// Secure.
// Returns list of (node_permission, login)
-
public static function getNodeCommanders($node_id) {
global $db;
+
+ if (!is_numeric($node_id))
+ { return -1; }
+
$set=$db->query("select node_permission,users.login from node_access
left join users on node_access.user_id=users.user_id where
node_id='$node_id' and node_permission!='' order by node_permission");
return $commanders;
}
-
+
+// logout
+
+// Log out user.
+// Secure
+
+public static function logout() {
+ global $db;
+ $q="update users set user_action_id=null where user_id='".$_SESSION['user_id']."'";
+ $db->query($q);
+}
+
+// getNodesByType
+
+//
+// Secure
+// returns xxx
+
+public static function getNodesByType($vector,$user_id,$type,$orderby,$offset,$listing_amount) {
+ global $db;
+
+ if ((!is_numeric($user_id))
+ or (!is_numeric($offset))
+ or (!is_numeric($listing_amount))
+ or ($vector && !is_numeric($vector))
+ or (!is_numeric($type)))
+ { return -1; }
+
+ $orderby=db_escape_string($orderby);
+
+
+ $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes
+ left join nodes as parent on parent.node_id=nodes.node_parent
+ left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id'
+ left join users on users.user_id=nodes.node_creator where ";
+ if ($vector) $q.="nodes.node_vector like '$vector%' and";
+ $q.=" nodes.template_id='$type' and nodes.node_system_access!='private'";
+ if ($orderby) $q.=" order by $orderby ";
+ else $q.=" order by nodes.node_id desc ";
+ $q.= " LIMIT $offset,$listing_amount ";
+ $set=$db->query($q);
+
+ while ($set->next()) $result[]=$set->getRecord();
+
+ return $result;
+}
+
}
?>
elseif (is_file(INCLUDE_DIR."eventz/$event.inc")) {
$event_id=nodes::getNodeIdByName($event,"event://$event");
- $event_node=nodes::getNodeById($event_id,$_SESSION['user_id']);
+ $event_node=nodes::getNodeById($event_id,isset($_SESSION['user_id']) ? $_SESSION['user_id'] : "");
if (
($event_node['node_system_access']=='public')
|| (!empty($_SESSION['user_id']) && ($event_node['node_creator']==$_SESSION['user_id']))
$_SESSION['user_id']=$user_id;
$_SESSION['user_name']=addslashes($user_name);
- setcookie('jabber_login', $xmpp, time()+60*60*24*10, '/'); //10days on whole domain - should have persistent username in future...
+ setcookie('jabber_login', $xmpp, time()+60*60*24*10, '/');
+ //10days on whole domain - should have persistent username in future...
$xmpp_pass=hash('md5', 'jabber:'.$_POST['password']);
setcookie('jabber_password', $xmpp_pass, time()+60*60*24*10, '/'); //10days on whole domain
$xmpp_domain='kyberia.cz'; //XXX TODO Hardcoded kyberia.cz jabber domain (NOT dev.kyberia.cz!!!!!)
if (!empty($cube_vector)) $_SESSION['cube_vector']=$cube_vector;
if (empty($_SESSION['template_set'])) $_SESSION['template_set']=$set->getString('template_set');
- if (is_numeric($_POST['screen_width'])) $_SESSION['browser']['screen_width']=$_POST['screen_width'];
- if (is_numeric($_POST['screen_height'])) $_SESSION['browser']['screen_height']=$_POST['screen_height'];
+ if (!empty($_POST['screen_width']) && is_numeric($_POST['screen_width']))
+ { $_SESSION['browser']['screen_width']=$_POST['screen_width']; }
+ if (!empty($_POST['screen_height']) && is_numeric($_POST['screen_height']))
+ { $_SESSION['browser']['screen_height']=$_POST['screen_height']; }
$_SESSION['listing_amount']=$set->getString('listing_amount');
$_SESSION['listing_order']=$set->getString('listing_order');
$_SESSION['header_id']=$set->getString('header_id');
<?php
- function logout() {
- global $db;
- $q="update users set user_action_id=null where user_id='".$_SESSION['user_id']."'";
- $db->query($q);
- logger::log('logout',$node['node_id'],'ok',$_SESSION['user_name']);
- session_unset();
- Header("Location: /main");
- }
+// log out user
+
+function logout() {
+
+ nodes::logout();
+ logger::log('logout',empty($node['node_id']) ? "" : $node['node_id'],'ok',$_SESSION['user_name']);
+ session_unset();
+ Header("Location: /");
+}
?>
define('DEF_GALLERY_TEMPLATE',1041658);
define('DEF_LAST_NODE',23);
-define('DEF_MAX_LISTING_AMMOUNT',100);
+define('DEF_MAX_LISTING_AMMOUNT',333);
// 1961061 citizens?
// 1061495 citizens?
<?php
- function smarty_function_get_nodes_by_type($params,&$smarty) {
- global $node;
- $type=$params['type'];
- if ($params['listing_amount']=='all') $listing_amount='2323232323232323';
- else $listing_amount=$params['listing_amount'];
- if (empty($params['offset'])) $offset=0;
- else $offset=$params['offset'];
- if ($params['vector']) {
- $vector=addslashes($params['vector']);
- }
- if ($params['orderby']) {
- $orderby=addslashes($params['orderby']);
- }
+function smarty_function_get_nodes_by_type($params,&$smarty) {
+ global $node;
- global $db,$node;
- $node_id=$node['node_id'];
- $user_id=$_SESSION['user_id'];
- $q="select parent.node_name as parent_name,users.*,nodes.*,node_access.node_user_subchild_count from nodes left join nodes as parent on parent.node_id=nodes.node_parent left join node_access on node_access.node_id=nodes.node_id and node_access.user_id='$user_id' left join users on users.user_id=nodes.node_creator where ";
- if ($vector) $q.="nodes.node_vector like '$vector%' and";
- $q.=" nodes.template_id='$type' and nodes.node_system_access!='private'";
- if ($orderby) $q.=" order by $orderby ";
- else $q.=" order by nodes.node_id desc ";
- $q.= " LIMIT $offset,$listing_amount ";
- $set=$db->query($q);
+ $type=$params['type'];
+ if ($params['listing_amount']=='all') $listing_amount=DEF_MAX_LISTING_AMMOUNT;
+ else $listing_amount=$params['listing_amount'];
+ if (empty($params['offset'])) $offset=0;
+ else $offset=$params['offset'];
+ if ($params['vector']) {
+ $vector=$params['vector'];
+ }
+ if ($params['orderby']) {
+ $orderby=$params['orderby'];
+ }
+ $node_id=$node['node_id'];
+ $user_id=$_SESSION['user_id'];
- while ($set->next()) $pole[]=$set->getRecord();
- $smarty->assign('get_nodes_by_type',$pole);
+ $result=nodes::getNodesByType(isset($vector)?$vector:"",$user_id,$type,isset($orderby)?$orderby:"",$offset,$listing_amount);
- }
-?>
\ No newline at end of file
+ $smarty->assign('get_nodes_by_type',$result);
+
+}
+?>
GIT.Harvie.CZ / mirrors / Kyberia-bloodline.git / commitdiff
