james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

dos2unix and some other changes...

Browse Source
This commit is contained in:
Shish 2009-12-24 07:36:09 +00:00
parent 1c7ce5a3ac
commit 12745b9309
4 changed files with 3054 additions and 2842 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

345
contrib/artists/main.php
View File

@ -129,7 +129,11 @@ class Artists implements Extension {
$artistName = $author; $artistName = $author;
} }
$database->execute("UPDATE images SET author = ? WHERE id = ?", array($artistName, $event->image->id)); $database->execute("UPDATE images SET author = ? WHERE id = ?"
, array(
mysql_real_escape_string($artistName)
, $event->image->id
));
} }
public function handle_commands($event) public function handle_commands($event)
{ {
@ -143,22 +147,22 @@ class Artists implements Extension {
case "list": case "list":
{ {
$this->get_listing($page, $event); $this->get_listing($page, $event);
$this->theme->sidebar_options("neutral"); $this->theme->sidebar_options("neutral");
break; break;
} }
case "new": case "new":
{ {
if(!$user->is_anonymous()){ if(!$user->is_anonymous()){
$this->theme->new_artist_composer(); $this->theme->new_artist_composer();
}else{ }else{
$errMessage = "You must be registered and logged in to create a new artist."; $errMessage = "You must be registered and logged in to create a new artist.";
$this->theme->display_error($page, "Error", $errMessage); $this->theme->display_error($page, "Error", $errMessage);
} }
break; break;
} }
case "new_artist": case "new_artist":
{ {
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("artist/new")); $page->set_redirect(make_link("artist/new"));
break; break;
} }
@ -197,7 +201,7 @@ class Artists implements Extension {
$userIsLogged = !$user->is_anonymous(); $userIsLogged = !$user->is_anonymous();
$userIsAdmin = $user->is_admin(); $userIsAdmin = $user->is_admin();
$images = Image::find_images(0, 4, Tag::explode($artist['name'])); $images = Image::find_images(0, 4, Tag::explode($artist['name']));
$this->theme->show_artist($artist, $aliases, $members, $urls, $images, $userIsLogged, $userIsAdmin); $this->theme->show_artist($artist, $aliases, $members, $urls, $images, $userIsLogged, $userIsAdmin);
if ($userIsLogged) if ($userIsLogged)
@ -207,7 +211,7 @@ class Artists implements Extension {
//$this->theme->show_new_url_composer($artistID); //$this->theme->show_new_url_composer($artistID);
} }
$this->theme->sidebar_options("editor", $artistID, $userIsAdmin); $this->theme->sidebar_options("editor", $artistID, $userIsAdmin);
break; break;
} }
@ -220,23 +224,21 @@ class Artists implements Extension {
$members = $this->get_members($artistID); $members = $this->get_members($artistID);
$urls = $this->get_urls($artistID); $urls = $this->get_urls($artistID);
if(!$user->is_anonymous()){
if(!$user->is_anonymous()){
$this->theme->show_artist_editor($artist, $aliases, $members, $urls); $this->theme->show_artist_editor($artist, $aliases, $members, $urls);
$userIsAdmin = $user->is_admin(); $userIsAdmin = $user->is_admin();
$this->theme->sidebar_options("editor", $artistID, $userIsAdmin); $this->theme->sidebar_options("editor", $artistID, $userIsAdmin);
}else{ }else{
$errMessage = "You must be registered and logged in to edit an artist."; $errMessage = "You must be registered and logged in to edit an artist.";
$this->theme->display_error($page, "Error", $errMessage); $this->theme->display_error($page, "Error", $errMessage);
} }
break; break;
} }
case "edit_artist": case "edit_artist":
{ {
$artistID = $_POST['artist_id']; $artistID = $_POST['artist_id'];
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("artist/edit/".$artistID)); $page->set_redirect(make_link("artist/edit/".$artistID));
break; break;
} }
@ -248,10 +250,10 @@ class Artists implements Extension {
$page->set_redirect(make_link("artist/view/".$artistID)); $page->set_redirect(make_link("artist/view/".$artistID));
break; break;
} }
case "nuke_artist": case "nuke_artist":
{ {
$artistID = $_POST['artist_id']; $artistID = $_POST['artist_id'];
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("artist/nuke/".$artistID)); $page->set_redirect(make_link("artist/nuke/".$artistID));
break; break;
} }
@ -263,22 +265,22 @@ class Artists implements Extension {
$page->set_redirect(make_link("artist/list")); $page->set_redirect(make_link("artist/list"));
break; break;
} }
case "add_alias": case "add_alias":
{ {
$artistID = $_POST['artist_id']; $artistID = $_POST['artist_id'];
$this->theme->show_new_alias_composer($artistID); $this->theme->show_new_alias_composer($artistID);
break; break;
} }
case "add_member": case "add_member":
{ {
$artistID = $_POST['artist_id']; $artistID = $_POST['artist_id'];
$this->theme->show_new_member_composer($artistID); $this->theme->show_new_member_composer($artistID);
break; break;
} }
case "add_url": case "add_url":
{ {
$artistID = $_POST['artist_id']; $artistID = $_POST['artist_id'];
$this->theme->show_new_url_composer($artistID); $this->theme->show_new_url_composer($artistID);
break; break;
} }
//***********ALIAS SECTION *********************** //***********ALIAS SECTION ***********************
@ -418,17 +420,19 @@ class Artists implements Extension {
private function get_artistName_by_imageID($imageID) private function get_artistName_by_imageID($imageID)
{ {
if(!is_numeric($imageID)) return null;
global $database; global $database;
$result = $database->get_row("SELECT author FROM images WHERE id = ?", array($imageID)); $result = $database->get_row("SELECT author FROM images WHERE id = ?", array($imageID));
return $result['author']; return stripslashes($result['author']);
} }
private function url_exists_by_url($url) private function url_exists_by_url($url)
{ {
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE url = ?", array($url)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE url = ?", array(mysql_real_escape_string($url)));
return ($result != 0); return ($result != 0);
} }
@ -436,7 +440,7 @@ class Artists implements Extension {
{ {
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE name = ?", array($member)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE name = ?", array(mysql_real_escape_string($member)));
return ($result != 0); return ($result != 0);
} }
@ -444,39 +448,48 @@ class Artists implements Extension {
{ {
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE alias = ?", array($alias)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE alias = ?", array(mysql_real_escape_string($alias)));
return ($result != 0); return ($result != 0);
} }
private function alias_exists($artistID, $alias){ private function alias_exists($artistID, $alias){
if (!is_numeric($artistID)) return;
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE artist_id = ? AND alias = ?", array($artistID, $alias)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE artist_id = ? AND alias = ?", array(
$artistID
, mysql_real_escape_string($alias)
));
return ($result != 0); return ($result != 0);
} }
private function get_artistID_by_url($url) private function get_artistID_by_url($url)
{ {
global $database; global $database;
$result = $database->get_row("SELECT artist_id FROM artist_urls WHERE url = ?", array($url)); $result = $database->get_row("SELECT artist_id FROM artist_urls WHERE url = ?", array(mysql_real_escape_string($url)));
return $result['artist_id']; return $result['artist_id'];
} }
private function get_artistID_by_memberName($member) private function get_artistID_by_memberName($member)
{ {
global $database; global $database;
$result = $database->get_row("SELECT artist_id FROM artist_members WHERE name = ?", array($member)); $result = $database->get_row("SELECT artist_id FROM artist_members WHERE name = ?", array(mysql_real_escape_string($member)));
return $result['artist_id']; return $result['artist_id'];
} }
private function get_artistName_by_artistID($artistID) private function get_artistName_by_artistID($artistID)
{ {
if (!is_numeric($artistID)) return;
global $database; global $database;
$result = $database->get_row("SELECT name FROM artists WHERE id = ?", array($artistID)); $result = $database->get_row("SELECT name FROM artists WHERE id = ?", array($artistID));
return $result['name']; return stripslashes($result['name']);
} }
private function get_artistID_by_aliasID($aliasID) private function get_artistID_by_aliasID($aliasID)
{ {
if (!is_numeric($aliasID)) return;
global $database; global $database;
$result = $database->get_row("SELECT artist_id FROM artist_alias WHERE id = ?", array($aliasID)); $result = $database->get_row("SELECT artist_id FROM artist_alias WHERE id = ?", array($aliasID));
return $result['artist_id']; return $result['artist_id'];
@ -484,6 +497,8 @@ class Artists implements Extension {
private function get_artistID_by_memberID($memberID) private function get_artistID_by_memberID($memberID)
{ {
if (!is_numeric($memberID)) return;
global $database; global $database;
$result = $database->get_row("SELECT artist_id FROM artist_members WHERE id = ?", array($memberID)); $result = $database->get_row("SELECT artist_id FROM artist_members WHERE id = ?", array($memberID));
return $result['artist_id']; return $result['artist_id'];
@ -491,6 +506,8 @@ class Artists implements Extension {
private function get_artistID_by_urlID($urlID) private function get_artistID_by_urlID($urlID)
{ {
if (!is_numeric($urlID)) return;
global $database; global $database;
$result = $database->get_row("SELECT artist_id FROM artist_urls WHERE id = ?", array($urlID)); $result = $database->get_row("SELECT artist_id FROM artist_urls WHERE id = ?", array($urlID));
return $result['artist_id']; return $result['artist_id'];
@ -498,18 +515,24 @@ class Artists implements Extension {
private function delete_alias($aliasID) private function delete_alias($aliasID)
{ {
if (!is_numeric($aliasID)) return;
global $database; global $database;
$database->execute("DELETE FROM artist_alias WHERE id = ?", array($aliasID)); $database->execute("DELETE FROM artist_alias WHERE id = ?", array($aliasID));
} }
private function delete_url($urlID) private function delete_url($urlID)
{ {
if (!is_numeric($urlID)) return;
global $database; global $database;
$database->execute("DELETE FROM artist_urls WHERE id = ?", array($urlID)); $database->execute("DELETE FROM artist_urls WHERE id = ?", array($urlID));
} }
private function delete_member($memberID) private function delete_member($memberID)
{ {
if (!is_numeric($memberID)) return;
global $database; global $database;
$database->execute("DELETE FROM artist_members WHERE id = ?", array($memberID)); $database->execute("DELETE FROM artist_members WHERE id = ?", array($memberID));
} }
@ -517,20 +540,38 @@ class Artists implements Extension {
private function get_alias_by_id($aliasID) private function get_alias_by_id($aliasID)
{ {
if (!is_numeric($aliasID)) return;
global $database; global $database;
return $database->get_row("SELECT * FROM artist_alias WHERE id = ?", array($aliasID)); $result = $database->get_row("SELECT * FROM artist_alias WHERE id = ?", array($aliasID));
