 if(! $dbConnection->executeUpdate( $sql_delete ) )
89 89 {
90 90 adminlog("Error deleting old metatype association data for type ".$id, MTS_TYPE, MTA_REMOVE, E_WARNING);
91 91 mtdie("There was an error deleting old metatype data. Transaction aborted. $sql_delete");
92 92 }
93 93
94 $mtdb->query('COMMIT');
94 $dbConnection->commit();
95 95
96 96 } else {
97 97 $error.='<p>Invalid type name!</p>';
@@ -101,7 +101,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
101 101 }
102 102
103 103 //display all types
104 $types = $mtdb->getAll("SELECT strip_t.id AS id, strip_t.name AS name, strip_t.description AS description, COUNT(strip.id) AS strips FROM strip_t LEFT JOIN strip ON strip.type = strip_t.id GROUP BY strip_t.id");
104 $types = $dbConnection->fetchAll('SELECT strip_t.id AS id, strip_t.name AS name, strip_t.description AS description, COUNT(strip.id) AS strips FROM strip_t LEFT JOIN strip ON strip.type = strip_t.id GROUP BY strip_t.id');
105 105
106 106 adminhead('Types');
107 107 adminmenu();
@@ -130,9 +130,9 adminmenu();
130 130 foreach( $types as $s ) {
131 131 $alternate=!$alternate;
132 132
133 $metas = $mtdb->getAll("SELECT meta_t.name AS name FROM strip_t
133 $metas = $dbConnection->fetchAll('SELECT meta_t.name AS name FROM strip_t
134 134 JOIN meta ON meta.type = strip_t.id JOIN meta_t ON meta.meta = meta_t.id
135 WHERE strip_t.id = $s->id");
135 WHERE strip_t.id = ?', array($s->id));
136 136
137 137 $meta = implode(', ', array_map('_getMetaNameFromObject', $metas) );
138 138
Show file before | Show file after | Show commentsHide comments
@@ -4,8 +4,8 require_once('include/admin.inc.php');
4 4
5 5 auth_redirect(); // Require logged in user to access this page.
6 6
7 $last_type = $mtdb->getOne( 'SELECT type FROM strip ORDER BY id DESC limit 1' );
8 $last_strip_id = $mtdb->getOne( 'SELECT MAX(id) FROM strip' );
7 $last_type = $dbConnection->fetchColumn('SELECT type FROM strip ORDER BY id DESC LIMIT 1');
8 $last_strip_id = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip');
9 9
10 10 adminhead('Post Comic');
11 11 adminmenu('post-comic.php');
@@ -44,7 +44,7 if(isset($_REQUEST['next']) && $_REQUEST['next'] == "yes")
44 44 <h3 class="dbx-handle">Comic Type</h3>
45 45 <div class="dbx-content"><select name="strip_type">
46 46 <?php
47 $types = $mtdb->getAll( 'SELECT id, description FROM strip_t ORDER BY id' );
47 $types = $dbConnection->fetchAll('SELECT id, description FROM strip_t ORDER BY id');
48 48 foreach( $types as $k=>$v )
49 49 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($last_type == $v->id ? 'selected="selected"' : '' ), $v->description);
50 50 ?>
Show file before | Show file after | Show commentsHide comments
@@ -11,7 +11,7 auth_redirect(); // Require logged in user to access this page.
11 11 adminhead('Write Rant');
12 12 adminmenu('post-rant.php');
13 13
14 $rant_image_ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$currentuser->imagetype );
14 $rant_image_ext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array((int)$currentuser->imagetype));
15 15
16 16 ?>
17 17
@@ -32,10 +32,10 $rant_image_ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (in
32 32 <div class="dbx-content"><select name="rant_side">
33 33 <?php
34 34 // What side does this author usually post on?
