From 96f78f6dd89dce1473117f032aacca6a88bf774e Mon Sep 17 00:00:00 2001 From: xiaomlove <353856593@qq.com> Date: Fri, 4 Jun 2021 10:26:34 +0800 Subject: [PATCH] fix offers.php + update support enum --- composer.json | 1 + composer.lock | 449 +++++++++++++++++++++++++++++- nexus/Database/DB.php | 4 +- nexus/Install/install/install.php | 4 + nexus/Install/update/update.php | 4 + public/offers.php | 82 +++--- 6 files changed, 501 insertions(+), 43 deletions(-) diff --git a/composer.json b/composer.json index c8a3cac4..8bc5020d 100644 --- a/composer.json +++ b/composer.json @@ -28,6 +28,7 @@ "ext-mbstring": "*", "ext-mysqli": "*", "ext-xml": "*", + "doctrine/dbal": "^3.1", "fideloper/proxy": "^4.4", "fruitcake/laravel-cors": "^2.0", "guzzlehttp/guzzle": "~6.0", diff --git a/composer.lock b/composer.lock index 8c85b2cc..f3d31f0d 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "0c77bf38428a182de615c04874fe0bf2", + "content-hash": "a7b99d5b085f8f10e9e29279903ab37a", "packages": [ { "name": "asm89/stack-cors", @@ -122,6 +122,85 @@ ], "time": "2021-01-20T22:51:39+00:00" }, + { + "name": "composer/package-versions-deprecated", + "version": "1.11.99.2", + "source": { + "type": "git", + "url": "https://github.com/composer/package-versions-deprecated.git", + "reference": "c6522afe5540d5fc46675043d3ed5a45a740b27c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/composer/package-versions-deprecated/zipball/c6522afe5540d5fc46675043d3ed5a45a740b27c", + "reference": "c6522afe5540d5fc46675043d3ed5a45a740b27c", + "shasum": "", + "mirrors": [ + { + "url": "https://mirrors.aliyun.com/composer/dists/%package%/%reference%.%type%", + "preferred": true + } + ] + }, + "require": { + "composer-plugin-api": "^1.1.0 || ^2.0", + "php": "^7 || ^8" + }, + "replace": { + "ocramius/package-versions": "1.11.99" + }, + "require-dev": { + "composer/composer": "^1.9.3 || ^2.0@dev", + "ext-zip": "^1.13", + "phpunit/phpunit": "^6.5 || ^7" + }, + "type": "composer-plugin", + "extra": { + "class": "PackageVersions\\Installer", + "branch-alias": { + "dev-master": "1.x-dev" + } + }, + "autoload": { + "psr-4": { + "PackageVersions\\": "src/PackageVersions" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Marco Pivetta", + "email": "ocramius@gmail.com" + }, + { + "name": "Jordi Boggiano", + "email": "j.boggiano@seld.be" + } + ], + "description": "Composer plugin that provides efficient querying for installed package versions (no runtime IO)", + "support": { + "issues": "https://github.com/composer/package-versions-deprecated/issues", + "source": "https://github.com/composer/package-versions-deprecated/tree/1.11.99.2" + }, + "funding": [ + { + "url": "https://packagist.com", + "type": "custom" + }, + { + "url": "https://github.com/composer", + "type": "github" + }, + { + "url": "https://tidelift.com/funding/github/packagist/composer/composer", + "type": "tidelift" + } + ], + "time": "2021-05-24T07:46:03+00:00" + }, { "name": "dnoegel/php-xdg-base-dir", "version": "v0.1.1", @@ -161,6 +240,374 @@ "description": "implementation of xdg base directory specification for php", "time": "2019-12-04T15:06:13+00:00" }, + { + "name": "doctrine/cache", + "version": "1.11.3", + "source": { + "type": "git", + "url": "https://github.com/doctrine/cache.git", + "reference": "3bb5588cec00a0268829cc4a518490df6741af9d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/doctrine/cache/zipball/3bb5588cec00a0268829cc4a518490df6741af9d", + "reference": "3bb5588cec00a0268829cc4a518490df6741af9d", + "shasum": "", + "mirrors": [ + { + "url": "https://mirrors.aliyun.com/composer/dists/%package%/%reference%.