Not Reviewed
Show More
Add another comment
| @@ -25,7 +25,6 function mt_get_cookie_login() { | |||
|
|
25 | 25 | |
|
|
26 | 26 | // Store username and password in a cookie |
|
|
27 | 27 | function mt_setcookie($username, $password, $already_md5 = false, $siteurl = '', $remember = false) { |
|
|
28 | global $mtdb; | |
|
|
29 | 28 | if ( !$already_md5 ) |
|
|
30 | 29 | $password = mt_hash_password($password); |
|
|
31 | 30 | |
| @@ -73,7 +73,7 function wp_nonce_ays($action) { | |||
|
|
73 | 73 | } |
|
|
74 | 74 | |
|
|
75 | 75 | function mt_explain_nonce($action) { |
|
|
76 |
global $ |
|
|
|
76 | global $dbConnection; | |
|
|
77 | 77 | $c = explode('-',$action); |
|
|
78 | 78 | $i = (int)$c[2]; |
|
|
79 | 79 | |
| @@ -110,12 +110,12 function mt_explain_nonce($action) { | |||
|
|
110 | 110 | if( false !== strpos( $t, '%' ) ) { |
|
|
111 | 111 | |
|
|
112 | 112 | switch( $c[1] ) { |
|
|
113 |
case 'rant': $v = $ |
|
|
|
114 |
case 'strip': $v = $ |
|
|
|
115 |
case 'type': $v = $ |
|
|
|
116 |
case 'metatype':$v = $ |
|
|
|
113 | case 'rant': $v = $dbConnection->fetchColumn('SELECT title FROM rant WHERE id = ?', array($i)); break; | |
|
|
114 | case 'strip': $v = $dbConnection->fetchColumn('SELECT id FROM strip WHERE id = ?', array($i)); break; | |
|
|
115 | case 'type': $v = $dbConnection->fetchColumn('SELECT name FROM strip_t WHERE id = ?', array($i)); break; | |
|
|
116 | case 'metatype':$v = $dbConnection->fetchColumn('SELECT name FROM meta_t WHERE id = ?', array($i)); break; | |
|
|
117 | 117 | case 'extra': $temp = extra_file_from_inode($i); $v = $temp->name; break; |
|
|
118 |
case 'twitteruser': $v = $ |
|
|
|
118 | case 'twitteruser': $v = $dbConnection->fetchColumn('SELECT username FROM twitter_user WHERE id = ?', array($i)); break; | |
|
|
119 | 119 | default: $v = $i; |
|
|
120 | 120 | } |
|
|
121 | 121 | |
| @@ -3,8 +3,16 | |||
|
|
3 | 3 | // Book: The offset from 0 at the beginning of time |
|
|
4 | 4 | // Page: The offset from 0 at the beginning of the volume |
|
|
5 | 5 | |
|
|
6 |
class Strip |
|
|
|
7 | var $id, $old_id, $published, $media, $type, $title, $book, $page; | |
|
|
6 | class Strip | |
|
|
7 | { | |
|
|
8 | public $id; | |
|
|
9 | public $old_id; | |
|
|
10 | public $published; | |
|
|
11 | public $media; | |
|
|
12 | public $type; | |
|
|
13 | public $title; | |
|
|
14 | public $book; | |
|
|
15 | public $page; | |
|
|
8 | 16 | } |
|
|
9 | 17 | |
|
|
10 | 18 | // old_id is used to detect alterations to the strip id in forms. Not saved in database. |
| @@ -12,29 +20,31 class Strip { | |||
|
|
12 | 20 | |
|
|
13 | 21 | // Strip id is automatically incremented |
|
|
14 | 22 | function insertstrip(&$strip) { |
|
|
15 |
global $ |
|
|
|
23 | global $dbConnection; | |
|
|
16 | 24 | |
|
|
17 | 25 | $strip->book = ($strip->book == '') ? 'NULL' : (int)$strip->book; |
|
|
18 | 26 | $strip->page = ($strip->page == '') ? 'NULL' : (int)$strip->page; |
