function trigger()
 {
     $username = $_POST['username'];
     $password = md5($_POST['password']);
     if (isset($_COOKIE[__SYM_COOKIE__]) && !isset($_POST['action']['login'])) {
         $args = unserialize(base64_decode($_COOKIE[__SYM_COOKIE_SAFE__]));
         $username = $args['username'];
         $password = $args['password'];
     }
     $sql = "SELECT *\n\t\t\t\t\tFROM `tbl_authors`\n\t\t\t\t\tWHERE `username` = '" . addslashes($username) . "'\n\t\t\t\t\tAND `password` = '" . $password . "'";
     $row = $this->_db->fetchRow(0, $sql);
     if (!empty($row) && is_array($row)) {
         $sql = "UPDATE `tbl_authors` SET `lastvisit` = UNIX_TIMESTAMP() WHERE `id` = '" . $row['id'] . "'";
         $this->_db->query($sql);
         setcookie(__SYM_COOKIE__, serialize($row), time() + 31536000, $this->_parent->getCookieDomain());
         setcookie(__SYM_COOKIE_SAFE__, base64_encode(serialize($row)), time() + 31536000, $this->_parent->getCookieDomain());
         $status = 'Author';
         if ($row['owner'] == 1) {
             $status = 'Owner';
         } elseif ($row['superuser'] == 1) {
             $status = 'Administrator';
         }
         $result = new XMLElement("user");
         $result->setAttribute("logged-in", "true");
         $result->addChild(new XMLElement("username", $row['username']));
         $result->addChild(new XMLElement("first-name", $row['firstname']));
         $result->addChild(new XMLElement("last-name", $row['lastname']));
         $result->addChild(new XMLElement("email", $row['email']));
         $result->addChild(new XMLElement("account-type", $status));
     } else {
         $result = new XMLElement("user");
         $result->setAttribute("logged-in", "false");
     }
     return $result;
 }
 function grab($param = array())
 {
     extract($this->_env, EXTR_PREFIX_ALL, 'env');
     include_once TOOLKIT . '/class.entrymanager.php';
     $entryManager = new EntryManager($this->_parent);
     $section_id = $entryManager->fetchSectionIDFromHandle($this->__resolveDefine("dsFilterPARENTSECTION"));
     $schema = $entryManager->fetchEntryFieldSchema($section_id, NULL, $this->_dsFilterCUSTOMFIELD);
     $schema = $schema[0];
     ##Check the cache
     $hash_id = md5(get_class($this));
     if ($param['caching'] && ($cache = $this->check_cache($hash_id))) {
         return $cache;
         exit;
     }
     ##------------------------------
     ##Create the XML container
     $xml = new XMLElement("categories-list");
     $xml->setAttribute("section", "customfield");
     ##Populate the XML
     if (empty($schema) || !is_array($schema)) {
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     } else {
         $ops = preg_split('/,/', $schema['values'], -1, PREG_SPLIT_NO_EMPTY);
         $ops = array_map("trim", $ops);
         $xml->addChild(new XMLElement("name", $schema['name']));
         $xml->setAttribute("handle", $schema['handle']);
         $options = new XMLElement("options");
         foreach ($ops as $o) {
             if ($schema['type'] == 'multiselect') {
                 $table = 'tbl_entries2customfields_list';
             } else {
                 $table = 'tbl_entries2customfields';
             }
             $count = $this->_db->fetchVar('count', 0, "SELECT count(id) AS `count` FROM `{$table}` WHERE `field_id` = '" . $schema['id'] . "' AND value_raw = '{$o}' ");
             $xO = new XMLElement("option", $o);
             $xO->setAttribute('entry-count', $count);
             $xO->setAttribute('handle', Lang::createHandle($o, $this->_parent->getConfigVar('handle_length', 'admin')));
             $options->addChild($xO);
         }
         $xml->addChild($options);
     }
     ##------------------------------
     ##Write To Cache
     if ($param['caching']) {
         $result = $xml->generate($param['indent'], $param['indent-depth']);
         $this->write_to_cache($hash_id, $result, $this->_cache_sections);
         return $result;
     }
     return $xml;
 }
        break;
    case "boolean":
        $sql = "SELECT DISTINCT t1.entry_id,\n\t\t\t\t  MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE) AS score\n\t\t\t\t  FROM tbl_entries2customfields AS t1\n\t              LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t      LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n\t              WHERE 1 AND MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE)\n\t\t\t\t  " . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n\t\t\t\t  ORDER BY score DESC LIMIT 5";
        break;
}
$result = $db->fetchCol('entry_id', $sql);
$result = array_flip($result);
$result = array_flip($result);
if (@count($result) >= 1) {
    $parent =& new ParentShell($db, $config);
    include_once LIBRARY . "/core/class.manager.php";
    include_once LIBRARY . "/core/class.symphonylog.php";
    include_once LIBRARY . "/core/class.textformattermanager.php";
    include_once TOOLKIT . "/class.entrymanager.php";
    $entryManager = new EntryManager($parent);
    foreach ($result as $entry_id) {
        $row = $entryManager->fetchEntriesByID($entry_id, false, true);
        $locked = 'content';
        ##Generate the XML
        $entry = new XMLElement("item");
        $entry->setAttribute("class", $locked);
        $entry->addChild(new XMLElement("title", strip_tags($row['fields'][$row['primary_field']]['value'])));
        $entry->addChild(new XMLElement("date", $cDate->get(true, true, strtotime($row['publish_date_gmt']))));
        $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&_sid=" . $row['section_id'] . "&id=" . $row['id']));
        $entry->addChild(new XMLElement("handle", $row['primary_field']));
        if (isset($row['fields']['body']) && $row['fields']['body']['type'] == 'textarea') {
            $entry->addChild(new XMLElement("description", General::limitWords(strip_tags($row['fields']['body']['value']), 100, true, false)));
        }
        $xml->addChild($entry);
    }
}
 function grab($param = array())
 {
     ## Decide if we return an emtpy set or not
     if ($this->__forceEmptySet()) {
         ##Create the XML container
         $xml = new XMLElement("archive-overview");
         $xml->setAttribute("section", $this->getType());
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     }
     $obDate = $this->_parent->getDateObj();
     extract($this->_env, EXTR_PREFIX_ALL, 'env');
     $where = $sort = $joins = NULL;
     include_once TOOLKIT . '/class.entrymanager.php';
     $entryManager = new EntryManager($this->_parent);
     $section_id = $entryManager->fetchSectionIDFromHandle($this->getType());
     ##Prepare the Query
     if ($handle = $this->__resolveDefine("dsFilterHANDLE")) {
         $entries = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $handle);
         $where .= " AND t1.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entries) . "') ";
     }
     if ($date = $this->__resolveDefine("dsFilterDAY")) {
         $where .= " AND DATE_FORMAT(t1.publish_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' ";
     }
     if ($month = $this->__resolveDefine("dsFilterMONTH")) {
