consistently use colon parameters
This commit is contained in:
parent
861def1aa3
commit
95ef5940fc
21 changed files with 258 additions and 316 deletions
|
@ -144,8 +144,8 @@ class Artists extends Extension
|
||||||
}
|
}
|
||||||
|
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"UPDATE images SET author = ? WHERE id = ?",
|
"UPDATE images SET author = :author WHERE id = :id",
|
||||||
[$artistName, $event->image->id]
|
['author'=>$artistName, 'id'=>$event->image->id]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -414,21 +414,21 @@ class Artists extends Extension
|
||||||
private function get_artistName_by_imageID(int $imageID): string
|
private function get_artistName_by_imageID(int $imageID): string
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_row("SELECT author FROM images WHERE id = ?", [$imageID]);
|
$result = $database->get_row("SELECT author FROM images WHERE id = :id", ['id'=>$imageID]);
|
||||||
return stripslashes($result['author']);
|
return stripslashes($result['author']);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function url_exists_by_url(string $url): bool
|
private function url_exists_by_url(string $url): bool
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_one("SELECT COUNT(1) FROM artist_urls WHERE url = ?", [$url]);
|
$result = $database->get_one("SELECT COUNT(1) FROM artist_urls WHERE url = :url", ['url'=>$url]);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function member_exists_by_name(string $member): bool
|
private function member_exists_by_name(string $member): bool
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_one("SELECT COUNT(1) FROM artist_members WHERE name = ?", [$member]);
|
$result = $database->get_one("SELECT COUNT(1) FROM artist_members WHERE name = :name", ['name'=>$member]);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -436,7 +436,7 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$result = $database->get_one("SELECT COUNT(1) FROM artist_alias WHERE alias = ?", [$alias]);
|
$result = $database->get_one("SELECT COUNT(1) FROM artist_alias WHERE alias = :alias", ['alias'=>$alias]);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -444,8 +444,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_one(
|
$result = $database->get_one(
|
||||||
"SELECT COUNT(1) FROM artist_alias WHERE artist_id = ? AND alias = ?",
|
"SELECT COUNT(1) FROM artist_alias WHERE artist_id = :artist_id AND alias = :alias",
|
||||||
[$artistID, $alias]
|
['artist_id'=>$artistID, 'alias'=>$alias]
|
||||||
);
|
);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
@ -453,61 +453,61 @@ class Artists extends Extension
|
||||||
private function get_artistID_by_url(string $url): int
|
private function get_artistID_by_url(string $url): int
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return $database->get_one("SELECT artist_id FROM artist_urls WHERE url = ?", [$url]);
|
return $database->get_one("SELECT artist_id FROM artist_urls WHERE url = :url", ['url'=>$url]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function get_artistID_by_memberName(string $member): int
|
private function get_artistID_by_memberName(string $member): int
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return $database->get_one("SELECT artist_id FROM artist_members WHERE name = ?", [$member]);
|
return $database->get_one("SELECT artist_id FROM artist_members WHERE name = :name", ['name'=>$member]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function get_artistName_by_artistID(int $artistID): string
|
private function get_artistName_by_artistID(int $artistID): string
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return $database->get_one("SELECT name FROM artists WHERE id = ?", [$artistID]);
|
return $database->get_one("SELECT name FROM artists WHERE id = :id", ['id'=>$artistID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function get_artistID_by_aliasID(int $aliasID): int
|
private function get_artistID_by_aliasID(int $aliasID): int
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return $database->get_one("SELECT artist_id FROM artist_alias WHERE id = ?", [$aliasID]);
|
return $database->get_one("SELECT artist_id FROM artist_alias WHERE id = :id", ['id'=>$aliasID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function get_artistID_by_memberID(int $memberID): int
|
private function get_artistID_by_memberID(int $memberID): int
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return $database->get_one("SELECT artist_id FROM artist_members WHERE id = ?", [$memberID]);
|
return $database->get_one("SELECT artist_id FROM artist_members WHERE id = :id", ['id'=>$memberID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function get_artistID_by_urlID(int $urlID): int
|
private function get_artistID_by_urlID(int $urlID): int
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return $database->get_one("SELECT artist_id FROM artist_urls WHERE id = ?", [$urlID]);
|
return $database->get_one("SELECT artist_id FROM artist_urls WHERE id = :id", ['id'=>$urlID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function delete_alias(int $aliasID)
|
private function delete_alias(int $aliasID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("DELETE FROM artist_alias WHERE id = ?", [$aliasID]);
|
$database->execute("DELETE FROM artist_alias WHERE id = :id", ['id'=>$aliasID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function delete_url(int $urlID)
|
private function delete_url(int $urlID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("DELETE FROM artist_urls WHERE id = ?", [$urlID]);
|
$database->execute("DELETE FROM artist_urls WHERE id = :id", ['id'=>$urlID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function delete_member(int $memberID)
|
private function delete_member(int $memberID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("DELETE FROM artist_members WHERE id = ?", [$memberID]);
|
$database->execute("DELETE FROM artist_members WHERE id = :id", ['id'=>$memberID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function get_alias_by_id(int $aliasID): array
|
private function get_alias_by_id(int $aliasID): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_row("SELECT * FROM artist_alias WHERE id = ?", [$aliasID]);
|
$result = $database->get_row("SELECT * FROM artist_alias WHERE id = :id", ['id'=>$aliasID]);
|
||||||
$result["alias"] = stripslashes($result["alias"]);
|
$result["alias"] = stripslashes($result["alias"]);
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
@ -515,7 +515,7 @@ class Artists extends Extension
|
||||||
private function get_url_by_id(int $urlID): array
|
private function get_url_by_id(int $urlID): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_row("SELECT * FROM artist_urls WHERE id = ?", [$urlID]);
|
$result = $database->get_row("SELECT * FROM artist_urls WHERE id = :id", ['id'=>$urlID]);
|
||||||
$result["url"] = stripslashes($result["url"]);
|
$result["url"] = stripslashes($result["url"]);
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
@ -523,7 +523,7 @@ class Artists extends Extension
|
||||||
private function get_member_by_id(int $memberID): array
|
private function get_member_by_id(int $memberID): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_row("SELECT * FROM artist_members WHERE id = ?", [$memberID]);
|
$result = $database->get_row("SELECT * FROM artist_members WHERE id = :id", ['id'=>$memberID]);
|
||||||
$result["name"] = stripslashes($result["name"]);
|
$result["name"] = stripslashes($result["name"]);
|
||||||
return $result;
|
return $result;
|
||||||
}
|
}
|
||||||
|
@ -559,8 +559,8 @@ class Artists extends Extension
|
||||||
|
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"UPDATE artists SET name = ?, notes = ?, updated = now(), user_id = ? WHERE id = ? ",
|
"UPDATE artists SET name = :name, notes = :notes, updated = now(), user_id = :user_id WHERE id = :id",
|
||||||
[$name, $notes, $userID, $artistID]
|
['name'=>$name, 'notes'=>$notes, 'user_id'=>$userID, 'id'=>$artistID]
|
||||||
);
|
);
|
||||||
|
|
||||||
// ALIAS MATCHING SECTION
|
// ALIAS MATCHING SECTION
|
||||||
|
@ -640,8 +640,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"UPDATE artist_alias SET alias = ?, updated = now(), user_id = ? WHERE id = ? ",
|
"UPDATE artist_alias SET alias = :alias, updated = now(), user_id = :user_id WHERE id = :id",
|
||||||
[$alias, $userID, $aliasID]
|
['alias'=>$alias, 'user_id'=>$userID, 'id'=>$aliasID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -659,8 +659,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"UPDATE artist_urls SET url = ?, updated = now(), user_id = ? WHERE id = ?",
|
"UPDATE artist_urls SET url = :url, updated = now(), user_id = :user_id WHERE id = :id",
|
||||||
[$url, $userID, $urlID]
|
['url'=>$url, 'user_id'=>$userID, 'id'=>$urlID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -678,8 +678,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"UPDATE artist_members SET name = ?, updated = now(), user_id = ? WHERE id = ?",
|
"UPDATE artist_members SET name = :name, updated = now(), user_id = :user_id WHERE id = :id",
|
||||||
[$memberName, $userID, $memberID]
|
['name'=>$memberName, 'user_id'=>$userID, 'id'=>$memberID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -754,8 +754,8 @@ class Artists extends Extension
|
||||||
global $database, $user;
|
global $database, $user;
|
||||||
$database->execute("
|
$database->execute("
|
||||||
INSERT INTO artists (user_id, name, notes, created, updated)
|
INSERT INTO artists (user_id, name, notes, created, updated)
|
||||||
VALUES (?, ?, ?, now(), now())
|
VALUES (:user_id, :name, :notes, now(), now())
|
||||||
", [$user->id, $name, $notes]);
|
", ['user_id'=>$user->id, 'name'=>$name, 'notes'=>$notes]);
|
||||||
return $database->get_last_insert_id('artists_id_seq');
|
return $database->get_last_insert_id('artists_id_seq');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -763,8 +763,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_one(
|
$result = $database->get_one(
|
||||||
"SELECT COUNT(1) FROM artists WHERE name = ?",
|
"SELECT COUNT(1) FROM artists WHERE name = :name",
|
||||||
[$name]
|
['name'=>$name]
|
||||||
);
|
);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
@ -773,8 +773,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_row(
|
$result = $database->get_row(
|
||||||
"SELECT * FROM artists WHERE id = ?",
|
"SELECT * FROM artists WHERE id = :id",
|
||||||
[$artistID]
|
['id'=>$artistID]
|
||||||
);
|
);
|
||||||
|
|
||||||
$result["name"] = stripslashes($result["name"]);
|
$result["name"] = stripslashes($result["name"]);
|
||||||
|
@ -787,8 +787,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_all(
|
$result = $database->get_all(
|
||||||
"SELECT * FROM artist_members WHERE artist_id = ?",
|
"SELECT * FROM artist_members WHERE artist_id = :artist_id",
|
||||||
[$artistID]
|
['artist_id'=>$artistID]
|
||||||
);
|
);
|
||||||
|
|
||||||
$num = count($result);
|
$num = count($result);
|
||||||
|
@ -803,8 +803,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_all(
|
$result = $database->get_all(
|
||||||
"SELECT id, url FROM artist_urls WHERE artist_id = ?",
|
"SELECT id, url FROM artist_urls WHERE artist_id = :artist_id",
|
||||||
[$artistID]
|
['artist_id'=>$artistID]
|
||||||
);
|
);
|
||||||
|
|
||||||
$num = count($result);
|
$num = count($result);
|
||||||
|
@ -819,8 +819,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
return (int)$database->get_one(
|
return (int)$database->get_one(
|
||||||
"SELECT id FROM artists WHERE name = ?",
|
"SELECT id FROM artists WHERE name = :name",
|
||||||
[$name]
|
['name'=>$name]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -829,8 +829,8 @@ class Artists extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
return (int)$database->get_one(
|
return (int)$database->get_one(
|
||||||
"SELECT artist_id FROM artist_alias WHERE alias = ?",
|
"SELECT artist_id FROM artist_alias WHERE alias = :alias",
|
||||||
[$alias]
|
['alias'=>$alias]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -838,8 +838,8 @@ class Artists extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"DELETE FROM artists WHERE id = ? ",
|
"DELETE FROM artists WHERE id = :id",
|
||||||
[$artistID]
|
['id'=>$artistID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -899,12 +899,12 @@ class Artists extends Extension
|
||||||
ORDER BY m.updated DESC
|
ORDER BY m.updated DESC
|
||||||
)
|
)
|
||||||
ORDER BY updated DESC
|
ORDER BY updated DESC
|
||||||
LIMIT ?, ?