35 $usual = $mtdb->getOne( 'SELECT side,count(*) c FROM rant WHERE author=' . (int)$currentuser->id . ' GROUP BY side ORDER BY c DESC limit 1' );
35 $usual = $dbConnection->fetchColumn('SELECT side, COUNT(*) AS c FROM rant WHERE author = ? GROUP BY side ORDER BY c DESC LIMIT 1', array((int)$currentuser->id));
36 36
37 $sides = array('left'=>'Left','right'=>'Right');
38 foreach( $sides as $k=>$v ) {
37 $sides = array('left'=>'Left', 'right'=>'Right');
38 foreach( $sides as $k => $v ) {
39 39 printf('<option value="%s" %s>%s</option>', htmlentities($k), ($usual == $k ? 'selected="selected"' : '' ), $v );
40 40 }
41 41 ?>
@@ -45,8 +45,9 $rant_image_ext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (in
45 45 <fieldset id="authordiv" class="dbx-box">
46 46 <h3 class="dbx-handle">Author</h3>
47 47 <div class="dbx-content"><select name="rant_author"><?php
48 $contrib = $mtdb->getAll('select id,name from contributor');
49 foreach( $contrib as $k=>$v ) {
48 $contrib = $dbConnection->fetchAll('SELECT id, name FROM contributor');
49 foreach( $contrib as $k => $v )
50 {
50 51 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ( $currentuser->id == $v->id ? 'selected="selected"' : '' ), $v->name );
51 52 } ?>
52 53 </select></div>
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 check_nonce('new-scratchpad');
8 8
9 $mtdb->query( sprintf( 'INSERT INTO scratchpad (contributor, message) VALUES (%d, "%s")', (int)$currentuser->id, mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])) );
9 $dbConnection->executeUpdate('INSERT INTO scratchpad (contributor, message) VALUES (?, ?)', array($currentuser->id, $_REQUEST['message']));
10 10
11 11 adminlog("User posted to scratchpad.", MTS_SCRATCH, MTA_INSERT);
12 12 _redirect( ADMIN_PATH . '/index.php' );
Show file before | Show file after | Show commentsHide comments
@@ -14,13 +14,13 if('post_twitter' == $_REQUEST['action'])
14 14 if( strlen($_REQUEST['message']) ) $postmessage = trim($_REQUEST['message']);
15 15
16 16 #string replacement macros
17 $next_strip_id = $mtdb->getOne( 'SELECT MAX(id) FROM strip' );
17 $next_strip_id = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip');
18 18 $next_strip_id += 1;
19 19 $postmessage = str_replace("#nextcomic", $next_strip_id, $postmessage);
20 20
21 21 if('' == $postmessage) _redirect( ADMIN_PATH . '/post-twitter.php?tweet=missing');
22 22 $username = sanitize_username($_REQUEST['twitter_user']);
23 $postasuser = $mtdb->getOne( sprintf('SELECT username FROM twitter_user WHERE username="%s"', mysqli_real_escape_string($mtdb->link, $username)));
23 $postasuser = $dbConnection->fetchColumn('SELECT username FROM twitter_user WHERE username = ?', array($username));
24 24
25 25 if( in_array('twitter', $_REQUEST['service']) )
26 26 $rc = twitterpost( numeric_entities(utfentities($postmessage)), $postasuser );
@@ -43,8 +43,8 if( isset($_REQUEST['tweet']) && 'missing' == $_REQUEST['tweet'] )
43 43 $error.='Oops~ Looks like you forgot to enter a message.';
44 44
45 45
46 $statuses = $mtdb->getAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
47 $twitter_users = $mtdb->getAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
46 $statuses = $dbConnection->fetchAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
47 $twitter_users = $dbConnection->fetchAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
48 48
