diff --git a/download.php b/download.php
index 9636c4e64..9e3c5d747 100644
--- a/download.php
+++ b/download.php
@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/download.php,v $
-| $Revision: 1.20 $
-| $Date: 2008-05-25 13:50:46 $
+| $Revision: 1.21 $
+| $Date: 2008-08-04 20:31:49 $
| $Author: e107steved $
|
+----------------------------------------------------------------------------+
@@ -55,6 +55,9 @@ $template_load_core = '
}
';
+$order_options = array('download_id','download_datestamp','download_requested','download_name','download_author');
+$sort_options = array('ASC', 'DESC');
+
if (!e_QUERY || $_GET['elan'])
{
@@ -83,7 +86,12 @@ else
switch ($action)
{
case 'list' : // Category-based listing
- if (isset($_POST['view'])) extract($_POST);
+ if (isset($_POST['view']))
+ {
+ $view = intval($_POST['view']);
+ $sort = varset($_POST['sort'],'DESC');
+ $order = varset($_POST['order'],'download_datestamp');
+ }
if (!isset($dl_from)) $dl_from = 0;
// Get category type, page title
@@ -135,6 +143,9 @@ else
}
}
+if (isset($order) && !in_array($order,$order_options)) unset($order);
+if (isset($sort) && !in_array($sort,$sort_options)) unset($sort);
+
if (!isset($order)) $order = varset($pref['download_order'],"download_datestamp");
if (!isset($sort)) $sort = varset($pref['download_sort'], "DESC");
if (!isset($view)) $view = varset($pref['download_view'], "10");
diff --git a/e107_plugins/poll/poll_class.php b/e107_plugins/poll/poll_class.php
index a6a33a3e2..4a061ff54 100644
--- a/e107_plugins/poll/poll_class.php
+++ b/e107_plugins/poll/poll_class.php
@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/poll/poll_class.php,v $
-| $Revision: 1.9 $
-| $Date: 2008-07-28 20:16:14 $
+| $Revision: 1.10 $
+| $Date: 2008-08-04 20:31:49 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -53,21 +53,33 @@ class poll
*/
global $tp, $sql;
- extract($_POST);
- $poll_title = $tp->toDB($poll_title);
+ $poll_title = $tp->toDB($_POST['poll_title']);
+ $poll_comment= $tp -> toDB($_POST['poll_comment']);
+ $multipleChoice = intval($_POST['multipleChoice']);
+ $showResults = intval($_POST['showResults']);
+ $pollUserclass =intval($_POST['pollUserclass']);
+ $storageMethod = intval($_POST['storageMethod']);
$active_start = (!$_POST['startmonth'] || !$_POST['startday'] || !$_POST['startyear'] ? 0 : mktime (0, 0, 0, $_POST['startmonth'], $_POST['startday'], $_POST['startyear']));
$active_end = (!$_POST['endmonth'] || !$_POST['endday'] || !$_POST['endyear'] ? 0 : mktime (0, 0, 0, $_POST['endmonth'], $_POST['endday'], $_POST['endyear']));
$poll_options = "";
- foreach($poll_option as $key => $value)
+ foreach($_POST['poll_option'] as $key => $value)
{
- $poll_options .= $tp->toDB($poll_option[$key]).chr(1);
+ $poll_options .= $tp->toDB($value).chr(1);
}
if(POLLACTION == "edit")
{
- $sql -> db_Update("polls", "poll_title='$poll_title', poll_options='$poll_options', poll_type=$mode, poll_comment='".$tp -> toDB($poll_comment)."', poll_allow_multiple=".intval($multipleChoice).", poll_result_type=".intval($showResults).", poll_vote_userclass=".intval($pollUserclass).", poll_storage_method=".intval($storageMethod)." WHERE poll_id=".intval(POLLID));
+ $sql -> db_Update("polls", "poll_title='{$poll_title}',
+ poll_options='{$poll_options}',
+ poll_comment='{$poll_comment}',
+ poll_type=$mode,
+ poll_allow_multiple={$multipleChoice},
+ poll_result_type={$showResults},
+ poll_vote_userclass={$pollUserclass},
+ poll_storage_method={$storageMethod}
+ WHERE poll_id=".intval(POLLID));
/* update poll results - bugtracker #1124 .... */
$sql -> db_Select("polls", "poll_votes", "poll_id='".intval(POLLID)."' ");
diff --git a/e107_plugins/trackback/modtrackback.php b/e107_plugins/trackback/modtrackback.php
index c9e69a81c..0e13eaffe 100644
--- a/e107_plugins/trackback/modtrackback.php
+++ b/e107_plugins/trackback/modtrackback.php
@@ -11,8 +11,8 @@
| GNU General Public License (http://gnu.org).
|
| $Source: /cvs_backup/e107_0.8/e107_plugins/trackback/modtrackback.php,v $
-| $Revision: 1.2 $
-| $Date: 2007-12-07 20:38:10 $
+| $Revision: 1.3 $
+| $Date: 2008-08-04 20:31:49 $
| $Author: e107steved $
+----------------------------------------------------------------------------+
*/
@@ -24,16 +24,17 @@ if (!getperms("P") || !$pref['trackbackEnabled'])
exit;
}
require_once(e_ADMIN."auth.php");
-if (IsSet($_POST['moderate'])) {
- extract($_POST);
-
- if (is_array($trackback_delete)) {
- while (list ($key, $cid) = each ($trackback_delete)) {
- $sql->db_Delete("trackback", "trackback_id='$cid' ");
- }
+if (IsSet($_POST['moderate']))
+{
+ if (is_array($_POST['trackback_delete']))
+ {
+ while (list ($key, $cid) = each ($_POST['trackback_delete']))
+ {
+ $sql->db_Delete("trackback", "trackback_id='".intval($cid)."' ");
}
- $ns->tablerender("", "".TRACKBACK_L15."
");
- $e107cache->clear("news.php");
+ }
+ $ns->tablerender("", "".TRACKBACK_L15."
");
+ $e107cache->clear("news.php");
}
$text = "