|
LIMIT :offset, :limit
|
||||||
",
|
",
|
||||||
[
|
[
|
||||||
$pageNumber * $artistsPerPage
|
"offset"=>$pageNumber * $artistsPerPage,
|
||||||
, $artistsPerPage
|
"limit"=>$artistsPerPage
|
||||||
]
|
]
|
||||||
);
|
);
|
||||||
|
|
||||||
$number_of_listings = count($listing);
|
$number_of_listings = count($listing);
|
||||||
|
@ -954,8 +954,8 @@ class Artists extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"INSERT INTO artist_urls (artist_id, created, updated, url, user_id) VALUES (?, now(), now(), ?, ?)",
|
"INSERT INTO artist_urls (artist_id, created, updated, url, user_id) VALUES (:artist_id, now(), now(), :url, :user_id)",
|
||||||
[$artistID, $url, $userID]
|
['artist'=>$artistID, 'url'=>$url, 'user_id'=>$userID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -981,8 +981,8 @@ class Artists extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"INSERT INTO artist_alias (artist_id, created, updated, alias, user_id) VALUES (?, now(), now(), ?, ?)",
|
"INSERT INTO artist_alias (artist_id, created, updated, alias, user_id) VALUES (:artist_id, now(), now(), :alias, :user_id)",
|
||||||
[$artistID, $alias, $userID]
|
['artist_id'=>$artistID, 'alias'=>$alias, 'user_id'=>$userID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1008,8 +1008,8 @@ class Artists extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"INSERT INTO artist_members (artist_id, name, created, updated, user_id) VALUES (?, ?, now(), now(), ?)",
|
"INSERT INTO artist_members (artist_id, name, created, updated, user_id) VALUES (:artist_id, :name, now(), now(), :user_id)",
|
||||||
[$artistID, $member, $userID]
|
['artist'=>$artistID, 'name'=>$member, 'user_id'=>$userID]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1018,8 +1018,8 @@ class Artists extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$result = $database->get_one(
|
$result = $database->get_one(
|
||||||
"SELECT COUNT(1) FROM artist_members WHERE artist_id = ? AND name = ?",
|
"SELECT COUNT(1) FROM artist_members WHERE artist_id = :artist_id AND name = :name",
|
||||||
[$artistID, $member]
|
['artist_id'=>$artistID, 'name'=>$member]
|
||||||
);
|
);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
@ -1029,8 +1029,8 @@ class Artists extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$result = $database->get_one(
|
$result = $database->get_one(
|
||||||
"SELECT COUNT(1) FROM artist_urls WHERE artist_id = ? AND url = ?",
|
"SELECT COUNT(1) FROM artist_urls WHERE artist_id = :artist_id AND url = :url",
|
||||||
[$artistID, $url]
|
['artist_id'=>$artistID, 'url'=>$url]
|
||||||
);
|
);
|
||||||
return ($result != 0);
|
return ($result != 0);
|
||||||
}
|
}
|
||||||
|
@ -1045,9 +1045,9 @@ class Artists extends Extension
|
||||||
$result = $database->get_all("
|
$result = $database->get_all("
|
||||||
SELECT id AS alias_id, alias AS alias_name
|
SELECT id AS alias_id, alias AS alias_name
|
||||||
FROM artist_alias
|
FROM artist_alias
|
||||||
WHERE artist_id = ?
|
WHERE artist_id = :artist_id
|
||||||
ORDER BY alias ASC
|
ORDER BY alias ASC
|
||||||
", [$artistID]);
|
", ['artist_id'=>$artistID]);
|
||||||
|
|
||||||
for ($i = 0 ; $i < count($result) ; $i++) {
|
for ($i = 0 ; $i < count($result) ; $i++) {
|
||||||
$result[$i]["alias_name"] = stripslashes($result[$i]["alias_name"]);
|
$result[$i]["alias_name"] = stripslashes($result[$i]["alias_name"]);
|
||||||
|
|
|
@ -60,8 +60,8 @@ class Blocks extends Extension
|
||||||
if ($user->check_auth_token()) {
|
if ($user->check_auth_token()) {
|
||||||
$database->execute("
|
$database->execute("
|
||||||
INSERT INTO blocks (pages, title, area, priority, content)
|
INSERT INTO blocks (pages, title, area, priority, content)
|
||||||
VALUES (?, ?, ?, ?, ?)
|
VALUES (:pages, :title, :area, :priority, :content)
|
||||||
", [$_POST['pages'], $_POST['title'], $_POST['area'], (int)$_POST['priority'], $_POST['content']]);
|
", ['pages'=>$_POST['pages'], 'title'=>$_POST['title'], 'area'=>$_POST['area'], 'priority'=>(int)$_POST['priority'], 'content'=>$_POST['content']]);
|
||||||
log_info("blocks", "Added Block #".($database->get_last_insert_id('blocks_id_seq'))." (".$_POST['title'].")");
|
log_info("blocks", "Added Block #".($database->get_last_insert_id('blocks_id_seq'))." (".$_POST['title'].")");
|
||||||
$cache->delete("blocks");
|
$cache->delete("blocks");
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
|
@ -73,14 +73,14 @@ class Blocks extends Extension
|
||||||
if (!empty($_POST['delete'])) {
|
if (!empty($_POST['delete'])) {
|
||||||
$database->execute("
|
$database->execute("
|
||||||
DELETE FROM blocks
|
DELETE FROM blocks
|
||||||
WHERE id=?
|
WHERE id=:id
|
||||||
", [$_POST['id']]);
|
", ['id'=>$_POST['id']]);
|
||||||
log_info("blocks", "Deleted Block #".$_POST['id']);
|
log_info("blocks", "Deleted Block #".$_POST['id']);
|
||||||
} else {
|
} else {
|
||||||
$database->execute("
|
$database->execute("
|
||||||
UPDATE blocks SET pages=?, title=?, area=?, priority=?, content=?
|
UPDATE blocks SET pages=:pages, title=:title, area=:area, priority=:priority, content=:content
|
||||||
WHERE id=?
|
WHERE id=:id
|
||||||
", [$_POST['pages'], $_POST['title'], $_POST['area'], (int)$_POST['priority'], $_POST['content'], $_POST['id']]);
|
", ['pages'=>$_POST['pages'], 'title'=>$_POST['title'], 'area'=>$_POST['area'], 'priority'=>(int)$_POST['priority'], 'content'=>$_POST['content'], 'id'=>$_POST['id']]);
|
||||||
log_info("blocks", "Updated Block #".$_POST['id']." (".$_POST['title'].")");
|
log_info("blocks", "Updated Block #".$_POST['id']." (".$_POST['title'].")");
|
||||||
}
|
}
|
||||||
$cache->delete("blocks");
|
$cache->delete("blocks");
|
||||||
|
|
|
@ -32,8 +32,8 @@ class Blotter extends Extension
|
||||||
");
|
");
|
||||||
// Insert sample data:
|
// Insert sample data:
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"INSERT INTO blotter (entry_date, entry_text, important) VALUES (now(), ?, ?)",
|
"INSERT INTO blotter (entry_date, entry_text, important) VALUES (now(), :text, :important)",
|
||||||
["Installed the blotter extension!", "Y"]
|
["text"=>"Installed the blotter extension!", "important"=>"Y"]
|
||||||
);
|
);
|
||||||
log_info("blotter", "Installed tables for blotter extension.");
|
log_info("blotter", "Installed tables for blotter extension.");
|
||||||
$config->set_int("blotter_version", 1);
|
$config->set_int("blotter_version", 1);
|
||||||
|
@ -102,8 +102,8 @@ class Blotter extends Extension
|
||||||
}
|
}
|
||||||
// Now insert into db:
|
// Now insert into db:
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"INSERT INTO blotter (entry_date, entry_text, important) VALUES (now(), ?, ?)",
|
"INSERT INTO blotter (entry_date, entry_text, important) VALUES (now(), :text, :important)",
|
||||||
[$entry_text, $important]
|
["text"=>$entry_text, "important"=>$important]
|
||||||
);
|
);
|
||||||
log_info("blotter", "Added Message: $entry_text");
|
log_info("blotter", "Added Message: $entry_text");
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
|
|
|
@ -53,9 +53,9 @@ class BrowserSearch extends Extension
|
||||||
|
|
||||||
// Now to get DB results
|
// Now to get DB results
|
||||||
if ($config->get_string("search_suggestions_results_order") == "a") {
|
if ($config->get_string("search_suggestions_results_order") == "a") {
|
||||||
$tags = $database->execute("SELECT tag FROM tags WHERE tag LIKE ? AND count > 0 ORDER BY tag ASC LIMIT 30", [$tag_search."%"]);
|
$tags = $database->execute("SELECT tag FROM tags WHERE tag LIKE :tag AND count > 0 ORDER BY tag ASC LIMIT 30", ['tag'=>$tag_search."%"]);
|
||||||
} else {
|
} else {
|
||||||
$tags = $database->execute("SELECT tag FROM tags WHERE tag LIKE ? AND count > 0 ORDER BY count DESC LIMIT 30", [$tag_search."%"]);
|
$tags = $database->execute("SELECT tag FROM tags WHERE tag LIKE :tag AND count > 0 ORDER BY count DESC LIMIT 30", ['tag'=>$tag_search."%"]);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -74,8 +74,8 @@ class DanbooruApi extends Extension
|
||||||
$idlist = explode(",", $_GET['id']);
|
$idlist = explode(",", $_GET['id']);
|
||||||
foreach ($idlist as $id) {
|
foreach ($idlist as $id) {
|
||||||
$sqlresult = $database->get_all(
|
$sqlresult = $database->get_all(
|
||||||
"SELECT id,tag,count FROM tags WHERE id = ?",
|
"SELECT id,tag,count FROM tags WHERE id = :id",
|
||||||
[$id]
|
['id'=>$id]
|
||||||
);
|
);
|
||||||
foreach ($sqlresult as $row) {
|
foreach ($sqlresult as $row) {
|
||||||
$results[] = [$row['count'], $row['tag'], $row['id']];
|
$results[] = [$row['count'], $row['tag'], $row['id']];
|
||||||
|
@ -86,9 +86,9 @@ class DanbooruApi extends Extension
|
||||||
foreach ($namelist as $name) {
|
foreach ($namelist as $name) {
|
||||||
$sqlresult = $database->get_all(
|
$sqlresult = $database->get_all(
|
||||||
$database->scoreql_to_sql(
|
$database->scoreql_to_sql(
|
||||||
"SELECT id,tag,count FROM tags WHERE SCORE_STRNORM(tag) = SCORE_STRNORM(?)"