49 49 adminhead('Update Twitter');
50 50 adminmenu();
@@ -86,7 +86,6 adminmenu();
86 86 </form>
87 87
88 88 <script type="text/javascript">
89 <!--
90 89 function copyPreset() {
91 90 var preset = document.statusform.stdmessage;
92 91 var status = document.statusform.message
@@ -98,7 +97,6 adminmenu();
98 97 var charactersremaining = document.getElementById('charactersremaining');
99 98 charactersremaining.innerHTML = 140 - status.value.length
100 99 }
101 -->
102 100 </script>
103 101
104 102 <?php /*?>
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_basic();
6 6
7 7 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
8 8
9 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, c.name AS cname, c.email AS cmail, s.name AS section, action, level, message FROM admin_log l JOIN admin_section s ON l.section = s.id LEFT JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT $count");
9 $entries = $dbConnection->fetchAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, c.name AS cname, c.email AS cmail, s.name AS section, action, level, message FROM admin_log l JOIN admin_section s ON l.section = s.id JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT ?", array($count), array(PDO::PARAM_INT));
10 10
11 11 header("Content-Type: application/rss+xml;charset=utf-8");
12 12
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_basic();
6 6
7 7 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
8 8
9 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name AS cname, c.email AS cmail, message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY s.published DESC LIMIT $count");
9 $entries = $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(s.published) AS pubdate, c.name AS cname, c.email AS cmail, message FROM scratchpad s JOIN contributor c ON s.contributor = c.id ORDER BY published DESC LIMIT ?', array($count), array(PDO::PARAM_INT));
10 10
11 11 header("Content-Type: application/rss+xml;charset=utf-8");
12 12
Show file before | Show file after | Show commentsHide comments
@@ -4,7 +4,7 require_once('include/admin.inc.php');
4 4
5 5 $count = isset($_REQUEST['count']) && ctype_digit($_REQUEST['count']) ? $_REQUEST['count'] : 25;
6 6
7 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, s.name AS section, action, message FROM admin_log l JOIN admin_section s ON l.section = s.id WHERE s.name = 'strip' ORDER BY l.logdate DESC LIMIT $count");
7 $entries = $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(l.logdate) AS logdate, s.name AS section, action, message FROM admin_log l JOIN admin_section s ON l.section = s.id WHERE s.name = \'strip\' ORDER BY l.logdate DESC LIMIT ?', array($count), array(PDO::PARAM_INT));
8 8
9 9 header("Content-Type: application/rss+xml;charset=utf-8");
10 10
Show file before | Show file after | Show commentsHide comments
@@ -1,5 +1,9
1 1 @charset "utf-8";
2 2
3 $fonts-main: "Lucida Grande", "Lucida Sans Unicode", Tahoma, Verdana;
4 $fonts-news: Georgia, "Times New Roman", Times, serif;
5 $fonts-input: Verdana, Arial, Helvetica, sans-serif;
6 $fonts-code: "Courier New", Courier, monospace;
3 7 $font-stack: Verdana, Arial, Helvetica, sans-serif;
4 8 $banner-font: monospace;
5 9 $credits-font: Arial, Helvetica, sans-serif;
Show file before | Show file after | Show commentsHide comments
@@ -1,14 +1,21
1 1 @charset "utf-8";
2 2
3 $background-color: #F9FCFE;
4 $input-background: #F4F4F4;
