Commit 8d5d3aa5 authored by redflo's avatar redflo

Fixes of bugid's 735082,736745,736695(i hope)

Thanks to Mark Cooper (gollum),Mario Mene (pippone)
parent 91998997
......@@ -82,7 +82,7 @@ class CategLib extends TikiLib {
$result = $this->query($query);
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$object = $res["catObjectId"];
$query2 = "delete from tiki_categorized_objects where catObjectId=$object";
$query2 = "delete from tiki_categorized_objects where catObjectId=".addslashes($object);
$result2 = $this->query($query2);
}
......@@ -115,6 +115,7 @@ class CategLib extends TikiLib {
function is_categorized($type,$objId)
{
$objId=addslashes($objId);
$query = "select catObjectId from tiki_categorized_objects where type='$type' and objId='$objId'";
$result = $this->query($query);
if($result->numRows()) {
......@@ -129,7 +130,9 @@ class CategLib extends TikiLib {
{
$description = addslashes(strip_tags($description));
$name = addslashes(strip_tags($name));
$objId=addslashes($objId);
$now = date("U");
$href=addslashes($href);
$query = "insert into tiki_categorized_objects(type,objId,description,name,href,created,hits)
values('$type','$objId','$description','$name','$href',$now,0)";
$result = $this->query($query);
......@@ -226,6 +229,7 @@ class CategLib extends TikiLib {
function get_object_categories($type,$objId)
{
$objId=addslashes($objId);
$query = "select categId from tiki_category_objects tco, tiki_categorized_objects tto
where tco.catObjectId=tto.catObjectId and type='$type' and objId='$objId'";
$result = $this->query($query);
......@@ -265,11 +269,12 @@ class CategLib extends TikiLib {
function categorize_page($pageName, $categId)
{
// Check if we already have this object in the tiki_categorized_objects page
$catObjectId=$this->is_categorized('wiki page',$pageName);
$pageName_sl=addslashes($pageName);
$catObjectId=$this->is_categorized('wiki page',$pageName_sl);
if(!$catObjectId) {
// The page is not cateorized
$info = $this->get_page_info($pageName);
$href = 'tiki-index.php?page='.$pageName;
$href = 'tiki-index.php?page='.urlencode($pageName);
$catObjectId = $this->add_categorized_object('wiki page',$pageName,substr($info["data"],0,200),$pageName,$href);
}
$this->categorize($catObjectId,$categId);
......@@ -419,4 +424,4 @@ class CategLib extends TikiLib {
$categlib= new CategLib($dbTiki);
?>
\ No newline at end of file
?>
......@@ -34,18 +34,22 @@ class NotificationLib extends TikiLib {
function add_mail_event($event,$object,$email)
{
$object=addslashes($object);
$email=addslashes($email);
$query = "replace into tiki_mail_events(event,object,email) values('$event','$object','$email')";
$result = $this->query($query);
}
function remove_mail_event($event,$object,$email)
{
$object=addslashes($object);
$query = "delete from tiki_mail_events where event='$event' and object='$object' and email='$email'";
$result = $this->query($query);
}
function get_mail_events($event,$object)
{
$object=addslashes($object);
$query = "select email from tiki_mail_events where event='$event' and object='$object'";
$result = $this->query($query);
$ret = Array();
......@@ -58,4 +62,4 @@ class NotificationLib extends TikiLib {
}
$notificationlib= new NotificationLib($dbTiki);
?>
\ No newline at end of file
?>
......@@ -14,12 +14,13 @@ class StructLib extends TikiLib {
function s_remove_page($page,$delete)
{
// Now recursively remove
$query = "select page from tiki_structures where parent='$page'";
$page_sl=addslashes($page);
$query = "select page from tiki_structures where parent='$page_sl'";
$result = $this->query($query);
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$this->s_remove_page($res["page"],$delete);
}
$query = "delete from tiki_structures where page='$page'";
$query = "delete from tiki_structures where page='$page_sl'";
$result = $this->query($query);
