claunia/qemudb
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- replaced global vars with superglobals equivalent

Browse Source
This commit is contained in:
Jonathan Ernst
2004-12-14 02:35:16 +00:00
committed by WineHQ
parent 3ea3267f37
commit dd61058e60
2 changed files with 47 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
admin/adminMaintainerQueue.php
View File

@@ -23,15 +23,15 @@ if(!loggedin())
apidb_header("Admin Maintainer Queue"); apidb_header("Admin Maintainer Queue");
echo '<form name="qform" action="adminMaintainerQueue.php" method="post" enctype="multipart/form-data">',"\n"; echo '<form name="qform" action="adminMaintainerQueue.php" method="post" enctype="multipart/form-data">',"\n";
if ($sub) if ($_REQUEST['sub'])
{ {
if ($queueId) if ($_REQUEST['queueId'])
{ {
//get data //get data
$query = "SELECT queueId, appId, versionId,". $query = "SELECT queueId, appId, versionId,".
"userId, maintainReason, superMaintainer,". "userId, maintainReason, superMaintainer,".
"UNIX_TIMESTAMP(submitTime) as submitTime ". "UNIX_TIMESTAMP(submitTime) as submitTime ".
"FROM appMaintainerQueue WHERE queueId = $queueId;"; "FROM appMaintainerQueue WHERE queueId = ".$_REQUEST['queueId'].";";
$result = mysql_query($query); $result = mysql_query($query);
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
mysql_free_result($result); mysql_free_result($result);
@@ -45,7 +45,7 @@ if ($sub)
} }
//process according to which request was submitted and optionally the sub flag //process according to which request was submitted and optionally the sub flag
if (!$_REQUEST['add'] && !$_REQUEST['reject'] && $queueId) if (!$_REQUEST['add'] && !$_REQUEST['reject'] && $_REQUEST['queueId'])
{ {
$x = new TableVE("view"); $x = new TableVE("view");
@@ -155,20 +155,20 @@ if ($sub)
/* Add button */ /* Add button */
echo '<tr valign=top><td class=color3 align=center colspan=2>' ,"\n"; echo '<tr valign=top><td class=color3 align=center colspan=2>' ,"\n";
echo '<input type=submit name=add value=" Add maintainer to this application " class=button> </td></tr>',"\n"; echo '<input type=submit name=add value=" Add maintainer to this application " class=button /> </td></tr>',"\n";
/* Reject button */ /* Reject button */
echo '<tr valign=top><td class=color3 align=center colspan=2>' ,"\n"; echo '<tr valign=top><td class=color3 align=center colspan=2>' ,"\n";
echo '<input type=submit name=reject value=" Reject this request " class=button></td></tr>',"\n"; echo '<input type=submit name=reject value=" Reject this request " class=button /></td></tr>',"\n";
echo '</table>',"\n"; echo '</table>',"\n";
echo '<input type=hidden name="sub" value="inside_form">',"\n"; echo '<input type=hidden name="sub" value="inside_form" />',"\n";
echo '<input type=hidden name="queueId" value="'.$queueId.'">',"\n"; echo '<input type=hidden name="queueId" value="'.$_REQUEST['queueId'].'" />',"\n";
echo html_frame_end("&nbsp;"); echo html_frame_end("&nbsp;");
echo html_back_link(1,'adminMaintainerQueue.php'); echo html_back_link(1,'adminMaintainerQueue.php');
} }
else if ($_REQUEST['add'] && $queueId) else if ($_REQUEST['add'] && $_REQUEST['queueId'])
{ {
//add this user, app and version to the database //add this user, app and version to the database
$statusMessage = ""; $statusMessage = "";
@@ -187,7 +187,7 @@ if ($sub)
$statusMessage = "<p>The application was successfully added into the database</p>\n"; $statusMessage = "<p>The application was successfully added into the database</p>\n";
//delete the item from the queue //delete the item from the queue
mysql_query("DELETE from appMaintainerQueue where queueId = $queueId;"); mysql_query("DELETE from appMaintainerQueue where queueId = ".$_REQUEST['queueId'].";");
$goodtogo = 1; /* set to 1 so we send the response email */ $goodtogo = 1; /* set to 1 so we send the response email */
} else } else
@@ -215,7 +215,7 @@ if ($sub)
echo html_frame_end("&nbsp;"); echo html_frame_end("&nbsp;");
echo html_back_link(1,'adminMaintainerQueue.php'); echo html_back_link(1,'adminMaintainerQueue.php');
} }
else if (($_REQUEST['reject'] || ($sub == 'reject')) && $queueId) else if (($_REQUEST['reject'] || ($_REQUEST['sub'] == 'reject')) && $_REQUEST['queueId'])
{ {
if (lookupEmail($ob->userId)) if (lookupEmail($ob->userId))
{ {
@@ -230,7 +230,7 @@ if ($sub)
} }
//delete main item //delete main item
$query = "DELETE from appMaintainerQueue where queueId = $queueId;"; $query = "DELETE from appMaintainerQueue where queueId = ".$_REQUEST['queueId'].";";
$result = mysql_query($query); $result = mysql_query($query);
echo html_frame_start("Delete maintainer application",400,"",0); echo html_frame_start("Delete maintainer application",400,"",0);
if(!$result) if(!$result)

54
admin/editAppVersion.php
View File

@@ -9,20 +9,20 @@ require(BASE."include/"."application.php");
//check for admin privs //check for admin privs
if(!loggedin() || (!havepriv("admin") && !isMaintainer($appId, $versionId)) ) if(!loggedin() || (!havepriv("admin") && !isMaintainer($_REQUEST['appId'], $_REQUEST['versionId'])) )
{ {
errorpage("Insufficient Privileges!"); errorpage("Insufficient Privileges!");
exit; exit;
} }
if($HTTP_POST_VARS) if(isset($_REQUEST['submit1']))
{ {
if($submit1 == "Update Database") if($_REQUEST['submit1'] == "Update Database")
{ {
$statusMessage = ''; $statusMessage = '';
// Get the old values from the database // Get the old values from the database
$query = "SELECT * FROM appVersion WHERE appId = $appId and versionId = $versionId"; $query = "SELECT * FROM appVersion WHERE appId = ".$_REQUEST['appId']." and versionId = ".$_REQUEST['versionId'];
$result = mysql_query($query); $result = mysql_query($query);
$ob = mysql_fetch_object($result); $ob = mysql_fetch_object($result);
$old_versionName = $ob->versionName; $old_versionName = $ob->versionName;
@@ -30,9 +30,9 @@ if($HTTP_POST_VARS)
$old_description = $ob->description; $old_description = $ob->description;
$old_webPage = $ob->webPage; $old_webPage = $ob->webPage;
$versionName = addslashes($versionName); $versionName = addslashes($_REQUEST['versionName']);
$description = addslashes($description); $description = addslashes($_REQUEST['description']);
$webPage = addslashes($webPage); $webPage = addslashes($_REQUEST['webPage']);
$VersionChanged = false; $VersionChanged = false;
if ($old_versionName <> $versionName) if ($old_versionName <> $versionName)
{ {
@@ -40,7 +40,7 @@ if($HTTP_POST_VARS)
$WhatChanged .= " New Value: ".stripslashes($versionName)."\n"; $WhatChanged .= " New Value: ".stripslashes($versionName)."\n";
$VersionChanged = true; $VersionChanged = true;
} }
if ($old_keywords <> $keywords) if ($old_keywords <> $_REQUEST['keywords'])
{ {
$WhatChanged .= " Key Words: Old Value: ".stripslashes($old_keywords)."\n"; $WhatChanged .= " Key Words: Old Value: ".stripslashes($old_keywords)."\n";
$WhatChanged .= " New Value: ".stripslashes($keywords)."\n"; $WhatChanged .= " New Value: ".stripslashes($keywords)."\n";
@@ -68,18 +68,18 @@ if($HTTP_POST_VARS)
if ($VersionChanged) if ($VersionChanged)
{ {
$query = "UPDATE appVersion SET versionName = '".$versionName."', ". $query = "UPDATE appVersion SET versionName = '".$versionName."', ".
"keywords = '".$keywords."', ". "keywords = '".$_REQUEST['keywords']."', ".
"description = '".$description."', ". "description = '".$description."', ".
"webPage = '".$webPage."'". "webPage = '".$webPage."'".
" WHERE appId = $appId and versionId = $versionId"; " WHERE appId = ".$_REQUEST['appId']." and versionId = ".$_REQUEST['versionId'];
if (mysql_query($query)) if (mysql_query($query))
{ {
//success //success
$email = getNotifyEmailAddressList($appId, $versionId); $email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']);
if($email) if($email)
{ {
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId); $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']);
$ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n"; $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']."\n";
$ms .= "\n"; $ms .= "\n";
$ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." changed ".$fullAppName."\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." changed ".$fullAppName."\n";
$ms .= "\n"; $ms .= "\n";
@@ -96,20 +96,20 @@ if($HTTP_POST_VARS)
addmsg("mesage sent to: ".$email, green); addmsg("mesage sent to: ".$email, green);
addmsg("The Version was successfully updated in the database", "green"); addmsg("The Version was successfully updated in the database", "green");
redirect(apidb_fullurl("appview.php?appId=$appId&versionId=$versionId")); redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
else else
{ {
//error //error
$statusMessage = "<p><b>Database Error!<br>".mysql_error()."</b></p>\n"; $statusMessage = "<p><b>Database Error!<br />".mysql_error()."</b></p>\n";
addmsg($statusMessage, "red"); addmsg($statusMessage, "red");
redirect(apidb_fullurl("admin/editAppVersion.php?appId=$appId&versionId=$versionId")); redirect(apidb_fullurl("admin/editAppVersion.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
} else } else
{ {
addmsg("Nothing changed", "red"); addmsg("Nothing changed", "red");
redirect(apidb_fullurl("admin/editAppVersion.php?appId=$appId&versionId=$versionId")); redirect(apidb_fullurl("admin/editAppVersion.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId']));
} }
} }
exit; exit;
@@ -117,7 +117,7 @@ if($HTTP_POST_VARS)
{ {
$query = "SELECT versionName, keywords, ". $query = "SELECT versionName, keywords, ".
"description, webPage from appVersion WHERE ". "description, webPage from appVersion WHERE ".
"appId = '$appId' and versionId = '$versionId'"; "appId = '".$_REQUEST['appId']."' and versionId = '".$_REQUEST['versionId']."'";
if(debugging()) { echo "<p align=center><b>query:</b> $query </p>"; } if(debugging()) { echo "<p align=center><b>query:</b> $query </p>"; }
$result = mysql_query($query); $result = mysql_query($query);
@@ -126,20 +126,20 @@ if($HTTP_POST_VARS)
apidb_header("Edit Application Version"); apidb_header("Edit Application Version");
echo "<form method=post action='editAppVersion.php'>\n"; echo "<form method=post action='editAppVersion.php'>\n";
echo html_frame_start("Data for Application ID: $appId Version ID: $versionId", "90%","",0); echo html_frame_start("Data for Application ID: ".$_REQUEST['appId']." Version ID: ".$_REQUEST['versionId'], "90%","",0);
echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'"); echo html_table_begin("width='100%' border=0 align=left cellpadding=6 cellspacing=0 class='box-body'");
echo '<input type=hidden name="appId" value='.$appId.'>'; echo '<input type=hidden name="appId" value='.$_REQUEST['appId'].' />';
echo '<input type=hidden name="appId" value='.$appId.'>'; echo '<input type=hidden name="appId" value='.$_REQUEST['appId'].' />';
echo '<input type=hidden name="versionId" value='.$versionId.'>'; echo '<input type=hidden name="versionId" value='.$_REQUEST['versionId'].' />';
echo '<tr><td class=color1>Name</td><td class=color0>'.lookupAppName($appId).'</td></tr>',"\n"; echo '<tr><td class=color1>Name</td><td class=color0>'.lookupAppName($_REQUEST['appId']).'</td></tr>',"\n";
echo '<tr><td class=color4>Version</td><td class=color0><input size=80% type="text" name="versionName" type="text" value="'.$versionName.'"></td></tr>',"\n"; echo '<tr><td class=color4>Version</td><td class=color0><input size=80% type="text" name="versionName" type="text" value="'.$versionName.'" /></td></tr>',"\n";
echo '<tr><td class=color1>Keywords</td><td class=color0><input size=80% type="text" name="keywords" value="'.$keywords.'"></td></tr>',"\n"; echo '<tr><td class=color1>Keywords</td><td class=color0><input size=80% type="text" name="keywords" value="'.$keywords.'" /></td></tr>',"\n";
echo '<tr><td class=color4>Description</td><td class=color0>', "\n"; echo '<tr><td class=color4>Description</td><td class=color0>', "\n";
echo '<textarea cols=$80 rows=$30 name="description">'.stripslashes($description).'</textarea></td></tr>',"\n"; echo '<textarea cols=$80 rows=$30 name="description">'.stripslashes($description).'</textarea></td></tr>',"\n";
echo '<tr><td class=color1>Web Page</td><td class=color0><input size=80% type="text" name="webPage" value="'.$webPage.'"></td></tr>',"\n"; echo '<tr><td class=color1>Web Page</td><td class=color0><input size=80% type="text" name="webPage" value="'.$webPage.'" /></td></tr>',"\n";
echo '<tr><td colspan=2 align=center class=color3><input type="submit" name=submit1 value="Update Database"></td></tr>',"\n"; echo '<tr><td colspan=2 align=center class=color3><input type="submit" name=submit1 value="Update Database" /></td></tr>',"\n";
echo html_table_end(); echo html_table_end();
echo html_frame_end(); echo html_frame_end();