more guid stuff
This commit is contained in:
JT Smith
parent
c60613ac2c
commit
22994e8373
20 changed files with 126 additions and 125 deletions
|
|
@ -252,9 +252,8 @@ alter table userProfileField change profileCategoryId profileCategoryId char(22)
|
|||
alter table userSession change sessionId sessionId char(22) not null;
|
||||
alter table userSessionScratch change sessionId sessionId char(22) not null;
|
||||
alter table users change referringAffiliate referringAffiliate char(22) not null;
|
||||
|
||||
delete from incrementer where incrementerId in ("databaseLinkId", "DataForm_entryId", "DataForm_fieldId", "DataForm_tabId", "EventsCalendar_eventId", "EventsCalendar_recurringId", "FileManager_fileId", "forumId", "forumPostId", "forumThreadId", "groupId", "languageId", "Product_benefitId", "Product_featureId", "Product_specificationId", "replacementId", "Survey_answerId", "Survey_id", "Survey_questionId", "Survey_responseId", "USS_id", "USS_submissionId", "wobjectId");
|
||||
|
||||
alter table page change lft nestedSetLeft int(11);
|
||||
alter table page change rgt nestedSetRight int(11);
|
||||
alter table page change id id char(22);
|
||||
delete from incrementer where incrementerId in ("collateralId","pageId","databaseLinkId", "DataForm_entryId", "DataForm_fieldId", "DataForm_tabId", "EventsCalendar_eventId", "EventsCalendar_recurringId", "FileManager_fileId", "forumId", "forumPostId", "forumThreadId", "groupId", "languageId", "Product_benefitId", "Product_featureId", "Product_specificationId", "replacementId", "Survey_answerId", "Survey_id", "Survey_questionId", "Survey_responseId", "USS_id", "USS_submissionId", "wobjectId");
|
||||
|
||||
|
|
|
|||
|
|
@ -99,7 +99,8 @@ sub _isValidUsername {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
sub _logLogin {
|
||||
WebGUI::SQL->write("insert into userLoginLog values ('$_[0]','$_[1]',".time().",".quote($session{env}{REMOTE_ADDR}).",".quote($session{env}{HTTP_USER_AGENT}).")");
|
||||
WebGUI::SQL->write("insert into userLoginLog values (".quote($_[0]).",".quote($_[1]).",".time().","
|
||||
.quote($session{env}{REMOTE_ADDR}).",".quote($session{env}{HTTP_USER_AGENT}).")");
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -686,8 +687,8 @@ sub saveParams {
|
|||
my $self = shift;
|
||||
my ($uid, $authMethod, $data) = @_;
|
||||
foreach (keys %{$data}) {
|
||||
WebGUI::SQL->write("delete from authentication where userId=$uid and authMethod=".quote($authMethod)." and fieldName=".quote($_));
|
||||
WebGUI::SQL->write("insert into authentication (userId,authMethod,fieldData,fieldName) values ($uid,".quote($authMethod).",".quote($data->{$_}).",".quote($_).")");
|
||||
WebGUI::SQL->write("delete from authentication where userId=".quote($uid)." and authMethod=".quote($authMethod)." and fieldName=".quote($_));
|
||||
WebGUI::SQL->write("insert into authentication (userId,authMethod,fieldData,fieldName) values (".quote($uid).",".quote($authMethod).",".quote($data->{$_}).",".quote($_).")");
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -17,7 +17,6 @@ use WebGUI::HTMLForm;
|
|||
use WebGUI::Form;
|
||||
use WebGUI::Mail;
|
||||
use WebGUI::Session;
|
||||
use WebGUI::SQL;
|
||||
use WebGUI::Utility;
|
||||
use WebGUI::Operation::Shared;
|
||||
use URI;
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ sub process {
|
|||
$query = "select bufferDate,pageId,title from page where parentId=2 order by bufferDate";
|
||||
} else {
|
||||
$query = "select bufferDate,pageId,title from page where parentId=2 "
|
||||
." and bufferUserId=$session{user}{userId} "
|
||||
." and bufferUserId=".quote($session{user}{userId})
|
||||
." order by bufferDate";
|
||||
}
|
||||
$r = WebGUI::SQL->read($query);
|
||||
|
|
@ -105,7 +105,7 @@ sub process {
|
|||
." order by bufferDate";
|
||||
} else {
|
||||
$query = "select bufferDate,wobjectId,title,namespace from wobject where pageId=2 "
|
||||
." and bufferUserId=$session{user}{userId} "
|
||||
." and bufferUserId=".quote($session{user}{userId})
|
||||
." order by bufferDate";
|
||||
}
|
||||
$r = WebGUI::SQL->read($query);
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ sub process {
|
|||
if ($session{setting}{defaultPage} == $session{page}{pageId}) {
|
||||
$temp = $session{page}{urlizedTitle};
|
||||
} else {
|
||||
($temp) = WebGUI::SQL->quickArray("select urlizedTitle from page where pageId=$session{setting}{defaultPage}",WebGUI::SQL->getSlave);
|
||||
($temp) = WebGUI::SQL->quickArray("select urlizedTitle from page where pageId=".quote($session{setting}{defaultPage}),WebGUI::SQL->getSlave);
|
||||
}
|
||||
$temp = WebGUI::URL::gateway($temp);
|
||||
if ($param[0] ne "linkonly") {
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@ sub process {
|
|||
$format = '%z' if ($format eq "");
|
||||
$output = "";
|
||||
|
||||
($time) = WebGUI::SQL->quickArray("SELECT max(lastEdited) FROM wobject where pageId=$session{page}{pageId}",WebGUI::SQL->getSlave);
|
||||
($time) = WebGUI::SQL->quickArray("SELECT max(lastEdited) FROM wobject where pageId=".quote($session{page}{pageId}),WebGUI::SQL->getSlave);
|
||||
if ($time) {
|
||||
$output = $label.epochToHuman($time,$format);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ sub process {
|
|||
$collateralFolderId = 0 unless ($collateralFolderId);
|
||||
}
|
||||
my @images = WebGUI::SQL->buildArray("select collateralId from collateral
|
||||
where collateralType='image' and collateralFolderId=".$collateralFolderId,WebGUI::SQL->getSlave);
|
||||
where collateralType='image' and collateralFolderId=".quote($collateralFolderId),WebGUI::SQL->getSlave);
|
||||
if (my $collateral = WebGUI::Collateral->new($images[rand($#images+1)])) {
|
||||
return '<img src="'.$collateral->getURL.'" '.$collateral->get("parameters").' />';
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@ sub process {
|
|||
$collateralFolderId = 0 unless ($collateralFolderId);
