global $node,$db,$error,$referer_id,$smarty,$permissions,$template_id;
global $timer_start;
if (!$referer_id) $referer_id=1;
+ $content='';
$node_id=$node['node_id'];
- $user_id=$_SESSION['user_id'];
+ $user_id=(empty($_SESSION['user_id'])) ? "" : $_SESSION['user_id'];
if ($permissions['r']) {
if (($node['template_id']!='2019721') && (isset($_SESSION['user_id']))){
//setting user location
$q="update users set last_action=NOW(),user_location_vector='".$node['node_vector']."',user_action='".addslashes($node['node_name'])."',user_action_id='".$node['node_id']."' where user_id='".$_SESSION['user_id']."'";
-$db->executequery($q);
+$db->query($q);
}
$whole_time=SubStr((Time()+SubStr(MicroTime(),0,8)-$timer_start),0,7);
$descendant_count=$node['node_descendant_count'];
if (isset($_POST['listing_amount']) && is_numeric($_POST['listing_amount'])) {
- $listing_amount=mysql_real_escape_string($_POST['listing_amount']);
+ $listing_amount=db_escape_string($_POST['listing_amount']);
}elseif (!empty($_SESSION['listing_amount'])) $listing_amount=$_SESSION['listing_amount'];
else $listing_amount=DEFAULT_LISTING_AMOUNT;
$smarty->assign('listing_amount',$listing_amount);
if (isset($_POST['listing_order']) && $_POST['listing_order']) {
- $listing_order=mysql_real_escape_string($_POST['listing_order']);
+ $listing_order=db_escape_string($_POST['listing_order']);
} elseif (!empty($_SESSION['listing_order'])) $listing_order=$_SESSION['listing_order'];
else $listing_order=DEFAULT_LISTING_ORDER;
$smarty->assign('listing_order',$listing_order);
$_POST['offset']=$offset; // XXX sqli?
$smarty->assign('offset',$offset);
-
if ($node['external_link']=='header://svg' && !is_numeric($template_id)) {
header("Content-Type: image/svg+xml");
}