From ea679f5dcfa94d0b620480c3658982ed100a24c2 Mon Sep 17 00:00:00 2001 From: "maul.esel" Date: Tue, 19 Feb 2013 16:03:12 +0100 Subject: [PATCH 1/3] change default config URL --- config/constants.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/constants.php b/config/constants.php index 8ae8d13..67e846e 100644 --- a/config/constants.php +++ b/config/constants.php @@ -9,7 +9,7 @@ define('ROOT_URL', (IS_HTTPS ? "https" : "http") . "://" . $_SERVER["SERVER_NAME"] . REL_ADDRESS); - define('SECURE_ROOT_URL', IS_SECURE ? ROOT_URL : "https://ahk4.net/user/maulesel/"); + define('SECURE_ROOT_URL', IS_SECURE ? ROOT_URL : "https://libba.net/"); define('API_URL', ROOT_URL . "api"); define('SECURE_API_URL', SECURE_ROOT_URL . "api"); From bd2540b6d0fbab401c52d9a9c5d73092c55c4183 Mon Sep 17 00:00:00 2001 From: "maul.esel" Date: Tue, 19 Feb 2013 16:18:52 +0100 Subject: [PATCH 2/3] Use SQL table name constants Remove usages of duplicate variables, use the existing constants instead. --- candidate.php | 18 +++++++++--------- create-account.php | 4 ++-- internal/mailimage.php | 2 +- review.php | 4 ++-- users/activity.php | 12 ++++++------ users/modify.php | 16 ++++++++-------- users/profile.php | 2 +- util/db.php | 5 ----- 8 files changed, 29 insertions(+), 34 deletions(-) diff --git a/candidate.php b/candidate.php index 77664fc..c12f5b2 100644 --- a/candidate.php +++ b/candidate.php @@ -37,7 +37,7 @@ $vote = (int)(mysql_real_escape_string($_POST["vote"])); if (in_array($vote, array(-1, 0, 1))) { - $db_query = "SELECT COUNT(*) FROM $db_table_candidate_comments WHERE id = '$id' AND vote != '0' AND user = UNHEX('{$_SESSION["userID"]}')"; + $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote != '0' AND user = UNHEX('{$_SESSION["userID"]}')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -54,7 +54,7 @@ $vote = 0; } - $db_query = "INSERT INTO $db_table_candidate_comments (id, user, comment, vote) VALUES ($id, UNHEX('{$_SESSION["userID"]}'), '" . mysql_real_escape_string($_POST["newcomment"]) . "', '" . $vote . "')"; + $db_query = "INSERT INTO " . DB_TABLE_CANDIDATE_COMMENTS . " (id, user, comment, vote) VALUES ($id, UNHEX('{$_SESSION["userID"]}'), '" . mysql_real_escape_string($_POST["newcomment"]) . "', '" . $vote . "')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -67,7 +67,7 @@ { if ($can_close) { - $db_query = "UPDATE $db_table_candidates Set closed = '1', closed-by = UNHEX('{$_SESSION["userID"]}'), closed-date = NOW(), closed-comment = '" . mysql_real_escape_string($_POST["closecomment"]) . "' WHERE id = '$id'"; + $db_query = "UPDATE " . DB_TABLE_CANDIDATES . " Set closed = '1', closed-by = UNHEX('{$_SESSION["userID"]}'), closed-date = NOW(), closed-comment = '" . mysql_real_escape_string($_POST["closecomment"]) . "' WHERE id = '$id'"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -83,7 +83,7 @@ header("Location: " . $_SERVER["REQUEST_URI"]); # reload to clear POST data and avoid repost of comment } - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM $db_table_candidates WHERE id = '$id'"; + $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE id = '$id'"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -122,7 +122,7 @@ } $comments = array(); - $db_query = "SELECT *, HEX(user) FROM $db_table_candidate_comments WHERE id = '$id'"; + $db_query = "SELECT *, HEX(user) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id'"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -139,7 +139,7 @@ $comments[] = $comment; } - $db_query = "SELECT COUNT(*) FROM $db_table_candidate_comments WHERE id = '$id' AND vote > '0'"; # get upvote count + $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote > '0'"; # get upvote count $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -149,7 +149,7 @@ } $up_vote_count = mysql_fetch_object($db_result)->{'COUNT(*)'}; - $db_query = "SELECT COUNT(*) FROM $db_table_candidate_comments WHERE id = '$id' AND vote < '0'"; # get downvote count + $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote < '0'"; # get downvote count $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -163,7 +163,7 @@ if ($logged_in) { - $db_query = "SELECT COUNT(*) FROM $db_table_candidate_comments WHERE id = '$id' AND vote != '0' AND user = UNHEX('{$_SESSION["userID"]}')"; + $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote != '0' AND user = UNHEX('{$_SESSION["userID"]}')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -194,7 +194,7 @@ } } - $db_query = "SELECT id, HEX(libid), HEX(userid), date, closed FROM $db_table_candidates WHERE $db_cond"; + $db_query = "SELECT id, HEX(libid), HEX(userid), date, closed FROM " . DB_TABLE_CANDIDATES . " WHERE $db_cond"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { diff --git a/create-account.php b/create-account.php index 0740d1b..000945c 100644 --- a/create-account.php +++ b/create-account.php @@ -15,7 +15,7 @@ $db_connection = db_ensure_connection(); # check if account exists - $db_query = "SELECT * FROM $db_table_user_profile WHERE mail = '$mail' OR id = UNHEX('$id')"; + $db_query = "SELECT * FROM " . DB_TABLE_USER_PROFILE . " WHERE mail = '$mail' OR id = UNHEX('$id')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -45,7 +45,7 @@ $id = mysql_real_escape_string($_POST["id"]); $mail = mysql_real_escape_string($_POST["mail"]); - $db_query = "INSERT INTO $db_table_user_profile (id, mail) VALUES (UNHEX('$id'), '$mail')"; + $db_query = "INSERT INTO " . DB_TABLE_USER_PROFILE . " (id, mail) VALUES (UNHEX('$id'), '$mail')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { diff --git a/internal/mailimage.php b/internal/mailimage.php index 42e2a67..5bc82bf 100644 --- a/internal/mailimage.php +++ b/internal/mailimage.php @@ -4,7 +4,7 @@ require_once("../util/db.php"); $db_connection = db_ensure_connection(); - $db_query = "SELECT mail, show_mail FROM $db_table_user_profile WHERE id = UNHEX('" . mysql_real_escape_string($_GET["user"]) . "')"; + $db_query = "SELECT mail, show_mail FROM " . DB_TABLE_USER_PROFILE . " WHERE id = UNHEX('" . mysql_real_escape_string($_GET["user"]) . "')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_connection) diff --git a/review.php b/review.php index 9926adf..213ab73 100644 --- a/review.php +++ b/review.php @@ -25,7 +25,7 @@ { if ($logged_in) { - $db_query = "INSERT INTO $db_table_review_comments (id, user, comment) VALUES (UNHEX('$id'), UNHEX('{$_SESSION["userID"]}'), '" . mysql_real_escape_string($_POST["newcomment"]) . "')"; + $db_query = "INSERT INTO " . DB_TABLE_REVIEW_COMMENTS . " (id, user, comment) VALUES (UNHEX('$id'), UNHEX('{$_SESSION["userID"]}'), '" . mysql_real_escape_string($_POST["newcomment"]) . "')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -53,7 +53,7 @@ } } - $db_query = "SELECT HEX(user), comment, date FROM $db_table_review_comments WHERE id = UNHEX('$id')"; + $db_query = "SELECT HEX(user), comment, date FROM " . DB_TABLE_REVIEW_COMMENTS . " WHERE id = UNHEX('$id')"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { diff --git a/users/activity.php b/users/activity.php index 67f3149..51e9e7d 100644 --- a/users/activity.php +++ b/users/activity.php @@ -73,7 +73,7 @@ } # get review comments - $db_query = "SELECT HEX(id), comment, date FROM $db_table_review_comments WHERE user = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = "SELECT HEX(id), comment, date FROM " . DB_TABLE_REVIEW_COMMENTS . " WHERE user = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -103,7 +103,7 @@ $retrieved_candidates = array(); # get candidates opened and closed - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM $db_table_candidates WHERE userid = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE userid = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -140,7 +140,7 @@ if (hasPrivilege($user_data["privileges"], PRIVILEGE_STDLIB)) { # get candidates closed by this user - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM $db_table_candidates WHERE `closed-by` = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE `closed-by` = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -156,7 +156,7 @@ } # get candidate comments - $db_query = "SELECT id, comment, date, vote FROM $db_table_candidate_comments WHERE user = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = "SELECT id, comment, date, vote FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE user = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { @@ -255,8 +255,8 @@ \ No newline at end of file From 36267556a70deb2a15e619197536fbdb140d0d68 Mon Sep 17 00:00:00 2001 From: "maul.esel" Date: Thu, 21 Feb 2013 21:26:00 +0100 Subject: [PATCH 3/3] Use single quotes wherever possible --- about.php | 6 +- candidate.php | 184 ++++++++++++++++++------------------ config/constants.php | 16 ++-- create-account.php | 34 +++---- help.php | 6 +- index.php | 8 +- internal/mailimage.php | 18 ++-- items/compare.php | 10 +- items/list.php | 66 ++++++------- items/view.php | 46 ++++----- login.php | 54 +++++------ partials/header.php | 4 +- register.php | 72 +++++++------- review.php | 66 ++++++------- sitemap.php | 80 ++++++++-------- upload.php | 42 ++++----- users/achievements.php | 46 ++++----- users/activity.php | 192 +++++++++++++++++++------------------- users/items.php | 50 +++++----- users/list.php | 40 ++++---- users/modify.php | 144 ++++++++++++++-------------- users/profile.php | 52 +++++------ users/user_navigation.php | 24 ++--- util/ALD.php | 56 +++++------ util/db.php | 4 +- util/rewriter.php | 4 +- util/secure_redirect.php | 4 +- util/sortArray.php | 2 +- util/subfolder.php | 8 +- util/user_input.php | 8 +- 30 files changed, 673 insertions(+), 673 deletions(-) diff --git a/about.php b/about.php index 295609d..c5ebdc8 100644 --- a/about.php +++ b/about.php @@ -1,11 +1,11 @@ - +