3 5 $background: #4C565E;
4 6 $foreground: #757B81;
5 7 $infobox: #23272B;
6 8
9 $font-color-normal: #000000;
7 10 $nl-background: #000000;
8 11 $comic-background: #FFFFFF;
9 12
10 13 $percent-border: #556677;
14 $input-border: #B2B2B2;
15 $button-normal-border: #CCCCCC;
16 $button-down-border: #999999;
11 17
18 $button-label: #333333;
12 19 $text-normal: #B7BFC7;
13 20 $text-accent: #F6B33D;
14 21 $text-credits: #E4E4D6;
Show file before | Show file after | Show commentsHide comments
@@ -1,3 +1,7
1 @charset "utf-8";
2 @import "fonts";
3 @import "palette";
4
1 5 * html #poststuff {
2 6 height: 100%; /* kill peekaboo bug in IE */
3 7 }
@@ -9,6 +13,7
9 13 body {
10 14 border: none;
11 15 }
16
12 17 a {
13 18 border-bottom: 1px solid #69c;
14 19 color: #00019b;
@@ -21,45 +26,47 a.delete:hover {
21 26 }
22 27
23 28 #devnews h4 {
24 font-family: Georgia, "Times New Roman", Times, serif;
29 font-family: $fonts-news;
25 30 font-size: 18px;
26 31 font-weight: normal;
27 32 }
28 33
29 #planetnews ul {
30 list-style: none;
31 margin: 0;
32 padding: 0;
33 }
34
35 #planetnews li {
36 width: 17%;
37 margin: 1%;
38 float: left;
39 }
40
41 #planetnews li a {
42 display: block;
43 padding: .5em;
44 background: #ddd;
45 height: 6em;
46 overflow: hidden;
47 }
48
49 #planetnews cite {
50 font-size: 11px;
51 }
52
53 #planetnews li .post {
54 font-family: Georgia, "Times New Roman", Times, serif;
55 font-size: 18px;
56 display: block;
57 height: 60px;
58 overflow: hidden;
59 }
60
61 #planetnews .hidden {
62 display: none;
34 #planetnews {
35 ul {
36 list-style: none;
37 margin: 0;
38 padding: 0;
39 }
40
41 li {
42 width: 17%;
43 margin: 1%;
44 float: left;
45
46 a {
47 display: block;
48 padding: .5em;
49 background: #ddd;
50 height: 6em;
51 overflow: hidden;
52 }
53
54 .post {
55 font-family: $fonts-news;
56 font-size: 18px;
57 display: block;
58 height: 60px;
59 overflow: hidden;
60 }
61 }
62
63 cite {
64 font-size: 11px;
65 }
66
67 .hidden {
68 display: none;
69 }
63 70 }
64 71
65 72 .readmore {
@@ -125,43 +132,43 a:hover {
125 132 }
126 133
127 134 body {
128 background: #f9fcfe;
129 color: #000;
135 background: $background-color;
136 color: $font-color-normal;
130 137 margin: 0;
131 138 padding: 0;
132 139 }
133 140
134 141 body, td {
135 font: 13px "Lucida Grande", "Lucida Sans Unicode", Tahoma, Verdana;
142 font: 13px $fonts-main;
136 143 }
137 144
138 145 fieldset {
139 146 border: none;
140 147 padding: 3px;
141 }
142 148
143 fieldset label.selectit {
144 display: block;
145 font-size: 11px;
146 padding: 0 2px;
147 }
149 label.selectit {
150 display: block;
151 font-size: 11px;
152 padding: 0 2px;
148 153
149 fieldset label.selectit:hover {
150 background: #e9e9e9;
151 }
154 &:hover {
155 background: #e9e9e9;
156 }
157 }
152 158
153 fieldset legend {
154 padding: .1em .3em;
155 }
159 legend {
160 padding: .1em .3em;
161 }
156 162
157 fieldset.options {
158 padding: 1em;
159 }
163 &.options {
164 padding: 1em;
160 165
161 fieldset.options legend {
162 font-size: 1.5em;
163 font-weight: bold;
164 font-family: Georgia, "Times New Roman", Times, serif;
166 legend {
167 font-size: 1.5em;
168 font-weight: bold;
169 font-family: $fonts-news;
170 }
171 }
165 172 }
166 173
167 174 form, label input {
@@ -198,10 +205,10 p, li, dl, dd, dt {
198 205 }
199 206
200 207 textarea, input, select {
201 background: #f4f4f4;
202 border: 1px solid #b2b2b2;