|
||||
}
|
||||
my @snippets = WebGUI::SQL->buildArray("select collateralId from collateral
|
||||
where collateralType='snippet' and collateralFolderId=".$collateralFolderId,WebGUI::SQL->getSlave);
|
||||
where collateralType='snippet' and collateralFolderId=".quote($collateralFolderId),WebGUI::SQL->getSlave);
|
||||
if (my $collateral = WebGUI::Collateral->new($snippets[rand($#snippets+1)])) {
|
||||
return $collateral->get("parameters");
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -21,7 +21,8 @@ use WebGUI::URL;
|
|||
sub process {
|
||||
my ($sth, %data, $output);
|
||||
tie %data, 'Tie::CPHash';
|
||||
%data = WebGUI::SQL->quickHash("select pageId,parentId,title,urlizedTitle from page where pageId=".($_[0] || $session{page}{parentId}),WebGUI::SQL->getSlave);
|
||||
my $pageid = $_[0] || $session{page}{parentId};
|
||||
%data = WebGUI::SQL->quickHash("select pageId,parentId,title,urlizedTitle from page where pageId=".quote($pageId),WebGUI::SQL->getSlave);
|
||||
if ($data{parentId} == 0) {
|
||||
$output = $data{title} || $session{page}{title};
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -14,7 +14,6 @@ use strict;
|
|||
use WebGUI::International;
|
||||
use WebGUI::Macro;
|
||||
use WebGUI::Session;
|
||||
use WebGUI::SQL;
|
||||
use WebGUI::Template;
|
||||
use WebGUI::URL;
|
||||
use WebGUI::Utility;
|
||||
|
|
|
|||
|
|
@ -79,19 +79,19 @@ sub www_deleteClipboardItemConfirm {
|
|||
if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) {
|
||||
WebGUI::SQL->write("update wobject set pageId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where pageId=2 "
|
||||
."and wobjectId=" . $session{form}{wid}
|
||||
."and wobjectId=" . quote($session{form}{wid})
|
||||
);
|
||||
} else {
|
||||
WebGUI::SQL->write("update wobject set pageId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where pageId=2 "
|
||||
."and wobjectId=" . $session{form}{wid} ." "
|
||||
."and bufferUserId=".$session{user}{userId}
|
||||
."and wobjectId=" . quote($session{form}{wid}) ." "
|
||||
."and bufferUserId=".quote($session{user}{userId})
|
||||
);
|
||||
}
|
||||
WebGUI::ErrorHandler::audit("moved wobject ". $session{form}{wid} ." from clipboard to trash");
|
||||
|
|
@ -99,15 +99,15 @@ sub www_deleteClipboardItemConfirm {
|
|||
if ( ($session{setting}{sharedClipboard} eq "1") || (WebGUI::Grouping::isInGroup(3)) ) {
|
||||
WebGUI::SQL->write("update page set parentId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where parentId=2 "
|
||||
."and pageId=".$session{form}{pageId}
|
||||
."and pageId=".quote($session{form}{pageId})
|
||||
);
|
||||
} else {
|
||||
WebGUI::SQL->write("update page set parentId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where parentId=2 "
|
||||
."and pageId=".$session{form}{pageId} ." "
|
||||
|
|
@ -154,28 +154,28 @@ sub www_emptyClipboardConfirm {
|
|||
if ($allUsers eq "1") {
|
||||
WebGUI::SQL->write("update page set parentId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where parentId=2 ");
|
||||
WebGUI::SQL->write("update wobject set pageId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where pageId=2 ");
|
||||
WebGUI::ErrorHandler::audit("emptied clipboard to trash");
|
||||
} else {
|
||||
WebGUI::SQL->write("update page set parentId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where parentId=2 "
|
||||
."and bufferUserId=".$session{user}{userId});
|
||||
."and bufferUserId=".quote($session{user}{userId}));
|
||||
WebGUI::SQL->write("update wobject set pageId=3, "
|
||||
."bufferDate=".time().", "
|
||||
."bufferUserId=".$session{user}{userId} .", "
|
||||
."bufferUserId=".quote($session{user}{userId}) .", "
|
||||
."bufferPrevId=2 "
|
||||
."where pageId=2 "
|
||||
."and bufferUserId=".$session{user}{userId});
|
||||
."and bufferUserId=".quote($session{user}{userId}));
|
||||
WebGUI::ErrorHandler::audit("emptied user clipboard to trash");
|
||||
}
|
||||
WebGUI::Session::refreshPageInfo($session{page}{pageId});
|
||||
|
|
@ -209,7 +209,7 @@ sub www_manageClipboard {
|
|||
} else {
|
||||
$sth = WebGUI::SQL->read("select pageId,title,urlizedTitle,bufferUserId,bufferDate,bufferPrevId "
|
||||
."from page where parentId=2 and bufferUserId="
|
||||
. $session{user}{userId} . " order by bufferDate");
|
||||
. quote($session{user}{userId}) . " order by bufferDate");
|
||||
}
|
||||
while (@data = $sth->array) {
|
||||
my ($pageId,$title,$urlizedTitle,$bufferUserId,$bufferDate,$bufferPrevId,$url,$htmlData);
|
||||
|
|
@ -220,7 +220,7 @@ sub www_manageClipboard {
|
|||
|
||||
$bufferUserId = $data[3];
|
||||
if ($bufferUserId ne "") {
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".$bufferUserId);
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".quote($bufferUserId));
|
||||
$bufferUserId = '<a href="' .WebGUI::URL::page('op=viewProfile&uid='.$bufferUserId) .'">'
|
||||
.$bufferUsername .'</a>';
|
||||
}
|
||||
|
|
@ -228,7 +228,7 @@ sub www_manageClipboard {
|
|||
$bufferPrevId = $data[5];
|
||||
if ($bufferPrevId ne "") {
|
||||
($bufferPrevId,$url) = WebGUI::SQL->quickArray("select title,urlizedTitle "
|
||||
."from page where pageId=".$bufferPrevId);
|
||||
."from page where pageId=".quote($bufferPrevId));
|
||||
if ($url ne "") {
|
||||
$bufferPrevId = '<a href="'. WebGUI::URL::gateway($url) .'">' .$bufferPrevId .'</a>';
|
||||
}
|
||||
|
|
@ -261,7 +261,7 @@ sub www_manageClipboard {
|
|||
} else {
|
||||
$sth = WebGUI::SQL->read("select wobjectId,namespace,title,bufferUserId,bufferDate,bufferPrevId "
|
||||
. "from wobject where pageId=2 and bufferUserId="
|
||||
. $session{user}{userId} ." order by bufferDate");
|
||||
. quote($session{user}{userId}) ." order by bufferDate");
|
||||
}
|
||||
while (@data = $sth->array) {
|
||||
my ($wobjectId,$namespace,$title,$bufferUserId,$bufferDate,$bufferPrevId,$url,$htmlData);
|
||||
|
|
@ -274,7 +274,7 @@ sub www_manageClipboard {
|
|||
