Issues in modify_ads.php - New Issues - Inspection of "2.2 Beta 3" - mambax7/adslight - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( 923121...f83415 )

by Michael

created 2016-09-28 07:08 UTC

admin/modify_ads.php (3 issues)

Labels

Severity

Minor 3

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/*
-------------------------------------------------------------------------
                     ADSLIGHT 2 : Module for Xoops

        Redesigned and ameliorate By Luc Bizet user at www.frxoops.org
        Started with the Classifieds module and made MANY changes
        Website : http://www.luc-bizet.fr
        Contact : [email protected]
-------------------------------------------------------------------------
             Original credits below Version History
##########################################################################
#                    Classified Module for Xoops                         #
#  By John Mordo user jlm69 at www.xoops.org and www.jlmzone.com         #
#      Started with the MyAds module and made MANY changes               #
##########################################################################
 Original Author: Pascal Le Boustouller
 Author Website : [email protected]
 Licence Type   : GPL
-------------------------------------------------------------------------
*/

include_once __DIR__ . '/admin_header.php';

$op = XoopsRequest::getCmd('op', 'liste');

/**
 * Main Ad Display
 *
 * @return void
 */
function index()
/**
 * @ignore
 */
function getUser() {

}

function getUser($id, $realm) {

}
{
    global $xoopsDB, $xoopsConfig, $xoopsModule, $xoopsModuleConfig, $myts, $desctext, $moduleDirName, $admin_lang;
function myFunction($a, $b) {
    // Do something
}

    $mytree = new ClassifiedsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');

    include_once __DIR__ . '/header.php';
    xoops_cp_header();
    //    loadModuleAdminMenu(0, "");

    // photo dir setting checker
    $photo_dir         = $xoopsModuleConfig['adslight_path_upload'];
    $photo_thumb_dir   = $xoopsModuleConfig['adslight_path_upload'] . '/thumbs';
    $photo_resized_dir = $xoopsModuleConfig['adslight_path_upload'] . '/midsize';
    if (!is_dir($photo_dir)) {
        mkdir($photo_dir);
    }
    if (!is_dir($photo_thumb_dir)) {
        mkdir($photo_thumb_dir);
    }
    if (!is_dir($photo_resized_dir)) {
        mkdir($photo_resized_dir);
    }
    if (!is_writable($photo_dir) || !is_readable($photo_dir)) {
        echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_CHECKER . '</legend><br>';
        echo "<font color='#FF0000'><b>" . _AM_ADSLIGHT_DIRPERMS . '' . $photo_dir . "</b></font><br><br>\n";
        echo '</fieldset><br>';
    }

    if (!is_writable($photo_thumb_dir) || !is_readable($photo_thumb_dir)) {
        echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_CHECKER . '</legend><br>';
        echo "<font color='#FF0000'><b>" . _AM_ADSLIGHT_DIRPERMS . '' . $photo_thumb_dir . "</b></font><br><br>\n";
        echo '</fieldset><br>';
    }

    if (!is_writable($photo_resized_dir) || !is_readable($photo_resized_dir)) {
        echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_CHECKER . '</legend><br>';
        echo "<font color='#FF0000'><b>" . _AM_ADSLIGHT_DIRPERMS . '' . $photo_resized_dir . "</b></font><br><br>\n";
        echo '</fieldset><br>';
    }

    $result  = $xoopsDB->query('SELECT lid, cid, title, status, expire, type, desctext, tel, price, typeprice, typeusure, date, email, submitter, town, country, contactby, premium, photo, usid FROM '
                               . $xoopsDB->prefix('adslight_listing')
                               . " WHERE valid='no' ORDER BY lid");
    $numrows = $xoopsDB->getRowsNum($result);
    if ($numrows > 0) {

        ///////// Il y a [..] Annonces en attente d'être approuvées //////
        echo "<table class='outer' border=0 cellspacing=5 cellpadding=0><tr><td width=40>";
        echo "<img src='../assets/images/admin/error_button.png' border=0 /></td><td>";
        echo "<font color=\"#00B4C4\"><b>" . _AM_ADSLIGHT_THEREIS . "</b></font> <b>$numrows</b> <font color=\"#00B4C4\">" . _AM_ADSLIGHT_WAIT . '</b></font>';
        echo '</td></tr></table><br>';
    } else {
        echo "<table class='outer' width='50%' border='0'><tr><td width=40>";
        echo "<img src='../assets/images/admin/search_button_green_32.png' border=0 alt=\"._AM_ADSLIGHT_RELEASEOK.\" /></td><td>";
        echo "<font color='#00B4C4'><b>" . _AM_ADSLIGHT_NOANNVAL . '</b></font>';
        echo '</td></tr></table><br>';
    }

    // Modify Annonces
    list($numrows) = $xoopsDB->fetchRow($xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('adslight_listing') . ''));
    if ($numrows > 0) {
        echo "<table width='100%' border='0' class='outer'><tr class='bg4'><td valign='top'>";
        echo "<form method=\"post\" action=\"modify_ads.php\">"
             . '<b>'
             . _AM_ADSLIGHT_MODANN
             . '</b><br><br>'
             . ''
             . _AM_ADSLIGHT_NUMANN
             . " <input type=\"text\" name=\"lid\" size=\"12\" maxlength=\"11\">&nbsp;&nbsp;"
             . "<input type=\"hidden\" name=\"op\" value=\"ModifyAds\">"
             . "<input type=\"submit\" value=\""
             . _AM_ADSLIGHT_MODIF
             . "\">"
             . '</form><br>';
        echo '</td></tr></table><br>';
    }

    echo "<table width='100%' border='0' cellspacing='1' cellpadding='8' style='border: 2px solid #DFE0E0;'><tr class='bg4'><td valign='top'>";
    echo "<a href=\"map.php\">" . _AM_ADSLIGHT_GESTCAT . "</a> | <a href=\"../index.php\">" . _AM_ADSLIGHT_ACCESMYANN . '</a>';
    echo '</td></tr></table><br>';

    xoops_cp_footer();
}

#  function ModifyAds
#####################################################
/**
 * @param $lid
 */
function ModifyAds($lid)
{
    global $xoopsDB, $xoopsModule, $xoopsConfig, $xoopsModuleConfig, $myts, $desctext, $moduleDirName, $admin_lang;

    $mytree = new ClassifiedsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');

    include_once __DIR__ . '/header.php';
    xoops_cp_header();
    //    loadModuleAdminMenu(0, "");
    $id_price  = '';
    $nom_price = '';
    $lid       = (int)$lid;

    echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_MODANN . '</legend>';

    $result = $xoopsDB->query('SELECT lid, cid, title, status, expire, type, desctext, tel, price, typeprice, typeusure, date, email, submitter, town, country, contactby, premium, valid, photo FROM '
                              . $xoopsDB->prefix('adslight_listing')
                              . " WHERE lid=$lid");

    while (list($lid, $cid, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid, $photo) = $xoopsDB->fetchRow($result)) {
        $title     = $myts->htmlSpecialChars($title);
        $status    = $myts->htmlSpecialChars($status);
        $expire    = $myts->htmlSpecialChars($expire);
        $type      = $myts->htmlSpecialChars($type);
        $desctext  = $myts->displayTarea($desctext, 1, 1, 1);
        $tel       = $myts->htmlSpecialChars($tel);
        $price     = number_format($price, 2, ',', ' ');
        $typeprice = $myts->htmlSpecialChars($typeprice);
        $typeusure = $myts->htmlSpecialChars($typeusure);
        $submitter = $myts->htmlSpecialChars($submitter);
        $town      = $myts->htmlSpecialChars($town);
        $country   = $myts->htmlSpecialChars($country);
        $contactby = $myts->htmlSpecialChars($contactby);
        $premium   = $myts->htmlSpecialChars($premium);

        $date2 = formatTimestamp($date, 's');

        echo "<form action=\"modify_ads.php\" method=post>
            <table border=0><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_NUMANN . " </td><td>$lid &nbsp;" . _AM_ADSLIGHT_ADDED_ON . "&nbsp; $date2</td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_SENDBY . " </td><td>$submitter</td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_EMAIL . " </td><td><input type=\"text\" name=\"email\" size=\"40\" value=\"$email\"></td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_TEL . " </td><td><input type=\"text\" name=\"tel\" size=\"50\" value=\"$tel\"></td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_TOWN . " </td><td><input type=\"text\" name=\"town\" size=\"40\" value=\"$town\"></td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_COUNTRY . " </td><td><input type=\"text\" name=\"country\" size=\"40\" value=\"$country\"></td>
            </tr></tr><tr class='head' border='1'>";

        if ($contactby == 1) {
            $contactselect = _AM_ADSLIGHT_CONTACT_BY_EMAIL;
        }
        if ($contactby == 2) {
            $contactselect = _AM_ADSLIGHT_CONTACT_BY_PM;
        }
        if ($contactby == 3) {
            $contactselect = _AM_ADSLIGHT_CONTACT_BY_BOTH;
        }
        if ($contactby == 4) {
            $contactselect = _AM_ADSLIGHT_CONTACT_BY_PHONE;
        }

        echo " <td class='head'>" . _AM_ADSLIGHT_CONTACTBY . " </td><td class='head'><select name=\"contactby\">
    <option value=\"" . $contactby . "\">" . $contactselect . "</option>
    <option value=\"1\">" . _AM_ADSLIGHT_CONTACT_BY_EMAIL . "</option>
    <option value=\"2\">" . _AM_ADSLIGHT_CONTACT_BY_PM . "</option>
    <option value=\"3\">" . _AM_ADSLIGHT_CONTACT_BY_BOTH . "</option>
    <option value=\"4\">" . _AM_ADSLIGHT_CONTACT_BY_PHONE . '</option></select></td></tr>';

        echo "<tr><td class='head'>" . _AM_ADSLIGHT_STATUS . "</td><td class='head'><input type=\"radio\" name=\"status\" value=\"0\"";
        if ($status == '0') {
            echo 'checked';
        }
        echo '>' . _AM_ADSLIGHT_ACTIVE . "&nbsp;&nbsp; <input type=\"radio\" name=\"status\" value=\"1\"";
        if ($status == '1') {
            echo 'checked';
        }
        echo '>' . _AM_ADSLIGHT_INACTIVE . "&nbsp;&nbsp; <input type=\"radio\" name=\"status\" value=\"2\"";
        if ($status == '2') {
            echo 'checked';
        }
        echo '>' . _AM_ADSLIGHT_SOLD . '</td></tr>';

        echo "<tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_TITLE2 . " </td><td><input type=\"text\" name=\"title\" size=\"40\" value=\"$title\"></td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_PREMIUM . " </td><td><input type=\"text\" name=\"premium\" size=\"3\" value=\"$premium\"></td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_EXPIRE . " </td><td><input type=\"text\" name=\"expire\" size=\"40\" value=\"$expire\"></td>
            </tr>";
        ////// Type d'annonce
        echo "<tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_TYPE . " </td><td><select name=\"type\">";