203 color: #000;
204 font: 13px Verdana, Arial, Helvetica, sans-serif;
208 background: $input-background;
209 border: 1px solid $input-border;
210 color: $font-color-normal;
211 font: 13px $fonts-input;
205 212 margin: 1px;
206 213 padding: 3px;
207 214 }
@@ -283,7 +290,7 form#upload #post_content {
283 290 }
284 291
285 292 .code {
286 font-family: "Courier New", Courier, monospace;
293 font-family: $fonts-code;
287 294 }
288 295
289 296 .commentlist li {
@@ -325,24 +332,24 form#upload #post_content {
325 332
326 333 .quicktags, .search {
327 334 background: #ccc;
328 color: #000;
329 font: 12px Georgia, "Times New Roman", Times, serif;
335 color: $font-color-normal;
336 font: 12px $fonts-news;
330 337 }
331 338
332 339 .submit input, .submit input:focus, .button, .button:focus {
333 background: url( images/fade-butt.png );
334 border: 3px double #999;
335 border-left-color: #ccc;
336 border-top-color: #ccc;
337 color: #333;
340 background: url( ../images/fade-butt.png );
341 border: 3px double $button-down-border;
342 border-left-color: $button-normal-border;
343 border-top-color: $button-normal-border;
344 color: $button-label;
338 345 padding: 0.25em;
339 346 }
340 347
341 348 .submit input:active, .button:active {
342 background: #f4f4f4;
343 border: 3px double #ccc;
344 border-left-color: #999;
345 border-top-color: #999;
349 background: $input-background;
350 border: 3px double $button-normal-border;
351 border-left-color: $button-down-border;
352 border-top-color: $button-down-border;
346 353 }
347 354
348 355 .button, .button:focus {
@@ -401,7 +408,7 form#upload #post_content {
401 408 }
402 409
403 410 .updated, .confirm {
404 background: #CFEBF7 url(images/notice.gif) no-repeat 1em;
411 background: #CFEBF7 url(../images/notice.gif) no-repeat 1em;
405 412 border: 1px solid #2580B2;
406 413 margin: 1em 5% 10px;
407 414 padding: 0 1em 0 3em;
@@ -466,7 +473,7 input.disabled, textarea.disabled {
466 473 }
467 474
468 475 #adminmenu a {
469 color: #000;
476 color: $font-color-normal;
470 477 font-size: 14px;
471 478 font-weight: normal;
472 479 margin: 0;
@@ -506,7 +513,7 input.disabled, textarea.disabled {
506 513 }
507 514
508 515 #submenu .current {
509 background: #f9fcfe;
516 background: $background-color;
510 517 border-top: 1px solid #045290;
511 518 border-right: 2px solid #045290;
512 519 color: #000;
@@ -597,7 +604,7 input.delete:hover {
597 604 }
598 605
599 606 #ed_toolbar input {
600 background: #fff url( images/fade-butt.png ) repeat-x 0px -2px;
607 background: #fff url( ../images/fade-butt.png ) repeat-x 0px -2px;
601 608 margin: 3px 2px 2px;
602 609 }
603 610
@@ -619,7 +626,7 input.delete:hover {
619 626 }
620 627
621 628 #quicktags #ed_code {
622 font-family: "Courier New", Courier, mono;
629 font-family: $fonts-code;
623 630 margin-bottom: 3px;
624 631 }
625 632
@@ -673,7 +680,7 input.delete:hover {
673 680
674 681 #login {
675 682 position: relative;
676 background: url('images/login-bkg-tile.gif') no-repeat top center;
683 background: url('../images/login-bkg-tile.gif') no-repeat top center;
677 684 color: #fff;
678 685 margin: 5em auto 1em;
679 686 padding: 20px 0 0;
@@ -681,7 +688,7 input.delete:hover {
681 688 }
682 689
683 690 #login form {
684 background: url('images/login-bkg-bottom.gif') no-repeat bottom center;
691 background: url('../images/login-bkg-bottom.gif') no-repeat bottom center;
