From 86f364af9dae055f9b8c1f0f70a0717ebe3879e1 Mon Sep 17 00:00:00 2001 From: xiaomlove <353856593@qq.com> Date: Thu, 7 Jan 2021 17:35:00 +0800 Subject: [PATCH] fix warning staffpanel part --- admanage.php | 15 ++++++++------- allowedemails.php | 4 ++-- amountupload.php | 8 ++++---- bannedemails.php | 4 ++-- bans.php | 12 ++++++------ bitbucketlog.php | 8 ++++---- catmanage.php | 6 +++--- docleanup.php | 2 +- include/database/class_db.php | 5 +++++ include/database/class_db_mysqli.php | 4 ++++ include/database/helpers.php | 5 +++++ include/database/interface_db.php | 2 ++ ipcheck.php | 1 + location.php | 18 +++++++++--------- massmail.php | 3 ++- maxlogin.php | 4 ++-- modrules.php | 10 +++++----- stats.php | 4 ++-- testip.php | 2 +- uploaders.php | 3 ++- warned.php | 2 +- 21 files changed, 71 insertions(+), 51 deletions(-) diff --git a/admanage.php b/admanage.php index 563d3017..bdf0d514 100644 --- a/admanage.php +++ b/admanage.php @@ -68,6 +68,7 @@ function get_type_name($type) function print_ad_editor($position, $row = "") { global $lang_admanage; + global $allowxhtmlclass; switch ($position) { case 'header': @@ -136,11 +137,11 @@ tr($lang_admanage['row_type']."*", " ".$lang_admanage['text_image_url_note'], 1); -tr($lang_admanage['row_image_link']."*", " ".$lang_admanage['text_image_link_note'], 1); -tr($lang_admanage['row_image_width'], " ".$lang_admanage['text_image_width_note'], 1); -tr($lang_admanage['row_image_height'], " ".$lang_admanage['text_image_height_note'], 1); -tr($lang_admanage['row_image_tooltip'], " ".$lang_admanage['text_image_tooltip_note'], 1); +tr($lang_admanage['row_image_url']."*", " ".$lang_admanage['text_image_url_note'], 1); +tr($lang_admanage['row_image_link']."*", " ".$lang_admanage['text_image_link_note'], 1); +tr($lang_admanage['row_image_width'], " ".$lang_admanage['text_image_width_note'], 1); +tr($lang_admanage['row_image_height'], " ".$lang_admanage['text_image_height_note'], 1); +tr($lang_admanage['row_image_tooltip'], " ".$lang_admanage['text_image_tooltip_note'], 1); ?> @@ -187,7 +188,7 @@ tr($lang_admanage['row_flash_height']."*", "".$lang_admanage['text_no_ads_yet']."

