Subversion Repositories taios

Compare Revisions

Ignore whitespace Rev 484 → Rev 493

/blog/index.php
16,24 → 16,21
}
 
$query = 'WHERE ParentID = -1';
$args = array();
 
if (isset($_GET['cat']))
{
$query = $query . ' AND Category = "' . $_GET['cat'] . '"';
if (isset($_GET['cat'])) {
$query = $query . " AND Category = ?";
array_push($args, $_GET['cat']);
write('<p>Only showing blog posts from the ' . $_GET['cat'] . ' category. <a href="index.php">Reset Filtering</a></p><br />');
}
 
if(!$page->isUserGM($page->getLoggedInUser()))
{
if (!$page->isUserGM($page->getLoggedInUser())) {
$query = $query . ' AND Category != "Drafts"';
}
 
$query = $query . " ORDER BY DatePosted DESC";
 
$ids = $page->findIDs('BlogPosts', $query);
for ($i = 0; $i < count($ids); $i++)
{
$id = $ids[$i];
foreach ($page->findIDs('BlogPosts', $query, $args) as $id) {
$post = $page->getBlogPost($id);
 
$ids2 = $page->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
/blog/add-post.php
44,8 → 44,9
{
$page->drawError('You do not have permission to access this page.');
}
$page->query('INSERT INTO BlogPosts VALUES(0, "' . $parentID . '", "' . $page->getLoggedInUser()->ID . '", "' . $title . '", "' . $content . '", NOW(), "' . $category . '", 0)');
$args = array(0, $parentID, $page->getLoggedInUser()->ID, $title, $content, $category, 0);
$page->query("INSERT INTO BlogPosts VALUES(?, ?, ?, ?, ?, NOW(), ?, ?)", $args);
$page->redirect('post.php?id=' . $parentID);
}
}
/blog/edit-post.php
27,23 → 27,18
 
$error = '';
 
if (isset($_POST['id']))
{
if (isset($_POST['id'])) {
$title = $_POST['title'];
$content = $_POST['content'];
$category = $_POST['category'];
 
if (empty($title))
{
if (empty($title)) {
$error = "No Title Specified";
}
else if (empty($content))
{
} else if (empty($content)) {
$error = "No Content Specified";
}
else
{
$page->query('UPDATE BlogPosts SET Content = "' . $content . '", Title = "' . $title . '", Category = "' . $category . '" WHERE ID = "' . $id . '"');
} else {
$args = array($content, $title, $category, $id);
$page->query("UPDATE BlogPosts SET Content = ?, Title = ?, Category = ? WHERE ID = ?", $args);
$page->redirect('post.php?id=' . $id);
}
}
52,8 → 47,7
$page->drawBlogCategoriesMenu();
$page->drawMiddle();
 
if (!empty($error))
{
if (!empty($error)) {
$page->drawError($error, false);
}
 
/admin/nowify.php
0,0 → 1,60
<?php
 
require '../_taios.php';
 
$page = new Taios_Page('Nowify', '../');
 
if (isset($_GET['id'])) {
$id = $_GET['id'];
} else if (isset($_POST['id'])) {
$id = $_POST['id'];
} else {
$page->drawError('No ID set.');
}
 
$page->checkLoggedIn();
 
$post = $page->getBlogPost($id);
if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) || !$page->isUserNormal($page->getLoggedInUser())) {
$page->drawError('You do not have permission to access this page.');
}
 
$error = '';
 
if (isset($_POST['id']))
{
$title = $_POST['title'];
 
$page->query("UPDATE BlogPosts SET DatePosted = NOW() WHERE ID = ?", array($id));
$page->redirect('/blog/post.php?id=' . $id);
}
 
$page->drawHeader();
$page->drawBlogCategoriesMenu();
$page->drawMiddle();
 
if (!empty($error)) {
$page->drawError($error, false);
}
 
?>
 
<form action="nowify.php" method="post">
Press Sumbit if you wish to nowify post <?php echo $post->title; ?>.<br /><br />
 
<?php
write('<input type="hidden" name="id" value="' . $id . '" />');
?>
 
<tr>
<td class="bold"></td>
<td><input type="submit" value="Submit" /></td>
</tr>
</table>
</form>
 
<?php
 
$page->drawFooter();
 
?>
/admin/account-do.php
13,36 → 13,26
$name = $_POST['name'];
 