About

@@ -34,6 +34,6 @@

- + \ No newline at end of file diff --git a/candidate.php b/candidate.php index c12f5b2..d731791 100644 --- a/candidate.php +++ b/candidate.php @@ -2,12 +2,12 @@ ob_start(); session_start(); - require_once("util/user_input.php"); - require_once("util/db.php"); - require_once("util/ALD.php"); + require_once('util/user_input.php'); + require_once('util/db.php'); + require_once('util/ALD.php'); - require_once("config/constants.php"); - require_once("util/privilege.php"); + require_once('config/constants.php'); + require_once('util/privilege.php'); require_once('modules/semver/semver.php'); require_once('util/get_privilege_symbols.php'); @@ -21,28 +21,28 @@ $error = true; # assume error here, reset on success $page_title = 'ERROR'; - if (isset($_GET["id"])) + if (isset($_GET['id'])) { - $id = mysql_real_escape_string($_GET["id"], $db_connection); - $logged_in = isset($_SESSION["userID"]); - $can_close = $logged_in && hasPrivilege($_SESSION["privileges"], PRIVILEGE_STDLIB); + $id = mysql_real_escape_string($_GET['id'], $db_connection); + $logged_in = isset($_SESSION['userID']); + $can_close = $logged_in && hasPrivilege($_SESSION['privileges'], PRIVILEGE_STDLIB); $diff = false; if (!empty($_POST) && $logged_in) { - if (isset($_POST["newcomment"])) + if (isset($_POST['newcomment'])) { - if (isset($_POST["vote"])) + if (isset($_POST['vote'])) { - $vote = (int)(mysql_real_escape_string($_POST["vote"])); + $vote = (int)(mysql_real_escape_string($_POST['vote'])); if (in_array($vote, array(-1, 0, 1))) { - $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote != '0' AND user = UNHEX('{$_SESSION["userID"]}')"; + $db_query = 'SELECT COUNT(*) FROM ' . DB_TABLE_CANDIDATE_COMMENTS . ' WHERE id = "' . $id . '" AND vote != "0" AND user = UNHEX("' . $_SESSION['userID'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to get previous votes: MySQL error"; - $error_description = "Could not check if current user has already voted. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to get previous votes: MySQL error'; + $error_description = 'Could not check if current user has already voted. MySQL error was: "' . mysql_error() . '"'; break; } $can_vote = mysql_fetch_object($db_result)->{'COUNT(*)'} == 0; # set to false if there's already a comment by the current user with a vote @@ -54,60 +54,60 @@ $vote = 0; } - $db_query = "INSERT INTO " . DB_TABLE_CANDIDATE_COMMENTS . " (id, user, comment, vote) VALUES ($id, UNHEX('{$_SESSION["userID"]}'), '" . mysql_real_escape_string($_POST["newcomment"]) . "', '" . $vote . "')"; + $db_query = 'INSERT INTO ' . DB_TABLE_CANDIDATE_COMMENTS . ' (id, user, comment, vote) VALUES (' . $id . ', UNHEX("' . $_SESSION['userID'] . '"), "' . mysql_real_escape_string($_POST['newcomment']) . '", "' . $vote . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to save comment: MySQL error"; - $error_description = "Could not save your last comment on this thread. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to save comment: MySQL error'; + $error_description = 'Could not save your last comment on this thread. MySQL error was: "' . mysql_error() . '"'; break; } } - else if (isset($_POST["accept"]) || isset($_POST["reject"])) + else if (isset($_POST['accept']) || isset($_POST['reject'])) { if ($can_close) { - $db_query = "UPDATE " . DB_TABLE_CANDIDATES . " Set closed = '1', closed-by = UNHEX('{$_SESSION["userID"]}'), closed-date = NOW(), closed-comment = '" . mysql_real_escape_string($_POST["closecomment"]) . "' WHERE id = '$id'"; + $db_query = 'UPDATE ' . DB_TABLE_CANDIDATES . ' Set closed = "1", closed-by = UNHEX("' . $_SESSION['userID'] . '"), closed-date = NOW(), closed-comment = "' . mysql_real_escape_string($_POST['closecomment']) . '" WHERE id = "' . $id . '"'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to close this thread: MySQL error"; - $error_description = "Could not close the thread. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to close this thread: MySQL error'; + $error_description = 'Could not close the thread. MySQL error was: "' . mysql_error() . '"'; break; } - $db_query = "UPDATE $db_table_main Set default_include = '1' WHERE id = UNHEX('')"; # todo + $db_query = 'UPDATE $db_table_main Set default_include = "1" WHERE id = UNHEX("")'; # todo # TODO } } - header("Location: " . $_SERVER["REQUEST_URI"]); # reload to clear POST data and avoid repost of comment + header('Location: ' . $_SERVER['REQUEST_URI']); # reload to clear POST data and avoid repost of comment } - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE id = '$id'"; + $db_query = 'SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM ' . DB_TABLE_CANDIDATES . ' WHERE id = "' . $id . '"'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve thread: MySQL error"; - $error_description = "Could not retrieve data on this thread. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve thread: MySQL error'; + $error_description = 'Could not retrieve data on this thread. MySQL error was: "' . mysql_error() . '"'; break; } if (mysql_num_rows($db_result) != 1) { - $error_message = "Failed to retrieve thread: not found"; - $error_description = "Could not find this thread. Most likely, the URL is incorrect."; + $error_message = 'Failed to retrieve thread: not found'; + $error_description = 'Could not find this thread. Most likely, the URL is incorrect.'; break; } $candidate = mysql_fetch_assoc($db_result); - $lib = $api->getItemById($candidate["HEX(libid)"]); - $candidate["libname"] = $lib["name"]; - $candidate["libversion"] = $lib["version"]; - $temp = $api->getUserById($candidate["HEX(userid)"]); - $candidate["username"] = $temp["name"]; - if ($candidate["closed"]) + $lib = $api->getItemById($candidate['HEX(libid)']); + $candidate['libname'] = $lib['name']; + $candidate['libversion'] = $lib['version']; + $temp = $api->getUserById($candidate['HEX(userid)']); + $candidate['username'] = $temp['name']; + if ($candidate['closed']) { - $temp = $api->getUserById($candidate["HEX(`closed-by`)"]); - $candidate["closed-by"] = $temp["name"]; + $temp = $api->getUserById($candidate['HEX(`closed-by`)']); + $candidate['closed-by'] = $temp['name']; } else { @@ -116,45 +116,45 @@ if (count($list) > 0) { $diff = true; - usort($list, "semver_sort"); # sort by version numbers (descending) + usort($list, 'semver_sort'); # sort by version numbers (descending) $diff_base = $list[0]['version']; } } $comments = array(); - $db_query = "SELECT *, HEX(user) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id'"; + $db_query = 'SELECT *, HEX(user) FROM ' . DB_TABLE_CANDIDATE_COMMENTS . ' WHERE id = "' . $id . '"'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve comments: MySQL error"; - $error_description = "Could not read the comments on this thread. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve comments: MySQL error'; + $error_description = 'Could not read the comments on this thread. MySQL error was: "' . mysql_error() . '"'; break; } while ($comment = mysql_fetch_assoc($db_result)) { - $temp = $api->getUserById($comment["HEX(user)"]); - $comment["user"] = $temp["name"]; - $comment["user-mail"] = $temp["mail-md5"]; + $temp = $api->getUserById($comment['HEX(user)']); + $comment['user'] = $temp['name']; + $comment['user-mail'] = $temp['mail-md5']; $comment['user-privilege'] = $temp['privileges']; $comments[] = $comment; } - $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote > '0'"; # get upvote count + $db_query = 'SELECT COUNT(*) FROM ' . DB_TABLE_CANDIDATE_COMMENTS . ' WHERE id = "' . $id . '" AND vote > 0'; # get upvote count $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve upvote count: MySQL error"; - $error_description = "The number of upvotes could not be read. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve upvote count: MySQL error'; + $error_description = 'The number of upvotes could not be read. MySQL error was: "' . mysql_error() . '"'; break; } $up_vote_count = mysql_fetch_object($db_result)->{'COUNT(*)'}; - $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote < '0'"; # get downvote count + $db_query = 'SELECT COUNT(*) FROM ' . DB_TABLE_CANDIDATE_COMMENTS . ' WHERE id = "' . $id . '" AND vote < 0'; # get downvote count $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve downvote count: MySQL error"; - $error_description = "The number of downvotes could not be read. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve downvote count: MySQL error'; + $error_description = 'The number of downvotes could not be read. MySQL error was: "' . mysql_error() . '"'; break; } $down_vote_count = mysql_fetch_object($db_result)->{'COUNT(*)'}; @@ -163,55 +163,55 @@ if ($logged_in) { - $db_query = "SELECT COUNT(*) FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE id = '$id' AND vote != '0' AND user = UNHEX('{$_SESSION["userID"]}')"; + $db_query = 'SELECT COUNT(*) FROM ' . DB_TABLE_CANDIDATE_COMMENTS . ' WHERE id = "' . $id . '" AND vote != 0 AND user = UNHEX("' . $_SESSION['userID'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to get previous votes: MySQL error"; - $error_description = "Could not check if current user has already voted. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to get previous votes: MySQL error'; + $error_description = 'Could not check if current user has already voted. MySQL error was: "' . mysql_error() . '"'; break; } $can_vote = mysql_fetch_object($db_result)->{'COUNT(*)'} == 0; # set to false if there's already a comment by the current user with a vote } - $page_title = ($candidate["closed"] ? "closed: " : "") . $candidate["libname"] . " v" . $candidate["libversion"] . " | Candidate for stdlib"; + $page_title = ($candidate['closed'] ? 'closed: ' : '') . $candidate['libname'] . ' v' . $candidate['libversion'] . ' | Candidate for stdlib'; } else { - $page_title = "Candidates for the standard library"; + $page_title = 'Candidates for the standard library'; - $db_cond = "closed != '1'"; - if (isset($_GET["mode"])) + $db_cond = 'closed != 1'; + if (isset($_GET['mode'])) { - if (strtolower($_GET["mode"]) == "closed") + if (strtolower($_GET['mode']) == 'closed') { - $db_cond = "closed = '1'"; - $page_title .= " (closed)"; + $db_cond = 'closed = 1'; + $page_title .= ' (closed)'; } - else if (strtolower($_GET["mode"]) == "all") + else if (strtolower($_GET['mode']) == 'all') { - $db_cond = "'1' = '1'"; + $db_cond = '1 = 1'; } } - $db_query = "SELECT id, HEX(libid), HEX(userid), date, closed FROM " . DB_TABLE_CANDIDATES . " WHERE $db_cond"; + $db_query = 'SELECT id, HEX(libid), HEX(userid), date, closed FROM ' . DB_TABLE_CANDIDATES . ' WHERE ' . $db_cond; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve list of candidates: MySQL error"; - $error_description = "The list of candidates could not be read. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve list of candidates: MySQL error'; + $error_description = 'The list of candidates could not be read. MySQL error was: "' . mysql_error() . '"'; break; } $candidates = array(); while ($candidate = mysql_fetch_assoc($db_result)) { - $lib = $api->getItemById($candidate["HEX(libid)"]); - $candidate["lib-name"] = $lib["name"]; - $candidate["lib-version"] = $lib["version"]; + $lib = $api->getItemById($candidate['HEX(libid)']); + $candidate['lib-name'] = $lib['name']; + $candidate['lib-version'] = $lib['version']; - $temp = $api->getUserById($candidate["HEX(userid)"]); - $candidate["user"] = $temp["name"]; + $temp = $api->getUserById($candidate['HEX(userid)']); + $candidate['user'] = $temp['name']; $candidates[] = $candidate; } @@ -222,7 +222,7 @@ - + @@ -249,15 +249,15 @@ Library: - "> (v) + (v) User: - /profile"> + Applied: - + @@ -266,11 +266,11 @@ -
+
-
+
-
0 ? "+" : "-") . $total_vote_count; ?> votes
+
+
-
0 ? '+' : '-') . $total_vote_count; ?> votes

Comments

@@ -278,14 +278,14 @@ foreach ($comments AS $comment) { $symbols = get_privilege_symbols($comment['user-privilege']); - echo "" - . ""; + echo '' + . ''; } - if (!$candidate["closed"] && $logged_in) + if (!$candidate['closed'] && $logged_in) { ?> - + " - . ""; + echo '' + . ''; /* if ($can_close && !$in_standard) { @@ -346,14 +346,14 @@ { $status = $cand['closed'] ? 'closed' : 'open'; echo '
' - . "

{$cand['lib-name']} (v{$cand['lib-version']})

" + . '

' . $cand['lib-name'] . ' (v' . $cand['lib-version'] . ')

' . '
' - . "
Name
{$cand['lib-name']}
" - . "
Version
{$cand['lib-version']}
" - . "
User
$cand[user]
" - . "
Date
$cand[date]
" - . "
Status
$status
" - . "
Link
Go to discussion thread
" + . '
Name
' . $cand['lib-name'] . '
' + . '
Version
' . $cand['lib-version'] . '
' + . '
User
' . $cand['user'] . '
' + . '
Date
' . $cand['date'] . '
' + . '
Status
' . $status . '
' + . '
Link
Go to discussion thread
' . '
'; } ?> @@ -362,11 +362,11 @@ } ?> - + diff --git a/config/constants.php b/config/constants.php index 67e846e..0160431 100644 --- a/config/constants.php +++ b/config/constants.php @@ -1,16 +1,16 @@ \ No newline at end of file diff --git a/create-account.php b/create-account.php index 000945c..a13eecc 100644 --- a/create-account.php +++ b/create-account.php @@ -1,21 +1,21 @@ 0) { - throw new HttpException(409, NULL, "Account already exists"); + throw new HttpException(409, NULL, 'Account already exists'); } # check if user is correct $api = new ALD( API_URL ); try { - $user = $api->getUserById($_POST["id"]); + $user = $api->getUserById($_POST['id']); } catch (HttpException $e) { - throw new HttpException(404, NULL, "User not found in backend: '{$e->getMessage()}'."); + throw new HttpException(404, NULL, 'User not found in backend: "' . $e->getMessage() . '")'; } - if ($user["name"] != $_POST["user"] || $user["mail"] != md5($_POST["mail"])) + if ($user['name'] != $_POST['user'] || $user['mail'] != md5($_POST['mail'])) { - throw new HttpException(400, NULL, "data invalid"); + throw new HttpException(400, NULL, 'data invalid'); } # create account - $id = mysql_real_escape_string($_POST["id"]); - $mail = mysql_real_escape_string($_POST["mail"]); + $id = mysql_real_escape_string($_POST['id']); + $mail = mysql_real_escape_string($_POST['mail']); - $db_query = "INSERT INTO " . DB_TABLE_USER_PROFILE . " (id, mail) VALUES (UNHEX('$id'), '$mail')"; + $db_query = 'INSERT INTO ' . DB_TABLE_USER_PROFILE . ' (id, mail) VALUES (UNHEX("' . $id . '"), "' . $mail . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { throw new HttpException(500, NULL, mysql_error()); } - header("HTTP/1.1 204 " . HttpException::getStatusMessage(204)); + header('HTTP/1.1 204 ' . HttpException::getStatusMessage(204)); exit; } catch (HttpException $e) { - header("HTTP/1.1 {$e->getCode()} " . HttpException::getStatusMessage($e->getCode())); + header('HTTP/1.1 ' . $e->getCode() . ' ' . HttpException::getStatusMessage($e->getCode())); echo $e->getMessage(); } ?> \ No newline at end of file diff --git a/help.php b/help.php index 757eaf6..a58594f 100644 --- a/help.php +++ b/help.php @@ -1,11 +1,11 @@ - + @@ -45,6 +45,6 @@

- + \ No newline at end of file diff --git a/index.php b/index.php index 0a6f07a..1b0fb6c 100644 --- a/index.php +++ b/index.php @@ -1,15 +1,15 @@ - + - +
@@ -40,6 +40,6 @@ apache
- + \ No newline at end of file diff --git a/internal/mailimage.php b/internal/mailimage.php index 5bc82bf..15444bc 100644 --- a/internal/mailimage.php +++ b/internal/mailimage.php @@ -1,28 +1,28 @@ @@ -206,10 +206,10 @@ foreach ($meta_actions AS $action) { switch ($action['type']) { case ACT_ADD: $prefix = 'Added:'; - $details = "Property $action[property] has been added to the package metadata."; + $details = 'Property ' . $action['property'] . ' has been added to the package metadata.'; break; case ACT_DEL: $prefix = 'Deleted:'; - $details = "Property $action[property] has been removed from the package metadata."; + $details = 'Property ' . $action['property'] . ' has been removed from the package metadata.'; break; default: case ACT_MOD: $prefix = 'Modified:'; @@ -226,7 +226,7 @@ \ No newline at end of file diff --git a/items/list.php b/items/list.php index f0369e3..7294af0 100644 --- a/items/list.php +++ b/items/list.php @@ -2,54 +2,54 @@ ob_start(); session_start(); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); - require_once("../util/sortArray.php"); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); + require_once('../util/sortArray.php'); require_once('../partials/Notice.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $page_title = "Browse "; + $page_title = 'Browse '; - if ($type = (!empty($_GET["type"]) && in_array(strtolower($_GET["type"]), array("app", "lib"))) ? strtolower($_GET["type"]) : NULL) + if ($type = (!empty($_GET['type']) && in_array(strtolower($_GET['type']), array('app', 'lib'))) ? strtolower($_GET['type']) : NULL) { - $page_title .= ($type == "app") ? "applications" : ($type == "lib" ? "libraries" : "libraries and applications"); + $page_title .= ($type == 'app') ? 'applications' : ($type == 'lib' ? 'libraries' : 'libraries and applications'); } else # probably remove unknown type and reload? { - $page_title .= "libraries and applications"; + $page_title .= 'libraries and applications'; } - $user = !empty($_GET["user"]) ? $_GET["user"] : NULL - AND $page_title .= " by $user"; - $stdlib = !empty($_GET["stdlib"]) ? $_GET["stdlib"] : "both" - AND $page_title .= !empty($_GET["stdlib"]) ? " (lib standard)" : ""; - $tags = isset($_GET["tags"]) ? explode("|", $_GET["tags"]) : NULL - AND $page_title .= " (tags: " . implode($tags, ", ") . ")"; + $user = !empty($_GET['user']) ? $_GET['user'] : NULL + AND $page_title .= ' by ' . $user; + $stdlib = !empty($_GET['stdlib']) ? $_GET['stdlib'] : 'both' + AND $page_title .= !empty($_GET['stdlib']) ? ' (lib standard)' : ''; + $tags = isset($_GET['tags']) ? explode('|', $_GET['tags']) : NULL + AND $page_title .= ' (tags: ' . implode($tags, ', ') . ')'; - $page_index = !empty($_GET["page"]) ? (int)$_GET["page"] : 0; - $page_itemcount = !empty($_GET["items"]) ? (int)$_GET["items"] : 20; + $page_index = !empty($_GET['page']) ? (int)$_GET['page'] : 0; + $page_itemcount = !empty($_GET['items']) ? (int)$_GET['items'] : 20; $start_index = $page_index * $page_itemcount; try { - $items = $api->getItemList($start_index, $page_itemcount + 1, $type, $user, NULL, $tags, "latest", $stdlib); + $items = $api->getItemList($start_index, $page_itemcount + 1, $type, $user, NULL, $tags, 'latest', $stdlib); } catch (HttpException $e) { - $error_message = "Failed to get item list: API error"; - $error_description = "The requested list of items could not be retrieved. API error was: '{$e->getMessage()}'"; + $error_message = 'Failed to get item list: API error'; + $error_description = 'The requested list of items could not be retrieved. API error was: "' . $e->getMessage() . '"'; break; } if (count($items) > 0) { - $items = sortArray($items, "name"); + $items = sortArray($items, 'name'); } $error = false; } @@ -57,7 +57,7 @@ - + @@ -76,7 +76,7 @@ } else { - $last_letter = ""; + $last_letter = ''; $i = 0; foreach ($items as $item) { @@ -89,46 +89,46 @@ $current_letter = strtoupper(substr($item['name'], 0, 1)); if (!ctype_alpha($current_letter)) { - $current_letter = ".#?1"; + $current_letter = '.#?1'; } if ($current_letter != $last_letter) { - if ($last_letter != "") + if ($last_letter != '') { - echo ""; + echo ''; } - echo "

$current_letter

'; } else { - echo "No items found that match your query."; + echo 'No items found that match your query.'; } if ($page_index > 0) { - echo ""; + echo ''; } if (count($items) > $page_itemcount) { - echo ""; + echo ''; } } ?>
- + \ No newline at end of file diff --git a/items/view.php b/items/view.php index 748225a..1bbfc61 100644 --- a/items/view.php +++ b/items/view.php @@ -2,35 +2,35 @@ session_start(); ob_start(); - if (!isset($_GET["id"]) && (!isset($_GET["name"]) || !isset($_GET["version"]))) + if (!isset($_GET['id']) && (!isset($_GET['name']) || !isset($_GET['version']))) { - header("Location: ."); + header('Location: .'); exit; } - require_once("../util/ALD.php"); - require_once("../config/constants.php"); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); require_once('../modules/semver/semver.php'); require_once('../modules/HttpException/HttpException.php'); require_once('../partials/Notice.php'); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $api = new ALD( API_URL ); $error = false; try { - if (isset($_GET["id"])) + if (isset($_GET['id'])) { - $id = $_GET["id"]; + $id = $_GET['id']; $item = $api->getItemById($id); } else { - $item = $api->getItem($_GET["name"], $_GET["version"]); - $id = $item["id"]; + $item = $api->getItem($_GET['name'], $_GET['version']); + $id = $item['id']; } - $page_title = "\"{$item['name']}\" (v{$item['version']})"; + $page_title = '"' . $item['name'] . '" (v' . $item['version'] . ')'; } catch (HttpException $e) { @@ -43,7 +43,7 @@ - + @@ -70,57 +70,57 @@ $tag "; + echo '' . $tag . ' '; } ?> - +
\"avatar\"
{$comment["user"]}$symbols
{$comment["date"]}
" . user_input_process($comment["comment"]) . '
' . (!empty($comment["vote"]) ? "
+1
" : "") . "
avatar
' . $comment['user'] . '' . $symbols . '
' . $comment['date'] . '
' . user_input_process($comment['comment']) . '
' . (!empty($comment['vote']) ? '
+1
' : '') . '
/profile">You
Now		You
Now
@@ -320,10 +320,10 @@
{$candidate["closed-by"]}
{$candidate["closed-date"]}
" . user_input_process($candidate["closed-comment"]) . "
' . $candidate['closed-by'] . '
' . $candidate['closed-date'] . '
' . user_input_process($candidate['closed-comment']) . '
Reviewed:Yes" : "red\">No") . ""; ?>Yes' : 'red">No') . ''; ?>

Description

getItemList(0, "all", NULL, NULL, $item['name']); + $versions = $api->getItemList(0, 'all', NULL, NULL, $item['name']); # remove the current item from the array - require_once("../util/searchSubArray.php"); - $index = searchSubArray($versions, array("id" => $item["id"])); + require_once('../util/searchSubArray.php'); + $index = searchSubArray($versions, array('id' => $item['id'])); if ($index !== NULL) { unset($versions[$index]); } - usort($versions, "semver_sort"); # sort by "version" field, following semver rules + usort($versions, 'semver_sort'); # sort by "version" field, following semver rules if (count($versions) > 0) { - echo "

Other versions:

    "; + echo '

    Other versions:

    "; + echo '
'; } } ?> - + diff --git a/login.php b/login.php index 06e3196..6ad5b16 100644 --- a/login.php +++ b/login.php @@ -1,17 +1,17 @@ getUserList(); } - else if ($mode == "logout") + else if ($mode == 'logout') { - $page_title = "Logged out"; + $page_title = 'Logged out'; clearSession(); $should_redirect = true; } } else { - if (isset($_POST["name"]) && isset($_POST["password"])) + if (isset($_POST['name']) && isset($_POST['password'])) { for ($i = 0; $i < 1; $i++) { - if ($mode == "login") + if ($mode == 'login') { - if (isset($_POST["keepLoggedIn"]) && $_POST["keepLoggedIn"]) + if (isset($_POST['keepLoggedIn']) && $_POST['keepLoggedIn']) { session_set_cookie_params(8640000); # 100 Tage } - $page_title = "Login failed"; # assume failure, reset on success + $page_title = 'Login failed'; # assume failure, reset on success $should_redirect = false; $api = new ALD( SECURE_API_URL ); @@ -64,12 +64,12 @@ break; } - $_SESSION["user"] = $_POST['name']; - $_SESSION["userID"] = $user["id"]; - $_SESSION["password"] = $_POST["password"]; - $_SESSION["privileges"] = $user["privileges"]; + $_SESSION['user'] = $_POST['name']; + $_SESSION['userID'] = $user['id']; + $_SESSION['password'] = $_POST['password']; + $_SESSION['privileges'] = $user['privileges']; - $page_title = "Successfully logged in!"; + $page_title = 'Successfully logged in!'; $error = false; $should_redirect = true; } @@ -87,11 +87,11 @@ "; + echo ''; ?> - > + >

- " method="post"> + Enter your personal information below: required="required"/> '; foreach ($user_list AS $user) { - echo ""; + echo ''; } echo ''; } @@ -144,13 +144,13 @@ } if ($should_redirect) { - echo "

Redirecting to $redirect in 10 seconds...

"; + echo '

Redirecting to ' . $redirect . ' in 10 seconds...

'; } } ?>
- + $_SESSION[user]!
Logout"; + echo 'Welcome
' . $_SESSION['user'] . '!
Logout'; } else { diff --git a/register.php b/register.php index 1b61eb9..4d6c8d4 100644 --- a/register.php +++ b/register.php @@ -2,27 +2,27 @@ session_start(); ob_start(); - require_once("config/constants.php"); - require_once("util/ALD.php"); - require_once("util/secure_redirect.php"); + require_once('config/constants.php'); + require_once('util/ALD.php'); + require_once('util/secure_redirect.php'); require_once('partials/Notice.php'); secure_redirect(); - $page_title = "Registration failed"; - $mode = isset($_GET["mode"]) ? strtolower($_GET["mode"]) : "init"; + $page_title = 'Registration failed'; + $mode = isset($_GET['mode']) ? strtolower($_GET['mode']) : 'init'; $error = true; $api = new ALD( API_URL ); if (empty($_POST)) { - if ($mode == "init") + if ($mode == 'init') { - $page_title = "Register"; + $page_title = 'Register'; } - else if ($mode == "verify") + else if ($mode == 'verify') { - $page_title = "Complete your registration"; + $page_title = 'Complete your registration'; } $error = false; } @@ -30,48 +30,48 @@ { for ($i = 0; $i < 1; $i++) { - if ($mode == "init") + if ($mode == 'init') { - if (empty($_POST["name"]) || empty($_POST["mail"]) || empty($_POST["password"]) || empty($_POST["password_alt"])) + if (empty($_POST['name']) || empty($_POST['mail']) || empty($_POST['password']) || empty($_POST['password_alt'])) { - $message = "Data missing"; - $error_description = "Not all data required for a registration is present."; + $message = 'Data missing'; + $error_description = 'Not all data required for a registration is present.'; break; } try { - $api->initRegistration( $_POST["name"], $_POST["mail"], $_POST["password"], $_POST["password_alt"] ); + $api->initRegistration( $_POST['name'], $_POST['mail'], $_POST['password'], $_POST['password_alt'] ); } catch (HttpException $e) { - $message = "Failed to initiate registration"; - $error_description = "The attempt to initiate a registration failed. Error code was: '{$e->getCode()}'. Error message was: '{$e->getMessage()}'."; + $message = 'Failed to initiate registration'; + $error_description = 'The attempt to initiate a registration failed. Error code was: "' . $e->getCode() . '". Error message was: "' . $e->getMessage() . '".'; break; } - $message = "Registration has been initiated successfully. Check your email account for further details."; - $page_title = "Registration initiated"; + $message = 'Registration has been initiated successfully. Check your email account for further details.'; + $page_title = 'Registration initiated'; } - else if ($mode == "verify" && isset($_GET["id"])) + else if ($mode == 'verify' && isset($_GET['id'])) { - if (empty($_POST["token"])) + if (empty($_POST['token'])) { - $message = "Data missing"; - $error_description = "Not all data required for completing your rgistration is present."; + $message = 'Data missing'; + $error_description = 'Not all data required for completing your rgistration is present.'; break; } try { - $api->completeRegistration( $_GET["id"], $_POST["token"] ); + $api->completeRegistration( $_GET['id'], $_POST['token'] ); } catch (HttpException $e) { - $message = "Failed to complete registration"; - $error_description = "Completing the registration with the given token failed. Error message was: '{$e->getMessage()}'."; + $message = 'Failed to complete registration'; + $error_description = 'Completing the registration with the given token failed. Error message was: "' . $e->getMessage() . '"'; break; } - $message = "Your registration has successfully been completed."; - $page_title = "Registration successful"; + $message = 'Your registration has successfully been completed.'; + $page_title = 'Registration successful'; } $error = false; @@ -81,7 +81,7 @@ - + @@ -90,21 +90,21 @@
Look at the image below and type the displayed letters in the box. -
Token"/> -
Image available at: ">/users/register/token/ +
Token +
Image available at: /users/register/token/
- " method="post"> - + + - + Enter the data for the account you want to create: @@ -138,11 +138,11 @@ } ?> - + \ No newline at end of file diff --git a/review.php b/review.php index 213ab73..19ab455 100644 --- a/review.php +++ b/review.php @@ -2,48 +2,48 @@ ob_start(); session_start(); - require_once("util/ALD.php"); - require_once("config/constants.php"); + require_once('util/ALD.php'); + require_once('config/constants.php'); require_once('partials/Notice.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); - if (isset($_GET["id"])) + if (isset($_GET['id'])) { - require_once("util/db.php"); + require_once('util/db.php'); require_once('modules/semver/semver.php'); require_once('util/get_privilege_symbols.php'); $db_connection = db_ensure_connection(); - $id = mysql_real_escape_string($_GET["id"], $db_connection); + $id = mysql_real_escape_string($_GET['id'], $db_connection); $error = true; for ($i = 0; $i < 1; $i++) { - if (isset($_POST["newcomment"])) + if (isset($_POST['newcomment'])) { if ($logged_in) { - $db_query = "INSERT INTO " . DB_TABLE_REVIEW_COMMENTS . " (id, user, comment) VALUES (UNHEX('$id'), UNHEX('{$_SESSION["userID"]}'), '" . mysql_real_escape_string($_POST["newcomment"]) . "')"; + $db_query = 'INSERT INTO ' . DB_TABLE_REVIEW_COMMENTS . ' (id, user, comment) VALUES (UNHEX("' . $id . '"), UNHEX("' . $_SESSION['userID'] . '"), "' . mysql_real_escape_string($_POST['newcomment']) . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to post comment: MySQL error"; - $error_description = "Could not insert new comment. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to post comment: MySQL error'; + $error_description = 'Could not insert new comment. MySQL error was: "' . mysql_error() . '"'; break; } } - header("Location: " . $_SERVER["REQUEST_URI"]); + header('Location: ' . $_SERVER['REQUEST_URI']); } - require_once("util/user_input.php"); + require_once('util/user_input.php'); $item = $api->getItemById($id); - $page_title = $item["name"] . " (v{$item["version"]}) | Code review"; + $page_title = $item['name'] . ' (v' . $item['version'] . ') | Code review'; $list = $api->getItemList(0, 'all', NULL, NULL, $item['name'], NULL, NULL, 'both', 'yes'); - usort($list, "semver_sort"); + usort($list, 'semver_sort'); for ($j = 0; $j < count($list); $j++) { @@ -53,21 +53,21 @@ } } - $db_query = "SELECT HEX(user), comment, date FROM " . DB_TABLE_REVIEW_COMMENTS . " WHERE id = UNHEX('$id')"; + $db_query = 'SELECT HEX(user), comment, date FROM ' . DB_TABLE_REVIEW_COMMENTS . ' WHERE id = UNHEX("' . $id . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to read comments: MySQL error"; - $error_description = "Comments could not be read from database. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to read comments: MySQL error'; + $error_description = 'Comments could not be read from database. MySQL error was: "' . mysql_error() . '"'; break; } $comments = array(); while ($comment = mysql_fetch_assoc($db_result)) { - $temp = $api->getUserById($comment["HEX(user)"]); - $comment["user"] = $temp["name"]; - $comment["user-mail"] = $temp["mail-md5"]; + $temp = $api->getUserById($comment['HEX(user)']); + $comment['user'] = $temp['name']; + $comment['user-mail'] = $temp['mail-md5']; $comment['user-privilege'] = $temp['privileges']; $comments[] = $comment; } @@ -77,14 +77,14 @@ } else { - $page_title = "Unreviewed items"; - $items = $api->getItemList(0, "all", NULL, NULL, NULL, NULL, NULL, "both", "no"); + $page_title = 'Unreviewed items'; + $items = $api->getItemList(0, 'all', NULL, NULL, NULL, NULL, NULL, 'both', 'no'); } ?> - + @@ -134,13 +134,13 @@ foreach ($comments AS $comment) { $symbols = get_privilege_symbols($comment['user-privilege']); - echo "\"avatar\"
{$comment["user"]}$symbols
{$comment["date"]}
" . user_input_process($comment["comment"]) . "
"; + echo 'avatar
' . $comment['user'] . '' . $symbols . '
' . $comment['date'] . '
' . user_input_process($comment['comment']) . '
'; } - if (!$item["reviewed"] && $logged_in) + if (!$item['reviewed'] && $logged_in) { ?> - /profile">You
Now + You
Now @@ -164,12 +164,12 @@ foreach ($items AS $item) { echo '
' - . "

$item[name]

" + . '

' . $item['name'] . '

' . '
' - . "
Library
$item[name]
" - . "
Version
$item[version]
" - . "
User
{$item["user"]["name"]}
" - . "
Link
Go to discussion thread
" + . '
Library
' . $item['name'] . '
' + . '
Version
' . $item['version'] . '
' + . '
User
' . $item['user']['name'] . '
' + . '
Link
Go to discussion thread
' . '
'; } ?> @@ -178,11 +178,11 @@ } ?> - + diff --git a/sitemap.php b/sitemap.php index 4e01f2e..6a88da4 100644 --- a/sitemap.php +++ b/sitemap.php @@ -1,58 +1,58 @@ "libba.net code listing", - "link" => "http://libba.net/items/", - "description" => "Displays a list of all uploaded code"), - array("title" => "libba.net users", - "link" => "http://libba.net/users/", - "description" => "The list of registered libba.net users"), - array("title" => "libba.net help", - "link" => "http://libba.net/help", - "description" => "help / FAQ for libba.net"), - array("title" => "libba.net code upload", - "link" => "http://libba.net/upload", - "description" => "Here you can upload new code"), - array("title" => "about libba.net", - "link" => "http://libba.net/about", - "description" => "libba.net about page") + array('title' => 'libba.net code listing', + 'link' => 'http://libba.net/items/', + 'description' => 'Displays a list of all uploaded code'), + array('title' => 'libba.net users', + 'link' => 'http://libba.net/users/', + 'description' => 'The list of registered libba.net users'), + array('title' => 'libba.net help', + 'link' => 'http://libba.net/help', + 'description' => 'help / FAQ for libba.net'), + array('title' => 'libba.net code upload', + 'link' => 'http://libba.net/upload', + 'description' => 'Here you can upload new code'), + array('title' => 'about libba.net', + 'link' => 'http://libba.net/about', + 'description' => 'libba.net about page') ); $api = new ALD( API_URL ); foreach ($api->getItemList() AS $item) { - $item_data = $api->getItemById($item["id"]); - $items[] = array("title" => "$item[name] v$item[version]", - "link" => "http://libba.net/items/$item[id]", - "description" => htmlentities($item_data["description"], 0, "UTF-8"), - "pubDate" => $item_data["uploaded"]); + $item_data = $api->getItemById($item['id']); + $items[] = array('title' => $item['name'] . ' v' . $item['version'], + 'link' => 'http://libba.net/items/' . $item['id'], + 'description' => htmlentities($item_data['description'], 0, 'UTF-8'), + 'pubDate' => $item_data['uploaded']); } foreach ($api->getUserList() AS $user) { - $url_name = urlencode($user["name"]); - $items[] = array("title" => "profile for $user[name]", - "link" => "http://libba.net/users/$url_name/profile", - "description" => "the libba.net profile page for $user[name]"); - $items[] = array("title" => "activity for $user[name]", - "link" => "http://libba.net/users/$url_name/activity", - "description" => "recent activity by $user[name] on libba.net"); - $items[] = array("title" => "items by $user[name]", - "link" => "http://libba.net/users/$url_name/items", - "description" => "libraries and apps uploaded by $user[name] to libba.net"); - $items[] = array("title" => "achievements by $user[name]", - "link" => "http://libba.net/users/$url_name/achievements", - "description" => "achievements made by $user[name] on libba.net"); + $url_name = urlencode($user['name']); + $items[] = array('title' => 'profile for ' . $user['name'], + 'link' => 'http://libba.net/users/' . $url_name . '/profile', + 'description' => 'the libba.net profile page for ' . $user['name']); + $items[] = array('title' => 'activity for ' . $user['name'], + 'link' => 'http://libba.net/users/' . $url_name . '/activity', + 'description' => 'recent activity by ' . $user['name'] . ' on libba.net'); + $items[] = array('title' => 'items by ' . $user['name'], + 'link' => 'http://libba.net/users/' . $url_name . '/items', + 'description' => 'libraries and apps uploaded by ' . $user['name'] . ' to libba.net'); + $items[] = array('title' => 'achievements by ' . $user['name'], + 'link' => 'http://libba.net/users/' . $url_name . '/achievements', + 'description' => 'achievements made by ' . $user['name'] . ' on libba.net'); } # todo: fetch more items, such as reviews and candidates - echo ""; + echo ''; ?> @@ -69,12 +69,12 @@ "; + echo ''; foreach ($item AS $tag => $value) { - echo "<$tag>$value"; + echo '<' . $tag . '>' . $value . ''; } - echo ""; + echo ''; } ?> diff --git a/upload.php b/upload.php index 3855863..adb1eb4 100644 --- a/upload.php +++ b/upload.php @@ -1,24 +1,24 @@ getUserList(); } @@ -26,7 +26,7 @@ - + @@ -37,10 +37,10 @@

- " method="post" enctype="multipart/form-data"> + To upload your code, please fill in the following fields:
Package information @@ -57,7 +57,7 @@ "; + echo ''; } ?> @@ -70,22 +70,22 @@ uploadItem($_FILES["package"]["tmp_name"], $user, $password); + $id = $conn->uploadItem($_FILES['package']['tmp_name'], $user, $password); } catch (HttpException $e) { - echo "Failed to upload: {$e->getCode()}

{$e->getMessage()}

"; + echo 'Failed to upload: ' . $e->getCode() . '

' . $e->getMessage() . '

'; $error = true; } if (!isset($error)) @@ -98,10 +98,10 @@ } } else - echo "Failed to upload: required data is missing."; + echo 'Failed to upload: required data is missing.'; } ?>
- + \ No newline at end of file diff --git a/users/achievements.php b/users/achievements.php index 4eb8a1f..d02d9e8 100644 --- a/users/achievements.php +++ b/users/achievements.php @@ -2,31 +2,31 @@ ob_start(); session_start(); - if (!isset($_GET["user"])) + if (!isset($_GET['user'])) { - header("Location: ."); + header('Location: .'); } - require_once("../util/sortArray.php"); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); + require_once('../util/sortArray.php'); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); require_once('../partials/Notice.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $user = $_GET["user"]; + $user = $_GET['user']; try { $user_data = $api->getUser($user); } catch (HttpException $e) { - $error_message = "Failed to retrieve user: API error"; - $error_description = "User data could not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve user: API error'; + $error_description = 'User data could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } $page_title = $user; @@ -35,21 +35,21 @@ try { - $libs = $api->getItemList(0, "all", "lib", $user, NULL, NULL, NULL, "yes"); + $libs = $api->getItemList(0, 'all', 'lib', $user, NULL, NULL, NULL, 'yes'); } catch (HttpException $e) { - $error_message = "Failed to retrieve acheivements: API error"; - $error_description = "Libraries in stdlb coud not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve achievements: API error'; + $error_description = 'Libraries in stdlib could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } - $libs = sortArray($libs, array("name" => false, "version" => true)); + $libs = sortArray($libs, array('name' => false, 'version' => true)); foreach ($libs as $lib) { - $achievements[] = array("text" => "$user's library {$lib["name"]} v{$lib["version"]} is part of the standard lib for AutoHotkey", - "image" => "images/achievements/stdlib.png", - "link" => "items/" . $lib["id"]); + $achievements[] = array('text' => $user . '\'s library ' . $lib['name'] . ' v' . $lib['version'] . ' is part of the standard lib for AutoHotkey', + 'image' => 'images/achievements/stdlib.png', + 'link' => 'items/' . $lib['id']); } $error = false; } @@ -57,14 +57,14 @@ - +

"; + echo '' . $user . '\'s avatar'; echo $page_title; ?>

@@ -86,16 +86,16 @@ ?> \ No newline at end of file diff --git a/users/activity.php b/users/activity.php index 51e9e7d..f362748 100644 --- a/users/activity.php +++ b/users/activity.php @@ -4,97 +4,97 @@ ob_start(); session_start(); - if (!isset($_GET["user"])) + if (!isset($_GET['user'])) { - header("Location: ."); + header('Location: .'); } - require_once("../util/sortArray.php"); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); - require_once("../util/user_input.php"); - require_once("../util/privilege.php"); - require_once("../util/db.php"); + require_once('../util/sortArray.php'); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); + require_once('../util/user_input.php'); + require_once('../util/privilege.php'); + require_once('../util/db.php'); require_once('../partials/Notice.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $user = $_GET["user"]; + $user = $_GET['user']; try { $user_data = $api->getUser($user); } catch (HttpException $e) { - $error_message = "Failed to retrieve user: API error"; - $error_description = "User data could not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve user: API error'; + $error_description = 'User data could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } $page_title = $user; $db_connection = db_ensure_connection(); - $activity_item_count = !empty($_GET["items"]) ? strtolower($_GET["items"]) : 15; - $db_limit = $activity_item_count == "all" ? "" : " LIMIT $activity_item_count"; + $activity_item_count = !empty($_GET['items']) ? strtolower($_GET['items']) : 15; + $db_limit = $activity_item_count == 'all' ? '' : ' LIMIT ' . $activity_item_count; $activity = array(); $retrieved_items = array(); # joined - $activity[] = array("header" => "$user joined libba.net", - "text" => "Welcome to libba.net, $user! If you have any questions, consult the help or contact us!", - "image" => "images/activity/joined.png", - "date" => $user_data["joined"], - "link" => "./../$user/profile"); + $activity[] = array('header' => $user . ' joined libba.net', + 'text' => 'Welcome to libba.net, ' . $user . '! If you have any questions, consult the help or contact us!', + 'image' => 'images/activity/joined.png', + 'date' => $user_data['joined'], + 'link' => './../' . $user . '/profile'); # get items uploaded try { - $items = $api->getItemList(0, "all", NULL, $user); + $items = $api->getItemList(0, 'all', NULL, $user); } catch (HttpException $e) { - $error_message = "Failed to retrieve activity: API error"; - $error_description = "Could not get items uploaded. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve activity: API error'; + $error_description = 'Could not get items uploaded. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } foreach ($items AS $item) { - $id = $item["id"]; + $id = $item['id']; $retrieved_items[$id] = $api->getItemById($id); - $activity[] = array("header" => "$user uploaded {$item["name"]} (v{$item["version"]})", - "text" => $retrieved_items[$id]["description"], - "image" => "images/activity/upload.png", - "date" => $retrieved_items[$id]["uploaded"], - "link" => "items/$id"); + $activity[] = array('header' => $user . ' uploaded ' . $item['name'] . ' (v' . $item['version'] . ')', + 'text' => $retrieved_items[$id]['description'], + 'image' => 'images/activity/upload.png', + 'date' => $retrieved_items[$id]['uploaded'], + 'link' => 'items/' . $id); } # get review comments - $db_query = "SELECT HEX(id), comment, date FROM " . DB_TABLE_REVIEW_COMMENTS . " WHERE user = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = 'SELECT HEX(id), comment, date FROM ' . DB_TABLE_REVIEW_COMMENTS . ' WHERE user = UNHEX("' . $user_data['id'] . '") ORDER BY date DESC ' . $db_limit; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve activity: MySQL error"; - $error_description = "Review comments could not be read. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve activity: MySQL error'; + $error_description = 'Review comments could not be read. MySQL error was: "' . mysql_error() . '"'; break; } while ($comment = mysql_fetch_assoc($db_result)) { - $id = $comment["HEX(id)"]; + $id = $comment['HEX(id)']; $item = isset($retrieved_items[$id]) ? $retrieved_items[$id] : ($retrieved_items[$id] = $api->getItemById($id)); - $activity[] = array("header" => "$user commented on Code Review for {$item["name"]} v{$item["version"]}", - "text" => $comment["comment"], - "image" => "images/activity/review-comment.png", - "date" => $comment["date"], - "link" => "reviews/$id"); # todo: anchor for comment + $activity[] = array('header' => $user . 'commented on Code Review for ' . $item['name'] . ' v' . $item['version'] . '', + 'text' => $comment['comment'], + 'image' => 'images/activity/review-comment.png', + 'date' => $comment['date'], + 'link' => 'reviews/' . $id); # todo: anchor for comment } - if (hasPrivilege($user_data["privileges"], PRIVILEGE_REVIEW)) + if (hasPrivilege($user_data['privileges'], PRIVILEGE_REVIEW)) { # get reviews closed by user # todo! @@ -103,70 +103,70 @@ $retrieved_candidates = array(); # get candidates opened and closed - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE userid = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = 'SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM ' . DB_TABLE_CANDIDATES . ' WHERE userid = UNHEX("' . $user_data['id'] . '") ORDER BY date DESC ' . $db_limit; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve activity: MySQL error"; - $error_description = "Failed to retrieve candidates. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve activity: MySQL error'; + $error_description = 'Failed to retrieve candidates. MySQL error was: "' . mysql_error() . '"'; break; } while ($candidate = mysql_fetch_assoc($db_result)) { - $retrieved_candidates[$candidate["id"]] = $candidate; # save data for further use + $retrieved_candidates[$candidate['id']] = $candidate; # save data for further use - $id = $candidate["HEX(libid)"]; + $id = $candidate['HEX(libid)']; $item = isset($retrieved_items[$id]) ? $retrieved_items[$id] : ($retrieved_items[$id] = $api->getItemById($id)); - $activity[] = array("header" => "$user proposed {$item["name"]} (v{$item["version"]}) for the stdlib", - "text" => $candidate["text"], - "image" => "images/activity/candidate.png", - "date" => $candidate["date"], - "link" => "candidates/" . $candidate["id"]); + $activity[] = array('header' => $user . ' proposed ' . $item['name'] . ' (v' . $item['version'] . ') for the stdlib', + 'text' => $candidate['text'], + 'image' => 'images/activity/candidate.png', + 'date' => $candidate['date'], + 'link' => 'candidates/' . $candidate['id']); - if ($candidate["closed"]) + if ($candidate['closed']) { - $user = $api->getUserById($candidate["HEX(`closed-by`)"]); - $accepted = $item["default"] ? "accepted" : "rejected"; - $activity[] = array("header" => "The stdlib candidate {$item["name"]} v{$item["version"]} has been $accepted by {$user["name"]}", - "text" => $candidate["closed-comment"], - "image" => "images/activity/candidate-$accepted.png", - "date" => $candidate["closed-date"], - "link" => "candidates/{$candidate["id"]}#closecomment"); + $user = $api->getUserById($candidate['HEX(`closed-by`)']); + $accepted = $item['default'] ? 'accepted' : 'rejected'; + $activity[] = array('header' => 'The stdlib candidate ' . $item['name'] . ' v' . $item['version'] . ' has been ' . $accepted . ' by ' . $user['name'] . '', + 'text' => $candidate['closed-comment'], + 'image' => 'images/activity/candidate-' . $accepted . '.png', + 'date' => $candidate['closed-date'], + 'link' => 'candidates/' . $candidate['id'] . '#closecomment'); } } - if (hasPrivilege($user_data["privileges"], PRIVILEGE_STDLIB)) + if (hasPrivilege($user_data['privileges'], PRIVILEGE_STDLIB)) { # get candidates closed by this user - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE `closed-by` = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = 'SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM ' . DB_TABLE_CANDIDATES . ' WHERE `closed-by` = UNHEX("' . $user_data['id'] . '") ORDER BY date DESC ' . $db_limit; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve activity: MySQL error"; - $error_description = "Could not read candidates closed by $user. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve activity: MySQL error'; + $error_description = 'Could not read candidates closed by ' . $user . '. MySQL error was: "' . mysql_error() . '"'; break; } while ($candidate = mysql_fetch_assoc($db_result)) { #$candidates_closed[] = $candidate; # TODO - $retrieved_candidates[$candidate["id"]] = $candidate; + $retrieved_candidates[$candidate['id']] = $candidate; } } # get candidate comments - $db_query = "SELECT id, comment, date, vote FROM " . DB_TABLE_CANDIDATE_COMMENTS . " WHERE user = UNHEX('{$user_data["id"]}') ORDER BY date DESC $db_limit"; + $db_query = 'SELECT id, comment, date, vote FROM ' . DB_TABLE_CANDIDATE_COMMENTS . ' WHERE user = UNHEX("' . $user_data['id'] . '") ORDER BY date DESC ' . $db_limit; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve activity: MySQL error"; - $error_descrition = "Candidate comments could not be read. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve activity: MySQL error'; + $error_descrition = 'Candidate comments could not be read. MySQL error was: "' . mysql_error() . '"'; break; } while ($comment = mysql_fetch_assoc($db_result)) { - $id = $comment["id"]; + $id = $comment['id']; $candidate = isset($retrieved_candidates[$id]) ? $retrieved_candidates[$id] @@ -175,20 +175,20 @@ { break; } - $item_id = $candidate["HEX(libid)"]; + $item_id = $candidate['HEX(libid)']; $item = isset($retrieved_items[$id]) ? $retrieved_items[$id] : ($retrieved_items[$id] = $api->getItemById($item_id)); - $activity[] = array("header" => "$user commented on {$item["name"]} v{$item["version"]} - Stdlib candidate", - "text" => $comment["comment"], - "image" => "images/activity/candidate-comment.png", - "date" => $comment["date"], - "link" => "candidates/$id"); + $activity[] = array('header' => $user . ' commented on ' . $item['name'] . ' v' . $item['version'] . ' - Stdlib candidate', + 'text' => $comment['comment'], + 'image' => 'images/activity/candidate-comment.png', + 'date' => $comment['date'], + 'link' => 'candidates/' . $id); } - $activity = sortArray($activity, array("date" => true)); - if ($activity_item_count != "all") + $activity = sortArray($activity, array('date' => true)); + if ($activity_item_count != 'all') { $activity = array_slice($activity, 0, $activity_item_count); } @@ -199,14 +199,14 @@ - +

"; + echo '' . $user . '\'s avatar'; echo $page_title; ?>

@@ -220,35 +220,35 @@ { foreach ($activity AS $item) { - $text = user_input_clean(strlen($item["text"]) <= $body_char_count - ? $item["text"] - : substr($item["text"], 0, $body_char_count) . "..."); + $text = user_input_clean(strlen($item['text']) <= $body_char_count + ? $item['text'] + : substr($item['text'], 0, $body_char_count) . '...'); - echo "
" - . "
" - . "" - . "\"activity" - . "" - . $item["header"] - . "
" - . "
$text
" - . "
{$item["date"]}
" - . "
"; + echo '
' + . '
' + . '' + . 'activity icon' + . '' + . $item['header'] + . '
' + . '
' . $text . '
' + . '
' . $item['date'] . '
' + . '
'; } } ?> @@ -256,12 +256,12 @@ function getCandidate($id, &$error_message, &$error_description) { global $db_connection; - $db_query = "SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM " . DB_TABLE_CANDIDATES . " WHERE id = '$id'"; + $db_query = 'SELECT *, HEX(libid), HEX(userid), HEX(`closed-by`) FROM ' . DB_TABLE_CANDIDATES . ' WHERE id = "' . $id . '"'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve activity: MySQL error"; - $error_description = "Candidate $id could not be read. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve activity: MySQL error'; + $error_description = 'Candidate ' . $id . ' could not be read. MySQL error was: "' . mysql_error() . '"'; return FALSE; } return mysql_fetch_assoc($db_result); diff --git a/users/items.php b/users/items.php index 8fa5d1b..6977ce5 100644 --- a/users/items.php +++ b/users/items.php @@ -2,62 +2,62 @@ ob_start(); session_start(); - if (!isset($_GET["user"])) + if (!isset($_GET['user'])) { - header("Location: ."); + header('Location: .'); } - require_once("../util/sortArray.php"); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); + require_once('../util/sortArray.php'); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); require_once('../partials/Notice.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $user = $_GET["user"]; + $user = $_GET['user']; try { $user_data = $api->getUser($user); } catch (HttpException $e) { - $error_message = "Failed to retrieve user: API error"; - $error_description = "User data could not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve user: API error'; + $error_description = 'User data could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } $page_title = $user; try { - $libs = $api->getItemList(0, "all", "lib", $user, NULL, NULL, "latest"); - $apps = $api->getItemList(0, "all", "app", $user, NULL, NULL, "latest"); + $libs = $api->getItemList(0, 'all', 'lib', $user, NULL, NULL, 'latest'); + $apps = $api->getItemList(0, 'all', 'app', $user, NULL, NULL, 'latest'); } catch (HttpException $e) { - $error_message = "Failed to retrieve uploaded items: API error"; - $error_description = "Uploaded items could not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve uploaded items: API error'; + $error_description = 'Uploaded items could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } - $libs = sortArray($libs, array("name" => false, "version" => true)); - $apps = sortArray($apps, array("name" => false, "version" => true)); + $libs = sortArray($libs, array('name' => false, 'version' => true)); + $apps = sortArray($apps, array('name' => false, 'version' => true)); $error = false; } ?> - +

"; + echo '' . $user . '\'s avatar'; echo $page_title; ?>

@@ -69,14 +69,14 @@ } else # output apps and lib uploaded { - foreach (array("Libraries" => $libs, "Applications" => $apps) AS $set_name => $set) + foreach (array('Libraries' => $libs, 'Applications' => $apps) AS $set_name => $set) { if ($item_count = count($set)) { - echo "

$set_name uploaded ($item_count)

    "; + echo '

    ' . $set_name . ' uploaded (' . $item_count . ')