%type%", + "preferred": true + } + ] + }, + "require": { + "php": "~7.1 || ^8.0" + }, + "conflict": { + "doctrine/common": ">2.2,<2.4", + "psr/cache": ">=3" + }, + "require-dev": { + "alcaeus/mongo-php-adapter": "^1.1", + "cache/integration-tests": "dev-master", + "doctrine/coding-standard": "^8.0", + "mongodb/mongodb": "^1.1", + "phpunit/phpunit": "^7.0 || ^8.0 || ^9.0", + "predis/predis": "~1.0", + "psr/cache": "^1.0 || ^2.0", + "symfony/cache": "^4.4 || ^5.2" + }, + "suggest": { + "alcaeus/mongo-php-adapter": "Required to use legacy MongoDB driver" + }, + "type": "library", + "autoload": { + "psr-4": { + "Doctrine\\Common\\Cache\\": "lib/Doctrine/Common/Cache" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Guilherme Blanco", + "email": "guilhermeblanco@gmail.com" + }, + { + "name": "Roman Borschel", + "email": "roman@code-factory.org" + }, + { + "name": "Benjamin Eberlei", + "email": "kontakt@beberlei.de" + }, + { + "name": "Jonathan Wage", + "email": "jonwage@gmail.com" + }, + { + "name": "Johannes Schmitt", + "email": "schmittjoh@gmail.com" + } + ], + "description": "PHP Doctrine Cache library is a popular cache implementation that supports many different drivers such as redis, memcache, apc, mongodb and others.", + "homepage": "https://www.doctrine-project.org/projects/cache.html", + "keywords": [ + "abstraction", + "apcu", + "cache", + "caching", + "couchdb", + "memcached", + "php", + "redis", + "xcache" + ], + "support": { + "issues": "https://github.com/doctrine/cache/issues", + "source": "https://github.com/doctrine/cache/tree/1.11.3" + }, + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine%2Fcache", + "type": "tidelift" + } + ], + "time": "2021-05-25T09:01:55+00:00" + }, + { + "name": "doctrine/dbal", + "version": "3.1.0", + "source": { + "type": "git", + "url": "https://github.com/doctrine/dbal.git", + "reference": "5ba62e7e40df119424866064faf2cef66cb5232a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/doctrine/dbal/zipball/5ba62e7e40df119424866064faf2cef66cb5232a", + "reference": "5ba62e7e40df119424866064faf2cef66cb5232a", + "shasum": "", + "mirrors": [ + { + "url": "https://mirrors.aliyun.com/composer/dists/%package%/%reference%.%type%", + "preferred": true + } + ] + }, + "require": { + "composer/package-versions-deprecated": "^1.11.99", + "doctrine/cache": "^1.0", + "doctrine/deprecations": "^0.5.3", + "doctrine/event-manager": "^1.0", + "php": "^7.3 || ^8.0" + }, + "require-dev": { + "doctrine/coding-standard": "8.2.0", + "jetbrains/phpstorm-stubs": "2020.2", + "phpstan/phpstan": "0.12.81", + "phpstan/phpstan-strict-rules": "^0.12.2", + "phpunit/phpunit": "9.5.0", + "psalm/plugin-phpunit": "0.13.0", + "squizlabs/php_codesniffer": "3.6.0", + "symfony/console": "^2.0.5|^3.0|^4.0|^5.0", + "vimeo/psalm": "4.6.4" + }, + "suggest": { + "symfony/console": "For helpful console commands such as SQL execution and import of files." + }, + "bin": [ + "bin/doctrine-dbal" + ], + "type": "library", + "autoload": { + "psr-4": { + "Doctrine\\DBAL\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Guilherme Blanco", + "email": "guilhermeblanco@gmail.com" + }, + { + "name": "Roman Borschel", + "email": "roman@code-factory.org" + }, + { + "name": "Benjamin Eberlei", + "email": "kontakt@beberlei.de" + }, + { + "name": "Jonathan