$bufferPrevId = $data[5];
|
||||
if ($bufferPrevId ne "") {
|
||||
($bufferPrevId,$url) = WebGUI::SQL->quickArray("select title,urlizedTitle "
|
||||
."from page where pageId=".$bufferPrevId);
|
||||
."from page where pageId=".quote($bufferPrevId));
|
||||
if ($url ne "") {
|
||||
$bufferPrevId = '<a href="'. WebGUI::URL::gateway($url) .'">' .$bufferPrevId .'</a>';
|
||||
}
|
||||
|
|
@ -283,7 +283,7 @@ sub www_manageClipboard {
|
|||
|
||||
$bufferUserId = $data[3];
|
||||
if ($bufferUserId ne "") {
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".$bufferUserId);
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".quote($bufferUserId));
|
||||
$bufferUserId = '<a href="' .WebGUI::URL::page('op=viewProfile&uid='.$bufferUserId) .'">'
|
||||
.$bufferUsername .'</a>';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -13,6 +13,7 @@ package WebGUI::Operation::Package;
|
|||
use Exporter;
|
||||
use strict qw(vars subs);
|
||||
use WebGUI::Icon;
|
||||
use WebGUI::Id;
|
||||
use WebGUI::Page;
|
||||
use WebGUI::Privilege;
|
||||
use WebGUI::Session;
|
||||
|
|
@ -26,7 +27,7 @@ our @EXPORT = qw(&www_deployPackage );
|
|||
sub _duplicateWobjects {
|
||||
my (%properties);
|
||||
tie %properties, 'Tie::CPHash';
|
||||
my $sth = WebGUI::SQL->read("select * from wobject where pageId=$_[0] order by sequenceNumber");
|
||||
my $sth = WebGUI::SQL->read("select * from wobject where pageId=".quote($_[0])." order by sequenceNumber");
|
||||
while (my $wobject = $sth->hashRef) {
|
||||
my $cmd = "WebGUI::Wobject::".${$wobject}{namespace};
|
||||
my $load = "use ".$cmd;
|
||||
|
|
@ -43,12 +44,12 @@ sub _recursePageTree {
|
|||
my ($a, %package, %newParent, $newPageId, $sequenceNumber, $urlizedTitle);
|
||||
tie %newParent, 'Tie::CPHash';
|
||||
tie %package, 'Tie::CPHash';
|
||||
%newParent = WebGUI::SQL->quickHash("select * from page where pageId=$_[1]");
|
||||
%newParent = WebGUI::SQL->quickHash("select * from page where pageId=".quote($_[1]));
|
||||
_duplicateWobjects($_[0],$_[1]);
|
||||
($sequenceNumber) = WebGUI::SQL->quickArray("select max(sequenceNumber) from page where parentId=$_[1]");
|
||||
$a = WebGUI::SQL->read("select * from page where parentId=$_[0] order by sequenceNumber");
|
||||
($sequenceNumber) = WebGUI::SQL->quickArray("select max(sequenceNumber) from page where parentId=".quote($_[1]));
|
||||
$a = WebGUI::SQL->read("select * from page where parentId=".quote($_[0])." order by sequenceNumber");
|
||||
while (%package = $a->hash) {
|
||||
$newPageId = getNextId("pageId");
|
||||
$newPageId = WebGUI::Id::generate();
|
||||
$sequenceNumber++;
|
||||
$urlizedTitle = WebGUI::Page::makeUnique($package{urlizedTitle});
|
||||
WebGUI::SQL->write("insert into page (
|
||||
|
|
@ -82,7 +83,7 @@ sub _recursePageTree {
|
|||
wobjectPrivileges
|
||||
) values (
|
||||
$newPageId,
|
||||
$_[1],
|
||||
".quote($_[1]).",
|
||||
".quote($package{title}).",
|
||||
$newParent{styleId},
|
||||
$session{user}{userId},
|
||||
|
|
@ -107,7 +108,7 @@ sub _recursePageTree {
|
|||
$package{newWindow},
|
||||
$package{cacheTimeout},
|
||||
$package{cacheTimeoutVisitor},
|
||||
$package{printableStyleId},
|
||||
".quote($package{printableStyleId}).",
|
||||
$package{wobjectPrivileges}
|
||||
)");
|
||||
_recursePageTree($package{pageId},$newPageId);
|
||||
|
|
|
|||
|
|
@ -215,7 +215,7 @@ sub _traversePageTree {
|
|||
.moveRightIcon(sprintf('op=moveTreePageRight&pageId=%s',$currentPageId), $currentUrlizedTitle)
|
||||
.editIcon('op=editPage', $currentUrlizedTitle)
|
||||
.' <a href="'.WebGUI::URL::gateway($currentUrlizedTitle).'">'.$currentPage->get('title').'</a><br>';
|
||||
$wobjects = WebGUI::SQL->read("select * from wobject where pageId=$currentPageId");
|
||||
$wobjects = WebGUI::SQL->read("select * from wobject where pageId=".quote($currentPageId));
|
||||
while (%wobject = $wobjects->hash) {
|
||||
$output .= $spacer x $options->{_depth} . $spacer
|
||||
.wobjectIcon()
|
||||
|
|
@ -338,7 +338,7 @@ sub www_editPage {
|
|||
if ($buildFromPage == 0) {
|
||||
$buildFromPage = $session{setting}{defaultPage};
|
||||
}
|
||||
%page = WebGUI::SQL->quickHash("select * from page where pageId=$buildFromPage");
|
||||
%page = WebGUI::SQL->quickHash("select * from page where pageId=".quote($buildFromPage));
|
||||
$page{templateId} = 1;
|
||||
$page{pageId} = "new";
|
||||
$page{title} = $page{menuTitle} = $page{urlizedTitle} = $page{synopsis} = '';
|
||||
|
|
@ -349,7 +349,7 @@ sub www_editPage {
|
|||
$page{redirectURL} = "";
|
||||
} else {
|
||||
%page = %{$session{page}};
|
||||
($childCount) = WebGUI::SQL->quickArray("select count(*) from page where parentId=$page{pageId}");
|
||||
($childCount) = WebGUI::SQL->quickArray("select count(*) from page where parentId=".quote($page{pageId}));
|
||||
}
|
||||
$page{endDate} = (addToDate(time(),10)) if ($page{endDate} < 0);
|
||||
$output = helpIcon("page add/edit");
|
||||
|
|
@ -487,9 +487,9 @@ sub www_editPage {
|
|||
if (WebGUI::Grouping::isInGroup(3)) {
|
||||
my $contentManagers = WebGUI::Grouping::getUsersInGroup(4,1);
|
||||
push (@$contentManagers, $session{user}{userId});
|
||||
$clause = "userId in (".join(",",@$contentManagers).")";
|
||||
$clause = "userId in (".quoteAndJoin($contentManagers).")";
|
||||
} else {
|
||||
$clause = "userId=$page{ownerId}";
|
||||
$clause = "userId=".quote($page{ownerId});
|
||||
}
|
||||
my $users = WebGUI::SQL->buildHashRef("select userId,username from users where $clause order by username");
|
||||
$f->getTab("privileges")->select(
|
||||
|
|
@ -598,7 +598,7 @@ sub www_editPageSave {
|
|||
synopsis => $session{form}{synopsis}
|
||||
});
|
||||
unless ($session{form}{pageId} == 'new') {
|
||||
WebGUI::SQL->write("update wobject set templatePosition=1 where pageId=$session{form}{pageId}
|
||||
WebGUI::SQL->write("update wobject set templatePosition=1 where pageId=".quote($session{form}{pageId})."
