# HG changeset patch # User Dan # Date 1265008504 18000 # Node ID 4125e19d3b277a810e41cb9ace8db735739adcab # Parent ec7f8f6312bb0813e016fd306dde24a9ab38b15c Fixed more places where author_uid wasn't right. diff -r ec7f8f6312bb -r 4125e19d3b27 includes/comment.php --- a/includes/comment.php Mon Feb 01 02:14:02 2010 -0500 +++ b/includes/comment.php Mon Feb 01 02:15:04 2010 -0500 @@ -456,8 +456,8 @@ $name = $db->escape($name); $username = $db->escape($session->username); // log this action - $q = $db->sql_query('INSERT INTO ' . table_prefix . "logs(time_id, log_type, action, page_text, author, edit_summary) VALUES\n " - . "( " . time() . ", 'security', 'view_comment_ip', '$name', '$username', '{$_SERVER['REMOTE_ADDR']}' );"); + $q = $db->sql_query('INSERT INTO ' . table_prefix . "logs(time_id, log_type, action, page_text, author, author_uid, edit_summary) VALUES\n " + . "( " . time() . ", 'security', 'view_comment_ip', '$name', '$username', $session->user_id, '{$_SERVER['REMOTE_ADDR']}' );"); if ( !$q ) $db->die_json(); diff -r ec7f8f6312bb -r 4125e19d3b27 includes/pageprocess.php --- a/includes/pageprocess.php Mon Feb 01 02:14:02 2010 -0500 +++ b/includes/pageprocess.php Mon Feb 01 02:15:04 2010 -0500 @@ -764,8 +764,8 @@ // add reupload log entry $username = $db->escape($session->username); - $q = $db->sql_query('INSERT INTO ' . table_prefix . "logs ( log_type, action, time_id, page_id, namespace, author, edit_summary ) VALUES\n" - . " ( 'page', 'reupload', $time, '$this->page_id', '$this->namespace', '$username', '__ROLLBACK__' )"); + $q = $db->sql_query('INSERT INTO ' . table_prefix . "logs ( log_type, action, time_id, page_id, namespace, author, author_uid, edit_summary ) VALUES\n" + . " ( 'page', 'reupload', $time, '$this->page_id', '$this->namespace', '$username', $session->user_id, '__ROLLBACK__' )"); if ( !$q ) $db->die_json(); @@ -952,8 +952,8 @@ case PROTECT_SEMI: $action = 'semiprot'; break; } - $sql = 'INSERT INTO ' . table_prefix . "logs ( log_type, action, page_id, namespace, author, edit_summary, time_id, page_text, date_string ) VALUES\n" - . " ( 'page', '$action', '{$this->page_id}', '{$this->namespace}', '$username', '$reason', '$time', '$existing_protection', 'DATE_STRING COLUMN OBSOLETE, USE time_id' );"; + $sql = 'INSERT INTO ' . table_prefix . "logs ( log_type, action, page_id, namespace, author, author_uid, edit_summary, time_id, page_text, date_string ) VALUES\n" + . " ( 'page', '$action', '{$this->page_id}', '{$this->namespace}', '$username', $author_uid, '$reason', '$time', '$existing_protection', 'DATE_STRING COLUMN OBSOLETE, USE time_id' );"; if ( !$db->sql_query($sql) ) { $db->die_json(); diff -r ec7f8f6312bb -r 4125e19d3b27 includes/pageutils.php --- a/includes/pageutils.php Mon Feb 01 02:14:02 2010 -0500 +++ b/includes/pageutils.php Mon Feb 01 02:15:04 2010 -0500 @@ -1060,8 +1060,8 @@ $db->free_result(); $minor_edit = ( ENANO_DBLAYER == 'MYSQL' ) ? 'false' : '0'; $username = $db->escape($session->username); - $q = 'INSERT INTO ' . table_prefix . "logs ( log_type, action, time_id, date_string, page_id, namespace, page_text, char_tag, author, edit_summary, minor_edit ) VALUES\n" - . " ('page', 'edit', " . time() . ", 'DEPRECATED', '$page_id', '$namespace', '" . $db->escape($row['page_text']) . "', '', '{$username}', '" . $lang->get('page_flushlogs_backup_summary') . "', $minor_edit);"; + $q = 'INSERT INTO ' . table_prefix . "logs ( log_type, action, time_id, date_string, page_id, namespace, page_text, char_tag, author, author_uid, edit_summary, minor_edit ) VALUES\n" + . " ('page', 'edit', " . time() . ", 'DEPRECATED', '$page_id', '$namespace', '" . $db->escape($row['page_text']) . "', '', '{$username}', $session->user_id, '" . $lang->get('page_flushlogs_backup_summary') . "', $minor_edit);"; if ( !$db->sql_query($q) ) $db->_die('The history (log) entry could not be inserted into the logs table.'); } @@ -1274,8 +1274,8 @@ // log action $time = time(); - $q = $db->sql_query('INSERT INTO ' . table_prefix . "logs (time_id, log_type, action, edit_summary, page_text, author, page_id, namespace) VALUES\n" - . " ( $time, 'page', 'votereset', '$delvotes', '$delvote_ips', '$username', '$page_id', '$namespace' )"); + $q = $db->sql_query('INSERT INTO ' . table_prefix . "logs (time_id, log_type, action, edit_summary, page_text, author, author_uid, page_id, namespace) VALUES\n" + . " ( $time, 'page', 'votereset', '$delvotes', '$delvote_ips', '$username', $session->user_id, '$page_id', '$namespace' )"); if ( !$q ) $db->_die(); diff -r ec7f8f6312bb -r 4125e19d3b27 includes/plugins.php --- a/includes/plugins.php Mon Feb 01 02:14:02 2010 -0500 +++ b/includes/plugins.php Mon Feb 01 02:15:04 2010 -0500 @@ -634,7 +634,13 @@ else { if ( !$db->sql_query($query) ) - $db->die_json(); + { + $return = array( + 'mode' => 'error', + 'error' => "[SQL] " . $db->sql_error() + ); + break 2; + } } } @@ -643,8 +649,8 @@ $ip_db = $db->escape($_SERVER['REMOTE_ADDR']); $username_db = $db->escape($session->username); $file_db = $db->escape($filename); - $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n" - . " ('security', 'plugin_install', $time, '$ip_db', '$username_db', '$file_db');"); + $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, author_uid, page_text) VALUES\n" + . " ('security', 'plugin_install', $time, '$ip_db', '$username_db', $session->user_id, '$file_db');"); if ( !$q ) $db->_die(); @@ -790,7 +796,13 @@ else { if ( !$db->sql_query($query) ) - $db->die_json(); + { + $return = array( + 'mode' => 'error', + 'error' => "[SQL] " . $db->sql_error() + ); + break 2; + } } } @@ -799,8 +811,8 @@ $ip_db = $db->escape($_SERVER['REMOTE_ADDR']); $username_db = $db->escape($session->username); $file_db = $db->escape($filename); - $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n" - . " ('security', 'plugin_uninstall', $time, '$ip_db', '$username_db', '$file_db');"); + $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, author_uid, page_text) VALUES\n" + . " ('security', 'plugin_uninstall', $time, '$ip_db', '$username_db', $session->user_id, '$file_db');"); if ( !$q ) $db->_die(); @@ -1016,7 +1028,13 @@ else { if ( !$db->sql_query($query) ) - $db->die_json(); + { + $return = array( + 'mode' => 'error', + 'error' => "[SQL] " . $db->sql_error() + ); + break 2; + } } } @@ -1025,8 +1043,8 @@ $ip_db = $db->escape($_SERVER['REMOTE_ADDR']); $username_db = $db->escape($session->username); $file_db = $db->escape($filename); - $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, page_text) VALUES\n" - . " ('security', 'plugin_upgrade', $time, '$ip_db', '$username_db', '$file_db');"); + $q = $db->sql_query('INSERT INTO '.table_prefix."logs(log_type, action, time_id, edit_summary, author, author_uid, page_text) VALUES\n" + . " ('security', 'plugin_upgrade', $time, '$ip_db', '$username_db', $session->user_id, '$file_db');"); if ( !$q ) $db->_die(); diff -r ec7f8f6312bb -r 4125e19d3b27 includes/render.php --- a/includes/render.php Mon Feb 01 02:14:02 2010 -0500 +++ b/includes/render.php Mon Feb 01 02:15:04 2010 -0500 @@ -351,6 +351,32 @@ } /** + * Strip out an arbitrary HTML tag, pushing on to the existing list of stripped data. + * @access private + */ + + public static function tag_strip_push($tag, &$text, &$stripdata) + { + if ( !is_array($stripdata) ) + { + $stripdata = array( + 'random_id' => md5( time() . mt_rand() ), + 'blocks' => array() + ); + } + $random_id =& $stripdata['random_id']; + + preg_match_all("#<$tag>(.*?)#is", $text, $blocks); + + foreach ( $blocks[0] as $i => $match ) + { + $j = count($stripdata['blocks']); + $stripdata['blocks'][] = $blocks[1][$i]; + $text = str_replace($match, "{{$tag}:{$random_id}:{$j}}", $text); + } + } + + /** * Restore stripped tags. * @access private */ diff -r ec7f8f6312bb -r 4125e19d3b27 includes/sessions.php --- a/includes/sessions.php Mon Feb 01 02:14:02 2010 -0500 +++ b/includes/sessions.php Mon Feb 01 02:15:04 2010 -0500 @@ -834,9 +834,9 @@ if($sess) { if($level > USER_LEVEL_MEMBER) - $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary,page_text) VALUES(\'security\', \'admin_auth_good\', '.time().', \''.enano_date(ED_DATE | ED_TIME).'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')'); + $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,author_uid,edit_summary,page_text) VALUES(\'security\', \'admin_auth_good\', '.time().', \''.enano_date(ED_DATE | ED_TIME).'\', \''.$db->escape($username).'\', ' . $row['user_id'] . ', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\', ' . intval($level) . ')'); else - $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,edit_summary) VALUES(\'security\', \'auth_good\', '.time().', \''.enano_date(ED_DATE | ED_TIME).'\', \''.$db->escape($username).'\', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')'); + $this->sql('INSERT INTO '.table_prefix.'logs(log_type,action,time_id,date_string,author,author_uid,edit_summary) VALUES(\'security\', \'auth_good\', '.time().', \''.enano_date(ED_DATE | ED_TIME).'\', \''.$db->escape($username).'\', ' . $row['user_id'] . ', \''.$db->escape($_SERVER['REMOTE_ADDR']).'\')'); $code = $plugins->setHook('login_success'); foreach ( $code as $cmd )