mt-admin
RSS
Switch to mysqli_* in other php files.
darkmorford -
dc98d7eb2bb1
Not Reviewed
Show More
Add another comment
Collapse all files
TODOs: 0 unresolved 0 Resolved
COMMENTS: 0 General 0 Inline
Show file before | Show file after | Show commentsHide comments
@@ -8,12 +8,12 auth_redirect(); // Require logged in user to access this page.
8 8 if('post_twitter' == $_REQUEST['action'])
9 9 {
10 10 check_nonce('new-character-twitter');
11
11
12 12 #Fetch the password from the DB.
13 13 $acct = $mtdb->getRow(sprintf("SELECT username, password FROM twitter_user WHERE id = '%d'", $_REQUEST['twitter-account']));
14
14
15 15 $post_at = strtotime($_REQUEST['date18']);
16
16
17 17 if($post_at)
18 18 {
19 19 if($post_at <= strtotime('now'))
@@ -21,7 +21,7 if('post_twitter' == $_REQUEST['action'])
21 21 #If we can post immediately, do so. Bypass the scheduler whenever possible.
22 22 #Treat a date/time in the past as immediate.
23 23 $ret = twitterpost($_REQUEST['message'], $acct->username, $acct->password);
24
24
25 25 if($ret)
26 26 {
27 27 $info.='Update posted to Twitter. <a href="http://www.twitter.com/'.$acct->username.'">View Twitter</a>.';
@@ -37,9 +37,9 if('post_twitter' == $_REQUEST['action'])
37 37 #No luck, gotta schedule.
38 38 $mtdb->query(
39 39 sprintf("INSERT INTO twitter_post (status, user, time, text)VALUES ('scheduled', '%d', FROM_UNIXTIME('%d'), '%s')",
40 mysql_real_escape_string($_REQUEST['twitter-account']),
40 mysqli_real_escape_string($mtdb->link, $_REQUEST['twitter-account']),
41 41 $post_at,
42 mysql_real_escape_string($_REQUEST['message'])
42 mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])
43 43 )
44 44 );
45 45 $info .= "Your tweet for user " . htmlentities($acct->username) . " has been scheduled.";
@@ -119,4 +119,4 At: <script type="text/javascript" src="CalendarPopup.js" ></script>
119 119
120 120 <?php
121 121 adminfooter();
122 ?> No newline at end of file
122 ?>
Show file before | Show file after | Show commentsHide comments
@@ -9,11 +9,11 check_nonce('delete-strip-'.(int)$_REQUEST['strip_id']);
9 9
10 10 if(!deletestrip( $_REQUEST['strip_id'] ))
11 11 {
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".mysql_error(), MTS_STRIP, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting strip $_REQUEST[strip_id]:".mysqli_error(), MTS_STRIP, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified strip.','SQL Error');
14 14 }
15 15
16 16 adminlog("Strip $_REQUEST[strip_id] deleted.", MTS_STRIP, MTA_DELETE);
17 17 _redirect( ADMIN_PATH . '/manage-comics.php?deleted=success' );
18 18
19 ?> No newline at end of file
19 ?>
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 check_nonce('delete-page-'.$_REQUEST['page_name']);
9 9
10 10 if(!deletepage( $_REQUEST['page_name'] ))
11 11 {
12 adminlog("Error deleting page $_REQUEST[page_name]: ".mysql_error(), MTS_PAGE, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting page $_REQUEST[page_name]: ".mysqli_error(), MTS_PAGE, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified page.','SQL Error');
14 14 }
15 15
Show file before | Show file after | Show commentsHide comments
@@ -9,9 +9,9 check_nonce('delete-rant-'.(int)$_REQUEST['rant_id']);
9 9
10 10 if(!deleterant( $_REQUEST['rant_id'] ))
11 11 {
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".mysql_error(), MTS_RANT, MTA_DELETE, E_ERROR);
12 adminlog("Error deleting rant $_REQUEST[rant_id]: ".mysqli_error(), MTS_RANT, MTA_DELETE, E_ERROR);
13 13 mtdie('Error deleting the specified rant.','SQL Error');
14 14 }
15 15
16 16 _redirect( ADMIN_PATH . '/manage-rants.php?deleted=success' );
17 ?> No newline at end of file
17 ?>
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 $strip->id = (int)$_REQUEST['strip_id'];
9 9 $strip = getstrip($strip->id);
10 10
11 11 if( $_POST ) {
12
12
13 13 // Form Elements
14 14 $strip->new_id = (int)$_POST['strip_new_id'] ? (int)$_POST['strip_new_id'] : $strip->id;
15 15 $strip->published = empty($_POST['strip_date']) ? time() : strtotime( $_POST['strip_date'] );
@@ -18,7 +18,7 if( $_POST ) {
18 18 $strip->transcript_posted = $_POST['content'];
19 19 $strip->book = trim($_POST['book']);
20 20 $strip->page = trim($_POST['page']);
21
21
22 22 if( '' == $strip->title ) mtdie('Strips must be supplied with titles.');
23 23
24 24 $YESTERDAY = mktime(0,0,0, date('m'), date('d')-1, date('Y'));
@@ -37,26 +37,26 if( $_POST ) {
37 37 adminlog("Image upload failed.", MTS_STRIP, MTA_ADD, E_WARNING);
38 38 mtdie('If you want to upload a new comic, you must provide said comic.','Strip upload failed.');
39 39 }
40
40
41 41 // get image type and target extension
42 42 $imagedata = getimagesize($_FILES['comicFile']['tmp_name']);
43 43 $strip->media = $imagedata[2];
44 44 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id = ' . (int)$strip->media );
45
45
46 46 if(strlen($fileext) < 3)
47 47 {
48 48 //bad image upload type
49 49 adminlog("Bad image type upload on new strip. Invalid media type.", MTS_STRIP, MTA_ADD, E_ERROR);
50 50 mtdie('Bad image type upload on new strip. Invalid media type.');
51 51 }
52
52
53 53 // Insert new strip into the database, get a real $strip->id
54 54 if(!insertstrip( $strip ))
55 55 {
56 adminlog("Error on insertion of new strip: ".mysql_error(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.mysql_error(), 'SQL Error');
56 adminlog("Error on insertion of new strip: ".mysqli_error(), MTS_STRIP, MTA_ADD, E_ERROR);
57 mtdie('Error on insertion of new strip: '.mysqli_error(), 'SQL Error');
58 58 }
59
59
60 60 // Store the uploaded file to xxxx-0.ext
61 61 $basefile = $strip->published <= time() ?
