Removing unnecessary call to int_escape(). Simply cast to int inline, saving function call overhead.
This commit is contained in:
green-ponies (jgen)
parent
a2b94b31dd
commit
a82f9382d1
46 changed files with 136 additions and 136 deletions
|
|
@ -95,10 +95,10 @@ class PageRequestEvent extends Event {
|
|||
public function get_page_number() {
|
||||
$page_number = 1;
|
||||
if($this->count_args() === 1) {
|
||||
$page_number = int_escape($this->get_arg(0));
|
||||
$page_number = (int)($this->get_arg(0));
|
||||
}
|
||||
else if($this->count_args() === 2) {
|
||||
$page_number = int_escape($this->get_arg(1));
|
||||
$page_number = (int)($this->get_arg(1));
|
||||
}
|
||||
if($page_number === 0) $page_number = 1; // invalid -> 0
|
||||
return $page_number;
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ abstract class DataHandlerExtension extends Extension {
|
|||
/* hax: This seems like such a dirty way to do this.. */
|
||||
|
||||
/* Validate things */
|
||||
$image_id = int_escape($event->metadata['replace']);
|
||||
$image_id = (int)($event->metadata['replace']);
|
||||
|
||||
/* Check to make sure the image exists. */
|
||||
$existing = Image::by_id($image_id);
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ class User {
|
|||
public function User($row) {
|
||||
global $_user_classes;
|
||||
|
||||
$this->id = int_escape($row['id']);
|
||||
$this->id = (int)($row['id']);
|
||||
$this->name = $row['name'];
|
||||
$this->email = $row['email'];
|
||||
$this->join_date = $row['joindate'];
|
||||
|
|
|
|||
|
|
@ -249,7 +249,7 @@ class Artists extends Extension {
|
|||
}
|
||||
case "edited":
|
||||
{
|
||||
$artistID = int_escape($_POST['id']);
|
||||
$artistID = (int)($_POST['id']);
|
||||
$this->update_artist();
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("artist/view/".$artistID));
|
||||
|
|
@ -312,7 +312,7 @@ class Artists extends Extension {
|
|||
}
|
||||
case "edit":
|
||||
{
|
||||
$aliasID = int_escape($event->get_arg(2));
|
||||
$aliasID = (int)($event->get_arg(2));
|
||||
$alias = $this->get_alias_by_id($aliasID);
|
||||
$this->theme->show_alias_editor($alias);
|
||||
break;
|
||||
|
|
@ -320,7 +320,7 @@ class Artists extends Extension {
|
|||
case "edited":
|
||||
{
|
||||
$this->update_alias();
|
||||
$aliasID = int_escape($_POST['aliasID']);
|
||||
$aliasID = (int)($_POST['aliasID']);
|
||||
$artistID = $this->get_artistID_by_aliasID($aliasID);
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("artist/view/".$artistID));
|
||||
|
|
@ -354,7 +354,7 @@ class Artists extends Extension {
|
|||
}
|
||||
case "edit":
|
||||
{
|
||||
$urlID = int_escape($event->get_arg(2));
|
||||
$urlID = (int)($event->get_arg(2));
|
||||
$url = $this->get_url_by_id($urlID);
|
||||
$this->theme->show_url_editor($url);
|
||||
break;
|
||||
|
|
@ -362,7 +362,7 @@ class Artists extends Extension {
|
|||
case "edited":
|
||||
{
|
||||
$this->update_url();
|
||||
$urlID = int_escape($_POST['urlID']);
|
||||
$urlID = (int)($_POST['urlID']);
|
||||
$artistID = $this->get_artistID_by_urlID($urlID);
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("artist/view/".$artistID));
|
||||
|
|
@ -386,7 +386,7 @@ class Artists extends Extension {
|
|||
}
|
||||
case "delete":
|
||||
{
|
||||
$memberID = int_escape($event->get_arg(2));
|
||||
$memberID = (int)($event->get_arg(2));
|
||||
$artistID = $this->get_artistID_by_memberID($memberID);
|
||||
$this->delete_member($memberID);
|
||||
$page->set_mode("redirect");
|
||||
|
|
@ -395,7 +395,7 @@ class Artists extends Extension {
|
|||
}
|
||||
case "edit":
|
||||
{
|
||||
$memberID = int_escape($event->get_arg(2));
|
||||
$memberID = (int)($event->get_arg(2));
|
||||
$member = $this->get_member_by_id($memberID);
|
||||
$this->theme->show_member_editor($member);
|
||||
break;
|
||||
|
|
@ -403,7 +403,7 @@ class Artists extends Extension {
|
|||
case "edited":
|
||||
{
|
||||
$this->update_member();
|
||||
$memberID = int_escape($_POST['memberID']);
|
||||
$memberID = (int)($_POST['memberID']);
|
||||
$artistID = $this->get_artistID_by_memberID($memberID);
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("artist/view/".$artistID));
|
||||
|
|
|
|||
|
|
@ -97,7 +97,7 @@ class Blotter extends Extension {
|
|||
if(!$user->is_admin() || !$user->check_auth_token()) {
|
||||
$this->theme->display_permission_denied();
|
||||
} else {
|
||||
$id = int_escape($_POST['id']);
|
||||
$id = (int)($_POST['id']);
|
||||
if(!isset($id)) { die("No ID!"); }
|
||||
$database->Execute("DELETE FROM blotter WHERE id=:id", array("id"=>$id));
|
||||
log_info("blotter", "Removed Entry #$id");
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ class CommentList extends Extension {
|
|||
if($event->get_arg(0) === "add") {
|
||||
if(isset($_POST['image_id']) && isset($_POST['comment'])) {
|
||||
try {
|
||||
$i_iid = int_escape($_POST['image_id']);
|
||||
$i_iid = (int)($_POST['image_id']);
|
||||
$cpe = new CommentPostingEvent($_POST['image_id'], $user, $_POST['comment']);
|
||||
send_event($cpe);
|
||||
$page->set_mode("redirect");
|
||||
|
|
@ -154,7 +154,7 @@ class CommentList extends Extension {
|
|||
}
|
||||
}
|
||||
else if($event->get_arg(0) === "list") {
|
||||
$page_num = int_escape($event->get_arg(1));
|
||||
$page_num = (int)($event->get_arg(1));
|
||||
$this->build_page($page_num);
|
||||
}
|
||||
}
|
||||
|
|
@ -242,7 +242,7 @@ class CommentList extends Extension {
|
|||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM comments WHERE owner_id = $user_id)"));
|
||||
}
|
||||
