[mirrors/Kyberia-bloodline.git] / wwwroot / inc / eventz / addPlugin.inc

<?php
function addPlugin() {
    global $db,$error,$node, $error_messages;
    $add_plugin_id = $_POST['add_plugin_id'];

    if (!is_numeric($add_plugin_id)) {
        $error = $error_messages['NOT_NUMERIC'];
        return false;
    }

    $set = $db->query("select node_parent, node_system_access, node_creator,
 template_id, node_content, node_name from nodes where nodes.node_id = '$add_plugin_id'");
    $set->next();
    $node_parent = $set->getString('node_parent');
    $node_system_access = $set->getString('node_system_access');
    $node_creator = $set->getString('node_creator');
    $node_template = $set->getString('template_id');
    $node_content = stripslashes($set->getString('node_content'));
    $plugin_name = $set->getString('node_name');
    $fp = fopen (SMARTY_PLUGIN_DIR."function.".$plugin_name.".php","w+");
    fwrite($fp,$node_content);
    fclose($fp);
    chown(SMARTY_PLUGIN_DIR.$plugin_name.".php","wwwedit");
    $q = "update nodes set external_link = 'plugin://$plugin_name' where node_id = '".$add_plugin_id."'";
    $db->query($q);

    //logging of every plugin for security reasons
    $params['node_creator'] = UBIK_ID;
    $params['node_parent'] = 2019772;
    $params['node_name'] = "addPlugin execute: node $add_plugin_id";
    $params['node_content'] = "addPlugin execute: node <a href='$add_plugin_id'>$add_plugin_id</a> by user ".$_SESSION['user_name'];
    $params['node_content'] .= "<br />plugin_name: ".$plugin_name;
    $params['node_content'] .= "<br />template_id: <a href='$node_template'>".$node_template."</a>";
    $params['node_content'] .= "<br />node_parent: <a href='$node_parent'>".$node_parent."</a>";
    $params['node_content'] .= "<br />node_system_access: ".$node_system_access;
    $params['node_content'] .= "<br />node_creator: <a href='$node_creator'>".$node_creator."</a>";
    $params['node_content'] = mysql_real_escape_string($params['node_content']);
    nodes::addNode($params);

    return true;
}
?>
Commit	Line	Data
51ff3226	1	<?php
	2	function addPlugin() {
	3	global $db,$error,$node, $error_messages;
	4	$add_plugin_id = $_POST['add_plugin_id'];
	5
	6	if (!is_numeric($add_plugin_id)) {
	7	$error = $error_messages['NOT_NUMERIC'];
	8	return false;
	9	}
	10
	11	$set = $db->query("select node_parent, node_system_access, node_creator,
	12	template_id, node_content, node_name from nodes where nodes.node_id = '$add_plugin_id'");
	13	$set->next();
	14	$node_parent = $set->getString('node_parent');
	15	$node_system_access = $set->getString('node_system_access');
	16	$node_creator = $set->getString('node_creator');
	17	$node_template = $set->getString('template_id');
	18	$node_content = stripslashes($set->getString('node_content'));
	19	$plugin_name = $set->getString('node_name');
	20	$fp = fopen (SMARTY_PLUGIN_DIR."function.".$plugin_name.".php","w+");
	21	fwrite($fp,$node_content);
	22	fclose($fp);
	23	chown(SMARTY_PLUGIN_DIR.$plugin_name.".php","wwwedit");
	24	$q = "update nodes set external_link = 'plugin://$plugin_name' where node_id = '".$add_plugin_id."'";
	25	$db->query($q);
	26
	27	//logging of every plugin for security reasons
	28	$params['node_creator'] = UBIK_ID;
	29	$params['node_parent'] = 2019772;
	30	$params['node_name'] = "addPlugin execute: node $add_plugin_id";
	31	$params['node_content'] = "addPlugin execute: node <a href='$add_plugin_id'>$add_plugin_id</a> by user ".$_SESSION['user_name'];
	32	$params['node_content'] .= "<br />plugin_name: ".$plugin_name;
	33	$params['node_content'] .= "<br />template_id: <a href='$node_template'>".$node_template."</a>";
	34	$params['node_content'] .= "<br />node_parent: <a href='$node_parent'>".$node_parent."</a>";
	35	$params['node_content'] .= "<br />node_system_access: ".$node_system_access;
	36	$params['node_content'] .= "<br />node_creator: <a href='$node_creator'>".$node_creator."</a>";
	37	$params['node_content'] = mysql_real_escape_string($params['node_content']);
	38	nodes::addNode($params);
	39
	40	return true;
	41	}
	42	?>