62 62 sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/'.'%04d.%s', $strip->id, $fileext) :
@@ -73,11 +73,11 if( $_POST ) {
73 73
74 74 $info.="<p>Comic posted!</p>";
75 75 break;
76
76
77 77 case 'edit_comic':
78 78 if( 0 >= $strip->new_id ) mtdie('Strip numbers must be numeric, greater than 0.');
79 79 if( 0 >= $strip->id ) mtdie('Existing strip number, in the form, was zero. This should never happen.');
80
80
81 81 // When updating, $strip->id is the old strip number. Update in place first. Possibly adjust strip number later.
82 82 check_nonce('save-strip-'.$strip->id);
83 83
@@ -87,26 +87,26 if( $_POST ) {
87 87 $strip->media = $imagedata[2];
88 88 }
89 89 $fileext = $mtdb->getOne( 'SELECT extension FROM media_t WHERE id=' . (int)$strip->media );
90
90
91 91 if(strlen($fileext) < 3)
92 92 {
93 93 //bad image upload type
94 94 adminlog("Bad image type upload on strip ".$strip->id.". Invalid media type.", MTS_STRIP, MTA_UPDATE, E_ERROR);
95 95 mtdie('Bad image type upload on strip '.$strip->id.'. Invalid media type.');
96 96 }
97
97
98 98 // Update existing strip
99 99 if(!updatestrip( $strip ) )
100 100 {
101 101 adminlog("Failed to update strip ".$strip->id.".", MTS_STRIP, MTA_UPDATE);
102 mtdie('Error updating strip: ' . mysql_error(), 'SQL Error');
102 mtdie('Error updating strip: ' . mysqli_error(), 'SQL Error');
103 103 }
104
104
105 105 if( is_valid_upload('comicFile') ) { // If uploading, store the uploaded file to xxxx-n.ext
106 106 $basefile = $strip->published <= time() ?
107 107 sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/'.'%04d.%s', $strip->id, $fileext) :
108 108 sprintf(SITE_PATH_ABS.'/'.SITE_STRIP.'/restricted/'.'%04d.%s', $strip->id, $fileext);
109
109
110 110 if(!move_uploaded_file($_FILES['comicFile']['tmp_name'], $basefile))
111 111 {
112 112 adminlog("Filesystem error in saving image.", MTS_STRIP, MTA_UPDATE, E_ERROR);
@@ -120,7 +120,7 if( $_POST ) {
120 120 if( $_POST['broadcast'] ) {
121 121 #Limit broadcast message to 60 characters. Compose it now.
122 122 $b_msg = 'Comic ' . $strip->id . ' updated: ' . substr(trim($_REQUEST['broadcast_message']), 0, 60) . ', ' . SITE_HOST . SITE_PATH . "/strip/" . $strip->id;
123
123
124 124 rsspost($b_msg, SITE_HOST.SITE_PATH.'/strip/'.$strip->id);
125 125 twitterpost($b_msg);
126 126 $info.="<p>Update broadcasted with message '$b_msg'.</p>";
@@ -128,19 +128,19 if( $_POST ) {
128 128
129 129 $info.="<p>Changes saved. <a href=\"".SITE_HOST.SITE_PATH."/index.php?strip_id=".$strip->id."\">View on site</a>.";
130 130 break;
131
131
132 132 default:
133 133 adminlog("User did something strange.", MTS_STRIP, MTA_MODIFY);
134 134 mtdie('You know, it would be <em>really</em> nice if you avoided nonsensical actions.');
135 135 }
136
136
137 137 $info = savetranscript($strip) . $info;
138 138
139 139 # If the strip number changed, swap strips sequentially to shuffle it into place
140 140 if( $strip->id != $strip->new_id ) {
141 141 $f = fopen(SITE_PATH_ABS.'/'.SITE_STRIP.'/'.SITE_STRIP_LOCK, 'w');
142 142 flock($f, LOCK_EX);
143
143
144 144 while( $strip->new_id < $strip->id ) { // Move this strip backward
145 145 swap_strips( $strip->id - 1, $strip->id );
146 146 $strip->id--;
@@ -255,4 +255,3 if( file_exists( SITE_PATH_ABS.'/'.$file ) ){
255 255 <?php
256 256 adminfooter();
257 257 ?>
258
Show file before | Show file after | Show commentsHide comments
@@ -26,10 +26,10 if( $_POST ) {
26 26 }
27 27
28 28 $action = isset($_POST['publish']) ? 'post' : 'edit';
29
29
30 30 if( isset( $_POST['publish'] ) ) $rant->status = 'published'; // If [publish] button is used, ignore radio button
31 31
32
32
33 33 $source_rantimage_filename = $_FILES['ranterImage']['tmp_name'];
34 34 extract( pre_upload_rant_image( $source_rantimage_filename ) );
35 35 if( $upload_error ) $error.=$upload_error;
@@ -43,12 +43,12 if( $_POST ) {
43 43 $source_rantattachment_filename[] = $_FILES['rant_attachment']['tmp_name'][$i];
44 44 }
45 45 }
46
46
47 47 switch( $_POST['action'] ) {
48 48 case 'new_rant':
49
49
50 50 check_nonce('new-rant');
51
51
52 52 if( ! $doing_upload ) {
53 53 // Use default rant image for this contributor.