$result["alias"] = stripslashes($result["alias"]);
return $result;
} }
private function get_url_by_id($urlID) private function get_url_by_id($urlID)
{ {
if (!is_numeric($urlID)) return;
global $database; global $database;
return $database->get_row("SELECT * FROM artist_urls WHERE id = ?", array($urlID)); $result = $database->get_row("SELECT * FROM artist_urls WHERE id = ?", array($urlID));
$result["url"] = stripslashes($result["url"]);
return $result;
} }
private function get_member_by_id($memberID) private function get_member_by_id($memberID)
{ {
if (!is_numeric($memberID)) return;
global $database; global $database;
return $database->get_row("SELECT * FROM artist_members WHERE id = ?", array($memberID)); $result = $database->get_row("SELECT * FROM artist_members WHERE id = ?", array($memberID));
$result["name"] = stripslashes($result["name"]);
return $result;
} }
private function update_artist() private function update_artist()
@ -541,41 +582,55 @@ class Artists implements Extension {
$notes = $_POST['notes']; $notes = $_POST['notes'];
$userID = $user->id; $userID = $user->id;
$aliasesAsString = $_POST["aliases"]; $aliasesAsString = trim($_POST["aliases"]);
$aliasesIDsAsString = $_POST["aliasesIDs"]; if (strlen($aliasesAsString) == 0) $aliasesAsString = NULL;
$aliasesIDsAsString = trim($_POST["aliasesIDs"]);
if (strlen($aliasesIDsAsString) == 0) $aliasesIDsAsString = NULL;
$membersAsString = $_POST["members"]; $membersAsString = trim($_POST["members"]);
$membersIDsAsString = $_POST["membersIDs"]; if (strlen($membersAsString) == 0) $membersAsString = NULL;
$membersIDsAsString = trim($_POST["membersIDs"]);
if (strlen($membersIDsAsString) == 0) $membersIDsAsString = NULL;
$urlsAsString = $_POST["urls"]; $urlsAsString = trim($_POST["urls"]);
$urlsIDsAsString = $_POST["urlsIDs"]; if (strlen($urlsAsString) == 0) $urlsAsString = NULL;
$urlsIDsAsString = trim($_POST["urlsIDs"]);
if (strlen($urlsIDsAsString) == 0) $urlsIDsAsString = NULL;
if (is_null($artistID) || !is_numeric($artistID)) if (is_null($artistID) || !is_numeric($artistID))
return; return;
if (is_null($userID) || !is_numeric($userID))
return;
if (is_null($name) || strlen($name) == 0 || strpos($name, " ")) if (is_null($name) || strlen($name) == 0 || strpos($name, " "))
return; return;
if (is_null($aliasesAsString) || is_null($aliasesIDsAsString)) //if (is_null($aliasesAsString) || is_null($aliasesIDsAsString))
return; // return;
if (is_null($membersAsString) || is_null($membersIDsAsString)) //if (is_null($membersAsString) || is_null($membersIDsAsString))
return; // return;
if (is_null($urlsAsString) || is_null($urlsIDsAsString)) //if (is_null($urlsAsString) || is_null($urlsIDsAsString))
return; // return;
if (strlen($notes) == 0) if (strlen($notes) == 0)
$notes = NULL; $notes = NULL;
global $database; global $database;
$database->execute("UPDATE artists SET name = ?, notes = ?, updated = now(), user_id = ? WHERE id = ? " $database->execute("UPDATE artists SET name = ?, notes = ?, updated = now(), user_id = ? WHERE id = ? "
, array($name, $notes, $userID, $artistID)); , array(
mysql_real_escape_string($name)
, mysql_real_escape_string($notes)
, $userID
, $artistID
));
// ALIAS MATCHING SECTION // ALIAS MATCHING SECTION
$i = 0; $i = 0;
$aliasesAsArray = explode(" ", $aliasesAsString); $aliasesAsArray = is_null($aliasesAsString) ? array() : explode(" ", $aliasesAsString);
$aliasesIDsAsArray = explode(" ", $aliasesIDsAsString); $aliasesIDsAsArray = is_null($aliasesIDsAsString) ? array() : explode(" ", $aliasesIDsAsString);
while ($i < count($aliasesAsArray)) while ($i < count($aliasesAsArray))
{ {
// if an alias was updated // if an alias was updated
@ -594,8 +649,8 @@ class Artists implements Extension {
// MEMBERS MATCHING SECTION // MEMBERS MATCHING SECTION
$i = 0; $i = 0;
$membersAsArray = explode(" ", $membersAsString); $membersAsArray = is_null($membersAsString) ? array() : explode(" ", $membersAsString);
$membersIDsAsArray = explode(" ", $membersIDsAsString); $membersIDsAsArray = is_null($membersIDsAsString) ? array() : explode(" ", $membersIDsAsString);
while ($i < count($membersAsArray)) while ($i < count($membersAsArray))
{ {
// if a member was updated // if a member was updated
@ -614,19 +669,26 @@ class Artists implements Extension {
// URLS MATCHING SECTION // URLS MATCHING SECTION
$i = 0; $i = 0;
$urlsAsArray = explode("\n", $urlsAsString); $urlsAsString = str_replace("\r\n", "\n", $urlsAsString);
$urlsIDsAsArray = explode(" ", $urlsIDsAsString); $urlsAsString = str_replace("\n\r", "\n", $urlsAsString);
$urlsAsArray = is_null($urlsAsString) ? array() : explode("\n", $urlsAsString);
$urlsIDsAsArray = is_null($urlsIDsAsString) ? array() : explode(" ", $urlsIDsAsString);
while ($i < count($urlsAsArray)) while ($i < count($urlsAsArray))
{ {
// if an URL was updated // if an URL was updated
if ($i < count($urlsIDsAsArray)) if ($i < count($urlsIDsAsArray))
{
// save it // save it
$this->save_existing_url($urlsIDsAsArray[$i], $urlsAsArray[$i], $userID); $this->save_existing_url($urlsIDsAsArray[$i], $urlsAsArray[$i], $userID);
}
else else
{
$this->save_new_url($artistID, $urlsAsArray[$i], $userID); $this->save_new_url($artistID, $urlsAsArray[$i], $userID);
}
$i++; $i++;
} }
// if we have more ids than urls, then some urls have been deleted -- delete them from db // if we have more ids than urls, then some urls have been deleted -- delete them from db
while ($i < count($urlsIDsAsArray)) while ($i < count($urlsIDsAsArray))
$this->delete_url($urlsIDsAsArray[$i++]); $this->delete_url($urlsIDsAsArray[$i++]);
@ -649,9 +711,16 @@ class Artists implements Extension {
private function save_existing_alias($aliasID, $alias, $userID) private function save_existing_alias($aliasID, $alias, $userID)
{ {
if (!is_numeric($userID)) return;
if (!is_numeric($aliasID)) return;
global $database; global $database;
$database->execute("UPDATE artist_alias SET alias = ?, updated = now(), user_id = ? WHERE id = ? " $database->execute("UPDATE artist_alias SET alias = ?, updated = now(), user_id = ? WHERE id = ? "
, array($alias, $userID, $aliasID)); , array(
mysql_real_escape_string($alias)
, $userID
, $aliasID
));
} }
private function update_url() private function update_url()
@ -671,9 +740,16 @@ class Artists implements Extension {
private function save_existing_url($urlID, $url, $userID) private function save_existing_url($urlID, $url, $userID)
{ {
if (!is_numeric($userID)) return;
if (!is_numeric($urlID)) return;
global $database; global $database;
$database->execute("UPDATE artist_urls SET url = ?, updated = now(), user_id = ? WHERE id = ?" $database->execute("UPDATE artist_urls SET url = ?, updated = now(), user_id = ? WHERE id = ?"
, array($url, $userID, $urlID)); , array(
mysql_real_escape_string($url)
, $userID
, $urlID
));
} }
private function update_member() private function update_member()
@ -693,10 +769,17 @@ class Artists implements Extension {
private function save_existing_member($memberID, $memberName, $userID) private function save_existing_member($memberID, $memberName, $userID)
{ {
if (!is_numeric($memberID)) return;
if (!is_numeric($userID)) return;
global $database; global $database;
$database->execute("UPDATE artist_members SET name = ?, updated = now(), user_id = ? WHERE id = ?" $database->execute("UPDATE artist_members SET name = ?, updated = now(), user_id = ? WHERE id = ?"
, array($memberName, $userID, $memberID)); , array(
mysql_real_escape_string($memberName)
, $userID
, $memberID
));
} }
/* /*
@ -747,6 +830,10 @@ class Artists implements Extension {
if (strlen($urls)) if (strlen($urls))
{ {
//delete double "separators"
$urls = str_replace("\r\n", "\n", $urls);
$urls = str_replace("\n\r", "\n", $urls);
$urlsArray = explode("\n", $urls); $urlsArray = explode("\n", $urls);
foreach ($urlsArray as $url) foreach ($urlsArray as $url)
if (!$this->url_exists($artistID, $url)) if (!$this->url_exists($artistID, $url))
@ -764,7 +851,11 @@ class Artists implements Extension {
(user_id, name, notes, created, updated) (user_id, name, notes, created, updated)
VALUES VALUES
(?, ?, ?, now(), now())", (?, ?, ?, now(), now())",
array($user->id, $name, $notes)); array(
$user->id
, mysql_real_escape_string($name)
, mysql_real_escape_string($notes)
));
$result = $database->get_row("SELECT LAST_INSERT_ID() AS artistID", array()); $result = $database->get_row("SELECT LAST_INSERT_ID() AS artistID", array());
@ -777,7 +868,10 @@ class Artists implements Extension {
private function artist_exists($name){ private function artist_exists($name){
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artists WHERE name = ?", array($name)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artists WHERE name = ?"
, array(
mysql_real_escape_string($name)
));
return ($result != 0); return ($result != 0);
} }
@ -785,19 +879,54 @@ class Artists implements Extension {
* HERE WE GET THE INFO OF THE ARTIST * HERE WE GET THE INFO OF THE ARTIST
*/ */
private function get_artist($artistID){ private function get_artist($artistID){
global $database; if (!is_numeric($artistID)) return;
return $database->get_row("SELECT * FROM artists WHERE id = ?", array($artistID));
global $database;
$result = $database->get_row("SELECT * FROM artists WHERE id = ?",
array(
$artistID
));
$result["name"] = stripslashes($result["name"]);
$result["notes"] = stripslashes($result["notes"]);
return $result;
} }
private function get_members($artistID) private function get_members($artistID)
{ {
if (!is_numeric($artistID)) return;
global $database; global $database;
return $database->get_all("SELECT * FROM artist_members WHERE artist_id = ?", array($artistID)); $result = $database->get_all("SELECT * FROM artist_members WHERE artist_id = ?"
, array(
$artistID
));
for ($i = 0 ; $i < count($result) ; $i++)
{
$result[$i]["name"] = stripslashes($result[$i]["name"]);
}
return $result;
} }
private function get_urls($artistID) private function get_urls($artistID)
{ {
if (!is_numeric($artistID)) return;
global $database; global $database;
return $database->get_all("SELECT id, url FROM artist_urls WHERE artist_id = ?", array($artistID)); $result = $database->get_all("SELECT id, url FROM artist_urls WHERE artist_id = ?"
, array(
$artistID
));
for ($i = 0 ; $i < count($result) ; $i++)
{
$result[$i]["url"] = stripslashes($result[$i]["url"]);
}
return $result;
} }
/* /*
@ -805,7 +934,10 @@ class Artists implements Extension {
*/ */
private function get_artist_id($name){ private function get_artist_id($name){
global $database; global $database;
$artistID = $database->get_row("SELECT id FROM artists WHERE name = ?", array($name)); $artistID = $database->get_row("SELECT id FROM artists WHERE name = ?"
, array(
mysql_real_escape_string($name)
));
return $artistID['id']; return $artistID['id'];
} }
@ -813,7 +945,10 @@ class Artists implements Extension {
{ {
global $database; global $database;
$artistID = $database->get_row("SELECT artist_id FROM artist_alias WHERE alias = ?", array($alias)); $artistID = $database->get_row("SELECT artist_id FROM artist_alias WHERE alias = ?"