Wage", + "email": "jonwage@gmail.com" + } + ], + "description": "Powerful PHP database abstraction layer (DBAL) with many features for database schema introspection and management.", + "homepage": "https://www.doctrine-project.org/projects/dbal.html", + "keywords": [ + "abstraction", + "database", + "db2", + "dbal", + "mariadb", + "mssql", + "mysql", + "oci8", + "oracle", + "pdo", + "pgsql", + "postgresql", + "queryobject", + "sasql", + "sql", + "sqlite", + "sqlserver", + "sqlsrv" + ], + "support": { + "issues": "https://github.com/doctrine/dbal/issues", + "source": "https://github.com/doctrine/dbal/tree/3.1.0" + }, + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine%2Fdbal", + "type": "tidelift" + } + ], + "time": "2021-04-19T17:51:23+00:00" + }, + { + "name": "doctrine/deprecations", + "version": "v0.5.3", + "source": { + "type": "git", + "url": "https://github.com/doctrine/deprecations.git", + "reference": "9504165960a1f83cc1480e2be1dd0a0478561314" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/doctrine/deprecations/zipball/9504165960a1f83cc1480e2be1dd0a0478561314", + "reference": "9504165960a1f83cc1480e2be1dd0a0478561314", + "shasum": "", + "mirrors": [ + { + "url": "https://mirrors.aliyun.com/composer/dists/%package%/%reference%.%type%", + "preferred": true + } + ] + }, + "require": { + "php": "^7.1|^8.0" + }, + "require-dev": { + "doctrine/coding-standard": "^6.0|^7.0|^8.0", + "phpunit/phpunit": "^7.0|^8.0|^9.0", + "psr/log": "^1.0" + }, + "suggest": { + "psr/log": "Allows logging deprecations via PSR-3 logger implementation" + }, + "type": "library", + "autoload": { + "psr-4": { + "Doctrine\\Deprecations\\": "lib/Doctrine/Deprecations" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "description": "A small layer on top of trigger_error(E_USER_DEPRECATED) or PSR-3 logging with options to disable all deprecations or selectively for packages.", + "homepage": "https://www.doctrine-project.org/", + "support": { + "issues": "https://github.com/doctrine/deprecations/issues", + "source": "https://github.com/doctrine/deprecations/tree/v0.5.3" + }, + "time": "2021-03-21T12:59:47+00:00" + }, + { + "name": "doctrine/event-manager", + "version": "1.1.1", + "source": { + "type": "git", + "url": "https://github.com/doctrine/event-manager.git", + "reference": "41370af6a30faa9dc0368c4a6814d596e81aba7f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/doctrine/event-manager/zipball/41370af6a30faa9dc0368c4a6814d596e81aba7f", + "reference": "41370af6a30faa9dc0368c4a6814d596e81aba7f", + "shasum": "", + "mirrors": [ + { + "url": "https://mirrors.aliyun.com/composer/dists/%package%/%reference%.%type%", + "preferred": true + } + ] + }, + "require": { + "php": "^7.1 || ^8.0" + }, + "conflict": { + "doctrine/common": "<2.9@dev" + }, + "require-dev": { + "doctrine/coding-standard": "^6.0", + "phpunit/phpunit": "^7.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-4": { + "Doctrine\\Common\\": "lib/Doctrine/Common" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Guilherme Blanco", + "email": "guilhermeblanco@gmail.com" + }, + { + "name": "Roman Borschel", + "email": "roman@code-factory.org" + }, + { + "name": "Benjamin Eberlei", + "email": "kontakt@beberlei.de" + }, + { + "name": "Jonathan Wage", + "email": "jonwage@gmail.com" + }, + { + "name": "Johannes Schmitt", + "email": "schmittjoh@gmail.com" + }, + { + "name": "Marco Pivetta", + "email": "ocramius@gmail.com" + } + ], + "description": "The