Issues (292)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  Header Injection
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

index.php (7 issues)

1
<?php declare(strict_types=1);
2
3
/*
4
-------------------------------------------------------------------------
5
                     ADSLIGHT 2 : Module for Xoops
6
7
        Redesigned and ameliorate By iluc user at www.frxoops.org
8
        Started with the Classifieds module and made MANY changes
9
        Website : https://www.limonads.com
10
        Contact : [email protected]
11
-------------------------------------------------------------------------
12
             Original credits below Version History
13
##########################################################################
14
#                    Classified Module for Xoops                         #
15
#  By John Mordo user jlm69 at www.xoops.org and www.jlmzone.com         #
16
#      Started with the MyAds module and made MANY changes               #
17
##########################################################################
18
 Original Author: Pascal Le Boustouller
19
 Author Website : [email protected]
20
 Licence Type   : GPL
21
-------------------------------------------------------------------------
22
*/
23
24
use Xmf\Module\Admin;
25
use Xmf\Request;
26
use XoopsModules\Adslight\{
27
    Tree,
28
    Helper,
29
    Utility
30
};
31
32
$GLOBALS['xoopsOption']['template_main'] = 'adslight_category.tpl';
33
34
global $xoopsModule, $xoopsDB;
35
36
require_once __DIR__ . '/header.php';
37
38
$myts     = \MyTextSanitizer::getInstance();
39
$moduleId = $xoopsModule->getVar('mid');
40
$groups   = $GLOBALS['xoopsUser'] instanceof \XoopsUser ? $GLOBALS['xoopsUser']->getGroups() : XOOPS_GROUP_ANONYMOUS;
41
/** @var \XoopsGroupPermHandler $grouppermHandler */
42
$grouppermHandler = xoops_getHandler('groupperm');
43
44
$perm_itemid = Request::getInt('item_id', 0, 'POST');
45
46
if (!$grouppermHandler->checkRight('adslight_view', $perm_itemid, $groups, $moduleId)) {
47
    redirect_header(XOOPS_URL . '/index.php', 3, _NOPERM);
48
}
49
$prem_perm = !$grouppermHandler->checkRight('adslight_premium', $perm_itemid, $groups, $moduleId) ? '0' : '1';
50
$mytree    = new Tree($xoopsDB->prefix('adslight_categories'), 'cid', 'pid');
51
52
#  function index
53
#####################################################
54
55
function index(): void
56
{
57
    global $xoopsDB, $xoopsConfig, $xoopsModule, $myts, $mytree, $meta, $mid, $prem_perm;
58
    $pathIcon16    = Admin::iconUrl('', '16');
59
    $moduleDirName = \basename(__DIR__);
60
61
    $helper = Helper::getInstance();
62
63
    if (!isset($GLOBALS['xoopsTpl']) || !($GLOBALS['xoopsTpl'] instanceof XoopsTpl)) {
64
        require_once $GLOBALS['xoops']->path('class/template.php');
65
        $GLOBALS['xoopsTpl'] = new \XoopsTpl();
66
    }
67
68
    //    $GLOBALS['xoopsOption']['template_main'] = 'adslight_index.tpl';
69
70
    require_once XOOPS_ROOT_PATH . '/header.php';
71
72
    $GLOBALS['xoopsTpl']->assign('xmid', $xoopsModule->getVar('mid'));
73
    $GLOBALS['xoopsTpl']->assign('add_from', _ADSLIGHT_ADDFROM . ' ' . $xoopsConfig['sitename']);
74
    $GLOBALS['xoopsTpl']->assign('add_from_title', _ADSLIGHT_ADDFROM);
75
    $GLOBALS['xoopsTpl']->assign('add_from_sitename', $xoopsConfig['sitename']);
76
    $GLOBALS['xoopsTpl']->assign('only_pix', _ADSLIGHT_ONLYPIX);
77
    $GLOBALS['xoopsTpl']->assign('adslight_logolink', _ADSLIGHT_LOGOLINK);
78
    $GLOBALS['xoopsTpl']->assign('permit', $prem_perm);
79
80
    $GLOBALS['xoopsTpl']->assign('xoops_module_header', '<link rel="stylesheet" href="' . XOOPS_URL . '/modules/adslight/assets/css/adslight.css" type="text/css" media="all" >');
81
82
    $banner = xoops_getbanner();
83
    $GLOBALS['xoopsTpl']->assign('banner', $banner);
84
    $GLOBALS['xoopsTpl']->assign('use_extra_code', $helper->getConfig('adslight_use_index_code'));
85
    $GLOBALS['xoopsTpl']->assign('adslight_use_banner', $helper->getConfig('adslight_use_banner'));
86
    $GLOBALS['xoopsTpl']->assign('index_extra_code', $helper->getConfig('adslight_index_code'));
87
    $GLOBALS['xoopsTpl']->assign('index_code_place', $helper->getConfig('adslight_index_code_place'));
88
    $GLOBALS['xoopsTpl']->assign('category_title2', _ADSLIGHT_ANNONCES);
89
    // adslight 2
90
    $GLOBALS['xoopsTpl']->assign('adslight_active_menu', $helper->getConfig('adslight_active_menu'));
91
    $GLOBALS['xoopsTpl']->assign('adslight_active_rss', $helper->getConfig('adslight_active_rss'));
92
93
    //    ExpireAd();
94
    Utility::expireAd();
95
96
    if ($GLOBALS['xoopsUser']) {
97
        $member_usid = $GLOBALS['xoopsUser']->getVar('uid');
98
        $usid        = $member_usid;
99
        if ($usid) {
100
            $GLOBALS['xoopsTpl']->assign('istheirs', true);
101
102
            $sql = 'SELECT SQL_CACHE COUNT(*) FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE usid=' . $member_usid . ' ';
103
