mirror/php-e107
1
0
Fork 0
mirror of https://github.com/e107inc/e107.git synced 2025-01-17 04:38:27 +01:00
Code Issues Releases Wiki Activity
php-e107/e107_plugins/banner/e_shortcode.php
Nick Liu 20882920a0
Fix all PHP 8.1 test failures 
* `strftime()` has been replaced with a polyfill based on `DateTime`.
* Explicit type casts/assertions added where required by PHP 8.1
* `filter_var(…, FILTER_SANITIZE_STRING)` replaced with `strip_tags()`
  or HTML entity encoding of quotation marks, depending on a guess of
  what the intended "sanitization" was
* `http_build_query()` usage type mismatches fixed
* Removed usages of the `FILE_TEXT` constant
* To avoid breaking PHP 5.6 compatibility (function return types),
  `e_session_db` no longer implements `SessionHandlerInterface`.
  Instead, the alternative non-OOP invocation of
  `session_set_save_handler()` is used instead to apply the session
  handler.
* The shim for `strptime()` still calls the native function if available
  but now suppresses the deprecation warning.

* `e_db_pdo` explicitly asks for `PDO::ATTR_STRINGIFY_FETCHES` to
  maintain consistent behavior with past versions of PHP.
* `e_db_mysql` explicitly sets `mysqli_report(MYSQLI_REPORT_OFF)` to
  maintain consistent behavior with past versions of PHP.

* Removed pointless random number generator seed from `banner` plugin
* Workaround for `COUNT(*)` SQL query in
  `validatorClass::dbValidateArray()` without a proper API for avoiding
  SQL injection
2021-09-04 15:06:19 +02:00

111 lines
3.5 KiB
PHP
Raw Blame History

<?php
/*
* e107 website system
*
* Copyright (C) 2008-2016 e107 Inc (e107.org)
* Released under the terms and conditions of the
* GNU General Public License (http://www.gnu.org/licenses/gpl.txt)
*
* Banner shortcode
*
* e107 Banner management plugin
*
* Handles the display and sequencing of banners on web pages, including counting impressions
*
* @package e107_plugins
* @subpackage banner
*/
class banner_shortcodes extends e_shortcode
{
// $parm now can be array, old campaign $parm still allowed....
function sc_banner($parm = '')
{
$sql = e107::getDb();
$tp = e107::getParser();
$time = time();
$campaign = (isset($parm['campaign']) ? $parm['campaign'] : $parm);
$query = " (banner_startdate=0 OR banner_startdate <= {$time}) AND (banner_enddate=0 OR banner_enddate > {$time}) AND (banner_impurchased=0 OR banner_impressions<=banner_impurchased)" . ($campaign ? " AND banner_campaign='" . $tp->toDB($campaign) . "'" : '') . "
AND banner_active IN (" . USERCLASS_LIST . ") ";
if($tags = e107::getRegistry('core/form/related'))
{
$tags_regexp = "'(^|,)(" . str_replace(",", "|", $tags) . ")(,|$)'";
$query .= " AND banner_keywords REGEXP " . $tags_regexp;
}
$query .= " ORDER BY RAND() LIMIT 1";
if($sql->select('banner', 'banner_id, banner_image, banner_clickurl, banner_description', $query))
{
$row = $sql->fetch();
return $this->renderBanner($row, $parm);
}
else
{
return '&nbsp;';
}
}
// Also used by banner_menu.php
public function renderBanner($row, $parm = null)
{
$sql = e107::getDb('banner');
$tp = e107::getParser();
if(!$row['banner_image'])
{
return "<a href='" . e_HTTP . 'banner.php?' . $row['banner_id'] . "' rel='external'>" . BANNERLAN_39 . "</a>";
}
$fileext1 = substr(strrchr($row['banner_image'], '.'), 1);
$sql->update('banner', 'banner_impressions=banner_impressions+1 WHERE banner_id=' . (int) $row['banner_id']);
switch($fileext1)
{
case 'swf':
return "
<object classid=\"clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\" codebase=\"http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,29,0\" width=\"468\" height=\"60\">\n
<param name=\"movie\" value=\"" . e_IMAGE_ABS . "banners/" . $row['banner_image'] . "\">\n
<param name=\"quality\" value=\"high\">\n
<param name=\"SCALE\" value=\"noborder\">\n
<embed src=\"" . e_IMAGE_ABS . "banners/" . $row['banner_image'] . "\" width=\"468\" height=\"60\" scale=\"noborder\" quality=\"high\" pluginspage=\"http://www.macromedia.com/go/getflashplayer\" type=\"application/x-shockwave-flash\"></embed>
</object>
";
break;
case 'html':
case 'js':
case 'php': // Code - may 'echo' text, or may return it as a value
$file_data = file_get_contents(e_IMAGE . 'banners/' . $row['banner_image']);
return $file_data;
break;
default:
$class = empty($parm['class']) ? "e-banner img-responsive img-fluid" : $parm['class'];
$ban_ret = $tp->toImage($row['banner_image'], array('class' => $class, 'alt' => basename($row['banner_image']), 'legacy' => '{e_IMAGE}banners'));
break;
}
$start = "<a class='e-tip' href='" . e_HTTP . 'banner.php?' . $row['banner_id'] . "' rel='external' title=\"" . $tp->toAttribute(varset($row['banner_tooltip'], '')) . "\">";
$end = '</a>';
$text = $start . $ban_ret . $end;
if(!empty($row['banner_description']))
{
$text .= "<div class='e-banner-description'>" . $start . $tp->toHTML($row['banner_description'], true) . $end . "</div>";
}
return $text;
}
}
Reference in New Issue View Git Blame Copy Permalink