|
"SELECT id,tag,count FROM tags WHERE SCORE_STRNORM(tag) = SCORE_STRNORM(:tag)"
|
||||||
),
|
),
|
||||||
[$name]
|
['tag'=>$name]
|
||||||
);
|
);
|
||||||
foreach ($sqlresult as $row) {
|
foreach ($sqlresult as $row) {
|
||||||
$results[] = [$row['count'], $row['tag'], $row['id']];
|
$results[] = [$row['count'], $row['tag'], $row['id']];
|
||||||
|
@ -102,8 +102,8 @@ class DanbooruApi extends Extension
|
||||||
} else {
|
} else {
|
||||||
$start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0;
|
$start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0;
|
||||||
$sqlresult = $database->get_all(
|
$sqlresult = $database->get_all(
|
||||||
"SELECT id,tag,count FROM tags WHERE count > 0 AND id >= ? ORDER BY id DESC",
|
"SELECT id,tag,count FROM tags WHERE count > 0 AND id >= :id ORDER BY id DESC",
|
||||||
[$start]
|
['id'=>$start]
|
||||||
);
|
);
|
||||||
foreach ($sqlresult as $row) {
|
foreach ($sqlresult as $row) {
|
||||||
$results[] = [$row['count'], $row['tag'], $row['id']];
|
$results[] = [$row['count'], $row['tag'], $row['id']];
|
||||||
|
|
|
@ -69,8 +69,8 @@ class Forum extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$threads_count = $database->get_one("SELECT COUNT(*) FROM forum_threads WHERE user_id=?", [$event->display_user->id]);
|
$threads_count = $database->get_one("SELECT COUNT(*) FROM forum_threads WHERE user_id=:user_id", ['user_id'=>$event->display_user->id]);
|
||||||
$posts_count = $database->get_one("SELECT COUNT(*) FROM forum_posts WHERE user_id=?", [$event->display_user->id]);
|
$posts_count = $database->get_one("SELECT COUNT(*) FROM forum_posts WHERE user_id=:user_id", ['user_id'=>$event->display_user->id]);
|
||||||
|
|
||||||
$days_old = ((time() - strtotime($event->display_user->join_date)) / 86400) + 1;
|
$days_old = ((time() - strtotime($event->display_user->join_date)) / 86400) + 1;
|
||||||
|
|
||||||
|
@ -183,7 +183,7 @@ class Forum extends Extension
|
||||||
private function get_total_pages_for_thread(int $threadID)
|
private function get_total_pages_for_thread(int $threadID)
|
||||||
{
|
{
|
||||||
global $database, $config;
|
global $database, $config;
|
||||||
$result = $database->get_row("SELECT COUNT(1) AS count FROM forum_posts WHERE thread_id = ?", [$threadID]);
|
$result = $database->get_row("SELECT COUNT(1) AS count FROM forum_posts WHERE thread_id = :thread_id", ['thread_id'=>$threadID]);
|
||||||
|
|
||||||
return ceil($result["count"] / $config->get_int("forumPostsPerPage"));
|
return ceil($result["count"] / $config->get_int("forumPostsPerPage"));
|
||||||
}
|
}
|
||||||
|
@ -238,7 +238,7 @@ class Forum extends Extension
|
||||||
private function get_thread_title(int $threadID)
|
private function get_thread_title(int $threadID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result = $database->get_row("SELECT t.title FROM forum_threads AS t WHERE t.id = ? ", [$threadID]);
|
$result = $database->get_row("SELECT t.title FROM forum_threads AS t WHERE t.id = :id ", ['id'=>$threadID]);
|
||||||
return $result["title"];
|
return $result["title"];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -283,7 +283,7 @@ class Forum extends Extension
|
||||||
global $config, $database;
|
global $config, $database;
|
||||||
$threadID = $event->get_arg(1);
|
$threadID = $event->get_arg(1);
|
||||||
$postsPerPage = $config->get_int('forumPostsPerPage', 15);
|
$postsPerPage = $config->get_int('forumPostsPerPage', 15);
|
||||||
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM forum_posts WHERE thread_id = ?", [$threadID]) / $postsPerPage);
|
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM forum_posts WHERE thread_id = :id", ['id'=>$threadID]) / $postsPerPage);
|
||||||
$threadTitle = $this->get_thread_title($threadID);
|
$threadTitle = $this->get_thread_title($threadID);
|
||||||
|
|
||||||
if ($event->count_args() >= 3) {
|
if ($event->count_args() >= 3) {
|
||||||
|
@ -329,8 +329,8 @@ class Forum extends Extension
|
||||||
INSERT INTO forum_threads
|
INSERT INTO forum_threads
|
||||||
(title, sticky, user_id, date, uptodate)
|
(title, sticky, user_id, date, uptodate)
|
||||||
VALUES
|
VALUES
|
||||||
(?, ?, ?, now(), now())",
|
(:title, :sticky, :user_id, now(), now())",
|
||||||
[$title, $sticky, $user->id]
|
['title'=>$title, 'sticky'=>$sticky, 'user_id'=>$user->id]
|
||||||
);
|
);
|
||||||
|
|
||||||
$threadID = $database->get_last_insert_id("forum_threads_id_seq");
|
$threadID = $database->get_last_insert_id("forum_threads_id_seq");
|
||||||
|
@ -350,16 +350,16 @@ class Forum extends Extension
|
||||||
$message = substr($message, 0, $max_characters);
|
$message = substr($message, 0, $max_characters);
|
||||||
|
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("INSERT INTO forum_posts
|
$database->execute("
|
||||||
(thread_id, user_id, date, message)
|
INSERT INTO forum_posts (thread_id, user_id, date, message)
|
||||||
VALUES
|
VALUES (:thread_id, :user_id, now(), :message)
|
||||||
(?, ?, now(), ?)", [$threadID, $userID, $message]);
|
", ['thread_id'=>$threadID, 'user_id'=>$userID, 'message'=>$message]);
|
||||||
|
|
||||||
$postID = $database->get_last_insert_id("forum_posts_id_seq");
|
$postID = $database->get_last_insert_id("forum_posts_id_seq");
|
||||||
|
|
||||||
log_info("forum", "Post {$postID} created by {$user->name}");
|
log_info("forum", "Post {$postID} created by {$user->name}");
|
||||||
|
|
||||||
$database->execute("UPDATE forum_threads SET uptodate=now() WHERE id=?", [$threadID]);
|
$database->execute("UPDATE forum_threads SET uptodate=now() WHERE id=:id", ['id'=>$threadID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function retrieve_posts(int $threadID, int $pageNumber)
|
private function retrieve_posts(int $threadID, int $pageNumber)
|
||||||
|
@ -382,24 +382,20 @@ class Forum extends Extension
|
||||||
private function delete_thread(int $threadID)
|
private function delete_thread(int $threadID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("DELETE FROM forum_threads WHERE id = ?", [$threadID]);
|
$database->execute("DELETE FROM forum_threads WHERE id = :id", ['id'=>$threadID]);
|
||||||
$database->execute("DELETE FROM forum_posts WHERE thread_id = ?", [$threadID]);
|
$database->execute("DELETE FROM forum_posts WHERE thread_id = :thread_id", ['thread_id'=>$threadID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function delete_post(int $postID)
|
private function delete_post(int $postID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("DELETE FROM forum_posts WHERE id = ?", [$postID]);
|
$database->execute("DELETE FROM forum_posts WHERE id = :id", ['id'=>$postID]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function threadExists(int $threadID)
|
private function threadExists(int $threadID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$result=$database->get_one("SELECT EXISTS (SELECT * FROM forum_threads WHERE id= ?)", [$threadID]);
|
$result=$database->get_one("SELECT EXISTS (SELECT * FROM forum_threads WHERE id=:id)", ['id'=>$threadID]);
|
||||||
if ($result==1) {
|
return $result == 1;
|
||||||
return true;
|
|
||||||
} else {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -115,8 +115,8 @@ class ImageBan extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->Execute(
|
$database->Execute(
|
||||||
"INSERT INTO image_bans (hash, reason, date) VALUES (?, ?, now())",
|
"INSERT INTO image_bans (hash, reason, date) VALUES (:hash, :reason, now())",
|
||||||
[$event->hash, $event->reason]
|
["hash"=>$event->hash, "reason"=>$event->reason]
|
||||||
);
|
);
|
||||||
log_info("image_hash_ban", "Banned hash {$event->hash} because '{$event->reason}'");
|
log_info("image_hash_ban", "Banned hash {$event->hash} because '{$event->reason}'");
|
||||||
}
|
}
|
||||||
|
@ -124,7 +124,7 @@ class ImageBan extends Extension
|
||||||
public function onRemoveImageHashBan(RemoveImageHashBanEvent $event)
|
public function onRemoveImageHashBan(RemoveImageHashBanEvent $event)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->Execute("DELETE FROM image_bans WHERE hash = ?", [$event->hash]);
|
$database->Execute("DELETE FROM image_bans WHERE hash = :hash", ["hash"=>$event->hash]);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function onImageAdminBlockBuilding(ImageAdminBlockBuildingEvent $event)
|
public function onImageAdminBlockBuilding(ImageAdminBlockBuildingEvent $event)
|
||||||
|
@ -147,12 +147,12 @@ class ImageBan extends Extension
|
||||||
$where = ["(1=1)"];
|
$where = ["(1=1)"];
|
||||||
$args = [];
|
$args = [];
|
||||||
if (!empty($_GET['hash'])) {
|
if (!empty($_GET['hash'])) {
|
||||||
$where[] = 'hash = ?';
