diff --git a/admin/cms.php b/admin/cms.php index c1f2428d..1b9fe0c2 100644 --- a/admin/cms.php +++ b/admin/cms.php @@ -79,7 +79,7 @@ if (get_value_from_array($_POST, 'action') == 'save') { ? )"); $q->execute([$filename,$insertdt,$lang,$text,get_value_from_array($_POST, $titlename, ''),get_value_from_array($_POST, $showlogoname, '')]); - if ($pdo->errorInfo()) { + if (!$pdo->errorInfo()) { echo error(i18n('An error occurred saving %1 in %2', array($filename, $langname))); $err = true; } @@ -88,7 +88,7 @@ if (get_value_from_array($_POST, 'action') == 'save') { echo happy(i18n('%1 successfully saved', array($_POST['filename']))); } -if (get_value_from_array($_GET, 'filename', '') || get_value_from_array($_GET, 'action', 'create')) { +if (get_value_from_array($_GET, 'filename') || get_value_from_array($_GET, 'action') == 'create') { echo "<< Back to file list
\n"; echo '
'; echo "\n"; @@ -104,7 +104,7 @@ if (get_value_from_array($_GET, 'filename', '') || get_value_from_array($_GET, ' echo ''; $q = $pdo->prepare("SELECT * FROM cms WHERE filename=? AND lang=? ORDER BY dt DESC LIMIT 1"); - $q->execute([get_value_from_array($_GET, 'filename', ''),$lang]); + $q->execute([$_GET['filename'],$lang]); if ($r = $q->fetch(PDO::FETCH_OBJ)) { if ($r->dt == '0000-00-00 00:00:00' || !$r->dt) $dt = 'Never'; @@ -163,8 +163,8 @@ if (get_value_from_array($_GET, 'filename', '') || get_value_from_array($_GET, ' echo '' . i18n('File History') . "\n"; - $q = $pdo->prepare("SELECT DISTINCT(dt) FROM cms WHERE filename=? ORDER BY dt DESC LIMIT ?"); - $q->execute([get_value_from_array($_GET, 'filename', ''),$historylimit]); + $q = $pdo->prepare("SELECT DISTINCT(dt) FROM cms WHERE filename=? ORDER BY dt DESC LIMIT $historylimit"); + $q->execute([get_value_from_array($_GET, 'filename')]); $first = true; if ($q->rowCount()) { while ($r = $q->fetch(PDO::FETCH_OBJ)) { @@ -203,12 +203,12 @@ if (get_value_from_array($_GET, 'filename', '') || get_value_from_array($_GET, ' echo ''; $q = $pdo->prepare('SELECT DISTINCT(filename) AS filename FROM cms ORDER BY filename'); - + $q->execute(); echo ''; - while ($r = $q->fetch(PDO::FETCH_ASSOC)) { + while ($r = $q->fetch(PDO::FETCH_OBJ)) { echo '"; $q2 = $pdo->prepare("SELECT dt FROM cms WHERE filename=? ORDER BY dt DESC LIMIT 1"); - $q->execute([$r->filename]); + $q2->execute([$r->filename]); $r2 = $q2->fetch(PDO::FETCH_OBJ); if ($r2->dt == '0000-00-00 00:00:00') $dt = 'Never'; diff --git a/admin/documents.php b/admin/documents.php index 2f6b6799..208196ec 100644 --- a/admin/documents.php +++ b/admin/documents.php @@ -45,7 +45,6 @@ $editor = new TableEditor('documents', 'sel_category' => 'Category', 'filename' => 'Filename', )); - $editor->setPrimaryKey('id'); $editor->setUploadPath('../data/documents'); $editor->setDefaultSortField('sel_category,date'); diff --git a/tableeditor.class.php b/tableeditor.class.php index 15b24893..2ffd563a 100644 --- a/tableeditor.class.php +++ b/tableeditor.class.php @@ -79,6 +79,7 @@ if (!$icon_extension) { $icon_extension = 'png'; } + /** * The main class * @package tableeditor @@ -141,7 +142,7 @@ class TableEditor * @param array $editfields * @param array $hiddenfields */ - function TableEditor($classname, $listfields = null, $editfields = null, $hiddenfields = null) + function __construct($classname, $listfields = null, $editfields = null, $hiddenfields = null) { // set defaults $this->timeformat = '12hrs'; @@ -368,8 +369,8 @@ class TableEditor $inputsize = 0; // figure out what kind of input this should be - $q = $pdo->prepare("SHOW COLUMNS FROM ? LIKE ?"); - $q->execute([$this->table,$f]); + $q = $pdo->prepare("SHOW COLUMNS FROM $this->table LIKE '$f'"); + $q->execute(); $r = $q->fetch(PDO::FETCH_OBJ); if (preg_match('/([a-z]*)\(([0-9,]*)\)/', $r->Type, $regs)) { @@ -461,15 +462,16 @@ class TableEditor function defaultLoad() { global $pdo; - $query = "SELECT ?"; + $query = "SELECT $this->primaryKey"; foreach ($this->editfields AS $f => $n) - $query .= ", ?"; - $query .= " FROM ?"; - $query .= " WHERE {$this->primaryKey}=?"; + $query .= ", `$f`"; + $query .= " FROM $this->table"; + $query .= " WHERE $this->primaryKey=". $_GET['edit']; if ($this->DEBUG) echo $query; + $editquery = $pdo->prepare($query); - $editquery->execute([$this->primaryKey,$f,$this->table,$_GET['edit']]); + $editquery->execute(); $editdata = $editquery->fetch(PDO::FETCH_ASSOC); return $editdata; } @@ -699,6 +701,7 @@ class TableEditor echo ''; echo ""; + $data = ""; if ($this->classname) $data = new $this->classname($_GET['edit']); @@ -785,8 +788,8 @@ class TableEditor case 'enum': break; case 'select_or_text': - $optq = $pdo->prepare("SELECT DISTINCT(?) AS ? FROM ? ORDER BY ?"); - $optq->execute([$f,$f,$this->table, $f]); + $optq = $pdo->prepare("SELECT DISTINCT('$f') AS '$f' FROM $this->table ORDER BY '$f'"); + $optq->execute(); if ($this->fieldInputOptions[$f]) echo ''; while ($r = $q->fetch(PDO::FETCH_OBJ)) { echo ''; + foreach ($this->listfields AS $f => $n) { // figure out what kind of input this should be - $typeq = $pdo->prepare("SHOW COLUMNS FROM ? LIKE ?"); - $typeq->execute([$this->table,$config['FAIRYEAR']]); - $typer = $typeq->fetCh(PDO::FETCH_OBJ); + $typeq = $pdo->prepare("SHOW COLUMNS FROM $this->table LIKE '$f'"); + $typeq->execute(); + $typer = $typeq->fetch(PDO::FETCH_OBJ); if ($typer->Type == 'time') echo ''; else if ($typer->Type == 'date')
' . i18n('Filename') . '' . i18n('Last Update') . '
/web/$r->filename
' . $this->format_time($r->$f) . '