1 | <?php |
||||
2 | /** |
||||
3 | * Xoopsemotions plugin for tinymce |
||||
4 | * |
||||
5 | * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) |
||||
6 | * @license GNU GPL 2.0 or later (https://www.gnu.org/licenses/gpl-2.0.html) |
||||
7 | * @package class / xoopseditor |
||||
8 | * @subpackage tinymce / xoops plugins |
||||
9 | * @since 2.3.0 |
||||
10 | * @author ralf57 |
||||
11 | * @author luciorota <[email protected]> |
||||
12 | * @author Laurent JEN <[email protected]> |
||||
13 | */ |
||||
14 | |||||
15 | use Xmf\Request; |
||||
16 | |||||
17 | // load mainfile.php - start |
||||
18 | $current_path = __DIR__; |
||||
19 | if (DIRECTORY_SEPARATOR !== '/') { |
||||
20 | $current_path = str_replace(DIRECTORY_SEPARATOR, '/', $current_path); |
||||
21 | } |
||||
22 | $xoops_root_path = substr($current_path, 0, strpos(strtolower($current_path), '/class/xoopseditor/tinymce/')); |
||||
23 | include_once $xoops_root_path . '/mainfile.php'; |
||||
24 | defined('XOOPS_ROOT_PATH') || exit('XOOPS root path not defined'); |
||||
25 | // load mainfile.php - end |
||||
26 | |||||
27 | // get current filename |
||||
28 | $current_file = basename(__FILE__); |
||||
29 | |||||
30 | // load language definitions |
||||
31 | xoops_loadLanguage('admin', 'system'); |
||||
32 | xoops_loadLanguage('admin/smilies', 'system'); |
||||
33 | xoops_loadLanguage('misc'); |
||||
34 | |||||
35 | // include system category definitions - start |
||||
36 | include_once XOOPS_ROOT_PATH . '/modules/system/constants.php'; |
||||
37 | |||||
38 | // check user/group |
||||
39 | $groups = is_object($GLOBALS['xoopsUser']) ? $GLOBALS['xoopsUser']->getGroups() : array(XOOPS_GROUP_ANONYMOUS); |
||||
40 | /** @var XoopsGroupPermHandler $gperm_handler */ |
||||
41 | $gperm_handler = xoops_getHandler('groupperm'); |
||||
42 | $admin = $gperm_handler->checkRight('system_admin', XOOPS_SYSTEM_SMILE, $groups); |
||||
43 | |||||
44 | $op = Request::getString('op', '', 'POST'); |
||||
45 | $op = Request::getString('op', $op, 'GET'); |
||||
46 | |||||
47 | $myts = \MyTextSanitizer::getInstance(); |
||||
48 | |||||
49 | if ($admin && $op === 'SmilesAdd') { |
||||
50 | if (!$GLOBALS['xoopsSecurity']->check()) { |
||||
51 | redirect_header($current_file, 3, implode('<br>', $GLOBALS['xoopsSecurity']->getErrors())); |
||||
52 | } |
||||
53 | /** @var XoopsMySQLDatabase $db */ |
||||
54 | $db = XoopsDatabaseFactory::getDatabaseConnection(); |
||||
55 | include_once XOOPS_ROOT_PATH . '/class/uploader.php'; |
||||
56 | $uploader = new XoopsMediaUploader(XOOPS_UPLOAD_PATH, array( |
||||
57 | 'image/gif', |
||||
58 | 'image/jpeg', |
||||
59 | 'image/pjpeg', |
||||
60 | 'image/x-png', |
||||
61 | 'image/png'), 100000, 120, 120); |
||||
62 | $uploader->setPrefix('smil'); |
||||
63 | if ($uploader->fetchMedia($_POST['xoops_upload_file'][0])) { |
||||
64 | if (!$uploader->upload()) { |
||||
65 | $err = $uploader->getErrors(); |
||||
66 | } else { |
||||
67 | $smile_url = $uploader->getSavedFileName(); |
||||
68 | $smile_code = $myts->stripSlashesGPC($_POST['smile_code']); |
||||
0 ignored issues
–
show
|
|||||
69 | $smile_desc = $myts->stripSlashesGPC($_POST['smile_desc']); |
||||
0 ignored issues
–
show
The function
MyTextSanitizer::stripSlashesGPC() has been deprecated: as of XOOPS 2.5.11 and will be removed in next XOOPS version
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
This function has been deprecated. The supplier of the function has supplied an explanatory message. The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.
Loading history...
|
|||||
70 | $smile_display = (int)$_POST['smile_display'] > 0 ? 1 : 0; |
||||
71 | $newid = $db->genId($db->prefix('smilies') . '_id_seq'); |
||||
72 | $sql = sprintf('INSERT INTO %s (id, code, smile_url, emotion, display) VALUES (%d, %s, %s, %s, %d)', $db->prefix('smiles'), $newid, $db->quoteString($smile_code), $db->quoteString($smile_url), $db->quoteString($smile_desc), $smile_display); |
||||
73 | if (!$db->query($sql)) { |
||||
74 | $err = 'Failed storing smiley data into the database'; |
||||
75 | } |
||||
76 | } |
||||
77 | } else { |
||||
78 | $err = $uploader->getErrors(); |
||||
79 | } |
||||
80 | if (!isset($err)) { |
||||
81 | unset($_SESSION['XoopsEmotions']); |
||||
82 | unset($_SESSION['XoopsEmotions_expire']); |
||||
83 | redirect_header($current_file, 2, _AM_DBUPDATED); |
||||
84 | } else { |
||||
85 | redirect_header($current_file, 3, xoops_error($err)); |
||||
0 ignored issues
–
show
Are you sure the usage of
xoops_error($err) is correct as it seems to always return null .
This check looks for function or method calls that always return null and whose return value is used. class A
{
function getObject()
{
return null;
}
}
$a = new A();
if ($a->getObject()) {
The method The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.
Loading history...
xoops_error($err) of type void is incompatible with the type string expected by parameter $message of redirect_header() .
(
Ignorable by Annotation
)
If this is a false-positive, you can also ignore this issue in your code via the
Loading history...
|
|||||
86 | } |
||||
87 | } |
||||
88 | |||||
89 | $time = time(); |
||||
90 | if (!isset($_SESSION['XoopsEmotions']) && (isset($_SESSION['XoopsEmotions_expire']) && $_SESSION['XoopsEmotions_expire'] < $time)) { |
||||
91 | $_SESSION['XoopsEmotions'] = $myts->getSmileys(); |
||||
92 | $_SESSION['XoopsEmotions_expire'] = $time + 300; |
||||
93 | } |
||||
94 | |||||
95 | //xoops_header(false); |
||||
96 | echo '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">'; |
||||
97 | echo '<html xmlns="https://www.w3.org/1999/xhtml" xml:lang="' . _LANGCODE . '" lang="' . _LANGCODE . '">'; |
||||
98 | echo '<head>'; |
||||
99 | echo '<meta http-equiv="content-type" content="text/html; charset=' . _CHARSET . '" />'; |
||||
100 | echo '<meta http-equiv="content-language" content="' . _LANGCODE . '" />'; |
||||
101 | ?> |
||||
102 | <head> |
||||
103 | <title>{#xoopsemotions_dlg.title}</title> |
||||
104 | <script type="text/javascript" src="../../tiny_mce_popup.js"></script> |
||||
105 | <script type="text/javascript" src="../../utils/mctabs.js"></script> |
||||
106 | <script type="text/javascript" src="../../utils/form_utils.js"></script> |
||||
107 | <script type="text/javascript" src="../../utils/validate.js"></script> |
||||
108 | <script type="text/javascript" src="js/xoopsemotions.js"></script> |
||||
109 | <link href="<?php echo xoops_getcss($xoopsConfig['theme_set']); ?>" rel="stylesheet" type="text/css"/> |
||||
110 | <link href="css/xoopsemotions.css" rel="stylesheet" type="text/css"/> |
||||
111 | <base target="_self"/> |
||||
112 | </head> |
||||
113 | <body> |
||||
114 | |||||
115 | <?php |
||||
116 | if (!$_SESSION['XoopsEmotions'] && !$admin) { |
||||
117 | echo "<div class='xoopsEmotions'>"; |
||||
118 | echo '<div>{#xoopsemotions_dlg.error_noemotions}</div>'; |
||||
119 | echo '</div>'; |
||||
120 | echo "<div class='mceActionPanel floatright'>"; |
||||
121 | echo "<input type='button' id='cancel' name='cancel' value='{#cancel}' onclick='tinyMCEPopup.close();' />"; |
||||
122 | echo '</div>'; |
||||
123 | xoops_footer(); |
||||
124 | exit(); |
||||
125 | } |
||||
126 | ?> |
||||
127 | |||||
128 | <div class="tabs"> |
||||
129 | <ul> |
||||
130 | <li id="tab_emotionsbrowser" class="current"><span><a href="javascript:mcTabs.displayTab('tab_emotionsbrowser','emotionsbrowser_panel');" |
||||
131 | onmousedown="return false;">{#xoopsemotions_dlg.tab_emotionsbrowser}</a></span></li> |
||||
132 | <?php |
||||
133 | if ($admin) { |
||||
134 | echo '<li id="tab_emotionsadmin"><span><a href="javascript:mcTabs.displayTab(\'tab_emotionsadmin\',\'emotionsadmin_panel\');" onmousedown="return false;">{#xoopsemotions_dlg.tab_emotionsadmin}</a></span></li>'; |
||||
135 | } |
||||
136 | ?> |
||||
137 | </ul> |
||||
138 | </div> |
||||
139 | |||||
140 | <div class="panel_wrapper"> |
||||
141 | <div id="emotionsbrowser_panel" class="panel current" style="overflow:auto;"> |
||||
142 | <?php |
||||
143 | if ($smiles = $_SESSION['XoopsEmotions']) { |
||||
144 | echo '<div><strong>' . _MSC_CLICKASMILIE . '</strong></div>'; |
||||
145 | echo "<div class='xoopsEmotions'>"; |
||||
146 | $count = count($smiles); |
||||
147 | |||||
148 | for ($i = 0; $i < $count; ++$i) { |
||||
149 | if ($op == '') { |
||||
150 | if ($smiles[$i]['display']) { |
||||
151 | echo '<img class="xoopsEmotions" onclick="XoopsemotionsDialog.insert(this);" src="' . XOOPS_UPLOAD_URL . '/' . $smiles[$i]['smile_url'] . '" alt="' . $myts->htmlSpecialChars($smiles[$i]['emotion']) . '" title="' . $myts->htmlSpecialChars($smiles[$i]['emotion']) . '" />'; |
||||
152 | } |
||||
153 | } else { |
||||
154 | echo '<img class="xoopsEmotions" onclick="XoopsemotionsDialog.insert(this);" src="' . XOOPS_UPLOAD_URL . '/' . $smiles[$i]['smile_url'] . '" alt="' . $myts->htmlSpecialChars($smiles[$i]['emotion']) . '" title="' . $myts->htmlSpecialChars($smiles[$i]['emotion']) . '" />'; |
||||
155 | } |
||||
156 | } |
||||
157 | if ($op == '') { |
||||
158 | echo '<div class="xoopsEmotions">'; |
||||
159 | echo '<a class="xoopsEmotions" href="' . $current_file . '?op=' . _MORE . '">' . _MORE . '</a>'; |
||||
160 | echo '</div>'; |
||||
161 | } |
||||
162 | echo '</div>'; |
||||
163 | } else { |
||||
164 | echo '<div>{#xoopsemotions_dlg.error_noemotions}</div>'; |
||||
165 | } |
||||
166 | ?> |
||||
167 | <div class="mceActionPanel floatright"> |
||||
168 | <input type="button" id="cancel" name="cancel" value="{#cancel}" onclick="tinyMCEPopup.close();"/> |
||||
169 | </div> |
||||
170 | </div> |
||||
171 | |||||
172 | <div id="emotionsadmin_panel" class="panel" style="overflow:auto;"> |
||||
173 | <?php |
||||
174 | if ($admin) { |
||||
175 | include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php'; |
||||
176 | |||||
177 | $smile_form = new XoopsThemeForm(_AM_ADDSMILE, 'smileform', $current_file, 'post', true); |
||||
178 | $smile_form->setExtra('enctype="multipart/form-data"'); |
||||
179 | $smile_form->addElement(new XoopsFormText(_AM_SMILECODE, 'smile_code', 26, 25, ''), true); |
||||
180 | $smile_form->addElement(new XoopsFormText(_AM_SMILEEMOTION, 'smile_desc', 26, 25, ''), true); |
||||
181 | $smile_select = new XoopsFormFile('', 'smile_url', 5000000); |
||||
182 | $smile_label = new XoopsFormLabel('', '<img src="' . XOOPS_UPLOAD_URL . '/blank.gif" alt="" />'); |
||||
183 | $smile_tray = new XoopsFormElementTray(_IMAGEFILE . ':', ' '); |
||||
184 | $smile_tray->addElement($smile_select); |
||||
185 | $smile_tray->addElement($smile_label); |
||||
186 | $smile_form->addElement($smile_tray); |
||||
187 | $smile_form->addElement(new XoopsFormRadioYN(_AM_DISPLAYF, 'smile_display', 1)); |
||||
188 | $smile_form->addElement(new XoopsFormHidden('id', '')); |
||||
189 | $smile_form->addElement(new XoopsFormHidden('op', 'SmilesAdd')); |
||||
190 | $smile_form->addElement(new XoopsFormHidden('fct', 'smilies')); |
||||
191 | $smile_form->addElement(new XoopsFormButton('', 'submit', _SUBMIT, 'submit')); |
||||
192 | |||||
193 | $smile_form->display(); |
||||
194 | } |
||||
195 | ?> |
||||
196 | <div class="mceActionPanel floatright"> |
||||
197 | <input type="button" id="cancel" name="cancel" value="{#cancel}" onclick="tinyMCEPopup.close();"/> |
||||
198 | </div> |
||||
199 | </div> |
||||
200 | |||||
201 | </div> |
||||
202 | <?php xoops_footer(); ?> |
||||
203 |
This function has been deprecated. The supplier of the function has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed and what other function to use instead.