else if(preg_match("/commented_by_userid=([0-9]+)/i", $event->term, $matches)) {
|
||||
$user_id = int_escape($matches[1]);
|
||||
$user_id = (int)($matches[1]);
|
||||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM comments WHERE owner_id = $user_id)"));
|
||||
}
|
||||
}
|
||||
|
|
@ -340,7 +340,7 @@ class CommentList extends Extension {
|
|||
private function get_comments(/*int*/ $image_id) {
|
||||
global $config;
|
||||
global $database;
|
||||
$i_image_id = int_escape($image_id);
|
||||
$i_image_id = (int)($image_id);
|
||||
$rows = $database->get_all("
|
||||
SELECT
|
||||
users.id as user_id, users.name as user_name, users.email as user_email,
|
||||
|
|
@ -368,8 +368,8 @@ class CommentList extends Extension {
|
|||
// sqlite fails at intervals
|
||||
if($database->engine->name === "sqlite") return false;
|
||||
|
||||
$window = int_escape($config->get_int('comment_window'));
|
||||
$max = int_escape($config->get_int('comment_limit'));
|
||||
$window = (int)($config->get_int('comment_window'));
|
||||
$max = (int)($config->get_int('comment_limit'));
|
||||
|
||||
if($database->engine->name == "mysql") $window_sql = "interval $window minute";
|
||||
else $window_sql = "interval '$window minute'";
|
||||
|
|
|
|||
|
|
@ -157,13 +157,13 @@ class CommentListTheme extends Themelet {
|
|||
$tfe = new TextFormattingEvent($comment->comment);
|
||||
send_event($tfe);
|
||||
|
||||
$i_uid = int_escape($comment->owner_id);
|
||||
$i_uid = (int)($comment->owner_id);
|
||||
$h_name = html_escape($comment->owner_name);
|
||||
$h_poster_ip = html_escape($comment->poster_ip);
|
||||
$h_timestamp = autodate($comment->posted);
|
||||
$h_comment = ($trim ? truncate($tfe->stripped, 50) : $tfe->formatted);
|
||||
$i_comment_id = int_escape($comment->comment_id);
|
||||
$i_image_id = int_escape($comment->image_id);
|
||||
$i_comment_id = (int)($comment->comment_id);
|
||||
$i_image_id = (int)($comment->image_id);
|
||||
|
||||
if($i_uid == $config->get_int("anon_id")) {
|
||||
$anoncode = "";
|
||||
|
|
@ -224,7 +224,7 @@ class CommentListTheme extends Themelet {
|
|||
protected function build_postbox(/*int*/ $image_id) {
|
||||
global $config;
|
||||
|
||||
$i_image_id = int_escape($image_id);
|
||||
$i_image_id = (int)($image_id);
|
||||
$hash = CommentList::get_hash();
|
||||
$h_captcha = $config->get_bool("comment_captcha") ? captcha_get_html() : "";
|
||||
|
||||
|
|
|
|||
|
|
@ -287,8 +287,8 @@ class DanbooruApi extends Extension {
|
|||
}
|
||||
} else
|
||||
{
|
||||
$limit = isset($_GET['limit']) ? int_escape($_GET['limit']) : 100;
|
||||
$start = isset($_GET['offset']) ? int_escape($_GET['offset']) : 0;
|
||||
$limit = isset($_GET['limit']) ? (int)($_GET['limit']) : 100;
|
||||
$start = isset($_GET['offset']) ? (int)($_GET['offset']) : 0;
|
||||
$tags = isset($_GET['tags']) ? Tag::explode($_GET['tags']) : array();
|
||||
$results = Image::find_images($start, $limit, $tags);
|
||||
}
|
||||
|
|
@ -346,14 +346,14 @@ class DanbooruApi extends Extension {
|
|||
/* Currently disabled to maintain identical functionality to danbooru 1.0's own "broken" find_tags
|
||||
elseif(isset($_GET['tags']))
|
||||
{
|
||||
$start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0;
|
||||
$start = isset($_GET['after_id']) ? (int)($_GET['offset']) : 0;
|
||||
$tags = Tag::explode($_GET['tags']);
|
||||
|
||||
}
|
||||
*/
|
||||
else
|
||||
{
|
||||
$start = isset($_GET['after_id']) ? int_escape($_GET['offset']) : 0;
|
||||
$start = isset($_GET['after_id']) ? (int)($_GET['offset']) : 0;
|
||||
$sqlresult = $database->execute("SELECT id,tag,count FROM tags WHERE count > 0 AND id >= ? ORDER BY id DESC",array($start));
|
||||
while(!$sqlresult->EOF)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ class Favorites extends Extension {
|
|||
public function onPageRequest(PageRequestEvent $event) {
|
||||
global $page, $user;
|
||||
if($event->page_matches("change_favorite") && !$user->is_anonymous() && $user->check_auth_token()) {
|
||||
$image_id = int_escape($_POST['image_id']);
|
||||
$image_id = (int)($_POST['image_id']);
|
||||
if((($_POST['favorite_action'] == "set") || ($_POST['favorite_action'] == "unset")) && ($image_id > 0)) {
|
||||
send_event(new FavoriteSetEvent($image_id, $user, ($_POST['favorite_action'] == "set")));
|
||||
}
|
||||
|
|
@ -128,7 +128,7 @@ class Favorites extends Extension {
|
|||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM user_favorites WHERE user_id = $user_id)"));
|
||||
}
|
||||
else if(preg_match("/favorited_by_userno=([0-9]+)/i", $event->term, $matches)) {
|
||||
$user_id = int_escape($matches[1]);
|
||||
$user_id = (int)($matches[1]);
|
||||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM user_favorites WHERE user_id = $user_id)"));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ class FavoritesTheme extends Themelet {
|
|||
public function get_voter_html(Image $image, $is_favorited) {
|
||||
global $page, $user;
|
||||
|
||||
$i_image_id = int_escape($image->id);
|
||||
$i_image_id = (int)($image->id);
|
||||
$name = $is_favorited ? "unset" : "set";
|
||||
$label = $is_favorited ? "Un-Favorite" : "Favorite";
|
||||
$html = "
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ class Featured extends Extension {
|
|||
if($event->page_matches("featured_image")) {
|
||||
if($event->get_arg(0) == "set" && $user->check_auth_token()) {
|
||||
if($user->can("edit_feature") && isset($_POST['image_id'])) {
|
||||
$id = int_escape($_POST['image_id']);
|
||||
$id = (int)($_POST['image_id']);
|
||||
if($id > 0) {
|
||||
