Changeset 118 for trunk/admin
- Timestamp:
- 04/11/06 21:32:56 (3 years ago)
- Files:
-
- 1 modified
-
trunk/admin/index.php (modified) (22 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/index.php
r115 r118 381 381 function show_cats() { 382 382 global $db; 383 $res =& $db->query("SELECT * FROM categories ");383 $res =& $db->query("SELECT * FROM categories ORDER BY name"); 384 384 if (PEAR::isError($res)) { 385 385 die($res->getMessage()); … … 529 529 <div class="log_head"> 530 530 <span class="log_subject"> 531 <a href="?action=edit_acro&id=<?=$row["id"]?>"><?= $row["acronym"]?></a> 531 <a href="?action=edit_acro&id=<?=$row["id"]?>"><?=stripslashes($row["acronym"])?></a> 532 532 </span> 533 533 </div> 534 534 <div class="log_body"> 535 535 <span class="log_contents"> 536 <?= $row["description"]?>536 <?=stripslashes($row["description"])?> 537 537 </span> 538 538 </div> … … 554 554 $cat["description"] = "Category description"; 555 555 } else { 556 $res =& $db->query( "SELECT * FROM acronyms WHERE id=$id");556 $res =& $db->query(sprintf("SELECT * FROM acronyms WHERE id = %d", $id)); 557 557 if (PEAR::isError($res)) { 558 558 die($res->getMessage()); … … 567 567 <div class="log_head"> 568 568 <span class="log_subject"> 569 <input type="text" name="acro[acronym]" value="<?= $acro["acronym"]?>" /> 569 <input type="text" name="acro[acronym]" value="<?=stripslashes($acro["acronym"])?>" /> 570 570 </span> 571 571 </div> 572 572 <div class="log_body"> 573 573 <span class="log_contents"> 574 <input type="text" name="acro[description]" value="<?= $acro["description"]?>" style="width: 500px;" />574 <input type="text" name="acro[description]" value="<?=stripslashes($acro["description"])?>" style="width: 500px;" /> 575 575 </span> 576 576 <input type="submit" value="save" /> … … 594 594 global $db; 595 595 if ($acro["id"]) { 596 $query = "UPDATE acronyms SET "; 597 $query .= "acronym='".$acro["acronym"]."'"; 598 $query .= ", description='".$acro["description"]."'"; 599 $query .= " WHERE id=".$acro["id"]; 600 } else { 601 $query = "INSERT INTO acronyms (acronym, description) VALUES ("; 602 $query .= "'".$acro["acronym"]."'"; 603 $query .= ", '".$acro["description"]."'"; 604 $query .= ")"; 596 $query = sprintf("UPDATE acronyms SET acronym = '%s', description = '%s' WHERE id = %d", 597 preg_quote(strip_tags($acro["acronym"]), "'"), 598 preg_quote(_strip_tags($acro["description"]), "'"), 599 $acro["id"] 600 ); 601 } else { 602 $query = sprintf("INSERT INTO acronyms (acronym, description) VALUES ('%s', '%s')", 603 preg_quote(strip_tags($acro["acronym"]), "'"), 604 preg_quote(_strip_tags($acro["description"]), "'") 605 ); 605 606 } 606 607 $res =& $db->query($query); … … 616 617 function delete_acro($id) { 617 618 global $db; 618 $query = "DELETE FROM acronyms WHERE id=$id";619 $query = sprintf("DELETE FROM acronyms WHERE id = %d", $id); 619 620 $res =& $db->query($query); 620 621 if (PEAR::isError($res)) { … … 642 643 643 644 <a href="?action=edit_author&id=<?=$row["id"]?>"> 644 <?= $row["fullname"]?>645 <?=stripslashes($row["fullname"])?> 645 646 <? if ($row["active"]) { ?> 646 647 (active) … … 650 651 </a> 651 652 <span class="log_cat"> 652 loginname: <?= $row["login"]?>653 loginname: <?=stripslashes($row["login"])?> 653 654 </span> 654 655 </span> … … 674 675 $author["active"] = 1; 675 676 } else { 676 $res =& $db->query( "SELECT * FROM authors WHERE id=$authorid");677 $res =& $db->query(sprintf("SELECT * FROM authors WHERE id = %d", $authorid)); 677 678 if (PEAR::isError($res)) { 678 679 die($res->getMessage()); … … 692 693 <span class="log_subject"> 693 694 <? if ($authorid) { ?