function __construct()
{
// checks for the alias table
$result = mysql_query("SHOW TABLES LIKE 'alias'", MyActiveRecord::Connection());
if (mysql_num_rows($result) < 1) {
$query = "CREATE TABLE `alias` (`id` int(11) NOT NULL auto_increment,`alias` varchar(255) NOT NULL,`path` varchar(255) NOT NULL, PRIMARY KEY (`id`)) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;";
mysql_query($query, MyActiveRecord::Connection());
}
}
function setLink($id, $table)
{
$paypal_accnt = Paypal_Config::FindFirst("Paypal_Config", "email='{$this->email}'");
if (!$paypal_accnt) {
echo "Too bad\n";
return false;
}
$query = "INSERT INTO paypal_items (item_table, item_id, paypal_id) VALUES ('{$table}', '{$id}', '{$this->id}');";
mysql_query($query, MyActiveRecord::Connection());
}
function display_page_content()
{
$hash = requestIdParam();
$email = getRequestVarAtIndex(3);
$query = "SELECT * FROM mailblast WHERE hash = '{$hash}';";
if ($result = mysql_query($query, MyActiveRecord::Connection())) {
echo str_replace("{{-email-}}", $email, mysql_result($result, 0, 'content'));
} else {
redirect("/");
}
}
function display_page_content()
{
$item_id = requestIdParam();
$query = "SELECT thumbnail FROM items \n\t WHERE id = {$item_id}";
$result = mysql_Query($query, MyActiveRecord::Connection());
$data = @mysql_fetch_array($result);
if (!empty($data["thumbnail"])) {
// Output the MIME header
header("Content-Type: image/jpeg");
// Output the image
echo $data["thumbnail"];
}
}
function display_page_content()
{
$imageId = requestIdParam();
$query = "SELECT * FROM images WHERE id = {$imageId}";
$result = mysql_Query($query, MyActiveRecord::Connection());
$data = @mysql_fetch_array($result);
if (!empty($data["thumbnail"])) {
// Output the MIME header
header("Content-Type: {$data['mime_type']}");
set_image_cache_headers("imgthumb_" . $imageId);
// Output the image
echo $data["thumbnail"];
}
}
function display_page_content()
{
$connection = MyActiveRecord::Connection();
$imageId = mysql_real_escape_string(requestIdParam());
// TODO: use a parameterized query instead of an escaped string
$query = "SELECT * FROM images WHERE id = {$imageId}";
$result = mysql_Query($query, $connection);
$data = @mysql_fetch_array($result);
if (!empty($data["original"])) {
// Output the MIME header
header("Content-Type: {$data['mime_type']}");
set_image_cache_headers("img_" . $imageId);
// Output the image
echo $data["original"];
}
}
function initialize_page()
{
$post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
}
if ($post_action == "Manage This Email") {
redirect("users/manage/" . $_POST["email"]);
}
if ($post_action == "Save Subscription Settings") {
$currentemail = $_POST["email"];
$oldemail = $_POST["oldemail"];
if ($currentemail != $oldemail) {
$thisemail = NLEmails::FindByEmail($oldemail);
} else {
$thisemail = NLEmails::FindByEmail($currentemail);
}
$lists = NLLists::FindAll();
// Remove all links first...
$query = "DELETE FROM nlemails_nllists WHERE nlemails_id = {$thisemail->id}";
mysql_query($query, MyActiveRecord::Connection());
if (isset($_POST['delete'])) {
$thisemail->delete(true);
redirect("/mail/subscribe/deleted");
}
// Then add the ones selected back in...
foreach ($lists as $list) {
if (array_key_exists($list->name, $_POST)) {
$list->attach($thisemail);
}
}
// Set the optional info fields and allow them to change the email they subscribed with...