$config->set_int("featured_id", $id);
|
||||
$page->set_mode("redirect");
|
||||
|
|
|
|||
|
|
@ -21,7 +21,7 @@ class FeaturedTheme extends Themelet {
|
|||
|
||||
public function build_featured_html(Image $image, $query=null) {
|
||||
global $config;
|
||||
$i_id = int_escape($image->id);
|
||||
$i_id = (int)($image->id);
|
||||
$h_view_link = make_link("post/view/$i_id", $query);
|
||||
$h_thumb_link = $image->get_thumb_link();
|
||||
$h_tip = html_escape($image->get_tooltip());
|
||||
|
|
|
|||
|
|
@ -92,8 +92,8 @@ class Forum extends Extension {
|
|||
}
|
||||
case "view":
|
||||
{
|
||||
$threadID = int_escape($event->get_arg(1));
|
||||
$pageNumber = int_escape($event->get_arg(2));
|
||||
$threadID = (int)($event->get_arg(1));
|
||||
$pageNumber = (int)($event->get_arg(2));
|
||||
|
||||
$this->show_posts($event, $user->is_admin());
|
||||
if($user->is_admin()) $this->theme->add_actions_block($page, $threadID);
|
||||
|
|
@ -131,8 +131,8 @@ class Forum extends Extension {
|
|||
break;
|
||||
}
|
||||
case "delete":
|
||||
$threadID = int_escape($event->get_arg(1));
|
||||
$postID = int_escape($event->get_arg(2));
|
||||
$threadID = (int)($event->get_arg(1));
|
||||
$postID = (int)($event->get_arg(2));
|
||||
|
||||
if ($user->is_admin()) {$this->delete_post($postID);}
|
||||
|
||||
|
|
@ -140,7 +140,7 @@ class Forum extends Extension {
|
|||
$page->set_redirect(make_link("forum/view/".$threadID));
|
||||
break;
|
||||
case "nuke":
|
||||
$threadID = int_escape($event->get_arg(1));
|
||||
$threadID = (int)($event->get_arg(1));
|
||||
|
||||
if ($user->is_admin())
|
||||
$this->delete_thread($threadID);
|
||||
|
|
@ -160,7 +160,7 @@ class Forum extends Extension {
|
|||
break;
|
||||
}
|
||||
|
||||
$threadID = int_escape($_POST["threadID"]);
|
||||
$threadID = (int)($_POST["threadID"]);
|
||||
|
||||
$this->save_new_post($threadID, $user);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ class IcoFileHandler extends Extension {
|
|||
public function onPageRequest(PageRequestEvent $event) {
|
||||
global $config, $database, $page;
|
||||
if($event->page_matches("get_ico")) {
|
||||
$id = int_escape($event->get_arg(0));
|
||||
$id = (int)($event->get_arg(0));
|
||||
$image = Image::by_id($id);
|
||||
$hash = $image->hash;
|
||||
$ha = substr($hash, 0, 2);
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ class SVGFileHandler extends Extension {
|
|||
public function onPageRequest(PageRequestEvent $event) {
|
||||
global $config, $database, $page;
|
||||
if($event->page_matches("get_svg")) {
|
||||
$id = int_escape($event->get_arg(0));
|
||||
$id = (int)($event->get_arg(0));
|
||||
$image = Image::by_id($id);
|
||||
$hash = $image->hash;
|
||||
|
||||
|
|
@ -97,8 +97,8 @@ class MiniSVGParser {
|
|||
|
||||
function startElement($parser, $name, $attrs) {
|
||||
if($name == "SVG") {
|
||||
$this->width = int_escape($attrs["WIDTH"]);
|
||||
$this->height = int_escape($attrs["HEIGHT"]);
|
||||
$this->width = (int)($attrs["WIDTH"]);
|
||||
$this->height = (int)($attrs["HEIGHT"]);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -180,11 +180,11 @@ class ImageIO extends Extension {
|
|||
}
|
||||
}
|
||||
else if($event->page_matches("image")) {
|
||||
$num = int_escape($event->get_arg(0));
|
||||
$num = (int)($event->get_arg(0));
|
||||
$this->send_file($num, "image");
|
||||
}
|
||||
else if($event->page_matches("thumb")) {
|
||||
$num = int_escape($event->get_arg(0));
|
||||
$num = (int)($event->get_arg(0));
|
||||
$this->send_file($num, "thumb");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ class ImageBan extends Extension {
|
|||
if($event->page_matches("image_hash_ban")) {
|
||||
if($user->can("ban_image")) {
|
||||
if($event->get_arg(0) == "dnp") {
|
||||
$image = Image::by_id(int_escape($event->get_arg(1)));
|
||||
$image = Image::by_id((int)($event->get_arg(1)));
|
||||
if($image) {
|
||||
send_event(new AddImageHashBanEvent($image->hash, "DNP"));
|
||||
send_event(new ImageDeletionEvent($image));
|
||||
|
|
@ -74,7 +74,7 @@ class ImageBan extends Extension {
|
|||
$page->set_redirect(make_link("image_hash_ban/list/1"));
|
||||
}
|
||||
if(isset($_POST['image_id'])) {
|
||||
$image = Image::by_id(int_escape($_POST['image_id']));
|
||||
$image = Image::by_id((int)($_POST['image_id']));
|
||||
if($image) {
|
||||
send_event(new ImageDeletionEvent($image));
|
||||
$page->set_mode("redirect");
|
||||
|
|
@ -93,7 +93,7 @@ class ImageBan extends Extension {
|
|||
else if($event->get_arg(0) == "list") {
|
||||
$page_num = 0;
|
||||
if($event->count_args() == 2) {
|
||||
$page_num = int_escape($event->get_arg(1));
|
||||
$page_num = (int)($event->get_arg(1));
|
||||
}
|
||||
$page_size = 100;
|
||||
$page_count = ceil($database->get_one("SELECT COUNT(id) FROM image_bans")/$page_size);
|
||||
|
|
@ -131,8 +131,8 @@ class ImageBan extends Extension {
|
|||
global $database;
|
||||
|
||||
// FIXME: many
|
||||
$size_i = int_escape($size);
|
||||
$offset_i = int_escape($page-1)*$size_i;
|
||||
$size_i = (int)($size);
|
||||
$offset_i = (int)($page-1)*$size_i;
|
||||
$where = array("(1=1)");
|
||||
$args = array();
|
||||
if(!empty($_GET['hash'])) {
|
||||
|
|
|
|||
|
|
@ -204,7 +204,7 @@ class Index extends Extension {
|
|||
}
|
||||
else if(preg_match("/^ratio(<|>|<=|>=|=)(\d+):(\d+)$/", $event->term, $matches)) {
|
||||
$cmp = $matches[1];
|
||||
$args = array("width"=>int_escape($matches[2]), "height"=>int_escape($matches[3]));
|
||||
$args = array("width"=>(int)($matches[2]), "height"=>(int)($matches[3]));
|
||||