         $where .= " AND DATE_FORMAT(t1.publish_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' ";
     }
     if ($year = $this->__resolveDefine("dsFilterYEAR")) {
         $where .= " AND DATE_FORMAT(t1.publish_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' ";
     }
     if ($this->_dsFilterINCLUDEPOSTDATED != 'yes') {
         $where .= " AND UNIX_TIMESTAMP(t1.publish_date_gmt) <= '" . $obDate->get(false, false) . "' ";
     }
     if (is_array($this->_dsFilterCUSTOM) && !empty($this->_dsFilterCUSTOM)) {
         $table_id = 15;
         foreach ($this->_dsFilterCUSTOM as $handle => $value) {
             $field = $this->_db->fetchRow(0, "SELECT `id`, `type`, `foreign_select_multiple` FROM `tbl_customfields` WHERE `parent_section` = '{$section_id}' AND `handle` = '{$handle}' LIMIT 1");
             $value_handle = Lang::createHandle($value, $this->_parent->getConfigVar('handle_length', 'admin'));
             if ($field['type'] == 'multiselect' || $field['type'] == 'foreign' && $field['foreign_select_multiple'] == 'yes') {
                 $joins .= " LEFT JOIN `tbl_entries2customfields_list` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " ";
                 $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') ";
             } else {
                 $joins .= " LEFT JOIN `tbl_entries2customfields` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " ";
                 $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') ";
             }
             $table_id++;
         }
     }
     if ($this->_dsFilterSORT != '') {
         $sort = strtoupper($this->_dsFilterSORT);
     }
     $sql = "SELECT t1.id, t1.publish_date_gmt " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date_gmt` " . $sort;
     ##Check the cache
     $hash_id = md5(get_class($this) . serialize($env_url));
     if ($param['caching'] && ($cache = $this->check_cache($hash_id))) {
         return $cache;
         exit;
     }
     ##------------------------------
     ##Create the XML container
     $xml = new XMLElement("archive-overview");
     $xml->setAttribute("section", $this->getType());
     ##Grab the records
     $entries = $this->_db->fetch($sql);
     $current_month = date("m", $obDate->get(true, false));
     $current_year = date("Y", $obDate->get(true, false));
     ##Populate the XML
     if (empty($entries) || !is_array($entries)) {
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     } else {
         $bin = array();
         foreach ($entries as $e) {
             list($dYear, $dMonth, $dDay) = explode("-", date("Y-m-d", $obDate->get(true, false, strtotime($e['publish_date_gmt']))));
             $bin[$dYear][intval($dMonth)]++;
         }
         $years = @array_keys($bin);
         if ($sort && $sort == 'DESC') {
             $end_year = $current_year;
             $bin_years = array_keys($bin);
             rsort($bin_years);
             for ($ii = $bin_years[0] + 1; $ii <= $current_year; $ii++) {
                 $bin[$ii] = array();
             }
             $bin = array_reverse($bin, true);
         } else {
             $start_year = $years[0];
         }
         foreach ($bin as $year => $months) {
             $xYear = new XMLElement("year");
             $xYear->setAttribute("value", $year);
             #foreach($months as $month => $count){
             if ($sort && $sort == 'DESC') {
                 for ($month = 12; $month > 0; $month--) {
                     if ($current_year > $year || $current_year == $year && $current_month >= $month) {
                         $xMonth = new XMLElement("month");
                         $xMonth->setAttribute("value", $month < 10 ? "0{$month}" : $month);
                         $xMonth->setAttribute("entry-count", "" . max(0, intval($months[$month])) . "");
                         $xYear->addChild($xMonth);
                     }
                 }
             } else {
                 for ($month = 1; $month <= 12; $month++) {
                     if ($current_year > $year || $current_year == $year && $current_month >= $month) {
                         $xMonth = new XMLElement("month");
                         $xMonth->setAttribute("value", $month < 10 ? "0{$month}" : $month);
                         $xMonth->setAttribute("entry-count", "" . max(0, intval($months[$month])) . "");
                         $xYear->addChild($xMonth);
                     }
                 }
             }
             $xml->addChild($xYear);
             if ($sort && $sort == 'DESC') {
                 $start_year = $year;
             } else {
                 $end_year = $year;
             }
         }
         $xml->setAttribute("year-start", $start_year);
         $xml->setAttribute("year-end", $end_year);
     }
     ##------------------------------
     ##Write To Cache
     if ($param['caching']) {
         $result = $xml->generate($param['indent'], $param['indent-depth']);
         $this->write_to_cache($hash_id, $result, $this->_cache_sections);
         return $result;
     }
     return $xml;
 }
 function grab($param = array())
 {
     ## Decide if we return an emtpy set or not
     if ($this->__forceEmptySet()) {
         ##Create the XML container
         $xml = new XMLElement("archive-entry-list");
         $xml->setAttribute("section", $this->getType());
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     }
     $obDate = $this->_parent->getDateObj();
     extract($this->_env, EXTR_PREFIX_ALL, 'env');
     $where = $sort = $joins = NULL;
     include_once TOOLKIT . '/class.entrymanager.php';
     $entryManager = new EntryManager($this->_parent);
     $section_id = $entryManager->fetchSectionIDFromHandle($this->getType());
     ##Prepare the Query
     if ($handle = $this->__resolveDefine("dsFilterHANDLE")) {
         $entries = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $handle);
         $where .= " AND t1.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entries) . "') ";
     }
     if ($date = $this->__resolveDefine("dsFilterDAY")) {
         $where .= " AND DATE_FORMAT(t1.publish_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' ";
     }
     if ($month = $this->__resolveDefine("dsFilterMONTH")) {
         $where .= " AND DATE_FORMAT(t1.publish_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' ";
     }
     if ($year = $this->__resolveDefine("dsFilterYEAR")) {
         $where .= " AND DATE_FORMAT(t1.publish_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' ";
     }
     if ($this->_dsFilterINCLUDEPOSTDATED != 'yes') {
         $where .= " AND UNIX_TIMESTAMP(t1.publish_date_gmt) <= '" . $obDate->get(false, false) . "' ";
     }
     if (is_array($this->_dsFilterCUSTOM) && !empty($this->_dsFilterCUSTOM)) {
         $table_id = 15;
         foreach ($this->_dsFilterCUSTOM as $handle => $value) {
             $field = $this->_db->fetchRow(0, "SELECT `id`, `type`, `foreign_select_multiple` FROM `tbl_customfields` WHERE `parent_section` = '{$section_id}' AND `handle` = '{$handle}' LIMIT 1");
             $value_handle = Lang::createHandle($value, $this->_parent->getConfigVar('handle_length', 'admin'));