|
|
19 | 27 | |
|
|
20 | $mtdb->query('START TRANSACTION'); | |
|
|
21 |
$newid = $ |
|
|
|
22 | $sql = 'INSERT INTO strip ( id, published, media, type, title, book, page ) VALUES (' | |
|
|
23 | . $newid | |
|
|
24 | . ', FROM_UNIXTIME(' . (int)$strip->published | |
|
|
25 | . '), '. (int)$strip->media | |
|
|
26 | . ', ' . (int)$strip->type | |
|
|
27 | . ', "' . mysqli_real_escape_string( $mtdb->link, trim($strip->title) ) | |
|
|
28 | . '", '. $strip->book | |
|
|
29 | . ', ' . $strip->page | |
|
|
30 | . ')'; | |
|
|
31 | ||
|
|
32 | $r = $mtdb->query( $sql ); | |
|
|
28 | $dbConnection->beginTransaction(); | |
|
|
29 | $newid = $dbConnection->fetchColumn('SELECT MAX(id) FROM strip') + 1; | |
|
|
30 | ||
|
|
31 | $sql = 'INSERT INTO strip (id, published, media, type, title, book, page) VALUES(?, FROM_UNIXTIME(?), ?, ?, ?, ?, ?)'; | |
|
|
32 | $stmt = $dbConnection->prepare($sql); | |
|
|
33 | ||
|
|
34 | $stmt->bindValue(1, $newid); | |
|
|
35 | $stmt->bindValue(2, $strip->published, PDO::PARAM_INT); | |
|
|
36 | $stmt->bindValue(3, $strip->media, PDO::PARAM_INT); | |
|
|
37 | $stmt->bindValue(4, $strip->type, PDO::PARAM_INT); | |
|
|
38 | $stmt->bindValue(5, trim($strip->title)); | |
|
|
39 | $stmt->bindValue(6, $strip->book); | |
|
|
40 | $stmt->bindValue(7, $strip->page); | |
|
|
41 | ||
|
|
42 | $r = $stmt->execute(); | |
|
|
33 | 43 | if( !$r ) { |
|
|
34 | $mtdb->query('ROLLBACK'); | |
|
|
44 | $dbConnection->rollback(); | |
|
|
35 | 45 | return false; |
|
|
36 | 46 | } |
|
|
37 | $mtdb->query('COMMIT'); | |
|
|
47 | $dbConnection->commit(); | |
|
|
38 | 48 | adminlog("Comic ".$newid." posted.", MTS_STRIP, MTA_ADD); |
|
|
39 | 49 | |
|
|
40 | 50 | $strip->id = $newid; |
| @@ -43,22 +53,26 function insertstrip(&$strip) { | |||
|
|
43 | 53 | } |
|
|
44 | 54 | |
|
|
45 | 55 | function updatestrip(&$strip) { |
|
|
46 |
global $ |
|
|
|
56 | global $dbConnection; | |
|
|
47 | 57 | |
|
|
48 | 58 | $strip->book = ($strip->book === '') ? 'NULL' : (int)$strip->book; |
|
|
49 | 59 | $strip->page = ($strip->page === '') ? 'NULL' : (int)$strip->page; |
|
|
50 | 60 | |
|
|
51 | $mtdb->query('START TRANSACTION'); | |
|
|
52 | $sql = 'UPDATE strip SET | |
|
|
53 | published = FROM_UNIXTIME(' . (int)$strip->published .') | |
|
|
54 | , media = '. (int)$strip->media .' | |
|
|
55 | , type = ' . (int)$strip->type .' | |
|
|
56 | , title = "' . mysqli_real_escape_string( $mtdb->link, trim($strip->title) ) .'" | |
|
|
57 | , book = ' . (int)$strip->book .' | |
|
|
58 | , page = ' . (int)$strip->page .' | |
|
|
59 | WHERE id = ' . (int)$strip->id; | |
|
|
60 | $mtdb->query( $sql ); | |
|
|
61 | $mtdb->query('COMMIT'); | |
|
|
61 | $dbConnection->beginTransaction(); | |
|
|
62 | ||
|
|
63 | $sql = 'UPDATE strip SET published = FROM_UNIXTIME(?), media = ?, type = ?, title = ?, book = ?, page = ? WHERE id = ?'; | |
|
|
64 | $stmt = $dbConnection->prepare($sql); | |
