$manager->notify('PreAddItem',array('title' => &$title, 'body' => &$body, 'more' => &$more, 'blog' => &$this, 'authorid' => &$authorid, 'timestamp' => &$timestamp, 'closed' => &$closed, 'draft' => &$draft, 'catid' => &$catid));
- $title = sql_real_escape_string($title);
- $body = sql_real_escape_string($body);
- $more = sql_real_escape_string($more);
+ $ititle = sql_real_escape_string($title);
+ $ibody = sql_real_escape_string($body);
+ $imore = sql_real_escape_string($more);
$query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IDRAFT, ICAT, IPOSTED) '
- . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $draft, $catid, $posted)";
+ . "VALUES ('$ititle', '$ibody', '$imore', $blogid, $authorid, '$timestamp', $closed, $draft, $catid, $posted)";
sql_query($query);
$itemid = sql_insert_id();
// send notification mail
if (!$draft && !$isFuture && $this->getNotifyAddress() && $this->notifyOnNewItem())
- $this->sendNewItemNotification($itemid, stripslashes($title), stripslashes($body));
+ $this->sendNewItemNotification($itemid, $title, $body);
- return $itemid;
+ return $itemid;
}
function sendNewItemNotification($itemid, $title, $body) {
. ' WHERE'
. ' i.iblog = ' . $this->blogid
. ' and i.iauthor = m.mnumber'
- . ' and i.icat = c.catid'
- . ' and i.idraft = 0' // exclude drafts
- // don't show future items
- . ' and i.itime <= ' . mysqldate($this->getCorrectTime());
- if (!$showDrafts) $query .= ' and i.idraft=0'; // exclude drafts
- if (!$showFuture) $query .= ' and i.itime<=' . mysqldate($this->getCorrectTime()); // don't show future items
+ . ' and i.icat = c.catid';
+ if (!$showDrafts) $query .= ' and i.idraft=0'; // exclude drafts
+ if (!$showFuture) $query .= ' and i.itime<=' . mysqldate($this->getCorrectTime()); // don't show future items
+
//$query .= ' and i.inumber IN ('.$itemlist.')';
$query .= ' and i.inumber = '.intval($value);
$query .= ')';