From: <mo...@us...> - 2003-10-16 23:08:02
|
Update of /cvsroot/tikiwiki/tiki In directory sc8-pr-cvs1:/tmp/cvs-serv1969 Modified Files: tiki-edit_languages.php Log Message: db abstraction Index: tiki-edit_languages.php =================================================================== RCS file: /cvsroot/tikiwiki/tiki/tiki-edit_languages.php,v retrieving revision 1.7 retrieving revision 1.8 diff -u -d -r1.7 -r1.8 --- tiki-edit_languages.php 14 Oct 2003 14:43:40 -0000 1.7 +++ tiki-edit_languages.php 16 Oct 2003 23:07:29 -0000 1.8 @@ -11,14 +11,12 @@ if ($lang_use_db != 'y') { $smarty->assign('msg', tra("This feature is disabled").": lang_use_db"); - $smarty->display("styles/$style_base/error.tpl"); die; } if ($tiki_p_edit_languages != 'y') { $smarty->assign('msg', tra("Permission denied to use this feature")); - $smarty->display("styles/$style_base/error.tpl"); die; } @@ -29,27 +27,21 @@ if (strlen($_REQUEST["cr_lang_short"]) != 2) { $crerror = true; - $smarty->assign('crmsg', tra("Shortname must be 2 Characters")); } elseif (strlen($_REQUEST["cr_lang_long"]) == 0) { $crerror = true; - $smarty->assign('crmsg', tra("You must provide a longname")); } else { // Now we can create it - $_REQUEST["cr_lang_long"] = addslashes(strip_tags($_REQUEST["cr_lang_long"])); - - $query = "insert into tiki_languages values ('" . $_REQUEST["cr_lang_short"] . "','" . $_REQUEST["cr_lang_long"] . "')"; - $result = $tikilib->query($query); + $query = "insert into `tiki_languages`(`lang`,`language`) values (?,?)"; + $result = $tikilib->query($query,array($_REQUEST["cr_lang_short"],$_REQUEST["cr_lang_long"])); } if ($crerror) { // todo: error handling $smarty->assign('cr_lang_short', $_REQUEST["cr_lang_short"]); - $smarty->assign('cr_lang_long', $_REQUEST["cr_lang_long"]); } else { $smarty->assign('crmsg', tra("Language created"). ": " . $_REQUEST["cr_lang_short"] . " " . $_REQUEST["cr_lang_long"]); - $smarty->assign('edit_language', $_REQUEST["cr_lang_short"]); } } @@ -57,8 +49,8 @@ //Editing things // Get available languages from DB -$query = "select lang from tiki_languages"; -$result = $tikilib->query($query); +$query = "select `lang` from `tiki_languages`"; +$result = $tikilib->query($query,array()); $languages = array(); while ($res = $result->fetchRow()) { @@ -85,12 +77,10 @@ // Adding strings if (isset($_REQUEST["add_tran"])) { $add_tran_source = $_REQUEST["add_tran_source"]; - $add_tran_tran = $_REQUEST["add_tran_tran"]; if (strlen($add_tran_source) != 0 && strlen($add_tran_tran) != 0) { $add_tran_source = htmlentities(strip_tags($add_tran_source), ENT_NOQUOTES); - $add_tran_tran = htmlentities(strip_tags($add_tran_tran), ENT_NOQUOTES); $query = "insert into `tiki_language` values (?,?,?)"; $result = $tikilib->query($query,array($add_tran_source,$edit_language,$add_tran_tran)); @@ -117,50 +107,40 @@ // Handle edits in translate recorded if (isset($_REQUEST["edit_rec_$i"])) { if (strlen($_REQUEST["edit_rec_tran_$i"]) > 0 && strlen($_REQUEST["edit_rec_source_$i"]) > 0) { - $_REQUEST["edit_rec_source_$i"] - = addslashes(htmlentities(strip_tags($_REQUEST["edit_rec_source_$i"]), ENT_NOQUOTES)); - - $_REQUEST["edit_rec_tran_$i"] - = addslashes(htmlentities(strip_tags($_REQUEST["edit_rec_tran_$i"]), ENT_NOQUOTES)); - $query = "insert into tiki_language values('" . $_REQUEST["edit_rec_source_$i"] . "','" . $edit_language . "','" . $_REQUEST["edit_rec_tran_$i"] . "')"; - $result = $tikilib->query($query); - $query = "delete from tiki_untranslated where source='" . $_REQUEST["edit_rec_source_$i"] . "' and lang='" . $edit_language . "'"; - $result = $tikilib->query($query); + $_REQUEST["edit_rec_source_$i"] = htmlentities(strip_tags($_REQUEST["edit_rec_source_$i"]), ENT_NOQUOTES); + $_REQUEST["edit_rec_tran_$i"] = htmlentities(strip_tags($_REQUEST["edit_rec_tran_$i"]), ENT_NOQUOTES); + $query = "insert into `tiki_language` values(?,?,?)"; + $result = $tikilib->query($query,array($_REQUEST["edit_rec_source_$i"],$edit_language,$_REQUEST["edit_rec_tran_$i"])); + $query = "delete from `tiki_untranslated` where `source`=? and lang=?"; + $result = $tikilib->query($query,array($_REQUEST["edit_rec_source_$i"],$edit_language)); // No error checking necessary } } elseif (isset($_REQUEST["edt_tran_$i"])) { // Handle edits in edit translations if (strlen($_REQUEST["edit_edt_tran_$i"]) > 0 && strlen($_REQUEST["edit_edt_source_$i"]) > 