        $result5 = $xoopsDB->query('SELECT nom_type, id_type FROM ' . $xoopsDB->prefix('adslight_type') . ' ORDER BY nom_type');
        while (list($nom_type, $id_type) = $xoopsDB->fetchRow($result5)) {
            $sel = '';
            if ($id_type == $type) {
                $sel = 'selected';
            }
            echo "<option value=\"{$id_type}\"{$sel}>{$nom_type}</option>";
        }
        echo '</select></td></tr>';

        ////// Etat d'usure
        echo "<tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_TYPE_USURE . " </td><td><select name=\"typeusure\">";

        $result6 = $xoopsDB->query('SELECT nom_usure, id_usure FROM ' . $xoopsDB->prefix('adslight_usure') . ' ORDER BY nom_usure');
        while (list($nom_usure, $id_usure) = $xoopsDB->fetchRow($result6)) {
            $sel = '';
            if ($id_usure == $typeusure) {
                $sel = 'selected';
            }
            echo "<option value=\"{$id_usure}\"{$sel}>{$nom_usure}</option>";
        }
        echo '</select></td></tr>';

        /////// Price
        echo "<tr class='head' border='1'><td>" . _AM_ADSLIGHT_PRICE2 . " </td><td><input type=\"text\" name=\"price\" size=\"20\" value=\"$price\"> " . $xoopsModuleConfig['adslight_money'] . '';

        //////// Price type

        $resultx = $xoopsDB->query('SELECT nom_price, id_price FROM ' . $xoopsDB->prefix('adslight_price') . ' ORDER BY nom_price');

        echo " <select name=\"typeprice\"><option value=\"$id_price\">$nom_price</option>";
        while (list($nom_price, $id_price) = $xoopsDB->fetchRow($resultx)) {
            $sel = '';
            if ($id_price == $typeprice) {
                $sel = 'selected';
            }
            echo "<option value=\"{$id_price}\"{$sel}>{$nom_price}</option>";
        }
        echo '</select></td>';

        /////// Category

        echo "<tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_CAT2 . ' </td><td>';
        $mytree->makeMySelBox('title', 'title', $cid);
        echo "</td>
            </tr><tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_DESC . ' </td><td>';

        $wysiwyg_text_area = adslight_adminEditor('', 'desctext', $desctext, '100%', '200px', 'small');
        echo $wysiwyg_text_area->render();

        echo '</td></tr>';

        echo "<tr class='head' border='1'>
            <td>" . _AM_ADSLIGHT_PHOTO1 . " </td><td><input type=\"text\" name=\"photo\" size=\"50\" value=\"$photo\"></td>
            </tr><tr>";
        $time = time();
        echo "</tr><tr class='head' border='1'>
            <td>&nbsp;</td><td><select name=\"op\">
            <option value=\"ModifyAdsS\"> " . _AM_ADSLIGHT_MODIF . "
            <option value=\"ListingDel\"> " . _AM_ADSLIGHT_DEL . "
            </select><input type=\"submit\" value=\"" . _AM_ADSLIGHT_GO . "\"></td>
            </tr></table>";
        echo "<input type=\"hidden\" name=\"valid\" value=\"Yes\">";
        echo "<input type=\"hidden\" name=\"lid\" value=\"$lid\">";
        echo "<input type=\"hidden\" name=\"date\" value=\"$time\">";
        echo "<input type=\"hidden\" name=\"submitter\" value=\"$submitter\">
        </form><br>";
        echo '</fieldset><br>';
        xoops_cp_footer();
    }
}

#  function ModifyAdsS
#####################################################

/**
 * @param $lid
 * @param $cat
 * @param $title
 * @param $status
 * @param $expire
 * @param $type
 * @param $desctext
 * @param $tel
 * @param $price
 * @param $typeprice
 * @param $typeusure
 * @param $date
 * @param $email
 * @param $submitter
 * @param $town
 * @param $country
 * @param $contactby
 * @param $premium
 * @param $valid
 * @param $photo
 */
function ModifyAdsS(
    $lid,
    $cat,
    $title,
    $status,
    $expire,
    $type,
    $desctext,
    $tel,
    $price,
    $typeprice,
    $typeusure,
    $date,
    $email,
    $submitter,
    $town,
    $country,
    $contactby,
    $premium,
    $valid,
    $photo
) {
    global $xoopsDB, $xoopsConfig, $myts, $moduleDirName, $admin_lang;

    $lid   = (int)$lid;
    $cat   = (int)$cat;
    $title = $myts->htmlSpecialChars($title);
    //    $status    = $myts->htmlSpecialChars($status);

    $status    = (int)$status;
    $expire    = $myts->htmlSpecialChars($expire);
    $type      = $myts->htmlSpecialChars($type);
    $desctext  = $myts->displayTarea($desctext, 1, 1, 1);
    $tel       = $myts->htmlSpecialChars($tel);
    $price     = str_replace(array(' '), '', $price);
    $typeprice = $myts->htmlSpecialChars($typeprice);
    $typeusure = $myts->htmlSpecialChars($typeusure);
    $submitter = $myts->htmlSpecialChars($submitter);
    $town      = $myts->htmlSpecialChars($town);
    $country   = $myts->htmlSpecialChars($country);
    $contactby = $myts->htmlSpecialChars($contactby);
    $premium   = $myts->htmlSpecialChars($premium);

    $xoopsDB->query('UPDATE '
                    . $xoopsDB->prefix('adslight_listing')
                    . " SET cid='$cat', title='$title', status='$status', expire='$expire', type='$type', desctext='$desctext', tel='$tel', price='$price', typeprice='$typeprice', typeusure='$typeusure', date='$date', email='$email', submitter='$submitter', town='$town', country='$country', contactby='$contactby', premium='$premium', valid='$valid', photo='$photo' WHERE lid=$lid");

    redirect_header('modify_ads.php', 1, _AM_ADSLIGHT_ANNMOD);
}

/**
 * Delete Listing
 *
 * @param  int    $lid
 * @param  string $photo
 * @return void
 */
function ListingDel($lid, $photo)
{
    global $xoopsDB, $moduleDirName, $admin_lang;

    $lid = (int)$lid;

    $result2 = $xoopsDB->query('SELECT p.url FROM '
                               . $xoopsDB->prefix('adslight_listing')
                               . ' l LEFT JOIN '
                               . $xoopsDB->prefix('adslight_pictures')
                               . ' p  ON l.lid=p.lid WHERE l.lid='
                               . $xoopsDB->escape($lid)
                               . '');

    while (list($purl) = $xoopsDB->fetchRow($result2)) {
        if ($purl) {
            $destination = XOOPS_ROOT_PATH . '/uploads/AdsLight';
            if (file_exists("$destination/$purl")) {
                unlink("$destination/$purl");
            }
            $destination2 = XOOPS_ROOT_PATH . '/uploads/AdsLight/thumbs';
            if (file_exists("$destination2/thumb_$purl")) {
                unlink("$destination2/thumb_$purl");
            }
            $destination3 = XOOPS_ROOT_PATH . '/uploads/AdsLight/midsize';
            if (file_exists("$destination3/resized_$purl")) {
                unlink("$destination3/resized_$purl");
            }
            $xoopsDB->query('DELETE FROM ' . $xoopsDB->prefix('adslight_pictures') . " WHERE lid={$lid}");
        }
    }

    $xoopsDB->query('DELETE FROM ' . $xoopsDB->prefix('adslight_listing') . " WHERE lid={$lid}");

    redirect_header('modify_ads.php', 1, _AM_ADSLIGHT_ANNDEL);
}

#####################################################
#####################################################
//@todo REMOVE THIS ASAP. This code is extremely unsafe
foreach ($_POST as $k => $v) {
    ${$k} = $v;
}
$pa  = XoopsRequest::getString('pa', '', 'GET');
$lid = XoopsRequest::getInt('lid', 0);
$op  = XoopsRequest::getCmd('op', '');

switch ($op) {
    case 'IndexView':
        IndexView($lid);
        break;

    case 'ListingDel':
        ListingDel($lid, $photo);
        break;

    case 'ModifyAds':
        ModifyAds($lid);
        break;

    case 'ModifyAdsS':
        ModifyAdsS($lid, $cid, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid, $photo);
        break;

    default:
        index();
        break;
}


Push — master ( 923121...f83415 )

admin/modify_ads.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Pass all data via parameters

2. Create a class that maintains your state

1		<?php
2		/*
3		-------------------------------------------------------------------------
4		ADSLIGHT 2 : Module for Xoops
5
6		Redesigned and ameliorate By Luc Bizet user at www.frxoops.org
7		Started with the Classifieds module and made MANY changes
8		Website : http://www.luc-bizet.fr
9		Contact : [email protected]
10		-------------------------------------------------------------------------
11		Original credits below Version History
12		##########################################################################
13		# Classified Module for Xoops #
14		# By John Mordo user jlm69 at www.xoops.org and www.jlmzone.com #
15		# Started with the MyAds module and made MANY changes #
16		##########################################################################
17		Original Author: Pascal Le Boustouller
18		Author Website : [email protected]
19		Licence Type : GPL
20		-------------------------------------------------------------------------
21		*/
22
23		include_once __DIR__ . '/admin_header.php';
24
25		$op = XoopsRequest::getCmd('op', 'liste');
26
27		/**
28		* Main Ad Display
29		*
30		* @return void
31		*/
32		function index()
		0 ignored issues – show Best Practice introduced 2016-09-28 07:11 UTC by Report Bug Copy Issue Report Show Similar Issues like this The function `index()` has been defined more than once; this definition is ignored, only the first definition in `admin/main.php` (L29-287) is considered. This check looks for functions that have already been defined in other files. Some Codebases, like WordPress, make a practice of defining functions multiple times. This may lead to problems with the detection of function parameters and types. If you really need to do this, you can mark the duplicate definition with the `@ignore` annotation. /** * @ignore */ function getUser() { } function getUser($id, $realm) { } See also the PhpDoc documentation for @ignore. Loading history...
33		{
34		global $xoopsDB, $xoopsConfig, $xoopsModule, $xoopsModuleConfig, $myts, $desctext, $moduleDirName, $admin_lang;
		1 ignored issue – show Compatibility Best Practice introduced 2016-09-28 07:11 UTC by Report Bug Copy Issue Report Show Similar Issues like this Use of `global` functionality is not recommended; it makes your code harder to test, and less reusable. Instead of relying on `global` state, we recommend one of these alternatives: 1. Pass all data via parameters function myFunction($a, $b) { // Do something } 2. Create a class that maintains your state class MyClass { private $a; private $b; public function __construct($a, $b) { $this->a = $a; $this->b = $b; } public function myFunction() { // Do something } } Loading history...
35
36		$mytree = new ClassifiedsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');
37
38		include_once __DIR__ . '/header.php';
39		xoops_cp_header();
40		// loadModuleAdminMenu(0, "");
41
42		// photo dir setting checker
43		$photo_dir = $xoopsModuleConfig['adslight_path_upload'];
44		$photo_thumb_dir = $xoopsModuleConfig['adslight_path_upload'] . '/thumbs';
45		$photo_resized_dir = $xoopsModuleConfig['adslight_path_upload'] . '/midsize';
46		if (!is_dir($photo_dir)) {
47		mkdir($photo_dir);
48		}
49		if (!is_dir($photo_thumb_dir)) {
50		mkdir($photo_thumb_dir);
51		}
52		if (!is_dir($photo_resized_dir)) {
53		mkdir($photo_resized_dir);
54		}
55	View Code Duplication	if (!is_writable($photo_dir) \|\| !is_readable($photo_dir)) {
56		echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_CHECKER . '</legend><br>';
57		echo "<font color='#FF0000'><b>" . _AM_ADSLIGHT_DIRPERMS . '' . $photo_dir . "</b></font><br><br>\n";
58		echo '</fieldset><br>';
59		}
60
61	View Code Duplication	if (!is_writable($photo_thumb_dir) \|\| !is_readable($photo_thumb_dir)) {
62		echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_CHECKER . '</legend><br>';
63		echo "<font color='#FF0000'><b>" . _AM_ADSLIGHT_DIRPERMS . '' . $photo_thumb_dir . "</b></font><br><br>\n";
64		echo '</fieldset><br>';
65		}
66
67	View Code Duplication	if (!is_writable($photo_resized_dir) \|\| !is_readable($photo_resized_dir)) {
68		echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_CHECKER . '</legend><br>';
69		echo "<font color='#FF0000'><b>" . _AM_ADSLIGHT_DIRPERMS . '' . $photo_resized_dir . "</b></font><br><br>\n";
70		echo '</fieldset><br>';
71		}
72
73		$result = $xoopsDB->query('SELECT lid, cid, title, status, expire, type, desctext, tel, price, typeprice, typeusure, date, email, submitter, town, country, contactby, premium, photo, usid FROM '
74		. $xoopsDB->prefix('adslight_listing')
75		. " WHERE valid='no' ORDER BY lid");
76		$numrows = $xoopsDB->getRowsNum($result);
77	View Code Duplication	if ($numrows > 0) {
78
79		///////// Il y a [..] Annonces en attente d'être approuvées //////
80		echo "<table class='outer' border=0 cellspacing=5 cellpadding=0><tr><td width=40>";
81		echo "<img src='../assets/images/admin/error_button.png' border=0 /></td><td>";
82		echo "<font color=\"#00B4C4\"><b>" . _AM_ADSLIGHT_THEREIS . "</b></font> <b>$numrows</b> <font color=\"#00B4C4\">" . _AM_ADSLIGHT_WAIT . '</b></font>';
83		echo '</td></tr></table><br>';
84		} else {
85		echo "<table class='outer' width='50%' border='0'><tr><td width=40>";
86		echo "<img src='../assets/images/admin/search_button_green_32.png' border=0 alt=\"._AM_ADSLIGHT_RELEASEOK.\" /></td><td>";
87		echo "<font color='#00B4C4'><b>" . _AM_ADSLIGHT_NOANNVAL . '</b></font>';
88		echo '</td></tr></table><br>';
89		}
90
91		// Modify Annonces
92		list($numrows) = $xoopsDB->fetchRow($xoopsDB->query('SELECT COUNT(*) FROM ' . $xoopsDB->prefix('adslight_listing') . ''));
93	View Code Duplication	if ($numrows > 0) {
94		echo "<table width='100%' border='0' class='outer'><tr class='bg4'><td valign='top'>";
95		echo "<form method=\"post\" action=\"modify_ads.php\">"
96		. '<b>'
97		. _AM_ADSLIGHT_MODANN
98		. '</b><br><br>'
99		. ''
100		. _AM_ADSLIGHT_NUMANN
101		. " <input type=\"text\" name=\"lid\" size=\"12\" maxlength=\"11\">  "
102		. "<input type=\"hidden\" name=\"op\" value=\"ModifyAds\">"
103		. "<input type=\"submit\" value=\""
104		. _AM_ADSLIGHT_MODIF
105		. "\">"
106		. '</form><br>';
107		echo '</td></tr></table><br>';
108		}
109
110		echo "<table width='100%' border='0' cellspacing='1' cellpadding='8' style='border: 2px solid #DFE0E0;'><tr class='bg4'><td valign='top'>";
111		echo "<a href=\"map.php\">" . _AM_ADSLIGHT_GESTCAT . "</a> \| <a href=\"../index.php\">" . _AM_ADSLIGHT_ACCESMYANN . '</a>';
112		echo '</td></tr></table><br>';
113
114		xoops_cp_footer();
115		}
116
117		# function ModifyAds
118		#####################################################
119		/**
120		* @param $lid
121		*/
122	View Code Duplication	function ModifyAds($lid)
123		{
124		global $xoopsDB, $xoopsModule, $xoopsConfig, $xoopsModuleConfig, $myts, $desctext, $moduleDirName, $admin_lang;
125
126		$mytree = new ClassifiedsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');
127
128		include_once __DIR__ . '/header.php';
129		xoops_cp_header();
130		// loadModuleAdminMenu(0, "");
131		$id_price = '';
132		$nom_price = '';
133		$lid = (int)$lid;
134
135		echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _AM_ADSLIGHT_MODANN . '</legend>';
136
137		$result = $xoopsDB->query('SELECT lid, cid, title, status, expire, type, desctext, tel, price, typeprice, typeusure, date, email, submitter, town, country, contactby, premium, valid, photo FROM '
138		. $xoopsDB->prefix('adslight_listing')
139		. " WHERE lid=$lid");
140
141		while (list($lid, $cid, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid, $photo) = $xoopsDB->fetchRow($result)) {
142		$title = $myts->htmlSpecialChars($title);
143		$status = $myts->htmlSpecialChars($status);
144		$expire = $myts->htmlSpecialChars($expire);
145		$type = $myts->htmlSpecialChars($type);
146		$desctext = $myts->displayTarea($desctext, 1, 1, 1);
147		$tel = $myts->htmlSpecialChars($tel);
148		$price = number_format($price, 2, ',', ' ');
149		$typeprice = $myts->htmlSpecialChars($typeprice);
150		$typeusure = $myts->htmlSpecialChars($typeusure);
151		$submitter = $myts->htmlSpecialChars($submitter);
152		$town = $myts->htmlSpecialChars($town);
153		$country = $myts->htmlSpecialChars($country);
154		$contactby = $myts->htmlSpecialChars($contactby);
155		$premium = $myts->htmlSpecialChars($premium);
156
157		$date2 = formatTimestamp($date, 's');
158
159		echo "<form action=\"modify_ads.php\" method=post>
160		<table border=0><tr class='head' border='1'>
161		<td>" . _AM_ADSLIGHT_NUMANN . " </td><td>$lid  " . _AM_ADSLIGHT_ADDED_ON . "  $date2</td>
162		</tr><tr class='head' border='1'>
163		<td>" . _AM_ADSLIGHT_SENDBY . " </td><td>$submitter</td>
164		</tr><tr class='head' border='1'>
165		<td>" . _AM_ADSLIGHT_EMAIL . " </td><td><input type=\"text\" name=\"email\" size=\"40\" value=\"$email\"></td>
166		</tr><tr class='head' border='1'>
167		<td>" . _AM_ADSLIGHT_TEL . " </td><td><input type=\"text\" name=\"tel\" size=\"50\" value=\"$tel\"></td>
168		</tr><tr class='head' border='1'>
169		<td>" . _AM_ADSLIGHT_TOWN . " </td><td><input type=\"text\" name=\"town\" size=\"40\" value=\"$town\"></td>
170		</tr><tr class='head' border='1'>
171		<td>" . _AM_ADSLIGHT_COUNTRY . " </td><td><input type=\"text\" name=\"country\" size=\"40\" value=\"$country\"></td>
172		</tr></tr><tr class='head' border='1'>";
173
174		if ($contactby == 1) {
175		$contactselect = _AM_ADSLIGHT_CONTACT_BY_EMAIL;
176		}
177		if ($contactby == 2) {
178		$contactselect = _AM_ADSLIGHT_CONTACT_BY_PM;
179		}
180		if ($contactby == 3) {
181		$contactselect = _AM_ADSLIGHT_CONTACT_BY_BOTH;
182		}
183		if ($contactby == 4) {
184		$contactselect = _AM_ADSLIGHT_CONTACT_BY_PHONE;
185		}
186
187		echo " <td class='head'>" . _AM_ADSLIGHT_CONTACTBY . " </td><td class='head'><select name=\"contactby\">
188		<option value=\"" . $contactby . "\">" . $contactselect . "</option>
189		<option value=\"1\">" . _AM_ADSLIGHT_CONTACT_BY_EMAIL . "</option>
190		<option value=\"2\">" . _AM_ADSLIGHT_CONTACT_BY_PM . "</option>
191		<option value=\"3\">" . _AM_ADSLIGHT_CONTACT_BY_BOTH . "</option>
192		<option value=\"4\">" . _AM_ADSLIGHT_CONTACT_BY_PHONE . '</option></select></td></tr>';
193
194		echo "<tr><td class='head'>" . _AM_ADSLIGHT_STATUS . "</td><td class='head'><input type=\"radio\" name=\"status\" value=\"0\"";
195		if ($status == '0') {
196		echo 'checked';
197		}
198		echo '>' . _AM_ADSLIGHT_ACTIVE . "   <input type=\"radio\" name=\"status\" value=\"1\"";
199		if ($status == '1') {
200		echo 'checked';
201		}
202		echo '>' . _AM_ADSLIGHT_INACTIVE . "   <input type=\"radio\" name=\"status\" value=\"2\"";
203		if ($status == '2') {
204		echo 'checked';
205		}
206		echo '>' . _AM_ADSLIGHT_SOLD . '</td></tr>';
207
208		echo "<tr class='head' border='1'>
209		<td>" . _AM_ADSLIGHT_TITLE2 . " </td><td><input type=\"text\" name=\"title\" size=\"40\" value=\"$title\"></td>
210		</tr><tr class='head' border='1'>
211		<td>" . _AM_ADSLIGHT_PREMIUM . " </td><td><input type=\"text\" name=\"premium\" size=\"3\" value=\"$premium\"></td>
212		</tr><tr class='head' border='1'>
213		<td>" . _AM_ADSLIGHT_EXPIRE . " </td><td><input type=\"text\" name=\"expire\" size=\"40\" value=\"$expire\"></td>
214		</tr>";
215		////// Type d'annonce
216		echo "<tr class='head' border='1'>
217		<td>" . _AM_ADSLIGHT_TYPE . " </td><td><select name=\"type\">";
218
219		$result5 = $xoopsDB->query('SELECT nom_type, id_type FROM ' . $xoopsDB->prefix('adslight_type') . ' ORDER BY nom_type');
220		while (list($nom_type, $id_type) = $xoopsDB->fetchRow($result5)) {
221		$sel = '';
222		if ($id_type == $type) {
223		$sel = 'selected';
224		}
225		echo "<option value=\"{$id_type}\"{$sel}>{$nom_type}</option>";
226		}
227		echo '</select></td></tr>';
228
229		////// Etat d'usure
230		echo "<tr class='head' border='1'>
231		<td>" . _AM_ADSLIGHT_TYPE_USURE . " </td><td><select name=\"typeusure\">";
232
233		$result6 = $xoopsDB->query('SELECT nom_usure, id_usure FROM ' . $xoopsDB->prefix('adslight_usure') . ' ORDER BY nom_usure');
234		while (list($nom_usure, $id_usure) = $xoopsDB->fetchRow($result6)) {
235		$sel = '';
236		if ($id_usure == $typeusure) {
237		$sel = 'selected';
238		}
239		echo "<option value=\"{$id_usure}\"{$sel}>{$nom_usure}</option>";
240		}
241		echo '</select></td></tr>';
242
243		/////// Price
244		echo "<tr class='head' border='1'><td>" . _AM_ADSLIGHT_PRICE2 . " </td><td><input type=\"text\" name=\"price\" size=\"20\" value=\"$price\"> " . $xoopsModuleConfig['adslight_money'] . '';
245
246		//////// Price type
247
248		$resultx = $xoopsDB->query('SELECT nom_price, id_price FROM ' . $xoopsDB->prefix('adslight_price') . ' ORDER BY nom_price');
249
250		echo " <select name=\"typeprice\"><option value=\"$id_price\">$nom_price</option>";
251		while (list($nom_price, $id_price) = $xoopsDB->fetchRow($resultx)) {
252		$sel = '';
253		if ($id_price == $typeprice) {
254		$sel = 'selected';
255		}
256		echo "<option value=\"{$id_price}\"{$sel}>{$nom_price}</option>";
257		}
258		echo '</select></td>';
259
260		/////// Category
261
262		echo "<tr class='head' border='1'>
263		<td>" . _AM_ADSLIGHT_CAT2 . ' </td><td>';
264		$mytree->makeMySelBox('title', 'title', $cid);
265		echo "</td>
266		</tr><tr class='head' border='1'>
267		<td>" . _AM_ADSLIGHT_DESC . ' </td><td>';
268
269		$wysiwyg_text_area = adslight_adminEditor('', 'desctext', $desctext, '100%', '200px', 'small');
270		echo $wysiwyg_text_area->render();
271
272		echo '</td></tr>';
273
274		echo "<tr class='head' border='1'>
275		<td>" . _AM_ADSLIGHT_PHOTO1 . " </td><td><input type=\"text\" name=\"photo\" size=\"50\" value=\"$photo\"></td>
276		</tr><tr>";
277		$time = time();
278		echo "</tr><tr class='head' border='1'>
279		<td> </td><td><select name=\"op\">
280		<option value=\"ModifyAdsS\"> " . _AM_ADSLIGHT_MODIF . "
281		<option value=\"ListingDel\"> " . _AM_ADSLIGHT_DEL . "
282		</select><input type=\"submit\" value=\"" . _AM_ADSLIGHT_GO . "\"></td>
283		</tr></table>";
284		echo "<input type=\"hidden\" name=\"valid\" value=\"Yes\">";
285		echo "<input type=\"hidden\" name=\"lid\" value=\"$lid\">";
286		echo "<input type=\"hidden\" name=\"date\" value=\"$time\">";
287		echo "<input type=\"hidden\" name=\"submitter\" value=\"$submitter\">
288		</form><br>";
289		echo '</fieldset><br>';
290		xoops_cp_footer();
291		}
292		}
293
294		# function ModifyAdsS
295		#####################################################
296
297		/**
298		* @param $lid
299		* @param $cat
300		* @param $title
301		* @param $status
302		* @param $expire
303		* @param $type
304		* @param $desctext
305		* @param $tel
306		* @param $price
307		* @param $typeprice
308		* @param $typeusure
309		* @param $date
310		* @param $email
311		* @param $submitter
312		* @param $town
313		* @param $country
314		* @param $contactby
315		* @param $premium
316		* @param $valid
317		* @param $photo
318		*/
319		function ModifyAdsS(
320		$lid,
321		$cat,
322		$title,
323		$status,
324		$expire,
325		$type,
326		$desctext,
327		$tel,
328		$price,
329		$typeprice,
330		$typeusure,
331		$date,
332		$email,
333		$submitter,
334		$town,
335		$country,
336		$contactby,
337		$premium,
338		$valid,
339		$photo
340		) {
341		global $xoopsDB, $xoopsConfig, $myts, $moduleDirName, $admin_lang;
342
343		$lid = (int)$lid;
344		$cat = (int)$cat;
345		$title = $myts->htmlSpecialChars($title);
346		// $status = $myts->htmlSpecialChars($status);
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-09-28 07:11 UTC by Report Bug Copy Issue Report Show Similar Issues like this `59%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
347		$status = (int)$status;
348		$expire = $myts->htmlSpecialChars($expire);
349		$type = $myts->htmlSpecialChars($type);
350		$desctext = $myts->displayTarea($desctext, 1, 1, 1);
351		$tel = $myts->htmlSpecialChars($tel);
352		$price = str_replace(array(' '), '', $price);
353		$typeprice = $myts->htmlSpecialChars($typeprice);
354		$typeusure = $myts->htmlSpecialChars($typeusure);
355		$submitter = $myts->htmlSpecialChars($submitter);
356		$town = $myts->htmlSpecialChars($town);
357		$country = $myts->htmlSpecialChars($country);
358		$contactby = $myts->htmlSpecialChars($contactby);
359		$premium = $myts->htmlSpecialChars($premium);
360
361		$xoopsDB->query('UPDATE '
362		. $xoopsDB->prefix('adslight_listing')
363		. " SET cid='$cat', title='$title', status='$status', expire='$expire', type='$type', desctext='$desctext', tel='$tel', price='$price', typeprice='$typeprice', typeusure='$typeusure', date='$date', email='$email', submitter='$submitter', town='$town', country='$country', contactby='$contactby', premium='$premium', valid='$valid', photo='$photo' WHERE lid=$lid");
364
365		redirect_header('modify_ads.php', 1, _AM_ADSLIGHT_ANNMOD);
366		}
367
368		/**
369		* Delete Listing
370		*
371		* @param int $lid
372		* @param string $photo
373		* @return void
374		*/
375	View Code Duplication	function ListingDel($lid, $photo)
376		{
377		global $xoopsDB, $moduleDirName, $admin_lang;
378
379		$lid = (int)$lid;
380
381		$result2 = $xoopsDB->query('SELECT p.url FROM '
382		. $xoopsDB->prefix('adslight_listing')
383		. ' l LEFT JOIN '
384		. $xoopsDB->prefix('adslight_pictures')
385		. ' p ON l.lid=p.lid WHERE l.lid='
386		. $xoopsDB->escape($lid)
387		. '');
388
389		while (list($purl) = $xoopsDB->fetchRow($result2)) {
390		if ($purl) {
391		$destination = XOOPS_ROOT_PATH . '/uploads/AdsLight';
392		if (file_exists("$destination/$purl")) {
393		unlink("$destination/$purl");
394		}
395		$destination2 = XOOPS_ROOT_PATH . '/uploads/AdsLight/thumbs';
396		if (file_exists("$destination2/thumb_$purl")) {
397		unlink("$destination2/thumb_$purl");
398		}
399		$destination3 = XOOPS_ROOT_PATH . '/uploads/AdsLight/midsize';
400		if (file_exists("$destination3/resized_$purl")) {
401		unlink("$destination3/resized_$purl");
402		}
403		$xoopsDB->query('DELETE FROM ' . $xoopsDB->prefix('adslight_pictures') . " WHERE lid={$lid}");
404		}
405		}
406
407		$xoopsDB->query('DELETE FROM ' . $xoopsDB->prefix('adslight_listing') . " WHERE lid={$lid}");
408
409		redirect_header('modify_ads.php', 1, _AM_ADSLIGHT_ANNDEL);
410		}
411
412		#####################################################
413		#####################################################
414		//@todo REMOVE THIS ASAP. This code is extremely unsafe
415		foreach ($_POST as $k => $v) {
416		${$k} = $v;
417		}
418		$pa = XoopsRequest::getString('pa', '', 'GET');
419		$lid = XoopsRequest::getInt('lid', 0);
420		$op = XoopsRequest::getCmd('op', '');
421
422		switch ($op) {
423		case 'IndexView':
424		IndexView($lid);
425		break;
426
427		case 'ListingDel':
428		ListingDel($lid, $photo);
429		break;
430
431		case 'ModifyAds':
432		ModifyAds($lid);
433		break;
434
435		case 'ModifyAdsS':
436		ModifyAdsS($lid, $cid, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid, $photo);
437		break;
438
439		default:
440		index();
441		break;
442		}
443

mambax7 / adslight

Push — master ( 923121...f83415 )

admin/modify_ads.php (3 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

1. Pass all data via parameters

2. Create a class that maintains your state

Duplication Side-by-Side

Filter issues like