$event->add_querylet(new Querylet('width / height '.$cmp.' :width / :height', $args));
|
||||
}
|
||||
else if(preg_match("/^(filesize|id)(<|>|<=|>=|=)(\d+[kmg]?b?)$/i", $event->term, $matches)) {
|
||||
|
|
@ -233,7 +233,7 @@ class Index extends Extension {
|
|||
}
|
||||
else if(preg_match("/^size(<|>|<=|>=|=)(\d+)x(\d+)$/", $event->term, $matches)) {
|
||||
$cmp = $matches[1];
|
||||
$args = array("width"=>int_escape($matches[2]), "height"=>int_escape($matches[3]));
|
||||
$args = array("width"=>(int)($matches[2]), "height"=>(int)($matches[3]));
|
||||
$event->add_querylet(new Querylet('width '.$cmp.' :width AND height '.$cmp.' :height', $args));
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ class LogDatabase extends Extension {
|
|||
if($user->can("view_eventlog")) {
|
||||
$wheres = array();
|
||||
$args = array();
|
||||
$page_num = int_escape($event->get_arg(0));
|
||||
$page_num = (int)($event->get_arg(0));
|
||||
if($page_num <= 0) $page_num = 1;
|
||||
if(!empty($_GET["time"])) {
|
||||
$wheres[] = "date_sent LIKE :time";
|
||||
|
|
@ -77,7 +77,7 @@ class LogDatabase extends Extension {
|
|||
}
|
||||
if(!empty($_GET["priority"])) {
|
||||
$wheres[] = "priority >= :priority";
|
||||
$args["priority"] = int_escape($_GET["priority"]);
|
||||
$args["priority"] = (int)($_GET["priority"]);
|
||||
}
|
||||
else {
|
||||
$wheres[] = "priority >= :priority";
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ class LogDatabaseTheme extends Themelet {
|
|||
}
|
||||
|
||||
protected function link_image($id) {
|
||||
$iid = int_escape($id[1]);
|
||||
$iid = (int)($id[1]);
|
||||
return "<a href='".make_link("post/view/$iid")."'>Image #$iid</a>";
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -211,7 +211,7 @@ class Notes extends Extension {
|
|||
public function onSearchTermParse(SearchTermParseEvent $event) {
|
||||
$matches = array();
|
||||
if(preg_match("/note=(.*)/i", $event->term, $matches)) {
|
||||
$notes = int_escape($matches[1]);
|
||||
$notes = (int)($matches[1]);
|
||||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM notes WHERE note = $notes)"));
|
||||
}
|
||||
else if(preg_match("/notes(<|>|<=|>=|=)(\d+)/", $event->term, $matches)) {
|
||||
|
|
@ -232,7 +232,7 @@ class Notes extends Extension {
|
|||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM notes WHERE user_id = $user_id)"));
|
||||
}
|
||||
else if(preg_match("/notes_by_userno=([0-9]+)/i", $event->term, $matches)) {
|
||||
$user_id = int_escape($matches[1]);
|
||||
$user_id = (int)($matches[1]);
|
||||
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM notes WHERE user_id = $user_id)"));
|
||||
}
|
||||
}
|
||||
|
|
@ -259,12 +259,12 @@ class Notes extends Extension {
|
|||
private function add_new_note() {
|
||||
global $database, $user;
|
||||
|
||||
$imageID = int_escape($_POST["image_id"]);
|
||||
$imageID = (int)($_POST["image_id"]);
|
||||
$user_id = $user->id;
|
||||
$noteX1 = int_escape($_POST["note_x1"]);
|
||||
$noteY1 = int_escape($_POST["note_y1"]);
|
||||
$noteHeight = int_escape($_POST["note_height"]);
|
||||
$noteWidth = int_escape($_POST["note_width"]);
|
||||
$noteX1 = (int)($_POST["note_x1"]);
|
||||
$noteY1 = (int)($_POST["note_y1"]);
|
||||
$noteHeight = (int)($_POST["note_height"]);
|
||||
$noteWidth = (int)($_POST["note_width"]);
|
||||
$noteText = html_escape($_POST["note_text"]);
|
||||
|
||||
$database->execute("
|
||||
|
|
@ -292,7 +292,7 @@ class Notes extends Extension {
|
|||
private function add_note_request() {
|
||||
global $database, $user;
|
||||
|
||||
$image_id = int_escape($_POST["image_id"]);
|
||||
$image_id = (int)($_POST["image_id"]);
|
||||
$user_id = $user->id;
|
||||
|
||||
$database->execute("
|
||||
|
|
@ -314,12 +314,12 @@ class Notes extends Extension {
|
|||
*/
|
||||
private function update_note()
|
||||
{
|
||||
$imageID = int_escape($_POST["image_id"]);
|
||||
$noteID = int_escape($_POST["note_id"]);
|
||||
$noteX1 = int_escape($_POST["note_x1"]);
|
||||
$noteY1 = int_escape($_POST["note_y1"]);
|
||||
$noteHeight = int_escape($_POST["note_height"]);
|
||||
$noteWidth = int_escape($_POST["note_width"]);
|
||||
$imageID = (int)($_POST["image_id"]);
|
||||
$noteID = (int)($_POST["note_id"]);
|
||||
$noteX1 = (int)($_POST["note_x1"]);
|
||||
$noteY1 = (int)($_POST["note_y1"]);
|
||||
$noteHeight = (int)($_POST["note_height"]);
|
||||
$noteWidth = (int)($_POST["note_width"]);
|
||||
$noteText = mysql_real_escape_string(html_escape($_POST["note_text"]));
|
||||
|
||||
// validate parameters
|
||||
|
|
@ -363,8 +363,8 @@ class Notes extends Extension {
|
|||
*/
|
||||
private function delete_note()
|
||||
{
|
||||
$imageID = int_escape($_POST["image_id"]);
|
||||
$noteID = int_escape($_POST["note_id"]);
|
||||
$imageID = (int)($_POST["image_id"]);
|
||||
$noteID = (int)($_POST["note_id"]);
|
||||
|
||||
// validate parameters
|
||||
if(is_null($imageID) || !is_numeric($imageID))
|
||||
|
|
@ -389,7 +389,7 @@ class Notes extends Extension {
|
|||
*/
|
||||
private function nuke_notes() {
|
||||
global $database;
|
||||
$image_id = int_escape($_POST["image_id"]);
|
||||
$image_id = (int)($_POST["image_id"]);
|
||||
$database->execute("DELETE FROM notes WHERE image_id = ?", array($image_id));
|
||||
log_info("notes", "Notes deleted from {$image_id} by {$user->name}");
|
||||
}
|
||||
|
|
@ -401,7 +401,7 @@ class Notes extends Extension {
|
|||
*/
|
||||
private function nuke_requests() {
|
||||
global $database;
|
||||
$image_id = int_escape($_POST["image_id"]);
|
||||
$image_id = (int)($_POST["image_id"]);