|
$where[] = 'hash = :hash';
|
||||||
$args[] = $_GET['hash'];
|
$args['hash'] = $_GET['hash'];
|
||||||
}
|
}
|
||||||
if (!empty($_GET['reason'])) {
|
if (!empty($_GET['reason'])) {
|
||||||
$where[] = 'reason SCORE_ILIKE ?';
|
$where[] = 'reason SCORE_ILIKE :reason';
|
||||||
$args[] = "%".$_GET['reason']."%";
|
$args['reason'] = "%".$_GET['reason']."%";
|
||||||
}
|
}
|
||||||
$where = implode(" AND ", $where);
|
$where = implode(" AND ", $where);
|
||||||
$bans = $database->get_all($database->scoreql_to_sql("
|
$bans = $database->get_all($database->scoreql_to_sql("
|
||||||
|
|
|
@ -81,15 +81,15 @@ class NotATag extends Extension
|
||||||
$redirect = isset($_POST['redirect']) ? $_POST['redirect'] : "DNP";
|
$redirect = isset($_POST['redirect']) ? $_POST['redirect'] : "DNP";
|
||||||
|
|
||||||
$database->Execute(
|
$database->Execute(
|
||||||
"INSERT INTO untags(tag, redirect) VALUES (?, ?)",
|
"INSERT INTO untags(tag, redirect) VALUES (:tag, :redirect)",
|
||||||
[$tag, $redirect]
|
["tag"=>$tag, "redirect"=>$redirect]
|
||||||
);
|
);
|
||||||
|
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect($_SERVER['HTTP_REFERER']);
|
$page->set_redirect($_SERVER['HTTP_REFERER']);
|
||||||
} elseif ($event->get_arg(0) == "remove") {
|
} elseif ($event->get_arg(0) == "remove") {
|
||||||
if (isset($_POST['tag'])) {
|
if (isset($_POST['tag'])) {
|
||||||
$database->Execute($database->scoreql_to_sql("DELETE FROM untags WHERE SCORE_STRNORM(tag) = SCORE_STRNORM(?)"), [$_POST['tag']]);
|
$database->Execute($database->scoreql_to_sql("DELETE FROM untags WHERE SCORE_STRNORM(tag) = SCORE_STRNORM(:tag)"), ["tag"=>$_POST['tag']]);
|
||||||
|
|
||||||
flash_message("Image ban removed");
|
flash_message("Image ban removed");
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
|
@ -113,17 +113,15 @@ class NotATag extends Extension
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
// FIXME: many
|
// FIXME: many
|
||||||
$size_i = int_escape($size);
|
|
||||||
$offset_i = int_escape($page-1)*$size_i;
|
|
||||||
$where = ["(1=1)"];
|
$where = ["(1=1)"];
|
||||||
$args = [];
|
$args = ["limit"=>$size, "offset"=>($page-1)*$size];
|
||||||
if (!empty($_GET['tag'])) {
|
if (!empty($_GET['tag'])) {
|
||||||
$where[] = 'tag SCORE_ILIKE ?';
|
$where[] = 'tag SCORE_ILIKE :tag';
|
||||||
$args[] = "%".$_GET['tag']."%";
|
$args["tag"] = "%".$_GET['tag']."%";
|
||||||
}
|
}
|
||||||
if (!empty($_GET['redirect'])) {
|
if (!empty($_GET['redirect'])) {
|
||||||
$where[] = 'redirect SCORE_ILIKE ?';
|
$where[] = 'redirect SCORE_ILIKE :redirect';
|
||||||
$args[] = "%".$_GET['redirect']."%";
|
$args["redirect"] = "%".$_GET['redirect']."%";
|
||||||
}
|
}
|
||||||
$where = implode(" AND ", $where);
|
$where = implode(" AND ", $where);
|
||||||
$bans = $database->get_all($database->scoreql_to_sql("
|
$bans = $database->get_all($database->scoreql_to_sql("
|
||||||
|
@ -131,13 +129,9 @@ class NotATag extends Extension
|
||||||
FROM untags
|
FROM untags
|
||||||
WHERE $where
|
WHERE $where
|
||||||
ORDER BY tag
|
ORDER BY tag
|
||||||
LIMIT $size_i
|
LIMIT :limit
|
||||||
OFFSET $offset_i
|
OFFSET :offset
|
||||||
"), $args);
|
"), $args);
|
||||||
if ($bans) {
|
return $bans;
|
||||||
return $bans;
|
|
||||||
} else {
|
|
||||||
return [];
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -220,13 +220,12 @@ class Notes extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
return $database->get_all(
|
return $database->get_all("
|
||||||
"SELECT * ".
|
SELECT *
|
||||||
"FROM notes ".
|
FROM notes
|
||||||
"WHERE enable = ? AND image_id = ? ".
|
WHERE enable = :enable AND image_id = :image_id
|
||||||
"ORDER BY date ASC",
|
ORDER BY date ASC
|
||||||
['1', $imageID]
|
", ['enable'=>'1', 'image_id'=>$imageID]);
|
||||||
);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
@ -248,24 +247,19 @@ class Notes extends Extension
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO notes (enable, image_id, user_id, user_ip, date, x1, y1, height, width, note)
|
INSERT INTO notes (enable, image_id, user_id, user_ip, date, x1, y1, height, width, note)
|
||||||
VALUES (?, ?, ?, ?, now(), ?, ?, ?, ?, ?)",
|
VALUES (:enable, :image_id, :user_id, :user_ip, now(), :x1, :y1, :height, :width, :note)",
|
||||||
[1, $imageID, $user_id, $_SERVER['REMOTE_ADDR'], $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText]
|
['enable'=>1, 'image_id'=>$imageID, 'user_id'=>$user_id, 'user_ip'=>$_SERVER['REMOTE_ADDR'], 'x1'=>$noteX1, 'y1'=>$noteY1, 'height'=>$noteHeight, 'width'=>$noteWidth, 'note'=>$noteText]
|
||||||
);
|
);
|
||||||
|
|
||||||
$noteID = $database->get_last_insert_id('notes_id_seq');
|
$noteID = $database->get_last_insert_id('notes_id_seq');
|
||||||
|
|
||||||
log_info("notes", "Note added {$noteID} by {$user->name}");
|
log_info("notes", "Note added {$noteID} by {$user->name}");
|
||||||
|
|
||||||
$database->execute("UPDATE images SET notes=(SELECT COUNT(*) FROM notes WHERE image_id=?) WHERE id=?", [$imageID, $imageID]);
|
$database->execute("UPDATE images SET notes=(SELECT COUNT(*) FROM notes WHERE image_id=:id1) WHERE id=:id2", ['id1'=>$imageID, 'id2'=>$imageID]);
|
||||||
|
|
||||||
$this->add_history(1, $noteID, $imageID, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText);
|
$this->add_history(1, $noteID, $imageID, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* HERE WE ADD A REQUEST TO DATABASE
|
|
||||||
*/
|
|
||||||
private function add_note_request()
|
private function add_note_request()
|
||||||
{
|
{
|
||||||
global $database, $user;
|
global $database, $user;
|
||||||
|
@ -276,8 +270,8 @@ class Notes extends Extension
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO note_request (image_id, user_id, date)
|
INSERT INTO note_request (image_id, user_id, date)
|
||||||
VALUES (?, ?, now())",
|
VALUES (:image_id, :user_id, now())",
|
||||||
[$image_id, $user_id]
|
['image_id'=>$image_id, 'user_id'=>$user_id]
|
||||||
);
|
);
|
||||||
|
|
||||||
$resultID = $database->get_last_insert_id('note_request_id_seq');
|
$resultID = $database->get_last_insert_id('note_request_id_seq');
|
||||||
|
@ -285,23 +279,18 @@ class Notes extends Extension
|
||||||
log_info("notes", "Note requested {$resultID} by {$user->name}");
|
log_info("notes", "Note requested {$resultID} by {$user->name}");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* HERE WE EDIT THE NOTE
|
|
||||||
*/
|
|
||||||
private function update_note()
|
private function update_note()
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$note = [
|
$note = [
|
||||||
"noteX1" => int_escape($_POST["note_x1"]),
|
"x1" => int_escape($_POST["note_x1"]),
|
||||||
"noteY1" => int_escape($_POST["note_y1"]),
|
"y1" => int_escape($_POST["note_y1"]),
|
||||||
"noteHeight" => int_escape($_POST["note_height"]),
|
"height" => int_escape($_POST["note_height"]),
|
||||||
"noteWidth" => int_escape($_POST["note_width"]),
|
"width" => int_escape($_POST["note_width"]),
|
||||||
"noteText" => sql_escape(html_escape($_POST["note_text"])),
|
"note" => sql_escape(html_escape($_POST["note_text"])),
|
||||||
"imageID" => int_escape($_POST["image_id"]),
|
"image_id" => int_escape($_POST["image_id"]),
|
||||||
"noteID" => int_escape($_POST["note_id"])
|
"id" => int_escape($_POST["note_id"])
|
||||||
];
|
];
|
||||||
|
|
||||||
// validate parameters
|
// validate parameters
|
||||||
|
@ -309,21 +298,14 @@ class Notes extends Extension
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$database->execute("UPDATE notes ".
|
$database->execute("
|
||||||
"SET x1 = ?, ".
|
UPDATE notes
|
||||||
"y1 = ?, ".
|
SET x1 = :x1, y1 = :y1, height = :height, width = :width, note = :note
|
||||||
"height = ?, ".
|
WHERE image_id = :image_id AND id = :id", $note);
|
||||||
"width = ?,".
|
|
||||||
"note = ? ".
|
|
||||||
"WHERE image_id = ? AND id = ?", array_values($note));
|
|
||||||
|
|
||||||
$this->add_history(1, $note['noteID'], $note['imageID'], $note['noteX1'], $note['noteY1'], $note['noteHeight'], $note['noteWidth'], $note['noteText']);
|
$this->add_history(1, $note['id'], $note['image_id'], $note['x1'], $note['y1'], $note['height'], $note['width'], $note['note']);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* HERE WE DELETE THE NOTE
|
|
||||||
*/
|
|
||||||
private function delete_note()
|
private function delete_note()
|
||||||
{
|
{
|
||||||
global $user, $database;
|
global $user, $database;
|
||||||
|
@ -336,44 +318,32 @@ class Notes extends Extension
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
$database->execute("UPDATE notes ".
|
$database->execute("
|
||||||
"SET enable = ? ".