            $result = $xoopsDB->query($sql);
104
            if (!$xoopsDB->isResultSet($result)) {
105
                \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
106
            }
107
            [$show_user] = $xoopsDB->fetchRow($result);
108
109
            $GLOBALS['xoopsTpl']->assign('show_user', $show_user);
110
            $GLOBALS['xoopsTpl']->assign('show_user_link', 'members.php?usid=' . $member_usid);
111
        }
112
    }
113
114
    $sql    = 'SELECT COUNT(*)  FROM ' . $xoopsDB->prefix('adslight_listing') . ' WHERE valid="No"';
115
    $result = $xoopsDB->query($sql);
116
    if (!$xoopsDB->isResultSet($result)) {
117
        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
118
    }
119
    [$propo] = $xoopsDB->fetchRow($result);
120
121
    if ($propo > 0) {
122
        $GLOBALS['xoopsTpl']->assign('moderated', true);
123
    }
124
    if ($GLOBALS['xoopsUser'] instanceof \XoopsUser) {
125
        if ($GLOBALS['xoopsUser']->isAdmin()) {
126
            $GLOBALS['xoopsTpl']->assign('admin_block', _ADSLIGHT_ADMINCADRE);
127
            if (0 === $propo) {
128
                $GLOBALS['xoopsTpl']->assign('confirm_ads', _ADSLIGHT_NO_CLA);
129
            } else {
130
                $GLOBALS['xoopsTpl']->assign('confirm_ads', _ADSLIGHT_THEREIS . ' ' . $propo . '  ' . _ADSLIGHT_WAIT . '<br><a href="' . XOOPS_URL . '/modules/adslight/admin/validate_ads.php">' . _ADSLIGHT_SEEIT . '</a>');
131
            }
132
        }
133
134
        $categories = Utility::getMyItemIds('adslight_submit');
135
        $intro      = is_array($categories)
136
                      && (count($categories) > 0) ? _ADSLIGHT_INTRO : '';
137
        $GLOBALS['xoopsTpl']->assign('intro', $intro);
138
    }
139
140
    $sql = 'SELECT SQL_CACHE cid, title, img FROM ' . $xoopsDB->prefix('adslight_categories') . ' WHERE pid = 0 ';
141
142
    $categories = Utility::getMyItemIds('adslight_view');
143
    if (is_array($categories) && count($categories) > 0) {
144
        $sql .= ' AND cid IN (' . implode(',', $categories) . ') ';
145
    } else {
146
        redirect_header(XOOPS_URL . '/index.php', 3, _NOPERM);
147
    }
148
    $sql    .= 'cat_order' === $helper->getConfig('adslight_csortorder') ? 'ORDER BY cat_order' : 'ORDER BY title';
149
    $result = $xoopsDB->query($sql);
150
    if (!$xoopsDB->isResultSet($result)) {
151
        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
152
    }
153
154
    $count   = 1;
155
    $content = '';
156
    while (false !== ($myrow = $xoopsDB->fetchArray($result))) {
157
        $title = \htmlspecialchars($myrow['title'], ENT_QUOTES | ENT_HTML5);
158
159
        if ($myrow['img'] && 'http://' !== $myrow['img']) {
160
            $cat_img = \htmlspecialchars($myrow['img'], ENT_QUOTES | ENT_HTML5);
161
            $img     = "<a href=\"viewcats.php?cid={$myrow['cid']}\"><img src=\"" . XOOPS_URL . "/modules/adslight/assets/images/img_cat/{$cat_img}\" align=\"middle\" alt=\"{$title}\"></a>";
162
        } else {
163
            $img = '';
164
        }
165
166
        $totallisting = Utility::getTotalItems((int)$myrow['cid'], 1);
167
        $content      .= $title . ' ';
168
169
        $arr = [];
170
        if (\in_array((int)$myrow['cid'], $categories, true)) {
171
            $arr           = $mytree->getFirstChild($myrow['cid'], 'title');
172
            $space         = 0;
173
            $chcount       = 1;
174
            $subcategories = '';
175
            if (1 === $helper->getConfig('adslight_souscat')) {
176
                foreach ($arr as $ele) {
177
                    if (\in_array((int)$ele['cid'], $categories, true)) {
178
                        $chtitle = \htmlspecialchars($ele['title'], ENT_QUOTES | ENT_HTML5);
179
                        if ($chcount > $helper->getConfig('adslight_nbsouscat')) {
180
                            $subcategories .= "<a href=\"viewcats.php?cid={$myrow['cid']}\">" . _ADSLIGHT_CATPLUS . '</a>';
181
                            break;
182
                        }
183
                        if ($space > 0) {
184
                            $subcategories .= '<br>';
185
                        }
186
                        $subcategories .= '-&nbsp;<a href="' . XOOPS_URL . "/modules/adslight/viewcats.php?cid={$ele['cid']}\">{$chtitle}</a>";
187
                        ++$space;
188
                        ++$chcount;
189
                        $content .= $ele['title'] . ' ';
190
                    }
191
                }
192
            }
193
            $GLOBALS['xoopsTpl']->append('categories', [
194
                'image'         => $img,
195
                'id'            => $myrow['cid'],
196
                'title'         => htmlspecialchars($myrow['title'], ENT_QUOTES | ENT_HTML5),
197
                'new'           => categorynewgraphic($myrow['cid']),
0 ignored issues
show
Are you sure the usage of categorynewgraphic($myrow['cid']) is correct as it seems to always return null.

This check looks for function or method calls that always return null and whose return value is used.

class A
{
    function getObject()
    {
        return null;
    }

}

$a = new A();
if ($a->getObject()) {

The method getObject() can return nothing but null, so it makes no sense to use the return value.

The reason is most likely that a function or method is imcomplete or has been reduced for debug purposes.

Loading history...
198
                'subcategories' => $subcategories,
199
                'totallisting'  => $totallisting,
200
                'count'         => $count,
201
            ]);
202
            ++$count;
203
        }
204
    }
205
    $cat_perms = '';
206
    if (is_array($categories) && count($categories) > 0) {
207
        $cat_perms .= ' AND cid IN (' . implode(',', $categories) . ') ';
208
    }
209
210
    $sql = 'SELECT SQL_CACHE COUNT(*)  FROM ' . $xoopsDB->prefix('adslight_listing') . " WHERE valid='Yes' AND status!='1' {$cat_perms}";
211
    $result = $xoopsDB->query($sql);
212
    if (!$xoopsDB->isResultSet($result)) {
213
        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
214
    }
215
    if (!$xoopsDB->isResultSet($result)) {
216
        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
217
    }
218
    [$ads] = $xoopsDB->fetchRow($result);
219
220
    $sql = 'SELECT COUNT(*)  FROM ' . $xoopsDB->prefix("{$moduleDirName}_categories");
221
    [$catt] = $xoopsDB->fetchRow($xoopsDB->query($sql));
0 ignored issues
show
Comprehensibility Best Practice introduced by
This list assign is not used and could be removed.
Loading history...
222
223
    $submit_perms = Utility::getMyItemIds('adslight_submit');
0 ignored issues
show
The assignment to $submit_perms is dead and can be removed.
Loading history...
224
225
    if ($GLOBALS['xoopsUser'] instanceof \XoopsUser) {
226
        //        $add_listing = '' . _ADSLIGHT_ADD_LISTING_BULLOK . '<a href="add.php">' . _ADSLIGHT_ADD_LISTING_SUBOK . '</a>';
227
        $add_listing = _ADSLIGHT_ADD_LISTING_BULLOK . '<a rel="nofollow" class="btn btn-success text-right"  title="submit your ad" href="add.php">' . _ADSLIGHT_ADD_LISTING_SUBOK . '</a>';
228
    } else {
229
        $add_listing = _ADSLIGHT_ADD_LISTING_BULL . '<a href="' . XOOPS_URL . '/register.php">' . _ADSLIGHT_ADD_LISTING_SUB . '</a>.';
230
    }
231
232
    $GLOBALS['xoopsTpl']->assign('bullinfotext', _ADSLIGHT_ACTUALY . ' ' . $ads . ' ' . _ADSLIGHT_ADVERTISEMENTS . '<br>' . $add_listing);
233
    $GLOBALS['xoopsTpl']->assign('total_confirm', _ADSLIGHT_AND . " {$propo} " . _ADSLIGHT_WAIT3);
234
235
    if (1 === $helper->getConfig('adslight_newad')) {
236
        $cat_perms = '';
237
        if (is_array($categories) && count($categories) > 0) {
238
            $cat_perms .= ' AND cid IN (' . implode(',', $categories) . ') ';
239
        }
240
241
        $sql    = 'SELECT  SQL_CACHE  lid, title, status, type, price, typeprice, date_created, town, country, usid, premium, valid, photo, hits FROM '
242
                  . $xoopsDB->prefix('adslight_listing')
243
                  . " WHERE valid='Yes' and status!='1' {$cat_perms} ORDER BY date_created DESC LIMIT {$helper->getConfig('adslight_newcount')}";
244
        $result = $xoopsDB->query($sql);
245
        if (!$xoopsDB->isResultSet($result)) {
246
            \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
247
        }
248
        if ($result) {
249
            $GLOBALS['xoopsTpl']->assign('last_head', _ADSLIGHT_THE . ' ' . $helper->getConfig('adslight_newcount') . ' ' . _ADSLIGHT_LASTADD);
250
            $GLOBALS['xoopsTpl']->assign('last_head_title', _ADSLIGHT_TITLE);
251
            $GLOBALS['xoopsTpl']->assign('last_head_price', _ADSLIGHT_PRICE);
252
            $GLOBALS['xoopsTpl']->assign('last_head_date', _ADSLIGHT_DATE);
253
            $GLOBALS['xoopsTpl']->assign('last_head_local', _ADSLIGHT_LOCAL2);
254
            $GLOBALS['xoopsTpl']->assign('last_head_hits', _ADSLIGHT_VIEW);
255
            $GLOBALS['xoopsTpl']->assign('last_head_photo', _ADSLIGHT_PHOTO);
256
            $rank = 1;
257
            while ([$lid, $title, $status, $type, $price, $typeprice, $date_created, $town, $country, $usid, $premium, $valid, $photo, $hits] = $xoopsDB->fetchRow(
258
                $result
259
            )) {
260
                $title = \htmlspecialchars($title, ENT_QUOTES | ENT_HTML5);
261
                $type  = \htmlspecialchars($type, ENT_QUOTES | ENT_HTML5);
262
                //                $price     = number_format($price, 2, ',', ' ');
263
                $town      = \htmlspecialchars($town, ENT_QUOTES | ENT_HTML5);
264
                $country   = \htmlspecialchars($country, ENT_QUOTES | ENT_HTML5);
265
                $premium   = \htmlspecialchars($premium, ENT_QUOTES | ENT_HTML5);
266
                $a_item    = [];
267
                $newcount  = $helper->getConfig('adslight_countday');
268
                $startdate = time() - (86400 * $newcount);
269
270
                if ($startdate < $date_created) {
271
                    $newitem       = '<img src="' . XOOPS_URL . '/modules/adslight/assets/images/newred.gif" alt="new" >';
272
                    $a_item['new'] = $newitem;
273
                }
274
275
                $useroffset = 0;
276
                if ($GLOBALS['xoopsUser'] instanceof \XoopsUser) {
277
                    $timezone   = $GLOBALS['xoopsUser']->timezone();
278
                    $useroffset = !empty($timezone) ? $GLOBALS['xoopsUser']->timezone() : $xoopsConfig['default_TZ'];
279
                    if ($GLOBALS['xoopsUser']->isAdmin()) {
280
                        $a_item['admin'] = '<a href="' . XOOPS_URL . "/modules/adslight/admin/validate_ads.php?op=modifyAds&amp;lid={$lid}\"><img src=\"{$pathIcon16}/edit.png\" border=\"0\" alt=\"" . _ADSLIGHT_MODADMIN . '"></a>';
281
                    }
282
                }
283
284
                $date_created = ($useroffset * 3600) + $date_created;
285
                $date_created = formatTimestamp($date_created, 's');
286
287
                $sql     = 'SELECT nom_type FROM ' . $xoopsDB->prefix('adslight_type') . ' WHERE id_type=' . (int)$type;
288
                $result7 = $xoopsDB->query($sql);
289
                if (!$xoopsDB->isResultSet($result7)) {
290
                    \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
291
                }
292
                [$nom_type] = $xoopsDB->fetchRow($result7);
293
294
                $a_item['type']  = \htmlspecialchars($nom_type, ENT_QUOTES | ENT_HTML5);
295
                $a_item['title'] = '<a href="' . XOOPS_URL . "/modules/adslight/viewads.php?lid={$lid}\"><strong>{$title}</strong></a>";
296
297
                $sql     = 'SELECT nom_price FROM ' . $xoopsDB->prefix('adslight_price') . ' WHERE id_price=' . (int)$typeprice;
298
                $result8 = $xoopsDB->query($sql);
299
                if (!$xoopsDB->isResultSet($result8)) {
300
                    \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
301
                }
302
                [$nom_price] = $xoopsDB->fetchRow($result8);
303
304
                if ($price > 0) {
305
                    //                    $a_item['price']           = $price . ' ' . $helper->getConfig('adslight_currency_symbol') . '';
306
                    $currencyCode                 = $helper->getConfig('adslight_currency_code');
307
                    $currencySymbol               = $helper->getConfig('adslight_currency_symbol');
308
                    $currencyPosition             = $helper->getConfig('currency_position');
309
                    $formattedCurrencyUtilityTemp = Utility::formatCurrencyTemp($price, $currencyCode, $currencySymbol, $currencyPosition);
310
311
                    $priceHtml       = '<strong>' . _ADSLIGHT_PRICE2 . '</strong>' . $formattedCurrencyUtilityTemp . ' - ' . $nom_price;
312
                    $a_item['price'] = $priceHtml;
313
314
                    $a_item['price_typeprice'] = \htmlspecialchars($nom_price, ENT_QUOTES | ENT_HTML5);
315
