mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 12:48:24 +01:00
Code Issues Releases Wiki Activity

Code-cleanup and safestr

Browse Source
This commit is contained in:
Cameron 2019-03-19 15:12:17 -07:00
parent 6c682dffae
commit 78b95a54b6
3 changed files with 22 additions and 321 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
e107_admin/newspost.php
View File

@ -447,13 +447,13 @@ class news_admin_ui extends e_admin_ui
'checkboxes' => array('title' => '', 'type' => null, 'width' => '3%', 'thclass' => 'center first', 'class' => 'center', 'nosort' => true, 'toggle' => 'news_selected', 'forced' => TRUE),
'news_id' => array('title' => LAN_ID, 'type' => 'text', 'width' => '5%', 'thclass' => 'center', 'class' => 'center', 'nosort' => false, 'readParms'=>'link=sef&target=blank'),
'news_thumbnail' => array('title' => NWSLAN_67, 'type' => 'method', 'data'=>'str', 'width' => '110px', 'thclass' => 'center', 'class' => "center", 'nosort' => false, 'readParms'=>'thumb=60&thumb_urlraw=0&thumb_aw=60', 'readonly'=>false),
'news_title' => array('title' => LAN_TITLE, 'type' => 'text', 'data'=>'str', 'tab'=>0, 'writeParms'=> array('required'=> 1, 'size'=>'block-level'), 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
'news_summary' => array('title' => LAN_SUMMARY, 'type' => 'text', 'data'=>'str', 'tab'=>0, 'inline'=>true, 'writeParms'=>'size=block-level', 'width' => 'auto', 'thclass' => 'left', 'class' => 'left', 'nosort' => false),
'news_title' => array('title' => LAN_TITLE, 'type' => 'text', 'data'=>'safestr', 'tab'=>0, 'writeParms'=> array('required'=> 1, 'size'=>'block-level'), 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
'news_summary' => array('title' => LAN_SUMMARY, 'type' => 'text', 'data'=>'safestr', 'tab'=>0, 'inline'=>true, 'writeParms'=>'size=block-level', 'width' => 'auto', 'thclass' => 'left', 'class' => 'left', 'nosort' => false),
'news_body' => array('title' => "", 'type' => 'method', 'data'=>'str', 'tab'=>0, 'nolist'=>true, 'writeParms'=>'nolabel=1', 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
'news_extended' => array('title' => "", 'type' => null, 'data'=>'str', 'tab'=>0, 'nolist'=>true, 'writeParms'=>'nolabel=1', 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
'news_meta_keywords' => array('title' => LAN_KEYWORDS, 'type' => 'tags', 'data'=>'str', 'tab'=>1, 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
'news_meta_description' => array('title' => LAN_DESCRIPTION,'type' => 'textarea', 'data'=>'str', 'tab'=>1, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false, 'writeParms'=>array('size'=>'xxlarge')),
'news_meta_keywords' => array('title' => LAN_KEYWORDS, 'type' => 'tags', 'data'=>'safestr', 'tab'=>1, 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
'news_meta_description' => array('title' => LAN_DESCRIPTION,'type' => 'textarea', 'data'=>'safestr', 'tab'=>1, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false, 'writeParms'=>array('size'=>'xxlarge')),
'news_sef' => array('title' => LAN_SEFURL, 'type' => 'text', 'batch'=>1, 'data'=>'str', 'tab'=>1, 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false, 'writeParms'=>array('size'=>'xxlarge', 'show'=>1, 'sef'=>'news_title')),