685 692 padding: 0 50px 25px;
686 693 }
687 694
@@ -697,11 +704,11 input.delete:hover {
697 704 text-align: center;
698 705 }
699 706
700 #login p {
707 #login p {
701 708 font-size: 12px;
702 709 }
703 710
704 #login p.message {
711 #login p.message {
705 712 width: 310px;
706 713 margin: 0 auto 1em;
707 714 }
@@ -773,12 +780,12 input.delete:hover {
773 780 width: 97%;
774 781 }
775 782
776 #login p label {
783 #login p label {
777 784 font-size: 11px;
778 785 }
779 786
780 787 #login input#rememberme {
781 background-color: 0e3757;
788 background-color: #0e3757;
782 789 }
783 790
784 791 #login #submit {
@@ -846,7 +853,7 input.delete:hover {
846 853 }
847 854
848 855 #template textarea {
849 font: small 'Courier New', Courier, monospace;
856 font: small $fonts-code;
850 857 width: 97%;
851 858 }
852 859
@@ -893,7 +900,7 input.delete:hover {
893 900 font-weight: normal;
894 901 letter-spacing: -.05em;
895 902 margin: 0;
896 font-family: Georgia, "Times New Roman", Times, serif
903 font-family: $fonts-news;
897 904 }
898 905
899 906 #wphead h1 span {
@@ -1098,7 +1105,7 overall, dbx-box is best left as visually unstyled as possible
1098 1105 }
1099 1106
1100 1107 #your-profile legend {
1101 font-family: Georgia, "Times New Roman", Times, serif;
1108 font-family: $fonts-news;
1102 1109 font-size: 22px;
1103 1110 }
1104 1111
@@ -1113,13 +1120,13 overall, dbx-box is best left as visually unstyled as possible
1113 1120 }
1114 1121
1115 1122 #moremeta .dbx-content {
1116 background: url(images/box-butt.gif) no-repeat bottom right;
1123 background: url(../images/box-butt.gif) no-repeat bottom right;
1117 1124 padding-bottom: 10px;
1118 1125 padding-right: 2px;
1119 1126 }
1120 1127
1121 1128 #moremeta fieldset.dbx-box-closed {
1122 background: url(images/box-butt.gif) no-repeat bottom;
1129 background: url(../images/box-butt.gif) no-repeat bottom;
1123 1130 padding-bottom: 9px;
1124 1131 }
1125 1132
@@ -1136,11 +1143,11 overall, dbx-box is best left as visually unstyled as possible
1136 1143 #moremeta .dbx-handle {
1137 1144 padding: 6px 1em 2px;
1138 1145 font-size: 12px;
1139 background: #2685af url(images/box-head.gif) no-repeat right;
1146 background: #2685af url(../images/box-head.gif) no-repeat right;
1140 1147 }
1141 1148
1142 1149 #moremeta .dbx-box {
1143 background: url(images/box-bg.gif) repeat-y right;
1150 background: url(../images/box-bg.gif) repeat-y right;
1144 1151 }
1145 1152
1146 1153 #advancedstuff h3.dbx-handle {
@@ -1149,17 +1156,17 overall, dbx-box is best left as visually unstyled as possible
1149 1156 padding: 6px 1em 0 3px;
1150 1157 height: 19px;
1151 1158 font-size: 12px;
1152 background: #2685af url(images/box-head-right.gif) no-repeat top right;
1159 background: #2685af url(../images/box-head-right.gif) no-repeat top right;
1153 1160 }
1154 1161
1155 1162 #advancedstuff div.dbx-handle-wrapper {
1156 1163 margin: 0 0 0 -7px;
1157 background: #fff url(images/box-head-left.gif) no-repeat top left;
1164 background: #fff url(../images/box-head-left.gif) no-repeat top left;
1158 1165 }
1159 1166
1160 1167 #advancedstuff div.dbx-content {
1161 1168 margin-left: 8px;
1162 background: url(images/box-bg-right.gif) repeat-y right;
1169 background: url(../images/box-bg-right.gif) repeat-y right;
1163 1170 padding: 10px 10px 15px 0px;
1164 1171 }
1165 1172