54 54 $contributor = get_userdatabyid( $rant->author );
@@ -58,11 +58,11 if( $_POST ) {
58 58 } else {
59 59 $rant->imagetype = $upload_imagetype;
60 60 }
61
61
62 62 $rant->id = insertrant($rant);
63 63 if( $rant->id === false )
64 64 {
65 adminlog("Error on rant insertion: ".mysql_error(), MTS_RANT, MTA_INSERT, E_ERROR);
65 adminlog("Error on rant insertion: ".mysqli_error(), MTS_RANT, MTA_INSERT, E_ERROR);
66 66 mtdie('There was an error inserting the rant into the database.', 'SQL Error');
67 67 }
68 68
@@ -72,7 +72,7 if( $_POST ) {
72 72 $upload_error = $upload_info = '';
73 73 extract( save_upload_rant_attachment($_FILES['rant_attachment']['tmp_name'][$i], $rant->id) );
74 74
75 if( $upload_error ) $error.=$upload_error;
75 if( $upload_error ) $error.=$upload_error;
76 76 if( $upload_info ) {
77 77 $info .= $upload_info;
78 78 $rant->body = preg_replace('/(href|src)=\"([^\"]*?)\\{'.($i+1).'\\}(.*?)\"/', '\1="'.get_rantattachment_filename($rant_attachment_id).'"', $rant->body);
@@ -85,19 +85,19 if( $_POST ) {
85 85 if( $doing_upload ) {
86 86 extract( save_upload_rant_image( $source_rantimage_filename, $rant ) );
87 87 if( $upload_info ) $info.=$upload_info;
88 if( $upload_error ) $error.=$upload_error;
88 if( $upload_error ) $error.=$upload_error;
89 89 } elseif($rant->imagetype != 'NULL') {
90 90 extract( save_stock_rant_image( $source_rantimage_filename, $rant ) );
91 91 if( $upload_info ) $info.=$upload_info;
92 if( $upload_error ) $error.=$upload_error;
92 if( $upload_error ) $error.=$upload_error;
93 93 }
94
94
95 95 break;
96
96
97 97 case 'saverant':
98 98
99 99 check_nonce('save-rant-' . $rant->id);
100
100
101 101 if( isset( $_POST['rant_reverttodefaultimage'] ) ) {
102 102 // Use default rant image for this contributor, copy it into place
103 103 $contributor = get_userdatabyid( $rant->author );
@@ -106,13 +106,13 if( $_POST ) {
106 106 if($rant->imagetype != 'NULL')
107 107 extract( save_stock_rant_image( $contributor->default_image, $rant ) );
108 108 adminlog("Reverting to user's default rant image for rant ".$rant->id.".", MTS_RANT, MTA_UPDATE);
109
109
110 110 } elseif( $doing_upload ) {
111 111 $rant->imagetype = $upload_imagetype;
112 112 extract( save_upload_rant_image( $source_rantimage_filename, $rant ) );
113 113 adminlog("Uploading new rant image for rant ".$rant->id.".", MTS_RANT, MTA_UPDATE);
114 114 if( $upload_info ) $info.=$upload_info;
115 if( $upload_error ) $error.=$upload_error;
115 if( $upload_error ) $error.=$upload_error;
116 116 }
117 117
118 118 foreach($_POST['delete_attachment'] as $attachment)
@@ -122,14 +122,14 if( $_POST ) {
122 122 for($i = 0; $i < count($existing_attachments); $i++) {
123 123 $rant->body = preg_replace('/(href|src)=\"([^\"]*?)\\{'.($i+1).'\\}(.*?)\"/', '\1="'.get_rantattachment_filename($existing_attachments[$i]->id).'"', $rant->body);
124 124 }
125
125
126 126 for($j = $i; $j < count($source_rantattachment_filename) + $i; $j++) {
127 127 if('' == $source_rantattachment_filename[$j - $i]) continue;
128
128
129 129 $upload_error = $upload_info = '';
130 130 extract( save_upload_rant_attachment($_FILES['rant_attachment']['tmp_name'][$j - $i], $rant->id) );
131 131
132 if( $upload_error ) $error.=$upload_error;
132 if( $upload_error ) $error.=$upload_error;
133 133 if( $upload_info ) {
134 134 $info .= $upload_info;
135 135 $rant->body = preg_replace('/(href|src)=\"([^\"]*?)\\{'.($i+1).'\\}(.*?)\"/', '\1="'.get_rantattachment_filename($rant_attachment_id).'"', $rant->body);
@@ -137,7 +137,7 if( $_POST ) {
137 137 }
138 138
139 139 updaterant($rant);
140
140
141 141 if($rant->status != 'draft' && $_POST['broadcast'] &&
142 142 ($rant->published <= mktime(0,0,0, date('m'), date('d')-1, date('Y'))))
143 143 {
@@ -216,7 +216,7 tinyMCE.init({
216 216 </fieldset>
217 217
218 218 <fieldset id="authordiv" class="dbx-box">
219 <h3 class="dbx-handle">Author</h3>
219 <h3 class="dbx-handle">Author</h3>
220 220 <div class="dbx-content"><select name="rant_author"><?php
221 221 $contrib = $mtdb->getAll('select id,name from contributor');
222 222 foreach( $contrib as $k=>$v ) {
@@ -305,12 +305,12 tinyMCE.init({
305 305 echo 'Custom rant image is specified.';
306 306 }
307 307 ?>
308
308
309 309 <p>Upload new rant image:<br/>
310 310 <input type="hidden" name="MAX_FILE_SIZE" value="10000000" />
311 311 <input name="ranterImage" type="file"/>
312 312 </p>
313 <p><input type="checkbox" name="rant_reverttodefaultimage" /> Revert to default rant image.</p>
313 <p><input type="checkbox" name="rant_reverttodefaultimage" /> Revert to default rant image.</p>
314 314 </td><td>
315 315 <?php if ( false !== $rantimage_filename ): ?>
316 316 <p><img src="<?php echo SITE_HOST . '/' . SITE_PATH . '/' . $rantimage_filename; ?>" width="150" /></p>
Show file before | Show file after | Show commentsHide comments
@@ -24,14 +24,14
24 24
25 25 for ($count = 0; $count < 5; $count++) {
26 26 $entry = $feed->getEntryByOffset($count);
27 $link = mysql_real_escape_string($entry->link);
28 $title = mysql_real_escape_string($entry->title);
27 $link = mysqli_real_escape_string($mtdb->link, $entry->link);
28 $title = mysqli_real_escape_string($mtdb->link, $entry->title);
29 29 $date = $entry->pubdate;
30 30
31 31 $mtdb->query("INSERT INTO fredart (pubdate, title, link)
