mt-admin Files · include/pages.php

Fix calls to mysqli_error().

darkmorford - - Load All Authors

File last commit:

f1e0050abc35

c3da001f5ff1

Download file

             pages.php
        
                    53 lines
            
             | 2.0 KiB
            
                | text/x-php
            
             |
                PhpLexer
            
             / include / pages.php
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content

      <?php

      class Page {

      	var $url_name, $status, $title, $body, $style;

      }

      function savepage($page) {

      	if($page->url_name)

      		return updatepage($page);

      	else

      		return insertpage($page);

      }

      function insertpage($page) {

      	global $mtdb;

      	$sql = 'INSERT INTO static_page ( url_name, status, title, body, style ) VALUES ('

      		. '   "' . mysqli_real_escape_string($mtdb->link, $page->url_name)

      		. '", "' . mysqli_real_escape_string($mtdb->link, $page->status)

      		. '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )

      		. '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )

      		. '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )

      		. '")';

      	adminlog("Page '".$page->url_name."' has been added.", MTS_PAGE, MTA_ADD);

      	return $mtdb->query($sql);

      }

      function updatepage($page) {

      	if ( !$page->url_name ) return false;

      	global $mtdb;

      	$sql = 'UPDATE static_page SET url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name)

      		. '", status = "' . mysqli_real_escape_string($mtdb->link, $page->status)

      		. '", title = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )

      		. '", body = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )

      		. '", style = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )

      		. '" WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name) . '"';

      	adminlog("Page '".$page->url_name."' has been updated.", MTS_PAGE, MTA_MODIFY);

      	return $mtdb->query( $sql );

      }

      function deletepage($url_name) {

      	if ( !$url_name ) return false;

      	global $mtdb;

      	adminlog("Page '".$page->url_name."' has been deleted.", MTS_PAGE, MTA_DELETE);

      	return $mtdb->query( 'DELETE FROM static_page WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $url_name) . '"' );

      }

      function getpage($url_name) {

      	global $mtdb;

      	return $mtdb->getRow( 'SELECT url_name, status, title, body, style FROM static_page WHERE url_name = "'. mysqli_real_escape_string($mtdb->link, $url_name) . '"' );

      }

      ?>

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings

				<?php

				class Page {
				var $url_name, $status, $title, $body, $style;
				}

				function savepage($page) {
				if($page->url_name)
				return updatepage($page);
				else
				return insertpage($page);
				}

				function insertpage($page) {
				global $mtdb;
				$sql = 'INSERT INTO static_page ( url_name, status, title, body, style ) VALUES ('
				. ' "' . mysqli_real_escape_string($mtdb->link, $page->url_name)
				. '", "' . mysqli_real_escape_string($mtdb->link, $page->status)
				. '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )
				. '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )
				. '", "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )
				. '")';
				adminlog("Page '".$page->url_name."' has been added.", MTS_PAGE, MTA_ADD);
				return $mtdb->query($sql);
				}

				function updatepage($page) {
				if ( !$page->url_name ) return false;
				global $mtdb;

				$sql = 'UPDATE static_page SET url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name)
				. '", status = "' . mysqli_real_escape_string($mtdb->link, $page->status)
				. '", title = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->title ) )
				. '", body = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->body ) )
				. '", style = "' . mysqli_real_escape_string( $mtdb->link, trim( $page->style ) )
				. '" WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $page->url_name) . '"';
				adminlog("Page '".$page->url_name."' has been updated.", MTS_PAGE, MTA_MODIFY);
				return $mtdb->query( $sql );
				}

				function deletepage($url_name) {
				if ( !$url_name ) return false;
				global $mtdb;
				adminlog("Page '".$page->url_name."' has been deleted.", MTS_PAGE, MTA_DELETE);
				return $mtdb->query( 'DELETE FROM static_page WHERE url_name = "' . mysqli_real_escape_string($mtdb->link, $url_name) . '"' );
				}

				function getpage($url_name) {
				global $mtdb;
				return $mtdb->getRow( 'SELECT url_name, status, title, body, style FROM static_page WHERE url_name = "'. mysqli_real_escape_string($mtdb->link, $url_name) . '"' );
				}

				?>