makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-11 05:48:51 +00:00
Code Issues Projects Releases Packages Wiki Activity

Removed quoted numeric fields in SQL, tidied up various things

Browse source 
git-svn-id: file:///svn/phpbb/trunk@960 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
Paul S. Owen 2001-08-31 23:22:49 +00:00
parent c684df1d9b
commit 0316d0a490
1 changed files with 134 additions and 110 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

244
phpBB/admin/admin_forums.php
View file

@ -27,11 +27,16 @@ if($setmodules==1)
return; return;
} }
// ------------------
// Begin function block
//
function check_forum_name($forumname) function check_forum_name($forumname)
{ {
global $db; global $db;
$sql = "SELECT * from " . FORUMS_TABLE . "WHERE forum_name = '$forumname'"; $sql = "SELECT *
FROM " . FORUMS_TABLE . "
WHERE forum_name = '$forumname'";
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
if( !$result ) if( !$result )
{ {
@ -54,25 +59,31 @@ function get_info($mode, $id)
$idfield = 'cat_id'; $idfield = 'cat_id';
$namefield = 'cat_title'; $namefield = 'cat_title';
break; break;
case 'forum': case 'forum':
$table = FORUMS_TABLE; $table = FORUMS_TABLE;
$idfield = 'forum_id'; $idfield = 'forum_id';
$namefield = 'forum_name'; $namefield = 'forum_name';
break; break;
default: default:
message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__); message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);
break;
} }
$sql = " SELECT *
FROM $table $sql = "SELECT *
WHERE $idfield = $id"; FROM $table
WHERE $idfield = $id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't get Forum/Category information", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't get Forum/Category information", "", __LINE__, __FILE__, $sql);
} }
if( $db->sql_numrows($result) != 1 ) if( $db->sql_numrows($result) != 1 )
{ {
message_die(GENERAL_ERROR, "Forum/Category doesn't exist or multiple forums/categories with ID $id", "", __LINE__, __FILE__); message_die(GENERAL_ERROR, "Forum/Category doesn't exist or multiple forums/categories with ID $id", "", __LINE__, __FILE__);
} }
return $db->sql_fetchrow($result); return $db->sql_fetchrow($result);
} }
@ -87,38 +98,46 @@ function get_list($mode, $id, $select)
$idfield = 'cat_id'; $idfield = 'cat_id';
$namefield = 'cat_title'; $namefield = 'cat_title';
break; break;
case 'forum': case 'forum':
$table = FORUMS_TABLE; $table = FORUMS_TABLE;
$idfield = 'forum_id'; $idfield = 'forum_id';
$namefield = 'forum_name'; $namefield = 'forum_name';
break; break;
default: default:
message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__); message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);
break;
} }
$sql = "SELECT * FROM $table"; $sql = "SELECT *
if( $select == FALSE) FROM $table";
if( $select == 0 )
{ {
$sql .= " WHERE $idfield != '$id'"; $sql .= " WHERE $idfield <> $id";
} }
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't get list of Categories/Forums", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't get list of Categories/Forums", "", __LINE__, __FILE__, $sql);
} }
$cat_list = ""; $cat_list = "";
while( $row = $db->sql_fetchrow($result) ) while( $row = $db->sql_fetchrow($result) )
{ {
$s = ""; $s = "";
if ($row[$idfield] == $id) if ($row[$idfield] == $id)
{ {
$s = " SELECTED"; $s = " selected=\"selected\"";
} }
$catlist .= "<OPTION VALUE=\"$row[$idfield]\"$s>$row[$namefield]</OPTION>\n"; $catlist .= "<option value=\"$row[$idfield]\"$s>" . $row[$namefield] . "</option>\n";
} }
return($catlist); return($catlist);
} }
function renumber_order($mode, $cat=FALSE) function renumber_order($mode, $cat = 0)
{ {
global $db; global $db;
@ -128,22 +147,25 @@ function renumber_order($mode, $cat=FALSE)
$table = CATEGORIES_TABLE; $table = CATEGORIES_TABLE;
