# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
+if (defined('S9Y_FRAMEWORK_CONFIG')) {
+ return;
+}
+@define('S9Y_FRAMEWORK_CONFIG', true);
+
/**
* Adds a new author account
*
$author_sql = '';
if (!empty($authorid)) {
$author_sql = "authorid = " . (int)$authorid . " AND ";
+ } elseif (isset($serendipity[$name])) {
+ return $serendipity[$name];
}
$r = serendipity_db_query("SELECT value FROM {$serendipity['dbPrefix']}config WHERE $author_sql name = '" . $name . "' LIMIT 1", true);
if (isset($serendipity['template_engine']) && (stristr($file, 'admin/') === false || $serendipity['template_engine'] != 'default')) {
$directories[] = $serendipity['template_engine'] . '/';
}
+
$directories[] = $serendipity['defaultTemplate'] .'/';
$directories[] = 'default/';
foreach ($directories as $directory) {
$templateFile = $serendipity['templatePath'] . $directory . $file;
-
if (file_exists($serendipity['serendipityPath'] . $templateFile)) {
return $serendipity[$key] . $templateFile;
}
}
+
+ if (preg_match('@\.(tpl|css|php)@i', $file) && !stristr($file, 'plugin')) {
+ return $file;
+ }
+
return false;
}
*/
function serendipity_load_configuration($author = null) {
global $serendipity;
+ static $config_loaded = array();
+
+ if (isset($config_loaded[$author])) {
+ return true;
+ }
if (!empty($author)) {
// Replace default configuration directives with user-relevant data
- $rows = serendipity_db_query("SELECT name,value
+ $rows =& serendipity_db_query("SELECT name,value
FROM {$serendipity['dbPrefix']}config
WHERE authorid = '". (int)$author ."'");
} else {
// Only get default variables, user-independent (frontend)
- $rows = serendipity_db_query("SELECT name, value
+ $rows =& serendipity_db_query("SELECT name, value
FROM {$serendipity['dbPrefix']}config
WHERE authorid = 0");
}
$serendipity[$row['name']] = serendipity_get_bool($row['value']);
}
}
+ $config_loaded[$author] = true;
}
/**
if (serendipity_authenticate_author($serendipity['POST']['user'], $serendipity['POST']['pass'], false, $use_external)) {
if (empty($serendipity['POST']['auto'])) {
serendipity_deleteCookie('author_information');
+ serendipity_deleteCookie('author_information_iv');
return false;
} else {
- $package = serialize(array('username' => $serendipity['POST']['user'],
- 'password' => $serendipity['POST']['pass']));
- serendipity_setCookie('author_information', base64_encode($package));
+ serendipity_issueAutologin(
+ array('username' => $serendipity['POST']['user'],
+ 'password' => $serendipity['POST']['pass']
+ )
+ );
return true;
}
// Now try login via COOKIE data
- } elseif ( isset($serendipity['COOKIE']['author_information']) ) {
- $cookie = unserialize(base64_decode($serendipity['COOKIE']['author_information']));
- if (serendipity_authenticate_author($cookie['username'], $cookie['password'], false, $use_external)) {
+ } elseif (isset($serendipity['COOKIE']['author_information'])) {
+ $cookie = serendipity_checkAutologin($serendipity['COOKIE']['author_information'], $serendipity['COOKIE']['author_information_iv']);
+
+ if (is_array($cookie) && serendipity_authenticate_author($cookie['username'], $cookie['password'], false, $use_external)) {
return true;
} else {
serendipity_deleteCookie('author_information');
+ serendipity_deleteCookie('author_information_iv');
return false;
}
}
}
+/**
+ * Issue a new auto login cookie
+ * @param array The input data
+ */
+function serendipity_issueAutologin($array) {
+ global $serendipity;
+
+ $package = serialize($array);
+
+ if (function_exists('mcrypt_encrypt')) {
+ // Secure the package data when being stored inside the Database
+ $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_BLOWFISH, MCRYPT_MODE_CBC), MCRYPT_RAND);
+ $key = base64_encode($iv);
