function display() { $order = 'desc'; if (isset($_GET['order'])) { $order = $_GET['order']; $this->tpl->assign('sort', 'ts'); } // Extra params for pager $params = array(); if ($order) { $params = array('order' => $order); } // Pager $this->pager->limit = $this->per_page; $this->pager->setStart(); $this->pager->setPages($this->log->count($this->users_id)); $this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/admin/log/{$this->nickname}", $params)); $this->log->setOrder('ts', $order); $this->r->arr['ulog'] = $this->log->get($this->pager->limit, $this->pager->start, $this->users_id); foreach ($this->r->arr['ulog'] as $key => $val) { $tmp = $this->user->getByID($val['users_id']); $this->r->arr['ulog'][$key]['nickname'] = $tmp['nickname']; } // Template $inverse = $order != 'desc' ? 'desc' : 'asc'; $this->tpl->assign('ts_sort_url', suxFunct::makeUrl("/admin/log/{$this->nickname}", array('order' => $inverse))); $this->tpl->assign('nickname', $this->nickname); $this->r->title .= " | {$this->r->gtext['activity_log']}"; $this->tpl->display('log.tpl'); }
/** * menu * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function bookmarks_menu() { if (!isset($_SESSION['users_id'])) { return null; } // Check access $user = new suxUser(); if (!$user->isRoot()) { $access = $user->getAccess('bookmarks'); if ($access < $GLOBALS['CONFIG']['ACCESS']['bookmarks']['admin']) { return null; } } $query = 'SELECT COUNT(*) FROM bookmarks WHERE draft = true '; $db = suxDB::get(); $st = $db->query($query); $menu = array(); $count = $st->fetchColumn(); $text = suxFunct::gtext('bookmarks'); $menu[$text['admin']] = suxFunct::makeUrl('/bookmarks/admin/'); $tmp = "{$text['approve_2']} ({$count})"; $menu[$tmp] = suxFunct::makeUrl('/bookmarks/approve/'); $menu[$text['new']] = suxFunct::makeUrl('/bookmarks/edit/'); return $menu; }
/** * Login */ function login() { if ($this->user->loginCheck() || !$this->user->loginCheck() && $this->user->authenticate()) { $this->log->write($_SESSION['users_id'], "sux0r::userAuthenticate() login [IP: {$_SERVER['REMOTE_ADDR']}]", 1); // Log, private // Redirect to previous page if (isset($_SESSION['breadcrumbs'])) { foreach ($_SESSION['breadcrumbs'] as $val) { if (!preg_match('#^user/[login|logout|register|edit]#i', $val)) { suxFunct::redirect(suxFunct::makeUrl($val)); break; } } } // Nothing of value was found, redirect to user page suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname'])); } else { // Too many password failures? if ($this->user->maxPasswordFailures()) { $this->r->title .= " | {$this->r->gtext['pw_failure']}"; $this->tpl->display('pw_failure.tpl'); die; } // Note: // Threre's a conflift with the authenticate procedure and header('Location:') // The workaround is to echo some spaces and force javascript redirect echo str_repeat(' ', 40000); suxFunct::redirect(suxFunct::makeUrl('/home')); } }
/** * @return string html */ function feedLink($id) { $tmp = $this->rss->getFeedByID($id); if (!$tmp) { return null; } $url = suxFunct::makeUrl("/feeds/{$id}"); $html = "<a href='{$url}'>{$tmp['title']}</a>"; return $html; }
/** * controller * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function sux($action, $params = null) { switch ($action) { case 'access': // -------------------------------------------------------------------- // Access // -------------------------------------------------------------------- if (empty($params[0])) { suxFunct::redirect(suxFunct::makeUrl('/admin')); } $edit = new adminAccess($params[0]); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; case 'log': // -------------------------------------------------------------------- // Log // -------------------------------------------------------------------- $nickname = null; if (!empty($params[0])) { $nickname = $params[0]; } $admin = new adminLog($nickname); $admin->display(); break; case 'purge': // -------------------------------------------------------------------- // Purge logs // -------------------------------------------------------------------- $edit = new adminPurge(); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; default: // -------------------------------------------------------------------- // Default // -------------------------------------------------------------------- $admin = new admin(); if ($admin->formValidate($_POST)) { $admin->formProcess($_POST); $admin->formSuccess(); } else { $admin->formBuild($_POST); } break; } }
/** * Return tag cloud * * @param array $tags key = tag, val = (quantity, id, size) * @return string html */ function tagcloud($tags) { $html = ''; if ($tags) { foreach ($tags as $key => $val) { $url = suxFunct::makeURL('/bookmarks/tag/' . $val['id']); $html .= "<a href='{$url}' style='font-size: {$val['size']}%;' class='tag'>{$key}</a> <span class='quantity' >({$val['quantity']})</span> "; } } return $html; }
/** * @param string $url * @return string returns a contine link */ function continueURL($start, $url) { if (!filter_var($start, FILTER_VALIDATE_INT)) { $start = 0; } if (trim($url) == '') { return null; } $text = suxFunct::gtext(); // W3C valid url $q = mb_strpos($url, '?') ? '&' : '?'; $url = $url . $q; $url = htmlspecialchars($url, ENT_QUOTES, 'UTF-8', false); $html = "<a href='{$url}start={$start}' class='nextPage'>{$text['continue']} »</a> "; return "<div class='pager'>{$html}</div> "; }
/** * controller * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function sux($action, $params = null) { switch ($action) { case 'relationship': // -------------------------------------------------------------------- // Set a relationship with a user // -------------------------------------------------------------------- if (empty($params[0])) { suxFunct::redirect(suxFunct::makeUrl('/society')); } $soc = new societyEdit($params[0]); if ($soc->formValidate($_POST)) { $soc->formProcess($_POST); $soc->formSuccess(); } else { $soc->formBuild($_POST); } break; } }
/** * menu * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function blog_menu() { if (!isset($_SESSION['users_id'])) { return null; } // Check that the user is allowed to admin $user = new suxUser(); $text = suxFunct::gtext('blog'); $menu = array(); $is_root = $user->isRoot(); $access = $user->getAccess('blog'); if (!$is_root) { if ($access < $GLOBALS['CONFIG']['ACCESS']['blog']['publisher']) { return null; } } if ($is_root || $access >= $GLOBALS['CONFIG']['ACCESS']['blog']['admin']) { $menu[$text['admin']] = suxFunct::makeUrl('/blog/admin'); } $menu[$text['new']] = suxFunct::makeUrl('/blog/edit'); return $menu; }
/** * Override: build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('url', 'url', 'notEmpty', false, false, 'trim'); suxValidate::register_validator('url2', 'url', 'isURL'); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/user/login/openid'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); $this->r->title .= " | {$this->r->gtext['openid_login']}"; // Template $this->tpl->display('login_openid.tpl'); }
/** * Display RSS Feed */ function rss() { // Cache $cache_id = $this->profile['nickname'] . '|rss'; $this->tpl->caching = 1; if (!$this->tpl->isCached('rss.tpl', $cache_id)) { $fp = $this->log->get($this->minifeed_limit * 5, 0, $this->profile['users_id']); if ($fp) { $rss = new suxRSS(); $title = "{$this->r->title} | {$this->profile['nickname']}"; $url = suxFunct::makeUrl('/user/profile/' . $this->profile['nickname'], null, true); $rss->outputRSS($title, $url, null); foreach ($fp as $item) { $url2 = $url . '#' . strtotime($item['ts']); $rss->addOutputItem($item['ts'], $url2, $item['body_html']); } $this->tpl->assign('xml', $rss->saveXML()); } } // Template header('Content-type: text/xml; charset=utf-8'); $this->tpl->display('rss.tpl', $cache_id); }
/** * Get the stalkers * * @param int $users_id * @return string html */ function stalkers($users_id) { if (!filter_var($users_id, FILTER_VALIDATE_INT) || $users_id < 1) { return null; } // Cache static $html = null; if ($html != null) { return $html; } $html = ''; $soc = new suxSocialNetwork(); $rel = $soc->getStalkers($users_id); if (!$rel) { return $html; } $tpl = new suxTemplate('user'); $tpl->configLoad('my.conf', 'user'); $tw = $tpl->getConfigVars('thumbnailWidth'); $th = $tpl->getConfigVars('thumbnailHeight'); foreach ($rel as $val) { $u = $this->user->getByID($val['users_id'], true); if (!$u) { continue; } // Skip $url = suxFunct::makeUrl('/user/profile/' . $u['nickname']); if (empty($u['image'])) { $img = suxFunct::makeUrl('/') . "/media/{$this->partition}/assets/proletariat.gif"; } else { $u['image'] = rawurlencode($u['image']); $img = suxFunct::makeUrl('/') . "/data/user/{$u['image']}"; } $html .= "<a href='{$url}' class='stalker'>"; $html .= "<img src='{$img}' class='stalker' width='{$tw}' height='{$th}' alt='{$u['nickname']}' title = '{$u['nickname']}' />"; $html .= "</a>"; } return $html; }
function formSuccess() { suxFunct::redirect(suxFunct::getPreviousURL('cropper')); }
/** * The form was successfuly processed */ function formSuccess() { suxFunct::redirect(suxFunct::makeUrl("/{$this->module}/admin/")); }
/** * Process the form * * @param array $clean reference to validated $_POST */ function formProcess(&$clean) { // -------------------------------------------------------------------- // Clear user caches // -------------------------------------------------------------------- foreach ($this->caches as $module) { // clear all caches with "nickname" as the first cache_id group $tpl = new suxTemplate($module); $tpl->clearCache(null, "{$_SESSION['nickname']}"); } // -------------------------------------------------------------------- // Action // -------------------------------------------------------------------- switch ($clean['action']) { case 'addvec': $this->nb->addVectorWithUser($clean['vector'], $_SESSION['users_id']); unset($clean['vector']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addvec", 