@@ -1171,26 +1178,26 overall, dbx-box is best left as visually unstyled as possible
1171 1178 #advancedstuff div.dbx-content-wrapper {
1172 1179 margin-left: -7px;
1173 1180 margin-right: 0;
1174 background: url(images/box-bg-left.gif) repeat-y left;
1181 background: url(../images/box-bg-left.gif) repeat-y left;
1175 1182 }
1176 1183
1177 1184 #advancedstuff fieldset.dbx-box {
1178 1185 padding-bottom: 9px;
1179 1186 margin-left: 6px;
1180 background: url(images/box-butt-right.gif) no-repeat bottom right;
1187 background: url(../images/box-butt-right.gif) no-repeat bottom right;
1181 1188 }
1182 1189
1183 1190 #advancedstuff div.dbx-box-wrapper {
1184 background: url(images/box-butt-left.gif) no-repeat bottom left;
1191 background: url(../images/box-butt-left.gif) no-repeat bottom left;
1185 1192 }
1186 1193
1187 1194 #advancedstuff .dbx-box-closed div.dbx-content-wrapper {
1188 1195 padding-bottom: 2px;
1189 background: url(images/box-butt-left.gif) no-repeat bottom left;
1196 background: url(../images/box-butt-left.gif) no-repeat bottom left;
1190 1197 }
1191 1198
1192 1199 #advancedstuff .dbx-box {
1193 background: url(images/box-butt-right.gif) no-repeat bottom right;
1200 background: url(../images/box-butt-right.gif) no-repeat bottom right;
1194 1201 }
1195 1202
1196 1203
@@ -1203,7 +1210,7 overall, dbx-box is best left as visually unstyled as possible
1203 1210 a.dbx-toggle, a.dbx-toggle:visited {
1204 1211 display:block;
1205 1212 overflow: hidden;
1206 background-image: url( images/toggle.gif );
1213 background-image: url( ../images/toggle.gif );
1207 1214 position: absolute;
1208 1215 top: 0px;
1209 1216 right: 0px;
@@ -1308,7 +1315,7 input #catadd {
1308 1315 }
1309 1316
1310 1317 #edButtons input.edButtonBack, #edButtons input.edButtonBack:active {
1311 background: #fff url( images/fade-butt.png ) repeat-x 0px 15px;
1318 background: #fff url( ../images/fade-butt.png ) repeat-x 0px 15px;
1312 1319 border-bottom: 1px solid #ccc;
1313 1320 }
1314 1321
@@ -1336,6 +1343,6 a.page-numbers:hover {
1336 1343 margin: 0 6px;
1337 1344 }
1338 1345
1339 ul.historic {
1346 ul.historic {
1340 1347 margin-bottom: 1em;
1341 } No newline at end of file
1348 }
Show file before | Show file after | Show commentsHide comments
@@ -19,9 +19,9 if($_POST)
19 19
20 20 swap_strips( $a, $b );
21 21
22 close($f);
22 fclose($f);
23 23
24 $info.='<p>Strips $a and $b swapped successfully.</p>';
24 $info.="<p>Strips $a and $b swapped successfully.</p>";
25 25 adminlog("Strips $a and $b have been swapped.", MTS_STRIP, MTA_MODIFY);
26 26 }
27 27
Show file before | Show file after | Show commentsHide comments
@@ -4,13 +4,8 require_once('include/admin.inc.php');
4 4
5 5 // First, the quick hack way. May become neccessary to parallelize later.
6 6
7 $tweets = $mtdb->getAll("SELECT username, password, text, status, twitter_post.id AS id
8 FROM twitter_post JOIN twitter_user
9 ON twitter_post.user = twitter_user.id
10 WHERE twitter_post.status = 'scheduled'
11 AND time >= NOW()
12 AND time < TIMESTAMPADD(" . RUN_INTERVAL . ", NOW())
13 ");
7 $tweets = $dbConnection->fetchAll('SELECT username, password, text, status, tp.id AS id FROM twitter_post tp JOIN twitter_user tu ON tp.user = tu.id ' .
8 'WHERE tp.status = \'scheduled\' AND time >= NOW() AND time < TIMESTAMPADD(?, NOW())', array(RUN_INTERVAL));
14 9
15 10 // Check if we actually have any tweets. If not, bail.
16 11 if(count($tweets) === 0)
@@ -23,7 +18,7 if(count($tweets) === 0)
23 18 foreach($tweets as $t)
24 19 {
25 20 // Lock the tweet
26 $mtdb->query("UPDATE twitter_post SET status = 'locked' WHERE id = ".(int)$t->id." AND status = 'scheduled'", false);
21 $dbConnection->executeUpdate('UPDATE twitter_post SET status = \'locked\' WHERE id = ? AND status = \'scheduled\'', array($t->id));
27 22
28 23 if(twitterpost($t->text, $t->username, $t->password))
29 24 {
@@ -39,7 +34,7 foreach($tweets as $t)
39 34 }
40 35
41 36 // Unlock tweet, update db.
42 $mtdb->query("UPDATE twitter_post SET status = '".mysqli_real_escape_string($mtdb->link, $t->status)."' WHERE status = 'locked' AND id = ".(int)$t->id, false);
37 $dbConnection->executeUpdate('UPDATE twitter_post SET status = ? WHERE status = \'locked\' AND id = ?', array($t->status, $t->id));
43 38 }
44 39
45 40 ?>
Show file before | Show file after | Show commentsHide comments
@@ -15,7 +15,7 if( isset($_POST['edit']) ) {
15 15
16 16 copy(RANTIMG.'default', RANTIMG.$username.'.png');
17 17
18 $mtdb->query( 'INSERT INTO contributor (name, default_image) VALUES ("' . mysqli_real_escape_string($mtdb->link, $username) . '", "'.$username.'.png")' );
18 $dbConnection->executeUpdate('INSERT INTO contributor (name, default_image) VALUES (?, ?)', array($username, $username . '.png'));
19 19 $user = get_userdatabylogin( $username );
20 20 $userid = $user->id;
21 21 $info.='<p>User Account Created</p>';
@@ -37,7 +37,7 if( isset($_POST['edit']) ) {
37 37 $error.='<p>New passwords do not match.</p>';
38 38 } else {
39 39 /* password change */
40 if( ! $mtdb->getOne( 'SELECT id FROM contributor WHERE id = "' . (int)$user->id . '" AND (password = SHA1("' . mysqli_real_escape_string($mtdb->link, $_POST['password_old']) . '") OR password = "")' )) {
40 if( ! $dbConnection->fetchColumn('SELECT id FROM contributor WHERE id = ? AND (password = SHA1(?) OR password = "")', array((int)$user->id, $_POST['password_old']))) {
41 41 $error.='<p>Specified password is incorrect.</p>';
42 42 } else {
43 43 /* Password match */
Show file before | Show file after | Show commentsHide comments
@@ -10,11 +10,11 adminhead('Users');
10 10 adminmenu();
11 11 ?>
12 12 <h2>User Administration</h2>
13 <p>Make changes to accounts for contributers to the website.</p>
13 <p>Make changes to accounts for contributors to the website.</p>
14 14
15 15 <?php
16 16
17 $users = $mtdb->getAll("SELECT id,name,email,nameplate FROM contributor");
17 $users = $dbConnection->fetchAll('SELECT id, name, email, nameplate FROM contributor');
18 18
19 19 ?>
20 20
Show file before | Show file after | Show commentsHide comments
@@ -17,10 +17,11 $page = 1;
17 17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18 18
19 19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21 21
22 $total = ceil( $mtdb->getOne("SELECT COUNT(*) FROM admin_log") / $perpage );
23 $entries = $mtdb->getAll("SELECT UNIX_TIMESTAMP(l.logdate) AS logstamp, l.logdate AS logdate, c.name AS cname, c.email AS cmail, s.name AS section, action, level, message FROM admin_log l JOIN admin_section s ON l.section = s.id LEFT JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT $start,$perpage");
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(*) FROM admin_log') / $perpage );
23 $entries = $dbConnection->fetchAll('SELECT UNIX_TIMESTAMP(l.logdate) AS logstamp, l.logdate AS logdate, c.name AS cname, s.name AS section, action, level, message ' .
24 'FROM admin_log l JOIN admin_section s ON l.section = s.id JOIN contributor c ON l.contributor = c.id ORDER BY l.logdate DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24 25
25 26 pagination( $page, $total );
26 27
Comments 0
You need to be logged in to leave comments. Login now