+ $package = mcrypt_encrypt(MCRYPT_BLOWFISH, $key, $package, MCRYPT_MODE_CBC, $iv);
+ serendipity_setCookie('author_information_iv', $key);
+ }
+ $package = base64_encode($package);
+
+ $rnd = md5(time() . $_SERVER['REMOTE_ADDR']);
+
+ // Delete possible current cookie
+ serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}options WHERE okey = '" . serendipity_db_escape_string($serendipity['COOKIE']['author_information']) . "'");
+
+ // Issue new autologin cookie
+ serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}options (name, value, okey) VALUES ('" . time() . "', '" . serendipity_db_escape_string($package) . "', '" . $rnd . "')");
+ serendipity_setCookie('author_information', $rnd);
+}
+
+/**
+ * Checks a new auto login cookie
+ * @param array The input data
+ */
+function serendipity_checkAutologin($ident, $iv) {
+ global $serendipity;
+
+ // Fetch login data from DB
+ $autologin =& serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}options WHERE okey = '" . serendipity_db_escape_string($ident) . "' LIMIT 1", true, 'assoc');
+ if (!is_array($autologin)) {
+ return false;
+ }
+
+ if (function_exists('mcrypt_decrypt') && !empty($iv)) {
+ $key = $iv;
+ $iv = base64_decode($iv);
+ $cookie = unserialize(mcrypt_decrypt(MCRYPT_BLOWFISH, $key, base64_decode($autologin['value']), MCRYPT_MODE_CBC, $iv));
+ } else {
+ $cookie = unserialize(base64_decode($autologin['value']));
+ }
+
+ if ($autologin['name'] < (time()-86400)) {
+ // Issued autologin cookie has been issued more than 1 day ago. Re-Issue new cookie, invalidate old one to prevent abuse
+ serendipity_header('X-ReIssue-Cookie: +' . (time() - $autologin['name']) . 's');
+ serendipity_issueAutologin($cookie);
+ }
+
+ return $cookie;
+}
+
+/**
+ * Perform user authentication routine
+ *
+ * If a user is already authenticated via session data, this bypasses some routines.
+ * After a user has ben authenticated, several SESSION variables ar set.
+ * If the authentication fails, the session is destroyed.
+ *
+ * @access public
+ * @param string The username to check
+ * @param string The password to check (may contain plaintext or MD5 hash)
+ * @param boolean Indicates whether the input password is already in MD5 format (TRUE) or not (FALSE).
+ * @param boolean Indicates whether to query external plugins for authentication
+ * @return boolean True on success, False on error
+ */
+function serendipity_authenticate_author($username = '', $password = '', $is_md5 = false, $use_external = true) {
+ global $serendipity;
+
+ if (isset($_SESSION['serendipityUser']) && isset($_SESSION['serendipityPassword']) && isset($_SESSION['serendipityAuthedUser']) && $_SESSION['serendipityAuthedUser'] == true) {
+ $username = $_SESSION['serendipityUser'];
+ $password = $_SESSION['serendipityPassword'];
+ // For safety reasons when multiple blogs are installed on the same host, we need to check the current author each time to not let him log into a different blog with the same sessiondata
+ $is_md5 = true;
+ }
+
+ if ($username != '') {
+ if ($use_external) {
+ serendipity_plugin_api::hook_event('backend_auth', $is_md5, array('username' => $username, 'password' => $password));
+ }
+
+ if ($is_md5 === false && !empty($password)) {
+ $password = md5($password);
+ }
+
+ $query = "SELECT DISTINCT
+ email, realname, authorid, userlevel, right_publish
+ FROM
+ {$serendipity['dbPrefix']}authors
+ WHERE
+ username = '" . serendipity_db_escape_string($username) . "'
+ AND password = '" . serendipity_db_escape_string($password) . "'";
+ $row =& serendipity_db_query($query, true, 'assoc');
+
+ if (is_array($row)) {
+ serendipity_setCookie('old_session', session_id());
+ $_SESSION['serendipityUser'] = $serendipity['serendipityUser'] = $username;