    '; } @@ -85,16 +85,16 @@ ?> \ No newline at end of file diff --git a/users/list.php b/users/list.php index b9e94b4..2e1038f 100644 --- a/users/list.php +++ b/users/list.php @@ -2,22 +2,22 @@ ob_start(); session_start(); - require_once("../util/sortArray.php"); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); + require_once('../util/sortArray.php'); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); require_once('../partials/Notice.php'); - #require_once("../util/privilege.php"); + #require_once('../util/privilege.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $page_title = "View users"; + $page_title = 'View users'; - $page_index = !empty($_GET["page"]) ? (int)$_GET["page"] : 0; - $page_itemcount = !empty($_GET["items"]) ? (int)$_GET["items"] : 15; + $page_index = !empty($_GET['page']) ? (int)$_GET['page'] : 0; + $page_itemcount = !empty($_GET['items']) ? (int)$_GET['items'] : 15; $start_index = $page_index * $page_itemcount; try @@ -26,13 +26,13 @@ } catch (HttpException $e) { - $error_message = "Failed to get user list: API error"; - $error_description = "The list of users could not be retrieved. API error was: '{$e->getMessage()}'"; + $error_message = 'Failed to get user list: API error'; + $error_description = 'The list of users could not be retrieved. API error was: "' . $e->getMessage() . '"'; break; } if (count($users) > 0) { - $users = sortArray($users, "name"); + $users = sortArray($users, 'name'); } $error = false; } @@ -40,7 +40,7 @@ - + @@ -53,7 +53,7 @@ } else # output a list of users { - echo "
      "; + echo '"; + echo '
    '; if (count($users) == 0) { - echo "No users found"; + echo 'No users found'; } if ($page_index > 0) { - echo ""; + echo ''; } # check if there are more users if (count($users) > $page_itemcount) { - echo ""; + echo ''; } } ?> - + \ No newline at end of file diff --git a/users/modify.php b/users/modify.php index 0677d8d..6740a29 100644 --- a/users/modify.php +++ b/users/modify.php @@ -2,75 +2,75 @@ ob_start(); session_start(); - if (!isset($_GET["user"])) + if (!isset($_GET['user'])) { - header("Location: ."); + header('Location: .'); } - #require_once("../util/sortArray.php"); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); - #require_once("util/user_input.php"); - require_once("../util/privilege.php"); - require_once("../util/db.php"); + #require_once('../util/sortArray.php'); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); + #require_once('util/user_input.php'); + require_once('../util/privilege.php'); + require_once('../util/db.php'); require_once('../partials/Notice.php'); - require_once("../util/secure_redirect.php"); + require_once('../util/secure_redirect.php'); secure_redirect(); $api = new ALD( SECURE_API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $user = $_GET["user"]; + $user = $_GET['user']; try { $user_data = $api->getUser($user); } catch (HttpException $e) { - $error_message = "Failed to retrieve user: API error"; - $error_description = "User data could not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve user: API error'; + $error_description = 'User data could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } $page_title = $user; - if (!$logged_in || $_SESSION["user"] != $user) + if (!$logged_in || $_SESSION['user'] != $user) { - header("Location: ."); + header('Location: .'); exit; } $db_connection = db_ensure_connection(); - $db_query = "SELECT * FROM " . DB_TABLE_USER_PROFILE . " WHERE id = UNHEX('{$user_data["id"]}')"; + $db_query = 'SELECT * FROM ' . DB_TABLE_USER_PROFILE . ' WHERE id = UNHEX("' . $user_data['id'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve profile: MySQL error"; - $error_description = "Could not read profile settings. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve profile: MySQL error'; + $error_description = 'Could not read profile settings. MySQL error was: "' . mysql_error() . '"'; break; } $user_profile = mysql_fetch_assoc($db_result); - if (!db_get_enum_column_values(DB_TABLE_USER_PROFILE, "allow_mails", $contact_options)) + if (!db_get_enum_column_values(DB_TABLE_USER_PROFILE, 'allow_mails', $contact_options)) { - $error_message = "Cannot modify profile: MySQL error"; - $error_description = "The possible options for 'allow_mails' could not be retrieved. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Cannot modify profile: MySQL error'; + $error_description = 'The possible options for "allow_mails" could not be retrieved. MySQL error was: "' . mysql_error() . '"'; break; } - if (!db_get_enum_column_values(DB_TABLE_USER_PROFILE, "show_mail", $mail_options)) + if (!db_get_enum_column_values(DB_TABLE_USER_PROFILE, 'show_mail', $mail_options)) { - $error_message = "Cannot modify profile: MySQL error"; - $error_description = "The possible options for 'show_mail' could not be retrieved. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Cannot modify profile: MySQL error'; + $error_description = 'The possible options for "show_mail" could not be retrieved. MySQL error was: "' . mysql_error() . '"'; break; } - if (!db_get_enum_column_values(DB_TABLE_USER_PROFILE, "site_theme", $theme_options)) + if (!db_get_enum_column_values(DB_TABLE_USER_PROFILE, 'site_theme', $theme_options)) { - $error_message = "Cannot modify profile: MySQL error"; - $error_description = "The possible options for 'site_theme' could not be retrieved. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Cannot modify profile: MySQL error'; + $error_description = 'The possible options for "site_theme" could not be retrieved. MySQL error was: "' . mysql_error() . '"'; break; } @@ -79,76 +79,76 @@ # todo: verify password # require user to enter his password once again - if (!empty($_POST["username"]) && $_POST["username"] != $user) + if (!empty($_POST['username']) && $_POST['username'] != $user) { try { - $api->modifyUser($user, $_SESSION["password"], $_POST["username"]); + $api->modifyUser($user, $_SESSION['password'], $_POST['username']); } catch (HttpException $e) { - $error_message = "Failed to update user profile: API error"; - $error_description = "New user name could not be saved. API error was: '{$e->getMessage()}'"; + $error_message = 'Failed to update user profile: API error'; + $error_description = 'New user name could not be saved. API error was: "' . $e->getMessage() . '"'; break; } - $redirect_user = $_POST["username"]; - $_SESSION["user"] = $_POST["username"]; + $redirect_user = $_POST['username']; + $_SESSION['user'] = $_POST['username']; } - if (!empty($_POST["mail"]) && $_POST["mail"] != $user_profile["mail"]) + if (!empty($_POST['mail']) && $_POST['mail'] != $user_profile['mail']) { # todo: deactivate account, send activation mail - $mail = mysql_real_escape_string($_POST["mail"]); - $db_query = "UPDATE " . DB_TABLE_USER_PROFILE . " Set mail = '$mail' WHERE id = UNHEX('{$_SESSION["userID"]}')"; + $mail = mysql_real_escape_string($_POST['mail']); + $db_query = 'UPDATE ' . DB_TABLE_USER_PROFILE . ' Set mail = "' . $mail . '" WHERE id = UNHEX("' . $_SESSION['userID'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result || mysql_affected_rows() != 1) { - $error_message = "Failed to update user profile: MySQL error"; - $error_description = "New email could not be saved. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to update user profile: MySQL error'; + $error_description = 'New email could not be saved. MySQL error was: "' . mysql_error() . '"'; break; } } - if (!empty($_POST["site_theme"]) && $_POST["site_theme"] != $user_profile["site_theme"] && in_array($_POST["site_theme"], $theme_options)) + if (!empty($_POST['site_theme']) && $_POST['site_theme'] != $user_profile['site_theme'] && in_array($_POST['site_theme'], $theme_options)) { - $theme = mysql_real_escape_string($_POST["site_theme"]); - $db_query = "UPDATE " . DB_TABLE_USER_PROFILE . " Set site_theme = '$theme' WHERE id = UNHEX('{$_SESSION["userID"]}')"; + $theme = mysql_real_escape_string($_POST['site_theme']); + $db_query = 'UPDATE ' . DB_TABLE_USER_PROFILE . ' Set site_theme = "' . $theme . '" WHERE id = UNHEX("' . $_SESSION['userID'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result || mysql_affected_rows() != 1) { - $error_message = "Failed to update user profile: MySQL error"; - $error_description = "New website theme could not be saved. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to update user profile: MySQL error'; + $error_description = 'New website theme could not be saved. MySQL error was: "' . mysql_error() . '"'; break; } } - if (!empty($_POST["show_mail"]) && $_POST["show_mail"] != $user_profile["show_mail"] && in_array($_POST["show_mail"], $mail_options)) + if (!empty($_POST['show_mail']) && $_POST['show_mail'] != $user_profile['show_mail'] && in_array($_POST['show_mail'], $mail_options)) { - $show_mail = mysql_real_escape_string($_POST["show_mail"]); - $db_query = "UPDATE " . DB_TABLE_USER_PROFILE . " Set show_mail = '$show_mail' WHERE id = UNHEX('{$_SESSION["userID"]}')"; + $show_mail = mysql_real_escape_string($_POST['show_mail']); + $db_query = 'UPDATE ' . DB_TABLE_USER_PROFILE . ' Set show_mail = "' .$show_mail . '" WHERE id = UNHEX("' . $_SESSION['userID'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result || mysql_affected_rows() != 1) { - $error_message = "Failed to update user profile: MySQL error"; - $error_description = "New setting for email visibility could not be saved. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to update user profile: MySQL error'; + $error_description = 'New setting for email visibility could not be saved. MySQL error was: "' . mysql_error() . '"'; break; } } - if (!empty($_POST["allow_mails"]) && $_POST["allow_mails"] != $user_profile["allow_mails"] && in_array($contact_options, $_POST["allow_mails"])) + if (!empty($_POST['allow_mails']) && $_POST['allow_mails'] != $user_profile['allow_mails'] && in_array($contact_options, $_POST['allow_mails'])) { - $allow_mails = mysql_real_escape_string($_POST["allow_mails"]); - $db_query = "UPDATE " . DB_TABLE_USER_PROFILE . " Set allow_mails = '$allow_mails' WHERE id = UNHEX('{$_SESSION["userID"]}')"; + $allow_mails = mysql_real_escape_string($_POST['allow_mails']); + $db_query = 'UPDATE ' . DB_TABLE_USER_PROFILE . ' Set allow_mails = "' . $allow_mails . '" WHERE id = UNHEX("' . $_SESSION['userID'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result || mysql_affected_rows() != 1) { - $error_message = "Failed to update user profile: MySQL error"; - $error_description = "New setting for allowing contacting could not be saved. $allow_mails MySQL error was: '" . mysql_affected_rows() . mysql_error() . "'"; + $error_message = 'Failed to update user profile: MySQL error'; + $error_description = 'New setting for allowing contacting could not be saved. MySQL error was: "' . mysql_error() . '"'; break; } } # todo: support changing password if (isset($redirect_user)) { - header("Location: ?user=$redirect_user"); + header('Location: ?user=' . $redirect_user); } } @@ -158,14 +158,14 @@ - +

    "; + echo '' . $user . '\'s avatar'; echo $page_title; ?>

    @@ -187,7 +187,7 @@
    - "/> +
    @@ -199,9 +199,9 @@ $theme"; + echo ''; } ?> @@ -216,9 +216,9 @@ $option"; + echo ''; } ?> @@ -229,9 +229,9 @@ $value"; + echo ''; } ?> @@ -246,21 +246,21 @@ } else { - echo "Your profile has been updated."; + echo 'Your profile has been updated.'; } ?> \ No newline at end of file diff --git a/users/profile.php b/users/profile.php index 736292e..341746b 100644 --- a/users/profile.php +++ b/users/profile.php @@ -2,46 +2,46 @@ ob_start(); session_start(); - if (!isset($_GET["user"])) + if (!isset($_GET['user'])) { - header("Location: ."); # redirect to user list + header('Location: .'); # redirect to user list } - require_once("../util/sortArray.php"); - require_once("../util/ALD.php"); - require_once("../config/constants.php"); - require_once("../util/db.php"); + require_once('../util/sortArray.php'); + require_once('../util/ALD.php'); + require_once('../config/constants.php'); + require_once('../util/db.php'); require_once('../util/privilege.php'); require_once('../util/get_privilege_symbols.php'); require_once('../partials/Notice.php'); $api = new ALD( API_URL ); - $logged_in = isset($_SESSION["user"]); + $logged_in = isset($_SESSION['user']); $error = true; for ($i = 0; $i < 1; $i++) { - $user = $_GET["user"]; + $user = $_GET['user']; try { $user_data = $api->getUser($user); } catch (HttpException $e) { - $error_message = "Failed to retrieve user '$user': API error"; - $error_description = "User data could not be retrieved. API error was: '{$e->getMessage()}' (code: {$e->getCode()})"; + $error_message = 'Failed to retrieve user "' . $user . '": API error'; + $error_description = 'User data could not be retrieved. API error was: "' . $e->getMessage() . '" (code: ' . $e->getCode() . ')'; break; } $page_title = $user; $db_connection = db_ensure_connection(); - $db_query = "SELECT * FROM " . DB_TABLE_USER_PROFILE . " WHERE id = UNHEX('{$user_data["id"]}')"; + $db_query = 'SELECT * FROM ' . DB_TABLE_USER_PROFILE . ' WHERE id = UNHEX("' . $user_data['id'] . '")'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { - $error_message = "Failed to retrieve profile: MySQL error"; - $error_description = "Could not read profile settings. MySQL error was: '" . mysql_error() . "'"; + $error_message = 'Failed to retrieve profile: MySQL error'; + $error_description = 'Could not read profile settings. MySQL error was: "' . mysql_error() . '"'; break; } $user_profile = mysql_fetch_assoc($db_result); @@ -53,7 +53,7 @@ @@ -61,7 +61,7 @@