|
|
65 | ||
|
|
66 | $stmt->bindValue(1, $strip->published, PDO::PARAM_INT); | |
|
|
67 | $stmt->bindValue(2, $strip->media, PDO::PARAM_INT); | |
|
|
68 | $stmt->bindValue(3, $strip->type, PDO::PARAM_INT); | |
|
|
69 | $stmt->bindValue(4, trim($strip->title)); | |
|
|
70 | $stmt->bindValue(5, $strip->book, PDO::PARAM_INT); | |
|
|
71 | $stmt->bindValue(6, $strip->page, PDO::PARAM_INT); | |
|
|
72 | $stmt->bindValue(7, $strip->id, PDO::PARAM_INT); | |
|
|
73 | ||
|
|
74 | $stmt->execute(); | |
|
|
75 | $dbConnection->commit(); | |
|
|
62 | 76 | adminlog("Comic ".$strip->id." modified.", MTS_STRIP, MTA_MODIFY); |
|
|
63 | 77 | return true; |
|
|
64 | 78 | } |
| @@ -66,12 +80,12 function updatestrip(&$strip) { | |||
|
|
66 | 80 | // Delete destination strip from DB and FS, and Update/Rename the source strip into place. Destructive Move! |
|
|
67 | 81 | function move_strip($from_id, $to_id) |
|
|
68 | 82 | { |
|
|
69 |
global $ |
|
|
|
83 | global $dbConnection; | |
|
|
70 | 84 | $from_id = (int) $from_id; |
|
|
71 | 85 | $to_id = (int) $to_id; |
|
|
72 | 86 | |
|
|
73 | 87 | // Ensure our source exists |
|
|
74 |
$num_strips = $ |
|
|
|
88 | $num_strips = $dbConnection->fetchColumn('SELECT COUNT(*) FROM strip WHERE id = ?', array($from_id)); | |
|
|
75 | 89 | if($num_strips < 1) |
|
|
76 | 90 | mtdie("Cannot move strip number $from_id, because it cannot be found in database."); |
|
|
77 | 91 | |
| @@ -79,8 +93,8 function move_strip($from_id, $to_id) | |||
|
|
79 | 93 | deletestrip( $to_id ); |
|
|
80 | 94 | |
|
|
81 | 95 | // Update database |
|
|
82 |
$ |
|
|
|
83 |
$strip = $ |
|
|
|
96 | $dbConnection->executeUpdate('UPDATE strip SET id = ? WHERE id = ?', array($to_id, $from_id)); | |
|
|
97 | $strip = $dbConnection->executeQuery('SELECT strip.id, extension FROM strip, media_t WHERE media_t.id = strip.media AND strip.id = ?', array($to_id))->fetch(); | |
|
|
84 | 98 | |
|
|
85 | 99 | // Update filesystem |
|
|
86 | 100 | foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d.*', $from_id)) as $item) { |
| @@ -101,8 +115,8 function deletestrip($id) { | |||
|
|
101 | 115 | $id = (int)$id; |
|
|
102 | 116 | if ( !$id ) return false; |
|
|
103 | 117 | |
|
|
104 |
global $ |
|
|
|
105 |
$r = $ |
|
|
|
118 | global $dbConnection; | |
|
|
119 | $r = $dbConnection->executeUpdate('DELETE FROM strip WHERE id = ?', array($id)); | |
|
|
106 | 120 | foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/%04d*.*', $id)) as $item) |
|
|
107 | 121 | unlink($item); |
|
|
108 | 122 | foreach(glob(sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/restricted/%04d*.*', $id)) as $item) |
| @@ -112,19 +126,19 function deletestrip($id) { | |||
|
|
112 | 126 | } |
|
|
113 | 127 | |
|
|
114 | 128 | function getstrip($id) { |
|
|
115 |
global $ |
|
|
|
116 |
return $ |
|
|
|
129 | global $dbConnection; | |
|
|
