GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Security fix (sqli)
[mirrors/Kyberia-bloodline.git] / trash / configure_parent.inc
diff --git a/trash/configure_parent.inc b/trash/configure_parent.inc
new file mode 100644 (file)
index 0000000..9fab234
--- /dev/null
+++ b/trash/configure_parent.inc
@@ -0,0 +1,56 @@
+<?php
+function configure_parent() {
+       global $db,$error,$node;
+       $user_id=$_SESSION['user_id'];
+
+                       if (empty($_POST['node_creator'])) {
+                               $owner_id=$node['node_creator'];
+                       }
+
+                       else {
+                               $node_creator=$_POST['node_creator'];
+                               $q="select user_id from users where login like '$node_creator'";
+                               $ownerset=$db->query($q);
+                               if (!$ownerset->getNumRows()) {
+                                       $error="user $node_creator does not exist";
+                                       return false;
+                               }
+                               else {
+                                       $ownerset->next();
+                                       $owner_id=$ownerset->getString('user_id');
+                               }
+                       }
+
+                       $node_vector=$_POST['node_vector'];
+                       $old_vector=$node['node_vector'];
+                       if (is_numeric($_POST['template_id'])) $template_id=$_POST['template_id'];
+                       $node_parent=$_POST['node_parent'];
+                       $node_created=$_POST['node_created'];
+                       $node_id=$node['node_id'];
+
+
+                       $permissions=permissions::checkPermissions($node_parent);
+                       if (!$permissions['w']) {
+                               $error="you don't have permissions for writing into $node_parent";
+                               return false;
+                       }
+
+                       if ($node_parent) {
+//                             $set=$db->query("select node_vector from nodes where node_id='$node_parent'");
+//                             $set->next();
+//                             $node_vector=$set->getString('node_vector');
+                               $parent_node=nodes::getNodeById($node_parent,$_SESSION['user_id']);
+                               $node_vector=$parent_node['node_vector'].";".$parent_node['node_id'];;
+                       }
+
+                       if ($node_vector!=$old_vector) {
+                               $q="update nodes set node_vector=replace(node_vector,'$old_vector','$node_vector') where node_vector like '%$old_vector;$node_id%'";
+                               $changed=$db->update($q);
+                               $q="update nodes set node_children_count=node_children_count+1 where node_id='$node_parent'";
+                               $db->update($q);
+                               $q="update nodes set node_children_count=node_children_count-1 where node_id='$old_parent'";
+                               $db->update($q);
+                               logger::log('vector change',$changed,$old_vector,$node_vector);
+                       }
+                       return true;
+?>
https://github.com/Kyberia/Kyberia-bloodline.git (mirrored @ Sun, 16 Jun 2024 19:30:10 +0200)
This page took 0.102776 seconds and 4 git commands to generate.