james/fembooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

dos2unix and some other changes...

Browse Source
This commit is contained in:
Shish 2009-12-24 07:36:09 +00:00
parent 1c7ce5a3ac
commit 12745b9309
4 changed files with 3054 additions and 2842 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

293
contrib/artists/main.php
View File

@ -129,7 +129,11 @@ class Artists implements Extension {
$artistName = $author;
}
$database->execute("UPDATE images SET author = ? WHERE id = ?", array($artistName, $event->image->id));
$database->execute("UPDATE images SET author = ? WHERE id = ?"
, array(
mysql_real_escape_string($artistName)
, $event->image->id
));
}
public function handle_commands($event)
{
@ -220,8 +224,6 @@ class Artists implements Extension {
$members = $this->get_members($artistID);
$urls = $this->get_urls($artistID);
if(!$user->is_anonymous()){
$this->theme->show_artist_editor($artist, $aliases, $members, $urls);
@ -418,17 +420,19 @@ class Artists implements Extension {
private function get_artistName_by_imageID($imageID)
{
if(!is_numeric($imageID)) return null;
global $database;
$result = $database->get_row("SELECT author FROM images WHERE id = ?", array($imageID));
return $result['author'];
return stripslashes($result['author']);
}
private function url_exists_by_url($url)
{
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE url = ?", array($url));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE url = ?", array(mysql_real_escape_string($url)));
return ($result != 0);
}
@ -436,7 +440,7 @@ class Artists implements Extension {
{
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE name = ?", array($member));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE name = ?", array(mysql_real_escape_string($member)));
return ($result != 0);
}
@ -444,39 +448,48 @@ class Artists implements Extension {
{
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE alias = ?", array($alias));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE alias = ?", array(mysql_real_escape_string($alias)));
return ($result != 0);
}
private function alias_exists($artistID, $alias){
if (!is_numeric($artistID)) return;
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE artist_id = ? AND alias = ?", array($artistID, $alias));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_alias WHERE artist_id = ? AND alias = ?", array(
$artistID
, mysql_real_escape_string($alias)
));
return ($result != 0);
}
private function get_artistID_by_url($url)
{
global $database;
$result = $database->get_row("SELECT artist_id FROM artist_urls WHERE url = ?", array($url));
$result = $database->get_row("SELECT artist_id FROM artist_urls WHERE url = ?", array(mysql_real_escape_string($url)));
return $result['artist_id'];
}
private function get_artistID_by_memberName($member)
{
global $database;
$result = $database->get_row("SELECT artist_id FROM artist_members WHERE name = ?", array($member));
$result = $database->get_row("SELECT artist_id FROM artist_members WHERE name = ?", array(mysql_real_escape_string($member)));
return $result['artist_id'];
}
private function get_artistName_by_artistID($artistID)
{
if (!is_numeric($artistID)) return;
global $database;
$result = $database->get_row("SELECT name FROM artists WHERE id = ?", array($artistID));
return $result['name'];
return stripslashes($result['name']);
}
private function get_artistID_by_aliasID($aliasID)
{
if (!is_numeric($aliasID)) return;
global $database;
$result = $database->get_row("SELECT artist_id FROM artist_alias WHERE id = ?", array($aliasID));
return $result['artist_id'];
@ -484,6 +497,8 @@ class Artists implements Extension {
private function get_artistID_by_memberID($memberID)
{
if (!is_numeric($memberID)) return;
global $database;
$result = $database->get_row("SELECT artist_id FROM artist_members WHERE id = ?", array($memberID));
return $result['artist_id'];
@ -491,6 +506,8 @@ class Artists implements Extension {
private function get_artistID_by_urlID($urlID)
{
if (!is_numeric($urlID)) return;
global $database;
$result = $database->get_row("SELECT artist_id FROM artist_urls WHERE id = ?", array($urlID));
return $result['artist_id'];
@ -498,18 +515,24 @@ class Artists implements Extension {
private function delete_alias($aliasID)
{
if (!is_numeric($aliasID)) return;
global $database;
$database->execute("DELETE FROM artist_alias WHERE id = ?", array($aliasID));
}
private function delete_url($urlID)
{
if (!is_numeric($urlID)) return;
global $database;
$database->execute("DELETE FROM artist_urls WHERE id = ?", array($urlID));
}
private function delete_member($memberID)
{
if (!is_numeric($memberID)) return;
global $database;
$database->execute("DELETE FROM artist_members WHERE id = ?", array($memberID));
}
@ -517,20 +540,38 @@ class Artists implements Extension {
private function get_alias_by_id($aliasID)
{
if (!is_numeric($aliasID)) return;
global $database;
return $database->get_row("SELECT * FROM artist_alias WHERE id = ?", array($aliasID));
$result = $database->get_row("SELECT * FROM artist_alias WHERE id = ?", array($aliasID));
$result["alias"] = stripslashes($result["alias"]);
return $result;
}
private function get_url_by_id($urlID)
{
if (!is_numeric($urlID)) return;
global $database;
return $database->get_row("SELECT * FROM artist_urls WHERE id = ?", array($urlID));
$result = $database->get_row("SELECT * FROM artist_urls WHERE id = ?", array($urlID));
$result["url"] = stripslashes($result["url"]);
return $result;
}
private function get_member_by_id($memberID)
{
if (!is_numeric($memberID)) return;
global $database;
return $database->get_row("SELECT * FROM artist_members WHERE id = ?", array($memberID));
$result = $database->get_row("SELECT * FROM artist_members WHERE id = ?", array($memberID));
$result["name"] = stripslashes($result["name"]);
return $result;
}
private function update_artist()