if($delete) {
$this->remove_all_versions($page);
......@@ -29,28 +30,29 @@ class StructLib extends TikiLib {
function s_create_page($parent,$after,$name)
{
$name=addslashes($name);
$parent_sl=addslashes($parent);
$after_sl=addslashes($after);
$name_sl=addslashes($name);
if(!$this->page_exists($name)) {
$now=date("U");
$this->create_page($name, 0, '', $now, 'created from stucture', 'system', '0.0.0.0','');
}
if($after) {
$max = $this->getOne("select pos from tiki_structures where page='$after'");
$max = $this->getOne("select pos from tiki_structures where page='$after_sl'");
} else {
$max =0;
}
if($max>0) {
//If max is 5 then we are inserting after position 5 so we'll insert 5 and move all
// the others
$query = "update tiki_structures set pos=pos+1 where pos>$max and parent='$parent'";
$query = "update tiki_structures set pos=pos+1 where pos>$max and parent='$parent_sl'";
$result = $this->query($query);
}
$cant = $this->getOne("select count(*) from tiki_structures where page='$name'");
$cant = $this->getOne("select count(*) from tiki_structures where page='$name_sl'");
if($cant) return false;
$max++;
$query = "insert into tiki_structures(parent,page,pos) values('$parent','$name',$max)";
$query = "insert into tiki_structures(parent,page,pos) values('$parent_sl','$name_sl',$max)";
$result = $this->query($query);
// If the page doesn't exist then create the page!
......@@ -58,11 +60,12 @@ class StructLib extends TikiLib {
function get_subtree($structure,$page,&$html,$level='')
{
$page_sl=addslashes($page);
$ret = Array();
$first=true;
//$level++;
$sublevel=0;
$query = "select page from tiki_structures where parent='$page' order by pos asc";
$query = "select page from tiki_structures where parent='$page_sl' order by pos asc";
$result = $this->query($query);
$subs=Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
......@@ -71,9 +74,10 @@ class StructLib extends TikiLib {
$first=false;
}
$sublevel++;
$upage=urlencode($res["page"]);
if($level) {$plevel=$level.'.'.$sublevel;} else {$plevel=$sublevel;}
$html.="<li style='list-style:disc outside;'><a class='link' href='tiki-edit_structure.php?structure=$structure&amp;page=${res["page"]}'>$plevel&nbsp;".$res["page"]."</a>&nbsp;[<a class='link' href='tiki-edit_structure.php?structure=$structure&amp;remove=${res["page"]}'>x</a>]";
$html.="&nbsp;[<a class='link' href='tiki-index.php?page=${res["page"]}'>view</a>|<a class='link' href='tiki-editpage.php?page=${res["page"]}'>edit</a>]";
$html.="<li style='list-style:disc outside;'><a class='link' href='tiki-edit_structure.php?structure=$structure&amp;page=$upage'>$plevel&nbsp;".$res["page"]."</a>&nbsp;[<a class='link' href='tiki-edit_structure.php?structure=$structure&amp;remove=$upage'>x</a>]";
$html.="&nbsp;[<a class='link' href='tiki-index.php?page=$upage'>view</a>|<a class='link' href='tiki-editpage.php?page=$upage'>edit</a>]";
//$prev = $this->get_prev_page($res["page"]);
//$next = $this->get_next_page($res["page"]);
//$html.=" prev: $prev next: $next ";
......@@ -93,18 +97,20 @@ class StructLib extends TikiLib {
function get_structure($page)
{
$parent = $this->getOne("select parent from tiki_structures where page='$page'");
$page_sl=addslashes($page);
$parent = $this->getOne("select parent from tiki_structures where page='$page_sl'");
if(!$parent) return $page;
return $this->get_structure($parent);
}
function get_subtree_toc($structure,$page,&$html,$level='')
{
$page_sl=addslashes($page);
$ret = Array();
$first=true;
//$level++;
$sublevel=0;
$query = "select page from tiki_structures where parent='$page' order by pos asc";
$query = "select page from tiki_structures where parent='$page_sl' order by pos asc";
$result = $this->query($query);
$subs=Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
......@@ -114,7 +120,8 @@ class StructLib extends TikiLib {
