mt-admin
RSS
Update more admin pages to use DBAL functions.
darkmorford -
3b807424bd87
Not Reviewed
Show More
Add another comment
Collapse all files
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
Show file before | Show file after | Show commentsHide comments
@@ -10,7 +10,8 if('post_twitter' == $_REQUEST['action'])
10 check_nonce('new-character-twitter');
10 check_nonce('new-character-twitter');
11
11
12 #Fetch the password from the DB.
12 #Fetch the password from the DB.
13 $acct = $mtdb->getRow(sprintf("SELECT username, password FROM twitter_user WHERE id = '%d'", $_REQUEST['twitter-account']));
13 $stmt = $dbConnection->executeQuery('SELECT username, password FROM twitter_user WHERE id = ?', array($_REQUEST['twitter-account']));
14 $acct = $stmt->fetch();
14
15
15 $post_at = strtotime($_REQUEST['date18']);
16 $post_at = strtotime($_REQUEST['date18']);
16
17
@@ -35,13 +36,8 if('post_twitter' == $_REQUEST['action'])
35 else
36 else
36 {
37 {
37 #No luck, gotta schedule.
38 #No luck, gotta schedule.
38 $mtdb->query(
39 $dbConnection->executeUpdate('INSERT INTO twitter_post (status, user, time, text) VALUES (\'scheduled\', ?, FROM_UNIXTIME(?), ?)',
39 sprintf("INSERT INTO twitter_post (status, user, time, text)VALUES ('scheduled', '%d', FROM_UNIXTIME('%d'), '%s')",
40 array($_REQUEST['twitter-account'], $post_at, $_REQUEST['message']));
40 mysqli_real_escape_string($mtdb->link, $_REQUEST['twitter-account']),
41 $post_at,
42 mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])
43 )
44 );
45 $info .= "Your tweet for user " . htmlentities($acct->username) . " has been scheduled.";
41 $info .= "Your tweet for user " . htmlentities($acct->username) . " has been scheduled.";
46 adminlog('Tweet for account ' . $acct->username . ' has been scheduled.', MTS_TWITTER, MTA_ADD);
42 adminlog('Tweet for account ' . $acct->username . ' has been scheduled.', MTS_TWITTER, MTA_ADD);
47 }
43 }
@@ -52,12 +48,11 if('post_twitter' == $_REQUEST['action'])
52 }
48 }
53 }
49 }
54
50
55 $characters = $mtdb->getAll("SELECT id, username FROM twitter_user ORDER BY username");
51 $characters = $dbConnection->fetchAll('SELECT id, username FROM twitter_user ORDER BY username');
56
52
57 $scheduled = $mtdb->getAll("SELECT username, text, status, twitter_post.id AS id, time
53 $scheduled = $dbConnection->fetchAll('SELECT username, text, status, twitter_post.id AS id, time ' .
58 FROM twitter_post JOIN twitter_user
54 'FROM twitter_post JOIN twitter_user ON twitter_post.user = twitter_user.id ' .
59 ON twitter_post.user = twitter_user.id
55 'WHERE twitter_post.status = \'scheduled\' ORDER BY time');
60 WHERE twitter_post.status = 'scheduled' ORDER BY time");
61
56
62 adminhead('Manage Character Twitters');
57 adminhead('Manage Character Twitters');
63 adminmenu();
58 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 $victim = (int)$_REQUEST['tweet_id'];
12
12
13 if($victim)
13 if($victim)
14 {
14 {
15 $r = $mtdb->query("DELETE FROM twitter_post WHERE id = '$victim'");
15 $r = $dbConnection->executeUpdate('DELETE FROM twitter_post WHERE id = ?', array($victim));
16 if(!$r)
16 if(!$r)
17 {
17 {
18 adminlog('Error deleting scheduled tweet ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
18 adminlog('Error deleting scheduled tweet ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 $victim = (int)$_REQUEST['id'];
12
12
13 if($victim)
13 if($victim)
14 {
14 {
15 $r = $mtdb->query("DELETE FROM twitter_user WHERE id = '$victim'");
15 $r = $dbConnection->executeUpdate('DELETE FROM twitter_user WHERE id = ?', array($victim));
16 if(!$r)
16 if(!$r)
17 {
17 {
18 adminlog('Error deleting specified twitter user ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
18 adminlog('Error deleting specified twitter user ' . $victim, MTS_TWITTER, MTA_DELETE, E_ERROR);
Show file before | Show file after | Show commentsHide comments
@@ -35,13 +35,13 if( $_POST ) {
35 if( !is_valid_upload('comicFile') )
35 if( !is_valid_upload('comicFile') )
36 {
36 {
37 adminlog("Image upload failed.", MTS_STRIP, MTA_ADD, E_WARNING);
37 adminlog("Image upload failed.", MTS_STRIP, MTA_ADD, E_WARNING);
38 mtdie('If you want to upload a new comic, you must provide said comic.','Strip upload failed.');
38 mtdie('If you want to upload a new comic, you must provide said comic.', 'Strip upload failed.');
39 }
39 }
40
40
41 // get image type and target extension
41 // get image type and target extension
42 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
42 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
43 $strip->media = $imagedata[2];
43 $strip->media = $imagedata[2];
44 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id = ' . (int)$strip->media );
44 $fileext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media), array(PDO::PARAM_INT));
45
45
46 if(strlen($fileext) < 3)
46 if(strlen($fileext) < 3)
47 {
47 {
@@ -86,7 +86,7 if( $_POST ) {
86 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
86 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
87 $strip->media = $imagedata[2];
87 $strip->media = $imagedata[2];
88 }
88 }
89 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$strip->media );
89 $fileext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media), array(PDO::PARAM_INT));
90
90
91 if(strlen($fileext) < 3)
91 if(strlen($fileext) < 3)
92 {
92 {
@@ -178,7 +178,7 adminmenu('manage-comics.php');
178 <h3 class="dbx-handle">Comic Type</h3>
178 <h3 class="dbx-handle">Comic Type</h3>
179 <div class="dbx-content"><select name="strip_type">
179 <div class="dbx-content"><select name="strip_type">
180 <?php
180 <?php
181 $types = $mtdb->getAll( 'SELECT id, description FROM strip_t ORDER BY id' );
181 $types = $dbConnection->fetchAll('SELECT id, description FROM strip_t ORDER BY id');
182 foreach( $types as $k=>$v )
182 foreach( $types as $k=>$v )
183 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($strip->type == $v->id ? 'selected="selected"' : '' ), htmlentities($v->description));
183 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($strip->type == $v->id ? 'selected="selected"' : '' ), htmlentities($v->description));
184
184
Show file before | Show file after | Show commentsHide comments
@@ -4,7 +4,12 require_once('include/admin.inc.php');
4
4
5 auth_redirect(); // Require logged in user to access this page.
5 auth_redirect(); // Require logged in user to access this page.
6
6
7 $type = $mtdb->getRow( 'SELECT id, name FROM meta_t WHERE id=' . (int)$_GET['edit'] )
7 $sql = 'SELECT id, name FROM meta_t WHERE id = ?';
8 $stmt = $dbConnection->prepare($sql);
9 $stmt->bindValue(1, $_GET['edit'], PDO::PARAM_INT);
10 $stmt->execute();
11
12 $type = $stmt->fetch()
8 or mtdie("Invalid metatype number!");
13 or mtdie("Invalid metatype number!");
9
14
10 adminhead('Metatypes');
15 adminhead('Metatypes');
Show file before | Show file after | Show commentsHide comments
@@ -17,11 +17,11 $page = 1;
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
17 if( isset($_GET['page'] )) $page = (int) $_GET['page'];
18
18
19 $perpage = 15;
19 $perpage = 15;
20 $start = ($page-1) * $perpage;
20 $start = ($page - 1) * $perpage;
21
21
22 $total = ceil( $mtdb->getOne("SELECT count(DISTINCT id) FROM strip") / $perpage );
22 $total = ceil( $dbConnection->fetchColumn('SELECT COUNT(id) FROM strip') / $perpage );
23 $strips = $mtdb->getAll("SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip GROUP BY id ORDER BY id DESC LIMIT $start,$perpage");
23 $strips = $dbConnection->fetchAll('SELECT id, UNIX_TIMESTAMP(published) AS published, type, media, title, book, page FROM strip ORDER BY id DESC LIMIT ?, ?', array($start, $perpage), array(PDO::PARAM_INT, PDO::PARAM_INT));
24 $types_db = $mtdb->getAll("SELECT id,description FROM strip_t");
24 $types_db = $dbConnection->fetchAll('SELECT id, description FROM strip_t');
25
25
26 $type = array();
26 $type = array();
27 foreach( $types_db as $k ) $type[$k->id]=$k->description;
27 foreach( $types_db as $k ) $type[$k->id]=$k->description;
Show file before | Show file after | Show commentsHide comments
@@ -4,8 +4,8 require_once('include/admin.inc.php');
4
4
5 auth_redirect(); // Require logged in user to access this page.
5 auth_redirect(); // Require logged in user to access this page.
6
6
7 $last_type = $mtdb->getOne( 'SELECT type FROM strip ORDER BY id DESC limit 1' );
7 $last_type = $dbConnection->fetchColumn('SELECT type FROM strip ORDER BY id DESC LIMIT 1');
8 $last_strip_id = $mtdb->getOne( 'SELECT MAX(id) FROM strip' );
8 $last_strip_id = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip');
9
9
10 adminhead('Post Comic');
10 adminhead('Post Comic');
11 adminmenu('post-comic.php');
11 adminmenu('post-comic.php');
@@ -44,7 +44,7 if(isset($_REQUEST['next']) && $_REQUEST['next'] == "yes")
44 <h3 class="dbx-handle">Comic Type</h3>
44 <h3 class="dbx-handle">Comic Type</h3>
45 <div class="dbx-content"><select name="strip_type">
45 <div class="dbx-content"><select name="strip_type">
46 <?php
46 <?php
47 $types = $mtdb->getAll( 'SELECT id, description FROM strip_t ORDER BY id' );
47 $types = $dbConnection->fetchAll('SELECT id, description FROM strip_t ORDER BY id');
48 foreach( $types as $k=>$v )
48 foreach( $types as $k=>$v )
49 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($last_type == $v->id ? 'selected="selected"' : '' ), $v->description);
49 printf('<option value="%s" %s>%s</option>', htmlentities($v->id), ($last_type == $v->id ? 'selected="selected"' : '' ), $v->description);
50 ?>
50 ?>
Comments 0
You need to be logged in to leave comments. Login now