$thisemail->email = $_POST["email"];
$thisemail->first_name = $_POST["first_name"];
$thisemail->last_name = $_POST["last_name"];
$thisemail->address1 = $_POST["address1"];
$thisemail->address2 = $_POST["address2"];
$thisemail->city = $_POST["city"];
$thisemail->state = $_POST["state"];
$thisemail->zip = $_POST["zip"];
$thisemail->phone = $_POST["phone"];
$thisemail->save();
setFlash("<h3>Subscription Settings Saved</h3>");
// If they changed their email, redirect them to that page
redirect("users/manage/" . $thisemail->email);
}
}
function initialize_page()
{
$post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
}
if ($post_action == "Add New List") {
$success = '';
$list = MyActiveRecord::Create('NLLists');
$list->display_name = $_POST['name'];
$list->name = slug($_POST['name']);
$list->template = $_POST['template'];
$list->description = $_POST['description'];
$list->public = $_POST['public'];
$list->save();
$success .= "Mailing List Created";
$emails = explode(",", str_replace(" ", "", $_POST['emails']));
if (is_array($emails)) {
$count = 0;
foreach ($emails as $email) {
if (!$list->emailLinked($email) && is_validemail($email)) {
// Check for an existing match in the system
$newAddy = NLEmails::FindByEmail($email);
if (!isset($newAddy) and !is_object($newAddy)) {
$newAddy = MyActiveRecord::Create('NLEmails');
$newAddy->email = $email;
$newAddy->save();
$count++;
}
// Existing or not, attach that email to this List
$query = "INSERT INTO nlemails_nllists VALUES ({$newAddy->id}, {$list->id});";
if (!mysql_query($query, MyActiveRecord::Connection())) {
die($query);
}
}
}
if ($count > 0) {
$success .= " / Emails Added to {$list->display_name}";
} else {
$success .= " / All Emails Added or Invalid";
}
}
setFlash("<h3>" . $success . "</h3>");
}
}
function initialize_page()
{
if ($_POST) {
$post_value = $_POST['submit'];
if ($post_value == "Save Subscription Settings") {
$useremail = $_POST['email'];
$email = NLEmails::FindByEmail($useremail);
if (!$email) {
$email = MyActiveRecord::Create('NLEmails');
$email->email = $useremail;
$email->save();
}
foreach ($_POST['selected_list'] as $key => $value) {
$query = "INSERT INTO nlemails_nllists VALUES ({$email->id}, {$value});";
if (!mysql_query($query, MyActiveRecord::Connection())) {
die($query);
}
}
}
}
}
function Upload_and_Save_Image($image, $table_name, $file_field_name, $row_id, $thiswidth = null, $thisheight = null)
{
$mimeType = $image["type"];
switch ($mimeType) {
case "image/gif":
$mimeName = "GIF Image";
break;
case "image/jpeg":
$mimeName = "JPEG Image";
break;
case "image/png":
$mimeName = "PNG Image";
break;
case "image/x-MS-bmp":
$mimeName = "Windows Bitmap";
break;
default:
$mimeName = "Unknown image type";
}
$filetype = getFileExtension($image["name"]);
list($width) = getimagesize($image["tmp_name"]);
$max_width = defined($thiswidth) ? $thiswidth : 0;
$max_height = defined($thisheight) ? $thisheight : 0;
resizeImageToMax($image["tmp_name"], $max_width, $max_height, $filetype);
// Open the uploaded file
$file = fopen($image["tmp_name"], "r");
// Read in the uploaded file
$fileContents = fread($file, filesize($image["tmp_name"]));
// Escape special characters in the file
$fileContents = AddSlashes($fileContents);
$updateQuery = 'UPDATE ' . $table_name . ' SET ' . $file_field_name . ' = "' . $fileContents . '", mime_type = "' . $mimeType . '" WHERE id = ' . $row_id . ';';
$result = mysql_Query($updateQuery, MyActiveRecord::Connection());
if (!$result) {
echo 'Invalid query: ' . mysql_error();
}
}
function getOrderInArea($area)
{
if (isset($area)) {
$query = "SELECT display_order FROM areas_sections WHERE sections_id = " . $this->id . " AND areas_id = " . $area->id;
$result = mysql_query($query, MyActiveRecord::Connection());
$data = @mysql_fetch_array($result);
return $data["display_order"];
}
}
function initialize_page()
{
$event_id = getRequestVarAtIndex(4);