|
UPDATE notes SET enable = :enable
|
||||||
"WHERE image_id = ? AND id = ?", [0, $imageID, $noteID]);
|
WHERE image_id = :image_id AND id = :id
|
||||||
|
", ['enable'=>0, 'image_id'=>$imageID, 'id'=>$noteID]);
|
||||||
|
|
||||||
log_info("notes", "Note deleted {$noteID} by {$user->name}");
|
log_info("notes", "Note deleted {$noteID} by {$user->name}");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* HERE WE DELETE ALL NOTES FROM IMAGE
|
|
||||||
*/
|
|
||||||
private function nuke_notes()
|
private function nuke_notes()
|
||||||
{
|
{
|
||||||
global $database, $user;
|
global $database, $user;
|
||||||
$image_id = int_escape($_POST["image_id"]);
|
$image_id = int_escape($_POST["image_id"]);
|
||||||
$database->execute("DELETE FROM notes WHERE image_id = ?", [$image_id]);
|
$database->execute("DELETE FROM notes WHERE image_id = :image_id", ['image_id'=>$image_id]);
|
||||||
log_info("notes", "Notes deleted from {$image_id} by {$user->name}");
|
log_info("notes", "Notes deleted from {$image_id} by {$user->name}");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* HERE WE DELETE ALL REQUESTS FOR IMAGE
|
|
||||||
*/
|
|
||||||
private function nuke_requests()
|
private function nuke_requests()
|
||||||
{
|
{
|
||||||
global $database, $user;
|
global $database, $user;
|
||||||
$image_id = int_escape($_POST["image_id"]);
|
$image_id = int_escape($_POST["image_id"]);
|
||||||
|
|
||||||
$database->execute("DELETE FROM note_request WHERE image_id = ?", [$image_id]);
|
$database->execute("DELETE FROM note_request WHERE image_id = :image_id", ['image_id'=>$image_id]);
|
||||||
|
|
||||||
log_info("notes", "Requests deleted from {$image_id} by {$user->name}");
|
log_info("notes", "Requests deleted from {$image_id} by {$user->name}");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* HERE WE ALL IMAGES THAT HAVE NOTES
|
|
||||||
*/
|
|
||||||
private function get_notes_list(PageRequestEvent $event)
|
private function get_notes_list(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
global $database, $config;
|
global $database, $config;
|
||||||
|
@ -382,13 +352,13 @@ class Notes extends Extension
|
||||||
|
|
||||||
$notesPerPage = $config->get_int('notesNotesPerPage');
|
$notesPerPage = $config->get_int('notesNotesPerPage');
|
||||||
|
|
||||||
//$result = $database->get_all("SELECT * FROM pool_images WHERE pool_id=?", array($poolID));
|
//$result = $database->get_all("SELECT * FROM pool_images WHERE pool_id=:pool_id", ['pool_id'=>$poolID]);
|
||||||
$result = $database->execute(
|
$result = $database->execute("
|
||||||
"SELECT DISTINCT image_id".
|
SELECT DISTINCT image_id
|
||||||
"FROM notes ".
|
FROM notes
|
||||||
"WHERE enable = ? ".
|
WHERE enable = :enable
|
||||||
"ORDER BY date DESC LIMIT ?, ?",
|
ORDER BY date DESC LIMIT :limit OFFSET :offset",
|
||||||
[1, $pageNumber * $notesPerPage, $notesPerPage]
|
['enable'=>1, 'offset'=>$pageNumber * $notesPerPage, 'limit'=>$notesPerPage]
|
||||||
);
|
);
|
||||||
|
|
||||||
$totalPages = ceil($database->get_one("SELECT COUNT(DISTINCT image_id) FROM notes") / $notesPerPage);
|
$totalPages = ceil($database->get_one("SELECT COUNT(DISTINCT image_id) FROM notes") / $notesPerPage);
|
||||||
|
@ -401,9 +371,6 @@ class Notes extends Extension
|
||||||
$this->theme->display_note_list($images, $pageNumber + 1, $totalPages);
|
$this->theme->display_note_list($images, $pageNumber + 1, $totalPages);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* HERE WE GET ALL NOTE REQUESTS
|
|
||||||
*/
|
|
||||||
private function get_notes_requests(PageRequestEvent $event)
|
private function get_notes_requests(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
global $config, $database;
|
global $config, $database;
|
||||||
|
@ -413,15 +380,15 @@ class Notes extends Extension
|
||||||
$requestsPerPage = $config->get_int('notesRequestsPerPage');
|
$requestsPerPage = $config->get_int('notesRequestsPerPage');
|
||||||
|
|
||||||
|
|
||||||
//$result = $database->get_all("SELECT * FROM pool_images WHERE pool_id=?", array($poolID));
|
//$result = $database->get_all("SELECT * FROM pool_images WHERE pool_id=:pool_id", ['pool_id'=>$poolID]);
|
||||||
|
|
||||||
|
|
||||||
$result = $database->execute(
|
$result = $database->execute(
|
||||||
"
|
"
|
||||||
SELECT DISTINCT image_id
|
SELECT DISTINCT image_id
|
||||||
FROM note_request
|
FROM note_request
|
||||||
ORDER BY date DESC LIMIT ?, ?",
|
ORDER BY date DESC LIMIT :limit OFFSET :offset",
|
||||||
[$pageNumber * $requestsPerPage, $requestsPerPage]
|
["offset"=>$pageNumber * $requestsPerPage, "limit"=>$requestsPerPage]
|
||||||
);
|
);
|
||||||
|
|
||||||
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM note_request") / $requestsPerPage);
|
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM note_request") / $requestsPerPage);
|
||||||
|
@ -434,30 +401,23 @@ class Notes extends Extension
|
||||||
$this->theme->display_note_requests($images, $pageNumber + 1, $totalPages);
|
$this->theme->display_note_requests($images, $pageNumber + 1, $totalPages);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
/*
|
|
||||||
* HERE WE ADD HISTORY TO TRACK THE CHANGES OF THE NOTES FOR THE IMAGES.
|
|
||||||
*/
|
|
||||||
private function add_history($noteEnable, $noteID, $imageID, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText)
|
private function add_history($noteEnable, $noteID, $imageID, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText)
|
||||||
{
|
{
|
||||||
global $user, $database;
|
global $user, $database;
|
||||||
|
|
||||||
$reviewID = $database->get_one("SELECT COUNT(*) FROM note_histories WHERE note_id = ?", [$noteID]);
|
$reviewID = $database->get_one("SELECT COUNT(*) FROM note_histories WHERE note_id = :note_id", ['note_id'=>$noteID]);
|
||||||
$reviewID = $reviewID + 1;
|
$reviewID = $reviewID + 1;
|
||||||
|
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO note_histories (note_enable, note_id, review_id, image_id, user_id, user_ip, date, x1, y1, height, width, note)
|
INSERT INTO note_histories (note_enable, note_id, review_id, image_id, user_id, user_ip, date, x1, y1, height, width, note)
|
||||||
VALUES (?, ?, ?, ?, ?, ?, now(), ?, ?, ?, ?, ?)",
|
VALUES (:note_enable, :note_id, :review_id, :image_id, :user_id, :user_ip, now(), :x1, :y1, :height, :width, :note)
|
||||||
[$noteEnable, $noteID, $reviewID, $imageID, $user->id, $_SERVER['REMOTE_ADDR'], $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText]
|
",
|
||||||
|
['note_enable'=>$noteEnable, 'note_id'=>$noteID, 'review_id'=>$reviewID, 'image_id'=>$imageID, 'user_id'=>$user->id, 'user_ip'=>$_SERVER['REMOTE_ADDR'],
|
||||||
|
'x1'=>$noteX1, 'y1'=>$noteY1, 'height'=>$noteHeight, 'width'=>$noteWidth, 'note'=>$noteText]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* HERE WE GET ALL HISTORIES.
|
|
||||||
*/
|
|
||||||
private function get_histories(PageRequestEvent $event)
|
private function get_histories(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
global $config, $database;
|
global $config, $database;
|
||||||
|
@ -472,8 +432,8 @@ class Notes extends Extension
|
||||||
"FROM note_histories AS h ".
|
"FROM note_histories AS h ".
|
||||||
"INNER JOIN users AS u ".
|
"INNER JOIN users AS u ".
|
||||||
"ON u.id = h.user_id ".
|
"ON u.id = h.user_id ".
|
||||||
"ORDER BY date DESC LIMIT ?, ?",
|
"ORDER BY date DESC LIMIT :limit OFFSET :offset",
|
||||||
[$pageNumber * $historiesPerPage, $historiesPerPage]
|
['offset'=>$pageNumber * $historiesPerPage, 'limit'=>$historiesPerPage]
|
||||||
);
|
);
|
||||||
|
|
||||||
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM note_histories") / $historiesPerPage);
|
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM note_histories") / $historiesPerPage);
|
||||||
|
@ -481,10 +441,6 @@ class Notes extends Extension
|
||||||
$this->theme->display_histories($histories, $pageNumber + 1, $totalPages);
|
$this->theme->display_histories($histories, $pageNumber + 1, $totalPages);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
|
||||||
* HERE WE THE HISTORY FOR A SPECIFIC NOTE.
|
|
||||||
*/
|
|
||||||
private function get_history(PageRequestEvent $event)
|
private function get_history(PageRequestEvent $event)
|
||||||
{
|
{
|
||||||
global $config, $database;
|
global $config, $database;
|
||||||
|
@ -499,12 +455,12 @@ class Notes extends Extension
|
||||||
"FROM note_histories AS h ".
|
"FROM note_histories AS h ".
|
||||||
"INNER JOIN users AS u ".
|
"INNER JOIN users AS u ".
|
||||||
"ON u.id = h.user_id ".
|
"ON u.id = h.user_id ".
|
||||||
"WHERE note_id = ? ".
|
"WHERE note_id = :note_id ".
|
||||||
"ORDER BY date DESC LIMIT ?, ?",
|
"ORDER BY date DESC LIMIT :limit OFFSET :offset",
|
||||||
[$noteID, $pageNumber * $historiesPerPage, $historiesPerPage]
|
['note_id'=>$noteID, 'offset'=>$pageNumber * $historiesPerPage, 'limit'=>$historiesPerPage]
|
||||||
);
|
);
|
||||||
|
|
||||||
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM note_histories WHERE note_id = ?", [$noteID]) / $historiesPerPage);
|
$totalPages = ceil($database->get_one("SELECT COUNT(*) FROM note_histories WHERE note_id = :note_id", ['note_id'=>$noteID]) / $historiesPerPage);
|
||||||
|
|
||||||
$this->theme->display_history($histories, $pageNumber + 1, $totalPages);
|
$this->theme->display_history($histories, $pageNumber + 1, $totalPages);
|
||||||
}
|
}
|
||||||
|
@ -516,7 +472,7 @@ class Notes extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$history = $database->get_row("SELECT * FROM note_histories WHERE note_id = ? AND review_id = ?", [$noteID, $reviewID]);
|
$history = $database->get_row("SELECT * FROM note_histories WHERE note_id = :note_id AND review_id = :review_id", ['note_id'=>$noteID, 'review_id'=>$reviewID]);
|
||||||
|
|
||||||
$noteEnable = $history['note_enable'];
|
$noteEnable = $history['note_enable'];
|
||||||
$noteID = $history['note_id'];
|
$noteID = $history['note_id'];
|
||||||
|
@ -527,12 +483,11 @@ class Notes extends Extension
|
||||||
$noteWidth = $history['width'];
|
$noteWidth = $history['width'];
|
||||||
$noteText = $history['note'];
|
$noteText = $history['note'];
|
||||||
|
|
||||||
$database->execute(
|
$database->execute("
|
||||||
"UPDATE notes ".
|
UPDATE notes
|
||||||
"SET enable = ?, x1 = ?, y1 = ?, height = ?, width = ?, note = ? ".