}
$sublevel++;
if($level) {$plevel=$level.'.'.$sublevel;} else {$plevel=$sublevel;}
$html.="<li style='list-style:disc outside;'><a class='link' href='tiki-index.php?page=${res["page"]}'>$plevel&nbsp;".$res["page"]."</a>";
$upage=urlencode($res["page"]);
$html.="<li style='list-style:disc outside;'><a class='link' href='tiki-index.php?page=$upage'>$plevel&nbsp;".$res["page"]."</a>";
//$html.="&nbsp;[<a class='link' href='tiki-index.php?page=${res["page"]}'>view</a>|<a class='link' href='tiki-editpage.php?page=${res["page"]}'>edit</a>]";
$html.="</li>";
......@@ -132,11 +139,12 @@ class StructLib extends TikiLib {
function get_subtree_toc_slide($structure,$page,&$html,$level='')
{
$page_sl=addslashes($page);
$ret = Array();
$first=true;
//$level++;
$sublevel=0;
$query = "select page from tiki_structures where parent='$page' order by pos asc";
$query = "select page from tiki_structures where parent='$page_sl' order by pos asc";
$result = $this->query($query);
$subs=Array();
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
......@@ -146,7 +154,8 @@ class StructLib extends TikiLib {
}
$sublevel++;
if($level) {$plevel=$level.'.'.$sublevel;} else {$plevel=$sublevel;}
$html.="<li style='list-style:disc outside;'><a class='link' href='tiki-slideshow2.php?page=${res["page"]}'>$plevel&nbsp;".$res["page"]."</a>";
$upage=urlencode($res["page"]);
$html.="<li style='list-style:disc outside;'><a class='link' href='tiki-slideshow2.php?page=$upage'>$plevel&nbsp;".$res["page"]."</a>";
//$html.="&nbsp;[<a class='link' href='tiki-index.php?page=${res["page"]}'>view</a>|<a class='link' href='tiki-editpage.php?page=${res["page"]}'>edit</a>]";
$html.="</li>";
......@@ -164,12 +173,14 @@ class StructLib extends TikiLib {
function page_is_in_structure($page)
{
$page=addslashes($page);
$cant = $this->getOne("select count(*) from tiki_structures where page='$page'");
return $cant;
}
function get_next_page($page,$deep=1)
{
$page=addslashes($page);
// If we have children then get the first children
if($deep) {
$query = "select page from tiki_structures where parent='$page' order by pos asc";
......@@ -184,7 +195,7 @@ class StructLib extends TikiLib {
$parent = $this->getOne("select parent from tiki_structures where page='$page'");
$pos = $this->getOne("select pos from tiki_structures where page='$page'");
if(!$parent) return '';
$query = "select page from tiki_structures where parent='$parent' and pos>$pos order by pos asc";
$query = "select page from tiki_structures where parent='".addslashes($parent)."' and pos>$pos order by pos asc";
$result = $this->query($query);
if($result->numRows()) {
$res = $result->fetchRow(DB_FETCHMODE_ASSOC);
......@@ -198,10 +209,11 @@ class StructLib extends TikiLib {
function get_prev_page($page)
{
// Try to get the next page with the same parent as this
$page=addslashes($page);
$parent = $this->getOne("select parent from tiki_structures where page='$page'");
$pos = $this->getOne("select pos from tiki_structures where page='$page'");
if(!$parent) return '';
$query = "select page from tiki_structures where parent='$parent' and pos<$pos order by pos desc";
$query = "select page from tiki_structures where parent='".addslashes($parent)."' and pos<$pos order by pos desc";
$result = $this->query($query);
if($result->numRows()) {
$res = $result->fetchRow(DB_FETCHMODE_ASSOC);
......@@ -214,6 +226,7 @@ class StructLib extends TikiLib {
// Return an array of subpages
function get_pages($page)
{
$page=addslashes($page);
$ret = Array();
$query = "select page from tiki_structures where parent='$page' order by pos desc";
$result = $this->query($query);
......@@ -225,6 +238,7 @@ class StructLib extends TikiLib {
function get_max_children($page)
{
$page=addslashes($page);
$query = "select page from tiki_structures where parent='$page'";
$result = $this->query($query);