32 32 VALUES (FROM_UNIXTIME($date), '$title', '$link')", false);
33 33 }
34
34
35 35 header('Content-Type: text/xml');
36 36 header('Content-Length: 440');
37 37 ?>
Show file before | Show file after | Show commentsHide comments
@@ -54,8 +54,8 function adminmenu($current='') {
54 54 } else {
55 55 $curS = $curT = basename( $_SERVER["PHP_SELF"] );
56 56 }
57
58
57
58
59 59 foreach( $submenu as $l=>$L ) {
60 60 foreach( $L as $k=>$v ) {
61 61 if( $k == $curS ) {
@@ -65,11 +65,11 function adminmenu($current='') {
65 65 }
66 66 $current_sub_menu = false;
67 67
68 ?>
68 ?>
69 69 <div id="wphead">
70 70 <h1>Megatokyo Site Administration <span>(<a href="<?php echo SITE_HOST . SITE_PATH; ?>">View site &raquo;</a>)</span></h1>
71 71 </div>
72 <div id="user_info"><p>Howdy, <strong><?php getCurrentUser(); ?></strong>. [<a href="<?php echo ADMIN_PATH;
72 <div id="user_info"><p>Howdy, <strong><?php getCurrentUser(); ?></strong>. [<a href="<?php echo ADMIN_PATH;
73 73 ?>/login.php?action=logout" title="Log out of this account">Sign Out</a>] </p></div>
74 74
75 75
@@ -94,7 +94,7 function adminmenu($current='') {
94 94 }
95 95 ?>
96 96
97 <div class="clear"></div>
97 <div class="clear"></div>
98 98
99 99 <?php
100 100 if( $_GET['deleted'] && $_GET['deleted'] == 'success' ) $info.='<p>Deleted successfully.</p>';
@@ -104,7 +104,7 function adminmenu($current='') {
104 104 if( $info ) echo "<div class=\"updated fade\">$info</div>";
105 105 ?>
106 106 <div class="wrap">
107 <?php
107 <?php
108 108 }
109 109
110 110 function adminfooter($copy = true) {
@@ -164,7 +164,7 function handle_error($errno, $errstr, $errfile, $errline, $errcontext) {
164 164 header('Content-Type: text/html; charset=utf-8');
165 165
166 166 if (eregi('^(sql)$', $errstr)) {
167 $errstr = "SQL Error " . mysql_errno() . ': ' . mysql_error();
167 $errstr = "SQL Error " . mysqli_errno() . ': ' . mysqli_error();
168 168 }
169 169
170 170 $message = "Error#$errno: $errstr";
Show file before | Show file after | Show commentsHide comments
@@ -55,7 +55,7 function twitterpost($message, $user=TWITTER_USER, $password=TWITTER_PASS)
55 55 function setOAuthTokens($userid,$oauth_token,$oauth_token_secret, $username) {
56 56 global $mtdb;
57 57 $id = (int)$userid;
58 if( $mtdb->query( sprintf('UPDATE twitter_user SET oauth_token="%s", oauth_token_secret="%s", username="%s" WHERE id=%d', mysql_real_escape_string($oauth_token), mysql_real_escape_string($oauth_token_secret), mysql_real_escape_string($username), $id )) )
58 if( $mtdb->query( sprintf('UPDATE twitter_user SET oauth_token="%s", oauth_token_secret="%s", username="%s" WHERE id=%d', mysqli_real_escape_string($mtdb->link, $oauth_token), mysqli_real_escape_string($mtdb->link, $oauth_token_secret), mysqli_real_escape_string($mtdb->link, $username), $id )) )
59 59 return true;
60 60 return false;
61 61 }
Show file before | Show file after | Show commentsHide comments
@@ -9,7 +9,7 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
9 9 if(! $mtdb->query( 'DELETE FROM meta_t WHERE id=' . (int)$_GET['delete'] ) )
10 10 {
11 11 adminlog("Error on deleting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_DELETE, E_WARNING);
12 mtdie("Error on update: ". htmlentities(mysql_error()));
12 mtdie("Error on update: ". htmlentities(mysqli_error()));
13 13 }
14 14 $info.='<p>Deleted metatype successfully.<p>';
15 15 adminlog("Metatype ".(int)$_GET['delete']." deleted.", MTS_TYPE_META, MTA_DELETE);
@@ -17,14 +17,14 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
17 17
18 18 if( isset($_POST['action']) && $_POST['action'] == 'new_meta' ) {
19 19 check_nonce('new-metatype');
20
20
21 21 $name = trim($_POST['name']);
22
22
23 23 if( check_type_name( $name ) ) {
24 if(! $mtdb->query( 'INSERT INTO meta_t(name) VALUES("'. mysql_real_escape_string($name) . '")' ) )
24 if(! $mtdb->query( 'INSERT INTO meta_t(name) VALUES("'. mysqli_real_escape_string($mtdb->link, $name) . '")' ) )
25 25 {
26 26 adminlog("Error on inserting metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_INSERT, E_WARNING);
27 mtdie("Error on insertion: ". htmlentities(mysql_error()));
27 mtdie("Error on insertion: ". htmlentities(mysqli_error()));
28 28 }
29 29 }
30 30 $info.='<p>New metatype created successfully.<p>';
@@ -33,14 +33,14 if( isset($_POST['action']) && $_POST['action'] == 'new_meta' ) {
33 33
34 34 if( isset($_POST['action']) && $_POST['action'] == 'edit_meta' ) {
35 35 check_nonce('save-metatype-'.(int)$_POST['type_id']);
36
36
37 37 $name = trim($_POST['name']);
38
38
39 39 if( check_type_name( $name ) ) {
40 if(! $mtdb->query( 'UPDATE meta_t SET name = "' . mysql_real_escape_string($name) . '" WHERE id=' . (int)$_POST['type_id']) )
40 if(! $mtdb->query( 'UPDATE meta_t SET name = "' . mysqli_real_escape_string($mtdb->link, $name) . '" WHERE id=' . (int)$_POST['type_id']) )
41 41 {
42 42 adminlog("Error updating metatype ".(int)$_GET['delete'], MTS_TYPE_META, MTA_UPDATE, E_WARNING);
43 mtdie("Error on update: ". htmlentities(mysql_error()));
43 mtdie("Error on update: ". htmlentities(mysqli_error()));
44 44 }
45 45 }
46 46 $info.='<p>Changes to metatype saved successfully.<p>';
@@ -96,11 +96,11 adminmenu();
96 96 <td width="66%"><input name="name" type="text" id="name" value="" /></td>
97 97 </tr>
98 98 </table>
99
99