$user = $page->getUserByID($userID);
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser()))
{
if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser()))
{
$page->query('UPDATE Users SET AccessID = "' . $accessID . '" WHERE ID = "' . $userID . '"');
if (($page->getLoggedInUser()->ID == $userID || $page->isUserAdmin($page->getLoggedInUser())) && $user && $page->isUserNormal($page->getLoggedInUser())) {
if (isset($accessID) && $page->isUserAdmin($page->getLoggedInUser())) {
$page->query("UPDATE Users SET AccessID = ? WHERE ID = ?", array($accessID, $userID));
}
if (!empty($password))
{
$page->query('UPDATE Users SET Password = "' . sha1($password) . '" WHERE ID = "' . $userID . '"');
if (!empty($password)) {
$page->query("UPDATE Users SET Password = ? WHERE ID = ?", array(sha1($password), $userID));
}
if (!empty($email))
{
$page->query('UPDATE Users SET EmailAddress = "' . $email . '" WHERE ID = "' . $userID . '"');
if (!empty($email)) {
$page->query("UPDATE Users SET EmailAddress = ? WHERE ID = ?", array($email, $userID));
}
if (!empty($name))
{
$page->query('UPDATE Users SET Name = "' . $name . '" WHERE ID = "' . $userID . '"');
if (!empty($name)) {
$page->query("UPDATE Users SET Name = ? WHERE ID = ?", array($name, $userID));
}
}
else
{
if (!$user)
{
} else {
if (!$user) {
$page->drawError('No such user, #' . $userID);
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
}
/forums/add-post-do.php
7,13 → 7,12
$page->checkLoggedIn();
 
$parentID = $_POST['parentID'];
if (empty($parentID))
{
if (empty($parentID)) {
$parentID = -1;
}
 
$categoryID = $_POST['categoryID'];
if (empty($categoryID))
{
if (empty($categoryID)) {
$parentID = -1;
}
 
20,21 → 19,20
$title = $_POST['title'];
$content = $_POST['content'];
 
if (!$page->isUserNormal($page->getLoggedInUser()))
{
if (!$page->isUserNormal($page->getLoggedInUser())) {
$page->redirect('add-post.php?error=You do not have permission to access this page');
}
 
if (empty($title))
{
if (empty($title)) {
$page->redirect('add-post.php?error=No Title Specified');
}
if (empty($title))
{
 
if (empty($title)) {
$page->redirect('add-post.php?error=No Content Specified');
}
 
$page->query('INSERT INTO ForumPosts VALUES (0, "' .$page->getLoggedInUser()->ID . '", "' . $categoryID . '", "' . $parentID . '", "' . $title . '", "' . $content . '", NOW(), FALSE)');
$args = array($page->getLoggedInUser()->ID, $categoryID, $parentID, $title, $content);
$page->query("INSERT INTO ForumPosts VALUES (0, ?, ?, ?, ?, ?, NOW(), FALSE)", $args);
$page->redirect('index.php?parentID=' . $categoryID);
 
?>
/forums/delete-category-do.php
8,13 → 8,10
 
$id = $page->getGetID();
 
if ($page->isUserAdmin($page->getLoggedInUser()))
{
$page->query('DELETE FROM ForumCategories WHERE ID = "' . $id . '"');
if ($page->isUserAdmin($page->getLoggedInUser())) {
$page->query("DELETE FROM ForumCategories WHERE ID = ?", array($id));
$page->redirect('index.php');
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
 
/forums/edit-category-do.php
11,20 → 11,16
$title = $_POST['title'];
$description = $_POST['description'];
 
if ($page->isUserAdmin($page->getLoggedInUser()))
{
if (empty($title))
{
if ($page->isUserAdmin($page->getLoggedInUser())) {
if (empty($title)) {
$page->redirect('edit-category.php?error=No Title Specified');
}
$page->query('UPDATE ForumCategories SET Title = "' . $title . '", Description = "' . $description . '" WHERE ID = "' . $id . '"');
$args = array($title, $description, $id);
$page->query("UPDATE ForumCategories SET Title = ?, Description = ? WHERE ID = ?", $args);
$page->redirect('index.php');
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
 
?>
 
/forums/add-category-do.php
7,8 → 7,7
$page->checkLoggedIn();
 
$parentID = $_POST['parentID'];
if (empty($parentID))
{
if (empty($parentID)) {
$parentID = -1;
}
 
