Changeset 18
- Timestamp:
- 2007-11-23 11:20:03 (4 years ago)
- Files:
-
- trunk/admin/classes/pages/Addcategory.php (modified) (2 diffs)
- trunk/admin/classes/pages/Addforum.php (modified) (2 diffs)
- trunk/admin/classes/pages/Category.php (modified) (1 diff)
- trunk/admin/classes/pages/Deletecategory.php (modified) (3 diffs)
- trunk/admin/classes/pages/Deleteforum.php (modified) (3 diffs)
- trunk/admin/classes/pages/Editmember.php (modified) (13 diffs)
- trunk/admin/classes/pages/Groups.php (modified) (3 diffs)
- trunk/admin/classes/pages/Moderators.php (modified) (5 diffs)
- trunk/admin/classes/pages/Modifycategory.php (modified) (2 diffs)
- trunk/admin/classes/pages/Modifyforum.php (modified) (2 diffs)
- trunk/admin/classes/pages/Permissions.php (modified) (10 diffs)
- trunk/classes/misc/Forumjump.php (modified) (1 diff)
- trunk/classes/misc/Member.php (modified) (22 diffs)
- trunk/classes/misc/Post.php (modified) (16 diffs)
- trunk/classes/pages/Calendar.php (modified) (1 diff)
- trunk/classes/pages/Category.php (modified) (6 diffs)
- trunk/classes/pages/Delete.php (modified) (3 diffs)
- trunk/classes/pages/Edit.php (modified) (3 diffs)
- trunk/classes/pages/Forum.php (modified) (7 diffs)
- trunk/classes/pages/Lostpassword.php (modified) (2 diffs)
- trunk/classes/pages/Mail.php (modified) (2 diffs)
- trunk/classes/pages/Members.php (modified) (4 diffs)
- trunk/classes/pages/Messenger.php (modified) (21 diffs)
- trunk/classes/pages/Moderate.php (modified) (22 diffs)
- trunk/classes/pages/Newpoll.php (modified) (1 diff)
- trunk/classes/pages/Newtopic.php (modified) (1 diff)
- trunk/classes/pages/Page.php (modified) (11 diffs)
- trunk/classes/pages/Register.php (modified) (4 diffs)
- trunk/classes/pages/Reply.php (modified) (3 diffs)
- trunk/classes/pages/Search.php (modified) (4 diffs)
- trunk/classes/pages/Topic.php (modified) (8 diffs)
- trunk/classes/pages/Userpanel.php (modified) (21 diffs)
- trunk/db/spamboard.sql (modified) (1 diff)
- trunk/includes/config/version.php (modified) (1 diff)
- trunk/includes/login.php (modified) (2 diffs)
- trunk/includes/session.php (modified) (10 diffs)
- trunk/redirectors/logout.php (modified) (1 diff)
- trunk/redirectors/pollvote.php (modified) (4 diffs)
- trunk/redirectors/preview.php (modified) (1 diff)
- trunk/redirectors/showip.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
trunk/admin/classes/pages/Addcategory.php
r17 r18 45 45 $q->execute(); 46 46 $neworder = $q->fetchColumn(); 47 $q ->closeCursor();47 $q = NULL; 48 48 $neworder++; 49 49 // add category … … 52 52 $q->bindParam(':order', $neworder, PDO::PARAM_INT, 12); 53 53 $q->execute(); 54 $q = NULL; 54 55 $div = $this->html->body->addChild('div', $LANG['category_added']); 55 56 $div->addAttribute('id', 'admin_main'); trunk/admin/classes/pages/Addforum.php
r17 r18 46 46 $q->execute(); 47 47 $neworder = $q->fetchColumn() + 1; 48 $q ->closeCursor();48 $q = NULL; 49 49 // add forum 50 50 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'forums (forumtitle, forumdescription, forum_category, forum_order) VALUES (:title, :desc, :id, :order)'); … … 54 54 $q->bindParam(':order', $neworder, PDO::PARAM_INT, 12); 55 55 $q->execute(); 56 $q = NULL; 56 57 $div = $this->html->body->addChild('div', $LANG['forum_added']); 57 58 $div->addAttribute('id', 'admin_main'); trunk/admin/classes/pages/Category.php
r1 r18 42 42 } else { 43 43 // login form 44 $this->permissionDenied($ F->link('index'), NULL, TRUE);44 $this->permissionDenied($SETTINGS['webpath'] . 'admin/', NULL, TRUE); 45 45 } 46 46 } /* constructor */ trunk/admin/classes/pages/Deletecategory.php
r1 r18 43 43 if ($newcategory == '0') { 44 44 // no moving necessary 45 $q = $C-> query('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forum_category = :id');45 $q = $C->prepare('SELECT forumid FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forum_category = :id'); 46 46 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 47 47 $q->execute(); 48 while ($row = $q->fetchObject()) { 48 $rows = $q->fetchAll()M 49 $q = NULL; 50 foreach ($rows as $row) { 49 51 // iterate over forums in this category 50 52 $q2->prepare('SELECT topicid, poll FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE forum = :id'); 51 $q2->bindParam(':id', $row ->forumid, PDO::PARAM_INT, 12);53 $q2->bindParam(':id', $row['forumid'], PDO::PARAM_INT, 12); 52 54 $q2->execute(); 53 while ($row2 = $q2->fetchObject()) { 55 $rows2 = $q2->fetchAll(); 56 $q2 = NULL; 57 forach ($rows2 as $row2) { 54 58 // delete posts in this forum 55 59 $q3 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic = :id'); 56 $q3->bindParam(':id', $row2 ->topicid, PDO::PARAM_INT, 12);60 $q3->bindParam(':id', $row2['topicid'], PDO::PARAM_INT, 12); 57 61 $q3->execute(); 62 $q3 = NULL; 58 63 // delete polls 59 if ($row2 ->poll!= '') {64 if ($row2['poll'] != '') { 60 65 $q3 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'polls WHERE pollid = :id'); 61 $q3->bindParam(':id', $row2 ->poll, PDO::PARAM_INT, 12);66 $q3->bindParam(':id', $row2['poll'], PDO::PARAM_INT, 12); 62 67 $q3->execute(); 68 $q3 = NULL; 63 69 } 64 70 // delete topic 65 71 $q3 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid = :id'); 66 $q3->bindParam(':id', $row2 ->topicid, PDO::PARAM_INT, 12);72 $q3->bindParam(':id', $row2['topicid'], PDO::PARAM_INT, 12); 67 73 $q3->execute(); 74 $q3 = NULL; 68 75 } 69 76 // delete forum 70 77 $q3 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid = :id'); 71 $q3->bindParam(':id', $row ->forumid, PDO::PARAM_INT, 12);78 $q3->bindParam(':id', $row['forumid'], PDO::PARAM_INT, 12); 72 79 $q3->execute(); 80 $q3 = NULL; 73 81 } 74 82 } else { … … 78 86 $q3->bindParam(':oldid', $id, PDO::PARAM_INT, 12); 79 87 $q3->execute(); 88 $q3 = NULL; 80 89 } 81 90 // delete category … … 83 92 $q3->bindParam(':id', $id, PDO::PARAM_INT, 12); 84 93 $q3->execute(); 94 $q3 = NULL; 85 95 $div = $this->html->body->addChild('div', $LANG['category_deleted']); 86 96 $div->addAttribute('id', 'admin_main'); trunk/admin/classes/pages/Deleteforum.php
r1 r18 47 47 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 48 48 $q->execute(); 49 while ($row = $q->fetchObject()) { 49 $rows = $q->fetchAll(); 50 $q = NULL; 51 foreach ($rows as $row) { 50 52 // delete posts 51 53 $q2 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic = :id'); 52 $q2->bindParam(':id', $row ->topicid, PDO::PARAM_INT, 12);54 $q2->bindParam(':id', $row['topicid'], PDO::PARAM_INT, 12); 53 55 $q2->execute(); 56 $q2 = NULL; 54 57 // delete poll 55 58 $q2 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'polls WHERE pollid = :poll'); 56 $q2->bindParam(':poll', $row ->poll, PDO::PARAM_INT, 12);59 $q2->bindParam(':poll', $row['poll'], PDO::PARAM_INT, 12); 57 60 $q2->execute(); 61 $q2 = NULL; 58 62 // delete topic itself 59 63 $q2 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid = :id'); 60 $q2->bindParam(':id', $row ->topicid, PDO::PARAM_INT, 12);64 $q2->bindParam(':id', $row['topicid'], PDO::PARAM_INT, 12); 61 65 $q2->execute(); 66 $q2 = NULL; 62 67 } 63 68 } else { … … 67 72 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 68 73 $q->execute(); 74 $q = NULL; 69 75 } 70 76 // delete forum … … 72 78 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 73 79 $q->execute(); 80 $q = NULL; 74 81 $div = $this->html->body->addChild('div', $LANG['forum_deleted']); 75 82 $div->addAttribute('id', 'admin_main'); trunk/admin/classes/pages/Editmember.php
r17 r18 51 51 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 52 52 if ($q->execute() && $q->fetchColumn() == 1) { 53 $q ->closeCursor();53 $q = NULL; 54 54 if ($submit == $LANG['Submit']) { 55 55 // write new member profile into database … … 109 109 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 110 110 $q->execute(); 111 $q = NULL; 111 112 // update name in the posts table, too, if necessary 112 113 if ($user != $row->membername) { … … 116 117 $q->bindValue(':one', 1, PDO::PARAM_INT); 117 118 $q->execute(); 119 $q = NULL; 118 120 } 119 121 // if the crucial rest has been entered, update it one by one … … 123 125 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 124 126 $q->execute(); 127 $q = NULL; 125 128 } 126 129 // update rest in bulk … … 142 145 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 143 146 $q->execute(); 147 $q = NULL; 144 148 // translate status to group membership 145 149 // first, delete previous entries … … 150 154 $q2->execute(); 151 155 $_groupid = $q2->fetchColumn(); 152 $q2 ->closeCursor();156 $q2 = NULL; 153 157 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'groupmemberships WHERE member = :id AND usergroup = :group'); 154 158 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 155 159 $q->bindParam(':group', $_groupid, PDO::PARAM_INT, 12); 156 160 $q->execute(); 161 $q = NULL; 157 162 } 158 163 } … … 163 168 $q2->execute(); 164 169 $_groupid = $q2->fetchColumn(); 165 $q2 ->closeCursor();170 $q2 = NULL; 166 171 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'groupmemberships (member, usergroup) VALUES (:id, :group)'); 167 172 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 168 173 $q->bindParam(':group', $_groupid, PDO::PARAM_INT, 12); 169 174 $q->execute(); 175 $q = NULL; 170 176 } 171 177 // success … … 184 190 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 185 191 $q->execute(); 192 $q = NULL; 186 193 // delete subscriptions 187 194 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'subscriptions WHERE member = :id'); 188 195 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 189 196 $q->execute(); 197 $q = NULL; 190 198 // done 191 199 $div = $this->html->body->addChild('div', $LANG['member_deleted']); … … 202 210 $q->bindParam(':group', $row['id'], PDO::PARAM_INT, 12); 203 211 $q->execute(); 212 $q = NULL; 204 213 if (isset($newgroupmemberships[$row['id']]) && $newgroupmemberships[$row['id']] == 1) { 205 214 // insert … … 208 217 $q->bindParam(':group', $row['id'], PDO::PARAM_INT, 12); 209 218 $q->execute(); 219 $q = NULL; 210 220 } 211 221 } … … 216 226 } 217 227 } else { 218 $q ->closeCursor();228 $q = NULL; 219 229 $div = $this->html->body->addChild('div', $LANG['error_id']); 220 230 $div->addAttribute('id', 'admin_main'); … … 413 423 $q->execute(); 414 424 $row = $q->fetchObject(); 415 $q ->closeCursor();425 $q = NULL; 416 426 $this->html->body->addElement(new XMLElement('<div><b>' . $LANG['Member'] . ': ' . $row->membername . '</b></div>')); 417 427 $this->html->body->addChild('br'); … … 436 446 $_col2 .= ' checked="checked"'; 437 447 } 438 $q3 ->closeCursor();448 $q3 = NULL; 439 449 $_col2 .= ' value="1" /></td>'; 440 450 $form->addRawTableRow(Array($_col1, $_col2)); trunk/admin/classes/pages/Groups.php
r1 r18 54 54 $q->bindParam(':id', $row['id'], PDO::PARAM_INT, 12); 55 55 $q->execute(); 56 $q = NULL; 56 57 // delete group 57 58 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'usergroups WHERE id = :id'); 58 59 $q->bindParam(':id', $row['id'], PDO::PARAM_INT, 12); 59 60 $q->execute(); 61 $q = NULL; 60 62 } else { 61 63 // update group … … 69 71 $q->bindParam(':id', $row['id'], PDO::PARAM_INT, 12); 70 72 $q->execute(); 73 $q = NULL; 71 74 } 72 75 } … … 82 85 } 83 86 $q->execute(); 87 $q = NULL; 84 88 } 85 89 // done trunk/admin/classes/pages/Moderators.php
r17 r18 52 52 $q->bindParam(':name', trim($_mod), PDO::PARAM_STR); 53 53 if ($q->execute() && $row2 = $q->fetchObject()) { 54 $q ->closeCursor();54 $q = NULL; 55 55 if ($row2->memberstatus == 'Moderator') { 56 56 // valid … … 62 62 } else { 63 63 // invalid 64 $q ->closeCursor();64 $q = NULL; 65 65 $_invalid[] = $_mod; 66 66 } … … 70 70 $q->bindParam(':id', $row['forumid'], PDO::PARAM_INT, 12); 71 71 $q->execute(); 72 $q = NULL; 72 73 // enter new (valid) moderators 73 74 foreach ($_newmods_ids as $_memberid) { … … 76 77 $q->bindParam(':member', $_memberid, PDO::PARAM_INT, 12); 77 78 $q->execute(); 79 $q = NULL; 78 80 } 79 81 // print out warnings about invalid member names … … 114 116 $_mods .= $row2->membername; 115 117 } 118 $q = NULL; 116 119 // editing row for this specific forum 117 120 $form->addTableRow($row['forumtitle'], 'text', 'newdesc[' . $row['forumid'] . ']', $_mods); trunk/admin/classes/pages/Modifycategory.php
r17 r18 49 49 $q->bindParam(':id', $row['category_id'], PDO::PARAM_INT, 12); 50 50 $q->execute(); 51 $q = NULL; 51 52 } 52 53 $div = $this->html->body->addChild('div', $LANG['categories_changed']); … … 67 68 $q->execute(); 68 69 $_num = $q->fetchColumn(); 69 $q ->closeCursor();70 $q = NULL; 70 71 // get category data 71 72 foreach ($C->query('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'categories ORDER BY category_order ASC') as $row) { trunk/admin/classes/pages/Modifyforum.php
r17 r18 51 51 $q->bindParam(':id', $row['forumid'], PDO::PARAM_INT, 12); 52 52 $q->execute(); 53 $q = NULL; 53 54 } 54 55 $div = $this->html->body->addChild('div', $LANG['forums_changed']); … … 80 81 $q3->execute(); 81 82 $_num = $q3->fetchColumn(); 82 $q3 ->closeCursor();83 $q3 = NULL; 83 84 for ($i = 1; $i <= $_num; $i++) { 84 85 $_col4 .= '<option value="' . $i . '"'; trunk/admin/classes/pages/Permissions.php
r17 r18 56 56 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 57 57 if ($q->execute() && $row = $q->fetchObject()) { 58 $q ->closeCursor();58 $q = NULL; 59 59 // delete previously set permissions of this group 60 60 $q2 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'rights WHERE usergroup = :id'); 61 61 $q2->bindParam(':id', $id, PDO::PARAM_INT, 12); 62 62 $q2->execute(); 63 $q2 = NULL; 63 64 if ($submit == $LANG['Restore_Defaults']) { 64 65 // shove defaults from one table to the other … … 66 67 $q3->bindParam(':id', $id, PDO::PARAM_INT, 12); 67 68 $q3->execute(); 68 while ($row3 = $q3->fetchObject()) { 69 $rows3 = $q3->fetchAll(); 70 $q3 = NULL; 71 foreach ($rows3 as $row3) { 69 72 $q4 = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'rights (page, usergroup, read, write) VALUES (:page, :group, :read, :write)'); 70 $q4->bindParam(':page', $row3 ->page, PDO::PARAM_STR);73 $q4->bindParam(':page', $row3['page'], PDO::PARAM_STR); 71 74 $q4->bindParam(':group', $id, PDO::PARAM_INT, 12); 72 $q4->bindParam(':read', $row3 ->read, PDO::PARAM_INT, 12);73 $q4->bindParam(':write', $row3 ->write, PDO::PARAM_INT, 12);75 $q4->bindParam(':read', $row3['read'], PDO::PARAM_INT, 12); 76 $q4->bindParam(':write', $row3['write'], PDO::PARAM_INT, 12); 74 77 $q4->execute(); 78 $q4 = NULL; 75 79 } 76 80 // if the group to reset is 'Admin', add all rights on all forums … … 84 88 $q5->bindValue(':write', 1, PDO::PARAM_INT); 85 89 $q5->execute(); 90 $q5 = NULL; 86 91 } 87 92 } … … 104 109 } 105 110 $q2->execute(); 111 $q2 = NULL; 106 112 } 107 113 } … … 111 117 } else { 112 118 // invalid group 113 $q ->closeCursor();119 $q = NULL; 114 120 $div = $this->html->body->addChild('div', $LANG['error_id']); 115 121 $div->addAttribute('id', 'admin_main'); … … 126 132 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 127 133 if ($q->execute() && $row = $q->fetchObject()) { 128 $q ->closeCursor();134 $q = NULL; 129 135 $form = new Form($F->link('permissions')); 130 136 $form->addInput('hidden', 'id', $id); … … 156 162 $_row = $q2->fetchObject(); 157 163 } 158 $q2 ->closeCursor();164 $q2 = NULL; 159 165 if (!isset($_row->read)) { 160 166 // nothing set yet, so 'default deny' … … 188 194 $_row = $q2->fetchObject(); 189 195 } 190 $q2 ->closeCursor();196 $q2 = NULL; 191 197 if (!isset($_row->read)) { 192 198 // nothing set yet, so 'default deny' … … 217 223 $_row = $q2->fetchObject(); 218 224 } 219 $q2 ->closeCursor();225 $q2 = NULL; 220 226 if (!isset($_row->read)) { 221 227 // nothing set yet, so 'default deny' … … 242 248 } else { 243 249 // invalid group 244 $q ->closeCursor();250 $q = NULL; 245 251 $div = $this->html->body->addChild('div', $LANG['error_id']); 246 252 $div->addAttribute('id', 'admin_main'); trunk/classes/misc/Forumjump.php
r1 r18 40 40 $q = $C->prepare('SELECT category_id, category_name FROM ' . $SETTINGS['dbtableprefix'] . 'categories ORDER BY category_order ASC'); 41 41 if ($q->execute()) { 42 while ($row = $q->fetchObject()) { 42 $rows = $q->fetchAll(); 43 $q = NULL; 44 foreach ($rows as $row) { 43 45 // offer only categories which the user may read 44 if (Member::checkRights('Category', 'read', $row ->category_id)) {46 if (Member::checkRights('Category', 'read', $row['category_id'])) { 45 47 // set number of forums in this category to zero 46 48 $n = 0; 47 49 // add this category's name 48 $_cat = '<option value="category=' . $row ->category_id . '">> ' . $row->category_name. '</option>';50 $_cat = '<option value="category=' . $row['category_id'] . '">> ' . $row['category_name'] . '</option>'; 49 51 // list forums in this category 50 52 $q2 = $C->prepare('SELECT forumid, forumtitle FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forum_category=:category ORDER BY forum_order ASC'); 51 $q2->bindParam(':category', $row ->category_id, PDO::PARAM_INT, 12);53 $q2->bindParam(':category', $row['category_id'], PDO::PARAM_INT, 12); 52 54 if ($q2->execute()) { 53 while ($row2 = $q2->fetchObject()) { 55 $rows2 = $q2->fetchAll(); 56 $q2 = NULL; 57 foreach ($rows2 as $row2) { 54 58 // offer only forums which the user may read 55 if (Member::checkRights('Forum', 'read', $row2 ->forumid)) {59 if (Member::checkRights('Forum', 'read', $row2['forumid'])) { 56 60 // increase number of forums 57 61 $n++; 58 62 // add this forum as an option 59 $_cat .= '<option value="forum=' . $row2 ->forumid . '">' . $row2->forumtitle. '</option>';63 $_cat .= '<option value="forum=' . $row2['forumid'] . '">' . $row2['forumtitle'] . '</option>'; 60 64 } 61 65 } trunk/classes/misc/Member.php
r17 r18 69 69 $q->bindParam(':id', $username, PDO::PARAM_INT, 12); 70 70 $s = $q->execute(); 71 $row = $q->fetchObject(); 72 $q = NULL; 71 73 // set flag that step a few lines below can be skipped 72 74 $member = 2; … … 78 80 $q->bindParam(':name', $username, PDO::PARAM_STR); 79 81 $s = $q->execute(); 80 } 81 if ($s && $row = $q->fetchObject()) { 82 $q->closeCursor(); 82 $row = $q->fetchObject(); 83 $q = NULL; 84 } 85 if ($s && is_object($row)) { 83 86 // member found - put information in object variables 84 87 $this->id = $row->memberid; … … 128 131 $row2->posts = 0; 129 132 } 130 $q2 ->closeCursor();133 $q2 = NULL; 131 134 $this->posts = $row2->posts; 132 135 // determine stage by number of posts … … 139 142 } 140 143 } else { 141 $q->closeCursor();142 144 // member hasn't been found - deleted member 143 145 $this->id = 0; … … 422 424 $password = '*'; 423 425 } 424 $q ->closeCursor();426 $q = NULL; 425 427 // check if member's name exists 426 428 $q = $C->prepare('SELECT memberpassword FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE membername=:user'); … … 429 431 $_fail = 0; 430 432 if ($s && $row = $q->fetchObject()) { 431 $q ->closeCursor();433 $q = NULL; 432 434 // check if password is correct 433 435 if ($row->memberpassword === $password) { … … 440 442 } else { 441 443 // username doesn't even exist 442 $q ->closeCursor();444 $q = NULL; 443 445 $_fail = 1; 444 446 } … … 519 521 $q->bindParam(':userid', $userid, PDO::PARAM_INT, 12); 520 522 $q->execute(); 523 $q = NULL; 521 524 } /* function setPassword */ 522 525 … … 538 541 if ($_SESSION['memberid'] > 0) { 539 542 // get member's groups 540 $q = $C->prepare('SELECT usergroup FROM ' .$SETTINGS['dbtableprefix'].'groupmemberships WHERE member=:id');543 $q = $C->prepare('SELECT usergroup FROM ' . $SETTINGS['dbtableprefix'] . 'groupmemberships WHERE member=:id'); 541 544 $q->bindParam(':id', $_SESSION['memberid'], PDO::PARAM_INT, 12); 542 545 $q->execute(); … … 546 549 $_groups[] = $row->usergroup; 547 550 } 548 $q ->closeCursor();551 $q = NULL; 549 552 // check for each of the user's groups 550 553 foreach ($_groups as $key=>$val) { … … 559 562 $_permit = TRUE; 560 563 } 561 $q ->closeColumn();564 $q = NULL; 562 565 } 563 566 } … … 576 579 $_groups[] = $row->usergroup; 577 580 } 581 $q = NULL; 578 582 } else { 579 583 // set group to 'Guest' … … 584 588 // result WILL exist, because if that group doesn't exist, the board isn't correctly set up anyway 585 589 $row = $q->fetchObject(); 586 $q ->closeCursor();590 $q = NULL; 587 591 $_groups[0] = $row->id; 588 592 } … … 602 606 $_permit = TRUE; 603 607 } 604 $q ->closeCursor();608 $q = NULL; 605 609 } 606 610 // done … … 613 617 $q2->execute(); 614 618 $row = $q2->fetchObject(); 615 $q2 ->closeCursor();619 $q2 = NULL; 616 620 $id = $row->forum; 617 621 } … … 629 633 $_permit = TRUE; 630 634 } 631 $q ->closeCursor();635 $q = NULL; 632 636 } 633 637 // done … … 647 651 $_permit = TRUE; 648 652 } 649 $q ->closeCursor();653 $q = NULL; 650 654 } 651 655 if ($_permit === FALSE) { … … 657 661 $q->execute(); 658 662 $row = $q->fetchObject(); 659 $q ->closeCursor();663 $q = NULL; 660 664 if ($row->postedbymember == 1 && $row->poster == $_SESSION['membername']) { 661 665 // it IS the topic starter … … 669 673 $q->execute(); 670 674 $row = $q->fetchObject(); 671 $q ->closeCursor();675 $q = NULL; 672 676 if ($row->postedbymember == 1 && $row->poster == $_SESSION['membername']) { 673 677 // it IS the poster … … 684 688 // overwrite $id for the following steps 685 689 $id = $q->fetchColumn(); 686 $q ->closeCursor();690 $q = NULL; 687 691 } 688 692 // $id given as topic id, so get forum id first … … 691 695 $q->execute(); 692 696 $_forumid = $q->fetchColumn(); 693 $q ->closeCursor();697 $q = NULL; 694 698 // check if this person IS a moderator of this particular forum 695 699 $q = $C->prepare('SELECT COUNT(*) FROM ' . $SETTINGS['dbtableprefix'] . 'moderators WHERE forum=:forum AND member=:member'); … … 701 705 $_permit = TRUE; 702 706 } 703 $q ->closeCursor();707 $q = NULL; 704 708 } 705 709 } trunk/classes/misc/Post.php