+ $_SESSION['serendipityRealname'] = $serendipity['serendipityRealname'] = $$row['realname'];
+ $_SESSION['serendipityPassword'] = $serendipity['serendipityPassword'] = $password;
+ $_SESSION['serendipityEmail'] = $serendipity['serendipityEmail'] = $row['email'];
+ $_SESSION['serendipityAuthorid'] = $serendipity['authorid'] = $row['authorid'];
+ $_SESSION['serendipityUserlevel'] = $serendipity['serendipityUserlevel'] = $row['userlevel'];
+ $_SESSION['serendipityAuthedUser'] = $serendipity['serendipityAuthedUser'] = true;
+ $_SESSION['serendipityRightPublish']= $serendipity['serendipityRightPublish'] = $row['right_publish'];
+ serendipity_load_configuration($serendipity['authorid']);
+ return true;
+ } else {
+ $_SESSION['serendipityAuthedUser'] = false;
+ @session_destroy();
+ }
+ }
+
+ return false;
+}
+
/**
* Check if a user is logged in
*
unset($serendipity['COOKIE'][$name]);
}
-/**
- * Perform user authentication routine
- *
- * If a user is already authenticated via session data, this bypasses some routines.
- * After a user has ben authenticated, several SESSION variables ar set.
- * If the authentication fails, the session is destroyed.
- *
- * @access public
- * @param string The username to check
- * @param string The password to check (may contain plaintext or MD5 hash)
- * @param boolean Indicates whether the input password is already in MD5 format (TRUE) or not (FALSE).
- * @param boolean Indicates whether to query external plugins for authentication
- * @return boolean True on success, False on error
- */
-function serendipity_authenticate_author($username = '', $password = '', $is_md5 = false, $use_external = true) {
- global $serendipity;
-
- if (isset($_SESSION['serendipityUser']) && isset($_SESSION['serendipityPassword']) && isset($_SESSION['serendipityAuthedUser']) && $_SESSION['serendipityAuthedUser'] == true) {
- $username = $_SESSION['serendipityUser'];
- $password = $_SESSION['serendipityPassword'];
- // For safety reasons when multiple blogs are installed on the same host, we need to check the current author each time to not let him log into a different blog with the same sessiondata
- $is_md5 = true;
- }
-
- if ($username != '') {
- if ($use_external) {
- serendipity_plugin_api::hook_event('backend_auth', $is_md5, array('username' => $username, 'password' => $password));
- }
-
- if ($is_md5 === false && !empty($password)) {
- $password = md5($password);
- }
-
- $query = "SELECT DISTINCT
- email, authorid, userlevel, right_publish
- FROM
- {$serendipity['dbPrefix']}authors
- WHERE
- username = '" . serendipity_db_escape_string($username) . "'
- AND password = '" . serendipity_db_escape_string($password) . "'";
- $row = serendipity_db_query($query, true, 'assoc');
-
- if (is_array($row)) {
- serendipity_setCookie('old_session', session_id());
- $_SESSION['serendipityUser'] = $serendipity['serendipityUser'] = $username;
- $_SESSION['serendipityPassword'] = $serendipity['serendipityPassword'] = $password;
- $_SESSION['serendipityEmail'] = $serendipity['serendipityEmail'] = $row['email'];
- $_SESSION['serendipityAuthorid'] = $serendipity['authorid'] = $row['authorid'];
- $_SESSION['serendipityUserlevel'] = $serendipity['serendipityUserlevel'] = $row['userlevel'];
- $_SESSION['serendipityAuthedUser'] = $serendipity['serendipityAuthedUser'] = true;
- $_SESSION['serendipityRightPublish']= $serendipity['serendipityRightPublish'] = $row['right_publish'];
- serendipity_load_configuration($serendipity['authorid']);
- return true;
- } else {
- $_SESSION['serendipityAuthedUser'] = false;
- @session_destroy();
- }
- }
-
- return false;
-}
-
/**
* Performs a check whether an iframe for the admin section shall be emitted
*
// it needs to be stored with the new ID.
echo '<script type="text/javascript">parent.document.forms[\'serendipityEntry\'][\'serendipity[id]\'].value = "' . $serendipity['lastSavedEntry'] . '";</script>';
}
- echo '<div class="serendipityAdminMsgSuccess">' . ENTRY_SAVED . '</div>';
+ $entrylink = serendipity_archiveURL($res, $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
+ echo '<div class="serendipityAdminMsgSuccess">' . ENTRY_SAVED . ' (<a href="' . $entrylink . '" target="_blank">' . VIEW . '</a>)</div>';
}
echo '<br style="clear: both" />';
if ($use_smarty) {
$preview = ob_get_contents();
ob_end_clean();
- $serendipity['smarty']->assign('preview', $preview);
+ $serendipity['smarty']->assign_by_ref('preview', $preview);
$serendipity['smarty']->display(serendipity_getTemplateFile('preview_iframe.tpl', 'serendipityPath'));
}
global $serendipity;
// Get group information
- $groups = serendipity_db_query("SELECT ag.groupid, g.name, gc.property, gc.value
+ $groups =& serendipity_db_query("SELECT ag.groupid, g.name, gc.property, gc.value
FROM {$serendipity['dbPrefix']}authorgroups AS ag
LEFT OUTER JOIN {$serendipity['dbPrefix']}groups AS g
ON ag.groupid = g.id
LEFT OUTER JOIN {$serendipity['dbPrefix']}groupconfig AS gc
ON g.id = gc.id
WHERE g.id = " . (int)$groupid, false, 'assoc');
- foreach($groups AS $group) {
- $conf[$group['property']] = $group['value'];
+
+ if (is_array($groups)) {
+ foreach($groups AS $group) {
+ $conf[$group['property']] = $group['value'];
+ }
}
// The following are unique
function &serendipity_getGroups($authorid, $sequence = false) {
global $serendipity;
- $groups =& serendipity_db_query("SELECT g.id AS confkey,
+ $_groups =& serendipity_db_query("SELECT g.id AS confkey,
g.name AS confvalue,
g.id AS id,
g.name AS name
LEFT OUTER JOIN {$serendipity['dbPrefix']}groups AS g
ON g.id = ag.groupid
WHERE ag.authorid = " . (int)$authorid, false, 'assoc');
- if (!is_array($groups)) {
+ if (!is_array($_groups)) {
$groups = array();
+ } else {
+ $groups =& $_groups;
}
if ($sequence) {
* @param int The ID of the group to update
* @param array The associative array of permission names
* @param array The associative array of new values for the permissions. Needs the same associative keys like the $perms array.
+ * @param bool Indicates if an all new privilege should be inserted (true) or if an existing privilege is going to be checked
* @return true
*/
-function serendipity_updateGroupConfig($groupid, &$perms, &$values) {
+function serendipity_updateGroupConfig($groupid, &$perms, &$values, $isNewPriv = false) {
global $serendipity;
if (!serendipity_checkPermission('adminUsersGroups')) {
$value = 'false';
}
- if (!serendipity_checkPermission($perm)) {
+ if ($isNewPriv == false && !serendipity_checkPermission($perm)) {
if (!isset($storage[$perm])) {
$value = 'false';
} else {
* @param string The type of an artifact (category|entry)
* @param string The type of access to grant (read|write)
* @param array The ID of the group to grant access to
+ * @param string A variable option for an artifact
* @return boolean True if ACL was applied, false if not.