|
||||
|
||||
$database->execute("DELETE FROM note_request WHERE image_id = ?", array($image_id));
|
||||
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ class NumericScore extends Extension {
|
|||
global $config, $database, $user, $page;
|
||||
|
||||
if($event->page_matches("numeric_score_votes")) {
|
||||
$image_id = int_escape($event->get_arg(0));
|
||||
$image_id = (int)($event->get_arg(0));
|
||||
$x = $database->get_all(
|
||||
"SELECT users.name as username, user_id, score
|
||||
FROM numeric_score_votes
|
||||
|
|
@ -67,7 +67,7 @@ class NumericScore extends Extension {
|
|||
}
|
||||
if($event->page_matches("numeric_score_vote") && $user->check_auth_token()) {
|
||||
if(!$user->is_anonymous()) {
|
||||
$image_id = int_escape($_POST['image_id']);
|
||||
$image_id = (int)($_POST['image_id']);
|
||||
$char = $_POST['vote'];
|
||||
$score = null;
|
||||
if($char == "up") $score = 1;
|
||||
|
|
@ -80,7 +80,7 @@ class NumericScore extends Extension {
|
|||
}
|
||||
if($event->page_matches("numeric_score/remove_votes_on") && $user->check_auth_token()) {
|
||||
if($user->can("edit_other_vote")) {
|
||||
$image_id = int_escape($_POST['image_id']);
|
||||
$image_id = (int)($_POST['image_id']);
|
||||
$database->execute(
|
||||
"DELETE FROM numeric_score_votes WHERE image_id=?",
|
||||
array($image_id));
|
||||
|
|
@ -93,7 +93,7 @@ class NumericScore extends Extension {
|
|||
}
|
||||
if($event->page_matches("numeric_score/remove_votes_by") && $user->check_auth_token()) {
|
||||
if($user->can("edit_other_vote")) {
|
||||
$this->delete_votes_by(int_escape($_POST['user_id']));
|
||||
$this->delete_votes_by((int)($_POST['user_id']));
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link());
|
||||
}
|
||||
|
|
@ -110,13 +110,13 @@ class NumericScore extends Extension {
|
|||
$year = $_GET['year'];
|
||||
}
|
||||
//month
|
||||
if(empty($_GET['month']) || int_escape($_GET['month']) > 12){
|
||||
if(empty($_GET['month']) || (int)($_GET['month']) > 12){
|
||||
$month = date("m");
|
||||
}else{
|
||||
$month = $_GET['month'];
|
||||
}
|
||||
//day
|
||||
if(empty($_GET['day']) || int_escape($_GET['day']) > 31){
|
||||
if(empty($_GET['day']) || (int)($_GET['day']) > 31){
|
||||
$day = date("d");
|
||||
}else{
|
||||
$day = $_GET['day'];
|
||||
|
|
@ -245,13 +245,13 @@ class NumericScore extends Extension {
|
|||
array("ns_user_id"=>$duser->id)));
|
||||
}
|
||||
if(preg_match("/^upvoted_by_id=(\d+)$/", $event->term, $matches)) {
|
||||
$iid = int_escape($matches[1]);
|
||||
$iid = (int)($matches[1]);
|
||||
$event->add_querylet(new Querylet(
|
||||
"images.id in (SELECT image_id FROM numeric_score_votes WHERE user_id=:ns_user_id AND score=1)",
|
||||
array("ns_user_id"=>$iid)));
|
||||
}
|
||||
if(preg_match("/^downvoted_by_id=(\d+)$/", $event->term, $matches)) {
|
||||
$iid = int_escape($matches[1]);
|
||||
$iid = (int)($matches[1]);
|
||||
$event->add_querylet(new Querylet(
|
||||
"images.id in (SELECT image_id FROM numeric_score_votes WHERE user_id=:ns_user_id AND score=-1)",
|
||||
array("ns_user_id"=>$iid)));
|
||||
|
|
|
|||
|
|
@ -3,8 +3,8 @@
|
|||
class NumericScoreTheme extends Themelet {
|
||||
public function get_voter_html(Image $image) {
|
||||
global $user;
|
||||
$i_image_id = int_escape($image->id);
|
||||
$i_score = int_escape($image->numeric_score);
|
||||
$i_image_id = (int)($image->id);
|
||||
$i_score = (int)($image->numeric_score);
|
||||
|
||||
$html = "
|
||||
Current Score: $i_score
|
||||
|
|
|
|||
|
|
@ -105,13 +105,13 @@ class PrivMsg extends Extension {
|
|||
if(!$user->is_anonymous()) {
|
||||
switch($event->get_arg(0)) {
|
||||
case "read":
|
||||
$pm_id = int_escape($event->get_arg(1));
|
||||
$pm_id = (int)($event->get_arg(1));
|
||||
$pm = $database->get_row("SELECT * FROM private_message WHERE id = :id", array("id" => $pm_id));
|
||||
if(is_null($pm)) {
|
||||
$this->theme->display_error(404, "No such PM", "There is no PM #$pm_id");
|
||||
}
|
||||
else if(($pm["to_id"] == $user->id) || $user->can("view_other_pms")) {
|
||||
$from_user = User::by_id(int_escape($pm["from_id"]));
|
||||
$from_user = User::by_id((int)($pm["from_id"]));
|
||||
$database->execute("UPDATE private_message SET is_read='Y' WHERE id = :id", array("id" => $pm_id));
|
||||
$database->cache->delete("pm-count-{$user->id}");
|
||||
$this->theme->display_message($page, $from_user, $user, new PM($pm));
|
||||
|
|
@ -122,7 +122,7 @@ class PrivMsg extends Extension {
|
|||
break;
|
||||
case "delete":
|
||||
if($user->check_auth_token()) {
|
||||
$pm_id = int_escape($_POST["pm_id"]);
|
||||
$pm_id = (int)($_POST["pm_id"]);
|
||||
$pm = $database->get_row("SELECT * FROM private_message WHERE id = :id", array("id" => $pm_id));
|
||||
if(is_null($pm)) {
|
||||
$this->theme->display_error(404, "No such PM", "There is no PM #$pm_id");
|
||||
|
|
@ -138,7 +138,7 @@ class PrivMsg extends Extension {
|
|||
break;
|
||||
case "send":
|
||||
if($user->check_auth_token()) {
|
||||
$to_id = int_escape($_POST["to_id"]);
|
||||
$to_id = (int)($_POST["to_id"]);
|
||||
$from_id = $user->id;
|
||||
$subject = $_POST["subject"];
|
||||
$message = $_POST["message"];
|
||||
|
|
|
|||
|
|
@ -96,14 +96,14 @@ class Pools extends Extension {
|
|||
|
||||
// Check if we have pool id, since this is most often the case.
|
||||
if (isset($_POST["pool_id"])) {
|
||||
$pool_id = int_escape($_POST["pool_id"]);
|
||||
$pool_id = (int)($_POST["pool_id"]);
|
||||
$pool = $this->get_single_pool($pool_id);
|
||||
}
|
||||
|
||||
// What action are we trying to perform?
