From 3e629a13415391e70e4e915f7706f3828912da20 Mon Sep 17 00:00:00 2001
From: Thomas Lange <code@nerdmind.de>
Date: Fri, 7 Jul 2017 22:30:05 +0200
Subject: The function "makeSlugURL" has been renamed to "generateSlug" because
 the name was misleading because the function did not generate a complete URL,
 but only a partial string (the slug) for the final URL. By the way, some
 improvements were made to the code.

---
 admin/page/insert.php        |  6 +++---
 admin/page/update.php        |  6 +++---
 admin/post/insert.php        |  6 +++---
 admin/post/update.php        |  6 +++---
 admin/user/insert.php        |  6 +++---
 admin/user/update.php        |  6 +++---
 core/functions.php           |  2 +-
 core/include/feed/main.php   | 10 ++++++++--
 template/admin/html/auth.php |  2 +-
 template/admin/rsrc/main.js  |  8 ++++----
 10 files changed, 32 insertions(+), 26 deletions(-)

diff --git a/admin/page/insert.php b/admin/page/insert.php
index a360c1b..b550434 100644
--- a/admin/page/insert.php
+++ b/admin/page/insert.php
@@ -15,12 +15,12 @@ $Attribute = new Page\Attribute();
 if(HTTP::issetPOST('id', 'user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'insert')) {
 	$Attribute->set('id',   HTTP::POST('id') ? HTTP::POST('id') : FALSE);
 	$Attribute->set('user', HTTP::POST('user'));
-	$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+	$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name')));
 	$Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
 	$Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
 	$Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL);
-	$Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
-	$Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+	$Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s'));
+	$Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s'));
 
 	if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
 		try {
diff --git a/admin/page/update.php b/admin/page/update.php
index 18c9785..f8d790a 100644
--- a/admin/page/update.php
+++ b/admin/page/update.php
@@ -19,12 +19,12 @@ try {
 
 	if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'update')) {
 		$Attribute->set('user', HTTP::POST('user'));
-		$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+		$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name')));
 		$Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
 		$Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
 		$Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL);
-		$Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
-		$Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+		$Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s'));
+		$Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s'));
 
 		if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
 			try {
diff --git a/admin/post/insert.php b/admin/post/insert.php
index 8e08fb3..d3e1b96 100644
--- a/admin/post/insert.php
+++ b/admin/post/insert.php
@@ -15,12 +15,12 @@ $Attribute = new Post\Attribute();
 if(HTTP::issetPOST('id', 'user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'insert')) {
 	$Attribute->set('id',   HTTP::POST('id') ? HTTP::POST('id') : FALSE);
 	$Attribute->set('user', HTTP::POST('user'));
-	$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+	$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name')));
 	$Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
 	$Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
 	$Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL);
-	$Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
-	$Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+	$Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s'));
+	$Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s'));
 
 	if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
 		try {
diff --git a/admin/post/update.php b/admin/post/update.php
index af26835..c21b96e 100644
--- a/admin/post/update.php
+++ b/admin/post/update.php
@@ -19,12 +19,12 @@ try {
 
 	if(HTTP::issetPOST('user', 'slug', 'name', 'body', 'argv', 'time_insert', 'time_update', 'update')) {
 		$Attribute->set('user', HTTP::POST('user'));
-		$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('name')));
+		$Attribute->set('slug', HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('name')));
 		$Attribute->set('name', HTTP::POST('name') ? HTTP::POST('name') : NULL);
 		$Attribute->set('body', HTTP::POST('body') ? HTTP::POST('body') : NULL);
 		$Attribute->set('argv', HTTP::POST('argv') ? HTTP::POST('argv') : NULL);
-		$Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
-		$Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+		$Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s'));
+		$Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s'));
 
 		if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
 			try {
diff --git a/admin/user/insert.php b/admin/user/insert.php
index 2d49322..14b1f13 100644
--- a/admin/user/insert.php
+++ b/admin/user/insert.php
@@ -14,15 +14,15 @@ $Attribute = new User\Attribute();
 