*/
-function serendipity_ACLGrant($artifact_id, $artifact_type, $artifact_mode, $groups) {
+function serendipity_ACLGrant($artifact_id, $artifact_type, $artifact_mode, $groups, $artifact_index = '') {
global $serendipity;
if (empty($groups) || !is_array($groups)) {
// Delete all old existing relations.
serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}access
- WHERE artifact_id = " . (int)$artifact_id . "
- AND artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
- AND artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'");
+ WHERE artifact_id = " . (int)$artifact_id . "
+ AND artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
+ AND artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'
+ AND artifact_index = '" . serendipity_db_escape_string($artifact_index) . "'");
$data = array(
'artifact_id' => (int)$artifact_id,
'artifact_type' => $artifact_type,
'artifact_mode' => $artifact_mode,
- 'artifact_index' => ''
+ 'artifact_index' => $artifact_index
);
if (count($data) < 1) {
* @param int The ID of the artifact to set the access
* @param string The type of an artifact (category|entry)
* @param string The type of access to check for (read|write)
+ * @param string A variable option for an artifact
* @return array Returns an array of all groups that are allowed for this kind of access. You can then check if you are the member of any of the groups returned here.
*/
-function serendipity_ACLGet($artifact_id, $artifact_type, $artifact_mode) {
+function serendipity_ACLGet($artifact_id, $artifact_type, $artifact_mode, $artifact_index = '') {
global $serendipity;
$sql = "SELECT groupid, artifact_index FROM {$serendipity['dbPrefix']}access
- WHERE artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
- AND artifact_id = '" . (int)$artifact_id . "'
- AND artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'";
- $rows = serendipity_db_query($sql, false, 'assoc');
+ WHERE artifact_type = '" . serendipity_db_escape_string($artifact_type) . "'
+ AND artifact_id = '" . (int)$artifact_id . "'
+ AND artifact_mode = '" . serendipity_db_escape_string($artifact_mode) . "'
+ AND artifact_index = '" . serendipity_db_escape_string($artifact_index) . "'";
+ $rows =& serendipity_db_query($sql, false, 'assoc');
if (!is_array($rows)) {
return false;
AND ( {$artifact_sql['where']} )
GROUP BY result";
- $res = serendipity_db_query($sql, true, 'assoc');
+ $res =& serendipity_db_query($sql, true, 'assoc');
if (is_array($res) && !empty($res['result'])) {
return true;
}
* @access private
* @param array Associative array that holds the SQL part array to be used in other functions like serendipity_fetchEntries()
* @param boolean Some queries do not need to joins categories. When ACLs need to be applied, this column is required, so if $append_category is set to true it will perform this missing JOIN.
+ * @param string The ACL type ('category', 'directory')
+ * @param string ACL mode
* @return true True if ACLs were applied, false if not.
*/
-function serendipity_ACL_SQL(&$cond, $append_category = false) {
+function serendipity_ACL_SQL(&$cond, $append_category = false, $type = 'category', $mode = 'read') {
global $serendipity;
// A global configuration item controls whether the blog should apply ACLs or not!
ON ec.categoryid = c.categoryid";
}
+ switch($type) {
+ case 'directory':
+ $sql_artifact_column = 'i.path IS NULL OR
+ acl_acc.groupid IS NULL';
+ $sql_artifact = 'AND acl_acc.artifact_index = i.path';
+ break;
+
+ case 'category':
+ $sql_artifact_column = 'c.categoryid IS NULL';
+ $sql_artifact = 'AND acl_acc.artifact_id = c.categoryid';
+ break;
+ }
+
$cond['joins'] .= " LEFT JOIN {$serendipity['dbPrefix']}authorgroups AS acl_a
ON acl_a.authorid = " . $read_id . "
LEFT JOIN {$serendipity['dbPrefix']}access AS acl_acc
- ON ( acl_acc.artifact_mode = 'read'
- AND acl_acc.artifact_type = 'category'
- AND acl_acc.artifact_id = c.categoryid
+ ON ( acl_acc.artifact_mode = '" . $mode . "'
+ AND acl_acc.artifact_type = '" . $type . "'
+ " . $sql_artifact . "
)";
if (empty($cond['and'])) {
// When in Admin-Mode, apply readership permissions.