, array(
mysql_real_escape_string($alias)
));
return $artistID["artist_id"]; return $artistID["artist_id"];
} }
@ -823,8 +958,13 @@ class Artists implements Extension {
*/ */
private function delete_artist($artistID) private function delete_artist($artistID)
{ {
if (!is_numeric($artistID)) return;
global $database; global $database;
$database->execute("DELETE FROM artists WHERE id = ? ", array($artistID)); $database->execute("DELETE FROM artists WHERE id = ? "
, array(
$artistID
));
} }
@ -892,7 +1032,17 @@ class Artists implements Extension {
) )
ORDER BY updated DESC ORDER BY updated DESC
LIMIT ?, ? LIMIT ?, ?
", array($pageNumber * $artistsPerPage, $artistsPerPage)); ", array(
$pageNumber * $artistsPerPage
, $artistsPerPage
));
for ($i = 0 ; $i < count($listing) ; $i++)
{
$listing[$i]["name"] = stripslashes($listing[$i]["name"]);
$listing[$i]["user_name"] = stripslashes($listing[$i]["user_name"]);
$listing[$i]["artist_name"] = stripslashes($listing[$i]["artist_name"]);
}
$count = $database->db->GetOne( $count = $database->db->GetOne(
"SELECT COUNT(1) "SELECT COUNT(1)
@ -933,9 +1083,16 @@ class Artists implements Extension {
private function save_new_url($artistID, $url, $userID) private function save_new_url($artistID, $url, $userID)
{ {
if (!is_numeric($artistID)) return;
if (!is_numeric($userID)) return;
global $database; global $database;
$database->execute("INSERT INTO artist_urls (artist_id, created, updated, url, user_id) VALUES (?, now(), now(), ?, ?)" $database->execute("INSERT INTO artist_urls (artist_id, created, updated, url, user_id) VALUES (?, now(), now(), ?, ?)"
, array($artistID, $url, $userID)); , array(
$artistID
, mysql_real_escape_string($url)
, $userID
));
} }
private function add_alias() private function add_alias()
@ -960,9 +1117,16 @@ class Artists implements Extension {
private function save_new_alias($artistID, $alias, $userID) private function save_new_alias($artistID, $alias, $userID)
{ {
if (!is_numeric($artistID)) return;
if (!is_numeric($userID)) return;
global $database; global $database;
$database->execute("INSERT INTO artist_alias (artist_id, created, updated, alias, user_id) VALUES (?, now(), now(), ?, ?)" $database->execute("INSERT INTO artist_alias (artist_id, created, updated, alias, user_id) VALUES (?, now(), now(), ?, ?)"
, array($artistID, $alias, $userID)); , array(
$artistID
, mysql_real_escape_string($alias)
, $userID
));
} }
private function add_members() private function add_members()
@ -986,24 +1150,43 @@ class Artists implements Extension {
private function save_new_member($artistID, $member, $userID) private function save_new_member($artistID, $member, $userID)
{ {
if (!is_numeric($artistID)) return;
if (!is_numeric($userID)) return;
global $database; global $database;
$database->execute("INSERT INTO artist_members (artist_id, name, created, updated, user_id) VALUES (?, ?, now(), now(), ?)" $database->execute("INSERT INTO artist_members (artist_id, name, created, updated, user_id) VALUES (?, ?, now(), now(), ?)"
, array($artistID, $member, $userID)); , array(
$artistID
, mysql_real_escape_string($member)
, $userID
));
} }
private function member_exists($artistID, $member) private function member_exists($artistID, $member)
{ {
if (!is_numeric($artistID)) return;
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE artist_id = ? AND name = ?", array($artistID, $member)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE artist_id = ? AND name = ?"
, array(
$artistID
, mysql_real_escape_string($member)
));
return ($result != 0); return ($result != 0);
} }
private function url_exists($artistID, $url) private function url_exists($artistID, $url)
{ {
if (!is_numeric($artistID)) return;
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE artist_id = ? AND url = ?", array($artistID, $url)); $result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE artist_id = ? AND url = ?"
, array(
$artistID
, mysql_real_escape_string($url)
));
return ($result != 0); return ($result != 0);
} }
@ -1011,13 +1194,21 @@ class Artists implements Extension {
* HERE WE GET THE INFO OF THE ALIAS * HERE WE GET THE INFO OF THE ALIAS
*/ */
private function get_alias($artistID){ private function get_alias($artistID){
if (!is_numeric($artistID)) return;
global $database; global $database;
return $database->get_all("SELECT id AS alias_id, alias AS alias_name ". $result = $database->get_all("SELECT id AS alias_id, alias AS alias_name ".
"FROM artist_alias ". "FROM artist_alias ".
"WHERE artist_id = ? ". "WHERE artist_id = ? ".
"ORDER BY alias ASC" "ORDER BY alias ASC"
, array($artistID)); , array($artistID));
for ($i = 0 ; $i < count($result) ; $i++)
{
$result[$i]["alias_name"] = stripslashes($result[$i]["alias_name"]);
}
return $result;
} }
} }
add_event_listener(new Artists()); add_event_listener(new Artists());

20
contrib/notes/main.php
View File

@ -264,7 +264,7 @@ class Notes extends SimpleExtension {
$noteY1 = int_escape($_POST["note_y1"]); $noteY1 = int_escape($_POST["note_y1"]);
$noteHeight = int_escape($_POST["note_height"]); $noteHeight = int_escape($_POST["note_height"]);
$noteWidth = int_escape($_POST["note_width"]); $noteWidth = int_escape($_POST["note_width"]);
$noteText = html_escape($_POST["note_text"]); $noteText = mysql_real_escape_string(html_escape($_POST["note_text"]));
$database->execute(" $database->execute("
INSERT INTO notes INSERT INTO notes
@ -313,13 +313,13 @@ class Notes extends SimpleExtension {
*/ */
private function update_note() private function update_note()
{ {
$imageID = $_POST["image_id"]; $imageID = int_escape($_POST["image_id"]);
$noteID = $_POST["note_id"]; $noteID = int_escape($_POST["note_id"]);
$noteX1 = $_POST["note_x1"]; $noteX1 = int_escape($_POST["note_x1"]);
$noteY1 = $_POST["note_y1"]; $noteY1 = int_escape($_POST["note_y1"]);
$noteHeight = $_POST["note_height"]; $noteHeight = int_escape($_POST["note_height"]);
$noteWidth = $_POST["note_width"]; $noteWidth = int_escape($_POST["note_width"]);
$noteText = $_POST["note_text"]; $noteText = mysql_real_escape_string(html_escape($_POST["note_text"]));
// validate parameters // validate parameters
if(is_null($imageID) || !is_numeric($imageID)) if(is_null($imageID) || !is_numeric($imageID))
@ -362,8 +362,8 @@ class Notes extends SimpleExtension {
*/ */
private function delete_note() private function delete_note()
{ {
$imageID = $_POST["image_id"]; $imageID = int_escape($_POST["image_id"]);
$noteID = $_POST["note_id"]; $noteID = int_escape($_POST["note_id"]);
// validate parameters // validate parameters
if(is_null($imageID) || !is_numeric($imageID)) if(is_null($imageID) || !is_numeric($imageID))

631
contrib/pools/main.php
View File

@ -7,44 +7,42 @@
* Documentation: * Documentation:
*/ */
class PoolCreationException extends SCoreException {
}
class Pools extends SimpleExtension { class Pools extends SimpleExtension {
public function onInitExt($event) {
global $config, $database;
if ($config->get_int("ext_pools_version") < 1) { public function onInitExt($event) {
global $config, $database;
if ($config->get_int("ext_pools_version") < 1){
$database->create_table("pools", " $database->create_table("pools", "
id SCORE_AIPK, id SCORE_AIPK,
user_id INTEGER NOT NULL, user_id INTEGER NOT NULL,
public SCORE_BOOL NOT NULL DEFAULT SCORE_BOOL_N, public SCORE_BOOL NOT NULL DEFAULT SCORE_BOOL_N,
title VARCHAR(255) NOT NULL, title VARCHAR(255) NOT NULL,
description TEXT, description TEXT,
date DATETIME NOT NULL, date DATETIME NOT NULL,
posts INTEGER NOT NULL DEFAULT 0, posts INTEGER NOT NULL DEFAULT 0,
INDEX (id) INDEX (id)
"); ");
$database->create_table("pool_images", " $database->create_table("pool_images", "
pool_id INTEGER NOT NULL, pool_id INTEGER NOT NULL,
image_id INTEGER NOT NULL, image_id INTEGER NOT NULL,
image_order INTEGER NOT NULL DEFAULT 0 image_order INTEGER NOT NULL DEFAULT 0
"); ");
$database->create_table("pool_history", " $database->create_table("pool_history", "
id SCORE_AIPK, id SCORE_AIPK,
pool_id INTEGER NOT NULL, pool_id INTEGER NOT NULL,
user_id INTEGER NOT NULL, user_id INTEGER NOT NULL,
action INTEGER NOT NULL, action INTEGER NOT NULL,
images TEXT, images TEXT,
count INTEGER NOT NULL DEFAULT 0, count INTEGER NOT NULL DEFAULT 0,
date DATETIME NOT NULL, date DATETIME NOT NULL,
INDEX (id) INDEX (id)
"); ");
$config->set_int("ext_pools_version", 1); $config->set_int("ext_pools_version", 1);
$config->set_int("poolsMaxImportResults", 1000); $config->set_int("poolsMaxImportResults", 1000);
$config->set_int("poolsImagesPerPage", 20); $config->set_int("poolsImagesPerPage", 20);
$config->set_int("poolsListsPerPage", 20); $config->set_int("poolsListsPerPage", 20);
$config->set_int("poolsUpdatedPerPage", 20); $config->set_int("poolsUpdatedPerPage", 20);
$config->set_bool("poolsInfoOnViewImage", "N"); $config->set_bool("poolsInfoOnViewImage", "N");
@ -75,7 +73,7 @@ class Pools extends SimpleExtension {
} }
case "new": // Show form case "new": // Show form
{ {
if(!$user->is_anonymous()) { if(!$user->is_anonymous()){
$this->theme->new_pool_composer($page); $this->theme->new_pool_composer($page);
} else { } else {
$errMessage = "You must be registered and logged in to create a new pool."; $errMessage = "You must be registered and logged in to create a new pool.";
@ -85,23 +83,18 @@ class Pools extends SimpleExtension {
} }
case "create": // ADD _POST case "create": // ADD _POST
{ {
