[geeklog-cvs] Geeklog-1.x/system/classes story.class.php, 1.12, 1.13
Dirk Haun
dhaun at qs1489.pair.com
Sun Aug 19 12:28:05 EDT 2007
Update of /cvsroot/geeklog/Geeklog-1.x/system/classes
In directory qs1489.pair.com:/tmp/cvs-serv24599/system/classes
Modified Files:
story.class.php
Log Message:
Integrated Ramnath's changes to make stories available through the webservice API
Index: story.class.php
===================================================================
RCS file: /cvsroot/geeklog/Geeklog-1.x/system/classes/story.class.php,v
retrieving revision 1.12
retrieving revision 1.13
diff -C2 -d -r1.12 -r1.13
*** story.class.php 9 Aug 2007 07:58:21 -0000 1.12
--- story.class.php 19 Aug 2007 16:28:02 -0000 1.13
***************
*** 9,13 ****
// | Geeklog Story Abstraction. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2006 by the following authors: |
// | |
// | Authors: Michael Jervis, mike AT fuckingbrit DOT com |
--- 9,13 ----
// | Geeklog Story Abstraction. |
// +---------------------------------------------------------------------------+
! // | Copyright (C) 2006-2007 by the following authors: |
// | |
// | Authors: Michael Jervis, mike AT fuckingbrit DOT com |
***************
*** 201,205 ****
'perm_anon' => 1,
'imageurl' => 0,
! 'topic' => 0
);
/**
--- 201,206 ----
'perm_anon' => 1,
'imageurl' => 0,
! 'topic' => 0,
! 'access' => 0
);
/**
***************
*** 465,469 ****
$this->_perm_members = $array['perm_members'];
} else {
! $this->loadFromRequest();
}
--- 466,470 ----
$this->_perm_members = $array['perm_members'];
} else {
! $this->loadFromArgsArray($_POST);
}
***************
*** 473,477 ****
if ($result) {
! $story = DB_fetchArray($result);
$this->loadFromArray($story);
$access
--- 474,481 ----
if ($result) {
! $story = DB_fetchArray($result, false);
! if ($story == null) {
! return STORY_INVALID_SID;
! }
$this->loadFromArray($story);
$access
***************
*** 655,681 ****
* SQL Injection. Yay.
*/
! function loadFromRequest($post = true)
{
global $_TABLES;
! // Acquire source of post:
! if ($post) {
! $array = $_POST;
! } else {
! $array = $_GET;
! }
!
! // Handle Magic GPC Garbage:
! while (list($key, $value) = each($array)) {
! if (!is_array($value))
! {
! $array[$key] = COM_stripslashes($value);
! } else {
! while (list($subkey, $subvalue) = each($value))
! {
! $value[$subkey] = COM_stripslashes($subvalue);
! }
! }
! }
/* Load the trivial stuff: */
--- 659,669 ----
* SQL Injection. Yay.
*/
! function loadFromArgsArray(&$array)
{
global $_TABLES;
! /* magic_quotes_gpc cleanup routine now in submitstory() in
! * /public_html/admin/story.php
! */
/* Load the trivial stuff: */
***************
*** 688,692 ****
= 'SELECT owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon ' . ' FROM ' . $_TABLES['stories']
. ' WHERE sid=\'' . $this->_sid . '\'';
! $result = DB_Query($sql);
if ($result && (DB_numRows($result) > 0)) {
--- 676,680 ----
= 'SELECT owner_id, group_id, perm_owner, perm_group, perm_members, perm_anon ' . ' FROM ' . $_TABLES['stories']
. ' WHERE sid=\'' . $this->_sid . '\'';
! $result = DB_query($sql);
if ($result && (DB_numRows($result) > 0)) {
***************
*** 712,716 ****
/* Load up the topic name and icon */
! $topic = DB_Query("SELECT topic, imageurl FROM {$_TABLES['topics']} WHERE tid='{$this->_tid}'");
$topic = DB_fetchArray($topic);
$this->_topic = $topic['topic'];
--- 700,704 ----
/* Load up the topic name and icon */
! $topic = DB_query("SELECT topic, imageurl FROM {$_TABLES['topics']} WHERE tid='{$this->_tid}'");
$topic = DB_fetchArray($topic);
$this->_topic = $topic['topic'];
***************
*** 1651,1660 ****
/* Then grab the permissions */
// Convert array values to numeric permission values
! list($this->_perm_owner, $this->_perm_group, $this->_perm_members, $this->_perm_anon) = SEC_getPermissionValues(
! $array['perm_owner'],
! $array['perm_group'],
! $array['perm_members'],
! $array['perm_anon']);
}
--- 1639,1656 ----
/* Then grab the permissions */
+
// Convert array values to numeric permission values
! if (is_array($array['perm_owner']) || is_array($array['perm_group']) ||
! is_array($array['perm_members']) ||
! is_array($array['perm_anon'])) {
!
! list($this->_perm_owner, $this->_perm_group, $this->_perm_members, $this->_perm_anon) = SEC_getPermissionValues($array['perm_owner'], $array['perm_group'], $array['perm_members'], $array['perm_anon']);
!
! } else {
! $this->_perm_owner = $array['perm_owner'];
! $this->_perm_group = $array['perm_group'];
! $this->_perm_members = $array['perm_members'];
! $this->_perm_anon = $array['perm_anon'];
! }
}
***************
*** 1775,1777 ****
}
}
! ?>
\ No newline at end of file
--- 1771,1773 ----
}
}
! ?>
More information about the geeklog-cvs
mailing list