             if ($field['type'] == 'multiselect' || $field['type'] == 'foreign' && $field['foreign_select_multiple'] == 'yes') {
                 $joins .= " LEFT JOIN `tbl_entries2customfields_list` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " ";
                 $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') ";
             } else {
                 $joins .= " LEFT JOIN `tbl_entries2customfields` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " ";
                 $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') ";
             }
             $table_id++;
         }
     }
     if ($this->_dsFilterSORT != '') {
         $sort = strtoupper($this->_dsFilterSORT);
     }
     if ($max_months = $this->__resolveDefine("dsFilterLIMIT_MONTHS")) {
         $sql = "SELECT UNIX_TIMESTAMP(t1.publish_date) AS publish_timestamp " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date` {$sort} " . "LIMIT 1";
         $relative_start = $this->_db->fetchVar('publish_timestamp', 0, $sql);
         switch ($sort) {
             case "DESC":
                 $end = mktime(0, 0, 0, date('m', $relative_start) - $max_months + 1, 1, date('Y', $relative_start));
                 $where .= " AND (UNIX_TIMESTAMP(t1.publish_date) <= '{$relative_start}' AND UNIX_TIMESTAMP(t1.publish_date) >= '{$end}')";
                 break;
             case "ASC":
                 ## Since this is assending, we need to start from 0. The DS editor will give us 1+
                 $max_months--;
                 $last_day = date('d', mktime(0, 0, 0, date('m', $relative_start) + 1, 0, date('Y', $relative_start)));
                 $end = mktime(23, 59, 59, date('m', $relative_start) + $max_months, $last_day, date('Y', $relative_start));
                 $where .= " AND (UNIX_TIMESTAMP(t1.publish_date) >= '{$relative_start}' AND UNIX_TIMESTAMP(t1.publish_date) <= '{$end}')";
                 break;
         }
     } else {
         ##We are trying to preview
         if (isset($param['limit'])) {
             $limit = " LIMIT 0, " . $param['limit'];
         } elseif ($this->_dsFilterLIMIT != '') {
             $limit = " LIMIT 0, " . $this->_dsFilterLIMIT;
         } elseif ($where == NULL) {
             $limit = " LIMIT 0, 50";
         }
     }
     $sql = "SELECT t1.id " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date_gmt` " . $sort . $limit;
     ##Check the cache
     $hash_id = md5(get_class($this) . serialize($env_url));
     if ($param['caching'] && ($cache = $this->check_cache($hash_id))) {
         return $cache;
         exit;
     }
     ##------------------------------
     ##Create the XML container
     $xml = new XMLElement("archive-entry-list");
     $xml->setAttribute("section", $this->getType());
     $xml->setAttribute("section-id", $section_id);
     ##Grab the records
     $entries = $this->_db->fetchCol("id", $sql);
     ##Populate the XML
     if (empty($entries) || !is_array($entries)) {
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     } else {
         $bin = array();
         foreach ($entries as $id) {
             $row = $entryManager->fetchEntriesByID($id, false, true);
             list($dYear, $dMonth, $dDay) = explode("-", date("Y-m-d", $obDate->get(true, false, strtotime($row['publish_date_gmt']))));
             $bin[$dYear][$dMonth][$dDay][] = $row;
         }
         foreach ($bin as $year => $months) {
             $xYear = new XMLElement("year");
             $xYear->setAttribute("value", $year);
             foreach ($months as $month => $days) {
                 $xMonth = new XMLElement("month");
                 $xMonth->setAttribute("value", $month);
                 foreach ($days as $day => $entries) {
                     $xDay = new XMLElement("day");
                     $xDay->setAttribute("value", $day);
                     foreach ($entries as $row) {
                         $entry = new XMLElement("entry");
                         $entry->setAttribute("id", $row['id']);
                         $entry->setAttribute("handle", trim($row['fields'][$row['primary_field']]['handle']));
                         $entry->setAttribute('linked-count', '' . count($row['linked_entries']) . '');
                         $date_local = $obDate->get(true, false, $row['timestamp_gmt']);
                         $entry_fields = array("date" => General::createXMLDateObject($date_local), "time" => General::createXMLTimeObject($date_local), "rfc822-date" => date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, $row['timestamp_gmt'])));
                         $this->__addChildFieldsToXML($entry_fields, $entry);
                         ##Author Details
                         $author_rec = $this->_db->fetchRow(0, "SELECT * FROM `tbl_authors` WHERE `id` = '" . $row['author_id'] . "' LIMIT 1");
                         $author = new XMLElement("author");
                         $author_fields = array("first-name" => $author_rec['firstname'], "last-name" => $author_rec['lastname'], "email" => $author_rec['email'], "username" => $author_rec['username']);
                         $this->__addChildFieldsToXML($author_fields, $author, "author");
                         $entry->addChild($author);
                         ##Custom Fields
                         $fields = $row['fields'];
                         if (is_array($fields) && !empty($fields)) {
                             $customFields = new XMLElement("fields");
                             foreach ($fields as $f) {
                                 if (@in_array($f['field_handle'], $this->_dsFilterXMLFIELDS)) {
                                     $newField = new XMLElement($f['field_handle']);
                                     if ($f['type'] == 'list' || $f['type'] == 'multiselect') {
                                         foreach ($f['value_raw'] as $val) {
                                             $item = new XMLElement("item", $val);
                                             $item->setAttribute("handle", Lang::createHandle($val, $this->_parent->getConfigVar('handle_length', 'admin')));
                                             $newField->addChild($item);
                                         }
                                     } elseif ($f['type'] == 'foreign') {
                                         $sid = $f['foreign_section'];
                                         $section_handle = $this->_db->fetchVar('handle', 0, "SELECT `handle` FROM `tbl_sections` WHERE `id` = '{$sid} ' LIMIT 1");
                                         $newField->setAttribute("handle", $f['handle']);
                                         $newField->setAttribute("type", 'foreign');
                                         $newField->setAttribute("section-id", $sid);
                                         $newField->setAttribute("section-handle", $sid);
                                         if (!is_array($f['value_raw'])) {
                                             $f['value_raw'] = array($f['value_raw']);
                                         }
                                         foreach ($f['value_raw'] as $h) {
                                             $entry_id = $entryManager->fetchEntryIDFromPrimaryFieldHandle($sid, $h);
                                             $e = $entryManager->fetchEntriesByID($entry_id, false, true);
                                             $item = new XMLElement("item", trim($e['fields'][$e['primary_field']]['value']));
                                             $item->setAttribute("entry-id", $entry_id[0]);
                                             $item->setAttribute("entry-handle", $e['fields'][$e['primary_field']]['handle']);
                                             $newField->addChild($item);
                                         }
                                     } elseif ($f['type'] == 'upload') {
                                         foreach ($f['value_raw'] as $val) {
                                             $item = new XMLElement("item");
                                             $item->addChild(new XMLElement("path", trim($val['path'], '/')));
                                             $item->addChild(new XMLElement("type", $val['type']));
                                             $item->addChild(new XMLElement("size", General::formatFilesize($val['size'])));
                                             $newField->addChild($item);
                                         }
                                     } elseif ($f['type'] == 'checkbox') {
                                         $newField->setValue($f['value_raw']);
                                     } elseif ($f['type'] == 'select') {
                                         $newField->setValue($f['value_raw']);
                                         $newField->setAttribute("handle", $f['handle']);
                                     } else {
                                         $key = 'value';
                                         if ($f['format'] != 1) {
                                             $key = 'value_raw';
                                         }
                                         $f[$key] = trim($f[$key]);
                                         $value = $f[$key];
                                         if ($this->_dsFilterENCODE == "yes") {
                                             $value = trim(General::sanitize($f[$key]));
                                         }
                                         if ($f['type'] == 'textarea') {
                                             $newField->setValue($value);
                                             $newField->setAttribute("word-count", General::countWords(strip_tags($f['value'])));
                                         } elseif ($f['type'] == 'input' && $f['field_id'] != $row['primary_field']) {
                                             $newField->setAttribute("handle", $f['handle']);
                                             $newField->setValue($value);
                                         }
                                     }
                                     $customFields->addChild($newField);
                                 }
                             }
                             $entry->addChild($customFields);
                         }
                         ##Comments
                         $commenting = $this->_db->fetchVar('commenting', 0, "SELECT `commenting` FROM `tbl_sections` WHERE `id` = '{$section_id}' LIMIT 1");
                         if ($commenting == 'on') {
                             $comments = new XMLElement("comments");
                             $sql = "SELECT  count(*) as `count` " . "FROM `tbl_comments` " . "WHERE `entry_id` = '" . $row['id'] . "'";
                             $comment_count = max(0, @intval($this->_db->fetchVar("count", 0, $sql . " AND `spam` = 'no'")));
                             $spam_count = max(0, @intval($this->_db->fetchVar("count", 0, $sql . " AND `spam` = 'yes'")));
                             $comments->setAttribute("count", "" . $comment_count . "");
                             $comments->setAttribute("spam", "" . $spam_count . "");
                             $entry->addChild($comments);
                         }
                         $xDay->addChild($entry);
                     }
                     $xMonth->addChild($xDay);
                 }
                 $xYear->addChild($xMonth);
             }
             $xml->addChild($xYear);
         }
     }
     ##------------------------------
     ##Write To Cache
     if ($param['caching']) {
         $result = $xml->generate($param['indent'], $param['indent-depth']);
         $this->write_to_cache($hash_id, $result, $this->_cache_sections);
         return $result;
     }
     return $xml;
 }
 function trigger()
 {
     $result = new XMLElement("post-comment");
     $comment = array();
     $comment['author_name'] = $_POST['name'];
     $comment['author_url'] = $_POST['website'];
     $comment['author_email'] = $_POST['email'];
     $comment['body'] = $_POST['comment'];
     $comment['entry_handle'] = $_POST['entry-handle'];
     $comment['section'] = $_POST['section'];
     $comment = array_map("stripslashes", $comment);
     ## Create the cookie elements
     $cookie = new XMLElement("cookie");
     $cookie->addChild(new XMLElement("name", General::sanitize($comment['author_name'])));
     $cookie->addChild(new XMLElement("email", General::sanitize($comment['author_email'])));
     $cookie->addChild(new XMLElement("url", General::validateURL($comment['author_url'])));
     $cookie->addChild(new XMLElement("comment", General::sanitize($comment['body'])));
     $result->addChild($cookie);
     $canProceed = true;
     if ($comment['author_name'] == "" || $comment['author_email'] == "" || $comment['body'] == "") {
         $xMissing = new XMLElement("missing");
         if ($comment['author_name'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "name");
             $xMissing->addChild($missing);
         }
         if ($comment['author_email'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "email");
             $xMissing->addChild($missing);
         }
         if ($comment['body'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "comment");
             $xMissing->addChild($missing);
         }
         $result->addChild($xMissing);
         $canProceed = false;
     }
     if ($comment['author_email'] != "" && !ereg('^[a-zA-Z0-9_\\.\\-]+@[a-zA-Z0-9\\-]+\\.[a-zA-Z0-9\\-\\.]+$', $comment['author_email'])) {
         $invalid = new XMLElement("invalid");
         $xInvalid = new XMLElement("input");
         $xInvalid->setAttribute("name", "email");
         $invalid->addChild($xInvalid);
         $result->addChild($invalid);
         $canProceed = false;
     }
     if (!$canProceed) {
         $result->setAttribute("sent", "false");
     } else {
         require_once TOOLKIT . "/class.commenting.php";
         $oCommenting = new Commenting(array("parent" => $this->_parent));
         ## By default 'body', 'author_name' and 'author_ip' are required, but we
         ## want an email ('author_email') address as well.
         $oCommenting->setRequiredField('author_email');
         #if(is_array($oCommenting->_notices) && !empty($oCommenting->_notices)){
         if (!$oCommenting->insertComment($comment)) {
             $result->addChild(new XMLElement("notice", $oCommenting->_notices[0]));
             $result->setAttribute("sent", "false");
         } else {
             $result->setAttribute("sent", "true");
             $result->addChild(new XMLElement("notice", "Comment saved successfully"));
         }
         if ($oCommenting->isLastCommentSpam) {
             $result->setAttribute("spam", "true");
         }
         $prefix = $this->_parent->getConfigVar('cookie_prefix', 'symphony');
         if ($_POST['remember'] == 'on') {
             setcookie($prefix . 'comment-remember[name]', $comment['author_name'], time() + TWO_WEEKS, $this->_parent->getCookieDomain());
             setcookie($prefix . 'comment-remember[url]', $comment['author_url'], time() + TWO_WEEKS, $this->_parent->getCookieDomain());
             setcookie($prefix . 'comment-remember[email]', $comment['author_email'], time() + TWO_WEEKS, $this->_parent->getCookieDomain());
         } else {
             setcookie($prefix . 'comment-remember', ' ', time() - TWO_WEEKS, $this->_parent->getCookieDomain());
         }
     }
     return $result;
 }
        foreach ($comments as $c) {
            $comment = new XMLElement("comment");
            $tmp_time = strtotime($c['creation_date_gmt']);
            if (!$done) {
                $comment->setAttribute("new", "true");
            } elseif ($tmp_time > $lastrefresh) {
                if ($tmp_time > @file_get_contents($done_path)) {
                    $comment->setAttribute("new", "true");
                    @unlink($done_path);
                }
            }
            $body = strip_tags($c['body']);
            $body = ereg_replace("[^[:space:]a-zA-Z0-9,*_.-\\'\\\"&;\\]]", "", $body);
            $body = General::stripEntities($body, ' ');
            $comment->setAttribute("class", "comment" . ($c['spam'] == "yes" ? "-spam" : ""));
            $comment->addChild(new XMLElement("title", General::limitWords(General::sanitize(strip_tags($body)), 100, true, false)));
            $comment->addChild(new XMLElement("link", "?page=/publish/comments/edit/&amp;id=" . $c['id']));
            if (kFULL_MODE) {
                $comment->addChild(new XMLElement('body', $body));
                $comment->addChild(new XMLElement('date', $c['creation_date_gmt']));
                $comment->addChild(new XMLElement('referrer', $c['referrer']));
                $comment->addChild(new XMLElement('author-name', $c['author_name']));
                $comment->addChild(new XMLElement('author-email', $c['author_email']));
                if ($c['author_url'] != '') {
                    $comment->addChild(new XMLElement('author-url', $c['author_url']));
                }
            }
            $xml->addChild($comment);
        }
    }
}
    die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>");
}
$cDate = new SymDate($settings["region"]["time_zone"], "d");
$month = isset($_REQUEST['month']) || $_REQUEST['month'] != "" ? $_REQUEST['month'] : date("F", time());
$year = isset($_REQUEST['year']) || $_REQUEST['year'] != "" ? $_REQUEST['year'] : date("Y", time());
$startdate = strtotime("1 " . $month . " " . $year);
$enddate = mktime(0, 0, 0, date("m", $startdate) + 1, 1, $year);
$sql = "SELECT t1.*, t2.section_id, t3.value_raw as `title`,\n\t\t\tUNIX_TIMESTAMP(t1.publish_date_gmt) as `timestamp_gmt`\n\t\t\tFROM `tbl_entries` as t1, `tbl_sections` as t4, `tbl_entries2sections` as t2, `tbl_entries2customfields` as t3\n\t\t\tWHERE UNIX_TIMESTAMP(t1.publish_date) >= '{$startdate}'\n\t\t\tAND UNIX_TIMESTAMP(t1.publish_date) <= '{$enddate}'\n\t\t\tAND t1.`id` = t2.entry_id\n\t\t\tAND t1.`id` = t3.entry_id AND t4.primary_field = t3.field_id\n\t\t\tAND t2.section_id = t4.id\n\t\t\tORDER BY t1.publish_date DESC ";
$result = $db->fetch($sql);
$xml->addChild(new XMLElement("month", $month . " " . $year));
if (@count($result) >= 1) {
    $final = array();
    foreach ($result as $row) {
        if ($Author->canAccessSection($row['section_id'])) {
            $final[$cDate->get(true, true, $row['timestamp_gmt'])][] = $row;
        }
    }
    foreach ($final as $date => $entries) {
        $item = new XMLElement("item");
        $item->addChild(new XMLElement("date", intval($date)));
        foreach ($entries as $row) {
            $locked = 'content';
            $entry = new XMLElement("entry");
            $entry->setAttribute("class", $locked);
            $entry->addChild(new XMLElement("title", General::limitWords(strip_tags($row['title']), 32, true, true)));
            $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&amp;_sid=" . $row['section_id'] . "&amp;id=" . $row['id']));
            $item->addChild($entry);
        }
        $xml->addChild($item);
    }
}
            $description = '<p><strong>Author:</strong> ' . $fragment['data']['author-name'][0] . '<br />' . CRLF . '<strong>Email:</strong> ' . $fragment['data']['author-email'][0] . '<br />' . CRLF . (isset($fragment['data']['author-url']) ? '<strong>Website:</strong> ' . $fragment['data']['author-url'][0] . '<br />' . CRLF : '') . '<strong>Entry:</strong> <a href="' . $fragment['data']['referrer'][0] . '">' . $fragment['data']['referrer'][0] . '</a></p>' . CRLF . CRLF . '<p>' . $fragment['data']['body'][0] . '</p>';
            break;
        case 'version':
            $fragment = flattenFragment($fragment, $type);
            ## Skip this one if there is no update
            if (!isset($fragment['data']['update'])) {
                continue 2;
            }
            $title = '[Update] ' . $fragment['data']['announcement'][0];
            $link = $guid = 'http://accounts.symphony21.com';
            $pubdate = date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, strtotime($fragment['data']['releasedate'][0])));
            $description = '<p><em>You get this update from <a href="' . $link . '">your account</a> page.</em></p>' . $fragment['data']['change-log'][0];
            break;
    }
    $item->addChild(new XMLElement('title', General::sanitize($title)));
    if ($description) {
        $item->addChild(new XMLElement('description', General::sanitize($description)));
    }
    $item->addChild(new XMLElement('link', General::sanitize($link)));
    $item->addChild(new XMLElement('pubDate', $pubdate));
    $item->addChild(new XMLElement('guid', General::sanitize($guid)));
    $channel->addChild($item);
}
$rss->addChild($channel);
##RSS XML is returned, make sure the browser knows it
header("Content-Type: text/xml");
$rss->setIncludeHeader(true);
print $rss->generate(true);
## Important. Need this otherwise rest of Symphony admin
## laods.
exit;
Beispiel #10
0
 function buildXML($page_handle = NULL, $utilities = NULL, $indent = false, $caching = true)
 {
     $events = new XMLElement("events");
     $xml = new XMLElement("data");
     $xml->setIncludeHeader(true);
     $page_handle = $page_handle ? $page_handle : $this->_page;
     $sql = "SELECT t1.*,\n\t\t\t\t\t\t   t2.events as `master_events`,\n\t\t\t\t\t\t   t2.data_sources as `master_data_sources`\n\n\t\t\t\t\tFROM `tbl_pages` AS `t1`\n\t\t\t\t\tLEFT JOIN `tbl_masters` AS `t2` ON t1.`master` = concat(t2.`name`, '.xsl')\n\t\t\t\t\tWHERE t1.`handle` = '" . $page_handle . "' LIMIT 1";
     if (!($page = $this->_db->fetchRow(0, $sql))) {
         $this->fatalError("Requested page '" . $page_handle . "' could not be found");
     }
     $page_data = preg_split('/,/', $page['data_sources'] . "," . $page['master_data_sources'], -1, PREG_SPLIT_NO_EMPTY);
     $page_events = preg_split('/,/', $page['events'] . "," . $page['master_events'], -1, PREG_SPLIT_NO_EMPTY);
     $page_data = General::array_remove_duplicates($page_data);
     $page_events = General::array_remove_duplicates($page_events);
     ##EVENTS
     if (is_array($page_events) && !empty($page_events)) {
         foreach ($page_events as $e) {
             $this->_EventManager->addEvent($e);
         }
     }
     $this->_EventManager->fireEvents($events, array('parent' => $this, 'env' => $this->_env));
     $this->_EventManager->flush();
     $xml->addChild($events);
     $this->_events = $events;
     ##DATASOURCES
     $dsParam = array("indent-depth" => 1, "caching" => $caching, "indent" => $indent, "preview" => $this->_preview, "allow_optimise" => $page['optimise_xml'] == "yes" ? 'on' : 'off');
     if (is_array($page_data) && !empty($page_data)) {
         foreach ($page_data as $d) {
             $this->_DatasourceManager->addDatasource($d, $dsParam);
         }
     }
     $this->_DatasourceManager->renderData($xml, array('parent' => $this, 'env' => $this->_env));
     $this->_DatasourceManager->flush();
     ##Generate the final XML
     $this->_xml_final = $xml->generate($indent, 0);
     $doctor = new XMLRepair();
     $doctor->repair($this->_xml_final);
     unset($doctor);
     $this->_xml_final = trim($this->_xml_final);
     return $this->_xml_final;
 }
Beispiel #11
0
 function update(&$Page, &$Contents)
 {
     /*
     		<form action="" method="post">
     			<h2>Update Symphony</h2>
     			<p>Symphony is ready to update from version 1.6.2 to version 1.6.3.</p>
     
     			<div class="submit">
     				<input name="action[update]" type="submit" value="Update Symphony" />
     				<input name="action[update]" type="hidden" value="true" />
     			</div>
     		</form>
     */
     $Form = new XMLElement('form');
     $Form->setAttribute('action', 'install.php');
     $Form->setAttribute('method', 'post');
     $Form->addChild(new XMLElement('h2', 'Update Symphony'));
     $Form->addChild(new XMLElement('p', 'Symphony is ready to update from version ' . kCURRENT_VERSION . ' to version ' . kVERSION));
     $Submit = new XMLElement('div');
     $Submit->setAttribute('class', 'submit');
     ### submit
     $Submit->addChild(Widget::input('submit', 'Update Symphony', NULL, 'submit'));
     ### action[update]
     $Submit->addChild(Widget::input('action[update' . kCURRENT_BUILD . ']', 'true', NULL, 'hidden'));
     $Form->addChild($Submit);
     $Contents->addChild($Form);
     $Page->setTemplateVar('title', 'Update Symphony');
     $Page->setTemplateVar('tagline', 'Version ' . kVERSION);
 }
 function grab($param = array())
 {
     ## Decide if we return an emtpy set or not
     if ($this->__forceEmptySet()) {
         ##Create the XML container
         $xml = new XMLElement("comments");
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     }
     $obDate = $this->_parent->getDateObj();
     extract($this->_env, EXTR_PREFIX_ALL, 'env');
     $where = NULL;
     include_once TOOLKIT . "/class.entrymanager.php";
     $entryManager = new EntryManager($this->_parent);
     ##Prepare the Query
     if ($section_id = $entryManager->fetchSectionIDFromHandle($this->_dsFilterSECTION)) {
         $comment_where .= " AND t4.`section_id` = '{$section_id}' ";
         if ($entries = $this->__resolveDefine("dsFilterHANDLE", true)) {
             $entry_ids = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $entries);
             $comment_where .= " AND t3.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entry_ids) . "') ";
         }
     }
     if ($date = $this->__resolveDefine("dsFilterDAY")) {
         $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' ";
     }
     if ($month = $this->__resolveDefine("dsFilterMONTH")) {
         $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' ";
     }
     if ($year = $this->__resolveDefine("dsFilterYEAR")) {
         $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' ";
     }
     $sort = "DESC";
     if ($this->_dsFilterSORT != '') {
         $sort = strtoupper($this->_dsFilterSORT);
     }
     if (!isset($this->_dsFilterSHOWSPAM) || $this->_dsFilterSHOWSPAM != 'yes') {
         $comment_where .= " AND `t1`.`spam` = 'no' ";
     }
     if ($max_months = $this->__resolveDefine("dsFilterLIMIT_MONTHS")) {
         $sql = "SELECT UNIX_TIMESTAMP(t2.creation_date_gmt) as `creation_timestamp_gmt` " . "FROM `tbl_comments` as t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where . "GROUP BY t1.`id` " . "ORDER BY `creation_timestamp_gmt` {$sort} " . "LIMIT 1";
         $relative_start = $this->_db->fetchVar('creation_timestamp_gmt', 0, $sql);
         switch ($sort) {
             case "DESC":
                 $end = mktime(0, 0, 0, date('m', $relative_start) - $max_months + 1, 1, date('Y', $relative_start));
                 $comment_where .= " AND (UNIX_TIMESTAMP(t2.creation_date_gmt) <= '{$relative_start}' AND UNIX_TIMESTAMP(t2.creation_date_gmt) >= '{$end}')";
                 break;
             case "ASC":
                 ## Since this is assending, we need to start from 0. The DS editor will give us 1+
                 $max_months--;
                 $last_day = date('d', mktime(0, 0, 0, date('m', $relative_start) + 1, 0, date('Y', $relative_start)));
                 $end = mktime(23, 59, 59, date('m', $relative_start) + $max_months, $last_day, date('Y', $relative_start));
                 $comment_where .= " AND (UNIX_TIMESTAMP(t2.creation_date_gmt) >= '{$relative_start}' AND UNIX_TIMESTAMP(t2.creation_date_gmt) <= '{$end}')";
                 break;
         }
     } else {
         ##We are trying to preview
         if (isset($param['limit'])) {
             $limit = $param['limit'];
         } elseif ($this->_dsFilterLIMIT != '') {
             $limit = intval($this->_dsFilterLIMIT);
             ##Prevent things from getting too big
         } else {
             $limit = 50;
         }
     }
     $start = 0;
     $sql = "SELECT count(t1.id) AS `total-comments` " . "FROM `tbl_comments` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where;
     $kTotalCommentCount = $this->_db->fetchVar('total-comments', 0, $sql);
     if (isset($this->_dsFilterPAGENUMBER)) {
         $pagenumber = $this->__resolveDefine("dsFilterPAGENUMBER");
         $kPageNumber = max(1, intval($pagenumber));
         if (!$limit) {
             $limit = 50;
         }
         $kTotalPages = ceil($kTotalCommentCount * (1 / $limit));
         $start = $limit * ($kPageNumber - 1);
     }
     $sql = "SELECT  t1.*, UNIX_TIMESTAMP(t2.creation_date_gmt) as `creation_timestamp_gmt` " . "FROM `tbl_comments` as t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where . "GROUP BY t1.`id` " . "ORDER BY `creation_timestamp_gmt` {$sort} " . ($limit ? " LIMIT {$start}, {$limit}" : '');
     ##Check Cache
     $hash_id = md5(get_class($this) . $sql);
     if ($param['caching'] && ($cache = $this->check_cache($hash_id))) {
         return $cache;
         exit;
     }
     ##------------------------------
     ##Create the XML container
     $xml = new XMLElement("comments");
     ##Grab the records
     $comments = $this->_db->fetch($sql);
     ##Populate the XML
     if (empty($comments) || !is_array($comments)) {
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     } else {
         $entries = array();
         foreach ($comments as $c) {
             $entries[$c['entry_id']]['commenting'] = $c['commenting'];
             $entries[$c['entry_id']]['comments'][] = $c;
         }
         if (in_array("pagination-info", $this->_dsFilterXMLFIELDS)) {
             $pageinfo = new XMLElement("pagination-info");
             $pageinfo->setAttribute("total-comments", $kTotalCommentCount);
             $pageinfo->setAttribute("total-pages", $kTotalPages);
             $pageinfo->setAttribute("comment-per-page", $limit);
             $pageinfo->setAttribute("current-page", $kPageNumber);
             $xml->addChild($pageinfo);
         }
         foreach ($entries as $id => $row) {
             $entry_data = $entryManager->fetchEntriesByID($id, false, true);
             $entry = new XMLElement("entry");
             $entry->setAttribute("id", $id);
             $entry->setAttribute('section-id', $entry_data['section_id']);
             $entry->setAttribute("handle", trim($entry_data['fields'][$entry_data['primary_field']]['handle']));
             $entry->setAttribute("commenting", $row['commenting']);
             $entry->addChild(new XMLElement("entry-title", trim($entry_data['fields'][$entry_data['primary_field']]['value'])));
             $fields = $row['comments'];
             $entry->setAttribute("count", $kTotalCommentCount);
             if (is_array($fields) && !empty($fields)) {
                 foreach ($fields as $c) {
                     $comment = new XMLElement("comment");
                     $comment->setAttribute("id", $c['id']);
                     if ($c['author_id'] != NULL) {
                         $comment->setAttribute('authorised', 'yes');
                         $comment->setAttribute('author_id', $c['author_id']);
                     }
                     if (@in_array('spam', $this->_dsFilterXMLFIELDS)) {
                         $comment->setAttribute("spam", $c['spam']);
                     }
                     $date_local = $obDate->get(true, false, $c['creation_timestamp_gmt']);
                     $comment_fields = array("author" => $c['author_name'], "date" => General::createXMLDateObject($date_local), "time" => General::createXMLTimeObject($date_local), "rfc822-date" => date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, $row['creation_timestamp_gmt'])), "message" => $this->_dsFilterENCODE != 'yes' ? $c['body'] : General::sanitize($c['body']), "url" => $c['author_url'], "email" => $c['author_email'], "email-hash" => md5($c['author_email']));
                     $this->__addChildFieldsToXML($comment_fields, $comment);
                     $entry->addChild($comment);
                 }
             }
             $xml->addChild($entry);
         }
     }
     ##------------------------------
     ##Write To Cache
     if ($param['caching']) {
         $result = $xml->generate($param['indent'], $param['indent-depth']);
         $this->write_to_cache($hash_id, $result, $this->_cache_sections);
         return $result;
     }
     return $xml;
 }
 * Symphony web publishing system
 *
 * Copyright 2004–2006 Twenty One Degrees Pty. Ltd.
 *
 * @version 1.7
 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE
 *
 ***/
if (!defined("__IN_SYMPHONY__")) {
    die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>");
}
$sql = "SELECT data_sources as `master_data_sources`, events as `master_events`\n\t\t\tFROM `tbl_masters`\n\t\t\tWHERE `id` = '" . $_REQUEST['master'] . "' LIMIT 1";
$master_data_sources = $db->fetchVar('master_data_sources', 0, $sql);
$master_data_sources = preg_split('/,/', $master_data_sources, -1, PREG_SPLIT_NO_EMPTY);
$master_data_sources = array_map("trim", $master_data_sources);
$master_events = $db->fetchVar('master_events', 0, $sql);
$master_events = preg_split('/,/', $master_events, -1, PREG_SPLIT_NO_EMPTY);
$master_events = array_map("trim", $master_events);
$datasources = preg_split('/,/', $_REQUEST['datasources'], -1, PREG_SPLIT_NO_EMPTY);
$datasources = array_map("trim", $datasources);
$events = preg_split('/,/', $_REQUEST['events'], -1, PREG_SPLIT_NO_EMPTY);
$events = array_map("trim", $events);
$datasources = array_merge($datasources, $master_data_sources);
$events = array_merge($events, $master_events);
$utilities = $db->fetch("SELECT DISTINCT t1.*\n\t\t\t\t\t\t\t FROM `tbl_utilities` as t1\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2datasources` as t2 ON t1.id = t2.utility_id\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2events` as t3 ON t1.id = t3.utility_id\n\t\t\t\t\t\t\t WHERE (t2.`data_source` IS NULL AND t3.`event` IS NULL)\n\t\t\t\t\t\t\t OR (t2.`data_source` IN ('" . @implode("', '", $datasources) . "')\n\t\t\t\t\t\t\t OR t3.`event` IN ('" . @implode("', '", $events) . "'))");
foreach ($utilities as $u) {
    $utility = new XMLElement("utility");
    $utility->addChild(new XMLElement("name", $u['name']));
    $utility->addChild(new XMLElement("link", URL . "/symphony/?page=/blueprint/utilities/edit/&amp;id=" . $u['id']));
    $xml->addChild($utility);
}
 function trigger()
 {
     $result = new XMLElement("send-email");
     $fields['recipient_username'] = $_POST['recipient-username'];
     $fields['email'] = $_POST['email'];
     $fields['name'] = $_POST['name'];
     $fields['subject'] = stripslashes(strip_tags($_POST['subject']));
     $fields['message'] = stripslashes(strip_tags($_POST['message']));
     $fields = array_map("trim", $fields);
     ## Create the cookie elements
     $cookie = new XMLElement("cookie");
     $cookie->addChild(new XMLElement("name", $fields['name']));
     $cookie->addChild(new XMLElement("email", $fields['email']));
     $cookie->addChild(new XMLElement("subject", $fields['subject']));
     $cookie->addChild(new XMLElement("message", General::sanitize($fields['message'])));
     $result->addChild($cookie);
     $usernames = @implode("', '", @explode(" ", $fields['recipient_username']));
     $email_addresses = $this->_parent->_db->fetchCol("email", "SELECT `email` FROM `tbl_authors` WHERE `username` IN ('" . $usernames . "')");
     $canProceed = true;
     if ($fields['email'] == "" || $fields['name'] == "" || $fields['subject'] == "" || $fields['message'] == "") {
         $xMissing = new XMLElement("missing");
         if ($fields['email'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "email");
             $xMissing->addChild($missing);
         }
         if ($fields['name'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "name");
             $xMissing->addChild($missing);
         }
         if ($fields['subject'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "subject");
             $xMissing->addChild($missing);
         }
         if ($fields['message'] == "") {
             $missing = new XMLElement("input");
             $missing->setAttribute("name", "message");
             $xMissing->addChild($missing);
         }
         $result->addChild($xMissing);
         $canProceed = false;
     }
     if (!ereg('^[a-zA-Z0-9_\\.\\-]+@[a-zA-Z0-9\\-]+\\.[a-zA-Z0-9\\-\\.]+$', $fields['email'])) {
         $invalid = new XMLElement("invalid");
         $xInvalid = new XMLElement("input");
         $xInvalid->setAttribute("name", "email");
         $invalid->addChild($xInvalid);
         $result->addChild($invalid);
         $canProceed = false;
     }
     if (!$canProceed) {
         $result->setAttribute("sent", "false");
     } else {
         $errors = array();
         foreach ($email_addresses as $e) {
             if (!General::sendEmail($e, $fields['email'], $fields['name'], $fields['subject'], $fields['message'])) {
                 $errors[] = $fields['recipient-email'];
             }
         }
         if (!empty($errors)) {
             $result->addChild(new XMLElement("notice", "Email could not be sent. An unknown error occurred."));
             $result->setAttribute("sent", "false");
         } else {
             $result->addChild(new XMLElement("notice", "Email sent successfully"));
             $result->setAttribute("sent", "true");
         }
     }
     return $result;
 }
Beispiel #15
0
 function grab($param = array())
 {
     $date = $this->_parent->getDateObj();
     extract($this->_env, EXTR_PREFIX_ALL, 'env');
     $where = NULL;
     ##Prepare the Query
     if ($usernames = $this->__resolveDefine('dsFilterUSERNAME', true)) {
         $where .= " AND `tbl_authors`.username " . ($this->__isDefineNotClause("dsFilterUSERNAME") ? 'NOT' : '') . " IN ('" . @implode("', '", $usernames) . "') ";
     }
     if ($account_type = $this->__resolveDefine("dsFilterSTATUS")) {
         switch ($account_type) {
             case "author":
                 $where .= " AND `tbl_authors`.owner = '0' AND `tbl_authors`.superuser = '******' ";
                 break;
             case "owner":
                 $where .= " AND `tbl_authors`.owner = '1' ";
                 break;
             case "administrator":
                 $where .= " AND `tbl_authors`.superuser = '******' ";
                 break;
         }
     }
     ##We are trying to preview
     if (isset($param['limit'])) {
         $limit = " LIMIT 0, " . $param['limit'];
     } elseif ($where == NULL) {
         $limit = " LIMIT 0, 50";
     }
     $sql = "SELECT tbl_authors.*, count(tbl_entries.id) as `entry_count` FROM `tbl_authors` " . "LEFT JOIN `tbl_entries` ON `tbl_entries`.`author_id` = `tbl_authors`.`id` " . "WHERE 1 " . $where . "GROUP BY `tbl_authors`.id " . "ORDER BY `tbl_authors`.username ASC " . $sort . $limit;
     ##Check Cache
     $hash_id = md5(get_class($this) . $sql);
     if ($param['caching'] && ($cache = $this->check_cache($hash_id))) {
         return $cache;
         exit;
     }
     ##------------------------------
     ##Create the XML container
     $xml = new XMLElement("owner");
     ##Grab the records
     $authors = $this->_db->fetch($sql);
     ##Populate the XML
     if (empty($authors) || !is_array($authors)) {
         $xml->addChild(new XMLElement("error", "No Records Found."));
         return $xml;
     } else {
         foreach ($authors as $row) {
             $status = 'Author';
             if ($row['owner'] == 1) {
                 $status = 'Owner';
             } elseif ($row['superuser'] == 1) {
                 $status = 'Adminstrator';
             }
             ##Author Details
             $fields = array();
             $fields["entry-count"] = $row['entry_count'];
             $fields["first-name"] = $row['firstname'];
             $fields["last-name"] = $row['lastname'];
             $fields["email"] = $row['email'];
             $fields["username"] = array($row['username'], "attr");
             $fields["status"] = $status;
             $fields["auth-token"] = substr(md5($row['username'] . $row['password']), 0, 8);
             $author = new XMLElement("author");
             $this->__addChildFieldsToXML($fields, $author);
             $xml->addChild($author);
         }
     }
     ##------------------------------
     ##Write To Cache
     if ($param['caching']) {
         $result = $xml->generate($param['indent'], $param['indent-depth']);
         $this->write_to_cache($hash_id, $result, $this->_cache_sections);
         return $result;
     }
     return $xml;
 }