Issues in modify.php - Fixed Issues - Inspection of "rector cosmetics" - mambax7/adslight - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 89b06b...05ee30 )

by Michael

created 2021-08-13 02:26 UTC

modify.php (1 issue)

Labels

Unused Code 1

Severity

Minor 1

<?php
/*
-------------------------------------------------------------------------
                     ADSLIGHT 2 : Module for Xoops

        Redesigned and ameliorate By Luc Bizet user at www.frxoops.org
        Started with the Classifieds module and made MANY changes
        Website : http://www.luc-bizet.fr
        Contact : [email protected]
-------------------------------------------------------------------------
             Original credits below Version History
##########################################################################
#                    Classified Module for Xoops                         #
#  By John Mordo user jlm69 at www.xoops.org and www.jlmzone.com         #
#      Started with the MyAds module and made MANY changes               #
##########################################################################
 Original Author: Pascal Le Boustouller
 Author Website : [email protected]
 Licence Type   : GPL
-------------------------------------------------------------------------
*/

use Xmf\Request;
use XoopsModules\Adslight;

require_once __DIR__ . '/header.php';

$myts      = \MyTextSanitizer::getInstance();
$module_id = $xoopsModule->getVar('mid');

$groups = ($GLOBALS['xoopsUser'] instanceof \XoopsUser) ? $GLOBALS['xoopsUser']->getGroups() : XOOPS_GROUP_ANONYMOUS;
/** @var \XoopsGroupPermHandler $grouppermHandler */
$grouppermHandler = xoops_getHandler('groupperm');
$perm_itemid      = Request::getInt('item_id', 0, 'POST');

//If no access
if (!$grouppermHandler->checkRight('adslight_submit', $perm_itemid, $groups, $module_id)) {
    redirect_header(XOOPS_URL . '/modules/adslight/index.php', 3, _NOPERM);
}

/**
 * @param $lid
 * @param $ok
 */
function listingDel($lid, $ok)
{
    global $xoopsDB;

    $result = $xoopsDB->query('SELECT usid FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lid));
    [$usid] = $xoopsDB->fetchRow($result);

    $result1 = $xoopsDB->query('SELECT url FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE lid=' . $xoopsDB->escape($lid));

    if ($GLOBALS['xoopsUser']) {
        $currentid = $GLOBALS['xoopsUser']->getVar('uid', 'E');
        if ($usid == $currentid) {
            if (1 == $ok) {
                while (false !== (list($purl) = $xoopsDB->fetchRow($result1))) {
                    if ($purl) {
                        $destination = XOOPS_ROOT_PATH . '/uploads/adslight';
                        if (is_file("$destination/$purl")) {
                            unlink("$destination/$purl");
                        }
                        $destination2 = XOOPS_ROOT_PATH . '/uploads/adslight/thumbs';
                        if (is_file("$destination2/thumb_$purl")) {
                            unlink("$destination2/thumb_$purl");
                        }
                        $destination3 = XOOPS_ROOT_PATH . '/uploads/adslight/midsize';
                        if (is_file("$destination3/resized_$purl")) {
                            unlink("$destination3/resized_$purl");
                        }

                        $xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE lid=' . $xoopsDB->escape($lid));
                    }
                }
                $xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lid));
                redirect_header('index.php', 1, _ADSLIGHT_ANNDEL);
            } else {
                echo "<table width='100%' border='0' cellspacing='1' cellpadding='8'><tr class='bg4'><td valign='top'>\n";
                echo '<br><div style="text-align:center">';
                echo '<strong>' . _ADSLIGHT_SURDELANN . '</strong></div><br><br>';
            }
            echo '[ <a href="modify.php?op=ListingDel&amp;lid=' . $lid . '&amp;ok=1">' . _YES . '</a> | <a href="index.php">' . _NO . '</a> ]<br><br>';
            echo '</td></tr></table>';
        }
    }
}

/**
 * @param $r_lid
 * @param $ok
 */
function delReply($r_lid, $ok)
{
    global $xoopsDB;

    $result = $xoopsDB->query('SELECT l.usid, r.r_lid, r.lid, r.title, r.date, r.submitter, r.message, r.tele, r.email, r.r_usid FROM ' . $xoopsDB->prefix('adslight_listing') . ' l LEFT JOIN ' . $xoopsDB->prefix('adslight_replies') . ' r ON l.lid=r.lid  WHERE r.r_lid=' . $xoopsDB->escape($r_lid));
    [$usid, $r_lid, $rlid, $title, $date, $submitter, $message, $tele, $email, $r_usid] = $xoopsDB->fetchRow($result);

    if ($GLOBALS['xoopsUser']) {
        $currentid = $GLOBALS['xoopsUser']->getVar('uid', 'E');
        if ($usid == $currentid) {
            if (1 == $ok) {
                $xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_replies') . ' WHERE r_lid=' . $xoopsDB->escape($r_lid));
                redirect_header('members.php?usid=' . addslashes($usid) . '', 1, _ADSLIGHT_ANNDEL);
            } else {
                echo "<table width='100%' border='0' cellspacing='1' cellpadding='8'><tr class='bg4'><td valign='top'>\n";
                echo '<br><div style="text-align:center">';
                echo '<strong>' . _ADSLIGHT_SURDELANN . '</strong></div><br><br>';
            }
            echo '[ <a href="modify.php?op=DelReply&amp;r_lid=' . addslashes($r_lid) . '&amp;ok=1">' . _YES . '</a> | <a href="members.php?usid=' . addslashes($usid) . '">' . _NO . '</a> ]<br><br>';
            echo '</td></tr></table>';
        }
    }
}