@ -541,41 +582,55 @@ class Artists implements Extension {
$notes = $_POST['notes'];
$userID = $user->id;
$aliasesAsString = $_POST["aliases"];
$aliasesIDsAsString = $_POST["aliasesIDs"];
$aliasesAsString = trim($_POST["aliases"]);
if (strlen($aliasesAsString) == 0) $aliasesAsString = NULL;
$aliasesIDsAsString = trim($_POST["aliasesIDs"]);
if (strlen($aliasesIDsAsString) == 0) $aliasesIDsAsString = NULL;
$membersAsString = $_POST["members"];
$membersIDsAsString = $_POST["membersIDs"];
$membersAsString = trim($_POST["members"]);
if (strlen($membersAsString) == 0) $membersAsString = NULL;
$membersIDsAsString = trim($_POST["membersIDs"]);
if (strlen($membersIDsAsString) == 0) $membersIDsAsString = NULL;
$urlsAsString = $_POST["urls"];
$urlsIDsAsString = $_POST["urlsIDs"];
$urlsAsString = trim($_POST["urls"]);
if (strlen($urlsAsString) == 0) $urlsAsString = NULL;
$urlsIDsAsString = trim($_POST["urlsIDs"]);
if (strlen($urlsIDsAsString) == 0) $urlsIDsAsString = NULL;
if (is_null($artistID) || !is_numeric($artistID))
return;
if (is_null($userID) || !is_numeric($userID))
return;
if (is_null($name) || strlen($name) == 0 || strpos($name, " "))
return;
if (is_null($aliasesAsString) || is_null($aliasesIDsAsString))
return;
//if (is_null($aliasesAsString) || is_null($aliasesIDsAsString))
// return;
if (is_null($membersAsString) || is_null($membersIDsAsString))
return;
//if (is_null($membersAsString) || is_null($membersIDsAsString))
// return;
if (is_null($urlsAsString) || is_null($urlsIDsAsString))
return;
//if (is_null($urlsAsString) || is_null($urlsIDsAsString))
// return;
if (strlen($notes) == 0)
$notes = NULL;
global $database;
$database->execute("UPDATE artists SET name = ?, notes = ?, updated = now(), user_id = ? WHERE id = ? "
, array($name, $notes, $userID, $artistID));
, array(
mysql_real_escape_string($name)
, mysql_real_escape_string($notes)
, $userID
, $artistID
));
// ALIAS MATCHING SECTION
$i = 0;
$aliasesAsArray = explode(" ", $aliasesAsString);
$aliasesIDsAsArray = explode(" ", $aliasesIDsAsString);
$aliasesAsArray = is_null($aliasesAsString) ? array() : explode(" ", $aliasesAsString);
$aliasesIDsAsArray = is_null($aliasesIDsAsString) ? array() : explode(" ", $aliasesIDsAsString);
while ($i < count($aliasesAsArray))
{
// if an alias was updated
@ -594,8 +649,8 @@ class Artists implements Extension {
// MEMBERS MATCHING SECTION
$i = 0;
$membersAsArray = explode(" ", $membersAsString);
$membersIDsAsArray = explode(" ", $membersIDsAsString);
$membersAsArray = is_null($membersAsString) ? array() : explode(" ", $membersAsString);
$membersIDsAsArray = is_null($membersIDsAsString) ? array() : explode(" ", $membersIDsAsString);
while ($i < count($membersAsArray))
{
// if a member was updated
@ -614,19 +669,26 @@ class Artists implements Extension {
// URLS MATCHING SECTION
$i = 0;
$urlsAsArray = explode("\n", $urlsAsString);
$urlsIDsAsArray = explode(" ", $urlsIDsAsString);
$urlsAsString = str_replace("\r\n", "\n", $urlsAsString);
$urlsAsString = str_replace("\n\r", "\n", $urlsAsString);
$urlsAsArray = is_null($urlsAsString) ? array() : explode("\n", $urlsAsString);
$urlsIDsAsArray = is_null($urlsIDsAsString) ? array() : explode(" ", $urlsIDsAsString);
while ($i < count($urlsAsArray))
{
// if an URL was updated
if ($i < count($urlsIDsAsArray))
{
// save it
$this->save_existing_url($urlsIDsAsArray[$i], $urlsAsArray[$i], $userID);
}
else
{
$this->save_new_url($artistID, $urlsAsArray[$i], $userID);
}
$i++;
}
// if we have more ids than urls, then some urls have been deleted -- delete them from db
while ($i < count($urlsIDsAsArray))
$this->delete_url($urlsIDsAsArray[$i++]);
@ -649,9 +711,16 @@ class Artists implements Extension {
private function save_existing_alias($aliasID, $alias, $userID)
{
if (!is_numeric($userID)) return;
if (!is_numeric($aliasID)) return;
global $database;
$database->execute("UPDATE artist_alias SET alias = ?, updated = now(), user_id = ? WHERE id = ? "
, array($alias, $userID, $aliasID));
, array(
mysql_real_escape_string($alias)
, $userID
, $aliasID
));
}
private function update_url()
@ -671,9 +740,16 @@ class Artists implements Extension {
private function save_existing_url($urlID, $url, $userID)
{
if (!is_numeric($userID)) return;
if (!is_numeric($urlID)) return;
global $database;
$database->execute("UPDATE artist_urls SET url = ?, updated = now(), user_id = ? WHERE id = ?"
, array($url, $userID, $urlID));
, array(
mysql_real_escape_string($url)
, $userID
, $urlID
));
}
private function update_member()
@ -693,10 +769,17 @@ class Artists implements Extension {
private function save_existing_member($memberID, $memberName, $userID)
{
if (!is_numeric($memberID)) return;
if (!is_numeric($userID)) return;
global $database;
$database->execute("UPDATE artist_members SET name = ?, updated = now(), user_id = ? WHERE id = ?"
, array($memberName, $userID, $memberID));
, array(
mysql_real_escape_string($memberName)
, $userID
, $memberID
));
}
/*
@ -747,6 +830,10 @@ class Artists implements Extension {
if (strlen($urls))
{
//delete double "separators"
$urls = str_replace("\r\n", "\n", $urls);
$urls = str_replace("\n\r", "\n", $urls);
$urlsArray = explode("\n", $urls);
foreach ($urlsArray as $url)
if (!$this->url_exists($artistID, $url))
@ -764,7 +851,11 @@ class Artists implements Extension {
(user_id, name, notes, created, updated)
VALUES
(?, ?, ?, now(), now())",
array($user->id, $name, $notes));
array(
$user->id
, mysql_real_escape_string($name)
, mysql_real_escape_string($notes)
));
$result = $database->get_row("SELECT LAST_INSERT_ID() AS artistID", array());
@ -777,7 +868,10 @@ class Artists implements Extension {
private function artist_exists($name){
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artists WHERE name = ?", array($name));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artists WHERE name = ?"