0) { - $_REQUEST["edit_edt_tran_$i"] - = addslashes(htmlentities(strip_tags($_REQUEST["edit_edt_tran_$i"]), ENT_NOQUOTES)); - - $_REQUEST["edit_edt_source_$i"] - = addslashes(htmlentities(strip_tags($_REQUEST["edit_edt_source_$i"]), ENT_NOQUOTES)); - $query = "update tiki_language set tran='" . $_REQUEST["edit_edt_tran_$i"] . "' where source='" . $_REQUEST["edit_edt_source_$i"] . "' and lang='" . $edit_language . "'"; - $result = $tikilib->query($query); + $_REQUEST["edit_edt_tran_$i"] = htmlentities(strip_tags($_REQUEST["edit_edt_tran_$i"]), ENT_NOQUOTES); + $_REQUEST["edit_edt_source_$i"] = htmlentities(strip_tags($_REQUEST["edit_edt_source_$i"]), ENT_NOQUOTES); + $query = "update `tiki_language` set `tran`=? where `source`=? and `lang`=?"; + $result = $tikilib->query($query,$_REQUEST["edit_edt_tran_$i"],$_REQUEST["edit_edt_source_$i"],$edit_language); //if ($result->numRows()== 0 ) if (!isset($result)) { - $query = "insert into tiki_language values('" . $_REQUEST["edit_edt_source_$i"] . "','" . $edit_language . "','" . $_REQUEST["edit_edt_tran_$i"] . "')"; - - $result = $tikilib->query($query); + $query = "insert into `tiki_language` values(?,?,?)"; + $result = $tikilib->query($query, array($_REQUEST["edit_edt_source_$i"],$edit_language,$_REQUEST["edit_edt_tran_$i"]); } } } elseif (isset($_REQUEST["del_tran_$i"])) { // Handle deletes here if (strlen($_REQUEST["edit_edt_source_$i"]) > 0) { - $_REQUEST["edit_edt_source_$i"] - = addslashes(htmlentities(strip_tags($_REQUEST["edit_etd_source_$i"]), ENT_NOQUOTES)); - - $query = "delete from tiki_language where source='" . $_REQUEST["edit_edt_source_$i"] . "' and lang='" . $edit_language . "'"; - $result = $tikilib->query($query); + $_REQUEST["edit_edt_source_$i"] = htmlentities(strip_tags($_REQUEST["edit_etd_source_$i"]), ENT_NOQUOTES); + $query = "delete from `tiki_language` where `source`=? and `lang`=?"; + $result = $tikilib->query($query,array($_REQUEST["edit_edt_source_$i"],$edit_language)); } } } // end of for ... // for resetting untranslated if (isset($_REQUEST["tran_reset"])) { - $query = "delete from tiki_untranslated"; - + $query = "delete from `tiki_untranslated`"; $result = $tikilib->query($query); } } @@ -190,35 +170,38 @@ $squery = ""; $squeryedit = ""; $squeryrec = ""; + $bindvars = array($edit_language); if (isset($_REQUEST["tran_search"])) { $tran_search = htmlentities(strip_tags($_REQUEST["tran_search"]), ENT_NOQUOTES); if (strlen($tran_search) > 0) { $smarty->assign('tran_search', $tran_search); - - $squeryedit = " and (source like '%" . $tran_search . "%' or tran like '%" . $tran_search . "%')"; - $squeryrec = " and source like '%" . $tran_search . "%'"; + $transe = "%".$tran_search."%"; + $squeryedit = " and (`source` like ? or `tran` like ?)"; + $squeryrec = " and `source` like ?"; + $bindvars[] = $transe; + $bindvars[] = $transe; + $bindvars2[] = $transe; } } //get array from db - if (!isset($tr_recnum)) - $tr_recnum = 0; + if (!isset($tr_recnum)) $tr_recnum = 0; $aquery = sprintf(" order by source limit %d,%d", $tr_recnum, $maxRecords); + $sort_mode = "source_asc" if ($whataction == "edit_tran_sw") { - $query = "select source,tran from tiki_language where lang='" . $edit_language . "'" . $squeryedit . $aquery; - - $nquery = "select count(*) from tiki_language where lang='" . $edit_language . "'" . $squeryedit; + $query = "select `source`, `tran` from `tiki_language` where `lang`=? $squeryedit order by ".$this->convert_sortmode($sort_mode); + $nquery = "select count(*) from `tiki_language` where `lang`=? $squeryedit"; + $result = $tikilib->query($nquery,$bindvars,$maxRecords,$tr_recnum); } elseif ($whataction == "edit_rec_sw") { - $query = "select source from tiki_untranslated where lang='" . $edit_language . "'" . $squeryrec . $aquery; - - $nquery = "select count(*) from tiki_untranslated where lang='" . $edit_language . "'" . $squeryrec; + $query = "select `source` from `tiki_untranslated` where `lang`=? $squeryedit order by ".$this->convert_sortmode($sort_mode); + $nquery = "select count(*) from `tiki_untranslated` where `lang`=? $squeryrec"; + $result = $tikilib->query($nquery,$bindvars2,$maxRecords,$tr_recnum); } - $result = $tikilib->query($nquery); $res = $result->fetchRow(); $untr_numrows = $res["0"]; $smarty->assign('untr_numrows', $untr_numrows); @@ -231,7 +214,7 @@ $i = 0; - while ($res = $result->fetchRow(DB_FETCHMODE_ASSOC)) { + while ($res = $result->fetchRow()) { $untranslated[] = $res["source"]; $i++; |