if(!$result->numRows()) {
......@@ -239,6 +253,7 @@ class StructLib extends TikiLib {
{
$ret = Array($page);
//print("page: $page<br/>");
$page=addslashes($page);
$query = "select page from tiki_structures where parent='$page'";
$result = $this->query($query);
while($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) {
......@@ -279,4 +294,4 @@ class StructLib extends TikiLib {
}
$structlib= new StructLib($dbTiki);
?>
\ No newline at end of file
?>
......@@ -1052,6 +1052,7 @@ class TikiLib {
/*shared*/ function uncategorize_object($type,$id)
{
$id=addslashes($id);
$query = "select catObjectId from tiki_categorized_objects where type='$type' and objId='$id'";
$catObjectId = $this->getOne($query);
if($catObjectId) {
......@@ -4279,11 +4280,14 @@ class TikiLib {
}
function clear_links($page) {
$page = addslashes($page);
$query = "delete from tiki_links where fromPage='$page'";
$result = $this->query($query);
}
function replace_link($pageFrom, $pageTo) {
$pageFrom=addslashes($pageFrom);
$pageTo=addslashes($pageTo);
$query = "replace into tiki_links(fromPage,toPage) values('$pageFrom','$pageTo')";
$result = $this->query($query);
}
......@@ -4322,11 +4326,13 @@ class TikiLib {
// The line below is not consistent with the rest of Tiki
// (I commented it out so it can be further examined by CVS change control)
//$pageName=addslashes($pageName);
// But this should work (comment added by redflo):
$pageName_sl=addslashes($pageName);
$comment=addslashes($comment);
$version += 1;
if(!$minor) {
$query = "insert into tiki_history(pageName, version, lastModif, user, ip, comment, data, description)
values('$pageName',$version,$lastModif,'$user','$ip','$comment','$data','$description')";
values('$pageName_sl',$version,$lastModif,'$user','$ip','$comment','$data','$description')";
if($pageName != 'SandBox') {
$result = $this->query($query);
}
......@@ -4374,7 +4380,7 @@ class TikiLib {
}
}
}
$query = "update tiki_pages set description='$description', data='$edit_data', comment='$edit_comment', lastModif=$t, version=$version, user='$edit_user', ip='$edit_ip' where pageName='$pageName'";
$query = "update tiki_pages set description='$description', data='$edit_data', comment='$edit_comment', lastModif=$t, version=$version, user='$edit_user', ip='$edit_ip' where pageName='$pageName_sl'";
$result = $this->query($query);
// Parse edit_data updating the list of links from this page
$this->clear_links($pageName);
......@@ -4385,7 +4391,7 @@ class TikiLib {
// Update the log
if($pageName != 'SandBox' && !$minor) {
$action = "Updated";
$query = "insert into tiki_actionlog(action,pageName,lastModif,user,ip,comment) values('$action','$pageName',$t,'$edit_user','$edit_ip','$edit_comment')";
$query = "insert into tiki_actionlog(action,pageName,lastModif,user,ip,comment) values('$action','$pageName_sl',$t,'$edit_user','$edit_ip','$edit_comment')";
$result = $this->query($query);
$maxversions = $this->get_preference("maxVersions",0);
if($maxversions) {
......@@ -4393,13 +4399,13 @@ class TikiLib {
$keep = $this->get_preference('keep_versions',0);
$now = date("U");
$oktodel = $now - ($keep * 24 * 3600);
$query = "select pageName,version from tiki_history where pageName='$pageName' and lastModif<=$oktodel order by lastModif desc limit $maxversions,-1";
$query = "select pageName,version from tiki_history where pageName='$pageName_sl' and lastModif<=$oktodel order by lastModif desc limit $maxversions,-1";
$result = $this->query($query);
$toelim = $result->numRows();
while($res= $result->fetchRow(DB_FETCHMODE_ASSOC)) {
$page = $res["pageName"];
$version = $res["version"];
$query = "delete from tiki_history where pageName='$pageName' and version='$version'";
$query = "delete from tiki_history where pageName='$pageName_sl' and version='$version'";
$this->query($query);
}
}
......
