OSDN Git Service

(root) / nucleus-jp / nucleus-jp-ancient.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Add some codes from 3.61. Currently files under /nucleus/libs and /nucleus/libs/sql...
[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / libs / SKIN.php
diff --git a/utf8/nucleus/libs/SKIN.php b/utf8/nucleus/libs/SKIN.php
index 746889e..7a48b60 100755 (executable)
--- a/utf8/nucleus/libs/SKIN.php
+++ b/utf8/nucleus/libs/SKIN.php
@@ -1,7 +1,7 @@
 <?php
 /*
  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2009 The Nucleus Group
+ * Copyright (C) 2002-2010 The Nucleus Group
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
@@ -13,7 +13,7 @@
  * Class representing a skin
  *
  * @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2009 The Nucleus Group
+ * @copyright Copyright (C) 2002-2010 The Nucleus Group
  * @version $Id$
  * @version $NucleusJP: SKIN.php,v 1.8.2.1 2007/09/05 07:45:01 kimitake Exp $
  */
@@ -39,8 +39,8 @@ class SKIN {
 
                // read skin name/description/content type
                $res = sql_query('SELECT * FROM '.sql_table('skin_desc').' WHERE sdnumber=' . $this->id);
-               $obj = mysql_fetch_object($res);
-               $this->isValid = (mysql_num_rows($res) > 0);
+               $obj = sql_fetch_object($res);
+               $this->isValid = (sql_num_rows($res) > 0);
                if (!$this->isValid)
                        return;
 
@@ -66,7 +66,7 @@ class SKIN {
         * @static
         */
        function exists($name) {
-               return quickQuery('select count(*) as result FROM '.sql_table('skin_desc').' WHERE sdname="'.addslashes($name).'"') > 0;
+               return quickQuery('select count(*) as result FROM '.sql_table('skin_desc').' WHERE sdname="'.sql_real_escape_string($name).'"') > 0;
        }
 
        /**
@@ -98,9 +98,9 @@ class SKIN {
        function getIdFromName($name) {
                $query =  'SELECT sdnumber'
                           . ' FROM '.sql_table('skin_desc')
-                          . ' WHERE sdname="'.addslashes($name).'"';
+                          . ' WHERE sdname="'.sql_real_escape_string($name).'"';
                $res = sql_query($query);
-               $obj = mysql_fetch_object($res);
+               $obj = sql_fetch_object($res);
                return $obj->sdnumber;
        }
 
@@ -133,8 +133,8 @@ class SKIN {
                        )
                );
 
-               sql_query('INSERT INTO '.sql_table('skin_desc')." (sdname, sddesc, sdtype, sdincmode, sdincpref) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "','".addslashes($type)."','".addslashes($includeMode)."','".addslashes($includePrefix)."')");
-               $newid = mysql_insert_id();
+               sql_query('INSERT INTO '.sql_table('skin_desc')." (sdname, sddesc, sdtype, sdincmode, sdincpref) VALUES ('" . sql_real_escape_string($name) . "','" . sql_real_escape_string($desc) . "','".sql_real_escape_string($type)."','".sql_real_escape_string($includeMode)."','".sql_real_escape_string($includePrefix)."')");
+               $newid = sql_insert_id();
 
                $manager->notify(
                        'PostAddSkin',
@@ -152,19 +152,20 @@ class SKIN {
        }
 
        function parse($type) {
-               global $manager, $CONF;
-
+               global $manager, $CONF, $skinid;
+               
                $manager->notify('InitSkinParse',array('skin' => &$this, 'type' => $type));
-
+               $skinid = $this->id;
+               
                // set output type
                sendContentType($this->getContentType(), 'skin', _CHARSET);
-
+               
                // set skin name as global var (so plugins can access it)
                global $currentSkinName;
                $currentSkinName = $this->getName();
-
+               
                $contents = $this->getContent($type);
-
+               
                if (!$contents) {
                        // use base skin if this skin does not have contents
                        $defskin =& new SKIN($CONF['BaseSkin']);
@@ -174,34 +175,36 @@ class SKIN {
                                return;
                        }
                }
-
+               
                $actions = $this->getAllowedActionsForType($type);
-
+               
                $manager->notify('PreSkinParse',array('skin' => &$this, 'type' => $type, 'contents' => &$contents));
-
+               $skinid = $this->id;
+               
                // set IncludeMode properties of parser
                PARSER::setProperty('IncludeMode',$this->getIncludeMode());
                PARSER::setProperty('IncludePrefix',$this->getIncludePrefix());
-
+               
                $handler =& new ACTIONS($type, $this);
                $parser =& new PARSER($actions, $handler);
                $handler->setParser($parser);
                $handler->setSkin($this);
                $parser->parse($contents);
-
+               
                $manager->notify('PostSkinParse',array('skin' => &$this, 'type' => $type));
+               $skinid = $this->id;
 
 
        }
 
        function getContent($type) {
-               $query = 'SELECT scontent FROM '.sql_table('skin')." WHERE sdesc=$this->id and stype='". addslashes($type) ."'";
+               $query = 'SELECT scontent FROM '.sql_table('skin')." WHERE sdesc=$this->id and stype='". sql_real_escape_string($type) ."'";
                $res = sql_query($query);
 
-               if (mysql_num_rows($res) == 0)
+               if (sql_num_rows($res) == 0)
                        return '';
                else
-                       return mysql_result($res, 0, 0);
+                       return sql_result($res, 0, 0);
        }
 
        /**
@@ -211,11 +214,11 @@ class SKIN {
                $skinid = $this->id;
 
                // delete old thingie
-               sql_query('DELETE FROM '.sql_table('skin')." WHERE stype='".addslashes($type)."' and sdesc=" . intval($skinid));
+               sql_query('DELETE FROM '.sql_table('skin')." WHERE stype='".sql_real_escape_string($type)."' and sdesc=" . intval($skinid));
 
                // write new thingie
                if ($content) {
-                       sql_query('INSERT INTO '.sql_table('skin')." SET scontent='" . addslashes($content) . "', stype='" . addslashes($type) . "', sdesc=" . intval($skinid));
+                       sql_query('INSERT INTO '.sql_table('skin')." SET scontent='" . sql_real_escape_string($content) . "', stype='" . sql_real_escape_string($type) . "', sdesc=" . intval($skinid));
                }
        }
 
@@ -231,11 +234,11 @@ class SKIN {
         */
        function updateGeneralInfo($name, $desc, $type = 'text/html', $includeMode = 'normal', $includePrefix = '') {
                $query =  'UPDATE '.sql_table('skin_desc').' SET'
-                          . " sdname='" . addslashes($name) . "',"
-                          . " sddesc='" . addslashes($desc) . "',"
-                          . " sdtype='" . addslashes($type) . "',"
-                          . " sdincmode='" . addslashes($includeMode) . "',"
-                          . " sdincpref='" . addslashes($includePrefix) . "'"
+                          . " sdname='" . sql_real_escape_string($name) . "',"
+                          . " sddesc='" . sql_real_escape_string($desc) . "',"
+                          . " sdtype='" . sql_real_escape_string($type) . "',"
+                          . " sdincmode='" . sql_real_escape_string($includeMode) . "',"
+                          . " sdincpref='" . sql_real_escape_string($includePrefix) . "'"
                           . " WHERE sdnumber=" . $this->getID();
                sql_query($query);
        }
@@ -257,7 +260,7 @@ class SKIN {
 
                $query = "SELECT stype FROM " . sql_table('skin') . " WHERE stype NOT IN ('index', 'item', 'error', 'search', 'archive', 'archivelist', 'imagepopup', 'member')";
                $res = sql_query($query);
-               while ($row = mysql_fetch_array($res)) {
+               while ($row = sql_fetch_array($res)) {
                        $skintypes[strtolower($row['stype'])] = ucfirst($row['stype']);
                }
 
@@ -279,6 +282,7 @@ class SKIN {
                                                                'sitevar',
                                                                'otherarchivelist',
                                                                'otherarchivedaylist',
+                                                               'otherarchiveyearlist',
                                                                'self',
                                                                'adminurl',
                                                                'todaylink',
@@ -298,9 +302,10 @@ class SKIN {
                                                                'ifnot',
                                                                'elseifnot',
                                                                'charset',
-                                                               'bloglist',\r
-                                                               'addlink',\r
-                                                               'addpopupcode'\r
+                                                               'bloglist',
+                                                               'addlink',
+                                                               'addpopupcode',
+                                                               'sticky'
                                                                );
 
                // extra actions specific for a certain skin type
@@ -315,6 +320,7 @@ class SKIN {
                                                                'categorylist',
                                                                'archivelist',
                                                                'archivedaylist',
+                                                               'archiveyearlist',
                                                                'nextlink',
                                                                'prevlink'
                                                                );
@@ -326,6 +332,7 @@ class SKIN {
                                                                'categorylist',
                                                                'archivelist',
                                                                'archivedaylist',
+                                                               'archiveyearlist',
                                                                'blogsetting',
                                                                'archivedate',
                                                                'nextarchive',
@@ -339,6 +346,7 @@ class SKIN {
                                $extraActions = array('blog',
                                                                'archivelist',
                                                                'archivedaylist',
+                                                               'archiveyearlist',
                                                                'categorylist',
                                                                'blogsetting',
                                                           );
@@ -347,6 +355,7 @@ class SKIN {
                                $extraActions = array('blog',
                                                                'archivelist',
                                                                'archivedaylist',
+                                                               'archiveyearlist',
                                                                'categorylist',
                                                                'searchresults',
                                                                'othersearchresults',
@@ -365,7 +374,8 @@ class SKIN {
                                $extraActions = array(
                                                                'membermailform',
                                                                'blogsetting',
-                                                               'nucleusbutton'
+//                                                             'nucleusbutton'
+                                                               'categorylist'
                                );
                                break;
                        case 'item':
@@ -384,6 +394,7 @@ class SKIN {
                                                                'categorylist',
                                                                'archivelist',
                                                                'archivedaylist',
+                                                               'archiveyearlist',
                                                                'itemtitle',
                                                                'itemid',
                                                                'itemlink',
@@ -391,7 +402,8 @@ class SKIN {
                                break;
                        case 'error':
                                $extraActions = array(
-                                                               'errormessage'
+                                                               'errormessage',
+                                                               'categorylist'
                                );
                                break;
                        default:
@@ -404,12 +416,12 @@ class SKIN {
                                                'categorylist',
                                                'archivelist',
                                                'archivedaylist',
+                                               'archiveyearlist',
                                                'nextlink',
-                                               'archivelist',
-                                               'archivedaylist',
                                                'prevlink',
                                                'membermailform',
-                                               'nucleusbutton'
+//                                             'nucleusbutton'
+                                               'categorylist'
                                        );
                                }
                                break;
Nucleus CMS日本語版SVNをgit-svnしたもの。リポジトリの変換作業用
About OSDN
Find Software
Develop Software
Help