|
SET enable = :enable, x1 = :x1, y1 = :y1, height = :height, width = :width, note = :note
|
||||||
"WHERE image_id = ? AND id = ?",
|
WHERE image_id = :image_id AND id = :id
|
||||||
[1, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText, $imageID, $noteID]
|
", ['enable'=>1, 'x1'=>$noteX1, 'y1'=>$noteY1, 'height'=>$noteHeight, 'width'=>$noteWidth, 'note'=>$noteText, 'image_id'=>$imageID, 'id'=>$noteID]);
|
||||||
);
|
|
||||||
|
|
||||||
$this->add_history($noteEnable, $noteID, $imageID, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText);
|
$this->add_history($noteEnable, $noteID, $imageID, $noteX1, $noteY1, $noteHeight, $noteWidth, $noteText);
|
||||||
}
|
}
|
||||||
|
|
|
@ -49,8 +49,8 @@ class NumericScore extends Extension
|
||||||
"SELECT users.name as username, user_id, score
|
"SELECT users.name as username, user_id, score
|
||||||
FROM numeric_score_votes
|
FROM numeric_score_votes
|
||||||
JOIN users ON numeric_score_votes.user_id=users.id
|
JOIN users ON numeric_score_votes.user_id=users.id
|
||||||
WHERE image_id=?",
|
WHERE image_id=:image_id",
|
||||||
[$image_id]
|
['image_id'=>$image_id]
|
||||||
);
|
);
|
||||||
$html = "<table style='width: 100%;'>";
|
$html = "<table style='width: 100%;'>";
|
||||||
foreach ($x as $vote) {
|
foreach ($x as $vote) {
|
||||||
|
@ -83,12 +83,12 @@ class NumericScore extends Extension
|
||||||
if ($user->can(Permissions::EDIT_OTHER_VOTE)) {
|
if ($user->can(Permissions::EDIT_OTHER_VOTE)) {
|
||||||
$image_id = int_escape($_POST['image_id']);
|
$image_id = int_escape($_POST['image_id']);
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"DELETE FROM numeric_score_votes WHERE image_id=?",
|
"DELETE FROM numeric_score_votes WHERE image_id=:image_id",
|
||||||
[$image_id]
|
['image_id'=>$image_id]
|
||||||
);
|
);
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"UPDATE images SET numeric_score=0 WHERE id=?",
|
"UPDATE images SET numeric_score=0 WHERE id=:id",
|
||||||
[$image_id]
|
['id'=>$image_id]
|
||||||
);
|
);
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link("post/view/$image_id"));
|
$page->set_redirect(make_link("post/view/$image_id"));
|
||||||
|
@ -177,7 +177,7 @@ class NumericScore extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$image_ids = $database->get_col("SELECT image_id FROM numeric_score_votes WHERE user_id=?", [$user_id]);
|
$image_ids = $database->get_col("SELECT image_id FROM numeric_score_votes WHERE user_id=:user_id", ['user_id'=>$user_id]);
|
||||||
|
|
||||||
if (count($image_ids) == 0) {
|
if (count($image_ids) == 0) {
|
||||||
return;
|
return;
|
||||||
|
@ -188,8 +188,8 @@ class NumericScore extends Extension
|
||||||
foreach (array_chunk($image_ids, 20) as $chunk) {
|
foreach (array_chunk($image_ids, 20) as $chunk) {
|
||||||
$id_list = implode(",", $chunk);
|
$id_list = implode(",", $chunk);
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"DELETE FROM numeric_score_votes WHERE user_id=? AND image_id IN (".$id_list.")",
|
"DELETE FROM numeric_score_votes WHERE user_id=:user_id AND image_id IN (".$id_list.")",
|
||||||
[$user_id]
|
['user_id'=>$user_id]
|
||||||
);
|
);
|
||||||
$database->execute("
|
$database->execute("
|
||||||
UPDATE images
|
UPDATE images
|
||||||
|
|
|
@ -75,7 +75,7 @@ class PostTitles extends Extension
|
||||||
private function set_title(int $image_id, string $title)
|
private function set_title(int $image_id, string $title)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->Execute("UPDATE images SET title=? WHERE id=?", [$title, $image_id]);
|
$database->Execute("UPDATE images SET title=:title WHERE id=:id", ['title'=>$title, 'id'=>$image_id]);
|
||||||
log_info("post_titles", "Title for Image #{$image_id} set to: ".$title);
|
log_info("post_titles", "Title for Image #{$image_id} set to: ".$title);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -400,10 +400,10 @@ class Ratings extends Extension
|
||||||
$n += 100;
|
$n += 100;
|
||||||
}
|
}
|
||||||
#$database->execute("
|
#$database->execute("
|
||||||
# update images set rating=? where images.id in (
|
# update images set rating=:rating where images.id in (
|
||||||
# select image_id from image_tags join tags
|
# select image_id from image_tags join tags
|
||||||
# on image_tags.tag_id = tags.id where tags.tag = ?);
|
# on image_tags.tag_id = tags.id where tags.tag = :tag);
|
||||||
# ", array($_POST["rating"], $_POST["tag"]));
|
# ", ['rating'=>$_POST["rating"], 'tag'=>$_POST["tag"]]);
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(make_link("post/list"));
|
$page->set_redirect(make_link("post/list"));
|
||||||
}
|
}
|
||||||
|
@ -586,7 +586,7 @@ class Ratings extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
if ($old_rating != $rating) {
|
if ($old_rating != $rating) {
|
||||||
$database->Execute("UPDATE images SET rating=? WHERE id=?", [$rating, $image_id]);
|
$database->Execute("UPDATE images SET rating=:rating WHERE id=:id", ['rating'=>$rating, 'id'=>$image_id]);
|
||||||
log_info("rating", "Rating for Image #{$image_id} set to: ".$this->rating_to_human($rating));
|
log_info("rating", "Rating for Image #{$image_id} set to: ".$this->rating_to_human($rating));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -84,8 +84,8 @@ class ReportImage extends Extension
|
||||||
log_info("report_image", "Adding report of Image #{$event->report->image_id} with reason '{$event->report->reason}'", null, ["image_id" => $event->report->image_id]);
|
log_info("report_image", "Adding report of Image #{$event->report->image_id} with reason '{$event->report->reason}'", null, ["image_id" => $event->report->image_id]);
|
||||||
$database->Execute(
|
$database->Execute(
|
||||||
"INSERT INTO image_reports(image_id, reporter_id, reason)
|
"INSERT INTO image_reports(image_id, reporter_id, reason)
|
||||||
VALUES (?, ?, ?)",
|
VALUES (:image_id, :reporter_id, :reason)",
|
||||||
[$event->report->image_id, $event->report->user_id, $event->report->reason]
|
['image_id'=>$event->report->image_id, 'reporter_id'=>$event->report->user_id, 'reason'=>$event->report->reason]
|
||||||
);
|
);
|
||||||
$cache->delete("image-report-count");
|
$cache->delete("image-report-count");
|
||||||
}
|
}
|
||||||
|
@ -93,7 +93,7 @@ class ReportImage extends Extension
|
||||||
public function onRemoveReportedImage(RemoveReportedImageEvent $event)
|
public function onRemoveReportedImage(RemoveReportedImageEvent $event)
|
||||||
{
|
{
|
||||||
global $cache, $database;
|
global $cache, $database;
|
||||||
$database->Execute("DELETE FROM image_reports WHERE id = ?", [$event->id]);
|
$database->Execute("DELETE FROM image_reports WHERE id = :id", ["id"=>$event->id]);
|
||||||
$cache->delete("image-report-count");
|
$cache->delete("image-report-count");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -141,7 +141,7 @@ class ReportImage extends Extension
|
||||||
public function onImageDeletion(ImageDeletionEvent $event)
|
public function onImageDeletion(ImageDeletionEvent $event)
|
||||||
{
|
{
|
||||||
global $cache, $database;
|
global $cache, $database;
|
||||||
$database->Execute("DELETE FROM image_reports WHERE image_id = ?", [$event->image->id]);
|
$database->Execute("DELETE FROM image_reports WHERE image_id = :image_id", ["image_id"=>$event->image->id]);
|
||||||
$cache->delete("image-report-count");
|
$cache->delete("image-report-count");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -168,7 +168,7 @@ class ReportImage extends Extension
|
||||||
public function delete_reports_by(int $user_id)
|
public function delete_reports_by(int $user_id)
|
||||||
{
|
{
|
||||||
global $cache, $database;
|
global $cache, $database;
|
||||||
$database->execute("DELETE FROM image_reports WHERE reporter_id=?", [$user_id]);
|
$database->execute("DELETE FROM image_reports WHERE reporter_id=:reporter_id", ['reporter_id'=>$user_id]);
|
||||||
$cache->delete("image-report-count");
|
$cache->delete("image-report-count");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -39,7 +39,7 @@ class Rule34 extends Extension
|
||||||
{
|
{
|
||||||
global $database, $user, $config;
|
global $database, $user, $config;
|
||||||
if ($user->can(Permissions::CHANGE_SETTING) && $config->get_bool('r34_comic_integration')) {
|
if ($user->can(Permissions::CHANGE_SETTING) && $config->get_bool('r34_comic_integration')) {
|
||||||
$current_state = bool_escape($database->get_one("SELECT comic_admin FROM users WHERE id=?", [$event->display_user->id]));
|
$current_state = bool_escape($database->get_one("SELECT comic_admin FROM users WHERE id=:id", ['id'=>$event->display_user->id]));
|
||||||
$this->theme->show_comic_changer($event->display_user, $current_state);
|
$this->theme->show_comic_changer($event->display_user, $current_state);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -84,8 +84,8 @@ class Rule34 extends Extension
|
||||||
'is_admin' => 'bool',
|
'is_admin' => 'bool',
|
||||||
]);
|
]);
|
||||||
$database->execute(
|
$database->execute(
|
||||||
'UPDATE users SET comic_admin=? WHERE id=?',
|
'UPDATE users SET comic_admin=:is_admin WHERE id=:id',
|
||||||
[$input['is_admin'] ? 't' : 'f', $input['user_id']]
|
['is_admin'=>$input['is_admin'] ? 't' : 'f', 'id'=>$input['user_id']]
|
||||||
);
|
);
|
||||||
$page->set_mode(PageMode::REDIRECT);
|
$page->set_mode(PageMode::REDIRECT);
|
||||||
$page->set_redirect(@$_SERVER['HTTP_REFERER']);
|
$page->set_redirect(@$_SERVER['HTTP_REFERER']);
|
||||||
|
|
|
@ -98,7 +98,7 @@ class ShimmieApi extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
if (!empty($arg)) {
|
if (!empty($arg)) {
|
||||||
$all = $database->get_all("SELECT tag FROM tags WHERE tag LIKE ?", [$arg . "%"]);
|
$all = $database->get_all("SELECT tag FROM tags WHERE tag LIKE :tag", ['tag'=>$arg . "%"]);
|
||||||
} else {
|
} else {
|
||||||
$all = $database->get_all("SELECT tag FROM tags");
|
$all = $database->get_all("SELECT tag FROM tags");
|
||||||
}
|
}
|
||||||
|
@ -113,8 +113,8 @@ class ShimmieApi extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$all = $database->get_row(
|
$all = $database->get_row(
|
||||||
"SELECT id, name, joindate, class FROM users WHERE $type=?",
|
"SELECT id, name, joindate, class FROM users WHERE $type=:query",
|
||||||
[$query]
|
['query'=>$query]
|
||||||
);
|
);
|
||||||
|
|
||||||
if (!empty($all)) {
|
if (!empty($all)) {
|
||||||
|
@ -131,8 +131,8 @@ class ShimmieApi extends Extension
|
||||||
|
|
||||||
if (isset($_GET['recent'])) {
|
if (isset($_GET['recent'])) {
|
||||||
$recent = $database->get_all(
|
$recent = $database->get_all(
|
||||||
"SELECT * FROM images WHERE owner_id=? ORDER BY id DESC LIMIT 0, 5",
|
"SELECT * FROM images WHERE owner_id=:owner_id ORDER BY id DESC LIMIT 0, 5",
|
||||||
[$all['id']]
|
['owner_id'=>$all['id']]
|
||||||
);
|
);
|
||||||
|
|
||||||
$i = 0;
|
$i = 0;
|
||||||
|
|
|
@ -215,36 +215,34 @@ class SourceHistory extends Extension
|
||||||
SELECT source_histories.*, users.name
|
SELECT source_histories.*, users.name
|
||||||
FROM source_histories
|
FROM source_histories
|
||||||
JOIN users ON source_histories.user_id = users.id
|
JOIN users ON source_histories.user_id = users.id
|
||||||
WHERE source_histories.id = ?", [$revert_id]);
|
WHERE source_histories.id = :id", ["id"=>$revert_id]);
|
||||||
return ($row ? $row : null);
|
return ($row ? $row : null);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get_source_history_from_id(int $image_id): array
|
public function get_source_history_from_id(int $image_id): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$row = $database->get_all(
|
return $database->get_all(
|
||||||
"
|
"
|
||||||
SELECT source_histories.*, users.name
|
SELECT source_histories.*, users.name
|
||||||
FROM source_histories
|
FROM source_histories
|
||||||
JOIN users ON source_histories.user_id = users.id
|
JOIN users ON source_histories.user_id = users.id
|
||||||
WHERE image_id = ?
