OSDN Git Service

PDO対応
authorshizuki <shizuki@1ca29b6e-896d-4ea0-84a5-967f57386b96>
Tue, 23 Jun 2009 13:45:10 +0000 (13:45 +0000)
committershizuki <shizuki@1ca29b6e-896d-4ea0-84a5-967f57386b96>
Tue, 23 Jun 2009 13:45:10 +0000 (13:45 +0000)
git-svn-id: https://svn.sourceforge.jp/svnroot/nucleus-jp/nucleus-jp/trunk@1017 1ca29b6e-896d-4ea0-84a5-967f57386b96

32 files changed:
utf8/config.php
utf8/install.php
utf8/install_lang_japanese.php
utf8/nucleus/documentation/history.html
utf8/nucleus/libs/ADMIN.php
utf8/nucleus/libs/BAN.php
utf8/nucleus/libs/BLOG.php
utf8/nucleus/libs/COMMENT.php
utf8/nucleus/libs/COMMENTS.php
utf8/nucleus/libs/ITEM.php
utf8/nucleus/libs/KARMA.php
utf8/nucleus/libs/MANAGER.php
utf8/nucleus/libs/MEMBER.php
utf8/nucleus/libs/PLUGIN.php
utf8/nucleus/libs/SEARCH.php
utf8/nucleus/libs/SKIN.php
utf8/nucleus/libs/TEMPLATE.php
utf8/nucleus/libs/backup.php
utf8/nucleus/libs/globalfunctions.php
utf8/nucleus/libs/showlist.php
utf8/nucleus/libs/skinie.php
utf8/nucleus/libs/sql/mysql.php [new file with mode: 0644]
utf8/nucleus/libs/sql/pdo.php [new file with mode: 0644]
utf8/nucleus/media.php
utf8/nucleus/plugins/NP_SecurityEnforcer.php
utf8/nucleus/plugins/NP_Text.php
utf8/nucleus/plugins/securityenforcer/index.php
utf8/nucleus/xmlrpc/api_blogger.inc.php
utf8/nucleus/xmlrpc/api_metaweblog.inc.php
utf8/nucleus/xmlrpc/api_mt.inc.php
utf8/nucleus/xmlrpc/api_nucleus.inc.php
utf8/nucleus/xmlrpc/server.php

index 4a4caad..b587c78 100755 (executable)
@@ -1,22 +1,22 @@
 <?php
-\r
-/*\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
- * Copyright (C) 2002-2009 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- */\r
-\r
-/**\r
- * Nucleus configration file\r
- * @license http://nucleuscms.org/license.txt GNU General Public License\r
- * @copyright Copyright (C) 2002-2009 The Nucleus Group\r
- * @version $Id$\r
- */\r
+
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2009 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+
+/**
+ * Nucleus configration file
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2009 The Nucleus Group
+ * @version $Id$
+ */
 
 // This file contains variables with the locations of the data dirs
 // and basic functions that every page can use
@@ -27,6 +27,10 @@ $MYSQL_USER     = 'username';
 $MYSQL_PASSWORD = 'password';
 $MYSQL_DATABASE = 'databasename';
 $MYSQL_PREFIX   = '';
+// new in 3.50. first element is db handler, the second is the db driver used by the handler
+// default is $MYSQL_HANDLER = array('mysql','mysql');
+$MYSQL_HANDLER = array('mysql','mysql');
+//$MYSQL_HANDLER = array('pdo','mysql');
 
 // main nucleus directory
 $DIR_NUCLEUS = '/your/path/to/nucleus/';
index 19b5eb5..7060b23 100755 (executable)
@@ -70,9 +70,17 @@ if (phpversion() >= '4.1.0') {
        include_once('nucleus/libs/vars4.0.6.php');\r
 }\r
 \r
-include_once('nucleus/libs/mysql.php');\r
+// include core classes that are needed for login & plugin handling\r
+// added for 3.5 sql_* wrapper\r
+global $MYSQL_HANDLER;\r
+if (!isset($MYSQL_HANDLER))\r
+       $MYSQL_HANDLER = array('mysql','');\r
+include_once(str_replace("install.php", "", __FILE__) . 'nucleus/libs/sql/'.$MYSQL_HANDLER[0].'.php');\r
+// end new for 3.5 sql_* wrapper\r
+include_once(str_replace("install.php", "", __FILE__) . '/nucleus/libs/mysql.php');\r
 \r
 // check if mysql support is installed\r
+// this check may not make sense, as is, in a version past 3.5x\r
        if (!function_exists('mysql_query') ) {\r
                _doError(_ERROR1);\r
        }\r
@@ -162,16 +170,16 @@ function showInstallForm() {
 \r
 <?php\r
        // note: this piece of code is taken from phpMyAdmin\r
-       $result = @mysql_query('SELECT VERSION() AS version');\r
+       $result = @sql_query('SELECT VERSION() AS version');\r
 \r
-       if ($result != FALSE && @mysql_num_rows($result) > 0) {\r
-               $row   = mysql_fetch_array($result);\r
+       if ($result != FALSE && @sql_num_rows($result) > 0) {\r
+               $row   = sql_fetch_array($result);\r
                $match = explode('.', $row['version']);\r
        } else {\r
-               $result = @mysql_query('SHOW VARIABLES LIKE \'version\'');\r
+               $result = @sql_query('SHOW VARIABLES LIKE \'version\'');\r
 \r
-               if ($result != FALSE && @mysql_num_rows($result) > 0) {\r
-                       $row   = mysql_fetch_row($result);\r
+               if ($result != FALSE && @sql_num_rows($result) > 0) {\r
+                       $row   = sql_fetch_row($result);\r
                        $match = explode('.', $row[1]);\r
                } else {\r
                        $output = shell_exec('mysql -V');\r
@@ -564,11 +572,13 @@ function doInstall() {
        }\r
 \r
        // 2-1. try to log in to mySQL\r
+\r
        global $MYSQL_CONN;\r
-       $MYSQL_CONN = @mysql_connect($mysql_host, $mysql_user, $mysql_password);\r
+       // this will need to be changed if we ever allow\r
+       $MYSQL_CONN = @sql_connect_args($mysql_host, $mysql_user, $mysql_password);\r
 \r
        if ($MYSQL_CONN == false) {\r
-               _doError(_ERROR15 . ': ' . mysql_error() );\r
+               _doError(_ERROR15 . ': ' . sql_error() );\r
        }\r
 \r
 // <add for garble measure>\r
@@ -577,7 +587,7 @@ function doInstall() {
        if ($mySqlVer >= '5.0.7' && phpversion() >= '5.2.3') {\r
                mysql_set_charset($charset);\r
        } elseif ($mySqlVer >= '4.1.0') {\r
-               mysql_query("SET NAMES " . $charset);\r
+               sql_query("SET NAMES " . $charset);\r
        }\r
        $collation = ($charset == 'utf8') ? 'utf8_unicode_ci' : 'ujis_japanese_ci';\r
 // </add for garble measure>*/\r
@@ -594,11 +604,11 @@ function doInstall() {
                          .     $collation;\r
        }\r
 // </add for garble measure>*/\r
-               mysql_query($sql) or _doError(_ERROR16 . ': ' . mysql_error());\r
+               sql_query($sql) or _doError(_ERROR16 . ': ' . sql_error());\r
        }\r
 \r
        // 4. try to select database\r
-       mysql_select_db($mysql_database) or _doError(_ERROR17);\r
+       sql_select_db($mysql_database) or _doError(_ERROR17);\r
 \r
        // 5. execute queries\r
        $filename = 'install.sql';\r
@@ -673,7 +683,7 @@ function doInstall() {
                        }\r
 // </add for garble measure>*/\r
 \r
-                       mysql_query($query) or _doError(_ERROR30 . ' (<small>' . htmlspecialchars($query) . '</small>): ' . mysql_error() );\r
+                       sql_query($query) or _doError(_ERROR30 . ' (<small>' . htmlspecialchars($query) . '</small>): ' . sql_error() );\r
                }\r
        }\r
 \r
@@ -695,7 +705,7 @@ function doInstall() {
                         . " '" . $itm_body . "',"\r
                         . " '" . $itm_more . "',"\r
                         . " 1, 1, '2005-08-15 11:04:26', 0, 0, 0, 1, 0, 1);";\r
-       mysql_query($newpost) or _doError(_ERROR18 . ' (<small>' . htmlspecialchars($newpost) . '</small>): ' . mysql_error() );\r
+       sql_query($newpost) or _doError(_ERROR18 . ' (<small>' . htmlspecialchars($newpost) . '</small>): ' . sql_error() );\r
 \r
        // 6. update global settings\r
        updateConfig('IndexURL',   $config_indexurl);\r
@@ -722,7 +732,7 @@ function doInstall() {
                   . " WHERE"\r
                   . " mnumber       = 1";\r
 \r
-       mysql_query($query) or _doError(_ERROR19 . ': ' . mysql_error() );\r
+       sql_query($query) or _doError(_ERROR19 . ': ' . sql_error() );\r
 \r
        // 8. update weblog settings\r
        $query = 'UPDATE ' . tableName('nucleus_blog')\r
@@ -732,7 +742,7 @@ function doInstall() {
                   . " WHERE"\r
                   . " bnumber    = 1";\r
 \r
-       mysql_query($query) or _doError(_ERROR20 . ': ' . mysql_error() );\r
+       sql_query($query) or _doError(_ERROR20 . ': ' . sql_error() );\r
 \r
        // 8-2. update category settings\r
        if ($charset == 'ujis') {\r
@@ -748,14 +758,14 @@ function doInstall() {
                   . " WHERE"\r
                   . " catid      = 1";\r
 \r
-       mysql_query($query) or _doError(_ERROR20 . ': ' . mysql_error() );\r
+       sql_query($query) or _doError(_ERROR20 . ': ' . sql_error() );\r
 \r
        // 9. update item date\r
        $query = 'UPDATE ' . tableName('nucleus_item')\r
                   . " SET   itime   = '" . date('Y-m-d H:i:s', time() ) ."'"\r
                   . " WHERE inumber = 1";\r
 \r
-       mysql_query($query) or _doError(_ERROR21 . ': ' . mysql_error() );\r
+       sql_query($query) or _doError(_ERROR21 . ': ' . sql_error() );\r
 \r
        global $aConfPlugsToInstall, $aConfSkinsToImport;\r
        $aSkinErrors = array();\r
@@ -781,7 +791,7 @@ function doInstall() {
                $DIR_LIBS    = $DIR_NUCLEUS . 'libs/';\r
 \r
                // close database connection (needs to be closed if we want to include globalfunctions.php)\r
-               mysql_close();\r
+               sql_close();\r
 \r
                $manager = '';\r
                include_once($DIR_LIBS . 'globalfunctions.php');\r
@@ -811,6 +821,10 @@ function doInstall() {
                $config_data .= "       \$MYSQL_PASSWORD = '" . $mysql_password . "';\n";\r
                $config_data .= "       \$MYSQL_DATABASE = '" . $mysql_database . "';\n";\r
                $config_data .= "       \$MYSQL_PREFIX   = '" . (($mysql_usePrefix == 1) ? $mysql_prefix : '') . "';\n";\r
+               $config_data .= "       // new in 3.50. first element is db handler, the second is the db driver used by the handler\n";\r
+               $config_data .= "       // default is \$MYSQL_HANDLER = array('mysql','mysql');\n";\r
+               $config_data .= "       \$MYSQL_HANDLER = array('mysql','mysql');\n";\r
+               $config_data .= "       //\$MYSQL_HANDLER = array('pdo','mysql');\n";\r
                $config_data .= "\n";\r
                $config_data .= "       // main nucleus directory\n";\r
                $config_data .= "       \$DIR_NUCLEUS = '" . $config_adminpath . "';\n";\r
@@ -929,11 +943,11 @@ function doInstall() {
                <li><?php echo _TEXT15_L3; ?></li>\r
                </ul>\r
 \r
-       <?php echo _TEXT15_EX; ?>\r
+       <?php echo _TEXT16; ?>\r
 \r
        <h1><?php echo _HEADER11; ?></h1>\r
 \r
-       <p><?php echo _TEXT16; ?>\r
+       <p><?php echo _TEXT16_H; ?>\r
                <ul>\r
                        <li><a href="<?php echo $config_adminurl?>"><?php echo _TEXT16_L1; ?></a></li>\r
                        <li><a href="<?php echo $config_indexurl?>"><?php echo _TEXT16_L2; ?></a></li>\r
@@ -956,7 +970,7 @@ function installCustomPlugs(&$manager) {
        }\r
 \r
        $res = sql_query('SELECT * FROM ' . sql_table('plugin') );\r
-       $numCurrent = mysql_num_rows($res);\r
+       $numCurrent = sql_num_rows($res);\r
 \r
        foreach ($aConfPlugsToInstall as $plugName) {\r
                // do this before calling getPlugin (in case the plugin id is used there)\r
@@ -984,7 +998,7 @@ function installCustomPlugs(&$manager) {
        // loop over all installed plugins\r
        $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin') );\r
 \r
-       while($o = mysql_fetch_object($res) ) {\r
+       while($o = sql_fetch_object($res) ) {\r
                $pid  =  $o->pid;\r
                $plug =& $manager->getPlugin($o->pfile);\r
 \r
@@ -1090,8 +1104,8 @@ function updateConfig($name, $val) {
                   . " SET   value = '$val'"\r
                   . " WHERE name  = '$name'";\r
 \r
-       mysql_query($query) or _doError(_ERROR26 . ': ' . mysql_error() );\r
-       return mysql_insert_id();\r
+       sql_query($query) or _doError(_ERROR26 . ': ' . mysql_error() );\r
+       return sql_insert_id();\r
 }\r
 \r
 function replaceDoubleBackslash($input) {\r
index ae3f562..84dc0fd 100644 (file)
@@ -150,7 +150,7 @@ define('_TEXT15_L3',                        '<b>install_lang_japanese.php</b>:インストーラの
 define('_TEXT15_EX',                   '<p>もしこれらのファイルを削除していなければ、管理領域を開くことが出来ません。</p>');\r
 \r
 define('_HEADER11',                            'ウェブサイトの確認');\r
-define('_TEXT16',                              'ウェブサイトを使う準備が整いました。');\r
+define('_TEXT16_H',                            'ウェブサイトを使う準備が整いました。');\r
 define('_TEXT16_L1',                   '管理領域にログインしてサイトの設定を行う');\r
 define('_TEXT16_L2',                   'すぐにサイトへ行ってみる');\r
 \r
index b813c9c..877e35b 100755 (executable)
@@ -57,6 +57,7 @@
        <li>\r
                <strong>Nucleus v3.5 (SVN)</strong>\r
                <ul>\r
+                       <li>ADDED/CHANGED: extended sql_* api to cover all mysql_* functions used in core. Functions loaded from nucleus/libs/sql/ folder. See <a href="http://wakka.xiffy.nl/planning:3.50#mysql_api_warning" title="sql API">here</a>. (ftruscot)</li>\r
                        <li>FIXED: atom.phpとxml-rss2.phpで_CHARSETをチェックして文字コード変換(<a href="http://japan.nucleuscms.org/bb/viewtopic.php?t=4376" target="_blank" class="postlink">Nicleus3.41 へアップグレード後 xml-rss2.php でエラー</a>)(きゃしゃ)</li>\r
                        <li>CHANGED: SEARCH.php改良(<a href="http://japan.nucleuscms.org/bb/viewtopic.php?t=4370" target="_blank" class="postlink">&lt;%relevance%&gt;対応SEARCH.php</a>、<a href="http://japan.nucleuscms.org/bb/viewtopic.php?t=3824" target="_blank" class="postlink">検索結果の正確さ</a>)(きゃしゃ)</li>\r
                        <li>CHANGED: _CHARSETチェックのときにstrtoupper(きゃしゃ)</li>\r
index bec886d..682ce2a 100755 (executable)
@@ -534,7 +534,7 @@ class ADMIN {
                                case 'unsetadmin':\r
                                        // there should always remain at least one super-admin\r
                                        $r = sql_query('SELECT * FROM '.sql_table('member'). ' WHERE madmin=1 and mcanlogin=1');\r
-                                       if (mysql_num_rows($r) < 2)\r
+                                       if (sql_num_rows($r) < 2)\r
                                                $error = _ERROR_ATLEASTONEADMIN;\r
                                        else\r
                                                sql_query('UPDATE ' . sql_table('member') .' SET madmin=0 WHERE mnumber='.$memberid);\r
@@ -604,7 +604,7 @@ class ADMIN {
                                case 'unsetadmin':\r
                                        // there should always remain at least one admin\r
                                        $r = sql_query('SELECT * FROM '.sql_table('team').' WHERE tadmin=1 and tblog='.$blogid);\r
-                                       if (mysql_num_rows($r) < 2)\r
+                                       if (sql_num_rows($r) < 2)\r
                                                $error = _ERROR_ATLEASTONEBLOGADMIN;\r
                                        else\r
                                                sql_query('UPDATE '.sql_table('team').' SET tadmin=0 WHERE tblog='.$blogid.' and tmember='.$memberid);\r
@@ -826,7 +826,7 @@ class ADMIN {
                else\r
                        $queryBlogs =  'SELECT bnumber FROM '.sql_table('blog').', '.sql_table('team').' WHERE tblog=bnumber and tmember=' . $member->getID();\r
                $rblogids = sql_query($queryBlogs);\r
-               while ($o = mysql_fetch_object($rblogids))\r
+               while ($o = sql_fetch_object($rblogids))\r
                        if ($o->bnumber != $iForcedBlogInclude)\r
                                $aBlogIds[] = intval($o->bnumber);\r
 \r
@@ -840,10 +840,10 @@ class ADMIN {
                $queryBlogs =  'SELECT bnumber, bname FROM '.sql_table('blog').' WHERE bnumber in ('.implode(',',$aBlogIds).') ORDER BY bname';\r
                $blogs = sql_query($queryBlogs);\r
                if ($mode == 'category') {\r
-                       if (mysql_num_rows($blogs) > 1)\r
+                       if (sql_num_rows($blogs) > 1)\r
                                $multipleBlogs = 1;\r
 \r
-                       while ($oBlog = mysql_fetch_object($blogs)) {\r
+                       while ($oBlog = sql_fetch_object($blogs)) {\r
                                if ($multipleBlogs)\r
                                        echo '<optgroup label="',htmlspecialchars($oBlog->bname),'">';\r
 \r
@@ -856,7 +856,7 @@ class ADMIN {
 \r
                                // 2. for each category in that blog\r
                                $categories = sql_query('SELECT cname, catid FROM '.sql_table('category').' WHERE cblog=' . $oBlog->bnumber . ' ORDER BY cname ASC');\r
-                               while ($oCat = mysql_fetch_object($categories)) {\r
+                               while ($oCat = sql_fetch_object($categories)) {\r
                                        if ($oCat->catid == $selected)\r
                                                $selectText = ' selected="selected" ';\r
                                        else\r
@@ -869,7 +869,7 @@ class ADMIN {
                        }\r
                } else {\r
                        // blog mode\r
-                       while ($oBlog = mysql_fetch_object($blogs)) {\r
+                       while ($oBlog = sql_fetch_object($blogs)) {\r
                                echo '<option value="',$oBlog->bnumber,'"';\r
                                if ($oBlog->bnumber == $selected)\r
                                        echo ' selected="selected"';\r
@@ -1334,7 +1334,7 @@ class ADMIN {
                $currenttime = $blog->getCorrectTime(time());\r
                $result = sql_query("SELECT * FROM ".sql_table('item').\r
                        " WHERE iblog='".$blogid."' AND iposted=0 AND itime>".mysqldate($currenttime));\r
-               if (mysql_num_rows($result) > 0) {\r
+               if (sql_num_rows($result) > 0) {\r
                                $blog->setFuturePost();\r
                }\r
                else {\r
@@ -1631,7 +1631,7 @@ class ADMIN {
 \r
                // get itemid\r
                $res = sql_query('SELECT citem FROM '.sql_table('comment').' WHERE cnumber=' . $commentid);\r
-               $o = mysql_fetch_object($res);\r
+               $o = sql_fetch_object($res);\r
                $itemid = $o->citem;\r
 \r
                if ($member->canAlterItem($itemid))\r
@@ -1694,7 +1694,7 @@ class ADMIN {
 \r
                // get item id first\r
                $res = sql_query('SELECT citem FROM '.sql_table('comment') .' WHERE cnumber=' . $commentid);\r
-               $o = mysql_fetch_object($res);\r
+               $o = sql_fetch_object($res);\r
                $itemid = $o->citem;\r
 \r
                $error = $this->deleteOneComment($commentid);\r
@@ -2015,7 +2015,7 @@ class ADMIN {
                   )\r
                {\r
                        $r = sql_query('SELECT * FROM '.sql_table('member').' WHERE madmin=1 and mcanlogin=1');\r
-                       if (mysql_num_rows($r) < 2)\r
+                       if (sql_num_rows($r) < 2)\r
                                $this->error(_ERROR_ATLEASTONEADMIN);\r
                }\r
 \r
@@ -2428,7 +2428,7 @@ class ADMIN {
                        // (check for at least two admins before deletion)\r
                        $query = 'SELECT * FROM '.sql_table('team') . ' WHERE tblog='.$blogid.' and tadmin=1';\r
                        $r = sql_query($query);\r
-                       if (mysql_num_rows($r) < 2)\r
+                       if (sql_num_rows($r) < 2)\r
                                return _ERROR_ATLEASTONEBLOGADMIN;\r
                }\r
 \r
@@ -2457,7 +2457,7 @@ class ADMIN {
                // don't allow when there is only one admin at this moment\r
                if ($mem->isBlogAdmin($blogid)) {\r
                        $r = sql_query('SELECT * FROM '.sql_table('team') . " WHERE tblog=$blogid and tadmin=1");\r
-                       if (mysql_num_rows($r) == 1)\r
+                       if (sql_num_rows($r) == 1)\r
                                $this->error(_ERROR_ATLEASTONEBLOGADMIN);\r
                }\r
 \r
@@ -2502,7 +2502,7 @@ class ADMIN {
                <?php\r
                        $res = sql_query('SELECT mname, mrealname FROM ' . sql_table('member') . ',' . sql_table('team') . ' WHERE mnumber=tmember AND tblog=' . intval($blogid));\r
                        $aMemberNames = array();\r
-                       while ($o = mysql_fetch_object($res))\r
+                       while ($o = sql_fetch_object($res))\r
                                array_push($aMemberNames, htmlspecialchars($o->mname) . ' (' . htmlspecialchars($o->mrealname). ')');\r
                        echo implode(',', $aMemberNames);\r
                ?>\r
@@ -2706,7 +2706,7 @@ class ADMIN {
 \r
                $query = 'SELECT * FROM '.sql_table('category') . ' WHERE cname=\'' . addslashes($cname).'\' and cblog=' . intval($blogid);\r
                $res = sql_query($query);\r
-               if (mysql_num_rows($res) > 0)\r
+               if (sql_num_rows($res) > 0)\r
                        $this->error(_ERROR_DUPCATEGORYNAME);\r
 \r
                $blog           =& $manager->getBlog($blogid);\r
@@ -2733,7 +2733,7 @@ class ADMIN {
                $member->blogAdminRights($blogid) or $this->disallow();\r
 \r
                $res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cblog=$blogid AND catid=$catid");\r
-               $obj = mysql_fetch_object($res);\r
+               $obj = sql_fetch_object($res);\r
 \r
                $cname = $obj->cname;\r
                $cdesc = $obj->cdesc;\r
@@ -2796,7 +2796,7 @@ class ADMIN {
 \r
                $query = 'SELECT * FROM '.sql_table('category').' WHERE cname=\'' . addslashes($cname).'\' and cblog=' . intval($blogid) . " and not(catid=$catid)";\r
                $res = sql_query($query);\r
-               if (mysql_num_rows($res) > 0)\r
+               if (sql_num_rows($res) > 0)\r
                        $this->error(_ERROR_DUPCATEGORYNAME);\r
 \r
                $query =  'UPDATE '.sql_table('category').' SET'\r
@@ -2844,7 +2844,7 @@ class ADMIN {
                // check if catid is the only category left for blogid\r
                $query = 'SELECT catid FROM '.sql_table('category').' WHERE cblog=' . $blogid;\r
                $res = sql_query($query);\r
-               if (mysql_num_rows($res) == 1)\r
+               if (sql_num_rows($res) == 1)\r
                        $this->error(_ERROR_DELETELASTCATEGORY);\r
 \r
 \r
@@ -2916,7 +2916,7 @@ class ADMIN {
                // check if catid is the only category left for blogid\r
                $query = 'SELECT catid FROM '.sql_table('category').' WHERE cblog=' . $blogid;\r
                $res = sql_query($query);\r
-               if (mysql_num_rows($res) == 1)\r
+               if (sql_num_rows($res) == 1)\r
                        return _ERROR_DELETELASTCATEGORY;\r
 \r
                // change category for all items to the default category\r
@@ -2979,7 +2979,7 @@ class ADMIN {
                // update comments table (cblog)\r
                $query = 'SELECT inumber FROM '.sql_table('item').' WHERE icat='.$catid;\r
                $items = sql_query($query);\r
-               while ($oItem = mysql_fetch_object($items)) {\r
+               while ($oItem = sql_fetch_object($items)) {\r
                        sql_query('UPDATE '.sql_table('comment').' SET cblog='.$destblogid.' WHERE citem='.$oItem->inumber);\r
                }\r
 \r
@@ -3380,14 +3380,14 @@ class ADMIN {
                // create blog\r
                $query = 'INSERT INTO '.sql_table('blog')." (bname, bshortname, bdesc, btimeoffset, bdefskin) VALUES ('$bname', '$bshortname', '$bdesc', '$btimeoffset', '$bdefskin')";\r
                sql_query($query);\r
-               $blogid = mysql_insert_id();\r
+               $blogid = sql_insert_id();\r
                $blog   =& $manager->getBlog($blogid);\r
 \r
                // create new category\r
                $sql = 'INSERT INTO %s (cblog, cname, cdesc) VALUES (%d, "%s", "%s")';\r
                sql_query(sprintf($sql, sql_table('category'), $blogid, _EBLOGDEFAULTCATEGORY_NAME, _EBLOGDEFAULTCATEGORY_DESC));\r
 //             sql_query('INSERT INTO '.sql_table('category')." (cblog, cname, cdesc) VALUES ($blogid, _EBLOGDEFAULTCATEGORY_NAME, _EBLOGDEFAULTCATEGORY_DESC)");\r
-               $catid = mysql_insert_id();\r
+               $catid = sql_insert_id();\r
 \r
                // set as default category\r
                $blog->setDefaultCategory($catid);\r
@@ -3567,7 +3567,7 @@ selector();
                        </tr><tr>\r
        <?php           // show list of skins\r
                $res = sql_query('SELECT * FROM '.sql_table('skin_desc'));\r
-               while ($skinObj = mysql_fetch_object($res)) {\r
+               while ($skinObj = sql_fetch_object($res)) {\r
                        $id = 'skinexp' . $skinObj->sdnumber;\r
                        echo '<td><input type="checkbox" name="skin[',$skinObj->sdnumber,']"  id="',$id,'" />';\r
                        echo '<label for="',$id,'">',htmlspecialchars($skinObj->sdname),'</label></td>';\r
@@ -3579,7 +3579,7 @@ selector();
 \r
                // show list of templates\r
                $res = sql_query('SELECT * FROM '.sql_table('template_desc'));\r
-               while ($templateObj = mysql_fetch_object($res)) {\r
+               while ($templateObj = sql_fetch_object($res)) {\r
                        $id = 'templateexp' . $templateObj->tdnumber;\r
                        echo '<td><input type="checkbox" name="template[',$templateObj->tdnumber,']" id="',$id,'" />';\r
                        echo '<label for="',$id,'">',htmlspecialchars($templateObj->tdname),'</label></td>';\r
@@ -4079,8 +4079,8 @@ selector();
 \r
                $query = 'INSERT INTO '.sql_table('template')." (tdesc, tpartname, tcontent) "\r
                           . "VALUES ($id, '$partname', '$content')";\r
-               sql_query($query) or exit(_ADMIN_SQLDIE_QUERYERROR . mysql_error());\r
-               return mysql_insert_id();\r
+               sql_query($query) or exit(_ADMIN_SQLDIE_QUERYERROR . sql_error());\r
+               return sql_insert_id();\r
        }\r
 \r
        /**\r
@@ -4191,7 +4191,7 @@ selector();
                // 3. create clone\r
                // go through parts of old template and add them to the new one\r
                $res = sql_query('SELECT tpartname, tcontent FROM '.sql_table('template').' WHERE tdesc=' . $templateid);\r
-               while ($o = mysql_fetch_object($res)) {\r
+               while ($o = sql_fetch_object($res)) {\r
                        $this->addToTemplate($newid, $o->tpartname, $o->tcontent);\r
                }\r
 \r
@@ -4312,11 +4312,11 @@ selector();
                echo '<input type="submit" tabindex="140" value="' . _SKIN_CREATE . '" onclick="return checkSubmit();" />' . "\r\n";\r
                echo '</form>' . "\r\n";\r
 \r
-               if ($res && mysql_num_rows($res) > 0) {\r
+               if ($res && sql_num_rows($res) > 0) {\r
                        echo '<ul>';\r
                        $tabstart = 75;\r
 \r
-                       while ($row = mysql_fetch_assoc($res)) {\r
+                       while ($row = sql_fetch_assoc($res)) {\r
                                echo '<li><a tabindex="' . ($tabstart++) . '" href="index.php?action=skinedittype&amp;skinid=' . $skinid . '&amp;type=' . htmlspecialchars(strtolower($row['stype'])) . '">' . htmlspecialchars(ucfirst($row['stype'])) . '</a> (<a tabindex="' . ($tabstart++) . '" href="index.php?action=skinremovetype&amp;skinid=' . $skinid . '&amp;type=' . htmlspecialchars(strtolower($row['stype'])) . '">remove</a>)</li>';\r
                        }\r
 \r
@@ -4512,7 +4512,7 @@ selector();
                // don't allow deletion of default skins for blogs\r
                $query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;\r
                $r = sql_query($query);\r
-               if ($o = mysql_fetch_object($r))\r
+               if ($o = sql_fetch_object($r))\r
                        $this->error(_ERROR_SKINDEFDELETE . htmlspecialchars($o->bname));\r
 \r
                $this->pagehead();\r
@@ -4555,7 +4555,7 @@ selector();
                // don't allow deletion of default skins for blogs\r
                $query = 'SELECT bname FROM '.sql_table('blog').' WHERE bdefskin=' . $skinid;\r
                $r = sql_query($query);\r
-               if ($o = mysql_fetch_object($r))\r
+               if ($o = sql_fetch_object($r))\r
                        $this->error(_ERROR_SKINDEFDELETE .$o->bname);\r
 \r
                $manager->notify('PreDeleteSkin', array('skinid' => $skinid));\r
@@ -4692,7 +4692,7 @@ selector();
 \r
                $query = "SELECT stype FROM " . sql_table('skin') . " WHERE sdesc = " . $skinid;\r
                $res = sql_query($query);\r
-               while ($row = mysql_fetch_assoc($res)) {\r
+               while ($row = sql_fetch_assoc($res)) {\r
                        $this->skinclonetype($skin, $newid, $row['stype']);\r
                }\r
 \r
@@ -5078,7 +5078,7 @@ selector();
                        echo "\t\t" . '<td>' . phpversion() . "</td>\n";\r
                        echo "\t</tr><tr>\n";\r
                        echo "\t\t" . '<td>' . _ADMIN_SYSTEMOVERVIEW_MYSQLVERSION . "</td>\n";\r
-                       echo "\t\t" . '<td>' . mysql_get_server_info() . ' (' . mysql_get_client_info() . ')' . "</td>\n";\r
+                       echo "\t\t" . '<td>' . sql_get_server_info() . ' (' . sql_get_client_info() . ')' . "</td>\n";\r
                        echo "\t</tr>";\r
                        echo "</table>\n";\r
 \r
@@ -5205,8 +5205,8 @@ selector();
                           . " SET value='$val'"\r
                           . " WHERE name='$name'";\r
 \r
-               sql_query($query) or die(_ADMIN_SQLDIE_QUERYERROR . mysql_error());\r
-               return mysql_insert_id();\r
+               sql_query($query) or die(_ADMIN_SQLDIE_QUERYERROR . sql_error());\r
+               return sql_insert_id();\r
        }\r
 \r
        /**\r
@@ -5980,7 +5980,7 @@ selector();
                                                $name = $matches[1];\r
                                                // only show in list when not yet installed\r
                                                $res = sql_query('SELECT * FROM '.sql_table('plugin').' WHERE pfile="NP_'.addslashes($name).'"');\r
-                                               if (mysql_num_rows($res) == 0)\r
+                                               if (sql_num_rows($res) == 0)\r
                                                        array_push($candidates,$name);\r
                                        }\r
                                }\r
@@ -6064,7 +6064,7 @@ selector();
 \r
                // get number of currently installed plugins\r
                $res = sql_query('SELECT * FROM '.sql_table('plugin'));\r
-               $numCurrent = mysql_num_rows($res);\r
+               $numCurrent = sql_num_rows($res);\r
 \r
                // plugin will be added as last one in the list\r
                $newOrder = $numCurrent + 1;\r
@@ -6079,7 +6079,7 @@ selector();
                // do this before calling getPlugin (in case the plugin id is used there)\r
                $query = 'INSERT INTO '.sql_table('plugin').' (porder, pfile) VALUES ('.$newOrder.',"'.addslashes($name).'")';\r
                sql_query($query);\r
-               $iPid = mysql_insert_id();\r
+               $iPid = sql_insert_id();\r
 \r
                $manager->clearCachedInfo('installedPlugins');\r
 \r
@@ -6119,7 +6119,7 @@ selector();
                {\r
 \r
                        $res = sql_query('SELECT * FROM '.sql_table('plugin') . ' WHERE pfile="' . $pluginName . '"');\r
-                       if (mysql_num_rows($res) == 0)\r
+                       if (sql_num_rows($res) == 0)\r
                        {\r
                                // uninstall plugin again...\r
                                $this->deleteOnePlugin($plugin->getID());\r
@@ -6156,7 +6156,7 @@ selector();
 \r
                // loop over all installed plugins\r
                $res = sql_query('SELECT pid, pfile FROM '.sql_table('plugin'));\r
-               while($o = mysql_fetch_object($res)) {\r
+               while($o = sql_fetch_object($res)) {\r
                        $pid = $o->pid;\r
                        $plug =& $manager->getPlugin($o->pfile);\r
                        if ($plug)\r
@@ -6242,7 +6242,7 @@ selector();
 \r
                // check dependency before delete\r
                $res = sql_query('SELECT pfile FROM '.sql_table('plugin'));\r
-               while($o = mysql_fetch_object($res)) {\r
+               while($o = sql_fetch_object($res)) {\r
                        $plug =& $manager->getPlugin($o->pfile);\r
                        if ($plug)\r
                        {\r
@@ -6272,7 +6272,7 @@ selector();
                // get OIDs from plugin_option_desc\r
                $res = sql_query('SELECT oid FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . $pid);\r
                $aOIDs = array();\r
-               while ($o = mysql_fetch_object($res)) {\r
+               while ($o = sql_fetch_object($res)) {\r
                        array_push($aOIDs, $o->oid);\r
                }\r
 \r
@@ -6283,7 +6283,7 @@ selector();
 \r
                // update order numbers\r
                $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid=' . $pid);\r
-               $o = mysql_fetch_object($res);\r
+               $o = sql_fetch_object($res);\r
                sql_query('UPDATE '.sql_table('plugin').' SET porder=(porder - 1) WHERE porder>'.$o->porder);\r
 \r
                // delete row\r
@@ -6311,7 +6311,7 @@ selector();
 \r
                // 1. get old order number\r
                $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);\r
-               $o = mysql_fetch_object($res);\r
+               $o = sql_fetch_object($res);\r
                $oldOrder = $o->porder;\r
 \r
                // 2. calculate new order number\r
@@ -6341,11 +6341,11 @@ selector();
 \r
                // 1. get old order number\r
                $res = sql_query('SELECT porder FROM '.sql_table('plugin').' WHERE pid='.$plugid);\r
-               $o = mysql_fetch_object($res);\r
+               $o = sql_fetch_object($res);\r
                $oldOrder = $o->porder;\r
 \r
                $res = sql_query('SELECT * FROM '.sql_table('plugin'));\r
-               $maxOrder = mysql_num_rows($res);\r
+               $maxOrder = sql_num_rows($res);\r
 \r
                // 2. calculate new order number\r
                $newOrder = ($oldOrder < $maxOrder) ? ($oldOrder + 1) : $maxOrder;\r
@@ -6396,7 +6396,7 @@ selector();
                $aOIDs = array();\r
                $query = 'SELECT * FROM ' . sql_table('plugin_option_desc') . ' WHERE ocontext=\'global\' and opid=' . $pid . ' ORDER BY oid ASC';\r
                $r = sql_query($query);\r
-               while ($o = mysql_fetch_object($r)) {\r
+               while ($o = sql_fetch_object($r)) {\r
                        array_push($aOIDs, $o->oid);\r
                        $aOptions[$o->oid] = array(\r
                                                'oid' => $o->oid,\r
@@ -6411,7 +6411,7 @@ selector();
                // fill out actual values\r
                if (count($aOIDs) > 0) {\r
                        $r = sql_query('SELECT oid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).')');\r
-                       while ($o = mysql_fetch_object($r))\r
+                       while ($o = sql_fetch_object($r))\r
                                $aOptions[$o->oid]['value'] = $o->ovalue;\r
                }\r
 \r
@@ -6462,7 +6462,7 @@ selector();
                // (note: this might contain doubles for overlapping contextids)\r
                $aIdToValue = array();\r
                $res = sql_query('SELECT oid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE ocontextid=' . intval($contextid));\r
-               while ($o = mysql_fetch_object($res)) {\r
+               while ($o = sql_fetch_object($res)) {\r
                        $aIdToValue[$o->oid] = $o->ovalue;\r
                }\r
 \r
@@ -6471,7 +6471,7 @@ selector();
                           . ' WHERE opid=pid and ocontext=\''.addslashes($context).'\' ORDER BY porder, oid ASC';\r
                $res = sql_query($query);\r
                $aOptions = array();\r
-               while ($o = mysql_fetch_object($res)) {\r
+               while ($o = sql_fetch_object($res)) {\r
                        if (in_array($o->oid, array_keys($aIdToValue)))\r
                                $value = $aIdToValue[$o->oid];\r
                        else\r
index 2129aff..1e414e4 100755 (executable)
@@ -30,7 +30,7 @@ class BAN {
                $blogid = intval($blogid);
                $query = 'SELECT * FROM '.sql_table('ban').' WHERE blogid='.$blogid;
                $res = sql_query($query);
-               while ($obj = mysql_fetch_object($res)) {
+               while ($obj = sql_fetch_object($res)) {
                        $found = strpos ($ip, $obj->iprange);
                        if (!($found === false))
                                // found a match!
@@ -85,7 +85,7 @@ class BAN {
                $query = 'DELETE FROM '.sql_table('ban')." WHERE blogid=$blogid and iprange='" .addslashes($iprange). "'";
                sql_query($query);
 