|
||||
and templatePosition>".WebGUI::Page::countTemplatePositions($session{form}{templateId}));
|
||||
}
|
||||
_recursivelyChangeProperties($page) if ($session{form}{recursePrivs} || $session{form}{recurseStyle});
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ sub getRequiredProfileFields {
|
|||
|
||||
sub isDuplicateEmail {
|
||||
my $email = shift;
|
||||
my ($otherEmail) = WebGUI::SQL->quickArray("select count(*) from userProfileData where fieldName='email' and fieldData = ".quote($email)." and userId <> ".$session{user}{userId});
|
||||
my ($otherEmail) = WebGUI::SQL->quickArray("select count(*) from userProfileData where fieldName='email' and fieldData = ".quote($email)." and userId <> ".quote($session{user}{userId}));
|
||||
return ($otherEmail > 0);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -174,25 +174,25 @@ sub www_viewStatistics {
|
|||
$version = '<a href="http://files.plainblack.com/downloads/'.$rev[0].'.x.x/webgui-'.$version.'.tar.gz">'.$version.'</a>';
|
||||
}
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(349).':</td><td class="tableData">'.$version.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from page where parentId>1000 and parentId<>3");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from page where parentId<>3");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(147).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from page where parentId>1000 and parentId=0");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from page where parentId=0");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(795).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from page where parentId=5");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(794).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from wobject where wobjectId > 0 and pageId<>3");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from wobject where pageId<>3");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(148).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from template where templateId>1000 and namespace='style'");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from template where namespace='style'");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(427).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from template where templateId>1000 and namespace<>'style'");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from template where namespace<>'style'");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(792).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from collateral");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(793).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from userSession");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(146).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from users where userId>25");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from users");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(149).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from groups where groupId>25");
|
||||
($data) = WebGUI::SQL->quickArray("select count(*) from groups");
|
||||
$output .= '<tr><td align="right" class="tableHeader">'.WebGUI::International::get(89).':</td><td class="tableData">'.$data.'</td></tr>';
|
||||
$output .= '</table>';
|
||||
return _submenu($output);
|
||||
|
|
|
|||
|
|
@ -37,10 +37,10 @@ sub _purgeUserTrash {
|
|||
#WebGUI::ErrorHandler::audit("emptying user trash");
|
||||
|
||||
# Delete wobjects
|
||||
$b = WebGUI::SQL->read("select * from wobject where pageId=3 and bufferUserId=" . $userId);
|
||||
$b = WebGUI::SQL->read("select * from wobject where pageId=3 and bufferUserId=" . quote($userId));
|
||||
while ($base = $b->hashRef) {
|
||||
$extended = WebGUI::SQL->quickHashRef("select * from ".$base->{namespace}."
|
||||
where wobjectId=".$base->{wobjectId});
|
||||
where wobjectId=".quote($base->{wobjectId}));
|
||||
%properties = (%{$base}, %{$extended});
|
||||
$cmd = "WebGUI::Wobject::".$properties{namespace};
|
||||
my $load = "use ".$cmd;
|
||||
|
|
@ -68,10 +68,10 @@ sub _purgeUserTrash {
|
|||
sub _purgeWobject {
|
||||
my (%properties, $base, $extended, $b, $wobjectId, $namespace, $w, $cmd);
|
||||
tie %properties, 'Tie::CPHash';
|
||||
$b = WebGUI::SQL->read("select * from wobject where wobjectId=$_[0]");
|
||||
$b = WebGUI::SQL->read("select * from wobject where wobjectId=".quote($_[0]));
|
||||
while ($base = $b->hashRef) {
|
||||
$extended = WebGUI::SQL->quickHashRef("select * from ".$base->{namespace}."
|
||||
where wobjectId=".$base->{wobjectId});
|
||||
where wobjectId=".quote($base->{wobjectId}));
|
||||
%properties = (%{$base}, %{$extended});
|
||||
$cmd = "WebGUI::Wobject::".$properties{namespace};
|
||||
my $load = "use ".$cmd;
|
||||
|
|
@ -87,10 +87,10 @@ sub _purgeWobject {
|
|||
sub _purgeWobjects {
|
||||
my (%properties, $base, $extended, $b, $wobjectId, $namespace, $w, $cmd);
|
||||
tie %properties, 'Tie::CPHash';
|
||||
$b = WebGUI::SQL->read("select * from wobject where pageId=$_[0]");
|
||||
$b = WebGUI::SQL->read("select * from wobject where pageId=".quote($_[0]));
|
||||
while ($base = $b->hashRef) {
|
||||
$extended = WebGUI::SQL->quickHashRef("select * from ".$base->{namespace}."
|
||||
where wobjectId=".$base->{wobjectId});
|
||||
where wobjectId=".quote($base->{wobjectId}));
|
||||
%properties = (%{$base}, %{$extended});
|
||||
$cmd = "WebGUI::Wobject::".$properties{namespace};
|
||||
my $load = "use ".$cmd;
|
||||
|
|
@ -105,11 +105,11 @@ sub _purgeWobjects {
|
|||
#-------------------------------------------------------------------
|
||||
sub _recursePageTree {
|
||||
my ($a, $pageId);
|
||||
$a = WebGUI::SQL->read("select pageId from page where parentId=$_[0]");
|
||||
$a = WebGUI::SQL->read("select pageId from page where parentId=".quote($_[0]));
|
||||
while (($pageId) = $a->array) {
|
||||
_recursePageTree($pageId);
|
||||
_purgeWobjects($pageId);
|
||||
WebGUI::SQL->write("delete from page where pageId=$pageId");
|
||||
WebGUI::SQL->write("delete from page where pageId=".quote($pageId));
|
||||
}
|
||||
$a->finish;
|
||||
}
|
||||
|
|
@ -138,14 +138,14 @@ sub www_cutTrashItem {
|
|||
if ($session{form}{wid} ne "") {
|
||||
if ( ($session{setting}{sharedTrash} ne "1") && (!(WebGUI::Grouping::isInGroup(3)) ) ) {
|
||||
my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject "
|
||||
."where wobjectId=" .$session{form}{wid});
|
||||
."where wobjectId=" .quote($session{form}{wid}));
|
||||
return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId});