, array(
mysql_real_escape_string($name)
));
return ($result != 0);
}
@ -785,19 +879,54 @@ class Artists implements Extension {
* HERE WE GET THE INFO OF THE ARTIST
*/
private function get_artist($artistID){
if (!is_numeric($artistID)) return;
global $database;
return $database->get_row("SELECT * FROM artists WHERE id = ?", array($artistID));
$result = $database->get_row("SELECT * FROM artists WHERE id = ?",
array(
$artistID
));
$result["name"] = stripslashes($result["name"]);
$result["notes"] = stripslashes($result["notes"]);
return $result;
}
private function get_members($artistID)
{
if (!is_numeric($artistID)) return;
global $database;
return $database->get_all("SELECT * FROM artist_members WHERE artist_id = ?", array($artistID));
$result = $database->get_all("SELECT * FROM artist_members WHERE artist_id = ?"
, array(
$artistID
));
for ($i = 0 ; $i < count($result) ; $i++)
{
$result[$i]["name"] = stripslashes($result[$i]["name"]);
}
return $result;
}
private function get_urls($artistID)
{
if (!is_numeric($artistID)) return;
global $database;
return $database->get_all("SELECT id, url FROM artist_urls WHERE artist_id = ?", array($artistID));
$result = $database->get_all("SELECT id, url FROM artist_urls WHERE artist_id = ?"
, array(
$artistID
));
for ($i = 0 ; $i < count($result) ; $i++)
{
$result[$i]["url"] = stripslashes($result[$i]["url"]);
}
return $result;
}
/*
@ -805,7 +934,10 @@ class Artists implements Extension {
*/
private function get_artist_id($name){
global $database;
$artistID = $database->get_row("SELECT id FROM artists WHERE name = ?", array($name));
$artistID = $database->get_row("SELECT id FROM artists WHERE name = ?"
, array(
mysql_real_escape_string($name)
));
return $artistID['id'];
}
@ -813,7 +945,10 @@ class Artists implements Extension {
{
global $database;
$artistID = $database->get_row("SELECT artist_id FROM artist_alias WHERE alias = ?", array($alias));
$artistID = $database->get_row("SELECT artist_id FROM artist_alias WHERE alias = ?"
, array(
mysql_real_escape_string($alias)
));
return $artistID["artist_id"];
}
@ -823,8 +958,13 @@ class Artists implements Extension {
*/
private function delete_artist($artistID)
{
if (!is_numeric($artistID)) return;
global $database;
$database->execute("DELETE FROM artists WHERE id = ? ", array($artistID));
$database->execute("DELETE FROM artists WHERE id = ? "
, array(
$artistID
));
}
@ -892,7 +1032,17 @@ class Artists implements Extension {
)
ORDER BY updated DESC
LIMIT ?, ?
", array($pageNumber * $artistsPerPage, $artistsPerPage));
", array(
$pageNumber * $artistsPerPage
, $artistsPerPage
));
for ($i = 0 ; $i < count($listing) ; $i++)
{
$listing[$i]["name"] = stripslashes($listing[$i]["name"]);
$listing[$i]["user_name"] = stripslashes($listing[$i]["user_name"]);
$listing[$i]["artist_name"] = stripslashes($listing[$i]["artist_name"]);
}
$count = $database->db->GetOne(
"SELECT COUNT(1)
@ -933,9 +1083,16 @@ class Artists implements Extension {
private function save_new_url($artistID, $url, $userID)
{
if (!is_numeric($artistID)) return;
if (!is_numeric($userID)) return;
global $database;
$database->execute("INSERT INTO artist_urls (artist_id, created, updated, url, user_id) VALUES (?, now(), now(), ?, ?)"
, array($artistID, $url, $userID));
, array(
$artistID
, mysql_real_escape_string($url)
, $userID
));
}
private function add_alias()
@ -960,9 +1117,16 @@ class Artists implements Extension {
private function save_new_alias($artistID, $alias, $userID)
{
if (!is_numeric($artistID)) return;
if (!is_numeric($userID)) return;
global $database;
$database->execute("INSERT INTO artist_alias (artist_id, created, updated, alias, user_id) VALUES (?, now(), now(), ?, ?)"
, array($artistID, $alias, $userID));
, array(
$artistID
, mysql_real_escape_string($alias)
, $userID
));
}
private function add_members()
@ -986,24 +1150,43 @@ class Artists implements Extension {
private function save_new_member($artistID, $member, $userID)
{
if (!is_numeric($artistID)) return;
if (!is_numeric($userID)) return;
global $database;
$database->execute("INSERT INTO artist_members (artist_id, name, created, updated, user_id) VALUES (?, ?, now(), now(), ?)"
, array($artistID, $member, $userID));
, array(
$artistID
, mysql_real_escape_string($member)
, $userID
));
}
private function member_exists($artistID, $member)
{
if (!is_numeric($artistID)) return;
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE artist_id = ? AND name = ?", array($artistID, $member));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_members WHERE artist_id = ? AND name = ?"
, array(
$artistID
, mysql_real_escape_string($member)
));
return ($result != 0);
}
private function url_exists($artistID, $url)
{
if (!is_numeric($artistID)) return;
global $database;
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE artist_id = ? AND url = ?", array($artistID, $url));
$result = $database->db->GetOne("SELECT COUNT(1) FROM artist_urls WHERE artist_id = ? AND url = ?"
, array(
$artistID
, mysql_real_escape_string($url)
));
return ($result != 0);
}
@ -1011,13 +1194,21 @@ class Artists implements Extension {
* HERE WE GET THE INFO OF THE ALIAS
*/
private function get_alias($artistID){
if (!is_numeric($artistID)) return;
global $database;
return $database->get_all("SELECT id AS alias_id, alias AS alias_name ".
$result = $database->get_all("SELECT id AS alias_id, alias AS alias_name ".
"FROM artist_alias ".
"WHERE artist_id = ? ".