r17 r18 44 44 $this->post = $q->fetchObject(); 45 45 } 46 $q ->closeCursor();46 $q = NULL; 47 47 } 48 48 } /* constructor */ … … 140 140 if ($s) { 141 141 $row = $q->fetchObject(); 142 $q ->closeCursor();142 $q = NULL; 143 143 if ($row->closed == '1') { 144 144 // topic closed - error … … 148 148 } else { 149 149 // topic not found in database - error 150 $q = NULL; 150 151 $ok = 0; 151 152 $_error = $LANG['error_id']; … … 167 168 $_error = $LANG['error_id']; 168 169 } 169 $q ->closeCursor();170 $q = NULL; 170 171 } 171 172 if ($show_orig === 'newpoll') { … … 189 190 if (($_SESSION['lastposttime'] + $SETTINGS['floodcontrol'] >= time()) && ($q->fetchColumn() + $SETTINGS['floodcontrol'] >= time())) { 190 191 // too little time between posts 191 $q ->closeCursor();192 $q = NULL; 192 193 $_error = $LANG['error_floodcontrol']; 193 194 $ok = 0; 194 195 } else { 195 196 // sort out IP banning 196 $q ->closeCursor();197 $q = NULL; 197 198 foreach ($bannedip as $_ip) { 198 199 if (strpos($_SERVER['REMOTE_ADDR'], $_ip) !== FALSE) { … … 211 212 if ($s && $q->fetchColumn() >= 1) { 212 213 // name taken 213 $q ->closeCursor();214 $q = NULL; 214 215 $ok = 0; 215 216 $_error = $LANG['error_name_taken']; 216 217 } else { 217 218 // check if session password has been correctly entered 218 $q ->closeCursor();219 $q = NULL; 219 220 if ($password !== $_SESSION['pw']) { 220 221 $ok = 0; … … 243 244 if ($s) { 244 245 $row = $q->fetchObject(); 245 $q ->closeCursor();246 $q = NULL; 246 247 // check if he's banned 247 248 if ($row->memberstatus != 'Banned') { … … 256 257 $ok = 0; 257 258 } 259 } else { 260 $q = NULL; 258 261 } 259 262 } … … 332 335 $q->bindValue(':voters', '', PDO::PARAM_STR); 333 336 $q->execute(); 337 $q = NULL; 334 338 // get new poll's id 335 339 $q = $C->prepare('SELECT MAX(pollid) FROM ' . $SETTINGS['dbtableprefix'] . 'polls'); 336 340 $q->execute(); 337 341 $row = $q->fetchColumn(); 338 $q ->closeCursor();342 $q = NULL; 339 343 $pollid = $row; 340 344 @$C->query('UNLOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'polls'); … … 344 348 @$C->query('LOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'topics'); 345 349 $subject = trim($subject); 346 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'topics (forum, topictitle, poll , subscribed) values (:id, :subject, :poll, :subs)');350 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'topics (forum, topictitle, poll) values (:id, :subject, :poll)'); 347 351 $q->bindParam(':id', $forum, PDO::PARAM_INT,12); 348 352 $q->bindParam(':subject', $subject, PDO::PARAM_STR); 349 353 $q->bindParam(':poll', $pollid, PDO::PARAM_INT, 12); 350 $q->bindValue(':subs', '', PDO::PARAM_STR);351 354 $q->execute(); 355 $q = NULL; 352 356 // get new topic id 353 357 $q = $C->prepare('SELECT MAX(topicid) FROM ' . $SETTINGS['dbtableprefix'] . 'topics'); 354 358 $q->execute(); 355 359 $row = $q->fetchColumn(); 356 $q ->closeCursor();360 $q = NULL; 357 361 // topicid is called 'reply' in following statements 358 362 $reply = $row; … … 376 380 $q->bindParam(':member', $postedbymember, PDO::PARAM_INT, 1); 377 381 $q->execute(); 382 $q = NULL; 378 383 // set 'last post time' for flood control 379 384 $_SESSION['lastposttime'] = time(); … … 382 387 $q->bindParam(':sess', session_id(), PDO::PARAM_STR); 383 388 $q->execute(); 389 $q = NULL; 384 390 // topic subscription 385 391 if (isset($_SESSION['memberid']) && $_SESSION['memberid'] > 0) { … … 389 395 $q->bindParam(':member', $_SESSION['memberid'], PDO::PARAM_INT, 12); 390 396 $q->execute(); 397 $q = NULL; 391 398 // if subscription flag set, insert 392 399 if ($subscribe == '1') { … … 395 402 $q->bindParam(':member', $_SESSION['memberid'], PDO::PARAM_INT, 12); 396 403 $q->execute(); 404 $q = NULL; 397 405 } 398 406 } … … 402 410 $q->execute(); 403 411 $row = $q->fetchColumn(); 404 $q ->closeCursor();412 $q = NULL; 405 413 // calculate page 406 414 $page = ceil($row / $SETTINGS['postsperpage']); 407 415 // send e-mail notifications (using the language the receipient has set) 408 $q = $C->prepare('SELECT subscribed FROM '. $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id');416 $q = $C->prepare('SELECT member FROM ' . $SETTINGS['dbtableprefix'] . 'WHERE topic = :id'); 409 417 $q->bindParam(':id', $reply, PDO::PARAM_INT, 12); 410 418 $q->execute(); 411 $row = $q->fetchObject(); 412 $q->closeCursor(); 413 $subscribed = explode(',', $row->subscribed); 419 $subscribed = $q->fetchAll(); 420 $q = NULL; 414 421 foreach ($subscribed as $subscriber) { 415 422 // don't notify of one's own posts 416 if ($subscriber != '' && $subscriber!= $_SESSION['memberid']) {423 if ($subscriber['member'] != '' && $subscriber['member'] != $_SESSION['memberid']) { 417 424 $q2 = $C->prepare('SELECT memberemail,lang FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE memberid=:id'); 418 $q2->bindParam(':id', $subscriber , PDO::PARAM_INT, 12);425 $q2->bindParam(':id', $subscriber['member'], PDO::PARAM_INT, 12); 419 426 $s = $q2->execute(); 420 427 if ($s) { 421 428 $row2 = $q2->fetchObject(); 422 $q2 ->closeCursor();429 $q2 = NULL; 423 430 // use receipient's language 424 431 if ($row2->lang != '') { … … 432 439 $q->bindParam(':body', str_replace(Array('%topictitle%', '%topic%', '%page%'), Array(Topic::getTitle($reply), $reply, $page)), $LANG['mail_notification_body']); 433 440 $q->execute(); 441 $q = NULL; 434 442 // back to user's language 435 443 include('includes/lang/' . $_SESSION['lang'] . '.php'); trunk/classes/pages/Calendar.php
r1 r18 124 124 } 125 125 } 126 $q = NULL; 126 127 $cols[] = $_col . '</td>'; 127 128 $day++; trunk/classes/pages/Category.php
r17 r18 54 54 } 55 55 $query->execute(); 56 $rows = $query->fetchAll(); 57 $query = NULL; 56 58 // for each category... 57 while ($row = $query->fetchObject()) {59 foreach ($rows as $row) { 58 60 // category header 59 61 // get forums in this category 60 62 $q2 = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forum_category=:category ORDER BY forum_order ASC'); 61 $q2->bindParam(':category', $row ->category_id, PDO::PARAM_INT, 12);63 $q2->bindParam(':category', $row['category_id'], PDO::PARAM_INT, 12); 62 64 $q2->execute(); 65 $rows2 = $q2->fetchAll(); 66 $q2 = NULL; 63 67 // construct list of forums in a table 64 68 $table = new Table(); … … 67 71 // number of forums user is allowed to see 68 72 $_forums = 0; 69 while ($row2 = $q2->fetchObject()) {73 foreach ($rows2 as $row2) { 70 74 /* check if user has permission on this forum; 71 75 * required: read; dependent on id */ 72 $_permit = Member::checkRights('Forum', 'read', $row2 ->forumid);76 $_permit = Member::checkRights('Forum', 'read', $row2['forumid']); 73 77 if ($_permit) { 74 78 // increase number of permitted forums … … 76 80 // number of topics 77 81 $q3 = $C->prepare('SELECT COUNT(topicid) AS topics FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE forum=:forum'); 78 $q3->bindParam(':forum', $row2 ->forumid, PDO::PARAM_INT,12);82 $q3->bindParam(':forum', $row2['forumid'], PDO::PARAM_INT, 12); 79 83 $q3->execute(); 80 84 $row3 = $q3->fetchObject(); 81 $q3 ->closeCursor();85 $q3 = NULL; 82 86 // number of posts 83 87 $q4 = $C->prepare('SELECT COUNT(postid) AS posts FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic IN (SELECT topicid FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE forum=:forum)'); 84 $q4->bindParam(':forum', $row2 ->forumid, PDO::PARAM_INT,12);88 $q4->bindParam(':forum', $row2['forumid'], PDO::PARAM_INT, 12); 85 89 $q4->execute(); 86 90 $row4 = $q4->fetchObject(); 87 $q4 ->closeCursor();91 $q4 = NULL; 88 92 // last activity 89 93 $q5 = $C->prepare('SELECT t.topicid AS topicid,t.topictitle AS topictitle, p.posttime AS posttime, p.poster AS poster, p.postedbymember AS postedbymember FROM ' . $SETTINGS['dbtableprefix'] . 'posts p, ' . $SETTINGS['dbtableprefix'] . 'topics t WHERE t.forum=:forum AND p.topic=t.topicid ORDER BY p.posttime DESC LIMIT 0,1'); 90 $q5->bindParam(':forum', $row2 ->forumid, PDO::PARAM_INT,12);94 $q5->bindParam(':forum', $row2['forumid'], PDO::PARAM_INT,12); 91 95 $q5->execute(); 92 96 $row5 = $q5->fetchObject(); 93 $q5 ->closeCursor();97 $q5 = NULL; 94 98 // get poster information 95 99 $_poster = new Member($row5->poster, $row5->postedbymember); … … 103 107 } 104 108 // show forum overview 105 $table->addRow(Array($_mark, '<td><h3><a href="' . $F->link('forum') . 'id=' . $row2 ->forumid . '">' . $row2->forumtitle . '</a></h3>' . $row2->forumdescription. '</td>', '<td align="center">' . $row3->topics . '</td>', '<td align="center">' . $row4->posts . '</td>', '<td><div>' . $LANG['by'] . ' ' . $_poster->getProfileLink() . '</div><div>' . $LANG['in'] . ' <a href="' . $F->link('topic') . 'id=' . $row5->topicid . '">' . $row5->topictitle . '</a></div><div>' . $F->datetime($row5->posttime) . '</div></td>'));109 $table->addRow(Array($_mark, '<td><h3><a href="' . $F->link('forum') . 'id=' . $row2['forumid'] . '">' . $row2['forumtitle'] . '</a></h3>' . $row2['forumdescription'] . '</td>', '<td align="center">' . $row3->topics . '</td>', '<td align="center">' . $row4->posts . '</td>', '<td><div>' . $LANG['by'] . ' ' . $_poster->getProfileLink() . '</div><div>' . $LANG['in'] . ' <a href="' . $F->link('topic') . 'id=' . $row5->topicid . '">' . $row5->topictitle . '</a></div><div>' . $F->datetime($row5->posttime) . '</div></td>')); 106 110 } 107 111 } … … 110 114 // category header 111 115 $h2 = $this->html->body->addChild('h2'); 112 $a = $h2->addChild('a', $row ->category_name);113 $a->addAttribute('href', $F->link('category') . 'id=' . $row ->category_id);116 $a = $h2->addChild('a', $row['category_name']); 117 $a->addAttribute('href', $F->link('category') . 'id=' . $row['category_id']); 114 118 // add newly constructed forums table to parent node 115 119 $_table = $table->get(); … … 144 148 $s = $q->execute(); 145 149 if ($s && $r = $q->fetchObject()) { 146 $q ->closeCursor();150 $q = NULL; 147 151 return $r->category_name; 148 152 } else { 149 $q ->closeCursor();153 $q = NULL; 150 154 return ''; 151 155 } trunk/classes/pages/Delete.php