|
||||
}
|
||||
WebGUI::SQL->write("update wobject set pageId=2, "
|
||||
."bufferUserId=". $session{user}{userId} .", "
|
||||
."bufferUserId=". quote($session{user}{userId}) .", "
|
||||
."bufferDate=". time() .", "
|
||||
."bufferPrevId=3 "
|
||||
."where wobjectId=" .$session{form}{wid});
|
||||
."where wobjectId=" .quote($session{form}{wid}));
|
||||
WebGUI::ErrorHandler::audit("moved wobject ". $session{form}{wid} ." from trash to clipboard");
|
||||
} elsif ($session{form}{pageId} ne "") {
|
||||
my $page = WebGUI::Page->getPage($session{form}{pageId});
|
||||
|
|
@ -195,7 +195,7 @@ sub www_deleteTrashItemConfirm {
|
|||
_purgeWobject($session{form}{wid});
|
||||
} else {
|
||||
my ($bufferUserId) = WebGUI::SQL->quickArray("select bufferUserId from wobject "
|
||||
."where wobjectId=" .$session{form}{wid});
|
||||
."where wobjectId=" .quote($session{form}{wid}));
|
||||
return WebGUI::Privilege::insufficient() unless ($bufferUserId eq $session{user}{userId});
|
||||
_purgeWobject($session{form}{wid});
|
||||
}
|
||||
|
|
@ -298,7 +298,7 @@ sub www_manageTrash {
|
|||
} else {
|
||||
$sth = WebGUI::SQL->read("select pageId,title,urlizedTitle,bufferUserId,bufferDate,bufferPrevId "
|
||||
."from page where parentId=3 and bufferUserId="
|
||||
. $session{user}{userId} . " order by bufferDate");
|
||||
. quote($session{user}{userId}) . " order by bufferDate");
|
||||
}
|
||||
while (@data = $sth->array) {
|
||||
my ($pageId,$title,$urlizedTitle,$bufferUserId,$bufferDate,$bufferPrevId,$url,$htmlData);
|
||||
|
|
@ -309,7 +309,7 @@ sub www_manageTrash {
|
|||
|
||||
$bufferUserId = $data[3];
|
||||
if ($bufferUserId ne "") {
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".$bufferUserId);
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".quote($bufferUserId));
|
||||
$bufferUserId = '<a href="' .WebGUI::URL::page('op=viewProfile&uid='.$bufferUserId) .'">'
|
||||
.$bufferUsername .'</a>';
|
||||
}
|
||||
|
|
@ -317,7 +317,7 @@ sub www_manageTrash {
|
|||
$bufferPrevId = $data[5];
|
||||
if ($bufferPrevId ne "") {
|
||||
($bufferPrevId,$url) = WebGUI::SQL->quickArray("select title,urlizedTitle "
|
||||
."from page where pageId=".$bufferPrevId);
|
||||
."from page where pageId=".quote($bufferPrevId));
|
||||
if ($url ne "") {
|
||||
$bufferPrevId = '<a href="'. WebGUI::URL::gateway($url) .'">' .$bufferPrevId .'</a>';
|
||||
}
|
||||
|
|
@ -350,7 +350,7 @@ sub www_manageTrash {
|
|||
} else {
|
||||
$sth = WebGUI::SQL->read("select wobjectId,namespace,title,bufferUserId,bufferDate,bufferPrevId "
|
||||
. "from wobject where pageId=3 and bufferUserId="
|
||||
. $session{user}{userId} ." order by bufferDate");
|
||||
. quote($session{user}{userId}) ." order by bufferDate");
|
||||
}
|
||||
while (@data = $sth->array) {
|
||||
my ($wobjectId,$namespace,$title,$bufferUserId,$bufferDate,$bufferPrevId,$url,$htmlData);
|
||||
|
|
@ -363,7 +363,7 @@ sub www_manageTrash {
|
|||
$bufferPrevId = $data[5];
|
||||
if ($bufferPrevId ne "") {
|
||||
($bufferPrevId,$url) = WebGUI::SQL->quickArray("select title,urlizedTitle "
|
||||
."from page where pageId=".$bufferPrevId);
|
||||
."from page where pageId=".quote($bufferPrevId));
|
||||
if ($url ne "") {
|
||||
$bufferPrevId = '<a href="'. WebGUI::URL::gateway($url) .'">' .$bufferPrevId .'</a>';
|
||||
}
|
||||
|
|
@ -372,7 +372,7 @@ sub www_manageTrash {
|
|||
|
||||
$bufferUserId = $data[3];
|
||||
if ($bufferUserId ne "") {
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".$bufferUserId);
|
||||
my ($bufferUsername) = WebGUI::SQL->quickArray("select username from users where userId=".quote($bufferUserId));
|
||||
$bufferUserId = '<a href="' .WebGUI::URL::page('op=viewProfile&uid='.$bufferUserId) .'">'
|
||||
.$bufferUsername .'</a>';
|
||||
}
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ sub doUserSearch {
|
|||
my $sql = "select users.userId, users.username, users.status, users.dateCreated, users.lastUpdated,
|
||||
email.fieldData as email from users left join userProfileData email on users.userId=email.userId and email.fieldName='email'
|
||||
where $selectedStatus and (users.username like ".$keyword." or email.fieldData like ".$keyword.")
|
||||
and users.userId not in (".join(",",@{$userFilter}).") order by users.username";
|
||||
and users.userId not in (".quoteAndJoin($userFilter).") order by users.username";
|
||||
if ($returnPaginator) {
|
||||
my $p = WebGUI::Paginator->new(WebGUI::URL::page($op));
|
||||
$p->setDataByQuery($sql);
|
||||
|
|
@ -272,7 +272,7 @@ sub www_deleteGrouping {
|
|||
sub www_deleteUser {
|
||||
my ($output);
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
|
||||
if ($session{form}{uid} < 26) {
|
||||
if ($session{form}{uid} == 1 || $session{form}{uid} == 3) {
|
||||
return WebGUI::Privilege::vitalComponent();
|
||||
} else {
|
||||
$output .= helpIcon("user delete");
|
||||
|
|
@ -290,7 +290,7 @@ sub www_deleteUser {
|
|||
sub www_deleteUserConfirm {
|
||||
return WebGUI::Privilege::adminOnly() unless (WebGUI::Grouping::isInGroup(3));
|
||||
my ($u);
|
||||
if ($session{form}{uid} < 26) {
|
||||
if ($session{form}{uid} == 1 || $session{form}{uid} == 3) {
|
||||
return WebGUI::Privilege::vitalComponent();
|
||||
} else {
|
||||
$u = WebGUI::User->new($session{form}{uid});
|
||||
|
|
@ -504,7 +504,7 @@ sub www_editUserProfile {
|
|||
$f = WebGUI::HTMLForm->new;
|
||||
$f->hidden("op","editUserProfileSave");
|
||||
$f->hidden("uid",$session{form}{uid});
|
||||
%user = WebGUI::SQL->buildHash("select fieldName,fieldData from userProfileData where userId=$session{form}{uid}");
|
||||
%user = WebGUI::SQL->buildHash("select fieldName,fieldData from userProfileData where userId=".quote($session{form}{uid}));
|
||||
$a = WebGUI::SQL->read("select * from userProfileField,userProfileCategory
|
||||
where userProfileField.profileCategoryId=userProfileCategory.profileCategoryId
|
||||
order by userProfileCategory.sequenceNumber,userProfileField.sequenceNumber");
|
||||
|
|
|
|||
|
|
@ -24,6 +24,7 @@ use WebGUI::Grouping;
|
|||
use WebGUI::HTMLForm;
|
||||
use WebGUI::HTTP;
|
||||
use WebGUI::Icon;
|
||||
use WebGUI::Id;
|
||||
use WebGUI::Macro;
|
||||
use WebGUI::Session;
|
||||
use WebGUI::SQL;
|
||||
|
|
@ -145,7 +146,7 @@ sub add {
|
|||
my ($self, $page, $newPageId);
|
||||
$self = shift;
|
||||
|
||||
$newPageId = getNextId('pageId');
|
||||
$newPageId = WebGUI::Id::generate();
|
||||
$self->add_child_to_right(
|
||||
id =>$self->get('pageId'),
|
||||
pageId =>$newPageId,
|
||||
|
|
@ -154,7 +155,7 @@ sub add {
|
|||
);
|
||||
|
||||
# Fixup the 'id' column that has the wrong value.
|
||||
WebGUI::SQL->write("update page set id=pageId where pageId=$newPageId");
|
||||
WebGUI::SQL->write("update page set id=pageId where pageId=".quote($newPageId));
|
||||
|
||||
$self->recacheNavigation;
|
||||
|
||||
|
|
@ -198,7 +199,7 @@ sub canEdit {
|
|||
my (%page);
|
||||
tie %page, 'Tie::CPHash';
|
||||
if ($pageId ne $session{page}{pageId}) {
|
||||
%page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=$pageId");
|
||||
%page = WebGUI::SQL->quickHash("select ownerId,groupIdEdit from page where pageId=".quote($pageId));
|
||||
} else {
|
||||
%page = %{$session{page}};
|
||||
}
|
||||
|
|
@ -294,7 +295,7 @@ sub canView {
|
|||
if ($pageId eq $session{page}{pageId}) {
|
||||
%page = %{$session{page}};
|
||||
} else {
|
||||
%page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=$pageId",WebGUI::SQL->getSlave);
|
||||
%page = WebGUI::SQL->quickHash("select ownerId,groupIdView,startDate,endDate from page where pageId=".quote($pageId),WebGUI::SQL->getSlave);
|
||||
}
|
||||
if ($session{user}{userId} == $page{ownerId}) {
|
||||
return 1;
|
||||
|
|
@ -501,7 +502,7 @@ sub generate {
|
|||
.moveDownIcon('op=movePageDown')
|
||||
.cutIcon('op=cutPage');
|
||||
$var{'page.controls'} .= exportIcon('op=exportPage') if defined ($session{config}{exportPath});
|
||||
my $sth = WebGUI::SQL->read("select * from wobject where pageId=".$session{page}{pageId}." order by sequenceNumber, wobjectId",WebGUI::SQL->getSlave);
|
||||
my $sth = WebGUI::SQL->read("select * from wobject where pageId=".quote($session{page}{pageId})." order by sequenceNumber, wobjectId",WebGUI::SQL->getSlave);
|
||||
while (my $wobject = $sth->hashRef) {
|
||||
my $wobjectToolbar = wobjectIcon()
|
||||
.deleteIcon('func=delete&wid='.${$wobject}{wobjectId})
|
||||
|
|
@ -517,11 +518,11 @@ sub generate {
|
|||
}
|
||||
if (${$wobject}{namespace} eq "WobjectProxy") {
|
||||
my $originalWobject = $wobject;
|
||||
my ($wobjectProxy) = WebGUI::SQL->quickHashRef("select * from WobjectProxy where wobjectId=".${$wobject}{wobjectId},WebGUI::SQL->getSlave);
|
||||
my ($wobjectProxy) = WebGUI::SQL->quickHashRef("select * from WobjectProxy where wobjectId=".quote(${$wobject}{wobjectId}),WebGUI::SQL->getSlave);
|
||||
if($wobjectProxy->{proxyByCriteria}) {
|
||||
$wobjectProxy->{proxiedWobjectId} = WebGUI::MetaData::getWobjectByCriteria($wobjectProxy) || $wobjectProxy->{proxiedWobjectId};
|
||||
}
|
||||
$wobject = WebGUI::SQL->quickHashRef("select * from wobject where wobject.wobjectId=".$wobjectProxy->{proxiedWobjectId},WebGUI::SQL->getSlave);
|
||||
$wobject = WebGUI::SQL->quickHashRef("select * from wobject where wobject.wobjectId=".quote($wobjectProxy->{proxiedWobjectId}),WebGUI::SQL->getSlave);
|
||||
if (${$wobject}{namespace} eq "") {
|
||||
$wobject = $originalWobject;
|
||||
} else {
|
||||
|
|
@ -583,7 +584,7 @@ sub generation {
|
|||
from page as a,
|
||||
page as b
|
||||
where a.depth = b.depth and
|
||||
b.pageId = ".$self->get('pageId').
|
||||
b.pageId = ".quote($self->get('pageId')).
|
||||
" order by nestedSetLeft");
|
||||
|
||||
while (%row = $sth->hash) {
|
||||
|
|
@ -981,7 +982,7 @@ sub leaves_under {
|
|||
page as b
|
||||
where (a.nestedSetLeft between b.nestedSetLeft and b.nestedSetRight) and
|
||||
(a.nestedSetRight = a.nestedSetLeft + 1)
|
||||
b.pageId = ".$self->get('pageId').
|
||||
b.pageId = ".quote($self->get('pageId')).
|
||||
" order by nestedSetLeft");
|
||||
|
||||
while (%row = $sth->hash) {
|
||||
|
|
@ -1016,7 +1017,7 @@ sub makeUnique {
|
|||
my $pageId = $_[1] || "new";
|
||||
my $where;
|
||||
unless ($pageId eq "new") {
|
||||
$where .= " and pageId<>".$pageId;
|
||||
$where .= " and pageId<>".quote($pageId);
|
||||
}
|
||||
my ($test) = WebGUI::SQL->quickArray("select urlizedTitle from page where urlizedTitle=".quote($url).$where);
|
||||
if ($test) {
|
||||
|
|
@ -1110,7 +1111,7 @@ sub move{
|
|||
WebGUI::SQL->write($sql);
|
||||
|
||||
# Set the parentId to the right node.
|
||||
WebGUI::SQL->write("update page set parentId=".$newMother->get('pageId')." where pageId=".$self->get('pageId'));
|
||||
WebGUI::SQL->write("update page set parentId=".quote($newMother->get('pageId'))." where pageId=".quote($self->get('pageId')));
|
||||
|
||||
WebGUI::Page->recacheNavigation;
|
||||
|
||||
|
|
@ -1282,7 +1283,7 @@ sub new {
|
|||
no_locking => 1
|
||||
);
|
||||
unless (ref($properties)) {
|
||||
$properties = WebGUI::SQL->quickHashRef("select * from page where pageId=$_[1]");
|
||||
$properties = WebGUI::SQL->quickHashRef("select * from page where pageId=".quote($_[1]));
|
||||
}
|
||||
|
||||
return undef unless (defined $properties->{pageId});
|
||||
|
|
@ -1440,7 +1441,7 @@ sub self_and_sisters {
|
|||
from page as a,
|
||||
page as b
|
||||
where a.parentId = b.parentId and
|
||||
b.pageId = ".$self->get('pageId').
|
||||
b.pageId = ".quote($self->get('pageId')).
|
||||
" order by nestedSetLeft");
|
||||
while (%row = $sth->hash) {
|
||||
push(@result, {(%row)});
|
||||
|
|
@ -1495,8 +1496,8 @@ sub sisters {
|
|||
"select a.*
|
||||
from page as a,
|
||||
page as b
|
||||
where a.pageId !=".$self->get('pageId')." and
|
||||
a.parentId = b.parentId and b.pageId = ".$self->get('pageId').
|
||||
where a.pageId !=".quote($self->get('pageId'))." and
|
||||
a.parentId = b.parentId and b.pageId = ".quote($self->get('pageId')).
|
||||
" order by nestedSetLeft");
|
||||
while (%row = $sth->hash) {
|
||||
push(@result, {(%row)});
|
||||
|
|
@ -1559,7 +1560,7 @@ sub setWithoutRecache {
|
|||
$properties = $self->{_properties} unless ($properties);
|
||||
|
||||
if (scalar(keys(%{$properties}))) {
|
||||
WebGUI::SQL->write("update page set ".join(', ', map {"$_=".quote($properties->{$_})} keys %{$properties})." where pageId=".$self->get('pageId'));
|
||||
WebGUI::SQL->write("update page set ".join(', ', map {"$_=".quote($properties->{$_})} keys %{$properties})." where pageId=".quote($self->get('pageId')));
|
||||
}
|
||||
|
||||
return "";
|
||||
|
|
|
|||
|
|
@ -79,7 +79,7 @@ sub _setupPageInfo {
|
|||
$pageName =~ s/\'//;
|
||||
$pageName =~ s/\"//;
|
||||
if ($pageName ne "") {
|
||||
($pageId) = WebGUI::SQL->quickArray("select pageId from page where urlizedTitle='".$pageName."'");
|
||||
($pageId) = WebGUI::SQL->quickArray("select pageId from page where urlizedTitle=".quote($pageName));
|
||||
if ($pageId eq "") {
|
||||
$pageId = $session{setting}{notFoundPage};
|
||||
if($ENV{"MOD_PERL"}) {
|
||||
|
|
@ -96,7 +96,7 @@ sub _setupPageInfo {
|
|||
$pageId = $session{setting}{defaultPage};
|
||||
}
|
||||
}
|
||||
%page = WebGUI::SQL->quickHash("select * from page where pageId='".$pageId."'");
|
||||
%page = WebGUI::SQL->quickHash("select * from page where pageId=".quote($pageId));
|
||||
$session{page} = \%page;
|
||||
}
|
||||
|
||||
|
|
@ -105,7 +105,7 @@ sub _setupSessionVars {
|
|||
my (%vars, $uid, $encryptedPassword);
|
||||
tie %vars, 'Tie::CPHash';
|
||||
if ($_[0] ne "") {
|
||||
%vars = WebGUI::SQL->quickHash("select * from userSession where sessionId='$_[0]'");
|
||||
%vars = WebGUI::SQL->quickHash("select * from userSession where sessionId=".quote($_[0]));
|
||||
if ($vars{expires} < _time() ) { #|| $vars{lastIP} ne $session{env}{REMOTE_ADDR}) { # had to remove for revolving ip proxies
|
||||
%vars = ();
|
||||
WebGUI::Session::end($_[0]);
|
||||
|
|
@ -127,17 +127,16 @@ sub _setupUserInfo {
|
|||
my (%default, $key, %user, $uid, %profile, $value);
|
||||
tie %user, 'Tie::CPHash';
|
||||
$uid = $_[0] || 1;
|
||||
%user = WebGUI::SQL->quickHash("select * from users where userId='$uid'");
|
||||
%user = WebGUI::SQL->quickHash("select * from users where userId=".quote($uid));
|
||||
if ($user{userId} eq "") {
|
||||
_setupUserInfo("1");
|
||||
} else {
|
||||
%profile = WebGUI::SQL->buildHash("select userProfileField.fieldName, userProfileData.fieldData
|
||||
from userProfileData, userProfileField where userProfileData.fieldName=userProfileField.fieldName
|
||||
and userProfileData.userId='$user{userId}'");
|
||||
and userProfileData.userId=".quote($user{userId}));
|
||||
%user = (%user, %profile);
|
||||
$user{language} = $session{page}{languageId} if ($user{userId} == 1 || $user{language} eq '');
|
||||
%default = WebGUI::SQL->buildHash("select fieldName, dataDefault from userProfileField
|
||||
where profileCategoryId=4");
|
||||
%default = WebGUI::SQL->buildHash("select fieldName, dataDefault from userProfileField where profileCategoryId=4");
|
||||
foreach $key (keys %default) {
|
||||
if ($user{$key} eq "") {
|
||||
$value = eval($default{$key});
|
||||
|
|
@ -212,7 +211,7 @@ The user for the session to become.
|
|||
=cut
|
||||
|
||||
sub convertVisitorToUser {
|
||||
WebGUI::SQL->write("update userSession set userId=$_[1] where sessionId=".quote($_[0]));
|
||||
WebGUI::SQL->write("update userSession set userId=".quote($_[1])." where sessionId=".quote($_[0]));
|
||||
if ($session{setting}{passiveProfilingEnabled}) {
|
||||
WebGUI::SQL->write("update passiveProfileLog set userId = ".quote($_[1])." where sessionId = ".quote($_[0]));
|
||||
}
|
||||
|
|
@ -285,8 +284,8 @@ The session to end.
|
|||
=cut
|
||||
|
||||
sub end {
|
||||
WebGUI::SQL->write("delete from userSession where sessionId='$_[0]'",$session{dbh});
|
||||
WebGUI::SQL->write("delete from userSessionScratch where sessionId='$_[0]'",$session{dbh});
|
||||
WebGUI::SQL->write("delete from userSession where sessionId=".quote($_[0]),$session{dbh});
|
||||
WebGUI::SQL->write("delete from userSessionScratch where sessionId=".quote($_[0]),$session{dbh});
|
||||
if ($_[0] eq $session{var}{sessionId}) {
|
||||
delete $session{user};
|
||||
delete $session{isInGroup};
|
||||
|
|
@ -538,10 +537,10 @@ sub start {
|
|||
$sessionId = $_[1] || _uniqueSessionId();
|
||||
if (($session{setting}{proxiedClientAddress} eq "1") && ($ENV{HTTP_X_FORWARDED_FOR} ne "")) {
|
||||
WebGUI::SQL->write("insert into userSession values ('$sessionId', ".
|
||||
(_time()+$session{setting}{sessionTimeout}).", "._time().", 0, '$ENV{HTTP_X_FORWARDED_FOR}', $_[0])");
|
||||
(_time()+$session{setting}{sessionTimeout}).", "._time().", 0, '$ENV{HTTP_X_FORWARDED_FOR}', ".quote($_[0]).")");
|
||||
} else {
|
||||
WebGUI::SQL->write("insert into userSession values ('$sessionId', ".
|
||||
(_time()+$session{setting}{sessionTimeout}).", "._time().", 0, '$ENV{REMOTE_ADDR}', $_[0])");
|
||||
(_time()+$session{setting}{sessionTimeout}).", "._time().", 0, '$ENV{REMOTE_ADDR}', ".quote($_[0]).")");
|
||||
}
|
||||
push @{$session{http}{cookie}}, $session{cgi}->cookie(
|
||||
-name=>"wgSession",
|
||||
|
|
|
|||
|
|
@ -18,6 +18,7 @@ use strict;
|
|||
use WebGUI::DateTime;
|
||||
use WebGUI::Grouping;
|
||||
use WebGUI::HTMLForm;
|
||||
use WebGUI::Id;
|
||||
use WebGUI::International;
|
||||
use WebGUI::Session;
|
||||
use WebGUI::SQL;
|
||||
|
|
@ -59,8 +60,8 @@ These methods are available from this class:
|
|||
#-------------------------------------------------------------------
|
||||
sub _create {
|
||||
my ($userId);
|
||||
$userId = getNextId("userId");
|
||||
WebGUI::SQL->write("insert into users (userId,dateCreated) values ($userId,".time().")");
|
||||
$userId = WebGUI::Id::generate();
|
||||
WebGUI::SQL->write("insert into users (userId,dateCreated) values (".quote($userId).",".time().")");
|
||||
WebGUI::Grouping::addUsersToGroups([$userId],[2,7]);
|
||||
return $userId;
|
||||
}
|
||||
|
|
@ -112,7 +113,7 @@ sub authMethod {
|
|||
if (defined $value) {
|
||||
$class->{_user}{"authMethod"} = $value;
|
||||
WebGUI::SQL->write("update users set authMethod=".quote($value).",
|
||||
lastUpdated=".time()." where userId=$class->{_userId}");
|
||||
lastUpdated=".time()." where userId=".quote($class->{_userId}));
|
||||
}
|
||||
return $class->{_user}{"authMethod"};
|
||||
}
|
||||
|
|
@ -139,14 +140,14 @@ Deletes this user.
|
|||
|
||||
sub delete {
|
||||
my $class = shift;
|
||||
WebGUI::SQL->write("delete from users where userId=".$class->{_userId});
|
||||
WebGUI::SQL->write("delete from userProfileData where userId=".$class->{_userId});
|
||||
WebGUI::SQL->write("delete from users where userId=".quote($class->{_userId}));
|
||||
WebGUI::SQL->write("delete from userProfileData where userId=".quote($class->{_userId}));
|
||||
WebGUI::Grouping::deleteUsersFromGroups([$class->{_userId}],WebGUI::Grouping::getGroupsForUser($class->{_userId}));
|
||||
WebGUI::SQL->write("delete from messageLog where userId=".$class->{_userId});
|
||||
WebGUI::SQL->write("delete from messageLog where userId=".quote($class->{_userId}));
|
||||
|
||||
my $authMethod = WebGUI::Operation::Auth::getInstance($class->authMethod,$class->{_userId});
|
||||
$authMethod->deleteParams($class->{_userId});
|
||||
my $sth = WebGUI::SQL->read("select sessionId from userSession where userId=$class->{_userId}");
|
||||
my $sth = WebGUI::SQL->read("select sessionId from userSession where userId=".quote($class->{_userId}));
|
||||
while (my ($sid) = $sth->array) {
|
||||
WebGUI::Session::end($sid);
|
||||
}
|
||||
|
|
@ -182,7 +183,7 @@ sub identifier {
|
|||
if (defined $value) {
|
||||
$class->{_user}{"identifier"} = $value;
|
||||
WebGUI::SQL->write("update authentication set fieldData=".quote($value)."
|
||||
where userId=$class->{_userId} and authMethod='WebGUI' and fieldName='identifier'");
|
||||
where userId=".quote($class->{_userId})." and authMethod='WebGUI' and fieldName='identifier'");
|
||||
}
|
||||
return $class->{_user}{"identifier"};
|
||||
}
|
||||
|
|
@ -213,8 +214,8 @@ A description of why this user's karma was modified. For instance it could be "M
|
|||
|
||||
sub karma {
|
||||
if (defined $_[1] && defined $_[2] && defined $_[3]) {
|
||||
WebGUI::SQL->write("update users set karma=karma+$_[1] where userId=".$_[0]->userId);
|
||||
WebGUI::SQL->write("insert into karmaLog values (".$_[0]->userId.",$_[1],".quote($_[2]).",".quote($_[3]).",".time().")");
|
||||
WebGUI::SQL->write("update users set karma=karma+".quote($_[1])." where userId=".quote($_[0]->userId));
|
||||
WebGUI::SQL->write("insert into karmaLog values (".quote($_[0]->userId).",$_[1],".quote($_[2]).",".quote($_[3]).",".time().")");
|
||||
}
|
||||
return $_[0]->{_user}{karma};
|
||||
}
|
||||
|
|
@ -253,10 +254,10 @@ sub new {
|
|||
$class = shift;
|
||||
$userId = shift || 1;
|
||||
$userId = _create() if ($userId eq "new");
|
||||
%user = WebGUI::SQL->quickHash("select * from users where userId='$userId'");
|
||||
%user = WebGUI::SQL->quickHash("select * from users where userId=".quote($userId));
|
||||
%profile = WebGUI::SQL->buildHash("select userProfileField.fieldName, userProfileData.fieldData
|
||||
from userProfileField, userProfileData where userProfileField.fieldName=userProfileData.fieldName and
|
||||
userProfileData.userId='$user{userId}'");
|
||||
userProfileData.userId=".quote($user{userId}));
|
||||
%default = WebGUI::SQL->buildHash("select fieldName, dataDefault from userProfileField where profileCategoryId=4");
|
||||
foreach $key (keys %default) {
|
||||
if ($profile{$key} eq "") {
|
||||
|
|
@ -299,9 +300,9 @@ sub profileField {
|
|||
$value = WebGUI::Macro::negate($value); # Len Kranendonk - 20030701: fixed security hole
|
||||
if (defined $value) {
|
||||
$class->{_profile}{$fieldName} = $value;
|
||||
WebGUI::SQL->write("delete from userProfileData where userId=$class->{_userId} and fieldName=".quote($fieldName));
|
||||
WebGUI::SQL->write("insert into userProfileData values ($class->{_userId}, ".quote($fieldName).", ".quote($value).")");
|
||||
WebGUI::SQL->write("update users set lastUpdated=".time()." where userId=".$class->{_userId});
|
||||
WebGUI::SQL->write("delete from userProfileData where userId=".quote($class->{_userId})." and fieldName=".quote($fieldName));
|
||||
WebGUI::SQL->write("insert into userProfileData values (".quote($class->{_userId}).", ".quote($fieldName).", ".quote($value).")");
|
||||
WebGUI::SQL->write("update users set lastUpdated=".time()." where userId=".quote($class->{_userId}));
|
||||
}
|
||||
return $class->{_profile}{$fieldName};
|
||||
}
|
||||
|
|
@ -328,8 +329,8 @@ sub referringAffiliate {
|
|||
$value = shift;
|
||||
if (defined $value) {
|
||||
$class->{_user}{"referringAffiliate"} = $value;
|
||||
WebGUI::SQL->write("update users set referringAffiliate=".$value.",
|
||||
lastUpdated=".time()." where userId=$class->{_userId}");
|
||||
WebGUI::SQL->write("update users set referringAffiliate=".quote($value).",
|
||||
lastUpdated=".time()." where userId=".quote($class->{_userId}));
|
||||
}
|
||||
return $class->{_user}{"referringAffiliate"};
|
||||
}
|
||||
|
|
@ -357,7 +358,7 @@ sub status {
|
|||
if (defined $value) {
|
||||
$class->{_user}{"status"} = $value;
|
||||
WebGUI::SQL->write("update users set status=".quote($value).",
|
||||
lastUpdated=".time()." where userId=$class->{_userId}");
|
||||
lastUpdated=".time()." where userId=".quote($class->{_userId}));
|
||||
}
|
||||
return $class->{_user}{"status"};
|
||||
}
|
||||
|
|
@ -385,7 +386,7 @@ sub username {
|
|||
if (defined $value) {
|
||||
$class->{_user}{"username"} = $value;
|
||||
WebGUI::SQL->write("update users set username=".quote($value).",
|
||||
lastUpdated=".time()." where userId=$class->{_userId}");
|
||||
lastUpdated=".time()." where userId=".quote($class->{_userId}));
|
||||
}
|
||||
return $class->{_user}{"username"};
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue