Changeset 12990 for trunk/xmlrpc
- Timestamp:
- 10/20/09 19:42:05 (3 years ago)
- Location:
- trunk/xmlrpc
- Files:
-
- 7 edited
-
BxDolXMLRPCImages.php (modified) (5 diffs)
-
BxDolXMLRPCMedia.php (modified) (7 diffs)
-
BxDolXMLRPCMessages.php (modified) (3 diffs)
-
BxDolXMLRPCProfileView.php (modified) (1 diff)
-
BxDolXMLRPCSearch.php (modified) (4 diffs)
-
BxDolXMLRPCUser.php (modified) (1 diff)
-
BxDolXMLRPCUtil.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/xmlrpc/BxDolXMLRPCImages.php
r11678 r12990 23 23 return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1,"int")), "struct")); 24 24 25 if (BxDolService::call('photos', 'remove_object', array( $iImageId)))25 if (BxDolService::call('photos', 'remove_object', array((int)$iImageId))) 26 26 return new xmlrpcval ("ok"); 27 27 return new xmlrpcval ("fail"); … … 33 33 return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1,"int")), "struct")); 34 34 35 if (BxDolService::call('avatar', 'make_avatar_from_shared_photo_auto', array( $iImageId)))35 if (BxDolService::call('avatar', 'make_avatar_from_shared_photo_auto', array((int)$iImageId))) 36 36 return new xmlrpcval ("ok"); 37 37 return new xmlrpcval ("fail"); … … 67 67 if (!$f) 68 68 return new xmlrpcval ("fail fopen"); 69 if (!fwrite ($f, $binImageData, $iDataLength))69 if (!fwrite ($f, $binImageData, (int)$iDataLength)) 70 70 { 71 71 fclose($f); … … 85 85 86 86 $aFileInfo = array(); 87 $aFileInfo['medTitle'] = htmlspecialchars_adv($sTitle);88 $aFileInfo['medDesc'] = process_db_input( htmlspecialchars_adv($sDesc));89 $aFileInfo['medTags'] = process_db_input( htmlspecialchars_adv($sTags));87 $aFileInfo['medTitle'] = process_db_input($sTitle, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION); 88 $aFileInfo['medDesc'] = process_db_input($sDesc, BX_TAGS_VALIDATE, BX_SLASHES_NO_ACTION); 89 $aFileInfo['medTags'] = process_db_input($sTags, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION); 90 90 $aFileInfo['Categories'] = array (); 91 91 $aFileInfo['album'] = is_array($mixedAlbum) && count($mixedAlbum) ? $mixedAlbum : array($mixedAlbum); 92 foreach ($aFileInfo['album'] as $k => $v) 93 $aFileInfo['album'][$k] = process_db_input($v, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION); 92 94 93 95 $isUpdateThumb = (int)db_value("SELECT `Avatar` FROM `Profiles` WHERE `ID` = '$iId' LIMIT 1") ? false : true; … … 106 108 return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1,"int")), "struct")); 107 109 108 return BxDolXMLRPCMedia::_getFilesInAlbum ('photos', $iIdProfile, $iAlbumId);110 return BxDolXMLRPCMedia::_getFilesInAlbum ('photos', $iIdProfile, (int)$iAlbumId); 109 111 } 110 112 -
trunk/xmlrpc/BxDolXMLRPCMedia.php
r11465 r12990 9 9 $iIdProfile = BxDolXMLRPCUtil::getIdByNickname ($sNick); 10 10 if (!$iIdProfile || !($iId = BxDolXMLRPCUtil::checkLogin ($sUser, $sPwd))) 11 return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1,"int")), "struct")); 11 return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1,"int")), "struct")); 12 12 13 13 return BxDolXMLRPCMedia::_getFilesInCategory ('videos', $iIdProfile, $sCat, 'video', 'getToken', 'flash/modules/video/files/get_mobile.php?id='); … … 24 24 25 25 function _getFilesInCategory ($sModuleName, $iIdProfile, $sCat, $sWidget = '', $sFuncToken = '', $sTokenUrl = '') 26 { 27 if ($sWidget ) {26 { 27 if ($sWidget && preg_match('/[a-zA-Z0-9]+/', $sWidget)) { 28 28 $GLOBALS['sModule'] = $sWidget; 29 29 require_once (BX_DIRECTORY_PATH_ROOT . "flash/modules/{$sWidget}/inc/header.inc.php"); 30 } 31 32 $a = BxDolService::call ($sModuleName, 'get_files_in_cat', array($iIdProfile, $sCat), 'Search'); 30 } else { 31 $sWidget = ''; 32 } 33 34 $sCat = process_db_input($sCat, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 35 36 $a = BxDolService::call ($sModuleName, 'get_files_in_cat', array((int)$iIdProfile, $sCat), 'Search'); 33 37 if (!$a) 34 38 return new xmlrpcval (array(), "array"); … … 79 83 function _getMediaCategories ($sType, $iIdProfile) 80 84 { 85 $iIdProfile = (int)$iIdProfile; 81 86 switch ($sType) { 82 87 case 'photo': … … 158 163 } 159 164 bx_import('BxDolAlbums'); 160 $o = new BxDolAlbums ($sType, $iIdProfile);161 $aList = $o->getAlbumList (array('owner' => $iIdProfile));165 $o = new BxDolAlbums ($sType, (int)$iIdProfile); 166 $aList = $o->getAlbumList (array('owner' => (int)$iIdProfile)); 162 167 $aXmlRpc = array (); 163 168 foreach ($aList as $r) … … 195 200 function _getFilesInAlbum ($sModuleName, $iIdProfile, $iAlbumId, $sWidget = '', $sFuncToken = '', $sTokenUrl = '') 196 201 { 197 if ($sWidget ) {202 if ($sWidget && preg_match('/[a-zA-Z0-9]+/', $sWidget)) { 198 203 require_once (BX_DIRECTORY_PATH_ROOT . "flash/modules/global/inc/db.inc.php"); 199 204 require_once (BX_DIRECTORY_PATH_ROOT . "flash/modules/{$sWidget}/inc/header.inc.php"); … … 202 207 } 203 208 204 $a = BxDolService::call ($sModuleName, 'get_files_in_album', array( $iAlbumId), 'Search');209 $a = BxDolService::call ($sModuleName, 'get_files_in_album', array((int)$iAlbumId), 'Search'); 205 210 if (!$a) 206 211 return new xmlrpcval (array(), "array"); … … 227 232 } 228 233 return new xmlrpcval ($aFiles, "array"); 229 } 234 } 230 235 } 231 236 -
trunk/xmlrpc/BxDolXMLRPCMessages.php
r9985 r12990 32 32 require_once( BX_DIRECTORY_PATH_ROOT . 'templates/tmpl_' . $GLOBALS['tmpl'] . '/scripts/BxTemplMailBox.php'); 33 33 34 $sRecipient = process_db_input ($sRecipient, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 34 35 $aRecipient = db_arr("SELECT * FROM `Profiles` WHERE `NickName` = '$sRecipient'"); 35 36 if (!$aRecipient) … … 44 45 'send_copy_to_me' => 'me' == $sSendTo || 'both' == $sSendTo ? true : false, 45 46 ); 46 $oMailBox->sendMessage( strip_tags($sSubj), nl2br(strip_tags($sText)), $aRecipient['ID'], $aComposeSettings);47 $oMailBox->sendMessage(process_db_input ($sSubj, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION), nl2br(process_db_input ($sText, BX_TAGS_STRIP, BX_SLASHES_NO_ACTION)), $aRecipient['ID'], $aComposeSettings); 47 48 return new xmlrpcval ($oMailBox->iSendMessageStatusCode); 48 49 } … … 55 56 56 57 $aMsgs = array (); 58 $iMsgId = (int)$iMsgId; 57 59 $sJoinOn = $isInbox ? " `m`.`Sender` = `p`.`ID` " : " `m`.`Recipient` = `p`.`ID` "; 58 60 $aRow = db_arr ("SELECT -
trunk/xmlrpc/BxDolXMLRPCProfileView.php
r9985 r12990 7 7 function BxDolXMLRPCProfileView($iProfileId) 8 8 { 9 BxBaseProfileGenerator::BxBaseProfileGenerator ( $iProfileId);9 BxBaseProfileGenerator::BxBaseProfileGenerator ((int)$iProfileId); 10 10 } 11 11 -
trunk/xmlrpc/BxDolXMLRPCSearch.php
r12465 r12990 10 10 BxDolXMLRPCUtil::setLanguage ($sLang); 11 11 12 $sCountryCode = process_db_input ($sCountryCode, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 13 $sCity = process_db_input ($sCity, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 14 12 15 $sWhere = ''; 13 16 if ($sCountryCode) … … 19 22 if ($isOnlineOnly) 20 23 { 21 $iOnlineTime = getParam( 'member_online_time' );24 $iOnlineTime = (int)getParam( 'member_online_time' ); 22 25 $sWhere .= " AND `DateLastNav` >= DATE_SUB(NOW(), INTERVAL $iOnlineTime MINUTE)"; 23 26 } … … 47 50 48 51 BxDolXMLRPCUtil::setLanguage ($sLang); 52 53 $sLat = (float)$sLat; 54 $sLng = (float)$sLng; 49 55 50 56 $sWhere = ''; … … 90 96 BxDolXMLRPCUtil::setLanguage ($sLang); 91 97 98 $sKeyword = process_db_input ($sKeyword, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 99 92 100 $sMatch = ''; 93 101 if ($sKeyword && strlen($sKeyword) > 2) -
trunk/xmlrpc/BxDolXMLRPCUser.php
r12465 r12990 11 11 function updateUserLocation ($sUser, $sPwd, $sLat, $sLng, $sZoom, $sMapType) 12 12 { 13 if (!($iId = BxDolXMLRPCUtil::checkLogin ($sUser, $sPwd)) )13 if (!($iId = BxDolXMLRPCUtil::checkLogin ($sUser, $sPwd)) || !preg_match('/[A-Za-z0-9]+/', $sMapType)) 14 14 return new xmlrpcresp(new xmlrpcval(array('error' => new xmlrpcval(1,"int")), "struct")); 15 15 16 $iRet = BxDolService::call('map_profiles', 'update_profile_location_manually', array ($iId, $sLat, $sLng,$sZoom, $sMapType, '', '')) ? '1' : '0';16 $iRet = BxDolService::call('map_profiles', 'update_profile_location_manually', array ($iId, (float)$sLat, (float)$sLng, (int)$sZoom, $sMapType, '', '')) ? '1' : '0'; 17 17 18 18 return new xmlrpcresp(new xmlrpcval($iRet)); -
trunk/xmlrpc/BxDolXMLRPCUtil.php
r12090 r12990 83 83 { 84 84 $sType = $sType == 'thumb' ? 'medium' : 'small'; 85 return $GLOBALS['oFunctions']->getMemberAvatar ( $iId, $sType);85 return $GLOBALS['oFunctions']->getMemberAvatar ((int)$iId, $sType); 86 86 } 87 87 … … 89 89 { 90 90 $aRet = array (); 91 $aSexSql = getProfileInfo( $iId); //db_arr( $sSexSql );91 $aSexSql = getProfileInfo((int)$iId); 92 92 $aRet['title'] = new xmlrpcval($aSexSql['Headline']); 93 $aRet['thumb'] = new xmlrpcval(BxDolXMLRPCUtil::getThumbLink($iId)); //$sFileName);93 $aRet['thumb'] = new xmlrpcval(BxDolXMLRPCUtil::getThumbLink($iId)); 94 94 $aRet['sex'] = new xmlrpcval($aSexSql['Sex']); 95 95 $aRet['age'] = new xmlrpcval(age($aSexSql['DateOfBirth'])); … … 142 142 function getIdByNickname ($sUser) 143 143 { 144 $sUser = process_db_input($sUser, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 144 145 return (int)db_value("SELECT `ID` FROM `Profiles` WHERE `NickName` = '$sUser' LIMIT 1"); 145 146 } … … 148 149 { 149 150 //sleep(1); 150 $iId = BxDolXMLRPCUtil::getIdByNickname ($sUser);151 $iId = (int)BxDolXMLRPCUtil::getIdByNickname ($sUser); 151 152 $_COOKIE["memberID" ] = $iId; 152 $_COOKIE["memberPassword"] = $sPwd;153 $_COOKIE["memberPassword"] = process_db_input($sPwd, BX_TAGS_NO_ACTION, BX_SLASHES_NO_ACTION); 153 154 return ($GLOBALS['logged']['member'] = member_auth(0, false)) ? $iId : 0; 154 155 } … … 156 157 function setLanguage ($sLang) 157 158 { 158 if ('English' == $sLang )159 if ('English' == $sLang || !preg_match('/[a-zA-Z]+/', $sLang)) 159 160 $sLang = 'en'; 160 161 $_GET['lang'] = $sLang;
Note: See TracChangeset
for help on using the changeset viewer.
