Issues in blocks.php (master) - Issues in master - mambax7/gwiki - Measure and Improve Code Quality continuously with Scrutinizer

Issues (207)

Security Analysis not enabled

Cross-Site Scripting

Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.

File Exposure

File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.

File Manipulation

File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.

Object Injection

Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.

Code Injection

Code Injection enables an attacker to execute arbitrary code on the server.

Response Splitting

Response Splitting can be used to send arbitrary responses.

File Inclusion

File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.

Command Injection

Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.

SQL Injection

SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.

XPath Injection

XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.

LDAP Injection

LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.

Header Injection

Other Vulnerability

This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.

Regex Injection

Regex Injection enables an attacker to execute arbitrary code in your PHP process.

XML Injection

XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.

Variable Injection

Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.

Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

blocks/blocks.php (2 issues)

Labels

Severity

Major 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/**
 * blocks/blocks.php
 *
 * @copyright  Copyright © 2013 geekwright, LLC. All rights reserved.
 * @license    gwiki/docs/license.txt  GNU General Public License (GPL)
 * @since      1.0
 * @author     Richard Griffith <[email protected]>
 * @package    gwiki
 */

// defined('XOOPS_ROOT_PATH') || exit('XOOPS root path not defined');

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_wikiblock_show($options)
{
    global $xoopsConfig, $xoTheme;

    $block = false;

    $dir = basename(dirname(__DIR__));
    $moduleHelper = Xmf\Module\Helper::getHelper($dir);

    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';

    $wikiPage = new GwikiPage;
    $wikiPage->setRecentCount($moduleHelper->getConfig('number_recent', 10));

    $remotegwiki = !empty($options[2]);
    if (!$remotegwiki) {
        $block = $wikiPage->getPage($options[0]);
    }
    if (!$block) {
        $block['keyword']         = $options[0];
        $block['display_keyword'] = $options[0];
    }

    $xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');

    $block['bid'] = $options[1]; // we use our block id to make a (quasi) unique div id

    $block['moddir']  = $dir;
    $block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
    $block['modurl']  = XOOPS_URL . '/modules/' . $dir;
    if ($remotegwiki) {
        $block['ajaxurl']    = $options[2];
        $block['mayEdit']    = false;
        $block['remotewiki'] = true;
    } else {
        $block['ajaxurl']    = $block['modurl'];
        $block['mayEdit']    = $wikiPage->checkEdit();
        $block['remotewiki'] = false;
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_wikiblock_edit($options)
{
    $form = _MB_GWIKI_WIKIPAGE . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
    // capture the block id from the url and save through a hidden option.
    if ($_GET['op'] === 'clone') {
        $form .= _MI_GWIKI_BL_CLONE_WARN . '<br>';
    }
    $form .= '<input type="hidden" value="' . (int)$_GET['bid'] . '"id="options[1]" name="options[1]" />';
    $form .= _MB_GWIKI_REMOTE_AJAX_URL . ' <input type="text" size="35" value="' . $options[2] . '"id="options[2]" name="options[2]" />  <i>' . _MB_GWIKI_REMOTE_AJAX_URL_DESC . '</i><br>';

    return $form;
}

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_newpage_show($options)
{
    global $xoopsUser, $xoopsDB;

    if (!isset($options[0])) {
        $options[0] = 0;
    }
    $block = false;

    $dir = basename(dirname(__DIR__));
    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';

    $wikiPage = new GwikiPage;
    $prefixes = $wikiPage->getUserNamespaces();
    if ($prefixes) {
        $block['moddir']   = $dir;
        $block['modpath']  = XOOPS_ROOT_PATH . '/modules/' . $dir;
        $block['modurl']   = XOOPS_URL . '/modules/' . $dir;
        $block['prefixes'] = $prefixes;
        if ($options[0]) {
            $block['action'] = 'wizard.php';
        } else {
            $block['action'] = 'edit.php';
        }
    } else {
        $block = false;
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_newpage_edit($options)
{
    if (!isset($options[0])) {
        $options[0] = 0;
    }
    $form = '';
    $form .= _MB_GWIKI_NEWPAGE_USE_WIZARD . ' <input type="radio" name="options[0]" value="1" ';
    if ($options[0]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _YES . '&nbsp;<input type="radio" name="options[0]" value="0" ';
    if (!$options[0]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _NO . '<br><br>';

    return $form;
}

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_teaserblock_show($options)
{
    global $xoopsDB, $xoopsConfig, $xoTheme;

    $block = false;

    $dir = basename(dirname(__DIR__));
    $moduleHelper = Xmf\Module\Helper::getHelper($dir);

    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';

    $wikiPage = new GwikiPage;
    $wikiPage->setRecentCount($moduleHelper->getConfig('number_recent', 10));

    $page = $options[1];
    if ($options[2]) {
        $pagelike = $page . '%';
        $sql  = 'SELECT keyword FROM ' . $xoopsDB->prefix('gwiki_pageids');
        $sql .= " WHERE keyword like '{$pagelike}' ORDER BY RAND() LIMIT 1 ";
        $result = $xoopsDB->query($sql);
        if ($result) {
            $myrow = $xoopsDB->fetchRow($result);
            $page  = $myrow[0];
        }
    }

    $block = $wikiPage->getPage($page);
    if ($block) {
        $block['title'] = htmlspecialchars($block['title']);
        if (!defined('_MI_GWIKI_NAME')) {
            $langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/' . $xoopsConfig['language'] . '/modinfo.php';
            if (!file_exists($langfile)) {
                $langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/english/modinfo.php';
            }
            include_once $langfile;
        }
        $xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');

        if ($options[0]) {
            $block['body'] = $wikiPage->renderPage();
        } else {
            $block['body'] = $wikiPage->renderTeaser();
        }

        $block['moddir']   = $dir;
        $block['modpath']  = XOOPS_ROOT_PATH . '/modules/' . $dir;
        $block['modurl']   = XOOPS_URL . '/modules/' . $dir;
        $block['mayEdit']  = $wikiPage->checkEdit();
        $block['template'] = 'db:' . $wikiPage->getTemplateName();

        if ($options[3]) {
            $sql = 'SELECT * FROM ' . $xoopsDB->prefix('gwiki_page_images');
            //            $sql .= ' WHERE keyword = "'.$page.'" AND use_to_represent = 1 ';
            $sql .= " WHERE keyword = '{$page}' AND use_to_represent = 1 ";
            $result = $xoopsDB->query($sql);
            if ($myrow = $xoopsDB->fetchArray($result)) {
                // $block['image_file'] = XOOPS_URL .'/uploads/' . $dir . '/' . $myrow['image_file'];
                $block['image_file']     = XOOPS_URL . '/modules/' . $dir . '/getthumb.php?page=' . $page . '&name=' . $myrow['image_name'];
                $block['image_alt_text'] = $myrow['image_alt_text'];
            }
        }
        $block['pageurl'] = sprintf($wikiPage->getWikiLinkURL(), $block['keyword']);
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_teaserblock_edit($options)
{
    $form = '';
    $form .= _MB_GWIKI_SHOW_FULL_PAGE . ' <input type="radio" name="options[0]" value="1" ';
    if ($options[0]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _YES . '&nbsp;<input type="radio" name="options[0]" value="0" ';
    if (!$options[0]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _NO . '<br><br>';
    $form .= _MB_GWIKI_WIKIPAGE . ' <input type="text" value="' . $options[1] . '"id="options[1]" name="options[1]" /><br><br>';
    $form .= _MB_GWIKI_RANDOM_PAGE . ' <input type="radio" name="options[2]" value="1" ';
    if ($options[2]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _YES . '&nbsp;<input type="radio" name="options[2]" value="0" ';
    if (!$options[2]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _NO . '<br>' . _MB_GWIKI_RANDOM_PAGE_DESC . '<br><br>';
    $form .= _MB_GWIKI_SHOW_DEFAULT_IMAGE . ' <input type="radio" name="options[3]" value="1" ';
    if ($options[3]) {
        $form .= 'checked ';
    }
    $form .= ' />&nbsp;' . _YES . '&nbsp;<input type="radio" name="options[3]" value="0" ';
    if (!$options[3]) {
        $form .= 'checked';
    }
    $form .= ' />&nbsp;' . _NO . '<br><br>';

    return $form;
}

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_recentblock_show($options)
{
    global $xoopsDB, $xoTheme;

    $block = false;

    $dir = basename(dirname(__DIR__));
    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';

    $wikiPage = new GwikiPage;

    $prefix = '';
    $sql    = 'SELECT prefix FROM ' . $xoopsDB->prefix('gwiki_prefix') . ' WHERE prefix_id = "' . $options[1] . '"';
    $result = $xoopsDB->query($sql);
    $myrow  = $xoopsDB->fetchArray($result);
    if ($myrow) {
        $prefix = $myrow['prefix'];
    }
    $prefix .= '%';

    $maxage = 0;
    if (!empty($options[2])) {
        $maxage = strtotime($options[2]);
    }

    $keywords = array();

    $sql = 'SELECT p.keyword, image_file, image_alt_text, image_name FROM ' . $xoopsDB->prefix('gwiki_pages') . ' p ';
    $sql .= ' left join ' . $xoopsDB->prefix('gwiki_page_images') . ' i on p.keyword=i.keyword and use_to_represent = 1 ';
    //    $sql .= ' WHERE active=1 AND show_in_index=1 AND p.keyword like "'.$prefix.'" ';
    $sql .= " WHERE active=1 AND show_in_index=1 AND p.keyword like '{$prefix}'";
    $sql .= ' AND lastmodified > "' . $maxage . '" ORDER BY lastmodified desc';
    $result = $xoopsDB->query($sql, $options[0], 0);
    while ($myrow = $xoopsDB->fetchArray($result)) {
        $keywords[] = $myrow;
    }

    if (empty($keywords)) {
        return false;
    } // nothing to show

    if (!defined('_MI_GWIKI_NAME')) {
        $langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/' . $xoopsConfig['language'] . '/modinfo.php';

        if (!file_exists($langfile)) {
            $langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/english/modinfo.php';
        }
        include_once $langfile;
    }
    $xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');

    foreach ($keywords as $keyimg) {
        $gwiki = $wikiPage->getPage($keyimg['keyword']);
        if ($gwiki) {
            $gwiki['title']    = htmlspecialchars($gwiki['title']);
            $gwiki['body']     = $wikiPage->renderTeaser();
            $gwiki['moddir']   = $dir;
            $gwiki['modpath']  = XOOPS_ROOT_PATH . '/modules/' . $dir;
            $gwiki['modurl']   = XOOPS_URL . '/modules/' . $dir;
            $gwiki['mayEdit']  = $wikiPage->checkEdit();
            $gwiki['template'] = 'db:' . $wikiPage->getTemplateName();
            if (!empty($keyimg['image_file'])) {
                // $gwiki['image_file'] = XOOPS_URL .'/uploads/' . $dir . '/' . $keyimg['image_file'];
                $gwiki['image_file']     = XOOPS_URL . '/modules/' . $dir . '/getthumb.php?page=' . $keyimg['keyword'] . '&name=' . $keyimg['image_name'];
                $gwiki['image_alt_text'] = $keyimg['image_alt_text'];
            }
            $gwiki['pageurl'] = sprintf($wikiPage->getWikiLinkURL(), $gwiki['keyword']);
            $gwiki['title']   = sprintf('<a href="%s" title="%s">%s</a>', $gwiki['pageurl'], htmlspecialchars($gwiki['title'], ENT_COMPAT), $gwiki['title']);

            $block['pages'][] = $gwiki;
        }
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_recentblock_edit($options)
{
    global $xoopsDB;

    $form = '';
    $form .= _MB_GWIKI_RECENT_COUNT . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
    $form .= _MB_GWIKI_PICK_NAMESPACE . ' <select id="options[1]" name="options[1]">';
    $form .= '<option value="0"' . ((int)$options[1] === 0 ? ' selected' : '') . '></option>';
    $sql    = 'SELECT prefix_id, prefix FROM ' . $xoopsDB->prefix('gwiki_prefix') . ' ORDER BY prefix';
    $result = $xoopsDB->query($sql);
    while ($myrow = $xoopsDB->fetchArray($result)) {
        $pid = (int)$myrow['prefix_id'];
        $form .= '<option value="' . $pid . '"' . ((int)$options[1] === $pid ? ' selected' : '') . '>' . $myrow['prefix'] . '</option>';
    }
    $form .= '</select><br>';
    $form .= _MB_GWIKI_MAX_AGE . ' <input type="text" value="' . $options[2] . '"id="options[2]" name="options[2]" /><br>';

    return $form;
}

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_pagesettoc_show($options)
{
    global $xoTheme;

    $block = false;

    $dir = basename(dirname(__DIR__));
    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
    $wikiPage = new GwikiPage;

    if (empty($options[1])) {
        if (isset($_GET['page'])) {
            $page = $_GET['page'];
            $page = html_entity_decode($page);
            $page = trim($page);
        }
    } else {
        $page = $options[1];
    }

    if (empty($page)) {
        return false;
    }
    $page = $wikiPage->getOOBFromKeyword($page);

    $level = (int)$options[0];
    if ($level < 1) {
        $level = 1;
    }

    $toc = $wikiPage->renderPageSetToc($page, $level, 'wikitocblock');
    if ($toc) {
''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
        $block['toc'] = $toc;

        $xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');

        $block['keyword'] = $page;
        $block['moddir']  = $dir;
        $block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
        $block['modurl']  = XOOPS_URL . '/modules/' . $dir;
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_pagesettoc_edit($options)
{
    $form = _MB_GWIKI_WIKIPAGESET_LEVELS . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
    $form .= _MB_GWIKI_WIKIPAGESET . ' <input type="text" value="' . $options[1] . '"id="options[1]" name="options[1]" /> ' . _MB_GWIKI_WIKIPAGESET_DESC . '<br>';

    return $form;
}

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_related_show($options)
{
    global $xoTheme, $xoopsDB;

    $block = false;

    $dir = basename(dirname(__DIR__));
    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
    $wikiPage = new GwikiPage;

    $q_exclude_page = '';

    if (empty($options[1])) {
        if (isset($_GET['page'])) {
            $page = $_GET['page'];
            $page = html_entity_decode($page);
            $page = trim($page);
            $page = $wikiPage->getOOBFromKeyword($page);

            $q_page         = $wikiPage->escapeForDB($page);
            $q_exclude_page = $wikiPage->escapeForDB($page);

            $sql = 'SELECT parent_page ';
            $sql .= ' FROM ' . $xoopsDB->prefix('gwiki_pages');
            $sql .= " WHERE active=1 and keyword='{$q_page}' ";

            $result = $xoopsDB->query($sql);

            $rows = $xoopsDB->getRowsNum($result);
            if ($rows) {
                $row = $xoopsDB->fetchArray($result);
                if (!empty($row['parent_page'])) {
                    $page = $row['parent_page'];
                }
            }
            $xoopsDB->freeRecordSet($result);
        }
    } else {
        $page = $options[1];
    }

    if (empty($page)) {
        return false;
    }

    $limit = (int)$options[0];
    if ($limit < 1) {
        $limit = 1;
    }

    $sort = (int)$options[2];
    if ($sort < 0) {
        $sort = 0;
    }
    if ($sort > 1) {
        $sort = 1;
    }

    $relatedsort = ' lastmodified DESC, hit_count DESC, ';
    if ($sort === 1) {
        $relatedsort = ' hit_count DESC, lastmodified DESC, ';
    }

    $q_page = $wikiPage->escapeForDB($page);

    $sql = 'SELECT keyword, display_keyword, title, lastmodified, uid, page_id, created, hit_count ';
    $sql .= ' FROM ' . $xoopsDB->prefix('gwiki_pages');
    $sql .= ' natural left join ' . $xoopsDB->prefix('gwiki_pageids');
    $sql .= " WHERE active=1 and parent_page = '{$q_page}' and keyword!='{$q_exclude_page}' ";
    $sql .= " ORDER BY {$relatedsort} keyword ";

    $related = false;
    $result  = $xoopsDB->query($sql, $limit, 0);
    while ($row = $xoopsDB->fetchArray($result)) {
        $row['pageurl']  = sprintf($wikiPage->getWikiLinkURL(), $row['keyword']);
        $row['pagelink'] = sprintf('<a href="%s" title="%s">%s</a>', $row['pageurl'], htmlspecialchars($row['title'], ENT_COMPAT), $row['title']);
        $related[]       = $row;
    }
    $xoopsDB->freeRecordSet($result);

    if ($related) {
        $block['related'] = $related;

        $xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');

        $block['keyword'] = $page;
        $block['moddir']  = $dir;
        $block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
        $block['modurl']  = XOOPS_URL . '/modules/' . $dir;
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_related_edit($options)
{
    $form = _MB_GWIKI_RELATED_COUNT . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
    $form .= _MB_GWIKI_RELATED . ' <input type="text" value="' . $options[1] . '"id="options[1]" name="options[1]" /> ' . _MB_GWIKI_RELATED_DESC . '<br>';
    $form .= _MB_GWIKI_RELATED_SORT . ' <select id="options[2]" name="options[2]">';
    $form .= '<option value="0"' . ((int)$options[2] === 0 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_DATE . '</option>';
    $form .= '<option value="1"' . ((int)$options[2] === 1 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_HITS . '</option>';
    $form .= '</select><br>';

    return $form;
}

/**
 * @param $options
 *
 * @return bool
 */
function b_gwiki_linkshere_show($options)
{
    global $xoTheme, $xoopsDB;

    $block = false;

    $dir = basename(dirname(__DIR__));
    include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
    $wikiPage = new GwikiPage;

    if (isset($_GET['page'])) {
        $page = $_GET['page'];
        $page   = html_entity_decode($page);
        $page   = trim($page);
        $page   = $wikiPage->getOOBFromKeyword($page);
        $q_page = $wikiPage->escapeForDB($page);
    }

    if (empty($page)) {
        return false;
    }

    $limit = (int)$options[0];
    if ($limit < 0) {
        $limit = 0;
    }

    $sort = (int)$options[1];
    if ($sort < 0) {
        $sort = 0;
    }
    if ($sort > 2) {
        $sort = 2;
    }

    $relatedsort = ' display_keyword, ';
    if ($sort === 1) {
        $relatedsort = ' lastmodified DESC, hit_count DESC, ';
    }
    if ($sort === 2) {
        $relatedsort = ' hit_count DESC, lastmodified DESC, ';
    }

    $q_page = $wikiPage->escapeForDB($page);

    $sql = 'SELECT keyword, display_keyword, title, lastmodified, uid, page_id, created, hit_count ';
    $sql .= ' FROM ' . $xoopsDB->prefix('gwiki_pages');
    $sql .= ' natural left join ' . $xoopsDB->prefix('gwiki_pageids');
    $sql .= ' left join ' . $xoopsDB->prefix('gwiki_pagelinks') . ' on from_keyword = keyword ';
    $sql .= " WHERE active=1 and to_keyword = '{$q_page}' ";
    $sql .= " ORDER BY {$relatedsort} keyword ";

    $linkshere = false;
    if ($limit) {
        $result = $xoopsDB->query($sql, $limit, 0);
    } else {
        $result = $xoopsDB->query($sql);
    }
    while ($row = $xoopsDB->fetchArray($result)) {
        $row['pageurl']  = sprintf($wikiPage->getWikiLinkURL(), $row['keyword']);
        $row['pagelink'] = sprintf('<a href="%s" title="%s">%s</a>', $row['pageurl'], htmlspecialchars($row['title'], ENT_COMPAT), $row['title']);
        $linkshere[]     = $row;
    }
    $xoopsDB->freeRecordSet($result);

    if ($linkshere) {
        $block['linkshere'] = $linkshere;

        $xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');

        $block['keyword'] = $page;
        $block['moddir']  = $dir;
        $block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
        $block['modurl']  = XOOPS_URL . '/modules/' . $dir;
    }

    return $block;
}

/**
 * @param $options
 *
 * @return string
 */
function b_gwiki_linkshere_edit($options)
{
    $form = _MB_GWIKI_RELATED_COUNT . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
    $form .= _MB_GWIKI_RELATED_SORT . ' <select id="options[1]" name="options[1]">';
    $form .= '<option value="0"' . ((int)$options[1] === 0 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_ALPHA . '</option>';
    $form .= '<option value="1"' . ((int)$options[1] === 1 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_DATE . '</option>';
    $form .= '<option value="2"' . ((int)$options[1] === 2 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_HITS . '</option>';
    $form .= '</select><br>';

    return $form;
}


1		<?php
2		/**
3		* blocks/blocks.php
4		*
5		* @copyright Copyright © 2013 geekwright, LLC. All rights reserved.
6		* @license gwiki/docs/license.txt GNU General Public License (GPL)
7		* @since 1.0
8		* @author Richard Griffith <[email protected]>
9		* @package gwiki
10		*/
11
12		// defined('XOOPS_ROOT_PATH') \|\| exit('XOOPS root path not defined');
13
14		/**
15		* @param $options
16		*
17		* @return bool
18		*/
19		function b_gwiki_wikiblock_show($options)
20		{
21		global $xoopsConfig, $xoTheme;
22
23		$block = false;
24
25		$dir = basename(dirname(__DIR__));
26		$moduleHelper = Xmf\Module\Helper::getHelper($dir);
27
28		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
29
30		$wikiPage = new GwikiPage;
31		$wikiPage->setRecentCount($moduleHelper->getConfig('number_recent', 10));
32
33		$remotegwiki = !empty($options[2]);
34		if (!$remotegwiki) {
35		$block = $wikiPage->getPage($options[0]);
36		}
37		if (!$block) {
38		$block['keyword'] = $options[0];
39		$block['display_keyword'] = $options[0];
40		}
41
42		$xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');
43
44		$block['bid'] = $options[1]; // we use our block id to make a (quasi) unique div id
45
46		$block['moddir'] = $dir;
47		$block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
48		$block['modurl'] = XOOPS_URL . '/modules/' . $dir;
49		if ($remotegwiki) {
50		$block['ajaxurl'] = $options[2];
51		$block['mayEdit'] = false;
52		$block['remotewiki'] = true;
53		} else {
54		$block['ajaxurl'] = $block['modurl'];
55		$block['mayEdit'] = $wikiPage->checkEdit();
56		$block['remotewiki'] = false;
57		}
58
59		return $block;
60		}
61
62		/**
63		* @param $options
64		*
65		* @return string
66		*/
67		function b_gwiki_wikiblock_edit($options)
68		{
69		$form = _MB_GWIKI_WIKIPAGE . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
70		// capture the block id from the url and save through a hidden option.
71		if ($_GET['op'] === 'clone') {
72		$form .= _MI_GWIKI_BL_CLONE_WARN . '<br>';
73		}
74		$form .= '<input type="hidden" value="' . (int)$_GET['bid'] . '"id="options[1]" name="options[1]" />';
75		$form .= _MB_GWIKI_REMOTE_AJAX_URL . ' <input type="text" size="35" value="' . $options[2] . '"id="options[2]" name="options[2]" /> <i>' . _MB_GWIKI_REMOTE_AJAX_URL_DESC . '</i><br>';
76
77		return $form;
78		}
79
80		/**
81		* @param $options
82		*
83		* @return bool
84		*/
85		function b_gwiki_newpage_show($options)
86		{
87		global $xoopsUser, $xoopsDB;
88
89		if (!isset($options[0])) {
90		$options[0] = 0;
91		}
92		$block = false;
93
94		$dir = basename(dirname(__DIR__));
95		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
96
97		$wikiPage = new GwikiPage;
98		$prefixes = $wikiPage->getUserNamespaces();
99		if ($prefixes) {
100		$block['moddir'] = $dir;
101		$block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
102		$block['modurl'] = XOOPS_URL . '/modules/' . $dir;
103		$block['prefixes'] = $prefixes;
104		if ($options[0]) {
105		$block['action'] = 'wizard.php';
106		} else {
107		$block['action'] = 'edit.php';
108		}
109		} else {
110		$block = false;
111		}
112
113		return $block;
114		}
115
116		/**
117		* @param $options
118		*
119		* @return string
120		*/
121		function b_gwiki_newpage_edit($options)
122		{
123		if (!isset($options[0])) {
124		$options[0] = 0;
125		}
126		$form = '';
127		$form .= _MB_GWIKI_NEWPAGE_USE_WIZARD . ' <input type="radio" name="options[0]" value="1" ';
128		if ($options[0]) {
129		$form .= 'checked';
130		}
131		$form .= ' /> ' . _YES . ' <input type="radio" name="options[0]" value="0" ';
132		if (!$options[0]) {
133		$form .= 'checked';
134		}
135		$form .= ' /> ' . _NO . '<br><br>';
136
137		return $form;
138		}
139
140		/**
141		* @param $options
142		*
143		* @return bool
144		*/
145		function b_gwiki_teaserblock_show($options)
146		{
147		global $xoopsDB, $xoopsConfig, $xoTheme;
148
149		$block = false;
150
151		$dir = basename(dirname(__DIR__));
152		$moduleHelper = Xmf\Module\Helper::getHelper($dir);
153
154		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
155
156		$wikiPage = new GwikiPage;
157		$wikiPage->setRecentCount($moduleHelper->getConfig('number_recent', 10));
158
159		$page = $options[1];
160		if ($options[2]) {
161		$pagelike = $page . '%';
162		$sql = 'SELECT keyword FROM ' . $xoopsDB->prefix('gwiki_pageids');
163		$sql .= " WHERE keyword like '{$pagelike}' ORDER BY RAND() LIMIT 1 ";
164		$result = $xoopsDB->query($sql);
165		if ($result) {
166		$myrow = $xoopsDB->fetchRow($result);
167		$page = $myrow[0];
168		}
169		}
170
171		$block = $wikiPage->getPage($page);
172		if ($block) {
173		$block['title'] = htmlspecialchars($block['title']);
174	View Code Duplication	if (!defined('_MI_GWIKI_NAME')) {
175		$langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/' . $xoopsConfig['language'] . '/modinfo.php';
176		if (!file_exists($langfile)) {
177		$langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/english/modinfo.php';
178		}
179		include_once $langfile;
180		}
181		$xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');
182
183		if ($options[0]) {
184		$block['body'] = $wikiPage->renderPage();
185		} else {
186		$block['body'] = $wikiPage->renderTeaser();
187		}
188
189		$block['moddir'] = $dir;
190		$block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
191		$block['modurl'] = XOOPS_URL . '/modules/' . $dir;
192		$block['mayEdit'] = $wikiPage->checkEdit();
193		$block['template'] = 'db:' . $wikiPage->getTemplateName();
194
195		if ($options[3]) {
196		$sql = 'SELECT * FROM ' . $xoopsDB->prefix('gwiki_page_images');
197		// $sql .= ' WHERE keyword = "'.$page.'" AND use_to_represent = 1 ';
198		$sql .= " WHERE keyword = '{$page}' AND use_to_represent = 1 ";
199		$result = $xoopsDB->query($sql);
200		if ($myrow = $xoopsDB->fetchArray($result)) {
201		// $block['image_file'] = XOOPS_URL .'/uploads/' . $dir . '/' . $myrow['image_file'];
202		$block['image_file'] = XOOPS_URL . '/modules/' . $dir . '/getthumb.php?page=' . $page . '&name=' . $myrow['image_name'];
203		$block['image_alt_text'] = $myrow['image_alt_text'];
204		}
205		}
206		$block['pageurl'] = sprintf($wikiPage->getWikiLinkURL(), $block['keyword']);
207		}
208
209		return $block;
210		}
211
212		/**
213		* @param $options
214		*
215		* @return string
216		*/
217		function b_gwiki_teaserblock_edit($options)
218		{
219		$form = '';
220		$form .= _MB_GWIKI_SHOW_FULL_PAGE . ' <input type="radio" name="options[0]" value="1" ';
221		if ($options[0]) {
222		$form .= 'checked';
223		}
224		$form .= ' /> ' . _YES . ' <input type="radio" name="options[0]" value="0" ';
225		if (!$options[0]) {
226		$form .= 'checked';
227		}
228		$form .= ' /> ' . _NO . '<br><br>';
229		$form .= _MB_GWIKI_WIKIPAGE . ' <input type="text" value="' . $options[1] . '"id="options[1]" name="options[1]" /><br><br>';
230		$form .= _MB_GWIKI_RANDOM_PAGE . ' <input type="radio" name="options[2]" value="1" ';
231		if ($options[2]) {
232		$form .= 'checked';
233		}
234		$form .= ' /> ' . _YES . ' <input type="radio" name="options[2]" value="0" ';
235		if (!$options[2]) {
236		$form .= 'checked';
237		}
238		$form .= ' /> ' . _NO . '<br>' . _MB_GWIKI_RANDOM_PAGE_DESC . '<br><br>';
239		$form .= _MB_GWIKI_SHOW_DEFAULT_IMAGE . ' <input type="radio" name="options[3]" value="1" ';
240		if ($options[3]) {
241		$form .= 'checked ';
242		}
243		$form .= ' /> ' . _YES . ' <input type="radio" name="options[3]" value="0" ';
244		if (!$options[3]) {
245		$form .= 'checked';
246		}
247		$form .= ' /> ' . _NO . '<br><br>';
248
249		return $form;
250		}
251
252		/**
253		* @param $options
254		*
255		* @return bool
256		*/
257		function b_gwiki_recentblock_show($options)
258		{
259		global $xoopsDB, $xoTheme;
260
261		$block = false;
262
263		$dir = basename(dirname(__DIR__));
264		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
265
266		$wikiPage = new GwikiPage;
267
268		$prefix = '';
269		$sql = 'SELECT prefix FROM ' . $xoopsDB->prefix('gwiki_prefix') . ' WHERE prefix_id = "' . $options[1] . '"';
270		$result = $xoopsDB->query($sql);
271		$myrow = $xoopsDB->fetchArray($result);
272		if ($myrow) {
273		$prefix = $myrow['prefix'];
274		}
275		$prefix .= '%';
276
277		$maxage = 0;
278		if (!empty($options[2])) {
279		$maxage = strtotime($options[2]);
280		}
281
282		$keywords = array();
283
284		$sql = 'SELECT p.keyword, image_file, image_alt_text, image_name FROM ' . $xoopsDB->prefix('gwiki_pages') . ' p ';
285		$sql .= ' left join ' . $xoopsDB->prefix('gwiki_page_images') . ' i on p.keyword=i.keyword and use_to_represent = 1 ';
286		// $sql .= ' WHERE active=1 AND show_in_index=1 AND p.keyword like "'.$prefix.'" ';
287		$sql .= " WHERE active=1 AND show_in_index=1 AND p.keyword like '{$prefix}'";
288		$sql .= ' AND lastmodified > "' . $maxage . '" ORDER BY lastmodified desc';
289		$result = $xoopsDB->query($sql, $options[0], 0);
290		while ($myrow = $xoopsDB->fetchArray($result)) {
291		$keywords[] = $myrow;
292		}
293
294		if (empty($keywords)) {
295		return false;
296		} // nothing to show
297
298	View Code Duplication	if (!defined('_MI_GWIKI_NAME')) {
299		$langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/' . $xoopsConfig['language'] . '/modinfo.php';
		0 ignored issues – show Bug introduced 2016-01-18 06:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this The variable `$xoopsConfig` does not exist. Did you forget to declare it? This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug. Loading history...
300		if (!file_exists($langfile)) {
301		$langfile = XOOPS_ROOT_PATH . '/modules/' . $dir . '/language/english/modinfo.php';
302		}
303		include_once $langfile;
304		}
305		$xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');
306
307		foreach ($keywords as $keyimg) {
308		$gwiki = $wikiPage->getPage($keyimg['keyword']);
309		if ($gwiki) {
310		$gwiki['title'] = htmlspecialchars($gwiki['title']);
311		$gwiki['body'] = $wikiPage->renderTeaser();
312		$gwiki['moddir'] = $dir;
313		$gwiki['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
314		$gwiki['modurl'] = XOOPS_URL . '/modules/' . $dir;
315		$gwiki['mayEdit'] = $wikiPage->checkEdit();
316		$gwiki['template'] = 'db:' . $wikiPage->getTemplateName();
317		if (!empty($keyimg['image_file'])) {
318		// $gwiki['image_file'] = XOOPS_URL .'/uploads/' . $dir . '/' . $keyimg['image_file'];
319		$gwiki['image_file'] = XOOPS_URL . '/modules/' . $dir . '/getthumb.php?page=' . $keyimg['keyword'] . '&name=' . $keyimg['image_name'];
320		$gwiki['image_alt_text'] = $keyimg['image_alt_text'];
321		}
322		$gwiki['pageurl'] = sprintf($wikiPage->getWikiLinkURL(), $gwiki['keyword']);
323		$gwiki['title'] = sprintf('<a href="%s" title="%s">%s</a>', $gwiki['pageurl'], htmlspecialchars($gwiki['title'], ENT_COMPAT), $gwiki['title']);
324
325		$block['pages'][] = $gwiki;
326		}
327		}
328
329		return $block;
330		}
331
332		/**
333		* @param $options
334		*
335		* @return string
336		*/
337		function b_gwiki_recentblock_edit($options)
338		{
339		global $xoopsDB;
340
341		$form = '';
342		$form .= _MB_GWIKI_RECENT_COUNT . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
343		$form .= _MB_GWIKI_PICK_NAMESPACE . ' <select id="options[1]" name="options[1]">';
344		$form .= '<option value="0"' . ((int)$options[1] === 0 ? ' selected' : '') . '></option>';
345		$sql = 'SELECT prefix_id, prefix FROM ' . $xoopsDB->prefix('gwiki_prefix') . ' ORDER BY prefix';
346		$result = $xoopsDB->query($sql);
347		while ($myrow = $xoopsDB->fetchArray($result)) {
348		$pid = (int)$myrow['prefix_id'];
349		$form .= '<option value="' . $pid . '"' . ((int)$options[1] === $pid ? ' selected' : '') . '>' . $myrow['prefix'] . '</option>';
350		}
351		$form .= '</select><br>';
352		$form .= _MB_GWIKI_MAX_AGE . ' <input type="text" value="' . $options[2] . '"id="options[2]" name="options[2]" /><br>';
353
354		return $form;
355		}
356
357		/**
358		* @param $options
359		*
360		* @return bool
361		*/
362		function b_gwiki_pagesettoc_show($options)
363		{
364		global $xoTheme;
365
366		$block = false;
367
368		$dir = basename(dirname(__DIR__));
369		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
370		$wikiPage = new GwikiPage;
371
372		if (empty($options[1])) {
373		if (isset($_GET['page'])) {
374		$page = $_GET['page'];
375		$page = html_entity_decode($page);
376		$page = trim($page);
377		}
378		} else {
379		$page = $options[1];
380		}
381
382		if (empty($page)) {
383		return false;
384		}
385		$page = $wikiPage->getOOBFromKeyword($page);
386
387		$level = (int)$options[0];
388		if ($level < 1) {
389		$level = 1;
390		}
391
392		$toc = $wikiPage->renderPageSetToc($page, $level, 'wikitocblock');
393	View Code Duplication	if ($toc) {
		0 ignored issues – show Bug Best Practice introduced 2016-01-18 06:21 UTC by Report Bug Copy Issue Report Show Similar Issues like this The expression `$toc` of type `false\|string` is loosely compared to `true`; this is ambiguous if the string can be empty. You might want to explicitly use `!== false` instead. In PHP, under loose comparison (like `==`, or `!=`, or `switch` conditions), values of different types might be equal. For `string` values, the empty string `''` is a special case, in particular the following results might be unexpected: '' == false // true '' == null // true 'ab' == false // false 'ab' == null // false // It is often better to use strict comparison '' === false // false '' === null // false Loading history...
394		$block['toc'] = $toc;
395
396		$xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');
397
398		$block['keyword'] = $page;
399		$block['moddir'] = $dir;
400		$block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
401		$block['modurl'] = XOOPS_URL . '/modules/' . $dir;
402		}
403
404		return $block;
405		}
406
407		/**
408		* @param $options
409		*
410		* @return string
411		*/
412		function b_gwiki_pagesettoc_edit($options)
413		{
414		$form = _MB_GWIKI_WIKIPAGESET_LEVELS . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
415		$form .= _MB_GWIKI_WIKIPAGESET . ' <input type="text" value="' . $options[1] . '"id="options[1]" name="options[1]" /> ' . _MB_GWIKI_WIKIPAGESET_DESC . '<br>';
416
417		return $form;
418		}
419
420		/**
421		* @param $options
422		*
423		* @return bool
424		*/
425		function b_gwiki_related_show($options)
426		{
427		global $xoTheme, $xoopsDB;
428
429		$block = false;
430
431		$dir = basename(dirname(__DIR__));
432		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
433		$wikiPage = new GwikiPage;
434
435		$q_exclude_page = '';
436
437		if (empty($options[1])) {
438		if (isset($_GET['page'])) {
439		$page = $_GET['page'];
440		$page = html_entity_decode($page);
441		$page = trim($page);
442		$page = $wikiPage->getOOBFromKeyword($page);
443
444		$q_page = $wikiPage->escapeForDB($page);
445		$q_exclude_page = $wikiPage->escapeForDB($page);
446
447		$sql = 'SELECT parent_page ';
448		$sql .= ' FROM ' . $xoopsDB->prefix('gwiki_pages');
449		$sql .= " WHERE active=1 and keyword='{$q_page}' ";
450
451		$result = $xoopsDB->query($sql);
452
453		$rows = $xoopsDB->getRowsNum($result);
454		if ($rows) {
455		$row = $xoopsDB->fetchArray($result);
456		if (!empty($row['parent_page'])) {
457		$page = $row['parent_page'];
458		}
459		}
460		$xoopsDB->freeRecordSet($result);
461		}
462		} else {
463		$page = $options[1];
464		}
465
466		if (empty($page)) {
467		return false;
468		}
469
470		$limit = (int)$options[0];
471		if ($limit < 1) {
472		$limit = 1;
473		}
474
475		$sort = (int)$options[2];
476		if ($sort < 0) {
477		$sort = 0;
478		}
479		if ($sort > 1) {
480		$sort = 1;
481		}
482
483		$relatedsort = ' lastmodified DESC, hit_count DESC, ';
484		if ($sort === 1) {
485		$relatedsort = ' hit_count DESC, lastmodified DESC, ';
486		}
487
488		$q_page = $wikiPage->escapeForDB($page);
489
490		$sql = 'SELECT keyword, display_keyword, title, lastmodified, uid, page_id, created, hit_count ';
491		$sql .= ' FROM ' . $xoopsDB->prefix('gwiki_pages');
492		$sql .= ' natural left join ' . $xoopsDB->prefix('gwiki_pageids');
493		$sql .= " WHERE active=1 and parent_page = '{$q_page}' and keyword!='{$q_exclude_page}' ";
494		$sql .= " ORDER BY {$relatedsort} keyword ";
495
496		$related = false;
497		$result = $xoopsDB->query($sql, $limit, 0);
498	View Code Duplication	while ($row = $xoopsDB->fetchArray($result)) {
499		$row['pageurl'] = sprintf($wikiPage->getWikiLinkURL(), $row['keyword']);
500		$row['pagelink'] = sprintf('<a href="%s" title="%s">%s</a>', $row['pageurl'], htmlspecialchars($row['title'], ENT_COMPAT), $row['title']);
501		$related[] = $row;
502		}
503		$xoopsDB->freeRecordSet($result);
504
505	View Code Duplication	if ($related) {
506		$block['related'] = $related;
507
508		$xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');
509
510		$block['keyword'] = $page;
511		$block['moddir'] = $dir;
512		$block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
513		$block['modurl'] = XOOPS_URL . '/modules/' . $dir;
514		}
515
516		return $block;
517		}
518
519		/**
520		* @param $options
521		*
522		* @return string
523		*/
524		function b_gwiki_related_edit($options)
525		{
526		$form = _MB_GWIKI_RELATED_COUNT . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
527		$form .= _MB_GWIKI_RELATED . ' <input type="text" value="' . $options[1] . '"id="options[1]" name="options[1]" /> ' . _MB_GWIKI_RELATED_DESC . '<br>';
528		$form .= _MB_GWIKI_RELATED_SORT . ' <select id="options[2]" name="options[2]">';
529		$form .= '<option value="0"' . ((int)$options[2] === 0 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_DATE . '</option>';
530		$form .= '<option value="1"' . ((int)$options[2] === 1 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_HITS . '</option>';
531		$form .= '</select><br>';
532
533		return $form;
534		}
535
536		/**
537		* @param $options
538		*
539		* @return bool
540		*/
541		function b_gwiki_linkshere_show($options)
542		{
543		global $xoTheme, $xoopsDB;
544
545		$block = false;
546
547		$dir = basename(dirname(__DIR__));
548		include_once XOOPS_ROOT_PATH . '/modules/' . $dir . '/class/GwikiPage.php';
549		$wikiPage = new GwikiPage;
550
551		if (isset($_GET['page'])) {
552		$page = $_GET['page'];
553		$page = html_entity_decode($page);
554		$page = trim($page);
555		$page = $wikiPage->getOOBFromKeyword($page);
556		$q_page = $wikiPage->escapeForDB($page);
557		}
558
559		if (empty($page)) {
560		return false;
561		}
562
563		$limit = (int)$options[0];
564		if ($limit < 0) {
565		$limit = 0;
566		}
567
568		$sort = (int)$options[1];
569		if ($sort < 0) {
570		$sort = 0;
571		}
572		if ($sort > 2) {
573		$sort = 2;
574		}
575
576		$relatedsort = ' display_keyword, ';
577		if ($sort === 1) {
578		$relatedsort = ' lastmodified DESC, hit_count DESC, ';
579		}
580		if ($sort === 2) {
581		$relatedsort = ' hit_count DESC, lastmodified DESC, ';
582		}
583
584		$q_page = $wikiPage->escapeForDB($page);
585
586		$sql = 'SELECT keyword, display_keyword, title, lastmodified, uid, page_id, created, hit_count ';
587		$sql .= ' FROM ' . $xoopsDB->prefix('gwiki_pages');
588		$sql .= ' natural left join ' . $xoopsDB->prefix('gwiki_pageids');
589		$sql .= ' left join ' . $xoopsDB->prefix('gwiki_pagelinks') . ' on from_keyword = keyword ';
590		$sql .= " WHERE active=1 and to_keyword = '{$q_page}' ";
591		$sql .= " ORDER BY {$relatedsort} keyword ";
592
593		$linkshere = false;
594		if ($limit) {
595		$result = $xoopsDB->query($sql, $limit, 0);
596		} else {
597		$result = $xoopsDB->query($sql);
598		}
599	View Code Duplication	while ($row = $xoopsDB->fetchArray($result)) {
600		$row['pageurl'] = sprintf($wikiPage->getWikiLinkURL(), $row['keyword']);
601		$row['pagelink'] = sprintf('<a href="%s" title="%s">%s</a>', $row['pageurl'], htmlspecialchars($row['title'], ENT_COMPAT), $row['title']);
602		$linkshere[] = $row;
603		}
604		$xoopsDB->freeRecordSet($result);
605
606	View Code Duplication	if ($linkshere) {
607		$block['linkshere'] = $linkshere;
608
609		$xoTheme->addStylesheet(XOOPS_URL . '/modules/' . $dir . '/assets/css/module.css');
610
611		$block['keyword'] = $page;
612		$block['moddir'] = $dir;
613		$block['modpath'] = XOOPS_ROOT_PATH . '/modules/' . $dir;
614		$block['modurl'] = XOOPS_URL . '/modules/' . $dir;
615		}
616
617		return $block;
618		}
619
620		/**
621		* @param $options
622		*
623		* @return string
624		*/
625		function b_gwiki_linkshere_edit($options)
626		{
627		$form = _MB_GWIKI_RELATED_COUNT . ' <input type="text" value="' . $options[0] . '"id="options[0]" name="options[0]" /><br>';
628		$form .= _MB_GWIKI_RELATED_SORT . ' <select id="options[1]" name="options[1]">';
629		$form .= '<option value="0"' . ((int)$options[1] === 0 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_ALPHA . '</option>';
630		$form .= '<option value="1"' . ((int)$options[1] === 1 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_DATE . '</option>';
631		$form .= '<option value="2"' . ((int)$options[1] === 2 ? ' selected' : '') . '>' . _MB_GWIKI_RELATED_SORT_HITS . '</option>';
632		$form .= '</select><br>';
633
634		return $form;
635		}
636

mambax7 / gwiki

Issues (207)

Security Analysis not enabled

blocks/blocks.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like