'news_ping' => array('title' => LAN_PING, 'type' => 'checkbox', 'tab'=>1, 'data'=>false, 'writeParms'=>'value=0', 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false),
@ -464,11 +464,11 @@ class news_admin_ui extends e_admin_ui
'news_end' => array('title' => LAN_END, 'type' => 'datestamp', 'data'=>'int', 'tab'=>2, 'writeParms'=>'type=datetime', 'width' => 'auto', 'thclass' => '', 'class' => null, 'nosort' => false, 'parms' => 'mask=%A %d %B %Y'),
'news_class' => array('title' => LAN_VISIBILITY, 'type' => 'userclass', 'tab'=>2, 'inline'=>true, 'width' => 'auto', 'thclass' => '', 'class' => null, 'batch'=>true, 'filter'=>true),
'news_template' => array('title' => LAN_TEMPLATE, 'type' => 'method', 'data'=>'str', 'tab'=>2, 'inline'=>true, 'writeParms'=>array('plugin'=>'news', 'id'=>'news_view', 'area'=> 'front', 'merge'=>false), 'width' => 'auto', 'thclass' => 'left', 'class' => 'left', 'nosort' => false, 'batch'=>true, 'filter'=>true),
'news_template' => array('title' => LAN_TEMPLATE, 'type' => 'method', 'data'=>'safestr', 'tab'=>2, 'inline'=>true, 'writeParms'=>array('plugin'=>'news', 'id'=>'news_view', 'area'=> 'front', 'merge'=>false), 'width' => 'auto', 'thclass' => 'left', 'class' => 'left', 'nosort' => false, 'batch'=>true, 'filter'=>true),
'news_render_type' => array('title' => LAN_LOCATION, 'type' => 'dropdown', 'data'=>'str', 'tab'=>2, 'inline'=>true, 'readParms'=>array('type'=>'checkboxes'), 'width' => 'auto', 'thclass' => 'left', 'class' => 'left', 'nosort' => false, 'batch'=>true, 'filter'=>true),
'news_render_type' => array('title' => LAN_LOCATION, 'type' => 'dropdown', 'data'=>'safestr', 'tab'=>2, 'inline'=>true, 'readParms'=>array('type'=>'checkboxes'), 'width' => 'auto', 'thclass' => 'left', 'class' => 'left', 'nosort' => false, 'batch'=>true, 'filter'=>true),
'news_sticky' => array('title' => LAN_NEWS_28, 'type' => 'boolean', 'data'=>'int', 'tab'=>2, 'width' => 'auto', 'thclass' => 'center', 'class' => 'center', 'nosort' => false, 'batch'=>true, 'filter'=>true),
'news_sticky' => array('title' => LAN_NEWS_28, 'type' => 'boolean', 'data'=>'int', 'tab'=>2, 'width' => 'auto', 'thclass' => 'center', 'class' => 'center', 'nosort' => false, 'batch'=>true, 'filter'=>true),
'news_allow_comments' => array('title' => LAN_COMMENTS, 'type' => 'boolean', 'data'=>'int', 'tab'=>2, 'writeParms'=>'inverse=1', 'width' => 'auto', 'thclass' => 'center', 'class' => 'center', 'nosort' => false,'batch'=>true, 'filter'=>true,'readParms'=>'reverse=1'),
'news_comment_total' => array('title' => LAN_NEWS_60, 'type' => 'number', 'data'=>'int', 'tab'=>2, 'noedit'=>true, 'width' => '10%', 'thclass' => '', 'class' => null, 'nosort' => false),
// admin_news_notify

15
e107_admin/plugin.php
View File

@ -5019,17 +5019,26 @@ TEMPLATE;
$type = $val['type'];
$strings = array('time','timestamp','datetime','year','tinyblob','blob',
'mediumblob','longblob','tinytext','mediumtext','longtext','text','date','varchar','char');
'mediumblob','longblob','tinytext','mediumtext','longtext','text','date');