$event = Events::FindById($event_id);
$event_types = EventTypes::FindAll();
$event_periods = EventPeriods::FindAll();
$year = getRequestVarAtIndex(2);
$month = getRequestVarAtIndex(3);
$post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
}
if ($post_action == "Edit Event" || $post_action == "Edit and Return to List") {
if (isset($_POST['delete'])) {
$event->delete(true);
setFlash("<h3>Event Deleted</h3>");
redirect("/admin/list_events");
}
$event->title = $_POST['title'];
$event->description = $_POST['description'];
if (!getPostValue('time_start')) {
$event->setDateStart(getPostValue('date_start'), "04:00:00");
} else {
$event->setDateStart(getPostValue('date_start'), getPostValue('time_start'));
}
if (!getPostValue('date_end') && !getPostValue('time_end')) {
$event->setDateEnd(getPostValue('date_start'), "04:00:00");
} else {
if (!getPostValue('date_end') && getPostValue('time_end')) {
$event->setDateEnd(getPostValue('date_start'), getPostValue('time_end'));
} else {
$event->setDateEnd(getPostValue('date_end'), getPostValue('time_end'));
}
}
$notdates = getPostValue('notdates');
$del_query = "DELETE FROM events_notdate WHERE event_id = {$event->id};";
mysql_query($del_query, MyActiveRecord::Connection());
if (is_array($notdates)) {
foreach ($notdates as $date) {
if (strlen($date) > 4) {
$query = "INSERT INTO events_notdate VALUES('{$event->id}','" . formatDateView($date, "Y-m-d") . "')";
mysql_query($query, MyActiveRecord::Connection()) or die($query);
}
}
}
$event->eventtype_id = isset($_POST['eventtype_id']) ? $_POST['eventtype_id'] : 1;
$event->eventperiod_id = $_POST['eventperiod_id'];
$event->save();
edit_eventUpdateRecurrences();
setFlash("<h3>Event changes saved</h3>");
if ($post_action == "Edit and Return to List") {
redirect("/admin/list_events/{$year}/{$month}");
} else {
redirect("/admin/edit_event/{$year}/{$month}/{$event_id}");
}
}
}
function initialize_page()
{
$image_id = requestIdParam();
$image = Images::FindById($image_id);
$post_action = isset($_POST['submit']) ? $_POST['submit'] : "";
if ($post_action == "Save Image" || $post_action == "Save and Return to List") {
$success = '';
if (isset($_POST['delete'])) {
$image->delete(true);
setFlash("<h3>Image deleted</h3>");
redirect("/admin/list_images");
} else {
$old_name = $image->name;
$image->title = cleanupSpecialChars($_POST['title']);
$image->description = cleanupSpecialChars($_POST['description']);
if (ALLOW_SHORT_PAGE_NAMES) {
$image->name = $_POST['name'] == "" ? slug($_POST['title']) : slug($_POST['name']);
} else {
$image->name = slug($_POST['title']);
}
//$image->save();
$updateQuery = "UPDATE images SET title='{$image->title}', name='{$image->name}', description='{$image->description}' WHERE id='{$image->id}';";
if (mysql_Query($updateQuery, MyActiveRecord::Connection())) {
if ($old_name != $image->name) {
Pages::UpdateImageReferences($old_name, $image->name);
}
$success .= "Image changes saved / ";
} else {
die($updateQuery);
setFlash("<h3>FAILURE – Please notify HCd of this error: " . mysql_error() . "</h3>");
}
// Replace an existing image with a new one
if (is_uploaded_file($_FILES["new_image"]["tmp_name"])) {
$mimeType = $_FILES["new_image"]["type"];
$filetype = getFileExtension($_FILES["new_image"]["name"]);
//list($width) = getimagesize($_FILES["new_image"]["tmp_name"]);
$max_width = 0;
$max_height = 0;
if (defined("MAX_IMAGE_WIDTH")) {
$max_width = MAX_IMAGE_WIDTH;
}
if (defined("MAX_IMAGE_HEIGHT")) {
$max_height = MAX_IMAGE_HEIGHT;
}
resizeToMultipleMaxDimensions($_FILES["new_image"]["tmp_name"], $max_width, $max_height, $filetype);
// Open the uploaded file
$file = fopen($_FILES["new_image"]["tmp_name"], "r");
// Read in the uploaded file
$fileContents = fread($file, filesize($_FILES["new_image"]["tmp_name"]));
// Escape special characters in the file
$fileContents = AddSlashes($fileContents);