Doctrine Event Manager is a simple PHP event system that was built to be used with the various Doctrine projects.", + "homepage": "https://www.doctrine-project.org/projects/event-manager.html", + "keywords": [ + "event", + "event dispatcher", + "event manager", + "event system", + "events" + ], + "support": { + "issues": "https://github.com/doctrine/event-manager/issues", + "source": "https://github.com/doctrine/event-manager/tree/1.1.x" + }, + "funding": [ + { + "url": "https://www.doctrine-project.org/sponsorship.html", + "type": "custom" + }, + { + "url": "https://www.patreon.com/phpdoctrine", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/doctrine%2Fevent-manager", + "type": "tidelift" + } + ], + "time": "2020-05-29T18:28:51+00:00" + }, { "name": "doctrine/inflector", "version": "2.0.3", diff --git a/nexus/Database/DB.php b/nexus/Database/DB.php index 3a9f64ab..7a404e10 100644 --- a/nexus/Database/DB.php +++ b/nexus/Database/DB.php @@ -218,7 +218,9 @@ class DB $capsule->addConnection($config, $connectionName); $capsule->setAsGlobal(); $capsule->bootEloquent(); - $capsule->getConnection($connectionName)->enableQueryLog(); + $connection = $capsule->getConnection($connectionName); + $connection->enableQueryLog(); + $connection->getDoctrineSchemaManager()->getDatabasePlatform()->registerDoctrineTypeMapping('enum', 'string'); } public static function schema(): \Illuminate\Database\Schema\Builder diff --git a/nexus/Install/install/install.php b/nexus/Install/install/install.php index c4f7ef1e..1bd0ad9c 100644 --- a/nexus/Install/install/install.php +++ b/nexus/Install/install/install.php @@ -144,6 +144,10 @@ if ($currentStep == 5) { ['label' => '确认密码', 'name' => 'confirm_password', 'value' => $_POST['confirm_password'] ?? ''], ]; } + +if (!empty($error)) { + $pass = false; +} ?> diff --git a/nexus/Install/update/update.php b/nexus/Install/update/update.php index 16b884a7..563b7df1 100644 --- a/nexus/Install/update/update.php +++ b/nexus/Install/update/update.php @@ -188,6 +188,10 @@ if ($currentStep == 4) { break; } } + +if (!empty($error)) { + $pass = false; +} ?> diff --git a/public/offers.php b/public/offers.php index 171294eb..f68e5bcf 100644 --- a/public/offers.php +++ b/public/offers.php @@ -93,11 +93,11 @@ if (isset($_GET['new_offer']) && $_GET["new_offer"]){ $descr = $pic; $descr .= $descrmain; - $res = sql_query("SELECT name FROM offers WHERE name =".sqlesc($_POST[name])) or sqlerr(__FILE__,__LINE__); + $res = sql_query("SELECT name FROM offers WHERE name =".sqlesc($_POST['name'])) or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_assoc($res); if (!$arr['name']){ //===add karma //=== uncomment if you use the mod - //sql_query("UPDATE users SET seedbonus = seedbonus+10.0 WHERE id = $CURUSER[id]") or sqlerr(__FILE__, __LINE__); + //sql_query("UPDATE users SET seedbonus = seedbonus+10.0 WHERE id = $CURUSER['id']") or sqlerr(__FILE__, __LINE__); //===end $ret = sql_query("INSERT INTO offers (userid, name, descr, category, added) VALUES (" . @@ -110,7 +110,7 @@ if (isset($_GET['new_offer']) && $_GET["new_offer"]){ } $id = mysql_insert_id(); - write_log("offer $name was added by ".$CURUSER[username],'normal'); + write_log("offer $name was added by ".