-               $result = (mysql_affected_rows() > 0);
+               $result = (sql_affected_rows() > 0);
 
                $manager->notify('PostDeleteBan', array('blogid' => $blogid, 'range' => $iprange));
 
index 716bd53..d2de922 100755 (executable)
@@ -171,7 +171,7 @@ class BLOG {
 
                // loop over all items
                $old_date = 0;
-               while ($item = mysql_fetch_object($items)) {
+               while ($item = sql_fetch_object($items)) {
 
                        $item->timestamp = strtotime($item->itime);     // string timestamp -> unix timestamp
 
@@ -210,7 +210,7 @@ class BLOG {
 
                }
 
-               $numrows = mysql_num_rows($items);
+               $numrows = sql_num_rows($items);
 
                // add another date footer if there was at least one item
                if (($numrows > 0) && $dateheads) {
@@ -219,7 +219,7 @@ class BLOG {
                        $manager->notify('PostDateFoot',array('blog' => &$this, 'timestamp' => strtotime($old_date)));
                }
 
-               mysql_free_result($items);      // free memory
+               sql_free_result($items);        // free memory
 
                return $numrows;
 
@@ -271,7 +271,7 @@ class BLOG {
                $query = 'INSERT INTO '.sql_table('item').' (ITITLE, IBODY, IMORE, IBLOG, IAUTHOR, ITIME, ICLOSED, IDRAFT, ICAT, IPOSTED) '
                           . "VALUES ('$title', '$body', '$more', $blogid, $authorid, '$timestamp', $closed, $draft, $catid, $posted)";
                sql_query($query);
-               $itemid = mysql_insert_id();
+               $itemid = sql_insert_id();
 
                $manager->notify('PostAddItem',array('itemid' => $itemid));
 
@@ -344,7 +344,7 @@ class BLOG {
                                $i = 1;
 
                                $res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cname='".$catName.$i."' and cblog=".$this->getID());
-                               while (mysql_num_rows($res) > 0)
+                               while (sql_num_rows($res) > 0)
                                {
                                        $i++;
                                        $res = sql_query('SELECT * FROM '.sql_table('category')." WHERE cname='".$catName.$i."' and cblog=".$this->getID());
@@ -364,7 +364,7 @@ class BLOG {
 
                        $query = 'INSERT INTO '.sql_table('category').' (cblog, cname, cdesc) VALUES (' . $this->getID() . ", '" . addslashes($catName) . "', '" . addslashes($catDescription) . "')";
                        sql_query($query);
-                       $catid = mysql_insert_id();
+                       $catid = sql_insert_id();
 
                        $manager->notify(
                                'PostAddCategory',
@@ -574,7 +574,9 @@ class BLOG {
                if ($catid)
                        $query .= ' and icat=' . intval($catid);
 
-               $query .= ' GROUP BY Year, Month';
+               $query .= ' GROUP BY Year';
+               if ($mode == 'month' || $mode == 'day')
+                       $query .= ', Month';
                if ($mode == 'day')
                        $query .= ', Day';
 
@@ -586,18 +588,30 @@ class BLOG {
 
                $res = sql_query($query);
 
-               while ($current = mysql_fetch_object($res)) {
+               while ($current = sql_fetch_object($res)) {
                        $current->itime = strtotime($current->itime);   // string time -> unix timestamp
 
                        if ($mode == 'day') {
-                               $archivedate    = date('Y-m-d',$current->itime);
-                               $archive['day'] = date('d',$current->itime);
-                               $data['day']    = date('d',$current->itime);
+                               $archivedate      = date('Y-m-d',$current->itime);
+                               $archive['day']   = date('d',$current->itime);
+                               $data['day']      = date('d',$current->itime);
+                               $data['month']    = date('m',$current->itime);
+                               $archive['month'] = $data['month'];
+                       } elseif ($mode == 'year') {
+                               $archivedate      = date('Y',$current->itime);
+                               $data['day']      = '';
+                               $data['month']    = '';
+                               $archive['day']   = '';
+                               $archive['month'] = '';
                        } else {
                                $archivedate = date('Y-m',$current->itime);
+                               $data['month'] = date('m',$current->itime);
+                               $archive['month'] = $data['month'];
+                               $data['day'] = '';
+                               $archive['day'] = '';
                        }
-                       $data['month'] = date('m',$current->itime);
                        $data['year'] = date('Y',$current->itime);
+                       $archive['year'] = $data['year'];
                        $data['archivelink'] = createArchiveLink($this->getID(),$archivedate,$linkparams);
 
                        $manager->notify(
@@ -612,7 +626,7 @@ class BLOG {
 
                }
 
-               mysql_free_result($res);
+               sql_free_result($res);
 
                echo TEMPLATE::fill($template['ARCHIVELIST_FOOTER'],$data);
        }
@@ -657,7 +671,7 @@ class BLOG {
                $res = sql_query($query);
 
 
-               while ($data = mysql_fetch_assoc($res)) {
+               while ($data = sql_fetch_assoc($res)) {
                        $data['blogid'] = $this->getID();
                        $data['blogurl'] = $blogurl;
                        $data['catlink'] = createLink(
@@ -683,7 +697,7 @@ class BLOG {
 
                }
 
-               mysql_free_result($res);
+               sql_free_result($res);
 
                echo TEMPLATE::fill((isset($template['CATLIST_FOOTER']) ? $template['CATLIST_FOOTER'] : null),
                                                        array(
@@ -743,7 +757,7 @@ class BLOG {
                $query = 'SELECT bnumber, bname, bshortname, bdesc, burl FROM '.sql_table('blog').' ORDER BY '.$orderby.' '.$direction;
                $res = sql_query($query);
 
-               while ($data = mysql_fetch_assoc($res)) {
+               while ($data = sql_fetch_assoc($res)) {
 
                        $list = array();
 
@@ -772,7 +786,7 @@ class BLOG {
 
                }
 
-               mysql_free_result($res);
+               sql_free_result($res);
 
                echo TEMPLATE::fill((isset($template['BLOGLIST_FOOTER']) ? $template['BLOGLIST_FOOTER'] : null),
                                                        array(
@@ -792,11 +806,11 @@ class BLOG {
                           . ' WHERE bnumber=' . $this->blogid;
                $res = sql_query($query);
 
-               $this->isValid = (mysql_num_rows($res) > 0);
+               $this->isValid = (sql_num_rows($res) > 0);
                if (!$this->isValid)
                        return;
 
-               $this->settings = mysql_fetch_assoc($res);
+               $this->settings = sql_fetch_assoc($res);
        }
 
        function writeSettings() {
@@ -845,25 +859,25 @@ class BLOG {
        function isValidCategory($catid) {
                $query = 'SELECT * FROM '.sql_table('category').' WHERE cblog=' . $this->getID() . ' and catid=' . intval($catid);
                $res = sql_query($query);
-               return (mysql_num_rows($res) != 0);
+               return (sql_num_rows($res) != 0);
        }
 
        function getCategoryName($catid) {
                $res = sql_query('SELECT cname FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
-               $o = mysql_fetch_object($res);
+               $o = sql_fetch_object($res);
                return $o->cname;
        }
 
        function getCategoryDesc($catid) {
                $res = sql_query('SELECT cdesc FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and catid=' . intval($catid));
-               $o = mysql_fetch_object($res);
+               $o = sql_fetch_object($res);
                return $o->cdesc;
        }
 
        function getCategoryIdFromName($name) {
                $res = sql_query('SELECT catid FROM '.sql_table('category').' WHERE cblog='.$this->getID().' and cname="' . addslashes($name) . '"');
-               if (mysql_num_rows($res) > 0) {
-                       $o = mysql_fetch_object($res);
+               if (sql_num_rows($res) > 0) {
+                       $o = sql_fetch_object($res);
                        return $o->catid;
                } else {
                        return $this->getDefaultCategory();
@@ -1116,13 +1130,13 @@ class BLOG {
        // returns true if there is a blog with the given shortname (static)
        function exists($name) {
                $r = sql_query('select * FROM '.sql_table('blog').' WHERE bshortname="'.addslashes($name).'"');
-               return (mysql_num_rows($r) != 0);
+               return (sql_num_rows($r) != 0);
        }
 
        // returns true if there is a blog with the given ID (static)
        function existsID($id) {
                $r = sql_query('select * FROM '.sql_table('blog').' WHERE bnumber='.intval($id));
-               return (mysql_num_rows($r) != 0);
+               return (sql_num_rows($r) != 0);
        }
 
         // flag there is a future post pending
@@ -1147,7 +1161,7 @@ class BLOG {
                        $blogid = $this->getID();
                        $result = sql_query("SELECT * FROM " . sql_table('item')
                                  . " WHERE iposted=0 AND iblog=" . $blogid . " AND itime<NOW()");
-                       if (mysql_num_rows($result) > 0) {
+                       if (sql_num_rows($result) > 0) {
                                // This $pinged is allow a plugin to tell other hook to the event that a ping is sent already
                                // Note that the plugins's calling order is subject to thri order in the plugin list
                                $pinged = false;
@@ -1164,7 +1178,7 @@ class BLOG {
                                // check to see any pending future post, clear the flag is none
                                $result = sql_query("SELECT * FROM " . sql_table('item')
                                          . " WHERE iposted=0 AND iblog=" . $blogid);
-                               if (mysql_num_rows($result) == 0) {
+                               if (sql_num_rows($result) == 0) {
                                        $this->clearFuturePost();
                                }
                        }
index 61328e3..39c83c4 100755 (executable)
  * @version $Id$
  * $NucleusJP: COMMENT.php,v 1.4 2006/07/17 20:03:44 kimitake Exp $
  */
-class COMMENT {\r
-\r
-       /**\r
-         * Returns the requested comment\r
-         * \r
-         * @static\r
-         */\r
-       function getComment($commentid) {\r
-               $query =  'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cemail as email, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'\r
-                          . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'\r
-                          . ' WHERE cnumber=' . intval($commentid);\r
-               $comments = sql_query($query);\r
-\r
-               $aCommentInfo = mysql_fetch_assoc($comments);\r
-               if ($aCommentInfo)\r
-               {\r
-                       $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);\r
-               }\r
-               return $aCommentInfo;\r
-       }\r
-\r
-       /**\r
-         * Prepares a comment to be saved\r
-         *       \r
-         * @static\r
-         */\r
-       function prepare($comment) {\r
-               $comment['user'] = strip_tags($comment['user']);\r
-               $comment['userid'] = strip_tags($comment['userid']);\r
-               $comment['email'] = strip_tags($comment['email']);\r
-\r
-               // remove quotes and newlines from user and userid\r
-               $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');\r
-               $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');\r
-               $comment['email'] = strtr($comment['email'], "\'\"\n",'-- ');\r
-\r
-               $comment['body'] = COMMENT::prepareBody($comment['body']);\r
-\r
-               return $comment;\r
-       }\r
-\r
-       /**\r
-        * Prepares the body of a comment\r
-        *\r
-        * @ static\r
-        */             \r
-       function prepareBody($body) {\r
-\r
-               // remove newlines when too many in a row\r
-               $body = ereg_replace("\n.\n.\n","\n",$body);\r
-\r
-               // encode special characters as entities\r
-               $body = htmlspecialchars($body);\r
-\r
-               // trim away whitespace and newlines at beginning and end\r
-               $body = trim($body);\r
-\r
-               // add <br /> tags\r
-               $body = addBreaks($body);\r
-\r
-               // create hyperlinks for http:// addresses\r
-               // there's a testcase for this in /build/testcases/urllinking.txt\r
-               $replaceFrom = array(\r
-                       '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',\r
-                       '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',\r
-                       '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',\r
-                       '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'\r
-               );\r
-               $replaceTo = array(\r
-                       'COMMENT::createLinkCode("\\1", "\\2","https")',\r
-                       'COMMENT::createLinkCode("\\1", "\\2","http")',\r
-                       'COMMENT::createLinkCode("\\1", "\\2","ftp")',\r
-                       'COMMENT::createLinkCode("\\1", "\\3","mailto")'\r
-               );\r
-               $body = preg_replace($replaceFrom, $replaceTo, $body);\r
-\r
-               return $body;\r
-       }\r
-\r
-       /**\r
-        * Creates a link code for unlinked URLs with different protocols\r
-        *\r
-        * @ static\r
-        */     \r
-       function createLinkCode($pre, $url, $protocol = 'http') {\r
-               $post = '';\r
-\r
-               // it's possible that $url ends contains entities we don't want,\r
-               // since htmlspecialchars is applied _before_ URL linking\r
-               // move the part of URL, starting from the disallowed entity to the 'post' link part\r
-               $aBadEntities = array('&quot;', '&gt;', '&lt;');\r
-               foreach ($aBadEntities as $entity)\r
-               {\r
-                       $pos = strpos($url, $entity);\r
-                       if ($pos)\r
-                       {\r
-                               $post = substr($url, $pos) . $post;\r
-                               $url = substr($url, 0, $pos);\r
-\r
-                       }\r
-               }\r
-\r
-               // remove entities at end (&&&&)\r
-               if (preg_match('/(&\w+;)+$/i', $url, $matches)) {\r
-                       $post = $matches[0] . $post;    // found entities (1 or more)\r
-                       $url = substr($url, 0, strlen($url) - strlen($post));\r
-               }\r
-\r
-               // move ending comma from url to 'post' part\r
-               if (substr($url, strlen($url) - 1) == ',')\r
-               {\r
-                       $url = substr($url, 0, strlen($url) - 1);\r
-                       $post = ',' . $post;\r
-               }\r
-\r
-               if (!ereg('^'.$protocol.'://',$url))\r
-                       $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;\r
-               else\r
-                       $linkedUrl = $url;\r
-\r
-\r
-               if ($protocol != 'mailto')\r
-                       $displayedUrl = $linkedUrl;\r
-               else\r
-                       $displayedUrl = $url;\r
-               return $pre . '<a href="'.$linkedUrl.'" rel="nofollow">'.shorten($displayedUrl,30,'...').'</a>' . $post;\r
-       }\r
-\r
-}\r
-\r
+class COMMENT {
+
+       /**
+         * Returns the requested comment
+         * 
+         * @static
+         */
+       function getComment($commentid) {
+               $query =  'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cemail as email, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'
+                          . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'
+                          . ' WHERE cnumber=' . intval($commentid);
+               $comments = sql_query($query);
+
+               $aCommentInfo = sql_fetch_assoc($comments);
+               if ($aCommentInfo)
+               {
+                       $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);
+               }
+               return $aCommentInfo;
+       }
+
+       /**
+         * Prepares a comment to be saved
+         *       
+         * @static
+         */
+       function prepare($comment) {
+               $comment['user'] = strip_tags($comment['user']);
+               $comment['userid'] = strip_tags($comment['userid']);
+               $comment['email'] = strip_tags($comment['email']);
+
+               // remove quotes and newlines from user and userid
+               $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');
+               $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');
+               $comment['email'] = strtr($comment['email'], "\'\"\n",'-- ');
+
+               $comment['body'] = COMMENT::prepareBody($comment['body']);
+
+               return $comment;
+       }
+
+       /**
+        * Prepares the body of a comment
+        *
+        * @ static
+        */             
+       function prepareBody($body) {
+
+               // remove newlines when too many in a row
+               $body = ereg_replace("\n.\n.\n","\n",$body);
+
+               // encode special characters as entities
+               $body = htmlspecialchars($body);
+
+               // trim away whitespace and newlines at beginning and end
+               $body = trim($body);
+
+               // add <br /> tags
+               $body = addBreaks($body);
+
+               // create hyperlinks for http:// addresses
+               // there's a testcase for this in /build/testcases/urllinking.txt
+               $replaceFrom = array(
+                       '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
+                       '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
+                       '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
+                       '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'
+               );
+               $replaceTo = array(
+                       'COMMENT::createLinkCode("\\1", "\\2","https")',
+                       'COMMENT::createLinkCode("\\1", "\\2","http")',
+                       'COMMENT::createLinkCode("\\1", "\\2","ftp")',
+                       'COMMENT::createLinkCode("\\1", "\\3","mailto")'
+               );
+               $body = preg_replace($replaceFrom, $replaceTo, $body);
+
+               return $body;
+       }
+
+       /**
+        * Creates a link code for unlinked URLs with different protocols
+        *
+        * @ static
+        */     
+       function createLinkCode($pre, $url, $protocol = 'http') {
+               $post = '';
+
+               // it's possible that $url ends contains entities we don't want,
+               // since htmlspecialchars is applied _before_ URL linking
+               // move the part of URL, starting from the disallowed entity to the 'post' link part
+               $aBadEntities = array('&quot;', '&gt;', '&lt;');
+               foreach ($aBadEntities as $entity)
+               {
+                       $pos = strpos($url, $entity);
+                       if ($pos)
+                       {
+                               $post = substr($url, $pos) . $post;
+                               $url = substr($url, 0, $pos);
+
+                       }
+               }
+
+               // remove entities at end (&&&&)
+               if (preg_match('/(&\w+;)+$/i', $url, $matches)) {
+                       $post = $matches[0] . $post;    // found entities (1 or more)
+                       $url = substr($url, 0, strlen($url) - strlen($post));
+               }
+
+               // move ending comma from url to 'post' part
+               if (substr($url, strlen($url) - 1) == ',')
+               {
+                       $url = substr($url, 0, strlen($url) - 1);
+                       $post = ',' . $post;
+               }
+
+               if (!ereg('^'.$protocol.'://',$url))
+                       $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;
+               else
+                       $linkedUrl = $url;
+
+
+               if ($protocol != 'mailto')
+                       $displayedUrl = $linkedUrl;
+               else
+                       $displayedUrl = $url;
+               return $pre . '<a href="'.$linkedUrl.'" rel="nofollow">'.shorten($displayedUrl,30,'...').'</a>' . $post;
+       }
+
+}
+
 ?>
\ No newline at end of file
index 2154946..a04927a 100755 (executable)
  * @version $Id$
  * $NucleusJP: COMMENTS.php,v 1.9.2.1 2007/08/08 05:32:21 kimitake Exp $
  */
-\r
-if ( !function_exists('requestVar') ) exit;\r
-require_once dirname(__FILE__) . '/COMMENTACTIONS.php';\r
-\r
-class COMMENTS {\r
-\r
-       // item for which comment are being displayed\r
-       var $itemid;\r
-\r
-       // reference to the itemActions object that is calling the showComments function\r
-       var $itemActions;\r
-\r
-       // total amount of comments displayed\r
-       var $commentcount;\r
-\r
-       /**\r
-        * Creates a new COMMENTS object for the given blog and item\r
-        *\r
-        * @param $itemid\r
-        *              id of the item\r
-        */\r
-       function COMMENTS($itemid) {\r
-               $this->itemid = intval($itemid);\r
-       }\r
-\r
-       /**\r
-        * Used when parsing comments\r
-        *\r
-        * @param $itemActions\r
-        *              itemActions object, that will take care of the parsing\r
-        */\r
-       function setItemActions(&$itemActions) {\r
-               $this->itemActions =& $itemActions;\r
-       }\r
-\r
-       /**\r
-        * Shows maximum $max comments to the given item using the given template\r
-        * returns the amount of shown comments (if maxToShow = -1, then there is no limit)\r
-        *\r
-        * @param template\r
-        *              template to use\r
-        * @param maxToShow\r
-        *              max. comments to show\r
-        * @param showNone\r
-        *              indicates if the 'no comments' thingie should be outputted when there are no comments\r
-        *              (useful for closed items)\r
-        * @param highlight\r
-        *              Highlight to use (if any)\r
-        */\r
-       function showComments($template, $maxToShow = -1, $showNone = 1, $highlight = '') {\r
-               global $CONF, $manager;\r
-\r
-               // create parser object & action handler\r
-               $actions =& new COMMENTACTIONS($this);\r
-               $parser =& new PARSER($actions->getDefinedActions(),$actions);\r
-               $actions->setTemplate($template);\r
-               $actions->setParser($parser);\r
-\r
-               if ($maxToShow == 0) {\r
-                       $this->commentcount = $this->amountComments();\r
-               } else {\r
-                       $query =  'SELECT c.citem as itemid, c.cnumber as commentid, c.cbody as body, c.cuser as user, c.cmail as userid, c.cemail as email, c.cmember as memberid, c.ctime, c.chost as host, c.cip as ip, c.cblog as blogid'\r
-                                  . ' FROM '.sql_table('comment').' as c'\r
-                                  . ' WHERE c.citem=' . $this->itemid\r
-                                  . ' ORDER BY c.ctime';\r
-\r
-                       $comments = sql_query($query);\r
-                       $this->commentcount = mysql_num_rows($comments);\r
-               }\r
-\r
-               // if no result was found\r
-               if ($this->commentcount == 0) {\r
-                       // note: when no reactions, COMMENTS_HEADER and COMMENTS_FOOTER are _NOT_ used\r
-                       if ($showNone) $parser->parse($template['COMMENTS_NONE']);\r
-                       return 0;\r
-               }\r
-\r
-               // if too many comments to show\r
-               if (($maxToShow != -1) && ($this->commentcount > $maxToShow)) {\r
-                       $parser->parse($template['COMMENTS_TOOMUCH']);\r
-                       return 0;\r
-               }\r
-\r
-               $parser->parse($template['COMMENTS_HEADER']);\r
-\r
-               while ( $comment = mysql_fetch_assoc($comments) ) {\r
-                       $comment['timestamp'] = strtotime($comment['ctime']);\r
-                       $actions->setCurrentComment($comment);\r
-                       $actions->setHighlight($highlight);\r
-                       $manager->notify('PreComment', array('comment' => &$comment));\r
-                       $parser->parse($template['COMMENTS_BODY']);\r
-                       $manager->notify('PostComment', array('comment' => &$comment));\r
-               }\r
-\r
-               $parser->parse($template['COMMENTS_FOOTER']);\r
-\r
-               mysql_free_result($comments);\r
-\r
-               return $this->commentcount;\r
-       }\r
-\r
-       /**\r
-        * Returns the amount of comments for this itemid\r
-        */\r
-       function amountComments() {\r
-               $query =  'SELECT COUNT(*)'\r
-                          . ' FROM '.sql_table('comment').' as c'\r
-                          . ' WHERE c.citem='. $this->itemid;\r
-               $res = sql_query($query);\r
-               $arr = mysql_fetch_row($res);\r
-\r
-               return $arr[0];\r
-       }\r
-\r
-       /**\r
-        * Adds a new comment to the database\r
-        */\r
-       function addComment($timestamp, $comment) {\r
-               global $CONF, $member, $manager;\r
-\r
-               $blogid = getBlogIDFromItemID($this->itemid);\r
-\r
-               $settings =& $manager->getBlog($blogid);\r
-               $settings->readSettings();\r
-\r
-               if (!$settings->commentsEnabled())\r
-                       return _ERROR_COMMENTS_DISABLED;\r
-\r
-               if (!$settings->isPublic() && !$member->isLoggedIn())\r
-                       return _ERROR_COMMENTS_NONPUBLIC;\r
-\r
-               // member name protection\r
-               if ($CONF['ProtectMemNames'] && !$member->isLoggedIn() && MEMBER::isNameProtected($comment['user']))\r
-                       return _ERROR_COMMENTS_MEMBERNICK;\r
-\r
-               // email required protection\r
-               if ($settings->emailRequired() && strlen($comment['email']) == 0 && !$member->isLoggedIn()) {\r
-                       return _ERROR_EMAIL_REQUIRED;\r
-               }\r
-\r
-               $comment['timestamp'] = $timestamp;\r
-               $comment['host'] = gethostbyaddr(serverVar('REMOTE_ADDR'));\r
-               $comment['ip'] = serverVar('REMOTE_ADDR');\r
-\r
-               // if member is logged in, use that data\r
-               if ($member->isLoggedIn()) {\r
-                       $comment['memberid'] = $member->getID();\r
-                       $comment['user'] = '';\r
-                       $comment['userid'] = '';\r
-                       $comment['email'] = '';\r
-               } else {\r
-                       $comment['memberid'] = 0;\r
-               }\r
-\r
-               // spam check\r
-               $continue = false;\r
-               $plugins = array();\r
-\r
-               if (isset($manager->subscriptions['ValidateForm']))\r
-                       $plugins = array_merge($plugins, $manager->subscriptions['ValidateForm']);\r
-\r
-               if (isset($manager->subscriptions['PreAddComment']))\r
-                       $plugins = array_merge($plugins, $manager->subscriptions['PreAddComment']);\r
-\r
-               if (isset($manager->subscriptions['PostAddComment']))\r
-                       $plugins = array_merge($plugins, $manager->subscriptions['PostAddComment']);\r
-\r
-               $plugins = array_unique($plugins);\r
-\r
-               while (list(,$plugin) = each($plugins)) {\r
-                       $p = $manager->getPlugin($plugin);\r
-                       $continue = $continue || $p->supportsFeature('handleSpam');\r
-               }\r
-\r
-               $spamcheck = array (\r
-                       'type'          => 'comment',\r
-                       'body'          => $comment['body'],\r
-                       'id'        => $comment['itemid'],\r
-                       'live'          => true,\r
-                       'return'        => $continue\r
-               );\r
-\r
-               if ($member->isLoggedIn()) {\r
-                       $spamcheck['author'] = $member->displayname;\r
-                       $spamcheck['email'] = $member->email;\r
-               } else {\r
-                       $spamcheck['author'] = $comment['user'];\r
-                       $spamcheck['email'] = $comment['email'];\r
-                       $spamcheck['url'] = $comment['userid'];\r
-               }\r
-\r
-               $manager->notify('SpamCheck', array ('spamcheck' => &$spamcheck));\r
-\r
-               if (!$continue && isset($spamcheck['result']) && $spamcheck['result'] == true)\r
-                       return _ERROR_COMMENTS_SPAM;\r
-\r
-\r
-               // isValidComment returns either "1" or an error message\r
-               $isvalid = $this->isValidComment($comment, $spamcheck);\r
-               if ($isvalid != 1)\r
-                       return $isvalid;\r
-\r
-               // send email to notification address, if any\r
-               if ($settings->getNotifyAddress() && $settings->notifyOnComment()) {\r
-\r
-                       $mailto_msg = _NOTIFY_NC_MSG . ' ' . $this->itemid . "\n";\r
-//                     $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $this->itemid . "\n\n";\r
-                       $temp = parse_url($CONF['Self']);\r
-                       if ($temp['scheme']) {\r
-                               $mailto_msg .= createItemLink($this->itemid) . "\n\n";\r
-                       } else {\r
-                               $tempurl = $settings->getURL();\r
-                               if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {\r
-                                       $mailto_msg .= $tempurl . '?itemid=' . $this->itemid . "\n\n";\r
-                               } else {\r
-                                       $mailto_msg .= $tempurl . '/?itemid=' . $this->itemid . "\n\n";\r
-                               }\r
-                       }\r
-                       if ($comment['memberid'] == 0) {\r
-                               $mailto_msg .= _NOTIFY_USER . ' ' . $comment['user'] . "\n";\r
-                               $mailto_msg .= _NOTIFY_USERID . ' ' . $comment['userid'] . "\n";\r
-                       } else {\r
-                               $mailto_msg .= _NOTIFY_MEMBER .' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";\r
-                       }\r
-                       $mailto_msg .= _NOTIFY_HOST . ' ' . $comment['host'] . "\n";\r
-                       $mailto_msg .= _NOTIFY_COMMENT . "\n " . $comment['body'] . "\n";\r
-                       $mailto_msg .= getMailFooter();\r
-\r
-                       $item =& $manager->getItem($this->itemid, 0, 0);\r
-                       $mailto_title = _NOTIFY_NC_TITLE . ' ' . strip_tags($item['title']) . ' (' . $this->itemid . ')';\r
-\r
-                       $frommail = $member->getNotifyFromMailAddress($comment['email']);\r
-\r
-                       $notify =& new NOTIFICATION($settings->getNotifyAddress());\r
-                       $notify->notify($mailto_title, $mailto_msg , $frommail);\r
-               }\r
-\r
-               $comment = COMMENT::prepare($comment);\r
-\r
-               $manager->notify('PreAddComment',array('comment' => &$comment, 'spamcheck' => &$spamcheck));\r
-\r
-               $name           = addslashes($comment['user']);\r
-               $url            = addslashes($comment['userid']);\r
-               $email      = addslashes($comment['email']);\r
-               $body           = addslashes($comment['body']);\r
-               $host           = addslashes($comment['host']);\r
-               $ip                     = addslashes($comment['ip']);\r
-               $memberid       = intval($comment['memberid']);\r
-               $timestamp      = date('Y-m-d H:i:s', $comment['timestamp']);\r
-               $itemid         = $this->itemid;\r
-\r
-               $qSql       = 'SELECT COUNT(*) AS result '\r
-                                       . 'FROM ' . sql_table('comment')\r
-                                       . ' WHERE '\r
-                                       .      'cmail   = "' . $url . '"'\r
-                                       . ' AND cmember = "' . $memberid . '"'\r
-                                       . ' AND cbody   = "' . $body . '"'\r
-                                       . ' AND citem   = "' . $itemid . '"'\r
-                                       . ' AND cblog   = "' . $blogid . '"';\r
-               $result     = (integer) quickQuery($qSql);\r
-               if ($result > 0) {\r
-                       return _ERROR_BADACTION;\r
-               }\r
-\r
-               $query = 'INSERT INTO '.sql_table('comment').' (CUSER, CMAIL, CEMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CIP, CBLOG) '\r
-                          . "VALUES ('$name', '$url', '$email', $memberid, '$body', $itemid, '$timestamp', '$host', '$ip', '$blogid')";\r
-\r
-               sql_query($query);\r
-\r
-               // post add comment\r
-               $commentid = mysql_insert_id();\r
-               $manager->notify('PostAddComment',array('comment' => &$comment, 'commentid' => &$commentid, 'spamcheck' => &$spamcheck));\r
-\r
-               // succeeded !\r
-               return true;\r
-       }\r
-\r
-       /**\r
-        * Checks if a comment is valid and call plugins\r
-        * that can check if the comment is a spam comment        \r
-        */\r
-       function isValidComment(&$comment, & $spamcheck) {\r
-               global $member, $manager;\r
-\r
-               // check if there exists a item for this date\r
-               $item =& $manager->getItem($this->itemid,0,0);\r
-\r
-               if (!$item)\r
-                       return _ERROR_NOSUCHITEM;\r
-\r
-               if ($item['closed'])\r
-                       return _ERROR_ITEMCLOSED;\r
-\r
-               // don't allow words that are too long\r
-               if (eregi('[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}',$comment['body']) != false)\r
-                       return _ERROR_COMMENT_LONGWORD;\r
-\r
-               // check lengths of comment\r
-               if (strlen($comment['body'])<3)\r
-                       return _ERROR_COMMENT_NOCOMMENT;\r
-\r
-               if (strlen($comment['body'])>5000)\r
-                       return _ERROR_COMMENT_TOOLONG;\r
-\r
-               // only check username if no member logged in\r
-               if (!$member->isLoggedIn())\r
-                       if (strlen($comment['user'])<2)\r
-                               return _ERROR_COMMENT_NOUSERNAME;\r
-\r
-               if ((strlen($comment['email']) != 0) && !(isValidMailAddress($comment['email']))) {\r
-                       return _ERROR_BADMAILADDRESS;\r
-               }\r
-\r
-               // let plugins do verification (any plugin which thinks the comment is invalid\r
-               // can change 'error' to something other than '1')\r
-               $result = 1;\r
-               $manager->notify('ValidateForm', array('type' => 'comment', 'comment' => &$comment, 'error' => &$result, 'spamcheck' => &$spamcheck));\r
-\r
-               return $result;\r
-       }\r
-\r
-}\r
-\r
+
+if ( !function_exists('requestVar') ) exit;
+require_once dirname(__FILE__) . '/COMMENTACTIONS.php';
+
+class COMMENTS {
+
+       // item for which comment are being displayed
+       var $itemid;
+
+       // reference to the itemActions object that is calling the showComments function
+       var $itemActions;
+
+       // total amount of comments displayed
+       var $commentcount;
+
+       /**
+        * Creates a new COMMENTS object for the given blog and item
+        *
+        * @param $itemid
+        *              id of the item
+        */
+       function COMMENTS($itemid) {
+               $this->itemid = intval($itemid);
+       }
+
+       /**
+        * Used when parsing comments
+        *
+        * @param $itemActions
+        *              itemActions object, that will take care of the parsing
+        */
+       function setItemActions(&$itemActions) {
+               $this->itemActions =& $itemActions;
+       }
+
+       /**
+        * Shows maximum $max comments to the given item using the given template
+        * returns the amount of shown comments (if maxToShow = -1, then there is no limit)
+        *
+        * @param template
+        *              template to use
+        * @param maxToShow
+        *              max. comments to show
+        * @param showNone
+        *              indicates if the 'no comments' thingie should be outputted when there are no comments
+        *              (useful for closed items)
+        * @param highlight
+        *              Highlight to use (if any)
+        */
+       function showComments($template, $maxToShow = -1, $showNone = 1, $highlight = '') {
+               global $CONF, $manager;
+
+               // create parser object & action handler
+               $actions =& new COMMENTACTIONS($this);
+               $parser =& new PARSER($actions->getDefinedActions(),$actions);
+               $actions->setTemplate($template);
+               $actions->setParser($parser);
+
+               if ($maxToShow == 0) {
+                       $this->commentcount = $this->amountComments();
+               } else {
+                       $query =  'SELECT c.citem as itemid, c.cnumber as commentid, c.cbody as body, c.cuser as user, c.cmail as userid, c.cemail as email, c.cmember as memberid, c.ctime, c.chost as host, c.cip as ip, c.cblog as blogid'
+                                  . ' FROM '.sql_table('comment').' as c'
+                                  . ' WHERE c.citem=' . $this->itemid
+                                  . ' ORDER BY c.ctime';
+
+                       $comments = sql_query($query);
+                       $this->commentcount = sql_num_rows($comments);
+               }
+
+               // if no result was found
+               if ($this->commentcount == 0) {
+                       // note: when no reactions, COMMENTS_HEADER and COMMENTS_FOOTER are _NOT_ used
+                       if ($showNone) $parser->parse($template['COMMENTS_NONE']);
+                       return 0;
+               }
+
+               // if too many comments to show
+               if (($maxToShow != -1) && ($this->commentcount > $maxToShow)) {
+                       $parser->parse($template['COMMENTS_TOOMUCH']);
+                       return 0;
+               }
+
+               $parser->parse($template['COMMENTS_HEADER']);
+
+               while ( $comment = sql_fetch_assoc($comments) ) {
+                       $comment['timestamp'] = strtotime($comment['ctime']);
+                       $actions->setCurrentComment($comment);
+                       $actions->setHighlight($highlight);
+                       $manager->notify('PreComment', array('comment' => &$comment));
+                       $parser->parse($template['COMMENTS_BODY']);
+                       $manager->notify('PostComment', array('comment' => &$comment));
+               }
+
+               $parser->parse($template['COMMENTS_FOOTER']);
+
+               sql_free_result($comments);
+
+               return $this->commentcount;
+       }
+
+       /**
+        * Returns the amount of comments for this itemid
+        */
+       function amountComments() {
+               $query =  'SELECT COUNT(*)'
+                          . ' FROM '.sql_table('comment').' as c'
+                          . ' WHERE c.citem='. $this->itemid;
+               $res = sql_query($query);
+               $arr = sql_fetch_row($res);
+
+               return $arr[0];
+       }
+
+       /**
+        * Adds a new comment to the database
+        */
+       function addComment($timestamp, $comment) {
+               global $CONF, $member, $manager;
+
+               $blogid = getBlogIDFromItemID($this->itemid);
+
+               $settings =& $manager->getBlog($blogid);
+               $settings->readSettings();
+
+               if (!$settings->commentsEnabled())
+                       return _ERROR_COMMENTS_DISABLED;
+
+               if (!$settings->isPublic() && !$member->isLoggedIn())
+                       return _ERROR_COMMENTS_NONPUBLIC;
+
+               // member name protection
+               if ($CONF['ProtectMemNames'] && !$member->isLoggedIn() && MEMBER::isNameProtected($comment['user']))
+                       return _ERROR_COMMENTS_MEMBERNICK;
+
+               // email required protection
+               if ($settings->emailRequired() && strlen($comment['email']) == 0 && !$member->isLoggedIn()) {
+                       return _ERROR_EMAIL_REQUIRED;
+               }
+
+               $comment['timestamp'] = $timestamp;
+               $comment['host'] = gethostbyaddr(serverVar('REMOTE_ADDR'));
+               $comment['ip'] = serverVar('REMOTE_ADDR');
+
+               // if member is logged in, use that data
+               if ($member->isLoggedIn()) {
+                       $comment['memberid'] = $member->getID();
+                       $comment['user'] = '';
+                       $comment['userid'] = '';
+                       $comment['email'] = '';
+               } else {
+                       $comment['memberid'] = 0;
+               }
+
+               // spam check
+               $continue = false;
+               $plugins = array();
+
+               if (isset($manager->subscriptions['ValidateForm']))
+                       $plugins = array_merge($plugins, $manager->subscriptions['ValidateForm']);
+
+               if (isset($manager->subscriptions['PreAddComment']))
+                       $plugins = array_merge($plugins, $manager->subscriptions['PreAddComment']);
+
+               if (isset($manager->subscriptions['PostAddComment']))
+                       $plugins = array_merge($plugins, $manager->subscriptions['PostAddComment']);
+
+               $plugins = array_unique($plugins);
+
+               while (list(,$plugin) = each($plugins)) {
+                       $p = $manager->getPlugin($plugin);
+                       $continue = $continue || $p->supportsFeature('handleSpam');
+               }
+
+               $spamcheck = array (
+                       'type'          => 'comment',
+                       'body'          => $comment['body'],
+                       'id'        => $comment['itemid'],
+                       'live'          => true,
+                       'return'        => $continue
+               );
+
+               if ($member->isLoggedIn()) {
+                       $spamcheck['author'] = $member->displayname;
+                       $spamcheck['email'] = $member->email;
+               } else {
+                       $spamcheck['author'] = $comment['user'];
+                       $spamcheck['email'] = $comment['email'];
+                       $spamcheck['url'] = $comment['userid'];
+               }
+
+               $manager->notify('SpamCheck', array ('spamcheck' => &$spamcheck));
+
+               if (!$continue && isset($spamcheck['result']) && $spamcheck['result'] == true)
+                       return _ERROR_COMMENTS_SPAM;
+
+
+               // isValidComment returns either "1" or an error message
+               $isvalid = $this->isValidComment($comment, $spamcheck);
+               if ($isvalid != 1)
+                       return $isvalid;
+
+               // send email to notification address, if any
+               if ($settings->getNotifyAddress() && $settings->notifyOnComment()) {
+
+                       $mailto_msg = _NOTIFY_NC_MSG . ' ' . $this->itemid . "\n";
+//                     $mailto_msg .= $CONF['IndexURL'] . 'index.php?itemid=' . $this->itemid . "\n\n";
+                       $temp = parse_url($CONF['Self']);
+                       if ($temp['scheme']) {
+                               $mailto_msg .= createItemLink($this->itemid) . "\n\n";
+                       } else {
+                               $tempurl = $settings->getURL();
+                               if (substr($tempurl, -1) == '/' || substr($tempurl, -4) == '.php') {
+                                       $mailto_msg .= $tempurl . '?itemid=' . $this->itemid . "\n\n";
+                               } else {
+                                       $mailto_msg .= $tempurl . '/?itemid=' . $this->itemid . "\n\n";
+                               }
+                       }
+                       if ($comment['memberid'] == 0) {
+                               $mailto_msg .= _NOTIFY_USER . ' ' . $comment['user'] . "\n";
+                               $mailto_msg .= _NOTIFY_USERID . ' ' . $comment['userid'] . "\n";
+                       } else {
+                               $mailto_msg .= _NOTIFY_MEMBER .' ' . $member->getDisplayName() . ' (ID=' . $member->getID() . ")\n";
+                       }
+                       $mailto_msg .= _NOTIFY_HOST . ' ' . $comment['host'] . "\n";
+                       $mailto_msg .= _NOTIFY_COMMENT . "\n " . $comment['body'] . "\n";
+                       $mailto_msg .= getMailFooter();
+
+                       $item =& $manager->getItem($this->itemid, 0, 0);
+                       $mailto_title = _NOTIFY_NC_TITLE . ' ' . strip_tags($item['title']) . ' (' . $this->itemid . ')';
+
+                       $frommail = $member->getNotifyFromMailAddress($comment['email']);
+
+                       $notify =& new NOTIFICATION($settings->getNotifyAddress());
+                       $notify->notify($mailto_title, $mailto_msg , $frommail);
+               }
+
+               $comment = COMMENT::prepare($comment);
+
+               $manager->notify('PreAddComment',array('comment' => &$comment, 'spamcheck' => &$spamcheck));
+
+               $name           = addslashes($comment['user']);
+               $url            = addslashes($comment['userid']);
+               $email      = addslashes($comment['email']);
+               $body           = addslashes($comment['body']);
+               $host           = addslashes($comment['host']);
+               $ip                     = addslashes($comment['ip']);
+               $memberid       = intval($comment['memberid']);
+               $timestamp      = date('Y-m-d H:i:s', $comment['timestamp']);
+               $itemid         = $this->itemid;
+
+               $qSql       = 'SELECT COUNT(*) AS result '
+                                       . 'FROM ' . sql_table('comment')
+                                       . ' WHERE '
+                                       .      'cmail   = "' . $url . '"'
+                                       . ' AND cmember = "' . $memberid . '"'
+                                       . ' AND cbody   = "' . $body . '"'
+                                       . ' AND citem   = "' . $itemid . '"'
+                                       . ' AND cblog   = "' . $blogid . '"';
+               $result     = (integer) quickQuery($qSql);
+               if ($result > 0) {
+                       return _ERROR_BADACTION;
+               }
+
+               $query = 'INSERT INTO '.sql_table('comment').' (CUSER, CMAIL, CEMAIL, CMEMBER, CBODY, CITEM, CTIME, CHOST, CIP, CBLOG) '
+                          . "VALUES ('$name', '$url', '$email', $memberid, '$body', $itemid, '$timestamp', '$host', '$ip', '$blogid')";
+
+               sql_query($query);
+
+               // post add comment
+               $commentid = sql_insert_id();
+               $manager->notify('PostAddComment',array('comment' => &$comment, 'commentid' => &$commentid, 'spamcheck' => &$spamcheck));
+
+               // succeeded !
+               return true;
+       }
+
+       /**
+        * Checks if a comment is valid and call plugins
+        * that can check if the comment is a spam comment        
+        */
+       function isValidComment(&$comment, & $spamcheck) {
+               global $member, $manager;
+
+               // check if there exists a item for this date
+               $item =& $manager->getItem($this->itemid,0,0);
+
+               if (!$item)
+                       return _ERROR_NOSUCHITEM;
+
+               if ($item['closed'])
+                       return _ERROR_ITEMCLOSED;
+
+               // don't allow words that are too long
+               if (eregi('[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}',$comment['body']) != false)
+                       return _ERROR_COMMENT_LONGWORD;
+
+               // check lengths of comment
+               if (strlen($comment['body'])<3)
+                       return _ERROR_COMMENT_NOCOMMENT;
+
+               if (strlen($comment['body'])>5000)
+                       return _ERROR_COMMENT_TOOLONG;
+
+               // only check username if no member logged in
+               if (!$member->isLoggedIn())
+                       if (strlen($comment['user'])<2)
+                               return _ERROR_COMMENT_NOUSERNAME;
+
+               if ((strlen($comment['email']) != 0) && !(isValidMailAddress($comment['email']))) {
+                       return _ERROR_BADMAILADDRESS;
+               }
+
+               // let plugins do verification (any plugin which thinks the comment is invalid
+               // can change 'error' to something other than '1')
+               $result = 1;
+               $manager->notify('ValidateForm', array('type' => 'comment', 'comment' => &$comment, 'error' => &$result, 'spamcheck' => &$spamcheck));
+
+               return $result;
+       }
+
+}
+
 ?>
\ No newline at end of file
index 84f0158..6009c08 100755 (executable)
@@ -65,9 +65,9 @@ class ITEM {
 \r
                $res = sql_query($query);\r
 \r
-               if (mysql_num_rows($res) == 1)\r
+               if (sql_num_rows($res) == 1)\r
                {\r
-                       $aItemInfo = mysql_fetch_assoc($res);\r
+                       $aItemInfo = sql_fetch_assoc($res);\r
                        $aItemInfo['timestamp'] = strtotime($aItemInfo['itime']);\r
                        return $aItemInfo;\r
                } else {\r
@@ -373,7 +373,7 @@ class ITEM {
                }\r
                $r = sql_query($r);\r
 \r
-               return (mysql_num_rows($r) != 0);\r
+               return (sql_num_rows($r) != 0);\r
        }\r
 \r
        /**\r
index eb36370..ed782c6 100755 (executable)
@@ -88,7 +88,7 @@ class KARMA {
        function readFromDatabase() {
                $query = 'SELECT ikarmapos, ikarmaneg FROM '.sql_table('item').' WHERE inumber=' . $this->itemid;
                $res = sql_query($query);
-               $obj = mysql_fetch_object($res);
+               $obj = sql_fetch_object($res);
 
                $this->karmapos = $obj->ikarmapos;
                $this->karmaneg = $obj->ikarmaneg;
@@ -105,7 +105,7 @@ class KARMA {
        function isVoteAllowed($ip) {
                $query = 'SELECT * FROM '.sql_table('karma')." WHERE itemid=$this->itemid and ip='".addslashes($ip)."'";
                $res = sql_query($query);
-               return (mysql_num_rows($res) == 0);
+               return (sql_num_rows($res) == 0);
        }
 
        // save IP in database so no multiple votes are possible
index c5b39ba..46a0f89 100755 (executable)
  * @version $Id$
  * $NucleusJP: MANAGER.php,v 1.8.2.1 2007/09/05 07:00:18 kimitake Exp $
  */
-class MANAGER {\r
-\r
-       /**\r
-        * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested\r
-        * through the global $manager object (getItem, getBlog, ...), only the first call\r
-        * will create an object. Subsequent calls will return the same object.\r
-        *\r
-        * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used\r
-        * rather than an ID)\r
-        */\r
-       var $items;\r
-       var $blogs;\r
-       var $plugins;\r
-       var $karma;\r
-       var $templates;\r
-       var $members;\r
-\r
-       /**\r
-        * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)\r
-        * e.g. which plugins exists?\r
-        *\r
-        * $cachedInfo['installedPlugins'] = array($pid -> $name)\r
-        */\r
-       var $cachedInfo;\r
-\r
-       /**\r
-         * The plugin subscriptionlist\r
-         *\r
-         * The subcription array has the following structure\r
-         *             $subscriptions[$EventName] = array containing names of plugin classes to be\r
-         *                                                                      notified when that event happens\r
-         */\r
-       var $subscriptions;\r
-\r
-       /**\r
-         * Returns the only instance of this class. Creates the instance if it\r
-         * does not yet exists. Users should use this function as\r
-         * $manager =& MANAGER::instance(); to get a reference to the object\r
-         * instead of a copy\r
-         */\r
-       function &instance() {\r
-               static $instance = array();\r
-               if (empty($instance)) {\r
-                       $instance[0] =& new MANAGER();\r
-               }\r
-               return $instance[0];\r
-       }\r
-\r
-       /**\r
-         * The constructor of this class initializes the object caches\r
-         */\r
-       function MANAGER() {\r
-               $this->items = array();\r
-               $this->blogs = array();\r
-               $this->plugins = array();\r
-               $this->karma = array();\r
-               $this->parserPrefs = array();\r
-               $this->cachedInfo = array();\r
-       }\r
-\r
-       /**\r
-         * Returns the requested item object. If it is not in the cache, it will\r
-         * first be loaded and then placed in the cache.\r
-         * Intended use: $item =& $manager->getItem(1234)\r
-         */\r
-       function &getItem($itemid, $allowdraft, $allowfuture) {\r
-               $item =& $this->items[$itemid];\r
-\r
-               // check the draft and future rules if the item was already cached\r
-               if ($item) {\r
-                       if ((!$allowdraft) && ($item['draft']))\r
-                               return 0;\r
-\r
-                       $blog =& $this->getBlog(getBlogIDFromItemID($itemid));\r
-                       if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))\r
-                               return 0;\r
-               }\r
-               if (!$item) {\r
-                       // load class if needed\r
-                       $this->loadClass('ITEM');\r
-                       // load item object\r
-                       $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);\r
-                       $this->items[$itemid] = $item;\r
-               }\r
-               return $item;\r
-       }\r
-\r
-       /**\r
-         * Loads a class if it has not yet been loaded\r
-         */\r
-       function loadClass($name) {\r
-               $this->_loadClass($name, $name . '.php');\r
-       }\r
-\r
-       /**\r
-         * Checks if an item exists\r
-         */\r
-       function existsItem($id,$future,$draft) {\r
-               $this->_loadClass('ITEM','ITEM.php');\r
-               return ITEM::exists($id,$future,$draft);\r
-       }\r
-\r
-       /**\r
-         * Checks if a category exists\r
-         */\r
-       function existsCategory($id) {\r
-               return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);\r
-       }\r
-\r
-       /**\r
-         * Returns the blog object for a given blogid\r
-         */\r
-       function &getBlog($blogid) {\r
-               $blog =& $this->blogs[$blogid];\r
-\r
-               if (!$blog) {\r
-                       // load class if needed\r
-                       $this->_loadClass('BLOG','BLOG.php');\r
-                       // load blog object\r
-                       $blog =& new BLOG($blogid);\r
-                       $this->blogs[$blogid] =& $blog;\r
-               }\r
-               return $blog;\r
-       }\r
-\r
-       /**\r
-         * Checks if a blog exists\r
-         */\r
-       function existsBlog($name) {\r
-               $this->_loadClass('BLOG','BLOG.php');\r
-               return BLOG::exists($name);\r
-       }\r
-\r
-       /**\r
-         * Checks if a blog id exists\r
-         */\r
-       function existsBlogID($id) {\r
-               $this->_loadClass('BLOG','BLOG.php');\r
-               return BLOG::existsID($id);\r
-       }\r
-\r
-       /**\r
-        * Returns a previously read template\r
-        */\r
-       function &getTemplate($templateName) {\r
-               $template =& $this->templates[$templateName];\r
-\r
-               if (!$template) {\r
-                       $template = TEMPLATE::read($templateName);\r
-                       $this->templates[$templateName] =& $template;\r
-               }\r
-               return $template;\r
-       }\r
-\r
-       /**\r
-        * Returns a KARMA object (karma votes)\r
-        */\r
-       function &getKarma($itemid) {\r
-               $karma =& $this->karma[$itemid];\r
-\r
-               if (!$karma) {\r
-                       // load class if needed\r
-                       $this->_loadClass('KARMA','KARMA.php');\r
-                       // create KARMA object\r
-                       $karma =& new KARMA($itemid);\r
-                       $this->karma[$itemid] =& $karma;\r
-               }\r
-               return $karma;\r
-       }\r
-\r
-       /**\r
-        * Returns a MEMBER object\r
-        */\r
-       function &getMember($memberid) {\r
-               $mem =& $this->members[$memberid];\r
-\r
-               if (!$mem) {\r
-                       // load class if needed\r
-                       $this->_loadClass('MEMBER','MEMBER.php');\r
-                       // create MEMBER object\r
-                       $mem =& MEMBER::createFromID($memberid);\r
-                       $this->members[$memberid] =& $mem;\r
-               }\r
-               return $mem;\r
-       }\r
-\r
-       /**\r
-        * Set the global parser preferences\r
-        */\r
-       function setParserProperty($name, $value) {\r
-               $this->parserPrefs[$name] = $value;\r
-       }\r
-\r
-       /**\r
-        * Get the global parser preferences\r
-        */\r
-       function getParserProperty($name) {\r
-               return $this->parserPrefs[$name];\r
-       }\r
-\r
-       /**\r
-         * A helper function to load a class\r
-         * \r
-         * private\r
-         */\r
-       function _loadClass($name, $filename) {\r
-               if (!class_exists($name)) {\r
-                               global $DIR_LIBS;\r
-                               include($DIR_LIBS . $filename);\r
-               }\r
-       }\r
-\r
-       /**\r
-         * A helper function to load a plugin\r
-         * \r
-         *     private\r
-         */\r
-       function _loadPlugin($name) {\r
-               if (!class_exists($name)) {\r
-                               global $DIR_PLUGINS;\r
-\r
-                               $fileName = $DIR_PLUGINS . $name . '.php';\r
-\r
-                               if (!file_exists($fileName))\r
-                               {\r
-                                       ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));\r
-                                       return 0;\r
-                               }\r
-\r
-                               // load plugin\r
-                               include($fileName);\r
-\r
-                               // check if class exists (avoid errors in eval'd code)\r
-                               if (!class_exists($name))\r
-                               {\r
-                                       ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));\r
-                                       return 0;\r
-                               }\r
-\r
-                               // add to plugin array\r
-                               eval('$this->plugins[$name] =& new ' . $name . '();');\r
-\r
-                               // get plugid\r
-                               $this->plugins[$name]->plugid = $this->getPidFromName($name);\r
-\r
-                               // unload plugin if a prefix is used and the plugin cannot handle this^\r
-                               global $MYSQL_PREFIX;\r
-                               if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix'))\r
-                               {\r
-                                       unset($this->plugins[$name]);\r
-                                       ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));\r
-                                       return 0;\r
-                               }\r
-\r
-                               // call init method\r
-                               $this->plugins[$name]->init();\r
-\r
-               }\r
-       }\r
-\r
-       /**\r
-        * Returns a PLUGIN object\r
-        */\r
-       function &getPlugin($name) {\r
-               // retrieve the name of the plugin in the right capitalisation\r
-               $name = $this->getUpperCaseName ($name);\r
-               // get the plugin       \r
-               $plugin =& $this->plugins[$name];\r
-\r
-               if (!$plugin) {\r
-                       // load class if needed\r
-                       $this->_loadPlugin($name);\r
-                       $plugin =& $this->plugins[$name];\r
-               }\r
-               return $plugin;\r
-       }\r
-\r
-       /**\r
-         * Checks if the given plugin IS loaded or not\r
-         */\r
-       function &pluginLoaded($name) {\r
-               $plugin =& $this->plugins[$name];\r
-               return $plugin;\r
-       }\r
-\r
-       function &pidLoaded($pid) {\r
-               $plugin=false;\r
-               reset($this->plugins);\r
-               while (list($name) = each($this->plugins)) {\r
-                       if ($pid!=$this->plugins[$name]->getId()) continue;\r
-                       $plugin= & $this->plugins[$name];\r
-                       break;\r
-               }\r
-               return $plugin;\r
-       }\r
-\r
-       /**\r
-         * checks if the given plugin IS installed or not\r
-         */\r
-       function pluginInstalled($name) {\r
-               $this->_initCacheInfo('installedPlugins');\r
-               return ($this->getPidFromName($name) != -1);\r
-       }\r
-\r
-       function pidInstalled($pid) {\r
-               $this->_initCacheInfo('installedPlugins');\r
-               return ($this->cachedInfo['installedPlugins'][$pid] != '');\r
-       }\r
-\r
-       function getPidFromName($name) {\r
-               $this->_initCacheInfo('installedPlugins');\r
-               foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)\r
-               {\r
-                       if (strtolower($pfile) == strtolower($name))\r
-                               return $pid;\r
-               }\r
-               return -1;\r
-       }\r
-\r
-       /**\r
-         * Retrieve the name of a plugin in the right capitalisation\r
-         */\r
-       function getUpperCaseName ($name) {\r
-               $this->_initCacheInfo('installedPlugins');\r
-               foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)\r
-               {\r
-                       if (strtolower($pfile) == strtolower($name))\r
-                               return $pfile;\r
-               }\r
-               return -1;\r
-       }\r
-\r
-       function clearCachedInfo($what) {\r
-               unset($this->cachedInfo[$what]);\r
-       }\r
-\r
-       /**\r
-        * Loads some info on the first call only\r
-        */\r
-       function _initCacheInfo($what)\r
-       {\r
-               if (isset($this->cachedInfo[$what]) && is_array($this->cachedInfo[$what]))\r
-                       return;\r
-               switch ($what)\r
-               {\r
-                       // 'installedPlugins' = array ($pid => $name)\r
-                       case 'installedPlugins':\r
-                               $this->cachedInfo['installedPlugins'] = array();\r
-                               $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));\r
-                               while ($o = mysql_fetch_object($res))\r
-                               {\r
-                                       $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;\r
-                               }\r
-                               break;\r
-               }\r
-       }\r
-\r
-       /**\r
-         * A function to notify plugins that something has happened. Only the plugins\r
-         * that are subscribed to the event will get notified.\r
-         * Upon the first call, the list of subscriptions will be fetched from the\r
-         * database. The plugins itsself will only get loaded when they are first needed\r
-         *\r
-         * @param $eventName\r
-         *             Name of the event (method to be called on plugins)\r
-         * @param $data\r
-         *             Can contain any type of data, depending on the event type. Usually this is\r
-         *             an itemid, blogid, ... but it can also be an array containing multiple values\r
-         */\r
-       function notify($eventName, $data) {\r
-               // load subscription list if needed\r
-               if (!is_array($this->subscriptions))\r
-                       $this->_loadSubscriptions();\r
-\r
-\r
-               // get listening objects\r
-               $listeners = false;\r
-               if (isset($this->subscriptions[$eventName])) {\r
-                       $listeners = $this->subscriptions[$eventName];\r
-               }\r
-\r
-               // notify all of them\r
-               if (is_array($listeners)) {\r
-                       foreach($listeners as $listener) {\r
-                               // load class if needed\r
-                               $this->_loadPlugin($listener);\r
-                               // do notify (if method exists)\r
-                               if (method_exists($this->plugins[$listener], 'event_' . $eventName))\r
-                                       call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), $data);\r
-                       }\r
-               }\r
-\r
-       }\r
-\r
-       /**\r
-         * Loads plugin subscriptions\r
-         */\r
-       function _loadSubscriptions() {\r
-               // initialize as array\r
-               $this->subscriptions = array();\r
-\r
-               $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');\r
-               while ($o = mysql_fetch_object($res)) {\r
-                       $pluginName = $o->pfile;\r
-                       $eventName = $o->event;\r
-                       $this->subscriptions[$eventName][] = $pluginName;\r
-               }\r
-\r
-       }\r
-\r
-       /*\r
-               Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST\r
-               requests. tickets are user specific\r
-       */\r
-\r
-       var $currentRequestTicket = '';\r
-\r
-       /**\r
-        * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)\r
-        */\r
-       function addTicketToUrl($url)\r
-       {\r
-               $ticketCode = 'ticket=' . $this->_generateTicket();\r
-               if (strstr($url, '?'))\r
-                       return $url . '&' . $ticketCode;\r
-               else\r
-                       return $url . '?' . $ticketCode;\r
-       }\r
-\r
-       /**\r
-        * POST requests: Adds ticket as hidden formvar\r
-        */\r
-       function addTicketHidden()\r
-       {\r
-               $ticket = $this->_generateTicket();\r
-\r
-               echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';\r
-       }\r
-\r
-       /**\r
-        * Get a new ticket\r
-        * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)\r
-        */\r
-       function getNewTicket()\r
-       {\r
-               $this->currentRequestTicket = '';\r
-               return $this->_generateTicket();\r
-       }\r
-\r
-       /**\r
-        * Checks the ticket that was passed along with the current request\r
-        */\r
-       function checkTicket()\r
-       {\r
-               global $member;\r
-\r
-               // get ticket from request\r
-               $ticket = requestVar('ticket');\r
-\r
-               // no ticket -> don't allow\r
-               if ($ticket == '')\r
-                       return false;\r
-\r
-               // remove expired tickets first\r
-               $this->_cleanUpExpiredTickets();\r
-\r
-               // get member id\r
-               if (!$member->isLoggedIn())\r
-                       $memberId = -1;\r
-               else\r
-                       $memberId = $member->getID();\r
-\r
-               // check if ticket is a valid one\r
-               $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'';\r
-               if (quickQuery($query) == 1)\r
-               {\r
-                       // [in the original implementation, the checked ticket was deleted. This would lead to invalid\r
-                       //  tickets when using the browsers back button and clicking another link/form\r
-                       //  leaving the keys in the database is not a real problem, since they're member-specific and\r
-                       //  only valid for a period of one hour\r
-                       // ]\r
-                       // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');\r
-                       return true;\r
-               } else {\r
-                       // not a valid ticket\r
-                       return false;\r
-               }\r
-\r
-       }\r
-\r
-       /**\r
-        * (internal method) Removes the expired tickets\r
-        */\r
-       function _cleanUpExpiredTickets()\r
-       {\r
-               // remove tickets older than 1 hour\r
-               $oldTime = time() - 60 * 60;\r
-               $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';\r
-               sql_query($query);\r
-       }\r
-\r
-       /**\r
-        * (internal method) Generates/returns a ticket (one ticket per page request)\r
-        */\r
-       function _generateTicket()\r
-       {\r
-               if ($this->currentRequestTicket == '')\r
-               {\r
-                       // generate new ticket (only one ticket will be generated per page request)\r
-                       // and store in database\r
-                       global $member;\r
-                       // get member id\r
-                       if (!$member->isLoggedIn())\r
-                               $memberId = -1;\r
-                       else\r
-                               $memberId = $member->getID();\r
-\r
-                       $ok = false;\r
-                       while (!$ok)\r
-                       {\r
-                               // generate a random token\r
-                               srand((double)microtime()*1000000);\r
-                               $ticket = md5(uniqid(rand(), true));\r
-\r
-                               // add in database as non-active\r
-                               $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';\r
-                               $query .= 'VALUES (\'' . addslashes($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';\r
-                               if (sql_query($query))\r
-                                       $ok = true;\r
-                       }\r
-\r
-                       $this->currentRequestTicket = $ticket;\r
-               }\r
-               return $this->currentRequestTicket;\r
-       }\r
-\r
-}\r
-\r
+class MANAGER {
+
+       /**
+        * Cached ITEM, BLOG, PLUGIN, KARMA and MEMBER objects. When these objects are requested
+        * through the global $manager object (getItem, getBlog, ...), only the first call
+        * will create an object. Subsequent calls will return the same object.
+        *
+        * The $items, $blogs, ... arrays map an id to an object (for plugins, the name is used
+        * rather than an ID)
+        */
+       var $items;
+       var $blogs;
+       var $plugins;
+       var $karma;
+       var $templates;
+       var $members;
+
+       /**
+        * cachedInfo to avoid repeated SQL queries (see pidInstalled/pluginInstalled/getPidFromName)
+        * e.g. which plugins exists?
+        *
+        * $cachedInfo['installedPlugins'] = array($pid -> $name)
+        */
+       var $cachedInfo;
+
+       /**
+         * The plugin subscriptionlist
+         *
+         * The subcription array has the following structure
+         *             $subscriptions[$EventName] = array containing names of plugin classes to be
+         *                                                                      notified when that event happens
+         */
+       var $subscriptions;
+
+       /**
+         * Returns the only instance of this class. Creates the instance if it
+         * does not yet exists. Users should use this function as
+         * $manager =& MANAGER::instance(); to get a reference to the object
+         * instead of a copy
+         */
+       function &instance() {
+               static $instance = array();
+               if (empty($instance)) {
+                       $instance[0] =& new MANAGER();
+               }
+               return $instance[0];
+       }
+
+       /**
+         * The constructor of this class initializes the object caches
+         */
+       function MANAGER() {
+               $this->items = array();
+               $this->blogs = array();
+               $this->plugins = array();
+               $this->karma = array();
+               $this->parserPrefs = array();
+               $this->cachedInfo = array();
+       }
+
+       /**
+         * Returns the requested item object. If it is not in the cache, it will
+         * first be loaded and then placed in the cache.
+         * Intended use: $item =& $manager->getItem(1234)
+         */
+       function &getItem($itemid, $allowdraft, $allowfuture) {
+               $item =& $this->items[$itemid];
+
+               // check the draft and future rules if the item was already cached
+               if ($item) {
+                       if ((!$allowdraft) && ($item['draft']))
+                               return 0;
+
+                       $blog =& $this->getBlog(getBlogIDFromItemID($itemid));
+                       if ((!$allowfuture) && ($item['timestamp'] > $blog->getCorrectTime()))
+                               return 0;
+               }
+               if (!$item) {
+                       // load class if needed
+                       $this->loadClass('ITEM');
+                       // load item object
+                       $item = ITEM::getitem($itemid, $allowdraft, $allowfuture);
+                       $this->items[$itemid] = $item;
+               }
+               return $item;
+       }
+
+       /**
+         * Loads a class if it has not yet been loaded
+         */
+       function loadClass($name) {
+               $this->_loadClass($name, $name . '.php');
+       }
+
+       /**
+         * Checks if an item exists
+         */
+       function existsItem($id,$future,$draft) {
+               $this->_loadClass('ITEM','ITEM.php');
+               return ITEM::exists($id,$future,$draft);
+       }
+
+       /**
+         * Checks if a category exists
+         */
+       function existsCategory($id) {
+               return (quickQuery('SELECT COUNT(*) as result FROM '.sql_table('category').' WHERE catid='.intval($id)) > 0);
+       }
+
+       /**
+         * Returns the blog object for a given blogid
+         */
+       function &getBlog($blogid) {
+               $blog =& $this->blogs[$blogid];
+
+               if (!$blog) {
+                       // load class if needed
+                       $this->_loadClass('BLOG','BLOG.php');
+                       // load blog object
+                       $blog =& new BLOG($blogid);
+                       $this->blogs[$blogid] =& $blog;
+               }
+               return $blog;
+       }
+
+       /**
+         * Checks if a blog exists
+         */
+       function existsBlog($name) {
+               $this->_loadClass('BLOG','BLOG.php');
+               return BLOG::exists($name);
+       }
+
+       /**
+         * Checks if a blog id exists
+         */
+       function existsBlogID($id) {
+               $this->_loadClass('BLOG','BLOG.php');
+               return BLOG::existsID($id);
+       }
+
+       /**
+        * Returns a previously read template
+        */
+       function &getTemplate($templateName) {
+               $template =& $this->templates[$templateName];
+
+               if (!$template) {
+                       $template = TEMPLATE::read($templateName);
+                       $this->templates[$templateName] =& $template;
+               }
+               return $template;
+       }
+
+       /**
+        * Returns a KARMA object (karma votes)
+        */
+       function &getKarma($itemid) {
+               $karma =& $this->karma[$itemid];
+
+               if (!$karma) {
+                       // load class if needed
+                       $this->_loadClass('KARMA','KARMA.php');
+                       // create KARMA object
+                       $karma =& new KARMA($itemid);
+                       $this->karma[$itemid] =& $karma;
+               }
+               return $karma;
+       }
+
+       /**
+        * Returns a MEMBER object
+        */
+       function &getMember($memberid) {
+               $mem =& $this->members[$memberid];
+
+               if (!$mem) {
+                       // load class if needed
+                       $this->_loadClass('MEMBER','MEMBER.php');
+                       // create MEMBER object
+                       $mem =& MEMBER::createFromID($memberid);
+                       $this->members[$memberid] =& $mem;
+               }
+               return $mem;
+       }
+
+       /**
+        * Set the global parser preferences
+        */
+       function setParserProperty($name, $value) {
+               $this->parserPrefs[$name] = $value;
+       }
+
+       /**
+        * Get the global parser preferences
+        */
+       function getParserProperty($name) {
+               return $this->parserPrefs[$name];
+       }
+
+       /**
+         * A helper function to load a class
+         * 
+         * private
+         */
+       function _loadClass($name, $filename) {
+               if (!class_exists($name)) {
+                               global $DIR_LIBS;
+                               include($DIR_LIBS . $filename);
+               }
+       }
+
+       /**
+         * A helper function to load a plugin
+         * 
+         *     private
+         */
+       function _loadPlugin($name) {
+               if (!class_exists($name)) {
+                               global $DIR_PLUGINS;
+
+                               $fileName = $DIR_PLUGINS . $name . '.php';
+
+                               if (!file_exists($fileName))
+                               {
+                                       ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOTFOUND, $name));
+                                       return 0;
+                               }
+
+                               // load plugin
+                               include($fileName);
+
+                               // check if class exists (avoid errors in eval'd code)
+                               if (!class_exists($name))
+                               {
+                                       ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINFILE_NOCLASS, $name));
+                                       return 0;
+                               }
+
+                               // add to plugin array
+                               eval('$this->plugins[$name] =& new ' . $name . '();');
+
+                               // get plugid
+                               $this->plugins[$name]->plugid = $this->getPidFromName($name);
+
+                               // unload plugin if a prefix is used and the plugin cannot handle this^
+                               global $MYSQL_PREFIX;
+                               if (($MYSQL_PREFIX != '') && !$this->plugins[$name]->supportsFeature('SqlTablePrefix'))
+                               {
+                                       unset($this->plugins[$name]);
+                                       ACTIONLOG::add(WARNING, sprintf(_MANAGER_PLUGINTABLEPREFIX_NOTSUPPORT, $name));
+                                       return 0;
+                               }
+
+                               // call init method
+                               $this->plugins[$name]->init();
+
+               }
+       }
+
+       /**
+        * Returns a PLUGIN object
+        */
+       function &getPlugin($name) {
+               // retrieve the name of the plugin in the right capitalisation
+               $name = $this->getUpperCaseName ($name);
+               // get the plugin       
+               $plugin =& $this->plugins[$name];
+
+               if (!$plugin) {
+                       // load class if needed
+                       $this->_loadPlugin($name);
+                       $plugin =& $this->plugins[$name];
+               }
+               return $plugin;
+       }
+
+       /**
+         * Checks if the given plugin IS loaded or not
+         */
+       function &pluginLoaded($name) {
+               $plugin =& $this->plugins[$name];
+               return $plugin;
+       }
+
+       function &pidLoaded($pid) {
+               $plugin=false;
+               reset($this->plugins);
+               while (list($name) = each($this->plugins)) {
+                       if ($pid!=$this->plugins[$name]->getId()) continue;
+                       $plugin= & $this->plugins[$name];
+                       break;
+               }
+               return $plugin;
+       }
+
+       /**
+         * checks if the given plugin IS installed or not
+         */
+       function pluginInstalled($name) {
+               $this->_initCacheInfo('installedPlugins');
+               return ($this->getPidFromName($name) != -1);
+       }
+
+       function pidInstalled($pid) {
+               $this->_initCacheInfo('installedPlugins');
+               return ($this->cachedInfo['installedPlugins'][$pid] != '');
+       }
+
+       function getPidFromName($name) {
+               $this->_initCacheInfo('installedPlugins');
+               foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
+               {
+                       if (strtolower($pfile) == strtolower($name))
+                               return $pid;
+               }
+               return -1;
+       }
+
+       /**
+         * Retrieve the name of a plugin in the right capitalisation
+         */
+       function getUpperCaseName ($name) {
+               $this->_initCacheInfo('installedPlugins');
+               foreach ($this->cachedInfo['installedPlugins'] as $pid => $pfile)
+               {
+                       if (strtolower($pfile) == strtolower($name))
+                               return $pfile;
+               }
+               return -1;
+       }
+
+       function clearCachedInfo($what) {
+               unset($this->cachedInfo[$what]);
+       }
+
+       /**
+        * Loads some info on the first call only
+        */
+       function _initCacheInfo($what)
+       {
+               if (isset($this->cachedInfo[$what]) && is_array($this->cachedInfo[$what]))
+                       return;
+               switch ($what)
+               {
+                       // 'installedPlugins' = array ($pid => $name)
+                       case 'installedPlugins':
+                               $this->cachedInfo['installedPlugins'] = array();
+                               $res = sql_query('SELECT pid, pfile FROM ' . sql_table('plugin'));
+                               while ($o = sql_fetch_object($res))
+                               {
+                                       $this->cachedInfo['installedPlugins'][$o->pid] = $o->pfile;
+                               }
+                               break;
+               }
+       }
+
+       /**
+         * A function to notify plugins that something has happened. Only the plugins
+         * that are subscribed to the event will get notified.
+         * Upon the first call, the list of subscriptions will be fetched from the
+         * database. The plugins itsself will only get loaded when they are first needed
+         *
+         * @param $eventName
+         *             Name of the event (method to be called on plugins)
+         * @param $data
+         *             Can contain any type of data, depending on the event type. Usually this is
+         *             an itemid, blogid, ... but it can also be an array containing multiple values
+         */
+       function notify($eventName, $data) {
+               // load subscription list if needed
+               if (!is_array($this->subscriptions))
+                       $this->_loadSubscriptions();
+
+
+               // get listening objects
+               $listeners = false;
+               if (isset($this->subscriptions[$eventName])) {
+                       $listeners = $this->subscriptions[$eventName];
+               }
+
+               // notify all of them
+               if (is_array($listeners)) {
+                       foreach($listeners as $listener) {
+                               // load class if needed
+                               $this->_loadPlugin($listener);
+                               // do notify (if method exists)
+                               if (method_exists($this->plugins[$listener], 'event_' . $eventName))
+                                       call_user_func(array(&$this->plugins[$listener],'event_' . $eventName), $data);
+                       }
+               }
+
+       }
+
+       /**
+         * Loads plugin subscriptions
+         */
+       function _loadSubscriptions() {
+               // initialize as array
+               $this->subscriptions = array();
+
+               $res = sql_query('SELECT p.pfile as pfile, e.event as event FROM '.sql_table('plugin_event').' as e, '.sql_table('plugin').' as p WHERE e.pid=p.pid ORDER BY p.porder ASC');
+               while ($o = sql_fetch_object($res)) {
+                       $pluginName = $o->pfile;
+                       $eventName = $o->event;
+                       $this->subscriptions[$eventName][] = $pluginName;
+               }
+
+       }
+
+       /*
+               Ticket functions. These are uses by the admin area to make it impossible to simulate certain GET/POST
+               requests. tickets are user specific
+       */
+
+       var $currentRequestTicket = '';
+
+       /**
+        * GET requests: Adds ticket to URL (URL should NOT be html-encoded!, ticket is added at the end)
+        */
+       function addTicketToUrl($url)
+       {
+               $ticketCode = 'ticket=' . $this->_generateTicket();
+               if (strstr($url, '?'))
+                       return $url . '&' . $ticketCode;
+               else
+                       return $url . '?' . $ticketCode;
+       }
+
+       /**
+        * POST requests: Adds ticket as hidden formvar
+        */
+       function addTicketHidden()
+       {
+               $ticket = $this->_generateTicket();
+
+               echo '<input type="hidden" name="ticket" value="', htmlspecialchars($ticket), '" />';
+       }
+
+       /**
+        * Get a new ticket
+        * (xmlHTTPRequest AutoSaveDraft uses this to refresh the ticket)
+        */
+       function getNewTicket()
+       {
+               $this->currentRequestTicket = '';
+               return $this->_generateTicket();
+       }
+
+       /**
+        * Checks the ticket that was passed along with the current request
+        */
+       function checkTicket()
+       {
+               global $member;
+
+               // get ticket from request
+               $ticket = requestVar('ticket');
+
+               // no ticket -> don't allow
+               if ($ticket == '')
+                       return false;
+
+               // remove expired tickets first
+               $this->_cleanUpExpiredTickets();
+
+               // get member id
+               if (!$member->isLoggedIn())
+                       $memberId = -1;
+               else
+                       $memberId = $member->getID();
+
+               // check if ticket is a valid one
+               $query = 'SELECT COUNT(*) as result FROM ' . sql_table('tickets') . ' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'';
+               if (quickQuery($query) == 1)
+               {
+                       // [in the original implementation, the checked ticket was deleted. This would lead to invalid
+                       //  tickets when using the browsers back button and clicking another link/form
+                       //  leaving the keys in the database is not a real problem, since they're member-specific and
+                       //  only valid for a period of one hour
+                       // ]
+                       // sql_query('DELETE FROM '.sql_table('tickets').' WHERE member=' . intval($memberId). ' and ticket=\''.addslashes($ticket).'\'');
+                       return true;
+               } else {
+                       // not a valid ticket
+                       return false;
+               }
+
+       }
+
+       /**
+        * (internal method) Removes the expired tickets
+        */
+       function _cleanUpExpiredTickets()
+       {
+               // remove tickets older than 1 hour
+               $oldTime = time() - 60 * 60;
+               $query = 'DELETE FROM ' . sql_table('tickets'). ' WHERE ctime < \'' . date('Y-m-d H:i:s',$oldTime) .'\'';
+               sql_query($query);
+       }
+
+       /**
+        * (internal method) Generates/returns a ticket (one ticket per page request)
+        */
+       function _generateTicket()
+       {
+               if ($this->currentRequestTicket == '')
+               {
+                       // generate new ticket (only one ticket will be generated per page request)
+                       // and store in database
+                       global $member;
+                       // get member id
+                       if (!$member->isLoggedIn())
+                               $memberId = -1;
+                       else
+                               $memberId = $member->getID();
+
+                       $ok = false;
+                       while (!$ok)
+                       {
+                               // generate a random token
+                               srand((double)microtime()*1000000);
+                               $ticket = md5(uniqid(rand(), true));
+
+                               // add in database as non-active
+                               $query = 'INSERT INTO ' . sql_table('tickets') . ' (ticket, member, ctime) ';
+                               $query .= 'VALUES (\'' . addslashes($ticket). '\', \'' . intval($memberId). '\', \'' . date('Y-m-d H:i:s',time()) . '\')';
+                               if (sql_query($query))
+                                       $ok = true;
+                       }
+
+                       $this->currentRequestTicket = $ticket;
+               }
+               return $this->currentRequestTicket;
+       }
+
+}
+
 ?>
\ No newline at end of file
index d380df3..19f667c 100755 (executable)
@@ -130,7 +130,7 @@ class MEMBER {
                $query =  'SELECT * FROM '.sql_table('member') . ' WHERE ' . $where;
 
                $res = sql_query($query);
-               $obj = mysql_fetch_object($res);
+               $obj = sql_fetch_object($res);
 
                $this->setRealName($obj->mrealname);
                $this->setEmail($obj->memail);
@@ -145,7 +145,7 @@ class MEMBER {
                $this->setLanguage($obj->deflang);
                $this->setAutosave($obj->mautosave);
 
-               return mysql_num_rows($res);
+               return sql_num_rows($res);
        }
 
 
@@ -158,10 +158,10 @@ class MEMBER {
                           . ' tblog=' . intval($blogid)
                           . ' and tmember='. $this->getID();
                $res = sql_query($query);
-               if (mysql_num_rows($res) == 0)
+               if (sql_num_rows($res) == 0)
                        return 0;
                else
-                       return (mysql_result($res,0,0) == 1) ;
+                       return (sql_result($res,0,0) == 1) ;
        }
 
        function blogAdminRights($blogid) {
@@ -181,7 +181,7 @@ class MEMBER {
                           . ' tblog=' . intval($blogid)
                           . ' and tmember='. $this->getID();
                $res = sql_query($query);
-               return (mysql_num_rows($res) != 0);
+               return (sql_num_rows($res) != 0);
        }
 
        function canAddItem($catid) {
@@ -223,7 +223,7 @@ class MEMBER {
                           . ' FROM '.sql_table('comment') .', '.sql_table('item').', '.sql_table('blog')
                           . ' WHERE citem=inumber and iblog=bnumber and cnumber=' . intval($commentid);
                $res = sql_query($query);
-               $obj = mysql_fetch_object($res);
+               $obj = sql_fetch_object($res);
 
                return ($obj->cauthor == $this->getID()) or $this->isBlogAdmin($obj->blogid) or ($obj->iauthor == $this->getID());
        }
@@ -239,7 +239,7 @@ class MEMBER {
 
                $query =  'SELECT iblog, iauthor FROM '.sql_table('item').' WHERE inumber=' . intval($itemid);
                $res = sql_query($query);
-               $obj = mysql_fetch_object($res);
+               $obj = sql_fetch_object($res);
                return ($obj->iauthor == $this->getID()) or $this->isBlogAdmin($obj->iblog);
        }
 
@@ -249,7 +249,7 @@ class MEMBER {
          */
        function canBeDeleted() {
                $res = sql_query('SELECT * FROM '.sql_table('item').' WHERE iauthor=' . $this->getID());
-               return (mysql_num_rows($res) == 0);
+               return (sql_num_rows($res) == 0);
        }
 
        /**
@@ -393,8 +393,8 @@ class MEMBER {
                        $query = 'SELECT tblog as blogid from '.sql_table('team').' where tadmin=1 and tmember=' . $this->getID();
 
                $res = sql_query($query);
-               if (mysql_num_rows($res) > 0) {
-                       while ($obj = mysql_fetch_object($res)) {
+               if (sql_num_rows($res) > 0) {
+                       while ($obj = sql_fetch_object($res)) {
                                array_push($blogs, $obj->blogid);
                        }
                }
@@ -415,8 +415,8 @@ class MEMBER {
                        $query = 'SELECT tblog as blogid from '.sql_table('team').' where tmember=' . $this->getID();
 
                $res = sql_query($query);
-               if (mysql_num_rows($res) > 0) {
-                       while ($obj = mysql_fetch_object($res)) {
+               if (sql_num_rows($res) > 0) {
+                       while ($obj = sql_fetch_object($res)) {
                                array_push($blogs, $obj->blogid);
                        }
                }
@@ -577,7 +577,7 @@ class MEMBER {
         */
        function exists($name) {
                $r = sql_query('select * FROM '.sql_table('member')." WHERE mname='".addslashes($name)."'");
-               return (mysql_num_rows($r) != 0);
+               return (sql_num_rows($r) != 0);
        }
 
        /**
@@ -587,7 +587,7 @@ class MEMBER {
         */
        function existsID($id) {
                $r = sql_query('select * FROM '.sql_table('member')." WHERE mnumber='".intval($id)."'");
-               return (mysql_num_rows($r) != 0);
+               return (sql_num_rows($r) != 0);
        }
 
        /**
@@ -659,10 +659,10 @@ class MEMBER {
                $query = 'SELECT * FROM ' . sql_table('activation') . ' WHERE vkey=\'' . addslashes($key). '\'';
                $res = sql_query($query);
 
-               if (!$res || (mysql_num_rows($res) == 0))
+               if (!$res || (sql_num_rows($res) == 0))
                        return 0;
                else
-                       return mysql_fetch_object($res);
+                       return sql_fetch_object($res);
        }
 
        /**
@@ -775,7 +775,7 @@ class MEMBER {
                // 1. walk over all entries, and see if special actions need to be performed
                $res = sql_query('SELECT * FROM ' . sql_table('activation') . ' WHERE vtime < \'' . date('Y-m-d H:i:s',$boundary) . '\'');
 
-               while ($o = mysql_fetch_object($res))
+               while ($o = sql_fetch_object($res))
                {
                        switch ($o->vtype)
                        {
index df75eaa..1a9cb4d 100755 (executable)
         * @version $Id$
         * $NucleusJP: PLUGIN.php,v 1.12.2.3 2007/12/03 02:22:42 kmorimatsu Exp $
         */
-       class NucleusPlugin {\r
-\r
-               // these functions _have_ to be redefined in your plugin\r
-\r
-               function getName() { return 'Undefined'; }\r
-               function getAuthor()  { return 'Undefined'; }\r
-               function getURL()  { return 'Undefined'; }\r
-               function getVersion() { return '0.0'; }\r
-               function getDescription() { return 'Undefined';}\r
-\r
-               // these function _may_ be redefined in your plugin\r
-\r
-               function getMinNucleusVersion() { return 150; }\r
-               function getMinNucleusPatchLevel() { return 0; }\r
-               function getEventList() { return array(); }\r
-               function getTableList() { return array(); }\r
-               function hasAdminArea() { return 0; }\r
-\r
-               function install() {}\r
-               function unInstall() {}\r
-\r
-               function init() {}\r
-\r
-               function doSkinVar($skinType) {}\r
-               function doTemplateVar(&$item) {\r
-                       $args = func_get_args();\r
-                       array_shift($args);\r
-                       array_unshift($args, 'template');\r
-                       call_user_func_array(array(&$this,'doSkinVar'),$args);\r
-               }\r
-               function doTemplateCommentsVar(&$item, &$comment) {\r
-                       $args = func_get_args();\r
-                       array_shift($args);\r
-                       array_shift($args);\r
-                       array_unshift($args, 'template');\r
-                       call_user_func_array(array(&$this,'doSkinVar'),$args);\r
-               }\r
-               function doAction($type) { return _ERROR_PLUGIN_NOSUCHACTION; }\r
-               function doIf($key,$value) { return false; }\r
-               function doItemVar () {}\r
-\r
-               /**\r
-                * Checks if a plugin supports a certain feature.\r
-                *\r
-                * @returns 1 if the feature is reported, 0 if not\r
-                * @param $feature\r
-                *              Name of the feature. See plugin documentation for more info\r
-                *                      'SqlTablePrefix' -> if the plugin uses the sql_table() method to get table names\r
-                *                      'HelpPage' -> if the plugin provides a helppage\r
-                */\r
-               function supportsFeature($feature) {\r
-                       return 0;\r
-               }\r
-\r
-               /**\r
-                * Report a list of plugin that is required to function\r
-                *\r
-                * @returns an array of names of plugin, an empty array indicates no dependency\r
-                */\r
-               function getPluginDep() { return array(); }\r
-\r
-               // these helper functions should not be redefined in your plugin\r
-\r
-               /**\r
-                 * Creates a new option for this plugin\r
-                 *\r
-                 * @param name\r
-                 *             A string uniquely identifying your option. (max. length is 20 characters)\r
-                 * @param description\r
-                 *             A description that will show up in the nucleus admin area (max. length: 255 characters)\r
-                 * @param type\r
-                 *             Either 'text', 'yesno' or 'password'\r
-                 *             This info is used when showing 'edit plugin options' screens\r
-                 * @param value\r
-                 *             Initial value for the option (max. value length is 128 characters)\r
-                 */\r
-               function createOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
-                       return $this->_createOption('global', $name, $desc, $type, $defValue, $typeExtras);\r
-               }\r
-               function createBlogOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
-                       return $this->_createOption('blog', $name, $desc, $type, $defValue, $typeExtras);\r
-               }\r
-               function createMemberOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
-                       return $this->_createOption('member', $name, $desc, $type, $defValue, $typeExtras);\r
-               }\r
-               function createCategoryOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
-                       return $this->_createOption('category', $name, $desc, $type, $defValue, $typeExtras);\r
-               }\r
-               function createItemOption($name, $desc, $type, $defValue = '', $typeExtras = '') {\r
-                       return $this->_createOption('item', $name, $desc, $type, $defValue, $typeExtras);\r
-               }\r
-\r
-               /**\r
-                 * Removes the option from the database\r
-                 *\r
-                 * Note: Options get erased automatically on plugin uninstall\r
-                 */\r
-               function deleteOption($name) {\r
-                       return $this->_deleteOption('global', $name);\r
-               }\r
-               function deleteBlogOption($name) {\r
-                       return $this->_deleteOption('blog', $name);\r
-               }\r
-               function deleteMemberOption($name) {\r
-                       return $this->_deleteOption('member', $name);\r
-               }\r
-               function deleteCategoryOption($name) {\r
-                       return $this->_deleteOption('category', $name);\r
-               }\r
-               function deleteItemOption($name) {\r
-                       return $this->_deleteOption('item', $name);\r
-               }\r
-\r
-               /**\r
-                 * Sets the value of an option to something new\r
-                 */\r
-               function setOption($name, $value) {\r
-                       return $this->_setOption('global', 0, $name, $value);\r
-               }\r
-               function setBlogOption($blogid, $name, $value) {\r
-                       return $this->_setOption('blog', $blogid, $name, $value);\r
-               }\r
-               function setMemberOption($memberid, $name, $value) {\r
-                       return $this->_setOption('member', $memberid, $name, $value);\r
-               }\r
-               function setCategoryOption($catid, $name, $value) {\r
-                       return $this->_setOption('category', $catid, $name, $value);\r
-               }\r
-               function setItemOption($itemid, $name, $value) {\r
-                       return $this->_setOption('item', $itemid, $name, $value);\r
-               }\r
-\r
-               /**\r
-                 * Retrieves the current value for an option\r
-                 */\r
-               function getOption($name)\r
-               {\r
-                       // only request the options the very first time. On subsequent requests\r
-                       // the static collection is used to save SQL queries.\r
-                       if ($this->plugin_options == 0)\r
-                       {\r
-                               $this->plugin_options = array();\r
-                               $query = sql_query(\r
-                                        'SELECT d.oname as name, o.ovalue as value '.\r
-                                        'FROM '.\r
-                                        sql_table('plugin_option').' o, '.\r
-                                        sql_table('plugin_option_desc').' d '.\r
-                                        'WHERE d.opid='. intval($this->getID()).' AND d.oid=o.oid'\r
-                               );\r
-                               while ($row = mysql_fetch_object($query))\r
-                                       $this->plugin_options[strtolower($row->name)] = $row->value;\r
-                 }\r
-                 if (isset($this->plugin_options[strtolower($name)]))\r
-                               return $this->plugin_options[strtolower($name)];\r
-                 else\r
-                               return $this->_getOption('global', 0, $name);\r
-               }\r
-\r
-               function getBlogOption($blogid, $name) {\r
-                       return $this->_getOption('blog', $blogid, $name);\r
-               }\r
-               function getMemberOption($memberid, $name) {\r
-                       return $this->_getOption('member', $memberid, $name);\r
-               }\r
-               function getCategoryOption($catid, $name) {\r
-                       return $this->_getOption('category', $catid, $name);\r
-               }\r
-               function getItemOption($itemid, $name) {\r
-                       return $this->_getOption('item', $itemid, $name);\r
-               }\r
-\r
-               /**\r
-                * Retrieves an associative array with the option value for each\r
-                * context id\r
-                */\r
-               function getAllBlogOptions($name) {\r
-                       return $this->_getAllOptions('blog', $name);\r
-               }\r
-               function getAllMemberOptions($name) {\r
-                       return $this->_getAllOptions('member', $name);\r
-               }\r
-               function getAllCategoryOptions($name) {\r
-                       return $this->_getAllOptions('category', $name);\r
-               }\r
-               function getAllItemOptions($name) {\r
-                       return $this->_getAllOptions('item', $name);\r
-               }\r
-\r
-               /**\r
-                * Retrieves an indexed array with the top (or bottom) of an option\r
-                * (delegates to _getOptionTop())\r
-                */\r
-               function getBlogOptionTop($name, $amount = 10, $sort = 'desc') {\r
-                       return $this->_getOptionTop('blog', $name, $amount, $sort);\r
-               }\r
-               function getMemberOptionTop($name, $amount = 10, $sort = 'desc') {\r
-                       return $this->_getOptionTop('member', $name, $amount, $sort);\r
-               }\r
-               function getCategoryOptionTop($name, $amount = 10, $sort = 'desc') {\r
-                       return $this->_getOptionTop('category', $name, $amount, $sort);\r
-               }\r
-               function getItemOptionTop($name, $amount = 10, $sort = 'desc') {\r
-                       return $this->_getOptionTop('item', $name, $amount, $sort);\r
-               }\r
-\r
-               /**\r
-                 * Returns the plugin ID\r
-                 * \r
-                 * public                                \r
-                 */\r
-               function getID() {\r
-                       return $this->plugid;\r
-               }\r
-\r
-               /**\r
-                 * Returns the URL of the admin area for this plugin (in case there's\r
-                 * no such area, the returned information is invalid)\r
-                 * \r
-                 * public                                \r
-                 */\r
-               function getAdminURL() {\r
-                       global $CONF;\r
-                       return $CONF['PluginURL'] . $this->getShortName() . '/';\r
-               }\r
-\r
-               /**\r
-                 * Returns the directory where the admin directory is located and\r
-                 * where the plugin can maintain his extra files\r
-                 * \r
-                 * public                                \r
-                 */\r
-               function getDirectory() {\r
-                       global $DIR_PLUGINS;\r
-                       return $DIR_PLUGINS . $this->getShortName() . '/';\r
-               }\r
-\r
-               /**\r
-                 * Derives the short name for the plugin from the classname (all \r
-                 * lowercase)\r
-                 * \r
-                 * public                                \r
-                 */\r
-               function getShortName() {\r
-                       return str_replace('np_','',strtolower(get_class($this)));\r
-               }\r
-\r
-               /**\r
-                *      Clears the option value cache which saves the option values during\r
-                *      the plugin execution. This function is usefull if the options has \r
-                *      changed during the plugin execution (especially in association with\r
-                *      the PrePluginOptionsUpdate and the PostPluginOptionsUpdate events)\r
-                *      \r
-                *  public                               \r
-                **/                            \r
-               function clearOptionValueCache(){\r
-                       $this->_aOptionValues = array();\r
-                       $this->plugin_options = 0;\r
-               }\r
-\r
-               // internal functions of the class starts here\r
-\r
-               var $_aOptionValues;    // oid_contextid => value\r
-               var $_aOptionToInfo;    // context_name => array('oid' => ..., 'default' => ...)\r
-               var $plugin_options;    // see getOption()\r
-               var $plugid;                    // plugin id\r
-\r
-\r
-               /**\r
-                * Class constructor: Initializes some internal data\r
-                */                                             \r
-               function NucleusPlugin() {\r
-                       $this->_aOptionValues = array();        // oid_contextid => value\r
-                       $this->_aOptionToInfo = array();        // context_name => array('oid' => ..., 'default' => ...)\r
-                       $this->plugin_options = 0;\r
-               }\r
-\r
-               /**\r
-                * Retrieves an array of the top (or bottom) of an option from a plugin.\r
-                * @author TeRanEX\r
-                * @param  string $context the context for the option: item, blog, member,...\r
-                * @param  string $name    the name of the option\r
-                * @param  int    $amount  how many rows must be returned\r
-                * @param  string $sort    desc or asc\r
-                * @return array           array with both values and contextid's\r
-                * @access private\r
-                */\r
-               function _getOptionTop($context, $name, $amount = 10, $sort = 'desc') {\r
-                       if (($sort != 'desc') && ($sort != 'asc')) {\r
-                               $sort= 'desc';\r
-                       }\r
-\r
-                       $oid = $this->_getOID($context, $name);\r
-\r
-                       // retrieve the data and return\r
-                       $q = 'SELECT otype, oextra FROM '.sql_table('plugin_option_desc').' WHERE oid = '.$oid;\r
-                       $query = sql_query($q);\r
-\r
-                       $o = mysql_fetch_array($query);\r
-\r
-                       if (($this->optionCanBeNumeric($o['otype'])) && ($o['oextra'] == 'number' )) {\r
-                               $orderby = 'CAST(ovalue AS SIGNED)';\r
-                       } else {\r
-                               $orderby = 'ovalue';\r
-                       }\r
-                       $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.intval($amount);\r
-                       $query = sql_query($q);\r
-\r
-                       // create the array\r
-                       $i = 0;\r
-                       $top = array();\r
-                       while($row = mysql_fetch_array($query)) {\r
-                               $top[$i++] = $row;\r
-                       }\r
-\r
-                       // return the array (duh!)\r
-                       return $top;\r
-               }\r
-\r
-               /**\r
-                * Creates an option in the database table plugin_option_desc\r
-                *               \r
-                * private\r
-                */                                             \r
-               function _createOption($context, $name, $desc, $type, $defValue, $typeExtras = '') {\r
-                       // create in plugin_option_desc\r
-                       $query = 'INSERT INTO ' . sql_table('plugin_option_desc')\r
-                                  .' (opid, oname, ocontext, odesc, otype, odef, oextra)'\r
-                                  .' VALUES ('.intval($this->plugid)\r
-                                                        .', \''.addslashes($name).'\''\r
-                                                        .', \''.addslashes($context).'\''\r
-                                                        .', \''.addslashes($desc).'\''\r
-                                                        .', \''.addslashes($type).'\''\r
-                                                        .', \''.addslashes($defValue).'\''\r
-                                                        .', \''.addslashes($typeExtras).'\')';\r
-                       sql_query($query);\r
-                       $oid = mysql_insert_id();\r
-\r
-                       $key = $context . '_' . $name;\r
-                       $this->_aOptionToInfo[$key] = array('oid' => $oid, 'default' => $defValue);\r
-                       return 1;\r
-               }\r
-\r
-\r
-               /**\r
-                * Deletes an option from the database tables\r
-                * plugin_option and plugin_option_desc \r
-                *\r
-                * private               \r
-                */                                             \r
-               function _deleteOption($context, $name) {\r
-                       $oid = $this->_getOID($context, $name);\r
-                       if (!$oid) return 0; // no such option\r
-\r
-                       // delete all things from plugin_option\r
-                       sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);\r
-\r
-                       // delete entry from plugin_option_desc\r
-                       sql_query('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . $oid);\r
-\r
-                       // clear from cache\r
-                       unset($this->_aOptionToInfo[$context . '_' . $name]);\r
-                       $this->_aOptionValues = array();\r
-                       return 1;\r
-               }\r
-\r
-               /**\r
-                * Update an option in the database table plugin_option\r
-                *               \r
-                * returns: 1 on success, 0 on failure\r
-                * private\r
-                */\r
-               function _setOption($context, $contextid, $name, $value) {\r
-                       global $manager;\r
-\r
-                       $oid = $this->_getOID($context, $name);\r
-                       if (!$oid) return 0;\r
-\r
-                       // check if context id exists\r
-                       switch ($context) {\r
-                               case 'member':\r
-                                       if (!MEMBER::existsID($contextid)) return 0;\r
-                                       break;\r
-                               case 'blog':\r
-                                       if (!$manager->existsBlogID($contextid)) return 0;\r
-                                       break;\r
-                               case 'category':\r
-                                       if (!$manager->existsCategory($contextid)) return 0;\r
-                                       break;\r
-                               case 'item':\r
-                                       if (!$manager->existsItem($contextid, true, true)) return 0;\r
-                                       break;\r
-                               case 'global':\r
-                                       if ($contextid != 0) return 0;\r
-                                       break;\r
-                       }\r
-\r
-\r
-                       // update plugin_option\r
-                       sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid) . ' and ocontextid='. intval($contextid));\r
-                       sql_query('INSERT INTO ' . sql_table('plugin_option') . ' (ovalue, oid, ocontextid) VALUES (\''.addslashes($value).'\', '. intval($oid) . ', ' . intval($contextid) . ')');\r
-\r
-                       // update cache\r
-                       $this->_aOptionValues[$oid . '_' . $contextid] = $value;\r
-\r
-                       return 1;\r
-               }\r
-\r
-               /**\r
-                * Get an option from Cache or database\r
-                *       - if not in the option Cache read it from the database\r
-                *   - if not in the database write default values into the database\r
-                *                \r
-                * private               \r
-                */                                             \r
-               function _getOption($context, $contextid, $name) {\r
-                       $oid = $this->_getOID($context, $name);\r
-                       if (!$oid) return '';\r
-\r
-\r
-                       $key = $oid . '_' . $contextid;\r
-\r
-                       if (isset($this->_aOptionValues[$key]))\r
-                               return $this->_aOptionValues[$key];\r
-\r
-                       // get from DB\r
-                       $res = sql_query('SELECT ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid).' and ocontextid=' . intval($contextid));\r
-\r
-                       if (!$res || (mysql_num_rows($res) == 0)) {\r
-                               $defVal = $this->_getDefVal($context, $name);\r
-                               $this->_aOptionValues[$key] = $defVal;\r
-\r
-                               // fill DB with default value\r
-                               $query = 'INSERT INTO ' . sql_table('plugin_option') . ' (oid,ocontextid,ovalue)'\r
-                                          .' VALUES ('.intval($oid).', '.intval($contextid).', \''.addslashes($defVal).'\')';\r
-                               sql_query($query);\r
-                       }\r
-                       else {\r
-                               $o = mysql_fetch_object($res);\r
-                               $this->_aOptionValues[$key] = $o->ovalue;\r
-                       }\r
-\r
-                       return $this->_aOptionValues[$key];\r
-               }\r
-\r
-               /**\r
-                * Returns assoc array with all values for a given option \r
-                * (one option per possible context id)\r
-                * \r
-                * private                               \r
-                */\r
-               function _getAllOptions($context, $name) {\r
-                       $oid = $this->_getOID($context, $name);\r
-                       if (!$oid) return array();\r
-                       $defVal = $this->_getDefVal($context, $name);\r
-\r
-                       $aOptions = array();\r
-                       switch ($context) {\r
-                               case 'blog':\r
-                                       $r = sql_query('SELECT bnumber as contextid FROM ' . sql_table('blog'));\r
-                                       break;\r
-                               case 'category':\r
-                                       $r = sql_query('SELECT catid as contextid FROM ' . sql_table('category'));\r
-                                       break;\r
-                               case 'member':\r
-                                       $r = sql_query('SELECT mnumber as contextid FROM ' . sql_table('member'));\r
-                                       break;\r
-                               case 'item':\r
-                                       $r = sql_query('SELECT inumber as contextid FROM ' . sql_table('item'));\r
-                                       break;\r
-                       }\r
-                       if ($r) {\r
-                               while ($o = mysql_fetch_object($r))\r
-                                       $aOptions[$o->contextid] = $defVal;\r
-                       }\r
-\r
-                       $res = sql_query('SELECT ocontextid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);\r
-                       while ($o = mysql_fetch_object($res))\r
-                               $aOptions[$o->ocontextid] = $o->ovalue;\r
-\r
-                       return $aOptions;\r
-               }\r
-\r
-               /**\r
-                * Gets the 'option identifier' that corresponds to a given option name.\r
-                * When this method is called for the first time, all the OIDs for the plugin\r
-                * are loaded into memory, to avoid re-doing the same query all over.\r
-                */\r
-               function _getOID($context, $name) {\r
-                       $key = $context . '_' . $name;\r
-                       $info = @$this->_aOptionToInfo[$key];\r
-                       if (is_array($info)) return $info['oid'];\r
-\r
-                       // load all OIDs for this plugin from the database\r
-                       $this->_aOptionToInfo = array();\r
-                       $query = 'SELECT oid, oname, ocontext, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . intval($this->plugid);\r
-                       $res = sql_query($query);\r
-                       while ($o = mysql_fetch_object($res)) {\r
-                               $k = $o->ocontext . '_' . $o->oname;\r
-                               $this->_aOptionToInfo[$k] = array('oid' => $o->oid, 'default' => $o->odef);\r
-                       }\r
-                       mysql_free_result($res);\r
-\r
-                       return @$this->_aOptionToInfo[$key]['oid'];\r
-               }\r
-               function _getDefVal($context, $name) {\r
-                       $key = $context . '_' . $name;\r
-                       $info = $this->_aOptionToInfo[$key];\r
-                       if (is_array($info)) return $info['default'];\r
-               }\r
-\r
-\r
-               /**\r
-                * Deletes all option values for a given context and contextid\r
-                * (used when e.g. a blog, member or category is deleted)\r
-                *\r
-                * (static method)\r
-                */\r
-               function _deleteOptionValues($context, $contextid) {\r
-                       // delete all associated plugin options\r
-                       $aOIDs = array();\r
-                               // find ids\r
-                       $query = 'SELECT oid FROM '.sql_table('plugin_option_desc') . ' WHERE ocontext=\''.addslashes($context).'\'';\r
-                       $res = sql_query($query);\r
-                       while ($o = mysql_fetch_object($res))\r
-                               array_push($aOIDs, $o->oid);\r
-                       mysql_free_result($res);\r
-                               // delete those options. go go go\r
-                       if (count($aOIDs) > 0) {\r
-                               $query = 'DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).') and ocontextid=' . intval($contextid);\r
-                               sql_query($query);\r
-                       }\r
-               }\r
-\r
-               /**\r
-                * splits the option's typeextra field (at ;'s) to split the meta collection\r
-                * @param string $typeExtra the value of the typeExtra field of an option\r
-                * @return array array of the meta-key/value-pairs\r
-                * @author TeRanEX\r
-                * @static\r
-                */\r
-               function getOptionMeta($typeExtra) {\r
-                       $tmpMeta = explode(';', $typeExtra);\r
-                       $meta = array();\r
-                       for ($i = 0; $i < count($tmpMeta); $i++) {\r
-                               if (($i == 0) && (!strstr($tmpMeta[0], '='))) {\r
-                                       // we have the select-list\r
-                                       $meta['select'] = $tmpMeta[0];\r
-                               } else {\r
-                                       $tmp = explode('=', $tmpMeta[$i]);\r
-                                       $meta[$tmp[0]] = $tmp[1];\r
-                               }\r
-                       }\r
-                       return $meta;\r
-               }\r
-\r
-               /**\r
-                * filters the selectlists out of the meta collection\r
-                * @param string $typeExtra the value of the typeExtra field of an option\r
-                * @return string the selectlist\r
-                * @author TeRanEX\r
-                */\r
-               function getOptionSelectValues($typeExtra) {\r
-                       $meta = NucleusPlugin::getOptionMeta($typeExtra);\r
-                       //the select list must always be the first part\r
-                       return $meta['select'];\r
-               }\r
-\r
-               /**\r
-                * checks if the eventlist in the database is up-to-date\r
-                * @return bool if it is up-to-date it return true, else false\r
-                * @author TeRanEX\r
-                */\r
-               function subscribtionListIsUptodate() {\r
-                       $res = sql_query('SELECT event FROM '.sql_table('plugin_event').' WHERE pid = '.$this->getID());\r
-                       $ev = array();\r
-                       while($a = mysql_fetch_array($res)) {\r
-                               array_push($ev, $a['event']);\r
-                       }\r
-                       if (count($ev) != count($this->getEventList())) {\r
-                               return false;\r
-                       }\r
-                       $d = array_diff($ev, $this->getEventList());\r
-                       if (count($d) > 0) {\r
-                               // there are differences so the db is not up-to-date\r
-                               return false;\r
-                       }\r
-                       return true;\r
-               }\r
-\r
-               /**\r
-                * @param $aOptions: array ( 'oid' => array( 'contextid' => 'value'))\r
-                *        (taken from request using requestVar())\r
-                * @param $newContextid: integer (accepts a contextid when it is for a new\r
-                *        contextid there was no id available at the moment of writing the\r
-                *        formcontrols into the page (by ex: itemOptions for new item)\r
-                * @static\r
-                */\r
-               function _applyPluginOptions(&$aOptions, $newContextid = 0) {\r
-                       global $manager;\r
-                       if (!is_array($aOptions)) return;\r
-\r
-                       foreach ($aOptions as $oid => $values) {\r
-\r
-                               // get option type info\r
-                               $query = 'SELECT opid, oname, ocontext, otype, oextra, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . intval($oid);\r
-                               $res = sql_query($query);\r
-                               if ($o = mysql_fetch_object($res))\r
-                               {\r
-                                       foreach ($values as $key => $value) {\r
-                                               // avoid overriding the key used by foreach statement\r
-                                               $contextid=$key;\r
-\r
-                                               // retreive any metadata\r
-                                               $meta = NucleusPlugin::getOptionMeta($o->oextra);\r
-\r
-                                               // if the option is readonly or hidden it may not be saved\r
-                                               if ((@$meta['access'] != 'readonly') && (@$meta['access'] != 'hidden')) {\r
-\r
-                                                       $value = undoMagic($value);     // value comes from request\r
-\r
-                                                       switch($o->otype) {\r
-                                                               case 'yesno':\r
-                                                                       if (($value != 'yes') && ($value != 'no')) $value = 'no';\r
-                                                                       break;\r
-                                                               default:\r
-                                                                       break;\r
-                                                       }\r
-\r
-                                                       // check the validity of numerical options\r
-                                                       if ((@$meta['datatype'] == 'numerical') && (!is_numeric($value))) {\r
-                                                               //the option must be numeric, but the it isn't\r
-                                                               //use the default for this option\r
-                                                               $value = $o->odef;\r
-                                                       }\r
-\r
-                                                       // decide wether we are using the contextid of newContextid\r
-                                                       if ($newContextid != 0) {\r
-                                                               $contextid = $newContextid;\r
-                                                       }\r
-\r
-                                                       //trigger event PrePluginOptionsUpdate to give the plugin the\r
-                                                       //possibility to change/validate the new value for the option\r
-                                                       $manager->notify('PrePluginOptionsUpdate',array('context' => $o->ocontext, 'plugid' => $o->opid, 'optionname' => $o->oname, 'contextid' => $contextid, 'value' => &$value));\r
-\r
-                                                       // delete the old value for the option\r
-                                                       sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid='.intval($oid).' AND ocontextid='.intval($contextid));\r
