ajax.php
changeset 144 380e55865f86
parent 142 ca9118d9c0f2
child 166 d53cc29308f4
child 184 d74ff822acc9
equal deleted inserted replaced
143:c8bfd324cb03 144:380e55865f86
    10  *
    10  *
    11  * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
    11  * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
    12  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
    12  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
    13  */
    13  */
    14  
    14  
       
    15   // fillusername should be done without the help of the rest of Enano - all we need is the DBAL
       
    16   if ( isset($_GET['_mode']) && $_GET['_mode'] == 'fillusername' )
       
    17   {
       
    18     // setup and load a very basic, specialized instance of the Enano API
       
    19     function dc_here($m)     { return false; }
       
    20     function dc_dump($a, $g) { return false; }
       
    21     function dc_watch($n)    { return false; }
       
    22     function dc_start_timer($u) { return false; }
       
    23     function dc_stop_timer($m) { return false; }
       
    24     // Determine directory (special case for development servers)
       
    25     if ( strpos(__FILE__, '/repo/') && file_exists('.enanodev') )
       
    26     {
       
    27       $filename = str_replace('/repo/', '/', __FILE__);
       
    28     }
       
    29     else
       
    30     {
       
    31       $filename = __FILE__;
       
    32     }
       
    33     define('ENANO_ROOT', dirname($filename));
       
    34     require(ENANO_ROOT.'/includes/functions.php');
       
    35     require(ENANO_ROOT.'/includes/dbal.php');
       
    36     $db = new mysql();
       
    37     $db->connect();
       
    38     
       
    39     // should be connected now
       
    40     $name = (isset($_GET['name'])) ? $db->escape($_GET['name']) : false;
       
    41     if ( !$name )
       
    42     {
       
    43       die('userlist = new Array(); errorstring=\'Invalid URI\'');
       
    44     }
       
    45     $q = $db->sql_query('SELECT username,user_id FROM '.table_prefix.'users WHERE lcase(username) LIKE lcase(\'%'.$name.'%\');');
       
    46     if ( !$q )
       
    47     {
       
    48       die('userlist = new Array(); errorstring=\'MySQL error selecting username data: '.addslashes(mysql_error()).'\'');
       
    49     }
       
    50     if($db->numrows() < 1)
       
    51     {
       
    52       die('userlist = new Array(); errorstring=\'No usernames found\';');
       
    53     }
       
    54     echo 'var errorstring = false; userlist = new Array();';
       
    55     $i = 0;
       
    56     while($r = $db->fetchrow())
       
    57     {
       
    58       echo "userlist[$i] = '".addslashes($r['username'])."'; ";
       
    59       $i++;
       
    60     }
       
    61     $db->free_result();
       
    62     
       
    63     // all done! :-)
       
    64     $db->close();
       
    65     exit;
       
    66   }
       
    67  
    15   require('includes/common.php');
    68   require('includes/common.php');
    16   
    69   
    17   global $db, $session, $paths, $template, $plugins; // Common objects
    70   global $db, $session, $paths, $template, $plugins; // Common objects
    18   if(!isset($_GET['_mode'])) die('This script cannot be accessed directly.');
    71   if(!isset($_GET['_mode'])) die('This script cannot be accessed directly.');
    19   
    72   
   103       break;
   156       break;
   104     case "setpass":
   157     case "setpass":
   105       echo PageUtils::setpass($paths->cpage['urlname_nons'], $paths->namespace, $_POST['password']);
   158       echo PageUtils::setpass($paths->cpage['urlname_nons'], $paths->namespace, $_POST['password']);
   106       break;
   159       break;
   107     case "fillusername":
   160     case "fillusername":
   108       $name = (isset($_GET['name'])) ? $db->escape($_GET['name']) : false;
       
   109       if ( !$name ) 
       
   110       {
       
   111         die('userlist = new Array(); errorstring=\'Invalid URI\'');
       
   112       }
       
   113       $q = $db->sql_query('SELECT username,user_id FROM '.table_prefix.'users WHERE lcase(username) LIKE lcase(\'%'.$name.'%\');');
       
   114       if ( !$q )
       
   115       {
       
   116         die('userlist = new Array(); errorstring=\'MySQL error selecting username data: '.addslashes(mysql_error()).'\'');
       
   117       }
       
   118       if($db->numrows() < 1)
       
   119       {
       
   120         die('userlist = new Array(); errorstring=\'No usernames found\';');
       
   121       }
       
   122       echo 'var errorstring = false; userlist = new Array();';
       
   123       $i = 0;
       
   124       while($r = $db->fetchrow())
       
   125       {
       
   126         echo "userlist[$i] = '".addslashes($r['username'])."'; ";
       
   127         $i++;
       
   128       }
       
   129       $db->free_result();
       
   130       break;
   161       break;
   131     case "fillpagename":
   162     case "fillpagename":
   132       $name = (isset($_GET['name'])) ? $_GET['name'] : false;
   163       $name = (isset($_GET['name'])) ? $_GET['name'] : false;
   133       if(!$name) die('userlist = new Array(); namelist = new Array(); errorstring=\'Invalid URI\'');
   164       if(!$name) die('userlist = new Array(); namelist = new Array(); errorstring=\'Invalid URI\'');
   134       $nd = RenderMan::strToPageID($name);
   165       $nd = RenderMan::strToPageID($name);