    "; + echo '' . $user . '\'s avatar'; echo $page_title; ?>

    @@ -76,20 +76,20 @@ ?> email: "; + echo '' . $user . '\'s mail address'; } - if ($user_profile["allow_mails"]) + if ($user_profile['allow_mails']) { - echo "Contact $user"; + echo 'Contact ' . $user . ''; } ?> member since: - + user ID: - + \ No newline at end of file diff --git a/users/user_navigation.php b/users/user_navigation.php index f4ee2d5..5882a49 100644 --- a/users/user_navigation.php +++ b/users/user_navigation.php @@ -1,20 +1,20 @@
    "Profile", - "activity" => "Activity", - "items" => "Libs & Apps", - "achievements" => "Achievements", - "modify" => "Change settings", - "suspend" => "Suspend user"); + $possible_modes = array('profile' => 'Profile', + 'activity' => 'Activity', + 'items' => 'Libs & Apps', + 'achievements' => 'Achievements', + 'modify' => 'Change settings', + 'suspend' => 'Suspend user'); foreach ($possible_modes AS $mode => $name) { - $id = ($mode == $current_mode) ? "id=\"nav-current\"" : ""; - $style = ($mode == "modify" && (!$logged_in || $_SESSION["user"] != $user)) || ($mode == "suspend" && (!$logged_in || !hasPrivilege($_SESSION["privileges"], PRIVILEGE_USER_MANAGE) || $user == $_SESSION["user"])) - ? "style=\"display: none\"" - : ""; - echo "
    $name
    "; + $id = ($mode == $current_mode) ? 'id="nav-current"' : ''; + $style = ($mode == 'modify' && (!$logged_in || $_SESSION['user'] != $user)) || ($mode == 'suspend' && (!$logged_in || !hasPrivilege($_SESSION['privileges'], PRIVILEGE_USER_MANAGE) || $user == $_SESSION['user'])) + ? 'style="display: none"' + : ''; + echo '
    ' . $name . '
    '; } ?>
    \ No newline at end of file diff --git a/util/ALD.php b/util/ALD.php index c0a7fab..239f630 100644 --- a/util/ALD.php +++ b/util/ALD.php @@ -1,5 +1,5 @@ server = $server; } - public function getUserList( $start = 0, $count = "all" ) + public function getUserList( $start = 0, $count = 'all' ) { - return json_decode( $this->_Request( CURLOPT_HTTPGET, "/users/list?start=$start&count=$count", array("Accept: application/json") ), true ); + return json_decode( $this->_Request( CURLOPT_HTTPGET, '/users/list?start=' . $start . '&count=' . $count, array('Accept: application/json') ), true ); } public function getUser( $name, $request_user = NULL, $request_password = NULL ) { - return json_decode( $this->_Request( CURLOPT_HTTPGET, "/users/describe/$name", array("Accept: application/json"), NULL, $request_user, $request_password), true ); + return json_decode( $this->_Request( CURLOPT_HTTPGET, '/users/describe/' . $name, array('Accept: application/json'), NULL, $request_user, $request_password), true ); } public function getUserById( $id, $request_user = NULL, $request_password = NULL ) { - return json_decode( $this->_Request( CURLOPT_HTTPGET, "/users/describe/$id", array("Accept: application/json"), NULL, $request_user, $request_password), true ); + return json_decode( $this->_Request( CURLOPT_HTTPGET, '/users/describe/' . $id, array('Accept: application/json'), NULL, $request_user, $request_password), true ); } public function modifyUser( $name, $password, $new_name = NULL, $new_mail = NULL, $new_password = NULL) { $data = array(); - $new_name != NULL && $data["name"] = $new_name; - $new_mail != NULL && $data["mail"] = $new_mail; - $new_password != NULL && $data["password"] = $new_password; + $new_name != NULL && $data['name'] = $new_name; + $new_mail != NULL && $data['mail'] = $new_mail; + $new_password != NULL && $data['password'] = $new_password; - $this->_Request( CURLOPT_HTTPGET, "/users/modify/$name", array(), $data, $name, $password ); + $this->_Request( CURLOPT_HTTPGET, '/users/modify/' . $name, array(), $data, $name, $password ); } public function getItemById( $id ) { - return json_decode( $this->_Request( CURLOPT_HTTPGET, "/items/describe/$id", array("Accept: application/json") ), true ); + return json_decode( $this->_Request( CURLOPT_HTTPGET, '/items/describe/' . $id, array('Accept: application/json') ), true ); } public function getItem($name, $version) { - return json_decode( $this->_Request( CURLOPT_HTTPGET, "/items/describe/$name/$version", array("Accept: application/json") ), true ); + return json_decode( $this->_Request( CURLOPT_HTTPGET, '/items/describe/' . $name . '/' . $version, array('Accept: application/json') ), true ); } - public function getItemList($start = 0, $count = "all", $type = NULL, $user = NULL, $name = NULL, $tags = NULL, $version = NULL, $stdlib = "both", $reviewed = "yes") + public function getItemList($start = 0, $count = 'all', $type = NULL, $user = NULL, $name = NULL, $tags = NULL, $version = NULL, $stdlib = 'both', $reviewed = 'yes') { return json_decode( $this->_Request( CURLOPT_HTTPGET - , "/items/list?start=$start&count=$count&stdlib=$stdlib&reviewed=$reviewed" - . ( $version != NULL ? "&version=$version" : "" ) - . ( $type != NULL ? "&type=$type" : "" ) - . ( $user != NULL ? "&user=$user" : "" ) - . ( $name != NULL ? "&name=$name" : "" ) - . ( $tags != NULL ? "&tags=" . implode("|", $tags) : "" ) - , array("Accept: application/json") ), true ); + , '/items/list?start=' . $start . '&count=' . $count . '&stdlib=' . $stdlib . '&reviewed=' . $reviewed + . ( $version != NULL ? '&version=' . $version : '' ) + . ( $type != NULL ? '&type=' . $type : '' ) + . ( $user != NULL ? '&user=' . $user : '' ) + . ( $name != NULL ? '&name=' . $name : '' ) + . ( $tags != NULL ? '&tags=' . implode('|', $tags) : '' ) + , array('Accept: application/json') ), true ); } public function uploadItem( $file, $user, $password ) { - return json_decode( $this->_Request( CURLOPT_POST, "/items/add", array("Accept: application/json"), array("package" => "@$file"), $user, $password) )->id; + return json_decode( $this->_Request( CURLOPT_POST, '/items/add', array('Accept: application/json'), array('package' => '@' . $file), $user, $password) )->id; } public function modifyItemById( $id, $request_user, $request_password, $reviewed = NULL, $default = NULL, $user = NULL ) { $data = array(); - $reviewed != NULL && $data["reviewed"] = $reviewed; - $default != NULL && $data["default"] = $default; - $user != NULL && $data["user"] = $user; + $reviewed != NULL && $data['reviewed'] = $reviewed; + $default != NULL && $data['default'] = $default; + $user != NULL && $data['user'] = $user; - $this->_Request( CURLOPT_HTTPGET, "/items/modify/$id", array("Accept: application/json"), $data, $request_user, $request_password ); + $this->_Request( CURLOPT_HTTPGET, '/items/modify/' . $id, array('Accept: application/json'), $data, $request_user, $request_password ); } public function initRegistration( $name, $mail, $password, $password_alt ) { - $this->_Request( CURLOPT_POST, "/users/registration/init", array(), array("name" => $name, "mail" => $mail, "password" => $password, "password-alt" => $password_alt) ); + $this->_Request( CURLOPT_POST, '/users/registration/init', array(), array('name' => $name, 'mail' => $mail, 'password' => $password, 'password-alt' => $password_alt) ); } public function completeRegistration( $id, $token ) { - $this->_Request( CURLOPT_POST, "/users/registration/verify/$id", array(), array("token" => $token) ); + $this->_Request( CURLOPT_POST, '/users/registration/verify/' . $id, array(), array('token' => $token) ); } public function loadItem($id) { - return $this->_Request( CURLOPT_HTTPGET, "/items/describe/$id", array('Accept: application/x-ald-package') ); + return $this->_Request( CURLOPT_HTTPGET, '/items/describe/' . $id, array('Accept: application/x-ald-package') ); } private function _Request($method, $url, $header, $data = NULL, $user = NULL, $password = NULL) @@ -106,7 +106,7 @@ private function _Request($method, $url, $header, $data = NULL, $user = NULL, $p if ($user != NULL && $password != NULL) { curl_setopt($conn, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); # use HTTP BASIC Authentication - curl_setopt($conn, CURLOPT_USERPWD, "$user:$password"); # set auth data + curl_setopt($conn, CURLOPT_USERPWD, $user . ':' . $password); # set auth data } $response = curl_exec($conn); diff --git a/util/db.php b/util/db.php index be8eb45..eb83630 100644 --- a/util/db.php +++ b/util/db.php @@ -24,14 +24,14 @@ function db_ensure_connection() function db_get_enum_column_values($table, $column, &$values) { $db_connection = db_ensure_connection(); - $db_query = "SHOW COLUMNS IN $table WHERE Field = '" . mysql_real_escape_String($column) . "'"; + $db_query = 'SHOW COLUMNS IN ' . $table . ' WHERE Field = "' . mysql_real_escape_string($column) . '"'; $db_result = mysql_query($db_query, $db_connection); if (!$db_result) { return false; } $data = mysql_fetch_assoc($db_result); - $values = explode("','",substr($data["Type"],6,-2)); + $values = explode('\',\'',substr($data['Type'],6,-2)); return true; } ?> \ No newline at end of file diff --git a/util/rewriter.php b/util/rewriter.php index 58b1527..c052bdf 100644 --- a/util/rewriter.php +++ b/util/rewriter.php @@ -1,12 +1,12 @@ false); } sortArray_storage($field); - usort($data, "sortArray_sort"); + usort($data, 'sortArray_sort'); return $data; } diff --git a/util/subfolder.php b/util/subfolder.php index 69e2405..2b9d6e2 100644 --- a/util/subfolder.php +++ b/util/subfolder.php @@ -1,16 +1,16 @@ \ No newline at end of file diff --git a/util/user_input.php b/util/user_input.php index 0e7f959..498488f 100644 --- a/util/user_input.php +++ b/util/user_input.php @@ -1,7 +1,7 @@

    "); + return strip_tags(user_input_process($raw), '

    '); } ?> \ No newline at end of file