$cond['and'] .= " (
- c.categoryid IS NULL
+ " . $sql_artifact_column . "
OR ( acl_acc.groupid = " . $read_id_sql . ")
OR ( acl_acc.artifact_id IS NULL
" . (isset($serendipity['GET']['adminModule']) &&
return true;
}
-/**
/**
* Prevent XSRF attacks by setting a form token within HTTP Forms
*
}
}
+function &serendipity_loadThemeOptions(&$template_config) {
+ global $serendipity;
+ $_template_vars =& serendipity_db_query("SELECT name, value FROM {$serendipity['dbPrefix']}options
+ WHERE okey = 't_" . serendipity_db_escape_string($serendipity['template']) . "'", false, 'assoc', false, 'name', 'value');
+ if (!is_array($_template_vars)) {
+ $template_vars = array();
+ } else {
+ $template_vars =& $_template_vars;
+ }
+
+ foreach($template_config AS $key => $item) {
+ if (!isset($template_vars[$item['var']])) {
+ $template_vars[$item['var']] = $item['default'];
+ }
+ }
+
+ return $template_vars;
+}
/* vim: set sts=4 ts=4 expandtab : */
function serendipity_fetchCategoryRange($categoryid) {
global $serendipity;
- $res = serendipity_db_query("SELECT category_left, category_right FROM {$serendipity['dbPrefix']}category WHERE categoryid='". (int)$categoryid ."'");
+ $res =& serendipity_db_query("SELECT category_left, category_right FROM {$serendipity['dbPrefix']}category WHERE categoryid='". (int)$categoryid ."'");
if (!is_array($res) || !isset($res[0]['category_left']) || !isset($res[0]['category_right'])) {
$res = array(array('category_left' => 0, 'category_right' => 0));
}
FROM {$serendipity['dbPrefix']}category AS c
WHERE category_name = '" . serendipity_db_escape_string($categoryname) . "'";
- $ret = serendipity_db_query($query);
+ $ret =& serendipity_db_query($query);
return $ret[0];
} else {
$query = "SELECT
FROM {$serendipity['dbPrefix']}category AS c
WHERE categoryid = " . (int)$categoryid;
- $ret = serendipity_db_query($query);
+ $ret =& serendipity_db_query($query);
return $ret[0];
}
}
* @param int The ID of the entry
* @return array The array of associated categories to that entry
*/
-function serendipity_fetchEntryCategories($entryid) {
+function &serendipity_fetchEntryCategories($entryid) {
global $serendipity;
if (is_numeric($entryid)) {
ON ec.categoryid = c.categoryid
WHERE ec.entryid = {$entryid}";
- $cat = serendipity_db_query($query);
+ $cat =& serendipity_db_query($query);
if (!is_array($cat)) {
- return array();
+ $arr = array();
+ return $arr;
} else {
return $cat;
}
* @param string If set to "array", the array of entries will be returned. "flat-array" will only return the articles without their entryproperties. "single" will only return a 1-dimensional array. "query" will only return the used SQL.
* @return array Holds the super-array of all entries with all additional information
*/
-function serendipity_fetchEntries($range = null, $full = true, $limit = '', $fetchDrafts = false, $modified_since = false, $orderby = 'timestamp DESC', $filter_sql = '', $noCache = false, $noSticky = false, $select_key = null, $group_by = null, $returncode = 'array') {
+function &serendipity_fetchEntries($range = null, $full = true, $limit = '', $fetchDrafts = false, $modified_since = false, $orderby = 'timestamp DESC', $filter_sql = '', $noCache = false, $noSticky = false, $select_key = null, $group_by = null, $returncode = 'array') {
global $serendipity;
$cond = array();
return $query;
}
- $ret = serendipity_db_query($query, $fetch_single, 'assoc');
+ $ret =& serendipity_db_query($query, $fetch_single, 'assoc');
if (is_string($ret)) {
die("Query failed: $ret");
ON ec.categoryid = c.categoryid
WHERE " . serendipity_db_in_sql('ec.entryid', $search_ids);
- $search_ret = serendipity_db_query($query, false, 'assoc');
+ $search_ret =& serendipity_db_query($query, false, 'assoc');
if (is_array($search_ret)) {
foreach($search_ret AS $i => $entry) {