r17 r18 40 40 $q3->execute(); 41 41 $row3 = $q3->fetchObject(); 42 $q3 ->closeCursor();42 $q3 = NULL; 43 43 $q = $C->prepare('SELECT topictitle, forum FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id'); 44 44 $q->bindParam(':id', $row3->topic, PDO::PARAM_INT, 12); 45 45 $q->execute(); 46 46 $row = $q->fetchObject(); 47 $q ->closeCursor();47 $q = NULL; 48 48 $q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum'); 49 49 $q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12); 50 50 $q2->execute(); 51 51 $row2 = $q2->fetchObject(); 52 $q2 ->closeCursor();52 $q2 = NULL; 53 53 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Delete_Post']; 54 54 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $row3->topic . '">' . $row->topictitle . '</a> - <a href="' . $F->link('delete') . 'id=' . $id . '">' . $LANG['Delete_Post'] . '</a>'; … … 66 66 $q->execute(); 67 67 $_posts = $q->fetchColumn(); 68 $q ->closeCursor();68 $q = NULL; 69 69 if ($_posts >= 2) { 70 70 // purge post from database … … 72 72 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 73 73 $q->execute(); 74 $q = NULL; 74 75 // success message 75 76 $div = $this->html->body->addChild('div', $LANG['post_deleted']); trunk/classes/pages/Edit.php
r17 r18 40 40 $q3->execute(); 41 41 $row3 = $q3->fetchObject(); 42 $q3 ->closeCursor();42 $q3 = NULL; 43 43 $q = $C->prepare('SELECT topictitle, forum FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id'); 44 44 $q->bindParam(':id', $row3->topic, PDO::PARAM_INT, 12); 45 45 $q->execute(); 46 46 $row = $q->fetchObject(); 47 $q ->closeCursor();47 $q = NULL; 48 48 $q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum'); 49 49 $q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12); 50 50 $q2->execute(); 51 51 $row2 = $q2->fetchObject(); 52 $q2 ->closeCursor();52 $q2 = NULL; 53 53 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Edit_Post']; 54 54 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $row3->topic . '">' . $row->topictitle . '</a> - <a href="' . $F->link('delete') . 'id=' . $id . '">' . $LANG['Edit_Post'] . '</a>'; … … 69 69 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 70 70 $q->execute(); 71 $q = NULL; 71 72 // success message 72 73 $div = $this->html->body->addChild('div', $LANG['post_edited']); … … 79 80 $q->execute(); 80 81 $_count = $q->fetchColumn(); 81 $q ->closeCursor();82 $q = NULL; 82 83 $_page = ceil($_count / $SETTINGS['postsperpage']); 83 84 // form trunk/classes/pages/Forum.php
r17 r18 38 38 $q->execute(); 39 39 $row = $q->fetchObject(); 40 $q ->closeCursor();40 $q = NULL; 41 41 $this->title = ' - ' . Category::getName($row->forum_category) . ' - ' . $row->forumtitle; 42 42 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row->forum_category . '">' . Category::getName($row->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $id . '">' . $row->forumtitle . '</a>'; … … 52 52 $q->execute(); 53 53 $row = $q->fetchObject(); 54 $q ->closeCursor();54 $q = NULL; 55 55 // new topic and poll buttons 56 56 $postbuttons = new Postbuttons(TRUE, $row->forumid); … … 61 61 $q2->execute(); 62 62 $row2 = $q2->fetchObject(); 63 $q2 ->closeCursor();63 $q2 = NULL; 64 64 // calculate start for this page 65 65 if (!isset($page) || $page == '') { $page = 1; } … … 79 79 $q2->bindParam(':forumid', $row->forumid, PDO::PARAM_INT, 12); 80 80 $q2->execute(); 81 $rows2 = $q2->fetchAll(); 82 $q2 = NULL; 81 83 // initialize topics list (table) 82 84 $table = new Table(); … … 84 86 $table->addHeaderRow(Array('', $LANG['Topic'], $LANG['Posts'], $LANG['Views'], $LANG['Started'], $LANG['Last_Post']), Array('1%', '49%', '5%', '5%', '20%', '20%')); 85 87 // for each topic... 86 while ($row2 = $q2->fetchObject()) {88 foreach ($rows2 as $row2) { 87 89 // topic prefix: pinned or poll? 88 90 $_prefix = ''; 89 if ($row2 ->pinned== 1) {91 if ($row2['pinned'] == 1) { 90 92 $_prefix = $LANG['Pinned'] . ': '; 91 93 } 92 if ($row2 ->poll != '' && $row2->poll> 0) {94 if ($row2['poll'] != '' && $row2['poll'] > 0) { 93 95 $_prefix .= $LANG['Poll'] . ': '; 94 96 } 95 97 // get first post 96 98 $q3 = $C->prepare('SELECT poster, postedbymember, posttime FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic=:topicid ORDER BY posttime ASC LIMIT 0,1'); 97 $q3->bindParam(':topicid', $row2 ->topicid, PDO::PARAM_INT, 12);99 $q3->bindParam(':topicid', $row2['topicid'], PDO::PARAM_INT, 12); 98 100 $q3->execute(); 99 101 $row3 = $q3->fetchObject(); 100 $q3 ->closeCursor();102 $q3 = NULL; 101 103 // get last post 102 104 $q4 = $C->prepare('SELECT poster, postedbymember, posttime FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic=:topicid ORDER BY posttime DESC LIMIT 0,1'); 103 $q4->bindParam(':topicid', $row2 ->topicid, PDO::PARAM_INT, 12);105 $q4->bindParam(':topicid', $row2['topicid'], PDO::PARAM_INT, 12); 104 106 $q4->execute(); 105 107 $row4 = $q4->fetchObject(); 106 $q4 ->closeCursor();108 $q4 = NULL; 107 109 // get first and last poster information 108 110 $_poster1 = new Member($row3->poster, $row3->postedbymember); 109 111 $_poster2 = new Member($row4->poster, $row4->postedbymember); 110 112 // multiple pages for this topic? 111 $topicpages = new Pagination($SETTINGS['postsperpage'], 1, $row2 ->posts);112 $_multipages = $topicpages->displayTopic($row2 ->topicid);113 $topicpages = new Pagination($SETTINGS['postsperpage'], 1, $row2['posts']); 114 $_multipages = $topicpages->displayTopic($row2['topicid']); 113 115 /* new posts since user's last visit; 114 116 * works only for registered members who are logged in */ … … 122 124 if ($_SESSION['memberid'] > 0) { 123 125 $q = $C->prepare('SELECT COUNT(*) FROM ' . $SETTINGS['dbtableprefix'] . 'posts WHERE topic=:topic AND poster=:poster AND postedbymember=:one'); 124 $q->bindParam(':topic', $row2 ->topicid, PDO::PARAM_INT, 12);126 $q->bindParam(':topic', $row2['topicid'], PDO::PARAM_INT, 12); 125 127 $q->bindParam(':poster', $_SESSION['membername'], PDO::PARAM_STR); 126 128 $q->bindValue(':one', 1, PDO::PARAM_INT); … … 130 132 $_mark .= ' &omicron;'; 131 133 } 132 $q ->closeCursor();134 $q = NULL; 133 135 } 134 136 // add all the previously compiled topic information to table 135 $table->addRow(Array($_mark,'<td><h3>' . $_prefix . '<a href="' . $F->link('topic') . 'id=' . $row2 ->topicid . '">' . $row2->topictitle . '</a></h3>' . $_multipages . '</td>', '<td align="center">' . $row2->posts . '</td>', '<td align="center">' . $row2->views. '</td>', '<td><div>' . $LANG['by'] . ' ' . $_poster1->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row3->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row3->posttime, TRUE, FALSE) . '</div></td>', '<td><div>' . $LANG['by'] . ' ' . $_poster2->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row4->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row4->posttime, TRUE, FALSE) . '</div></td>'));137 $table->addRow(Array($_mark,'<td><h3>' . $_prefix . '<a href="' . $F->link('topic') . 'id=' . $row2['topicid'] . '">' . $row2['topictitle'] . '</a></h3>' . $_multipages . '</td>', '<td align="center">' . $row2['posts'] . '</td>', '<td align="center">' . $row2['views'] . '</td>', '<td><div>' . $LANG['by'] . ' ' . $_poster1->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row3->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row3->posttime, TRUE, FALSE) . '</div></td>', '<td><div>' . $LANG['by'] . ' ' . $_poster2->getProfileLink() . '</div><div>' . $LANG['at'] . ' ' . $F->datetime($row4->posttime, FALSE, TRUE) . '</div><div>' . $LANG['on'] . ' ' . $F->datetime($row4->posttime, TRUE, FALSE) . '</div></td>')); 136 138 } 137 139 // add finished table to parent HTML element trunk/classes/pages/Lostpassword.php
r17 r18 51 51 if ($s && $row = $q->fetchObject()) { 52 52 // member found -> generate random password 53 $q ->closeCursor();53 $q = NULL; 54 54 $p = new Password(); 55 55 $p->generate(12); … … 59 59 @mail($email, $SETTINGS['forumname'] . ' - ' . $LANG['Lost_Password'], str_replace(Array('%membername%', '%password%'), Array($row->membername, $p->get()), $LANG['lost_password_mail']), 'From: ' . $SETTINGS['forumadminemail']); 60 60 } else { 61 $q ->closeCursor();61 $q = NULL; 62 62 $this->html->body->addChild('div', $LANG['error_unknown_mail_address']); 63 63 } trunk/classes/pages/Mail.php
r17 r18 51 51 $q->execute(); 52 52 $row = $q->fetchObject(); 53 $q ->closeCursor();53 $q = NULL; 54 54 // get receipient information 55 55 $q = $C->prepare('SELECT memberemail, membername, memberemailhidden, lang FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE memberid=:id'); … … 57 57 $q->execute(); 58 58 $row2 = $q->fetchObject(); 59 $q ->closeCursor();59 $q = NULL; 60 60 // mandatory fields 61 61 if (isset($subject) && $subject != '' && isset($post) && $post != '') { trunk/classes/pages/Members.php
