"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "lib/lib_addupdate.php3" between
mythreads-links_1.2.0.tar.gz and mythreads-links_1.2.1.tar.gz

About: MyThreads-Links is a web based links manager (using PHP and MySQL).

[ To the main MyThreads-Links source changes report ]

lib_addupdate.php3  (mythreads-links_1.2.0):lib_addupdate.php3  (mythreads-links_1.2.1)
<?php <?php
#-----------------------------------------------------------------> #----------------------------------------------------------------->
# $Id: lib_addupdate.php3,v 1.55 2015/05/30 11:48:11 ldrolez Exp $ # $Id: lib_addupdate.php3,v 1.52 2010/05/04 18:29:59 ldrolez Exp $
# #
# Website: http://mythreads.sourceforge.net # Website: http://mythreads.sourceforge.net
# #
# Desc: lib_addupdate.php3. functions for adding and updating links... # Desc: lib_addupdate.php3. functions for adding and updating links...
# #
# License: This code is released under the terms of the GNU GPL # License: This code is released under the terms of the GNU GPL
# version 2 or later. Please refer to www.gnu.org for a copy # version 2 or later. Please refer to www.gnu.org for a copy
# of this license. # of this license.
# #
#-----------------------------------------------------------------> #----------------------------------------------------------------->
skipping to change at line 34 skipping to change at line 34
return $content; return $content;
} }
################################################### ###################################################
# Form to edit information of an existing link # Form to edit information of an existing link
################################################### ###################################################
function viewULink($_unused) function viewULink($_unused)
{ {
global $start_script, $start_script_t, $tpl; global $start_script, $start_script_t, $tpl;
global $config, $custom, $_GET; global $config, $custom, $_GET, $mylink;
# 'link' can be an URL or a number # 'link' can be an URL or a number
$n = sqlesc($_GET['link']); $n = sqlesc($_GET['link']);
if (ereg("^[0-9]+$", $n, $trash)) { if (preg_match("/^[0-9]+$/", $n, $trash)) {
$result = mysql_query( "SELECT * FROM ".$config["pre"]."links where i $result = $mylink->query( "SELECT * FROM ".$config["pre"]."links wher
dx='$n' and status=0"); e idx='$n' and status=0");
$exists = mysql_query( "SELECT * FROM ".$config["pre"]."links where i $exists = $mylink->query( "SELECT * FROM ".$config["pre"]."links wher
dx='$n' and status<>0"); e idx='$n' and status<>0");
} else { } else {
$result = mysql_query( "SELECT * FROM ".$config["pre"]."links where l $result = $mylink->query( "SELECT * FROM ".$config["pre"]."links wher
ink='$n' and status=0"); e link='$n' and status=0");
$exists = mysql_query( "SELECT * FROM ".$config["pre"]."links where l $exists = $mylink->query( "SELECT * FROM ".$config["pre"]."links wher
ink='$n' and status<>0"); e link='$n' and status<>0");
} }
# one more test should be done: old waiting link # one more test should be done: old waiting link
$dothey = mysql_numrows($exists); $dothey = mysqli_num_rows($exists);
if (mysql_numrows($result) and ! $dothey) if (mysqli_num_rows($result) and ! $dothey)
{ {
$info = mysql_fetch_array($result); $info = mysqli_fetch_array($result);
$category = mysql_query("SELECT * FROM ".$config["pre"]."category ord $category = mysqli_query($mylink, "SELECT * FROM ".$config["pre"]."ca
er by pathto"); tegory order by pathto");
$options = ""; $options = "";
while ($info_c = mysql_fetch_array($category) ) while ($info_c = mysqli_fetch_array($category) )
{ {
$patharray = explode(":",$info_c["pathto"]); $patharray = explode(":",$info_c["pathto"]);
if ($info["cat"] == $info_c["cat"]) if ($info["cat"] == $info_c["cat"])
{ {
$options .= "<option value=\"$info_c[cat]\" selected>"; $options .= "<option value=\"$info_c[cat]\" selected>";
} }
else else
{ {
$options .= "<option value=\"$info_c[cat]\">"; $options .= "<option value=\"$info_c[cat]\">";
} }
while (list($key, $val)=each($patharray)) while (list($key, $val)=each($patharray))
{ {
if ($val != "") { if ($val != "") {
$result_sub = mysql_query("SELECT * FROM ".$confi $result_sub = mysqli_query($mylink, "SELECT * FRO
g["pre"]."category WHERE cat='$val' ORDER BY cat ASC"); M ".$config["pre"]."category WHERE cat='$val' ORDER BY cat ASC");
$sub_title_new = mysql_fetch_array($result_sub); $sub_title_new = mysqli_fetch_array($result_sub);
$options .= "/$sub_title_new[title]"; $options .= "/$sub_title_new[title]";
} }
} }
$options .= "</option>\n"; $options .= "</option>\n";
} }
$tpl->set_file("updatelink", "form_update_link.tpl"); $tpl->set_file("updatelink", "form_update_link.tpl");
$tpl->set_var( array( $tpl->set_var( array(
"ACTION" => $start_script_t."mode=update_link", "ACTION" => $start_script_t."mode=update_link",
"SUBMIT_NAME" => "update_link", "SUBMIT_NAME" => "update_link",
skipping to change at line 118 skipping to change at line 118
$tpl->set_var ("SECURITY", "$ref"); $tpl->set_var ("SECURITY", "$ref");
} else { } else {
# delete security bloc # delete security bloc
$tpl->set_block ("updatelink", "security_row", "deleteme"); $tpl->set_block ("updatelink", "security_row", "deleteme");
} }
$content = $tpl->subst("updatelink"); $content = $tpl->subst("updatelink");
} else { } else {
if ($dothey) { if ($dothey) {
$info = mysql_fetch_array($exists); $info = mysqli_fetch_array($exists);
$content = Message ("already_waiting", $content = Message ("already_waiting",
array ("LINK" => $info["link"])); array ("LINK" => $info["link"]));
} else { } else {
$content = Message ("no_link_for", $content = Message ("no_link_for",
array ("TEXT" => htmlentities($_GET[ link]))); array ("TEXT" => htmlentities($_GET[ link])));
} }
} }
return $content; return $content;
} }
################################################### ###################################################
# Add a link in the waiting queue # Add a link in the waiting queue
################################################### ###################################################
function viewaddWaitLink() function viewaddWaitLink()
{ {
global $start_script, $start_script_t, $_GET, $tpl; global $start_script, $start_script_t, $_GET, $tpl;
global $config; global $config, $mylink;
if (isset ($_GET["category"]) && $_GET["category"] < 0) if (isset ($_GET["category"]) && $_GET["category"] < 0)
{ {
$_GET["category"] = 0; $_GET["category"] = 0;
} }
if (! isset ($_GET["category"])) if (! isset ($_GET["category"]))
{ {
$category = mysql_query("SELECT * FROM ".$config["pre"]."category order by pathto"); $category = mysqli_query($mylink, "SELECT * FROM ".$config["pre"] ."category order by pathto");
} else { } else {
$category = mysql_query("SELECT * FROM ".$config["pre"]."category WHERE cat=\"".intval($_GET[category])."\" or under=\"".intval($_GET[category]). "\" order by pathto"); $category = mysqli_query($mylink, "SELECT * FROM ".$config["pre"] ."category WHERE cat=\"".intval($_GET[category])."\" or under=\"".intval($_GET[c ategory])."\" order by pathto");
} }
$options = ""; $options = "";
while ($info_c = mysql_fetch_array($category) ) while ($info_c = mysqli_fetch_array($category) )
{ {
$patharray = explode(":",$info_c["pathto"]); $patharray = explode(":",$info_c["pathto"]);
$options .= "<option value=\"$info_c[cat]\">"; $options .= "<option value=\"$info_c[cat]\">";
while (list($key, $val)=each($patharray)) while (list($key, $val)=each($patharray))
{ {
if ($val != ""){ if ($val != ""){
$result_sub = mysql_query("SELECT * FROM ".$confi $result_sub = mysqli_query($mylink, "SELECT * FRO
g["pre"]."category WHERE cat='$val' ORDER BY cat ASC"); M ".$config["pre"]."category WHERE cat='$val' ORDER BY cat ASC");
$sub_title_new = mysql_fetch_array($result_sub); $sub_title_new = mysqli_fetch_array($result_sub);
$options .= "/$sub_title_new[title]"; $options .= "/$sub_title_new[title]";
} }
} }
$options .= "</option>\n"; $options .= "</option>\n";
} }
$tpl->set_file("newlink", "form_update_link.tpl"); $tpl->set_file("newlink", "form_update_link.tpl");
$tpl->set_block("newlink", "delete_row", "deleteme"); $tpl->set_block("newlink", "delete_row", "deleteme");
skipping to change at line 199 skipping to change at line 199
return $content; return $content;
} }
################################################### ###################################################
# Add a category in the waiting queue # Add a category in the waiting queue
################################################### ###################################################
function viewaddWaitcategory() function viewaddWaitcategory()
{ {
global $start_script, $start_script_t, $_GET, $tpl; global $start_script, $start_script_t, $_GET, $tpl;
global $config; global $config, $mylink;
if (isset ($_GET["category"]) && $_GET["category"] < 0) if (isset ($_GET["category"]) && $_GET["category"] < 0)
{ {
$_GET["category"] = 0; $_GET["category"] = 0;
} }
$tpl->set_file("newcat", "form_new_cat.tpl"); $tpl->set_file("newcat", "form_new_cat.tpl");
