Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/functions.php
changeset 322 5f1cd51bf1be
parent 320 112debff64bd
child 325 e17cc42d77cf
equal deleted inserted replaced
320:112debff64bd 322:5f1cd51bf1be 
   563   {
 
   563   {
 
   564     // Show member pages and subcategories
 
   564     // Show member pages and subcategories
 
   565     $q = $db->sql_query('SELECT p.urlname, p.namespace, p.name, p.namespace=\'Category\' AS is_category FROM '.table_prefix.'categories AS c
 
   565     $q = $db->sql_query('SELECT p.urlname, p.namespace, p.name, p.namespace=\'Category\' AS is_category FROM '.table_prefix.'categories AS c
 
   566                            LEFT JOIN '.table_prefix.'pages AS p
 
   566                            LEFT JOIN '.table_prefix.'pages AS p
 
   567                              ON ( p.urlname = c.page_id AND p.namespace = c.namespace )
 
   567                              ON ( p.urlname = c.page_id AND p.namespace = c.namespace )
 
   568                            WHERE c.category_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\'
 
   568                            WHERE c.category_id=\'' . $db->escape($paths->page_id) . '\'
 
   569                            ORDER BY is_category DESC, p.name ASC;');
 
   569                            ORDER BY is_category DESC, p.name ASC;');
 
   570     if ( !$q )
 
   570     if ( !$q )
 
   571     {
 
   571     {
 
   572       $db->_die();
 
   572       $db->_die();
 
   573     }
 
   573     }
 
   675     echo '<div style="float: right;">';
 
   675     echo '<div style="float: right;">';
 
   676     echo '(<a href="#" onclick="ajaxCatToTag(); return false;">show page tags</a>)';
 
   676     echo '(<a href="#" onclick="ajaxCatToTag(); return false;">show page tags</a>)';
 
   677     echo '</div>';
 
   677     echo '</div>';
 
   678     echo '<div id="mdgCatBox">Categories: ';
 
   678     echo '<div id="mdgCatBox">Categories: ';
 
   679     
   679     
   680     $where = '( c.page_id=\'' . $db->escape($paths->cpage['urlname_nons']) . '\' AND c.namespace=\'' . $db->escape($paths->namespace) . '\' )';
 
   680     $where = '( c.page_id=\'' . $db->escape($paths->page_id) . '\' AND c.namespace=\'' . $db->escape($paths->namespace) . '\' )';
 
   681     $prefix = table_prefix;
 
   681     $prefix = table_prefix;
 
   682     $sql = <<<EOF
 
   682     $sql = <<<EOF
 
   683 SELECT c.category_id FROM {$prefix}categories AS c
 
   683 SELECT c.category_id FROM {$prefix}categories AS c
 
   684   LEFT JOIN {$prefix}pages AS p
 
   684   LEFT JOIN {$prefix}pages AS p
 
   685     ON ( ( p.urlname = c.page_id AND p.namespace = c.namespace ) OR ( p.urlname IS NULL AND p.namespace IS NULL ) )
 
   685     ON ( ( p.urlname = c.page_id AND p.namespace = c.namespace ) OR ( p.urlname IS NULL AND p.namespace IS NULL ) )
 
   727 
   727 
   728 function show_file_info()
 
   728 function show_file_info()
 
   729 {
 
   729 {
 
   730   global $db, $session, $paths, $template, $plugins; // Common objects
 
   730   global $db, $session, $paths, $template, $plugins; // Common objects
 
   731   if($paths->namespace != 'File') return null; // Prevent unnecessary work
 
   731   if($paths->namespace != 'File') return null; // Prevent unnecessary work
 
   732   $selfn = $paths->cpage['urlname_nons']; // substr($paths->page, strlen($paths->nslist['File']), strlen($paths->cpage));
 
   732   $selfn = $paths->page_id; // substr($paths->page, strlen($paths->nslist['File']), strlen($paths->cpage));
 
   733   if(substr($paths->cpage['name'], 0, strlen($paths->nslist['File']))==$paths->nslist['File']) $selfn = substr($paths->cpage['urlname_nons'], strlen($paths->nslist['File']), strlen($paths->cpage['urlname_nons']));
 
   733   if(substr($paths->cpage['name'], 0, strlen($paths->nslist['File']))==$paths->nslist['File']) $selfn = substr($paths->page_id, strlen($paths->nslist['File']), strlen($paths->page_id));
 
   734   $q = $db->sql_query('SELECT mimetype,time_id,size FROM '.table_prefix.'files WHERE page_id=\''.$selfn.'\' ORDER BY time_id DESC;');
 