......@@ -49,25 +49,25 @@
<tr id='isreview' {if $type eq 'Article'}style="display:none;"{else}style="display:block;"{/if}><td class="formcolor">{tr}Rating{/tr}</td><td class="formcolor">
<select name='rating'>
<option value="10" {if $rating eq 10}selected="selected"{/if}>10</option>
<option value="9.5" {if $rating eq 9.5}selected="selected"{/if}>9.5</option>
<option value="9.5" {if $rating eq "9.5"}selected="selected"{/if}>9.5</option>
<option value="9" {if $rating eq 9}selected="selected"{/if}>9</option>
<option value="8.5" {if $rating eq 8.5}selected="selected"{/if}>8.5</option>
<option value="8.5" {if $rating eq "8.5"}selected="selected"{/if}>8.5</option>
<option value="8" {if $rating eq 8}selected="selected"{/if}>8</option>
<option value="7.5" {if $rating eq 7.5}selected="selected"{/if}>7.5</option>
<option value="7.5" {if $rating eq "7.5"}selected="selected"{/if}>7.5</option>
<option value="7" {if $rating eq 7}selected="selected"{/if}>7</option>
<option value="6.5" {if $rating eq 6.5}selected="selected"{/if}>6.5</option>
<option value="6.5" {if $rating eq "6.5"}selected="selected"{/if}>6.5</option>
<option value="6" {if $rating eq 6}selected="selected"{/if}>6</option>
<option value="5.5" {if $rating eq 5.5}selected="selected"{/if}>5.5</option>
<option value="5.5" {if $rating eq "5.5"}selected="selected"{/if}>5.5</option>
<option value="5" {if $rating eq 5}selected="selected"{/if}>5</option>
<option value="4.5" {if $rating eq 4.5}selected="selected"{/if}>4.5</option>
<option value="4.5" {if $rating eq "4.5"}selected="selected"{/if}>4.5</option>
<option value="4" {if $rating eq 4}selected="selected"{/if}>4</option>
<option value="3.5" {if $rating eq 3.5}selected="selected"{/if}>3.5</option>
<option value="3.5" {if $rating eq "3.5"}selected="selected"{/if}>3.5</option>
<option value="3" {if $rating eq 3}selected="selected"{/if}>3</option>
<option value="2.5" {if $rating eq 2.5}selected="selected"{/if}>2.5</option>
<option value="2.5" {if $rating eq "2.5"}selected="selected"{/if}>2.5</option>
<option value="2" {if $rating eq 2}selected="selected"{/if}>2</option>
<option value="1.5" {if $rating eq 1.5}selected="selected"{/if}>1.5</option>
<option value="1.5" {if $rating eq "1.5"}selected="selected"{/if}>1.5</option>
<option value="1" {if $rating eq 1}selected="selected"{/if}>1</option>
<option value="0.5" {if $rating eq 0.5}selected="selected"{/if}>0.5</option>
<option value="0.5" {if $rating eq "0.5"}selected="selected"{/if}>0.5</option>
</select>
</td></tr>
......
......@@ -1098,7 +1098,7 @@ if($feature_live_support == 'y') {
}
}
if($feature_referer_stats != 'y') {
if($feature_referer_stats == 'y') {
// Referer tracking
if(isset($HTTP_SERVER_VARS["HTTP_REFERER"])) {
$pref = parse_url($HTTP_SERVER_VARS["HTTP_REFERER"]);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment