Changeset 11433


Ignore:
Timestamp:
06/19/11 19:00:33 (8 years ago)
Author:
mistic100
Message:

feature:2317 move order config to Admin->Config->Options
change regex test, now compatible with strings like "file COLLATE 'utf8_general_ci' ASC"

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/admin/configuration.php

    r11285 r11433  
    104104   
    105105$order_options = array( 
    106     ' ORDER BY date_available DESC, file ASC, id ASC' => 'date_available DESC, file ASC, id ASC', 
    107     ' ORDER BY file DESC, date_available DESC' => 'file DESC, date_available DESC', 
     106    ' ORDER BY date_available DESC, file ASC, id ASC' => 'Post date DESC, File name ASC', 
     107    ' ORDER BY date_available ASC, file ASC, id ASC' => 'Post date ASC, File name ASC', 
     108    ' ORDER BY file DESC, date_available DESC, id ASC' => 'File name DESC, Post date DESC', 
     109    ' ORDER BY file ASC, date_available DESC, id ASC' => 'File name ASC, Post date DESC', 
    108110    'custom' => l10n('Custom'), 
    109111  ); 
     
    118120    case 'main' : 
    119121    { 
    120       $order_regex = '#^(( *)(id|file|name|date_available|date_creation|hit|average_rate|comment|author|filesize|width|height|high_filesize|high_width|high_height) (ASC|DESC),{1}){1,}$#'; 
     122      $order_regex = '#^(([ \w\']{2,}) (ASC|DESC),{1}){1,}$#'; 
    121123      // process 'order_by_perso' string 
    122124      if ($_POST['order_by'] == 'custom' AND !empty($_POST['order_by_perso'])) 
    123125      { 
     126        $_POST['order_by_perso'] = stripslashes(trim($_POST['order_by_perso'])); 
    124127        $_POST['order_by'] = str_ireplace( 
    125           array('order by ', 'asc', 'desc'), 
    126           array(null, 'ASC', 'DESC'), 
    127           trim($_POST['order_by_perso']) 
     128          array('order by ', 'asc', 'desc', '"'), 
     129          array(null, 'ASC', 'DESC', '\''), 
     130          $_POST['order_by_perso'] 
    128131          ); 
    129132         
    130133        if (preg_match($order_regex, $_POST['order_by'].',')) 
    131134        { 
    132           $_POST['order_by'] = ' ORDER BY '.$_POST['order_by']; 
     135          $_POST['order_by'] = ' ORDER BY '.addslashes($_POST['order_by']); 
    133136        } 
    134137        else 
     
    148151      else if ($_POST['order_by_inside_category'] == 'custom' AND !empty($_POST['order_by_inside_category_perso'])) 
    149152      { 
     153        $_POST['order_by_inside_category_perso'] = stripslashes(trim($_POST['order_by_inside_category_perso'])); 
    150154        $_POST['order_by_inside_category'] = str_ireplace( 
    151           array('order by ', 'asc', 'desc'), 
    152           array(null, 'ASC', 'DESC'), 
    153           trim($_POST['order_by_inside_category_perso']) 
     155          array('order by ', 'asc', 'desc', '"'), 
     156          array(null, 'ASC', 'DESC', '\''), 
     157          $_POST['order_by_inside_category_perso'] 
    154158          ); 
    155159         
    156160        if (preg_match($order_regex, $_POST['order_by_inside_category'].',')) 
    157161        { 
    158           $_POST['order_by_inside_category'] = ' ORDER BY '.$_POST['order_by_inside_category']; 
     162          $_POST['order_by_inside_category'] = ' ORDER BY '.addslashes($_POST['order_by_inside_category']); 
    159163        } 
    160164        else 
Note: See TracChangeset for help on using the changeset viewer.