130 | return $dbConnection->executeQuery('SELECT id, UNIX_TIMESTAMP(published) as published, type, media, title, book, page FROM strip WHERE id = ?', array($id))->fetch(); | |
|
|
117 | 131 | } |
|
|
118 | 132 | |
|
|
119 | 133 | function get_stripimage_filename( $strip ) { |
|
|
120 |
global $ |
|
|
|
121 |
$ext = $ |
|
|
|
134 | global $dbConnection; | |
|
|
135 | $ext = $dbConnection->fetchColumn('SELECT extension FROM media_t WHERE id = ?', array($strip->media)); // filename extension | |
|
|
122 | 136 | return sprintf( '%s/%04d.%s', SITE_STRIP, $strip->id, $ext ); |
|
|
123 | 137 | } |
|
|
124 | 138 | |
|
|
125 | 139 | function get_stripid_by_rantid($rantid) { |
|
|
126 |
global $ |
|
|
|
127 |
return $ |
|
|
|
140 | global $dbConnection; | |
|
|
141 | return $dbConnection->fetchColumn('SELECT MAX(strip.id) FROM strip, rant WHERE strip.published <= rant.published AND rant.id = ?', array($rantid)); | |
|
|
128 | 142 | } |
|
|
129 | 143 | |
|
|
130 | 144 | ?> |
| @@ -17,9 +17,9 function bracketbalance($line) | |||
|
|
17 | 17 | // Retrieve transcript for this strip from the database, modifying the strip object. |
|
|
18 | 18 | function gettranscript(&$strip) |
|
|
19 | 19 | { |
|
|
20 |
global $ |
|
|
|
20 | global $dbConnection; | |
|
|
21 | 21 | |
|
|
22 |
$result = $ |
|
|
|
22 | $result = $dbConnection->executeQuery('SELECT strip FROM transcript WHERE strip = ?', array($strip->id)); | |
|
|
23 | 23 | |
|
|
24 | 24 | if($result) |
|
|
25 | 25 | { |
| @@ -30,16 +30,16 function gettranscript(&$strip) | |||
|
|
30 | 30 | # either way, I care not |
|
|
31 | 31 | Might be able to exchange this loop of getOne()s for a getAll() call. |
|
|
32 | 32 | */ |
|
|
33 |
$numPanels = $ |
|
|
|
33 | $numPanels = $dbConnection->fetchColumn('SELECT MAX(panel) FROM transcript WHERE strip = ?', array($strip->id)); | |
|
|
34 | 34 | if( $numPanels ) { |
|
|
35 | 35 | for($i = 1; $i <= $numPanels; $i++) { |
|
|
36 |
$result = $ |
|
|
|
37 |
or mtdie("There was an error fetching the panel count in the transcript for $strip->id, panel $i. " . |
|
|
|
36 | $result = $dbConnection->executeQuery('SELECT speaker, speech FROM transcript WHERE transcript.strip = ? AND panel = ? ORDER BY line', array($strip->id, $i)) | |
|
|
37 | or mtdie("There was an error fetching the panel count in the transcript for $strip->id, panel $i. " . $dbConnection->errorCode(), 'SQL Error'); | |
|
|
38 | 38 | |
|
|
39 | 39 | if(!$result) continue; |
|
|
40 | 40 | |
|
|
41 | 41 | $output.= "\nnewpanel\n"; |
|
|
42 | while($row = mysqli_fetch_row($result)) { | |
|
|
42 | while($row = $result->fetch(PDO::FETCH_NUM)) { | |
|
|
43 | 43 | if(strlen($row[0]) < 1) continue; |
|
|
44 | 44 | |
|
|
45 | 45 | $output.= $row[0]; |
| @@ -56,16 +56,17 function gettranscript(&$strip) | |||
|
|
56 | 56 | |
|
|
57 | 57 | // Parse submitted transcript from strip object, and insert it into the database. |
|
|
58 | 58 | function savetranscript( &$strip ) { |
|
|
59 |
global $ |
|
|
|
59 | global $dbConnection; | |
|
|
60 | 60 | $info = ''; |
|
|
61 | 61 | |
|
|
62 | $mtdb->query('START TRANSACTION'); | |
|
|
62 | $dbConnection->beginTransaction(); | |
|
|
63 | 63 | |
|
|
64 | 64 | //remove any old transcript data - it's being replaced |
|
|
65 |
$ |
|
|
|
65 | $dbConnection->executeUpdate('DELETE FROM transcript WHERE transcript.strip = ?', array($strip->id))); | |
|
|
66 | 66 | |
|
|
67 | 67 | if( $strip->transcript_posted ) { |
|
|
68 |
$inserter = 'INSERT INTO transcript (strip,panel,line,speaker,speech,search) VALUES ( |
|
|
|
68 | $inserter = 'INSERT INTO transcript (strip, panel, line, speaker, speech, search) VALUES (?, ?, ?, ?, ?, ?)'; | |
|
|
69 | $inserter_types = array(PDO::PARAM_INT, PDO::PARAM_INT, PDO::PARAM_INT, PDO::PARAM_STR, PDO::PARAM_STR, PDO::PARAM_STR); | |
|
|
69 | 70 | |
|
|
70 | 71 | if(strpos($strip->transcript_posted, 'Panel <$n>') !== FALSE) { |
|
|
71 | 72 | # This is probably a scrivener script |
| @@ -83,11 +84,11 function savetranscript( &$strip ) { | |||
|
|
83 | 84 | $has_spoken = true; |
|
|
84 | 85 | |
|
|
85 | 86 | for($j = 0; $j < count($lines); $j++) { |
|
|
86 |
$insert_s |
|
|
|
87 | $inserter_values = array(); | |
|
|
87 | 88 | |
|
|
88 | 89 | if(strpos($lines[$j], '(') === 0) { |
|
|
89 | 90 | # Line is a note, add it as a comment |
|
|
90 |
$insert_s |
|
|
|
91 | $inserter_values = array($strip->id, $i, $j, '#', $lines[$j], ''); | |
|
|
91 | 92 | } elseif(strpos($lines[$j], '[') === 0 || strlen($lines[$j]) == 0) { |
|
|
92 | 93 | # Line is an annotation or blank, do nothing |
|
|
93 | 94 | continue; |
| @@ -95,13 +96,13 function savetranscript( &$strip ) { | |||
|
|
95 | 96 | # Line contains a list of nonspeaking characters |
|
|
96 | 97 | array_splice($lines, $j, 1, array_map('_nospeaker', explode(',', substr($lines[$j], 11)))); |
|
|
97 | 98 | $speaker = trim(substr($lines[$j], 11)); |
|
|
98 |
$insert_s |
|
|
|
99 | $inserter_values = array($strip->id, $i, $j, $speaker, '', ''); | |
|
|
99 | 100 | } elseif($i > 0 && $lines[$j] == strtoupper($lines[$j])) { |
|
|
100 | 101 | # Line designates a new speaker, note speaker |
|
|
101 | 102 | |
|
|
102 | 103 | # Handle speakers who did not say anything |
|
|
103 | 104 | if(null !== $speaker && !$has_spoken) |
|
|
104 |
$insert_s |
|
|
|
105 | $inserter_values = array($strip->id, $i, $j, $speaker, '', ''); | |
|
|
105 | 106 | |
|
|
106 | 107 | $speaker = ucfirst(strtolower($lines[$j])); |
|
|
107 | 108 | $has_spoken = false; |
| @@ -111,25 +112,24 function savetranscript( &$strip ) { | |||
|
|
111 | 112 | $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($speaker).'</p>'; |
|
|
112 | 113 | |
|
|
113 | 114 | $search = preg_replace( '/[[:punct:]]|(?<=\s)\s+/', ' ', strtolower($lines[$j]) ); |
|
|
114 | $insert_sql = sprintf($inserter, (int)$strip->id, $i, $j, mysqli_real_escape_string($mtdb->link, $speaker), | |
|
|
115 | mysqli_real_escape_string($mtdb->link, $lines[$j]), mysqli_real_escape_string($mtdb->link, $search)); | |
|
|
115 | $inserter_values = array($strip->id, $i, $j, $speaker, $lines[$j], $search); | |
|
|
116 | 116 | $has_spoken = true; |
|
|
117 | 117 | } else { |
|
|
118 | 118 | # Line is unrecognized, add it as a comment |
|
|
119 |
$insert_s |
|
|
|
119 | $inserter_values = array($strip->id, $i, $j, '#', $lines[$j], ''); | |
|
|
120 | 120 | } |
|
|
121 | 121 | |
|
|
122 |
if( $insert_s |
|
|
|
123 | $mtdb->query('ROLLBACK'); | |
|
|
124 |
mtdie ( |
|
|
|
122 | if( $inserter_values && false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) { | |
|
|
123 | $dbConnection->rollback(); | |
|
|
124 | mtdie ($dbConnection->errorCode(), 'Error inserting transcript.'); | |
|
|
125 | 125 | } |
|
|
126 | 126 | } |
|
|
127 | 127 | |
|
|
128 | 128 | if(null !== $speaker && !$has_spoken) { |
|
|
129 |
$insert_s |
|
|
|
130 | if( false === $mtdb->query( $insert_sql ) ) { | |
|
|
131 | $mtdb->query('ROLLBACK'); | |
|
|
132 |
mtdie ( |
|
|
|
129 | $inserter_values = array($strip->id, $i, $j, $speaker, '', ''); | |
|
|
130 | if( false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) { | |
|
|
131 | $dbConnection->rollback(); | |
|
|
132 | mtdie ($dbConnection->errorCode(), 'Error inserting transcript.'); | |
|
|
133 | 133 | } |
|
|
134 | 134 | } |
|
|
135 | 135 | } |
| @@ -160,17 +160,16 function savetranscript( &$strip ) { | |||
|
|
160 | 160 | if(!bracketbalance($spoken[1])) |
|
|
161 | 161 | $info .= "<p>Warning: Open brackets do not match close brackets in panel $i for speaker ".htmlentities($spoken[0]).'</p>'; |
|
|
162 | 162 | |
|
|
163 | $insert_sql = sprintf($inserter, (int)$strip->id, (int)$i, (int)$j, mysqli_real_escape_string($mtdb->link, $spoken[0]), | |
|
|
164 | mysqli_real_escape_string($mtdb->link, $spoken[1]), mysqli_real_escape_string($mtdb->link, $spoken[2]) ); | |
|
|
165 | if( false === $mtdb->query( $insert_sql ) ) { | |
|
|
166 | $mtdb->query('ROLLBACK'); | |
|
|
167 | mtdie (mysqli_error($mtdb->link), 'Error inserting transcript.'); | |
|
|
163 | $inserter_values = array($strip->id, $i, $j, $spoken[0], $spoken[1], $spoken[2]); | |
|
|
164 | if( false === $dbConnection->executeUpdate($insert_sql, $inserter_values, $inserter_types) ) { | |
|
|
165 | $dbConnection->rollback(); | |
|
|
166 | mtdie ($dbConnection->errorCode(), 'Error inserting transcript.'); | |
|
|
168 | 167 | } |
|
|
169 | 168 | } |
|
|
170 | 169 | } |
|
|
171 | 170 | } |
|
|
172 | 171 | } |
|
|
173 | $mtdb->query('COMMIT'); | |
|
|
172 | $dbConnection->commit(); | |
|
|
174 | 173 | return $info; |
|
|
175 | 174 | } |
|
|
176 | 175 | |
| @@ -2,7 +2,7 | |||
|
|
2 | 2 | |
|
|
3 | 3 | function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS) |
|
|
4 | 4 | { |
|
|
5 |
global $ |
|
|
|
5 | global $dbConnection, $info, $error; | |
|
|
6 | 6 | if( $user == '' ) { |
|
|
7 | 7 | # preserve existing twitterpost(message) style posting until OAuth has been vetted. |
|
|
8 | 8 | $user = TWITTER_USER; |
| @@ -25,7 +25,7 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS) | |||
|
|
25 | 25 | |
|
|
26 | 26 | } else { |
|
|
27 | 27 | # OAuth Mode |
|
|
28 |
$row = $ |
|
|
|
28 | $row = $dbConnection->executeQuery('SELECT id, username, oauth_token, oauth_token_secret FROM twitter_user WHERE username = ?', array($user))->fetch(); | |
|
|
29 | 29 | |
|
|
30 | 30 | $username = $row->username; |
|
|
31 | 31 | $oauth_token = $row->oauth_token; |
| @@ -55,7 +55,7 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS) | |||
|
|
55 | 55 | function setOAuthTokens($userid,$oauth_token,$oauth_token_secret, $username) { |
|
|
56 | 56 | global $mtdb; |
|
|
57 | 57 | $id = (int)$userid; |
|
|
58 |
if( |
|
|
|
58 | if ($dbConnection->executeUpdate('UPDATE twitter_user SET oauth_token = ?, oauth_token_secret = ?, username = ? WHERE id = ?', array($oauth_token, $oauth_token_secret, $username, $id))) | |
|
|
59 | 59 | return true; |
|
|
60 | 60 | return false; |
|
|
61 | 61 | } |
| @@ -3,21 +3,23 | |||
|
|
3 | 3 | /* Types */ |
|
|
4 | 4 | |
|
|
5 | 5 | function get_typeByID( $id ) { |
|
|
6 |
global $ |
|
|
|
6 | global $dbConnection; | |
|
|
7 | 7 | $id = (int)$id; |
|
|
8 |
$ |
|
|
|
9 | $r->meta = $mtdb->getAll( 'SELECT meta as id from meta where type=' . $id); | |
|
|
8 | $stmt = $dbConnection->executeQuery('SELECT id, name, description FROM strip_t WHERE id = ?', array($id)); | |
|
|
9 | $r = $stmt->fetch(); | |
|
|
10 | $r->meta = $dbConnection->fetchAll('SELECT meta AS id FROM meta WHERE type = ?', array($id)); | |
|
|
10 | 11 | return $r; |
|
|
11 | 12 | } |
|
|
12 | 13 | |
|
|
13 | 14 | function get_allTypes() { |
|
|
14 |
global $ |
|
|
|
15 |
|
|
|
|
15 | global $dbConnection; | |
|
|
16 | $stmt = $dbConnection->executeQuery('SELECT id, name, description, meta FROM strip_t'); | |
|
|
17 | return $stmt->fetch(); | |
|
|
16 | 18 | } |
|
|
17 | 19 | |
|
|
18 | 20 | function get_allMetaTypes() { |
|
|
19 |
global $ |
|
|
|
20 |
return $ |
|
|
|
21 | global $dbConnection; | |
|
|
22 | return $dbConnection->fetchAll('SELECT id, name FROM meta_t'); | |
|
|
21 | 23 | } |
|
|
22 | 24 | |
|
|
23 | 25 | function _getMetaNameFromObject($obj) { |
| @@ -86,11 +86,11 function save_upload_rant_image( $source, $rant ) { | |||
|
|
86 | 86 | |
|
|
87 | 87 | function save_upload_rant_attachment( $source, $rant ) |
|
|
88 | 88 | { |
|
|
89 |
global $ |
|
|
|
89 | global $dbConnection; | |
|
|
90 | 90 | |
|
|
91 | 91 | $image_data = getimagesize( $source ); |
|
|
92 |
$ |
|
|
|
93 |
$rant_attachment_id = |
|
|
|
92 | $dbConnection->executeUpdate('INSERT INTO rant_attachment (rant, media) VALUES (?, ?)', array($rant, $image_data[2])); | |
|
|
93 | $rant_attachment_id = $dbConnection->lastInsertId(); | |
|
|
94 | 94 | |
|
|
95 | 95 | if( move_uploaded_file($source, SITE_PATH_ABS.'/'.get_rantattachment_filename($rant_attachment_id) ) ) { |
|
|
96 | 96 | $upload_info='<p>New rant attachment uploaded for rant '. $rant .'.</p>'; |
| @@ -1,6 +1,6 | |||
|
|
1 | 1 | <?php |
|
|
2 | 2 | |
|
|
3 | $currentuser=false; | |
|
|
3 | $currentuser = false; | |
|
|
4 | 4 | |
|
|
5 | 5 | function getCurrentUser() { |
|
|
6 | 6 | global $currentuser; |
| @@ -8,28 +8,28 function getCurrentUser() { | |||
|
|
8 | 8 | } |
|
|
9 | 9 | |
|
|
10 | 10 | function get_userdatabyid( $id ) { |
|
|
11 |
global $ |
|
|
|
12 |
return $ |
|
|
|
11 | global $dbConnection; | |
|
|
12 | return $dbConnection->executeQuery('SELECT id, name, email, nameplate, default_image, default_link FROM contributor WHERE id = ?', array($id))->fetch(); | |
|
|
13 | 13 | } |
|
|
14 | 14 | |
|
|
15 | 15 | function get_userdatabylogin( $username ) { |
|
|
16 |
global $ |
|
|
|
17 |
return $ |
|
|
|
16 | global $dbConnection; | |
|
|
17 | return $dbConnection->executeQuery('SELECT id, name, email, nameplate, default_image, default_link FROM contributor WHERE name LIKE ?', array($username))->fetch(); | |
|
|
18 | 18 | } |
|
|
19 | 19 | |
|
|
20 | 20 | function save_userdata( $user ) { |
|
|
21 | 21 | adminlog("Saved changes to user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE); |
|
|
22 |
global $ |
|
|
|
23 | return $mtdb->query( sprintf( 'UPDATE contributor SET email="%s", nameplate="%s", default_image="%s", default_link="%s" WHERE id=%d', | |
|
|
24 | mysqli_real_escape_string($mtdb->link, $user->email), mysqli_real_escape_string($mtdb->link, $user->nameplate), | |
|
|
25 | mysqli_real_escape_string($mtdb->link, $user->default_image), mysqli_real_escape_string($mtdb->link, $user->default_link), $user->id) ); | |
|
|
22 | global $dbConnection; | |
|
|
23 | ||
|
|
24 | return $dbConnection->executeUpdate('UPDATE contributor SET email = ?, nameplate = ?, default_image = ?, default_link = ? WHERE id = ?', | |
|
|
25 | array($user->email, $user->nameplate, $user->default_image, $user->default_link, $user->id)); | |
|
|
26 | 26 | } |
|
|
27 | 27 | |
|
|
28 | 28 | function change_password( $user ) { |
|
|
29 | 29 | adminlog("Changed password for user ".$user->id." (".$user->name.").", MTS_USER, MTA_UPDATE); |
|
|
30 |
global $ |
|
|
|
30 | global $dbConnection, $currentuser; | |
|
|
31 | 31 | if( $currentuser->id === $user->id ) mt_setcookie($user->name, $user->password, false, ADMINURL, FALSE ); |
|
|
32 | return $mtdb->query( 'UPDATE contributor SET password=SHA1( "' . mysqli_real_escape_string($mtdb->link, $user->password) . '" ) WHERE id = "' . mysqli_real_escape_string($mtdb->link, $user->id) . '"' ); | |
|
|
32 | return $dbConnection->executeUpdate('UPDATE contributor SET password = SHA1(?) WHERE id = ?', array($user->password, $user->id)); | |
|
|
33 | 33 | } |
|
|
34 | 34 | |
|
|
35 | 35 | ?> |
Comments 0
You need to be logged in to leave comments.
Login now