$updateQuery2 = "UPDATE images SET original='{$fileContents}', mime_type='{$mimeType}' WHERE id='{$image->id}';";
if (mysql_Query($updateQuery2, MyActiveRecord::Connection())) {
$success .= "Image replaced / ";
} else {
setFlash("FAILURE – Please notify HCd of this error: " . mysql_error() . "</h3>");
//die( $updateQuery2 );
}
}
}
if ($post_action == "Save and Return to List") {
redirect("/admin/list_images");
}
setFlash("<h3>" . substr($success, 0, -3) . "</h3>");
}
}
function FindByFiletype($filetype)
{
return MyActiveRecord::FindBySql('Documents', "SELECT d.* FROM documents d WHERE d.file_type like '" . mysql_real_escape_string($filetype, MyActiveRecord::Connection()) . "'");
}
function initialize_page()
{
$product_id = requestIdParam();
$product = Product::FindById($product_id);
$post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
}
if ($post_action == "Edit Product" or $post_action == "Edit and Return to List") {
if (isset($_POST['delete'])) {
$product->delete(true);
setFlash("<h3>Product deleted</h3>");
redirect("/admin/list_products");
} else {
$product->display_name = $_POST['display_name'];
$product->price = $_POST['price'];
if (isset($_POST['product_description'])) {
$product->description = $_POST['product_description'];
}
$updateQuery = "UPDATE product SET display_name = \"{$product->display_name}\", price = \"{$product->price}\", description = \"{$product->description}\" WHERE id = {$product->id}";
mysql_Query($updateQuery, MyActiveRecord::Connection());
// now check if a thumbnail was uploaded
if (is_uploaded_file($_FILES["image"]["tmp_name"])) {
$mimeType = $_FILES["image"]["type"];
$fileType = "";
switch ($mimeType) {
case "image/gif":
$mimeName = "GIF Image";
$fileType = "gif";
break;
case "image/jpeg":
$mimeName = "JPEG Image";
$fileType = "jpg";
break;
case "image/png":
$mimeName = "PNG Image";
$fileType = "png";
break;
case "image/x-MS-bmp":
$mimeName = "Windows Bitmap";
$fileType = "bmp";
break;
default:
$mimeName = "Unknown image type";
}
// Open the uploaded file
// MAIN IMAGE
resizeToMaxDimension($_FILES["image"]["tmp_name"], PRODUCT_IMAGE_MAXWIDTH, "jpg");
// Open the uploaded file
$file = fopen($_FILES["image"]["tmp_name"], "r");
$filesize = filesize($_FILES["image"]["tmp_name"]);
// Read in the uploaded file
$imageContents = fread($file, $filesize);
// Escape special characters in the file
$imageContents = AddSlashes($imageContents);
// THUMBNAIL
resizeToMaxDimension($_FILES["image"]["tmp_name"], PRODUCTTHUMB_IMAGE_MAXWIDTH, "jpg");
// Open the uploaded file
$file = fopen($_FILES["image"]["tmp_name"], "r");
$filesize = filesize($_FILES["image"]["tmp_name"]);
// Read in the uploaded file
$thumbContents = fread($file, $filesize);
// Escape special characters in the file
$thumbContents = AddSlashes($thumbContents);
$updateQuery = "UPDATE product SET thumbnail = \"{$thumbContents}\", image = \"{$imageContents}\", mime_type = \"{$mimeName}\" WHERE id = {$product->id}";
$result = mysql_Query($updateQuery, MyActiveRecord::Connection());
}
setFlash("<h3>Product Saved</h3>");
if ($post_action == "Edit and Return to List") {
redirect("admin/list_products");
}
}
}
}
function getNotDates()
{
$query = "SELECT * FROM events_notdate WHERE event_id = {$this->id};";
$result = mysql_query($query, MyActiveRecord::Connection());
if (mysql_num_rows($result)) {
$count = mysql_num_rows($result);
$notdates = " ";
for ($i = 0; $i < $count; $i++) {
$notdates .= formatDateView(mysql_result($result, $i, 'date')) . ",";
}
return substr($notdates, 0, -1);
}
return false;
}
function initialize_page()
{
// This file does both, so check the parameters first
if (requestIdParam() == "add") {
$area = MyActiveRecord::Create('Areas');
} else {
$area_id = requestIdParam();
$area = Areas::FindById($area_id);
}
// Only allow specific post actions
$post_action = isset($_POST['submit']) ? $_POST['submit'] : null;
if ($post_action == "Save Area" || $post_action == "Save and Return to List") {
