session_start();
error_reporting(1);
-$_SESSION['debugging']=1;
+//$_SESSION['debugging']=1;
//exit;
require('config/config.inc');
require(INCLUDE_DIR.'senate.inc');
-preg_match("/id\/(.*)\//",$_SERVER['HTTP_REFERER'],$ref_match);
-$referer_id=$ref_match[1];
+if (isset($_SERVER['HTTP_REFERER'])) {
+ preg_match("/id\/([0-9]*)\//",$_SERVER['HTTP_REFERER'],$ref_match);
+ $referer_id=$ref_match[1];
+}
//connecting to database and creating universal $db object
require(INCLUDE_DIR.'log.inc');
require(INCLUDE_DIR.'database.inc');
$db = new CLASS_DATABASE();
-//$logger = new logger; //XXX
if (!empty($_GET['template_id'])) {
$template_id=$_GET['template_id'];
$node = nodes::redirByName($_GET['node_name']);
}
elseif (!empty($_GET['node_id'])) {
- $node = nodes::getNodeById($_GET['node_id'],$_SESSION['user_id']);
+ $node = nodes::getNodeById($_GET['node_id'],(isset($_SESSION['user_id']))?$_SESSION['user_id']:'');
}
//XXX Paths are wrong (!)
echo "</pre>";
}
-if ($node['node_creator']==$_SESSION['user_id']) $node['node_permission']='owner';
+if ((isset($_SESSION['user_id']) && ($node['node_creator']==$_SESSION['user_id']))) {
+ $node['node_permission']='owner';
+}
-if ($_SESSION['cube_vector']) {
+if (isset($_SESSION['cube_vector']) && ($_SESSION['cube_vector'])) {
if (strpos($node['node_vector'],$_SESSION['cube_vector'])===false) {
echo "node::".$node['node_vector'];
echo "cube_Vector::".$_SESSION['cube_vector'];
}
}
-//modifying node glass pearl
-if (is_array($children_types[$node['node_type']])) $smarty->assign('children_types',$children_types[$node['node_type']]);
+//modifying node glass pearl //XXX WTF
+if (is_array($children_types[$node['node_type']])) {
+ $smarty->assign('children_types',$children_types[$node['node_type']]);
+}
$smarty->assign('types',$types);
//$node['node_type']=$types[$node['node_type']];
-$node['node_content']=StripSlashes($node['node_content']);
-$node['node_name']=StripSlashes($node['node_name']);
+$node['node_content']= StripSlashes($node['node_content']);
+$node['node_name']= StripSlashes($node['node_name']);
//checking permissions
function _checkPermissions()
if ($permissions['r']) {
//these 4 lines are not the source of kyberia lagging problems. leave them. started on the 10.4. data gained will be used for scientific purposes
-if ($_SESSION['user_id']) {
+if ((isset($_SESSION['user_id'])) && ($_SESSION['user_id'])) {
$q="insert delayed into levenshtein set user_id='".$_SESSION['user_id']."',node_id='".$node['node_id']."'";
$db->update($q);
}
// DO NOT MESS WITH THIS !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
//creating neural network
$db->update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'");
-if (is_numeric($referer_id)) {
+if (isset($referer_id) && is_numeric($referer_id)) {
$q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'";
$result=$db->update($q);
if (!$result) {
//assigning user data to smarty if user logged in
-if ($user_id=$_SESSION['user_id']) {
+if (isset($_SESSION['user_id'])&&($user_id=$_SESSION['user_id'])) {
$smarty->assign('_POST',$_POST);
$smarty->assign('bookmarks',$_SESSION['bookmarks']);
$smarty->assign('ignore',$_SESSION['ignore']);
}
-if ($node['template_id']!='2019721'){
+if (($node['template_id']!='2019721') && (isset($_SESSION['user_id']))){
//setting user location
$q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";
$db->executequery($q);
$children_count=$node['node_children_count'];
$descendant_count=$node['node_descendant_count'];
- if (is_numeric($_POST['listing_amount'])) $listing_amount=$_POST['listing_amount'];
- elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
+ if (isset($_POST['listing_amount']) && is_numeric($_POST['listing_amount'])) {
+ $listing_amount=mysql_real_escape_string($_POST['listing_amount']);
+ }elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
else $listing_amount=DEFAULT_LISTING_AMOUNT;
$smarty->assign('listing_amount',$listing_amount);
- if ($_POST['listing_order']) $listing_order=$_POST['listing_order'];
- elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
+ if (isset($_POST['listing_order']) && $_POST['listing_order']) {
+ $listing_order=mysql_real_escape_string($_POST['listing_order']);
+ } elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
else $listing_order=DEFAULT_LISTING_ORDER;
$smarty->assign('listing_order',$listing_order);
- if (is_numeric($_POST['get_children_offset'])) $offset=$_POST['get_children_offset'];
- else $offset=0;
+ if (isset ($_POST['get_children_offset']) && is_numeric($_POST['get_children_offset'])) {
+ $offset=$_POST['get_children_offset'];
+ } else { $offset=0; }
//movement forward and backward
}
//show own header
-elseif ($_SESSION['header_id']==true) {
+elseif (isset($_SESSION['header_id']) && ($_SESSION['header_id']==true)) {
$smarty->assign('header_id',$_SESSION['header_id']);
$smarty->template_dir=OWN_TEMPLATE_DIR;
$content=$smarty->fetch($_SESSION['header_id'].".tpl");
GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / blobdiff