|
WHERE image_id = :image_id
|
||||||
ORDER BY source_histories.id DESC",
|
ORDER BY source_histories.id DESC",
|
||||||
[$image_id]
|
["image_id"=>$image_id]
|
||||||
);
|
);
|
||||||
return ($row ? $row : []);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get_global_source_history(int $page_id): array
|
public function get_global_source_history(int $page_id): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$row = $database->get_all("
|
return $database->get_all("
|
||||||
SELECT source_histories.*, users.name
|
SELECT source_histories.*, users.name
|
||||||
FROM source_histories
|
FROM source_histories
|
||||||
JOIN users ON source_histories.user_id = users.id
|
JOIN users ON source_histories.user_id = users.id
|
||||||
ORDER BY source_histories.id DESC
|
ORDER BY source_histories.id DESC
|
||||||
LIMIT 100 OFFSET :offset
|
LIMIT 100 OFFSET :offset
|
||||||
", ["offset" => ($page_id-1)*100]);
|
", ["offset" => ($page_id-1)*100]);
|
||||||
return ($row ? $row : []);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -263,19 +261,19 @@ class SourceHistory extends Extension
|
||||||
$this->theme->add_status($name, "user not found");
|
$this->theme->add_status($name, "user not found");
|
||||||
return;
|
return;
|
||||||
} else {
|
} else {
|
||||||
$select_code[] = 'user_id = ?';
|
$select_code[] = 'user_id = :user_id';
|
||||||
$select_args[] = $duser->id;
|
$select_args['user_id'] = $duser->id;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_null($ip)) {
|
if (!is_null($ip)) {
|
||||||
$select_code[] = 'user_ip = ?';
|
$select_code[] = 'user_ip = :user_ip';
|
||||||
$select_args[] = $ip;
|
$select_args['user_ip'] = $ip;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_null($date)) {
|
if (!is_null($date)) {
|
||||||
$select_code[] = 'date_set >= ?';
|
$select_code[] = 'date_set >= :date_set';
|
||||||
$select_args[] = $date;
|
$select_args['date_set'] = $date;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (count($select_code) == 0) {
|
if (count($select_code) == 0) {
|
||||||
|
@ -369,13 +367,13 @@ class SourceHistory extends Extension
|
||||||
}
|
}
|
||||||
|
|
||||||
// if the image has no history, make one with the old source
|
// if the image has no history, make one with the old source
|
||||||
$entries = $database->get_one("SELECT COUNT(*) FROM source_histories WHERE image_id = ?", [$image->id]);
|
$entries = $database->get_one("SELECT COUNT(*) FROM source_histories WHERE image_id = :image_id", ['image_id'=>$image->id]);
|
||||||
if ($entries == 0 && !empty($old_source)) {
|
if ($entries == 0 && !empty($old_source)) {
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO source_histories(image_id, source, user_id, user_ip, date_set)
|
INSERT INTO source_histories(image_id, source, user_id, user_ip, date_set)
|
||||||
VALUES (?, ?, ?, ?, now())",
|
VALUES (:image_id, :source, :user_id, :user_ip, now())",
|
||||||
[$image->id, $old_source, $config->get_int('anon_id'), '127.0.0.1']
|
["image_id"=>$image->id, "source"=>$old_tags, "user_id"=>$config->get_int('anon_id'), "user_ip"=>'127.0.0.1']
|
||||||
);
|
);
|
||||||
$entries++;
|
$entries++;
|
||||||
}
|
}
|
||||||
|
@ -384,8 +382,8 @@ class SourceHistory extends Extension
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO source_histories(image_id, source, user_id, user_ip, date_set)
|
INSERT INTO source_histories(image_id, source, user_id, user_ip, date_set)
|
||||||
VALUES (?, ?, ?, ?, now())",
|
VALUES (:image_id, :source, :user_id, :user_ip, now())",
|
||||||
[$image->id, $new_source, $user->id, $_SERVER['REMOTE_ADDR']]
|
["image_id"=>$image->id, "source"=>$new_source, "user_id"=>$user->id, "user_ip"=>$_SERVER['REMOTE_ADDR']]
|
||||||
);
|
);
|
||||||
$entries++;
|
$entries++;
|
||||||
|
|
||||||
|
@ -402,8 +400,8 @@ class SourceHistory extends Extension
|
||||||
http://dev.mysql.com/doc/refman/5.1/en/subquery-restrictions.html
|
http://dev.mysql.com/doc/refman/5.1/en/subquery-restrictions.html
|
||||||
http://stackoverflow.com/questions/45494/mysql-error-1093-cant-specify-target-table-for-update-in-from-clause
|
http://stackoverflow.com/questions/45494/mysql-error-1093-cant-specify-target-table-for-update-in-from-clause
|
||||||
*/
|
*/
|
||||||
$min_id = $database->get_one("SELECT MIN(id) FROM source_histories WHERE image_id = ?", [$image->id]);
|
$min_id = $database->get_one("SELECT MIN(id) FROM source_histories WHERE image_id = :image_id", ["image_id"=>$image->id]);
|
||||||
$database->execute("DELETE FROM source_histories WHERE id = ?", [$min_id]);
|
$database->execute("DELETE FROM source_histories WHERE id = :id", ["id"=>$min_id]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -38,16 +38,16 @@ class TagCategories extends Extension
|
||||||
|
|
||||||
if ($number_of_db_rows == 0) {
|
if ($number_of_db_rows == 0) {
|
||||||
$database->execute(
|
$database->execute(
|
||||||
'INSERT INTO image_tag_categories VALUES (?, ?, ?, ?)',
|
'INSERT INTO image_tag_categories VALUES (:category, :single, :multiple, :color)',
|
||||||
["artist", "Artist", "Artists", "#BB6666"]
|
["category"=>"artist", "single"=>"Artist", "multiple"=>"Artists", "color"=>"#BB6666"]
|
||||||
);
|
);
|
||||||
$database->execute(
|
$database->execute(
|
||||||
'INSERT INTO image_tag_categories VALUES (?, ?, ?, ?)',
|
'INSERT INTO image_tag_categories VALUES (:category, :single, :multiple, :color)',
|
||||||
["series", "Series", "Series", "#AA00AA"]
|
["category"=>"series", "single"=>"Series", "multiple"=>"Series", "color"=>"#AA00AA"]
|
||||||
);
|
);
|
||||||
$database->execute(
|
$database->execute(
|
||||||
'INSERT INTO image_tag_categories VALUES (?, ?, ?, ?)',
|
'INSERT INTO image_tag_categories VALUES (:category, :single, :multiple, :color)',
|
||||||
["character", "Character", "Characters", "#66BB66"]
|
["category"=>"character", "single"=>"Character", "multiple"=>"Characters", "color"=>"#66BB66"]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -213,36 +213,34 @@ class TagHistory extends Extension
|
||||||
SELECT tag_histories.*, users.name
|
SELECT tag_histories.*, users.name
|
||||||
FROM tag_histories
|
FROM tag_histories
|
||||||
JOIN users ON tag_histories.user_id = users.id
|
JOIN users ON tag_histories.user_id = users.id
|
||||||
WHERE tag_histories.id = ?", [$revert_id]);
|
WHERE tag_histories.id = :id", ["id"=>$revert_id]);
|
||||||
return ($row ? $row : null);
|
return ($row ? $row : null);
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get_tag_history_from_id(int $image_id): array
|
public function get_tag_history_from_id(int $image_id): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$row = $database->get_all(
|
return $database->get_all(
|
||||||
"
|
"
|
||||||
SELECT tag_histories.*, users.name
|
SELECT tag_histories.*, users.name
|
||||||
FROM tag_histories
|
FROM tag_histories
|
||||||
JOIN users ON tag_histories.user_id = users.id
|
JOIN users ON tag_histories.user_id = users.id
|
||||||
WHERE image_id = ?
