mt-admin
RSS
Switch more PHP files to use the DBAL.
darkmorford -
749c3253f5e9
Not Reviewed
Show More
Add another comment
Collapse all files
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
Show file before | Show file after | Show commentsHide comments
@@ -6,10 +6,10 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
8 8 check_nonce('delete-metatype-'.(int)$_GET['delete']);
9 if(! $mtdb->query( 'DELETE FROM meta_t WHERE id=' . (int)$_GET['delete'] ) )
9 if(! $dbConnection->executeUpdate('DELETE FROM meta_t WHERE id = ?', array($_GET['delete'])))
10 10 {
11 11 adminlog("Error on deleting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_DELETE, E_WARNING);
12 mtdie("Error on update: ". htmlentities(mysqli_error()));
12 mtdie("Error on update: ". $dbConnection->errorCode());
13 13 }
14 14 $info.='<p>Deleted metatype successfully.<p>';
15 15 adminlog("Metatype ".(int)$_GET['delete']." deleted.", MTS_TYPE_META, MTA_DELETE);
@@ -21,10 +21,10 if( isset($_POST['action']) && $_POST['action'] == 'new_meta' ) {
21 21 $name = trim($_POST['name']);
22 22
23 23 if( check_type_name( $name ) ) {
24 if(! $mtdb->query( 'INSERT INTO meta_t(name) VALUES("'. mysqli_real_escape_string($mtdb->link, $name) . '")' ) )
24 if(! $dbConnection->executeUpdate('INSERT INTO meta_t (name) VALUES (?)', array($name)))
25 25 {
26 26 adminlog("Error on inserting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_INSERT, E_WARNING);
27 mtdie("Error on insertion: ". htmlentities(mysqli_error()));
27 mtdie("Error on insertion: ". $dbConnection->errorCode());
28 28 }
29 29 }
30 30 $info.='<p>New metatype created successfully.<p>';
@@ -37,10 +37,10 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
37 37 $name = trim($_POST['name']);
38 38
39 39 if( check_type_name( $name ) ) {
40 if(! $mtdb->query( 'UPDATE meta_t SET name = "' . mysqli_real_escape_string($mtdb->link, $name) . '" WHERE id=' . (int)$_POST['type_id']) )
40 if(! $dbConnection->executeUpdate('UPDATE meta_t SET name = ? WHERE id = ?', array($name, $_POST['type_id'])))
41 41 {
42 42 adminlog("Error updating metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_UPDATE, E_WARNING);
43 mtdie("Error on update: ". htmlentities(mysqli_error()));
43 mtdie("Error on update: ". $dbConnection->errorCode());
44 44 }
45 45 }
46 46 $info.='<p>Changes to metatype saved successfully.<p>';
@@ -48,7 +48,7 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
48 48 }
49 49
50 50 //get all metatypes
51 $metas = $mtdb->getAll("SELECT id, name FROM meta_t");
51 $metas = $dbConnection->fetchAll('SELECT id, name FROM meta_t');
52 52
53 53 adminhead('Metatypes');
54 54 adminmenu();
Show file before | Show file after | Show commentsHide comments
@@ -12,7 +12,7 auth_redirect(); // Require logged in user to access this page.
12 12 /* Handle form submission of new updates */
13 13
14 14 function handle_update_form() {
15 global $error,$info,$mtdb;
15 global $error,$info,$dbConnection;
16 16
17 17 check_nonce('update-statusbox');
18 18 $percent = $_POST['update_percentage'];
@@ -36,7 +36,7 function handle_update_form() {
36 36 return;
37 37 }
38 38
39 $mtdb->query( 'INSERT INTO status (published,eta,percentage,text) VALUES( NOW(), FROM_UNIXTIME(' . (int)$eta . '), '. (int)$percent . ', "' . mysqli_real_escape_string($mtdb->link, $text) . '")' );
39 $dbConnection->executeUpdate('INSERT INTO status (published, eta, percentage, text) VALUES (NOW(), FROM_UNIXTIME(?), ?, ?)', array($eta, $percent, $text));
40 40
41 41 $_POST['update_percentage']=$_POST['update_eta']=$_POST['update_text']='';
42 42 $info = '<p>Statusbox updated successfully.</p>';
@@ -55,7 +55,7 adminmenu('manage-statusbox.php');
55 55 /* Simple Presets, Select things said before */
56 56
57 57
58 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percentage, "% - ", text ) as p FROM status GROUP BY p HAVING c>1 ORDER BY c DESC');
58 $presets = $dbConnection->fetchAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percentage, "% - ", text ) as p FROM status GROUP BY p HAVING c > 1 ORDER BY c DESC');
59 59
60 60 ?>
61 61
@@ -129,7 +129,7 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percen
129 129
130 130 <?php
131 131
132 $stats = $mtdb->getAll("SELECT published,eta,percentage,text FROM status ORDER BY published DESC limit 5");
132 $stats = $dbConnection->fetchAll("SELECT published, eta, percentage, text FROM status ORDER BY published DESC LIMIT 5");
133 133
134 134 ?>
135 135
Show file before | Show file after | Show commentsHide comments
@@ -17,15 +17,15 if( isset($_REQUEST['action']) && 'edit_twitter' == $_REQUEST['action']) {
17 17
18 18 if(0 == $id && !empty($msg)) {
19 19 // Add a new preset
20 $mtdb->query( sprintf('INSERT INTO twitter_status (position, message) VALUES (%d, "%s")', $position, mysqli_real_escape_string($mtdb->link, $msg)) );
20 $dbConnection->executeUpdate('INSERT INTO twitter_status (position, message) VALUES (?, ?)', array($position, $msg));
21 21 adminlog("Added new preset: $msg", MTS_TWITTER, MTA_ADD);
22 22 } elseif(empty($msg)) {
23 23 // Delete an existing preset
24 $mtdb->query( "DELETE FROM twitter_status WHERE id = $id" );
24 $dbConnection->executeUpdate('DELETE FROM twitter_status WHERE id = ?', array($id));
25 25 adminlog("Removed preset: $id", MTS_TWITTER, MTA_ADD);
26 26 } else {
27 27 // Modify an existing preset
28 $mtdb->query( sprintf('UPDATE twitter_status SET position = %d, message = "%s" WHERE id = %d', $position, mysqli_real_escape_string($mtdb->link, $msg), $id) );
28 $dbConnection->executeUpdate('UPDATE twitter_status SET position = ?, message = ? WHERE id = ?', array($position, $msg, $id));
29 29 }
30 30 }
31 31 }
Comments 0
You need to be logged in to leave comments. Login now