*/
private $DB;
+ private $_showPrivate = false;
+
protected $COMBINED_SELECT_VALUES = "any_value(`id`) as id,
any_value(`link`) as link,
any_value(`created`) as created,
$this->DB = $databaseConnectionObject;
}
+ /**
+ * Show private links or not
+ * @param $bool
+ */
+ public function setShowPrivate($bool) {
+ if(is_bool($bool)) {
+ $this->_showPrivate = $bool;
+ }
+ }
+
/**
* get all the available categories from the DB.
* optional limit
if($stats === true) {
$queryStr = "SELECT
COUNT(*) as amount,
- any_value(categoryid) as categoryId
- FROM `".DB_PREFIX."_categoryrelation`
- GROUP BY categoryid";
+ any_value(cr.categoryid) as categoryId
+ FROM `".DB_PREFIX."_categoryrelation` AS cr, `".DB_PREFIX."_link` AS l
+ WHERE cr.linkid = l.id";
+ if($this->_showPrivate === true) {
+ $queryStr .= " AND l.status IN (2,1)";
+ }
+ else {
+ $queryStr .= " AND l.status = 2";
+ }
+ $queryStr .= " GROUP BY categoryid";
+
$query = $this->DB->query($queryStr);
if(!empty($query)) {
while($result = $query->fetch_assoc()) {
if($stats === true) {
$queryStr = "SELECT
COUNT(*) as amount,
- any_value(`tagid`) as tagId
- FROM `".DB_PREFIX."_tagrelation`
- GROUP BY tagId";
+ any_value(tr.tagid) as tagId
+ FROM `".DB_PREFIX."_tagrelation` AS tr, `".DB_PREFIX."_link` AS l
+ WHERE tr.linkid = l.id";
+ if($this->_showPrivate === true) {
+ $queryStr .= " AND l.status IN (2,1)";
+ }
+ else {
+ $queryStr .= " AND l.status = 2";
+ }
+ $queryStr .= "GROUP BY tagId";
+
$query = $this->DB->query($queryStr);
if(!empty($query)) {
while($result = $query->fetch_assoc()) {
public function latestLinks($limit=5) {
$ret = array();
- $queryStr = "SELECT `title` FROM `".DB_PREFIX."_link` WHERE `status` = 2 ORDER BY `created` DESC";
+ $queryStr = "SELECT `title` FROM `".DB_PREFIX."_link`";
+ if($this->_showPrivate === true) {
+ $queryStr .= " WHERE `status` IN (2,1)";
+ }
+ else {
+ $queryStr .= " WHERE `status` = 2";
+ }
+ $queryStr .= " ORDER BY `created` DESC";
if(!empty($limit)) {
$queryStr .= " LIMIT $limit";
}
$querySelect = "SELECT ".$this->COMBINED_SELECT_VALUES;
$queryFrom = " FROM `".DB_PREFIX."_combined`";
$queryWhere = " WHERE `status` = 2";
-
+ if($this->_showPrivate === true) {
+ $queryWhere = " WHERE `status` IN (2,1)";
+ }
if(!empty($id) && is_numeric($id)) {
$queryWhere .= " AND `categoryId` = '" . $this->DB->real_escape_string($id) . "'";
}
$querySelect = "SELECT ".$this->COMBINED_SELECT_VALUES;
$queryFrom = " FROM `".DB_PREFIX."_combined`";
$queryWhere = " WHERE `status` = 2";
-
+ if($this->_showPrivate === true) {
+ $queryWhere = " WHERE `status` IN (2,1)";
+ }
if(!empty($id) && is_numeric($id)) {
$queryWhere .= " AND `tagId` = '" . $this->DB->real_escape_string($id) . "'";
}
$querySelect = "SELECT `hash`";
$queryFrom = " FROM `".DB_PREFIX."_link`";
$queryWhere = " WHERE `status` = 2";
+ if($this->_showPrivate === true) {
+ $queryWhere = " WHERE `status` IN (2,1)";
+ }
$queryOrder = " ORDER BY `created` DESC";
$queryLimit = "";
if(!empty($limit)) {
$ret = array();
if(!empty($categoryid) && is_numeric($categoryid)) {
- $queryStr = "SELECT ".$this->COMBINED_SELECT_VALUES."
- FROM `".DB_PREFIX."_combined`
- WHERE `status` = 2
- AND `categoryId` = '" . $this->DB->real_escape_string($categoryid) . "'
+ $queryStr = "SELECT ".$this->COMBINED_SELECT_VALUES."