"); else{ list($pagertop, $pagerbottom, $limit) = pager($perpage, $num, "?"); - $res = sql_query("SELECT * FROM advertisements ORDER BY id DESC ".(int)$limit) or sqlerr(__FILE__, __LINE__); + $res = sql_query("SELECT * FROM advertisements ORDER BY id DESC ".$limit) or sqlerr(__FILE__, __LINE__); ?> diff --git a/allowedemails.php b/allowedemails.php index ac62a508..ffbdb388 100644 --- a/allowedemails.php +++ b/allowedemails.php @@ -18,14 +18,14 @@ if ($action == 'showlist') { -
Enter a list of allowed email addresses (separated by spaces):
To allow a specific address enter "email@domain.com", to allow an entire domain enter "@domain.com"		 +
"> @@ -21,7 +21,7 @@ if ($_GET["returnto"] || $_SERVER["HTTP_REFERER"]) ?> - +
Upload amount has been added and inform message has been sent.
Subject
Reason
Reason
Operator:   @@ -118,7 +118,7 @@ if ($_GET["sent"] == 1) {
-> +> diff --git a/bannedemails.php b/bannedemails.php index 0fe2e83a..084e3583 100644 --- a/bannedemails.php +++ b/bannedemails.php @@ -16,14 +16,14 @@ if ($action == 'showlist') {
Enter a list of banned email addresses (separated by spaces):
To ban a specific address enter "email@domain.com", to ban an entire domain enter "@domain.com" - +
= UC_ADMINISTRATOR) @@ -25,8 +25,8 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && get_user_class() >= UC_ADMINISTRATOR stderr("Error", "Bad IP address."); $comment = sqlesc($comment); $added = sqlesc(date("Y-m-d H:i:s")); - sql_query("INSERT INTO bans (added, addedby, first, last, comment) VALUES($added, ".mysql_real_escape_string($CURUSER[id]).", $firstlong, $lastlong, $comment)") or sqlerr(__FILE__, __LINE__); - header("Location: $_SERVER[REQUEST_URI]"); + sql_query("INSERT INTO bans (added, addedby, first, last, comment) VALUES($added, ".mysql_real_escape_string($CURUSER['id']).", $firstlong, $lastlong, $comment)") or sqlerr(__FILE__, __LINE__); + header("Location: {$_SERVER['REQUEST_URI']}"); die; } @@ -48,8 +48,8 @@ else while ($arr = mysql_fetch_assoc($res)) { - print("".gettime($arr[added])."".long2ip($arr[first])."".long2ip($arr[last])."". get_username($arr['addedby']) . - "$arr[comment]Remove\n"); + print("".gettime($arr['added'])."".long2ip($arr['first'])."".long2ip($arr['last'])."". get_username($arr['addedby']) . + "{$arr['comment']}Remove\n"); } print("\n"); } diff --git a/bitbucketlog.php b/bitbucketlog.php index 1bbc3717..ef3b2751 100644 --- a/bitbucketlog.php +++ b/bitbucketlog.php @@ -8,7 +8,7 @@ stderr("Sorry", "Access denied."); $bucketpath = "$bitbucket"; if (get_user_class() >= UC_MODERATOR) { - $delete = $_GET["delete"]; + $delete = intval($_GET["delete"] ?? 0); if (is_valid_id($delete)) { $r = sql_query("SELECT name,owner FROM bitbucket WHERE id=".mysql_real_escape_string($delete)) or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($r) == 1) { @@ -21,7 +21,7 @@ if (get_user_class() >= UC_MODERATOR) stdhead("BitBucket Log"); $res = sql_query("SELECT count(*) FROM bitbucket") or die(mysql_error()); $row = mysql_fetch_array($res); $count = $row[0]; $perpage = 10; - list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] . "?out=" . $_GET["out"] . "&" ); + list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] . "?out=" . ($_GET["out"] ?? '') . "&" ); print("

