From ed1a244398d83e6232469d5f7dfae2b82ecfde9b Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Tue, 7 Nov 2000 08:58:36 +0000
Subject: [PATCH] - fixed bug in backend.inc   (check
 http://www.drop.org/backend.php) - update theme.inc to use widget.inc - small
 enhancements to function.inc

---
 includes/backend.inc  | 4 ++--
 includes/function.inc | 8 +++++---
 includes/theme.inc    | 4 ++--
 3 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/includes/backend.inc b/includes/backend.inc
index 910edc40667d..9ceba3bf33c7 100644
--- a/includes/backend.inc
+++ b/includes/backend.inc
@@ -110,7 +110,7 @@ function rdf2sql($timout = 10) {
             $number += 1;
 
             ### Insert item in database:
-            $result = db_query("INSERT INTO headlines (id, title, link, number) VALUES('$this->id', '". stripslashes($title) ."', '". stripslashes($link) ."', '$number')");
+            $result = db_query("INSERT INTO headlines (id, title, link, number) VALUES('". check_input($this->id) ."', '". check_input($title) ."', '". check_input($link) ."', '". check_input($number) ."')");
           }
  
           ### Mark channels as being updated:
@@ -195,7 +195,7 @@ function displayHeadlines($timout = 1800) {
   #
   function add() {
     ### Add channel:    
-    $result = db_query("INSERT INTO channel (site, file, url, contact, timestamp) VALUES ('$this->site', '$this->file', '$this->url', '$this->contact', 42)");
+    $result = db_query("INSERT INTO channel (site, file, url, contact, timestamp) VALUES ('". check_input($this->site) ."', '". check_input($this->file) ."', '". check_input($this->url) ."', '". check_input($this->contact) ."', 42)");
   }
 
 
diff --git a/includes/function.inc b/includes/function.inc
index 1331a21e61f9..0215955d076b 100644
--- a/includes/function.inc
+++ b/includes/function.inc
@@ -15,7 +15,6 @@ function load_theme() {
   else {
     include $themes[key($themes)][0];
   }
- 
   return new Theme();
 }
 
@@ -41,13 +40,16 @@ function discussion_num_replies($id, $count = 0) {
 
 function discussion_num_filtered($sid, $pid) {
   global $user;
+
   $threshold = ($user->id) ? $user->threshold  : "0"; 
+  $pid = ($pid) ? $pid : 0;
+
   $result = db_query("SELECT COUNT(cid) FROM comments WHERE sid = $sid AND pid = $pid AND (votes != 0 AND score / votes < $threshold)");
   return ($result) ? db_result($result, 0) : 0;
 }
 
-function format_plural($count, $one, $more) {
-  return ($count == 1) ? "$count $one" : "$count $more";
+function format_plural($count, $singular, $plural) {
+  return ($count == 1) ? "$count $singular" : "$count $plural";
 }
 
 function format_date($timestamp, $type = "medium") {
diff --git a/includes/theme.inc b/includes/theme.inc
index 0251f3d81621..4736f6c3df1f 100644
--- a/includes/theme.inc
+++ b/includes/theme.inc
@@ -4,11 +4,11 @@
 include "includes/database.inc";
 include "includes/watchdog.inc";
 include "includes/function.inc";
-include "includes/template.inc";
+include "includes/widget.inc";
 include "includes/user.inc";
 
 global $user;
 
 $theme = load_theme();
 
-?>
\ No newline at end of file
+?>
-- 
GitLab