 XoopsModules25x    /
                    xoopshp
                      XoopsModules25x    /
                    xoopshp
                
                            This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include, or for example
                                via PHP's auto-loading mechanism.
                                                    These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
| 1 | <?php | ||
| 2 | // ------------------------------------------------------------------------ // | ||
| 3 | // -- XoopsHP Module -- Xoops e-Learning System // | ||
| 4 | // Copyright (c) 2005 SUDOW-SOKEN // | ||
| 5 | // <http://www.mailpark.co.jp/> // | ||
| 6 | // ------------------------------------------------------------------------ // | ||
| 7 | // Based on XoopsHP1.01 by Yoshi, aka HowardGee. // | ||
| 8 | // ------------------------------------------------------------------------ // | ||
| 9 | // This program is free software; you can redistribute it and/or modify // | ||
| 10 | // it under the terms of the GNU General Public License as published by // | ||
| 11 | // the Free Software Foundation; either version 2 of the License, or // | ||
| 12 | // (at your option) any later version. // | ||
| 13 | // // | ||
| 14 | // You may not change or alter any portion of this comment or credits // | ||
| 15 | // of supporting developers from this source code or any supporting // | ||
| 16 | // source code which is considered copyrighted (c) material of the // | ||
| 17 | // original comment or credit authors. // | ||
| 18 | // // | ||
| 19 | // This program is distributed in the hope that it will be useful, // | ||
| 20 | // but WITHOUT ANY WARRANTY; without even the implied warranty of // | ||
| 21 | // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // | ||
| 22 | // GNU General Public License for more details. // | ||
| 23 | // // | ||
| 24 | // You should have received a copy of the GNU General Public License // | ||
| 25 | // along with this program; if not, write to the Free Software // | ||
| 26 | // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // | ||
| 27 | // ------------------------------------------------------------------------ // | ||
| 28 | include __DIR__ . '/header.php'; | ||
| 29 | |||
| 30 | // License check: Add access permission to the guest group if license hasn't been purchased | ||
| 31 | $groupperm_handler = xoops_getHandler('groupperm', 'xoopshp'); | ||
| 32 | if (!$xoopsModuleConfig['has_license'] | ||
| 33 |     && !$groupperm_handler->checkRight('module_read', $xoopsModule->getVar('mid'), XOOPS_GROUP_ANONYMOUS) | ||
| 34 | ) { | ||
| 35 |     //    $groupperm_handler->addRight('module_read', $xoopsModule->getVar('mid'), XOOPS_GROUP_ANONYMOUS); | ||
| 36 | // Heck, can't figure out how to get around the restriction in the kernel, so here's a tentative workaround. | ||
| 37 |     $query  = 'INSERT INTO ' . $xoopsDB->prefix('group_permission') . ' (gperm_name, gperm_itemid, gperm_groupid, gperm_modid) VALUES (' . $xoopsDB->quoteString('module_read') . ', ' | ||
| 38 |               . $xoopsModule->getVar('mid') . ', ' . XOOPS_GROUP_ANONYMOUS . ', 1)'; | ||
| 39 | $result = $xoopsDB->queryF($query); | ||
| 40 | } | ||
| 41 | |||
| 42 | global $isModAdmin; | ||
| 43 | if ($xoopsUser && $xoopsUser->isAdmin($xoopsModule->mid())) { | ||
| 44 | $isModAdmin = true; | ||
| 45 | } else { | ||
| 46 | $isModAdmin = false; | ||
| 47 | } | ||
| 48 | |||
| 49 | function listsections() | ||
| 50 | { | ||
| 51 | global $xoopsConfig, $xoopsModuleConfig, $xoopsDB, $xoopsUser, $xoopsTheme, $xoopsLogger, $xoopsModule, $xoopsTpl, $isModAdmin, $xoopsUserIsAdmin, $xoopsModuleConfig; | ||
| 52 | include XOOPS_ROOT_PATH . '/header.php'; | ||
| 53 | $myts = MyTextSanitizer::getInstance(); | ||
| 54 | include __DIR__ . '/module_prefix.php'; | ||
| 55 |     $result = $xoopsDB->query('SELECT secid, secname, secdesc, display, expire FROM ' . $xoopsDB->prefix($module_prefix . '_sections') . ' ORDER BY secname'); | ||
| 0 ignored issues–
                            show | |||
| 56 | echo "<div style='text-align: center;'>"; | ||
| 57 | echo "<h2 align='center'>"; | ||
| 58 | printf($xoopsModuleConfig['welcome'], htmlspecialchars($xoopsConfig['sitename'], ENT_QUOTES)); | ||
| 59 | echo '</h2>'; | ||
| 60 | echo "<h4 align='center'>" . $xoopsModuleConfig['welcome_desc'] . '</h4>'; | ||
| 61 | echo "<div id='content'>"; | ||
| 62 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'><tr>"; | ||
| 63 | echo "<td align='left' valign='top'><b>" . _MD_RETURN2INDEX . '</b></td>'; | ||
| 64 |     if ($xoopsUser) { | ||
| 65 | echo "<td align='right' valign='center'><a href='index.php?op=portfolio&secid=0&sort_key=timestamp'><span style='font-weight:bold;font-size:larger;'>" . _MD_LT_PORTFOLIO | ||
| 66 | . '</span></a></td>'; | ||
| 67 | } | ||
| 68 | echo '</tr></table>'; | ||
| 69 | |||
| 70 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'>"; | ||
| 71 | echo '<tr>'; | ||
| 72 | echo '<th>' . _MD_SECNAMEC . '</th>'; | ||
| 73 | echo '<th>' . _MD_SECDESC . '</th>'; | ||
| 74 | echo '<th>' . _MD_SECQNUM . '</th>'; | ||
| 75 |     if ($xoopsUser) { | ||
| 76 | echo '<th>' . _MD_SECDNUM . '</th>'; | ||
| 77 | } | ||
| 78 | echo '<th size=19>' . _MD_LT_EXPIRE . '</th>'; | ||
| 79 | echo '</tr>'; | ||
| 80 | |||
| 81 |     while (list($secid, $secname, $secdesc, $display, $expire) = $xoopsDB->fetchRow($result)) { | ||
| 82 |         if ($display) { | ||
| 83 | $secid = (int)$secid; | ||
| 84 | $secname = $myts->stripSlashesGPC($secname); | ||
| 85 | $secdesc = $myts->stripSlashesGPC($secdesc); | ||
| 86 | $expire = $myts->stripSlashesGPC($expire); | ||
| 87 | $currenttime = formatTimestamp(time(), 'Y-m-d H:i:s'); | ||
| 88 | echo '<tr>'; | ||
| 89 |             if ($expire !== '0000-00-00 00:00:00' && $expire < $currenttime) { | ||
| 90 | echo "<td class='even'>" . $myts->displayTarea($secname) . '</td>'; | ||
| 91 |             } else { | ||
| 92 | echo "<td class='even'><a href='index.php?op=listarticles&secid=$secid'><b>$secname</b></a></td>"; | ||
| 93 | } | ||
| 94 | echo "<td class='even'>" . $myts->displayTarea($secdesc) . '</td>'; | ||
| 95 | include __DIR__ . '/module_prefix.php'; | ||
| 96 | $result_db = $xoopsDB->prefix($module_prefix . '_results'); | ||
| 97 | include __DIR__ . '/module_prefix.php'; | ||
| 98 | $quiz_db = $xoopsDB->prefix($module_prefix . '_quiz'); | ||
| 99 |             $qnum    = $xoopsDB->query("SELECT * FROM $quiz_db WHERE secid=$secid"); | ||
| 100 | $qnum = $xoopsDB->getRowsNum($qnum); | ||
| 101 | echo "<td class='even' align='center'>$qnum</td>"; | ||
| 102 |             if ($xoopsUser) { | ||
| 103 | include __DIR__ . '/module_prefix.php'; | ||
| 104 | $quiz_db = $xoopsDB->prefix($module_prefix . '_quiz'); | ||
| 105 |                 if ($isModAdmin) { | ||
| 106 | $query = "SELECT DISTINCT $result_db.quiz_id, $quiz_db.artid, $quiz_db.secid FROM $result_db, $quiz_db WHERE $quiz_db.artid = $result_db.quiz_id AND $quiz_db.secid = $secid"; | ||
| 107 |                 } else { | ||
| 108 | $query = | ||
| 109 | "SELECT DISTINCT $result_db.quiz_id, $quiz_db.artid, $quiz_db.secid FROM $result_db, $quiz_db WHERE $quiz_db.artid = $result_db.quiz_id AND $quiz_db.secid = $secid AND uid=" | ||
| 110 |                         . $xoopsUser->getVar('uid'); | ||
| 111 | } | ||
| 112 | $results = $xoopsDB->query($query); | ||
| 113 | $done = $xoopsDB->getRowsNum($results); | ||
| 114 | echo "<td class='even' align='center'>$done</td>"; | ||
| 115 | } | ||
| 116 | View Code Duplication |             if ($expire !== '0000-00-00 00:00:00') { | |
| 117 |                 if ($expire > $currenttime) { | ||
| 118 | echo "<td class='even'>" . $expire . '</td>'; | ||
| 119 |                 } else { | ||
| 120 |                     echo "<td class='even'>" . $expire . "<span style='color:#ff0000;'>(" . _MD_LT_EXPIRED . ')</span></td>'; | ||
| 121 | } | ||
| 122 |             } else { | ||
| 123 | echo "<td class='even'>" . '-------------------' . '</td>'; | ||
| 124 | } | ||
| 125 | echo '</tr>'; | ||
| 126 | } | ||
| 127 | } | ||
| 128 | echo '</table>'; | ||
| 129 | |||
| 130 | echo "<table border='0' cellspacing='1' cellpadding ='3' width ='100%'><tr>"; | ||
| 131 |     echo "<td align='right'><a href='" . _MD_CREDITSITE . "' target='_credit'/ > Version " . round($xoopsModule->getVar('version') / 100, 2) . '</a></td>'; | ||
| 132 | echo '</tr></table>'; | ||
| 133 | echo '</div>'; | ||
| 134 | echo '</div>'; | ||
| 135 | include dirname(dirname(__DIR__)) . '/footer.php'; | ||
| 136 | } | ||
| 137 | |||
| 138 | /** | ||
| 139 | * @param $secid | ||
| 140 | */ | ||
| 141 | function listarticles($secid) | ||
| 142 | { | ||
| 143 | global $xoopsConfig, $xoopsModuleConfig, $xoopsUser, $xoopsDB, $xoopsTheme, $xoopsLogger, $xoopsModule, $xoopsTpl, $isModAdmin, $xoopsUserIsAdmin; | ||
| 144 | include dirname(dirname(__DIR__)) . '/header.php'; | ||
| 145 | $myts = MyTextSanitizer::getInstance(); | ||
| 146 | $secid = (int)$secid; | ||
| 147 | include __DIR__ . '/module_prefix.php'; | ||
| 148 |     $result = $xoopsDB->query('SELECT secname, secdesc, display, expire FROM ' . $xoopsDB->prefix($module_prefix . '_sections') . " WHERE secid=$secid"); | ||
| 0 ignored issues–
                            show The variable  $module_prefixdoes not exist. Did you forget to declare it?This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.  Loading history... | |||
| 149 | list($secname, $secdesc, $display, $expire) = $xoopsDB->fetchRow($result); | ||
| 150 | $secname = $myts->displayTarea($myts->stripSlashesGPC($secname)); | ||
| 151 | $secdesc = $myts->displayTarea($myts->stripSlashesGPC($secdesc)); | ||
| 152 | $display = (int)$display; | ||
| 153 | $expire = $myts->displayTarea($myts->stripSlashesGPC($expire)); | ||
| 154 | // Trap for hidden or expired items | ||
| 155 |     if (!$display) { | ||
| 156 |         redirect_header('index.php', 2, _AM_MSG_ACCESS_ERROR); | ||
| 157 |     } elseif ($expire !== '0000-00-00 00:00:00' && $expire < formatTimestamp(time(), 'Y-m-d H:i:s')) { | ||
| 158 |         redirect_header('index.php', 2, _AM_MSG_ACCESS_ERROR); | ||
| 159 | } | ||
| 160 | include __DIR__ . '/module_prefix.php'; | ||
| 161 |     $result = $xoopsDB->query('SELECT artid, secid, title, posted, counter, display, expire FROM ' . $xoopsDB->prefix($module_prefix . '_quiz') . " WHERE secid=$secid" . ' ORDER BY title'); | ||
| 162 | echo "<div style='text-align: center;'>"; | ||
| 163 | echo "<h2 align='center'>$secname</h2>"; | ||
| 164 | echo "<h4 align='center'>" . _MD_THEFOLLOWING . '</h4>'; | ||
| 165 | echo "<div id='content'>"; | ||
| 166 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'><tr>"; | ||
| 167 | echo "<td align='left' valign='top'><b><a href=index.php>" . _MD_RETURN2INDEX . '</a> -> ' . _MD_RETURN2QUIZ . '</b></td>'; | ||
| 168 |     if ($xoopsUser) { | ||
| 169 | echo "<td align='right' valign='center'><a href='index.php?op=portfolio&secid=$secid&sort_key=timestamp'><span style='font-weight:bold;font-size:larger;'>" . _MD_LT_PORTFOLIO | ||
| 170 | . '</span></a></td>'; | ||
| 171 | $alert = ''; | ||
| 172 |     } else { | ||
| 173 | $alert = " onClick='alert(\"" . _MD_ALERTGUEST . "\")'"; | ||
| 174 | } | ||
| 175 | echo '</tr></table>'; | ||
| 176 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'>"; | ||
| 177 | echo '<tr>'; | ||
| 178 | echo '<th>' . _MD_LT_TITLE . '</th>'; | ||
| 179 | echo '<th>' . _XD_FB_FINISHED_BY . '</th>'; | ||
| 180 |     if ($isModAdmin) { | ||
| 181 | echo '<th>' . _MD_LT_SITEAVG . '</th>'; | ||
| 182 |     } elseif ($xoopsUser) { | ||
| 183 | echo '<th>' . _MD_LT_MYMAX . '</th>'; | ||
| 184 | } | ||
| 185 | echo '<th>' . _MD_LT_SITEMAX . '</th>'; | ||
| 186 | echo '<th>' . _MD_LT_EXPIRE . '</th>'; | ||
| 187 |     if ($xoopsUser) { | ||
| 188 | echo '<th colspan=3>' . _MD_LT_ACTION . '</th>'; | ||
| 189 | } | ||
| 190 | echo '</tr>'; | ||
| 191 | $currenttime = formatTimestamp(time(), 'Y-m-d H:i:s'); | ||
| 192 |     while (list($artid, $secid, $title, $posted, $counter, $display, $expire) = $xoopsDB->fetchRow($result)) { | ||
| 193 |         if ($display) { | ||
| 194 | $title = $myts->displayTarea($title); | ||
| 195 | $expire = $myts->stripSlashesGPC($expire); | ||
| 196 | echo '<tr>'; | ||
| 197 |             if ($expire !== '0000-00-00 00:00:00' && $expire < $currenttime) { | ||
| 198 | echo "<td class='even'>$title</td>"; | ||
| 199 |             } else { | ||
| 200 | echo "<td class='even'><a href='index.php?op=viewarticle&artid=$artid' target='quiz_window' $alert><b>$title</b></a></td>"; | ||
| 201 | } | ||
| 202 |             if ($xoopsUser) { | ||
| 203 |                 $uid = $xoopsUser->getVar('uid'); | ||
| 204 | include __DIR__ . '/module_prefix.php'; | ||
| 205 | $query1 = 'SELECT DISTINCT uid FROM ' . $xoopsDB->prefix($module_prefix . '_results') . " WHERE quiz_id=$artid"; | ||
| 206 | include __DIR__ . '/module_prefix.php'; | ||
| 207 | $query2 = 'SELECT score FROM ' . $xoopsDB->prefix($module_prefix . '_results') . " WHERE quiz_id=$artid AND uid=$uid"; | ||
| 208 |                 if ($isModAdmin) { | ||
| 209 | $results_exist = $xoopsDB->query($query1); | ||
| 210 | $done_by = $xoopsDB->query($query1); | ||
| 211 |                 } else { | ||
| 212 | $results_exist = $xoopsDB->query($query2); | ||
| 213 | $done_by = $xoopsDB->query($query1); | ||
| 214 | } | ||
| 215 | $results_exist = $xoopsDB->getRowsNum($results_exist); | ||
| 216 |             } else { | ||
| 217 | include __DIR__ . '/module_prefix.php'; | ||
| 218 | $query1 = 'SELECT DISTINCT uid FROM ' . $xoopsDB->prefix($module_prefix . '_results') . " WHERE quiz_id=$artid"; | ||
| 219 | $done_by = $xoopsDB->query($query1); | ||
| 220 | } | ||
| 221 | $done_by = $xoopsDB->getRowsNum($done_by); | ||
| 222 | echo "<td class='even' align='center'>$done_by</td>"; | ||
| 223 | include __DIR__ . '/module_prefix.php'; | ||
| 224 |             $site_max = $xoopsDB->query('SELECT MAX(score), AVG(score) FROM ' . $xoopsDB->prefix($module_prefix . '_results') . " WHERE quiz_id = $artid"); | ||
| 225 | list($site_max, $site_avg) = $xoopsDB->fetchRow($site_max); | ||
| 226 |             if ($isModAdmin) { | ||
| 227 | echo "<td class='even' align='center'>" . round($site_avg) . '</td>'; | ||
| 228 |             } elseif ($xoopsUser) { | ||
| 229 | include __DIR__ . '/module_prefix.php'; | ||
| 230 |                 $my_max = $xoopsDB->query('SELECT MAX(score) FROM ' . $xoopsDB->prefix($module_prefix . '_results') . " WHERE uid = $uid AND quiz_id = $artid"); | ||
| 0 ignored issues–
                            show The variable  $uiddoes not seem to be defined for all execution paths leading up to this point.If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;
        case 'bar':
            $x = 2;
            break;
    }
    // $x is potentially undefined here.
    echo $x;
}
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined. Available Fixes
  Loading history... | |||
| 231 | list($my_max) = $xoopsDB->fetchRow($my_max); | ||
| 232 | echo "<td class='even' align='center'>$my_max</td>"; | ||
| 233 | } | ||
| 234 | echo "<td class='even' align='center'>$site_max</td>"; | ||
| 235 | View Code Duplication |             if ($expire !== '0000-00-00 00:00:00') { | |
| 236 |                 if ($expire > $currenttime) { | ||
| 237 | echo "<td class='even'>" . $expire . '</td>'; | ||
| 238 |                 } else { | ||
| 239 |                     echo "<td class='even'>" . $expire . "<span style='color:#ff0000;'>(" . _MD_LT_EXPIRED . ')</span></td>'; | ||
| 240 | } | ||
| 241 |             } else { | ||
| 242 | echo "<td class='even'>" . '-------------------' . '</td>'; | ||
| 243 | } | ||
| 244 |             if ($xoopsUser) { | ||
| 245 |                 if ($results_exist) { | ||
| 0 ignored issues–
                            show The variable  $results_existdoes not seem to be defined for all execution paths leading up to this point.If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;
        case 'bar':
            $x = 2;
            break;
    }
    // $x is potentially undefined here.
    echo $x;
}
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined. Available Fixes
  Loading history... | |||
| 246 | echo "<td class='odd' align='center'><a href='index.php?op=viewresults&artid=$artid&sort_key=timestamp'>" . _MD_LT_RESULTS . '</a></td>'; | ||
| 247 |                 } else { | ||
| 248 | echo "<td class='odd' align='center'> </td>"; | ||
| 249 | } | ||
| 250 | } | ||
| 251 |             if ($isModAdmin) { | ||
| 252 | echo "<td class='odd' align='center'><a href='admin/index.php?op=secartedit&artid=$artid'>" . _MD_EDIT . '</a></td>'; | ||
| 253 | echo "<td class='odd' align='center'><a href='admin/index.php?op=secartdelete&artid=$artid'>" . _MD_DELETE . '</a></td>'; | ||
| 254 | } | ||
| 255 | echo '</tr>'; | ||
| 256 | } | ||
| 257 | } | ||
| 258 | echo '</table>'; | ||
| 259 | echo "<table border='0' cellspacing='1' cellpadding ='3' width ='100%'><tr>"; | ||
| 260 |     echo "<td align='right'><a href='" . _MD_CREDITSITE . "' target='_credit'/ > Version " . round($xoopsModule->getVar('version') / 100, 2) . '</a></td>'; | ||
| 261 | echo '</tr></table>'; | ||
| 262 | echo '</div>'; | ||
| 263 | echo '</div>'; | ||
| 264 | include dirname(dirname(__DIR__)) . '/footer.php'; | ||
| 265 | } | ||
| 266 | |||
| 267 | /** | ||
| 268 | * @param $artid | ||
| 269 | */ | ||
| 270 | function viewarticle($artid) | ||
| 271 | { | ||
| 272 | global $xoopsConfig, $xoopsModuleConfig, $xoopsUser, $xoopsDB, $xoopsTpl, $isModAdmin, $xoopsUserIsAdmin; | ||
| 273 | $myts = MyTextSanitizer::getInstance(); | ||
| 274 | $artid = (int)$artid; | ||
| 275 | include __DIR__ . '/module_prefix.php'; | ||
| 276 |     $result = $xoopsDB->query('SELECT secid, title, content, display, expire FROM ' . $xoopsDB->prefix($module_prefix . '_quiz') . " WHERE artid=$artid"); | ||
| 0 ignored issues–
                            show The variable  $module_prefixdoes not exist. Did you forget to declare it?This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.  Loading history... | |||
| 277 | list($secid, $title, $content, $display, $expire) = $xoopsDB->fetchRow($result); | ||
| 278 | $secid = (int)$secid; | ||
| 279 | $display = (int)$display; | ||
| 280 | $expire = $myts->stripSlashesGPC($expire); | ||
| 281 | $currenttime = formatTimestamp(time(), 'Y-m-d H:i:s'); | ||
| 282 |     if ($display) { | ||
| 283 | include __DIR__ . '/module_prefix.php'; | ||
| 284 |         $result2 = $xoopsDB->query('SELECT display, expire FROM ' . $xoopsDB->prefix($module_prefix . '_sections') . " WHERE secid=$secid"); | ||
| 285 | list($display2, $expire2) = $xoopsDB->fetchRow($result2); | ||
| 286 | $display2 = (int)$display2; | ||
| 287 | $expire2 = $myts->stripSlashesGPC($expire2); | ||
| 288 |         if ($display2) { | ||
| 289 |             if ($expire2 === '0000-00-00 00:00:00' || $expire2 > $currenttime) { | ||
| 290 |                 if ($expire === '0000-00-00 00:00:00' || $expire > $currenttime) { | ||
| 291 |                     setcookie('xoopsHP_file_id', $artid); | ||
| 292 | $title = $myts->displayTarea($title); | ||
| 293 | // Can't decide an appropriate sanitizer... | ||
| 294 | //$content = $myts->displayTarea($content, 1); | ||
| 295 | echo $content; | ||
| 296 |                 } else { | ||
| 297 |                     redirect_header('index.php', 2, _AM_MSG_ACCESS_ERROR); | ||
| 298 | } | ||
| 299 |             } else { | ||
| 300 |                 redirect_header('index.php', 2, _AM_MSG_ACCESS_ERROR); | ||
| 301 | } | ||
| 302 |         } else { | ||
| 303 |             redirect_header('index.php', 2, _AM_MSG_ACCESS_ERROR); | ||
| 304 | } | ||
| 305 |     } else { | ||
| 306 |         redirect_header('index.php', 2, _AM_MSG_ACCESS_ERROR); | ||
| 307 | } | ||
| 308 | } | ||
| 309 | |||
| 310 | /** | ||
| 311 | * @param $artid | ||
| 312 | * @param $sort_key | ||
| 313 | */ | ||
| 314 | function viewresults($artid, $sort_key) | ||
| 315 | { | ||
| 316 | global $xoopsConfig, $xoopsModuleConfig, $xoopsUser, $xoopsDB, $xoopsTheme, $xoopsLogger, $xoopsModule, $xoopsTpl, $isModAdmin, $xoopsUserIsAdmin; | ||
| 317 | include dirname(dirname(__DIR__)) . '/header.php'; | ||
| 318 | $myts = MyTextSanitizer::getInstance(); | ||
| 319 | |||
| 320 | //Retrieve table data by users | ||
| 321 | $artid = (int)$artid; | ||
| 322 | include __DIR__ . '/module_prefix.php'; | ||
| 323 |     $result2 = $xoopsDB->query('SELECT title, posted, secid FROM ' . $xoopsDB->prefix($module_prefix . '_quiz') . " WHERE artid=$artid"); | ||
| 0 ignored issues–
                            show The variable  $module_prefixdoes not exist. Did you forget to declare it?This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.  Loading history... | |||
| 324 | list($title, $posted, $secid) = $xoopsDB->fetchRow($result2); | ||
| 325 | $title = $myts->displayTarea($title); | ||
| 326 | $posted = $myts->displayTarea($posted); | ||
| 327 | include __DIR__ . '/module_prefix.php'; | ||
| 328 | $result_db = $xoopsDB->prefix($module_prefix . '_results'); | ||
| 329 |     $users_db  = $xoopsDB->prefix('users'); | ||
| 330 |     if ($isModAdmin) { | ||
| 331 | $query = | ||
| 332 | "SELECT $result_db.id, $result_db.quiz_id, $result_db.uid, $result_db.score, $result_db.timestamp, $result_db.comment, $users_db.uname, $users_db.name FROM $result_db, $users_db WHERE $result_db.uid = $users_db.uid AND $result_db.quiz_id = $artid ORDER BY " | ||
| 333 | . $sort_key; | ||
| 334 | View Code Duplication |     } elseif ($xoopsUser) { | |
| 335 |         $uid   = $xoopsUser->getVar('uid'); | ||
| 336 | $query = | ||
| 337 | "SELECT $result_db.id, $result_db.quiz_id, $result_db.uid, $result_db.score, $result_db.timestamp, $result_db.comment, $users_db.uname, $users_db.name FROM $result_db, $users_db WHERE $result_db.uid = $uid AND $result_db.uid = $users_db.uid AND $result_db.quiz_id = $artid ORDER BY " | ||
| 338 | . $sort_key; | ||
| 339 | } | ||
| 340 | $result = $xoopsDB->query($query); | ||
| 0 ignored issues–
                            show The variable  $querydoes not seem to be defined for all execution paths leading up to this point.If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;
        case 'bar':
            $x = 2;
            break;
    }
    // $x is potentially undefined here.
    echo $x;
}
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined. Available Fixes
  Loading history... | |||
| 341 | |||
| 342 | echo "<div style='text-align: center;'>"; | ||
| 343 | echo "<h2 align='center'>" . _MD_LT_RESULTS . ": <a href='index.php?op=viewarticle&artid=$artid' target='quiz_window'><span style='font-weight:bold;font-size:larger;'>$title</span></a></h2>"; | ||
| 344 | echo "<div id='content'>"; | ||
| 345 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'><tr>"; | ||
| 346 | echo "<td align='left' valign='top'><b><a href=index.php>" . _MD_RETURN2INDEX . "</a> -> <a href='index.php?op=listarticles&secid=$secid'>" . _MD_RETURN2QUIZ . '</a> -> ' . _MD_RESULTLIST | ||
| 347 |          . ' (' . _MD_RESULT_SIMPLE . ') </b></td>'; | ||
| 348 | echo "<td align='right' valign='center'><a href='index.php?op=viewdetails&artid=$artid&sort_key=end_time'><span style='font-weight:bold;font-size:larger;'>" . _MD_RESULT_DETAIL | ||
| 349 | . '</span></a></td>'; | ||
| 350 | echo '</tr></table>'; | ||
| 351 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'>"; | ||
| 352 | echo '<tr>'; | ||
| 353 | echo "<th><a href='index.php?op=viewresults&artid=$artid&sort_key=uname'>" . _MD_LT_STUDENT . '</a></th>'; | ||
| 354 | echo "<th><a href='index.php?op=viewresults&artid=$artid&sort_key=score'>" . _MD_LT_SCORE . '</a></th>'; | ||
| 355 | echo "<th><a href='index.php?op=viewresults&artid=$artid&sort_key=timestamp'>" . _MD_LT_DATE . '</a></th>'; | ||
| 356 |     if ($isModAdmin) { | ||
| 357 | echo "<th colspan=2 align='center'>" . _MD_LT_ACTION . '</th>'; | ||
| 358 | } | ||
| 359 | echo '</tr>'; | ||
| 360 |     while (list($res_id, $quiz_id, $uid, $score, $timestamp, $comment, $uname, $name) = $xoopsDB->fetchRow($result)) { | ||
| 361 | echo '<tr>'; | ||
| 362 | View Code Duplication |         if ($xoopsUser) { | |
| 363 | echo "<td class='even'>" . $uname; | ||
| 364 |             if (!empty($name)) { | ||
| 365 |                 echo ' (' . $name . ')'; | ||
| 366 | } | ||
| 367 | echo '</td>'; | ||
| 368 | } | ||
| 369 | echo "<td class='even' align='center'>$score</td>"; | ||
| 370 | echo "<td class='even' align='center'>$timestamp</td>"; | ||
| 371 |         if ($isModAdmin) { | ||
| 372 | echo "<td class='odd' align='center'><a href='admin/index.php?op=resultdelete&res_id=$res_id'>" . _MD_DELETE . '</a></td>'; | ||
| 373 | } | ||
| 374 | echo '</tr>'; | ||
| 375 | } | ||
| 376 | echo '</table>'; | ||
| 377 | |||
| 378 | echo "<table border='0' cellspacing='1' cellpadding ='3' width ='100%'><tr>"; | ||
| 379 |     echo "<td align='right'><a href='" . _MD_CREDITSITE . "' target='_credit'/ > Version " . round($xoopsModule->getVar('version') / 100, 2) . '</a></td>'; | ||
| 380 | echo '</tr></table>'; | ||
| 381 | echo '</div>'; | ||
| 382 | echo '</div>'; | ||
| 383 | include dirname(dirname(__DIR__)) . '/footer.php'; | ||
| 384 | } | ||
| 385 | |||
| 386 | /** | ||
| 387 | * @param $artid | ||
| 388 | * @param $sort_key | ||
| 389 | */ | ||
| 390 | function viewdetails($artid, $sort_key) | ||
| 391 | { | ||
| 392 | global $xoopsConfig, $xoopsModuleConfig, $xoopsUser, $xoopsDB, $xoopsTheme, $xoopsLogger, $xoopsModule, $xoopsTpl, $isModAdmin, $xoopsUserIsAdmin; | ||
| 393 | include dirname(dirname(__DIR__)) . '/header.php'; | ||
| 394 | $myts = MyTextSanitizer::getInstance(); | ||
| 395 | $artid = (int)$artid; | ||
| 396 | $sort_key = $myts->addSlashes($sort_key); | ||
| 397 | //Retrieve table data by users | ||
| 398 | include __DIR__ . '/module_prefix.php'; | ||
| 399 |     $result2 = $xoopsDB->query('SELECT title, posted, secid FROM ' . $xoopsDB->prefix($module_prefix . '_quiz') . " WHERE artid=$artid"); | ||
| 0 ignored issues–
                            show The variable  $module_prefixdoes not exist. Did you forget to declare it?This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.  Loading history... | |||
| 400 | list($title, $posted, $secid) = $xoopsDB->fetchRow($result2); | ||
| 401 | $title = $myts->displayTarea($title); | ||
| 402 | $posted = $myts->displayTarea($posted); | ||
| 403 |     $uid    = $xoopsUser ? $xoopsUser->getVar('uid') : 0; | ||
| 404 | include __DIR__ . '/module_prefix.php'; | ||
| 405 | $result_db = $xoopsDB->prefix($module_prefix . '_results'); | ||
| 406 |     $users_db  = $xoopsDB->prefix('users'); | ||
| 407 |     if ($isModAdmin) { | ||
| 408 | $query = | ||
| 409 | "SELECT $result_db.id, $result_db.quiz_id, $result_db.uid, $result_db.score, $result_db.start_time, $result_db.end_time, $result_db.timestamp, $result_db.host, $result_db.ip, $result_db.comment, $users_db.uname, $users_db.name FROM $result_db, $users_db WHERE $result_db.uid = $users_db.uid AND $result_db.quiz_id = $artid ORDER BY " | ||
| 410 | . $sort_key; | ||
| 411 | View Code Duplication |     } elseif ($xoopsUser) { | |
| 412 | $query = | ||
| 413 | "SELECT $result_db.id, $result_db.quiz_id, $result_db.uid, $result_db.score, $result_db.start_time, $result_db.end_time, $result_db.timestamp, $result_db.host, $result_db.ip, $result_db.comment, $users_db.uname, $users_db.name FROM $result_db, $users_db WHERE $result_db.uid = $uid AND $result_db.uid = $users_db.uid AND $result_db.quiz_id = $artid ORDER BY " | ||
| 414 | . $sort_key; | ||
| 415 | } | ||
| 416 | $result = $xoopsDB->query($query); | ||
| 0 ignored issues–
                            show The variable  $querydoes not seem to be defined for all execution paths leading up to this point.If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;
        case 'bar':
            $x = 2;
            break;
    }
    // $x is potentially undefined here.
    echo $x;
}
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined. Available Fixes
  Loading history... | |||
| 417 | |||
| 418 | echo "<div style='text-align: center;'>"; | ||
| 419 | echo "<h2 align='center'>" . _MD_RESULT_DETAIL . ": <a href='index.php?op=viewarticle&artid=$artid' target='quiz_window'><span style='font-weight:bold;font-size:larger;'>" . $title | ||
| 420 | . '</span></a></h2>'; | ||
| 421 | echo "<div id='content'>"; | ||
| 422 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'><tr>"; | ||
| 423 | echo "<td align='left' valign='top'><b><a href=index.php>" . _MD_RETURN2INDEX . "</a> -> <a href='index.php?op=listarticles&secid=$secid'>" . _MD_RETURN2QUIZ . '</a> -> ' . _MD_RESULTLIST | ||
| 424 |          . ' (' . _MD_RESULT_DETAIL . ') </b></td>'; | ||
| 425 |     if ($xoopsUser) { | ||
| 426 | echo "<td align='right' valign='center'><a href='index.php?op=viewresults&artid=$artid&sort_key=timestamp'><span style='font-weight:bold;font-size:larger;'>" . _MD_RESULT_SIMPLE | ||
| 427 | . '</span></a></td>'; | ||
| 428 | } | ||
| 429 | echo '</tr></table>'; | ||
| 430 | |||
| 431 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'>"; | ||
| 432 | echo '<tr>'; | ||
| 433 | echo "<th><a href='index.php?op=viewdetails&artid=$artid&sort_key=uname'>" . _MD_LT_STUDENT . '</a></th>'; | ||
| 434 | echo "<th><a href='index.php?op=viewdetails&artid=$artid&sort_key=score'>" . _MD_LT_SCORE . '</th>'; | ||
| 435 | echo "<th><a href='index.php?op=viewdetails&artid=$artid&sort_key=start_time'>" . _XD_FB_START . '</a></th>'; | ||
| 436 | echo "<th><a href='index.php?op=viewdetails&artid=$artid&sort_key=end_time'>" . _XD_FB_END . '</a></th>'; | ||
| 437 | echo "<th><a href='index.php?op=viewdetails&artid=$artid&sort_key=host'>" . _XD_FB_HOST . '</a></th>'; | ||
| 438 | echo "<th><a href='index.php?op=viewdetails&artid=$artid&sort_key=ip'>" . _XD_FB_IP . '</a></th>'; | ||
| 439 |     if ($isModAdmin) { | ||
| 440 | echo '<th>' . _MD_LT_ACTION . '</th>'; | ||
| 441 | } | ||
| 442 | echo '</tr>'; | ||
| 443 |     while (list($res_id, $quiz_id, $uid, $score, $start_time, $end_time, $timestamp, $host, $ip, $comment, $uname, $name) = $xoopsDB->fetchRow($result)) { | ||
| 444 | echo '<tr>'; | ||
| 445 | View Code Duplication |         if ($xoopsUser) { | |
| 446 | echo "<td nowrap class='even'>" . $uname; | ||
| 447 |             if (!empty($name)) { | ||
| 448 |                 echo ' (' . $name . ')'; | ||
| 449 | } | ||
| 450 | echo '</td>'; | ||
| 451 | } | ||
| 452 | echo "<td class='even' align='center'>$score</td>"; | ||
| 453 | echo "<td class='even' align='center'>$start_time</td>"; | ||
| 454 | echo "<td class='even' align='center'>$end_time</td>"; | ||
| 455 | echo "<td class='even' align='center'>$host</td>"; | ||
| 456 | echo "<td class='even' align='center'>$ip</td>"; | ||
| 457 |         if ($isModAdmin) { | ||
| 458 | echo "<td class='odd' align='center' nowrap><a href='admin/index.php?op=resultdelete&res_id=$res_id'>" . _MD_DELETE . '</td>'; | ||
| 459 | } | ||
| 460 | echo '</tr>'; | ||
| 461 | } | ||
| 462 | |||
| 463 | echo '</table>'; | ||
| 464 | |||
| 465 | echo "<table border='0' cellspacing='1' cellpadding ='3' width ='100%'><tr>"; | ||
| 466 |     echo "<td align='right'><a href='" . _MD_CREDITSITE . "' target='_credit'/ > Version " . round($xoopsModule->getVar('version') / 100, 2) . '</a></td>'; | ||
| 467 | echo '</tr></table>'; | ||
| 468 | echo '</div>'; | ||
| 469 | echo '</div>'; | ||
| 470 | include dirname(dirname(__DIR__)) . '/footer.php'; | ||
| 471 | } | ||
| 472 | |||
| 473 | /** | ||
| 474 | * @param $sort_key | ||
| 475 | * @param $secid | ||
| 476 | */ | ||
| 477 | function portfolio($sort_key, $secid) | ||
| 478 | { | ||
| 479 | global $xoopsConfig, $xoopsModuleConfig, $xoopsUser, $xoopsDB, $xoopsTheme, $xoopsLogger, $xoopsModule, $xoopsTpl, $isModAdmin, $xoopsUserIsAdmin; | ||
| 480 | include dirname(dirname(__DIR__)) . '/header.php'; | ||
| 481 | $myts = MyTextSanitizer::getInstance(); | ||
| 482 | $secid = (int)$secid; | ||
| 483 | $sort_key = $myts->addSlashes($sort_key); | ||
| 484 | include __DIR__ . '/module_prefix.php'; | ||
| 485 | $result_db = $xoopsDB->prefix($module_prefix . '_results'); | ||
| 0 ignored issues–
                            show The variable  $module_prefixdoes not exist. Did you forget to declare it?This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.  Loading history... | |||
| 486 | include __DIR__ . '/module_prefix.php'; | ||
| 487 | $quiz_db = $xoopsDB->prefix($module_prefix . '_quiz'); | ||
| 488 |     $users_db = $xoopsDB->prefix('users'); | ||
| 489 |     if ($secid == 0) { | ||
| 490 | $section_query = ''; | ||
| 491 |     } else { | ||
| 492 | $section_query = "AND $quiz_db.secid = $secid "; | ||
| 493 | } | ||
| 494 |     if ($isModAdmin) { | ||
| 495 | $query = | ||
| 496 | "SELECT $result_db.id, $result_db.quiz_id, $result_db.uid, $result_db.score, $result_db.start_time, $result_db.end_time, $result_db.timestamp, $result_db.host, $result_db.ip, $result_db.comment, $quiz_db.artid, $quiz_db.secid, $quiz_db.title, $users_db.uid, $users_db.uname, $users_db.name FROM $result_db, $quiz_db, $users_db WHERE $quiz_db.artid = $result_db.quiz_id AND $result_db.uid = $users_db.uid " | ||
| 497 | . $section_query . ' ORDER BY ' . $sort_key; | ||
| 498 | $user_name = ''; | ||
| 499 |     } elseif ($xoopsUser) { | ||
| 500 |         $user_id   = $xoopsUser->getVar('uid'); | ||
| 501 |         $user_name = ' (' . $xoopsUser->getVar('uname') . ')'; | ||
| 502 | $query = | ||
| 503 | "SELECT $result_db.id, $result_db.quiz_id, $result_db.uid, $result_db.score, $result_db.start_time, $result_db.end_time, $result_db.timestamp, $result_db.host, $result_db.ip, $result_db.comment, $quiz_db.artid, $quiz_db.secid, $quiz_db.title, $users_db.uid, $users_db.uname, $users_db.name FROM $result_db, $quiz_db, $users_db WHERE $quiz_db.artid = $result_db.quiz_id AND $result_db.uid = $users_db.uid AND $result_db.uid=$user_id " | ||
| 504 | . $section_query . ' ORDER BY ' . $sort_key; | ||
| 505 |     } else { | ||
| 506 | $user_name = ''; | ||
| 507 | } | ||
| 508 | $result = $xoopsDB->query($query); | ||
| 0 ignored issues–
                            show The variable  $querydoes not seem to be defined for all execution paths leading up to this point.If you define a variable conditionally, it can happen that it is not defined for all execution paths. Let’s take a look at an example: function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;
        case 'bar':
            $x = 2;
            break;
    }
    // $x is potentially undefined here.
    echo $x;
}
In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined. Available Fixes
  Loading history... | |||
| 509 | |||
| 510 | echo "<div style='text-align: center;'>"; | ||
| 511 | echo "<h2 align='center'>" . _MD_LT_PORTFOLIO . $user_name . '</h2>'; | ||
| 512 | echo "<div id='content'>"; | ||
| 513 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'>"; | ||
| 514 | echo "<form action='index.php?' method='get'><tr>"; | ||
| 515 | echo "<td align='left' valign='top'><b><a href=index.php>" . _MD_RETURN2INDEX . '</a> -> ' . _MD_LT_PORTFOLIO . '</td>'; | ||
| 516 | echo "<td align='right' valign='center'>" . _MD_SECNAMEC . "<input type='hidden' name='op' value='portfolio'>" . "<input type='hidden' name='sort_key' value='timestamp'>" | ||
| 517 | . "<select name='secid'>"; | ||
| 518 | |||
| 519 |     if ($secid == 0) { | ||
| 520 | echo "<option value='0' selected>" . _MD_ALL . '</option>'; | ||
| 521 |     } else { | ||
| 522 | echo "<option value='0'>" . _MD_ALL . '</option>'; | ||
| 523 | } | ||
| 524 | include __DIR__ . '/module_prefix.php'; | ||
| 525 |     $courses = $xoopsDB->query('SELECT secid, secname FROM ' . $xoopsDB->prefix($module_prefix . '_sections') . ' ORDER BY secname'); | ||
| 526 |     while (list($secid2list, $secname) = $xoopsDB->fetchRow($courses)) { | ||
| 527 | $secname = $myts->displayTarea($secname); | ||
| 528 |         if ($secid2list == $secid) { | ||
| 529 | echo "<option value='$secid2list' selected>$secname</option>"; | ||
| 530 |         } else { | ||
| 531 | echo "<option value='$secid2list'>$secname</option>"; | ||
| 532 | } | ||
| 533 | } | ||
| 534 | |||
| 535 | echo "</select><input type='submit' value='" . _MD_GO . "'></td>"; | ||
| 536 | echo '</tr></form></table>'; | ||
| 537 | echo "<table border='0' cellspacing='1' cellpadding ='3' class='outer' width ='100%'>"; | ||
| 538 | echo '<tr>'; | ||
| 539 |     if ($isModAdmin) { | ||
| 540 | echo "<th><a href='index.php?op=portfolio&sort_key=uname'>" . _MD_LT_STUDENT . '</a></th>'; | ||
| 541 | } | ||
| 542 | echo "<th><a href='index.php?op=portfolio&sort_key=title'>" . _MD_LT_TITLE2 . '</a></th>'; | ||
| 543 | echo "<th><a href='index.php?op=portfolio&sort_key=score'>" . _MD_LT_SCORE . '</a></th>'; | ||
| 544 | echo "<th><a href='index.php?op=portfolio&sort_key=timestamp'>" . _MD_LT_DATE . '</a></th>'; | ||
| 545 |     if ($isModAdmin) { | ||
| 546 | echo "<th colspan=2 align='center'>" . _MD_LT_ACTION . '</th>'; | ||
| 547 | } | ||
| 548 | echo '</tr>'; | ||
| 549 |     while (list($res_id, $quiz_id, $uid, $score, $start_time, $end_time, $timestamp, $host, $ip, $comment, $artid, $secid, $title, $uid2, $uname, $name) = $xoopsDB->fetchRow($result)) { | ||
| 550 | echo '<tr>'; | ||
| 551 |         if ($isModAdmin) { | ||
| 552 | echo "<td class='even'>" . $uname; | ||
| 553 |             if (!empty($name)) { | ||
| 554 |                 echo ' (' . $name . ')'; | ||
| 555 | } | ||
| 556 | echo '</td>'; | ||
| 557 | } | ||
| 558 | echo "<td class='even'><a href='index.php?op=viewarticle&artid=$artid' target='quiz_window'>$title</a></td>"; | ||
| 559 | echo "<td class='even' align='center'>$score</td>"; | ||
| 560 | echo "<td class='even' align='center'>$timestamp</td>"; | ||
| 561 |         if ($isModAdmin) { | ||
| 562 | echo "<td class='odd' align='center'><a href='admin/index.php?op=resultdelete&res_id=$res_id'>" . _MD_DELETE . '</a></td>'; | ||
| 563 | } | ||
| 564 | echo '</tr>'; | ||
| 565 | } | ||
| 566 | echo '</table>'; | ||
| 567 | |||
| 568 | echo "<table border='0' cellspacing='1' cellpadding ='3' width ='100%'><tr>"; | ||
| 569 |     echo "<td align='right'><a href='" . _MD_CREDITSITE . "' target='_credit'/ > Version " . round($xoopsModule->getVar('version') / 100, 2) . '</a></td>'; | ||
| 570 | echo '</tr></table>'; | ||
| 571 | echo '</div>'; | ||
| 572 | echo '</div>'; | ||
| 573 | include dirname(dirname(__DIR__)) . '/footer.php'; | ||
| 574 | } | ||
| 575 | |||
| 576 | $op       = XoopsRequest::getString('op', '', 'GET'); | ||
| 577 | $secid    = XoopsRequest::getInt('secid', 0, 'GET'); | ||
| 578 | $page     = XoopsRequest::getInt('page', 0, 'GET'); | ||
| 579 | $artid    = XoopsRequest::getInt('artid', 0, 'GET'); | ||
| 580 | $uid      = XoopsRequest::getInt('uid', 0, 'GET'); | ||
| 581 | $sort_key = XoopsRequest::getString('sort_key', 'uname', 'GET'); | ||
| 582 | |||
| 583 | switch ($op) { | ||
| 584 | case 'viewarticle': | ||
| 585 | viewarticle($artid); | ||
| 586 | break; | ||
| 587 | case 'listarticles': | ||
| 588 | listarticles($secid); | ||
| 589 | break; | ||
| 590 | case 'viewresults': | ||
| 591 | viewresults($artid, $sort_key); | ||
| 592 | break; | ||
| 593 | case 'viewdetails': | ||
| 594 | viewdetails($artid, $sort_key); | ||
| 595 | break; | ||
| 596 | case 'portfolio': | ||
| 597 | portfolio($sort_key, $secid); | ||
| 598 | break; | ||
| 599 | default: | ||
| 600 | listsections(); | ||
| 601 | break; | ||
| 602 | } | ||
| 603 | 
 
                                
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.