Project

General

Profile

« Previous | Next » 

Revision 40

Added by stefan over 19 years ago

Change addslashes,stripslashes to (wb class) method calls add_slashes,strip_slashes

View differences:

view.php
55 55
	while($group = $query_users->fetchRow()) {
56 56
		// Insert user info into users array
57 57
		$group_id = $group['group_id'];
58
		$groups[$group_id]['title'] = $this->stripslashes($group['title']);
58
		$groups[$group_id]['title'] = $this->strip_slashes($group['title']);
59 59
		$groups[$group_id]['active'] = $group['active'];
60 60
		if(file_exists(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg')) {
61 61
			$groups[$group_id]['image'] = WB_URL.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg';
......
82 82
	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
83 83
	if($query_settings->numRows() > 0) {
84 84
		$fetch_settings = $query_settings->fetchRow();
85
		$setting_header = $this->stripslashes($fetch_settings['header']);
86
		$setting_post_loop = $this->stripslashes($fetch_settings['post_loop']);
87
		$setting_footer = $this->stripslashes($fetch_settings['footer']);
85
		$setting_header = $this->strip_slashes($fetch_settings['header']);
86
		$setting_post_loop = $this->strip_slashes($fetch_settings['post_loop']);
87
		$setting_footer = $this->strip_slashes($fetch_settings['footer']);
88 88
		$setting_posts_per_page = $fetch_settings['posts_per_page'];
89 89
	} else {
90 90
		$setting_header = '';
......
185 185
				if($group_image == '') { $display_image = 'none'; } else { $display_image = ''; }
186 186
				if($group_id == 0) { $display_group = 'none'; } else { $display_group = ''; }
187 187
				// Replace [wblink--PAGE_ID--] with real link
188
				$short = $this->stripslashes($post['short']);
188
				$short = $this->strip_slashes($post['short']);
189 189
				$this->preprocess($short);
190 190
				// Replace vars with values
191 191
				$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[LINK]', '[DATE]', '[TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]', '[TEXT_READ_MORE]');
192 192
				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
193
					$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->stripslashes($post['title']), $short, $post_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $TEXT['READ_MORE']);
193
					$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $short, $post_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $TEXT['READ_MORE']);
194 194
				} else {
195
					$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->stripslashes($post['title']), $short, $post_link, $post_date, $post_time, '', '', '', '', $TEXT['READ_MORE']);
195
					$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $short, $post_link, $post_date, $post_time, '', '', '', '', $TEXT['READ_MORE']);
196 196
				}
197 197
				echo str_replace($vars, $values, $setting_post_loop);
198 198
			}
......
212 212
	$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
213 213
	if($query_settings->numRows() > 0) {
214 214
		$fetch_settings = $query_settings->fetchRow();
215
		$setting_post_header = $this->stripslashes($fetch_settings['post_header']);
216
		$setting_post_footer = $this->stripslashes($fetch_settings['post_footer']);
217
		$setting_comments_header = $this->stripslashes($fetch_settings['comments_header']);
218
		$setting_comments_loop = $this->stripslashes($fetch_settings['comments_loop']);
219
		$setting_comments_footer = $this->stripslashes($fetch_settings['comments_footer']);
215
		$setting_post_header = $this->strip_slashes($fetch_settings['post_header']);
216
		$setting_post_footer = $this->strip_slashes($fetch_settings['post_footer']);
217
		$setting_comments_header = $this->strip_slashes($fetch_settings['comments_header']);
218
		$setting_comments_loop = $this->strip_slashes($fetch_settings['comments_loop']);
219
		$setting_comments_footer = $this->strip_slashes($fetch_settings['comments_footer']);
220 220
	} else {
221 221
		$setting_post_header = '';
222 222
		$setting_post_footer = '';
......
258 258
			if($group_id == 0) { $display_group = 'none'; } else { $display_group = ''; }
259 259
			$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[BACK]', '[DATE]', '[TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]');
260 260
			if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
261
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->stripslashes($post['title']), $this->stripslashes($post['short']), $page_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email']);
261
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $this->strip_slashes($post['short']), $page_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email']);
262 262
			} else {
263
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->stripslashes($post['title']), $this->stripslashes($post['short']), $page_link, $post_date, $post_time, '', '', '', '');
263
				$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $this->strip_slashes($post['short']), $page_link, $post_date, $post_time, '', '', '', '');
264 264
			}
265
			$post_long = $this->stripslashes($post['long']);
265
			$post_long = $this->strip_slashes($post['long']);
266 266
		}
267 267
	} else {
268 268
		header('Location: '.WB_URL.'/pages/');
......
290 290
		if($query_comments->numRows() > 0) {
291 291
			while($comment = $query_comments->fetchRow()) {
292 292
				// Display Comments without slashes, but with new-line characters
293
				$comment['comment'] = nl2br($this->stripslashes($comment['comment']));
294
				$comment['title'] = $this->stripslashes($comment['title']);
293
				$comment['comment'] = nl2br($this->strip_slashes($comment['comment']));
294
				$comment['title'] = $this->strip_slashes($comment['title']);
295 295
				// Print comments loop
296 296
				$commented_date = gmdate(DATE_FORMAT, $comment['commented_when']+TIMEZONE);
297 297
				$commented_time = gmdate(TIME_FORMAT, $comment['commented_when']+TIMEZONE);
298 298
				$uid = $comment['commented_by'];
299 299
				$vars = array('[TITLE]','[COMMENT]','[DATE]','[TIME]','[USER_ID]','[USERNAME]','[DISPLAY_NAME]', '[EMAIL]');
300 300
				if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
301
					$values = array($this->stripslashes($comment['title']), $this->stripslashes($comment['comment']), $commented_date, $commented_time, $uid, $this->stripslashes($users[$uid]['username']), $this->stripslashes($users[$uid]['display_name']), $this->stripslashes($users[$uid]['email']));
301
					$values = array($this->strip_slashes($comment['title']), $this->strip_slashes($comment['comment']), $commented_date, $commented_time, $uid, $this->strip_slashes($users[$uid]['username']), $this->strip_slashes($users[$uid]['display_name']), $this->strip_slashes($users[$uid]['email']));
302 302
				} else {
303
					$values = array($this->stripslashes($comment['title']), $this->stripslashes($comment['comment']), $commented_date, $commented_time, '0', strtolower($TEXT['UNKNOWN']), $TEXT['UNKNOWN'], '');
303
					$values = array($this->strip_slashes($comment['title']), $this->strip_slashes($comment['comment']), $commented_date, $commented_time, '0', strtolower($TEXT['UNKNOWN']), $TEXT['UNKNOWN'], '');
304 304
				}
305 305
				echo str_replace($vars, $values, $setting_comments_loop);
306 306
			}

Also available in: Unified diff