Revision 42
Added by stefan about 20 years ago
| view.php | ||
|---|---|---|
| 55 | 55 |
while($group = $query_users->fetchRow()) {
|
| 56 | 56 |
// Insert user info into users array |
| 57 | 57 |
$group_id = $group['group_id']; |
| 58 |
$groups[$group_id]['title'] = $this->strip_slashes($group['title']); |
|
| 58 |
$groups[$group_id]['title'] = $this->strip_slashes_dummy($group['title']);
|
|
| 59 | 59 |
$groups[$group_id]['active'] = $group['active']; |
| 60 | 60 |
if(file_exists(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg')) {
|
| 61 | 61 |
$groups[$group_id]['image'] = WB_URL.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg'; |
| ... | ... | |
| 82 | 82 |
$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
|
| 83 | 83 |
if($query_settings->numRows() > 0) {
|
| 84 | 84 |
$fetch_settings = $query_settings->fetchRow(); |
| 85 |
$setting_header = $this->strip_slashes($fetch_settings['header']); |
|
| 86 |
$setting_post_loop = $this->strip_slashes($fetch_settings['post_loop']); |
|
| 87 |
$setting_footer = $this->strip_slashes($fetch_settings['footer']); |
|
| 85 |
$setting_header = $this->strip_slashes_dummy($fetch_settings['header']);
|
|
| 86 |
$setting_post_loop = $this->strip_slashes_dummy($fetch_settings['post_loop']);
|
|
| 87 |
$setting_footer = $this->strip_slashes_dummy($fetch_settings['footer']);
|
|
| 88 | 88 |
$setting_posts_per_page = $fetch_settings['posts_per_page']; |
| 89 | 89 |
} else {
|
| 90 | 90 |
$setting_header = ''; |
| ... | ... | |
| 185 | 185 |
if($group_image == '') { $display_image = 'none'; } else { $display_image = ''; }
|
| 186 | 186 |
if($group_id == 0) { $display_group = 'none'; } else { $display_group = ''; }
|
| 187 | 187 |
// Replace [wblink--PAGE_ID--] with real link |
| 188 |
$short = $this->strip_slashes($post['short']); |
|
| 188 |
$short = $this->strip_slashes_dummy($post['short']);
|
|
| 189 | 189 |
$this->preprocess($short); |
| 190 | 190 |
// Replace vars with values |
| 191 | 191 |
$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[LINK]', '[DATE]', '[TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]', '[TEXT_READ_MORE]');
|
| 192 | 192 |
if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
|
| 193 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $short, $post_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $TEXT['READ_MORE']); |
|
| 193 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes_dummy($post['title']), $short, $post_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email'], $TEXT['READ_MORE']);
|
|
| 194 | 194 |
} else {
|
| 195 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $short, $post_link, $post_date, $post_time, '', '', '', '', $TEXT['READ_MORE']); |
|
| 195 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes_dummy($post['title']), $short, $post_link, $post_date, $post_time, '', '', '', '', $TEXT['READ_MORE']);
|
|
| 196 | 196 |
} |
| 197 | 197 |
echo str_replace($vars, $values, $setting_post_loop); |
| 198 | 198 |
} |
| ... | ... | |
| 212 | 212 |
$query_settings = $database->query("SELECT * FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
|
| 213 | 213 |
if($query_settings->numRows() > 0) {
|
| 214 | 214 |
$fetch_settings = $query_settings->fetchRow(); |
| 215 |
$setting_post_header = $this->strip_slashes($fetch_settings['post_header']); |
|
| 216 |
$setting_post_footer = $this->strip_slashes($fetch_settings['post_footer']); |
|
| 217 |
$setting_comments_header = $this->strip_slashes($fetch_settings['comments_header']); |
|
| 218 |
$setting_comments_loop = $this->strip_slashes($fetch_settings['comments_loop']); |
|
| 219 |
$setting_comments_footer = $this->strip_slashes($fetch_settings['comments_footer']); |
|
| 215 |
$setting_post_header = $this->strip_slashes_dummy($fetch_settings['post_header']);
|
|
| 216 |
$setting_post_footer = $this->strip_slashes_dummy($fetch_settings['post_footer']);
|
|
| 217 |
$setting_comments_header = $this->strip_slashes_dummy($fetch_settings['comments_header']);
|
|
| 218 |
$setting_comments_loop = $this->strip_slashes_dummy($fetch_settings['comments_loop']);
|
|
| 219 |
$setting_comments_footer = $this->strip_slashes_dummy($fetch_settings['comments_footer']);
|
|
| 220 | 220 |
} else {
|
| 221 | 221 |
$setting_post_header = ''; |
| 222 | 222 |
$setting_post_footer = ''; |
| ... | ... | |
| 258 | 258 |
if($group_id == 0) { $display_group = 'none'; } else { $display_group = ''; }
|
| 259 | 259 |
$vars = array('[PAGE_TITLE]', '[GROUP_ID]', '[GROUP_TITLE]', '[GROUP_IMAGE]', '[DISPLAY_GROUP]', '[DISPLAY_IMAGE]', '[TITLE]', '[SHORT]', '[BACK]', '[DATE]', '[TIME]', '[USER_ID]', '[USERNAME]', '[DISPLAY_NAME]', '[EMAIL]');
|
| 260 | 260 |
if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
|
| 261 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $this->strip_slashes($post['short']), $page_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email']);
|
|
| 261 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes_dummy($post['title']), $this->strip_slashes_dummy($post['short']), $page_link, $post_date, $post_time, $uid, $users[$uid]['username'], $users[$uid]['display_name'], $users[$uid]['email']);
|
|
| 262 | 262 |
} else {
|
| 263 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes($post['title']), $this->strip_slashes($post['short']), $page_link, $post_date, $post_time, '', '', '', '');
|
|
| 263 |
$values = array(PAGE_TITLE, $group_id, $group_title, $group_image, $display_group, $display_image, $this->strip_slashes_dummy($post['title']), $this->strip_slashes_dummy($post['short']), $page_link, $post_date, $post_time, '', '', '', '');
|
|
| 264 | 264 |
} |
| 265 |
$post_long = $this->strip_slashes($post['long']); |
|
| 265 |
$post_long = $this->strip_slashes_dummy($post['long']);
|
|
| 266 | 266 |
} |
| 267 | 267 |
} else {
|
| 268 | 268 |
header('Location: '.WB_URL.'/pages/');
|
| ... | ... | |
| 290 | 290 |
if($query_comments->numRows() > 0) {
|
| 291 | 291 |
while($comment = $query_comments->fetchRow()) {
|
| 292 | 292 |
// Display Comments without slashes, but with new-line characters |
| 293 |
$comment['comment'] = nl2br($this->strip_slashes($comment['comment'])); |
|
| 294 |
$comment['title'] = $this->strip_slashes($comment['title']); |
|
| 293 |
$comment['comment'] = nl2br($this->strip_slashes_dummy($comment['comment']));
|
|
| 294 |
$comment['title'] = $this->strip_slashes_dummy($comment['title']);
|
|
| 295 | 295 |
// Print comments loop |
| 296 | 296 |
$commented_date = gmdate(DATE_FORMAT, $comment['commented_when']+TIMEZONE); |
| 297 | 297 |
$commented_time = gmdate(TIME_FORMAT, $comment['commented_when']+TIMEZONE); |
| 298 | 298 |
$uid = $comment['commented_by']; |
| 299 | 299 |
$vars = array('[TITLE]','[COMMENT]','[DATE]','[TIME]','[USER_ID]','[USERNAME]','[DISPLAY_NAME]', '[EMAIL]');
|
| 300 | 300 |
if(isset($users[$uid]['username']) AND $users[$uid]['username'] != '') {
|
| 301 |
$values = array($this->strip_slashes($comment['title']), $this->strip_slashes($comment['comment']), $commented_date, $commented_time, $uid, $this->strip_slashes($users[$uid]['username']), $this->strip_slashes($users[$uid]['display_name']), $this->strip_slashes($users[$uid]['email']));
|
|
| 301 |
$values = array($this->strip_slashes_dummy($comment['title']), $this->strip_slashes_dummy($comment['comment']), $commented_date, $commented_time, $uid, $this->strip_slashes_dummy($users[$uid]['username']), $this->strip_slashes_dummy($users[$uid]['display_name']), $this->strip_slashes_dummy($users[$uid]['email']));
|
|
| 302 | 302 |
} else {
|
| 303 |
$values = array($this->strip_slashes($comment['title']), $this->strip_slashes($comment['comment']), $commented_date, $commented_time, '0', strtolower($TEXT['UNKNOWN']), $TEXT['UNKNOWN'], '');
|
|
| 303 |
$values = array($this->strip_slashes_dummy($comment['title']), $this->strip_slashes_dummy($comment['comment']), $commented_date, $commented_time, '0', strtolower($TEXT['UNKNOWN']), $TEXT['UNKNOWN'], '');
|
|
| 304 | 304 |
} |
| 305 | 305 |
echo str_replace($vars, $values, $setting_comments_loop); |
| 306 | 306 |
} |
Also available in: Unified diff
Changed most occurrences of strip_slashes to new dummy method strip_slashes_dummy.