$CURUSER['username'],'normal'); header("Refresh: 0; url=offers.php?id=$id&off_details=1"); @@ -186,7 +186,7 @@ if (isset($_GET['off_details']) && $_GET["off_details"]){ tr($lang_offers['row_offer_allowed'], $lang_offers['text_urge_upload_offer_note'], 1); } - if ($CURUSER[id] == $num[userid] || get_user_class() >= $offermanage_class){ + if ($CURUSER['id'] == $num['userid'] || get_user_class() >= $offermanage_class){ $edit = "\"edit\" ".$lang_offers['text_edit_offer'] . " | "; $delete = "\"delete\" ".$lang_offers['text_delete_offer']." | "; } @@ -255,14 +255,14 @@ if (isset($_GET["allow_offer"]) && $_GET["allow_offer"]) { $timeoutnote = $lang_offers_target[get_user_lang($arr["userid"])]['msg_you_must_upload_in'].$timeouthour.$lang_offers_target[get_user_lang($arr["userid"])]['msg_hours_otherwise']; } else $timeoutnote = ""; - $msg = "$CURUSER[username]".$lang_offers_target[get_user_lang($arr["userid"])]['msg_has_allowed']."[b][url=". get_protocol_prefix() . $BASEURL ."/offers.php?id=$offid&off_details=1]" . $arr[name] . "[/url][/b]. ".$lang_offers_target[get_user_lang($arr["userid"])]['msg_find_offer_option'].$timeoutnote; + $msg = $CURUSER['username'].$lang_offers_target[get_user_lang($arr["userid"])]['msg_has_allowed']."[b][url=". get_protocol_prefix() . $BASEURL ."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b]. ".$lang_offers_target[get_user_lang($arr["userid"])]['msg_find_offer_option'].$timeoutnote; $subject = $lang_offers_target[get_user_lang($arr["userid"])]['msg_your_offer_allowed']; $allowedtime = date("Y-m-d H:i:s"); - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, $arr[userid], '" . $allowedtime . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, '" . $allowedtime . "', " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); sql_query ("UPDATE offers SET allowed = 'allowed', allowedtime = '".$allowedtime."' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); - write_log("$CURUSER[username] allowed offer $arr[name]",'normal'); + write_log("{$CURUSER['username']} allowed offer {$arr['name']}",'normal'); header("Refresh: 0; url=" . get_protocol_prefix() . "$BASEURL/offers.php?id=$offid&off_details=1"); } //=== end allow the offer @@ -300,19 +300,19 @@ if (isset($_GET["finish_offer"]) && $_GET["finish_offer"]) { $timeoutnote = $lang_offers_target[get_user_lang($arr["userid"])]['msg_you_must_upload_in'].$timeouthour.$lang_offers_target[get_user_lang($arr["userid"])]['msg_hours_otherwise']; } else $timeoutnote = ""; - $msg = $lang_offers_target[get_user_lang($arr["userid"])]['msg_offer_voted_on']."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr[name] . "[/url][/b].". $lang_offers_target[get_user_lang($arr["userid"])]['msg_find_offer_option'].$timeoutnote; + $msg = $lang_offers_target[get_user_lang($arr["userid"])]['msg_offer_voted_on']."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].". $lang_offers_target[get_user_lang($arr["userid"])]['msg_find_offer_option'].$timeoutnote; sql_query ("UPDATE offers SET allowed = 'allowed',allowedtime ='".$finishvotetime."' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); } else if(($no - $yes)>=$minoffervotes){ - $msg = $lang_offers_target[get_user_lang($arr["userid"])]['msg_offer_voted_off']."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr[name] . "[/url][/b].".$lang_offers_target[get_user_lang($arr["userid"])]['msg_offer_deleted'] ; + $msg = $lang_offers_target[get_user_lang($arr["userid"])]['msg_offer_voted_off']."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].".$lang_offers_target[get_user_lang($arr["userid"])]['msg_offer_deleted'] ; sql_query ("UPDATE offers SET allowed = 'denied' WHERE id = $offid") or sqlerr(__FILE__,__LINE__); } //===use this line if you DO HAVE subject in your PM system - $subject = $lang_offers_target[get_user_lang($arr[userid])]['msg_your_offer'].$arr[name].$lang_offers_target[get_user_lang($arr[userid])]['msg_voted_on']; - sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, ".sqlesc($subject).", $arr[userid], '" . $finishvotetime . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); + $subject = $lang_offers_target[get_user_lang($arr['userid'])]['msg_your_offer'].$arr['name'].$lang_offers_target[get_user_lang($arr['userid'])]['msg_voted_on']; + sql_query("INSERT INTO messages (sender, subject, receiver, added, msg) VALUES(0, ".sqlesc($subject).", {$arr['userid']}, '" . $finishvotetime . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); //===use this line if you DO NOT subject in your PM system - //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES(0, $arr[userid], '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); - write_log("$CURUSER[username] closed poll $arr[name]",'normal'); + //sql_query("INSERT INTO messages (sender, receiver, added, msg) VALUES(0, $arr['userid'], '" . date("Y-m-d H:i:s") . "', " . sqlesc($msg) . ")") or sqlerr(__FILE__, __LINE__); + write_log("{$CURUSER['username']} closed poll {$arr['name']}",'normal'); header("Refresh: 0; url=" . get_protocol_prefix() . "$BASEURL/offers.php?id=$offid&off_details=1"); die; @@ -378,7 +378,7 @@ if (isset($_GET["take_off_edit"]) && $_GET["take_off_edit"]){ $res = sql_query("SELECT userid FROM offers WHERE id = $id") or sqlerr(__FILE__, __LINE__); $num = mysql_fetch_array($res); - if ($CURUSER[id] != $num[userid] && get_user_class() < $offermanage_class) + if ($CURUSER['id'] != $num['userid'] && get_user_class() < $offermanage_class) stderr($lang_offers['std_error'], $lang_offers['std_access_denied']); $name = $_POST["name"]; @@ -440,9 +440,9 @@ if (isset($_GET["offer_vote"]) && $_GET["offer_vote"]){ while ($arr = mysql_fetch_assoc($res)) { - if ($arr[vote] == 'yeah') + if ($arr['vote'] == 'yeah') $vote = "".$lang_offers['text_for'].""; - elseif ($arr[vote] == 'against') + elseif ($arr['vote'] == 'against') $vote = "".$lang_offers['text_against'].""; else $vote = "unknown"; @@ -499,19 +499,19 @@ if (isset($_GET["vote"]) && $_GET["vote"]){ } else $timeoutnote = ""; sql_query("UPDATE offers SET allowed='allowed', allowedtime=".sqlesc($finishtime)." WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); - $msg = $lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_voted_on']."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offerid&off_details=1]" . $arr[name] . "[/url][/b].". $lang_offers_target[get_user_lang($arr['userid'])]['msg_find_offer_option'].$timeoutnote; + $msg = $lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_voted_on']."[b][url=". get_protocol_prefix() . $BASEURL."/offers.php?id=$offerid&off_details=1]" . $arr['name'] . "[/url][/b].". $lang_offers_target[get_user_lang($arr['userid'])]['msg_find_offer_option'].$timeoutnote; $subject = $lang_offers_target[get_user_lang($arr['userid'])]['msg_your_offer_allowed']; - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, $arr[userid], " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); - write_log("System allowed offer $arr[name]",'normal'); + sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + write_log("System allowed offer {$arr['name']}",'normal'); } //denied and send offer voted off message if(($against-$yeah)>=$minoffervotes && $ya_arr['allowed'] != "denied") { sql_query("UPDATE offers SET allowed='denied' WHERE id=".sqlesc($offerid)) or sqlerr(__FILE__,__LINE__); - $msg = $lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_voted_off']."