$idfield = 'cat_id'; $idfield = 'cat_id';
$orderfield = 'cat_order'; $orderfield = 'cat_order';
$cat = FALSE; $cat = 0;
break; break;
case 'forum': case 'forum':
$table = FORUMS_TABLE; $table = FORUMS_TABLE;
$idfield = 'forum_id'; $idfield = 'forum_id';
$orderfield = 'forum_order'; $orderfield = 'forum_order';
$catfield = 'cat_id'; $catfield = 'cat_id';
break; break;
default: default:
message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__); message_die(GENERAL_ERROR, "Wrong mode for generating select list", "", __LINE__, __FILE__);
break;
} }
$sql = "SELECT * FROM $table"; $sql = "SELECT * FROM $table";
if( $cat != FALSE) if( $cat != 0)
{ {
$sql .= " WHERE $catfield = '$cat'"; $sql .= " WHERE $catfield = $cat";
} }
$sql .= " ORDER BY $orderfield ASC"; $sql .= " ORDER BY $orderfield ASC";
@ -155,9 +177,12 @@ function renumber_order($mode, $cat=FALSE)
$i = 10; $i = 10;
$inc = 10; $inc = 10;
while( $row = $db->sql_fetchrow($result) ) while( $row = $db->sql_fetchrow($result) )
{ {
$sql = "UPDATE $table SET $orderfield = $i WHERE $idfield = ".$row["$idfield"]; $sql = "UPDATE $table
SET $orderfield = $i
WHERE $idfield = " . $row[$idfield];
if( !$db->sql_query($sql) ) if( !$db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't update order fields", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't update order fields", "", __LINE__, __FILE__, $sql);
@ -166,6 +191,9 @@ function renumber_order($mode, $cat=FALSE)
} }
} }
//
// End function block
// ------------------
// //
// Include required files, get $phpEx and check permissions // Include required files, get $phpEx and check permissions
@ -193,97 +221,78 @@ if(isset($mode)) // Are we supposed to do something?
sync('forum', $HTTP_GET_VARS['forum_id']); sync('forum', $HTTP_GET_VARS['forum_id']);
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'createforum': // Create a forum in the DB case 'createforum': // Create a forum in the DB
$sql = "SELECT $sql = "SELECT MAX(forum_order) AS max_order
max(forum_order) as max_order FROM " . FORUMS_TABLE . "
FROM ".FORUMS_TABLE." WHERE cat_id = " . $HTTP_POST_VARS['cat_id'];
WHERE cat_id = '".$HTTP_POST_VARS['cat_id']."'";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't get order number from forums table", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't get order number from forums table", "", __LINE__, __FILE__, $sql);
} }
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$max_order = $row['max_order']; $max_order = $row['max_order'];
$next_order = $max_order + 1; $next_order = $max_order + 1;
// There is no problem having duplicate forum names so we won't check for it. // There is no problem having duplicate forum names so we won't check for it.
$sql = "INSERT $sql = "INSERT INTO " . FORUMS_TABLE . " (forum_name, cat_id, forum_desc, forum_order, forum_status)
INTO ".FORUMS_TABLE."( VALUES ('" . $HTTP_POST_VARS['forumname'] . "', " . $HTTP_POST_VARS['cat_id'] . ", '" . $HTTP_POST_VARS['forumdesc'] . "', $next_order, " . $HTTP_POST_VARS['forumstatus'] . ")";
forum_name,
cat_id,
forum_desc,
forum_order,
forum_status)
VALUES (
'".$HTTP_POST_VARS['forumname']."',
'".$HTTP_POST_VARS['cat_id']."',
'".$HTTP_POST_VARS['forumdesc']."',
'".$next_order."',
'".$HTTP_POST_VARS['forumstatus']."')";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't insert row in forums table", "", __LINE__, __FILE__, $sql);
} }
if($HTTP_POST_VARS['prune_enable'] == 1)
if( $HTTP_POST_VARS['prune_enable'] == TRUE )
{ {
$new_forum_id = $db->sql_nextid(); $new_forum_id = $db->sql_nextid();
$sql = "INSERT INTO ".PRUNE_TABLE." (
forum_id, $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq)
prune_days, VALUES($new_forum_id, " . $HTTP_POST_VARS['prune_days'] . ", " . $HTTP_POST_VARS['prune_freq'] . ")";
prune_freq)
VALUES(
'$new_forum_id',
'".$HTTP_POST_VARS['prune_days']."',
'".$HTTP_POST_VARS['prune_freq']."')";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't insert row in prune table", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't insert row in prune table", "", __LINE__, __FILE__, $sql);
} }
} }
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'modforum': // Modify a forum in the DB case 'modforum': // Modify a forum in the DB
if($HTTP_POST_VARS['prune_enable'] != 1) if( $HTTP_POST_VARS['prune_enable'] != 1)
{ {
$HTTP_POST_VARS['prune_enable'] = 0; $HTTP_POST_VARS['prune_enable'] = 0;
} }
$sql = "UPDATE ".FORUMS_TABLE." SET $sql = "UPDATE " . FORUMS_TABLE . "
forum_name = '".$HTTP_POST_VARS['forumname']."', SET forum_name = '" . $HTTP_POST_VARS['forumname'] . "', cat_id = " . $HTTP_POST_VARS['cat_id'] . ", forum_desc = '" . $HTTP_POST_VARS['forumdesc'] . "', forum_status = " . $HTTP_POST_VARS['forumstatus'] . ", prune_enable = " . $HTTP_POST_VARS['prune_enable'] . "
cat_id = '".$HTTP_POST_VARS['cat_id']."', WHERE forum_id = ".$HTTP_POST_VARS['forum_id'];
forum_desc = '".$HTTP_POST_VARS['forumdesc']."',
forum_status = '".$HTTP_POST_VARS['forumstatus']."',
prune_enable = '".$HTTP_POST_VARS['prune_enable']."'
WHERE forum_id = '".$HTTP_POST_VARS['forum_id']."'";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);
} }
if($HTTP_POST_VARS['prune_enable'] == 1) if($HTTP_POST_VARS['prune_enable'] == 1)
{ {
$sql = "SELECT * FROM ".PRUNE_TABLE." $sql = "SELECT *
WHERE forum_id = '".$HTTP_POST_VARS['forum_id']."'"; FROM " . PRUNE_TABLE . "
if( !$result = $db->sql_query($sql) ) WHERE forum_id = " . $HTTP_POST_VARS['forum_id'];
{ if( !$result = $db->sql_query($sql) )
message_die(GENERAL_ERROR, "Couldn't get forum Prune Information","",__LINE__, __FILE__, $sql); {
} message_die(GENERAL_ERROR, "Couldn't get forum Prune Information","",__LINE__, __FILE__, $sql);
}
if( $db->sql_numrows($result) > 0 ) if( $db->sql_numrows($result) > 0 )
{ {
$sql = "UPDATE ".PRUNE_TABLE." SET $sql = "UPDATE " . PRUNE_TABLE . "
prune_days = '".$HTTP_POST_VARS['prune_days']."', SET prune_days = " . $HTTP_POST_VARS['prune_days'] . ", prune_freq = " . $HTTP_POST_VARS['prune_freq'] . "
prune_freq = '".$HTTP_POST_VARS['prune_freq']."' WHERE forum_id = " . $HTTP_POST_VARS['forum_id'];
WHERE forum_id = '".$HTTP_POST_VARS['forum_id']."'";
} }
else else
{ {
$sql = "INSERT INTO ".PRUNE_TABLE."( $sql = "INSERT INTO " . PRUNE_TABLE . " (forum_id, prune_days, prune_freq)
forum_id, VALUES(" . $HTTP_POST_VARS['forum_id'] . ", " . $HTTP_POST_VARS['prune_days'] . ", " . $HTTP_POST_VARS['prune_freq'] . ")";
prune_days,
prune_freq)
VALUES(
'".$HTTP_POST_VARS['forum_id']."',
'".$HTTP_POST_VARS['prune_days']."',
'".$HTTP_POST_VARS['prune_freq']."')";
} }
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't Update Forum Prune Information","",__LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't Update Forum Prune Information","",__LINE__, __FILE__, $sql);
@ -293,29 +302,30 @@ if(isset($mode)) // Are we supposed to do something?
break; break;
case 'addcat': case 'addcat':
$sql = "SELECT $sql = "SELECT MAX(cat_order) AS max_order
max(cat_order) as max_order FROM " . CATEGORIES_TABLE;
FROM ".CATEGORIES_TABLE;
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't get order number from categories table", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't get order number from categories table", "", __LINE__, __FILE__, $sql);
} }
$row = $db->sql_fetchrow($result); $row = $db->sql_fetchrow($result);
$max_order = $row['max_order']; $max_order = $row['max_order'];
$next_order = $max_order + 1; $next_order = $max_order + 1;
//
// There is no problem having duplicate forum names so we won't check for it. // There is no problem having duplicate forum names so we won't check for it.
$sql = "INSERT INTO ".CATEGORIES_TABLE."( //
cat_title, $sql = "INSERT INTO " . CATEGORIES_TABLE . " (cat_title, cat_order)
cat_order) VALUES ('" . $HTTP_POST_VARS['catname'] . "', $next_order)";
VALUES (
'".$HTTP_POST_VARS['catname']."',
'".$next_order."')";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't insert row in categories table", "", __LINE__, __FILE__, $sql);
} }
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'addforum': case 'addforum':
case 'editforum': case 'editforum':
if ($mode == 'editforum') if ($mode == 'editforum')
@ -336,8 +346,8 @@ if(isset($mode)) // Are we supposed to do something?
// //
if( $row['prune_enable'] == 1 ) if( $row['prune_enable'] == 1 )
{ {
$prune_enabled = "CHECKED"; $prune_enabled = "checked=\"checked\"";
$sql = "SELECT * $sql = "SELECT *
FROM " . PRUNE_TABLE . " FROM " . PRUNE_TABLE . "
WHERE forum_id = $forum_id"; WHERE forum_id = $forum_id";
if(!$pr_result = $db->sql_query($sql)) if(!$pr_result = $db->sql_query($sql))
@ -361,9 +371,9 @@ if(isset($mode)) // Are we supposed to do something?
$catlist = get_list('category', $cat_id, TRUE); $catlist = get_list('category', $cat_id, TRUE);
$forumstatus == FORUM_LOCKED ? $forumlocked = "selected" : $forumunlocked = "selected"; $forumstatus == FORUM_LOCKED ? $forumlocked = "selected=\"selected\"" : $forumunlocked = "selected=\"selected\"";
$statuslist = "<OPTION VALUE=\"".FORUM_UNLOCKED."\" $forumunlocked>Unlocked</OPTION>\n"; $statuslist = "<option value=\"".FORUM_UNLOCKED."\" $forumunlocked>Unlocked</option>\n";
$statuslist .= "<OPTION VALUE=\"".FORUM_LOCKED."\" $forumlocked>Locked</OPTION>\n"; $statuslist .= "<option value=\"".FORUM_LOCKED."\" $forumlocked>Locked</option>\n";
$template->set_filenames(array( $template->set_filenames(array(
"body" => "admin/forum_edit_body.tpl") "body" => "admin/forum_edit_body.tpl")
@ -386,9 +396,8 @@ if(isset($mode)) // Are we supposed to do something?
'BUTTONVALUE' => $buttonvalue) 'BUTTONVALUE' => $buttonvalue)
); );
$template->pparse("body"); $template->pparse("body");
break; break;
case 'editcat': case 'editcat':
$newmode = 'modcat'; $newmode = 'modcat';
$buttonvalue = 'Change'; $buttonvalue = 'Change';
@ -407,12 +416,12 @@ if(isset($mode)) // Are we supposed to do something?
'BUTTONVALUE' => $buttonvalue) 'BUTTONVALUE' => $buttonvalue)
); );
$template->pparse("body"); $template->pparse("body");
break; break;
case 'modcat': case 'modcat':
$sql = "UPDATE ".CATEGORIES_TABLE." SET $sql = "UPDATE " . CATEGORIES_TABLE . "
cat_title = '".$HTTP_POST_VARS['cat_title']."' SET cat_title = '" . $HTTP_POST_VARS['cat_title'] . "'
WHERE cat_id = '".$HTTP_POST_VARS['cat_id']."'"; WHERE cat_id = " . $HTTP_POST_VARS['cat_id'];
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't update forum information", "", __LINE__, __FILE__, $sql);
@ -420,6 +429,7 @@ if(isset($mode)) // Are we supposed to do something?
print "Modforum: ". $HTTP_POST_VARS['forumname']." sql= <pre>$sql</pre>"; print "Modforum: ". $HTTP_POST_VARS['forumname']." sql= <pre>$sql</pre>";
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'movedelforum': case 'movedelforum':
$from_id = $HTTP_POST_VARS['from_id']; $from_id = $HTTP_POST_VARS['from_id'];
$to_id = $HTTP_POST_VARS['to_id']; $to_id = $HTTP_POST_VARS['to_id'];
@ -427,7 +437,9 @@ if(isset($mode)) // Are we supposed to do something?
print "move '$from_id' to '$to_id'"; print "move '$from_id' to '$to_id'";
$sql = "SELECT * FROM ".FORUMS_TABLE." WHERE forum_id IN ($from_id, $to_id)"; $sql = "SELECT *
FROM " . FORUMS_TABLE . "
WHERE forum_id IN ($from_id, $to_id)";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't verify existence of forums", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't verify existence of forums", "", __LINE__, __FILE__, $sql);
@ -441,20 +453,20 @@ if(isset($mode)) // Are we supposed to do something?
if($delete_old == 1) if($delete_old == 1)
{ {
include($phpbb_root_path . "/include/prune.$phpEx"); include($phpbb_root_path . "/include/prune.$phpEx");
prune($from_id, FALSE); // Delete everything from forum prune($from_id, 0); // Delete everything from forum
} }
else else
{ {
$sql = "UPDATE ".TOPICS_TABLE." SET $sql = "UPDATE " . TOPICS_TABLE . "
forum_id = '$to_id' SET forum_id = $to_id
WHERE forum_id = '$from_id'"; WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't move topics to other forum", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't move topics to other forum", "", __LINE__, __FILE__, $sql);
} }
$sql = "UPDATE ".POSTS_TABLE." SET $sql = "UPDATE " . POSTS_TABLE . "
forum_id = '$to_id' SET forum_id = $to_id
WHERE forum_id = '$from_id'"; WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't move posts to other forum", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't move posts to other forum", "", __LINE__, __FILE__, $sql);
@ -462,8 +474,8 @@ if(isset($mode)) // Are we supposed to do something?
sync('forum', $to_id); sync('forum', $to_id);
} }
$sql = "DELETE FROM ".FORUMS_TABLE." $sql = "DELETE FROM " . FORUMS_TABLE . "
WHERE forum_id = '$from_id'"; WHERE forum_id = $from_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't delete forum", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't delete forum", "", __LINE__, __FILE__, $sql);
@ -471,12 +483,15 @@ if(isset($mode)) // Are we supposed to do something?
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'movedelcat': case 'movedelcat':
$from_id = $HTTP_POST_VARS['from_id']; $from_id = $HTTP_POST_VARS['from_id'];
$to_id = $HTTP_POST_VARS['to_id']; $to_id = $HTTP_POST_VARS['to_id'];
print "move '$from_id' to '$to_id'"; print "move '$from_id' to '$to_id'";
$sql = "SELECT * FROM ".CATEGORIES_TABLE." WHERE cat_id IN ($from_id, $to_id)"; $sql = "SELECT *
FROM " . CATEGORIES_TABLE . "
WHERE cat_id IN ($from_id, $to_id)";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't verify existence of categories", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't verify existence of categories", "", __LINE__, __FILE__, $sql);
@ -486,16 +501,16 @@ if(isset($mode)) // Are we supposed to do something?
message_die(GENERAL_ERROR, "Ambiguous category ID's", "", __LINE__, __FILE__); message_die(GENERAL_ERROR, "Ambiguous category ID's", "", __LINE__, __FILE__);
} }
$sql = "UPDATE ".FORUMS_TABLE." SET $sql = "UPDATE " . FORUMS_TABLE . "
cat_id = '$to_id' SET cat_id = $to_id
WHERE cat_id = '$from_id'"; WHERE cat_id = $from_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't move forums to other category", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't move forums to other category", "", __LINE__, __FILE__, $sql);
} }
$sql = "DELETE FROM ".CATEGORIES_TABLE." $sql = "DELETE FROM " . CATEGORIES_TABLE ."
WHERE cat_id = '$from_id'"; WHERE cat_id = $from_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't delete category", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't delete category", "", __LINE__, __FILE__, $sql);
@ -503,10 +518,11 @@ if(isset($mode)) // Are we supposed to do something?
