diff --git a/app/edit/clipadd.php b/app/edit/clipadd.php
index 0a3ed79d23..13f44a0681 100644
--- a/app/edit/clipadd.php
+++ b/app/edit/clipadd.php
@@ -40,12 +40,12 @@ else {
$text = $language->get();
if (count($_POST)>0) {
- $clip_name = check_str($_POST["clip_name"]);
- $clip_folder = check_str($_POST["clip_folder"]);
- $clip_text_start = check_str($_POST["clip_text_start"]);
- $clip_text_end = check_str($_POST["clip_text_end"]);
- $clip_desc = check_str($_POST["clip_desc"]);
- $clip_order = check_str($_POST["clip_order"]);
+ $clip_name = $_POST["clip_name"];
+ $clip_folder = $_POST["clip_folder"];
+ $clip_text_start = $_POST["clip_text_start"];
+ $clip_text_end = $_POST["clip_text_end"];
+ $clip_desc = $_POST["clip_desc"];
+ $clip_order = $_POST["clip_order"];
if (strlen($clip_order) == 0) { $clip_order = 0; }
//no slashes
@@ -53,34 +53,30 @@ if (count($_POST)>0) {
$clip_name = str_replace('\\', '|', $clip_name);
//sql insert
- $sql = "insert into v_clips ";
- $sql .= "(";
- $sql .= "clip_uuid, ";
- $sql .= "clip_name, ";
- $sql .= "clip_folder, ";
- $sql .= "clip_text_start, ";
- $sql .= "clip_text_end, ";
- $sql .= "clip_desc, ";
- $sql .= "clip_order ";
- $sql .= ")";
- $sql .= "values ";
- $sql .= "(";
- $sql .= "'".uuid()."', ";
- $sql .= "'$clip_name', ";
- $sql .= "'$clip_folder', ";
- $sql .= "'$clip_text_start', ";
- $sql .= "'$clip_text_end', ";
- $sql .= "'$clip_desc', ";
- $sql .= "'$clip_order' ";
- $sql .= ")";
- $db->exec(check_sql($sql));
- unset($sql,$db);
+ $array['clips'][0]['clip_uuid'] = uuid();
+ $array['clips'][0]['clip_name'] = $clip_name;
+ $array['clips'][0]['clip_folder'] = $clip_folder;
+ $array['clips'][0]['clip_text_start'] = $clip_text_start;
+ $array['clips'][0]['clip_text_end'] = $clip_text_end;
+ $array['clips'][0]['clip_desc'] = $clip_desc;
+ $array['clips'][0]['clip_order'] = $clip_order;
+
+ $p = new permissions;
+ $p->add('clip_add', 'temp');
+
+ $database = new database;
+ $database->app_name = 'edit';
+ $database->app_uuid = '17e628ee-ccfa-49c0-29ca-9894a0384b9b';
+ $database->save($array);
+ unset($array);
+
+ $p->add('clip_add', 'temp');
require_once "header.php";
echo "\n";
echo $text['message-add'];
require_once "footer.php";
- return;
+ exit;
}
//show the content
@@ -103,19 +99,19 @@ if (count($_POST)>0) {
echo " ";
echo " ".$text['label-before-selection']."
";
- echo " ";
+ echo " ";
echo " | ";
echo "
";
echo " ";
echo " ".$text['label-after-selection']."
";
- echo " ";
+ echo " ";
echo " | ";
echo "
";
echo " ";
echo " ".$text['label-notes']."
";
- echo " ";
+ echo " ";
echo " | ";
echo "
";
diff --git a/app/edit/clipdelete.php b/app/edit/clipdelete.php
index 8653d67c70..0137e8a54f 100644
--- a/app/edit/clipdelete.php
+++ b/app/edit/clipdelete.php
@@ -40,15 +40,22 @@ else {
$text = $language->get();
//get the uuid from http values
- $clip_uuid = check_str($_GET["id"]);
+ $clip_uuid = $_GET["id"];
//delete the clip
- if (strlen($_GET["id"])>0) {
- $sql = "delete from v_clips ";
- $sql .= "where clip_uuid = '".$clip_uuid."' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- unset($sql,$db);
+ if (is_uuid($clip_uuid)) {
+ $array['clips'][0]['clip_uuid'] = $clip_uuid;
+
+ $p = new permissions;
+ $p->add('clip_delete', 'temp');
+
+ $database = new database;
+ $database->app_name = 'edit';
+ $database->app_uuid = '17e628ee-ccfa-49c0-29ca-9894a0384b9b';
+ $database->delete($array);
+ unset($array);
+
+ $p->delete('clip_delete', 'temp');
}
//redirect the browser
diff --git a/app/edit/cliplist.php b/app/edit/cliplist.php
index 67572ee658..23bcea886e 100644
--- a/app/edit/cliplist.php
+++ b/app/edit/cliplist.php
@@ -44,7 +44,7 @@ require_once "header.php";
function isfile($filename) {
- if (@filesize($filename) > 0) { return true; } else { return false; }
+ return @filesize($filename) > 0 ? true : false;
}
function space($count) {
@@ -157,12 +157,11 @@ echo "\n";
echo "
\n";
$sql = "select * from v_clips order by clip_folder asc, clip_name asc";
-$prep_statement = $db->prepare(check_sql($sql));
-$prep_statement->execute();
-$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-$result_count = count($result);
+$database = new database;
+$result = $database->select($sql, null, 'all');
+unset($sql);
-if ($result_count > 0) {
+if (is_array($result) && @sizeof($result) != 0) {
$master_array = array();
foreach ($result as $row) {
$clip_folder = rtrim($row['clip_folder'], '/');
@@ -185,6 +184,7 @@ if ($result_count > 0) {
$master_array = array_merge_recursive($master_array, $folders);
}
+ unset($result, $row);
function parse_array($arr) {
if (is_array($arr)) {
@@ -216,7 +216,5 @@ if ($result_count > 0) {
echo "
".print_r($master_array, true)."
";
-
require_once "footer.php";
?>
\ No newline at end of file
diff --git a/app/edit/clipoptionslist.php b/app/edit/clipoptionslist.php
index cd1d625391..d6d780b5bb 100644
--- a/app/edit/clipoptionslist.php
+++ b/app/edit/clipoptionslist.php
@@ -119,12 +119,11 @@ echo "\n";
echo "\n";
$sql = "select * from v_clips order by clip_folder asc, clip_name asc";
-$prep_statement = $db->prepare(check_sql($sql));
-$prep_statement->execute();
-$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
-$result_count = count($result);
+$database = new database;
+$result = $database->select($sql, null, 'all');
+unset($sql);
-if ($result_count > 0) {
+if (is_array($result) && @sizeof($result) != 0) {
$master_array = array();
foreach ($result as $row) {
$clip_folder = rtrim($row['clip_folder'], '/');
@@ -175,6 +174,7 @@ if ($result_count > 0) {
}
parse_array($master_array);
}
+unset($result, $row);
echo "
\n";
diff --git a/app/edit/clipupdate.php b/app/edit/clipupdate.php
index d7816b3d23..ef87ea9dec 100644
--- a/app/edit/clipupdate.php
+++ b/app/edit/clipupdate.php
@@ -39,55 +39,64 @@ else {
$text = $language->get();
if (count($_POST)>0) {
- $clip_uuid = check_str($_POST["id"]);
- $clip_name = check_str($_POST["clip_name"]);
- $clip_folder = check_str($_POST["clip_folder"]);
- $clip_text_start = check_str($_POST["clip_text_start"], false);
- $clip_text_end = check_str($_POST["clip_text_end"], false);
- $clip_desc = check_str($_POST["clip_desc"]);
- $clip_order = check_str($_POST["clip_order"]);
+ $clip_uuid = $_POST["id"];
+ $clip_name = $_POST["clip_name"];
+ $clip_folder = $_POST["clip_folder"];
+ $clip_text_start = $_POST["clip_text_start"];
+ $clip_text_end = $_POST["clip_text_end"];
+ $clip_desc = $_POST["clip_desc"];
+ $clip_order = $_POST["clip_order"];
//no slashes
$clip_name = str_replace('/', '|', $clip_name);
$clip_name = str_replace('\\', '|', $clip_name);
//sql update
- $sql = "update v_clips set ";
- $sql .= "clip_name = '$clip_name', ";
- $sql .= "clip_folder = '$clip_folder', ";
- $sql .= "clip_text_start = '$clip_text_start', ";
- $sql .= "clip_text_end = '$clip_text_end', ";
- $sql .= "clip_desc = '$clip_desc', ";
- $sql .= "clip_order = '$clip_order' ";
- $sql .= "where clip_uuid = '$clip_uuid' ";
- $count = $db->exec(check_sql($sql));
+ $array['clips'][0]['clip_uuid'] = $clip_uuid;
+ $array['clips'][0]['clip_name'] = $clip_name;
+ $array['clips'][0]['clip_folder'] = $clip_folder;
+ $array['clips'][0]['clip_text_start'] = $clip_text_start;
+ $array['clips'][0]['clip_text_end'] = $clip_text_end;
+ $array['clips'][0]['clip_desc'] = $clip_desc;
+ $array['clips'][0]['clip_order'] = $clip_order;
+
+ $p = new permissions;
+ $p->add('clip_edit', 'temp');
+
+ $database = new database;
+ $database->app_name = 'edit';
+ $database->app_uuid = '17e628ee-ccfa-49c0-29ca-9894a0384b9b';
+ $database->save($array);
+ unset($array);
+
+ $p->add('clip_edit', 'temp');
//redirect the browser
require_once "header.php";
echo "\n";
echo $text['message-update'];
require_once "footer.php";
- return;
+ exit;
}
else {
//get the uuid from http values
- $clip_uuid = check_str($_GET["id"]);
+ $clip_uuid = $_GET["id"];
//get the clip
$sql = "select * from v_clips ";
- $sql .= "where clip_uuid = '$clip_uuid' ";
- $prep_statement = $db->prepare(check_sql($sql));
- $prep_statement->execute();
- $result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
- foreach ($result as &$row) {
+ $sql .= "where clip_uuid = :clip_uuid ";
+ $parameters['clip_uuid'] = $clip_uuid;
+ $database = new database;
+ $row = $database->select($sql, $parameters, 'row');
+ if (is_array($row) && @sizeof($row) != 0) {
$clip_name = $row["clip_name"];
$clip_folder = $row["clip_folder"];
$clip_text_start = $row["clip_text_start"];
$clip_text_end = $row["clip_text_end"];
$clip_desc = $row["clip_desc"];
$clip_order = $row["clip_order"];
- break; //limit to 1 row
}
+ unset($sql, $parameters, $row);
}
//show the content
@@ -110,19 +119,19 @@ else {
echo " ";
echo " Before Selection
";
- echo " ";
+ echo " ";
echo " | ";
echo "
";
echo " ";
echo " After Selection
";
- echo " ";
+ echo " ";
echo " | ";
echo "
";
echo " ";
echo " Notes
";
- echo " ";
+ echo " ";
echo " | ";
echo "
";
![](".PROJECT_PATH."resources/images/icon_gear.png){kind=icon}
".$text['label-clip-library']."