diff options
Diffstat (limited to 'central/trunk')
-rw-r--r-- | central/trunk/xmlrpc.php | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/central/trunk/xmlrpc.php b/central/trunk/xmlrpc.php index ab64d53..f8f5beb 100644 --- a/central/trunk/xmlrpc.php +++ b/central/trunk/xmlrpc.php | |||
@@ -80,7 +80,9 @@ function sendFromUpdate($subscriptionSeriesURL, $subscriptionID, $title, $author | |||
80 | $subscriptionURL = instaDisc_resolveSubscription($subscriptionSeriesURL, $subscriptionID); | 80 | $subscriptionURL = instaDisc_resolveSubscription($subscriptionSeriesURL, $subscriptionID); |
81 | if ($subscriptionURL != 'false') | 81 | if ($subscriptionURL != 'false') |
82 | { | 82 | { |
83 | $getsed = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscriptionSeriesURL) . "\" AND identity = \"" . mysql_real_escape_string($subscriptionID) . "\""; | 83 | $subscriptionURL = $subscriptionURL['url']; |
84 | |||
85 | $getsed = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscriptionURL) . "\""; | ||
84 | $getsed2 = mysql_query($getsed); | 86 | $getsed2 = mysql_query($getsed); |
85 | $i=0; | 87 | $i=0; |
86 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) | 88 | while ($getsed3[$i] = mysql_fetch_array($getsed2)) |
@@ -99,12 +101,12 @@ function deleteSubscription($username, $verification, $verificationID, $subscrip | |||
99 | { | 101 | { |
100 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 102 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
101 | { | 103 | { |
102 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\""; | 104 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\""; |
103 | $getsub2 = mysql_query($getsub); | 105 | $getsub2 = mysql_query($getsub); |
104 | $getsub3 = mysql_fetch_array($getsub2); | 106 | $getsub3 = mysql_fetch_array($getsub2); |
105 | if ($getsub3['url'] == $subscription) | 107 | if ($getsub3['url'] == $subscription) |
106 | { | 108 | { |
107 | $delsub = "DELETE FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\""; | 109 | $delsub = "DELETE FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\""; |
108 | $delsub2 = mysql_query($delsub); | 110 | $delsub2 = mysql_query($delsub); |
109 | 111 | ||
110 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 112 | return new xmlrpcresp(new xmlrpcval(0, "int")); |
@@ -118,12 +120,12 @@ function addSubscription($username, $verification, $verificationID, $subscriptio | |||
118 | { | 120 | { |
119 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) | 121 | if (instaDisc_checkVerification($username, $verification, $verificationID, 'users', 'username', 'password')) |
120 | { | 122 | { |
121 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\" AND owner = \"false\""; | 123 | $getsub = "SELECT * FROM subscriptions WHERE url = \"" . mysql_real_escape_string($subscription) . "\" AND username = \"" . mysql_real_escape_string($username) . "\""; |
122 | $getsub2 = mysql_query($getsub); | 124 | $getsub2 = mysql_query($getsub) or die($getsub); |
123 | $getsub3 = mysql_fetch_array($getsub2); | 125 | $getsub3 = mysql_fetch_array($getsub2); |
124 | if ($getsub3['url'] != $subscription) | 126 | if ($getsub3['url'] != $subscription) |
125 | { | 127 | { |
126 | $inssub = "INSERT INTO subscriptions (url, username, owner, category) VALUES (\"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($username) . "\", \"false\", \"" . mysql_real_escape_string($category) . "\")"; | 128 | $inssub = "INSERT INTO subscriptions (url, username, category) VALUES (\"" . mysql_real_escape_string($subscription) . "\", \"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($category) . "\")"; |
127 | $inssub2 = mysql_query($inssub); | 129 | $inssub2 = mysql_query($inssub); |
128 | 130 | ||
129 | return new xmlrpcresp(new xmlrpcval(0, "int")); | 131 | return new xmlrpcresp(new xmlrpcval(0, "int")); |