+ FROM `".DB_PREFIX."_combined`";
+ if($this->_showPrivate === true) {
+ $queryStr .= " WHERE `status` IN (2,1)";
+ }
+ else {
+ $queryStr .= " WHERE `status` = 2";
+ }
+ $queryStr .= " AND `categoryId` = '" . $this->DB->real_escape_string($categoryid) . "'
ORDER BY `created` DESC
LIMIT 1";
$query = $this->DB->query($queryStr);
return $ret;
}
+ /**
+ * Search for the given url in the links table
+ * @param $url
+ * @return mixed
+ */
+ public function searchForLinkByURL($url) {
+ $ret = false;
+
+ if(!empty($url)) {
+ $queryStr = "SELECT * FROM `".DB_PREFIX."_link`";
+ if($this->_showPrivate === true) {
+ $queryStr .= " WHERE `status` IN (2,1)";
+ }
+ else {
+ $queryStr .= " WHERE `status` = 2";
+ }
+ $queryStr .= " AND `link` = '".$this->DB->real_escape_string($url)."'";
+
+ $query = $this->DB->query($queryStr);
+ if(!empty($query) && $query->num_rows > 0) {
+ $ret = $query->fetch_all(MYSQLI_ASSOC);
+ }
+ }
+
+ return $ret;
+ }
+
+ /**
+ * search for given searchstring in the search data of the links
+ * @param $searchStr
+ * @return mixed
+ */
+ public function searchForLinkBySearchData($searchStr) {
+ $ret = false;
+
+ if(!empty($searchStr)) {
+ $queryStr = "SELECT *,
+ MATCH (`search`) AGAINST ('".$this->DB->real_escape_string($searchStr)."' IN BOOLEAN MODE) AS score
+ FROM `".DB_PREFIX."_link`
+ WHERE MATCH (`search`) AGAINST ('".$this->DB->real_escape_string($searchStr)."' IN BOOLEAN MODE)";
+ if($this->_showPrivate === true) {
+ $queryStr .= " WHERE `status` IN (2,1)";
+ }
+ else {
+ $queryStr .= " WHERE `status` = 2";
+ }
+ $queryStr .= " ORDER BY score DESC";
+
+ $query = $this->DB->query($queryStr);
+ if(!empty($query) && $query->num_rows > 0) {
+ $ret = $query->fetch_all(MYSQLI_ASSOC);
+ }
+ }
+
+ return $ret;
+ }
+
/**
* for simpler management we have the search data in a separate column
* it is not fancy or even technical nice but it damn works
}
}
-?>
$formData = false;
$honeypotCheck = false;
+$_requestMode = false;
+if(isset($_GET['m']) && !empty($_GET['m'])) {
+ $_requestMode = trim($_GET['m']);
+ $_requestMode = Summoner::validate($_requestMode,'nospace') ? $_requestMode : "all";
+}
+if($_requestMode === "auth") {
+ # very simple security check.
+ # can/should be extended in the future.
+ Summoner::simpleAuth();
+}
+
if((isset($_POST['password']) && !empty($_POST['password'])) || (isset($_POST['username']) && !empty($_POST['username']))) {
# those are hidden fields. A robot may input these. A valid user does not.
$honeypotCheck = true;
# search for URL
$queryStr = "SELECT * FROM `".DB_PREFIX."_link`
WHERE `link` = '".$DB->real_escape_string($searchValue)."'";
+
+ $searchResult = $Management->searchForLinkByURL($searchValue);
}
elseif(Summoner::validate($searchValue,'text')) {
$queryStr = "SELECT *,
FROM `".DB_PREFIX."_link`
WHERE MATCH (`search`) AGAINST ('".$DB->real_escape_string($searchValue)."' IN BOOLEAN MODE)
ORDER BY score DESC";
+
+ $searchResult = $Management->searchForLinkBySearchData($searchValue);
}
else {
$submitFeedback['message'] = 'Invalid input';
$submitFeedback['status'] = 'error';
}
-
+/*
if(!empty($queryStr)) {
$query = $DB->query($queryStr);
if(!empty($query) && $query->num_rows > 0) {
$searchResult = $query->fetch_all(MYSQLI_ASSOC);
}
}
+*/
# new one?
- if(empty($searchResult) && $isUrl === true) {
+ if(empty($searchResult) && $isUrl === true && Summoner::simpleAuthCheck() === true) {
# try to gather some information automatically
$linkInfo = Summoner::gatherInfoFromURL($searchValue);
if(!empty($linkInfo)) {
}
# add a new one
-if(isset($_POST['data']) && !empty($_POST['data']) && isset($_POST['addnewone']) && $honeypotCheck === false) {
+if(isset($_POST['data']) && !empty($_POST['data']) && isset($_POST['addnewone']) && $honeypotCheck === false
+ && Summoner::simpleAuthCheck() === true
+) {
$fData = $_POST['data'];
- # very simple security check.
- # can/should be extended in the future.
- Summoner::simpleAuth();
-
$formData['private'] = 2;
if(isset($fData['private'])) {
$formData['private'] = 1;
projects / insipid.git / commitdiff