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'deletecat': case 'deletecat':
print "Deletecat"; print "Deletecat";
$cat_id = $HTTP_GET_VARS['cat_id']; $cat_id = $HTTP_GET_VARS['cat_id'];
$to_ids = get_list('category', $cat_id, FALSE); $to_ids = get_list('category', $cat_id, 0);
$buttonvalue = "Move&Delete"; $buttonvalue = "Move&Delete";
$newmode = 'movedelcat'; $newmode = 'movedelcat';
$catinfo = get_info('category', $cat_id); $catinfo = get_info('category', $cat_id);
@ -525,10 +541,11 @@ if(isset($mode)) // Are we supposed to do something?
); );
$template->pparse("body"); $template->pparse("body");
break; break;
case 'deleteforum': case 'deleteforum':
print 'Deleteforum'; print 'Deleteforum';
$forum_id = $HTTP_GET_VARS['forum_id']; $forum_id = $HTTP_GET_VARS['forum_id'];
$to_ids = get_list('forum', $forum_id, FALSE); $to_ids = get_list('forum', $forum_id, 0);
$buttonvalue = "Move&Delete"; $buttonvalue = "Move&Delete";
$newmode = 'movedelforum'; $newmode = 'movedelforum';
$foruminfo = get_info('forum', $forum_id); $foruminfo = get_info('forum', $forum_id);
@ -547,10 +564,14 @@ if(isset($mode)) // Are we supposed to do something?
); );
$template->pparse("body"); $template->pparse("body");
break; break;
case 'cat_order': case 'cat_order':
$move = $HTTP_GET_VARS['move']; $move = $HTTP_GET_VARS['move'];
$cat_id = $HTTP_GET_VARS['cat_id']; $cat_id = $HTTP_GET_VARS['cat_id'];
$sql = "UPDATE ".CATEGORIES_TABLE." SET cat_order = cat_order + $move WHERE cat_id = $cat_id";
$sql = "UPDATE " . CATEGORIES_TABLE . "
SET cat_order = cat_order + $move
WHERE cat_id = $cat_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
@ -558,13 +579,16 @@ if(isset($mode)) // Are we supposed to do something?
renumber_order('category'); renumber_order('category');
$show_index = TRUE; $show_index = TRUE;
break; break;
case 'forum_order': case 'forum_order':
$move = $HTTP_GET_VARS['move']; $move = $HTTP_GET_VARS['move'];
$forum_id = $HTTP_GET_VARS['forum_id']; $forum_id = $HTTP_GET_VARS['forum_id'];
$forum_info = get_info('forum', $forum_id); $forum_info = get_info('forum', $forum_id);
$cat_id = $forum_info['cat_id']; $cat_id = $forum_info['cat_id'];
$sql = "UPDATE ".FORUMS_TABLE." SET forum_order = forum_order + $move WHERE forum_id = $forum_id"; $sql = "UPDATE " . FORUMS_TABLE . "
SET forum_order = forum_order + $move
WHERE forum_id = $forum_id";
if( !$result = $db->sql_query($sql) ) if( !$result = $db->sql_query($sql) )
{ {
message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Couldn't change category order", "", __LINE__, __FILE__, $sql);
@ -572,6 +596,7 @@ if(isset($mode)) // Are we supposed to do something?
renumber_order('forum', $forum_info['cat_id']); renumber_order('forum', $forum_info['cat_id']);
$show_index = TRUE; $show_index = TRUE;
break; break;
default: default:
print "Oops! Wrong mode.."; print "Oops! Wrong mode..";
} }
@ -601,10 +626,9 @@ if($total_categories = $db->sql_numrows($q_categories))
{ {
$category_rows = $db->sql_fetchrowset($q_categories); $category_rows = $db->sql_fetchrowset($q_categories);
$sql = "SELECT * $sql = "SELECT *
FROM " . FORUMS_TABLE . " FROM " . FORUMS_TABLE . "
ORDER BY cat_id, forum_order"; ORDER BY cat_id, forum_order";
if(!$q_forums = $db->sql_query($sql)) if(!$q_forums = $db->sql_query($sql))
{ {
message_die(GENERAL_ERROR, "Could not query forums information", "", __LINE__, __FILE__, $sql); message_die(GENERAL_ERROR, "Could not query forums information", "", __LINE__, __FILE__, $sql);