r17 r18 76 76 } 77 77 $s = $q->execute(); 78 // put all the results into an array 79 $rows = $q->fetchAll(); 80 // legacy variable used in the following code 81 $rows_ordered = $rows; 82 $q = NULL; 78 83 if ($s) { 79 84 // get total number of members 80 $q2 = $C->query('SELECT COUNT(memberid) FROM ' . $SETTINGS['dbtableprefix'] . 'members'); 85 $q2 = $C->prepare('SELECT COUNT(memberid) FROM ' . $SETTINGS['dbtableprefix'] . 'members'); 86 $q2->execute(); 81 87 $membercount = $q2->fetchColumn(); 82 $q2 ->closeCursor();88 $q2 = NULL; 83 89 // build page navigation 84 90 $pages = new Pagination($SETTINGS['topicsperpage'], $page, $membercount); … … 95 101 // display members 96 102 $i = $start + 1; 97 // put all the results into an array98 $rows = $q->fetchAll();99 // legacy variable used in the following code100 $rows_ordered = $rows;101 103 // add the zero posters when ordering by posts (if needed, because it's a page which contains some) 102 104 if ($order == 'posts' && count($rows_ordered) < $SETTINGS['topicsperpage']) { … … 106 108 $q3->execute(); 107 109 $_postercount = $q3->fetchColumn(); 108 $q3 ->closeCursor();110 $q3 = NULL; 109 111 $_nonpostercount = $membercount - $_postercount; 110 112 // define start and length of database query … … 116 118 $q3->execute(); 117 119 $_rows_temp = $q3->fetchAll(); 120 $q3 = NULL; 118 121 // append new results to array 119 122 $_j = count($rows_ordered); trunk/classes/pages/Messenger.php
r17 r18 47 47 $q->bindValue(':zero2', 0, PDO::PARAM_INT); 48 48 $q->execute(); 49 $q = NULL; 49 50 // container 50 51 $div = $this->html->body->addChild('div'); … … 78 79 $q->execute(); 79 80 if ($_id = $q->fetchColumn()) { 80 $q ->closeCursor();81 $q = NULL; 81 82 // append new id 82 83 $q = $C->prepare('SELECT addressbook FROM ' . $SETTINGS['dbtableprefix'] . 'members WHERE memberid=:id'); … … 84 85 $q->execute(); 85 86 $addresses = $q->fetchColumn(); 86 $q ->closeCursor();87 $q = NULL; 87 88 $addresses .= "\n" . $_id; 88 89 // write back to database … … 91 92 $q->bindParam(':id', $_SESSION['memberid'], PDO::PARAM_INT, 12); 92 93 $q->execute(); 94 $q = NULL; 93 95 $div->addChild('span', $LANG['address_added']); 94 96 } else { 95 $q ->closeCursor();97 $q = NULL; 96 98 $div->addChild('span', $LANG['error_unknown_username']); 97 99 } … … 105 107 $q->execute(); 106 108 $_addr = $q->fetchColumn(); 107 $q ->closeCursor();109 $q = NULL; 108 110 $addresses = str_replace($id . "\n", '', $_addr); 109 111 // write back … … 112 114 $q->bindParam(':id', $_SESSION['memberid'], PDO::PARAM_INT, 12); 113 115 $q->execute(); 116 $q = NULL; 114 117 $div->addChild('span', $LANG['address_deleted']); 115 118 } … … 128 131 $q->execute(); 129 132 $_addr = $q->fetchColumn(); 130 $q ->closeCursor();133 $q = NULL; 131 134 if ($_addr != '') { 132 135 $addresses = split("\n", trim($_addr)); … … 174 177 $_done = 0; 175 178 if ($row = $q->fetchObject()) { 176 $q ->closeCursor();179 $q = NULL; 177 180 // check if it's the sender or receipient 178 181 if ($row->messagesender === $_SESSION['memberid']) { … … 182 185 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 183 186 $q->execute(); 187 $q = NULL; 184 188 $_done = 1; 185 189 … … 191 195 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 192 196 $q->execute(); 197 $q = NULL; 193 198 $_done = 1; 194 199 } … … 199 204 } 200 205 } else { 201 $q ->closeCursor();206 $q = NULL; 202 207 $div->addChild('span', $LANG['error_id']); 203 208 } … … 228 233 $q->execute(); 229 234 $_status = $q->fetchColumn(); 230 $q ->closeCursor();235 $q = NULL; 231 236 if ($_status == 'Banned') { 232 237 $ok = -1; … … 241 246 $q->execute(); 242 247 if ($row = $q->fetchObject()) { 243 $q ->closeCursor();248 $q = NULL; 244 249 // format message 245 250 $title = $F->htmlentities(trim($subject)); … … 259 264 $q->bindValue(':three', 3, PDO::PARAM_INT); 260 265 $q->execute(); 266 $q = NULL; 261 267 // get new message's ID 262 268 $q = $C->prepare('SELECT MAX(messageid) FROM ' . $SETTINGS['dbtableprefix'] . 'messages'); 263 269 $q->execute(); 264 270 $_new_id = $q->fetchColumn(); 265 $q ->closeCursor();271 $q = NULL; 266 272 // unlock table 267 273 @$C->query('UNLOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'messages'); … … 279 285 $div->addChild('span', str_replace('%to%', $to, $LANG['message_sent'])); 280 286 } else { 281 $q ->closeCursor();287 $q = NULL; 282 288 $_error = $LANG['error_unknown_receipient']; 283 289 } … … 307 313 if ($q->execute()) { 308 314 $row = $q->fetchObject(); 309 $q ->closeCursor();315 $q = NULL; 310 316 $_rec = $row->messagesender; 311 317 $title = $row->messagetitle; … … 316 322 $quotetext = '[quote]' . $row->message . "[/quote]\n"; 317 323 } else { 318 $q ->closeCursor();324 $q = NULL; 319 325 } 320 326 } else { … … 339 345 if ($q->execute()) { 340 346 $_table = new Table('poll'); 341 while ($row = $q->fetchObject()) { 347 $rows = $q->fetchAll(); 348 $q = NULL; 349 foreach ($rows as $row) { 342 350 // receipient 343 $_rec = new Member($row ->messagereceipient);344 $_table->addRow(Array('<td>' . $LANG['Subject'] . ': <a href="' . $F->link('messenger') . 'action=message&id=' . $row ->messageid . '">' . $row->messagetitle . '</a></td>', '<td>' . $LANG['To'] . ': <a href="' . $F->link('profile') . 'id=' . $row->messagereceipient . '">' . $_rec->getName() . '</a></td>', '<td>' . $LANG['Sent'] . ': ' . $F->datetime($row->messagetime) . '</td>'));351 $_rec = new Member($row['messagereceipient']); 352 $_table->addRow(Array('<td>' . $LANG['Subject'] . ': <a href="' . $F->link('messenger') . 'action=message&id=' . $row['messageid'] . '">' . $row['messagetitle'] . '</a></td>', '<td>' . $LANG['To'] . ': <a href="' . $F->link('profile') . 'id=' . $row['messagereceipient'] . '">' . $_rec->getName() . '</a></td>', '<td>' . $LANG['Sent'] . ': ' . $F->datetime($row['messagetime']) . '</td>')); 345 353 } 346 354 $div->addElement($_table->get()); 347 355 } else { 348 $q ->closeCursor();356 $q = NULL; 349 357 $div->addChild('div', $LANG['error_unknown']); 350 358 } … … 363 371 if ($q->execute()) { 364 372 $row = $q->fetchObject(); 365 $q ->closeCursor();373 $q = NULL; 366 374 $_sender = new Member($row->messagesender); 367 375 $_table = new Table('messagetable'); … … 379 387 $q->bindParam(':id', $row->messageid, PDO::PARAM_INT, 12); 380 388 $q->execute(); 381 } 382 } else { 383 $q->closeCursor(); 389 $q = NULL; 390 } 391 } else { 392 $q = NULL; 384 393 $div->addChild('div', $LANG['error_unknown']); 385 394 } … … 400 409 $table = new Table('poll'); 401 410 $n = 0; // counter for number of messages displayed 402 while ($row = $q->fetchObject()) { 411 $rows = $q->fetchAll(); 412 $q = NULL; 413 foreach ($rows as $row) { 403 414 $_col1 = '<td>'; 404 if ($row ->messagereceipientflag> 1) {415 if ($row['messagereceipientflag'] > 1) { 405 416 $_col1 .= '<b>'; 406 417 } 407 $_col1 .= $LANG['Subject'] . ': <a href="' . $F->link('messenger') . 'action=message&id=' . $row ->messageid . '">' . $row->messagetitle. '</a>';408 if ($row ->messagereceipientflag> 1) {418 $_col1 .= $LANG['Subject'] . ': <a href="' . $F->link('messenger') . 'action=message&id=' . $row['messageid'] . '">' . $row['messagetitle'] . '</a>'; 419 if ($row['messagereceipientflag'] > 1) { 409 420 $_col1 .= '</b>'; 410 421 } 411 422 $_col1 .= '</td>'; 412 423 $_col2 = '<td>'; 413 if ($row ->messagereceipientflag> 1) {424 if ($row['messagereceipientflag'] > 1) { 414 425 $_col2 .= '<b>'; 415 426 } 416 427 // sender's username 417 $_sender = new Member($row ->messagesender);418 $_col2 .= $LANG['From'] . ': <a href="' . $F->link('profile') . 'id=' . $row ->messagesender. '">' . $_sender->getName() . '</a>';419 if ($row ->messagereceipientflag> 1) {428 $_sender = new Member($row['messagesender']); 429 $_col2 .= $LANG['From'] . ': <a href="' . $F->link('profile') . 'id=' . $row['messagesender'] . '">' . $_sender->getName() . '</a>'; 430 if ($row['messagereceipientflag'] > 1) { 420 431 $_col2 .= '</b>'; 421 432 } 422 433 $_col2 .= '</td>'; 423 434 $_col3 = '<td>'; 424 if ($row ->messagereceipientflag> 1) {435 if ($row['messagereceipientflag'] > 1) { 425 436 $_col3 .= '<b>'; 426 437 } 427 $_col3 .= $LANG['Sent'] . ': ' . $F->datetime($row ->messagetime);428 if ($row ->messagereceipientflag> 1) {438 $_col3 .= $LANG['Sent'] . ': ' . $F->datetime($row['messagetime']); 439 if ($row['messagereceipientflag'] > 1) { 429 440 $_col3 .= '</b>'; 430 441 } trunk/classes/pages/Moderate.php
r17 r18 41 41 $q->execute(); 42 42 $row = $q->fetchObject(); 43 $q ->closeCursor();43 $q = NULL; 44 44 $q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum'); 45 45 $q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12); 46 46 $q2->execute(); 47 47 $row2 = $q2->fetchObject(); 48 $q2 ->closeCursor();48 $q2 = NULL; 49 49 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Moderate']; 50 50 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $id . '">' . $row->topictitle . '</a> - <a href="' . $F->link('moderate') . '">' . $LANG['Moderate'] . '</a>'; … … 66 66 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 67 67 $q->execute(); 68 $q = NULL; 68 69 // success message 69 70 $div = $this->html->body->addChild('div', $LANG['title_edited']); … … 98 99 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 99 100 $q->execute(); 101 $q = NULL; 100 102 // success message 101 103 $div = $this->html->body->addChild('div', $LANG['topic_locked']); … … 117 119 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 118 120 $q->execute(); 121 $q = NULL; 119 122 // success message 120 123 $div = $this->html->body->addChild('div', $LANG['topic_unlocked']); … … 136 139 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 137 140 $q->execute(); 141 $q = NULL; 138 142 // success message 139 143 $div = $this->html->body->addChild('div', $LANG['topic_pinned']); … … 155 159 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 156 160 $q->execute(); 161 $q = NULL; 157 162 // success message 158 163 $div = $this->html->body->addChild('div', $LANG['topic_unpinned']); … … 174 179 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 175 180 $q->execute(); 181 $q = NULL; 176 182 // delete topic 177 183 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id'); 178 184 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 179 185 $q->execute(); 186 $q = NULL; 180 187 // success message 181 188 $div = $this->html->body->addChild('div', $LANG['topic_deleted']); … … 209 216 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 210 217 $q->execute(); 218 $q = NULL; 211 219 // success message 212 220 $div = $this->html->body->addChild('div'); … … 226 234 $q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'forums ORDER BY forum_category ASC, forum_order ASC'); 227 235 $q->execute(); 236 $_rows_sel = $q->fetchAll(); 237 $q = NULL; 228 238 $_prev = 0; 229 while ($_row_sel = $q->fetchObject()) {230 if ($_row_sel ->forum_category!