diff options
| author | Starla Insigna <starla4444@gmail.com> | 2010-12-11 14:05:05 -0500 |
|---|---|---|
| committer | Starla Insigna <starla4444@gmail.com> | 2010-12-11 14:05:05 -0500 |
| commit | 74db7a24d9c2230b104979f4e4981c57ff73de71 (patch) | |
| tree | 3059bb0a955a662cd9e04208eb6276071cea4c8a /includes/functions.php | |
| parent | 9efe4feaf5e19e51a18a229a6db36c5508e9faea (diff) | |
| download | fourisland-74db7a24d9c2230b104979f4e4981c57ff73de71.tar.gz fourisland-74db7a24d9c2230b104979f4e4981c57ff73de71.tar.bz2 fourisland-74db7a24d9c2230b104979f4e4981c57ff73de71.zip | |
Made Four Island 2 a little more sane
I spent the last few hours sanitizing the database and fixing huge bugs in the code. Among the changes made were: - "Theoretically related posts" have been removed due to the lack of FULLTEXT index support in InnoDB tables - Removed tons of stripslashes() calls that were used to remove slashes from records before I realized (while doing all of this work) that magic_quotes_gpc was on for some reason. I mean, like, come on! - Replaced all non-library uses of htmlentities() with htmlspecialchars(), which basically does the same thing except it doesn't mangle Unicode. - Completely eradicated polls. Note that this does mean that all database backups prior to December 11th 2010 are now incompatible with Four Island.
Diffstat (limited to 'includes/functions.php')
| -rwxr-xr-x | includes/functions.php | 99 |
1 files changed, 1 insertions, 98 deletions
| diff --git a/includes/functions.php b/includes/functions.php index aed4516..b42ca7d 100755 --- a/includes/functions.php +++ b/includes/functions.php | |||
| @@ -62,20 +62,6 @@ function dispIfNotOld($datTim) | |||
| 62 | } | 62 | } |
| 63 | } | 63 | } |
| 64 | 64 | ||
| 65 | function getpercent($getpoll3,$num) | ||
| 66 | { | ||
| 67 | $maxper = ($getpoll3['clicks1'] + $getpoll3['clicks2'] + $getpoll3['clicks3'] + $getpoll3['clicks4']); | ||
| 68 | |||
| 69 | if ($maxper == 0) | ||
| 70 | { | ||
| 71 | return 0; | ||
| 72 | } else { | ||
| 73 | $percent = round(($getpoll3['clicks' . $num] / $maxper) * 100); | ||
| 74 | } | ||
| 75 | |||
| 76 | return($percent); | ||
| 77 | } | ||
| 78 | |||
| 79 | function generateSlug($title,$table) | 65 | function generateSlug($title,$table) |
| 80 | { | 66 | { |
| 81 | $title = preg_replace('/[^A-Za-z0-9]/','-',$title); | 67 | $title = preg_replace('/[^A-Za-z0-9]/','-',$title); |
| @@ -110,7 +96,7 @@ function postBlogPost($title,$author,$tags,$content) | |||
| 110 | { | 96 | { |
| 111 | $slug = generateSlug($title,'updates'); | 97 | $slug = generateSlug($title,'updates'); |
| 112 | 98 | ||
| 113 | $inspost = "INSERT INTO updates (title,slug,author,text) VALUES (\"" . $title . "\",\"" . $slug . "\",\"" . $author . "\",\"" . mysql_real_escape_string($content) . "\")"; | 99 | $inspost = "INSERT INTO updates (title,slug,author,text) VALUES (\"" . mysql_real_escape_string($title) . "\",\"" . $slug . "\",\"" . $author . "\",\"" . mysql_real_escape_string($content) . "\")"; |
| 114 | $inspost2 = mysql_query($inspost); | 100 | $inspost2 = mysql_query($inspost); |
| 115 | 101 | ||
| 116 | $id = mysql_insert_id(); | 102 | $id = mysql_insert_id(); |
| @@ -269,31 +255,6 @@ if (!function_exists('unique_id')) | |||
| 269 | } | 255 | } |
| 270 | } | 256 | } |
| 271 | 257 | ||
| 272 | function displayRelated($title, $avoid = 0) | ||
| 273 | { | ||
| 274 | $getrelated = "SELECT *, MATCH (title, text) AGAINST (\"" . mysql_real_escape_string($title) . "\") AS score FROM updates WHERE MATCH (title, text) AGAINST (\"" . mysql_real_escape_string($title) . "\") AND id <> " . $avoid . " LIMIT 0,5"; | ||
| 275 | $getrelated2 = mysql_query($getrelated); | ||
| 276 | $i=0; | ||
| 277 | while ($getrelated3[$i] = mysql_fetch_array($getrelated2)) | ||
| 278 | { | ||
| 279 | if ($i==0) | ||
| 280 | { | ||
| 281 | $template = new FITemplate('related'); | ||
| 282 | } | ||
| 283 | |||
| 284 | $template->adds_block('POST', array( 'TITLE' => doAprilFoolsDay(htmlentities(stripslashes($getrelated3[$i]['title']))), | ||
| 285 | 'CODED' => $getrelated3[$i]['slug'], | ||
| 286 | 'AUTHOR' => $getrelated3[$i]['author'], | ||
| 287 | 'DATE' => date('F jS Y',strtotime($getrelated3[$i]['pubDate'])))); | ||
| 288 | $i++; | ||
| 289 | } | ||
| 290 | |||
| 291 | if ($i > 0) | ||
| 292 | { | ||
| 293 | $template->display(); | ||
| 294 | } | ||
| 295 | } | ||
| 296 | |||
| 297 | function getCommentUrl($getcomment3) | 258 | function getCommentUrl($getcomment3) |
| 298 | { | 259 | { |
| 299 | $page_id = $getcomment3['page_id']; | 260 | $page_id = $getcomment3['page_id']; |
| @@ -307,62 +268,12 @@ function getCommentUrl($getcomment3) | |||
| 307 | $getupdate3 = mysql_fetch_array($getupdate2); | 268 | $getupdate3 = mysql_fetch_array($getupdate2); |
| 308 | 269 | ||
| 309 | return '/blog/' . $getupdate3['slug'] . '/'; | 270 | return '/blog/' . $getupdate3['slug'] . '/'; |
| 310 | } else if ($comType == 'polloftheweek') | ||
| 311 | { | ||
| 312 | return '/poll/' . $comID . '.php'; | ||
| 313 | } else if ($comType == 'quote') | 271 | } else if ($comType == 'quote') |
| 314 | { | 272 | { |
| 315 | return '/quotes/' . $comID . '.php'; | 273 | return '/quotes/' . $comID . '.php'; |
| 316 | } | 274 | } |
| 317 | } | 275 | } |
| 318 | 276 | ||
| 319 | function getPollOfTheWeek($id = -1) | ||
| 320 | { | ||
| 321 | static $showed_form = false; | ||
| 322 | |||
| 323 | $potw = new FITemplate('polloftheweek'); | ||
| 324 | |||
| 325 | if ($id == -1) | ||
| 326 | { | ||
| 327 | $getpoll = "SELECT * FROM polloftheweek ORDER BY id DESC LIMIT 0,1"; | ||
| 328 | } else { | ||
| 329 | $getpoll = "SELECT * FROM polloftheweek WHERE id = " . $id; | ||
| 330 | } | ||
| 331 | $getpoll2 = mysql_query($getpoll); | ||
| 332 | $getpoll3 = mysql_fetch_array($getpoll2); | ||
| 333 | |||
| 334 | $potw->add('ID', $getpoll3['id']); | ||
| 335 | $potw->add('QUESTION', doAprilFoolsDay(stripslashes(htmlentities($getpoll3['question'])))); | ||
| 336 | $potw->add('OPTION1', doAprilFoolsDay(stripslashes(htmlentities($getpoll3['option1'])))); | ||
| 337 | $potw->add('OPTION2', doAprilFoolsDay(stripslashes(htmlentities($getpoll3['option2'])))); | ||
| 338 | $potw->add('OPTION3', doAprilFoolsDay(stripslashes(htmlentities($getpoll3['option3'])))); | ||
| 339 | $potw->add('OPTION4', doAprilFoolsDay(stripslashes(htmlentities($getpoll3['option4'])))); | ||
| 340 | |||
| 341 | $getip = "SELECT * FROM didpollalready WHERE ip = \"" . $_SERVER['REMOTE_ADDR'] . "\""; | ||
| 342 | $getip2 = mysql_query($getip); | ||
| 343 | $getip3 = mysql_fetch_array($getip2); | ||
| 344 | |||
| 345 | if (($getip3['ip'] != $_SERVER['REMOTE_ADDR']) && ($id == -1) && ($showed_form == false)) | ||
| 346 | { | ||
| 347 | $potw->adds_block('FORM',array('exi'=>1)); | ||
| 348 | $showed_form = true; | ||
| 349 | } else { | ||
| 350 | $potw->adds_block('DISPLAY',array('exi'=>1)); | ||
| 351 | |||
| 352 | $potw->add('PERCENT1', getpercent($getpoll3,'1')); | ||
| 353 | $potw->add('PERCENT2', getpercent($getpoll3,'2')); | ||
| 354 | $potw->add('PERCENT3', getpercent($getpoll3,'3')); | ||
| 355 | $potw->add('PERCENT4', getpercent($getpoll3,'4')); | ||
| 356 | } | ||
| 357 | |||
| 358 | ob_start(); | ||
| 359 | $potw->display(); | ||
| 360 | $result = ob_get_contents(); | ||
| 361 | ob_end_clean(); | ||
| 362 | |||
| 363 | return $result; | ||
| 364 | } | ||
| 365 | |||
| 366 | function getTagColor($i) | 277 | function getTagColor($i) |
| 367 | { | 278 | { |
| 368 | switch ($i % 7) | 279 | switch ($i % 7) |
| @@ -417,14 +328,6 @@ function getRewriteURL() | |||
| 417 | } else { | 328 | } else { |
| 418 | return '/blog/'; | 329 | return '/blog/'; |
| 419 | } | 330 | } |
| 420 | } else if ($_GET['area'] == 'poll') | ||
| 421 | { | ||
| 422 | if (isset($_GET['id'])) | ||
| 423 | { | ||
| 424 | return '/poll/' . $_GET['id'] . '.php'; | ||
| 425 | } else { | ||
| 426 | return '/poll/'; | ||
| 427 | } | ||
| 428 | } else if ($_GET['area'] == 'quotes') | 331 | } else if ($_GET['area'] == 'quotes') |
| 429 | { | 332 | { |
| 430 | if (isset($_GET['act'])) | 333 | if (isset($_GET['act'])) |