try { if(!$user->is_anonymous()){
if($user->is_anonymous()) { $newPoolID = $this->add_pool();
throw new PoolCreationException("You must be registered and logged in to add a image."); $page->set_mode("redirect");
} $page->set_redirect(make_link("pool/view/".$newPoolID.""));
} else {
$newPoolID = $this->add_pool(); $this->theme->display_error("You must be registered and logged in to add a image.");
$page->set_mode("redirect"); }
$page->set_redirect(make_link("pool/view/".$newPoolID));
}
catch(PoolCreationException $ex) {
$this->theme->display_error($ex->getMessage());
}
break; break;
} }
case "view": case "view":
{ {
$poolID = int_escape($event->get_arg(1)); $poolID = $event->get_arg(1);
$this->get_posts($event, $poolID); $this->get_posts($event, $poolID);
break; break;
} }
@ -112,29 +105,29 @@ class Pools extends SimpleExtension {
} }
case "revert": case "revert":
{ {
if(!$user->is_anonymous()) { if(!$user->is_anonymous()) {
$historyID = int_escape($event->get_arg(1)); $historyID = $event->get_arg(1);
$this->revert_history($historyID); $this->revert_history($historyID);
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/updated")); $page->set_redirect(make_link("pool/updated"));
} }
break; break;
} }
case "edit": case "edit":
{ {
$poolID = int_escape($event->get_arg(1)); $poolID = $event->get_arg(1);
$pools = $this->get_pool($poolID); $pools = $this->get_pool($poolID);
foreach($pools as $pool) { foreach($pools as $pool) {
//if the pool is public and user is logged OR if the user is admin OR the user is the owner //if the pool is public and user is logged OR if the user is admin OR the user is the owner
if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) { if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
$this->theme->edit_pool($page, $this->get_pool($poolID), $this->edit_posts($poolID)); $this->theme->edit_pool($page, $this->get_pool($poolID), $this->edit_posts($poolID));
} else { } else {
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$poolID)); $page->set_redirect(make_link("pool/view/".$poolID.""));
} }
} }
break; break;
} }
@ -142,22 +135,22 @@ class Pools extends SimpleExtension {
{ {
$poolID = int_escape($_POST["pool_id"]); $poolID = int_escape($_POST["pool_id"]);
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/edit/".$poolID)); $page->set_redirect(make_link("pool/edit/".$poolID.""));
break; break;
} }
case "order": case "order":
{ {
$poolID = int_escape($event->get_arg(1)); $poolID = $event->get_arg(1);
$pools = $this->get_pool($poolID); $pools = $this->get_pool($poolID);
foreach($pools as $pool) { foreach($pools as $pool) {
//if the pool is public and user is logged OR if the user is admin //if the pool is public and user is logged OR if the user is admin
if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) { if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
$this->theme->edit_order($page, $this->get_pool($poolID), $this->edit_order($poolID)); $this->theme->edit_order($page, $this->get_pool($poolID), $this->edit_order($poolID));
} else { } else {
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$poolID)); $page->set_redirect(make_link("pool/view/".$poolID.""));
} }
} }
break; break;
} }
@ -165,113 +158,113 @@ class Pools extends SimpleExtension {
{ {
$poolID = int_escape($_POST["pool_id"]); $poolID = int_escape($_POST["pool_id"]);
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/order/".$poolID)); $page->set_redirect(make_link("pool/order/".$poolID.""));
break; break;
} }
case "import": case "import":
{ {
$pool_id = int_escape($_POST["pool_id"]); $pool_id = int_escape($_POST["pool_id"]);
$pool = $this->get_single_pool($pool_id); $pool = $this->get_single_pool($pool_id);
if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) { if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
$this->import_posts(); $this->import_posts();
} else { } else {
$this->theme->display_error("Permssion denied."); $this->theme->display_error("Permssion denied.");
} }
break; break;
} }
case "add_posts": case "add_posts":
{ {
$pool_id = int_escape($_POST["pool_id"]); $pool_id = int_escape($_POST["pool_id"]);
$pool = $this->get_single_pool($pool_id); $pool = $this->get_single_pool($pool_id);
if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) { if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
$this->add_posts(); $this->add_posts();
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$pool_id)); $page->set_redirect(make_link("pool/view/".$pool_id));
} else { } else {
$this->theme->display_error("Permssion denied."); $this->theme->display_error("Permssion denied.");
} }
break; break;
} }
case "order_posts": case "order_posts":
{ {
$pool_id = int_escape($_POST["pool_id"]); $pool_id = int_escape($_POST["pool_id"]);
$pool = $this->get_single_pool($pool_id); $pool = $this->get_single_pool($pool_id);
if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) { if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
$this->order_posts(); $this->order_posts();
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$pool_id)); $page->set_redirect(make_link("pool/view/".$pool_id));
} else { } else {
$this->theme->display_error("Permssion denied."); $this->theme->display_error("Permssion denied.");
} }
break; break;
} }
case "remove_posts": case "remove_posts":
{ {
$pool_id = int_escape($_POST["pool_id"]); $pool_id = int_escape($_POST["pool_id"]);
$pool = $this->get_single_pool($pool_id); $pool = $this->get_single_pool($pool_id);
if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) { if(($pool['public'] == "Y" && !$user->is_anonymous()) || $user->is_admin() || $user->id == $pool['user_id']) {
$this->remove_posts(); $this->remove_posts();
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$pool_id )); $page->set_redirect(make_link("pool/view/".$pool_id ));
} else { } else {
$this->theme->display_error("Permssion denied."); $this->theme->display_error("Permssion denied.");
} }
break; break;
} }
case "nuke": case "nuke":
{ {
$pool_id = int_escape($event->get_arg(1)); $pool_id = $event->get_arg(1);
$pool = $this->get_single_pool($pool_id); $pool = $this->get_single_pool($pool_id);
// only admins and owners may do this // only admins and owners may do this
if($user->is_admin() || $user->id == $pool['user_id']) { if($user->is_admin() || $user->id == $pool['user_id']) {
$this->nuke_pool($pool_id); $this->nuke_pool($pool_id);
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/list")); $page->set_redirect(make_link("pool/list"));
} else { } else {
$this->theme->display_error("Permssion denied."); $this->theme->display_error("Permssion denied.");
} }
break; break;
} }
case "nuke_pool": case "nuke_pool":
{ {
$poolID = int_escape($_POST["pool_id"]); $poolID = int_escape($_POST["pool_id"]);
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/nuke/".$poolID)); $page->set_redirect(make_link("pool/nuke/".$poolID));
break; break;
} }
default: default:
{ {
$page->set_mode("redirect"); $page->set_mode("redirect");
$page->set_redirect(make_link("pool/list")); $page->set_redirect(make_link("pool/list"));
break; break;
} }
} }
} }
} }
/* /*
* HERE WE GET THE POOLS WHERE THE IMAGE APPEARS WHEN THE IMAGE IS DISPLAYED * HERE WE GET THE POOLS WHERE THE IMAGE APPEARS WHEN THE IMAGE IS DISPLAYED
*/ */
public function onDisplayingImage($event) { public function onDisplayingImage($event) {
global $page; global $page;
$imageID = $event->image->id; $imageID = $event->image->id;
$poolsIDs = $this->get_pool_id($imageID); $poolsIDs = $this->get_pool_id($imageID);
$linksPools = ""; $linksPools = "";
foreach ($poolsIDs as $poolID) { foreach ($poolsIDs as $poolID){
$pools = $this->get_pool($poolID['pool_id']); $pools = $this->get_pool($poolID['pool_id']);
foreach ($pools as $pool) { foreach ($pools as $pool){
$linksPools .= "<a href='".make_link("pool/view/".$pool['id'])."'>".$pool['title']."</a>, "; $linksPools .= "<a href='".make_link("pool/view/".$pool['id']."")."'>".$pool['title']."</a>, ";
}
} }
}
$linksPools = substr($linksPools, 0, -2); $linksPools = substr($linksPools, 0, -2);
$linksPools = $linksPools." "; $linksPools = $linksPools." ";
$this->theme->pool_info($linksPools); $this->theme->pool_info($linksPools);
@ -280,131 +273,132 @@ class Pools extends SimpleExtension {
/* /*
* HERE WE GET THE LIST OF POOLS * HERE WE GET THE LIST OF POOLS
*/ */
private function list_pools(Page $page, $event) { private function list_pools(Page $page, $event){
global $config, $database; global $config, $database;
$pageNumber = int_escape($event->get_arg(1)); $pageNumber = $event->get_arg(1);
if(is_null($pageNumber) || !is_numeric($pageNumber)) if(is_null($pageNumber) || !is_numeric($pageNumber))
$pageNumber = 0; $pageNumber = 0;
else if ($pageNumber <= 0) else if ($pageNumber <= 0)
$pageNumber = 0; $pageNumber = 0;
else else
$pageNumber--; $pageNumber--;
$poolsPerPage = $config->get_int("poolsListsPerPage"); $poolsPerPage = $config->get_int("poolsListsPerPage");
$pools = $database->get_all( $pools = $database->get_all(
"SELECT p.id, p.user_id, p.public, p.title, p.description, p.posts, u.name as user_name ". "SELECT p.id, p.user_id, p.public, p.title, p.description, p.posts, u.name as user_name ".
"FROM pools AS p ". "FROM pools AS p ".
"INNER JOIN users AS u ". "INNER JOIN users AS u ".
"ON p.user_id = u.id ". "ON p.user_id = u.id ".
"ORDER BY p.date DESC ". "ORDER BY p.date DESC ".
"LIMIT ?, ?" "LIMIT ?, ?"