-                                                       sql_query('INSERT INTO '.sql_table('plugin_option')." (oid, ocontextid, ovalue) VALUES (".intval($oid).",".intval($contextid).",'" . addslashes($value) . "')");\r
-                                               }\r
-                                       }\r
-                               }\r
-                               // clear option value cache if the plugin object is already loaded\r
-                               if (is_object($o)) {\r
-                                       $plugin=& $manager->pidLoaded($o->opid);\r
-                                       if ($plugin) $plugin->clearOptionValueCache();\r
-                               }\r
-                       }\r
-               }\r
-       }\r
+       class NucleusPlugin {
+
+               // these functions _have_ to be redefined in your plugin
+
+               function getName() { return 'Undefined'; }
+               function getAuthor()  { return 'Undefined'; }
+               function getURL()  { return 'Undefined'; }
+               function getVersion() { return '0.0'; }
+               function getDescription() { return 'Undefined';}
+
+               // these function _may_ be redefined in your plugin
+
+               function getMinNucleusVersion() { return 150; }
+               function getMinNucleusPatchLevel() { return 0; }
+               function getEventList() { return array(); }
+               function getTableList() { return array(); }
+               function hasAdminArea() { return 0; }
+
+               function install() {}
+               function unInstall() {}
+
+               function init() {}
+
+               function doSkinVar($skinType) {}
+               function doTemplateVar(&$item) {
+                       $args = func_get_args();
+                       array_shift($args);
+                       array_unshift($args, 'template');
+                       call_user_func_array(array(&$this,'doSkinVar'),$args);
+               }
+               function doTemplateCommentsVar(&$item, &$comment) {
+                       $args = func_get_args();
+                       array_shift($args);
+                       array_shift($args);
+                       array_unshift($args, 'template');
+                       call_user_func_array(array(&$this,'doSkinVar'),$args);
+               }
+               function doAction($type) { return _ERROR_PLUGIN_NOSUCHACTION; }
+               function doIf($key,$value) { return false; }
+               function doItemVar () {}
+
+               /**
+                * Checks if a plugin supports a certain feature.
+                *
+                * @returns 1 if the feature is reported, 0 if not
+                * @param $feature
+                *              Name of the feature. See plugin documentation for more info
+                *                      'SqlTablePrefix' -> if the plugin uses the sql_table() method to get table names
+                *                      'HelpPage' -> if the plugin provides a helppage
+                */
+               function supportsFeature($feature) {
+                       return 0;
+               }
+
+               /**
+                * Report a list of plugin that is required to function
+                *
+                * @returns an array of names of plugin, an empty array indicates no dependency
+                */
+               function getPluginDep() { return array(); }
+
+               // these helper functions should not be redefined in your plugin
+
+               /**
+                 * Creates a new option for this plugin
+                 *
+                 * @param name
+                 *             A string uniquely identifying your option. (max. length is 20 characters)
+                 * @param description
+                 *             A description that will show up in the nucleus admin area (max. length: 255 characters)
+                 * @param type
+                 *             Either 'text', 'yesno' or 'password'
+                 *             This info is used when showing 'edit plugin options' screens
+                 * @param value
+                 *             Initial value for the option (max. value length is 128 characters)
+                 */
+               function createOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+                       return $this->_createOption('global', $name, $desc, $type, $defValue, $typeExtras);
+               }
+               function createBlogOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+                       return $this->_createOption('blog', $name, $desc, $type, $defValue, $typeExtras);
+               }
+               function createMemberOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+                       return $this->_createOption('member', $name, $desc, $type, $defValue, $typeExtras);
+               }
+               function createCategoryOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+                       return $this->_createOption('category', $name, $desc, $type, $defValue, $typeExtras);
+               }
+               function createItemOption($name, $desc, $type, $defValue = '', $typeExtras = '') {
+                       return $this->_createOption('item', $name, $desc, $type, $defValue, $typeExtras);
+               }
+
+               /**
+                 * Removes the option from the database
+                 *
+                 * Note: Options get erased automatically on plugin uninstall
+                 */
+               function deleteOption($name) {
+                       return $this->_deleteOption('global', $name);
+               }
+               function deleteBlogOption($name) {
+                       return $this->_deleteOption('blog', $name);
+               }
+               function deleteMemberOption($name) {
+                       return $this->_deleteOption('member', $name);
+               }
+               function deleteCategoryOption($name) {
+                       return $this->_deleteOption('category', $name);
+               }
+               function deleteItemOption($name) {
+                       return $this->_deleteOption('item', $name);
+               }
+
+               /**
+                 * Sets the value of an option to something new
+                 */
+               function setOption($name, $value) {
+                       return $this->_setOption('global', 0, $name, $value);
+               }
+               function setBlogOption($blogid, $name, $value) {
+                       return $this->_setOption('blog', $blogid, $name, $value);
+               }
+               function setMemberOption($memberid, $name, $value) {
+                       return $this->_setOption('member', $memberid, $name, $value);
+               }
+               function setCategoryOption($catid, $name, $value) {
+                       return $this->_setOption('category', $catid, $name, $value);
+               }
+               function setItemOption($itemid, $name, $value) {
+                       return $this->_setOption('item', $itemid, $name, $value);
+               }
+
+               /**
+                 * Retrieves the current value for an option
+                 */
+               function getOption($name)
+               {
+                       // only request the options the very first time. On subsequent requests
+                       // the static collection is used to save SQL queries.
+                       if ($this->plugin_options == 0)
+                       {
+                               $this->plugin_options = array();
+                               $query = sql_query(
+                                        'SELECT d.oname as name, o.ovalue as value '.
+                                        'FROM '.
+                                        sql_table('plugin_option').' o, '.
+                                        sql_table('plugin_option_desc').' d '.
+                                        'WHERE d.opid='. intval($this->getID()).' AND d.oid=o.oid'
+                               );
+                               while ($row = sql_fetch_object($query))
+                                       $this->plugin_options[strtolower($row->name)] = $row->value;
+                 }
+                 if (isset($this->plugin_options[strtolower($name)]))
+                               return $this->plugin_options[strtolower($name)];
+                 else
+                               return $this->_getOption('global', 0, $name);
+               }
+
+               function getBlogOption($blogid, $name) {
+                       return $this->_getOption('blog', $blogid, $name);
+               }
+               function getMemberOption($memberid, $name) {
+                       return $this->_getOption('member', $memberid, $name);
+               }
+               function getCategoryOption($catid, $name) {
+                       return $this->_getOption('category', $catid, $name);
+               }
+               function getItemOption($itemid, $name) {
+                       return $this->_getOption('item', $itemid, $name);
+               }
+
+               /**
+                * Retrieves an associative array with the option value for each
+                * context id
+                */
+               function getAllBlogOptions($name) {
+                       return $this->_getAllOptions('blog', $name);
+               }
+               function getAllMemberOptions($name) {
+                       return $this->_getAllOptions('member', $name);
+               }
+               function getAllCategoryOptions($name) {
+                       return $this->_getAllOptions('category', $name);
+               }
+               function getAllItemOptions($name) {
+                       return $this->_getAllOptions('item', $name);
+               }
+
+               /**
+                * Retrieves an indexed array with the top (or bottom) of an option
+                * (delegates to _getOptionTop())
+                */
+               function getBlogOptionTop($name, $amount = 10, $sort = 'desc') {
+                       return $this->_getOptionTop('blog', $name, $amount, $sort);
+               }
+               function getMemberOptionTop($name, $amount = 10, $sort = 'desc') {
+                       return $this->_getOptionTop('member', $name, $amount, $sort);
+               }
+               function getCategoryOptionTop($name, $amount = 10, $sort = 'desc') {
+                       return $this->_getOptionTop('category', $name, $amount, $sort);
+               }
+               function getItemOptionTop($name, $amount = 10, $sort = 'desc') {
+                       return $this->_getOptionTop('item', $name, $amount, $sort);
+               }
+
+               /**
+                 * Returns the plugin ID
+                 * 
+                 * public                                
+                 */
+               function getID() {
+                       return $this->plugid;
+               }
+
+               /**
+                 * Returns the URL of the admin area for this plugin (in case there's
+                 * no such area, the returned information is invalid)
+                 * 
+                 * public                                
+                 */
+               function getAdminURL() {
+                       global $CONF;
+                       return $CONF['PluginURL'] . $this->getShortName() . '/';
+               }
+
+               /**
+                 * Returns the directory where the admin directory is located and
+                 * where the plugin can maintain his extra files
+                 * 
+                 * public                                
+                 */
+               function getDirectory() {
+                       global $DIR_PLUGINS;
+                       return $DIR_PLUGINS . $this->getShortName() . '/';
+               }
+
+               /**
+                 * Derives the short name for the plugin from the classname (all 
+                 * lowercase)
+                 * 
+                 * public                                
+                 */
+               function getShortName() {
+                       return str_replace('np_','',strtolower(get_class($this)));
+               }
+
+               /**
+                *      Clears the option value cache which saves the option values during
+                *      the plugin execution. This function is usefull if the options has 
+                *      changed during the plugin execution (especially in association with
+                *      the PrePluginOptionsUpdate and the PostPluginOptionsUpdate events)
+                *      
+                *  public                               
+                **/                            
+               function clearOptionValueCache(){
+                       $this->_aOptionValues = array();
+                       $this->plugin_options = 0;
+               }
+
+               // internal functions of the class starts here
+
+               var $_aOptionValues;    // oid_contextid => value
+               var $_aOptionToInfo;    // context_name => array('oid' => ..., 'default' => ...)
+               var $plugin_options;    // see getOption()
+               var $plugid;                    // plugin id
+
+
+               /**
+                * Class constructor: Initializes some internal data
+                */                                             
+               function NucleusPlugin() {
+                       $this->_aOptionValues = array();        // oid_contextid => value
+                       $this->_aOptionToInfo = array();        // context_name => array('oid' => ..., 'default' => ...)
+                       $this->plugin_options = 0;
+               }
+
+               /**
+                * Retrieves an array of the top (or bottom) of an option from a plugin.
+                * @author TeRanEX
+                * @param  string $context the context for the option: item, blog, member,...
+                * @param  string $name    the name of the option
+                * @param  int    $amount  how many rows must be returned
+                * @param  string $sort    desc or asc
+                * @return array           array with both values and contextid's
+                * @access private
+                */
+               function _getOptionTop($context, $name, $amount = 10, $sort = 'desc') {
+                       if (($sort != 'desc') && ($sort != 'asc')) {
+                               $sort= 'desc';
+                       }
+
+                       $oid = $this->_getOID($context, $name);
+
+                       // retrieve the data and return
+                       $q = 'SELECT otype, oextra FROM '.sql_table('plugin_option_desc').' WHERE oid = '.$oid;
+                       $query = sql_query($q);
+
+                       $o = sql_fetch_array($query);
+
+                       if (($this->optionCanBeNumeric($o['otype'])) && ($o['oextra'] == 'number' )) {
+                               $orderby = 'CAST(ovalue AS SIGNED)';
+                       } else {
+                               $orderby = 'ovalue';
+                       }
+                       $q = 'SELECT ovalue value, ocontextid id FROM '.sql_table('plugin_option').' WHERE oid = '.$oid.' ORDER BY '.$orderby.' '.$sort.' LIMIT 0,'.intval($amount);
+                       $query = sql_query($q);
+
+                       // create the array
+                       $i = 0;
+                       $top = array();
+                       while($row = sql_fetch_array($query)) {
+                               $top[$i++] = $row;
+                       }
+
+                       // return the array (duh!)
+                       return $top;
+               }
+
+               /**
+                * Creates an option in the database table plugin_option_desc
+                *               
+                * private
+                */                                             
+               function _createOption($context, $name, $desc, $type, $defValue, $typeExtras = '') {
+                       // create in plugin_option_desc
+                       $query = 'INSERT INTO ' . sql_table('plugin_option_desc')
+                                  .' (opid, oname, ocontext, odesc, otype, odef, oextra)'
+                                  .' VALUES ('.intval($this->plugid)
+                                                        .', \''.addslashes($name).'\''
+                                                        .', \''.addslashes($context).'\''
+                                                        .', \''.addslashes($desc).'\''
+                                                        .', \''.addslashes($type).'\''
+                                                        .', \''.addslashes($defValue).'\''
+                                                        .', \''.addslashes($typeExtras).'\')';
+                       sql_query($query);
+                       $oid = sql_insert_id();
+
+                       $key = $context . '_' . $name;
+                       $this->_aOptionToInfo[$key] = array('oid' => $oid, 'default' => $defValue);
+                       return 1;
+               }
+
+
+               /**
+                * Deletes an option from the database tables
+                * plugin_option and plugin_option_desc 
+                *
+                * private               
+                */                                             
+               function _deleteOption($context, $name) {
+                       $oid = $this->_getOID($context, $name);
+                       if (!$oid) return 0; // no such option
+
+                       // delete all things from plugin_option
+                       sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);
+
+                       // delete entry from plugin_option_desc
+                       sql_query('DELETE FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . $oid);
+
+                       // clear from cache
+                       unset($this->_aOptionToInfo[$context . '_' . $name]);
+                       $this->_aOptionValues = array();
+                       return 1;
+               }
+
+               /**
+                * Update an option in the database table plugin_option
+                *               
+                * returns: 1 on success, 0 on failure
+                * private
+                */
+               function _setOption($context, $contextid, $name, $value) {
+                       global $manager;
+
+                       $oid = $this->_getOID($context, $name);
+                       if (!$oid) return 0;
+
+                       // check if context id exists
+                       switch ($context) {
+                               case 'member':
+                                       if (!MEMBER::existsID($contextid)) return 0;
+                                       break;
+                               case 'blog':
+                                       if (!$manager->existsBlogID($contextid)) return 0;
+                                       break;
+                               case 'category':
+                                       if (!$manager->existsCategory($contextid)) return 0;
+                                       break;
+                               case 'item':
+                                       if (!$manager->existsItem($contextid, true, true)) return 0;
+                                       break;
+                               case 'global':
+                                       if ($contextid != 0) return 0;
+                                       break;
+                       }
+
+
+                       // update plugin_option
+                       sql_query('DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid) . ' and ocontextid='. intval($contextid));
+                       sql_query('INSERT INTO ' . sql_table('plugin_option') . ' (ovalue, oid, ocontextid) VALUES (\''.addslashes($value).'\', '. intval($oid) . ', ' . intval($contextid) . ')');
+
+                       // update cache
+                       $this->_aOptionValues[$oid . '_' . $contextid] = $value;
+
+                       return 1;
+               }
+
+               /**
+                * Get an option from Cache or database
+                *       - if not in the option Cache read it from the database
+                *   - if not in the database write default values into the database
+                *                
+                * private               
+                */                                             
+               function _getOption($context, $contextid, $name) {
+                       $oid = $this->_getOID($context, $name);
+                       if (!$oid) return '';
+
+
+                       $key = $oid . '_' . $contextid;
+
+                       if (isset($this->_aOptionValues[$key]))
+                               return $this->_aOptionValues[$key];
+
+                       // get from DB
+                       $res = sql_query('SELECT ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid='.intval($oid).' and ocontextid=' . intval($contextid));
+
+                       if (!$res || (sql_num_rows($res) == 0)) {
+                               $defVal = $this->_getDefVal($context, $name);
+                               $this->_aOptionValues[$key] = $defVal;
+
+                               // fill DB with default value
+                               $query = 'INSERT INTO ' . sql_table('plugin_option') . ' (oid,ocontextid,ovalue)'
+                                          .' VALUES ('.intval($oid).', '.intval($contextid).', \''.addslashes($defVal).'\')';
+                               sql_query($query);
+                       }
+                       else {
+                               $o = sql_fetch_object($res);
+                               $this->_aOptionValues[$key] = $o->ovalue;
+                       }
+
+                       return $this->_aOptionValues[$key];
+               }
+
+               /**
+                * Returns assoc array with all values for a given option 
+                * (one option per possible context id)
+                * 
+                * private                               
+                */
+               function _getAllOptions($context, $name) {
+                       $oid = $this->_getOID($context, $name);
+                       if (!$oid) return array();
+                       $defVal = $this->_getDefVal($context, $name);
+
+                       $aOptions = array();
+                       switch ($context) {
+                               case 'blog':
+                                       $r = sql_query('SELECT bnumber as contextid FROM ' . sql_table('blog'));
+                                       break;
+                               case 'category':
+                                       $r = sql_query('SELECT catid as contextid FROM ' . sql_table('category'));
+                                       break;
+                               case 'member':
+                                       $r = sql_query('SELECT mnumber as contextid FROM ' . sql_table('member'));
+                                       break;
+                               case 'item':
+                                       $r = sql_query('SELECT inumber as contextid FROM ' . sql_table('item'));
+                                       break;
+                       }
+                       if ($r) {
+                               while ($o = sql_fetch_object($r))
+                                       $aOptions[$o->contextid] = $defVal;
+                       }
+
+                       $res = sql_query('SELECT ocontextid, ovalue FROM ' . sql_table('plugin_option') . ' WHERE oid=' . $oid);
+                       while ($o = sql_fetch_object($res))
+                               $aOptions[$o->ocontextid] = $o->ovalue;
+
+                       return $aOptions;
+               }
+
+               /**
+                * Gets the 'option identifier' that corresponds to a given option name.
+                * When this method is called for the first time, all the OIDs for the plugin
+                * are loaded into memory, to avoid re-doing the same query all over.
+                */
+               function _getOID($context, $name) {
+                       $key = $context . '_' . $name;
+                       $info = @$this->_aOptionToInfo[$key];
+                       if (is_array($info)) return $info['oid'];
+
+                       // load all OIDs for this plugin from the database
+                       $this->_aOptionToInfo = array();
+                       $query = 'SELECT oid, oname, ocontext, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE opid=' . intval($this->plugid);
+                       $res = sql_query($query);
+                       while ($o = sql_fetch_object($res)) {
+                               $k = $o->ocontext . '_' . $o->oname;
+                               $this->_aOptionToInfo[$k] = array('oid' => $o->oid, 'default' => $o->odef);
+                       }
+                       sql_free_result($res);
+
+                       return @$this->_aOptionToInfo[$key]['oid'];
+               }
+               function _getDefVal($context, $name) {
+                       $key = $context . '_' . $name;
+                       $info = $this->_aOptionToInfo[$key];
+                       if (is_array($info)) return $info['default'];
+               }
+
+
+               /**
+                * Deletes all option values for a given context and contextid
+                * (used when e.g. a blog, member or category is deleted)
+                *
+                * (static method)
+                */
+               function _deleteOptionValues($context, $contextid) {
+                       // delete all associated plugin options
+                       $aOIDs = array();
+                               // find ids
+                       $query = 'SELECT oid FROM '.sql_table('plugin_option_desc') . ' WHERE ocontext=\''.addslashes($context).'\'';
+                       $res = sql_query($query);
+                       while ($o = sql_fetch_object($res))
+                               array_push($aOIDs, $o->oid);
+                       sql_free_result($res);
+                               // delete those options. go go go
+                       if (count($aOIDs) > 0) {
+                               $query = 'DELETE FROM ' . sql_table('plugin_option') . ' WHERE oid in ('.implode(',',$aOIDs).') and ocontextid=' . intval($contextid);
+                               sql_query($query);
+                       }
+               }
+
+               /**
+                * splits the option's typeextra field (at ;'s) to split the meta collection
+                * @param string $typeExtra the value of the typeExtra field of an option
+                * @return array array of the meta-key/value-pairs
+                * @author TeRanEX
+                * @static
+                */
+               function getOptionMeta($typeExtra) {
+                       $tmpMeta = explode(';', $typeExtra);
+                       $meta = array();
+                       for ($i = 0; $i < count($tmpMeta); $i++) {
+                               if (($i == 0) && (!strstr($tmpMeta[0], '='))) {
+                                       // we have the select-list
+                                       $meta['select'] = $tmpMeta[0];
+                               } else {
+                                       $tmp = explode('=', $tmpMeta[$i]);
+                                       $meta[$tmp[0]] = $tmp[1];
+                               }
+                       }
+                       return $meta;
+               }
+
+               /**
+                * filters the selectlists out of the meta collection
+                * @param string $typeExtra the value of the typeExtra field of an option
+                * @return string the selectlist
+                * @author TeRanEX
+                */
+               function getOptionSelectValues($typeExtra) {
+                       $meta = NucleusPlugin::getOptionMeta($typeExtra);
+                       //the select list must always be the first part
+                       return $meta['select'];
+               }
+
+               /**
+                * checks if the eventlist in the database is up-to-date
+                * @return bool if it is up-to-date it return true, else false
+                * @author TeRanEX
+                */
+               function subscribtionListIsUptodate() {
+                       $res = sql_query('SELECT event FROM '.sql_table('plugin_event').' WHERE pid = '.$this->getID());
+                       $ev = array();
+                       while($a = sql_fetch_array($res)) {
+                               array_push($ev, $a['event']);
+                       }
+                       if (count($ev) != count($this->getEventList())) {
+                               return false;
+                       }
+                       $d = array_diff($ev, $this->getEventList());
+                       if (count($d) > 0) {
+                               // there are differences so the db is not up-to-date
+                               return false;
+                       }
+                       return true;
+               }
+
+               /**
+                * @param $aOptions: array ( 'oid' => array( 'contextid' => 'value'))
+                *        (taken from request using requestVar())
+                * @param $newContextid: integer (accepts a contextid when it is for a new
+                *        contextid there was no id available at the moment of writing the
+                *        formcontrols into the page (by ex: itemOptions for new item)
+                * @static
+                */
+               function _applyPluginOptions(&$aOptions, $newContextid = 0) {
+                       global $manager;
+                       if (!is_array($aOptions)) return;
+
+                       foreach ($aOptions as $oid => $values) {
+
+                               // get option type info
+                               $query = 'SELECT opid, oname, ocontext, otype, oextra, odef FROM ' . sql_table('plugin_option_desc') . ' WHERE oid=' . intval($oid);
+                               $res = sql_query($query);
+                               if ($o = sql_fetch_object($res))
+                               {
+                                       foreach ($values as $key => $value) {
+                                               // avoid overriding the key used by foreach statement
+                                               $contextid=$key;
+
+                                               // retreive any metadata
+                                               $meta = NucleusPlugin::getOptionMeta($o->oextra);
+
+                                               // if the option is readonly or hidden it may not be saved
+                                               if ((@$meta['access'] != 'readonly') && (@$meta['access'] != 'hidden')) {
+
+                                                       $value = undoMagic($value);     // value comes from request
+
+                                                       switch($o->otype) {
+                                                               case 'yesno':
+                                                                       if (($value != 'yes') && ($value != 'no')) $value = 'no';
+                                                                       break;
+                                                               default:
+                                                                       break;
+                                                       }
+
+                                                       // check the validity of numerical options
+                                                       if ((@$meta['datatype'] == 'numerical') && (!is_numeric($value))) {
+                                                               //the option must be numeric, but the it isn't
+                                                               //use the default for this option
+                                                               $value = $o->odef;
+                                                       }
+
+                                                       // decide wether we are using the contextid of newContextid
+                                                       if ($newContextid != 0) {
+                                                               $contextid = $newContextid;
+                                                       }
+
+                                                       //trigger event PrePluginOptionsUpdate to give the plugin the
+                                                       //possibility to change/validate the new value for the option
+                                                       $manager->notify('PrePluginOptionsUpdate',array('context' => $o->ocontext, 'plugid' => $o->opid, 'optionname' => $o->oname, 'contextid' => $contextid, 'value' => &$value));
+
+                                                       // delete the old value for the option
+                                                       sql_query('DELETE FROM '.sql_table('plugin_option').' WHERE oid='.intval($oid).' AND ocontextid='.intval($contextid));
+                                                       sql_query('INSERT INTO '.sql_table('plugin_option')." (oid, ocontextid, ovalue) VALUES (".intval($oid).",".intval($contextid).",'" . addslashes($value) . "')");
+                                               }
+                                       }
+                               }
+                               // clear option value cache if the plugin object is already loaded
+                               if (is_object($o)) {
+                                       $plugin=& $manager->pidLoaded($o->opid);
+                                       if ($plugin) $plugin->clearOptionValueCache();
+                               }
+                       }
+               }
+       }
 ?>
\ No newline at end of file
index 67e66f6..b04c625 100755 (executable)
@@ -61,7 +61,7 @@ class SEARCH {
 
                // get all public searchable blogs, no matter what, include the current blog allways.
                $res = sql_query('SELECT bnumber FROM '.sql_table('blog').' WHERE bincludesearch=1 ');
-               while ($obj = mysql_fetch_object($res)) 
+               while ($obj = sql_fetch_object($res)) 
                        $this->blogs[] = intval($obj->bnumber);
                }
 
index a997852..fc1d2ae 100755 (executable)
@@ -39,8 +39,8 @@ class SKIN {
 
                // read skin name/description/content type
                $res = sql_query('SELECT * FROM '.sql_table('skin_desc').' WHERE sdnumber=' . $this->id);
-               $obj = mysql_fetch_object($res);
-               $this->isValid = (mysql_num_rows($res) > 0);
+               $obj = sql_fetch_object($res);
+               $this->isValid = (sql_num_rows($res) > 0);
                if (!$this->isValid)
                        return;
 
@@ -100,7 +100,7 @@ class SKIN {
                           . ' FROM '.sql_table('skin_desc')
                           . ' WHERE sdname="'.addslashes($name).'"';
                $res = sql_query($query);
-               $obj = mysql_fetch_object($res);
+               $obj = sql_fetch_object($res);
                return $obj->sdnumber;
        }
 
@@ -134,7 +134,7 @@ class SKIN {
                );
 
                sql_query('INSERT INTO '.sql_table('skin_desc')." (sdname, sddesc, sdtype, sdincmode, sdincpref) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "','".addslashes($type)."','".addslashes($includeMode)."','".addslashes($includePrefix)."')");
-               $newid = mysql_insert_id();
+               $newid = sql_insert_id();
 
                $manager->notify(
                        'PostAddSkin',
@@ -198,10 +198,10 @@ class SKIN {
                $query = 'SELECT scontent FROM '.sql_table('skin')." WHERE sdesc=$this->id and stype='". addslashes($type) ."'";
                $res = sql_query($query);
 
-               if (mysql_num_rows($res) == 0)
+               if (sql_num_rows($res) == 0)
                        return '';
                else
-                       return mysql_result($res, 0, 0);
+                       return sql_result($res, 0, 0);
        }
 
        /**
@@ -257,7 +257,7 @@ class SKIN {
 
                $query = "SELECT stype FROM " . sql_table('skin') . " WHERE stype NOT IN ('index', 'item', 'error', 'search', 'archive', 'archivelist', 'imagepopup', 'member')";
                $res = sql_query($query);
-               while ($row = mysql_fetch_array($res)) {
+               while ($row = sql_fetch_array($res)) {
                        $skintypes[strtolower($row['stype'])] = ucfirst($row['stype']);
                }
 
index 7f972d8..e012f11 100755 (executable)
  * @version $Id$
  * @version $NucleusJP: TEMPLATE.php,v 1.6 2006/07/20 08:01:52 kimitake Exp $
  */
-class TEMPLATE {\r
-\r
-       var $id;\r
-\r
-       function TEMPLATE($templateid) {\r
-               $this->id = intval($templateid);\r
-       }\r
-\r
-       function getID() {\r
-               return intval($this->id);\r
-       }\r
-\r
-       // (static)\r
-       function createFromName($name) {\r
-               return new TEMPLATE(TEMPLATE::getIdFromName($name));\r
-       }\r
-\r
-       // (static)\r
-       function getIdFromName($name) {\r
-               $query =  'SELECT tdnumber'\r
-                          . ' FROM '.sql_table('template_desc')\r
-                          . ' WHERE tdname="'.addslashes($name).'"';\r
-               $res = sql_query($query);\r
-               $obj = mysql_fetch_object($res);\r
-               return $obj->tdnumber;\r
-       }\r
-\r
-       /**\r
-        * Updates the general information about the template\r
-        */\r
-       function updateGeneralInfo($name, $desc) {\r
-               $query =  'UPDATE '.sql_table('template_desc').' SET'\r
-                          . " tdname='" . addslashes($name) . "',"\r
-                          . " tddesc='" . addslashes($desc) . "'"\r
-                          . " WHERE tdnumber=" . $this->getID();\r
-               sql_query($query);\r
-       }\r
-\r
-       /**\r
-        * Updates the contents of one part of the template\r
-        */\r
-       function update($type, $content) {\r
-               $id = $this->getID();\r
-\r
-               // delete old thingie\r
-               sql_query('DELETE FROM '.sql_table('template')." WHERE tpartname='". addslashes($type) ."' and tdesc=" . intval($id));\r
-\r
-               // write new thingie\r
-               if ($content) {\r
-                       sql_query('INSERT INTO '.sql_table('template')." SET tcontent='" . addslashes($content) . "', tpartname='" . addslashes($type) . "', tdesc=" . intval($id));\r
-               }\r
-       }\r
-\r
-\r
-       /**\r
-        * Deletes all template parts from the database\r
-        */\r
-       function deleteAllParts() {\r
-               sql_query('DELETE FROM '.sql_table('template').' WHERE tdesc='.$this->getID());\r
-       }\r
-\r
-       /**\r
-        * Creates a new template\r
-        *\r
-        * (static)\r
-        */\r
-       function createNew($name, $desc) {\r
-               global $manager;\r
-\r
-               // <temporary hack. for 3.4x ONLY !!>\r
-               global $CONF;\r
-               if (!$manager && $CONF['installscript']) {\r
-                       include_once($DIR_LIBS . 'MANAGER.php');\r
-                       $manager =& MANAGER::instance();\r
-               }\r
-               // </temporary hack. for 3.4x ONLY !!>\r
-\r
-               $manager->notify(\r
-                       'PreAddTemplate',\r
-                       array(\r
-                               'name' => &$name,\r
-                               'description' => &$desc\r
-                       )\r
-               );\r
-\r
-               sql_query('INSERT INTO '.sql_table('template_desc')." (tdname, tddesc) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "')");\r
-               $newId = mysql_insert_id();\r
-\r
-               $manager->notify(\r
-                       'PostAddTemplate',\r
-                       array(\r
-                               'templateid' => $newId,\r
-                               'name' => $name,\r
-                               'description' => $desc\r
-                       )\r
-               );\r
-\r
-               return $newId;\r
-       }\r
-\r
-\r
-\r
-       /**\r
-        * Reads a template and returns an array with the parts.\r
-        * (static)\r
-        *\r
-        * @param $name name of the template file\r
-        */\r
-       function read($name) {\r
-               global $manager;\r
-               $manager->notify(\r
-                       'PreTemplateRead',\r
-                       array(\r
-                               'template' => &$name\r
-                       )\r
-               );\r
-\r
-               $query = 'SELECT tpartname, tcontent'\r
-                          . ' FROM '.sql_table('template_desc').', '.sql_table('template')\r
-                          . ' WHERE tdesc=tdnumber and tdname="' . addslashes($name) . '"';\r
-               $res = sql_query($query);\r
-               while ($obj = mysql_fetch_object($res))\r
-                       $template[$obj->tpartname] = $obj->tcontent;\r
-\r
-               // set locale according to template:\r
-               if (isset($template['LOCALE']))\r
-                       setlocale(LC_TIME,$template['LOCALE']);\r
-               else\r
-                       setlocale(LC_TIME,'');\r
-\r
-               return $template;\r
-       }\r
-\r
-       /**\r
-         * fills a template with values\r
-         * (static)\r
-         *\r
-         * @param $template\r
-         *             Template to be used\r
-         * @param $values\r
-         *             Array of all the values\r
-         */\r
-       function fill($template, $values) {\r
-\r
-               if (sizeof($values) != 0) {\r
-                       // go through all the values\r
-                       for(reset($values); $key = key($values); next($values)) {\r
-                               $template = str_replace("<%$key%>",$values[$key],$template);\r
-                       }\r
-               }\r
-\r
-               // remove non matched template-tags\r
-               return preg_replace('/<%[a-zA-Z]+%>/','',$template);\r
-       }\r
-\r
-       // returns true if there is a template with the given shortname\r
-       // (static)\r
-       function exists($name) {\r
-               $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdname="'.addslashes($name).'"');\r
-               return (mysql_num_rows($r) != 0);\r
-       }\r
-\r
-       // returns true if there is a template with the given ID\r
-       // (static)\r
-       function existsID($id) {\r
-               $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdnumber='.intval($id));\r
-               return (mysql_num_rows($r) != 0);\r
-       }\r
-\r
-       // (static)\r
-       function getNameFromId($id) {\r
-               return quickQuery('SELECT tdname as result FROM '.sql_table('template_desc').' WHERE tdnumber=' . intval($id));\r
-       }\r
-\r
-       // (static)\r
-       function getDesc($id) {\r
-               $query = 'SELECT tddesc FROM '.sql_table('template_desc').' WHERE tdnumber='. intval($id);\r
-               $res = sql_query($query);\r
-               $obj = mysql_fetch_object($res);\r
-               return $obj->tddesc;\r
-       }\r
-\r
-\r
-\r
-}\r
-\r
+class TEMPLATE {
+
+       var $id;
+
+       function TEMPLATE($templateid) {
+               $this->id = intval($templateid);
+       }
+
+       function getID() {
+               return intval($this->id);
+       }
+
+       // (static)
+       function createFromName($name) {
+               return new TEMPLATE(TEMPLATE::getIdFromName($name));
+       }
+
+       // (static)
+       function getIdFromName($name) {
+               $query =  'SELECT tdnumber'
+                          . ' FROM '.sql_table('template_desc')
+                          . ' WHERE tdname="'.addslashes($name).'"';
+               $res = sql_query($query);
+               $obj = sql_fetch_object($res);
+               return $obj->tdnumber;
+       }
+
+       /**
+        * Updates the general information about the template
+        */
+       function updateGeneralInfo($name, $desc) {
+               $query =  'UPDATE '.sql_table('template_desc').' SET'
+                          . " tdname='" . addslashes($name) . "',"
+                          . " tddesc='" . addslashes($desc) . "'"
+                          . " WHERE tdnumber=" . $this->getID();
+               sql_query($query);
+       }
+
+       /**
+        * Updates the contents of one part of the template
+        */
+       function update($type, $content) {
+               $id = $this->getID();
+
+               // delete old thingie
+               sql_query('DELETE FROM '.sql_table('template')." WHERE tpartname='". addslashes($type) ."' and tdesc=" . intval($id));
+
+               // write new thingie
+               if ($content) {
+                       sql_query('INSERT INTO '.sql_table('template')." SET tcontent='" . addslashes($content) . "', tpartname='" . addslashes($type) . "', tdesc=" . intval($id));
+               }
+       }
+
+
+       /**
+        * Deletes all template parts from the database
+        */
+       function deleteAllParts() {
+               sql_query('DELETE FROM '.sql_table('template').' WHERE tdesc='.$this->getID());
+       }
+
+       /**
+        * Creates a new template
+        *
+        * (static)
+        */
+       function createNew($name, $desc) {
+               global $manager;
+
+               // <temporary hack. for 3.4x ONLY !!>
+               global $CONF;
+               if (!$manager && $CONF['installscript']) {
+                       include_once($DIR_LIBS . 'MANAGER.php');
+                       $manager =& MANAGER::instance();
+               }
+               // </temporary hack. for 3.4x ONLY !!>
+
+               $manager->notify(
+                       'PreAddTemplate',
+                       array(
+                               'name' => &$name,
+                               'description' => &$desc
+                       )
+               );
+
+               sql_query('INSERT INTO '.sql_table('template_desc')." (tdname, tddesc) VALUES ('" . addslashes($name) . "','" . addslashes($desc) . "')");
+               $newId = sql_insert_id();
+
+               $manager->notify(
+                       'PostAddTemplate',
+                       array(
+                               'templateid' => $newId,
+                               'name' => $name,
+                               'description' => $desc
+                       )
+               );
+
+               return $newId;
+       }
+
+
+
+       /**
+        * Reads a template and returns an array with the parts.
+        * (static)
+        *
+        * @param $name name of the template file
+        */
+       function read($name) {
+               global $manager;
+               $manager->notify(
+                       'PreTemplateRead',
+                       array(
+                               'template' => &$name
+                       )
+               );
+
+               $query = 'SELECT tpartname, tcontent'
+                          . ' FROM '.sql_table('template_desc').', '.sql_table('template')
+                          . ' WHERE tdesc=tdnumber and tdname="' . addslashes($name) . '"';
+               $res = sql_query($query);
+               while ($obj = sql_fetch_object($res))
+                       $template[$obj->tpartname] = $obj->tcontent;
+
+               // set locale according to template:
+               if (isset($template['LOCALE']))
+                       setlocale(LC_TIME,$template['LOCALE']);
+               else
+                       setlocale(LC_TIME,'');
+
+               return $template;
+       }
+
+       /**
+         * fills a template with values
+         * (static)
+         *
+         * @param $template
+         *             Template to be used
+         * @param $values
+         *             Array of all the values
+         */
+       function fill($template, $values) {
+
+               if (sizeof($values) != 0) {
+                       // go through all the values
+                       for(reset($values); $key = key($values); next($values)) {
+                               $template = str_replace("<%$key%>",$values[$key],$template);
+                       }
+               }
+
+               // remove non matched template-tags
+               return preg_replace('/<%[a-zA-Z]+%>/','',$template);
+       }
+
+       // returns true if there is a template with the given shortname
+       // (static)
+       function exists($name) {
+               $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdname="'.addslashes($name).'"');
+               return (sql_num_rows($r) != 0);
+       }
+
+       // returns true if there is a template with the given ID
+       // (static)
+       function existsID($id) {
+               $r = sql_query('select * FROM '.sql_table('template_desc').' WHERE tdnumber='.intval($id));
+               return (sql_num_rows($r) != 0);
+       }
+
+       // (static)
+       function getNameFromId($id) {
+               return quickQuery('SELECT tdname as result FROM '.sql_table('template_desc').' WHERE tdnumber=' . intval($id));
+       }
+
+       // (static)
+       function getDesc($id) {
+               $query = 'SELECT tddesc FROM '.sql_table('template_desc').' WHERE tdnumber='. intval($id);
+               $res = sql_query($query);
+               $obj = sql_fetch_object($res);
+               return $obj->tddesc;
+       }
+
+
+
+}
+
 ?>
\ No newline at end of file
index b788d3f..4884da0 100755 (executable)
@@ -73,7 +73,7 @@ class Backup
                // catch all output generated by plugins\r
                ob_start();\r
                $res = sql_query('SELECT pfile FROM '.sql_table('plugin'));\r
-               while ($plugName = mysql_fetch_object($res)) {\r
+               while ($plugName = sql_fetch_object($res)) {\r
                        $plug =& $manager->getPlugin($plugName->pfile);\r
                        if ($plug) $tables = array_merge($tables, (array) $plug->getTableList());\r
                }\r
@@ -160,7 +160,7 @@ class Backup
                // add command to drop table on restore\r
                echo "DROP TABLE IF EXISTS $tablename;\n";\r
                $result = sql_query("SHOW CREATE TABLE $tablename");\r
-               $create = mysql_fetch_assoc($result);\r
+               $create = sql_fetch_assoc($result);\r
                echo $create['Create Table'];\r
                echo ";\n\n";\r
        }\r
@@ -255,7 +255,7 @@ class Backup
        \r
                        $fields = array();\r
                        for ($j = 0; $j < $num_fields; $j++) {\r
-                               $fields[] = mysql_field_name($result, $j);\r
+                               $fields[] = sql_field_name($result, $j);\r
                        }\r
        \r
        /*      }*/\r
@@ -270,12 +270,12 @@ class Backup
                //\r
                // Grab the data from the table.\r
                //\r
-               $result = mysql_query("SELECT * FROM $tablename");\r
+               $result = sql_query("SELECT * FROM $tablename");\r
        \r
-               if(mysql_num_rows($result) > 0)\r
+               if(sql_num_rows($result) > 0)\r
                        echo "\n#\n# " . sprintf(_BACKUP_BACKUPFILE_TABLEDATAFOR, $tablename) . "\n#\n";\r
                        \r
-               $num_fields = mysql_num_fields($result);\r
+               $num_fields = sql_num_fields($result);\r
                \r
                //\r
                // Compose fieldname list\r
@@ -285,7 +285,7 @@ class Backup
                //\r
                // Loop through the resulting rows and build the sql statement.\r
                //\r
-               while ($row = mysql_fetch_array($result))\r
+               while ($row = sql_fetch_array($result))\r
                {\r
                        // Start building the SQL statement.\r
        \r
@@ -404,8 +404,8 @@ class Backup
                                // DEBUG\r
        //                      debug("Executing: " . htmlspecialchars($sql) . "\n");\r
        \r
-                           &nbs