15,20 → 14,15
$title = $_POST['title'];
$description = $_POST['description'];
 
if ($page->isUserAdmin($page->getLoggedInUser()))
{
if (empty($title))
{
if ($page->isUserAdmin($page->getLoggedInUser())) {
if (empty($title)) {
$page->redirect('add-category.php?error=No Title Specified');
}
$page->query('INSERT INTO ForumCategories VALUES (0, "' . $parentID . '", "' . $title . '", "' . $description . '")');
$page->query("INSERT INTO ForumCategories VALUES (0, ?, ?, ?)", array($parentID, $title, $description));
$page->redirect('index.php?parentID=' . $parentID);
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
 
?>
 
/forums/delete-post-do.php
9,22 → 9,15
$id = $page->getGetID();
$post = $page->getForumPost($id);
 
if (($page->isUserAdmin($page->getLoggedInUser()) || $post->author->ID == $page->getLoggedInUser()->ID) && $post && $page->isUserNormal($page->getLoggedInUser()))
{
$page->query('DELETE FROM ForumPosts WHERE ID = "' . $id . '"');
if (($page->isUserAdmin($page->getLoggedInUser()) || $post->author->ID == $page->getLoggedInUser()->ID) && $post && $page->isUserNormal($page->getLoggedInUser())) {
$page->query("DELETE FROM ForumPosts WHERE ID = ?", array($id));
$page->redirect('index.php');
}
else
{
if (!$post)
{
} else {
if (!$post) {
$page->drawError('No such forum post, #' . $id);
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
}
 
?>
 
/projects/edit-project-do.php
22,37 → 22,34
 
if ($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $project->author->ID)
{
if (!empty($title))
{
$page->query('UPDATE Projects SET Title = "' . $title . '" WHERE ID = "' . $project->ID . '"');
if (!empty($title)) {
$page->query("UPDATE Projects SET Title = ? WHERE ID = ?", array($title, $project->ID));
}
if (!empty($description))
{
$page->query('UPDATE Projects SET Description = "' . $description . '" WHERE ID = "' . $project->ID . '"');
if (!empty($description)) {
$page->query("UPDATE Projects SET Description = ? WHERE ID = ?", array($description, $project->ID));
}
if (!empty($logoURL))
{
$page->query('UPDATE Projects SET LogoURL = "' . $logoURL . '" WHERE ID = "' . $project->ID . '"');
if (!empty($logoURL)) {
$page->query("UPDATE Projects SET LogoURL = ? WHERE ID = ?", array($logoURL, $project->ID));
}
if (!empty($websiteURL))
{
$page->query('UPDATE Projects SET WebsiteURL = "' . $websiteURL . '" WHERE ID = "' . $project->ID . '"');
if (!empty($websiteURL)) {
$page->query("UPDATE Projects SET WebsiteURL = ? WHERE ID = ?", array($websiteURL, $project->ID));
}
if (!empty($downloadURL))
{
$page->query('UPDATE Projects SET DownloadURL = "' . $downloadURL . '" WHERE ID = "' . $project->ID . '"');
if (!empty($downloadURL)) {
$page->query("UPDATE Projects SET DownloadURL = ? WHERE ID = ?", array($downloadURL, $project->ID));
}
if (!empty($latestVersion))
{
$page->query('UPDATE Projects SET LatestVersion = "' . $latestVersion . '" WHERE ID = "' . $project->ID . '"');
if (!empty($latestVersion)) {
$page->query("UPDATE Projects SET LatestVersion = ? WHERE ID = ?", array($latestVersion, $project->ID));
}
$page->query('UPDATE Projects SET LastUpdate = NOW() WHERE ID = "' . $project->ID . '"');
$page->query("UPDATE Projects SET LastUpdate = NOW() WHERE ID = ?", array($project->ID));
 
$page->redirect('index.php');
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
 
/projects/add-project-do.php
14,22 → 14,19
$page->checkLoggedIn();
$user = $page->getLoggedInUser();
 
if (empty($title))
{
if (empty($title)) {
$page->redirect('add-project.php?error=No Title Specified');
}
if (empty($description))
{
 
if (empty($description)) {
$page->redirect('add-project.php?error=No Title Specified');
}
 
if ($page->isUserGM($user))
{
$page->query('INSERT INTO Projects VALUES (0, "' . $user->ID . '", "' . $title . '", "' . $description . '", "' . $logoURL . '", "' . $downloadURL . '", "' . $websiteURL . '", "' . $latestVersion . '", NOW())');
if ($page->isUserGM($user)) {
$args = array($user->ID, $title, $description, $logoURL, $downloadURL, $websiteURL, $latestVersion);
$page->query("INSERT INTO Projects VALUES (0, ?, ?, ?, ?, ?, ?, ?, NOW())", $args);
$page->redirect('index.php');
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
 