if (isset($_POST['delete'])) {
$pages = $area->findPages();
$selected_sections = array('1');
foreach ($pages as $page) {
$page->updateSelectedAreas($selected_sections);
}
$area->delete(true);
setFlash("<h3>Area Deleted</h3>");
redirect("/admin/list_pages");
} else {
$area->display_name = $_POST['display_name'];
$area->seo_title = $_POST['seo_title'];
$area->template = $_POST['template'];
if (!empty($_POST['name'])) {
$oldname = $_POST['display_name'];
// Protect the Global Area, the Default Portfolio Area and any placeholders from getting their names changed
if ($area->id != 1 && $area->id != 3 && $area->name != "site_blog" && $area->name != "placeholder") {
if (ALLOW_SHORT_PAGE_NAMES) {
$area->name = $_POST['name'] == "" ? slug($_POST['display_name']) : slug($_POST['name']);
} else {
$area->name = slug($_POST['display_name']);
}
}
} else {
$area->name = slug($_POST['display_name']);
}
// Allow the possibility to use the word "portfolio" as the last word in the name
if (substr($area->name, -10) == "-portfolio") {
// Chop it off the slug so it doesn't turn into a Portfolio Area
$area->name = substr($area->name, 0, -10);
}
// Set the public boolean
if (requestIdParam() == "add") {
$area->public = MAINTENANCE_MODE ? 1 : 0;
} else {
if ($area->id != 1) {
$area->public = isset($_POST['public']) ? 1 : 0;
}
}
// Save it or create it
if (requestIdParam() == "add") {
// Don't leave off any columns that we dont want to pass values to. And include an empty value for the ID
$query = "INSERT INTO `areas` VALUES('','{$area->name}','{$area->display_name}','{$area->seo_title}', '', '1', '{$area->template}', '{$area->public}','')";
mysql_query($query, MyActiveRecord::Connection()) or die('Die: ' . $query);
setFlash("<h3>New area “" . $area->display_name . "” added</h3>");
} else {
$area->save();
setFlash("<h3>Area changes saved</h3>");
}
if (ALIAS_INSTALL) {
if (!empty($oldname)) {
$area->checkAlias($oldname);
}
}
if ($post_action == "Save and Return to List") {
redirect("admin/list_pages");
}
}
}
}
function setDisplayOrder()
{
$gallery = $this->get_gallery();
$display_order = count(Photos::FindByGalleryId($gallery->id));
$query = "UPDATE photos SET display_order = {$display_order} WHERE id = {$this->id} AND gallery_id = {$gallery->id};";
mysql_query($query, MyActiveRecord::Connection());
}
function killDraft()
{
$page_query = "SELECT * FROM pages WHERE content_file = '' AND name = '{$this->name}' LIMIT 1;";
$page = MyActiveRecord::FindBySql('Pages', $page_query);
$query = "DELETE FROM pages WHERE id = {$this->id}";
mysql_query($query, MyActiveRecord::Connection()) or die($query);
return array_shift($page);
}
function initialize_page()
{
$event_types = EventTypes::FindAll();
$event_periods = EventPeriods::FindAll();
$post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
if ($post_action == "Add Event and add another" || $post_action == "Add and Return to List") {
$event = MyActiveRecord::Create('Events', $_POST);
if (!getPostValue('time_start')) {
$event->setDateStart(getPostValue('date_start'), "04:00:00");
} else {
$event->time_start = date("H:i:s", strtotime(getPostValue('time_start')));
}
if (!getPostValue('date_end') && !getPostValue('time_end')) {
$event->setDateEnd(getPostValue('date_start'), "04:00:00");
} else {
if (!getPostValue('date_end') && getPostValue('time_end')) {
$event->setDateEnd(getPostValue('date_start'), date("H:i:s", strtotime(getPostValue('time_end'))));
} else {
$event->setDateEnd(getPostValue('date_end'), date("H:i:s", strtotime(getPostValue('time_end'))));
}
}
$event->eventtype_id = isset($_POST['eventtype_id']) ? $_POST['eventtype_id'] : 1;
$event->eventperiod_id = $_POST['eventperiod_id'];
$event->save();
$notdates = getPostValue('notdates');
if (is_array($notdates)) {
foreach ($notdates as $date) {
if (strlen($date) > 4) {
$query = "INSERT INTO events_notdate VALUES('{$event->id}','" . formatDateView($date, "Y-m-d") . "')";
