summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
Diffstat (limited to 'modules')
-rw-r--r--modules/aggregator.module2
-rw-r--r--modules/aggregator/aggregator.module2
-rw-r--r--modules/blog.module14
-rw-r--r--modules/blog/blog.module14
-rw-r--r--modules/book.module2
-rw-r--r--modules/book/book.module2
-rw-r--r--modules/comment.module8
-rw-r--r--modules/comment/comment.module8
-rw-r--r--modules/import.module2
-rw-r--r--modules/node.module25
-rw-r--r--modules/node/node.module25
-rw-r--r--modules/queue.module4
-rw-r--r--modules/rating.module10
-rw-r--r--modules/search.module9
-rw-r--r--modules/search/search.module9
-rw-r--r--modules/tracker.module4
-rw-r--r--modules/tracker/tracker.module4
-rw-r--r--modules/user.module77
-rw-r--r--modules/user/user.module77
-rw-r--r--modules/watchdog.module6
-rw-r--r--modules/watchdog/watchdog.module6
-rw-r--r--modules/weblogs.module2
22 files changed, 203 insertions, 109 deletions
diff --git a/modules/aggregator.module b/modules/aggregator.module
index d3d1af4ce..7798d1f5f 100644
--- a/modules/aggregator.module
+++ b/modules/aggregator.module
@@ -313,7 +313,7 @@ function import_get_bundle($bid) {
}
function import_view() {
- $result = db_query("SELECT f.*, COUNT(i.iid) AS items FROM feed f LEFT JOIN item i ON f.fid = i.fid GROUP BY f.fid ORDER BY f.title");
+ $result = db_query("SELECT f.*, COUNT(i.iid) AS items FROM feed f LEFT JOIN item i ON f.fid = i.fid GROUP BY f.fid, f.title, f.url, f.refresh, f.uncache, f.timestamp, f.attributes, f.link, f.description ORDER BY f.title");
$output .= "<h3>Feed overview</h3>";
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
diff --git a/modules/aggregator/aggregator.module b/modules/aggregator/aggregator.module
index d3d1af4ce..7798d1f5f 100644
--- a/modules/aggregator/aggregator.module
+++ b/modules/aggregator/aggregator.module
@@ -313,7 +313,7 @@ function import_get_bundle($bid) {
}
function import_view() {
- $result = db_query("SELECT f.*, COUNT(i.iid) AS items FROM feed f LEFT JOIN item i ON f.fid = i.fid GROUP BY f.fid ORDER BY f.title");
+ $result = db_query("SELECT f.*, COUNT(i.iid) AS items FROM feed f LEFT JOIN item i ON f.fid = i.fid GROUP BY f.fid, f.title, f.url, f.refresh, f.uncache, f.timestamp, f.attributes, f.link, f.description ORDER BY f.title");
$output .= "<h3>Feed overview</h3>";
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
diff --git a/modules/blog.module b/modules/blog.module
index 19e8b97e1..56d7bfa0c 100644
--- a/modules/blog.module
+++ b/modules/blog.module
@@ -15,7 +15,7 @@ function blog_help() {
}
function blog_cron() {
- $result = db_query("SELECT n.nid, n.timestamp, SUM(m.score) / COUNT(m.cid) AS score, COUNT(m.cid) AS votes FROM node n LEFT JOIN moderate m ON m.nid = n.nid WHERE n.type = 'blog' AND n.status = '". node_status("posted") ."' GROUP BY n.nid ORDER BY n.timestamp DESC LIMIT 30");
+ $result = db_query("SELECT n.nid, n.timestamp, SUM(m.score) / COUNT(m.cid) AS score, COUNT(m.cid) AS votes FROM node n LEFT JOIN moderate m ON m.nid = n.nid WHERE n.type = 'blog' AND n.status = '". node_status("posted") ."' GROUP BY n.nid, n.title, n.comment, n.timestamp, b.body, u.uid, u.name ORDER BY n.timestamp DESC LIMIT 30");
while ($node = db_fetch_object($result)) {
if ($node->score > 3 && $node->votes > 4) {
db_query("UPDATE node SET promote = '1' WHERE nid = '$node->nid'");
@@ -49,12 +49,14 @@ function blog_feed_user($uid = 0, $date = 0) {
$date = time();
}
- $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid WHERE u.uid = '$uid' AND n.timestamp > '". ($date - 2592000) ."' ORDER BY b.lid DESC LIMIT 15");
+ $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid WHERE u.uid = '$uid' AND n.timestamp > '". ($date - 2592000) ."' ORDER BY b.lid DESC LIMIT 15");
while ($blog = db_fetch_object($result)) {
$items .= format_rss_item($blog->title, path_uri() ."node.php?id=$blog->nid", $blog->body);
}
$output .= "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
+ $output .= "<!DOCTYPE rss [<!ENTITY % HTMLlat1 PUBLIC \"-//W3C//ENTITIES Latin 1 for XHTML//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-lat1.ent\">\n";
+ $output .= "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
$output .= "<rss version=\"0.91\">\n";
$output .= format_rss_channel("$account->name's blog", path_uri() ."module.php?mod=blog&op=view&id=$account->uid", "$account->name's blog", $items);
$output .= "</rss>\n";
@@ -66,7 +68,7 @@ function blog_feed_user($uid = 0, $date = 0) {
}
function blog_feed_last() {
- $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid ORDER BY b.lid DESC LIMIT 15");
+ $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid ORDER BY b.lid DESC LIMIT 15");
while ($blog = db_fetch_object($result)) {
$items .= format_rss_item($blog->title, path_uri() ."module.php?mod=blog&op=view&id=$blog->uid", $blog->body);
}
@@ -96,7 +98,7 @@ function blog_page_user($uid = 0, $date = 0) {
$date = time();
}
- $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid WHERE u.uid = '$account->uid' AND n.timestamp <= '$date' AND n.timestamp >= '". ($date - 2592000) ."' GROUP BY n.nid ORDER BY n.nid DESC LIMIT 20");
+ $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid WHERE u.uid = '$account->uid' AND n.timestamp <= '$date' AND n.timestamp >= '". ($date - 2592000) ."' GROUP BY n.nid, n.title, n.comment, n.timestamp, b.body, u.uid, u.name ORDER BY n.nid DESC LIMIT 20");
$output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"4\">";
@@ -136,7 +138,7 @@ function blog_page_user($uid = 0, $date = 0) {
function blog_page_last() {
global $theme, $user;
- $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid GROUP BY n.nid ORDER BY n.nid DESC LIMIT 20");
+ $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid GROUP BY n.nid, n.title, n.comment, n.timestamp, b.body, u.uid, u.name ORDER BY n.nid DESC LIMIT 20");
$output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"4\">";
@@ -349,7 +351,7 @@ function blog_link($type, $node = 0) {
function blog_block() {
global $user;
- $result = db_query("SELECT u.uid, u.name, n.timestamp, n.title, n.nid FROM node n LEFT JOIN user u ON n.author = u.uid WHERE n.type = 'blog' ORDER BY n.nid DESC LIMIT 10");
+ $result = db_query("SELECT u.uid, u.name, n.timestamp, n.title, n.nid FROM node n LEFT JOIN users u ON n.author = u.uid WHERE n.type = 'blog' ORDER BY n.nid DESC LIMIT 10");
while ($node = db_fetch_object($result)) {
$output .= "<a href=\"node.php?id=$node->nid\">". check_output($node->title) ."</a><br />\n";
diff --git a/modules/blog/blog.module b/modules/blog/blog.module
index 19e8b97e1..56d7bfa0c 100644
--- a/modules/blog/blog.module
+++ b/modules/blog/blog.module
@@ -15,7 +15,7 @@ function blog_help() {
}
function blog_cron() {
- $result = db_query("SELECT n.nid, n.timestamp, SUM(m.score) / COUNT(m.cid) AS score, COUNT(m.cid) AS votes FROM node n LEFT JOIN moderate m ON m.nid = n.nid WHERE n.type = 'blog' AND n.status = '". node_status("posted") ."' GROUP BY n.nid ORDER BY n.timestamp DESC LIMIT 30");
+ $result = db_query("SELECT n.nid, n.timestamp, SUM(m.score) / COUNT(m.cid) AS score, COUNT(m.cid) AS votes FROM node n LEFT JOIN moderate m ON m.nid = n.nid WHERE n.type = 'blog' AND n.status = '". node_status("posted") ."' GROUP BY n.nid, n.title, n.comment, n.timestamp, b.body, u.uid, u.name ORDER BY n.timestamp DESC LIMIT 30");
while ($node = db_fetch_object($result)) {
if ($node->score > 3 && $node->votes > 4) {
db_query("UPDATE node SET promote = '1' WHERE nid = '$node->nid'");
@@ -49,12 +49,14 @@ function blog_feed_user($uid = 0, $date = 0) {
$date = time();
}
- $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid WHERE u.uid = '$uid' AND n.timestamp > '". ($date - 2592000) ."' ORDER BY b.lid DESC LIMIT 15");
+ $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid WHERE u.uid = '$uid' AND n.timestamp > '". ($date - 2592000) ."' ORDER BY b.lid DESC LIMIT 15");
while ($blog = db_fetch_object($result)) {
$items .= format_rss_item($blog->title, path_uri() ."node.php?id=$blog->nid", $blog->body);
}
$output .= "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
+ $output .= "<!DOCTYPE rss [<!ENTITY % HTMLlat1 PUBLIC \"-//W3C//ENTITIES Latin 1 for XHTML//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-lat1.ent\">\n";
+ $output .= "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
$output .= "<rss version=\"0.91\">\n";
$output .= format_rss_channel("$account->name's blog", path_uri() ."module.php?mod=blog&op=view&id=$account->uid", "$account->name's blog", $items);
$output .= "</rss>\n";
@@ -66,7 +68,7 @@ function blog_feed_user($uid = 0, $date = 0) {
}
function blog_feed_last() {
- $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid ORDER BY b.lid DESC LIMIT 15");
+ $result = db_query("SELECT n.nid, n.title, n.timestamp, b.body, u.name, u.uid FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid ORDER BY b.lid DESC LIMIT 15");
while ($blog = db_fetch_object($result)) {
$items .= format_rss_item($blog->title, path_uri() ."module.php?mod=blog&op=view&id=$blog->uid", $blog->body);
}
@@ -96,7 +98,7 @@ function blog_page_user($uid = 0, $date = 0) {
$date = time();
}
- $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid WHERE u.uid = '$account->uid' AND n.timestamp <= '$date' AND n.timestamp >= '". ($date - 2592000) ."' GROUP BY n.nid ORDER BY n.nid DESC LIMIT 20");
+ $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid WHERE u.uid = '$account->uid' AND n.timestamp <= '$date' AND n.timestamp >= '". ($date - 2592000) ."' GROUP BY n.nid, n.title, n.comment, n.timestamp, b.body, u.uid, u.name ORDER BY n.nid DESC LIMIT 20");
$output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"4\">";
@@ -136,7 +138,7 @@ function blog_page_user($uid = 0, $date = 0) {
function blog_page_last() {
global $theme, $user;
- $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN user u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid GROUP BY n.nid ORDER BY n.nid DESC LIMIT 20");
+ $result = db_query("SELECT n.nid, n.title, n.comment, COUNT(c.cid) AS comments, n.timestamp, b.body, u.uid, u.name FROM blog b LEFT JOIN node n ON b.nid = n.nid LEFT JOIN users u ON n.author = u.uid LEFT JOIN comments c ON n.nid = c.lid GROUP BY n.nid, n.title, n.comment, n.timestamp, b.body, u.uid, u.name ORDER BY n.nid DESC LIMIT 20");
$output .= "<table border=\"0\" cellpadding=\"4\" cellspacing=\"4\">";
@@ -349,7 +351,7 @@ function blog_link($type, $node = 0) {
function blog_block() {
global $user;
- $result = db_query("SELECT u.uid, u.name, n.timestamp, n.title, n.nid FROM node n LEFT JOIN user u ON n.author = u.uid WHERE n.type = 'blog' ORDER BY n.nid DESC LIMIT 10");
+ $result = db_query("SELECT u.uid, u.name, n.timestamp, n.title, n.nid FROM node n LEFT JOIN users u ON n.author = u.uid WHERE n.type = 'blog' ORDER BY n.nid DESC LIMIT 10");
while ($node = db_fetch_object($result)) {
$output .= "<a href=\"node.php?id=$node->nid\">". check_output($node->title) ."</a><br />\n";
diff --git a/modules/book.module b/modules/book.module
index 429f1296b..c66907ea0 100644
--- a/modules/book.module
+++ b/modules/book.module
@@ -83,7 +83,7 @@ function book_view($node, $main = 0) {
function book_search($keys) {
global $PHP_SELF, $status;
- $result = db_query("SELECT n.*, u.name FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid LEFT JOIN user u ON n.author = u.uid WHERE n.type = 'book' AND n.status = '$status[posted]' AND (n.title LIKE '%". check_input($keys) ."%' OR b.body LIKE '%". check_input($keys) ."%') ORDER BY n.timestamp DESC LIMIT 20");
+ $result = db_query("SELECT n.*, u.name FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid LEFT JOIN users u ON n.author = u.uid WHERE n.type = 'book' AND n.status = '$status[posted]' AND (n.title LIKE '%". check_input($keys) ."%' OR b.body LIKE '%". check_input($keys) ."%') ORDER BY n.timestamp DESC LIMIT 20");
while ($node = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($node->title), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=node&type=book&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->name, "date" => $node->timestamp);
}
diff --git a/modules/book/book.module b/modules/book/book.module
index 429f1296b..c66907ea0 100644
--- a/modules/book/book.module
+++ b/modules/book/book.module
@@ -83,7 +83,7 @@ function book_view($node, $main = 0) {
function book_search($keys) {
global $PHP_SELF, $status;
- $result = db_query("SELECT n.*, u.name FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid LEFT JOIN user u ON n.author = u.uid WHERE n.type = 'book' AND n.status = '$status[posted]' AND (n.title LIKE '%". check_input($keys) ."%' OR b.body LIKE '%". check_input($keys) ."%') ORDER BY n.timestamp DESC LIMIT 20");
+ $result = db_query("SELECT n.*, u.name FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid LEFT JOIN users u ON n.author = u.uid WHERE n.type = 'book' AND n.status = '$status[posted]' AND (n.title LIKE '%". check_input($keys) ."%' OR b.body LIKE '%". check_input($keys) ."%') ORDER BY n.timestamp DESC LIMIT 20");
while ($node = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($node->title), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=node&type=book&op=edit&id=$node->nid" : "node.php?id=$node->nid"), "user" => $node->name, "date" => $node->timestamp);
}
diff --git a/modules/comment.module b/modules/comment.module
index 35d7c1ccd..d87b89724 100644
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -2,7 +2,7 @@
function comment_search($keys) {
global $PHP_SELF;
- $result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
+ $result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.author = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
}
@@ -23,7 +23,7 @@ function comment_link($type) {
function comment_edit($id) {
- $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.cid = '$id'");
+ $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.author = u.uid WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
$form .= form_item(t("Author"), format_name($comment));
@@ -40,7 +40,7 @@ function comment_save($id, $edit) {
}
function comment_overview() {
- $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN user u ON u.uid = c.author ORDER BY timestamp DESC LIMIT 50");
+ $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.author ORDER BY timestamp DESC LIMIT 50");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>subject</TH><TH>author</TH><TH>date</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
@@ -89,4 +89,4 @@ function comment_admin() {
}
}
-?> \ No newline at end of file
+?>
diff --git a/modules/comment/comment.module b/modules/comment/comment.module
index 35d7c1ccd..d87b89724 100644
--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -2,7 +2,7 @@
function comment_search($keys) {
global $PHP_SELF;
- $result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
+ $result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.author = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
$find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
}
@@ -23,7 +23,7 @@ function comment_link($type) {
function comment_edit($id) {
- $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN user u ON c.author = u.uid WHERE c.cid = '$id'");
+ $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.author = u.uid WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
$form .= form_item(t("Author"), format_name($comment));
@@ -40,7 +40,7 @@ function comment_save($id, $edit) {
}
function comment_overview() {
- $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN user u ON u.uid = c.author ORDER BY timestamp DESC LIMIT 50");
+ $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.author ORDER BY timestamp DESC LIMIT 50");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>subject</TH><TH>author</TH><TH>date</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
@@ -89,4 +89,4 @@ function comment_admin() {
}
}
-?> \ No newline at end of file
+?>
diff --git a/modules/import.module b/modules/import.module
index d3d1af4ce..7798d1f5f 100644
--- a/modules/import.module
+++ b/modules/import.module
@@ -313,7 +313,7 @@ function import_get_bundle($bid) {
}
function import_view() {
- $result = db_query("SELECT f.*, COUNT(i.iid) AS items FROM feed f LEFT JOIN item i ON f.fid = i.fid GROUP BY f.fid ORDER BY f.title");
+ $result = db_query("SELECT f.*, COUNT(i.iid) AS items FROM feed f LEFT JOIN item i ON f.fid = i.fid GROUP BY f.fid, f.title, f.url, f.refresh, f.uncache, f.timestamp, f.attributes, f.link, f.description ORDER BY f.title");
$output .= "<h3>Feed overview</h3>";
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
diff --git a/modules/node.module b/modules/node.module
index 0fb93cbe5..0f0573815 100644
--- a/modules/node.module
+++ b/modules/node.module
@@ -114,7 +114,7 @@ function node_overview($query) {
$color = array("#ffffff", "#e5e5e5");
$query = node_query($query ? $query : 0);
- $result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN user u ON n.author = u.uid $query[1] LIMIT 50");
+ $result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.author = u.uid $query[1] LIMIT 50");
$output .= status($query[0]);
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
@@ -274,6 +274,21 @@ function node_admin_save($edit) {
}
}
+function node_module_find() {
+
+ foreach (module_list() as $name) {
+ if (module_hook($name, "user")) {
+ $options .= "<OPTION VALUE=\"$name\">$name</OPTION>\n";
+ }
+ }
+
+ $output .= " <input size=\"50\" value=\"". check_form($keys) ."\" name=\"keys\" type=\"text\">\n";
+ $output .= " <select name=\"type\">$options</select>\n";
+ $output .= " <input type=\"submit\" value=\"Search\">\n";
+
+ return form($output);
+}
+
function node_edit($node) {
$output .= form_item("Title", $node->title);
$output .= form_item("Operations", implode("<br />", node_links($node->nid, $node->type)));
@@ -303,7 +318,8 @@ function node_admin() {
print node_help();
break;
case "search":
- print search_type($type, "admin.php?mod=node&op=search", $keys, 1);
+ print node_module_find($id);
+ print search_data($keys, $type);
break;
case "status":
print node_edit_status($id);
@@ -336,7 +352,7 @@ function node_admin() {
print node_setting();
break;
case "Reset to defaults":
- print status(system_default($edit));
+ print status(conf_default($edit));
print node_setting();
break;
case "Save node":
@@ -389,6 +405,7 @@ function node_feed() {
}
$output .= "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
+ $output .= "<!DOCTYPE rss [<!ENTITY % HTMLlat1 PUBLIC \"-//W3C//ENTITIES Latin 1 for XHTML//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-lat1.ent\">\n";
$output .= "<rss version=\"0.91\">\n";
$output .= format_rss_channel(variable_get("site_name", "drupal"), path_uri() ."module.php?mod=node&op=feed", variable_get("site_slogan", ""), $items);
$output .= "</rss>\n";
@@ -400,7 +417,7 @@ function node_feed() {
}
function node_page() {
- global $op, $theme, $meta, $date;
+ global $op, $theme;
if ($op == "feed") {
node_feed();
diff --git a/modules/node/node.module b/modules/node/node.module
index 0fb93cbe5..0f0573815 100644
--- a/modules/node/node.module
+++ b/modules/node/node.module
@@ -114,7 +114,7 @@ function node_overview($query) {
$color = array("#ffffff", "#e5e5e5");
$query = node_query($query ? $query : 0);
- $result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN user u ON n.author = u.uid $query[1] LIMIT 50");
+ $result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.author = u.uid $query[1] LIMIT 50");
$output .= status($query[0]);
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
@@ -274,6 +274,21 @@ function node_admin_save($edit) {
}
}
+function node_module_find() {
+
+ foreach (module_list() as $name) {
+ if (module_hook($name, "user")) {
+ $options .= "<OPTION VALUE=\"$name\">$name</OPTION>\n";
+ }
+ }
+
+ $output .= " <input size=\"50\" value=\"". check_form($keys) ."\" name=\"keys\" type=\"text\">\n";
+ $output .= " <select name=\"type\">$options</select>\n";
+ $output .= " <input type=\"submit\" value=\"Search\">\n";
+
+ return form($output);
+}
+
function node_edit($node) {
$output .= form_item("Title", $node->title);
$output .= form_item("Operations", implode("<br />", node_links($node->nid, $node->type)));
@@ -303,7 +318,8 @@ function node_admin() {
print node_help();
break;
case "search":
- print search_type($type, "admin.php?mod=node&op=search", $keys, 1);
+ print node_module_find($id);
+ print search_data($keys, $type);
break;
case "status":
print node_edit_status($id);
@@ -336,7 +352,7 @@ function node_admin() {
print node_setting();
break;
case "Reset to defaults":
- print status(system_default($edit));
+ print status(conf_default($edit));
print node_setting();
break;
case "Save node":
@@ -389,6 +405,7 @@ function node_feed() {
}
$output .= "<?xml version=\"1.0\" encoding=\"ISO-8859-1\" ?>\n";
+ $output .= "<!DOCTYPE rss [<!ENTITY % HTMLlat1 PUBLIC \"-//W3C//ENTITIES Latin 1 for XHTML//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml-lat1.ent\">\n";
$output .= "<rss version=\"0.91\">\n";
$output .= format_rss_channel(variable_get("site_name", "drupal"), path_uri() ."module.php?mod=node&op=feed", variable_get("site_slogan", ""), $items);
$output .= "</rss>\n";
@@ -400,7 +417,7 @@ function node_feed() {
}
function node_page() {
- global $op, $theme, $meta, $date;
+ global $op, $theme;
if ($op == "feed") {
node_feed();
diff --git a/modules/queue.module b/modules/queue.module
index 676d3fc3a..7ba88f5c8 100644
--- a/modules/queue.module
+++ b/modules/queue.module
@@ -64,7 +64,7 @@ function queue_vote($id, $vote) {
function queue_overview() {
global $status, $theme, $user;
- $result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN user u ON n.author = u.uid WHERE n.status = '$status[queued]'");
+ $result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.author = u.uid WHERE n.status = '$status[queued]'");
$content .= "<TABLE BORDER=\"0\" CELLSPACING=\"4\" CELLPADDING=\"4\">\n";
$content .= " <TR><TH>". t("Subject") ."</TH><TH>". t("Author") ."</TH><TH>". t("Type") ."</TH><TH>". t("Score") ."</TH></TR>\n";
@@ -86,7 +86,7 @@ function queue_node($id) {
$node = node_get_object(array(nid => $id));
if ($user->uid == $node->author || field_get($node->users, $user->uid)) {
- drupal_goto("node.php?id=$node->nid");
+ header("Location: node.php?id=$node->nid");
}
else {
$queue_votes = array("neutral (+0)" => "+ 0", "post it (+1)" => "+ 1", "dump it (-1)" => "- 1");
diff --git a/modules/rating.module b/modules/rating.module
index 68f18776f..062f89f5b 100644
--- a/modules/rating.module
+++ b/modules/rating.module
@@ -29,17 +29,17 @@ function rating_cron() {
if (time() - variable_get("rating_cron_last", 0) > variable_get("rating_cron_time", time())) {
variable_set("rating_cron_last", time());
- $r1 = db_query("SELECT uid FROM user ORDER BY rating DESC");
+ $r1 = db_query("SELECT uid FROM users ORDER BY rating DESC");
while ($account = db_fetch_object($r1)) {
- db_query("UPDATE user SET rating = '". rating_gravity($account->uid) ."' WHERE uid = '$account->uid'");
+ db_query("UPDATE users SET rating = '". rating_gravity($account->uid) ."' WHERE uid = '$account->uid'");
$rating[$account->uid] = ++$i;
}
db_query("DELETE FROM rating");
- $r2 = db_query("SELECT uid FROM user ORDER BY rating DESC");
+ $r2 = db_query("SELECT uid FROM users ORDER BY rating DESC");
while ($account = db_fetch_object($r2)) {
- db_query("INSERT INTO rating (user, new, old) VALUES ('$account->uid', '". ++$j ."', '". $rating[$account->uid] ."')");
+ db_query("INSERT INTO rating (userid, new, old) VALUES ('$account->uid', '". ++$j ."', '". $rating[$account->uid] ."')");
}
}
}
@@ -81,7 +81,7 @@ function rating_gravity($id) {
}
function rating_list($limit) {
- $result = db_query("SELECT u.rating, u.name, u.uid, r.* FROM user u LEFT JOIN rating r ON u.uid = r.user ORDER BY u.rating DESC LIMIT $limit");
+ $result = db_query("SELECT u.rating, u.name, u.uid, r.* FROM users u LEFT JOIN rating r ON u.uid = r.userid ORDER BY u.rating DESC LIMIT $limit");
$output .= "<TABLE CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
while ($account = db_fetch_object($result)) {
diff --git a/modules/search.module b/modules/search.module
index e047f6ca9..91d395678 100644
--- a/modules/search.module
+++ b/modules/search.module
@@ -29,6 +29,13 @@ function search_page() {
if (user_access("search content")) {
/*
+ ** Verify the user input:
+ */
+
+ $type = check_input($type);
+ $keys = check_input($keys);
+
+ /*
** Construct the search form:
*/
@@ -88,4 +95,4 @@ function search_page() {
}
}
-?> \ No newline at end of file
+?>
diff --git a/modules/search/search.module b/modules/search/search.module
index e047f6ca9..91d395678 100644
--- a/modules/search/search.module
+++ b/modules/search/search.module
@@ -29,6 +29,13 @@ function search_page() {
if (user_access("search content")) {
/*
+ ** Verify the user input:
+ */
+
+ $type = check_input($type);
+ $keys = check_input($keys);
+
+ /*
** Construct the search form:
*/
@@ -88,4 +95,4 @@ function search_page() {
}
}
-?> \ No newline at end of file
+?>
diff --git a/modules/tracker.module b/modules/tracker.module
index f8c9ab81c..8fe01f194 100644
--- a/modules/tracker.module
+++ b/modules/tracker.module
@@ -12,10 +12,10 @@ function tracker_comments($id = 0) {
global $theme, $user;
if ($id) {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.author = '". check_input($id) ."' GROUP BY n.nid DESC ORDER BY c.timestamp DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.author = '". check_input($id) ."' GROUP BY n.nid, n.title DESC ORDER BY c.timestamp DESC LIMIT 10");
}
else {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid GROUP BY n.nid DESC ORDER BY c.timestamp DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid GROUP BY n.nid, n.title DESC ORDER BY c.timestamp DESC LIMIT 10");
}
while ($node = db_fetch_object($sresult)) {
diff --git a/modules/tracker/tracker.module b/modules/tracker/tracker.module
index f8c9ab81c..8fe01f194 100644
--- a/modules/tracker/tracker.module
+++ b/modules/tracker/tracker.module
@@ -12,10 +12,10 @@ function tracker_comments($id = 0) {
global $theme, $user;
if ($id) {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.author = '". check_input($id) ."' GROUP BY n.nid DESC ORDER BY c.timestamp DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.author = '". check_input($id) ."' GROUP BY n.nid, n.title DESC ORDER BY c.timestamp DESC LIMIT 10");
}
else {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid GROUP BY n.nid DESC ORDER BY c.timestamp DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS count FROM comments c LEFT JOIN node n ON c.lid = n.nid GROUP BY n.nid, n.title DESC ORDER BY c.timestamp DESC LIMIT 10");
}
while ($node = db_fetch_object($sresult)) {
diff --git a/modules/user.module b/modules/user.module
index d20abe685..bd2748910 100644
--- a/modules/user.module
+++ b/modules/user.module
@@ -22,13 +22,13 @@ function sess_read($key) {
function sess_write($key, $value) {
global $HTTP_SERVER_VARS;
- db_query("UPDATE user SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."' WHERE session = '$key'");
+ db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."' WHERE session = '$key'");
}
function sess_destroy($key) {
global $HTTP_SERVER_VARS;
- db_query("UPDATE user SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."', session = '' WHERE session = '$key'");
+ db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."', session = '' WHERE session = '$key'");
}
function sess_gc($lifetime) {
@@ -45,16 +45,18 @@ function user_load($array = array()) {
foreach ($array as $key => $value) {
if ($key == "pass") {
- $query .= "u.$key = PASSWORD('". addslashes($value) ."') AND ";
+ $query .= "u.$key = '" . md5($value) . "' AND ";
}
else {
$query .= "u.$key = '". addslashes($value) ."' AND ";
}
}
+ $result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3");
- $result = db_query("SELECT u.*, r.perm FROM user u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3");
+ $user = db_fetch_object($result);
+
+ return $user;
- return db_fetch_object($result);
}
@@ -64,25 +66,40 @@ function user_save($account, $array = array()) {
** Dynamically compose a SQL query:
*/
- foreach ($array as $key => $value) {
- if ($key == "pass") {
- $query .= "$key = PASSWORD('". addslashes($value) ."'), ";
- }
- else {
- $query .= "$key = '". addslashes($value) ."', ";
- }
- }
/*
** Update existing or insert new user account:
*/
if ($account->uid) {
- db_query("UPDATE user SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'");
+ foreach ($array as $key => $value) {
+ if ($key == "pass") {
+ $query .= "$key = '". md5($value) ."', ";
+ }
+ else {
+ $query .= "$key = '". addslashes($value) ."', ";
+ }
+ }
+ db_query("UPDATE users SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'");
return user_load(array("uid" => $account->uid));
}
else {
- db_query("INSERT INTO user SET $query timestamp = '". time() ."'");
+ $fields = "(";
+ $values = "(";
+ $num = 0;
+
+ foreach ($array as $key => $value) {
+ $fields .= ($num ? ", " : "") . $key;
+ $values .= ($num ? ", " : "") . (($key == "pass") ? "'" . md5 ($value) . "'" : "'" . addslashes ($value) . "'");
+ $num = 1;
+ }
+
+ $fields .= ($num ? ", " : "") . "timestamp";
+ $values .= ($num ? ", " : "") . "'" . time() ."'";
+ $fields .= ")";
+ $values .= ")";
+
+ db_query("INSERT INTO users $fields VALUES $values");
return user_load(array("name" => $array["name"]));
}
@@ -109,7 +126,6 @@ function user_validate_name($name) {
if (eregi(" ", $name)) return t("The name can not contain multiple spaces in a row.");
if (eregi("[^a-zA-Z0-9 ]", $name)) return t("The name contains an illegal character.");
if (strlen($name) > 32) return t("The name '$name' is too long: it must be less than 32 characters.");
-
}
function user_validate_mail($mail) {
@@ -218,7 +234,7 @@ function user_perm() {
function user_search($keys) {
global $PHP_SELF;
- $result = db_query("SELECT * FROM user WHERE name LIKE '%$keys%' LIMIT 20");
+ $result = db_query("SELECT * FROM users WHERE name LIKE '%$keys%' LIMIT 20");
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->name, "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=user&op=edit&id=$account->uid" : "module.php?mod=user&op=view&id=$account->uid"), "user" => $account->name);
}
@@ -441,6 +457,10 @@ function user_login($edit = array()) {
$user = user_load(array("name" => $name, "pass" => $pass, "status" => 1));
}
+print "user = $user->uid, $user->name<br />";
+
+die("foo");
+
/*
** Try to log on the user through Drupal:
*/
@@ -505,7 +525,7 @@ function user_login($edit = array()) {
** Display login form:
*/
- $output .= form_textfield(t("Username"), "name", $edit["name"], 20, 64, t("Enter your local username, a Drupal ID or a Jabber ID."));
+ $output .= form_textfield(t("Username"), "name", $edit["name"], 20, 64, t("Enter your local username, a Drupal ID or a Jabber ID."));
$output .= form_password(t("Password"), "pass", $pass, 20, 64, t("Enter the password that accompanies your username."));
$output .= form_submit(t("Log in"));
@@ -537,7 +557,7 @@ function user_logout() {
function user_pass($edit = array()) {
if ($edit["name"] && $edit["mail"]) {
- if ($account = db_fetch_object(db_query("SELECT uid FROM user WHERE name = '". check_input($edit["name"]) ."' AND mail = '". check_input($edit["mail"]) ."'"))) {
+ if ($account = db_fetch_object(db_query("SELECT uid FROM users WHERE name = '". check_input($edit["name"]) ."' AND mail = '". check_input($edit["mail"]) ."'"))) {
$from = variable_get("site_mail", "root@localhost");
$pass = user_password();
@@ -593,10 +613,10 @@ function user_register($edit = array()) {
else if (user_deny("mail", $edit["mail"])) {
$error = sprintf(t("The e-mail address '%s' has been denied access."), $edit["mail"]);
}
- else if (db_num_rows(db_query("SELECT name FROM user WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
$error = sprintf(t("The name '%s' is already taken."), $edit["name"]);
}
- else if (db_num_rows(db_query("SELECT mail FROM user WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
$error = sprintf(t("The e-mail address '%s' is already taken."), $edit["mail"]);
}
else if (variable_get("user_register", 1) == 0) {
@@ -660,13 +680,13 @@ function user_edit($edit = array()) {
else if ($error = user_validate_mail($edit["mail"])) {
// do nothing
}
- else if (db_num_rows(db_query("SELECT uid FROM user WHERE uid != '$user->uid' AND LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
$error = sprintf(t("The name '%s' is already taken."), $edit["name"]);
}
- else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM user WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
+ else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
$error = sprintf(t("The e-mail address '%s' is already taken."), $edit["mail"]);
}
- else if ($edit["jabber"] && db_num_rows(db_query("SELECT uid FROM user WHERE uid != '$user->uid' AND LOWER(jabber) = LOWER('". $edit["jabber"] ."')")) > 0) {
+ else if ($edit["jabber"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(jabber) = LOWER('". $edit["jabber"] ."')")) > 0) {
$error = sprintf(t("The Jabber ID '%s' is already taken."), $edit["jabber"]);
}
else if ($user->uid) {
@@ -852,10 +872,10 @@ function user_admin_create($edit = array()) {
else if ($error = user_validate_mail($edit["mail"])) {
// do nothing
}
- else if (db_num_rows(db_query("SELECT name FROM user WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
$error = sprintf(t("The name '%s' is already taken."), $edit["name"]);
}
- else if (db_num_rows(db_query("SELECT mail FROM user WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
$error = sprintf(t("The e-mail address '%s' is already taken."), $edit["mail"]);
}
else {
@@ -985,6 +1005,7 @@ function user_admin_perm($edit = array()) {
*/
$result = db_query("SELECT * FROM role ORDER BY name");
+ $roles = array ();
while ($role = db_fetch_object($result)) {
$roles[$role->name] = $role->perm;
}
@@ -1067,7 +1088,7 @@ function user_admin_edit($edit = array()) {
}
else if ($op == "Delete account") {
if ($edit["status"] == 0) {
- db_query("DELETE FROM user WHERE uid = '$account->uid'");
+ db_query("DELETE FROM users WHERE uid = '$account->uid'");
$output .= "The account has been deleted.";
}
else {
@@ -1108,7 +1129,7 @@ function user_admin_account() {
$queries = array(array("ORDER BY timestamp DESC", "active users"), array("ORDER BY uid DESC", "new users"), array("WHERE status = 0 ORDER BY uid DESC", "blocked users"), array("WHERE role != 'authenticated user' ORDER BY uid DESC", "special users"));
- $result = db_query("SELECT uid, name, timestamp FROM user ". $queries[$query ? $query : 0][0] ." LIMIT 50");
+ $result = db_query("SELECT uid, name, timestamp FROM users ". $queries[$query ? $query : 0][0] ." LIMIT 50");
foreach ($queries as $key => $value) {
$links[] = "<a href=\"admin.php?mod=user&op=account&query=$key\">$value[1]</a>";
diff --git a/modules/user/user.module b/modules/user/user.module
index d20abe685..bd2748910 100644
--- a/modules/user/user.module
+++ b/modules/user/user.module
@@ -22,13 +22,13 @@ function sess_read($key) {
function sess_write($key, $value) {
global $HTTP_SERVER_VARS;
- db_query("UPDATE user SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."' WHERE session = '$key'");
+ db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."' WHERE session = '$key'");
}
function sess_destroy($key) {
global $HTTP_SERVER_VARS;
- db_query("UPDATE user SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."', session = '' WHERE session = '$key'");
+ db_query("UPDATE users SET hostname = '". check_input($HTTP_SERVER_VARS[REMOTE_ADDR]) ."', timestamp = '". time() ."', session = '' WHERE session = '$key'");
}
function sess_gc($lifetime) {
@@ -45,16 +45,18 @@ function user_load($array = array()) {
foreach ($array as $key => $value) {
if ($key == "pass") {
- $query .= "u.$key = PASSWORD('". addslashes($value) ."') AND ";
+ $query .= "u.$key = '" . md5($value) . "' AND ";
}
else {
$query .= "u.$key = '". addslashes($value) ."' AND ";
}
}
+ $result = db_query("SELECT u.*, r.perm FROM users u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3");
- $result = db_query("SELECT u.*, r.perm FROM user u LEFT JOIN role r ON u.role = r.name WHERE $query u.status < 3");
+ $user = db_fetch_object($result);
+
+ return $user;
- return db_fetch_object($result);
}
@@ -64,25 +66,40 @@ function user_save($account, $array = array()) {
** Dynamically compose a SQL query:
*/
- foreach ($array as $key => $value) {
- if ($key == "pass") {
- $query .= "$key = PASSWORD('". addslashes($value) ."'), ";
- }
- else {
- $query .= "$key = '". addslashes($value) ."', ";
- }
- }
/*
** Update existing or insert new user account:
*/
if ($account->uid) {
- db_query("UPDATE user SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'");
+ foreach ($array as $key => $value) {
+ if ($key == "pass") {
+ $query .= "$key = '". md5($value) ."', ";
+ }
+ else {
+ $query .= "$key = '". addslashes($value) ."', ";
+ }
+ }
+ db_query("UPDATE users SET $query timestamp = '". time() ."' WHERE uid = '$account->uid'");
return user_load(array("uid" => $account->uid));
}
else {
- db_query("INSERT INTO user SET $query timestamp = '". time() ."'");
+ $fields = "(";
+ $values = "(";
+ $num = 0;
+
+ foreach ($array as $key => $value) {
+ $fields .= ($num ? ", " : "") . $key;
+ $values .= ($num ? ", " : "") . (($key == "pass") ? "'" . md5 ($value) . "'" : "'" . addslashes ($value) . "'");
+ $num = 1;
+ }
+
+ $fields .= ($num ? ", " : "") . "timestamp";
+ $values .= ($num ? ", " : "") . "'" . time() ."'";
+ $fields .= ")";
+ $values .= ")";
+
+ db_query("INSERT INTO users $fields VALUES $values");
return user_load(array("name" => $array["name"]));
}
@@ -109,7 +126,6 @@ function user_validate_name($name) {
if (eregi(" ", $name)) return t("The name can not contain multiple spaces in a row.");
if (eregi("[^a-zA-Z0-9 ]", $name)) return t("The name contains an illegal character.");
if (strlen($name) > 32) return t("The name '$name' is too long: it must be less than 32 characters.");
-
}
function user_validate_mail($mail) {
@@ -218,7 +234,7 @@ function user_perm() {
function user_search($keys) {
global $PHP_SELF;
- $result = db_query("SELECT * FROM user WHERE name LIKE '%$keys%' LIMIT 20");
+ $result = db_query("SELECT * FROM users WHERE name LIKE '%$keys%' LIMIT 20");
while ($account = db_fetch_object($result)) {
$find[$i++] = array("title" => $account->name, "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=user&op=edit&id=$account->uid" : "module.php?mod=user&op=view&id=$account->uid"), "user" => $account->name);
}
@@ -441,6 +457,10 @@ function user_login($edit = array()) {
$user = user_load(array("name" => $name, "pass" => $pass, "status" => 1));
}
+print "user = $user->uid, $user->name<br />";
+
+die("foo");
+
/*
** Try to log on the user through Drupal:
*/
@@ -505,7 +525,7 @@ function user_login($edit = array()) {
** Display login form:
*/
- $output .= form_textfield(t("Username"), "name", $edit["name"], 20, 64, t("Enter your local username, a Drupal ID or a Jabber ID."));
+ $output .= form_textfield(t("Username"), "name", $edit["name"], 20, 64, t("Enter your local username, a Drupal ID or a Jabber ID."));
$output .= form_password(t("Password"), "pass", $pass, 20, 64, t("Enter the password that accompanies your username."));
$output .= form_submit(t("Log in"));
@@ -537,7 +557,7 @@ function user_logout() {
function user_pass($edit = array()) {
if ($edit["name"] && $edit["mail"]) {
- if ($account = db_fetch_object(db_query("SELECT uid FROM user WHERE name = '". check_input($edit["name"]) ."' AND mail = '". check_input($edit["mail"]) ."'"))) {
+ if ($account = db_fetch_object(db_query("SELECT uid FROM users WHERE name = '". check_input($edit["name"]) ."' AND mail = '". check_input($edit["mail"]) ."'"))) {
$from = variable_get("site_mail", "root@localhost");
$pass = user_password();
@@ -593,10 +613,10 @@ function user_register($edit = array()) {
else if (user_deny("mail", $edit["mail"])) {
$error = sprintf(t("The e-mail address '%s' has been denied access."), $edit["mail"]);
}
- else if (db_num_rows(db_query("SELECT name FROM user WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
$error = sprintf(t("The name '%s' is already taken."), $edit["name"]);
}
- else if (db_num_rows(db_query("SELECT mail FROM user WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
$error = sprintf(t("The e-mail address '%s' is already taken."), $edit["mail"]);
}
else if (variable_get("user_register", 1) == 0) {
@@ -660,13 +680,13 @@ function user_edit($edit = array()) {
else if ($error = user_validate_mail($edit["mail"])) {
// do nothing
}
- else if (db_num_rows(db_query("SELECT uid FROM user WHERE uid != '$user->uid' AND LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
$error = sprintf(t("The name '%s' is already taken."), $edit["name"]);
}
- else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM user WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
+ else if ($edit["mail"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
$error = sprintf(t("The e-mail address '%s' is already taken."), $edit["mail"]);
}
- else if ($edit["jabber"] && db_num_rows(db_query("SELECT uid FROM user WHERE uid != '$user->uid' AND LOWER(jabber) = LOWER('". $edit["jabber"] ."')")) > 0) {
+ else if ($edit["jabber"] && db_num_rows(db_query("SELECT uid FROM users WHERE uid != '$user->uid' AND LOWER(jabber) = LOWER('". $edit["jabber"] ."')")) > 0) {
$error = sprintf(t("The Jabber ID '%s' is already taken."), $edit["jabber"]);
}
else if ($user->uid) {
@@ -852,10 +872,10 @@ function user_admin_create($edit = array()) {
else if ($error = user_validate_mail($edit["mail"])) {
// do nothing
}
- else if (db_num_rows(db_query("SELECT name FROM user WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT name FROM users WHERE LOWER(name) = LOWER('". $edit["name"] ."')")) > 0) {
$error = sprintf(t("The name '%s' is already taken."), $edit["name"]);
}
- else if (db_num_rows(db_query("SELECT mail FROM user WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
+ else if (db_num_rows(db_query("SELECT mail FROM users WHERE LOWER(mail) = LOWER('". $edit["mail"] ."')")) > 0) {
$error = sprintf(t("The e-mail address '%s' is already taken."), $edit["mail"]);
}
else {
@@ -985,6 +1005,7 @@ function user_admin_perm($edit = array()) {
*/
$result = db_query("SELECT * FROM role ORDER BY name");
+ $roles = array ();
while ($role = db_fetch_object($result)) {
$roles[$role->name] = $role->perm;
}
@@ -1067,7 +1088,7 @@ function user_admin_edit($edit = array()) {
}
else if ($op == "Delete account") {
if ($edit["status"] == 0) {
- db_query("DELETE FROM user WHERE uid = '$account->uid'");
+ db_query("DELETE FROM users WHERE uid = '$account->uid'");
$output .= "The account has been deleted.";
}
else {
@@ -1108,7 +1129,7 @@ function user_admin_account() {
$queries = array(array("ORDER BY timestamp DESC", "active users"), array("ORDER BY uid DESC", "new users"), array("WHERE status = 0 ORDER BY uid DESC", "blocked users"), array("WHERE role != 'authenticated user' ORDER BY uid DESC", "special users"));
- $result = db_query("SELECT uid, name, timestamp FROM user ". $queries[$query ? $query : 0][0] ." LIMIT 50");
+ $result = db_query("SELECT uid, name, timestamp FROM users ". $queries[$query ? $query : 0][0] ." LIMIT 50");
foreach ($queries as $key => $value) {
$links[] = "<a href=\"admin.php?mod=user&op=account&query=$key\">$value[1]</a>";
diff --git a/modules/watchdog.module b/modules/watchdog.module
index 974914dba..a98ebb550 100644
--- a/modules/watchdog.module
+++ b/modules/watchdog.module
@@ -33,7 +33,7 @@ function watchdog_overview($type) {
$color = array(user => "#FFEEAA", message => "#FFFFFF", special => "#A49FFF", warning => "#FFAA22", httpd => "#99DD99", error => "#EE4C4C");
$query = array(user => "WHERE type = 'user'", regular => "WHERE type = 'message'", special => "WHERE type = 'special'", warning => "WHERE type = 'warning'", error => "WHERE type = 'error'", httpd => "WHERE type = 'httpd'");
- $result = db_query("SELECT w.*, u.name, u.uid FROM watchdog w LEFT JOIN user u ON w.user = u.uid ". ($type ? $query[$type] : "") ." ORDER BY timestamp DESC LIMIT 1000");
+ $result = db_query("SELECT w.*, u.name, u.uid FROM watchdog w LEFT JOIN users u ON w.userid = u.uid ". ($type ? $query[$type] : "") ." ORDER BY timestamp DESC LIMIT 1000");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>date</TH><TH>message</TH><TH>user</TH><TH>operations</TH></TR>\n";
@@ -48,7 +48,7 @@ function watchdog_overview($type) {
}
function watchdog_view($id) {
- $result = db_query("SELECT l.*, u.name, u.uid FROM watchdog l LEFT JOIN user u ON l.user = u.uid WHERE l.id = '$id'");
+ $result = db_query("SELECT l.*, u.name, u.uid FROM watchdog l LEFT JOIN users u ON l.userid = u.uid WHERE l.id = '$id'");
if ($watchdog = db_fetch_object($result)) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
@@ -87,4 +87,4 @@ function watchdog_admin() {
}
}
-?> \ No newline at end of file
+?>
diff --git a/modules/watchdog/watchdog.module b/modules/watchdog/watchdog.module
index 974914dba..a98ebb550 100644
--- a/modules/watchdog/watchdog.module
+++ b/modules/watchdog/watchdog.module
@@ -33,7 +33,7 @@ function watchdog_overview($type) {
$color = array(user => "#FFEEAA", message => "#FFFFFF", special => "#A49FFF", warning => "#FFAA22", httpd => "#99DD99", error => "#EE4C4C");
$query = array(user => "WHERE type = 'user'", regular => "WHERE type = 'message'", special => "WHERE type = 'special'", warning => "WHERE type = 'warning'", error => "WHERE type = 'error'", httpd => "WHERE type = 'httpd'");
- $result = db_query("SELECT w.*, u.name, u.uid FROM watchdog w LEFT JOIN user u ON w.user = u.uid ". ($type ? $query[$type] : "") ." ORDER BY timestamp DESC LIMIT 1000");
+ $result = db_query("SELECT w.*, u.name, u.uid FROM watchdog w LEFT JOIN users u ON w.userid = u.uid ". ($type ? $query[$type] : "") ." ORDER BY timestamp DESC LIMIT 1000");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>date</TH><TH>message</TH><TH>user</TH><TH>operations</TH></TR>\n";
@@ -48,7 +48,7 @@ function watchdog_overview($type) {
}
function watchdog_view($id) {
- $result = db_query("SELECT l.*, u.name, u.uid FROM watchdog l LEFT JOIN user u ON l.user = u.uid WHERE l.id = '$id'");
+ $result = db_query("SELECT l.*, u.name, u.uid FROM watchdog l LEFT JOIN users u ON l.userid = u.uid WHERE l.id = '$id'");
if ($watchdog = db_fetch_object($result)) {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
@@ -87,4 +87,4 @@ function watchdog_admin() {
}
}
-?> \ No newline at end of file
+?>
diff --git a/modules/weblogs.module b/modules/weblogs.module
index 50660cffa..c7e31fabb 100644
--- a/modules/weblogs.module
+++ b/modules/weblogs.module
@@ -21,4 +21,4 @@ function weblogs_notify($name, $url) {
}
}
-?> \ No newline at end of file
+?>
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-23 15:31:38 +0000