BitBucket Log

\n"); print("Total Images Stored: $count"); echo $pagertop; @@ -38,8 +38,8 @@ if (get_user_class() >= UC_MODERATOR) $url = str_replace(" ", "%20", htmlspecialchars("$bitbucket/$name")); print(""); print("
"); - print("Uploaded by: " . get_username($arr[owner]). "
"); - print("(#$arr[id]) Filename: $name ($width x $height)"); + print("Uploaded by: " . get_username($arr['owner']). "
"); + print("(#{$arr['id']}) Filename: $name ($width x $height)"); if (get_user_class() >= UC_MODERATOR) print(" [Delete]
"); print("Added: $date $time"); diff --git a/catmanage.php b/catmanage.php index 4d620c4c..9bbabac1 100644 --- a/catmanage.php +++ b/catmanage.php @@ -356,12 +356,12 @@ tr($lang_catmanage['col_order'], ""; echo "clean-up in progress...please wait
"; ob_flush(); flush(); -if ($_GET['forceall']) { +if (isset($_GET['forceall']) && $_GET['forceall']) { $forceall = 1; } else { $forceall = 0; diff --git a/include/database/class_db.php b/include/database/class_db.php index 10352b14..9cee849a 100644 --- a/include/database/class_db.php +++ b/include/database/class_db.php @@ -102,6 +102,11 @@ class DB return $this->driver->lastInsertId(); } + public function freeResult($result) + { + return $this->driver->freeResult($result); + } + diff --git a/include/database/class_db_mysqli.php b/include/database/class_db_mysqli.php index 3c165105..87847566 100644 --- a/include/database/class_db_mysqli.php +++ b/include/database/class_db_mysqli.php @@ -76,5 +76,9 @@ class DBMysqli implements DBInterface return $this->mysqli->insert_id; } + public function freeResult($mysqliResult) + { + return $mysqliResult->free_result(); + } } \ No newline at end of file diff --git a/include/database/helpers.php b/include/database/helpers.php index 91be5674..7f58f3db 100644 --- a/include/database/helpers.php +++ b/include/database/helpers.php @@ -59,3 +59,8 @@ function mysql_insert_id() { return DB::getInstance()->lastInsertId(); } + +function mysql_free_result($result) +{ + return DB::getInstance()->freeResult($result); +} diff --git a/include/database/interface_db.php b/include/database/interface_db.php index f5940776..1fed7776 100644 --- a/include/database/interface_db.php +++ b/include/database/interface_db.php @@ -26,4 +26,6 @@ interface DBInterface public function lastInsertId(): int; + public function freeResult($result); + } \ No newline at end of file diff --git a/ipcheck.php b/ipcheck.php index 4e0b2cd0..45e02166 100644 --- a/ipcheck.php +++ b/ipcheck.php @@ -22,6 +22,7 @@ if (get_user_class() >= UC_MODERATOR || $CURUSER["guard"] == "yes") IP Peer\n"); $uc = 0; + $ip = ''; while($ras = mysql_fetch_assoc($res)) { if ($ras["dupl"] <= 1) diff --git a/location.php b/location.php index 1d0939e0..6c509dea 100644 --- a/location.php +++ b/location.php @@ -6,13 +6,13 @@ loggedinorreturn(); if (get_user_class() < UC_SYSOP) { die("access denied."); } -mysql_connect($mysql_host,$mysql_user,$mysql_pass); +mysql_connect($mysql_host,$mysql_user,$mysql_pass, $BASIC['mysql_db'], $BASIC['mysql_port']); mysql_select_db($mysql_db); stdhead("Manage Locations"); begin_main_frame("",false,100); begin_frame("Manage Locations",true,10,"100%","center"); -$sure = $_GET['sure']; +$sure = $_GET['sure'] ?? ''; if($sure == "yes") { $delid = $_GET['delid']; $query = "DELETE FROM locations WHERE id=" .sqlesc($delid) . " LIMIT 1"; @@ -22,7 +22,7 @@ if($sure == "yes") { stdfoot(); die(); } -$delid = $_GET['delid']; +$delid = intval($_GET['delid'] ?? 0); if($delid > 0) { echo("Are you sure you would like to delete this Location?( Yes! / No )"); end_frame(); @@ -30,7 +30,7 @@ if($delid > 0) { die(); } -$edited = $_GET['edited']; +$edited = intval($_GET['edited'] ?? 0); if($edited == 1) { $id = intval($_GET['id'] ?? 0); $name = $_GET['name']; @@ -103,7 +103,7 @@ if($editid > 0) { die(); } -$add = $_GET['add']; +$add = $_GET['add'] ?? ''; $success = false; if($add == 'true') { $name = $_GET['name']; @@ -154,8 +154,8 @@ echo(""); echo(""); @@ -171,8 +171,8 @@ print("