100 100 <p class="submit"><input type="submit" value="Create &raquo;" name="submit" /></p>
101 101 </div>
102 102 </form>
103 103
104 104 <?php
105 105 adminfooter();
106 ?> No newline at end of file
106 ?>
Show file before | Show file after | Show commentsHide comments
@@ -36,7 +36,7 function handle_update_form() {
36 36 return;
37 37 }
38 38
39 $mtdb->query( 'INSERT INTO status (published,eta,percentage,text) VALUES( NOW(), FROM_UNIXTIME(' . (int)$eta . '), '. (int)$percent . ', "' . mysql_real_escape_string($text) . '")' );
39 $mtdb->query( 'INSERT INTO status (published,eta,percentage,text) VALUES( NOW(), FROM_UNIXTIME(' . (int)$eta . '), '. (int)$percent . ', "' . mysqli_real_escape_string($mtdb->link, $text) . '")' );
40 40
41 41 $_POST['update_percentage']=$_POST['update_eta']=$_POST['update_text']='';
42 42 $info = '<p>Statusbox updated successfully.</p>';
@@ -87,32 +87,32 $presets = $mtdb->getAll('SELECT COUNT(*) as c, percentage, text, CONCAT( percen
87 87 <th scope="row">Status Description</th>
88 88 <td width="66%"><textarea name="update_text" row="6" cols="30" id="update_text"><?php echo htmlentities($_POST['update_text']); ?></textarea></td>
89 89 </tr>
90
90
91 91 <script type="text/javascript">
92 92 function PresetHandler( f ) {
93
93
94 94 var i = f.preset.selectedIndex;
95 95 var v = f.preset.options[i].value;
96
96
97 97 var parts = v.split("% - ");
98
98
99 99 if( parts[0] == undefined ) {
100 100 parts[0] = "";
101 101 }
102 102 if( parts[1] == undefined ) {
103 103 parts[1] = "";
104 104 }
105
105
106 106 f.update_percentage.value = parts[0];
107 107 f.update_text.value = parts[1];
108
108
109 109 return true;
110 110 }
111 111 document.write('<tr><th scope="row">Presets</th><td width="66%"><select name="preset" onchange="PresetHandler(this.form);"><option value="">-none-</option><?php
112 112 foreach( $presets as $p )
113 113 echo '<option value="' . addslashes(htmlentities($p->p)) . '">' . addslashes(htmlentities($p->p)) . '</option>';
114 114 ?></select></td></tr>');
115
115
116 116 </script>
117 117 </table>
118 118
Show file before | Show file after | Show commentsHide comments
@@ -17,7 +17,7 if( isset($_REQUEST['action']) && 'edit_twitter' == $_REQUEST['action']) {
17 17
18 18 if(0 == $id && !empty($msg)) {
19 19 // Add a new preset
20 $mtdb->query( sprintf('INSERT INTO twitter_status (position, message) VALUES (%d, "%s")', $position, mysql_real_escape_string($msg)) );
20 $mtdb->query( sprintf('INSERT INTO twitter_status (position, message) VALUES (%d, "%s")', $position, mysqli_real_escape_string($mtdb->link, $msg)) );
21 21 adminlog("Added new preset: $msg", MTS_TWITTER, MTA_ADD);
22 22 } elseif(empty($msg)) {
23 23 // Delete an existing preset
@@ -25,7 +25,7 if( isset($_REQUEST['action']) && 'edit_twitter' == $_REQUEST['action']) {
25 25 adminlog("Removed preset: $id", MTS_TWITTER, MTA_ADD);
26 26 } else {
27 27 // Modify an existing preset
28 $mtdb->query( sprintf('UPDATE twitter_status SET position = %d, message = "%s" WHERE id = %d', $position, mysql_real_escape_string($msg), $id) );
28 $mtdb->query( sprintf('UPDATE twitter_status SET position = %d, message = "%s" WHERE id = %d', $position, mysqli_real_escape_string($mtdb->link, $msg), $id) );
29 29 }
30 30 }
31 31 }
Show file before | Show file after | Show commentsHide comments
@@ -6,34 +6,34 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 if( isset($_POST['action']) && $_POST['action'] == 'new' ) {
8 8 check_nonce('new-twitter-user');
9
10 if(! $mtdb->query( sprintf('INSERT INTO twitter_user(username) VALUES("%s")', mysql_real_escape_string( md5( microtime() )) ) ) ) {
9
10 if(! $mtdb->query( sprintf('INSERT INTO twitter_user(username) VALUES("%s")', mysqli_real_escape_string( $mtdb->link, md5( microtime() )) ) ) ) {
11 11 adminlog("Error on insertion of new twitter user.", MTS_TWITTER, MTA_INSERT, E_WARNING);
12 mtdie("Error on insertion of new twitter user: ". htmlentities(mysql_error()), 'SQL Error');
12 mtdie("Error on insertion of new twitter user: ". htmlentities(mysqli_error()), 'SQL Error');
13 13 } else {
14 14 //$name = sanitize_username($_POST['name']);
15
16 $id = mysql_insert_id();
17
15
16 $id = mysqli_insert_id();
17
18 18 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET);
19 19 $request_token = $connection->getRequestToken(OAUTH_CALLBACK . "&id=$id");
20
20
21 21 if ($connection->http_code !== 200 ) {
22 22 adminlog("Twitter getRequestToken failed. HTTP code: $connection->http_code", MTS_TWITTER, MTA_MODIFY);
23 23 mtdie("Could not connect to twitter.com.");
24 24 }
25
25
26 26 echo $id . '<br/>';
27
27
28 28 setOAuthTokens( $id, $request_token['oauth_token'], $request_token['oauth_token_secret'], md5(microtime()) );
29
29
30 30 adminlog("New twitter user created successfully.", MTS_TWITTER, MTA_ADD);
31 31
32 32 $url = $connection->getAuthorizeURL($request_token['oauth_token']);
33 33 //echo $url;
34 34 _redirect($url);
35 exit();
36
35 exit();
36
37 37 }
38 38 }
39 39
@@ -41,7 +41,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
41 41 # twitter userID = ID
42 42 $id = (int)$_REQUEST['id'];
43 43 $row = $mtdb->getRow( sprintf('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user WHERE id=%d LIMIT 1', $id));
44
44
45 45 # Compare token in database with token from twitter. If they differ, bail.
46 46 if( $row->oauth_token != $_REQUEST['oauth_token'] ) {
47 47 # token is old, drop from database
@@ -53,9 +53,9 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
53 53 } else {
54 54 # token is good, save the new Access Token to the database
55 55 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $row->oauth_token, $row->oauth_token_secret);
56
56
57 57 $access_token = $connection->getAccessToken($_REQUEST['oauth_verifier']);
58
58
59 59 if (200 == $connection->http_code) {
60 60 # successful
61 61 $info.='<p>Successfully obtained OAuth Access Token.</p>';
@@ -66,7 +66,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
66 66 adminlog("Successfully received OAuth Access Tokens for twitter user.", MTS_TWITTER, MTA_MODIFY, E_WARNING);
67 67
68 68 //print_r($content);
69
69
70 70 } else {
71 71 # fail
72 72 if( !$mtdb->query("DELETE FROM twitter_user WHERE id = '$id'") ) {
@@ -76,7 +76,7 if( isset($_REQUEST['action']) && $_REQUEST['action'] == 'twittercallback' && is
76 76 $info.='<p>Failed to get OAuth Access Token for ' . $username . '.</p>';
77 77 adminlog("Failed to get OAuth Access Tokens for twitter user.", MTS_TWITTER, MTA_MODIFY, E_ERROR);
78 78 }
79
79
80 80 }
81 81 }
82 82
@@ -109,14 +109,14 adminmenu();
109 109 $alternate=false;
110 110 foreach( $twitter_users as $s ) {
111 111 $alternate=!$alternate;
112
112
113 113 ?>
114 114 <tr id="twitteruser-<?php echo $s->id; ?>" <?php if($alternate) echo 'class="alternate"'; ?>>
115 115 <th scope="row" style="text-align: center;"><?php echo $s->id; ?></th>
116 116 <td><?php echo htmlentities($s->username); ?></td>
117 117 <td><?php echo htmlentities($s->oauth_token); ?></td>
118 118 <td><?php echo htmlentities($s->oauth_token_secret); ?></td>
119 <td><?php
119 <td><?php
120 120 $connection = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, $s->oauth_token, $s->oauth_token_secret);
121 121 $content = $connection->get('account/verify_credentials');
122 122 if( isset($content->profile_image_url)) {
Show file before | Show file after | Show commentsHide comments
@@ -9,12 +9,12 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
9 9 if(! $mtdb->query( 'DELETE FROM strip_t WHERE id=' . (int)$_GET['delete'] ) )
10 10 {
11 11 adminlog("Error deleting type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE, E_WARNING);
12 mtdie("Error on deletion of existing type: " . htmlentities(mysql_error()), 'SQL Error');
12 mtdie("Error on deletion of existing type: " . htmlentities(mysqli_error()), 'SQL Error');
13 13 }
14 14 if(! $mtdb->query( 'DELETE FROM meta WHERE type=' . (int)$_GET['delete'] ) )
15 15 {
16 16 adminlog("Error on deletion of type ".(int)$_GET['delete']."'s metadata.", MTS_TYPE, MTA_DELETE, E_WARNING);
17 mtdie("Error on deletion of existing type's metadata: " . htmlentities(mysql_error()), 'SQL Error');
17 mtdie("Error on deletion of existing type's metadata: " . htmlentities(mysqli_error()), 'SQL Error');
18 18 }
19 19 $info.='<p>Deleted type successfully.<p>';
20 20 adminlog("Deleted type ".(int)$_GET['delete'], MTS_TYPE, MTA_DELETE);
@@ -22,15 +22,15 if( isset($_GET['delete']) && (int)$_GET['delete'] ) {
22 22
23 23 if( isset($_POST['action']) && $_POST['action'] == 'new_type' ) {
24 24 check_nonce('new-type');
25
25
26 26 $name = trim($_POST['name']);
27 27 $desc = trim($_POST['description']);
28
28
29 29 if( check_type_name($name) ) {
30 if(! $mtdb->query( sprintf( 'INSERT INTO strip_t(name, description) VALUES("%s", "%s")', mysql_real_escape_string($name), mysql_real_escape_string($desc)) ) )
30 if(! $mtdb->query( sprintf( 'INSERT INTO strip_t(name, description) VALUES("%s", "%s")', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc)) ) )
31 31 {
32 32 adminlog("Error on insertion of new type.", MTS_TYPE, MTA_INSERT, E_WARNING);
33 mtdie("Error on insertion of new type: ". htmlentities(mysql_error()), 'SQL Error');
33 mtdie("Error on insertion of new type: ". htmlentities(mysqli_error()), 'SQL Error');
34 34 }
35 35 }
36 36 $info.='<p>New type created successfully.<p>';
@@ -38,27 +38,27 if( isset($_POST['action']) && $_POST['action'] == 'new_type' ) {
38 38 }
39 39
40 40 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
41
41
42 42 $id = (int)$_POST['type_id'];
43 43 check_nonce("save-type-$id");
44 44
45 45 $name = trim($_POST['name']);
46 46 $desc = trim($_POST['description']);
47
47
48 48 $meta = $_POST['meta'];
49 49
50 50 $m_delete = $mtdb->getAll("SELECT meta FROM meta WHERE type = $id");
51
51
52 52 $m_insert = array();
53
54 // Key listed in both Insert and Delete lists, so remove from both == Do Nothing
55 foreach( $m_delete as $k=>$v ) {
53
54 // Key listed in both Insert and Delete lists, so remove from both == Do Nothing
55 foreach( $m_delete as $k=>$v ) {
56 56 if( array_key_exists( $v->meta, $meta ) ) {
57 57 unset($m_delete[$k]);
58 58 unset($meta[$v->meta]);
59 59 } else {
60 60 $m_delete[$k] = 'meta=' . (int)$v->meta;
61 }
61 }
62 62 }
63 63
64 64 // Key listed only in Insert list, make proper format
@@ -67,17 +67,17 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
67 67 }
68 68
69 69 if( check_type_name( $name ) ) {
70 if( !$mtdb->query( sprintf( 'UPDATE strip_t SET name = "%s", description = "%s" WHERE id = %s', mysql_real_escape_string($name), mysql_real_escape_string($desc), $id)) )
70 if( !$mtdb->query( sprintf( 'UPDATE strip_t SET name = "%s", description = "%s" WHERE id = %s', mysqli_real_escape_string($mtdb->link, $name), mysqli_real_escape_string($mtdb->link, $desc), $id)) )
71 71 {
72 72 adminlog("Error on updating type ".$id, MTS_TYPE, MTA_UPDATE, E_WARNING);
73 mtdie("Error on update of existing type: ". htmlentities(mysql_error()), 'SQL Error');
73 mtdie("Error on update of existing type: ". htmlentities(mysqli_error()), 'SQL Error');
74 74 }
75
75
76 76 $sql_insert = "INSERT INTO meta (type,meta) VALUES " . implode(',',$m_insert);
77 77 $sql_delete = "DELETE FROM meta WHERE type=$id AND ( " . implode(' OR ',$m_delete) . ' )';
78 78
79 79 $mtdb->query('START TRANSACTION');
80
80
81 81 if( count($m_insert) )
82 82 if(! $mtdb->query( $sql_insert ) )
83 83 {
@@ -90,9 +90,9 if( isset($_POST['action']) && $_POST['action'] == 'edit_type' ) {
90 90 adminlog("Error deleting old metatype association data for type ".$id, MTS_TYPE, MTA_REMOVE, E_WARNING);
91 91 mtdie("There was an error deleting old metatype data. Transaction aborted. $sql_delete");
92 92 }
93
93
94 94 $mtdb->query('COMMIT');
95
95
96 96 } else {
97 97 $error.='<p>Invalid type name!</p>';
98 98 }
@@ -129,13 +129,13 adminmenu();
129 129 $alternate=false;
130 130 foreach( $types as $s ) {
131 131 $alternate=!$alternate;
132
132
133 133 $metas = $mtdb->getAll("SELECT meta_t.name AS name FROM strip_t
134 134 JOIN meta ON meta.type = strip_t.id JOIN meta_t ON meta.meta = meta_t.id
135 135 WHERE strip_t.id = $s->id");
136
136
137 137 $meta = implode(', ', array_map('_getMetaNameFromObject', $metas) );
138
138
139 139 ?>
140 140 <tr id="comic-<?php echo $s->id; ?>" <?php if($alternate) echo 'class="alternate"'; ?>>
141 141 <th scope="row" style="text-align: center;"><?php echo $s->id; ?></th>
@@ -169,7 +169,7 adminmenu();
169 169 <td width="66%"><input name="description" type="text" id="description" value="" /></td>
170 170 </tr>
171 171 </table>
172
172
173 173 <p class="submit"><input type="submit" value="Create &raquo;" name="submit" /></p>
174 174 </div>
175 175 </form>
Show file before | Show file after | Show commentsHide comments
@@ -6,7 +6,7 auth_redirect(); // Require logged in user to access this page.
6 6
7 7 check_nonce('new-scratchpad');
8 8
9 $mtdb->query( sprintf( 'INSERT INTO scratchpad (contributor, message) VALUES (%d, "%s")', (int)$currentuser->id, mysql_real_escape_string($_REQUEST['message'])) );
9 $mtdb->query( sprintf( 'INSERT INTO scratchpad (contributor, message) VALUES (%d, "%s")', (int)$currentuser->id, mysqli_real_escape_string($mtdb->link, $_REQUEST['message'])) );
10 10
11 11 adminlog("User posted to scratchpad.", MTS_SCRATCH, MTA_INSERT);
12 12 _redirect( ADMIN_PATH . '/index.php' );
Show file before | Show file after | Show commentsHide comments
@@ -8,7 +8,7 auth_redirect(); // Require logged in user to access this page.
8 8 if('post_twitter' == $_REQUEST['action'])
9 9 {
10 10 check_nonce('new-twitter');
11
11
12 12 $postmessage = '';
13 13 if(!empty($_REQUEST['stdmessage']) ) $postmessage = trim($_REQUEST['stdmessage']);
14 14 if( strlen($_REQUEST['message']) ) $postmessage = trim($_REQUEST['message']);
@@ -20,13 +20,13 if('post_twitter' == $_REQUEST['action'])
20 20
21 21 if('' == $postmessage) _redirect( ADMIN_PATH . '/post-twitter.php?tweet=missing');
22 22 $username = sanitize_username($_REQUEST['twitter_user']);
23 $postasuser = $mtdb->getOne( sprintf('SELECT username FROM twitter_user WHERE username="%s"', mysql_real_escape_string($username)));
23 $postasuser = $mtdb->getOne( sprintf('SELECT username FROM twitter_user WHERE username="%s"', mysqli_real_escape_string($mtdb->link, $username)));
24 24
25 25 if( in_array('twitter', $_REQUEST['service']) )
26 26 $rc = twitterpost( numeric_entities(utfentities($postmessage)), $postasuser );
27 27 if( in_array('rss', $_REQUEST['service']) )
28 28 $rc = rsspost( numeric_entities(utfentities($postmessage)), SITE_HOST.SITE_PATH );
29
29
30 30 if($rc) _redirect( ADMIN_PATH . '/post-twitter.php?tweet=success');
31 31 _redirect( ADMIN_PATH . '/post-twitter.php?tweet=fail');
32 32
@@ -41,7 +41,7 if( isset($_REQUEST['tweet']) && 'fail' == $_REQUEST['tweet'] )
41 41
42 42 if( isset($_REQUEST['tweet']) && 'missing' == $_REQUEST['tweet'] )
43 43 $error.='Oops~ Looks like you forgot to enter a message.';
44
44
45 45
46 46 $statuses = $mtdb->getAll('SELECT id, position, message FROM twitter_status ORDER BY position, id');
47 47 $twitter_users = $mtdb->getAll('SELECT id, username, oauth_token, oauth_token_secret, oauth_access_token FROM twitter_user ORDER BY username');
@@ -98,7 +98,7 adminmenu();
98 98 var charactersremaining = document.getElementById('charactersremaining');
99 99 charactersremaining.innerHTML = 140 - status.value.length
100 100 }
101 -->
101 -->
102 102 </script>
103 103
104 104 <?php /*?>
Show file before | Show file after | Show commentsHide comments
@@ -37,7 +37,7 foreach($tweets as $t)
37 37 adminlog("Error $ret_code posting scheduled tweet ".$t->id . ' with return value ' . $ret, MTS_TWITTER, MTA_ADD);
38 38 $t->status = 'error';
39 39 }
40
40
41 41 // Unlock tweet, update db.
42 $mtdb->query("UPDATE twitter_post SET status = '".mysql_real_escape_string($t->status)."' WHERE status = 'locked' AND id = ".(int)$t->id, false);
42 $mtdb->query("UPDATE twitter_post SET status = '".mysqli_real_escape_string($mtdb->link, $t->status)."' WHERE status = 'locked' AND id = ".(int)$t->id, false);
43 43 }
Show file before | Show file after | Show commentsHide comments
@@ -12,10 +12,10 if( isset($_POST['edit']) ) {
12 12 $username = sanitize_username( $_POST['user_login'] );
13 13 if( $username != $_POST['user_login'] || strlen($_POST['user_login']) < 1 )
14 14 mtdie( 'The specified username is not valid. Must be composed of a-z _ - @ .', 'Invalid Username' );
15
15
16 16 copy(RANTIMG.'default', RANTIMG.$username.'.png');
17
18 $mtdb->query( 'INSERT INTO contributor (name, default_image) VALUES ("' . mysql_real_escape_string($username) . '", "'.$username.'.png")' );
17
18 $mtdb->query( 'INSERT INTO contributor (name, default_image) VALUES ("' . mysqli_real_escape_string($mtdb->link, $username) . '", "'.$username.'.png")' );
19 19 $user = get_userdatabylogin( $username );
20 20 $userid = $user->id;
21 21 $info.='<p>User Account Created</p>';
@@ -25,19 +25,19 if( isset($_POST['edit']) ) {
25 25 $userid = (int) $_POST['edit'];
26 26 $user_old = $user = get_userdatabyid( $userid );
27 27 }
28
28
29 29 $user->nameplate = $_POST['nickname'];
30 30 $user->default_image = $user_old->default_image;
31 31 $user->default_link = $_POST['rant-link'];
32 32 $user->email = $_POST['email'];
33
33
34 34 if( !empty($_POST['password_new1']) && !empty($_POST['password_new2']) ) {
35
35
36 36 if( $_POST['password_new1'] !== $_POST['password_new2'] ) {
37 37 $error.='<p>New passwords do not match.</p>';
38 38 } else {
39 39 /* password change */
40 if( ! $mtdb->getOne( 'SELECT id FROM contributor WHERE id = "' . (int)$user->id . '" AND (password = SHA1("' . mysql_real_escape_string($_POST['password_old']) . '") OR password = "")' )) {
40 if( ! $mtdb->getOne( 'SELECT id FROM contributor WHERE id = "' . (int)$user->id . '" AND (password = SHA1("' . mysqli_real_escape_string($mtdb->link, $_POST['password_old']) . '") OR password = "")' )) {
41 41 $error.='<p>Specified password is incorrect.</p>';
42 42 } else {
43 43 /* Password match */
@@ -50,13 +50,13 if( isset($_POST['edit']) ) {
50 50
51 51 function handle_upload( &$user ) {
52 52 global $info,$error;
53
53
54 54 if( !$_FILES['rant_image'] ) return;
55
55
56 56 if( '' == $_FILES['rant_image']['name'] ) return;
57 57 if( UPLOAD_ERR_NO_FILE == $_FILES['rant_image']['error'] ) return;
58 58 if( 0 == $_FILES['rant_image']['size'] ) return;
59
59
60 60 $info.='<p>Tried to upload an image.</p>';
61 61 // Uploading new rant image
62 62 $imagedata = getimagesize($_FILES['rant_image']['tmp_name']);
@@ -68,7 +68,7 if( isset($_POST['edit']) ) {
68 68 $error.='<p>Image wrong height: '.$imagedata[1].'</p>';
69 69 return;
70 70 }
71
71
72 72 switch( $_FILES['rant_image']['type'] ) {
73 73 case 'image/jpeg':
74 74 case 'image/jpg': $ext = 'jpg'; break;
@@ -80,7 +80,7 if( isset($_POST['edit']) ) {
80 80 $error.='<p>Unknown image extension. Upload refused.</p>';
81 81 return;
82 82 }
83
83
84 84 $destination_path = $user->name.'.'.$ext;
85 85 if( !is_uploaded_file( $_FILES['rant_image']['tmp_name'] )) {
86 86 $error.='<p>Something went wrong while retrieving the uploaded image.</p>';
@@ -103,8 +103,8 if( isset($_POST['edit']) ) {
103 103 } else {
104 104 $userid = (int) $_GET['edit'];
105 105 $user = get_userdatabyid( $userid );
106 }
107
106 }
107
108 108 if( !$user ) $error.='<p>The specified user does not exist.</p>';
109 109
110 110 adminhead('Edit User Profile');
Show file before | Show file after | Show commentsHide comments
@@ -54,13 +54,13 $users = $mtdb->getAll("SELECT id,name,email,nameplate FROM contributor");
54 54
55 55 <h2>Create New Contributor</h2>
56 56 <div class="narrow">
57 <table class="editform" width="100% cellspacing="2" cellpadding="5">
57 <table class="editform" width="100%" cellspacing="2" cellpadding="5">
58 58 <tr>
59 59 <th scope="row" width="33%">Username</th>
60 60 <td width="66%"><input name="user_login" type="text" id="user_login" value="" /></th>
61 61 </tr>
62 62 </table>
63
63
64 64 <p class="submit"><input type="submit" value="Create &raquo;" name="submit" /></p>
65 65 </div>
66 66 </form>
Comments 0
You need to be logged in to leave comments. Login now