= $_prev) {231 $_sel .= '<option value="0">>' . Category::getName($_row_sel ->forum_category) . '</option>';239 foreach ($_rows_sel as $_row_sel) { 240 if ($_row_sel['forum_category'] != $_prev) { 241 $_sel .= '<option value="0">>' . Category::getName($_row_sel['forum_category']) . '</option>'; 232 242 } 233 $_sel .= '<option value="' . $_row_sel ->forumid . '">' . $_row_sel->forumtitle. '</option>';234 $_prev = $_row_sel ->forum_category;243 $_sel .= '<option value="' . $_row_sel['forumid'] . '">' . $_row_sel['forumtitle'] . '</option>'; 244 $_prev = $_row_sel['forum_category']; 235 245 } 236 246 $_sel .= '</select>'; … … 262 272 $polls[] = $row->poll; 263 273 } 274 $q = NULL; 264 275 // check how many times the poll id '0' (i.e. no poll) has been found 265 276 $_polls = array_count_values($polls); … … 279 290 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 280 291 $q->execute(); 292 $q = NULL 281 293 // delete old topic (this is the one from which the 'merge' operation was called) 282 294 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id'); 283 295 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 284 296 $q->execute(); 297 $q = NULL; 285 298 // set poll 286 299 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'topics SET poll=:poll WHERE topicid=:topic'); … … 288 301 $q->bindParam(':topic', $topic, PDO::PARAM_INT, 12); 289 302 $q->execute(); 303 $q = NULL; 290 304 // success message 291 305 $div = $this->html->body->addChild('div'); … … 315 329 $_sel .= '<option value="' . $_row_sel->topicid . '">' . $F->htmlentities($_row_sel->topictitle, TRUE) . '</option>'; 316 330 } 331 $q2 = NULL; 317 332 $_sel .= '</select>'; 318 333 $_form->addRawTableRow(Array($LANG['Topic'] . ':', '<td>' . $_sel . '</td>')); … … 338 353 $q->execute(); 339 354 $_postcount = $q->fetchColumn(); 340 $q ->closeCursor();355 $q = NULL; 341 356 // clean array of posts so that just the ones which should be moved remain 342 357 $move = array_values($_POST['move']); … … 348 363 $q->execute(); 349 364 $_forum = $q->fetchColumn(); 350 $q ->closeCursor();365 $q = NULL; 351 366 // lock table 352 367 @$C->query('LOCK TABLES ' . $SETTINGS['dbtableprefix'] . 'topics WRITE'); … … 357 372 $q->bindValue(':none', '', PDO::PARAM_STR); 358 373 $q->execute(); 374 $q = NULL; 359 375 // get new topic's id 360 376 $q = $C->prepare('SELECT MAX(topicid) FROM ' . $SETTINGS['dbtableprefix'] . 'topics'); 361 377 $q->execute(); 362 378 $_new_id = $q->fetchColumn(); 363 $q ->closeCursor();379 $q = NULL; 364 380 @$C->query('UNLOCK TABLES'); 365 381 // put chosen posts into new topic … … 370 386 $q->bindParam(':post', $move[$i], PDO::PARAM_INT, 12); 371 387 $q->execute(); 388 $q = NULL; 372 389 $i++; 373 390 } … … 377 394 $q2 = $C->prepare('SELECT poll FROM ' . $SETTINGS['dbtableprefix'] . 'topics WHERE topicid=:id'); 378 395 $q2->bindParam(':id', $id, PDO::PARAM_INT, 12); 396 $q2->execute(); 379 397 $_poll_id = $q->fetchColumn(); 380 $q2 ->closeCursor();398 $q2 = NULL;; 381 399 // write to new topic 382 400 $q2 = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'topics SET poll=:poll WHERE topicid=:id'); … … 384 402 $q2->bindParam(':id', $_new_id, PDO::PARAM_INT, 12); 385 403 $q2->execute(); 404 $q2 = NULL; 386 405 // remove from old topic 387 406 $q2 = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'topics SET poll=:zero WHERE topicid=:id'); … … 389 408 $q2->bindParam(':id', $id, PDO::PARAM_INT, 12); 390 409 $q2->execute(); 410 $q2 = NULL; 391 411 } 392 412 // success message … … 418 438 $q->execute(); 419 439 $poll = $q->fetchColumn(); 440 $q = NULL; 420 441 $q->closeCursor(); 421 442 if ($poll > 0) { … … 431 452 $q2->bindParam(':topic', $id, PDO::PARAM_INT, 12); 432 453 $q2->execute(); 454 $rows2 = $q2->fetchAll(); 455 $q2 = NULL; 433 456 // list posts in a table 434 457 $table = new Table(); 435 458 $j = 0; 436 while ($row2 = $q2->fetchObject()) {437 $p = new Post($row2 ->postid);459 foreach ($rows2 as $row2) { 460 $p = new Post($row2['postid']); 438 461 /* show the checkbox to mark post for moving, 439 462 * $j is used as index of the $move array */ trunk/classes/pages/Newpoll.php
r17 r18 40 40 $q2->execute(); 41 41 $row2 = $q2->fetchObject(); 42 $q2 ->closeCursor();42 $q2 = NULL; 43 43 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $LANG['New_Topic']; 44 44 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $id . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('newpoll') . 'id=' . $id . '">' . $LANG['New_Poll'] . '</a>'; trunk/classes/pages/Newtopic.php
r17 r18 40 40 $q2->execute(); 41 41 $row2 = $q2->fetchObject(); 42 $q2 ->closeCursor();42 $q2 = NULL; 43 43 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $LANG['New_Topic']; 44 44 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $id . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('newtopic') . 'id=' . $id . '">' . $LANG['New_Topic'] . '</a>'; trunk/classes/pages/Page.php
r17 r18 72 72 $h1 = $this->html->body->addChild('h1'); 73 73 $a = $h1->addChild('a'); 74 $a->addAttribute('href', $ _pref . $F->link('index'));74 $a->addAttribute('href', $SETTINGS['webpath']); 75 75 $img = $a->addChild('img'); 76 76 $img->addAttribute('src', $_pref . 'images/' . $SETTINGS['forumlogo']); … … 233 233 // 'Who is online' section 234 234 $table->addHeaderRow(Array($LANG['Who_is_online'])); 235 $q = $C->query('SELECT COUNT(onlinememberid) FROM ' . $SETTINGS['dbtableprefix'] . 'online'); 235 $q = $C->prepare('SELECT COUNT(onlinememberid) FROM ' . $SETTINGS['dbtableprefix'] . 'online'); 236 $q->execute(); 236 237 if ($q->fetchColumn() > 0) { 237 $q->closeCursor(); 238 $q = $C->query('SELECT onlinememberid FROM ' . $SETTINGS['dbtableprefix'] . 'online'); 238 $q = NULL; 239 $q = $C->prepare('SELECT onlinememberid FROM ' . $SETTINGS['dbtableprefix'] . 'online'); 240 $q->execute(); 241 $rows = $q->fetchAll(); 242 $q = NULL; 239 243 // count number of members and guests 240 244 $i = 0; $n = 0; $_str = ''; 241 while ($row = $q->fetchObject()) {245 foreach ($rows as $row) { 242 246 if ($row->onlinememberid > 0) { 243 247 // if it's a member … … 246 250 // previous member 247 251 } 248 $m = new Member($row ->onlinememberid);249 $_str .= '<a href="' . $F->link('profile') . 'id=' . $row ->onlinememberid. '">' . $m->getName() . '</a>';252 $m = new Member($row['onlinememberid']); 253 $_str .= '<a href="' . $F->link('profile') . 'id=' . $row['onlinememberid'] . '">' . $m->getName() . '</a>'; 250 254 unset($m); 251 255 $i++; … … 260 264 } else { 261 265 // if the online table is empty 262 $q ->closeCursor();266 $q = NULL; 263 267 $_str = '1 ' . $LANG['Guest']; 264 268 } … … 291 295 } 292 296 } 297 $q = NULL; 293 298 if ($n === 0) { 294 299 // no birthdays at all … … 300 305 $table->addHeaderRow(Array($LANG['Statistics'])); 301 306 $_str = '<div>' . $SETTINGS['forumname'] . ' ' . $LANG['currently_has']; 302 $q = $C->query('SELECT COUNT(memberid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'members'); 307 $q = $C->prepare('SELECT COUNT(memberid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'members'); 308 $q->execute(); 303 309 $row = $q->fetchObject(); 304 $q ->closeCursor();310 $q = NULL; 305 311 $_str .= ' ' . $row->count . ' ' . $LANG['members'] . '.</div><div>' . $LANG['The_newest_member_is'] . ' '; 306 $q = $C->query('SELECT memberid, membername FROM ' . $SETTINGS['dbtableprefix'] . 'members ORDER BY registered DESC LIMIT 1'); 312 $q = $C->prepare('SELECT memberid, membername FROM ' . $SETTINGS['dbtableprefix'] . 'members ORDER BY registered DESC LIMIT 1'); 313 $q->execute(); 307 314 $row = $q->fetchObject(); 308 $q ->closeCursor();315 $q = NULL; 309 316 $_str .= '<a href="' . $F->link('profile') . 'id=' . $row->memberid . '">' . $row->membername . '</a>.</div><div>' . $LANG['There_are'] . ' '; 310 $q = $C->query('SELECT COUNT(postid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'posts'); 317 $q = $C->prepare('SELECT COUNT(postid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'posts'); 318 $q->execute(); 311 319 $row = $q->fetchObject(); 312 $q ->closeCursor();320 $q = NULL; 313 321 $_str .= $row->count . ' ' . $LANG['posts'] . ' ' . $LANG['in'] . ' '; 314 $q = $C->query('SELECT COUNT(topicid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'topics'); 322 $q = $C->prepare('SELECT COUNT(topicid) AS count FROM ' . $SETTINGS['dbtableprefix'] . 'topics'); 323 $q->execute(); 315 324 $row = $q->fetchObject(); 316 $q ->closeCursor();325 $q = NULL; 317 326 $_str .= $row->count . ' ' . $LANG['threads'] . '.</div>'; 318 327 // put into table … … 332 341 $q->execute(); 333 342 $_admin = $q->fetchColumn(); 334 $q ->closeCursor();343 $q = NULL; 335 344 } 336 345 // debugging output … … 356 365 $q->execute(); 357 366 if ($q->fetchColumn() >= 1) { 358 $q ->closeCursor();367 $q = NULL; 359 368 // get the oldest one 360 369 $q = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'mails ORDER BY id ASC LIMIT 0,1'); 361 370 $q->execute(); 362 371 $row = $q->fetchObject(); 363 $q ->closeCursor();372 $q = NULL; 364 373 // send it 365 374 @mail($row->receipient, $row->subject, $row->body, 'From: '.$SETTINGS['forumadminemail']); … … 368 377 $q->bindParam(':id', $row->id, PDO::PARAM_INT, 12); 369 378 $q->execute(); 379 $q = NULL; 370 380 } else { 371 $q ->closeCursor();381 $q = NULL; 372 382 } 373 383 // private message notification … … 378 388 $q->execute(); 379 389 $_flag = $q->fetchColumn(); 380 $q ->closeCursor();390 $q = NULL; 381 391 if ($_flag == 1) { 382 392 // check if there are message which the user hasn't been notified of yet … … 385 395 $q->bindValue(':three', 3, PDO::PARAM_INT); 386 396 $q->execute(); 387 if ($row = $q->fetchObject()) { 388 $q->closeCursor(); 397 $rows = $q->fetchAll(); 398 $q = NULL; 399 if (is_array($rows) && count($rows) > 0) { 400 $count = 0; 389 401 // set 'notified' flag so that user isn't nagged on every page load 390 $q2 = $C->prepare('UPDATE '.$SETTINGS['dbtableprefix'].'messages SET messagereceipientflag=:two WHERE messageid=:id'); 391 $q2->bindValue(':two', 2, PDO::PARAM_INT); 392 $q2->bindParam(':id', $row->messageid, PDO::PARAM_INT, 12); 393 $q2->execute(); 394 $count = 1; 395 // flag all other messages as well 396 while ($row = $q->fetchObject()) { 402 foreach ($rows as $row) { 397 403 $q2 = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'messages SET messagereceipientflag=:two WHERE messageid=:id'); 398 404 $q2->bindValue(':two', 2, PDO::PARAM_INT); 399 $q2->bindParam(':id', $row ->messageid, PDO::PARAM_INT, 12);405 $q2->bindParam(':id', $row['messageid'], PDO::PARAM_INT, 12); 400 406 $q2->execute(); 407 $q2 = NULL; 401 408 $count++; 402 409 } 403 410 // add notification script 404 411 $this->html->body->addChild('script', "if (confirm('" . str_replace("%count%", $count, $LANG['x_unread_messages']) . "')) { window.location.href = '" . $F->link("messenger") . "action=inbox' }"); 405 } else {406 $q->closeCursor();407 412 } 408 413 } trunk/classes/pages/Register.php