   734   $q = $db->sql_query('SELECT mimetype,time_id,size FROM '.table_prefix.'files WHERE page_id=\''.$selfn.'\' ORDER BY time_id DESC;');
 
   735   if(!$q) $db->_die('The file type could not be fetched.');
 
   735   if(!$q) $db->_die('The file type could not be fetched.');
 
   736   if($db->numrows() < 1) { echo '<div class="mdg-comment" style="margin-left: 0;"><h3>Uploaded file</h3><p>There are no files uploaded with this name yet. <a href="'.makeUrlNS('Special', 'UploadFile/'.$paths->cpage['urlname_nons']).'">Upload a file...</a></p></div><br />'; return; }
 
   736   if($db->numrows() < 1) { echo '<div class="mdg-comment" style="margin-left: 0;"><h3>Uploaded file</h3><p>There are no files uploaded with this name yet. <a href="'.makeUrlNS('Special', 'UploadFile/'.$paths->page_id).'">Upload a file...</a></p></div><br />'; return; }
 
   737   $r = $db->fetchrow();
 
   737   $r = $db->fetchrow();
 
   738   $mimetype = $r['mimetype'];
 
   738   $mimetype = $r['mimetype'];
 
   739   $datestring = date('F d, Y h:i a', (int)$r['time_id']);
 
   739   $datestring = date('F d, Y h:i a', (int)$r['time_id']);
 
   740   echo '<div class="mdg-comment" style="margin-left: 0;"><p><h3>Uploaded file</h3></p><p>Type: '.$r['mimetype'].'<br />Size: ';
 
   740   echo '<div class="mdg-comment" style="margin-left: 0;"><p><h3>Uploaded file</h3></p><p>Type: '.$r['mimetype'].'<br />Size: ';
 
   741   $fs = $r['size'];
 
   741   $fs = $r['size'];
 
  2416  * @return string Cleaned text
 
  2416  * @return string Cleaned text
 
  2417  */
 
  2417  */
 
  2418 
  2418 
  2419 function sanitize_page_id($page_id)
 
  2419 function sanitize_page_id($page_id)
 
  2420 {
 
  2420 {
 
  2421 
       
  2422   // Remove character escapes
 
  2421   // Remove character escapes
 
  2423   $page_id = dirtify_page_id($page_id);
 
  2422   $page_id = dirtify_page_id($page_id);
 
  2424 
  2423 
  2425   $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]_-]/', 'X', $page_id);
 
  2424   $pid_clean = preg_replace('/[\w\.\/:;\(\)@\[\]_-]/', 'X', $page_id);
 
  2426   $pid_dirty = enano_str_split($pid_clean, 1);
 
  2425   $pid_dirty = enano_str_split($pid_clean, 1);
 
  2471   global $db, $session, $paths, $template, $plugins; // Common objects
 
  2470   global $db, $session, $paths, $template, $plugins; // Common objects
 
  2472   // First, replace spaces with underscores
 
  2471   // First, replace spaces with underscores
 
  2473   $page_id = str_replace(' ', '_', $page_id);
 
  2472   $page_id = str_replace(' ', '_', $page_id);
 
  2474 
  2473 
  2475   // Exception for userpages for IP addresses
 
  2474   // Exception for userpages for IP addresses
 
  2476   if ( preg_match('/^' . preg_quote($paths->nslist['User']) . '/', $page_id) )
 
  2475   if ( isset($paths->nslist['User']) )
 
  2477   {
 
  2476   {
 
  2478     $ip = preg_replace('/^' . preg_quote($paths->nslist['User']) . '/', '', $page_id);
 
  2477     if ( preg_match('/^' . preg_quote($paths->nslist['User']) . '/', $page_id) )
 
  2479     if ( is_valid_ip($ip) )
 
  2478     {
 
  2480       return $page_id;
 
  2479       $ip = preg_replace('/^' . preg_quote($paths->nslist['User']) . '/', '', $page_id);
 
       
  2480       if ( is_valid_ip($ip) )
 
       
  2481       {
 
       
  2482         die('valid IP');
 
       
  2483         return $page_id;
 
       
  2484       }
 
       
  2485     }
 
  2481   }
 
  2486   }
 
  2482 
  2487 
  2483   preg_match_all('/\.[A-Fa-f0-9][A-Fa-f0-9]/', $page_id, $matches);
 
  2488   preg_match_all('/\.[A-Fa-f0-9][A-Fa-f0-9]/', $page_id, $matches);
 
  2484 
  2489 
  2485   foreach ( $matches[0] as $id => $char )
 
  2490   foreach ( $matches[0] as $id => $char )
Enano CMS (1.1.x)