"ORDER BY alias ASC"
, array($artistID));
for ($i = 0 ; $i < count($result) ; $i++)
{
$result[$i]["alias_name"] = stripslashes($result[$i]["alias_name"]);
}
return $result;
}
}
add_event_listener(new Artists());

20
contrib/notes/main.php
View File

@ -264,7 +264,7 @@ class Notes extends SimpleExtension {
$noteY1 = int_escape($_POST["note_y1"]);
$noteHeight = int_escape($_POST["note_height"]);
$noteWidth = int_escape($_POST["note_width"]);
$noteText = html_escape($_POST["note_text"]);
$noteText = mysql_real_escape_string(html_escape($_POST["note_text"]));
$database->execute("
INSERT INTO notes
@ -313,13 +313,13 @@ class Notes extends SimpleExtension {
*/
private function update_note()
{
$imageID = $_POST["image_id"];
$noteID = $_POST["note_id"];
$noteX1 = $_POST["note_x1"];
$noteY1 = $_POST["note_y1"];
$noteHeight = $_POST["note_height"];
$noteWidth = $_POST["note_width"];
$noteText = $_POST["note_text"];
$imageID = int_escape($_POST["image_id"]);
$noteID = int_escape($_POST["note_id"]);
$noteX1 = int_escape($_POST["note_x1"]);
$noteY1 = int_escape($_POST["note_y1"]);
$noteHeight = int_escape($_POST["note_height"]);
$noteWidth = int_escape($_POST["note_width"]);
$noteText = mysql_real_escape_string(html_escape($_POST["note_text"]));
// validate parameters
if(is_null($imageID) || !is_numeric($imageID))
@ -362,8 +362,8 @@ class Notes extends SimpleExtension {
*/
private function delete_note()
{
$imageID = $_POST["image_id"];
$noteID = $_POST["note_id"];
$imageID = int_escape($_POST["image_id"]);
$noteID = int_escape($_POST["note_id"]);
// validate parameters
if(is_null($imageID) || !is_numeric($imageID))

181
contrib/pools/main.php
View File

@ -7,14 +7,12 @@
* Documentation:
*/
class PoolCreationException extends SCoreException {
}
class Pools extends SimpleExtension {
public function onInitExt($event) {
global $config, $database;
if ($config->get_int("ext_pools_version") < 1) {
if ($config->get_int("ext_pools_version") < 1){
$database->create_table("pools", "
id SCORE_AIPK,
user_id INTEGER NOT NULL,
@ -75,7 +73,7 @@ class Pools extends SimpleExtension {
}
case "new": // Show form
{
if(!$user->is_anonymous()) {
if(!$user->is_anonymous()){
$this->theme->new_pool_composer($page);
} else {
$errMessage = "You must be registered and logged in to create a new pool.";
@ -85,23 +83,18 @@ class Pools extends SimpleExtension {
}
case "create": // ADD _POST
{
try {
if($user->is_anonymous()) {
throw new PoolCreationException("You must be registered and logged in to add a image.");
}
if(!$user->is_anonymous()){
$newPoolID = $this->add_pool();
$page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$newPoolID));
}
catch(PoolCreationException $ex) {
$this->theme->display_error($ex->getMessage());
$page->set_redirect(make_link("pool/view/".$newPoolID.""));
} else {
$this->theme->display_error("You must be registered and logged in to add a image.");
}
break;
}
case "view":
{
$poolID = int_escape($event->get_arg(1));
$poolID = $event->get_arg(1);
$this->get_posts($event, $poolID);
break;
}
@ -113,7 +106,7 @@ class Pools extends SimpleExtension {
case "revert":
{
if(!$user->is_anonymous()) {
$historyID = int_escape($event->get_arg(1));
$historyID = $event->get_arg(1);
$this->revert_history($historyID);
@ -124,7 +117,7 @@ class Pools extends SimpleExtension {
}
case "edit":
{
$poolID = int_escape($event->get_arg(1));
$poolID = $event->get_arg(1);
$pools = $this->get_pool($poolID);
foreach($pools as $pool) {
@ -133,7 +126,7 @@ class Pools extends SimpleExtension {
$this->theme->edit_pool($page, $this->get_pool($poolID), $this->edit_posts($poolID));
} else {
$page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$poolID));
$page->set_redirect(make_link("pool/view/".$poolID.""));
}
}
break;
@ -142,12 +135,12 @@ class Pools extends SimpleExtension {
{
$poolID = int_escape($_POST["pool_id"]);
$page->set_mode("redirect");
$page->set_redirect(make_link("pool/edit/".$poolID));
$page->set_redirect(make_link("pool/edit/".$poolID.""));
break;
}
case "order":
{
$poolID = int_escape($event->get_arg(1));
$poolID = $event->get_arg(1);
$pools = $this->get_pool($poolID);
foreach($pools as $pool) {
@ -156,7 +149,7 @@ class Pools extends SimpleExtension {
$this->theme->edit_order($page, $this->get_pool($poolID), $this->edit_order($poolID));
} else {
$page->set_mode("redirect");
$page->set_redirect(make_link("pool/view/".$poolID));
$page->set_redirect(make_link("pool/view/".$poolID.""));
}
}
break;
@ -165,7 +158,7 @@ class Pools extends SimpleExtension {
{
$poolID = int_escape($_POST["pool_id"]);
$page->set_mode("redirect");
$page->set_redirect(make_link("pool/order/".$poolID));
$page->set_redirect(make_link("pool/order/".$poolID.""));
break;
}
case "import":
@ -225,7 +218,7 @@ class Pools extends SimpleExtension {
}
case "nuke":
{
$pool_id = int_escape($event->get_arg(1));
$pool_id = $event->get_arg(1);
$pool = $this->get_single_pool($pool_id);
// only admins and owners may do this
@ -266,10 +259,10 @@ class Pools extends SimpleExtension {
$poolsIDs = $this->get_pool_id($imageID);
$linksPools = "";
foreach ($poolsIDs as $poolID) {
foreach ($poolsIDs as $poolID){
$pools = $this->get_pool($poolID['pool_id']);
foreach ($pools as $pool) {
$linksPools .= "<a href='".make_link("pool/view/".$pool['id'])."'>".$pool['title']."</a>, ";
foreach ($pools as $pool){
$linksPools .= "<a href='".make_link("pool/view/".$pool['id']."")."'>".$pool['title']."</a>, ";
}
}
$linksPools = substr($linksPools, 0, -2);
@ -282,10 +275,10 @@ class Pools extends SimpleExtension {
/*
* HERE WE GET THE LIST OF POOLS
*/
private function list_pools(Page $page, $event) {
private function list_pools(Page $page, $event){
global $config, $database;
$pageNumber = int_escape($event->get_arg(1));
$pageNumber = $event->get_arg(1);
if(is_null($pageNumber) || !is_numeric($pageNumber))
$pageNumber = 0;
else if ($pageNumber <= 0)
