|
@@ -143,9 +143,7 @@ elseif command == "/invia" then
|
|
|
if title and body then
|
|
|
slug = lines[2]:gsub('%W','-'):lower()
|
|
|
author = fromid
|
|
|
- --stmt = con:prepare("inserto into scusette (slug, title, body, author, approved, rejected) values(:slug, :title, :body, :author, 0, 0)")
|
|
|
- --stmt:bind({slug=slug, title=title, body=body, author=author}):exec()
|
|
|
- r, e = con:execute("insert into scusette (slug, title, body, author, date, approved, rejected) values ('"..con:escape(slug).."', '"..con:escape(title).."', '"..con:escape(body).."', '"..con:escape(author).."', CURRENT_TIMESTAMP, 0, 0)")
|
|
|
+ r, e = con:execute(string.format("insert into scusette (slug, title, body, author, date, approved, rejected) values ('%s', '%s', '%s', '%s', CURRENT_TIMESTAMP, 0, 0)", con:escape(slug), con:escape(title), con:escape(body), con:escape(author)))
|
|
|
if r then
|
|
|
resp = "Scusetta inviata, se verra' approvata riceverai una notifica e la vedrai pubblicata!"
|
|
|
else
|
|
@@ -167,16 +165,15 @@ elseif command == "/list" then
|
|
|
resp = list
|
|
|
end
|
|
|
end
|
|
|
- --reply(chatid, "NON sei admin! "..fromid.." value: "..tostring(test).."0: "..tostring(type(ADMINS_ID[1])).." 1: "..tostring(type(fromid)))
|
|
|
elseif command == "/approve" then
|
|
|
id = lines[2]
|
|
|
if is_admin(fromid) and id then
|
|
|
- con:execute("update scusette set approved = 1 where id = "..con:escape(tonumber(id)))
|
|
|
+ con:execute(string.format("update scusette set approved = 1 where id = '%s'", con:escape(tonumber(id))))
|
|
|
generate(con)
|
|
|
for id, slug, title, body, author in rows (con, "select id, slug, title, body, author from scusette where id = "..con:escape(tonumber(id))) do
|
|
|
- scusetta = "<strong>"..title.."</strong>\n"..body.."\n\n"..URL.."/#"..slug
|
|
|
+ scusetta = string.format("<strong>%s</strong>\n%s\n\n%s/#%s", title, body, URL, slug)
|
|
|
reply(author, "Scusetta approvata!")
|
|
|
- -- reply(CHANNEL, scusetta);
|
|
|
+ reply(CHANNEL, scusetta);
|
|
|
end
|
|
|
resp = "Operazione eseguita"
|
|
|
else
|
|
@@ -185,7 +182,7 @@ elseif command == "/approve" then
|
|
|
elseif command == "/delete" then
|
|
|
id = lines[2]
|
|
|
if is_admin(fromid) and id then
|
|
|
- con:execute("update scusette set rejected = 1 where id = "..con:escape(tonumber(id)))
|
|
|
+ con:execute(string.format("update scusette set rejected = 1 where id = '%s'", con:escape(tonumber(id))))
|
|
|
resp = "Scusetta eliminata"
|
|
|
else
|
|
|
resp = "Nope"
|
|
@@ -196,12 +193,12 @@ elseif command == "/rebuild" then
|
|
|
end
|
|
|
elseif command == "/random" then
|
|
|
for id, slug, title, body, author in rows (con, "select id, slug, title, body, author from scusette order by random() limit 1") do
|
|
|
- resp = string.format("<i><em>"..title.."</em></i>\n"..body.."\n\nhttps://scusette.it/#"..slug)
|
|
|
+ resp = string.format("<i><em>%s</em></i>\n%s\n\nhttps://scusette.it/#%s", title, body, slug)
|
|
|
end
|
|
|
elseif command == "/query" then
|
|
|
query = lines[2]
|
|
|
for id, slug, title, body, author in rows (con, "select id, slug, title, body, author from scusette where title like '%"..con:escape(query).."%' or '%"..con:escape(query).."%' order by random() limit 1") do
|
|
|
- resp = string.format("<i><em>"..title.."</em></i>\n"..body.."\n\nhttps://scusette.it/"..slug)
|
|
|
+ resp = string.format("<i><em>%s</em></i>\n%s\n\nhttps://scusette.it/#%s", title, body, slug)
|
|
|
end
|
|
|
else
|
|
|
if is_admin(fromid) then
|