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr[name] . "[/url][/b].".$lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_deleted'] ; + $msg = $lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_voted_off']."[b][url=" . get_protocol_prefix() . $BASEURL."/offers.php?id=$offid&off_details=1]" . $arr['name'] . "[/url][/b].".$lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_deleted'] ; $subject = $lang_offers_target[get_user_lang($arr['userid'])]['msg_offer_deleted']; - sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, $arr[userid], " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); - write_log("System denied offer $arr[name]",'normal'); + sql_query("INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, {$arr['userid']}, " . sqlesc(date("Y-m-d H:i:s")) . ", " . sqlesc($msg) . ", ".sqlesc($subject).")") or sqlerr(__FILE__, __LINE__); + write_log("System denied offer {$arr['name']}",'normal'); } @@ -570,17 +570,17 @@ if (isset($_GET["del_offer"]) && $_GET["del_offer"]){ sql_query("DELETE FROM comments WHERE offer=$offer"); //===add karma //=== use this if you use the karma mod - //sql_query("UPDATE users SET seedbonus = seedbonus-10.0 WHERE id = $num[userid]") or sqlerr(__FILE__, __LINE__); + //sql_query("UPDATE users SET seedbonus = seedbonus-10.0 WHERE id = $num['userid']") or sqlerr(__FILE__, __LINE__); //===end if ($CURUSER["id"] != $num["userid"]) { $added = sqlesc(date("Y-m-d H:i:s")); $subject = sqlesc($lang_offers_target[get_user_lang($num["userid"])]['msg_offer_deleted']); - $msg = sqlesc($lang_offers_target[get_user_lang($num["userid"])]['msg_your_offer'].$num[name].$lang_offers_target[get_user_lang($num["userid"])]['msg_was_deleted_by']. "[url=userdetails.php?id=".$CURUSER['id']."]".$CURUSER['username']."[/url]".$lang_offers_target[get_user_lang($num["userid"])]['msg_blank'].($reason != "" ? $lang_offers_target[get_user_lang($num["userid"])]['msg_reason_is'].$reason : "")); - sql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, $num[userid], $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__); + $msg = sqlesc($lang_offers_target[get_user_lang($num["userid"])]['msg_your_offer'].$num['name'].$lang_offers_target[get_user_lang($num["userid"])]['msg_was_deleted_by']. "[url=userdetails.php?id=".$CURUSER['id']."]".$CURUSER['username']."[/url]".$lang_offers_target[get_user_lang($num["userid"])]['msg_blank'].($reason != "" ? $lang_offers_target[get_user_lang($num["userid"])]['msg_reason_is'].$reason : "")); + sql_query("INSERT INTO messages (sender, receiver, msg, added, subject) VALUES(0, {$num['userid']}, $msg, $added, $subject)") or sqlerr(__FILE__, __LINE__); } - write_log("Offer: $offer ($num[name]) was deleted by $CURUSER[username]".($reason != "" ? " (".$reason.")" : ""),'normal'); + write_log("Offer: $offer ({$num['name']}) was deleted by {$CURUSER['username']}".($reason != "" ? " (".$reason.")" : ""),'normal'); header("Refresh: 0; url=offers.php"); die; } @@ -726,7 +726,7 @@ if (!$num) stdmsg($lang_offers['text_nothing_found'],$lang_offers['text_nothing_found']); else { - $catid = $_GET[category]; + $catid = $_GET['category']; print(""); print("". "". @@ -745,13 +745,13 @@ print("". $addedby = get_username($arr['userid']); $comms = $arr['comments']; if ($comms == 0) - $comment = "0"; + $comment = "0"; else { - if (!