Changeset 10931 for extensions/Copyrights
- Timestamp:
- May 18, 2011, 10:32:20 PM (13 years ago)
- Location:
- extensions/Copyrights
- Files:
-
- 1 deleted
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/Copyrights/admin.php
r10874 r10931 1 1 <?php 2 // +-----------------------------------------------------------------------+ 3 // | Piwigo - a PHP based picture gallery | 4 // +-----------------------------------------------------------------------+ 5 // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | 6 // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | 7 // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | 8 // +-----------------------------------------------------------------------+ 9 // | This program is free software; you can redistribute it and/or modify | 10 // | it under the terms of the GNU General Public License as published by | 11 // | the Free Software Foundation | 12 // | | 13 // | This program is distributed in the hope that it will be useful, but | 14 // | WITHOUT ANY WARRANTY; without even the implied warranty of | 15 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 16 // | General Public License for more details. | 17 // | | 18 // | You should have received a copy of the GNU General Public License | 19 // | along with this program; if not, write to the Free Software | 20 // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | 21 // | USA. | 22 // +-----------------------------------------------------------------------+ 2 23 3 24 if (!defined("PHPWG_ROOT_PATH")){ … … 22 43 if (isset($_GET['tab'])) { 23 44 if ($_GET['tab'] == 'create') { 24 $name = $_REQUEST['name'];25 $url = $_REQUEST['url'];45 $name = pwg_db_real_escape_string($_REQUEST['name']); 46 $url = pwg_db_real_escape_string($_REQUEST['url']); 26 47 $visible = (isset($_REQUEST['visible']) ? 1 : 0); 27 $query = '28 INSERT INTO '.COPYRIGHTS_ADMIN.'48 $query = sprintf( 49 'INSERT INTO %s 29 50 (`name`,`url`,`visible`) VALUES 30 ("'.$name.'","'.$url.'",'.$visible.') 31 ;'; 51 ("%s","%s",%d) 52 ;', 53 COPYRIGHTS_ADMIN, $name, $url, $visible); 32 54 pwg_query($query); 33 55 } … … 36 58 $edit = 1; 37 59 $CRid = $_REQUEST['id']; 38 $query = ' 39 SELECT * 40 FROM '.COPYRIGHTS_ADMIN.' 41 WHERE `cr_id`='.$CRid.' 42 ;'; 60 $query = sprintf( 61 'SELECT * 62 FROM %s 63 WHERE `cr_id`=%d 64 ;', 65 COPYRIGHTS_ADMIN, $CRid); 43 66 $result = pwg_query($query); 44 67 $row = pwg_db_fetch_assoc($result); … … 49 72 50 73 if ($_GET['tab'] == 'update') { 51 $id = $_REQUEST['id'];52 $name = $_REQUEST['name'];53 $url = $_REQUEST['url'];74 $id = pwg_db_real_escape_string($_REQUEST['id']); 75 $name = pwg_db_real_escape_string($_REQUEST['name']); 76 $url = pwg_db_real_escape_string($_REQUEST['url']); 54 77 $visible = (isset($_REQUEST['visible']) ? 1 : 0); 55 $query = ' 56 UPDATE '.$prefixeTable.'copyrights_admin 57 SET `name`="'.$name.'", `url`="'.$url.'", `visible`='.$visible.' 58 WHERE `cr_id`='.$id.' 59 ;'; 78 $query = sprintf( 79 'UPDATE %s 80 SET `name`="%s", `url`="%s", `visible`=%d 81 WHERE `cr_id`=%d 82 ;', 83 COPYRIGHTS_ADMIN, $name, $url, $visible, $id); 60 84 pwg_query($query); 61 85 } … … 63 87 if ($_GET['tab'] == 'delete') { 64 88 $id = $_REQUEST['id']; 65 $query = ' 66 DELETE FROM '.$prefixeTable.'copyrights_admin 67 WHERE `cr_id`='.$id.' 68 ;'; 89 $query = sprintf( 90 'DELETE FROM %s 91 WHERE `cr_id`=%d 92 ;', 93 COPYRIGHTS_ADMIN, $id); 69 94 pwg_query($query); 70 95 } … … 80 105 ); 81 106 82 $query = ' 83 SELECT * 84 FROM '.COPYRIGHTS_ADMIN.' 85 ;'; 107 $query = sprintf( 108 'SELECT * 109 FROM %s 110 ;', 111 COPYTIGHTS_ADMIN); 86 112 $result = pwg_query($query); 87 113 -
extensions/Copyrights/main.inc.php
r10874 r10931 8 8 Author URI: http://www.watergallery.nl/piwigo/plugins/copyrights/ 9 9 */ 10 // +-----------------------------------------------------------------------+ 11 // | Piwigo - a PHP based picture gallery | 12 // +-----------------------------------------------------------------------+ 13 // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | 14 // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | 15 // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | 16 // +-----------------------------------------------------------------------+ 17 // | This program is free software; you can redistribute it and/or modify | 18 // | it under the terms of the GNU General Public License as published by | 19 // | the Free Software Foundation | 20 // | | 21 // | This program is distributed in the hope that it will be useful, but | 22 // | WITHOUT ANY WARRANTY; without even the implied warranty of | 23 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 24 // | General Public License for more details. | 25 // | | 26 // | You should have received a copy of the GNU General Public License | 27 // | along with this program; if not, write to the Free Software | 28 // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | 29 // | USA. | 30 // +-----------------------------------------------------------------------+ 10 31 11 32 if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); … … 49 70 50 71 // Fetch all the copyrights and assign them to the template 51 $query = '52 SELECT `cr_id`,`name`53 FROM '.COPYRIGHTS_ADMIN.'72 $query = sprintf( 73 'SELECT `cr_id`,`name` 74 FROM %s 54 75 WHERE `visible`<>0 55 ;'; 76 ;', 77 COPYRIGHT_ADMIN); 56 78 $result = pwg_query($query); 57 79 $CRoptions = array(); … … 79 101 if ($action == 'copyrights') 80 102 { 81 $crID = $_POST['copyrightID'];103 $crID = pwg_db_real_escape_string($_POST['copyrightID']); 82 104 83 105 if (count($collection) > 0) { 84 $query = ' 85 DELETE 86 FROM '.COPYRIGHTS_MEDIA.' 87 WHERE media_id IN ('.implode(',', $collection).') 88 ;'; 106 $query = sprintf( 107 'DELETE 108 FROM %s 109 WHERE media_id IN (%s) 110 ;', 111 COPYRIGHT_MEDIA, implode(',', $collection)); 89 112 pwg_query($query); 90 113 } -
extensions/Copyrights/maintain.inc.php
r10874 r10931 1 1 <?php 2 // +-----------------------------------------------------------------------+ 3 // | Piwigo - a PHP based picture gallery | 4 // +-----------------------------------------------------------------------+ 5 // | Copyright(C) 2008-2009 Piwigo Team http://piwigo.org | 6 // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | 7 // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | 8 // +-----------------------------------------------------------------------+ 9 // | This program is free software; you can redistribute it and/or modify | 10 // | it under the terms of the GNU General Public License as published by | 11 // | the Free Software Foundation | 12 // | | 13 // | This program is distributed in the hope that it will be useful, but | 14 // | WITHOUT ANY WARRANTY; without even the implied warranty of | 15 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | 16 // | General Public License for more details. | 17 // | | 18 // | You should have received a copy of the GNU General Public License | 19 // | along with this program; if not, write to the Free Software | 20 // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | 21 // | USA. | 22 // +-----------------------------------------------------------------------+ 2 23 3 24 function plugin_install() {
Note: See TracChangeset
for help on using the changeset viewer.