Commit 54e13b5f authored by Dries's avatar Dries

- Patch #27140 by m3averck/souvent22: can't delete contact module subjects with '&' in title.

parent 745b7bed
......@@ -204,10 +204,12 @@ CREATE TABLE comments (
--
CREATE TABLE contact (
cid int(10) unsigned NOT NULL auto_increment,
category varchar(255) NOT NULL default '',
recipients longtext NOT NULL default '',
reply longtext NOT NULL default '',
PRIMARY KEY (category)
PRIMARY KEY (cid),
UNIQUE KEY category (category)
) TYPE=MyISAM;
--
......
......@@ -199,10 +199,12 @@ CREATE INDEX comments_nid_idx ON comments(nid);
--
CREATE TABLE contact (
cid int NOT NULL,
category varchar(255) NOT NULL default '',
recipients text NOT NULL default '',
reply text NOT NULL default '',
PRIMARY KEY (category)
PRIMARY KEY (cid),
UNIQUE (category)
);
--
......
......@@ -103,6 +103,7 @@
"2005-10-15" => "update_150",
"2005-10-23" => "update_151",
"2005-10-28" => "update_152",
"2005-11-03" => "update_153"
);
function update_110() {
......@@ -1119,6 +1120,24 @@ function update_152() {
return $ret;
}
function update_153(){
$ret = array();
switch ($GLOBALS['db_type']) {
case 'pgsql':
$ret[] = update_sql("ALTER TABLE {contact} DROP CONSTRAINT {contact}_pkey category");
$ret[] = update_sql("ALTER TABLE {contact} ADD COLUMN cid int PRIMARY KEY");
$ret[] = update_sql("ALTER TABLE {contact} ADD UNIQUE (category)");
case 'mysql':
case 'mysqli':
$ret[] = update_sql("ALTER TABLE {contact} DROP PRIMARY KEY");
$ret[] = update_sql("ALTER TABLE {contact} ADD COLUMN cid int(11) NOT NULL PRIMARY KEY auto_increment");
$ret[] = update_sql("ALTER TABLE {contact} ADD UNIQUE KEY category (category)");
}
$ret = array();
}
/**
* Adds a column to a database. Uses syntax appropriate for PostgreSQL.
......
......@@ -175,7 +175,7 @@ function contact_user_mail_execute($form_id, $edit) {
drupal_goto("user/$account->uid");
}
function contact_admin_edit($category = NULL) {
function contact_admin_edit($cid = NULL) {
if (isset($_POST['edit'])) {
$edit = $_POST['edit'];
......@@ -187,13 +187,14 @@ function contact_admin_edit($category = NULL) {
}
if (!form_get_errors()) {
db_query("DELETE FROM {contact} WHERE category = '%s'", $category);
db_query("DELETE FROM {contact} WHERE cid = '%d'", $cid);
db_query("INSERT INTO {contact} (category, recipients, reply) VALUES ('%s', '%s', '%s')", $edit['category'], $edit['recipients'], $edit['reply']);
drupal_goto('admin/contact');
}
}
else {
$category = db_fetch_object(db_query("SELECT * FROM {contact} WHERE category = '%s'", $category));
$category = db_fetch_object(db_query("SELECT * FROM {contact} WHERE cid = '%d'", $cid));
$edit['cid'] = $category->cid;
$edit['category'] = $category->category;
$edit['recipients'] = $category->recipients;
$edit['reply'] = $category->reply;
......@@ -207,27 +208,28 @@ function contact_admin_edit($category = NULL) {
return drupal_get_form('contact_admin_edit', $form);
}
function contact_admin_delete($category) {
function contact_admin_delete($cid) {
$info = db_fetch_object(db_query("SELECT cid, category FROM {contact} WHERE cid = '%d'",$cid));
if ($_POST['op'] != t('Delete')) {
return confirm_form('contact_admin_delete', array(),
t('Are you sure you want to delete %category?', array('%category' => theme('placeholder', $category))),
t('Are you sure you want to delete %category?', array('%category' => theme('placeholder', $info->category))),
'admin/contact',
t('This action cannot be undone.'),
t('Delete'),
t('Cancel'));
}
else {
db_query("DELETE FROM {contact} WHERE category = '%s'", $category);
db_query("DELETE FROM {contact} WHERE cid = '%d'", $cid);
drupal_goto('admin/contact');
}
}
function contact_admin() {
$result = db_query('SELECT category, recipients FROM {contact} ORDER BY category');
$result = db_query('SELECT cid, category, recipients FROM {contact} ORDER BY category');
$rows = array();
while ($category = db_fetch_object($result)) {
$rows[] = array($category->category, $category->recipients, l(t('edit'), 'admin/contact/edit/'. urlencode($category->category)), l(t('delete'), 'admin/contact/delete/'. urlencode($category->category)));
$rows[] = array($category->category, $category->recipients, l(t('edit'), 'admin/contact/edit/'. $category->cid), l(t('delete'), 'admin/contact/delete/'. $category->cid));
}
$header = array(t('Category'), t('Recipients'), array('data' => t('Operations'), 'colspan' => 2));
return theme('table', $header, $rows);
......