|
WHERE image_id = :id
|
||||||
ORDER BY tag_histories.id DESC",
|
ORDER BY tag_histories.id DESC",
|
||||||
[$image_id]
|
["id"=>$image_id]
|
||||||
);
|
);
|
||||||
return ($row ? $row : []);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get_global_tag_history(int $page_id): array
|
public function get_global_tag_history(int $page_id): array
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$row = $database->get_all("
|
return $database->get_all("
|
||||||
SELECT tag_histories.*, users.name
|
SELECT tag_histories.*, users.name
|
||||||
FROM tag_histories
|
FROM tag_histories
|
||||||
JOIN users ON tag_histories.user_id = users.id
|
JOIN users ON tag_histories.user_id = users.id
|
||||||
ORDER BY tag_histories.id DESC
|
ORDER BY tag_histories.id DESC
|
||||||
LIMIT 100 OFFSET :offset
|
LIMIT 100 OFFSET :offset
|
||||||
", ["offset" => ($page_id-1)*100]);
|
", ["offset" => ($page_id-1)*100]);
|
||||||
return ($row ? $row : []);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
@ -261,19 +259,19 @@ class TagHistory extends Extension
|
||||||
$this->theme->add_status($name, "user not found");
|
$this->theme->add_status($name, "user not found");
|
||||||
return;
|
return;
|
||||||
} else {
|
} else {
|
||||||
$select_code[] = 'user_id = ?';
|
$select_code[] = 'user_id = :user_id';
|
||||||
$select_args[] = $duser->id;
|
$select_args['user_id'] = $duser->id;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_null($ip)) {
|
if (!is_null($ip)) {
|
||||||
$select_code[] = 'user_ip = ?';
|
$select_code[] = 'user_ip = :user_ip';
|
||||||
$select_args[] = $ip;
|
$select_args['user_ip'] = $ip;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!is_null($date)) {
|
if (!is_null($date)) {
|
||||||
$select_code[] = 'date_set >= ?';
|
$select_code[] = 'date_set >= :date_set';
|
||||||
$select_args[] = $date;
|
$select_args['date_set'] = $date;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (count($select_code) == 0) {
|
if (count($select_code) == 0) {
|
||||||
|
@ -368,13 +366,13 @@ class TagHistory extends Extension
|
||||||
}
|
}
|
||||||
|
|
||||||
// if the image has no history, make one with the old tags
|
// if the image has no history, make one with the old tags
|
||||||
$entries = $database->get_one("SELECT COUNT(*) FROM tag_histories WHERE image_id = ?", [$image->id]);
|
$entries = $database->get_one("SELECT COUNT(*) FROM tag_histories WHERE image_id = :id", ["id"=>$image->id]);
|
||||||
if ($entries == 0 && !empty($old_tags)) {
|
if ($entries == 0 && !empty($old_tags)) {
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO tag_histories(image_id, tags, user_id, user_ip, date_set)
|
INSERT INTO tag_histories(image_id, tags, user_id, user_ip, date_set)
|
||||||
VALUES (?, ?, ?, ?, now())",
|
VALUES (:image_id, :tags, :user_id, :user_ip, now())",
|
||||||
[$image->id, $old_tags, $config->get_int('anon_id'), '127.0.0.1']
|
["image_id"=>$image->id, "tags"=>$old_tags, "user_id"=>$config->get_int('anon_id'), "user_ip"=>'127.0.0.1']
|
||||||
);
|
);
|
||||||
$entries++;
|
$entries++;
|
||||||
}
|
}
|
||||||
|
@ -383,8 +381,8 @@ class TagHistory extends Extension
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO tag_histories(image_id, tags, user_id, user_ip, date_set)
|
INSERT INTO tag_histories(image_id, tags, user_id, user_ip, date_set)
|
||||||
VALUES (?, ?, ?, ?, now())",
|
VALUES (:image_id, :tags, :user_id, :user_ip, now())",
|
||||||
[$image->id, $new_tags, $user->id, $_SERVER['REMOTE_ADDR']]
|
["image_id"=>$image->id, "tags"=>$new_tags, "user_id"=>$user->id, "user_ip"=>$_SERVER['REMOTE_ADDR']]
|
||||||
);
|
);
|
||||||
$entries++;
|
$entries++;
|
||||||
|
|
||||||
|
@ -401,8 +399,8 @@ class TagHistory extends Extension
|
||||||
http://dev.mysql.com/doc/refman/5.1/en/subquery-restrictions.html
|
http://dev.mysql.com/doc/refman/5.1/en/subquery-restrictions.html
|
||||||
http://stackoverflow.com/questions/45494/mysql-error-1093-cant-specify-target-table-for-update-in-from-clause
|
http://stackoverflow.com/questions/45494/mysql-error-1093-cant-specify-target-table-for-update-in-from-clause
|
||||||
*/
|
*/
|
||||||
$min_id = $database->get_one("SELECT MIN(id) FROM tag_histories WHERE image_id = ?", [$image->id]);
|
$min_id = $database->get_one("SELECT MIN(id) FROM tag_histories WHERE image_id = :image_id", ["image_id"=>$image->id]);
|
||||||
$database->execute("DELETE FROM tag_histories WHERE id = ?", [$min_id]);
|
$database->execute("DELETE FROM tag_histories WHERE id = :id", ["id"=>$min_id]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -42,13 +42,13 @@ class TaggerXML extends Extension
|
||||||
$max_rows = $config->get_int("ext_tagger_tag_max", 30);
|
$max_rows = $config->get_int("ext_tagger_tag_max", 30);
|
||||||
$limit_rows = $config->get_int("ext_tagger_limit", 30);
|
$limit_rows = $config->get_int("ext_tagger_limit", 30);
|
||||||
|
|
||||||
$values = [];
|
$values = [
|
||||||
|
'p' => strlen($s) == 1 ? " " : "\_",
|
||||||
|
'sq' => "%".$p.sql_escape($s)."%"
|
||||||
|
];
|
||||||
|
|
||||||
// Match
|
// Match
|
||||||
$p = strlen($s) == 1? " ":"\_";
|
$match = "concat(:p, tag) LIKE :sq";
|
||||||
$sq = "%".$p.sql_escape($s)."%";
|
|
||||||
$match = "concat(?,tag) LIKE ?";
|
|
||||||
array_push($values, $p, $sq);
|
|
||||||
// Exclude
|
// Exclude
|
||||||
// $exclude = $event->get_arg(1)? "AND NOT IN ".$this->image_tags($event->get_arg(1)) : null;
|
// $exclude = $event->get_arg(1)? "AND NOT IN ".$this->image_tags($event->get_arg(1)) : null;
|
||||||
|
|
||||||
|
@ -62,7 +62,7 @@ class TaggerXML extends Extension
|
||||||
$count = $this->count($q_where, $values);
|
$count = $this->count($q_where, $values);
|
||||||
if ($count > $max_rows) {
|
if ($count > $max_rows) {
|
||||||
$q_from = "FROM (SELECT * FROM `tags` {$q_where} ".
|
$q_from = "FROM (SELECT * FROM `tags` {$q_where} ".
|
||||||
"ORDER BY count DESC LIMIT 0, {$limit_rows}) AS `c_tags`";
|
"ORDER BY count DESC LIMIT {$limit_rows} OFFSET 0) AS `c_tags`";
|
||||||
$q_where = null;
|
$q_where = null;
|
||||||
$count = ["max"=>$count];
|
$count = ["max"=>$count];
|
||||||
} else {
|
} else {
|
||||||
|
@ -88,7 +88,7 @@ class TaggerXML extends Extension
|
||||||
$tags = $database->Execute("
|
$tags = $database->Execute("
|
||||||
SELECT tags.*
|
SELECT tags.*
|
||||||
FROM image_tags JOIN tags ON image_tags.tag_id = tags.id
|
FROM image_tags JOIN tags ON image_tags.tag_id = tags.id
|
||||||
WHERE image_id=? ORDER BY tag", [$image_id]);
|
WHERE image_id=:image_id ORDER BY tag", ['image_id'=>$image_id]);
|
||||||
return $this->list_to_xml($tags, "image", $image_id);
|
return $this->list_to_xml($tags, "image", $image_id);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -17,8 +17,8 @@ class Tips extends Extension
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO tips (enable, image, text)
|
INSERT INTO tips (enable, image, text)
|
||||||
VALUES (?, ?, ?)",
|
VALUES (:enable, :image, :text)",
|
||||||
["Y", "coins.png", "Do you like this extension? Please support us for developing new ones. <a href=\"https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=8235933\" target=\"_blank\">Donate through paypal</a>."]
|
["enable"=>"Y", "image"=>"coins.png", "text"=>"Do you like this extension? Please support us for developing new ones. <a href=\"https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=8235933\" target=\"_blank\">Donate through paypal</a>."]
|
||||||
);
|
);
|
||||||
|
|
||||||
$this->set_version("ext_tips_version", 1);
|
$this->set_version("ext_tips_version", 1);
|
||||||
|
@ -109,8 +109,8 @@ class Tips extends Extension
|
||||||
$database->execute(
|
$database->execute(
|
||||||
"
|
"
|
||||||
INSERT INTO tips (enable, image, text)
|
INSERT INTO tips (enable, image, text)
|
||||||
VALUES (?, ?, ?)",
|
VALUES (:enable, :image, :text)",
|
||||||
[$enable, $image, $text]
|
["enable"=>$enable, "image"=>$image, "text"=>$text]
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -148,7 +148,7 @@ class Tips extends Extension
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
|
|
||||||
$tip = $database->get_row("SELECT * FROM tips WHERE id = ? ", [int_escape($tipID)]);
|
$tip = $database->get_row("SELECT * FROM tips WHERE id = :id ", ["id"=>int_escape($tipID)]);
|
||||||
|
|
||||||
if (bool_escape($tip['enable'])) {
|
if (bool_escape($tip['enable'])) {
|
||||||
$enable = "N";
|
$enable = "N";
|
||||||
|
@ -156,12 +156,12 @@ class Tips extends Extension
|
||||||
$enable = "Y";
|
$enable = "Y";
|
||||||
}
|
}
|
||||||
|
|
||||||
$database->execute("UPDATE tips SET enable = ? WHERE id = ?", [$enable, int_escape($tipID)]);
|
$database->execute("UPDATE tips SET enable = :enable WHERE id = :id", ["enable"=>$enable, "id"=>int_escape($tipID)]);
|
||||||
}
|
}
|
||||||
|
|
||||||
private function deleteTip(int $tipID)
|
private function deleteTip(int $tipID)
|
||||||
{
|
{
|
||||||
global $database;
|
global $database;
|
||||||
$database->execute("DELETE FROM tips WHERE id = ?", [int_escape($tipID)]);
|
$database->execute("DELETE FROM tips WHERE id = :id", ["id"=>int_escape($tipID)]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -190,8 +190,9 @@ class Wiki extends Extension
|
||||||
try {
|
try {
|
||||||
$database->Execute("
|
$database->Execute("
|
||||||
INSERT INTO wiki_pages(owner_id, owner_ip, date, title, revision, locked, body)
|
INSERT INTO wiki_pages(owner_id, owner_ip, date, title, revision, locked, body)
|
||||||
VALUES (?, ?, now(), ?, ?, ?, ?)", [$event->user->id, $_SERVER['REMOTE_ADDR'],
|
VALUES (:owner_id, :owner_ip, now(), :title, :revision, :locked, :body)",
|
||||||
$wpage->title, $wpage->revision, $wpage->locked?'Y':'N', $wpage->body]);
|
["owner_id"=>$event->user->id, "owner_ip"=>$_SERVER['REMOTE_ADDR'],
|
||||||
|
"title"=>$wpage->title, "revision"=>$wpage->revision, "locked"=>$wpage->locked?'Y':'N', "body"=>$wpage->body]);
|
||||||
} catch (Exception $e) {
|
} catch (Exception $e) {
|
||||||
throw new WikiUpdateException("Somebody else edited that page at the same time :-(");
|
throw new WikiUpdateException("Somebody else edited that page at the same time :-(");
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue