PonyMirrors/ponepaste
1
0
Fork 0
mirror of https://github.com/Neetpone/ponepaste.git synced 2025-03-12 14:40:09 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Update pages.php to use PDO

Browse source
This commit is contained in:
Floorb 2021-07-11 12:48:48 -04:00
parent e6f314e53a
commit a5b8fea99d
1 changed files with 9 additions and 122 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

129
pages.php
View file

@ -12,9 +12,8 @@
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License in GPL.txt for more details. * GNU General Public License in GPL.txt for more details.
*/ */
session_start(); define('IN_PONEPASTE', 1);
require_once('includes/common.php');
require_once('config.php');
require_once('includes/functions.php'); require_once('includes/functions.php');
// UTF-8 // UTF-8
@ -22,127 +21,15 @@ header('Content-Type: text/html; charset=utf-8');
$date = date('jS F Y'); $date = date('jS F Y');
$ip = $_SERVER['REMOTE_ADDR']; $ip = $_SERVER['REMOTE_ADDR'];
$data_ip = file_get_contents('tmp/temp.tdata');
$con = new PDO(
"mysql:host=$db_host;dbname=$db_schema;charset=utf8",
$db_user,
$db_pass,
$db_opts
);
updatePageViews($conn);
if (mysqli_connect_errno()) {
die("Unable to connect to database");
}
$query = "SELECT * FROM site_info";
$result = mysqli_query($con, $query);
while ($row = mysqli_fetch_array($result)) {
$title = Trim($row['title']);
$des = Trim($row['des']);
$baseurl = Trim($row['baseurl']);
$keyword = Trim($row['keyword']);
$site_name = Trim($row['site_name']);
$email = Trim($row['email']);
$twit = Trim($row['twit']);
$face = Trim($row['face']);
$gplus = Trim($row['gplus']);
$ga = Trim($row['ga']);
$additional_scripts = Trim($row['additional_scripts']);
}
// Set theme and language
$query = "SELECT * FROM interface";
$result = mysqli_query($con, $query);
while ($row = mysqli_fetch_array($result)) {
$default_lang = Trim($row['lang']);
$default_theme = Trim($row['theme']);
}
require_once("langs/$default_lang");
// Check if IP is banned
if ( is_banned($con, $ip) ) die($lang['banned']); // "You have been banned from ".$site_name;
// Logout
if (isset($_GET['logout'])) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
unset($_SESSION['token']);
unset($_SESSION['oauth_uid']);
unset($_SESSION['username']);
session_destroy();
}
// Page views
$query = "SELECT @last_id := MAX(id) FROM page_view";
$result = mysqli_query($con, $query);
while ($row = mysqli_fetch_array($result)) {
$last_id = $row['@last_id := MAX(id)'];
}
$query = "SELECT * FROM page_view WHERE id=" . Trim($last_id);
$result = mysqli_query($con, $query);
while ($row = mysqli_fetch_array($result)) {
$last_date = $row['date'];
}
if ($last_date == $date) {
if (str_contains($data_ip, $ip)) {
$query = "SELECT * FROM page_view WHERE id=" . Trim($last_id);
$result = mysqli_query($con, $query);
while ($row = mysqli_fetch_array($result)) {
$last_tpage = Trim($row['tpage']);
}
$last_tpage = $last_tpage + 1;
// IP already exists, update page views
$query = "UPDATE page_view SET tpage=$last_tpage WHERE id=" . Trim($last_id);
mysqli_query($con, $query);
} else {
$query = "SELECT * FROM page_view WHERE id=" . Trim($last_id);
$result = mysqli_query($con, $query);
while ($row = mysqli_fetch_array($result)) {
$last_tpage = Trim($row['tpage']);
$last_tvisit = Trim($row['tvisit']);
}
$last_tpage = $last_tpage + 1;
$last_tvisit = $last_tvisit + 1;
// Update both tpage and tvisit.
$query = "UPDATE page_view SET tpage=$last_tpage,tvisit=$last_tvisit WHERE id=" . Trim($last_id);
mysqli_query($con, $query);
file_put_contents('tmp/temp.tdata', $data_ip . "\r\n" . $ip);
}
} else {
// Delete the file and clear data_ip
unlink("tmp/temp.tdata");
$data_ip = "";
// New date is created!
$query = "INSERT INTO page_view (date,tpage,tvisit) VALUES ('$date','1','1')";
mysqli_query($con, $query);
// Update IP
file_put_contents('tmp/temp.tdata', $data_ip . "\r\n" . $ip);
}
if (isset($_GET['page'])) { if (isset($_GET['page'])) {
$page_name = trim($_GET['page']); $page_name = htmlspecialchars(trim($_GET['page']));
$page_name = Trim(htmlspecialchars($page_name));
$page_name = mysqli_real_escape_string($con, $page_name);
$sql = "SELECT * FROM pages where page_name='$page_name'";
$result = mysqli_query($con, $sql);
// Loop through each record $query = $conn->prepare('SELECT page_title, page_content, last_date FROM pages WHERE page_name = ?');
while ($row = mysqli_fetch_array($result)) { $query->execute([$page_name]);
// Populate and display results data in each row if ($row = $query->fetch()) {
$page_title = $row['page_title']; $page_title = $row['page_title'];
$page_content = $row['page_content']; $page_content = $row['page_content'];
$last_date = $row['last_date']; $last_date = $row['last_date'];
@ -154,4 +41,4 @@ if (isset($_GET['page'])) {
require_once('theme/' . $default_theme . '/header.php'); require_once('theme/' . $default_theme . '/header.php');
require_once('theme/' . $default_theme . '/pages.php'); require_once('theme/' . $default_theme . '/pages.php');
require_once('theme/' . $default_theme . '/footer.php'); require_once('theme/' . $default_theme . '/footer.php');
?>