......@@ -175,7 +175,7 @@ function contact_user_mail_execute($form_id, $edit) {
drupal_goto("user/$account->uid");
}
function contact_admin_edit($category = NULL) {
function contact_admin_edit($cid = NULL) {
if (isset($_POST['edit'])) {
$edit = $_POST['edit'];
......@@ -187,13 +187,14 @@ function contact_admin_edit($category = NULL) {
}
if (!form_get_errors()) {
db_query("DELETE FROM {contact} WHERE category = '%s'", $category);
db_query("DELETE FROM {contact} WHERE cid = '%d'", $cid);
db_query("INSERT INTO {contact} (category, recipients, reply) VALUES ('%s', '%s', '%s')", $edit['category'], $edit['recipients'], $edit['reply']);
drupal_goto('admin/contact');
}
}
else {
$category = db_fetch_object(db_query("SELECT * FROM {contact} WHERE category = '%s'", $category));
$category = db_fetch_object(db_query("SELECT * FROM {contact} WHERE cid = '%d'", $cid));
$edit['cid'] = $category->cid;
$edit['category'] = $category->category;
$edit['recipients'] = $category->recipients;
$edit['reply'] = $category->reply;
......@@ -207,27 +208,28 @@ function contact_admin_edit($category = NULL) {
return drupal_get_form('contact_admin_edit', $form);
}
function contact_admin_delete($category) {
function contact_admin_delete($cid) {
$info = db_fetch_object(db_query("SELECT cid, category FROM {contact} WHERE cid = '%d'",$cid));
if ($_POST['op'] != t('Delete')) {
return confirm_form('contact_admin_delete', array(),
t('Are you sure you want to delete %category?', array('%category' => theme('placeholder', $category))),
t('Are you sure you want to delete %category?', array('%category' => theme('placeholder', $info->category))),
'admin/contact',
t('This action cannot be undone.'),
t('Delete'),
t('Cancel'));
}
else {
db_query("DELETE FROM {contact} WHERE category = '%s'", $category);
db_query("DELETE FROM {contact} WHERE cid = '%d'", $cid);
drupal_goto('admin/contact');
}
}
function contact_admin() {
$result = db_query('SELECT category, recipients FROM {contact} ORDER BY category');
$result = db_query('SELECT cid, category, recipients FROM {contact} ORDER BY category');
$rows = array();
while ($category = db_fetch_object($result)) {
$rows[] = array($category->category, $category->recipients, l(t('edit'), 'admin/contact/edit/'. urlencode($category->category)), l(t('delete'), 'admin/contact/delete/'. urlencode($category->category)));
$rows[] = array($category->category, $category->recipients, l(t('edit'), 'admin/contact/edit/'. $category->cid), l(t('delete'), 'admin/contact/delete/'. $category->cid));
}
$header = array(t('Category'), t('Recipients'), array('data' => t('Operations'), 'colspan' => 2));
return theme('table', $header, $rows);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment