claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- access most globals by their $_XYZ['varname'] name

Browse Source 
- fix some code errors and typos (missing $ in front of variable names
and so on)
- fixed a lot of warnings that would have been thrown when error_reporting
is set to show notices (if(isset($variable))) instead of if($variable) for
example)
This commit is contained in:
Jonathan Ernst
2004-12-10 01:07:45 +00:00
committed by WineHQ
parent 972270f27a
commit bd91db228c
24 changed files with 146 additions and 165 deletions
Download Patch File Download Diff File Expand all files Collapse all files

57
account.php
View File

@@ -13,13 +13,14 @@ header("Pragma: no-cache");
header("Cache-control: no-cache"); header("Cache-control: no-cache");
//check command and process //check command and process
do_account($cmd); if(isset($_POST['cmd']))
do_account($_POST['cmd']);
else
do_account($_GET['cmd']);
//process according to $cmd from URL //process according to $cmd from URL
function do_account($cmd = null) function do_account($cmd = null)
{ {
global $ext_username, $ext_password, $ext_password2, $ext_realname, $ext_email;
if (! $cmd) return 0; if (! $cmd) return 0;
switch($cmd) switch($cmd)
{ {
@@ -68,58 +69,56 @@ function retry($cmd, $msg)
//create new account //create new account
function cmd_do_new() function cmd_do_new()
{ {
global $ext_username, $ext_password, $ext_password2, $ext_realname, $ext_email;
global $current; if(ereg("^.+@.+\\..+$", $_POST['ext_username']))
if(ereg("^.+@.+\\..+$", $ext_username))
{ {
$ext_username = ""; $_POST['ext_username'] = "";
retry("new", "Invalid Username, must not contain special characters"); retry("new", "Invalid Username, must not contain special characters");
return; return;
} }
if(strlen($ext_username) < 3) if(strlen($_POST['ext_username']) < 3)
{ {
$ext_username = ""; $_POST['ext_username'] = "";
retry("new", "Username must be at least 3 characters"); retry("new", "Username must be at least 3 characters");
return; return;
} }
if(strlen($ext_password) < 5) if(strlen($_POST['ext_password']) < 5)
{ {
retry("new", "Password must be at least 5 characters"); retry("new", "Password must be at least 5 characters");
return; return;
} }
if($ext_password != $ext_password2) if($_POST['ext_password'] != $_POST['ext_password2'])
{ {
retry("new", "Passwords don't match"); retry("new", "Passwords don't match");
return; return;
} }
if(strlen($ext_realname) == 0) if(!isset($_POST['ext_realname']))
{ {
retry("new", "You don't have a Real name?"); retry("new", "You don't have a Real name?");
return; return;
} }
if(!ereg("^.+@.+\\..+$", $ext_email)) if(!ereg("^.+@.+\\..+$", $_POST['ext_email']))
{ {
$ext_email = ""; $_POST['ext_email'] = "";
retry("new", "Invalid email address"); retry("new", "Invalid email address");
return; return;
} }
$user = new User(); $user = new User();
if($user->exists($ext_username)) if($user->exists($_POST['ext_username']))
{ {
$ext_username = ""; $_POST['ext_username'] = "";
retry("new", "That username is already in use"); retry("new", "That username is already in use");
return; return;
} }
$result = $user->create($ext_username, $ext_password, $ext_realname, $ext_email); $result = $user->create($_POST['ext_username'], $_POST['ext_password'], $_POST['ext_realname'], $_POST['ext_email']);
if($result == null) if($result == null)
{ {
$user->login($ext_username, $ext_password); $user->login($_POST['ext_username'], $_POST['ext_password']);
addmsg("Account created! ($ext_username)", "green"); addmsg("Account created! (".$_POST['ext_username'].")", "green");
redirect(apidb_fullurl()); redirect(apidb_fullurl());
} }
else else
@@ -129,11 +128,9 @@ function cmd_do_new()
//email lost password //email lost password
function cmd_send_passwd() function cmd_send_passwd()
{ {
global $ext_username;
$user = new User(); $user = new User();
$userid = $user->lookup_userid($ext_username); $userid = $user->lookup_userid($_POST['ext_username']);
$passwd = generate_passwd(); $passwd = generate_passwd();
if ($userid) if ($userid)
@@ -163,7 +160,7 @@ function cmd_send_passwd()
} }
else else
{ {
addmsg("Sorry, that username [$ext_username] does not exist.", "red"); addmsg("Sorry, that username (".$_POST['ext_username'].") does not exist.", "red");
} }
redirect(apidb_fullurl("account.php?cmd=login")); redirect(apidb_fullurl("account.php?cmd=login"));
@@ -172,24 +169,20 @@ function cmd_send_passwd()
//on login handler //on login handler
function cmd_do_login() function cmd_do_login()
{ {
global $ext_username, $ext_password;
global $ext_referer;
global $current;
$user = new User(); $user = new User();
$result = $user->login($ext_username, $ext_password); $result = $user->login($_POST['ext_username'], $_POST['ext_password']);
if($result == null) if($result == null)
{ {
$current = $user; $_SESSION['current'] = $user;
addmsg("You are successfully logged in as '$user->username'.", "green"); addmsg("You are successfully logged in as '$user->username'.", "green");
redirect(apidb_fullurl("index.php")); redirect(apidb_fullurl("index.php"));
} }
else else
{ {
retry("login","Login failed ($result)"); retry("login","Login failed ($result)");
$current = 0; $_SESSION['current'] = "";
} }
} }
?> ?>

