Location: PHPKode > projects > Particle Wiki > particle-wiki/includes/functions.php
<?php
// include other files
include("functions_admin.php");
include("functions_encode.php");
include("functions_moderate.php");

function dbSecure($code){
	
	if (get_magic_quotes_gpc()) {
	   $code = stripslashes($code);
	}
	
	if (function_exists("mysql_real_escape_string")){
		$code = mysql_real_escape_string($code);
	} elseif (function_exists("mysql_escape_string")){
		$code = mysql_escape_string($code);
	} else {
		$code = addslashes($code);
	}
	
	return $code;
}

// decode when needed
function un($code){
	if (get_magic_quotes_gpc()) {
	   $code = stripslashes($code);
	}
	return $code;
}

// direct input brought into line
function predbSecure($code){
	if (get_magic_quotes_gpc()){
		$code = addslashes($code);
	}
	return $code;
}

// start session, can be called after sign out
function StartSession(){
	// process session ID if required
	session_start();
}

// create a key for the email confirmation
function GenerateKey(){
	$salt = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890";
	srand((double)microtime()*1000000);  
    $i = 0;
    while ($i < 25) {  // change for other length
        $num = rand() % 33;
        $tmp = substr($salt, $num, 1);
        $pass = $pass . $tmp;
        $i++;
    }
    
    return $pass;
}

// redirect or echo URL if not supported
function redirect($url){
	Header("Location: " . $url);
	echo($url);
	die();
}

function SkinList($defaultvalue){
	
	// globalise variables
	global $config;
	
	// Open a known directory, and proceed to read its contents
	$codelist = "<select id=c_defaultskin name=c_defaultskin>\n";
	$tdir = $config["root"] . "skins/";
	$tdir = "skins/";
	if (is_dir($tdir)) {
		if ($dh = opendir($tdir)) {
			while (($file = readdir($dh)) !== false) {
				if ($file <> "." && $file <> ".." && filetype($tdir . $file) == "dir"){
					//echo "filename: $file : filetype: " . filetype($tdir . $file) . "<br />";
					$extracode = ($file == $config["defaultskin"]) ? " selected" : "";
					$codelist .= "		<option value=\"" . $file . "\"" . $extracode . ">" . $file . "</option>\n";
				}
			}
			closedir($dh);
		}
	}
	
	// finish the list
	$codelist .= "	</selected>";
	
	// return the list
	return $codelist;
}

// ok so if a user edits a page and wants to save
function SavePage($code, $ptitle, $reason = "", $pageid = 0){
	global $config, $dbprefix, $db, $usr;
	
	// if user is anonymous then check for allowed
	if ($config["anonedit"] == "0" && $usr->Access < 2){
		return "You do not have permission to edit this page";
	}
	
	// validate the data exists
	if ($code == ""){ return "You did not enter any content"; }
	if ($pageid == ""){ $pageid = 0; }
	
	// run edit against spam regex
	if ($config["spamregex"] <> ""){
		if (preg_match($config["spamregex"], $code, $matches)){
			return "Your edit hit an anti-spam block: " . $matches[0];
		}
	}
	
	// create some variables
	$ctime = time();
	
	// recordset to make sure page exists
	$sql = "SELECT * FROM " . $dbprefix . "pages WHERE ID = " . dbSecure($pageid);
	$page = $db->execute($sql);
	if ($page->rows < 1){
		// page does not exist, needs creating
		$sql = "INSERT INTO " . $dbprefix . "pages (postdate, title) VALUES (" . $ctime . ", '" . dbSecure($ptitle) . "')";
		$db->execute($sql);
		$updateid = mysql_insert_id();
	} else {
		// make sure mage isn't locked
		if ($page->fields["locked"] == 1 && $usr->Access < 2){
			return "This page has been locked and cannot be edited";
		}
		
		// set the ID of the page
		$updateid = $page->fields["ID"];
	}
	
	// ok so let's first create a history page
	$sql = "INSERT INTO " . $dbprefix . "history (pageid, postdate, author, body, reason) VALUES (";
	$sql .= $updateid . ", " . $ctime . ", '" . $_SERVER["REMOTE_ADDR"] . "', '";
	$sql .= dbSecure($code) . "', '" . dbSecure($reason) . "')";
	$db->execute($sql);
	
	// now let's update the pages table
	$sql = "UPDATE " . $dbprefix . "pages SET body = '" . dbSecure($code) . "', ";
	$sql .= "postdate = " . $ctime . " WHERE ID = " . $updateid;
	$db->execute($sql);
	
	// and let the user know
	return "Page saved and updated successfully! <a href=\"" . $config["wikipage"] . "?page=" . $ptitle . "\">View it...</a>";
}

// allow users to revent to an older version
function RevertPage($pageid, $revertid, $reason){
	global $config, $dbprefix, $db, $usr;
	
	// validate information has been entered
	if ($pageid == ""){ return "No page ID supplied"; }
	if ($revertid == ""){ return "No ID of the archived page supplied"; }
	
	// check that the page ID exists
	$sql = "SELECT * FROM " . $dbprefix . "pages WHERE ID = " . dbSecure($pageid);
	$page = $db->execute($sql);
	if ($page->rows < 1){ return "Unable to locate the page"; }
	
	// check the archived page also exists
	$sql = "SELECT * FROM " . $dbprefix . "history WHERE pageid = " . dbSecure($pageid) . " AND ID = " . dbSecure($revertid);
	$old = $db->execute($sql);
	if ($old->rows < 1){ return "Unable to locate the archived copy"; }
	
	// work out the reason
	$new_reason = "Reverting to copy " . $old->fields["ID"];
	if ($reason <> ""){
		$new_reason .= " (" . $reason . ")";
	}
	
	// ok, it looks ok, revert the page
	$errormsg = SavePage(predbSecure($old->fields["body"]), predbSecure($page->fields["title"]), $new_reason, $page->fields["ID"]);
	return $errormsg;
}

// allow admins to lock and unlock pages
function LockPage($paget){
	global $db, $dbprefix, $usr, $config;
	
	// first check the user
	$usr->Auth(2);
	
	// check the page exists
	$sql = "SELECT * FROM " . $dbprefix . "pages WHERE title = '" . dbSecure($paget) . "'";
	$page = $db->execute($sql);
	if ($page->rows < 1){ die("Unable to locate the page"); }
	
	// work out the new state
	$newstate = ($page->fields["locked"] == 1) ? 0 : 1;
	
	// ok, carry out the lock or unlock
	$sql = "UPDATE " . $dbprefix . "pages SET locked = " . $newstate . " WHERE ID = " . $page->fields["ID"];
	$db->execute($sql);
	
	// and return the user
	Header("Location: " . $config["wikipage"] . "?page=" . $page->fields["title"]);
}
?>
Return current item: Particle Wiki