 if(HTTP::issetPOST('id', 'slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'insert')) {
 	$Attribute->set('id',       HTTP::POST('id') ? HTTP::POST('id') : FALSE);
-	$Attribute->set('slug',     HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('username')));
+	$Attribute->set('slug',     HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username')));
 	$Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL);
 	$Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE);
 	$Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL);
 	$Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL);
 	$Attribute->set('body',     HTTP::POST('body') ? HTTP::POST('body') : NULL);
 	$Attribute->set('argv',     HTTP::POST('argv') ? HTTP::POST('argv') : NULL);
-	$Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
-	$Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+	$Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s'));
+	$Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s'));
 
 	if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
 		try {
diff --git a/admin/user/update.php b/admin/user/update.php
index 3ba6df8..9e6ce01 100644
--- a/admin/user/update.php
+++ b/admin/user/update.php
@@ -18,15 +18,15 @@ try {
 	$Attribute = $User->getAttribute();
 
 	if(HTTP::issetPOST('slug', 'username', 'password', 'fullname', 'mailaddr', 'body', 'argv', 'time_insert', 'time_update', 'update')) {
-		$Attribute->set('slug',     HTTP::POST('slug') ? HTTP::POST('slug') : makeSlugURL(HTTP::POST('username')));
+		$Attribute->set('slug',     HTTP::POST('slug') ? HTTP::POST('slug') : generateSlug(HTTP::POST('username')));
 		$Attribute->set('username', HTTP::POST('username') ? HTTP::POST('username') : NULL);
 		$Attribute->set('password', HTTP::POST('password') ? password_hash(HTTP::POST('password'), PASSWORD_BCRYPT, ['cost' => 10]) : FALSE);
 		$Attribute->set('fullname', HTTP::POST('fullname') ? HTTP::POST('fullname') : NULL);
 		$Attribute->set('mailaddr', HTTP::POST('mailaddr') ? HTTP::POST('mailaddr') : NULL);
 		$Attribute->set('body',     HTTP::POST('body') ? HTTP::POST('body') : NULL);
 		$Attribute->set('argv',     HTTP::POST('argv') ? HTTP::POST('argv') : NULL);
-		$Attribute->set('time_insert', HTTP::POST('time_insert') ? HTTP::POST('time_insert') : date('Y-m-d H:i:s'));
-		$Attribute->set('time_update', HTTP::POST('time_update') ? HTTP::POST('time_update') : date('Y-m-d H:i:s'));
+		$Attribute->set('time_insert', HTTP::POST('time_insert') ?: date('Y-m-d H:i:s'));
+		$Attribute->set('time_update', HTTP::POST('time_update') ?: date('Y-m-d H:i:s'));
 
 		if(HTTP::issetPOST(['token' => Application::getSecurityToken()])) {
 			try {
diff --git a/core/functions.php b/core/functions.php
index 35faed4..6ef8894 100644
--- a/core/functions.php
+++ b/core/functions.php
@@ -265,7 +265,7 @@ function description($string, $length = 200, $replace = ' […]') {
 #===============================================================================
 # Generate a valid slug URL part from a string
 #===============================================================================
-function makeSlugURL($string, $separator = '-') {
+function generateSlug($string, $separator = '-') {
 	$string = strtr(mb_strtolower($string), [
 		'ä' => 'ae',
 		'ö' => 'oe',
diff --git a/core/include/feed/main.php b/core/include/feed/main.php
index 8879e72..b8e03dc 100644
--- a/core/include/feed/main.php
+++ b/core/include/feed/main.php
@@ -15,7 +15,10 @@ HTTP::responseHeader(HTTP::HEADER_CONTENT_TYPE, HTTP::CONTENT_TYPE_XML);
 #===============================================================================
 try {
 	if(!isset($param) OR $param !== 'page') {
-		$execSQL = 'SELECT id FROM %s ORDER BY '.Application::get('POST.FEED_SORT').' LIMIT '.Application::get('POST.FEED_SIZE');
+		$POST['FEED_SORT'] = Application::get('POST.FEED_SORT');
+		$POST['FEED_SIZE'] = Application::get('POST.FEED_SIZE');
+
+		$execSQL = "SELECT id FROM %s ORDER BY {$POST['FEED_SORT']} LIMIT {$POST['FEED_SIZE']}";
 		$postIDs = $Database->query(sprintf($execSQL, Post\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN);
 
 		foreach($postIDs as $postID) {
@@ -36,7 +39,10 @@ try {
 	}
 
 	if(!isset($param) OR $param !== 'post') {
-		$execSQL = 'SELECT id FROM %s ORDER BY '.Application::get('PAGE.FEED_SORT').' LIMIT '.Application::get('PAGE.FEED_SIZE');
+		$PAGE['FEED_SORT'] = Application::get('PAGE.FEED_SORT');
+		$PAGE['FEED_SIZE'] = Application::get('PAGE.FEED_SIZE');
+
+		$execSQL = "SELECT id FROM %s ORDER BY {$PAGE['FEED_SORT']} LIMIT {$PAGE['FEED_SIZE']}";
 		$pageIDs = $Database->query(sprintf($execSQL, Page\Attribute::TABLE))->fetchAll($Database::FETCH_COLUMN);
 
 		foreach($pageIDs as $pageID) {
diff --git a/template/admin/html/auth.php b/template/admin/html/auth.php
index 0435f72..186c096 100644
--- a/template/admin/html/auth.php
+++ b/template/admin/html/auth.php
@@ -2,7 +2,7 @@
 <p><?=$Language->template('authentication_desc')?></p>
 
 <form action="" method="POST">
-	<input type="hidden" name="token" value="<?=Application::getSecurityToken()?>" />
+	<input type="hidden" name="token" value="<?=$FORM['TOKEN']?>" />
 
 	<?php if($FORM['INFO']): ?>
 		<div class="flex flex-direction-column">
diff --git a/template/admin/rsrc/main.js b/template/admin/rsrc/main.js
index f6f7884..feb6365 100644
--- a/template/admin/rsrc/main.js
+++ b/template/admin/rsrc/main.js
@@ -90,7 +90,7 @@ setInterval(function() {
 //==============================================================================
 if(document.getElementById("delete-button")) {
 	document.getElementById("delete-button").onclick = function(e) {
-		return confirm(e.target.getAttribute('data-text'));
+		return confirm(e.target.getAttribute("data-text"));
 	};
 }
 
@@ -100,7 +100,7 @@ if(document.getElementById("delete-button")) {
 (function() {
 	if(document.getElementById("content-editor")) {
 		var element = document.getElementById("content-editor");
-		element.addEventListener('keydown', function(e) {
+		element.addEventListener("keydown", function(e) {
 			if(e.keyCode === 9 && !e.ctrlKey) {
 				var selectionStart = element.selectionStart;
 				var selectionEnd = element.selectionEnd;
@@ -136,7 +136,7 @@ if(document.getElementById("delete-button")) {
 
 		for(var i = 0; i < items.length; ++i) {
 			items[i].onmousedown = function(e) {
-				insertEmoticon(node, e.target.getAttribute('data-emoticon'));
+				insertEmoticon(node, e.target.getAttribute("data-emoticon"));
 			};
 		}
 	}
@@ -153,7 +153,7 @@ if(document.getElementById("delete-button")) {
 
 		for(var i = 0; i < items.length; ++i) {
 			items[i].onmousedown = function(e) {
-				insertMarkdown(node, e.target.getAttribute('data-markdown'));
+				insertMarkdown(node, e.target.getAttribute("data-markdown"));
 			};
 		}
 	}
-- 
cgit v1.2.3