diff options
| author | jhunkeler <jhunkeler@c5b2fb0a-d05d-0410-98c8-828840a80ff6> | 2010-01-07 19:54:15 -0500 |
|---|---|---|
| committer | jhunkeler <jhunkeler@c5b2fb0a-d05d-0410-98c8-828840a80ff6> | 2010-01-07 19:54:15 -0500 |
| commit | 21608260d1b8a7bab9f8bab60bdc506af25985e6 (patch) | |
| tree | d67a0ab5e941df9a4e801188df61670804ffc111 | |
| parent | 5e7cafa6281a6a291c59752da13b457f53b6d3f0 (diff) | |
| download | bayonetcms-21608260d1b8a7bab9f8bab60bdc506af25985e6.tar.gz | |
Fixed GetBlocks() passing a bad result to mysqli fetch.
git-svn-id: http://svn.3rd-infantry-division.org/testing/branches/Bayonet CMS v2@455 c5b2fb0a-d05d-0410-98c8-828840a80ff6
| -rw-r--r-- | includes/functions.php | 34 | ||||
| -rw-r--r-- | includes/sql.class.php | 23 | ||||
| -rw-r--r-- | index.php | 2 |
3 files changed, 41 insertions, 18 deletions
diff --git a/includes/functions.php b/includes/functions.php index 30997c6..5d3dc7d 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -420,9 +420,9 @@ function ReportError($message) function ReportHack($message) { //WriteLog($message,BAYONET_LOG_HACK); - OpenTable(); - echo "<tr><th>Hack Attempt</th></tr><tr><td style=\"text-align:center;\">{$message}</td></tr>"; - CloseTable(); + OpenContent(); + echo "<div class=\"contentHeading\">Hacking Attempt</div><div class=\"content\">{$message}</div>"; + CloseContent(); } /** @@ -585,6 +585,23 @@ function UnderConstruction($message = NULL, $flag = BAYONET_SITE) } /** + * valid_result() + * + * Determine if a mysqli result is valid. + * Can be used on normal objects to check if they are empty. + * + * @param mixed $p_result + * @return + */ +function valid_result($p_result) +{ + if(is_object($p_result) && count($p_result) <= 1) + return false; + else + return true; +} + +/** * GetBlocks() * * Includes all directories listed in blocks/ and uses the bayonet_blocks @@ -600,10 +617,17 @@ function GetBlocks($position = BLOCK_LEFT) { global $config; global $db; + + $query = sprintf("SELECT block_id, active, weight, position, dir_name, title FROM bayonet_blocks WHERE active = 1 AND position = %d ORDER BY weight", (int)$position); + $result = $db->Query($query); - $result = $db->Query("SELECT block_id, active, weight, position, dir_name, title FROM `bayonet_blocks` WHERE `position` = $position AND `active` = 1 ORDER BY weight"); - $blocks = $db->Fetch($result); + /* Is the result valid? */ + if($db->Rows($result) < 1) + return false; + $blocks = $db->Fetch($result); + if(empty($blocks)) return; + foreach($blocks as $block) { $load = 'blocks/'.$block['dir_name'].'/index.php'; diff --git a/includes/sql.class.php b/includes/sql.class.php index 30b87e4..6bda00f 100644 --- a/includes/sql.class.php +++ b/includes/sql.class.php @@ -73,20 +73,19 @@ class Bayonet_SQL } public function FetchArray($p_result) - { - global $db_fetches; - $db_fetches++; + { + global $db_fetches; + $db_fetches++; + decho('Fetching result'); - decho('Fetching result'); - - while ($row = mysqli_fetch_array($p_result, MYSQLI_ASSOC)) { - $result[] = $row; - } - - $this->Free($p_result); - - return is_array($result) ? $result : array(); + while ($row = mysqli_fetch_array($p_result, MYSQLI_ASSOC)) + { + $result[] = $row; } + $this->Free($p_result); + + return is_array($result) ? $result : array(); + } public function FetchObject($p_result, $class, $no_array = false) { @@ -5,7 +5,7 @@ * * Purpose of this software is to allow users to manage their website * with ease and without needing to have any coding knowledge in order - * to maintain it. Visit www.eodesign.com/cms for any updates or feedback. + * to maintain it. Visit [link] for any updates or feedback. */ /* Begin try/catch block */ |