r17 r18 79 79 $ok = 0; 80 80 } 81 $q ->closeCursor();81 $q = NULL; 82 82 // if this has been set to be prevented, check if e-mail address already belongs to an account 83 83 if ($SETTINGS['severalaccountspermail'] == 0) { … … 90 90 $ok = 0; 91 91 } 92 $q ->closeCursor();92 $q = NULL; 93 93 } 94 94 // only proceed if all checks were successful … … 110 110 $q->bindParam(':member', $_member, PDO::PARAM_STR, 6); 111 111 $q->execute(); 112 $q = NULL; 112 113 $q = $C->prepare('SELECT MAX(memberid) AS id FROM ' . $SETTINGS['dbtableprefix'] . 'members'); 113 114 $q->execute(); 114 115 $row = $q->fetchObject(); 115 $q ->closeCursor();116 $q = NULL; 116 117 @$C->query('UNLOCK TABLE ' . $SETTINGS['dbtableprefix'] . 'members'); 117 118 // set actual password … … 122 123 $q->execute(); 123 124 $row2 = $q->fetchObject(); 124 $q ->closeCursor();125 $q = NULL; 125 126 $q = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'groupmemberships (member, usergroup) VALUES (:member, :group)'); 126 127 $q->bindParam(':member', $row->id, PDO::PARAM_INT, 12); 127 128 $q->bindParam(':group', $row2->id, PDO::PARAM_INT, 12); 128 129 $q->execute(); 130 $q = NULL; 129 131 // send e-mail 130 132 @mail($email, $SETTINGS['forumname'] . ' - ' . $LANG['Registration'], str_replace('%password%', $p->get(), $LANG['welcome_mail']), 'From: ' . $SETTINGS['forumadminemail']); trunk/classes/pages/Reply.php
r17 r18 40 40 $q->execute(); 41 41 $row = $q->fetchObject(); 42 $q ->closeCursor();42 $q = NULL; 43 43 $q2 = $C->prepare('SELECT forumtitle, forum_category FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forumid=:forum'); 44 44 $q2->bindParam(':forum', $row->forum, PDO::PARAM_INT, 12); 45 45 $q2->execute(); 46 46 $row2 = $q2->fetchObject(); 47 $q2 ->closeCursor();47 $q2 = NULL; 48 48 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle . ' - ' . $LANG['Reply']; 49 49 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $id . '">' . $row->topictitle . '</a> - <a href="' . $F->link('reply') . 'id=' . $id . '">' . $LANG['Reply'] . '</a>'; … … 68 68 $q->execute(); 69 69 $row4 = $q->fetchObject(); 70 $q ->closeCursor();70 $q = NULL; 71 71 $_quote_text = '[quote]' . $F->htmlentities($row4->post, TRUE) . '[/quote]'; 72 72 } … … 82 82 $subscribed = TRUE; 83 83 } 84 $q ->closeCursor();84 $q = NULL; 85 85 } 86 86 // form trunk/classes/pages/Search.php
r17 r18 124 124 $q->execute(); 125 125 $_username = $q->fetchColumn(); 126 $q ->closeCursor();126 $q = NULL; 127 127 $query = 'SELECT p.postid, p.topic, p.poster, p.posttime, p.post, t.topictitle FROM ' . $SETTINGS['dbtableprefix'] . 'posts p, ' . $SETTINGS['dbtableprefix'] . 'topics t WHERE t.topicid=p.topic AND p.poster=:username AND p.postedbymember=1 %cond% ORDER BY p.posttime DESC'; 128 128 break; … … 170 170 $q->execute(); 171 171 $_num_results = $q->fetchColumn(0); 172 $q ->closeCursor();172 $q = NULL; 173 173 // build page navigation 174 174 $pages = new Pagination($SETTINGS['postsperpage'], $page, $_num_results); … … 201 201 $n++; 202 202 } 203 $q2 = NULL; 203 204 if ($n === 0) { 204 205 // no results … … 243 244 $s = $q->execute(); 244 245 if ($s) { 245 while ($row = $q->fetchObject()) { 246 $rows = $q->fetchAll(); 247 $q = NULL; 248 foreach ($rows as $row) { 246 249 // offer only categories which the user may read 247 if (Member::checkRights('Category', 'read', $row ->category_id)) {250 if (Member::checkRights('Category', 'read', $row['category_id'])) { 248 251 // set number of forums in this category to zero 249 252 $n = 0; 250 253 // add this category's name 251 $_cat = '<option value="category=' . $row ->category_id . '">> ' . $row->category_name. '</option>';254 $_cat = '<option value="category=' . $row['category_id'] . '">> ' . $row['category_name'] . '</option>'; 252 255 // list forums in this category 253 256 $q2 = $C->prepare('SELECT forumid, forumtitle FROM ' . $SETTINGS['dbtableprefix'] . 'forums WHERE forum_category=:category ORDER BY forum_order ASC'); 254 $q2->bindParam(':category', $row ->category_id, PDO::PARAM_INT, 12);257 $q2->bindParam(':category', $row['category_id'], PDO::PARAM_INT, 12); 255 258 $s = $q2->execute(); 256 259 if ($s) { 257 while ($row2 = $q2->fetchObject()) { 260 $rows2 = $q2->fetchAll(); 261 $q2 = NULL; 262 foreach ($rows2 as $row2) { 258 263 // offer only forums which the user may read 259 if (Member::checkRights('Forum', 'read', $row2 ->forumid)) {264 if (Member::checkRights('Forum', 'read', $row2['forumid'])) { 260 265 // increase number of forums 261 266 $n++; 262 267 // add this forum as an option 263 $_cat .= '<option value="forum=' . $row2 ->forumid . '">' . $row2->forumtitle. '</option>';268 $_cat .= '<option value="forum=' . $row2['forumid'] . '">' . $row2['forumtitle'] . '</option>'; 264 269 } 265 270 } trunk/classes/pages/Topic.php
r17 r18 38 38 $q->execute(); 39 39 $row = $q->fetchObject(); 40 $q ->closeCursor();40 $q = NULL; 41 41 } 42 42 // define title and location … … 46 46 $q2->execute(); 47 47 $row2 = $q2->fetchObject(); 48 $q2 ->closeCursor();48 $q2 = NULL; 49 49 $this->title = ' - ' . Category::getName($row2->forum_category) . ' - ' . $row2->forumtitle . ' - ' . $row->topictitle; 50 50 $this->location = ' - <a href="' . $F->link('category') . 'id=' . $row2->forum_category . '">' . Category::getName($row2->forum_category) . '</a> - <a href="' . $F->link('forum') . 'id=' . $row->forum . '">' . $row2->forumtitle . '</a> - <a href="' . $F->link('topic') . 'id=' . $id . '">' . $row->topictitle . '</a>'; … … 61 61 $q->execute(); 62 62 $row = $q->fetchObject(); 63 $q ->closeCursor();63 $q = NULL; 64 64 // update views 65 65 $_newviews = $row->topic_views + 1; … … 68 68 $q3->bindParam(':id', $id, PDO::PARAM_INT, 12); 69 69 $q3->execute(); 70 $q3 = NULL; 70 71 // new topic, new poll and reply buttons 71 72 $postbuttons = new Postbuttons(TRUE, $row->forum, TRUE, $row->topicid, $row->closed); … … 76 77 $q2->execute(); 77 78 $row2 = $q2->fetchObject(); 78 $q2 ->closeCursor();79 $q2 = NULL; 79 80 // calculate start for this page 80 81 if (!isset($page) || $page == '') { $page = 1; } … … 97 98 $q2->execute(); 98 99 $row2 = $q2->fetchObject(); 99 $q2 ->closeCursor();100 $q2 = NULL; 100 101 // check if logged in member already voted 101 102 $pollvoters = split("\n", $row2->pollvoters); … … 169 170 $q2->bindParam(':topic', $id, PDO::PARAM_INT, 12); 170 171 $q2->execute(); 172 $rows2 = $q2->fetchAll(); 173 $q2 = NULL; 171 174 // list posts in a table 172 175 $table = new Table(); 173 while ($row2 = $q2->fetchObject()) {174 $p = new Post($row2 ->postid);176 foreach ($rows2 as $row2) { 177 $p = new Post($row2['postid']); 175 178 $p->add($table); 176 179 } … … 236 239 if ($q->execute()) { 237 240 $_title = $q->fetchColumn(); 238 $q ->closeCursor();241 $q = NULL; 239 242 return $_title; 240 243 } else { trunk/classes/pages/Userpanel.php
r17 r18 57 57 $s = $q->execute(); 58 58 if ($s && $row = $q->fetchObject()) { 59 $q ->closeCursor();59 $q = NULL; 60 60 // if member has been found 61 61 // check if old password is correct … … 72 72 $q2->execute(); 73 73 $row2 = $q2->fetchObject(); 74 $q2 ->closeCursor();74 $q2 = NULL; 75 75 // encrypt user name and password 76 76 $e = new Encryption(); … … 96 96 } else { 97 97 // member not found by id 98 $q ->closeCursor();98 $q = NULL; 99 99 $div = $this->html->body->addChild('div', $LANG['error_id']); 100 100 $div->addAttribute('class', 'message'); … … 117 117 if ($s && $row = $q->fetchObject()) { 118 118 // if member has been found 119 $q ->closeCursor();119 $q = NULL; 120 120 // check if old password is correct 121 121 if (Member::authenticate($row->membername, $password)) { … … 125 125 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 126 126 $q->execute(); 127 $q = NULL; 127 128 $div = $this->html->body->addChild('div', $LANG['email_changed']); 128 129 $div->addAttribute('class', 'message'); … … 134 135 } else { 135 136 // member not found by id 136 $q ->closeCursor();137 $q = NULL; 137 138 $div = $this->html->body->addChild('div', $LANG['error_id']); 138 139 $div->addAttribute('class', 'message'); … … 187 188 $s = $q->execute(); 188 189 if ($s && $row = $q->fetchObject()) { 189 $q ->closeCursor();190 $q = NULL; 190 191 if ($user != $row->membername) { 191 192 // update membername … … 194 195 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 195 196 $q->execute(); 197 $q = NULL; 196 198 // update name in the posts table, too, if necessary 197 199 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'posts SET poster=:user WHERE poster=:member AND postedbymember=:one'); … … 200 202 $q->bindValue(':one', 1, PDO::PARAM_INT); 201 203 $q->execute(); 204 $q = NULL; 202 205 } 203 206 // if the crucial rest has been entered, update it one by one … … 207 210 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 208 211 $q->execute(); 212 $q = NULL; 209 213 } 210 214 // update rest in bulk … … 225 229 $q->bindParam(':id', $id, PDO::PARAM_INT, 12); 226 230 $q->execute(); 231 $q = NULL; 227 232 // put new board style and language into session 228 233 $_SESSION['boardstyle'] = trim($boardstyle); … … 231 236 $output = $LANG['profile_updated']; 232 237 } else { 233 $q ->closeCursor();238 $q = NULL; 234 239 $output = $LANG['error_id']; 235 240 } … … 246 251 $q->bindParam(':member', $id, PDO::PARAM_INT, 12); 247 252 $q->execute(); 253 $q = NULL; 248 254 // insert new subscription if needed 249 255 if ($newsubscribed[0] > 0) { … … 252 258 $q->bindParam(':member', $id, PDO::PARAM_INT, 12); 253 259 $q->execute(); 260 $q = NULL; 254 261 } 255 262 // re-insert the subscriptions the user wanted to retain … … 261 268 $q->bindParam(':member', $id, PDO::PARAM_INT, 12); 262 269 $q->execute(); 270 $q = NULL; 263 271 } 264 272 } … … 275 283 $q->bindValue(':one', 1, PDO::PARAM_INT); 276 284 $q->execute(); 277 while ($row = $q->fetchObject()) { 285 $rows = $q->fetchAll(); 286 $q = NULL; 287 foreach ($rows as $row) { 278 288 $q2 = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'groupmemberships WHERE member = :member AND usergroup = :group'); 279 289 $q2->bindParam(':member', $id, PDO::PARAM_INT, 12); 280 $q2->bindParam(':group', $row ->id, PDO::PARAM_INT, 12);290 $q2->bindParam(':group', $row['id'], PDO::PARAM_INT, 12); 281 291 $q2->execute(); 292 $q2 = NULL; 282 293 } 283 294 // insert memberships of the groups the user wants … … 289 300 $q->bindParam(':id', $key, PDO::PARAM_INT, 12); 290 301 if ($q->execute() && $q->fetchColumn() == 1) { 291 $q ->closeCursor();302 $q = NULL; 292 303 // it is a public group, so go ahead and insert 293 304 $q2 = $C->prepare('INSERT INTO ' . $SETTINGS['dbtableprefix'] . 'groupmemberships (member, usergroup) VALUES (:member, :group)'); … … 295 306 $q2->bindParam(':group', $key, PDO::PARAM_INT, 12); 296 307 $q2->execute(); 308 $q2 = NULL; 297 309 } else { 298 $q ->closeCursor();310 $q = NULL; 299 311 } 300 312 } … … 533 545 $q->bindParam(':id', $_SESSION['memberid'], PDO::PARAM_INT, 12); 534 546 $q->execute(); 535 while ($row = $q->fetchObject()) { 547 $rows = $q->fetchAll(); 548 $q = NULL; 549 foreach ($rows as $row) { 536 550 // get topic title (and the respective forum) 537 551 $q2 = $C->prepare('SELECT t.topictitle AS topictitle, f.forumtitle AS forumtitle FROM ' . $SETTINGS['dbtableprefix'] . 'topics AS t, ' . $SETTINGS['dbtableprefix'] . 'forums AS f WHERE t.topicid = :id AND f.forumid = t.forum'); 538 $q2->bindParam(':id', $row ->topic, PDO::PARAM_INT, 12);552 $q2->bindParam(':id', $row['topic'], PDO::PARAM_INT, 12); 539 553 $q2->execute(); 540 554 $row2 = $q2->fetchObject(); 541 $q2 ->closeCursor();542 $form->addRawTableRow(Array($row2->topictitle . ' (' . $row2->forumtitle . ')', '<td><input type="checkbox" name="newsubscribed[' . $row ->topic. ']" value="1" checked="checked" /></td>'));555 $q2 = NULL; 556 $form->addRawTableRow(Array($row2->topictitle . ' (' . $row2->forumtitle . ')', '<td><input type="checkbox" name="newsubscribed[' . $row['topic'] . ']" value="1" checked="checked" /></td>')); 543 557 } 544 558 // one select box for a new subscription showing only the 50 last active topics … … 554 568 $_col2 .= '<option value="' . $row['topicid'] . '">' . $row['topictitle'] . ' (' . $row['forumtitle'] . ')</option>'; 555 569 } 556 $q2 ->closeCursor();570 $q2 = NULL; 557 571 } 558 572 $_col2 .= '</select></td>'; … … 585 599 $_col2 .= ' checked="checked"'; 586 600 } 587 $q3 ->closeCursor();601 $q3 = NULL; 588 602 $_col2 .= ' /></td>'; 589 603 $form->addRawTableRow(Array('<td>' . $row['name'] . '</td>', $_col2)); trunk/db/spamboard.sql
r14 r18 65 65 pinned INTEGER NOT NULL DEFAULT 0, 66 66 poll INTEGER NOT NULL DEFAULT 0, 67 topic_views INTEGER NOT NULL ,67 topic_views INTEGER NOT NULL DEFAULT 0, 68 68 PRIMARY KEY (topicid) 69 69 ); trunk/includes/config/version.php
r1 r18 28 28 * Also good: Spam Board Viking Edition 1.0 (then, you can do your own version numbering from there) */ 29 29 30 $VERSION = 'SVN ' . gmdate('Y-m-d', time());30 $VERSION = 'SVN'; 31 31 32 32 ?> trunk/includes/login.php
r17 r18 28 28 $q->execute(); 29 29 $row = $q->fetchObject(); 30 $q ->closeCursor();30 $q = NULL; 31 31 // delete old session entry in the online table 32 32 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinesession=:session'); 33 33 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 34 34 $q->execute(); 35 $q = NULL; 35 36 // regenerate ID in order to ensure privileged session hasn't been fixed in advance 36 37 session_regenerate_id(); … … 48 49 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 49 50 $q->execute(); 51 $q = NULL; 50 52 // set cookie if user wants to stay logged in 51 53 if ($remember == 'y') { trunk/includes/session.php
r17 r18 71 71 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 72 72 $q->execute(); 73 $q = NULL; 73 74 // delete session (native value is NULL, not Array()) 74 75 $_SESSION = NULL; … … 92 93 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 93 94 $q->execute(); 95 $q = NULL; 94 96 // delete session (native value is NULL) 95 97 $_SESSION = NULL; … … 121 123 $s = $q->execute(); 122 124 if ($s && $q->fetchColumn() >= 1) { 123 $q ->closeCursor();125 $q = NULL; 124 126 // update existing entry with new timestamp 125 127 $q = $C->prepare('UPDATE ' . $SETTINGS['dbtableprefix'] . 'online SET onlinetime=:time WHERE onlinesession=:session'); … … 127 129 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 128 130 $q->execute(); 131 $q = NULL; 129 132 } else { 130 $q ->closeCursor();133 $q = NULL; 131 134 // check if returning user who has saved credentials in cookie 132 135 if ($_COOKIE['sb_user'] != '') { … … 146 149 if ($s && $row2 = $q2->fetchObject()) { 147 150 // automatic login successful 148 $q2 ->closeCursor();151 $q2 = NULL; 149 152 // regenerate ID in order to ensure privileged session hasn't been fixed in advance 150 153 session_regenerate_id(); … … 160 163 } else { 161 164 // something wrong with contents of cookie - delete 165 $q2 = NULL; 162 166 setcookie('sb_user', '', -1); 163 167 } … … 171 175 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 172 176 $q->execute(); 177 $q = NULL; 173 178 } 174 179 // get last visit from database if member … … 179 184 if ($s && $row = $q->fetchObject()) { 180 185 // write back to session 186 $q = NULL; 181 187 $_SESSION['lastvisit'] = $row->lastvisit; 182 188 } else { 183 189 // ID from a non-existent member? Something is very wrong... 190 $q = NULL; 184 191 exit; 185 192 } … … 192 199 $q = $C->prepare('SELECT onlinememberid, onlinesession, onlinetime FROM ' . $SETTINGS['dbtableprefix'] . 'online'); 193 200 $q->execute(); 194 while ($row = $q->fetchObject()) { 195 if ($row->onlinetime + 900 < time()) { 201 $rows = $q->fetchAll(); 202 $q = NULL; 203 foreach ($rows as $row) { 204 if ($row['onlinetime'] + 900 < time()) { 196 205 // delete entries older than 15 minutes 197 206 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinesession=:session AND onlinetime=:time'); 198 $q->bindParam(':session', $row ->onlinesession, PDO::PARAM_STR, 40);199 $q->bindParam(':time', $row ->onlinetime, PDO::PARAM_STR, 12);207 $q->bindParam(':session', $row['onlinesession'], PDO::PARAM_STR, 40); 208 $q->bindParam(':time', $row['onlinetime'], PDO::PARAM_STR, 12); 200 209 $q->execute(); 210 $q = NULL; 201 211 } 202 212 // check for duplicate entries of members 203 213 if ($row->onlinememberid > 0) { 204 214 $q2 = $C->prepare('SELECT onlinetime FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinememberid=:memberid ORDER BY onlinetime DESC'); 205 $q2->bindParam(':memberid', $row ->onlinememberid, PDO::PARAM_INT, 12);215 $q2->bindParam(':memberid', $row['onlinememberid'], PDO::PARAM_INT, 12); 206 216 $s = $q2->execute(); 207 217 if ($s && $row2 = $q2->fetchObject()) { 208 $q2 ->closeCursor();218 $q2 = NULL; 209 219 // delete all but the newest one 210 220 $q = $C->prepare('DELETE FROM ' . $SETTINGS['dbtableprefix'] . 'online WHERE onlinememberid=:memberid AND onlinetime<:time'); 211 $q->bindParam(':memberid', $row ->onlinememberid,PDO::PARAM_INT, 12);212 $q->bindParam(':time', $row2 ->onlinetime, PDO::PARAM_INT, 12);221 $q->bindParam(':memberid', $row['onlinememberid'], PDO::PARAM_INT, 12); 222 $q->bindParam(':time', $row2['onlinetime'], PDO::PARAM_INT, 12); 213 223 $q->execute(); 224 $q = NULL; 214 225 } else { 215 $q2 ->closeCursor();226 $q2 = NULL; 216 227 } 217 228 } … … 226 237 $q->bindParam(':id', $_SESSION['memberid'], PDO::PARAM_INT, 12); 227 238 $q->execute(); 239 $q = NULL; 228 240 } 229 241 trunk/redirectors/logout.php
r3 r18 67 67 $q->bindParam(':session', session_id(), PDO::PARAM_STR, 40); 68 68 $q->execute(); 69 $q = NULL; 69 70 // close database connection 70 71 $C = NULL; trunk/redirectors/pollvote.php
r17 r18 63 63 $s = $q->execute(); 64 64 $row_q = $q->fetchAll(); 65 $q ->closeCursor();65 $q = NULL;; 66 66 $q2 = $C->prepare('SELECT * FROM ' . $SETTINGS['dbtableprefix'] . 'polls WHERE pollid=:id'); 67 67 $q2->bindParam(':id', $id, PDO::PARAM_INT, 12); … … 70 70 $row_title = $row_q[0]['topictitle']; 71 71 $row = $q2->fetchObject(); 72 $q2 ->closeCursor();72 $q2 = NULL;; 73 73 // heading 74 74 $html->body->addChild('h2', $row_title); … … 124 124 if ($q->execute()) { 125 125 $row = $q->fetchObject(); 126 $q ->closeCursor();126 $q = NULL; 127 127 // check if logged in member already voted 128 128 $pollvoters = split("\n", $row->pollvoters); … … 146 146 $q->bindParam(':id', $poll, PDO::PARAM_INT, 12); 147 147 $q->execute(); 148 $q = NULL; 148 149 // close database connection 149 150 $C = NULL; trunk/redirectors/preview.php
r17 r18 72 72 $row->postedbymember = 0; 73 73 } 74 $q ->closeCursor();74 $q = NULL; 75 75 } else { 76 76 // logged in trunk/redirectors/showip.php
r17 r18 60 60 $q->execute(); 61 61 $_ip = $q->fetchColumn(); 62 $q ->closeCursor();62 $q = NULL; 63 63 // output 64 64 $html->body->addChild('h2', $LANG['IP']);
