appdb/ ./browse_downloadable.php include/versi ...
WineHQ
wineowner at wine.codeweavers.com
Sat Jan 27 16:58:12 CST 2007
ChangeSet ID: 30911
CVSROOT: /opt/cvs-commit
Module name: appdb
Changes by: wineowner at winehq.org 2007/01/27 16:58:12
Modified files:
. : browse_downloadable.php
include : version.php
Log message:
Alexander Nicolaysen Sørnes <alex at thehandofagony.com>
Allow filtering by license when browsing downloadable apps
Patch: http://cvs.winehq.org/patch.py?id=30911
Old revision New revision Changes Path
1.1 1.2 +42 -10 appdb/browse_downloadable.php
1.102 1.103 +14 -0 appdb/include/version.php
Index: appdb/browse_downloadable.php
diff -u -p appdb/browse_downloadable.php:1.1 appdb/browse_downloadable.php:1.2
--- appdb/browse_downloadable.php:1.1 27 Jan 2007 22:58:12 -0000
+++ appdb/browse_downloadable.php 27 Jan 2007 22:58:12 -0000
@@ -9,6 +9,9 @@ require(BASE."include/incl.php");
apidb_header("Browse Downloadable Applications");
+/* Match specific license? */
+$sLicense = version::checkLicense($aClean['sLicense']);
+
/* Set default values */
if(!$aClean['iNumVersions'] || $aClean['iNumVersions'] > 200 || $aClean['iNumVersions'] < 0)
$aClean['iNumVersions'] = 25;
@@ -17,12 +20,19 @@ if(!$aClean['iPage'])
$aClean['iPage'] = 1;
/* Count the possible matches */
-$hResult = query_parameters("SELECT DISTINCT appFamily.appName,
+$sQuery = "SELECT DISTINCT appFamily.appName,
appVersion.versionName, appVersion.versionId, appFamily.description
FROM appFamily, appVersion, appData
WHERE appData.type = '?' AND appData.versionId = appVersion.versionId
- AND appFamily.appId = appVersion.appId",
- "downloadurl");
+ AND appFamily.appId = appVersion.appId";
+
+if(!$sLicense)
+ $hResult = query_parameters($sQuery, "downloadurl");
+else
+{
+ $sQuery .= " AND license = '?'";
+ $hResult = query_parameters($sQuery, "downloadurl", $sLicense);
+}
if($hResult && mysql_num_rows($hResult))
$num = mysql_num_rows($hResult);
@@ -58,16 +68,38 @@ foreach($numVersionsArray as $i)
echo "</select>\n";
+echo "<b>Filter by license</b>\n";
+$oVersion = new Version();
+echo $oVersion->makeLicenseList($sLicense);
+
echo " <input type=\"submit\" value=\"Refresh\" />\n";
echo "</form></div>\n<br />\n";
-$hResult = query_parameters("SELECT DISTINCT appFamily.appName,
- appVersion.versionName, appVersion.versionId, appFamily.description
- FROM appFamily, appVersion, appData
- WHERE appData.type = '?' AND appData.versionId = appVersion.versionId
- AND appFamily.appId = appVersion.appId
- ORDER BY appFamily.appName LIMIT ?, ?",
- "downloadurl", $iLimitLower, $aClean['iNumVersions']);
+if(!$num)
+{
+ echo "<div align=\"center\"><font color=\"red\">No matches found</font></div>\n";
+ echo html_frame_end(" ");
+ exit;
+}
+
+$sQuery = "SELECT DISTINCT appFamily.appName,
+ appVersion.versionName, appVersion.versionId, appFamily.description
+ FROM appFamily, appVersion, appData
+ WHERE appData.type = '?' AND appData.versionId = appVersion.versionId
+ AND appFamily.appId = appVersion.appId ";
+
+if(!$sLicense)
+{
+ $sQuery .= "ORDER BY appFamily.appName LIMIT ?, ?";
+ $hResult = query_parameters($sQuery, "downloadurl", $iLimitLower,
+ $aClean['iNumVersions']);
+} else
+{
+ $sQuery .= "AND license = '?' ORDER BY appFamily.appName LIMIT ?, ?";
+ $hResult = query_parameters($sQuery,
+ "downloadurl", $sLicense, $iLimitLower,
+ $aClean['iNumVersions']);
+}
if($hResult && mysql_num_rows($hResult))
{
Index: appdb/include/version.php
diff -u -p appdb/include/version.php:1.102 appdb/include/version.php:1.103
--- appdb/include/version.php:1.102 27 Jan 2007 22:58:12 -0000
+++ appdb/include/version.php 27 Jan 2007 22:58:12 -0000
@@ -1121,6 +1121,20 @@ class Version {
return $sReturn;
}
+ /* In order to prevent MySQL injections. Returns matched license */
+ function checkLicense($sLicense)
+ {
+ $aLicense = array(LICENSE_RETAIL, LICENSE_OPENSOURCE, LICENSE_FREEWARE,
+ LICENSE_DEMO, LICENSE_SHAREWARE);
+
+ foreach($aLicense as $sElement)
+ {
+ if($sLicense == $sElement)
+ return $sElement;
+ }
+
+ return FALSE;
+ }
}
?>
More information about the wine-cvs
mailing list