mysql_query($query, MyActiveRecord::Connection()) or die($query);
}
}
}
add_eventUpdateRecurrences($event);
$thisnewevent = Events::FindById($event->id);
if ($thisnewevent->date_end < $thisnewevent->date_start) {
setFlash("<h3>Whoops! Event Starts after it Ends! Please correct dates...</h3>");
$eventyear = parseDate($thisnewevent->date_start, "Y");
$eventmonth = parseDate($thisnewevent->date_start, "n");
redirect("/admin/edit_event/{$eventyear}/{$eventmonth}/{$thisnewevent->id}");
} else {
setFlash("<h3>Event added</h3>");
if ($post_action == "Add and Return to List") {
// Redirect user to the Main Event List
$datestart = explode("/", getPostValue('date_start'));
setFlash("<h3>Event added</h3>");
redirect("/admin/list_events/{$datestart['2']}/{$datestart['0']}");
}
}
}
}
}
function initialize_page()
{
$success = $post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
}
if ($post_action == "Add Item" || $post_action == "Add and Return to List") {
// ! create item
$item = MyActiveRecord::Create('Items');
$item->content = $_POST['item_content'];
$item->display_name = $_POST['display_name'];
$item->name = slug($_POST['display_name']);
$item->location = $_POST['location'];
$item->public = checkboxValue($_POST, 'public');
$item->mime_type = 0;
$item->taxonomy = $_POST['taxonomy'];
$item->date_created = date('Y-m-d H:i:s');
// optional fields
$item->sku = ITEM_SKU ? $_POST['item_sku'] : null;
$item->taxonomy = ITEM_TAXONOMY ? $_POST['taxonomy'] : null;
$item->price = ITEM_PRICE ? $_POST['item_price'] : null;
// synchronize the users area selections
$selected_sections = array();
if (isset($_POST['selected_sections'])) {
$selected_sections = $_POST['selected_sections'];
}
$item->save();
$item->updateSelectedSections($selected_sections);
$item->setDisplayOrder();
$success .= "Item Saved / ";
// ! create gallery and associate it
$gallery = MyActiveRecord::Create('Galleries');
$gallery->name = $_POST['display_name'] . " Gallery";
$gallery->slug = "portfolioGal_" . $item->id . "_" . slug($_POST['display_name']);
$gallery->save();
$success .= "Gallery Created / ";
if (PORTFOLIOTHUMB_IMAGE) {
// now check if a thumbnail was uploaded
if (is_uploaded_file($_FILES["thumbnail"]["tmp_name"])) {
$mimeType = $_FILES["thumbnail"]["type"];
$fileType = "";
switch ($mimeType) {
case "image/gif":
$fileType = "gif";
break;
case "image/jpg":
case "image/jpeg":
$fileType = "jpg";
break;
case "image/png":
$fileType = "png";
break;
case "image/x-MS-bmp":
$fileType = "bmp";
break;
}
resizeToMultipleMaxDimensions($_FILES["thumbnail"]["tmp_name"], PORTFOLIOTHUMB_IMAGE_MAXWIDTH, PORTFOLIOTHUMB_IMAGE_MAXHEIGHT, $fileType);
// Open the uploaded file
$file = fopen($_FILES["thumbnail"]["tmp_name"], "r");
// Read in the uploaded file
$fileContents = fread($file, filesize($_FILES["thumbnail"]["tmp_name"]));
// Escape special characters in the file
$fileContents = AddSlashes($fileContents);
$updateQuery = "UPDATE items SET thumbnail = \"{$fileContents}\", mime_type = \"{$mimeType}\" WHERE id = {$item->id};";
if (mysql_Query($updateQuery, MyActiveRecord::Connection())) {
$success .= "Thumbnail Added / ";
} else {
die(mysql_error());
}
}
}
setFlash("<h3>" . substr($success, 0, -3) . "</h3>");
// Remember to get a section for the redirect link...
$itemsection = array_shift($item->getSections());
redirect("/admin/portfolio_edit/" . $itemsection->name . "/" . $item->id);
}
}
/**
* Saves the object back to the database
* eg:
* <code>
* $car = MyActiveRecord::Create('Car');
* print $car->id; // NULL
* $car->save();
* print $car->id; // 1
* </code>
*
* NB: if the object has registered errors, save() will return false
* without attempting to save the object to the database
*
* @return boolean true on success false on fail
*/
public function save()
{
// if this object has registered errors, we back off and return false.
if ($this->get_errors()) {
return false;
} else {
$table = MyActiveRecord::Class2Table(get_class($this));
// check for single-table-inheritance
if (strtolower(get_class($this)) != $table) {
$this->class = get_class($this);
}
$fields = MyActiveRecord::Columns($table);
// sort out key and value pairs
foreach ($fields as $key => $field) {
if ($key != 'id') {
$val = MyActiveRecord::Escape(isset($this->{$key}) ? $this->{$key} : null);
$vals[] = $val;
$keys[] = "`" . $key . "`";
$set[] = "`{$key}` = {$val}";
}
}
// insert or update as required
if (isset($this->id)) {
$sql = "UPDATE `{$table}` SET " . implode($set, ", ") . " WHERE `id`={$this->id}";
} else {
$sql = "INSERT INTO `{$table}` (" . implode($keys, ", ") . ") VALUES (" . implode($vals, ", ") . ")";
}
$success = MyActiveRecord::Query($sql);
if (!isset($this->id)) {
$this->id = mysql_insert_id(MyActiveRecord::Connection());
}
return $success;
}
}
function FindBySlug($slug = "")
{
$slug = mysql_real_escape_string($slug, MyActiveRecord::Connection());
return MyActiveRecord::FindFirst('Chunks', "slug = '{$slug}'");
}
function FindByName($name = "")
{
$name = mysql_real_escape_string($name, MyActiveRecord::Connection());
return MyActiveRecord::FindFirst('Galleries', "name = '{$name}'");
}
function is_linked($list)
{
$result = mysql_query("SELECT * FROM nlemails_nllists WHERE nlemails_id = {$this->id} AND nllists_id = {$list->id}", MyActiveRecord::Connection());
return mysql_num_rows($result);
}
function setDisplayOrder()
{
$sections = $this->getSections();
foreach ($sections as $section) {
$display_order = count(Items::FindBySection($section));
$query = "UPDATE items_sections SET display_order = {$display_order} WHERE items_id = {$this->id} AND sections_id = {$section->id};";
mysql_query($query, MyActiveRecord::Connection());
}
}
function initialize_page()
{
// This file does both, so check the parameters first
if (requestIdParam() == "add") {
$video = MyActiveRecord::Create('Videos');
} else {
$video_id = requestIdParam();
$video = Videos::FindById($video_id);
}
$post_action = "";
if (isset($_POST['submit'])) {
$post_action = $_POST['submit'];
}
if ($post_action == "Save Video" || $post_action == "Save and Return to List") {
if (isset($_POST['delete'])) {
$photo = Photos::FindVideoPoster($video->id);
if (is_object($photo)) {
$photo->delete(true);
}
$video->delete();
setFlash("<h3>Video deleted</h3>");
redirect("/admin/list_videos");
} else {
/*
* Columns: id, name, title, service (youtube, vimeo), embed (shortcode or unique ID), gallery_id, display_order
*/
$postedtitle = $_POST['title'];
$video->name = slug($postedtitle);
$video->display_name = $postedtitle;
$video->service = $_POST['service'];
$video->embed = $_POST['embed'];
$video->width = $_POST['width'];
$video->height = $_POST['height'];
// Why does the save() method fail on new objects? Is it because Videos extend Modelbase and not MyActiveRecord?
//$video->save();
if (requestIdParam() == "add") {
// id, slug, display_name, service (youtube, vimeo), embed, width, height, gallery_id, display_order
$query = "INSERT INTO `videos` VALUES('','{$video->name}','{$video->display_name}','{$video->service}', '{$video->embed}', '{$video->width}', '{$video->height}', '', '')";
if (mysql_query($query, MyActiveRecord::Connection())) {
$success = 'New video added / ';
} else {
die('Die:<br>' . print_r($query));
}
// This is a safer way to do it (we don't rely on the order of columns not to change:
/*$newvideo = MyActiveRecord::Create( 'Videos', array(
'name' => $video->name,
'display_name' => $video->display_name,
'service' => $video->service,
'embed' => $video->embed,
'width' => $video->width,
'height' => $video->height,
) );*/
} else {
$video->save();
$success = 'Video changes saved / ';
}
if (isset($_FILES['new_poster']) && $_FILES['new_poster']['error'] == 0) {
// First, delete an old file if there is one
$oldphoto = Photos::FindVideoPoster($video->id);
if (is_object($oldphoto)) {
$oldphoto->delete(true);
}
// New Photo needs to be created as a Photo object