$lastcom = $Cache->get_value('offer_'.$arr[id].'_last_comment_content')){ - $res2 = sql_query("SELECT user, added, text FROM comments WHERE offer = $arr[id] ORDER BY added DESC LIMIT 1"); + if (!$lastcom = $Cache->get_value('offer_'.$arr['id'].'_last_comment_content')){ + $res2 = sql_query("SELECT user, added, text FROM comments WHERE offer = {$arr['id']} ORDER BY added DESC LIMIT 1"); $lastcom = mysql_fetch_array($res2); - $Cache->cache_value('offer_'.$arr[id].'_last_comment_content', $lastcom, 1855); + $Cache->cache_value('offer_'.$arr['id'].'_last_comment_content', $lastcom, 1855); } $timestamp = strtotime($lastcom["added"]); $hasnewcom = ($lastcom['user'] != $CURUSER['id'] && $timestamp >= $last_offer); @@ -775,7 +775,7 @@ print("". $title = " title=\"".($hasnewcom ? $lang_offers['title_has_new_comment'] : $lang_offers['title_no_new_comment'])."\""; $onmouseover = ""; } - $comment = "".($hasnewcom ? "" : ""). $comms .($hasnewcom ? "" : "").""; + $comment = "".($hasnewcom ? "" : ""). $comms .($hasnewcom ? "" : "").""; } //==== if you want allow deny for offers use this next bit @@ -788,13 +788,13 @@ print("". //===end if ($arr["yeah"] == 0) - $zvote = $arr[yeah]; + $zvote = $arr['yeah']; else - $zvote = "".$arr[yeah].""; + $zvote = "".$arr['yeah'].""; if ($arr["against"] == 0) - $pvote = "$arr[against]"; + $pvote = $arr['against']; else - $pvote = "".$arr[against].""; + $pvote = "".$arr['against'].""; if ($arr["yeah"] == 0 && $arr["against"] == 0) { @@ -803,15 +803,15 @@ print("". else { - $v_res = "" .$arr[yeah]." - ".$arr[against]." = ".($arr[yeah] - $arr[against]). ""; + $v_res = "" .$arr['yeah']." - ".$arr['against']." = ".($arr['yeah'] - $arr['against']). ""; } $addtime = gettime($arr['added'],false,true); - $dispname = $arr[name]; - $count_dispname=mb_strlen($arr[name],"UTF-8"); + $dispname = $arr['name']; + $count_dispname=mb_strlen($arr['name'],"UTF-8"); $max_length_of_offer_name = 70; if($count_dispname > $max_length_of_offer_name) $dispname=mb_substr($dispname, 0, $max_length_of_offer_name-2,"UTF-8") . ".."; - print("".(get_user_class() >= $againstoffer_class ? "" : "")); + print("".(get_user_class() >= $againstoffer_class ? "" : "")); print(""); if ($offervotetimeout_main > 0 && $offeruptimeout_main > 0){ @@ -828,7 +828,7 @@ print("". $timeout = "N/A"; print(""); } - print("".(get_user_class() >= $offermanage_class ? "" : "").""); + print("".(get_user_class() >= $offermanage_class ? "" : "").""); } print("
".$lang_offers['col_type']."".$lang_offers['col_title']."".$lang_offers['col_offered_by']."".$lang_offers['col_offered_by']."".$lang_offers['col_offered_by']."".$lang_offers['col_offered_by']."
".return_category_image($arr['cat_id'], "")."".htmlspecialchars($dispname)."".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? " (".$lang_offers['text_new'].")" : "").$allowed."".$v_res."".$lang_offers['text_yep']."".$lang_offers['text_nah']."
".return_category_image($arr['cat_id'], "")."".htmlspecialchars($dispname)."".($CURUSER['appendnew'] != 'no' && strtotime($arr["added"]) >= $last_offer ? " (".$lang_offers['text_new'].")" : "").$allowed."".$v_res."".$lang_offers['text_yep']."".$lang_offers['text_nah']."".$comment."" . $addtime. "".$lang_offers['col_offered_by']."".$timeout."".$addedby."\"D\"
\"E\"
".$addedby."\"D\"
\"E\"
\n"); echo $pagerbottom;