PEAK XOOPS - 4-6 in englishin japanese

カスタマイズの最終兵器 [Hack編]

リスト4-20



    $story = new NewsStory();
    $story->setTitle($subject);
    list( $message , $body ) = explode( "[more]" , $message ) ; // この行を追加
    $story->setBodytext($body); // この行を追加
    $story->setHometext($message);
    $story->setUid($uid);
    $story->setTopicId($topic_id);

リスト4-21



function news_search($queryarray, $andor, $limit, $offset, $userid){
    global $xoopsDB;
    $sql = "SELECT s.storyid,s.uid,s.title,s.created FROM ".$xoopsDB->prefix("stories")." s LEFT JOIN ".$xoopsDB->prefix("users")." u ON s.uid=u.uid WHERE published>0 AND published<=".time()."";
    if ( $userid != 0 ) {
        $sql .= " AND s.uid=".$userid." ";
    }
    // because count() returns 1 even if a supplied variable
    // is not an array, we must check if $querryarray is really an array
    if ( is_array($queryarray) && $count = count($queryarray) ) {
        $sql .= " AND ((s.hometext LIKE '%$queryarray[0]%' OR s.bodytext LIKE '%$queryarray[0]%' OR s.title LIKE '%$queryarray[0]%' OR u.uname LIKE '%$queryarray[0]%')";
        for($i=1;$i<$count;$i++){
            $sql .= " $andor ";
            $sql .= "(s.hometext LIKE '%$queryarray[$i]%' OR s.bodytext LIKE '%$queryarray[$i]%' OR s.title LIKE '%$queryarray[$i]%' OR u.uname LIKE '%$queryarray[$i]%')";
        }
        $sql .= ") ";
    }
    $sql .= "ORDER BY s.created DESC";
    $result = $xoopsDB->query($sql,$limit,$offset);

リスト4-24
リスト4-25
リスト4-29
いずれも、最新コアでは取り込み済みです

リスト4-30



$member_handler =& xoops_gethandler('member');
$myts =& MyTextsanitizer::getInstance();
//$user =& $member_handler->loginUser(addslashes($myts->stripSlashesGPC($uname)), addslashes($myts->stripSlashesGPC($pass))); // 削除行
// ここから追加
$uname4sql = addslashes( $myts->stripSlashesGPC($uname) ) ;
$pass4sql = addslashes( $myts->stripSlashesGPC($pass) ) ;
if( strstr( $uname , '@' ) ) {
    // check by email if uname includes '@'
    $criteria = new CriteriaCompo(new Criteria('email', $uname4sql ));
    $criteria->add(new Criteria('pass', md5( $pass4sql )));
    $user_handler =& xoops_gethandler('user');
    $users =& $user_handler->getObjects($criteria, false);
    if( empty( $users ) || count( $users ) != 1 ) $user = false ;
    else $user = $users[0] ;
    unset( $users ) ;
}
if( empty( $user ) || ! is_object( $user ) ) {
    $user =& $member_handler->loginUser($uname4sql,$pass4sql);
}
// ここまで追加

if (false != $user) {
    if (0 == $user->getVar('level')) {
        redirect_header(XOOPS_URL.'/index.php', 5, _US_NOACTTPADM);
        exit();
    }

リスト4-31



function &makeClickable(&$text)
{
  $patterns = array(
    "/(^|[^]_a-z0-9-=\"'\/])([a-z]+?):\/\/([^, \r\n\"\(\)'<>]+)/i",
    "/(^|[^]_a-z0-9-=\"'\/])www\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i",
    "/(^|[^]_a-z0-9-=\"'\/])ftp\.([a-z0-9\-]+)\.([^, \r\n\"\(\)'<>]+)/i",
    "/(^|[^]_a-z0-9-=\"'\/:\.])([a-z0-9\-_\.]+?)@([^, \r\n\"\(\)'<>\[\]]+)/i"
  );
  $replacements = array(
    "\\1<a href=\"\\2://\\3\" target=\"_blank\">\\2://\\3</a>",
    "\\1<a href=\"http://www.\\2.\\3\" target=\"_blank\">www.\\2.\\3</a>",
    "\\1<a href=\"ftp://ftp.\\2.\\3\" target=\"_blank\">ftp.\\2.\\3</a>",
    "\\1<a href=\"mailto:\\2@\\3\">\\2@\\3</a>"
  );
  return preg_replace($patterns, $replacements, $text);
}

Printer friendly
Tell a friend
Votes:139 Average:5.76
Prev
4-5
top of the category
Sourcecodes of "Customizing XOOPS"
Next
6-3
Login
Username or e-mail:

Password:

Remember Me

Lost Password?

Register now!