< unset($wherea); - -$check_range = $_GET['check_range']; +$wherea = ''; +$check_range = $_GET['check_range'] ?? ''; if($check_range == 'true') { //stderr("",$range_start_ip . $range_end_ip . validip_format($range_start_ip) . validip_format($range_end_ip)); diff --git a/massmail.php b/massmail.php index 82338eab..c1b8cd11 100644 --- a/massmail.php +++ b/massmail.php @@ -7,7 +7,7 @@ stderr("Error", "Permission denied."); $class = intval($_POST["class"] ?? 0); if ($class) int_check($class,true); -$or = $_POST["or"]; +$or = $_POST["or"] ?? ''; if ($_SERVER["REQUEST_METHOD"] == "POST") { @@ -55,6 +55,7 @@ if (get_user_class() == UC_MODERATOR && $CURUSER["class"] > UC_POWER_USER) printf("
Classe"); @@ -30,14 +30,14 @@ if ($_GET["act"] == "newsect") print("
"); stdfoot(); } -elseif ($_GET["act"]=="addsect"){ +elseif (isset($_GET["act"]) && $_GET["act"]=="addsect"){ $title = $_POST["title"]; $text = $_POST["text"]; $language = $_POST["language"]; sql_query("insert into rules (title, text, lang_id) values(".sqlesc($title).", ".sqlesc($text).", ".sqlesc($language).")") or sqlerr(__FILE__,__LINE__); header("Refresh: 0; url=modrules.php"); } -elseif ($_GET["act"] == "edit"){ +elseif (isset($_GET["act"]) && $_GET["act"] == "edit"){ $id = $_GET["id"]; $res = @mysql_fetch_array(@sql_query("select * from rules where id='$id'")); stdhead("Edit rules"); @@ -62,7 +62,7 @@ elseif ($_GET["act"] == "edit"){ print(""); stdfoot(); } -elseif ($_GET["act"]=="edited"){ +elseif (isset($_GET["act"]) && $_GET["act"]=="edited"){ $id = intval($_POST["id"] ?? 0); $title = $_POST["title"]; $text = $_POST["text"]; @@ -70,7 +70,7 @@ elseif ($_GET["act"]=="edited"){ sql_query("update rules set title=".sqlesc($title).", text=".sqlesc($text).", lang_id = ".sqlesc($language)." where id=".sqlesc($id)) or sqlerr(__FILE__,__LINE__); header("Refresh: 0; url=modrules.php"); } -elseif ($_GET["act"]=="del"){ +elseif (isset($_GET["act"]) && $_GET["act"]=="del"){ $id = (int)$_GET["id"]; $sure = intval($_GET["sure"] ?? 0); if (!$sure) diff --git a/stats.php b/stats.php index 189816b4..e5d96a46 100644 --- a/stats.php +++ b/stats.php @@ -31,8 +31,8 @@ $res = sql_query("SELECT COUNT(*) FROM peers") or sqlerr(__FILE__, __LINE__); $n = mysql_fetch_row($res); $n_peers = $n[0]; -$uporder = $_GET['uporder']; -$catorder = $_GET["catorder"]; +$uporder = $_GET['uporder'] ?? ''; +$catorder = $_GET["catorder"] ?? ''; if ($uporder == "lastul") $orderby = "last DESC, name"; diff --git a/testip.php b/testip.php index db1b263f..2479a7be 100644 --- a/testip.php +++ b/testip.php @@ -8,7 +8,7 @@ if (get_user_class() < UC_MODERATOR) stderr("Error", "Permission denied"); if ($_SERVER["REQUEST_METHOD"] == "POST") $ip = $_POST["ip"]; else - $ip = $_GET["ip"]; + $ip = $_GET["ip"] ?? ''; if ($ip) { $nip = ip2long($ip); diff --git a/uploaders.php b/uploaders.php index 8bbf25d4..a3fac0b3 100644 --- a/uploaders.php +++ b/uploaders.php @@ -13,7 +13,7 @@ $year=date('Y'); $month=intval($_GET['month'] ?? 0); if (!$month || $month<=0 || $month>12) $month=date('m'); -$order=$_GET['order']; +$order=$_GET['order'] ?? ''; if (!in_array($order, array('username', 'torrent_size', 'torrent_count'))) $order='username'; if ($order=='username') @@ -88,6 +88,7 @@ else{ unset($row2); } $res3=sql_query("SELECT users.id AS userid, users.username AS username, 0 AS torrent_count, 0 AS torrent_size FROM users WHERE class >= ".UC_UPLOADER.(count($hasupuserid) ? " AND users.id NOT IN (".implode(",",$hasupuserid).")" : "")." ORDER BY username ASC") or sqlerr(__FILE__, __LINE__); + $count = 0; while($row = mysql_fetch_array($res3)) { $res2 = sql_query("SELECT torrents.id, torrents.name, torrents.added FROM torrents WHERE owner=".$row['userid']." ORDER BY id DESC LIMIT 1"); diff --git a/warned.php b/warned.php index 89a49f73..fd3ddc7b 100644 --- a/warned.php +++ b/warned.php @@ -61,7 +61,7 @@ if (get_user_class() >= UC_ADMINISTRATOR) { print("\n"); print("\n"); } -print("

$pagemenu
$browsemenu

"); +print("

" . ($pagemenu ?? '') . "
" . ($browsemenu ?? '') . "

"); die;