* @param string Indicates whether drafts should be fetched
* @return
*/
-function serendipity_fetchEntry($key, $val, $full = true, $fetchDrafts = 'false') {
+function &serendipity_fetchEntry($key, $val, $full = true, $fetchDrafts = 'false') {
global $serendipity;
$cond = array();
{$cond['and']}
LIMIT 1";
- $ret = serendipity_db_query($querystring, true, 'assoc');
+ $ret =& serendipity_db_query($querystring, true, 'assoc');
if (is_array($ret)) {
- $ret['categories'] = serendipity_fetchEntryCategories($ret['id']);
- $ret['properties'] = serendipity_fetchEntryProperties($ret['id']);
+ $ret['categories'] =& serendipity_fetchEntryCategories($ret['id']);
+ $ret['properties'] =& serendipity_fetchEntryProperties($ret['id']);
}
return $ret;
* @param int The ID of the entry to fetch additonal data for
* @return array The array of given properties to an entry
*/
-function serendipity_fetchEntryProperties($id) {
+function &serendipity_fetchEntryProperties($id) {
global $serendipity;
$parts = array();
serendipity_plugin_api::hook_event('frontend_entryproperties_query', $parts);
- $properties = serendipity_db_query("SELECT property, value FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid = " . (int)$id . " " . $parts['and']);
- if (!is_array($properties)) {
+ $_properties =& serendipity_db_query("SELECT property, value FROM {$serendipity['dbPrefix']}entryproperties WHERE entryid = " . (int)$id . " " . $parts['and']);
+ if (!is_array($_properties)) {
$properties = array();
+ } else {
+ $properties =& $_properties;
}
$property = array();
foreach($properties AS $idx => $row) {
- $property[$row['property']] = $row['value'];
+ $property[$row['property']] =& $row['value'];
}
return $property;
* @param string The ACL artifact condition. If set to "write" only categories will be shown that the author can write to. If set to "read", only categories will be show that the author can read or write to.
* @return array Returns the array of categories
*/
-function serendipity_fetchCategories($authorid = null, $name = null, $order = null, $artifact_mode = 'write') {
+function &serendipity_fetchCategories($authorid = null, $name = null, $order = null, $artifact_mode = 'write') {
global $serendipity;
if ($name === null) {
$querystring .= "\n ORDER BY $order";
}
- $ret = serendipity_db_query($querystring);
+ $ret =& serendipity_db_query($querystring);
if (is_string($ret)) {
echo "Query failed: $ret";
}
* @param int Restrict the number of results [also uses $serendipity['GET']['page'] for pagination]
* @return array Returns the superarray of entries found
*/
-function serendipity_searchEntries($term, $limit = '') {
+function &serendipity_searchEntries($term, $limit = '') {
global $serendipity;
if ($limit == '') {
ORDER BY timestamp DESC
$limit";
- $search = serendipity_db_query($querystring);
+ $search =& serendipity_db_query($querystring);
if (is_array($search)) {
serendipity_fetchEntryData($search);
$querystring = "SELECT count(distinct e.id) {$serendipity['fullCountQuery']}";
}
- $query = serendipity_db_query($querystring);
+ $query =& serendipity_db_query($querystring);
if (is_array($query) && isset($query[0])) {
if ($serendipity['dbType'] == 'sqlite') {
}
}
+
// We shouldn't return here, because we want Smarty to handle the output
if (!is_array($entries) || $entries[0] == false || !isset($entries[0]['timestamp'])) {
$entries = array();
);
$serendipity['smarty']->assign($comment_add_data);
-
serendipity_displayCommentForm(
$entry['id'],
$serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?url=' . $entry['commURL'],
break;
}
- $entries = serendipity_db_query("SELECT count(id)
+ $entries =& serendipity_db_query("SELECT count(id)
FROM {$serendipity['dbPrefix']}entries e
LEFT JOIN {$serendipity['dbPrefix']}entrycat ec
ON e.id = ec.entryid
projects / s9y.git / commitdiff