|
||||
switch($event->get_arg(0)) {
|
||||
case "list": //index
|
||||
$this->list_pools($page, int_escape($event->get_arg(1)));
|
||||
$this->list_pools($page, (int)($event->get_arg(1)));
|
||||
break;
|
||||
|
||||
case "new": // Show form for new pools
|
||||
|
|
@ -127,17 +127,17 @@ class Pools extends Extension {
|
|||
break;
|
||||
|
||||
case "view":
|
||||
$poolID = int_escape($event->get_arg(1));
|
||||
$poolID = (int)($event->get_arg(1));
|
||||
$this->get_posts($event, $poolID);
|
||||
break;
|
||||
|
||||
case "updated":
|
||||
$this->get_history(int_escape($event->get_arg(1)));
|
||||
$this->get_history((int)($event->get_arg(1)));
|
||||
break;
|
||||
|
||||
case "revert":
|
||||
if(!$user->is_anonymous()) {
|
||||
$historyID = int_escape($event->get_arg(1));
|
||||
$historyID = (int)($event->get_arg(1));
|
||||
$this->revert_history($historyID);
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("pool/updated"));
|
||||
|
|
@ -404,7 +404,7 @@ class Pools extends Extension {
|
|||
private function add_posts() {
|
||||
global $database;
|
||||
|
||||
$poolID = int_escape($_POST['pool_id']);
|
||||
$poolID = (int)($_POST['pool_id']);
|
||||
$images = "";
|
||||
|
||||
foreach ($_POST['check'] as $imageID){
|
||||
|
|
@ -439,7 +439,7 @@ class Pools extends Extension {
|
|||
private function order_posts() {
|
||||
global $database;
|
||||
|
||||
$poolID = int_escape($_POST['pool_id']);
|
||||
$poolID = (int)($_POST['pool_id']);
|
||||
|
||||
foreach($_POST['imgs'] as $data) {
|
||||
list($imageORDER, $imageID) = $data;
|
||||
|
|
@ -463,7 +463,7 @@ class Pools extends Extension {
|
|||
private function remove_posts() {
|
||||
global $database;
|
||||
|
||||
$poolID = int_escape($_POST['pool_id']);
|
||||
$poolID = (int)($_POST['pool_id']);
|
||||
$images = "";
|
||||
|
||||
foreach($_POST['check'] as $imageID) {
|
||||
|
|
@ -527,7 +527,7 @@ class Pools extends Extension {
|
|||
private function get_posts($event, /*int*/ $poolID) {
|
||||
global $config, $user, $database;
|
||||
|
||||
$pageNumber = int_escape($event->get_arg(2));
|
||||
$pageNumber = (int)($event->get_arg(2));
|
||||
if(is_null($pageNumber) || !is_numeric($pageNumber))
|
||||
$pageNumber = 0;
|
||||
else if ($pageNumber <= 0)
|
||||
|
|
@ -535,7 +535,7 @@ class Pools extends Extension {
|
|||
else
|
||||
$pageNumber--;
|
||||
|
||||
$poolID = int_escape($poolID);
|
||||
$poolID = (int)($poolID);
|
||||
$pool = $this->get_pool($poolID);
|
||||
|
||||
$imagesPerPage = $config->get_int("poolsImagesPerPage");
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ class RandomImageTheme extends Themelet {
|
|||
|
||||
public function build_random_html(Image $image, $query=null) {
|
||||
global $config;
|
||||
$i_id = int_escape($image->id);
|
||||
$i_id = (int)($image->id);
|
||||
$h_view_link = make_link("post/view/$i_id", $query);
|
||||
$h_thumb_link = $image->get_thumb_link();
|
||||
$h_tip = html_escape($image->get_tooltip());
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
class RatingsTheme extends Themelet {
|
||||
public function get_rater_html(/*int*/ $image_id, /*string*/ $rating) {
|
||||
$i_image_id = int_escape($image_id);
|
||||
$i_image_id = (int)($image_id);
|
||||
$s_checked = $rating == 's' ? " checked" : "";
|
||||
$q_checked = $rating == 'q' ? " checked" : "";
|
||||
$e_checked = $rating == 'e' ? " checked" : "";
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@ class RegenThumb extends Extension {
|
|||
global $config, $database, $page, $user;
|
||||
|
||||
if($event->page_matches("regen_thumb") && $user->is_admin() && isset($_POST['image_id'])) {
|
||||
$image = Image::by_id(int_escape($_POST['image_id']));
|
||||
$image = Image::by_id((int)($_POST['image_id']));
|
||||
send_event(new ThumbnailGenerationEvent($image->hash, $image->ext, true));
|
||||
$this->theme->display_results($page, $image);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -43,7 +43,7 @@ class ReportImage extends Extension {
|
|||
if($event->page_matches("image_report")) {
|
||||
if($event->get_arg(0) == "add") {
|
||||
if(isset($_POST['image_id']) && isset($_POST['reason'])) {
|
||||
$image_id = int_escape($_POST['image_id']);
|
||||
$image_id = (int)($_POST['image_id']);
|
||||
send_event(new AddReportedImageEvent($image_id, $user->id, $_POST['reason']));
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("post/view/$image_id"));
|
||||
|
|
@ -137,7 +137,7 @@ class ReportImage extends Extension {
|
|||
|
||||
$reports = array();
|
||||
foreach($all_reports as $report) {
|
||||
$image_id = int_escape($report['image_id']);
|
||||
$image_id = (int)($report['image_id']);
|
||||
$image = Image::by_id($image_id);
|
||||
if(is_null($image)) {
|
||||
send_event(new RemoveReportedImageEvent($report['id']));
|
||||
|
|
|
|||
|
|
@ -64,7 +64,7 @@ class ReportImageTheme extends Themelet {
|
|||
public function display_image_banner(Image $image, /*array*/ $reporters) {
|
||||
global $config, $page;
|
||||
|
||||
$i_image = int_escape($image->id);
|
||||
$i_image = (int)($image->id);
|
||||
$html = "";
|
||||
if(count($reporters) > 0) {
|
||||
$html .= "<b>Image reported by ".html_escape(implode(", ", $reporters))."</b><p>";
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ class ResizeImage extends Extension {
|
|||
|
||||
if ( $event->page_matches("resize") && $user->is_admin() ) {
|
||||
// Try to get the image ID
|
||||
$image_id = int_escape($event->get_arg(0));
|
||||
$image_id = (int)($event->get_arg(0));
|
||||
if (empty($image_id)) {
|
||||
$image_id = isset($_POST['image_id']) ? $_POST['image_id'] : null;
|
||||
}
|
||||
|
|
@ -126,10 +126,10 @@ class ResizeImage extends Extension {
|
|||
$width = $height = 0;
|
||||
|
||||
if (isset($_POST['resize_width'])) {
|
||||
$width = int_escape($_POST['resize_width']);
|
||||
$width = (int)($_POST['resize_width']);
|
||||
}
|
||||
if (isset($_POST['resize_height'])) {
|
||||
$height = int_escape($_POST['resize_height']);
|
||||
$height = (int)($_POST['resize_height']);
|
||||
}
|
||||
|
||||
/* Attempt to resize the image */
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ class ResizeImageTheme extends Themelet {
|
|||
public function get_resize_html(/*int*/ $image_id) {
|
||||
global $user, $config;
|
||||
|
||||
$i_image_id = int_escape($image_id);
|
||||
$i_image_id = (int)($image_id);
|
||||
|
||||
$html = "
|
||||
".make_form(make_link("resize"),'POST',false,'resize_image')."