                } else {
316
                    $a_item['price']           = '';
317
                    $a_item['price_typeprice'] = \htmlspecialchars($nom_price, ENT_QUOTES | ENT_HTML5);
318
                }
319
320
                $a_item['premium']      = $premium;
321
                $a_item['date_created'] = $date_created;
322
                $a_item['local']        = $town ?: '';
323
                $a_item['country']      = $country ?: '';
324
325
                if (2 === (int)$status) {
326
                    $a_item['sold'] = _ADSLIGHT_RESERVEDMEMBER;
327
                }
328
329
                if ($helper->getConfig('active_thumbsindex') > 0) {
330
                    $a_item['no_photo'] = '<a href="' . XOOPS_URL . "/modules/adslight/viewads.php?lid={$lid}\"><img class=\"thumb\" src=\"" . XOOPS_URL . "/modules/adslight/assets/images/nophoto.jpg\" align=\"left\" width=\"100px\" alt=\"{$title}\"></a>";
331
332
                    $updir = $helper->getConfig('adslight_link_upload');
333
                    $sql   = 'SELECT cod_img, lid, uid_owner, url FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE  uid_owner=' . (int)$usid . " AND lid={$lid} ORDER BY date_created ASC LIMIT 1";
334
335
                    $result = $xoopsDB->query($sql);
336
                    if (!$xoopsDB->isResultSet($result)) {
337
                        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
338
                    }
339
340
                    while ([$cod_img, $pic_lid, $uid_owner, $url] = $xoopsDB->fetchRow($resultp)) {
0 ignored issues
show
Comprehensibility Best Practice introduced by
The variable $resultp does not seem to be defined for all execution paths leading up to this point.
Loading history...
341
                        if ($photo) {
342
                            $a_item['photo'] = '<a href="' . XOOPS_URL . "/modules/adslight/viewads.php?lid={$lid}\"><img class=\"thumb\" src=\"{$updir}/thumbs/thumb_{$url}\" align=\"left\" width=\"100px\" alt=\"{$title}\"></a>";
343
                        }
344
                    }
345
                } else {
346
                    $a_item['no_photo'] = '<img src="' . XOOPS_URL . "/modules/adslight/assets/images/camera_nophoto.png\" align=\"left\" width=\"24px\" alt=\"{$title}\">";
347
                    $updir              = $helper->getConfig('adslight_link_upload');
0 ignored issues
show
The assignment to $updir is dead and can be removed.
Loading history...
348
                    $sql                = 'SELECT cod_img, lid, uid_owner, url FROM ' . $xoopsDB->prefix('adslight_pictures') . ' WHERE uid_owner=' . (int)$usid . " AND lid={$lid} ORDER BY date_created ASC LIMIT 1";
349
                    $resultp            = $xoopsDB->query($sql);
350
                            if (!$xoopsDB->isResultSet($resultp)) {
351
                        \trigger_error("Query Failed! SQL: $sql- Error: " . $xoopsDB->error(), E_USER_ERROR);
352
                    }
353
                    while ([$cod_img, $pic_lid, $uid_owner, $url] = $xoopsDB->fetchRow($resultp)) {
0 ignored issues
show
Comprehensibility Best Practice introduced by
This list assign is not used and could be removed.
Loading history...
354
                        if ($photo) {
355
                            $a_item['photo'] = '<img src="' . XOOPS_URL . "/modules/adslight/assets/images/camera_photo.png\" align=\"left\" width=\"24\" alt=\"{$title}\">";
356
                        }
357
                    }
358
                }
359
                $a_item['hits'] = $hits;
360
                ++$rank;
361
                $GLOBALS['xoopsTpl']->append('items', $a_item);
362
            }
363
        }
364
    }
365
}
366
367
#  function categorynewgraphic
368
#####################################################
369
/**
370
 * @param $cid
371
 */
372
function categorynewgraphic($cid): void
0 ignored issues
show
The parameter $cid is not used and could be removed. ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-unused  annotation