, array($pageNumber * $poolsPerPage, $poolsPerPage) , array($pageNumber * $poolsPerPage, $poolsPerPage)
); );
$totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pools") / $poolsPerPage); $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pools") / $poolsPerPage);
$this->theme->list_pools($page, $pools, $pageNumber + 1, $totalPages); $this->theme->list_pools($page, $pools, $pageNumber + 1, $totalPages);
} }
/* /*
* HERE WE CREATE A NEW POOL * HERE WE CREATE A NEW POOL
*/ */
private function add_pool() { private function add_pool(){
global $user, $database; global $user, $database;
$public = html_escape($_POST["public"]); $public = html_escape($_POST["public"]);
$title = html_escape(trim($_POST["title"])); $title = mysql_real_escape_string(html_escape($_POST["title"]));
$description = html_escape(trim($_POST["description"])); $description = mysql_real_escape_string(html_escape($_POST["description"]));
if($public == "") { if($public <> "Y"){
$public = "N"; $public = "N";
} }
if(empty($title)) throw new PoolCreationException("Pool must have a title");
$database->execute(" $database->execute("
INSERT INTO pools INSERT INTO pools
(user_id, public, title, description, date) (user_id, public, title, description, date)
VALUES VALUES
(?, ?, ?, ?, now())", (?, ?, ?, ?, now())",
array($user->id, $public, $title, $description)); array($user->id, $public, $title, $description));
$result = $database->get_row("SELECT LAST_INSERT_ID() AS poolID"); $result = $database->get_row("SELECT LAST_INSERT_ID() AS poolID", array());
log_info("pools", "Pool {$result["poolID"]} created by {$user->name}"); log_info("pools", "Pool {$result["poolID"]} created by {$user->name}");
return $result["poolID"]; return $result["poolID"];
} }
private function get_pool($poolID) { private function get_pool($poolID){
global $database; global $database;
$poolID = int_escape($poolID); $poolID = int_escape($poolID);
return $database->get_all("SELECT * FROM pools WHERE id=?", array($poolID)); return $database->get_all("SELECT * FROM pools WHERE id=?", array($poolID));
} }
private function get_single_pool($poolID) { private function get_single_pool($poolID)
{
global $database; global $database;
$poolID = int_escape($poolID); $poolID = int_escape($poolID);
return $database->get_row("SELECT * FROM pools WHERE id=?", array($poolID)); return $database->get_row("SELECT * FROM pools WHERE id=?", array($poolID));
} }
/* /*
* HERE WE GET THE ID OF THE POOL FROM AN IMAGE * HERE WE GET THE ID OF THE POOL FROM AN IMAGE
*/ */
private function get_pool_id($imageID) { private function get_pool_id($imageID){
global $database; global $database;
$imageID = int_escape($imageID); $imageID = int_escape($imageID);
return $database->get_all("SELECT pool_id FROM pool_images WHERE image_id=?", array($imageID)); return $database->get_all("SELECT pool_id FROM pool_images WHERE image_id =?", array($imageID));
} }
/* /*
* HERE WE GET THE IMAGES FROM THE TAG ON IMPORT * HERE WE GET THE IMAGES FROM THE TAG ON IMPORT
*/ */
private function import_posts() { private function import_posts(){
global $page, $config, $database; global $page, $config, $database;
$pool_id = int_escape($_POST["pool_id"]); $pool_id = int_escape($_POST["pool_id"]);
$pool_tag = html_escape($_POST["pool_tag"]);; $pool_tag = mysql_real_escape_string(html_escape($_POST["pool_tag"]));
$poolsMaxResults = $config->get_int("poolsMaxImportResults", 1000); $poolsMaxResults = $config->get_int("poolsMaxImportResults", 1000);
$images = Image::find_images(0, $poolsMaxResults, Tag::explode($pool_tag)); $images = $images = Image::find_images(0, $poolsMaxResults, Tag::explode($pool_tag));
$this->theme->pool_result($page, $images, $pool_id); $this->theme->pool_result($page, $images, $pool_id);
} }
/* /*
* HERE WE ADD CHECKED IMAGES FROM POOL AND UPDATE THE HISTORY * HERE WE ADD CHECKED IMAGES FROM POOL AND UPDATE THE HISTORY
*/ */
private function add_posts() { //ADD CHECKED POSTS private function add_posts(){ //ADD CHECKED POSTS
global $database; global $database;
$poolID = int_escape($_POST['pool_id']); $poolID = int_escape($_POST['pool_id']);
$images = ""; $images = "";
foreach ($_POST['check'] as $imageID) { foreach ($_POST['check'] as $imageID){
if(!$this->check_post($poolID, $imageID)) {
$database->execute("
INSERT INTO pool_images
(pool_id, image_id)
VALUES
(?, ?)",
array($poolID, $imageID));
$images .= " ".$imageID; if(!$this->check_post($poolID, $imageID)){
$database->execute("
INSERT INTO pool_images
(pool_id, image_id)
VALUES
(?, ?)",
array($poolID, $imageID));
$images .= " ".$imageID;
} }
} }
if(!strlen($images) == 0) { if(!strlen($images) == 0){
$count = $database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?", array($poolID)); $count = $database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?", array($poolID));
$this->add_history($poolID, 1, $images, $count); $this->add_history($poolID, 1, $images, $count);
} }
@ -413,16 +407,16 @@ class Pools extends SimpleExtension {
return $poolID; return $poolID;
} }
private function order_posts() { //ORDER POSTS private function order_posts(){ //ORDER POSTS
global $database; global $database;
$poolID = int_escape($_POST['pool_id']); $poolID = int_escape($_POST['pool_id']);
foreach ($_POST['imgs'] as $data) { foreach ($_POST['imgs'] as $data) {
list ($imageORDER, $imageID) = $data; list ($imageORDER, $imageID) = $data;
$imageID = int_escape($imageID); $imageID = int_escape($imageID);
$database->Execute("UPDATE pool_images SET image_order=? WHERE pool_id=? AND image_id=?", array($imageORDER, $poolID, $imageID)); $database->Execute("UPDATE pool_images SET image_order = ? WHERE pool_id = ? AND image_id = ?", array($imageORDER, $poolID, $imageID));
} }
return $poolID; return $poolID;
@ -431,16 +425,17 @@ class Pools extends SimpleExtension {
/* /*
* HERE WE REMOVE CHECKED IMAGES FROM POOL AND UPDATE THE HISTORY * HERE WE REMOVE CHECKED IMAGES FROM POOL AND UPDATE THE HISTORY
*/ */
private function remove_posts() { private function remove_posts(){
global $database; global $database;
$poolID = int_escape($_POST['pool_id']); $poolID = int_escape($_POST['pool_id']);
$images = ""; $images = "";
foreach ($_POST['check'] as $imageID) { foreach ($_POST['check'] as $imageID){
$database->execute("DELETE FROM pool_images WHERE pool_id=? AND image_id=?", array($poolID, $imageID)); $database->execute("DELETE FROM pool_images WHERE pool_id = ? AND image_id = ?", array($poolID, $imageID));
$images .= " ".$imageID; $images .= " ".$imageID;
} }
@ -452,10 +447,10 @@ class Pools extends SimpleExtension {
/* /*
* HERE WE CHECK IF THE POST IS ALREADY ON POOL * HERE WE CHECK IF THE POST IS ALREADY ON POOL
* USED IN add_posts() * USED IN add_posts()
*/ */
private function check_post($poolID, $imageID) { private function check_post($poolID, $imageID){
global $database; global $database;
$result = $database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=? AND image_id=?", array($poolID, $imageID)); $result = $database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=? AND image_id=?", array($poolID, $imageID));
if($result == 0) { if($result == 0) {
@ -468,61 +463,74 @@ class Pools extends SimpleExtension {
/* /*
* HERE WE GET ALL IMAGES FOR THE POOL * HERE WE GET ALL IMAGES FOR THE POOL
*/ */
private function get_posts($event, $poolID) { private function get_posts($event, $poolID){
global $config, $user, $database; global $config, $user, $database;
$pageNumber = int_esscape($event->get_arg(2)); $pageNumber = $event->get_arg(2);
if(is_null($pageNumber) || !is_numeric($pageNumber)) if(is_null($pageNumber) || !is_numeric($pageNumber))
$pageNumber = 0; $pageNumber = 0;
else if ($pageNumber <= 0) else if ($pageNumber <= 0)
$pageNumber = 0; $pageNumber = 0;
else else
$pageNumber--; $pageNumber--;
$poolID = int_escape($poolID); $poolID = int_escape($poolID);
$imagesPerPage = $config->get_int("poolsImagesPerPage"); $imagesPerPage = $config->get_int("poolsImagesPerPage");
// WE CHECK IF THE EXTENSION RATING IS INSTALLED, WICH VERSION AND IF IT WORKS TO SHOW/HIDE SAFE, QUESTIONABLE, EXPLICIT AND UNRATED IMAGES FROM USER // WE CHECK IF THE EXTENSION RATING IS INSTALLED, WICH VERSION AND IF IT WORKS TO SHOW/HIDE SAFE, QUESTIONABLE, EXPLICIT AND UNRATED IMAGES FROM USER
if(class_exists("Ratings") && $config->get_int("ext_ratings2_version") < 3) { if($config->get_int("ext_ratings2_version") < 3) {
$result = $database->get_all("SELECT image_id ". $result = $database->get_all("SELECT image_id ".
"FROM pool_images ". "FROM pool_images ".
"WHERE pool_id=? ". "WHERE pool_id=? ".
"ORDER BY image_order ASC ". "ORDER BY image_order ASC ".
"LIMIT ?, ?" "LIMIT ?, ?"
, array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage)); , array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage));
$totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?",array($poolID)) / $imagesPerPage); $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?",array($poolID)) / $imagesPerPage);
} }
if(class_exists("Ratings") && $config->get_int("ext_ratings2_version") >= 3) { if($config->get_int("ext_ratings2_version") >= 3) {
$rating = Ratings::privs_to_sql(Ratings::get_user_privs($user)); if($user->is_anonymous()) {
$sqes = $config->get_string("ext_rating_anon_privs");
}
else if($user->is_admin()) {
$sqes = $config->get_string("ext_rating_admin_privs");
}
else {
$sqes = $config->get_string("ext_rating_user_privs");
}
$arr = array();
for($i=0; $i<strlen($sqes); $i++) {
$arr[] = "'" . $sqes[$i] . "'";
}
$rating = join(', ', $arr);
$result = $database->get_all("SELECT p.image_id $result = $database->get_all("SELECT p.image_id ".
FROM pool_images AS p "FROM pool_images AS p ".
INNER JOIN images AS i "INNER JOIN images AS i ".
ON i.id = p.image_id "ON i.id = p.image_id ".
WHERE p.pool_id = ? "WHERE p.pool_id = ? ".
AND i.rating IN ($rating) "AND i.rating IN ($rating) ".
ORDER BY p.image_order ASC "ORDER BY p.image_order ASC ".
LIMIT ?, ?", "LIMIT ?, ?"
array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage)); , array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage));
$totalPages = ceil($database->db->GetOne("SELECT COUNT(*) ". $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) ".
"FROM pool_images AS p ". "FROM pool_images AS p ".
"INNER JOIN images AS i ". "INNER JOIN images AS i ".
"ON i.id = p.image_id ". "ON i.id = p.image_id ".
"WHERE pool_id=? ". "WHERE pool_id=? ".
"AND i.rating IN ($rating) " "AND i.rating IN ($rating) "
,array($poolID)) / $imagesPerPage); ,array($poolID)) / $imagesPerPage);
} }
$images = array(); $images = array();
foreach ($result as $singleResult) { foreach ($result as $singleResult) {
$image = Image::by_id($singleResult["image_id"]); $image = Image::by_id($singleResult["image_id"]);
$images[] = array($image); $images[] = array($image);
} }
$pool = $this->get_pool($poolID); $pool = $this->get_pool($poolID);
$this->theme->view_pool($pool, $images, $pageNumber + 1, $totalPages); $this->theme->view_pool($pool, $images, $pageNumber + 1, $totalPages);
@ -530,9 +538,9 @@ class Pools extends SimpleExtension {
/* /*
* WE GET THE ORDER OF THE IMAGES * WE GET THE ORDER OF THE IMAGES
*/ */
private function edit_posts($poolID) { private function edit_posts($poolID){
global $database; global $database;
$poolID = int_escape($poolID); $poolID = int_escape($poolID);
@ -551,9 +559,9 @@ class Pools extends SimpleExtension {
/* /*
* WE GET THE ORDER OF THE IMAGES BUT HERE WE SEND KEYS ADDED IN ARRAY TO GET THE ORDER IN THE INPUT VALUE * WE GET THE ORDER OF THE IMAGES BUT HERE WE SEND KEYS ADDED IN ARRAY TO GET THE ORDER IN THE INPUT VALUE
*/ */
private function edit_order($poolID) { private function edit_order($poolID){
global $database; global $database;
$poolID = int_escape($poolID); $poolID = int_escape($poolID);
@ -562,38 +570,38 @@ class Pools extends SimpleExtension {
$images = array(); $images = array();
while(!$result->EOF) { while(!$result->EOF) {
$image = $database->get_row("SELECT * FROM images AS i ". $image = $database->get_row("SELECT * FROM images AS i ".
"INNER JOIN pool_images AS p ". "INNER JOIN pool_images AS p ".
"ON i.id = p.image_id ". "ON i.id = p.image_id ".
"WHERE pool_id=? AND i.id=?" "WHERE pool_id=? AND i.id=?"
