X-Git-Url: http://git.harvie.cz/?a=blobdiff_plain;f=wwwroot%2Finc%2Feventz%2Fdisplay.inc;h=1793463cab663bccc57d135c9497abd420807268;hb=78f1a5f44941de2459b71c375e36cf88227c689c;hp=fe180e462212002b1048022efece71e3af56bfc0;hpb=80ce65a753a767b970a1d51f2a2fbe62015fdcf9;p=mirrors%2FKyberia-bloodline.git diff --git a/wwwroot/inc/eventz/display.inc b/wwwroot/inc/eventz/display.inc index fe180e4..1793463 100644 --- a/wwwroot/inc/eventz/display.inc +++ b/wwwroot/inc/eventz/display.inc @@ -1,6 +1,7 @@ update("update nodes set node_views=node_views+1 where node_id='".$node['node_id']."'"); -if (isset($referer_id) && is_numeric($referer_id)) { - $q="update neurons set synapse=synapse+1 where dst='".$node['node_id']."' and src='$referer_id'"; - $result=$db->update($q); - if (!$result) { - $q="insert into neurons set synapse_creator='".$_SESSION['user_id']."',dst='".$node['node_id']."',src='$referer_id',synapse=1"; - $db->query($q); - } -} - - -elseif (!$permissions['r'] && $_GET['magic_word']) { - $magic_word_big=$_GET['magic_word']; - - if ( preg_match("/(\d+)-(.+)/",$_GET['magic_word'],$mu)) { - $magic_uid=$mu['1']; - $magic_word=addslashes($mu['2']); - // XXX WTF column magic_word does not exists - $q="select login from users where user_id='$magic_uid' and magic_word='$magic_word'"; - $set=$db->query($q); - if ($set->getNumRows()) { - $permissions['r']=true; - } - } -} - - - - - -else { - logger::log('enter',$node['node_id'],'failed'); -} - - //assigning user data to smarty if user logged in if (isset($_SESSION['user_id'])&&($user_id=$_SESSION['user_id'])) { $smarty->assign('_POST',$_POST); $smarty->assign('bookmarks',$_SESSION['bookmarks']); - $smarty->assign('ignore',$_SESSION['ignore']); + if (isset($_SESSION['ignore'])) { $smarty->assign('ignore',$_SESSION['ignore']); }; $smarty->assign('bookstyl',$_SESSION['bookstyl']); - $smarty->assign('fook',$_SESSION['fook']); + if (isset($_SESSION['fook'])) {$smarty->assign('fook',$_SESSION['fook']); }; $smarty->assign('user_id',$_SESSION['user_id']); $smarty->assign('user_name',$_SESSION['user_name']); if (!empty($_SESSION['cube_vector'])) $smarty->assign('cube_vector',$_SESSION['cube_vector']); $smarty->assign('friends',$_SESSION['friends']); //req by freezy, done by darkaural - $smarty->assign('user_quota',$_SESSION['user_quota']); + if (isset($_SESSION['user_quota'])) {$smarty->assign('user_quota',$_SESSION['user_quota']);}; // XXX into function $newmail_q = sprintf('select u.user_mail_id @@ -169,7 +133,6 @@ if ($permissions['r']) { $smarty->assign('node_json',json_encode($node)); } else { - $smarty->assign('node',$node); //new templates by Dark matter $smarty->template_dir=OWN_TEMPLATE_DIR; @@ -189,7 +152,7 @@ else { if (($node['template_id']!='2019721') && (isset($_SESSION['user_id']))){ //setting user location $q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'"; -$db->executequery($q); +$db->query($q); } $whole_time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7); @@ -263,13 +226,13 @@ if (!empty($_POST['template_event'])) { $descendant_count=$node['node_descendant_count']; if (isset($_POST['listing_amount']) && is_numeric($_POST['listing_amount'])) { - $listing_amount=mysql_real_escape_string($_POST['listing_amount']); + $listing_amount=db_escape_string($_POST['listing_amount']); }elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount']; else $listing_amount=DEFAULT_LISTING_AMOUNT; $smarty->assign('listing_amount',$listing_amount); if (isset($_POST['listing_order']) && $_POST['listing_order']) { - $listing_order=mysql_real_escape_string($_POST['listing_order']); + $listing_order=db_escape_string($_POST['listing_order']); } elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order']; else $listing_order=DEFAULT_LISTING_ORDER; $smarty->assign('listing_order',$listing_order); @@ -282,23 +245,25 @@ if (!empty($_POST['template_event'])) { //movement forward and backward // if ($listing_order=='asc' && !$offset) $offset=$descendant_count-$listing_amount; - if ($_POST['get_children_move']=='<') { - $offset=$offset-$listing_amount; - if ($offset<0) $offset=0; - } - elseif ($_POST['get_children_move']=='>') { - $offset=$offset+$listing_amount; - } - elseif ($_POST['get_children_move']=='>>') { - $offset=$descendant_count-$listing_amount; - } - - elseif ($_POST['get_children_move']=='<<') { - $offset=0; - } - if ($offset<0) $offset=0; - $_POST['offset']=$offset; - $smarty->assign('offset',$offset); + if (isset($_POST['get_children_move'])) { + if ($_POST['get_children_move']=='<') { + $offset=$offset-$listing_amount; + if ($offset<0) $offset=0; + } + elseif ($_POST['get_children_move']=='>') { + $offset=$offset+$listing_amount; + } + elseif ($_POST['get_children_move']=='>>') { + $offset=$descendant_count-$listing_amount; + } + + elseif ($_POST['get_children_move']=='<<') { + $offset=0; + } + } + if ($offset<0) $offset=0; + $_POST['offset']=$offset; // XXX sqli? + $smarty->assign('offset',$offset); if ($node['external_link']=='header://svg' && !is_numeric($template_id)) { @@ -330,6 +295,7 @@ else { $content.=$smarty->fetch($node['template_id'].".tpl"); } +// XXX remove constant if ($template_id=='2019721'){ $content=$smarty->fetch($template_id.".tpl"); echo $content; @@ -340,5 +306,5 @@ if ($template_id=='2019721'){ } //end of displaying - return false; + return true; }