|
||||
|
|
|
|||
|
|
@ -71,10 +71,10 @@ class ShimmieApi extends Extension {
|
|||
if($event->page_matches("api/shimmie/get_image")) {
|
||||
$arg = $event->get_arg(0);
|
||||
if(!empty($arg)){
|
||||
$image = Image::by_id(int_escape($event->get_arg(0)));
|
||||
$image = Image::by_id((int)($event->get_arg(0)));
|
||||
}
|
||||
elseif(isset($_GET['id'])){
|
||||
$image = Image::by_id(int_escape($_GET['id']));
|
||||
$image = Image::by_id((int)($_GET['id']));
|
||||
}
|
||||
// FIXME: handle null image
|
||||
$image->get_tag_array(); // tag data isn't loaded into the object until necessary
|
||||
|
|
|
|||
|
|
@ -173,7 +173,7 @@ class ShimmieWebTestCase extends SCoreWebTestCase {
|
|||
foreach($headers as $header) {
|
||||
$parts = explode(":", $header);
|
||||
if(trim($parts[0]) == "X-Shimmie-Image-ID") {
|
||||
$image_id = int_escape(trim($parts[1]));
|
||||
$image_id = (int)(trim($parts[1]));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -40,12 +40,12 @@ class Tag_History extends Extension {
|
|||
}
|
||||
}
|
||||
else if($event->page_matches("tag_history/all")) {
|
||||
$page_id = int_escape($event->get_arg(0));
|
||||
$page_id = (int)($event->get_arg(0));
|
||||
$this->theme->display_global_page($page, $this->get_global_tag_history($page_id), $page_id);
|
||||
}
|
||||
else if($event->page_matches("tag_history") && $event->count_args() == 1) {
|
||||
// must be an attempt to view a tag history
|
||||
$image_id = int_escape($event->get_arg(0));
|
||||
$image_id = (int)($event->get_arg(0));
|
||||
$this->theme->display_history_page($page, $image_id, $this->get_tag_history_from_id($image_id));
|
||||
}
|
||||
}
|
||||
|
|
@ -119,7 +119,7 @@ class Tag_History extends Extension {
|
|||
private function process_revert_request($revert_id) {
|
||||
global $page;
|
||||
|
||||
$revert_id = int_escape($revert_id);
|
||||
$revert_id = (int)($revert_id);
|
||||
|
||||
// check for the nothing case
|
||||
if($revert_id < 1) {
|
||||
|
|
|
|||
|
|
@ -125,7 +125,7 @@ class TagList extends Extension {
|
|||
*/
|
||||
private function get_tags_min() {
|
||||
if(isset($_GET['mincount'])) {
|
||||
return int_escape($_GET['mincount']);
|
||||
return (int)($_GET['mincount']);
|
||||
}
|
||||
else {
|
||||
global $config;
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ class taggerTheme extends Themelet {
|
|||
}
|
||||
private function html(Image $image) {
|
||||
global $config;
|
||||
$i_image_id = int_escape($image->id);
|
||||
$i_image_id = (int)($image->id);
|
||||
$h_source = html_escape($image->source);
|
||||
$h_query = isset($_GET['search'])? $h_query= "search=".url_escape($_GET['search']) : "";
|
||||
|
||||
|
|
|
|||
|
|
@ -51,14 +51,14 @@ class Tips extends Extension {
|
|||
break;
|
||||
case "status":
|
||||
// FIXME: HTTP GET CSRF
|
||||
$tipID = int_escape($event->get_arg(1));
|
||||
$tipID = (int)($event->get_arg(1));
|
||||
$this->setStatus($tipID);
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("tips/list"));
|
||||
break;
|
||||
case "delete":
|
||||
// FIXME: HTTP GET CSRF
|
||||
$tipID = int_escape($event->get_arg(1));
|
||||
$tipID = (int)($event->get_arg(1));
|
||||
$this->deleteTip($tipID);
|
||||
$page->set_mode("redirect");
|
||||
$page->set_redirect(make_link("tips/list"));
|
||||
|
|
|
|||
|
|
@ -121,7 +121,7 @@ class Upload extends Extension {
|
|||
throw new UploadException("Can not replace Image: disk nearly full");
|
||||
}
|
||||
// Try to get the image ID
|
||||
$image_id = int_escape($event->get_arg(0));
|
||||
$image_id = (int)($event->get_arg(0));
|
||||
if(empty($image_id)) {
|
||||
$image_id = isset($_POST['image_id']) ? $_POST['image_id'] : null;
|
||||
}
|
||||
|
|
@ -180,12 +180,12 @@ class Upload extends Extension {
|
|||
$source = isset($_POST['source']) ? $_POST['source'] : null;
|
||||
$ok = true;
|
||||
foreach($_FILES as $name => $file) {
|
||||
$tags = $this->tags_for_upload_slot(int_escape(substr($name, 4)));
|
||||
$tags = $this->tags_for_upload_slot((int)(substr($name, 4)));
|
||||
$ok = $ok & $this->try_upload($file, $tags, $source);
|
||||
}
|
||||
foreach($_POST as $name => $value) {
|
||||
if(substr($name, 0, 3) == "url" && strlen($value) > 0) {
|
||||
$tags = $this->tags_for_upload_slot(int_escape(substr($name, 3)));
|
||||
$tags = $this->tags_for_upload_slot((int)(substr($name, 3)));
|
||||
$ok = $ok & $this->try_transload($value, $tags, $source);
|
||||
}
|
||||
}
|
||||
|
|
@ -292,8 +292,8 @@ class Upload extends Extension {
|
|||
if($event->image_id == -1) {
|
||||
throw new UploadException("File type not recognised");
|
||||
}
|
||||
//header("X-Shimmie-Image-ID: ".int_escape($event->image_id));
|
||||
$page->add_http_header("X-Shimmie-Image-ID: ".int_escape($event->image_id));
|
||||
//header("X-Shimmie-Image-ID: ".(int)($event->image_id));
|
||||
$page->add_http_header("X-Shimmie-Image-ID: ".(int)($event->image_id));
|
||||
}
|
||||
catch(UploadException $ex) {
|
||||
$this->theme->display_upload_error($page, "Error with ".html_escape($file['name']),
|
||||
|
|
|
|||
|
|
@ -294,7 +294,7 @@ class UserPage extends Extension {
|
|||
$event->add_querylet(new Querylet("images.owner_id = $user_id"));
|
||||
}
|
||||
else if(preg_match("/^(poster|user)_id=([0-9]+)$/i", $event->term, $matches)) {
|
||||
$user_id = int_escape($matches[2]);
|
||||
$user_id = (int)($matches[2]);
|
||||
$event->add_querylet(new Querylet("images.owner_id = $user_id"));
|
||||
}
|
||||
else if($user->can("view_ip") && preg_match("/^(poster|user)_ip=([0-9\.]+)$/i", $event->term, $matches)) {
|
||||
|
|
|
|||
|
|
@ -187,7 +187,7 @@ class UserPageTheme extends Themelet {
|
|||
</form>
|
||||
";
|
||||
|
||||
$i_user_id = int_escape($duser->id);
|
||||
$i_user_id = (int)($duser->id);
|
||||
|
||||
if($user->can("edit_user_class")) {
|
||||
global $_user_classes;
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ class ViewImage extends Extension {
|
|||
$event->page_matches("post/next")
|
||||
) {
|
||||
|
||||
$image_id = int_escape($event->get_arg(0));
|
||||
$image_id = (int)($event->get_arg(0));
|
||||
|
||||
if(isset($_GET['search'])) {
|
||||
$search_terms = explode(' ', $_GET['search']);
|
||||
|
|
@ -109,7 +109,7 @@ class ViewImage extends Extension {
|
|||
}
|
||||
|
||||
if($event->page_matches("post/view")) {
|
||||
$image_id = int_escape($event->get_arg(0));
|
||||
$image_id = (int)($event->get_arg(0));
|
||||
|
||||
$image = Image::by_id($image_id);
|
||||
|
||||
|
|
@ -128,7 +128,7 @@ class ViewImage extends Extension {
|
|||
if($event->page_matches("post/set")) {
|
||||
if(!isset($_POST['image_id'])) return;
|
||||
|
||||
$image_id = int_escape($_POST['image_id']);
|
||||
$image_id = (int)($_POST['image_id']);
|
||||
|
||||
send_event(new ImageInfoSetEvent(Image::by_id($image_id)));
|
||||
|
||||
|
|
|
|||
|
|
@ -99,7 +99,7 @@ class Wiki extends Extension {
|
|||
}
|
||||
else if($event->page_matches("wiki_admin/save")) {
|
||||
$title = $_POST['title'];
|
||||
$rev = int_escape($_POST['revision']);
|
||||
$rev = (int)($_POST['revision']);
|
||||
$body = $_POST['body'];
|
||||
$lock = $user->is_admin() && isset($_POST['lock']) && ($_POST['lock'] == "on");
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ class WikiTheme extends Themelet {
|
|||
protected function create_edit_html(WikiPage $page) {
|
||||
$h_title = html_escape($page->title);
|
||||
$u_title = url_escape($page->title);
|
||||
$i_revision = int_escape($page->revision) + 1;
|
||||
$i_revision = (int)($page->revision) + 1;
|
||||
|
||||
global $user;
|
||||
if($user->is_admin()) {
|
||||
|
|
@ -73,7 +73,7 @@ class WikiTheme extends Themelet {
|
|||
"
|
||||
<td>".make_form(make_link("wiki_admin/edit"))."
|
||||
<input type='hidden' name='title' value='".html_escape($page->title)."'>
|
||||
<input type='hidden' name='revision' value='".int_escape($page->revision)."'>
|
||||
<input type='hidden' name='revision' value='".(int)($page->revision)."'>
|
||||
<input type='submit' value='Edit'>
|
||||
</form></td>
|
||||
" :
|
||||
|
|
@ -82,7 +82,7 @@ class WikiTheme extends Themelet {
|
|||
$edit .= "
|
||||
<td>".make_form(make_link("wiki_admin/delete_revision"))."
|
||||
<input type='hidden' name='title' value='".html_escape($page->title)."'>
|
||||
<input type='hidden' name='revision' value='".int_escape($page->revision)."'>
|
||||
<input type='hidden' name='revision' value='".(int)($page->revision)."'>
|
||||
<input type='submit' value='Delete This Version'>
|
||||
</form></td>
|
||||
<td>".make_form(make_link("wiki_admin/delete_all"))."
|
||||
|
|
|
|||
|
|
@ -93,12 +93,12 @@ class CustomCommentListTheme extends CommentListTheme {
|
|||
$tfe = new TextFormattingEvent($comment->comment);
|
||||
send_event($tfe);
|
||||
|
||||
$i_uid = int_escape($comment->owner_id);
|
||||
$i_uid = (int)($comment->owner_id);
|
||||
$h_name = html_escape($comment->owner_name);
|
||||
$h_poster_ip = html_escape($comment->poster_ip);
|
||||
$h_comment = ($trim ? substr($tfe->stripped, 0, 50)."..." : $tfe->formatted);
|
||||
$i_comment_id = int_escape($comment->comment_id);
|
||||
$i_image_id = int_escape($comment->image_id);
|
||||
$i_comment_id = (int)($comment->comment_id);
|
||||
$i_image_id = (int)($comment->image_id);
|
||||
$h_posted = autodate($comment->posted);
|
||||
|
||||
$stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50));
|
||||
|
|
|
|||
|
|
@ -59,12 +59,12 @@ class CustomCommentListTheme extends CommentListTheme {
|
|||
$tfe = new TextFormattingEvent($comment->comment);
|
||||
send_event($tfe);
|
||||
|
||||
$i_uid = int_escape($comment->owner_id);
|
||||
$i_uid = (int)($comment->owner_id);
|
||||
$h_name = html_escape($comment->owner_name);
|
||||
$h_poster_ip = html_escape($comment->poster_ip);
|
||||
$h_comment = ($trim ? substr($tfe->stripped, 0, 50)."..." : $tfe->formatted);
|
||||
$i_comment_id = int_escape($comment->comment_id);
|
||||
$i_image_id = int_escape($comment->image_id);
|
||||
$i_comment_id = (int)($comment->comment_id);
|
||||
$i_image_id = (int)($comment->image_id);
|
||||
|
||||
$stripped_nonl = str_replace("\n", "\\n", substr($tfe->stripped, 0, 50));
|
||||
$stripped_nonl = str_replace("\r", "\\r", $stripped_nonl);
|
||||
|
|
|
|||
Reference in a new issue