/projects/delete-project-do.php
8,19 → 8,13
$id = $page->getGetID();
$project = $page->getProject($id);
 
if (($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $project->author->ID) && $project)
{
$page->query('DELETE FROM Projects WHERE ID = "' . $id . '"');
if (($page->isUserAdmin($page->getLoggedInUser()) || $page->getLoggedInUser()->ID == $project->author->ID) && $project) {
$page->query("DELETE FROM Projects WHERE ID = ?", array($id));
$page->redirect('index.php');
}
else
{
if (!$project)
{
} else {
if (!$project) {
$page->drawError('No such project, #' . $id);
}
else
{
} else {
$page->drawError('You do not have permission to access this page.');
}
}
/projects/index.php
22,7 → 22,7
write('<h3>' . $project->title . '</h3>');
write('<table style="border: 0px;">');
write('<tr>');
write('<td style="border: 0px; vertical-align: top;"><img class="smiley" src="' . $project->logoURL . '" /></td>');
write('<td style="border: 0px; vertical-align: top;"><img class="smiley" src="' . $project->logoURL . '" alt="' . $project->title . ' logo" /></td>');
write('<td style="border: 0px;">');
if (empty($project->latestVersion))
{
/register-do.php
42,7 → 42,8
$page->redirect('register.php?error=Incorrect reCAPTCHA response');
}
 
$page->query('INSERT INTO Users (AccessID, Username, Password, EmailAddress, Name, ChallengeID) VALUES (2, "' . $username . '", "' . sha1($password) . '", "' . $email . '", "' . $name . '", 0)');
$args = array(2, $username, sha1($password), $email, $name, 0);
$page->query("INSERT INTO Users (AccessID, Username, Password, EmailAddress, Name, ChallengeID) VALUES (?, ?, ?, ?, ?, ?)", $args);
 
$page->redirect('login.php');
 
/_taios.php
13,16 → 13,12
$this->drawnMiddle = false;
$this->drawnFooter = false;
$this->db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD);
if (!$this->db)
{
$this->drawError('Failed to connect to database: ' . mysql_error());
}
if (!mysql_select_db('Tim32'))
{
$this->drawError('Failed to select database: ' . mysql_error());
}
try {
$this->db = new PDO("mysql:dbname=Tim32;host=" . MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD,
array( PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES 'UTF8'" ));
} catch (PDOException $e) {
$this->drawError("Failed to connect to database!");
}
}
function drawHeader()
30,12 → 26,14
if (!$this->drawnHeader)
{
write('<!DOCTYPE html>');
write('<html>');
write('<html lang="en">');
write('<head>');
write('<meta http-equiv="Content-Type" content="text/html;charset=utf-8">');
write('<title>Tim32 &middot; ' . $this->title . '</title>');
write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="screen" />');
write('<link href="' . $this->url . 'styles.css" rel="stylesheet" type="text/css" media="all" />');
write('<link rel="shortcut icon" href="' . $this->url . 'data/favicon.png" />');
write('<script type="text/javascript" src="http://code.jquery.com/jquery-1.9.0.min.js"></script>');
write('<script type="text/javascript" src="' . $this->url . 'tcp.js"></script>');
write('</head>');
write('<body>');
write('<div class="sidebar">');
50,37 → 48,32
$this->drawMenuItem('Wiki', 'wiki/');
$this->drawMenuItem('Photos', 'photos/');
write('<br />');
if ($this->isLoggedIn() && $this->isUserNormal($this->getLoggedInUser()))
{
 
if ($this->isLoggedIn() && $this->isUserNormal($this->getLoggedInUser())) {
$this->drawMenuItem('Administration', 'admin/');
$this->drawMenuItem('Logout', 'logout-do.php');
}
else if ($this->isLoggedIn())
{
} else if ($this->isLoggedIn()) {
$this->drawMenuItem('Logout', 'logout-do.php');
if ($this->getLoggedInUser()->username != "cake")
 
if ($this->getLoggedInUser()->username != "cake") {
$this->drawMenuItem('You are banned', NULL);
else
} else {
$this->drawMenuItem('<span style="color:#032865">#undefined</span>', '/challenge/cakefolder');
}
else
{
}
} else {
$this->drawMenuItem('Login', 'login.php');
$this->drawMenuItem('Register', 'register.php');
}
 
write('<br />');
$this->drawnHeader = true;
}
}
function drawMenuItem($t, $u)
{
if($u == NULL)
{
function drawMenuItem($t, $u) {
if ($u == NULL) {
write('<p style="color:red">' . $t . '</p>');
}
else
{
} else {
write('<p><a href="' . $this->url . $u . '">' . $t . '</a></p>');
}
}
87,9 → 80,7
function drawMiddle()
{
if (!$this->drawnMiddle)
{
write('<br />');
if (!$this->drawnMiddle) {
write('</div>');
write('</div>');
write('<div class="content">');
103,7 → 94,6
{
if (!$this->drawnFooter)
{
write('<br /><p class="copyright">Tim32</p>');
write('</div>');
write('</body>');
write('</html>');
121,8 → 111,7
write('<h4 style="color: red;">Error: ' . $text . '</h4>');
if ($die)
{
if ($die) {
$this->drawFooter();
die();
}
185,18 → 174,6
function replaceBBCode($str)
{
/*$newstrarray = explode("\n", $str);
$newstr = "";
foreach ($newstrarray as $line)
{
if ($line == "\n" || $line == " \n" || $line == "\n " || $line == "\n\r")
{
$line = "</p><p>";
}
$newstr .= ($line . "\n");
}*/
$newstr = $str;
$newstr = str_replace("<", "&lt;", $newstr);
$newstr = str_replace(">", "&gt;", $newstr);
204,45 → 181,39
$newstr = str_replace("\\'", "'", $newstr);
$newstr = str_replace("\\\"",'"', $newstr);
$newstr = str_replace(' ', '&nbsp;&nbsp;', $newstr);
/* $newstr = str_replace(' :)', ' <img src="' . $this->url . 'data/smilies/face-smile.png" class="smiley" />', $newstr);
$newstr = str_replace(' :p', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />', $newstr);
$newstr = str_replace(' :P', ' <img src="' . $this->url . 'data/smilies/face-raspberry.png" class="smiley" />',$newstr);
$newstr = str_replace(' :|', ' <img src="' . $this->url . 'data/smilies/face-plain.png" class="smiley" />',$newstr);
$newstr = str_replace(' :D', ' <img src="' . $this->url . 'data/smilies/face-laugh.png" class="smiley" />',$newstr);
$newstr = str_replace(' =D', ' <img src="' . $this->url . 'data/smilies/face-laugh.png" class="smiley" />',$newstr);
$newstr = str_replace(' :(', ' <img src="' . $this->url . 'data/smilies/face-sad.png" class="smiley" />',$newstr);
$newstr = str_replace(' :0', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :o', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :O', ' <img src="' . $this->url . 'data/smilies/face-surprise.png" class="smiley" />',$newstr);
$newstr = str_replace(' :/', ' <img src="' . $this->url . 'data/smilies/face-uncertain.png" class="smiley" />',$newstr);
$newstr = str_replace(' ;)', ' <img src="' . $this->url . 'data/smilies/face-wink.png" class="smiley" />',$newstr);*/
$bbcode = array(
'/\[b\](.+?)\[\/b\]/is',
'/\[i\](.+?)\[\/i\]/is',
'/\[u\](.+?)\[\/u\]/is',
'/\[url\](.+?)\[\/url\]/is',
'/\[url="?(.+?)"?\](.+?)\[\/url\]/is',
'/\[code\](.+?)\[\/code\]/is',
'/\[img\](.+?)\[\/img\]/is',
'/\[ul\](.+?)\[\/ul\]/is',
'/\[ol\](.+?)\[\/ol\]/is',
'/\[li\](.+?)\[\/li\]/is',
'/\[mono\](.+?)\[\/mono\]/is'
'/\[b\](.+?)\[\/b\]/is',
'/\[i\](.+?)\[\/i\]/is',
'/\[u\](.+?)\[\/u\]/is',
'/\[url\](.+?)\[\/url\]/is',
'/\[w\](.+?)\[\/w\]/is',
'/\[url=(?:&quot;)?(.+?)(?:&quot;)?\](.+?)\[\/url\]/is',
'/\[w=(?:&quot;)?(.+?)(?:&quot;)?\](.+?)\[\/w\]/is',
'/\[code\](.+?)\[\/code\]/is',
'/\[img\](.+?)\[\/img\]/is',
'/\[ul\](.+?)\[\/ul\]/is',
'/\[ol\](.+?)\[\/ol\]/is',
'/\[li\](.+?)\[\/li\]/is',
'/\[mono\](.+?)\[\/mono\]/is',
'/\[tcp\](.+?)\[\/tcp\]/is'
);
 
$html = array(
'<b>$1</b>',
'<i>$1</i>',
'<u>$1</u>',
'<a href="$1">$1</a>',
'<a href="$1">$2</a>',
'</p><div class="code">$1</div><p>',
'<img src="$1" />',
'<ul>$1</ul>',
'<ol>$1</ol>',
'<li>$1</li>',
'<span style="font-family: Droid Sans Mono, monospace, fixed; margin-left: 1em; margin-right: 1em;">$1</span>',
'<b>$1</b>',
'<i>$1</i>',
'<u>$1</u>',
'<a href="$1">$1</a>',
'<a href="/wiki/index.php?page=$1">$1</a>',
'<a href="$1">$2</a>',
'<a href="/wiki/index.php?page=$1">$2</a>',
'</p><div class="code">$1</div><p>',
'<img src="$1" alt="BBCode-included image" />',
'<ul>$1</ul>',
'<ol>$1</ol>',
'<li>$1</li>',
'<span style="font-family: Droid Sans Mono, monospace, fixed; margin-left: 1em; margin-right: 1em;">$1</span>',
'<span class="tcp" data-status="closed" data-text="$1">$1<img title="Open TCP Editor" class="tcp_button" src="http://tim32.org/~freddie/timlan/goTCP.png" alt="Open TCP Editor" /></span>'
);
 
$newstr = preg_replace($bbcode, $html, $newstr);
353,24 → 324,22
}
}
function query($query)
function query($query, $args = array())
{
$result = mysql_query($query);
if (!$result)
{
$this->drawError('Query Failed: ' . $query . "\n" . 'MySQL Error: ' . mysql_error());
}
return $result;
$statement = $this->db->prepare($query);
if (!$statement->execute($args)) {
$this->drawError("Query Failed! MySQL Error: " . $statement->errorInfo());
}
return $statement->fetchAll();
}
function findIDs($table, $query = '')
function findIDs($table, $query = '', $args = array())
{
$array = array();
$result = $this->query('SELECT ID FROM ' . $table . ' ' . $query);
while ($row = mysql_fetch_array($result))
{
$results = $this->query('SELECT ID FROM ' . $table . ' ' . $query, $args);
foreach ($results as $row) {
array_push($array, $row['ID']);
}
379,10 → 348,8
function getUserByID($id)
{
$result = $this->query('SELECT * FROM Users WHERE ID = "' . $id . '"');
while ($row = mysql_fetch_array($result))
{
$user = new User;
foreach ($this->query("SELECT * FROM Users WHERE ID = ?", array($id)) as $row) {
$user = new User();
$user->ID = $row['ID'];
$user->accessID = $row['AccessID'];
$user->username = $row['Username'];
397,11 → 364,8
return false;
}
function getUserByUsername($username)
{
$result = $this->query('SELECT * FROM Users WHERE Username = "' . $username . '"');
while ($row = mysql_fetch_array($result))
{
function getUserByUsername($username) {
foreach ($this->query("SELECT * FROM Users WHERE Username = ?", array($username)) as $row) {
return $this->getUserByID($row['ID']);
}
408,10 → 372,8
return false;
}
function getLoggedInUser()
{
if ($this->isLoggedIn())
{
function getLoggedInUser() {
if ($this->isLoggedIn()) {
$clist = explode('|~|', $_COOKIE['Tim32_Login']);
return $this->getUserByUsername($clist[0]);
}
419,25 → 381,21
return false;
}
function getBlogPost($id)
{
$result = $this->query('SELECT * FROM BlogPosts WHERE ID = "' . $id . '"');
while ($row = mysql_fetch_array($result))
{
function getBlogPost($id) {
foreach ($this->query("SELECT * FROM BlogPosts WHERE ID = ?", array($id)) as $row) {
$post = new BlogPost;
$post->ID = $row['ID'];
if ($row['ParentID'] == -1)
{
if ($row['ParentID'] == -1) {
$post->parent = -1;
}
else
{
} else {
$post->parent = $this->getBlogPost($row['ParentID']);
}
$post->author = $this->getUserByID($row['AuthorID']);
$post->user = $this->getUserByID($row['AuthorID']); // For some older pages
$post->title = $row['Title'];
$post->content = $row['Content'];
$post->title = htmlspecialchars($row['Title']);
$post->content = htmlspecialchars($row['Content']);
$post->datePosted = strtotime($row['DatePosted']);
$post->category = $row['Category'];
$post->spam = $row['Spam'];
448,11 → 406,8
$this->drawError('Cannot find blog post, #' . $id);
}
function getProject($id)
{
$result = $this->query('SELECT * FROM Projects WHERE ID = "' . $id . '"');
while ($row = mysql_fetch_array($result))
{
function getProject($id) {
foreach ($this->query("SELECT * FROM Projects WHERE ID = ?", array($id)) as $row) {
$project = new Project;
$project->ID = $row['ID'];
471,11 → 426,8
return false;
}
function getForumCategory($id)
{
$result = $this->query('SELECT * FROM ForumCategories WHERE ID = "' . $id . '"');
while ($row = mysql_fetch_array($result))
{
function getForumCategory($id) {
foreach ($this->query("SELECT * FROM ForumCategories WHERE ID = ?", array($id)) as $row) {
$f = new ForumCategory;
$f->ID = $row['ID'];
489,11 → 441,8
return false;
}
function getForumPost($id)
{
$result = $this->query('SELECT * FROM ForumPosts WHERE ID = "' . $id . '"');
while ($row = mysql_fetch_array($result))
{
function getForumPost($id) {
foreach ($this->query("SELECT * FROM ForumPosts WHERE ID = ?", array($id)) as $row) {
$f = new ForumPost;
$f->ID = $row['ID'];
511,22 → 460,17
return false;
}
function delBlogPost($id)
{
$ids = $this->findIDs('BlogPosts', 'WHERE ParentID="' . $id . '"');
for ($i = 0; $i < count($ids); $i++)
{
$this->delBlogPost($ids[$i]);
function delBlogPost($id) {
foreach ($this->findIDs("BlogPosts", "WHERE ParentID = ?", array($id)) as $i) {
$this->delBlogPost($i);
}
 
$this->query('DELETE FROM BlogPosts WHERE ID="' . $id . '"');
$this->query("DELETE FROM BlogPosts WHERE ID = ?", array($id));
}
 
function getGetID()
{
function getGetID() {
$id = $_GET['id'];
if (empty($id))
{
if (empty($id)) {
$id = 1;
}
533,11 → 477,9
return $id;
}
function getPostID()
{
function getPostID() {
$id = $_POST['id'];
if (empty($id))
{
if (empty($id)) {
$id = 1;
}
/wiki/edit-do.php
2,6 → 2,22
 
require '../_taios.php';
 
if (get_magic_quotes_gpc()) {
$process = array(&$_GET, &$_POST, &$_COOKIE, &$_REQUEST);
while (list($key, $val) = each($process)) {
foreach ($val as $k => $v) {
unset($process[$key][$k]);
if (is_array($v)) {
$process[$key][stripslashes($k)] = $v;
$process[] = &$process[$key][stripslashes($k)];
} else {
$process[$key][stripslashes($k)] = stripslashes($v);
}
}
}
unset($process);
}
 
$pageName = $_POST['page'];
if (empty($pageName))
{
14,7 → 30,12
 
if ($page->isUserGM($page->getLoggedInUser()))
{
$pageName = str_replace("../", "/", $pageName);
 
$filename = 'pages/' . $pageName . '.txt';
 
if(!is_dir(dirname($filename)))
mkdir(dirname($filename), 0777, true);
$fp = @fopen($filename, 'w');
if ($fp)
/wiki/edit.php
16,6 → 16,8
 
if ($page->isUserGM($page->getLoggedInUser()))
{
$pageName = str_replace("../", "/", $pageName);
 
$filename = 'pages/' . $pageName . '.txt';
$content = "";
33,7 → 35,7
<input type="hidden" name="page" value="<?php echo $pageName; ?>" />
<table>
<tr>
<td><textarea name="content"><?php echo $content; ?></textarea></td>
<td><textarea name="content"><?php write($content); ?></textarea></td>
</tr>
<tr>
<td><input type="submit" value="Edit" /></td>
/wiki/index.php
45,6 → 45,8
write('<p class="bold"><a href="edit.php?page=' . $pageName . '">Edit Page</a></p><br />');
}
 
$pageName = str_replace("../", "/", $pageName);
 
$filename = 'pages/' . $pageName . '.txt';
 
$fp = @fopen($filename, 'r');
58,6 → 60,26
write('<p>This page is empty.</p>');
}
 
if(is_dir('pages/' . $pageName))
{
write('<p>Directory listing of ' . $pageName . ':</p>');
write('<ul>');
$dir = opendir('pages/' . $pageName);
if($dir)
{
while (($file = readdir($dir)) !== false)
{
if($file != '.' && $file != '..' && (preg_match('/\.txt$/', $file) || is_dir('pages/' . $pageName . '/' . $file)))
{
$file = preg_replace('/\.txt$/', '', $file);
write('<li><a href="index.php?page=' . $pageName . '/' . htmlspecialchars($file) . '">' . htmlspecialchars($file) . '</a></li>');
}
}
}
write('</ul>');
write('<p>End of directory listing</p>');
}
 
$page->drawFooter();
 
?>
/index.php
11,6 → 11,7
<p class="bold">Welcome to Tim32!</p>
<?php
write('<p>Tim32 is a ' . (date("Y") - 2000) . '-year-old laptop running Ubuntu Server Edition 10.04.</p>');
write('<p>On the other hand, Tim36 (which is serving this page) is a ' . (date("Y") - 2007) . '-year-old laptop running Ubuntu Server Edition 10.04.</p>');
?>
<p>By using this website, you hereby accept cookies being stored on your computer.</p>
<br />
/tcp.js
0,0 → 1,51
function updateResult(box, text) {
box.find(".tcp_inner_result").html("<i>Loading...</i>");
$.get('http://tim32.org/~freddie/VOSLookup/tcppop.php?totr=' + text, function(data) {
box.find(".tcp_inner_result").html(data);
});
}
 
function openBox(box) {
var text = box.attr("data-text");
box.append("<div class=\"tcp_inner\"><input type=\"text\" value=\"" + text + "\" /><input type=\"submit\" value=\"Parse\" /><br /><div class=\"tcp_inner_result\"></div></div>");
box.children(".tcp_inner").hide().fadeIn();
updateResult(box, text);
box.find("input[type=submit]").click(function() {
updateResult(box, box.find("input[type=text]").val());
return false;
});
 
box.find("input[type=text]").change(function() {
updateResult(box, $(this).val());
});
}
 
function closeBox(box) {
$(box).children(".tcp_inner").fadeOut(function() {
$(this).remove();
});
}
 
$(document).ready(function() {
$(".tcp .tcp_button").on("click", function() {
var box = $(this).parent();
var s = box.attr("data-status");
if (s == "closed") {
box.attr("data-status", "open");
$(this).attr("src", "http://tim32.org/~freddie/timlan/noTCP.png");
$(this).attr("title", "Close TCP Editor");
openBox(box);
} else {
box.attr("data-status", "closed");
$(this).attr("src", "http://tim32.org/~freddie/timlan/goTCP.png");
$(this).attr("title", "Open TCP Editor");
closeBox(box);
}
});
});
 
/styles.css
1,8 → 1,5
body {
background-color: #032865;
/* background-color: #FFFFFF;*/
color: #000000;
font-family: Droid Sans, Tahoma, sans-serif;
font-size: 10pt;
margin: 0px;
65,6 → 62,12
border: 1px solid #000000;
color: #000000;
background-color: #B5D7FF;
padding: 4px;
margin: 5px;
font-size: 11pt;
}
 
input[type=text], input[type=password] {
width: 500px;
}
 
99,10 → 102,13
width: 156px;
padding: 0px;
padding-left: 32px;
 
border-right: 2px solid #000049;
border-bottom: 2px solid #000049;
 
color: #FFFFFF;
/* height: 100%;*/
z-index: 50;
background-color: #032865;
}
 
.sidebar-header {
162,13 → 168,29
.code {
border-top: 2px solid #999999;
border-bottom: 2px solid #999999;
margin: 14px;
margin: 4px 16px;
padding: 3px;
background-color: #DDDDDD;
font-family: Droid Sans Mono, Monospace, Fixed;
font-size: 10pt;
line-height: 80%;
}
 
.tcp_button {
border: none;
margin: 0px 14px;
cursor: pointer;
}
 
.tcp_inner {
margin: 4px;
padding: 2px;
border: 1px solid #000000;
}
 
.tcp_inner_result {
margin: 6px;
}
 
.copyright {
color: #BBBBBB;
text-align: left;