diff options
-rwxr-xr-x | include/dba/dba_driver.php | 23 | ||||
-rw-r--r-- | include/session.php | 115 | ||||
-rw-r--r-- | include/text.php | 29 |
3 files changed, 99 insertions, 68 deletions
diff --git a/include/dba/dba_driver.php b/include/dba/dba_driver.php index 4a0f5e37b..708d8e709 100755 --- a/include/dba/dba_driver.php +++ b/include/dba/dba_driver.php @@ -24,7 +24,6 @@ function dba_factory($server, $port,$user,$pass,$db,$dbtype,$install = false) { $dba = null; - $dbtype = intval($dbtype); if($dbtype == DBTYPE_POSTGRES) { @@ -59,7 +58,7 @@ abstract class dba_driver { const INSTALL_SCRIPT='install/schema_mysql.sql'; const NULL_DATE = '0000-00-00 00:00:00'; const UTC_NOW = 'UTC_TIMESTAMP()'; - + protected $debug = 0; protected $db; public $connected = false; @@ -121,11 +120,11 @@ abstract class dba_driver { function get_null_date() { return static::NULL_DATE; } - + function get_install_script() { return static::INSTALL_SCRIPT; } - + function utcnow() { return static::UTC_NOW; } @@ -145,6 +144,7 @@ abstract class dba_driver { return false; } } + return true; } @@ -166,19 +166,19 @@ abstract class dba_driver { function quote_interval($txt) { return $txt; } - + function optimize_table($table) { q('OPTIMIZE TABLE '.$table); } - + function concat($fld, $sep) { return 'GROUP_CONCAT(DISTINCT '.$fld.' SEPARATOR \''.$sep.'\')'; } - + function escapebin($str) { return $this->escape($str); } - + function unescapebin($str) { return $str; } @@ -193,6 +193,7 @@ function printable($s) { $s = str_replace("\x00",'.',$s); if(x($_SERVER,'SERVER_NAME')) $s = escape_tags($s); + return $s; } @@ -252,7 +253,7 @@ function db_quoteinterval($txt) { function dbesc_identifier($str) { global $db; - return $db->escape_identifier($txt); + return $db->escape_identifier($str); } function db_utcnow() { @@ -349,6 +350,7 @@ function dbesc_array_cb(&$item, $key) { $item = '0001-01-01 00:00:00'; else if($item == '0001-01-01 00:00:00' && ACTIVE_DBTYPE == DBTYPE_MYSQL) $item = '0000-00-00 00:00:00'; + $item = dbesc($item); } } @@ -382,8 +384,7 @@ function db_getfunc($f) { $f = strtolower($f); if(isset($lookup[$f]) && isset($lookup[$f][ACTIVE_DBTYPE])) return $lookup[$f][ACTIVE_DBTYPE]; - + logger('Unable to abstract DB function "'. $f . '" for dbtype ' . ACTIVE_DBTYPE, LOGGER_DEBUG); return $f; } - diff --git a/include/session.php b/include/session.php index 0e2adb77d..31b3f0614 100644 --- a/include/session.php +++ b/include/session.php @@ -1,21 +1,29 @@ -<?php /** @file */ - -// Session management functions. These provide database storage of PHP -// session info. +<?php +/** + * @file include/session.php + * + * @brief This file includes session related functions. + * + * Session management functions. These provide database storage of PHP + * session info. + */ $session_exists = 0; $session_expire = 180000; function new_cookie($time) { - $old_sid = session_id(); + $old_sid = session_id(); // ??? This shouldn't have any effect if called after session_start() // We probably need to set the session expiration and change the PHPSESSID cookie. - session_set_cookie_params($time); - session_regenerate_id(false); + session_set_cookie_params($time); + session_regenerate_id(false); - q("UPDATE session SET sid = '%s' WHERE sid = '%s'", dbesc(session_id()), dbesc($old_sid)); + q("UPDATE session SET sid = '%s' WHERE sid = '%s'", + dbesc(session_id()), + dbesc($old_sid) + ); if (x($_COOKIE, 'jsAvailable')) { if ($time) { @@ -28,62 +36,72 @@ function new_cookie($time) { } -function ref_session_open ($s,$n) { - return true; +function ref_session_open ($s, $n) { + return true; } function ref_session_read ($id) { - global $session_exists; - if(x($id)) - $r = q("SELECT `data` FROM `session` WHERE `sid`= '%s'", dbesc($id)); - if(count($r)) { - $session_exists = true; - return $r[0]['data']; - } - return ''; + global $session_exists; + if(x($id)) + $r = q("SELECT `data` FROM `session` WHERE `sid`= '%s'", dbesc($id)); + + if(count($r)) { + $session_exists = true; + return $r[0]['data']; + } + + return ''; } -function ref_session_write ($id,$data) { - global $session_exists, $session_expire; - if(! $id || ! $data) { - return false; - } +function ref_session_write ($id, $data) { + global $session_exists, $session_expire; - $expire = time() + $session_expire; - $default_expire = time() + 300; + if(! $id || ! $data) { + return false; + } - if($session_exists) - $r = q("UPDATE `session` - SET `data` = '%s', `expire` = '%s' - WHERE `sid` = '%s'", - dbesc($data), dbesc($expire), dbesc($id)); - else - $r = q("INSERT INTO `session` (sid, expire, data) values ('%s', '%s', '%s')", - //SET `sid` = '%s', `expire` = '%s', `data` = '%s'", - dbesc($id), dbesc($default_expire), dbesc($data)); + $expire = time() + $session_expire; + $default_expire = time() + 300; + + if($session_exists) { + q("UPDATE `session` + SET `data` = '%s', `expire` = '%s' WHERE `sid` = '%s'", + dbesc($data), + dbesc($expire), + dbesc($id) + ); + } else { + q("INSERT INTO `session` (sid, expire, data) values ('%s', '%s', '%s')", + //SET `sid` = '%s', `expire` = '%s', `data` = '%s'", + dbesc($id), + dbesc($default_expire), + dbesc($data) + ); + } - return true; + return true; } function ref_session_close() { - return true; + return true; } function ref_session_destroy ($id) { - q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id)); - return true; + q("DELETE FROM `session` WHERE `sid` = '%s'", dbesc($id)); + return true; } function ref_session_gc($expire) { - q("DELETE FROM session WHERE expire < %d", dbesc(time())); - if (! get_config('system','innodb')) - db_optimizetable('session'); - return true; + q("DELETE FROM session WHERE expire < %d", dbesc(time())); + if (! get_config('system', 'innodb')) + db_optimizetable('session'); + + return true; } $gc_probability = 50; @@ -92,5 +110,14 @@ ini_set('session.gc_probability', $gc_probability); ini_set('session.use_only_cookies', 1); ini_set('session.cookie_httponly', 1); - -session_set_save_handler ('ref_session_open', 'ref_session_close', 'ref_session_read', 'ref_session_write', 'ref_session_destroy', 'ref_session_gc'); +/* + * PHP function which sets our user-level session storage functions. + */ +session_set_save_handler( + 'ref_session_open', + 'ref_session_close', + 'ref_session_read', + 'ref_session_write', + 'ref_session_destroy', + 'ref_session_gc' +);
\ No newline at end of file diff --git a/include/text.php b/include/text.php index 2a524f7f1..4c64c71bb 100644 --- a/include/text.php +++ b/include/text.php @@ -110,8 +110,6 @@ function z_input_filter($channel_id,$s,$type = 'text/bbcode') { - - function purify_html($s) { require_once('library/HTMLPurifier.auto.php'); require_once('include/html2bbcode.php'); @@ -360,8 +358,6 @@ function paginate(&$a) { function alt_pager(&$a, $i, $more = '', $less = '') { - $o = ''; - if(! $more) $more = t('older'); if(! $less) @@ -370,10 +366,10 @@ function alt_pager(&$a, $i, $more = '', $less = '') { $stripped = preg_replace('/(&page=[0-9]*)/','',$a->query_string); $stripped = str_replace('q=','',$stripped); $stripped = trim($stripped,'/'); - $pagenum = $a->pager['page']; + //$pagenum = $a->pager['page']; $url = $a->get_baseurl() . '/' . $stripped; - return replace_macros(get_markup_template('alt_pager.tpl'),array( + return replace_macros(get_markup_template('alt_pager.tpl'), array( '$has_less' => (($a->pager['page'] > 1) ? true : false), '$has_more' => (($i > 0 && $i >= $a->pager['itemspage']) ? true : false), '$less' => $less, @@ -600,6 +596,7 @@ function activity_match($haystack,$needle) { function get_tags($s) { $ret = array(); + $match = array(); // ignore anything in a code block @@ -1061,7 +1058,6 @@ function list_smilies() { * */ function smilies($s, $sample = false) { - $a = get_app(); if(intval(get_config('system','no_smilies')) || (local_channel() && intval(get_pconfig(local_channel(),'system','no_smilies')))) @@ -2111,6 +2107,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { $replaced = false; $r = null; + $match = array(); $termtype = ((strpos($tag,'#') === 0) ? TERM_HASHTAG : TERM_UNKNOWN); $termtype = ((strpos($tag,'@') === 0) ? TERM_MENTION : $termtype); @@ -2354,7 +2351,7 @@ function handle_tag($a, &$body, &$access_tag, &$str_tags, $profile_uid, $tag) { function linkify_tags($a, &$body, $uid) { $str_tags = ''; $tagged = array(); - $result = array(); + $results = array(); $tags = get_tags($body); @@ -2375,18 +2372,23 @@ function linkify_tags($a, &$body, $uid) { if($fullnametagged) continue; + // @FIXME which $profile_uid? It's not set anywhere. $success = handle_tag($a, $body, $access_tag, $str_tags, ($uid) ? $uid : $profile_uid , $tag); $results[] = array('success' => $success, 'access_tag' => $access_tag); if($success['replaced']) $tagged[] = $tag; } } + return $results; } /** - * @brief returns icon name for use with e.g. font-awesome based on mime-type + * @brief returns icon name for use with e.g. font-awesome based on mime-type. + * + * These are the the font-awesome names of version 3.2.1. The newer font-awesome + * 4 has different names. * - * @param string $type + * @param string $type mime type * @return string */ function getIconFromType($type) { @@ -2439,10 +2441,10 @@ function getIconFromType($type) { * @brief Returns a human readable formatted string for filesizes. * * @param int $size filesize in bytes - * @return string + * @return string human readable formatted filesize */ function userReadableSize($size) { - $ret = ""; + $ret = ''; if (is_numeric($size)) { $incr = 0; $k = 1024; @@ -2451,7 +2453,8 @@ function userReadableSize($size) { $incr++; $size = round($size / $k, 2); } - $ret = $size . " " . $unit[$incr]; + $ret = $size . ' ' . $unit[$incr]; } + return $ret; } |