> 694 <?= $author["login"]?> 695 <?=stripslashes($author["login"])?> 695 696 <? } else { ?> 696 login: <input type="text" name="author[login]" value="<?= $author["login"]?>" />697 login: <input type="text" name="author[login]" value="<?=stripslashes($author["login"])?>" /> 697 698 <? } ?> 698 699 </span> … … 708 709 </tr><tr> 709 710 <td align="right">email:</td> 710 <td><input type="text" name="author[email]" value="<?= $author["email"]?>" /></td>711 <td><input type="text" name="author[email]" value="<?=stripslashes($author["email"])?>" /></td> 711 712 </tr><tr> 712 713 <td align="right">website:</td> 713 <td><input type="text" name="author[website]" value="<?= $author["website"]?>" /></td>714 <td><input type="text" name="author[website]" value="<?=stripslashes($author["website"])?>" /></td> 714 715 </tr><tr> 715 716 <td align="right">full name: </td> 716 <td><input type="text" name="author[fullname]" value="<?= $author["fullname"]?>" /></td>717 <td><input type="text" name="author[fullname]" value="<?=stripslashes($author["fullname"])?>" /></td> 717 718 </tr></table> 718 719 </span> … … 753 754 if (!$error) { 754 755 if ($author["id"]) { 755 $query = "UPDATE authors SET "; 756 $query .= "\"fullname\"='".$author["fullname"]."'"; 757 $query .= ", \"email\"='".$author["email"]."'"; 758 $query .= ", \"website\"='".$author["website"]."'"; 759 $query .= ", active = ".(int)$author["active"]; 756 $query = sprintf("UPDATE authors SET fullname = '%s', email = '%s', website = '%s', active = %d", 757 preg_quote(strip_tags($author["fullname"]), "'"), 758 preg_quote(strip_tags($author["email"]), "'"), 759 preg_quote(strip_tags($author["website"]), "'"), 760 $author["active"] 761 ); 760 762 if (trim($author["password"])) { 761 $query .= ", password='".trim($author["password"])."'";763 $query .= sprintf(", password = '%s'", trim(preg_quote(strip_tags($author["password"]), "'"))); 762 764 } 763 $query .= " WHERE id=".$author["id"];765 $query .= sprintf(" WHERE id = %d", $author["id"]); 764 766 } else { 765 if (trim($author["password"])) { 766 $query = "INSERT INTO authors (\"password\", \"fullname\", \"email\", \"website\", \"login\", active) VALUES ('".trim($author["password"])."', "; 767 } else { 768 $query = "INSERT INTO authors (\"fullname\", \"email\", \"website\", \"login\", active) VALUES ("; 769 } 770 $query .= "'".$author["fullname"]."'"; 771 $query .= ", '".$author["email"]."'"; 772 $query .= ", '".$author["website"]."'"; 773 $query .= ", '".$author["login"]."'"; 774 $query .= ", ".(int)$author["active"]; 775 $query .= ")"; 767 $query = sprintf("INSERT INTO authors (password, fullname, email, website, login, active) VALUES ('%s', '%s', '%s', '%s', '%s', %d)", 768 preg_quote(strip_tags(trim($author["password"])), "'"), 769 preg_quote(strip_tags($author["fullname"]), "'"), 770 preg_quote(strip_tags($author["email"]), "'"), 771 preg_quote(strip_tags($author["website"]), "'"), 772 preg_quote(strip_tags($author["login"]), "'"), 773 $author["active"] 774 ); 776 775 } 777 776 $res =& $db->query($query); … … 810 809 <table border="0" cellspacing="0" cellpadding="0"><tr> 811 810 <td style="vertical-align: top;">blog title</td> 812 <td><input type="text" style="width: 200px;" name="settings[blogtitle]" value="<?= $settings["blogtitle"]?>" /></td>811 <td><input type="text" style="width: 200px;" name="settings[blogtitle]" value="<?=stripslashes($settings["blogtitle"])?>" /></td> 813 812 </tr><tr> 814 813 <td style="vertical-align: top;">blog/meta description:</td> 815 <td><textarea name="settings[blogdescription]" style="width: 200px; height: 100px;"><?= $settings["blogdescription"]?></textarea></td>814 <td><textarea name="settings[blogdescription]" style="width: 200px; height: 100px;"><?=stripslashes($settings["blogdescription"])?></textarea></td> 816 815 </tr><tr> 817 816 <td style="vertical-align: top;">meta keywords</td> 818 817 <td> 819 <textarea name="settings[blogkeywords]" style="width: 200px; height: 100px;"><?= $settings["blogkeywords"]?></textarea>818 <textarea name="settings[blogkeywords]" style="width: 200px; height: 100px;"><?=stripslashes($settings["blogkeywords"])?></textarea> 820 819 </td> 821 820 </tr><tr> … … 860 859 /* construct queries to sync database with userinput */ 861 860 foreach ($settings as $key=>$val) { 862 if (array_key_exists( $key, $settings_db)) {861 if (array_key_exists(preg_quote(_strip_tags($key), "'"), $settings_db)) { 863 862 //setting was there, we need to UPDATE it 864 $queries[] = sprintf("UPDATE settings SET settingvalue ='%s' WHERE settingname='%s'", $val, $key);863 $queries[] = sprintf("UPDATE settings SET settingvalue = '%s' WHERE settingname = '%s'", preg_quote(_strip_tags($val), "'"), preg_quote(strip_tags($key), "'")); 865 864 } else { 866 865 //setting was not there, we need to INSERT it 867 $queries[] = sprintf("INSERT INTO settings (settingname, settingvalue) VALUES ('%s','%s')", $key, $val);866 $queries[] = sprintf("INSERT INTO settings (settingname, settingvalue) VALUES ('%s','%s')", preg_quote(strip_tags($key), "'"), preg_quote(_strip_tags($val), "'")); 868 867 } 869 868 } … … 907 906 <table border="0" cellspacing="1" cellpadding="0"><tr> 908 907 <td>name</td> 909 <td><input style="width: 300px;" type="text" name="link[<?=$row["id"]?>][linktitle]" value="<?= $row["linktitle"]?>" /></td>908 <td><input style="width: 300px;" type="text" name="link[<?=$row["id"]?>][linktitle]" value="<?=stripslashes($row["linktitle"])?>" /></td> 910 909 </tr><tr> 911 910 <td>link</td> 912 <td><input style="width: 300px;" type="text" name="link[<?=$row["id"]?>][url]" value="<?= $row["url"]?>" /></td>911 <td><input style="width: 300px;" type="text" name="link[<?=$row["id"]?>][url]" value="<?=stripslashes($row["url"])?>" /></td> 913 912 </tr><tr> 914 913 <td>image</td> 915 <td><input style="width: 300px;" type="text" name="link[<?=$row["id"]?>][image]" value="<?= $row["image"]?>" /></td>914 <td><input style="width: 300px;" type="text" name="link[<?=$row["id"]?>][image]" value="<?=stripslashes($row["image"])?>" /></td> 916 915 </tr><tr> 917 916 <td>pos</td> 918 917 <td> 919 <input style="width: 30px;" type="text" name="link[<?=$row["id"]?>][sortorder]" value="<?= $row["sortorder"]?>" />918 <input style="width: 30px;" type="text" name="link[<?=$row["id"]?>][sortorder]" value="<?=(int)$row["sortorder"]?>" /> 920 919 <input type="button" name="del" value="del" onclick="document.getElementById('state_<?=$row["id"]?>').value='delete'; document.getElementById('settingsform').submit();"> 921 920 </td> … … 963 962 if (strlen(trim($v["linktitle"])) && strlen(trim($v["url"]))) { 964 963 $sql = "INSERT INTO menulinks (url, linktitle, image, sortorder) VALUES "; 965 $sql .= sprintf("('%s', '%s', '%s', %d)", $v["url"], $v["linktitle"], $v["image"], $v["sortorder"]); 964 $sql .= sprintf("('%s', '%s', '%s', %d)", 965 preg_quote(strip_tags($v["url"]), "'"), 966 preg_quote(strip_tags($v["linktitle"]), "'"), 967 preg_quote(strip_tags($v["image"]), "'"), 968 $v["sortorder"] 969 ); 966 970 $res = $db->query($sql); 967 971 } … … 969 973 /* from db. this can be either be marked as delete or save */ 970 974 if ($v["state"] == "delete") { 971 $sql = sprintf("DELETE FROM menulinks WHERE id =%d", $k);975 $sql = sprintf("DELETE FROM menulinks WHERE id = %d", $k); 972 976 $res = $db->query($sql); 973 977 } elseif ($v["state"] == "save") { 974 978 $sql = "UPDATE menulinks SET "; 975 $sql .= sprintf("url ='%s'", $v["url"]);976 $sql .= sprintf(", linktitle ='%s'", $v["linktitle"]);977 $sql .= sprintf(", image ='%s'", $v["image"]);978 $sql .= sprintf(", sortorder =%d", $v["sortorder"]);979 $sql .= sprintf(" WHERE id =%d", $k);979 $sql .= sprintf("url = '%s'", preg_quote(strip_tags($v["url"]), "'")); 980 $sql .= sprintf(", linktitle = '%s'", preg_quote(strip_tags($v["linktitle"]), "'")); 981 $sql .= sprintf(", image = '%s'", preg_quote(strip_tags($v["image"]), "'")); 982 $sql .= sprintf(", sortorder = %d", $v["sortorder"]); 983 $sql .= sprintf(" WHERE id = %d", $k); 980 984 $res = $db->query($sql); 981 985 } … … 991 995 function show_comments($options) { 992 996 global $db; 993 if (!$options["top"]) { $options["top"] = 0; } else { $options["top"]= (int)$options["top"]; }997 if (!$options["top"]) { $options["top"] = 0; } else { $options["top"] = (int)$options["top"]; } 994 998 if (!$options["limit"]) { $options["limit"] = 15; } else { $options["limit"] = (int)$options["limit"]; } 995 999 /* create an array with the article titles */ … … 998 1002 $articles[0] = "no article"; 999 1003 while ($res->fetchInto($row, DB_FETCHMODE_ASSOC)) { 1000 $articles[$row["id"]] = $row["title"];1004 $articles[$row["id"]] = stripslashes($row["title"]); 1001 1005 } 1002 1006 /* loop through the comments */ … … 1004 1008 $res_count->fetchInto($counter_r, DB_FETCHMODE_NUM); 1005 1009 $counter = $counter_r[0]; 1006 $res =& $db->limitQuery("SELECT * FROM comments ORDER BY date DESC", (int)$options["top"], $options["limit"]);1010 $res =& $db->limitQuery("SELECT * FROM comments ORDER BY date DESC", $options["top"], $options["limit"]); 1007 1011 if (PEAR::isError($res)) { 1008 1012 die($res->getMessage()); … … 1016 1020 <?=$row["title"]?> (<?=$articles[$row["articles_id"]]?>) 1017 1021 <span class="log_cat"><br /> 1018 name: <?= $row["name"]?> ip: <?=$row["ip"]?><br />1019 website: <?= $row["website"]?> email: <?=$row["email"]?>1022 name: <?=stripslashes(htmlspecialchars($row["name"]))?> ip: <?=$row["ip"]?><br /> 1023 website: <?=stripslashes(htmlspecialchars($row["website"]))?> email: <?=stripslashes(htmlspecialchars($row["email"]))?> 1020 1024 </span> 1021 1025 </span> 1022 1026 </div> 1023 1027 <div class="log_contents<?=($row["deleted"]?" log_deleted":"")?>"> 1024 <?= $row["comment"]?>1028 <?=stripslashes(htmlspecialchars($row["comment"]))?> 1025 1029 </div> 1026 1030 <div class="log_foot"> … … 1093 1097 echo "\t<link rel=\"icon\" href=\"favicon.ico\" type=\"image/x-icon\" />\n"; 1094 1098 echo "\t<link rel=\"shortcut icon\" href=\"favicon.ico\" type=\"image/x-icon\" />\n"; 1095 echo "\t<title>". $title." - MvBlog powered</title>\n";1099 echo "\t<title>".stripslashes($title)." - MvBlog powered</title>\n"; 1096 1100 echo "</head>\n"; 1097 1101 echo "<body>\n";