, array($poolID, $result->fields["image_id"])); , array($poolID, $result->fields["image_id"]));
$image = ($image ? new Image($image) : null); $image = ($image ? new Image($image) : null);
$images[] = array($image); $images[] = array($image);
$result->MoveNext(); $result->MoveNext();
} }
// Original code // Original code
// //
// $images = array(); // $images = array();
// while(!$result->EOF) { // while(!$result->EOF) {
// $image = Image::by_id($result->fields["image_id"]); // $image = Image::by_id($result->fields["image_id"]);
// $images[] = array($image); // $images[] = array($image);
// $result->MoveNext(); // $result->MoveNext();
// } // }
return $images; return $images;
} }
/* /*
* HERE WE NUKE ENTIRE POOL. WE REMOVE POOLS AND POSTS FROM REMOVED POOL AND HISTORIES ENTRIES FROM REMOVED POOL * HERE WE NUKE ENTIRE POOL. WE REMOVE POOLS AND POSTS FROM REMOVED POOL AND HISTORIES ENTRIES FROM REMOVED POOL
*/ */
private function nuke_pool($poolID) { private function nuke_pool($poolID){
global $user, $database; global $user, $database;
if($user->is_admin()) { if($user->is_admin()){
$database->execute("DELETE FROM pool_history WHERE pool_id = ?", array($poolID)); $database->execute("DELETE FROM pool_history WHERE pool_id = ?", array($poolID));
$database->execute("DELETE FROM pool_images WHERE pool_id = ?", array($poolID)); $database->execute("DELETE FROM pool_images WHERE pool_id = ?", array($poolID));
$database->execute("DELETE FROM pools WHERE id = ?", array($poolID)); $database->execute("DELETE FROM pools WHERE id = ?", array($poolID));
} elseif(!$user->is_anonymous()) { } elseif(!$user->is_anonymous()){
// WE CHECK IF THE USER IS THE OWNER OF THE POOL IF NOT HE CAN'T DO ANYTHING // WE CHECK IF THE USER IS THE OWNER OF THE POOL IF NOT HE CAN'T DO ANYTHING
$database->execute("DELETE FROM pool_history WHERE pool_id = ?", array($poolID)); $database->execute("DELETE FROM pool_history WHERE pool_id = ?", array($poolID));
$database->execute("DELETE FROM pool_images WHERE pool_id = ?", array($poolID)); $database->execute("DELETE FROM pool_images WHERE pool_id = ?", array($poolID));
@ -604,50 +612,50 @@ class Pools extends SimpleExtension {
/* /*
* HERE WE ADD A HISTORY ENTRY * HERE WE ADD A HISTORY ENTRY
* FOR $action 1 (one) MEANS ADDED, 0 (zero) MEANS REMOVED * FOR $action 1 (one) MEANS ADDED, 0 (zero) MEANS REMOVED
*/ */
private function add_history($poolID, $action, $images, $count) { private function add_history($poolID, $action, $images, $count){
global $user, $database; global $user, $database;
$user_id = $user->id; $user_id = $user->id;
$database->execute(" $database->execute("
INSERT INTO pool_history INSERT INTO pool_history
(pool_id, user_id, action, images, count, date) (pool_id, user_id, action, images, count, date)
VALUES VALUES
(?, ?, ?, ?, ?, now())", (?, ?, ?, ?, ?, now())",
array($poolID, $user_id, $action, $images, $count)); array($poolID, $user_id, $action, $images, $count));
} }
/* /*
* HERE WE GET THE HISTORY LIST * HERE WE GET THE HISTORY LIST
*/ */
private function get_history($event) { private function get_history($event){
global $config, $database; global $config, $database;
$pageNumber = $event->get_arg(1); $pageNumber = $event->get_arg(1);
if(is_null($pageNumber) || !is_numeric($pageNumber)) if(is_null($pageNumber) || !is_numeric($pageNumber))
$pageNumber = 0; $pageNumber = 0;
else if ($pageNumber <= 0) else if ($pageNumber <= 0)
$pageNumber = 0; $pageNumber = 0;
else else
$pageNumber--; $pageNumber--;
$historiesPerPage = $config->get_int("poolsUpdatedPerPage"); $historiesPerPage = $config->get_int("poolsUpdatedPerPage");
$history = $database->get_all( $history = $database->get_all(
"SELECT h.id, h.pool_id, h.user_id, h.action, h.images, h.count, h.date, u.name as user_name, p.title as title ". "SELECT h.id, h.pool_id, h.user_id, h.action, h.images, h.count, h.date, u.name as user_name, p.title as title ".
"FROM pool_history AS h ". "FROM pool_history AS h ".
"INNER JOIN pools AS p ". "INNER JOIN pools AS p ".
"ON p.id = h.pool_id ". "ON p.id = h.pool_id ".
"INNER JOIN users AS u ". "INNER JOIN users AS u ".
"ON h.user_id = u.id ". "ON h.user_id = u.id ".
"ORDER BY h.date DESC ". "ORDER BY h.date DESC ".
"LIMIT ?, ?" "LIMIT ?, ?"
, array($pageNumber * $historiesPerPage, $historiesPerPage)); , array($pageNumber * $historiesPerPage, $historiesPerPage));
$totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_history") / $historiesPerPage); $totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_history") / $historiesPerPage);
@ -657,13 +665,14 @@ class Pools extends SimpleExtension {
/* /*
* HERE GO BACK IN HISTORY AND ADD OR REMOVE POSTS TO POOL * HERE GO BACK IN HISTORY AND ADD OR REMOVE POSTS TO POOL
*/ */
private function revert_history($historyID) { private function revert_history($historyID){
global $database; global $database;
$status = $database->get_all("SELECT * FROM pool_history WHERE id=?", array($historyID)); $status = $database->get_all("SELECT * FROM pool_history WHERE id=?", array($historyID));
foreach ($status as $entry) { foreach ($status as $entry)
{
$images = trim($entry['images']); $images = trim($entry['images']);
$images = explode(" ", $images); $images = explode(" ", $images);
$poolID = $entry['pool_id']; $poolID = $entry['pool_id'];
@ -697,35 +706,35 @@ class Pools extends SimpleExtension {
/* /*
* HERE WE ADD A SIMPLE POST FROM POOL * HERE WE ADD A SIMPLE POST FROM POOL
* USED WITH FOREACH IN revert_history() * USED WITH FOREACH IN revert_history()
*/ */
private function add_post($poolID, $imageID) { private function add_post($poolID, $imageID){
global $database; global $database;
if(!$this->check_post($poolID, $imageID)) { if(!$this->check_post($poolID, $imageID)){
$database->execute(" $database->execute("
INSERT INTO pool_images INSERT INTO pool_images
(pool_id, image_id) (pool_id, image_id)
VALUES VALUES
(?, ?)", (?, ?)",
array($poolID, $imageID)); array($poolID, $imageID));
} }
$database->execute("UPDATE pools SET posts=(SELECT COUNT(*) FROM pool_images WHERE pool_id=?) WHERE id=?", array($poolID, $poolID)); $database->execute("UPDATE pools SET posts=(SELECT COUNT(*) FROM pool_images WHERE pool_id=?) WHERE id=?", array($poolID, $poolID));
} }
/* /*
* HERE WE REMOVE A SIMPLE POST FROM POOL * HERE WE REMOVE A SIMPLE POST FROM POOL
* USED WITH FOREACH IN revert_history() * USED WITH FOREACH IN revert_history()
*/ */
private function delete_post($poolID, $imageID) { private function delete_post($poolID, $imageID){
global $database; global $database;
$database->execute("DELETE FROM pool_images WHERE pool_id = ? AND image_id = ?", array($poolID, $imageID)); $database->execute("DELETE FROM pool_images WHERE pool_id = ? AND image_id = ?", array($poolID, $imageID));
$database->execute("UPDATE pools SET posts=(SELECT COUNT(*) FROM pool_images WHERE pool_id=?) WHERE id=?", array($poolID, $poolID)); $database->execute("UPDATE pools SET posts=(SELECT COUNT(*) FROM pool_images WHERE pool_id=?) WHERE id=?", array($poolID, $poolID));
} }
} }

448
contrib/pools/theme.php
View File

@ -2,14 +2,14 @@
class PoolsTheme extends Themelet { class PoolsTheme extends Themelet {
/* /*
* HERE WE ADD THE POOL INFO ON IMAGE * HERE WE ADD THE POOL INFO ON IMAGE
*/ */
public function pool_info($linksPools) { public function pool_info($linksPools){
global $config, $page; global $config, $page;
$editor = 'This post belongs to the '.$linksPools.' pool.'; $editor = 'This post belongs to the '.$linksPools.' pool.';
if($config->get_bool("poolsInfoOnViewImage")) { if($config->get_bool("poolsInfoOnViewImage")){
if($linksPools <> " ") { if($linksPools <> " "){
$page->add_block(new Block("Pool Info", $editor, "main", 1)); $page->add_block(new Block("Pool Info", $editor, "main", 1));
} }
} }
@ -18,129 +18,124 @@ class PoolsTheme extends Themelet {
/* /*
* HERE WE SHOWS THE LIST OF POOLS * HERE WE SHOWS THE LIST OF POOLS
*/ */
public function list_pools(Page $page, $pools, $pageNumber, $totalPages) { public function list_pools(Page $page, $pools, $pageNumber, $totalPages)
{
global $user; global $user;
$html = '<table id="poolsList" class="zebra">'. $html = '<table id="poolsList" class="zebra">'.
"<thead><tr>". "<thead><tr>".
"<th>Name</th>". "<th>Name</th>".
"<th>Creator</th>". "<th>Creator</th>".
"<th>Posts</th>". "<th>Posts</th>".
"<th>Public</th>"; "<th>Public</th>";
if($user->is_admin()) { if($user->is_admin()){
$html .= "<th>Action</th>"; $html .= "<th>Action</th>";
} }
$html .= "</tr></thead>"; $html .= "</tr></thead>";
$n = 0; $n = 0;
foreach ($pools as $pool) { foreach ($pools as $pool)
$oe = ($n++ % 2 == 0) ? "even" : "odd"; {
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_link = '<a href="'.make_link("pool/view/".$pool['id']).'">'.$pool['title']."</a>"; $pool_link = '<a href="'.make_link("pool/view/".$pool['id']).'">'.$pool['title']."</a>";
$user_link = '<a href="'.make_link("user/".$pool['user_name']).'">'.$pool['user_name']."</a>"; $user_link = '<a href="'.make_link("user/".$pool['user_name']).'">'.$pool['user_name']."</a>";
$del_link = '<a href="'.make_link("pool/nuke/".$pool['id']).'">Delete</a>'; $del_link = '<a href="'.make_link("pool/nuke/".$pool['id']).'">Delete</a>';
if($pool['public'] == "Y") { if($pool['public'] == "Y"){
$public = "Yes"; $public = "Yes";
} elseif($pool['public'] == "N") { } elseif($pool['public'] == "N"){
$public = "No"; $public = "No";
} }
$html .= "<tr class='$oe'>". $html .= "<tr class='$oe'>".
"<td class='left'>".$pool_link."</td>". "<td class='left'>".$pool_link."</td>".
"<td>".$user_link."</td>". "<td>".$user_link."</td>".
"<td>".$pool['posts']."</td>". "<td>".$pool['posts']."</td>".
"<td>".$public."</td>"; "<td>".$public."</td>";
if($user->is_admin()) { if($user->is_admin()){
$html .= "<td>".$del_link."</td>"; $html .= "<td>".$del_link."</td>";
} }
$html .= "</tr>"; $html .= "</tr>";
} }
if(!$user->is_anonymous()) {
$html .= "<tfoot><tr><td colspan='5'><a href='".make_link("pool/new")."'>Create New</a></td></tr></tfoot>";
}
$html .= "</tbody></table>"; $html .= "</tbody></table>";
$blockTitle = "Pools"; $blockTitle = "Pools";
$page->set_title(html_escape($blockTitle)); $page->set_title(html_escape($blockTitle));
$page->set_heading(html_escape($blockTitle)); $page->set_heading(html_escape($blockTitle));
$page->add_block(new Block($blockTitle, $html, "main", 10)); $page->add_block(new Block($blockTitle, $html, "main", 10));
$this->display_paginator($page, "pool/list", null, $pageNumber, $totalPages); $this->display_paginator($page, "pool/list", null, $pageNumber, $totalPages);
} }
/* /*
* HERE WE DISPLAY THE NEW POOL COMPOSER * HERE WE DISPLAY THE NEW POOL COMPOSER
*/ */
public function new_pool_composer(Page $page) { public function new_pool_composer(Page $page)
$html = "<form action=".make_link("pool/create")." method='POST'> {
<table> $html = "<form action=".make_link("pool/create")." method='POST'>
<tr><td>Title:</td><td><input type='text' name='title'></td></tr> <table>
<tr><td>Public?</td><td><input name='public' type='checkbox' value='Y' checked='checked'/></td></tr> <tr><td>Title:</td><td><input type='text' name='title'></td></tr>
<tr><td>Description:</td><td><textarea name='description'></textarea></td></tr> <tr><td>Public?</td><td><input name='public' type='checkbox' value='Y' checked='checked'/></td></tr>
<tr><td colspan='2'><input type='submit' value='Create' /></td></tr> <tr><td>Description:</td><td><textarea name='description'></textarea></td></tr>
</table> <tr><td colspan='2'><input type='submit' value='Submit' /></td></tr>
</table>
"; ";
$blockTitle = "Create Pool"; $blockTitle = "Create Pool";
$page->set_title(html_escape($blockTitle)); $page->set_title(html_escape($blockTitle));
$page->set_heading(html_escape($blockTitle)); $page->set_heading(html_escape($blockTitle));
$page->add_block(new Block($blockTitle, $html, "main", 10)); $page->add_block(new Block($blockTitle, $html, "main", 10));
} }
/* /*
* HERE WE DISPLAY THE POOL WITH TITLE DESCRIPTION AND IMAGES WITH PAGINATION * HERE WE DISPLAY THE POOL WITH TITLE DESCRIPTION AND IMAGES WITH PAGINATION
*/ */
public function view_pool($pools, $images, $pageNumber, $totalPages) { public function view_pool($pools, $images, $pageNumber, $totalPages)
{
global $user, $page; global $user, $page;
$pool_info = "<table id='poolsList' class='zebra'>". $pool_info = "<table id='poolsList' class='zebra'>".
"<thead><tr>". "<thead><tr>".
"<th class='left'>Title</th>". "<th class='left'>Title</th>".
"<th class='left'>Description</th>". "<th class='left'>Description</th>".
"</tr></thead>"; "</tr></thead>";
$n = 0; $n = 0;
foreach ($pools as $pool) { foreach ($pools as $pool)
$oe = ($n++ % 2 == 0) ? "even" : "odd"; {
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_info .= "<tr class='$oe'>". $pool_info .= "<tr class='$oe'>".
"<td class='left'>".$pool['title']."</td>". "<td class='left'>".$pool['title']."</td>".
"<td class='left'>".$pool['description']."</td>". "<td class='left'>".$pool['description']."</td>".
"</tr>"; "</tr>";
// this will make disasters if more than one pool comes in the parameter // this will make disasters if more than one pool comes in the parameter
if($pool['public'] == "Y" || $user->is_admin()) {// IF THE POOL IS PUBLIC OR IS ADMIN SHOW EDIT PANEL if($pool['public'] == "Y" || $user->is_admin()){// IF THE POOL IS PUBLIC OR IS ADMIN SHOW EDIT PANEL
if(!$user->is_anonymous()) {// IF THE USER IS REGISTERED AND LOGGED IN SHOW EDIT PANEL if(!$user->is_anonymous()){// IF THE USER IS REGISTERED AND LOGGED IN SHOW EDIT PANEL
$this->sidebar_options($page, $pool); $this->sidebar_options($page, $pool);
} }
} }
$this->display_paginator($page, "pool/view/".$pool['id'], null, $pageNumber, $totalPages); $this->display_paginator($page, "pool/view/".$pool['id']."", null, $pageNumber, $totalPages);
} }
$pool_info .= "</tbody></table>"; $pool_info .= "</tbody></table>";
if(count($pools) == 1) { $page->set_title("Viewing Pool");
$page->set_title("Pool: ".html_escape($pool['title'])); $page->set_heading("Viewing Pool");
$page->set_heading(html_escape($pool['title'])); $page->add_block(new Block("Viewing Pool", $pool_info, "main", 10));
$page->add_block(new Block("Viewing Pool", $pool_info, "main", 10));
}
else {
$page->set_title("Viewing Pool");
$page->set_heading("Viewing Pool");
$page->add_block(new Block("Viewing Pool", $pool_info, "main", 10));
}
$pool_images = ''; $pool_images = '';
foreach($images as $pair) { foreach($images as $pair) {
@ -149,52 +144,52 @@ class PoolsTheme extends Themelet {
$thumb_html = $this->build_thumb_html($image); $thumb_html = $this->build_thumb_html($image);
$pool_images .= '<span class="thumb">'. $pool_images .= '<span class="thumb">'.
'<a href="$image_link">'.$thumb_html.'</a>'. '<a href="$image_link">'.$thumb_html.'</a>'.
'</span>'; '</span>';
} }
//$pool_images .= print_r($images); //$pool_images .= print_r($images);
$page->add_block(new Block("Viewing Posts", $pool_images, "main", 30)); $page->add_block(new Block("Viewing Posts", $pool_images, "main", 30));
} }
/* /*
* HERE WE DISPLAY THE POOL OPTIONS ON SIDEBAR BUT WE HIDE REMOVE OPTION IF THE USER IS NOT THE OWNER OR ADMIN * HERE WE DISPLAY THE POOL OPTIONS ON SIDEBAR BUT WE HIDE REMOVE OPTION IF THE USER IS NOT THE OWNER OR ADMIN
*/ */
public function sidebar_options(Page $page, $pool) { public function sidebar_options(Page $page, $pool){
global $user; global $user;
$editor = " <form action='".make_link("pool/import")."' method='POST'> $editor = " <form action='".make_link("pool/import")."' method='POST'>
<input type='text' name='pool_tag' id='edit' value='Please enter a tag' onclick='this.value=\"\";'/> <input type='text' name='pool_tag' id='edit' value='Please enter a tag' onclick='this.value=\"\";'/>
<input type='submit' name='edit' id='edit' value='Import'/> <input type='submit' name='edit' id='edit' value='Import'/>
<input type='hidden' name='pool_id' value='".$pool['id']."'> <input type='hidden' name='pool_id' value='".$pool['id']."'>
</form> </form>
<form id='form1' name='form1' method='post' action='".make_link("pool/edit_pool")."'> <form id='form1' name='form1' method='post' action='".make_link("pool/edit_pool")."'>
<input type='submit' name='edit' id='edit' value='Edit Pool'/> <input type='submit' name='edit' id='edit' value='Edit Pool'/>
<input type='hidden' name='pool_id' value='".$pool['id']."'> <input type='hidden' name='pool_id' value='".$pool['id']."'>
</form> </form>
<form id='form1' name='form1' method='post' action='".make_link("pool/edit_order")."'> <form id='form1' name='form1' method='post' action='".make_link("pool/edit_order")."'>
<input type='submit' name='edit' id='edit' value='Order Pool'/> <input type='submit' name='edit' id='edit' value='Order Pool'/>
<input type='hidden' name='pool_id' value='".$pool['id']."'> <input type='hidden' name='pool_id' value='".$pool['id']."'>
</form> </form>
"; ";
if($user->id == $pool['user_id'] || $user->is_admin()) { if($user->id == $pool['user_id'] || $user->is_admin()){
$editor .= " $editor .= "
<script type='text/javascript'> <script type='text/javascript'>
function confirm_action() { function confirm_action() {
return confirm('Are you sure that you want to delete this pool?'); return confirm('Are you sure that you want to delete this pool?');
} }
</script> </script>
<form action='".make_link("pool/nuke_pool")."' method='POST'> <form action='".make_link("pool/nuke_pool")."' method='POST'>
<input type='submit' name='delete' id='delete' value='Delete Pool' onclick='return confirm_action()' /> <input type='submit' name='delete' id='delete' value='Delete Pool' onclick='return confirm_action()' />
<input type='hidden' name='pool_id' value='".$pool['id']."'> <input type='hidden' name='pool_id' value='".$pool['id']."'>
</form> </form>
"; ";
} }
$page->add_block(new Block("Manage Pool", $editor, "left", 10)); $page->add_block(new Block("Manage Pool", $editor, "left", 10));
} }
@ -202,65 +197,65 @@ class PoolsTheme extends Themelet {
/* /*
* HERE WE DISPLAY THE RESULT OF THE SEARCH ON IMPORT * HERE WE DISPLAY THE RESULT OF THE SEARCH ON IMPORT
*/ */
public function pool_result(Page $page, $images, $pool_id) { public function pool_result(Page $page, $images, $pool_id){
$pool_images = " $pool_images = "
<script language='JavaScript' type='text/javascript'> <script language='JavaScript' type='text/javascript'>
function checkAll() function checkAll()
{ {
var a=new Array(); var a=new Array();
a=document.getElementsByName('check[]'); a=document.getElementsByName('check[]');
var p=0; var p=0;
for(i=0;i<a.length;i++) { for(i=0;i<a.length;i++){
a[i].checked = true ; a[i].checked = true ;
}
} }
}
function uncheckAll() function uncheckAll()
{ {
var a=new Array(); var a=new Array();
a=document.getElementsByName('check[]'); a=document.getElementsByName('check[]');
var p=0; var p=0;
for(i=0;i<a.length;i++) { for(i=0;i<a.length;i++){
a[i].checked = false ; a[i].checked = false ;
} }
} }
</script> </script>
<script type='text/javascript'> <script type='text/javascript'>
function confirm_action() { function confirm_action() {
return confirm('Are you sure you want to add selected posts to this pool?'); return confirm('Are you sure you want to add selected posts to this pool?');
} }
</script> </script>
"; ";
$pool_images .= "<form action='".make_link("pool/add_posts")."' method='POST' name='checks'>"; $pool_images .= "<form action='".make_link("pool/add_posts")."' method='POST' name='checks'>";
foreach($images as $image) { foreach($images as $image) {
$thumb_html = $this->build_thumb_html($image); $thumb_html = $this->build_thumb_html($image);
$pool_images .= '<span class="thumb">'. $pool_images .= '<span class="thumb">'.
'<a href="$image_link">'.$thumb_html.'</a>'. '<a href="$image_link">'.$thumb_html.'</a>'.
'<br>'. '<br>'.
'<input name="check[]" type="checkbox" value="'.$image->id.'" />'. '<input name="check[]" type="checkbox" value="'.$image->id.'" />'.
'</span>'; '</span>';
} }
$pool_images .= "<br>". $pool_images .= "<br>".
"<input type='submit' name='edit' id='edit' value='Add Selected' onclick='return confirm_action()'/>". "<input type='submit' name='edit' id='edit' value='Add Selected' onclick='return confirm_action()'/>".
"<input type='hidden' name='pool_id' value='".$pool_id."'>". "<input type='hidden' name='pool_id' value='".$pool_id."'>".
"</form>"; "</form>";
$page->add_block(new Block("Import", $pool_images, "main", 10)); $page->add_block(new Block("Import", $pool_images, "main", 10));
$editor = " $editor = "
<input type='button' name='CheckAll' value='Check All' onClick='checkAll()'> <input type='button' name='CheckAll' value='Check All' onClick='checkAll()'>
<input type='button' name='UnCheckAll' value='Uncheck All' onClick='uncheckAll()'> <input type='button' name='UnCheckAll' value='Uncheck All' onClick='uncheckAll()'>
"; ";
$page->add_block(new Block("Manage Pool", $editor, "left", 10)); $page->add_block(new Block("Manage Pool", $editor, "left", 10));
} }
@ -268,26 +263,28 @@ class PoolsTheme extends Themelet {
/* /*
* HERE WE DISPLAY THE POOL ORDERER * HERE WE DISPLAY THE POOL ORDERER
* WE LIST ALL IMAGES ON POOL WITHOUT PAGINATION AND WITH A TEXT INPUT TO SET A NUMBER AND CHANGE THE ORDER * WE LIST ALL IMAGES ON POOL WITHOUT PAGINATION AND WITH A TEXT INPUT TO SET A NUMBER AND CHANGE THE ORDER
*/ */
public function edit_order(Page $page, $pools, $images) { public function edit_order(Page $page, $pools, $images)
{
global $user; global $user;
$pool_info = "<table id='poolsList' class='zebra'>". $pool_info = "<table id='poolsList' class='zebra'>".
"<thead><tr>". "<thead><tr>".
"<th class='left'>Title</th>". "<th class='left'>Title</th>".
"<th class='left'>Description</th>". "<th class='left'>Description</th>".
"</tr></thead>"; "</tr></thead>";
$n = 0; $n = 0;
foreach ($pools as $pool) { foreach ($pools as $pool)
$oe = ($n++ % 2 == 0) ? "even" : "odd"; {
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_info .= "<tr class='$oe'>". $pool_info .= "<tr class='$oe'>".
"<td class='left'>".$pool['title']."</td>". "<td class='left'>".$pool['title']."</td>".
"<td class='left'>".$pool['description']."</td>". "<td class='left'>".$pool['description']."</td>".
"</tr>"; "</tr>";
} }
@ -295,25 +292,30 @@ class PoolsTheme extends Themelet {
$page->set_title("Sorting Pool"); $page->set_title("Sorting Pool");
$page->set_heading("Sorting Pool"); $page->set_heading("Sorting Pool");
$page->add_block(new Block("Sorting Pool", $pool_info, "main", 10)); $page->add_block(new Block("Sorting Pool", $pool_info, "main", 10));
$pool_images = "<form action='".make_link("pool/order_posts")."' method='POST' name='checks'>"; $pool_images = "<form action='".make_link("pool/order_posts")."' method='POST' name='checks'>";
$n = 0; $n = 0;
foreach($images as $pair) { foreach($images as $pair) {
$image = $pair[0]; $image = $pair[0];
$thumb_html = $this->build_thumb_html($image); $thumb_html = $this->build_thumb_html($image);
$pool_images .= '<span class="thumb">'. $pool_images .= '<span class="thumb">'.
'<a href="$image_link">'.$thumb_html.'</a>'; '<a href="$image_link">'.$thumb_html.'</a>';
$pool_images .= '<br><input name="imgs['.$n.'][]" type="text" width="50px" value="'.$image->image_order.'" />'.
'<input name="imgs['.$n.'][]" type="hidden" value="'.$image->id.'" />';
$n = $n+1; $pool_images .= '<br><input name="imgs['.$n.'][]" type="text" style="max-width:50px;" value="'.$image->image_order.'" />'.
'<input name="imgs['.$n.'][]" type="hidden" value="'.$image->id.'" />';
$n = $n+1;
$pool_images .= '</span>'; $pool_images .= '</span>';
} }
$pool_images .= "<br>". $pool_images .= "<br>".
"<input type='submit' name='edit' id='edit' value='Order'/>". "<input type='submit' name='edit' id='edit' value='Order'/>".
"<input type='hidden' name='pool_id' value='".$pool['id']."'>". "<input type='hidden' name='pool_id' value='".$pool['id']."'>".
"</form>"; "</form>";
$page->add_block(new Block("Sorting Posts", $pool_images, "main", 30)); $page->add_block(new Block("Sorting Posts", $pool_images, "main", 30));
} }
@ -321,26 +323,28 @@ class PoolsTheme extends Themelet {
/* /*
* HERE WE DISPLAY THE POOL EDITOR * HERE WE DISPLAY THE POOL EDITOR
* WE LIST ALL IMAGES ON POOL WITHOUT PAGINATION AND WITH A CHECKBOX TO SELECT WHICH IMAGE WE WANT REMOVE * WE LIST ALL IMAGES ON POOL WITHOUT PAGINATION AND WITH A CHECKBOX TO SELECT WHICH IMAGE WE WANT REMOVE
*/ */
public function edit_pool(Page $page, $pools, $images) { public function edit_pool(Page $page, $pools, $images)
{
global $user; global $user;
$pool_info = "<table id='poolsList' class='zebra'>". $pool_info = "<table id='poolsList' class='zebra'>".
"<thead><tr>". "<thead><tr>".
"<th class='left'>Title</th>". "<th class='left'>Title</th>".
"<th class='left'>Description</th>". "<th class='left'>Description</th>".
"</tr></thead>"; "</tr></thead>";
$n = 0; $n = 0;
foreach ($pools as $pool) { foreach ($pools as $pool)
$oe = ($n++ % 2 == 0) ? "even" : "odd"; {
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_info .= "<tr class='$oe'>". $pool_info .= "<tr class='$oe'>".
"<td class='left'>".$pool['title']."</td>". "<td class='left'>".$pool['title']."</td>".
"<td class='left'>".$pool['description']."</td>". "<td class='left'>".$pool['description']."</td>".
"</tr>"; "</tr>";
} }
@ -348,104 +352,112 @@ class PoolsTheme extends Themelet {
$page->set_title("Editing Pool"); $page->set_title("Editing Pool");
$page->set_heading("Editing Pool"); $page->set_heading("Editing Pool");
$page->add_block(new Block("Editing Pool", $pool_info, "main", 10)); $page->add_block(new Block("Editing Pool", $pool_info, "main", 10));
$pool_images = " $pool_images = "
<script language='JavaScript' type='text/javascript'> <script language='JavaScript' type='text/javascript'>
function checkAll() function checkAll()
{ {
var a=new Array(); var a=new Array();
a=document.getElementsByName('check[]'); a=document.getElementsByName('check[]');
var p=0; var p=0;
for(i=0;i<a.length;i++) { for(i=0;i<a.length;i++){
a[i].checked = true ; a[i].checked = true ;
}
} }
}
function uncheckAll() function uncheckAll()
{ {
var a=new Array(); var a=new Array();
a=document.getElementsByName('check[]'); a=document.getElementsByName('check[]');
var p=0; var p=0;
for(i=0;i<a.length;i++) { for(i=0;i<a.length;i++){
a[i].checked = false ; a[i].checked = false ;
} }
} }
</script> </script>
";
";
$pool_images .= "<form action='".make_link("pool/remove_posts")."' method='POST' name='checks'>"; $pool_images .= "<form action='".make_link("pool/remove_posts")."' method='POST' name='checks'>";
foreach($images as $pair) { foreach($images as $pair) {
$image = $pair[0]; $image = $pair[0];
$thumb_html = $this->build_thumb_html($image); $thumb_html = $this->build_thumb_html($image);
$pool_images .= '<span class="thumb">'. $pool_images .= '<span class="thumb">'.
'<a href="$image_link">'.$thumb_html.'</a>'; '<a href="$image_link">'.$thumb_html.'</a>';
$pool_images .= '<br><input name="check[]" type="checkbox" value="'.$image->id.'" />';
$pool_images .= '<br><input name="check[]" type="checkbox" value="'.$image->id.'" />';
$pool_images .= '</span>'; $pool_images .= '</span>';
} }
$pool_images .= "<br>". $pool_images .= "<br>".
"<input type='submit' name='edit' id='edit' value='Remove Selected'/>". "<input type='submit' name='edit' id='edit' value='Remove Selected'/>".
"<input type='hidden' name='pool_id' value='".$pool['id']."'>". "<input type='hidden' name='pool_id' value='".$pool['id']."'>".
"</form>"; "</form>";
$page->add_block(new Block("Editing Posts", $pool_images, "main", 30)); $page->add_block(new Block("Editing Posts", $pool_images, "main", 30));
$editor = " $editor = "
<input type='button' name='CheckAll' value='Check All' onClick='checkAll()'> <input type='button' name='CheckAll' value='Check All' onClick='checkAll()'>
<input type='button' name='UnCheckAll' value='Uncheck All' onClick='uncheckAll()'>"; <input type='button' name='UnCheckAll' value='Uncheck All' onClick='uncheckAll()'>";
$page->add_block(new Block("Manage Pool", $editor, "left", 10)); $page->add_block(new Block("Manage Pool", $editor, "left", 10));
} }
/* /*
* HERE WE DISPLAY THE HISTORY LIST * HERE WE DISPLAY THE HISTORY LIST
*/ */
public function show_history($histories, $pageNumber, $totalPages) { public function show_history($histories, $pageNumber, $totalPages){
global $page; global $page;
$html = "<table id='poolsList' class='zebra'>". $html = "<table id='poolsList' class='zebra'>".
"<thead><tr>". "<thead><tr>".
"<th>Pool</th>". "<th>Pool</th>".
"<th>Post Count</th>". "<th>Post Count</th>".
"<th>Changes</th>". "<th>Changes</th>".
"<th>Updater</th>". "<th>Updater</th>".
"<th>Date</th>". "<th>Date</th>".
"<th>Action</th>". "<th>Action</th>".
"</tr></thead>"; "</tr></thead>";
$n = 0; $n = 0;
foreach ($histories as $history) { foreach ($histories as $history)
$oe = ($n++ % 2 == 0) ? "even" : "odd"; {
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_link = "<a href='".make_link("pool/view/".$history['pool_id'])."'>".$history['title']."</a>"; $pool_link = "<a href='".make_link("pool/view/".$history['pool_id'])."'>".$history['title']."</a>";
$user_link = "<a href='".make_link("user/".$history['user_name'])."'>".$history['user_name']."</a>"; $user_link = "<a href='".make_link("user/".$history['user_name'])."'>".$history['user_name']."</a>";
$revert_link = "<a href='".make_link("pool/revert/".$history['id'])."'>Revert</a>"; $revert_link = "<a href='".make_link("pool/revert/".$history['id'])."'>Revert</a>";
if ($history['action'] == 1) { if ($history['action'] == 1) {
$prefix = "+"; $prefix = "+";
} elseif ($history['action'] == 0) { } elseif ($history['action'] == 0) {
$prefix = "-"; $prefix = "-";
} }
$images = trim($history['images']); $images = trim($history['images']);
$images = explode(" ", $images); $images = explode(" ", $images);
$image_link = ""; $image_link = "";
foreach ($images as $image) { foreach ($images as $image) {
$image_link .= "<a href='".make_link("post/view/".$image)."'>".$prefix.$image." </a>"; $image_link .= "<a href='".make_link("post/view/".$image)."'>".$prefix.$image." </a>";
} }
$html .= "<tr class='$oe'>". $html .= "<tr class='$oe'>".
"<td class='left'>".$pool_link."</td>". "<td class='left'>".$pool_link."</td>".
"<td>".$history['count']."</td>". "<td>".$history['count']."</td>".
"<td>".$image_link."</td>". "<td>".$image_link."</td>".
"<td>".$user_link."</td>". "<td>".$user_link."</td>".
"<td>".$history['date']."</td>". "<td>".$history['date']."</td>".
"<td>".$revert_link."</td>". "<td>".$revert_link."</td>".
"</tr>"; "</tr>";
} }
@ -462,9 +474,9 @@ class PoolsTheme extends Themelet {
/* /*
* HERE WE DISPLAY THE ERROR * HERE WE DISPLAY THE ERROR
*/ */
public function display_error($errMessage) { public function display_error($errMessage){
global $page; global $page;
$page->set_title("Error"); $page->set_title("Error");