10
addcomment.php
View File

@@ -4,7 +4,7 @@ include("path.php");
require(BASE."include/"."incl.php"); require(BASE."include/"."incl.php");
require(BASE."include/"."application.php"); require(BASE."include/"."application.php");
global $current;
if(!$appId) { if(!$appId) {
errorpage('Internal Database Access Error'); errorpage('Internal Database Access Error');
@@ -33,7 +33,7 @@ if($body)
$body1 = mysql_escape_string($body); $body1 = mysql_escape_string($body);
// get current userid // get current userid
$userId = (loggedin()) ? $current->userid : 0; $userId = (loggedin()) ? $_SESSION['current']->userid : 0;
$result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, $thread, ". $result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, $thread, ".
"$appId, $versionId, $userId, '$hostname', '$subject', ". "$appId, $versionId, $userId, '$hostname', '$subject', ".
@@ -53,7 +53,7 @@ if($body)
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
$ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n"; $ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($current->username ? $current->username : "Anonymous")." added comment to ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." added comment to ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= "Subject: ".$subject."\n"; $ms .= "Subject: ".$subject."\n";
$ms .= "\n"; $ms .= "\n";
@@ -74,7 +74,7 @@ if($body)
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
$ms = APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n"; $ms = APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($current->username ? $current->username : "Anonymous")." added comment to ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." added comment to ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= "Subject: ".$subject."\n"; $ms .= "Subject: ".$subject."\n";
$ms .= "\n"; $ms .= "\n";
@@ -121,7 +121,7 @@ else
echo '<table width="100%" border=0 cellpadding=0 cellspacing=1>',"\n"; echo '<table width="100%" border=0 cellpadding=0 cellspacing=1>',"\n";
echo "<tr bgcolor=#E0E0E0><td align=right><b>From:</b>&nbsp;</td>\n"; echo "<tr bgcolor=#E0E0E0><td align=right><b>From:</b>&nbsp;</td>\n";
echo " <td>&nbsp;". ($current->username ? $current->username : "Anonymous") ." </td></tr>\n"; echo " <td>&nbsp;". ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous") ." </td></tr>\n";
echo "<tr bgcolor=#E0E0E0><td align=right><b>Subject:</b>&nbsp;</td>\n"; echo "<tr bgcolor=#E0E0E0><td align=right><b>Subject:</b>&nbsp;</td>\n";
echo " <td>&nbsp;<input type=text size=35 name=subject value='$subject'> </td></tr>\n"; echo " <td>&nbsp;<input type=text size=35 name=subject value='$subject'> </td></tr>\n";
echo "<tr bgcolor=#C0C0C0><td colspan=2><textarea name=body cols=70 rows=15 wrap=virtual>$body</textarea></td></tr>\n"; echo "<tr bgcolor=#C0C0C0><td colspan=2><textarea name=body cols=70 rows=15 wrap=virtual>$body</textarea></td></tr>\n";

2
admin/addAppNote.php
View File

@@ -40,7 +40,7 @@ if($sub == "Submit")
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
$ms = APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n"; $ms = APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($current->username ? $current->username : "Anonymous")." added note to ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." added note to ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= "title: ".$noteTitle."\n"; $ms .= "title: ".$noteTitle."\n";
$ms .= "\n"; $ms .= "\n";

102
admin/adminAppQueue.php
View File

@@ -20,12 +20,12 @@ else if (!havepriv("admin"))
} }
if ($sub) if ($_REQUEST['sub'])
{ {
if ($queueId) if ($_REQUEST['queueId'])
{ {
//get data //get data
$query = "SELECT * from appQueue where queueId = $queueId;"; $query = "SELECT * from appQueue where queueId = ".$_REQUEST['queueId'].";";
$result = mysql_query($query); $result = mysql_query($query);
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
mysql_free_result($result); mysql_free_result($result);
@@ -39,14 +39,14 @@ if ($sub)
} }
//process according to sub flag //process according to sub flag
if ($sub == 'view' && $queueId) if ($_REQUEST['sub'] == 'view' && $_REQUEST['queueId'])
{ {
$x = new TableVE("view"); $x = new TableVE("view");
apidb_header("Admin App Queue"); apidb_header("Admin App Queue");
echo '<form name="qform" action="adminAppQueue.php" method="post" enctype="multipart/form-data">',"\n"; echo '<form name="qform" action="adminAppQueue.php" method="post" enctype="multipart/form-data">',"\n";
echo '<input type=hidden name="sub" value="add">',"\n"; echo '<input type=hidden name="sub" value="add">',"\n";
echo '<input type=hidden name="queueId" value="'.$queueId.'">',"\n"; echo '<input type=hidden name="queueId" value="'.$_REQUEST['queueId'].'">',"\n";
If ($ob->queueCatId == -1) //app version If ($ob->queueCatId == -1) //app version
{ {
@@ -160,7 +160,7 @@ if ($sub)
$checkvendor = $ob2->vendorId; $checkvendor = $ob2->vendorId;
} }
} }
if(checkvendor) if($checkvendor)
{ {
$ob->queueVendor = ''; $ob->queueVendor = '';
@@ -206,50 +206,50 @@ if ($sub)
echo html_frame_end("&nbsp;"); echo html_frame_end("&nbsp;");
echo html_back_link(1,'adminAppQueue.php'); echo html_back_link(1,'adminAppQueue.php');
} }
else if ($sub == 'add' && $queueId) else if ($_REQUEST['sub'] == 'add' && $_REQUEST['queueId'])
{ {
//add item to main db //add item to main db
$statusMessage = ""; $statusMessage = "";
$goodtogo = 0; $goodtogo = 0;
if ($type == 'app') if ($_REQUEST['type'] == 'app')
{ {
//process as application family //process as application family
if ($altvendor == 0 && $queueVendor) if ($_REQUEST['altvendor'] == 0 && $_REQUEST['queueVendor'])
{ {
//add new vendor //add new vendor
mysql_query("INSERT into vendor VALUES (null, '".addslashes($queueVendor)."', '');"); mysql_query("INSERT into vendor VALUES (null, '".addslashes($_REQUEST['queueVendor'])."', '');");
$altvendor = mysql_insert_id(); $_REQUEST['altvendor'] = mysql_insert_id();
} }
$query = "INSERT into appFamily VALUES (null, '". $query = "INSERT into appFamily VALUES (null, '".
addslashes($queueName)."', $altvendor, '', '". addslashes($_REQUEST['queueName'])."', ".$_REQUEST['altvendor'].", '', '".
addslashes($queueDesc)."', '". addslashes($_REQUEST['queueDesc'])."', '".
addslashes($queueURL)."', $cat);"; addslashes($_REQUEST['queueURL'])."', ".$_REQUEST['cat'].");";
if (mysql_query($query)) if (mysql_query($query))
{ {
//get the id of the app just added //get the id of the app just added
$appParent = mysql_insert_id(); $_REQUEST['appParent'] = mysql_insert_id();
//delete queue item //delete queue item
mysql_query("DELETE from appQueue where queueId = $queueId;"); mysql_query("DELETE from appQueue where queueId = ".$_REQUEST['queueId'].";");
//set ver if not set //set ver if not set
if (!$queueVersion) if (!$_REQUEST['queueVersion'])
$queueVersion = '1.0'; $_REQUEST['queueVersion'] = '1.0';
if (!$queueDesc) if (!$_REQUEST['queueDesc'])
$queueDesc = 'released version'; $_REQUEST['queueDesc'] = 'released version';
$verQuery = "INSERT into appVersion VALUES (null, $appParent, '". $verQuery = "INSERT into appVersion VALUES (null, ".$_REQUEST['appParent'].", '".
addslashes($queueVersion)."', '', '". addslashes($_REQUEST['queueVersion'])."', '', '".
addslashes($queueDesc)."', '". addslashes($_REQUEST['queueDesc'])."', '".
addslashes($queueURL)."', 0.0, 0.0);"; addslashes($_REQUEST['queueURL'])."', 0.0, 0.0);";
//Now add a version //Now add a version
if (mysql_query($verQuery)) if (mysql_query($verQuery))
{ {
//successful //successful
$appVersion = mysql_insert_id(); $_REQUEST['appVersion'] = mysql_insert_id();
addmsg("The application $queueName was successfully added into the database", "green"); addmsg("The application ".$_REQUEST['queueName']." was successfully added into the database", "green");
$goodtogo = 1; $goodtogo = 1;
} }
else else
@@ -268,23 +268,23 @@ if ($sub)
addmsg($statusMessage, "red"); addmsg($statusMessage, "red");
} }
} }
else if ($type == 'ver') else if ($_REQUEST['type'] == 'ver')
{ {
//process as application version //process as application version
if ($appParent) if ($_REQUEST['appParent'])
{ {
$query = "INSERT into appVersion VALUES (null, $appParent, '". $query = "INSERT into appVersion VALUES (null, ".$_REQUEST['appParent'].", '".
addslashes($queueVersion)."', '', '". addslashes($_REQUEST['queueVersion'])."', '', '".
addslashes($queueDesc)."', '". addslashes($_REQUEST['queueDesc'])."', '".
addslashes($queueURL)."', 0.0, 0.0);"; addslashes($_REQUEST['queueURL'])."', 0.0, 0.0);";
if (mysql_query($query)) if (mysql_query($query))
{ {
//successful //successful
$appVersion = mysql_insert_id(); $_REQUEST['appVersion'] = mysql_insert_id();
$statusMessage = "<p>The application $queueName was successfully added into the database</p>\n"; $statusMessage = "<p>The application ".$_REQUEST['queueName']." was successfully added into the database</p>\n";
addmsg($statusMessage,Green); addmsg($statusMessage,"Green");
mysql_query("DELETE from appQueue where queueId = $queueId;"); mysql_query("DELETE from appQueue where queueId = ".$_REQUEST['queueId'].";");
$goodtogo = 1; $goodtogo = 1;
} }
@@ -292,13 +292,13 @@ if ($sub)
{ {
//error //error
$statusMessage = "<p><b>Database Error!<br>".mysql_error()."</b></p>\n"; $statusMessage = "<p><b>Database Error!<br>".mysql_error()."</b></p>\n";
addmsg($statusMessage,red); addmsg($statusMessage,"red");
} }
} }
else else
{ {
addmsg("You did not pick an application Parent!",red); addmsg("You did not pick an application Parent!",red);
redirect(apidb_fullurl("admin/adminAppQueue.php?cat=view&queueId=$queueId")); redirect(apidb_fullurl("admin/adminAppQueue.php?cat=view&queueId=".$_REQUEST['queueId']));
exit; exit;
} }
@@ -308,13 +308,13 @@ if ($sub)
//Send Status Email //Send Status Email
if ($ob->queueEmail && $goodtogo) if ($ob->queueEmail && $goodtogo)
{ {
$fullAppName = lookupAppName($appParent)." Version: ".lookupVersionName($appParent, $appVersion); $fullAppName = lookupAppName($_REQUEST['appParent'])." Version: ".lookupVersionName($_REQUEST['appParent'], $_REQUEST['appVersion']);
$ms = "Application Database Status Report\n"; $ms = "Application Database Status Report\n";
$ms .= "----------------------------------\n\n"; $ms .= "----------------------------------\n\n";
$ms .= "Your application: ".$fullAppName." has been entered "; $ms .= "Your application: ".$fullAppName." has been entered ";
$ms .= "into the application database.\n\n"; $ms .= "into the application database.\n\n";
$ms .= APPDB_ROOT."appview.php?appId=$appParent&versionId=$appVersion"."\n\n"; $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appParent']."&versionId=".$_REQUEST['appVersion']."\n\n";
$ms .= "Thanks!\n\n"; $ms .= "Thanks!\n\n";
$ms .= $emailtext; $ms .= $emailtext;
@@ -322,12 +322,12 @@ if ($sub)
} }
if ($goodtogo) if ($goodtogo)
{ {
$email = getNotifyEmailAddressList($appParent, $appVersion); $email = getNotifyEmailAddressList($_REQUEST['appParent'], $_REQUEST['appVersion']);
if($email) if($email)
{ {
$fullAppName = "Application: ".lookupAppName($appParent). $fullAppName = "Application: ".lookupAppName($_REQUEST['appParent']).
" Version: ".lookupVersionName($appParent, $appVersion); " Version: ".lookupVersionName($_REQUEST['appParent'], $_REQUEST['appVersion']);
$ms = APPDB_ROOT."appview.php?appId=$appParent&versionId=$appVersion"."\n\n"; $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appParent']."&versionId=".$_REQUEST['appVersion']."\n\n";
$ms .= "New Application added to database:\n\n"; $ms .= "New Application added to database:\n\n";
$ms .= $fullAppName."\n\n"; $ms .= $fullAppName."\n\n";
$ms .= STANDARD_NOTIFY_FOOTER; $ms .= STANDARD_NOTIFY_FOOTER;
@@ -338,24 +338,24 @@ if ($sub)
{ {
$email = "no one"; $email = "no one";
} }
addmsg("mesage sent to: ".$email, green); addmsg("mesage sent to: ".$email, "green");
} }
//done //done
addmsg("<a href=".apidb_fullurl("appview.php")."?appId=".$appParent."&versionId=".$appVersion.">Veiw App</a>", "green"); addmsg("<a href=".apidb_fullurl("appview.php")."?appId=".$_REQUEST['appParent']."&versionId=".$_REQUEST['appVersion'].">Veiw App</a>", "green");
redirect(apidb_fullurl("admin/adminAppQueue.php")); redirect(apidb_fullurl("admin/adminAppQueue.php"));
exit; exit;
} }
else if ($sub == 'Delete' && $queueId) else if ($_REQUEST['sub'] == 'Delete' && $_REQUEST['queueId'])
{ {
//delete main item //delete main item
$query = "DELETE from appQueue where queueId = $queueId;"; $query = "DELETE from appQueue where queueId = ".$_REQUEST['queueId'].";";
$result = mysql_query($query); $result = mysql_query($query);
if(!$result) if(!$result)
{ {
//error //error
addmsg("Internal Error: unable to delete selected application!", "red"); addmsg("Internal Error: unable to delete selected application!", "red");
redirect(apidb_fullurl("admin/adminAppQueue.php?appId=$appId&versionId=$versionId")); redirect(apidb_fullurl("admin/adminAppQueue.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
else else
{ {
@@ -364,7 +364,7 @@ if ($sub)
{ {
if($ob->queueCatId == -1) //app version if($ob->queueCatId == -1) //app version
{ {
$fullAppName = lookupAppName($appParent)." Version: ".$ob->queueVersion; $fullAppName = lookupAppName($_REQUEST['appParent'])." Version: ".$ob->queueVersion;
} else } else
{ {
$fullAppName = $ob->queueName." Version: ".$ob->queueVersion; $fullAppName = $ob->queueName." Version: ".$ob->queueVersion;
@@ -381,7 +381,7 @@ if ($sub)
} }
//success //success
addmsg("Application was successfully deleted from the Queue.", "green"); addmsg("Application was successfully deleted from the Queue.", "green");
redirect(apidb_fullurl("admin/adminAppQueue.php?appId=$appId&versionId=$versionId")); redirect(apidb_fullurl("admin/adminAppQueue.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
} }
else else

9
appbrowse.php
View File

@@ -11,7 +11,8 @@ require(BASE."include/"."category.php");
function admin_menu() function admin_menu()
{ {
global $catId; if(isset($_REQUEST['catId'])) $catId=$_REQUEST['catId'];
else $catId="";
$m = new htmlmenu("Admin"); $m = new htmlmenu("Admin");
$m->add("Edit this Category", $apidb_root."admin/editCategory.php?catId=$catId"); $m->add("Edit this Category", $apidb_root."admin/editCategory.php?catId=$catId");
@@ -22,10 +23,8 @@ function admin_menu()
$m->done(); $m->done();
} }
$catId = $_REQUEST['catId']; if(isset($_REQUEST['catId'])) $catId=$_REQUEST['catId'];
else $catId=0; // ROOT
if(!$catId)
$catId = 0; // ROOT
if( !is_numeric($catId) ) if( !is_numeric($catId) )
{ {

2
deletecomment.php
View File

@@ -67,7 +67,7 @@ if($email)
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
$ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId\n"; $ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($current->username ? $current->username : "Anonymous")." deleted comment from ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." deleted comment from ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= "Subject: ".$subject."\n"; $ms .= "Subject: ".$subject."\n";
$ms .= "\n"; $ms .= "\n";

7
include/comments.php
View File

@@ -217,7 +217,6 @@ function display_comments_flat($appId, $versionId)
function view_app_comments($appId, $versionId, $threadId = 0) function view_app_comments($appId, $versionId, $threadId = 0)
{ {
global $current;
global $cmode; global $cmode;
// count posts // count posts
@@ -235,9 +234,9 @@ function view_app_comments($appId, $versionId, $threadId = 0)
{ {
//FIXME we need to change this so not logged in users can change current view as well //FIXME we need to change this so not logged in users can change current view as well
if ($cmode) if ($cmode)
$current->setpref("comments:mode", $cmode); $_SESSION[current]->setpref("comments:mode", $cmode);
$sel[$current->getpref("comments:mode")] = 'selected'; $sel[$_SESSION['current']->getpref("comments:mode")] = 'selected';
echo '<td><form method=get name=smode action="appview.php">',"\n"; echo '<td><form method=get name=smode action="appview.php">',"\n";
echo "<b>Application Comments</b> $messageCount total comments "; echo "<b>Application Comments</b> $messageCount total comments ";
echo '<b>Mode</b> <select name="cmode" onchange="document.smode.submit();">',"\n"; echo '<b>Mode</b> <select name="cmode" onchange="document.smode.submit();">',"\n";
@@ -268,7 +267,7 @@ function view_app_comments($appId, $versionId, $threadId = 0)
//hide or display depending on pref //hide or display depending on pref
if (loggedin()) if (loggedin())
$mode = $current->getpref("comments:mode"); $mode = $_SESSION['current']->getpref("comments:mode");
else else
$mode = "flat"; $mode = "flat";

6
include/form_edit.php
View File

@@ -11,7 +11,7 @@
<tr> <tr>
<td> &nbsp; User Name </td> <td> &nbsp; User Name </td>
<td> <b> <?=$ext_username?> </b> </td> <td> <b> <?=$ext_username;?> </b> </td>
</tr> </tr>
<tr> <tr>
<td> &nbsp; Password </td> <td> &nbsp; Password </td>
@@ -23,11 +23,11 @@
</tr> </tr>
<tr> <tr>
<td> &nbsp; Real Name </td> <td> &nbsp; Real Name </td>
<td> <input type="text" name="ext_realname" value="<?=$ext_realname?>"> </td> <td> <input type="text" name="ext_realname" value="<?=$ext_realname;?>"> </td>
</tr> </tr>
<tr> <tr>
<td> &nbsp; Email Address </td> <td> &nbsp; Email Address </td>
<td> <input type="text" name="ext_email" value="<?=$ext_email?>"> </td> <td> <input type="text" name="ext_email" value="<?=$ext_email;?>"> </td>
</tr> </tr>
<tr> <tr>
<td colspan=2>&nbsp;</td> <td colspan=2>&nbsp;</td>

4
include/form_login.php
View File

@@ -24,7 +24,7 @@ function cmd_send_passwd() {
<table border="0" width="100%" cellspacing=0 cellpadding="10"> <table border="0" width="100%" cellspacing=0 cellpadding="10">
<tr> <tr>
<td class=color1> User Name </td> <td class=color1> User Name </td>
<td class=color0> <input type="text" name="ext_username" value='<?=$ext_username?>'> </td> <td class=color0> <input type="text" name="ext_username" value='<?if(isset($_POST['ext_username'])) echo $_POST['ext_username']?>'> </td>
</tr> </tr>
<tr> <tr>
<td class=color1> Password </td> <td class=color1> Password </td>
@@ -43,7 +43,7 @@ function cmd_send_passwd() {
echo html_frame_end("&nbsp;"); echo html_frame_end("&nbsp;");
echo '<input type="hidden" name="cmd" value="do_login">',"\n"; echo '<input type="hidden" name="cmd" value="do_login">',"\n";
echo '<input type="hidden" name="ext_referer" value="'.$HTTP_REFERER.'">',"\n"; echo '<input type="hidden" name="ext_referer" value="'.$_SERVER['HTTP_REFERER'].'">',"\n";
echo '</form>',"\n"; echo '</form>',"\n";
?> ?>

6
include/form_new.php
View File

@@ -15,7 +15,7 @@ echo html_frame_start("Create New Application DB Account","400","",0)
<table border=0 width="100%" cellspacing=0 cellpadding=20> <table border=0 width="100%" cellspacing=0 cellpadding=20>
<tr> <tr>
<td class=color1> User Name </td> <td class=color1> User Name </td>
<td class=color0> <input type="text" name="ext_username" value='<?=$ext_username?>'> </td> <td class=color0> <input type="text" name="ext_username" value='<?if(isset($_POST['ext_username'])) echo $_POST['ext_username']?>'> </td>
</tr> </tr>
<tr> <tr>
<td class=color1> Password </td> <td class=color1> Password </td>
@@ -27,11 +27,11 @@ echo html_frame_start("Create New Application DB Account","400","",0)
</tr> </tr>
<tr> <tr>
<td class=color1> Real Name </td> <td class=color1> Real Name </td>
<td class=color0> <input type="text" name="ext_realname" value='<?=$ext_realname?>'> </td> <td class=color0> <input type="text" name="ext_realname" value='<?if(isset($_POST['ext_realname'])) echo $_POST['ext_realname']?>'> </td>
</tr> </tr>
<tr> <tr>
<td class=color1> Email Address </td> <td class=color1> Email Address </td>
<td class=color0> <input type="text" name="ext_email" value='<?=$ext_email?>'> </td> <td class=color0> <input type="text" name="ext_email" value='<?if(isset($_POST['ext_email'])) echo $_POST['ext_email']?>'> </td>
</tr> </tr>
<tr> <tr>

2
include/html.php
View File

@@ -197,7 +197,7 @@ function html_frame_start($title = "", $width = "", $extra = "", $innerPad = 5)
if ($width) { $width = 'width="'.$width.'"'; } if ($width) { $width = 'width="'.$width.'"'; }
$str .= '<table '.$width.' border=0 cellpadding=0 cellspacing=0 align=center>'."\n"; $str = '<table '.$width.' border=0 cellpadding=0 cellspacing=0 align=center>'."\n";
if ($title) if ($title)
{ {

10
include/incl.php
View File

@@ -6,7 +6,6 @@
*/ */
//set global path //set global path
global $apidb_root;
$apidb_root = BASE; $apidb_root = BASE;
//get modules //get modules
@@ -60,9 +59,9 @@ function apidb_fullpath($path)
*/ */
function apidb_header($title = 0) function apidb_header($title = 0)
{ {
global $apidb_root, $current; global $apidb_root;
$username = $current->username; $username = isset($_SESSION['current'])?$_SESSION['current']->username:"";
// Set Page Title // Set Page Title
$page_title = $title; $page_title = $title;
@@ -97,7 +96,6 @@ function apidb_header($title = 0)
function apidb_footer() function apidb_footer()
{ {
global $apidb_root; global $apidb_root;
global $current;
echo html_frame_end(); echo html_frame_end();
@@ -105,7 +103,7 @@ function apidb_footer()
echo "<br></td></tr></table>\n"; echo "<br></td></tr></table>\n";
// Display Footer // Display Footer
if(!$header_disabled) if(!isset($header_disabled))
include(BASE."include/"."footer.php"); include(BASE."include/"."footer.php");
} }
@@ -202,7 +200,6 @@ function redirectref($url = null)
*/ */
function addmsg($text, $color = "black") function addmsg($text, $color = "black")
{ {
global $current;
global $PHPSESSID; global $PHPSESSID;
if($color) if($color)
@@ -220,7 +217,6 @@ function addmsg($text, $color = "black")
*/ */
function dumpmsgbuffer() function dumpmsgbuffer()
{ {
global $current;
global $PHPSESSID; global $PHPSESSID;
$result = mysql_query("SELECT * FROM sessionMessages WHERE sessionId = '$PHPSESSID'"); $result = mysql_query("SELECT * FROM sessionMessages WHERE sessionId = '$PHPSESSID'");

13
include/rating.php
View File

@@ -15,12 +15,11 @@
*/ */
function rating_current_for_user($versionId, $system) function rating_current_for_user($versionId, $system)
{ {
global $current;
if(!loggedin()) if(!loggedin())
return 0; return 0;
$userId = $current->userid; $userId = $_SESSION['current']->userid;
$result = mysql_query("SELECT score FROM appRating WHERE versionId = $versionId AND system = '$system' AND userId = $userId"); $result = mysql_query("SELECT score FROM appRating WHERE versionId = $versionId AND system = '$system' AND userId = $userId");
if(!$result) if(!$result)
@@ -38,7 +37,6 @@ function rating_current_for_user($versionId, $system)
*/ */
function rating_menu() function rating_menu()
{ {
global $versionId;
global $apidb_root; global $apidb_root;
$s = '<img src="'.$apidb_root.'images/s1.gif" border=0 alt="s1">'; $s = '<img src="'.$apidb_root.'images/s1.gif" border=0 alt="s1">';
@@ -46,8 +44,8 @@ function rating_menu()
$j = new htmlmenu("Compatibility Rating","updaterating.php"); $j = new htmlmenu("Compatibility Rating","updaterating.php");
$r_win = rating_current_for_user($versionId, "windows"); $r_win = rating_current_for_user($_REQUEST['versionId'], "windows");
$r_fake = rating_current_for_user($versionId, "fake"); $r_fake = rating_current_for_user($_REQUEST['versionId'], "fake");
$wchk = array('checked',' ',' ',' ',' ',' '); $wchk = array('checked',' ',' ',' ',' ',' ');
$fchk = array('checked',' ',' ',' ',' ',' '); $fchk = array('checked',' ',' ',' ',' ',' ');
@@ -78,7 +76,7 @@ function rating_menu()
$j->addmisc("<input type=submit value=' Rate it! ' class=ratebutton>","center"); $j->addmisc("<input type=submit value=' Rate it! ' class=ratebutton>","center");
$j->addmisc("<input type=hidden name=versionId value=$versionId>"); $j->addmisc("<input type=hidden name=versionId value=".$_REQUEST['versionId'].">");
$j->add("Rating Help", $apidb_root."help/?topic=ratings"); $j->add("Rating Help", $apidb_root."help/?topic=ratings");
@@ -161,7 +159,6 @@ function rating_stars_for_version($versionId, $system)
*/ */
function rating_update($vars) function rating_update($vars)
{ {
global $current;
if(!loggedin()) if(!loggedin())
{ {
@@ -169,7 +166,7 @@ function rating_update($vars)
return; return;
} }
$userId = $current->userid; $userId = $_SESSION[current]->userid;
$versionId = $vars["versionId"]; $versionId = $vars["versionId"];
$score_w = $vars["score_w"]; $score_w = $vars["score_w"];
$score_f = $vars["score_f"]; $score_f = $vars["score_f"];

2
include/sidebar.php
View File

@@ -33,7 +33,7 @@ function global_sidebar_menu() {
function app_search_box($q = '') function app_search_box($q = '')
{ {
global $apidb_root; global $apidb_root;
$str .= '<form method="get" action="'.$apidb_root.'search.php">'."\n"; $str = '<form method="get" action="'.$apidb_root.'search.php">'."\n";
$str .= "<input type=text name=q value='$q' size=8 class=searchfield>"; $str .= "<input type=text name=q value='$q' size=8 class=searchfield>";
$str .= "<input type=submit value='Search' class=searchbutton>\n"; $str .= "<input type=submit value='Search' class=searchbutton>\n";
$str .= "</form>\n"; $str .= "</form>\n";

3
include/sidebar_login.php
View File

@@ -16,14 +16,13 @@ function global_sidebar_login() {
if(loggedin()) if(loggedin())
{ {
global $current;
$g->add("Logout", $apidb_root."account.php?cmd=logout"); $g->add("Logout", $apidb_root."account.php?cmd=logout");
$g->add("Preferences", $apidb_root."preferences.php"); $g->add("Preferences", $apidb_root."preferences.php");
/* if this user maintains any applications list them */ /* if this user maintains any applications list them */
/* in their sidebar */ /* in their sidebar */
$apps_user_maintains = getAppsFromUserId($current->userid); $apps_user_maintains = getAppsFromUserId($_SESSION['current']->userid);
if($apps_user_maintains) if($apps_user_maintains)
{ {
$g->addmisc(""); $g->addmisc("");

5
include/tableve.php
View File

@@ -193,7 +193,7 @@ class TableVE {
{ {
$result = mysql_query("SELECT $idField, $nameField FROM $table $where ORDER BY $nameField"); $result = mysql_query("SELECT $idField, $nameField FROM $table $where ORDER BY $nameField");
if(!result) if(!$result)
return; // Oops return; // Oops
echo "<select name='$varname'>\n"; echo "<select name='$varname'>\n";
@@ -396,7 +396,6 @@ class TableVE {
*/ */
function update($vars) function update($vars)
{ {
global $current;
$tables = array(); $tables = array();
$fieldnames = array(); $fieldnames = array();
@@ -474,7 +473,7 @@ class TableVE {
if(ereg("^impl_.+$", $table)) if(ereg("^impl_.+$", $table))
{ {
$value = $fieldnames["apiid"][$i]; $value = $fieldnames["apiid"][$i];
mysql_query("UPDATE $table SET lastmodby = $current->userid WHERE apiid = $value"); mysql_query("UPDATE $table SET lastmodby = ".$_SESSION['current']->userid." WHERE apiid = $value");
} }
} }
} }

5
include/user.php
View File

@@ -222,7 +222,6 @@ class User {
*/ */
function is_maintainer($appId, $versionId) function is_maintainer($appId, $versionId)
{ {
global $current;
if(!loggedin() || !$this->userid) if(!loggedin() || !$this->userid)
return false; return false;
@@ -297,9 +296,7 @@ class User {
function loggedin() function loggedin()
{ {
global $current; if(isset($_SESSION['current']) && $_SESSION['current']->userid)
if($current && $current->userid)
return true; return true;
return false; return false;

8
include/util.php
View File

@@ -214,6 +214,14 @@ function getNumberOfVersions()
return $row->num_versions; return $row->num_versions;
} }
/* Get the number of maintainers in the database */
function getNumberOfMaintainers()
{
$result = mysql_query("SELECT count(maintainerId ) as num_maintainers FROM appMaintainers;");
$row = mysql_fetch_object($result);
return $row->num_maintainers;
}
/* Get the number of app familes in the database */ /* Get the number of app familes in the database */
function getNumberOfAppFamilies() function getNumberOfAppFamilies()
{ {

22
include/vote.php
View File

@@ -9,12 +9,11 @@
*/ */
function vote_count($appId, $userId = null) function vote_count($appId, $userId = null)
{ {
global $current;
if(!$userId) if(!$userId)
{ {
if(loggedin()) if(loggedin())
$userId = $current->userid; $userId = $_SESSION['current']->userid;
else else
return 0; return 0;
} }
@@ -27,12 +26,10 @@ function vote_count($appId, $userId = null)
*/ */
function vote_count_user_total($userId = null) function vote_count_user_total($userId = null)
{ {
global $current;
if(!$userId) if(!$userId)
{ {
if(loggedin()) if(loggedin())
$userId = $current->userid; $userId = $_SESSION['current']->userid;
else else
return 0; return 0;
} }
@@ -57,13 +54,12 @@ function vote_count_app_total($appId)
*/ */
function vote_add($appId, $slot, $userId = null) function vote_add($appId, $slot, $userId = null)
{ {
global $current;
global $MAX_VOTES; global $MAX_VOTES;
if(!$userId) if(!$userId)
{ {
if(loggedin()) if(loggedin())
$userId = $current->userid; $userId = $_SESSION['current']->userid;
else else
return; return;
} }
@@ -80,12 +76,12 @@ function vote_add($appId, $slot, $userId = null)
*/ */
function vote_remove($appId, $slot, $userId = null) function vote_remove($appId, $slot, $userId = null)
{ {
global $current;
if(!$userId) if(!$userId)
{ {
if(loggedin()) if(loggedin())
$userId = $current->userid; $userId = $_SESSION['current']->userid;
else else
return; return;
} }
@@ -94,12 +90,12 @@ function vote_remove($appId, $slot, $userId = null)
function vote_get_user_votes($userId = null) function vote_get_user_votes($userId = null)
{ {
global $current;
if(!$userId) if(!$userId)
{ {
if(loggedin()) if(loggedin())
$userId = $current->userid; $userId = $_SESSION['current']->userid;
if(!$userId) if(!$userId)
return array(); return array();
} }
@@ -170,10 +166,10 @@ function dump($arr)
function vote_update($vars) function vote_update($vars)
{ {
global $current;
//FIXME this doesn't work since msgs only work when logged in //FIXME this doesn't work since msgs only work when logged in
if(!$current) if(!$_SESSION['current'])
{ {
addmsg("You must be logged in to vote", "red"); addmsg("You must be logged in to vote", "red");
return; return;

2
noteview.php
View File

@@ -33,7 +33,7 @@ if(!$result || mysql_num_rows($result) == 0)
} }
//display admin menu //display admin menu
if(loggedin() && (havepriv("admin") || $current->ownsApp($appId))) { if(loggedin() && (havepriv("admin") || $_SESSION['current']->ownsApp($appId))) {
apidb_sidebar_add("admin_menu"); apidb_sidebar_add("admin_menu");
} }

20
preferences.php
View File

@@ -11,8 +11,6 @@ if(!loggedin())
function build_prefs_list() function build_prefs_list()
{ {
global $current;
opendb(); opendb();
$result = mysql_query("SELECT * FROM prefs_list ORDER BY id"); $result = mysql_query("SELECT * FROM prefs_list ORDER BY id");
@@ -37,19 +35,19 @@ function build_prefs_list()
} }
$input = html_select("pref_$r->name", explode('|', $r->value_list), $input = html_select("pref_$r->name", explode('|', $r->value_list),
$current->getpref($r->name, $r->def_value)); $_SESSION['current']->getpref($r->name, $r->def_value));
echo html_tr(array("&nbsp; $r->description", $input)); echo html_tr(array("&nbsp; $r->description", $input));
} }
} }
function show_user_fields() function show_user_fields()
{ {
global $current;
$user = new User(); $user = new User();
$ext_username = $current->username; $ext_username = $_SESSION['current']->username;
$ext_realname = $user->lookup_realname($current->userid); $ext_realname = $user->lookup_realname($_SESSION['current']->userid);
$ext_email = $user->lookup_email($current->userid); $ext_email = $user->lookup_email($_SESSION['current']->userid);
include(BASE."include/"."form_edit.php"); include(BASE."include/"."form_edit.php");
} }
@@ -57,7 +55,7 @@ function show_user_fields()
if($HTTP_POST_VARS) if($HTTP_POST_VARS)
{ {
global $ext_username, $ext_password1, $ext_password2, $ext_realname, $ext_email; global $ext_username, $ext_password1, $ext_password2, $ext_realname, $ext_email;
global $current;
$user = new User(); $user = new User();
@@ -65,7 +63,7 @@ if($HTTP_POST_VARS)
{ {
if(!ereg("^pref_(.+)$", $key, $arr)) if(!ereg("^pref_(.+)$", $key, $arr))
continue; continue;
$current->setpref($arr[1], $value); $_SESSION['current']->setpref($arr[1], $value);
} }
if ($ext_password == $ext_password2) if ($ext_password == $ext_password2)
@@ -77,7 +75,7 @@ if($HTTP_POST_VARS)
addmsg("The Passwords you entered did not match.", "red"); addmsg("The Passwords you entered did not match.", "red");
} }
if ($user->update($current->userid, $passwd, $ext_realname, $ext_email)) if ($user->update($_SESSION['current']->userid, $passwd, $ext_realname, $ext_email))
{ {
addmsg("Preferences Updated", "green"); addmsg("Preferences Updated", "green");
} }
@@ -90,7 +88,7 @@ if($HTTP_POST_VARS)
apidb_header("User Preferences"); apidb_header("User Preferences");
echo "<form method=post action='preferences.php'>\n"; echo "<form method=post action='preferences.php'>\n";
echo html_frame_start("Preferences for $current->username", "80%"); echo html_frame_start("Preferences for ".$_SESSION['current']->username, "80%");
echo html_table_begin("width='100%' border=0 align=left cellspacing=0 class='box-body'"); echo html_table_begin("width='100%' border=0 align=left cellspacing=0 class='box-body'");
show_user_fields(); show_user_fields();

8
screenshots.php
View File

@@ -4,7 +4,7 @@ include("path.php");
require(BASE."include/"."incl.php"); require(BASE."include/"."incl.php");
require(BASE."include/"."application.php"); require(BASE."include/"."application.php");
global $current;
/*========================================================================= /*=========================================================================
* *
@@ -44,7 +44,7 @@ if($cmd)
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
$ms .= APPDB_ROOT."screenshots.php?appId=$appId&versionId=$versionId"."\n"; $ms .= APPDB_ROOT."screenshots.php?appId=$appId&versionId=$versionId"."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($current->username ? $current->username : "Anonymous")." added screenshot ".$screenshot_desc." to ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." added screenshot ".$screenshot_desc." to ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= STANDARD_NOTIFY_FOOTER; $ms .= STANDARD_NOTIFY_FOOTER;
@@ -79,7 +79,7 @@ if($cmd)
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
$ms .= APPDB_ROOT."screenshots.php?appId=$appId&versionId=$versionId"."\n"; $ms .= APPDB_ROOT."screenshots.php?appId=$appId&versionId=$versionId"."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($current->username ? $current->username : "Anonymous")." deleted screenshot from ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." deleted screenshot from ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= STANDARD_NOTIFY_FOOTER; $ms .= STANDARD_NOTIFY_FOOTER;
@@ -137,7 +137,7 @@ else
$img = '<a href="javascript:openWin(\'appimage.php?imageId='.$ob->id.'\',\''.$randName.'\','.$size[0].','.$size[1].');">'.$imgSRC.'</a>'; $img = '<a href="javascript:openWin(\'appimage.php?imageId='.$ob->id.'\',\''.$randName.'\','.$size[0].','.$size[1].');">'.$imgSRC.'</a>';
if (loggedin()) if (loggedin())
{ {
if ($current->getpref("window:screenshot") == "no") if ($_SESSION['current']->getpref("window:screenshot") == "no")
{ {
$img = '<a href="appimage.php?imageId='.$ob->id.'">'.$imgSRC.'</a>'; $img = '<a href="appimage.php?imageId='.$ob->id.'">'.$imgSRC.'</a>';
} }

2
search.php
View File

@@ -4,7 +4,7 @@ include("path.php");
require(BASE."include/"."incl.php"); require(BASE."include/"."incl.php");
require(BASE."include/"."application.php"); require(BASE."include/"."application.php");
$search = str_replace("'", "\\'", $q); $search = str_replace("'", "\\'", $_REQUEST['q']);
$search = "%$search%"; $search = "%$search%";
$query = "SELECT * FROM appFamily WHERE appName != 'NONAME' AND appName LIKE '$search' ORDER BY appName"; $query = "SELECT * FROM appFamily WHERE appName != 'NONAME' AND appName LIKE '$search' ORDER BY appName";

4
stdquery.php
View File

@@ -17,9 +17,9 @@ opendb();
if(loggedin()) if(loggedin())
{ {
if($current->getpref("query:hide_header") == "yes") if($_SESSION['current']->getpref("query:hide_header") == "yes")
disable_header(); disable_header();
if($current->getpref("query:hide_sidebar") == "yes") if($_SESSION['current']->getpref("query:hide_sidebar") == "yes")
disable_sidebar(); disable_sidebar();
} }