Menu
▾
▴
[Webnotes-cvs] webnotes/core api.php,1.10,1.11 config_inc.php,1.3,1.4 html_api.php,1.1,1.2 note_api.php,1.1,1.2 page_api.php,1.1,1.2 string_api.php,1.1,1.2
|
From: <vb...@us...> - 2002-09-04 13:37:00
|
Update of /cvsroot/webnotes/webnotes/core
In directory usw-pr-cvs1:/tmp/cvs-serv6169/core
Modified Files:
api.php config_inc.php html_api.php note_api.php page_api.php
string_api.php
Log Message:
- Fixed a typo in a variable name in all localisation files.
- Clean up of variables before saving to the database.
- The directory separators were not handled correctly when passed on the url.
- Changed some "&" to "& a m p ;"
- Renamed a configuration variable ($p_notes_order) to ($g_notes_order).
- Changed the contents of the note to be preformatted when displayed.
- Added a directory with two sample files, to be used for demonstration / testing.
Index: api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/api.php,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -d -r1.10 -r1.11
--- api.php 4 Sep 2002 07:11:24 -0000 1.10
+++ api.php 4 Sep 2002 13:36:57 -0000 1.11
@@ -66,33 +66,37 @@
$s_user_notes, $s_add_note_link,
$s_manage, $s_admin;
- db_connect( $g_hostname, $g_db_username, $g_db_password, $g_database_name );
+ PRINT "<br />";
+ PRINT "<div align=\"center\">";
$t_page_id = get_page_id( $p_file );
+ if ( $t_page_id === '' ) {
+ PRINT "$s_not_indexed_part1 <a href=\"mailto:$g_administrator_email\">$s_administrator</a> $s_not_indexed_part2";
+ } else {
+ $c_url = urlencode( $p_url );
- PRINT "<br />";
- PRINT "<div align=\"center\">";
- PRINT "<table bgcolor=\"$g_table_border_color\" width=\"640\" cellspacing=\"1\" border=\"0\" cellpadding=\"3\">";
- PRINT "<tr bgcolor=\"$g_header_color\">";
- PRINT "<td align=\"center\">";
- PRINT "<strong>$s_user_notes</strong>";
- PRINT "</td>";
- PRINT "</tr>";
- PRINT "<tr bgcolor=\"$g_white_color\" height=\"2\">";
- PRINT "<td>";
- PRINT "</td>";
- PRINT "</tr>";
- print_notes( $p_file );
- PRINT "<tr bgcolor=\"$g_primary_dark_color\">";
- PRINT "<td align=\"right\">";
- PRINT "<a href=\"$g_note_add_page?f_page_id=$t_page_id&f_url=$p_url\">$s_add_note_link</a>";
- if (is_moderator()) {
- PRINT " | <a href=\"$g_admin_manage_notes?f_page_id=$t_page_id&f_url=$p_url\">$s_manage</a>";
- PRINT " | <a href=\"$g_admin_page\">$s_admin</a>";
- }
- PRINT "</td>";
- PRINT "</tr>";
- PRINT "</table>";
+ PRINT "<table bgcolor=\"$g_table_border_color\" width=\"640\" cellspacing=\"1\" border=\"0\" cellpadding=\"3\">";
+ PRINT "<tr bgcolor=\"$g_header_color\">";
+ PRINT "<td align=\"center\">";
+ PRINT "<strong>$s_user_notes</strong>";
+ PRINT "</td>";
+ PRINT "</tr>";
+ PRINT "<tr bgcolor=\"$g_white_color\" height=\"2\">";
+ PRINT "<td>";
+ PRINT "</td>";
+ PRINT "</tr>";
+ print_notes( $p_file );
+ PRINT "<tr bgcolor=\"$g_primary_dark_color\">";
+ PRINT "<td align=\"right\">";
+ PRINT "<a href=\"$g_note_add_page?f_page_id=$t_page_id&f_url=$c_url\">$s_add_note_link</a>";
+ if ( is_moderator() ) {
+ PRINT " | <a href=\"$g_admin_manage_notes?f_page_id=$t_page_id&f_url=$c_url\">$s_manage</a>";
+ PRINT " | <a href=\"$g_admin_page\">$s_admin</a>";
+ }
+ PRINT "</td>";
+ PRINT "</tr>";
+ PRINT "</table>";
+ }
PRINT "</div>";
}
### --------------------
Index: config_inc.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/config_inc.php,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- config_inc.php 3 Sep 2002 22:30:07 -0000 1.3
+++ config_inc.php 4 Sep 2002 13:36:58 -0000 1.4
@@ -37,7 +37,7 @@
### default ordering of the notes.
### ASC = newest on bottom
- $p_note_order = 'ASC';
+ $g_note_order = 'ASC';
### Time to wait between redirects (except index.html)
$g_time_wait = 2;
Index: html_api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/html_api.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- html_api.php 3 Sep 2002 22:30:07 -0000 1.1
+++ html_api.php 4 Sep 2002 13:36:58 -0000 1.2
@@ -62,7 +62,7 @@
echo '<hr size=1 />';
print_phpWebNotes_version();
echo '<address>Copyright (c) 2000-2002</address>';
- echo '<address><a href=\"mailto:$g_webmaster_email\">$g_webmaster_email</a></address>';
+ echo "<address><a href=\"mailto:$g_webmaster_email\">$g_webmaster_email</a></address>";
}
### --------------------
function print_body_bottom() {
Index: note_api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/note_api.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- note_api.php 3 Sep 2002 22:30:07 -0000 1.1
+++ note_api.php 4 Sep 2002 13:36:58 -0000 1.2
@@ -23,15 +23,16 @@
function note_add( $p_page_id, $p_email, $p_REMOTE_ADDR, $p_note ) {
global $g_phpWN_note_table;
- $p_email = addslashes( htmlspecialchars( $p_email ) );
- $p_note = addslashes( nl2br( htmlspecialchars( $p_note ) ) );
+ $c_page_id = (integer)$p_page_id;
+ $c_email = string_safe ( $p_email ); # addslashes( htmlspecialchars( $p_email ) );
+ $c_note = string_safe ( $p_note ); # addslashes( nl2br( htmlspecialchars( $p_note ) ) );
+ $c_remote_address = string_safe( $p_REMOTE_ADDR );
$query = "INSERT
INTO $g_phpWN_note_table
( id, page_id, email, ip, date_submitted, note )
VALUES
- ( null, '$p_page_id', '$p_email', '$p_REMOTE_ADDR', NOW(), '$p_note' )";
+ ( null, '$c_page_id', '$c_email', '$c_remote_address', NOW(), '$c_note' )";
return db_query( $query );
-
}
### --------------------
function delete_note( $p_id ) {
@@ -45,28 +46,32 @@
function update_note( $p_id, $p_email, $p_note ) {
global $g_phpWN_note_table;
- $p_email = addslashes( htmlspecialchars( $p_email ) );
- $p_note = addslashes( nl2br( htmlspecialchars( $p_note ) ) );
+ $c_id = (integer)$p_id;
+ $c_email = string_safe ( $p_email );
+ $c_note = string_safe ( $p_note );
+
$query = "UPDATE $g_phpWN_note_table
- SET email='$p_email', note='$p_note'
- WHERE id='$p_id'";
+ SET email='$c_email', note='$c_note'
+ WHERE id='$c_id'";
$result = db_query( $query );
}
### --------------------
function accept_note( $p_id ) {
global $g_phpWN_note_table;
+ $c_id = (integer) $p_id;
$query = "UPDATE $g_phpWN_note_table
SET visible='1'
- WHERE id='$p_id'";
+ WHERE id='$c_id'";
$result = db_query( $query );
}
### --------------------
function decline_note( $p_id ) {
global $g_phpWN_note_table;
+ $c_id = (integer) $p_id;
$query = "DELETE FROM $g_phpWN_note_table
- WHERE id='$p_id'";
+ WHERE id='$c_id'";
$result = db_query( $query );
}
### --------------------
@@ -75,13 +80,15 @@
$g_table_border_color, $g_primary_dark_color,
$g_primary_light_color, $g_white_color,
$g_phpWN_note_table, $g_phpWN_page_table,
- $p_note_order;
+ $g_note_order;
+
+ $c_page_name = string_safe ( $p_page_name );
$query = "SELECT *
FROM $g_phpWN_page_table p,
$g_phpWN_note_table n
- WHERE p.page='$p_page_name' AND n.page_id=p.id AND n.visible='1'
- ORDER BY n.date_submitted $p_note_order";
+ WHERE p.page='$c_page_name' AND n.page_id=p.id AND n.visible='1'
+ ORDER BY n.date_submitted $g_note_order";
$result = db_query( $query );
$entry_count = db_num_rows( $result );
@@ -90,7 +97,7 @@
$row = db_fetch_array( $result );
extract( $row, EXTR_PREFIX_ALL, "v" );
$v_email = stripslashes( $v_email );
- $v_note = string_preserve_spaces( stripslashes( $v_note ) );
+ $v_note = nl2br( string_preserve_spaces ( string_unsafe( $v_note ) ) );
$date = date( "M, d Y H:i", sql_to_unix_time( $v_date_submitted ) );
PRINT "<tr bgcolor=\"$g_primary_dark_color\">";
@@ -99,9 +106,9 @@
PRINT "</td>";
PRINT "</tr>";
PRINT "<tr bgcolor=$g_primary_light_color>";
- PRINT "<td>";
+ PRINT "<td><pre>";
echo $v_note;
- PRINT "</td>";
+ PRINT "</pre></td>";
PRINT "</tr>";
PRINT "<tr bgcolor=\"$g_white_color\" height=\"2\">";
PRINT "<td>";
Index: page_api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/page_api.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- page_api.php 3 Sep 2002 22:30:07 -0000 1.1
+++ page_api.php 4 Sep 2002 13:36:58 -0000 1.2
@@ -14,15 +14,17 @@
global $g_hostname, $g_db_username, $g_db_password, $g_database_name,
$g_phpWN_page_table;
+ $c_file = string_safe ( $p_file );
+
$query = "SELECT id
FROM $g_phpWN_page_table
- WHERE page='$p_file'";
+ WHERE page='$c_file'";
$result = db_query( $query );
if ( db_num_rows( $result) > 0 ) {
return db_result( $result, 0, 0 );
}
else {
- return "";
+ return '';
}
}
### --------------------
@@ -30,15 +32,17 @@
global $g_hostname, $g_db_username, $g_db_password, $g_database_name,
$g_phpWN_page_table;
+ $c_id = (integer)$p_id;
+
$query = "SELECT page
FROM $g_phpWN_page_table
- WHERE id='$p_id'";
+ WHERE id='$c_id'";
$result = db_query( $query );
if ( db_num_rows( $result) > 0 ) {
return db_result( $result, 0, 0 );
}
else {
- return "";
+ return '';
}
}
### --------------------
@@ -48,23 +52,27 @@
$handle = opendir( $p_path );
while ( $file = readdir( $handle ) ) {
- if ( is_dir( $p_path."/".$file )&&( $file!="." ) ) {
- if ($file=="..") {
- $t_path = dirname( $p_path );
- PRINT "<a href=\"$g_admin_index_files?f_dir=$t_path\">$file</a><br />";
+ if ( is_dir( $p_path . $file ) && ( $file != '.' ) ) {
+ if ( $file == '..' ) {
+ $t_dir = dirname( $p_path );
} else {
- PRINT "<a href=\"$g_admin_index_files?f_dir=$p_path/$file\">$file</a><br />";
+ $t_dir = $p_path . $file;
}
+ $t_dir = urlencode( $t_dir );
+ echo "<a href=\"$g_admin_index_files?f_dir=$t_dir\">$file</a><br />";
}
}
+ closedir( $handle );
}
### --------------------
function add_file( $p_page_name ) {
global $g_phpWN_page_table;
+ $c_page_name = string_safe( $p_page_name );
+
$query = "SELECT COUNT(*)
FROM $g_phpWN_page_table
- WHERE page='$p_page_name'";
+ WHERE page='$c_page_name'";
$result = db_query( $query );
$count = db_result( $result, 0, 0 );
if ( $count == 1 ) {
@@ -75,50 +83,40 @@
$g_phpWN_page_table
( id, date_indexed, page )
VALUES
- (null, NOW(), '$p_page_name' )";
+ (null, NOW(), '$c_page_name' )";
$result = db_query( $query );
return $result;
}
### --------------------
- function index_files( $path="" ) {
- $dir_count = 0;
- $file_count = 0;
-
- $dir = array();
- $xfile = array();
+ function index_files( $path='' ) {
+ $dirs = array();
+ $files = array();
$handle = opendir( $path );
while ( $file = readdir( $handle ) ) {
- if ($file==".") {continue;}
- if ($file=="..") {continue;}
- if ( is_dir( $path.$file ) ) {
- $dir[$dir_count] = $file;
- $dir_count++;
- } else {
- $xfile[$file_count] = $file;
- $file_count++;
+ if ( ( $file == '.' ) || ( $file == '..' ) ) {
+ continue;
+ }
+ if ( is_dir( $path . $file ) ) {
+ $dirs[] = $file;
+ } else {
+ $files[] = $file;
}
}
closedir( $handle );
- sort( $dir );
- sort( $xfile );
+ sort( $dirs );
+ sort( $files );
- for ($i=0;$i<$file_count;$i++) {
- if ( !is_dir( $path.$xfile[$i] ) ) {
- if ( add_file( $path.$xfile[$i] ) ) {
- PRINT "$path$xfile[$i]<br>";
- }
+ foreach ( $files as $file ) {
+ if ( add_file( $path . $file ) ) {
+ echo "$path$file<br />";
}
}
- for ($i=0;$i<$dir_count;$i++) {
- if ( $dir[$i]=="." ) continue;
- if ( $dir[$i]==".." ) continue;
- index_files( $path.$dir[$i]."/" );
+ foreach ( $dirs as $dir ) {
+ index_files( $path . $dir . DIRECTORY_SEPARATOR );
}
}
### --------------------
-
-
?>
Index: string_api.php
===================================================================
RCS file: /cvsroot/webnotes/webnotes/core/string_api.php,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- string_api.php 3 Sep 2002 22:30:07 -0000 1.1
+++ string_api.php 4 Sep 2002 13:36:58 -0000 1.2
@@ -11,7 +11,7 @@
### --------------------
function string_safe( $p_string ) {
- return addslashes( nl2br( $p_string ) );
+ return addslashes( $p_string );
}
### --------------------
function string_unsafe( $p_string ) {
|