$newphoto = MyActiveRecord::Create('Photos', array('caption' => $video->display_name, 'video_id' => $video->id, 'display_order' => 1));
$newphoto->save();
// save_uploaded_file($tmp_name, $file_name, $isportimg = false, $isentryimg = false, $maxwidth=0, $maxheight=0)
$newphoto->save_uploaded_file($_FILES['new_poster']['tmp_name'], $_FILES['new_poster']['name'], true);
$success .= "New poster image uploaded / ";
} else {
// from http://php.net/manual/en/features.file-upload.errors.php
$upload_errors = array("0. UPLOAD_ERR_OK: No errors.", "1. UPLOAD_ERR_INI_SIZE: Larger than upload_max_filesize.", "2. UPLOAD_ERR_FORM_SIZE: Larger than form MAX_FILE_SIZE.", "3. UPLOAD_ERR_PARTIAL: Partial upload.", "4. UPLOAD_ERR_NO_FILE: No file.", "6. UPLOAD_ERR_NO_TMP_DIR: No temporary directory.", "7. UPLOAD_ERR_CANT_WRITE: Can't write to disk.", "8. UPLOAD_ERR_EXTENSION: File upload stopped by extension.", "UPLOAD_ERR_EMPTY: File is empty.");
$err_num = $_FILES['new_poster']['error'];
if ($err_num != 4) {
echo "Upload Error! " . $upload_errors[$err_num];
}
}
if (requestIdParam() == "add") {
setFlash('<h3>' . $success . '<a href="' . get_link('admin/edit_entry/' . $video->id) . '">Edit it Now</a></h3>');
} else {
setFlash("<h3>" . substr($success, 0, -3) . "</h3>");
}
/*if ( requestIdParam() == "add" ) {
redirect( "admin/edit_video/".$video->id );
}*/
if ($post_action == "Save and Return to List") {
redirect("admin/list_videos");
}
}
}
}
function initialize_page()
{
$post_action = isset($_POST['submit']) ? $_POST['submit'] : "";
if ($post_action == "Add Image" || $post_action == "Add and Return to List") {
$title = cleanupSpecialChars($_POST['title']);
$description = cleanupSpecialChars($_POST['description']);
if (ALLOW_SHORT_PAGE_NAMES) {
$name = $_POST['name'] == "" ? slug($_POST['title']) : slug($_POST['name']);
} else {
$name = slug($_POST['title']);
}
// Was a file uploaded?
if (is_uploaded_file($_FILES["image"]["tmp_name"])) {
$mimeType = $_FILES["image"]["type"];
$filetype = getFileExtension($_FILES["image"]["name"]);
list($width) = getimagesize($_FILES["image"]["tmp_name"]);
$max_width = 0;
$max_height = 0;
if (defined("MAX_IMAGE_HEIGHT")) {
$max_height = MAX_IMAGE_HEIGHT;
}
if (defined("MAX_IMAGE_WIDTH")) {
$max_width = MAX_IMAGE_WIDTH;
}
resizeToMultipleMaxDimensions($_FILES["image"]["tmp_name"], $max_width, $max_height, $filetype);
// Open the uploaded file
$file = fopen($_FILES["image"]["tmp_name"], "r");
// Read in the uploaded file
$fileContents = fread($file, filesize($_FILES["image"]["tmp_name"]));
// Escape special characters in the file
$fileContents = AddSlashes($fileContents);
/*if( copy($_FILES["image"]["tmp_name"], $_FILES["image"]["tmp_name"] . "_thumb") ) {
resizeToMultipleMaxDimensions($_FILES["image"]["tmp_name"] . "_thumb", 200, 0);
$image = open_image($_FILES["image"]["tmp_name"] . "_thumb");
if ( $image === false ) { die ('Unable to open image for resizing'); }
$width = imagesx($image);
// Open the thumbnail file
$thumb_file = fopen($_FILES["image"]["tmp_name"] . "_thumb", "r");
// Read in the thumbnail file
$thumb_fileContents = fread($thumb_file, filesize($_FILES["image"]["tmp_name"] . "_thumb"));
// Escape special characters in the file
$thumb_fileContents = AddSlashes($thumb_fileContents);
}*/
$thumb_fileContents = NULL;
} else {
$fileContents = $thumb_fileContents = NULL;
}
$insertQuery = "INSERT INTO images VALUES (NULL, \"{$title}\", \"{$description}\", \"{$fileContents}\", \"{$thumb_fileContents}\", \"{$mimeType}\", \"{$name}\")";
$result = mysql_Query($insertQuery, MyActiveRecord::Connection());
if (empty($result)) {
//die( $updateQuery );
setFlash("<h3>FAILURE – Please notify HCd of this error: " . mysql_error() . "</h3>");
}
setFlash("<h3>Image uploaded</h3>");
if ($post_action == "Add and Return to List") {
redirect("/admin/list_images");
}
}
}
function FindByGalleryId($galid = "")
{
$id = mysql_real_escape_string($galid, MyActiveRecord::Connection());
return MyActiveRecord::FindBySql('Videos', "SELECT v.* FROM videos v WHERE v.gallery_id like '" . $galid . "'");
}