/**
 * @param $lid
 */
function modAd($lid)
{
    global $xoopsDB, $xoopsModule, $xoopsConfig, $myts;
    $contactselect = '';
    require_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';

    echo "<script language=\"javascript\">\nfunction CLA(CLA) { var MainWindow = window.open (CLA, \"_blank\",\"width=500,height=300,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no\");}\n</script>";

    $mytree = new Adslight\ClassifiedsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');

    $sql = 'SELECT lid, cid, title, status, expire, type, desctext, tel, price, typeprice, typeusure, date, email, submitter, usid, town, country, contactby, premium, valid FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lid);
    $result = $xoopsDB->query($sql);
    [$lid, $cide, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $usid, $town, $country, $contactby, $premium, $valid] = $xoopsDB->fetchRow($result);

    $categories = Adslight\Utility::getMyItemIds('adslight_submit');
    if (is_array($categories) && count($categories) > 0) {
        if (!in_array((int)$cide, $categories)) {
            redirect_header(XOOPS_URL . '/modules/adslight/index.php', 3, _NOPERM);
        }
    } else {    // User can't see any category
        redirect_header(XOOPS_URL . '/index.php', 3, _NOPERM);
    }

    if ($GLOBALS['xoopsUser']) {
        $calusern = $GLOBALS['xoopsUser']->uid();
        if ($usid == $calusern) {
            echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _ADSLIGHT_MODIFANN . '</legend><br><br>';
            $title    = \htmlspecialchars($title, ENT_QUOTES | ENT_HTML5);
            $status   = \htmlspecialchars($status, ENT_QUOTES | ENT_HTML5);
            $expire   = \htmlspecialchars($expire, ENT_QUOTES | ENT_HTML5);
            $type     = \htmlspecialchars($type, ENT_QUOTES | ENT_HTML5);
            $desctext = $myts->displayTarea($desctext, 1);
            $tel      = \htmlspecialchars($tel, ENT_QUOTES | ENT_HTML5);

            //            $price      = number_format($price, 2, ',', ' ');

            xoops_load('XoopsLocal');
            $tempXoopsLocal = new \XoopsLocal();
            //  For US currency with 2 numbers after the decimal comment out if you dont want 2 numbers after decimal
            $price = $tempXoopsLocal->number_format($price, 2, ',', ' ');
            //  For other countries uncomment the below line and comment out the above line
            //      $price = $tempXoopsLocal->number_format($price);

            $typeprice  = \htmlspecialchars($typeprice, ENT_QUOTES | ENT_HTML5);
            $typeusure  = \htmlspecialchars($typeusure, ENT_QUOTES | ENT_HTML5);
            $submitter  = \htmlspecialchars($submitter, ENT_QUOTES | ENT_HTML5);
            $town       = \htmlspecialchars($town, ENT_QUOTES | ENT_HTML5);
            $country    = \htmlspecialchars($country, ENT_QUOTES | ENT_HTML5);
            $contactby  = \htmlspecialchars($contactby, ENT_QUOTES | ENT_HTML5);
            $premium    = \htmlspecialchars($premium, ENT_QUOTES | ENT_HTML5);
            $useroffset = '';
            if ($GLOBALS['xoopsUser']) {
                $timezone   = $GLOBALS['xoopsUser']->timezone();
                $useroffset = !empty($timezone) ? $GLOBALS['xoopsUser']->timezone() : $xoopsConfig['default_TZ'];
            }
            $dates = ($useroffset * 3600) + $date;

            $dates = formatTimestamp($date, 's');

            echo '<form action="modify.php" method=post enctype="multipart/form-data">';
            echo $GLOBALS['xoopsSecurity']->getTokenHTML();
            echo '<table><tr class="head" border="2">
    <td class="head">' . _ADSLIGHT_NUMANNN . " </td><td class=\"head\" border=\"1\">$lid " . _ADSLIGHT_DU . " $dates</td>
    </tr><tr>";

            if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_diff_name']) {
                echo '<td class="head">' . _ADSLIGHT_SENDBY . " </td><td class=\"head\"><input type=\"text\" name=\"submitter\" size=\"50\" value=\"$submitter\" ></td>";
            } else {
                echo '<td class="head">' . _ADSLIGHT_SENDBY . " </td><td class=\"head\"><input type=\"hidden\" name=\"submitter\" value=\"$submitter\">$submitter</td>";
            }
            echo '</tr><tr>';

            if (1 == $contactby) {
                $contactselect = _ADSLIGHT_CONTACT_BY_EMAIL;
            }
            if (2 == $contactby) {
                $contactselect = _ADSLIGHT_CONTACT_BY_PM;
            }
            if (3 == $contactby) {
                $contactselect = _ADSLIGHT_CONTACT_BY_BOTH;
            }
            if (4 == $contactby) {
                $contactselect = _ADSLIGHT_CONTACT_BY_PHONE;
            }

            echo " <td class='head'>" . _ADSLIGHT_CONTACTBY . " </td><td class='head'><select name=\"contactby\">
    <option value=\"" . $contactby . '">' . $contactselect . '</option>
    <option value="1">' . _ADSLIGHT_CONTACT_BY_EMAIL . '</option>
    <option value="2">' . _ADSLIGHT_CONTACT_BY_PM . '</option>
    <option value="3">' . _ADSLIGHT_CONTACT_BY_BOTH . '</option>
    <option value="4">' . _ADSLIGHT_CONTACT_BY_PHONE . '</option></select></td></tr>';

            if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_diff_email']) {
                echo '<tr><td class="head">' . _ADSLIGHT_EMAIL . " </td><td class=\"head\"><input type=\"text\" name=\"email\" size=\"50\" value=\"$email\" ></td>";
            } else {
                echo '<tr><td class="head">' . _ADSLIGHT_EMAIL . " </td><td class=\"head\">$email<input type=\"hidden\" name=\"email\" value=\"$email\" ></td>";
            }
            echo '</tr><tr>
    <td class="head">' . _ADSLIGHT_TEL . " </td><td class=\"head\"><input type=\"text\" name=\"tel\" size=\"50\" value=\"$tel\" ></td>
    </tr>";
            echo '<tr>
    <td class="head">' . _ADSLIGHT_TOWN . " </td><td class=\"head\"><input type=\"text\" name=\"town\" size=\"50\" value=\"$town\" ></td>
    </tr>";
            if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_use_country']) {
                echo '<tr>
    <td class="head">' . _ADSLIGHT_COUNTRY . " </td><td class=\"head\"><input type=\"text\" name=\"country\" size=\"50\" value=\"$country\" ></td>
    </tr>";
            } else {
                echo '<input type="hidden" name="country" value="">';
            }

            echo "<tr><td class='head'>" . _ADSLIGHT_STATUS . "</td><td class='head'><input type=\"radio\" name=\"status\" value=\"0\"";
            if ('0' == $status) {
                echo 'checked';
            }
            echo '>' . _ADSLIGHT_ACTIVE . '&nbsp;&nbsp; <input type="radio" name="status" value="1"';
            if ('1' == $status) {
                echo 'checked';
            }
            echo '>' . _ADSLIGHT_INACTIVE . '&nbsp;&nbsp; <input type="radio" name="status" value="2"';
            if ('2' == $status) {
                echo 'checked';
            }
            echo '>' . _ADSLIGHT_SOLD . '</td></tr>';
            echo '<tr>
    <td class="head">' . _ADSLIGHT_TITLE2 . " </td><td class=\"head\"><input type=\"text\" name=\"title\" size=\"50\" value=\"$title\" ></td>
    </tr>";
            echo '<tr><td class="head">' . _ADSLIGHT_PRICE2 . " </td><td class=\"head\"><input type=\"text\" name=\"price\" size=\"20\" value=\"$price\" > " . $GLOBALS['xoopsModuleConfig']['adslight_currency_symbol'];

            $result3 = $xoopsDB->query('SELECT nom_price, id_price FROM ' . $xoopsDB->prefix('adslight_price') . ' ORDER BY id_price');
            echo ' <select name="typeprice">';
            while (false !== (list($nom_price, $id_price) = $xoopsDB->fetchRow($result3))) {
                $sel = '';
                if ($id_price == $typeprice) {
                    $sel = 'selected';
                }
                echo "<option value=\"$id_price\" $sel>$nom_price</option>";
            }
            echo '</select></td></tr>';
            $module_id = $xoopsModule->getVar('mid');
            $groups    = ($GLOBALS['xoopsUser'] instanceof \XoopsUser) ? $GLOBALS['xoopsUser']->getGroups() : XOOPS_GROUP_ANONYMOUS;

            /** @var \XoopsGroupPermHandler $grouppermHandler */
            $grouppermHandler = xoops_getHandler('groupperm');
            $perm_itemid      = Request::getInt('item_id', 0, 'GET');

            //If no access
            if ($grouppermHandler->checkRight('adslight_premium', $perm_itemid, $groups, $module_id)) {
                echo "<tr>
    <td width='30%' class='head'>" . _ADSLIGHT_HOW_LONG . " </td><td class='head'><input type=\"text\" name=\"expire\" size=\"3\" maxlength=\"3\" value=\"$expire\" >  " . _ADSLIGHT_DAY . '</td>
    </tr>';
            } else {
                echo "<tr>
    <td width='30%' class='head'>" . _ADSLIGHT_WILL_LAST . " </td><td class='head'>$expire  " . _ADSLIGHT_DAY . '</td>
    </tr>';
                echo "<input type=\"hidden\" name=\"expire\" value=\"$expire\" >";
            }

            /// Type d'annonce
            echo '<tr>
    <td class="head">' . _ADSLIGHT_TYPE . ' </td><td class="head"><select name="type">';

            $result5 = $xoopsDB->query('SELECT nom_type, id_type FROM ' . $xoopsDB->prefix('adslight_type') . ' ORDER BY nom_type');
            while (false !== (list($nom_type, $id_type) = $xoopsDB->fetchRow($result5))) {
                $sel = '';
                if ($id_type == $type) {
                    $sel = 'selected';
                }
                echo "<option value=\"$id_type\" $sel>$nom_type</option>";
            }
            echo '</select></td></tr>';

            /// Etat de l'objet
            echo '<tr>
    <td class="head">' . _ADSLIGHT_TYPE_USURE . ' </td><td class="head"><select name="typeusure">';

            $result6 = $xoopsDB->query('SELECT nom_usure, id_usure FROM ' . $xoopsDB->prefix('adslight_usure') . ' ORDER BY nom_usure');
            while (false !== (list($nom_usure, $id_usure) = $xoopsDB->fetchRow($result6))) {
                $sel = '';
                if ($id_usure == $typeusure) {
                    $sel = 'selected';
                }
                echo "<option value=\"$id_usure\" $sel>$nom_usure</option>";
            }
            echo '</select></td></tr>';

            echo '<tr>
    <td class="head">' . _ADSLIGHT_CAT . ' </td><td class="head">';
            $mytree->makeMySelBox('title', 'title', $cide, '', 'cid');
            echo '</td>
    </tr><tr>
    <td class="head">' . _ADSLIGHT_DESC . ' </td><td class="head">';
            $wysiwyg_text_area = Adslight\Utility::getEditor(_ADSLIGHT_DESC, 'desctext', $desctext, '100%', '200px');
            echo $wysiwyg_text_area->render();
            echo '</td></tr>
    <td colspan=2><br><input type="submit" value="' . _ADSLIGHT_MODIFANN . '" ></td>
    </tr></table>';
            echo '<input type="hidden" name="op" value="ModAdS" >';

            $module_id = $xoopsModule->getVar('mid');
            if (is_object($GLOBALS['xoopsUser'])) {
                $groups = &$GLOBALS['xoopsUser']->getGroups();
            } else {
                $groups = XOOPS_GROUP_ANONYMOUS;
            }
            /** @var \XoopsGroupPermHandler $grouppermHandler */
            $grouppermHandler = xoops_getHandler('groupperm');
            $perm_itemid      = Request::getInt('item_id', 0, 'POST');
            //If no access
            if ($grouppermHandler->checkRight('adslight_premium', $perm_itemid, $groups, $module_id)) {
                echo '<input type="hidden" name="valid" value="Yes" >';
            } else {
                if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_moderated']) {
                    echo '<input type="hidden" name="valid" value="No" >';
                    echo '<br>' . _ADSLIGHT_MODIFBEFORE . '<br>';
                } else {
                    echo '<input type="hidden" name="valid" value="Yes" >';
                }
            }
            echo "<input type=\"hidden\" name=\"lid\" value=\"$lid\" >";
            echo "<input type=\"hidden\" name=\"premium\" value=\"$premium\" >";
            echo "<input type=\"hidden\" name=\"date\" value=\"$date\" >
    " . $GLOBALS['xoopsSecurity']->getTokenHTML() . '';
            echo '</form><br></fieldset><br>';
        }
    }
}

/**
 * @param $lid
 * @param $cat
 * @param $title
 * @param $status
 * @param $expire
 * @param $type
 * @param $desctext
 * @param $tel
 * @param $price
 * @param $typeprice
 * @param $typeusure
 * @param $date
 * @param $email
 * @param $submitter
 * @param $town
 * @param $country
 * @param $contactby
 * @param $premium
 * @param $valid
 */
function modAdS($lid, $cat, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid)
{
    global $xoopsDB, $myts;

    if (!$GLOBALS['xoopsSecurity']->check()) {
        redirect_header(XOOPS_URL . '/modules/adslight/index.php', 3, $GLOBALS['xoopsSecurity']->getErrors());
    }
    $title     = $myts->addSlashes($title);
    $status    = $myts->addSlashes($status);
    $expire    = $myts->addSlashes($expire);
    $type      = $myts->addSlashes($type);
    $desctext  = $myts->displayTarea($desctext, 1, 1, 1, 1, 1);
    $tel       = $myts->addSlashes($tel);
    $price     = str_replace([' '], '', $price);
    $typeprice = $myts->addSlashes($typeprice);
    $typeusure = $myts->addSlashes($typeusure);
    $submitter = $myts->addSlashes($submitter);
    $town      = $myts->addSlashes($town);
    $country   = $myts->addSlashes($country);
    $contactby = $myts->addSlashes($contactby);
    $premium   = $myts->addSlashes($premium);

    $xoopsDB->query('UPDATE '
                    . $xoopsDB->prefix('adslight_listing')
                    . " SET cid='$cat', title='$title', status='$status',  expire='$expire', type='$type', desctext='$desctext', tel='$tel', price='$price', typeprice='$typeprice', typeusure='$typeusure', email='$email', submitter='$submitter', town='$town', country='$country', contactby='$contactby', premium='$premium', valid='$valid' WHERE lid=$lid");

    redirect_header('index.php', 1, _ADSLIGHT_ANNMOD2);
}

####################################################
foreach ($_POST as $k => $v) {
    ${$k} = $v;
}
$ok = Request::getString('ok', '', 'GET');

if (!Request::hasVar('lid', 'POST') && Request::hasVar('lid', 'GET')) {
    $lid = Request::getInt('lid', 0, 'GET');
}
if (!Request::hasVar('r_lid', 'POST') && Request::hasVar('r_lid', 'GET')) {
    $r_lid = Request::getInt('r_lid', '', 'GET');
}
if (!Request::hasVar('op', 'POST') && Request::hasVar('op', 'GET')) {
    $op = Request::getString('op', '', 'GET');
}
switch ($op) {
    case 'ModAd':
        require_once XOOPS_ROOT_PATH . '/header.php';
        modAd($lid);
        require_once XOOPS_ROOT_PATH . '/footer.php';
        break;
    case 'ModAdS':
        modAdS($lid, $cid, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid);
        break;
    case 'ListingDel':
        require_once XOOPS_ROOT_PATH . '/header.php';
        listingDel($lid, $ok);
        require_once XOOPS_ROOT_PATH . '/footer.php';
        break;
    case 'DelReply':
        require_once XOOPS_ROOT_PATH . '/header.php';
        delReply($r_lid, $ok);
        require_once XOOPS_ROOT_PATH . '/footer.php';
        break;
    default:
        redirect_header('index.php', 1, '' . _RETURNANN);
        break;
}


1			<?php
2			/*
3			-------------------------------------------------------------------------
4			ADSLIGHT 2 : Module for Xoops
5
6			Redesigned and ameliorate By Luc Bizet user at www.frxoops.org
7			Started with the Classifieds module and made MANY changes
8			Website : http://www.luc-bizet.fr
9			Contact : [email protected]
10			-------------------------------------------------------------------------
11			Original credits below Version History
12			##########################################################################
13			# Classified Module for Xoops #
14			# By John Mordo user jlm69 at www.xoops.org and www.jlmzone.com #
15			# Started with the MyAds module and made MANY changes #
16			##########################################################################
17			Original Author: Pascal Le Boustouller
18			Author Website : [email protected]
19			Licence Type : GPL
20			-------------------------------------------------------------------------
21			*/
22
23			use Xmf\Request;
24			use XoopsModules\Adslight;
25
26			require_once __DIR__ . '/header.php';
27
28			$myts = \MyTextSanitizer::getInstance();
29			$module_id = $xoopsModule->getVar('mid');
30
31			$groups = ($GLOBALS['xoopsUser'] instanceof \XoopsUser) ? $GLOBALS['xoopsUser']->getGroups() : XOOPS_GROUP_ANONYMOUS;
32			/** @var \XoopsGroupPermHandler $grouppermHandler */
33			$grouppermHandler = xoops_getHandler('groupperm');
34			$perm_itemid = Request::getInt('item_id', 0, 'POST');
35
36			//If no access
37			if (!$grouppermHandler->checkRight('adslight_submit', $perm_itemid, $groups, $module_id)) {
38			redirect_header(XOOPS_URL . '/modules/adslight/index.php', 3, _NOPERM);
39			}
40
41			/**
42			* @param $lid
43			* @param $ok
44			*/
45			function listingDel($lid, $ok)
46			{
47			global $xoopsDB;
48
49			$result = $xoopsDB->query('SELECT usid FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lid));
50			[$usid] = $xoopsDB->fetchRow($result);
51
52			$result1 = $xoopsDB->query('SELECT url FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE lid=' . $xoopsDB->escape($lid));
53
54			if ($GLOBALS['xoopsUser']) {
55			$currentid = $GLOBALS['xoopsUser']->getVar('uid', 'E');
56			if ($usid == $currentid) {
57			if (1 == $ok) {
58			while (false !== (list($purl) = $xoopsDB->fetchRow($result1))) {
59			if ($purl) {
60			$destination = XOOPS_ROOT_PATH . '/uploads/adslight';
61			if (is_file("$destination/$purl")) {
62			unlink("$destination/$purl");
63			}
64			$destination2 = XOOPS_ROOT_PATH . '/uploads/adslight/thumbs';
65			if (is_file("$destination2/thumb_$purl")) {
66			unlink("$destination2/thumb_$purl");
67			}
68			$destination3 = XOOPS_ROOT_PATH . '/uploads/adslight/midsize';
69			if (is_file("$destination3/resized_$purl")) {
70			unlink("$destination3/resized_$purl");
71			}
72
73			$xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE lid=' . $xoopsDB->escape($lid));
74			}
75			}
76			$xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lid));
77			redirect_header('index.php', 1, _ADSLIGHT_ANNDEL);
78			} else {
79			echo "<table width='100%' border='0' cellspacing='1' cellpadding='8'><tr class='bg4'><td valign='top'>\n";
80			echo '<br><div style="text-align:center">';
81			echo '<strong>' . _ADSLIGHT_SURDELANN . '</strong></div><br><br>';
82			}
83			echo '[ <a href="modify.php?op=ListingDel&lid=' . $lid . '&ok=1">' . _YES . '</a> \| <a href="index.php">' . _NO . '</a> ]<br><br>';
84			echo '</td></tr></table>';
85			}
86			}
87			}
88
89			/**
90			* @param $r_lid
91			* @param $ok
92			*/
93			function delReply($r_lid, $ok)
94			{
95			global $xoopsDB;
96
97			$result = $xoopsDB->query('SELECT l.usid, r.r_lid, r.lid, r.title, r.date, r.submitter, r.message, r.tele, r.email, r.r_usid FROM ' . $xoopsDB->prefix('adslight_listing') . ' l LEFT JOIN ' . $xoopsDB->prefix('adslight_replies') . ' r ON l.lid=r.lid WHERE r.r_lid=' . $xoopsDB->escape($r_lid));
98			[$usid, $r_lid, $rlid, $title, $date, $submitter, $message, $tele, $email, $r_usid] = $xoopsDB->fetchRow($result);
99
100			if ($GLOBALS['xoopsUser']) {
101			$currentid = $GLOBALS['xoopsUser']->getVar('uid', 'E');
102			if ($usid == $currentid) {
103			if (1 == $ok) {
104			$xoopsDB->queryF('DELETE FROM ' . $xoopsDB->prefix('adslight_replies') . ' WHERE r_lid=' . $xoopsDB->escape($r_lid));
105			redirect_header('members.php?usid=' . addslashes($usid) . '', 1, _ADSLIGHT_ANNDEL);
106			} else {
107			echo "<table width='100%' border='0' cellspacing='1' cellpadding='8'><tr class='bg4'><td valign='top'>\n";
108			echo '<br><div style="text-align:center">';
109			echo '<strong>' . _ADSLIGHT_SURDELANN . '</strong></div><br><br>';
110			}
111			echo '[ <a href="modify.php?op=DelReply&r_lid=' . addslashes($r_lid) . '&ok=1">' . _YES . '</a> \| <a href="members.php?usid=' . addslashes($usid) . '">' . _NO . '</a> ]<br><br>';
112			echo '</td></tr></table>';
113			}
114			}
115			}
116
117			/**
118			* @param $lid
119			*/
120			function modAd($lid)
121			{
122			global $xoopsDB, $xoopsModule, $xoopsConfig, $myts;
123			$contactselect = '';
124			require_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';
125
126			echo "<script language=\"javascript\">\nfunction CLA(CLA) { var MainWindow = window.open (CLA, \"_blank\",\"width=500,height=300,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=yes,copyhistory=no\");}\n</script>";
127
128			$mytree = new Adslight\ClassifiedsTree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');
129
130			$sql = 'SELECT lid, cid, title, status, expire, type, desctext, tel, price, typeprice, typeusure, date, email, submitter, usid, town, country, contactby, premium, valid FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE lid=' . $xoopsDB->escape($lid);
131			$result = $xoopsDB->query($sql);
132			[$lid, $cide, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $usid, $town, $country, $contactby, $premium, $valid] = $xoopsDB->fetchRow($result);
133
134			$categories = Adslight\Utility::getMyItemIds('adslight_submit');
135			if (is_array($categories) && count($categories) > 0) {
136			if (!in_array((int)$cide, $categories)) {
137			redirect_header(XOOPS_URL . '/modules/adslight/index.php', 3, _NOPERM);
138			}
139			} else { // User can't see any category
140			redirect_header(XOOPS_URL . '/index.php', 3, _NOPERM);
141			}
142
143			if ($GLOBALS['xoopsUser']) {
144			$calusern = $GLOBALS['xoopsUser']->uid();
145			if ($usid == $calusern) {
146			echo "<fieldset><legend style='font-weight: bold; color: #900;'>" . _ADSLIGHT_MODIFANN . '</legend><br><br>';
147			$title = \htmlspecialchars($title, ENT_QUOTES \| ENT_HTML5);
148			$status = \htmlspecialchars($status, ENT_QUOTES \| ENT_HTML5);
149			$expire = \htmlspecialchars($expire, ENT_QUOTES \| ENT_HTML5);
150			$type = \htmlspecialchars($type, ENT_QUOTES \| ENT_HTML5);
151			$desctext = $myts->displayTarea($desctext, 1);
152			$tel = \htmlspecialchars($tel, ENT_QUOTES \| ENT_HTML5);
153
154			// $price = number_format($price, 2, ',', ' ');
155
156			xoops_load('XoopsLocal');
157			$tempXoopsLocal = new \XoopsLocal();
158			// For US currency with 2 numbers after the decimal comment out if you dont want 2 numbers after decimal
159			$price = $tempXoopsLocal->number_format($price, 2, ',', ' ');
160			// For other countries uncomment the below line and comment out the above line
161			// $price = $tempXoopsLocal->number_format($price);
162
163			$typeprice = \htmlspecialchars($typeprice, ENT_QUOTES \| ENT_HTML5);
164			$typeusure = \htmlspecialchars($typeusure, ENT_QUOTES \| ENT_HTML5);
165			$submitter = \htmlspecialchars($submitter, ENT_QUOTES \| ENT_HTML5);
166			$town = \htmlspecialchars($town, ENT_QUOTES \| ENT_HTML5);
167			$country = \htmlspecialchars($country, ENT_QUOTES \| ENT_HTML5);
168			$contactby = \htmlspecialchars($contactby, ENT_QUOTES \| ENT_HTML5);
169			$premium = \htmlspecialchars($premium, ENT_QUOTES \| ENT_HTML5);
170			$useroffset = '';
171			if ($GLOBALS['xoopsUser']) {
172			$timezone = $GLOBALS['xoopsUser']->timezone();
173			$useroffset = !empty($timezone) ? $GLOBALS['xoopsUser']->timezone() : $xoopsConfig['default_TZ'];
174			}
175			$dates = ($useroffset * 3600) + $date;
			0 ignored issues – show Unused Code introduced 2018-03-16 07:40 UTC by Report Bug Copy Issue Report Show Similar Issues like this The assignment to `$dates` is dead and can be removed. Loading history...
176			$dates = formatTimestamp($date, 's');
177
178			echo '<form action="modify.php" method=post enctype="multipart/form-data">';
179			echo $GLOBALS['xoopsSecurity']->getTokenHTML();
180			echo '<table><tr class="head" border="2">
181			<td class="head">' . _ADSLIGHT_NUMANNN . " </td><td class=\"head\" border=\"1\">$lid " . _ADSLIGHT_DU . " $dates</td>
182			</tr><tr>";
183
184			if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_diff_name']) {
185			echo '<td class="head">' . _ADSLIGHT_SENDBY . " </td><td class=\"head\"><input type=\"text\" name=\"submitter\" size=\"50\" value=\"$submitter\" ></td>";
186			} else {
187			echo '<td class="head">' . _ADSLIGHT_SENDBY . " </td><td class=\"head\"><input type=\"hidden\" name=\"submitter\" value=\"$submitter\">$submitter</td>";
188			}
189			echo '</tr><tr>';
190
191			if (1 == $contactby) {
192			$contactselect = _ADSLIGHT_CONTACT_BY_EMAIL;
193			}
194			if (2 == $contactby) {
195			$contactselect = _ADSLIGHT_CONTACT_BY_PM;
196			}
197			if (3 == $contactby) {
198			$contactselect = _ADSLIGHT_CONTACT_BY_BOTH;
199			}
200			if (4 == $contactby) {
201			$contactselect = _ADSLIGHT_CONTACT_BY_PHONE;
202			}
203
204			echo " <td class='head'>" . _ADSLIGHT_CONTACTBY . " </td><td class='head'><select name=\"contactby\">
205			<option value=\"" . $contactby . '">' . $contactselect . '</option>
206			<option value="1">' . _ADSLIGHT_CONTACT_BY_EMAIL . '</option>
207			<option value="2">' . _ADSLIGHT_CONTACT_BY_PM . '</option>
208			<option value="3">' . _ADSLIGHT_CONTACT_BY_BOTH . '</option>
209			<option value="4">' . _ADSLIGHT_CONTACT_BY_PHONE . '</option></select></td></tr>';
210
211			if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_diff_email']) {
212			echo '<tr><td class="head">' . _ADSLIGHT_EMAIL . " </td><td class=\"head\"><input type=\"text\" name=\"email\" size=\"50\" value=\"$email\" ></td>";
213			} else {
214			echo '<tr><td class="head">' . _ADSLIGHT_EMAIL . " </td><td class=\"head\">$email<input type=\"hidden\" name=\"email\" value=\"$email\" ></td>";
215			}
216			echo '</tr><tr>
217			<td class="head">' . _ADSLIGHT_TEL . " </td><td class=\"head\"><input type=\"text\" name=\"tel\" size=\"50\" value=\"$tel\" ></td>
218			</tr>";
219			echo '<tr>
220			<td class="head">' . _ADSLIGHT_TOWN . " </td><td class=\"head\"><input type=\"text\" name=\"town\" size=\"50\" value=\"$town\" ></td>
221			</tr>";
222			if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_use_country']) {
223			echo '<tr>
224			<td class="head">' . _ADSLIGHT_COUNTRY . " </td><td class=\"head\"><input type=\"text\" name=\"country\" size=\"50\" value=\"$country\" ></td>
225			</tr>";
226			} else {
227			echo '<input type="hidden" name="country" value="">';
228			}
229
230			echo "<tr><td class='head'>" . _ADSLIGHT_STATUS . "</td><td class='head'><input type=\"radio\" name=\"status\" value=\"0\"";
231			if ('0' == $status) {
232			echo 'checked';
233			}
234			echo '>' . _ADSLIGHT_ACTIVE . '   <input type="radio" name="status" value="1"';
235			if ('1' == $status) {
236			echo 'checked';
237			}
238			echo '>' . _ADSLIGHT_INACTIVE . '   <input type="radio" name="status" value="2"';
239			if ('2' == $status) {
240			echo 'checked';
241			}
242			echo '>' . _ADSLIGHT_SOLD . '</td></tr>';
243			echo '<tr>
244			<td class="head">' . _ADSLIGHT_TITLE2 . " </td><td class=\"head\"><input type=\"text\" name=\"title\" size=\"50\" value=\"$title\" ></td>
245			</tr>";
246			echo '<tr><td class="head">' . _ADSLIGHT_PRICE2 . " </td><td class=\"head\"><input type=\"text\" name=\"price\" size=\"20\" value=\"$price\" > " . $GLOBALS['xoopsModuleConfig']['adslight_currency_symbol'];
247
248			$result3 = $xoopsDB->query('SELECT nom_price, id_price FROM ' . $xoopsDB->prefix('adslight_price') . ' ORDER BY id_price');
249			echo ' <select name="typeprice">';
250			while (false !== (list($nom_price, $id_price) = $xoopsDB->fetchRow($result3))) {
251			$sel = '';
252			if ($id_price == $typeprice) {
253			$sel = 'selected';
254			}
255			echo "<option value=\"$id_price\" $sel>$nom_price</option>";
256			}
257			echo '</select></td></tr>';
258			$module_id = $xoopsModule->getVar('mid');
259			$groups = ($GLOBALS['xoopsUser'] instanceof \XoopsUser) ? $GLOBALS['xoopsUser']->getGroups() : XOOPS_GROUP_ANONYMOUS;
260
261			/** @var \XoopsGroupPermHandler $grouppermHandler */
262			$grouppermHandler = xoops_getHandler('groupperm');
263			$perm_itemid = Request::getInt('item_id', 0, 'GET');
264
265			//If no access
266			if ($grouppermHandler->checkRight('adslight_premium', $perm_itemid, $groups, $module_id)) {
267			echo "<tr>
268			<td width='30%' class='head'>" . _ADSLIGHT_HOW_LONG . " </td><td class='head'><input type=\"text\" name=\"expire\" size=\"3\" maxlength=\"3\" value=\"$expire\" > " . _ADSLIGHT_DAY . '</td>
269			</tr>';
270			} else {
271			echo "<tr>
272			<td width='30%' class='head'>" . _ADSLIGHT_WILL_LAST . " </td><td class='head'>$expire " . _ADSLIGHT_DAY . '</td>
273			</tr>';
274			echo "<input type=\"hidden\" name=\"expire\" value=\"$expire\" >";
275			}
276
277			/// Type d'annonce
278			echo '<tr>
279			<td class="head">' . _ADSLIGHT_TYPE . ' </td><td class="head"><select name="type">';
280
281			$result5 = $xoopsDB->query('SELECT nom_type, id_type FROM ' . $xoopsDB->prefix('adslight_type') . ' ORDER BY nom_type');
282			while (false !== (list($nom_type, $id_type) = $xoopsDB->fetchRow($result5))) {
283			$sel = '';
284			if ($id_type == $type) {
285			$sel = 'selected';
286			}
287			echo "<option value=\"$id_type\" $sel>$nom_type</option>";
288			}
289			echo '</select></td></tr>';
290
291			/// Etat de l'objet
292			echo '<tr>
293			<td class="head">' . _ADSLIGHT_TYPE_USURE . ' </td><td class="head"><select name="typeusure">';
294
295			$result6 = $xoopsDB->query('SELECT nom_usure, id_usure FROM ' . $xoopsDB->prefix('adslight_usure') . ' ORDER BY nom_usure');
296			while (false !== (list($nom_usure, $id_usure) = $xoopsDB->fetchRow($result6))) {
297			$sel = '';
298			if ($id_usure == $typeusure) {
299			$sel = 'selected';
300			}
301			echo "<option value=\"$id_usure\" $sel>$nom_usure</option>";
302			}
303			echo '</select></td></tr>';
304
305			echo '<tr>
306			<td class="head">' . _ADSLIGHT_CAT . ' </td><td class="head">';
307			$mytree->makeMySelBox('title', 'title', $cide, '', 'cid');
308			echo '</td>
309			</tr><tr>
310			<td class="head">' . _ADSLIGHT_DESC . ' </td><td class="head">';
311			$wysiwyg_text_area = Adslight\Utility::getEditor(_ADSLIGHT_DESC, 'desctext', $desctext, '100%', '200px');
312			echo $wysiwyg_text_area->render();
313			echo '</td></tr>
314			<td colspan=2><br><input type="submit" value="' . _ADSLIGHT_MODIFANN . '" ></td>
315			</tr></table>';
316			echo '<input type="hidden" name="op" value="ModAdS" >';
317
318			$module_id = $xoopsModule->getVar('mid');
319			if (is_object($GLOBALS['xoopsUser'])) {
320			$groups = &$GLOBALS['xoopsUser']->getGroups();
321			} else {
322			$groups = XOOPS_GROUP_ANONYMOUS;
323			}
324			/** @var \XoopsGroupPermHandler $grouppermHandler */
325			$grouppermHandler = xoops_getHandler('groupperm');
326			$perm_itemid = Request::getInt('item_id', 0, 'POST');
327			//If no access
328			if ($grouppermHandler->checkRight('adslight_premium', $perm_itemid, $groups, $module_id)) {
329			echo '<input type="hidden" name="valid" value="Yes" >';
330			} else {
331			if ('1' == $GLOBALS['xoopsModuleConfig']['adslight_moderated']) {
332			echo '<input type="hidden" name="valid" value="No" >';
333			echo '<br>' . _ADSLIGHT_MODIFBEFORE . '<br>';
334			} else {
335			echo '<input type="hidden" name="valid" value="Yes" >';
336			}
337			}
338			echo "<input type=\"hidden\" name=\"lid\" value=\"$lid\" >";
339			echo "<input type=\"hidden\" name=\"premium\" value=\"$premium\" >";
340			echo "<input type=\"hidden\" name=\"date\" value=\"$date\" >
341			" . $GLOBALS['xoopsSecurity']->getTokenHTML() . '';
342			echo '</form><br></fieldset><br>';
343			}
344			}
345			}
346
347			/**
348			* @param $lid
349			* @param $cat
350			* @param $title
351			* @param $status
352			* @param $expire
353			* @param $type
354			* @param $desctext
355			* @param $tel
356			* @param $price
357			* @param $typeprice
358			* @param $typeusure
359			* @param $date
360			* @param $email
361			* @param $submitter
362			* @param $town
363			* @param $country
364			* @param $contactby
365			* @param $premium
366			* @param $valid
367			*/
368			function modAdS($lid, $cat, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid)
369			{
370			global $xoopsDB, $myts;
371
372			if (!$GLOBALS['xoopsSecurity']->check()) {
373			redirect_header(XOOPS_URL . '/modules/adslight/index.php', 3, $GLOBALS['xoopsSecurity']->getErrors());
374			}
375			$title = $myts->addSlashes($title);
376			$status = $myts->addSlashes($status);
377			$expire = $myts->addSlashes($expire);
378			$type = $myts->addSlashes($type);
379			$desctext = $myts->displayTarea($desctext, 1, 1, 1, 1, 1);
380			$tel = $myts->addSlashes($tel);
381			$price = str_replace([' '], '', $price);
382			$typeprice = $myts->addSlashes($typeprice);
383			$typeusure = $myts->addSlashes($typeusure);
384			$submitter = $myts->addSlashes($submitter);
385			$town = $myts->addSlashes($town);
386			$country = $myts->addSlashes($country);
387			$contactby = $myts->addSlashes($contactby);
388			$premium = $myts->addSlashes($premium);
389
390			$xoopsDB->query('UPDATE '
391			. $xoopsDB->prefix('adslight_listing')
392			. " SET cid='$cat', title='$title', status='$status', expire='$expire', type='$type', desctext='$desctext', tel='$tel', price='$price', typeprice='$typeprice', typeusure='$typeusure', email='$email', submitter='$submitter', town='$town', country='$country', contactby='$contactby', premium='$premium', valid='$valid' WHERE lid=$lid");
393
394			redirect_header('index.php', 1, _ADSLIGHT_ANNMOD2);
395			}
396
397			####################################################
398			foreach ($_POST as $k => $v) {
399			${$k} = $v;
400			}
401			$ok = Request::getString('ok', '', 'GET');
402
403			if (!Request::hasVar('lid', 'POST') && Request::hasVar('lid', 'GET')) {
404			$lid = Request::getInt('lid', 0, 'GET');
405			}
406			if (!Request::hasVar('r_lid', 'POST') && Request::hasVar('r_lid', 'GET')) {
407			$r_lid = Request::getInt('r_lid', '', 'GET');
408			}
409			if (!Request::hasVar('op', 'POST') && Request::hasVar('op', 'GET')) {
410			$op = Request::getString('op', '', 'GET');
411			}
412			switch ($op) {
413			case 'ModAd':
414			require_once XOOPS_ROOT_PATH . '/header.php';
415			modAd($lid);
416			require_once XOOPS_ROOT_PATH . '/footer.php';
417			break;
418			case 'ModAdS':
419			modAdS($lid, $cid, $title, $status, $expire, $type, $desctext, $tel, $price, $typeprice, $typeusure, $date, $email, $submitter, $town, $country, $contactby, $premium, $valid);
420			break;
421			case 'ListingDel':
422			require_once XOOPS_ROOT_PATH . '/header.php';
423			listingDel($lid, $ok);
424			require_once XOOPS_ROOT_PATH . '/footer.php';
425			break;
426			case 'DelReply':
427			require_once XOOPS_ROOT_PATH . '/header.php';
428			delReply($r_lid, $ok);
429			require_once XOOPS_ROOT_PATH . '/footer.php';
430			break;
431			default:
432			redirect_header('index.php', 1, '' . _RETURNANN);
433			break;
434			}
435

mambax7 / adslight

Push — master ( 89b06b...05ee30 )

modify.php (1 issue)

Labels

Severity

Introduced By

Duplication Side-by-Side

Filter issues like