372
function categorynewgraphic(/** @scrutinizer ignore-unused */ $cid): void

This check looks for parameters that have been defined for a function or method, but which are not used in the method body.

Loading history...
373
{
374
    global $xoopsDB;
375
}
376
377
######################################################
378
379
$pa      = Request::getInt('pa', null, 'GET');
380
$lid     = Request::getInt('lid', null, 'GET');
381
$cid     = Request::getInt('cid', null, 'GET');
382
$usid    = Request::getString('usid', '', 'GET');
383
$min     = Request::getInt('min', null, 'GET');
384
$show    = Request::getInt('show', null, 'GET');
385
$orderby = Request::getInt('orderby', null, 'GET');
386
387
switch ($pa) {
388
    case 'adsview':
389
        $GLOBALS['xoopsOption']['template_main'] = 'adslight_category.tpl';
390
        adsView($cid, $min, $orderby, $show);
391
        break;
392
    case 'viewads':
393
        $GLOBALS['xoopsOption']['template_main'] = 'adslight_item.tpl';
394
        viewAds($lid);
395
        break;
396
    default:
397
        $GLOBALS['xoopsOption']['template_main'] = 'adslight_index.tpl';
398
        //        $GLOBALS['xoopsOption']['template_main'] = 'adslight_category.tpl';
399
        index();
400
        break;
401
}
402
403
require_once XOOPS_ROOT_PATH . '/footer.php';
404