Project

General

Profile

« Previous | Next » 

Revision 1486

Added by DarkViper over 13 years ago

database::field_modify() there was a bug to fix
all other files: fixed SQL-statements to SQL-strict

View differences:

class.frontend.php
69 69 
		}
70 70 
		// Check if we should add page language sql code
71 71 
		if(PAGE_LANGUAGES) {
72 
			$this->sql_where_language = " AND language = '".LANGUAGE."'";
72 
			$this->sql_where_language = ' AND `language`=\''.LANGUAGE.'\'';
73 73 
		}
74 74 
		// Get default page
75 75 
		// Check for a page id
76 76 
		$table_p = TABLE_PREFIX.'pages';
77 77 
		$table_s = TABLE_PREFIX.'sections';
78 78 
		$now = time();
79 
		$query_default = "
80 
			SELECT `p`.`page_id`, `link`
81 
			FROM `$table_p` AS `p` INNER JOIN `$table_s` USING(`page_id`)
82 
			WHERE `parent` = '0' AND `visibility` = 'public'
83 
			AND (($now>=`publ_start` OR `publ_start`=0) AND ($now<=`publ_end` OR `publ_end`=0))
84 
			$this->sql_where_language
85 
			ORDER BY `p`.`position` ASC LIMIT 1";
86 
		$get_default = $database->query($query_default);
79 
		$sql  = 'SELECT `p`.`page_id`, `link` ';
80 
		$sql .= 'FROM `'.$table_p.'` AS `p` INNER JOIN `'.$table_s.'` USING(`page_id`) ';
81 
		$sql .= 'WHERE `parent`=0 AND `visibility`=\'public\' ';
82 
		$sql .=     'AND (('.$now.'>=`publ_start` OR `publ_start`=0) ';
83 
		$sql .=     'AND ('.$now.'<=`publ_end` OR `publ_end`=0)) ';
84 
		if(trim($this->sql_where_language) != '') {
85 
			$sql .= trim($this->sql_where_language).' ';
86 
		}
87 
		$sql .= 'ORDER BY `p`.`position` ASC';
88 
		$get_default = $database->query($sql);
87 89 
		$default_num_rows = $get_default->numRows();
88 90 
		if(!isset($page_id) OR !is_numeric($page_id)){
89 91 
			// Go to or show default page
......
121 123 
		global $database;
122 124 
	    if($this->page_id != 0) {
123 125 
			// Query page details
124 
			$query_page = "SELECT * FROM ".TABLE_PREFIX."pages WHERE page_id = '{$this->page_id}'";
125 
			$get_page = $database->query($query_page);
126 
			$sql = 'SELECT * FROM `'.TABLE_PREFIX.'pages` WHERE `page_id`='.(int)$this->page_id;
127 
			$get_page = $database->query($sql);
126 128 
			// Make sure page was found in database
127 129 
			if($get_page->numRows() == 0) {
128 130 
				// Print page not found message
......
231 233 

  		




  232
  234
  
    
		// set visibility SQL code


  		




  233
  235
  
    
		// never show no-vis, hidden or deleted pages


  		




  234
  
  
    
		$this->extra_where_sql = "visibility != 'none' AND visibility != 'hidden' AND visibility != 'deleted'";


  		




  
  236
  
    
		$this->extra_where_sql = '`visibility`!=\'none\' AND `visibility`!=\'hidden\' AND `visibility`!=\'deleted\'';


  		




  235
  237
  
    
		// Set extra private sql code


  		




  236
  238
  
    
		if($this->is_authenticated()==false) {


  		




  237
  239
  
    
			// if user is not authenticated, don't show private pages either


  		




  238
  
  
    
			$this->extra_where_sql .= " AND visibility != 'private'";


  		




  
  240
  
    
			$this->extra_where_sql .= ' AND `visibility`!=\'private\'';


  		




  239
  241
  
    
			// and 'registered' without frontend login doesn't make much sense!


  		




  240
  242
  
    
			if (FRONTEND_LOGIN==false) {


  		




  241
  
  
    
				$this->extra_where_sql .= " AND visibility != 'registered'";


  		




  
  243
  
    
				$this->extra_where_sql .= ' AND `visibility`!=\'registered\'';


  		




  242
  244
  
    
			}


  		




  243
  245
  
    
		}


  		




  244
  246
  
    
		$this->extra_where_sql .= $this->sql_where_language;


  		




  ......




  370
  372
  
    
	       return;


  		




  371
  373
  
    
		// Check if we should add menu number check to query


  		




  372
  374
  
    
		if($this->menu_parent == 0) {


  		




  373
  
  
    
			$menu_number = "menu = '$this->menu_number'";


  		




  
  375
  
    
			$menu_number = '`menu`='.intval($this->menu_number);


  		




  374
  376
  
    
		} else {


  		




  375
  377
  
    
			$menu_number = '1';


  		




  376
  378
  
    
		}


  		




  377
  379
  
    
		// Query pages


  		




  378
  
  
    
		$query_menu = $database->query("SELECT page_id,menu_title,page_title,link,target,level,visibility,viewing_groups,viewing_users FROM ".TABLE_PREFIX."pages WHERE parent = '$this->menu_parent' AND $menu_number AND $this->extra_where_sql ORDER BY position ASC");


  		




  
  380
  
    
		$sql  = 'SELECT `page_id`,`menu_title`,`page_title`,`link`,`target`,`level`,';


  		




  
  381
  
    
		$sql .=        '`visibility`,viewing_groups,viewing_users ';


  		




  
  382
  
    
		$sql .= 'FROM `'.TABLE_PREFIX.'pages` ';


  		




  
  383
  
    
		$sql .= 'WHERE `parent`='.(int)$this->menu_parent.' AND '.$menu_number.' AND '.$this->extra_where_sql.' ';


  		




  
  384
  
    
		$sql .= 'ORDER BY `position` ASC';


  		




  
  385
  
    
		$query_menu = $database->query($sql);


  		




  379
  386
  
    
		// Check if there are any pages to show


  		




  380
  387
  
    
		if($query_menu->numRows() > 0) {


  		




  381
  388
  
    
			// Print menu header


  		












Also available in:  Unified diff