PHP Parse error: syntax error, unexpected ''
lima-city → Forum → Programmiersprachen → PHP, MySQL & .htaccess
administration
anfrage
boxen
check
code
fehler
kommentar
login
modul
page
relative url
set
setting
special
system
text
type
url
vermutung
zeile
-
Hallo,
ich bekomme folgende Fehlermeldung:PHP Parse error: syntax error, unexpected '' (T_ENCAPSED_AND_WHITESPACE), expecting identifier (T_STRING) or variable (T_VARIABLE) or number (T_NUM_STRING) in datei.php on line 109
Der Code in der Zeile ist folgender:mysql_query("INSERT INTO `wb_mod_droplets` (`id`, `name`, `code`, `description`, `modified_when`, `modified_by`, `active`, `admin_edit`, `admin_view`, `show_wysiwyg`, `comments`) VALUES (9, 'LoginBox', '//:Absolute or relative url possible\n//:Remember to enable frontend login in your website settings.\n\n global $wb,$page_id,$TEXT, $MENU, $HEADING;\n\n $return_value = ''<div class=\"login-box\">''.\"\\n\";\n $return_admin = '' '';\n // Return a system permission\n function get_permission($name, $type = ''system'')\n {\n global $wb;\n // Append to permission type\n $type .= ''_permissions'';\n // Check if we have a section to check for\n if($name == ''start'') {\n return true;\n } else {\n // Set system permissions var\n $system_permissions = $wb->get_session(''SYSTEM_PERMISSIONS'');\n // Set module permissions var\n $module_permissions = $wb->get_session(''MODULE_PERMISSIONS'');\n // Set template permissions var\n $template_permissions = $wb->get_session(''TEMPLATE_PERMISSIONS'');\n // Return true if system perm = 1\n if (isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) {\n if($type == ''system_permissions'') {\n return true;\n } else {\n return false;\n }\n } else {\n if($type == ''system_permissions'') {\n return false;\n } else {\n return true;\n }\n }\n }\n }\n\n function get_page_permission($page, $action=''admin'') {\n if ($action!=''viewing''){ $action=''admin'';}\n $action_groups=$action.''_groups'';\n $action_users=$action.''_users'';\n if (is_array($page)) {\n $groups=$page[$action_groups];\n $users=$page[$action_users];\n } else {\n global $database,$wb;\n $results = $database->query(\"SELECT $action_groups,$action_users FROM \".TABLE_PREFIX.\"pages WHERE page_id = ''$page''\");\n $result = $results->fetchRow();\n $groups = explode('','', str_replace(''_'', '''', $result[$action_groups]));\n $users = explode('','', str_replace(''_'', '''', $result[$action_users]));\n }\n\n $in_group = FALSE;\n foreach($wb->get_groups_id() as $cur_gid){\n if (in_array($cur_gid, $groups)) {\n $in_group = TRUE;\n }\n }\n if((!$in_group) AND !is_numeric(array_search($wb->get_user_id(), $users))) {\n return false;\n }\n return true;\n }\n\n// Get redirect\n $redirect_url = ((isset($_SESSION[''HTTP_REFERER'']) && $_SESSION[''HTTP_REFERER''] != '''') ? $_SESSION[''HTTP_REFERER''] : WB_URL );\n $redirect_url = (isset($redirect) && ($redirect!='''') ? $redirect : $redirect_url);\n\n if ( ( FRONTEND_LOGIN == ''enabled'') &&\n ( VISIBILITY != ''private'') &&\n ( $wb->get_session(''USER_ID'') == '''') )\n {\n $return_value .= ''<form action=\"''.LOGIN_URL.''\" method=\"post\">''.\"\\n\";\n $return_value .= ''<input type=\"hidden\" name=\"url\" value=\"''.$redirect_url.''\" />''.\"\\n\";\n $return_value .= ''<fieldset>''.\"\\n\";\n $return_value .= ''<h1>''.$TEXT[''LOGIN''].''</h1>''.\"\\n\";\n $return_value .= ''<label for=\"username\">''.$TEXT[''USERNAME''].'':</label>''.\"\\n\";\n $return_value .= ''<p><input type=\"text\" name=\"username\" id=\"username\" /></p>''.\"\\n\";\n $return_value .= ''<label for=\"password\">''.$TEXT[''PASSWORD''].'':</label>''.\"\\n\";\n $return_value .= ''<p><input type=\"password\" name=\"password\" id=\"password\"/></p>''.\"\\n\";\n $return_value .= ''<p><input type=\"submit\" id=\"submit\" value=\"''.$TEXT[''LOGIN''].''\" class=\"dbutton\" /></p>''.\"\\n\";\n $return_value .= ''<ul class=\"login-advance\">''.\"\\n\";\n $return_value .= ''<li class=\"forgot\"><a href=\"''.FORGOT_URL.''\"><span>''.$TEXT[''FORGOT_DETAILS''].''</span></a></li>''.\"\\n\";\n\n if (intval(FRONTEND_SIGNUP) > 0)\n {\n $return_value .= ''<li class=\"sign\"><a href=\"''.SIGNUP_URL.''\">''.$TEXT[''SIGNUP''].''</a></li>''.\"\\n\";\n }\n $return_value .= ''</ul>''.\"\\n\";\n $return_value .= ''</fieldset>''.\"\\n\";\n $return_value .= ''</form>''.\"\\n\";\n\n } elseif( (FRONTEND_LOGIN == ''enabled'') &&\n (is_numeric($wb->get_session(''USER_ID''))) )\n {\n $return_value .= ''<form action=\"''.LOGOUT_URL.''\" method=\"post\" class=\"login-table\">''.\"\\n\";\n $return_value .= ''<fieldset>''.\"\\n\";\n $return_value .= ''<h1>''.$TEXT[\"LOGGED_IN\"].''</h1>''.\"\\n\";\n $return_value .= ''<label>''.$TEXT[''WELCOME_BACK''].'', ''.$wb->get_display_name().''</label>''.\"\\n\";\n $return_value .= ''<p><input type=\"submit\" name=\"submit\" value=\"''.$MENU[''LOGOUT''].''\" class=\"dbutton\" /></p>''.\"\\n\";\n $return_value .= ''<ul class=\"logout-advance\">''.\"\\n\";\n $return_value .= ''<li class=\"preference\"><a href=\"''.PREFERENCES_URL.''\" title=\"''.$MENU[''PREFERENCES''].''\">''.$MENU[''PREFERENCES''].''</a></li>''.\"\\n\";\n\n if ($wb->ami_group_member(''1'')) //change ot the group that should get special links\n {\n $return_admin .= ''<li class=\"admin\"><a target=\"_blank\" href=\"''.ADMIN_URL.''/index.php\" title=\"''.$TEXT[''ADMINISTRATION''].''\" class=\"blank_target\">''.$TEXT[\"ADMINISTRATION\"].''</a></li>''.\"\\n\";\n //you can add more links for your users like userpage, lastchangedpages or something\n $return_value .= $return_admin;\n }\n //change ot the group that should get special links\n if( get_permission(''pages_modify'') && get_page_permission( PAGE_ID ) )\n {\n $return_value .= ''<li class=\"modify\"><a target=\"_blank\" href=\"''.ADMIN_URL.''/pages/modify.php?page_id=''.PAGE_ID.''\" title=\"''.$HEADING[''MODIFY_PAGE''].''\" class=\"blank_target\">''.$HEADING[''MODIFY_PAGE''].''</a></li>''.\"\\n\";\n }\n $return_value .= ''</ul>''.\"\\n\";\n $return_value .= ''</fieldset>''.\"\\n\";\n $return_value .= ''</form>''.\"\\n\";\n }\n $return_value .= ''</div>''.\"\\n\";\n return $return_value;\n', 'Puts a Login / Logout box on your page.', 1378247492, 1, 1, 0, 0, 0, 'Use: [[LoginBox?redirect=url]]'); ") or die("Anfrage fehlgeschlagen: " . mysql_error());
(Hier wird der Code in einem online Compiler ausgeführt!) Ich finde den Fehler nicht - findet es hier jemand? (Oder kann mir jemand einen Tipp geben, wie ich den Fehler finde?) -
Diskutiere mit und stelle Fragen: Jetzt kostenlos anmelden!
lima-city: Gratis werbefreier Webspace für deine eigene Homepage
-
Ich habe mir nicht deinen ganzen Code angeschaut, aber ich habe 3 Vermutungen, was der Fehler sein kann.
1. Vermutung: Du hast die Apostroph Zeichen falsch eingesetzt. z.B.:
($type == ''system_permissions'')
Sollte das nicht eigentlich so aussehen:
($type == 'system_permissions')
2. Vermutung:
stackoverflow.com/questions/7387525/php-parse-error-syntax-error-unexpected-t-encapsed-and-whitespace-expecting-t
3. Vermutung:
Du hast mehrere Kommentare mit // innerhalb einer Zeile eingesetzt. Ist das nicht eigentlich so, wenn du nur einmal // in einer Zeile einsetzt, dass dann die ganze Zeile als Kommentar gilt.
Noch was: Du musst die 2. und 3. Zeile zu einer verbinden.
mysql_query("INSERT INTO `wb_mod_droplets` (`id`, `name`, `code`, `description`, `modified_when`, `modified_by`, `active`, `admin_edit`, `admin_view`, `show_wysiwyg`, `comments`) VALUES (9, 'LoginBox', '//:Absolute or relative url possible\n//:Remember to enable frontend login in your website settings.\n\n global $wb,$page_id,$TEXT, $MENU, $HEADING;\n\n $return_value = ''<div class=\"login-box\">''.\"\\n\";\n $return_admin = '' '';\n // Return a system permission\n function get_permission($name, $type = ''system'')\n {\n global $wb;\n // Append to permission type\n $type .= ''_permissions'';\n // Check if we have a section to check for\n if($name == ''start'') {\n return true;\n } else {\n // Set system permissions var\n $system_permissions = $wb->get_session(''SYSTEM_PERMISSIONS'');\n // Set module permissions var\n $module_permissions = $wb->get_session(''MODULE_PERMISSIONS'');\n // Set template permissions var\n $template_permissions = $wb->get_session(''TEMPLATE_PERMISSIONS'');\n // Return true if system perm = 1\n if (isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) {\n if($type == ''system_permissions'') {\n return true;\n } else {\n return false;\n }\n } else {\n if($type == ''system_permissions'') {\n return false;\n } else {\n return true;\n }\n }\n }\n }\n\n function get_page_permission($page, $action=''admin'') {\n if ($action!=''viewing''){ $action=''admin'';}\n $action_groups=$action.''_groups'';\n $action_users=$action.''_users'';\n if (is_array($page)) {\n $groups=$page[$action_groups];\n $users=$page[$action_users];\n } else {\n global $database,$wb;\n $results = $database->query(\"SELECT $action_groups,$action_users FROM \".TABLE_PREFIX.\"pages WHERE page_id = ''$page''\");\n $result = $results->fetchRow();\n $groups = explode('','', str_replace(''_'', '''', $result[$action_groups]));\n $users = explode('','', str_replace(''_'', '''', $result[$action_users]));\n }\n\n $in_group = FALSE;\n foreach($wb->get_groups_id() as $cur_gid){\n if (in_array($cur_gid, $groups)) {\n $in_group = TRUE;\n }\n }\n if((!$in_group) AND !is_numeric(array_search($wb->get_user_id(), $users))) {\n return false;\n }\n return true;\n }\n\n// Get redirect\n $redirect_url = ((isset($_SESSION[''HTTP_REFERER'']) && $_SESSION[''HTTP_REFERER''] != '''') ? $_SESSION[''HTTP_REFERER''] : WB_URL );\n $redirect_url = (isset($redirect) && ($redirect!='''') ? $redirect : $redirect_url);\n\n if ( ( FRONTEND_LOGIN == ''enabled'') &&\n ( VISIBILITY != ''private'') &&\n ( $wb->get_session(''USER_ID'') == '''') )\n {\n $return_value .= ''<form action=\"''.LOGIN_URL.''\" method=\"post\">''.\"\\n\";\n $return_value .= ''<input type=\"hidden\" name=\"url\" value=\"''.$redirect_url.''\" />''.\"\\n\";\n $return_value .= ''<fieldset>''.\"\\n\";\n $return_value .= ''<h1>''.$TEXT[''LOGIN''].''</h1>''.\"\\n\";\n $return_value .= ''<label for=\"username\">''.$TEXT[''USERNAME''].'':</label>''.\"\\n\";\n $return_value .= ''<p><input type=\"text\" name=\"username\" id=\"username\" /></p>''.\"\\n\";\n $return_value .= ''<label for=\"password\">''.$TEXT[''PASSWORD''].'':</label>''.\"\\n\";\n $return_value .= ''<p><input type=\"password\" name=\"password\" id=\"password\"/></p>''.\"\\n\";\n $return_value .= ''<p><input type=\"submit\" id=\"submit\" value=\"''.$TEXT[''LOGIN''].''\" class=\"dbutton\" /></p>''.\"\\n\";\n $return_value .= ''<ul class=\"login-advance\">''.\"\\n\";\n $return_value .= ''<li class=\"forgot\"><a href=\"''.FORGOT_URL.''\"><span>''.$TEXT[''FORGOT_DETAILS''].''</span></a></li>''.\"\\n\";\n\n if (intval(FRONTEND_SIGNUP) > 0)\n {\n $return_value .= ''<li class=\"sign\"><a href=\"''.SIGNUP_URL.''\">''.$TEXT[''SIGNUP''].''</a></li>''.\"\\n\";\n }\n $return_value .= ''</ul>''.\"\\n\";\n $return_value .= ''</fieldset>''.\"\\n\";\n $return_value .= ''</form>''.\"\\n\";\n\n } elseif( (FRONTEND_LOGIN == ''enabled'') &&\n (is_numeric($wb->get_session(''USER_ID''))) )\n {\n $return_value .= ''<form action=\"''.LOGOUT_URL.''\" method=\"post\" class=\"login-table\">''.\"\\n\";\n $return_value .= ''<fieldset>''.\"\\n\";\n $return_value .= ''<h1>''.$TEXT[\"LOGGED_IN\"].''</h1>''.\"\\n\";\n $return_value .= ''<label>''.$TEXT[''WELCOME_BACK''].'', ''.$wb->get_display_name().''</label>''.\"\\n\";\n $return_value .= ''<p><input type=\"submit\" name=\"submit\" value=\"''.$MENU[''LOGOUT''].''\" class=\"dbutton\" /></p>''.\"\\n\";\n $return_value .= ''<ul class=\"logout-advance\">''.\"\\n\";\n $return_value .= ''<li class=\"preference\"><a href=\"''.PREFERENCES_URL.''\" title=\"''.$MENU[''PREFERENCES''].''\">''.$MENU[''PREFERENCES''].''</a></li>''.\"\\n\";\n\n if ($wb->ami_group_member(''1'')) //change ot the group that should get special links\n {\n $return_admin .= ''<li class=\"admin\"><a target=\"_blank\" href=\"''.ADMIN_URL.''/index.php\" title=\"''.$TEXT[''ADMINISTRATION''].''\" class=\"blank_target\">''.$TEXT[\"ADMINISTRATION\"].''</a></li>''.\"\\n\";\n //you can add more links for your users like userpage, lastchangedpages or something\n $return_value .= $return_admin;\n }\n //change ot the group that should get special links\n if( get_permission(''pages_modify'') && get_page_permission( PAGE_ID ) )\n {\n $return_value .= ''<li class=\"modify\"><a target=\"_blank\" href=\"''.ADMIN_URL.''/pages/modify.php?page_id=''.PAGE_ID.''\" title=\"''.$HEADING[''MODIFY_PAGE''].''\" class=\"blank_target\">''.$HEADING[''MODIFY_PAGE''].''</a></li>''.\"\\n\";\n }\n $return_value .= ''</ul>''.\"\\n\";\n $return_value .= ''</fieldset>''.\"\\n\";\n $return_value .= ''</form>''.\"\\n\";\n }\n $return_value .= ''</div>''.\"\\n\";\n return $return_value;\n', 'Puts a Login / Logout box on your page.', 1378247492, 1, 1, 0, 0, 0, 'Use: [[LoginBox?redirect=url]]');") or die("Anfrage fehlgeschlagen: " . mysql_error());
-
Warum machst du es dir so kompliziert? Versuch es doch mal so:
<?php $loginbox = <<< 'ETX' //:Absolute or relative url possible //:Remember to enable frontend login in your website settings. global $wb, $page_id, $TEXT, $MENU, $HEADING; $return_value = "<div class=\"login-box\">\n"; $return_admin = ' '; // Return a system permission function get_permission($name, $type = 'system') { global $wb; // Append to permission type $type .= '_permissions'; // Check if we have a section to check for if($name == 'start') { return true; } else { // Set system permissions var $system_permissions = $wb->get_session('SYSTEM_PERMISSIONS'); // Set module permissions var $module_permissions = $wb->get_session('MODULE_PERMISSIONS'); // Set template permissions var $template_permissions = $wb->get_session('TEMPLATE_PERMISSIONS'); // Return true if system perm = 1 if(isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) { if($type == 'system_permissions') { return true; } else { return false; } } else { if($type == 'system_permissions') { return false; } else { return true; } } } } function get_page_permission($page, $action='admin') { if($action != 'viewing') { $action = 'admin'; } $action_groups = "{$action}_groups"; $action_users = "{$action}_users"; if(is_array($page)) { $groups = $page[$action_groups]; $users = $page[$action_users]; } else { global $database, $wb; $results = $database->query("SELECT $action_groups, $action_users FROM " . TABLE_PREFIX . "pages WHERE page_id = '$page'"); $result = $results->fetchRow(); $groups = explode(',', str_replace('_', '', $result[$action_groups])); $users = explode(',', str_replace('_', '', $result[$action_users])); } $in_group = FALSE; foreach($wb->get_groups_id() as $cur_gid) { if(in_array($cur_gid, $groups)) { $in_group = TRUE; } } if((!$in_group) AND !is_numeric(array_search($wb->get_user_id(), $users))) { return false; } return true; } // Get redirect $redirect_url = ((isset($_SESSION['HTTP_REFERER']) && $_SESSION['HTTP_REFERER'] != '') ? $_SESSION['HTTP_REFERER'] : WB_URL); $redirect_url = (isset($redirect) && ($redirect != '') ? $redirect : $redirect_url); if((FRONTEND_LOGIN == 'enabled') && (VISIBILITY != 'private') && ($wb->get_session('USER_ID') == '')) { $return_value .= '<form action="' . LOGIN_URL . "\" method=\"post\">\n"; $return_value .= "<input type=\"hidden\" name=\"url\" value=\"$redirect_url\" />\n"; $return_value .= "<fieldset>\n"; $return_value .= "<h1>{$TEXT['LOGIN']}</h1>\n"; $return_value .= "<label for=\"username\">{$TEXT['USERNAME']}:</label>\n"; $return_value .= "<p><input type=\"text\" name=\"username\" id=\"username\" /></p>\n"; $return_value .= "<label for=\"password\">{$TEXT['PASSWORD']}:</label>\n"; $return_value .= "<p><input type=\"password\" name=\"password\" id=\"password\"/></p>\n"; $return_value .= "<p><input type=\"submit\" id=\"submit\" value=\"{$TEXT['LOGIN']}\" class=\"dbutton\" /></p>\n"; $return_value .= "<ul class=\"login-advance\">\n"; $return_value .= '<li class="forgot"><a href="' . FORGOT_URL . "\"><span>{$TEXT['FORGOT_DETAILS']}</span></a></li>\n"; if(intval(FRONTEND_SIGNUP) > 0) { $return_value .= '<li class="sign"><a href="' . SIGNUP_URL . "\">{$TEXT['SIGNUP']}</a></li>\n"; } $return_value .= "</ul>\n"; $return_value .= "</fieldset>\n"; $return_value .= "</form>\n"; } elseif((FRONTEND_LOGIN == 'enabled') && is_numeric($wb->get_session('USER_ID'))) { $return_value .= '<form action="' . LOGOUT_URL . "\" method=\"post\" class=\"login-table\">\n"; $return_value .= "<fieldset>\n"; $return_value .= "<h1>{$TEXT['LOGGED_IN']}</h1>\n"; $return_value .= "<label>{$TEXT['WELCOME_BACK']}, {$wb->get_display_name()}</label>\n"; $return_value .= "<p><input type=\"submit\" name=\"submit\" value=\"{$MENU['LOGOUT']}\" class=\"dbutton\" /></p>\n"; $return_value .= "<ul class=\"logout-advance\">\n"; $return_value .= '<li class="preference"><a href="' . PREFERENCES_URL . "\" title=\"{$MENU['PREFERENCES']}\">{$MENU['PREFERENCES']}</a></li>\n"; if ($wb->ami_group_member('1')) { //change ot the group that should get special links $return_admin .= '<li class="admin"><a target="_blank" href="' . ADMIN_URL . "/index.php\" title=\"{$TEXT['ADMINISTRATION']}\" class=\"blank_target\">{$TEXT['ADMINISTRATION']}</a></li>\n"; //you can add more links for your users like userpage, lastchangedpages or something $return_value .= $return_admin; } //change ot the group that should get special links if(get_permission('pages_modify') && get_page_permission(PAGE_ID)) { $return_value .= '<li class="modify"><a target="_blank" href="' . ADMIN_URL . '/pages/modify.php?page_id=' . PAGE_ID . "\" title=\"{$HEADING['MODIFY_PAGE']}\" class=\"blank_target\">{$HEADING['MODIFY_PAGE']}</a></li>\n"; } $return_value .= "</ul>\n"; $return_value .= "</fieldset>\n"; $return_value .= "</form>\n"; } $return_value .= "</div>\n"; return $return_value; ETX; $loginbox = mysql_real_escape_string($loginbox); mysql_query("INSERT INTO `wb_mod_droplets` (`id`, `name`, `code`, `description`, `modified_when`, `modified_by`, `active`, `admin_edit`, `admin_view`, `show_wysiwyg`, `comments`) VALUES (9, 'LoginBox', '$loginbox', 'Puts a Login / Logout box on your page.', 1378247492, 1, 1, 0, 0, 0, 'Use: [[LoginBox?redirect=url]]');") or die('Anfrage fehlgeschlagen: ' . mysql_error());
Und warum ist es so einfacher? Weil du sonst doppelt escapen musst, 1x für PHP und 1x für MySQL. So musst du gar nicht escapen …
Beitrag zuletzt geändert: 8.12.2013 12:15:50 von hackyourlife -
onur-yavuz schrieb:
Hab ich mir auch gedacht, aber der Code stammt von einem CMS und die Apostrophen werden schon ein paar Zeilen weiter oben so verwendet und es gibt da keine Fehlermeldung!
Ich habe mir nicht deinen ganzen Code angeschaut, aber ich habe 3 Vermutungen, was der Fehler sein kann.
1. Vermutung: Du hast die Apostroph Zeichen falsch eingesetzt. z.B.:
($type == ''system_permissions'')
Sollte das nicht eigentlich so aussehen:
($type == 'system_permissions')
onur-yavuz schrieb:
Dasselbe wie bei deiner 1.Vermutung: die // werden schon ein paar Zeilen weiter oben so verwendet.
3. Vermutung:
Du hast mehrere Kommentare mit // innerhalb einer Zeile eingesetzt. Ist das nicht eigentlich so, wenn du nur einmal // in einer Zeile einsetzt, dass dann die ganze Zeile als Kommentar gilt.
Noch was: Du musst die 2. und 3. Zeile zu einer verbinden. (...)
Zur Info: das ist eine Zeile einer Datei, die 419 Zeilen lang ist. Die Datei umfasst nur die MySQL-Befehleonur-yavuz schrieb:
Was meinst du damit? - Soll ich versuchen alle '$variable' mit {$variable} ersetzen?
2. Vermutung:
stackoverflow.com/questions/7387525/php-parse-error-syntax-error-unexpected-t-encapsed-and-whitespace-expecting-t
hackyourlife schrieb:
Danke, aber ich habe eine bessere Lösung gefunden: das ist ein Teil vom Code zum Erstellen der Datenbank von WebsiteBaker - Ich verwende jetzt einfach die Installationsdateien vom Original.
Warum machst du es dir so kompliziert? Versuch es doch mal so:<?php $loginbox = <<< 'ETX' //:Absolute or relative url possible //:Remember to enable frontend login in your website settings. global $wb, $page_id, $TEXT, $MENU, $HEADING; $return_value = "<div class=\"login-box\">\n"; $return_admin = ' '; // Return a system permission function get_permission($name, $type = 'system') { global $wb; // Append to permission type $type .= '_permissions'; // Check if we have a section to check for if($name == 'start') { return true; } else { // Set system permissions var $system_permissions = $wb->get_session('SYSTEM_PERMISSIONS'); // Set module permissions var $module_permissions = $wb->get_session('MODULE_PERMISSIONS'); // Set template permissions var $template_permissions = $wb->get_session('TEMPLATE_PERMISSIONS'); // Return true if system perm = 1 if(isset($$type) && is_array($$type) && is_numeric(array_search($name, $$type))) { if($type == 'system_permissions') { return true; } else { return false; } } else { if($type == 'system_permissions') { return false; } else { return true; } } } } function get_page_permission($page, $action='admin') { if($action != 'viewing') { $action = 'admin'; } $action_groups = "{$action}_groups"; $action_users = "{$action}_users"; if(is_array($page)) { $groups = $page[$action_groups]; $users = $page[$action_users]; } else { global $database, $wb; $results = $database->query("SELECT $action_groups, $action_users FROM " . TABLE_PREFIX . "pages WHERE page_id = '$page'"); $result = $results->fetchRow(); $groups = explode(',', str_replace('_', '', $result[$action_groups])); $users = explode(',', str_replace('_', '', $result[$action_users])); } $in_group = FALSE; foreach($wb->get_groups_id() as $cur_gid) { if(in_array($cur_gid, $groups)) { $in_group = TRUE; } } if((!$in_group) AND !is_numeric(array_search($wb->get_user_id(), $users))) { return false; } return true; } // Get redirect $redirect_url = ((isset($_SESSION['HTTP_REFERER']) && $_SESSION['HTTP_REFERER'] != '') ? $_SESSION['HTTP_REFERER'] : WB_URL); $redirect_url = (isset($redirect) && ($redirect != '') ? $redirect : $redirect_url); if((FRONTEND_LOGIN == 'enabled') && (VISIBILITY != 'private') && ($wb->get_session('USER_ID') == '')) { $return_value .= '<form action="' . LOGIN_URL . "\" method=\"post\">\n"; $return_value .= "<input type=\"hidden\" name=\"url\" value=\"$redirect_url\" />\n"; $return_value .= "<fieldset>\n"; $return_value .= "<h1>{$TEXT['LOGIN']}</h1>\n"; $return_value .= "<label for=\"username\">{$TEXT['USERNAME']}:</label>\n"; $return_value .= "<p><input type=\"text\" name=\"username\" id=\"username\" /></p>\n"; $return_value .= "<label for=\"password\">{$TEXT['PASSWORD']}:</label>\n"; $return_value .= "<p><input type=\"password\" name=\"password\" id=\"password\"/></p>\n"; $return_value .= "<p><input type=\"submit\" id=\"submit\" value=\"{$TEXT['LOGIN']}\" class=\"dbutton\" /></p>\n"; $return_value .= "<ul class=\"login-advance\">\n"; $return_value .= '<li class="forgot"><a href="' . FORGOT_URL . "\"><span>{$TEXT['FORGOT_DETAILS']}</span></a></li>\n"; if(intval(FRONTEND_SIGNUP) > 0) { $return_value .= '<li class="sign"><a href="' . SIGNUP_URL . "\">{$TEXT['SIGNUP']}</a></li>\n"; } $return_value .= "</ul>\n"; $return_value .= "</fieldset>\n"; $return_value .= "</form>\n"; } elseif((FRONTEND_LOGIN == 'enabled') && is_numeric($wb->get_session('USER_ID'))) { $return_value .= '<form action="' . LOGOUT_URL . "\" method=\"post\" class=\"login-table\">\n"; $return_value .= "<fieldset>\n"; $return_value .= "<h1>{$TEXT['LOGGED_IN']}</h1>\n"; $return_value .= "<label>{$TEXT['WELCOME_BACK']}, {$wb->get_display_name()}</label>\n"; $return_value .= "<p><input type=\"submit\" name=\"submit\" value=\"{$MENU['LOGOUT']}\" class=\"dbutton\" /></p>\n"; $return_value .= "<ul class=\"logout-advance\">\n"; $return_value .= '<li class="preference"><a href="' . PREFERENCES_URL . "\" title=\"{$MENU['PREFERENCES']}\">{$MENU['PREFERENCES']}</a></li>\n"; if ($wb->ami_group_member('1')) { //change ot the group that should get special links $return_admin .= '<li class="admin"><a target="_blank" href="' . ADMIN_URL . "/index.php\" title=\"{$TEXT['ADMINISTRATION']}\" class=\"blank_target\">{$TEXT['ADMINISTRATION']}</a></li>\n"; //you can add more links for your users like userpage, lastchangedpages or something $return_value .= $return_admin; } //change ot the group that should get special links if(get_permission('pages_modify') && get_page_permission(PAGE_ID)) { $return_value .= '<li class="modify"><a target="_blank" href="' . ADMIN_URL . '/pages/modify.php?page_id=' . PAGE_ID . "\" title=\"{$HEADING['MODIFY_PAGE']}\" class=\"blank_target\">{$HEADING['MODIFY_PAGE']}</a></li>\n"; } $return_value .= "</ul>\n"; $return_value .= "</fieldset>\n"; $return_value .= "</form>\n"; } $return_value .= "</div>\n"; return $return_value; ETX; $loginbox = mysql_real_escape_string($loginbox); mysql_query("INSERT INTO `wb_mod_droplets` (`id`, `name`, `code`, `description`, `modified_when`, `modified_by`, `active`, `admin_edit`, `admin_view`, `show_wysiwyg`, `comments`) VALUES (9, 'LoginBox', '$loginbox', 'Puts a Login / Logout box on your page.', 1378247492, 1, 1, 0, 0, 0, 'Use: [[LoginBox?redirect=url]]');") or die('Anfrage fehlgeschlagen: ' . mysql_error());
Und warum ist es so einfacher? Weil du sonst doppelt escapen musst, 1x für PHP und 1x für MySQL. So musst du gar nicht escapen ? -
Diskutiere mit und stelle Fragen: Jetzt kostenlos anmelden!
lima-city: Gratis werbefreier Webspace für deine eigene Homepage