@ -315,19 +308,17 @@ class Pools extends SimpleExtension {
/*
* HERE WE CREATE A NEW POOL
*/
private function add_pool() {
private function add_pool(){
global $user, $database;
$public = html_escape($_POST["public"]);
$title = html_escape(trim($_POST["title"]));
$description = html_escape(trim($_POST["description"]));
$title = mysql_real_escape_string(html_escape($_POST["title"]));
$description = mysql_real_escape_string(html_escape($_POST["description"]));
if($public == "") {
if($public <> "Y"){
$public = "N";
}
if(empty($title)) throw new PoolCreationException("Pool must have a title");
$database->execute("
INSERT INTO pools
(user_id, public, title, description, date)
@ -335,20 +326,21 @@ class Pools extends SimpleExtension {
(?, ?, ?, ?, now())",
array($user->id, $public, $title, $description));
$result = $database->get_row("SELECT LAST_INSERT_ID() AS poolID");
$result = $database->get_row("SELECT LAST_INSERT_ID() AS poolID", array());
log_info("pools", "Pool {$result["poolID"]} created by {$user->name}");
return $result["poolID"];
}
private function get_pool($poolID) {
private function get_pool($poolID){
global $database;
$poolID = int_escape($poolID);
return $database->get_all("SELECT * FROM pools WHERE id=?", array($poolID));
}
private function get_single_pool($poolID) {
private function get_single_pool($poolID)
{
global $database;
$poolID = int_escape($poolID);
return $database->get_row("SELECT * FROM pools WHERE id=?", array($poolID));
@ -357,10 +349,10 @@ class Pools extends SimpleExtension {
/*
* HERE WE GET THE ID OF THE POOL FROM AN IMAGE
*/
private function get_pool_id($imageID) {
private function get_pool_id($imageID){
global $database;
$imageID = int_escape($imageID);
return $database->get_all("SELECT pool_id FROM pool_images WHERE image_id=?", array($imageID));
return $database->get_all("SELECT pool_id FROM pool_images WHERE image_id =?", array($imageID));
}
@ -368,15 +360,15 @@ class Pools extends SimpleExtension {
/*
* HERE WE GET THE IMAGES FROM THE TAG ON IMPORT
*/
private function import_posts() {
private function import_posts(){
global $page, $config, $database;
$pool_id = int_escape($_POST["pool_id"]);
$pool_tag = html_escape($_POST["pool_tag"]);;
$pool_tag = mysql_real_escape_string(html_escape($_POST["pool_tag"]));
$poolsMaxResults = $config->get_int("poolsMaxImportResults", 1000);
$images = Image::find_images(0, $poolsMaxResults, Tag::explode($pool_tag));
$images = $images = Image::find_images(0, $poolsMaxResults, Tag::explode($pool_tag));
$this->theme->pool_result($page, $images, $pool_id);
}
@ -385,14 +377,15 @@ class Pools extends SimpleExtension {
/*
* HERE WE ADD CHECKED IMAGES FROM POOL AND UPDATE THE HISTORY
*/
private function add_posts() { //ADD CHECKED POSTS
private function add_posts(){ //ADD CHECKED POSTS
global $database;
$poolID = int_escape($_POST['pool_id']);
$images = "";
foreach ($_POST['check'] as $imageID) {
if(!$this->check_post($poolID, $imageID)) {
foreach ($_POST['check'] as $imageID){
if(!$this->check_post($poolID, $imageID)){
$database->execute("
INSERT INTO pool_images
(pool_id, image_id)
@ -402,9 +395,10 @@ class Pools extends SimpleExtension {
$images .= " ".$imageID;
}
}
if(!strlen($images) == 0) {
if(!strlen($images) == 0){
$count = $database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?", array($poolID));
$this->add_history($poolID, 1, $images, $count);
}
@ -413,7 +407,7 @@ class Pools extends SimpleExtension {
return $poolID;
}
private function order_posts() { //ORDER POSTS
private function order_posts(){ //ORDER POSTS
global $database;
$poolID = int_escape($_POST['pool_id']);
@ -422,7 +416,7 @@ class Pools extends SimpleExtension {
list ($imageORDER, $imageID) = $data;
$imageID = int_escape($imageID);
$database->Execute("UPDATE pool_images SET image_order=? WHERE pool_id=? AND image_id=?", array($imageORDER, $poolID, $imageID));
$database->Execute("UPDATE pool_images SET image_order = ? WHERE pool_id = ? AND image_id = ?", array($imageORDER, $poolID, $imageID));
}
return $poolID;
@ -433,14 +427,15 @@ class Pools extends SimpleExtension {
/*
* HERE WE REMOVE CHECKED IMAGES FROM POOL AND UPDATE THE HISTORY
*/
private function remove_posts() {
private function remove_posts(){
global $database;
$poolID = int_escape($_POST['pool_id']);
$images = "";
foreach ($_POST['check'] as $imageID) {
$database->execute("DELETE FROM pool_images WHERE pool_id=? AND image_id=?", array($poolID, $imageID));
foreach ($_POST['check'] as $imageID){
$database->execute("DELETE FROM pool_images WHERE pool_id = ? AND image_id = ?", array($poolID, $imageID));
$images .= " ".$imageID;
}
@ -455,7 +450,7 @@ class Pools extends SimpleExtension {
* HERE WE CHECK IF THE POST IS ALREADY ON POOL
* USED IN add_posts()
*/
private function check_post($poolID, $imageID) {
private function check_post($poolID, $imageID){
global $database;
$result = $database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=? AND image_id=?", array($poolID, $imageID));
if($result == 0) {
@ -470,10 +465,10 @@ class Pools extends SimpleExtension {
/*
* HERE WE GET ALL IMAGES FOR THE POOL
*/
private function get_posts($event, $poolID) {
private function get_posts($event, $poolID){
global $config, $user, $database;
$pageNumber = int_esscape($event->get_arg(2));
$pageNumber = $event->get_arg(2);
if(is_null($pageNumber) || !is_numeric($pageNumber))
$pageNumber = 0;
else if ($pageNumber <= 0)
@ -486,7 +481,7 @@ class Pools extends SimpleExtension {
$imagesPerPage = $config->get_int("poolsImagesPerPage");
// WE CHECK IF THE EXTENSION RATING IS INSTALLED, WICH VERSION AND IF IT WORKS TO SHOW/HIDE SAFE, QUESTIONABLE, EXPLICIT AND UNRATED IMAGES FROM USER
if(class_exists("Ratings") && $config->get_int("ext_ratings2_version") < 3) {
if($config->get_int("ext_ratings2_version") < 3) {
$result = $database->get_all("SELECT image_id ".
"FROM pool_images ".
"WHERE pool_id=? ".
@ -496,18 +491,31 @@ class Pools extends SimpleExtension {
$totalPages = ceil($database->db->GetOne("SELECT COUNT(*) FROM pool_images WHERE pool_id=?",array($poolID)) / $imagesPerPage);
}
if(class_exists("Ratings") && $config->get_int("ext_ratings2_version") >= 3) {
$rating = Ratings::privs_to_sql(Ratings::get_user_privs($user));
if($config->get_int("ext_ratings2_version") >= 3) {
if($user->is_anonymous()) {
$sqes = $config->get_string("ext_rating_anon_privs");
}
else if($user->is_admin()) {
$sqes = $config->get_string("ext_rating_admin_privs");
}
else {
$sqes = $config->get_string("ext_rating_user_privs");
}
$arr = array();
for($i=0; $i<strlen($sqes); $i++) {
$arr[] = "'" . $sqes[$i] . "'";
}
$rating = join(', ', $arr);
$result = $database->get_all("SELECT p.image_id
FROM pool_images AS p
INNER JOIN images AS i
ON i.id = p.image_id
WHERE p.pool_id = ?
AND i.rating IN ($rating)
ORDER BY p.image_order ASC
LIMIT ?, ?",
array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage));
$result = $database->get_all("SELECT p.image_id ".
"FROM pool_images AS p ".
"INNER JOIN images AS i ".
"ON i.id = p.image_id ".
"WHERE p.pool_id = ? ".
"AND i.rating IN ($rating) ".
"ORDER BY p.image_order ASC ".
"LIMIT ?, ?"
, array($poolID, $pageNumber * $imagesPerPage, $imagesPerPage));
$totalPages = ceil($database->db->GetOne("SELECT COUNT(*) ".
"FROM pool_images AS p ".
@ -532,7 +540,7 @@ class Pools extends SimpleExtension {
/*
* WE GET THE ORDER OF THE IMAGES
*/
private function edit_posts($poolID) {
private function edit_posts($poolID){
global $database;
$poolID = int_escape($poolID);
@ -553,7 +561,7 @@ class Pools extends SimpleExtension {
/*
* WE GET THE ORDER OF THE IMAGES BUT HERE WE SEND KEYS ADDED IN ARRAY TO GET THE ORDER IN THE INPUT VALUE
*/
private function edit_order($poolID) {
private function edit_order($poolID){
global $database;
$poolID = int_escape($poolID);
@ -570,14 +578,14 @@ class Pools extends SimpleExtension {
$images[] = array($image);
$result->MoveNext();
}
// Original code
//
// $images = array();
// while(!$result->EOF) {
// $image = Image::by_id($result->fields["image_id"]);
// $images[] = array($image);
// $result->MoveNext();
// }
// Original code
//
// $images = array();
// while(!$result->EOF) {
// $image = Image::by_id($result->fields["image_id"]);
// $images[] = array($image);
// $result->MoveNext();
// }
return $images;
}
@ -586,14 +594,14 @@ class Pools extends SimpleExtension {
/*
* HERE WE NUKE ENTIRE POOL. WE REMOVE POOLS AND POSTS FROM REMOVED POOL AND HISTORIES ENTRIES FROM REMOVED POOL
*/
private function nuke_pool($poolID) {
private function nuke_pool($poolID){
global $user, $database;
if($user->is_admin()) {
if($user->is_admin()){
$database->execute("DELETE FROM pool_history WHERE pool_id = ?", array($poolID));
$database->execute("DELETE FROM pool_images WHERE pool_id = ?", array($poolID));
$database->execute("DELETE FROM pools WHERE id = ?", array($poolID));
} elseif(!$user->is_anonymous()) {
} elseif(!$user->is_anonymous()){
// WE CHECK IF THE USER IS THE OWNER OF THE POOL IF NOT HE CAN'T DO ANYTHING
$database->execute("DELETE FROM pool_history WHERE pool_id = ?", array($poolID));
$database->execute("DELETE FROM pool_images WHERE pool_id = ?", array($poolID));
@ -607,7 +615,7 @@ class Pools extends SimpleExtension {
* HERE WE ADD A HISTORY ENTRY
* FOR $action 1 (one) MEANS ADDED, 0 (zero) MEANS REMOVED
*/
private function add_history($poolID, $action, $images, $count) {
private function add_history($poolID, $action, $images, $count){
global $user, $database;
$user_id = $user->id;
$database->execute("
@ -624,7 +632,7 @@ class Pools extends SimpleExtension {
/*
* HERE WE GET THE HISTORY LIST
*/
private function get_history($event) {
private function get_history($event){
global $config, $database;
$pageNumber = $event->get_arg(1);
@ -659,11 +667,12 @@ class Pools extends SimpleExtension {
/*
* HERE GO BACK IN HISTORY AND ADD OR REMOVE POSTS TO POOL
*/
private function revert_history($historyID) {
private function revert_history($historyID){
global $database;
$status = $database->get_all("SELECT * FROM pool_history WHERE id=?", array($historyID));
foreach ($status as $entry) {
foreach ($status as $entry)
{
$images = trim($entry['images']);
$images = explode(" ", $images);
$poolID = $entry['pool_id'];
@ -700,10 +709,10 @@ class Pools extends SimpleExtension {
* HERE WE ADD A SIMPLE POST FROM POOL
* USED WITH FOREACH IN revert_history()
*/
private function add_post($poolID, $imageID) {
private function add_post($poolID, $imageID){
global $database;
if(!$this->check_post($poolID, $imageID)) {
if(!$this->check_post($poolID, $imageID)){
$database->execute("
INSERT INTO pool_images
(pool_id, image_id)
@ -721,7 +730,7 @@ class Pools extends SimpleExtension {
* HERE WE REMOVE A SIMPLE POST FROM POOL
* USED WITH FOREACH IN revert_history()
*/
private function delete_post($poolID, $imageID) {
private function delete_post($poolID, $imageID){
global $database;
$database->execute("DELETE FROM pool_images WHERE pool_id = ? AND image_id = ?", array($poolID, $imageID));

94
contrib/pools/theme.php
View File

@ -4,12 +4,12 @@ class PoolsTheme extends Themelet {
/*
* HERE WE ADD THE POOL INFO ON IMAGE
*/
public function pool_info($linksPools) {
public function pool_info($linksPools){
global $config, $page;
$editor = 'This post belongs to the '.$linksPools.' pool.';
if($config->get_bool("poolsInfoOnViewImage")) {
if($linksPools <> " ") {
if($config->get_bool("poolsInfoOnViewImage")){
if($linksPools <> " "){
$page->add_block(new Block("Pool Info", $editor, "main", 1));
}
}
@ -20,7 +20,8 @@ class PoolsTheme extends Themelet {
/*
* HERE WE SHOWS THE LIST OF POOLS
*/
public function list_pools(Page $page, $pools, $pageNumber, $totalPages) {
public function list_pools(Page $page, $pools, $pageNumber, $totalPages)
{
global $user;
$html = '<table id="poolsList" class="zebra">'.
@ -30,22 +31,23 @@ class PoolsTheme extends Themelet {
"<th>Posts</th>".
"<th>Public</th>";
if($user->is_admin()) {
if($user->is_admin()){
$html .= "<th>Action</th>";
}
$html .= "</tr></thead>";
$n = 0;
foreach ($pools as $pool) {
foreach ($pools as $pool)
{
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_link = '<a href="'.make_link("pool/view/".$pool['id']).'">'.$pool['title']."</a>";
$user_link = '<a href="'.make_link("user/".$pool['user_name']).'">'.$pool['user_name']."</a>";
$del_link = '<a href="'.make_link("pool/nuke/".$pool['id']).'">Delete</a>';
if($pool['public'] == "Y") {
if($pool['public'] == "Y"){
$public = "Yes";
} elseif($pool['public'] == "N") {
} elseif($pool['public'] == "N"){
$public = "No";
}
@ -55,7 +57,7 @@ class PoolsTheme extends Themelet {
"<td>".$pool['posts']."</td>".
"<td>".$public."</td>";
if($user->is_admin()) {
if($user->is_admin()){
$html .= "<td>".$del_link."</td>";
}
@ -63,9 +65,6 @@ class PoolsTheme extends Themelet {
}
if(!$user->is_anonymous()) {
$html .= "<tfoot><tr><td colspan='5'><a href='".make_link("pool/new")."'>Create New</a></td></tr></tfoot>";
}
$html .= "</tbody></table>";
$blockTitle = "Pools";
@ -81,13 +80,14 @@ class PoolsTheme extends Themelet {
/*
* HERE WE DISPLAY THE NEW POOL COMPOSER
*/
public function new_pool_composer(Page $page) {
public function new_pool_composer(Page $page)
{
$html = "<form action=".make_link("pool/create")." method='POST'>
<table>
<tr><td>Title:</td><td><input type='text' name='title'></td></tr>
<tr><td>Public?</td><td><input name='public' type='checkbox' value='Y' checked='checked'/></td></tr>
<tr><td>Description:</td><td><textarea name='description'></textarea></td></tr>
<tr><td colspan='2'><input type='submit' value='Create' /></td></tr>
<tr><td colspan='2'><input type='submit' value='Submit' /></td></tr>
</table>
";
@ -102,7 +102,8 @@ class PoolsTheme extends Themelet {
/*
* HERE WE DISPLAY THE POOL WITH TITLE DESCRIPTION AND IMAGES WITH PAGINATION
*/
public function view_pool($pools, $images, $pageNumber, $totalPages) {
public function view_pool($pools, $images, $pageNumber, $totalPages)
{
global $user, $page;
$pool_info = "<table id='poolsList' class='zebra'>".
@ -112,7 +113,8 @@ class PoolsTheme extends Themelet {
"</tr></thead>";
$n = 0;
foreach ($pools as $pool) {
foreach ($pools as $pool)
{
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_info .= "<tr class='$oe'>".
@ -121,26 +123,19 @@ class PoolsTheme extends Themelet {
"</tr>";
// this will make disasters if more than one pool comes in the parameter
if($pool['public'] == "Y" || $user->is_admin()) {// IF THE POOL IS PUBLIC OR IS ADMIN SHOW EDIT PANEL
if(!$user->is_anonymous()) {// IF THE USER IS REGISTERED AND LOGGED IN SHOW EDIT PANEL
if($pool['public'] == "Y" || $user->is_admin()){// IF THE POOL IS PUBLIC OR IS ADMIN SHOW EDIT PANEL
if(!$user->is_anonymous()){// IF THE USER IS REGISTERED AND LOGGED IN SHOW EDIT PANEL
$this->sidebar_options($page, $pool);
}
}
$this->display_paginator($page, "pool/view/".$pool['id'], null, $pageNumber, $totalPages);
$this->display_paginator($page, "pool/view/".$pool['id']."", null, $pageNumber, $totalPages);
}
$pool_info .= "</tbody></table>";
if(count($pools) == 1) {
$page->set_title("Pool: ".html_escape($pool['title']));
$page->set_heading(html_escape($pool['title']));
$page->add_block(new Block("Viewing Pool", $pool_info, "main", 10));
}
else {
$page->set_title("Viewing Pool");
$page->set_heading("Viewing Pool");
$page->add_block(new Block("Viewing Pool", $pool_info, "main", 10));
}
$pool_images = '';
foreach($images as $pair) {
@ -162,7 +157,7 @@ class PoolsTheme extends Themelet {
/*
* HERE WE DISPLAY THE POOL OPTIONS ON SIDEBAR BUT WE HIDE REMOVE OPTION IF THE USER IS NOT THE OWNER OR ADMIN
*/
public function sidebar_options(Page $page, $pool) {
public function sidebar_options(Page $page, $pool){
global $user;
$editor = " <form action='".make_link("pool/import")."' method='POST'>
@ -182,7 +177,7 @@ class PoolsTheme extends Themelet {
</form>
";
if($user->id == $pool['user_id'] || $user->is_admin()) {
if($user->id == $pool['user_id'] || $user->is_admin()){
$editor .= "
<script type='text/javascript'>
function confirm_action() {
@ -204,7 +199,7 @@ class PoolsTheme extends Themelet {
/*
* HERE WE DISPLAY THE RESULT OF THE SEARCH ON IMPORT
*/
public function pool_result(Page $page, $images, $pool_id) {
public function pool_result(Page $page, $images, $pool_id){
$pool_images = "
<script language='JavaScript' type='text/javascript'>
@ -214,7 +209,7 @@ class PoolsTheme extends Themelet {
var a=new Array();
a=document.getElementsByName('check[]');
var p=0;
for(i=0;i<a.length;i++) {
for(i=0;i<a.length;i++){
a[i].checked = true ;
}
}
@ -224,7 +219,7 @@ class PoolsTheme extends Themelet {
var a=new Array();
a=document.getElementsByName('check[]');
var p=0;
for(i=0;i<a.length;i++) {
for(i=0;i<a.length;i++){
a[i].checked = false ;
}
}
@ -271,7 +266,8 @@ class PoolsTheme extends Themelet {
* HERE WE DISPLAY THE POOL ORDERER
* WE LIST ALL IMAGES ON POOL WITHOUT PAGINATION AND WITH A TEXT INPUT TO SET A NUMBER AND CHANGE THE ORDER
*/
public function edit_order(Page $page, $pools, $images) {
public function edit_order(Page $page, $pools, $images)
{
global $user;
$pool_info = "<table id='poolsList' class='zebra'>".
@ -282,7 +278,8 @@ class PoolsTheme extends Themelet {
$n = 0;
foreach ($pools as $pool) {
foreach ($pools as $pool)
{
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_info .= "<tr class='$oe'>".
@ -301,12 +298,17 @@ class PoolsTheme extends Themelet {
$n = 0;
foreach($images as $pair) {
$image = $pair[0];
$thumb_html = $this->build_thumb_html($image);
$pool_images .= '<span class="thumb">'.
'<a href="$image_link">'.$thumb_html.'</a>';
$pool_images .= '<br><input name="imgs['.$n.'][]" type="text" width="50px" value="'.$image->image_order.'" />'.
$pool_images .= '<br><input name="imgs['.$n.'][]" type="text" style="max-width:50px;" value="'.$image->image_order.'" />'.
'<input name="imgs['.$n.'][]" type="hidden" value="'.$image->id.'" />';
$n = $n+1;
$pool_images .= '</span>';
}
@ -324,7 +326,8 @@ class PoolsTheme extends Themelet {
* HERE WE DISPLAY THE POOL EDITOR
* WE LIST ALL IMAGES ON POOL WITHOUT PAGINATION AND WITH A CHECKBOX TO SELECT WHICH IMAGE WE WANT REMOVE
*/
public function edit_pool(Page $page, $pools, $images) {
public function edit_pool(Page $page, $pools, $images)
{
global $user;
$pool_info = "<table id='poolsList' class='zebra'>".
@ -335,7 +338,8 @@ class PoolsTheme extends Themelet {
$n = 0;
foreach ($pools as $pool) {
foreach ($pools as $pool)
{
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_info .= "<tr class='$oe'>".
@ -359,7 +363,7 @@ class PoolsTheme extends Themelet {
var a=new Array();
a=document.getElementsByName('check[]');
var p=0;
for(i=0;i<a.length;i++) {
for(i=0;i<a.length;i++){
a[i].checked = true ;
}
}
@ -369,21 +373,28 @@ class PoolsTheme extends Themelet {
var a=new Array();
a=document.getElementsByName('check[]');
var p=0;
for(i=0;i<a.length;i++) {
for(i=0;i<a.length;i++){
a[i].checked = false ;
}
}
</script>
";
$pool_images .= "<form action='".make_link("pool/remove_posts")."' method='POST' name='checks'>";
foreach($images as $pair) {
$image = $pair[0];
$thumb_html = $this->build_thumb_html($image);
$pool_images .= '<span class="thumb">'.
'<a href="$image_link">'.$thumb_html.'</a>';
$pool_images .= '<br><input name="check[]" type="checkbox" value="'.$image->id.'" />';
$pool_images .= '</span>';
}
@ -406,7 +417,7 @@ class PoolsTheme extends Themelet {
/*
* HERE WE DISPLAY THE HISTORY LIST
*/
public function show_history($histories, $pageNumber, $totalPages) {
public function show_history($histories, $pageNumber, $totalPages){
global $page;
$html = "<table id='poolsList' class='zebra'>".
"<thead><tr>".
@ -419,7 +430,8 @@ class PoolsTheme extends Themelet {
"</tr></thead>";
$n = 0;
foreach ($histories as $history) {
foreach ($histories as $history)
{
$oe = ($n++ % 2 == 0) ? "even" : "odd";
$pool_link = "<a href='".make_link("pool/view/".$history['pool_id'])."'>".$history['title']."</a>";
@ -464,7 +476,7 @@ class PoolsTheme extends Themelet {
/*
* HERE WE DISPLAY THE ERROR
*/
public function display_error($errMessage) {
public function display_error($errMessage){
global $page;
$page->set_title("Error");