Changeset 11433


Ignore:
Timestamp:
Jun 19, 2011, 7:00:33 PM (13 years ago)
Author:
mistic100
Message:

feature:2317 move order config to Admin->Config->Options
change regex test, now compatible with strings like "file COLLATE 'utf8_general_ci' ASC"

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/admin/configuration.php

    r11285 r11433  
    104104 
    105105$order_options = array(
    106     ' ORDER BY date_available DESC, file ASC, id ASC' => 'date_available DESC, file ASC, id ASC',
    107     ' ORDER BY file DESC, date_available DESC' => 'file DESC, date_available DESC',
     106    ' ORDER BY date_available DESC, file ASC, id ASC' => 'Post date DESC, File name ASC',
     107    ' ORDER BY date_available ASC, file ASC, id ASC' => 'Post date ASC, File name ASC',
     108    ' ORDER BY file DESC, date_available DESC, id ASC' => 'File name DESC, Post date DESC',
     109    ' ORDER BY file ASC, date_available DESC, id ASC' => 'File name ASC, Post date DESC',
    108110    'custom' => l10n('Custom'),
    109111  );
     
    118120    case 'main' :
    119121    {
    120       $order_regex = '#^(( *)(id|file|name|date_available|date_creation|hit|average_rate|comment|author|filesize|width|height|high_filesize|high_width|high_height) (ASC|DESC),{1}){1,}$#';
     122      $order_regex = '#^(([ \w\']{2,}) (ASC|DESC),{1}){1,}$#';
    121123      // process 'order_by_perso' string
    122124      if ($_POST['order_by'] == 'custom' AND !empty($_POST['order_by_perso']))
    123125      {
     126        $_POST['order_by_perso'] = stripslashes(trim($_POST['order_by_perso']));
    124127        $_POST['order_by'] = str_ireplace(
    125           array('order by ', 'asc', 'desc'),
    126           array(null, 'ASC', 'DESC'),
    127           trim($_POST['order_by_perso'])
     128          array('order by ', 'asc', 'desc', '"'),
     129          array(null, 'ASC', 'DESC', '\''),
     130          $_POST['order_by_perso']
    128131          );
    129132       
    130133        if (preg_match($order_regex, $_POST['order_by'].','))
    131134        {
    132           $_POST['order_by'] = ' ORDER BY '.$_POST['order_by'];
     135          $_POST['order_by'] = ' ORDER BY '.addslashes($_POST['order_by']);
    133136        }
    134137        else
     
    148151      else if ($_POST['order_by_inside_category'] == 'custom' AND !empty($_POST['order_by_inside_category_perso']))
    149152      {
     153        $_POST['order_by_inside_category_perso'] = stripslashes(trim($_POST['order_by_inside_category_perso']));
    150154        $_POST['order_by_inside_category'] = str_ireplace(
    151           array('order by ', 'asc', 'desc'),
    152           array(null, 'ASC', 'DESC'),
    153           trim($_POST['order_by_inside_category_perso'])
     155          array('order by ', 'asc', 'desc', '"'),
     156          array(null, 'ASC', 'DESC', '\''),
     157          $_POST['order_by_inside_category_perso']
    154158          );
    155159       
    156160        if (preg_match($order_regex, $_POST['order_by_inside_category'].','))
    157161        {
    158           $_POST['order_by_inside_category'] = ' ORDER BY '.$_POST['order_by_inside_category'];
     162          $_POST['order_by_inside_category'] = ' ORDER BY '.addslashes($_POST['order_by_inside_category']);
    159163        }
    160164        else
Note: See TracChangeset for help on using the changeset viewer.