if(in_array(strtolower($type),$strings))
{
$value = 'str';
}
}
elseif($type === 'varchar' || $type === 'char')
{
$value = 'safestr';
}
else
{
$value = 'int';
}
$fname = $this->table."[fields][".$name."][data]";

314
e107_admin/wmessage.php
View File

@ -79,10 +79,10 @@ class generic_ui extends e_admin_ui
protected $fields = array (
'checkboxes' => array ( 'title' => '', 'type' => null, 'data' => null, 'width' => '5%', 'thclass' => 'center', 'forced' => '1', 'class' => 'center', 'toggle' => 'e-multiselect', ),
'gen_id' => array ( 'title' => LAN_ID, 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'gen_type' => array ( 'title' => LAN_TYPE, 'type' => 'hidden', 'data' => 'str', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => 'default=wmessage', 'class' => 'left', 'thclass' => 'left', ),
'gen_type' => array ( 'title' => LAN_TYPE, 'type' => 'hidden', 'data' => 'safestr', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => 'default=wmessage', 'class' => 'left', 'thclass' => 'left', ),
'gen_datestamp' => array ( 'title' => LAN_DATESTAMP, 'type' => 'hidden', 'data' => 'int', 'width' => 'auto', 'filter' => true, 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'gen_user_id' => array ( 'title' => LAN_AUTHOR, 'type' => 'hidden', 'data' => 'int', 'width' => '5%', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'gen_ip' => array ( 'title' => LAN_TITLE, 'type' => 'text', 'data' => 'str', 'width' => 'auto', 'inline' => true, 'help' => '', 'readParms' => '', 'writeParms' => 'size=xxlarge', 'class' => 'left', 'thclass' => 'left', ),
'gen_ip' => array ( 'title' => LAN_TITLE, 'type' => 'text', 'data' => 'safestr', 'width' => 'auto', 'inline' => true, 'help' => '', 'readParms' => '', 'writeParms' => 'size=xxlarge', 'class' => 'left', 'thclass' => 'left', ),
'gen_intdata' => array ( 'title' => LAN_VISIBILITY, 'type' => 'userclass', 'data' => 'int', 'inline'=>true, 'batch'=>true, 'filter'=>true, 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'left', 'thclass' => 'left', ),
'gen_chardata' => array ( 'title' => LAN_MESSAGE, 'type' => 'bbarea', 'data' => 'str', 'width' => 'auto', 'help' => '', 'readParms' => '', 'writeParms' => '', 'class' => 'center', 'thclass' => 'center', ),
'options' => array ( 'title' => LAN_OPTIONS, 'type' => null, 'data' => null, 'width' => '10%', 'thclass' => 'center last', 'class' => 'center last', 'forced' => '1', ),
@ -102,7 +102,7 @@ class generic_ui extends e_admin_ui
}
public function beforeCreate($new_data)
public function beforeCreate($new_data, $old_data)
{
return $new_data;
}
@ -168,311 +168,3 @@ exit;
/*
require_once(e_HANDLER.'userclass_class.php');
require_once(e_HANDLER."ren_help.php");
$frm = e107::getForm();
$mes = e107::getMessage();
vartrue($action) == '';
if (e_QUERY)
{
$tmp = explode('.', e_QUERY);
$action = $tmp[0];
$sub_action = varset($tmp[1], '');
$id = varset($tmp[2], 0);
unset($tmp);
}
if($_POST)
{
$e107cache->clear("wmessage");
}
if (isset($_POST['wm_update']))
{
$data = $_POST['data']; // $tp->toDB($_POST['data']) causes issues with ':'
$wm_title = $tp->toDB($_POST['wm_caption']);
$wmId = intval($_POST['wm_id']);
$updateArray = array(
'gen_chardata' => $data,
'gen_ip' => $wm_title,
'gen_intdata' => $_POST['wm_active'],
'WHERE' => "gen_id=".$wmId
);
//$message = ($sql->db_Update("generic", "gen_chardata ='{$data}',gen_ip ='{$wm_title}', gen_intdata='".$_POST['wm_active']."' WHERE gen_id=".$wmId." ")) ? LAN_UPDATED : LAN_UPDATED_FAILED;
// if ($sql->update("generic", "gen_chardata ='{$data}',gen_ip ='{$wm_title}', gen_intdata='".$_POST['wm_active']."' WHERE gen_id=".$wmId." "))
if ($sql->update("generic", $updateArray))
{
$mes->addSuccess(LAN_UPDATED);
welcome_adminlog('02', $wmId, $wm_title);
}
else
{
$mes->addError(LAN_UPDATED_FAILED);
}
}
if (isset($_POST['wm_insert']))
{
$wmtext = $tp->toDB($_POST['data']);
$wmtitle = $tp->toDB($_POST['wm_caption']);
welcome_adminlog('01', 0, $wmtitle);
//$message = ($sql->db_Insert("generic", "0, 'wmessage', '".time()."', ".USERID.", '{$wmtitle}', '{$_POST['wm_active']}', '{$wmtext}' ")) ? LAN_CREATED : LAN_CREATED_FAILED ;
if ($sql->db_Insert("generic", "0, 'wmessage', '".time()."', ".USERID.", '{$wmtitle}', '{$_POST['wm_active']}', '{$wmtext}' "))
{
$mes->addSuccess(LAN_CREATED);
}
else
{
$mes->addError(LAN_CREATED_FAILED);
}
}
if (isset($_POST['updateoptions']))
{
$changed = FALSE;
foreach (array('wm_enclose','wmessage_sc') as $opt)
{
$temp = intval($_POST[$opt]);
if ($temp != $pref[$opt])
{
$pref[$opt] = $temp;
$changed = TRUE;
}
}
if ($changed)
{
save_prefs();
welcome_adminlog('04', 0, $pref['wm_enclose'].', '.$pref['wmessage_sc']);
}
else
{
$mes->addInfo(LAN_NOCHANGE_NOTSAVED);
}
}
if (isset($_POST['main_delete']))
{
$del_id = array_keys($_POST['main_delete']);
welcome_adminlog('03', $wmId, '');
if ($sql->delete("generic", "gen_id='".$del_id[0]."' "))
{
$mes->addSuccess(LAN_DELETED);
}
else
{
$mes->addError(LAN_DELETED_FAILED);
}
}
echo $mes->render();
// Show Existing -------
if ($action == "main" || $action == "")
{
if ($wm_total = $sql->select("generic", "*", "gen_type='wmessage' ORDER BY gen_id ASC"))
{
$wmList = $sql->db_getList();
$text = $frm->open('myform_wmessage','post',e_SELF);
$text .= "
<table class='table adminlist'>
<colgroup>
<col style='width:5%' />
<col style='width:70%' />
<col style='width:10%' />
<col style='width:10%' />
</colgroup>
<thead>
<tr>
<th>".LAN_ID."</th>
<th>".LAN_MESSAGE."</th>
<th class='center'>".LAN_VISIBILITY."</th>
<th class='center'>".LAN_OPTIONS."</th>
</tr>
</thead>
<tbody>";
foreach($wmList as $row)
{
$text .= "
<tr>
<td class='center' style='text-align: center; vertical-align: middle'>".$row['gen_id']."</td>
<td>".strip_tags($tp->toHTML($row['gen_ip']))."</td>
<td>".r_userclass_name($row['gen_intdata'])."</td>
<td class='center nowrap'>
<a class='btn btn-large' href='".e_SELF."?create.edit.{$row['gen_id']}'>".ADMIN_EDIT_ICON."</a>
<button class='btn btn-large action delete' type='submit' title='".LAN_DELETE."' name='main_delete[".$row['gen_id']."]' data-confirm=\"".LAN_CONFIRMDEL." [ID: {$row['gen_id']} ]\" >".ADMIN_DELETE_ICON."</button>
</td>
</tr>";
}
$text .= "</tbody></table>";
$text .= $frm->close();
} else {
$mes->addInfo(WMLAN_09);
}
$ns->tablerender(WMLAN_00.SEP.LAN_MANAGE, $mes->render() . $text);
}
// Create and Edit
if ($action == "create" || $action == "edit")
{
if ($sub_action == "edit")
{
$sql->select("generic", "gen_intdata, gen_ip, gen_chardata", "gen_id = $id");
$row = $sql->fetch();
}
$text = "
<form method='post' action='".e_SELF."' id='wmform'>
<fieldset id='code-wmessage-create'>
<table class='table adminform'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
<tr>
<td>".WMLAN_10."</td>
<td>".$frm->text('wm_caption', $tp->toForm(vartrue($row['gen_ip'])), 80)."</td>
</tr>
<tr>
<td>".LAN_MESSAGE."</td>
<td>";
$text .= $frm->bbarea('data',$row['gen_chardata']);
// $text .= "<textarea class='e-wysiwyg tbox' id='data' name='data' cols='70' rows='15' style='width:95%' onselect='storeCaret(this);' onclick='storeCaret(this);' onkeyup='storeCaret(this)'>".$tp->toForm(vartrue($row['gen_chardata']))."</textarea>";
$text .= "</td>
</tr>";
// $text .= display_help("helpb", "admin"); //XXX Serves as BC Check
$text .= "
<tr>
<td>".LAN_VISIBILITY."</td>
<td>".r_userclass("wm_active", vartrue($row['gen_intdata']), "off", "public,guest,nobody,member,admin,classes")."</td>
</tr>
</table>
<div class='buttons-bar center'>";
if($sub_action == "edit")
{
$text .= $frm->admin_button('wm_update', LAN_UPDATE, 'update');
}
else
{
$text .= $frm->admin_button('wm_insert', LAN_CREATE, 'create');
}
$text .= "<input type='hidden' name='wm_id' value='".$id."' />";
$text .= "</div>
</fieldset>
</form>";
$ns->tablerender(WMLAN_00.SEP.LAN_CREATE, $mes->render() . $text);
}
if ($action == "opt") {
$pref = e107::getPref();
$ns = e107::getRender();
$text = "
<form method='post' action='".e_SELF."?".e_QUERY."'>\n
<fieldset id='code-wmessage-options'>
<table class='table adminform'>
<colgroup>
<col class='col-label' />
<col class='col-control' />
</colgroup>
<tr>
<td>".WMLAN_05."</td>
<td>".$frm->radio_switch('wm_enclose', varset($pref['wm_enclose']))."<span class='field-help'>".WMLAN_06."</span></td>
</tr>";
// DEPRECATED - see header_default.php {WMESSAGE}
// $text .= "
// <tr>
// <td>".WMLAN_07."</td>
// <td>".$frm->checkbox('wmessage_sc', 1, varset($pref['wmessage_sc'],0))."</td>
// </tr>";
$text .= "
</table>
<div class='buttons-bar center'>
". $frm->admin_button('updateoptions', LAN_SAVE)."
</div>
</fieldset>
</form>
";
$ns->tablerender(WMLAN_00.SEP.LAN_PREFS, $mes->render() . $text);
}
function wmessage_adminmenu()
{
$act = e_QUERY;
$action = vartrue($act,'main');
$var['main']['text'] = LAN_MANAGE;
$var['main']['link'] = e_SELF;
$var['create']['text'] = LAN_CREATE;
$var['create']['link'] = e_SELF."?create";
$var['opt']['text'] = LAN_PREFS;
$var['opt']['link'] = e_SELF."?opt";
show_admin_menu(WMLAN_00, $action, $var);
}
require_once("footer.php");
// Log event to admin log
function welcome_adminlog($msg_num='00', $id=0, $woffle='')
{
global $pref, $admin_log;
// if (!varset($pref['admin_log_log']['admin_welcome'],0)) return;
$msg = '';
if ($id) $msg = 'ID: '.$id;
if ($woffle)
{
if ($msg) $msg .= '[!br!]';
$msg .= $woffle;
}
e107::getLog()->add('WELCOME_'.$msg_num,$msg,E_LOG_INFORMATIVE,'');
}
*/
?>