$tpl->set_var("ACTION" , $start_script_t."mode=add_category"); $tpl->set_var("ACTION" , $start_script_t."mode=add_category");
if (isset ($_GET["category"])){ if (isset ($_GET["category"])){
$getcat = intval($_GET["category"]); $getcat = intval($_GET["category"]);
$category = mysql_query("SELECT * FROM ".$config["pre"]."category WHERE cat='$getcat' or under='$getcat' order by pathto"); $category = mysqli_query($mylink, "SELECT * FROM ".$config["pre"] ."category WHERE cat='$getcat' or under='$getcat' order by pathto");
$options = ""; $options = "";
while ($info_c = mysql_fetch_array($category) ) while ($info_c = mysqli_fetch_array($category) )
{ {
$patharray = explode(":",$info_c["pathto"]); $patharray = explode(":",$info_c["pathto"]);
$options .= "<option value=\"$info_c[cat]\">"; $options .= "<option value=\"$info_c[cat]\">";
while (list($key, $val)=each($patharray)) while (list($key, $val)=each($patharray))
{ {
if ($val != "") { if ($val != "") {
$result_sub = mysql_query("SELECT * FROM $result_sub = mysqli_query($mylink, "SELE
".$config["pre"]."category WHERE cat='$val' ORDER BY cat ASC"); CT * FROM ".$config["pre"]."category WHERE cat='$val' ORDER BY cat ASC");
$sub_title_new = mysql_fetch_array($resul $sub_title_new = mysqli_fetch_array($resu
t_sub); lt_sub);
$options .= "/$sub_title_new[title]"; $options .= "/$sub_title_new[title]";
} }
} }
$options .= "</option>\n"; $options .= "</option>\n";
} }
$tpl->set_var( "OPTIONS" , "$options" ); $tpl->set_var( "OPTIONS" , "$options" );
} else { } else {
# remove a row from the template # remove a row from the template
$tpl->set_block("newcat", "cat_select", "deleteme"); $tpl->set_block("newcat", "cat_select", "deleteme");
$tpl->set_var("deleteme" , ""); $tpl->set_var("deleteme" , "");
skipping to change at line 246 skipping to change at line 246
return $content; return $content;
} }
################################################### ###################################################
# #
################################################### ###################################################
function doaddWaitcategory($_unused) function doaddWaitcategory($_unused)
{ {
global $linkbackurl; global $linkbackurl;
global $config, $_POST; global $config, $_POST, $mylink;
if ($_POST["title"] == ''){ if ($_POST["title"] == ''){
$error = Message ("forgot_title"); $error = Message ("forgot_title");
} }
# reject the submit if some fields contain unwanted data # reject the submit if some fields contain unwanted data
if ($config['spam_filter'] > 0 && getuser() != "admin") { if ($config['spam_filter'] > 0 && getuser() != "admin") {
if (preg_match("/http:\/\//i", $_POST["title"].$_POST["message"]) ) { if (preg_match("/http:\/\//i", $_POST["title"].$_POST["message"]) ) {
# do not display a nice error message ;-) # do not display a nice error message ;-)
$error .= Message("error_security_code"); $error .= Message("error_security_code");
skipping to change at line 273 skipping to change at line 273
{ {
$_POST[$key] = htmlspecialchars($_POST[$key]); $_POST[$key] = htmlspecialchars($_POST[$key]);
} }
$id=time();srand($id);$id += rand(); $id=time();srand($id);$id += rand();
$ip_addy=getenv("REMOTE_ADDR"); $ip_addy=getenv("REMOTE_ADDR");
if ($config["adminemail"] != "") { if ($config["adminemail"] != "") {
mymail($config["adminemail"], Message("link_submitted")." :".htmlentities($_POST[title]), Message("link_submitted_message"), $config["from email"]); mymail($config["adminemail"], Message("link_submitted")." :".htmlentities($_POST[title]), Message("link_submitted_message"), $config["from email"]);
$su = mysql_query("insert into ".$config["pre"]."waitcat (id,titl e,message,cat,ip) values('$id', $su = mysqli_query($mylink, "insert into ".$config["pre"]."waitca t (id,title,message,cat,ip) values('$id',
'$_POST[title]' , '$_POST[title]' ,
'$_POST[message]' , '$_POST[message]' ,
'$_POST[category]' , '$_POST[category]' ,
'$ip_addy' '$ip_addy'
)") or die (mysql_error()); )") or die (mysqli_error($mylink));
$content .= Message ("thanks_submit", $content .= Message ("thanks_submit",
array ("LINK" => "$linkbackurl")); array ("LINK" => "$linkbackurl"));
} }
} else { } else {
$content = Message ("error_submit", $content = Message ("error_submit",
array ("ERROR" => "$error")); array ("ERROR" => "$error"));
} }
 End of changes. 22 change blocks. 
38 lines changed or deleted 38 lines changed or added
To the PHP Programs section of the MyThreads-Links source changes report or the top of this page
Mainly generated by pkgdiff using rfcdiff
Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)