1); // Private break; case 'remvec': // Security check if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) { // Remove vector $this->nb->removeVector($clean['vector_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remvec id: {$clean['vector_id']}", 1); // Private } unset($clean['vector_id']); break; case 'addcat': // Security check if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) { $this->nb->addCategory($clean['category'], $clean['vector_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addcat", 1); // Private } unset($clean['category']); break; case 'remcat': // Security check if ($this->nb->isCategoryOwner($clean['category_id'], $_SESSION['users_id'])) { // Remove category $this->nb->removeCategory($clean['category_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remcat id: {$clean['category_id']}", 1); // Private } unset($clean['category_id']); break; case 'adddoc': // Security check if ($this->nb->isCategoryTrainer($clean['category_id'], $_SESSION['users_id'])) { $this->nb->trainDocument($clean['document'], $clean['category_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() adddoc", 1); // Private } unset($clean['document']); break; case 'remdoc': // Security check if ($this->nb->isDocumentOwner($clean['document_id'], $_SESSION['users_id'])) { // Remove document $this->nb->untrainDocument($clean['document_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remdoc id: {$clean['document_id']}", 1); // Private } unset($clean['document_id']); break; case 'sharevec': // Security check if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) { $clean['trainer'] = isset($clean['trainer']) && $clean['trainer'] ? true : false; $clean['owner'] = isset($clean['owner']) && $clean['owner'] ? true : false; $this->nb->shareVector($clean['users_id'], $clean['vector_id'], $clean['trainer'], $clean['owner']); $u = $this->user->getByID($clean['users_id']); // clear caches foreach ($this->caches as $module) { $tpl = new suxTemplate($module); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } // Log message $log = ''; $url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true); $log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> "; $log .= mb_strtolower($this->r->gtext['share_category']); $url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true); $log .= " <a href='{$url}'>{$u['nickname']}</a>"; // Log $this->log->write($_SESSION['users_id'], $log); $this->log->write($u['users_id'], $log); // Clear caches $tpl = new suxTemplate('user'); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } break; case 'unsharevec': foreach ($clean['unshare'] as $val) { foreach ($val as $vectors_id => $users_id) { $this->nb->unshareVector($users_id, $vectors_id); $u = $this->user->getByID($users_id); // Clear caches foreach ($this->caches as $module) { $tpl = new suxTemplate($module); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } // Log message $log = ''; $url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true); $log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> "; $log .= mb_strtolower($this->r->gtext['unshare_category']); $url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true); $log .= " <a href='{$url}'>{$u['nickname']}</a>"; // Log $this->log->write($_SESSION['users_id'], $log); $this->log->write($u['users_id'], $log); // Clear caches $tpl = new suxTemplate('user'); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } } break; } }
/** * Get thumbnail * * @param int $photoalbums_id * @return int */ function getThumbnail($photoalbums_id) { $image = null; $tmp = $this->photo->getThumbnail($photoalbums_id); if ($tmp) { $image = suxFunct::myHttpServer() . $GLOBALS['CONFIG']['URL'] . '/data/photos/' . rawurlencode($tmp['image']); } return $image; }
/** * Get the requested url * @return string url */ private function getReqUrl() { $path = $_SERVER['REQUEST_URI']; return suxFunct::myHttpServer() . $path; }
/** * Autogenerate cheap SQL SEARCH query, for a table with `title` * and `body_plaintext` columns * * @param string $table the name of a table to insert into * @param string $string search query * @param string $op SQL operator, AND/OR * @param string $key PDO dsn key * @return string|false SQL query */ static function prepareSearchQuery($table, $string, $where = '', $op = 'AND', $key = null) { $tokens = suxFunct::parseTokens($string); $op = mb_strtoupper($op); if ($op != 'AND') { $op = 'OR'; } // Enforce OR/AND $db = self::get($key); $q = "SELECT * FROM {$table} WHERE ( "; foreach ($tokens as $string) { //quote $string = $db->quote($string); // replace the first character $tmp = substr($string, 0, 1); $string = substr_replace($string, "{$tmp}%", 0, 1); // replace the last character $tmp = substr($string, -1, 1); $string = substr_replace($string, "%{$tmp}", -1, 1); // append to query $q .= "(title LIKE {$string} OR body_plaintext LIKE {$string}) {$op} "; } $q = rtrim($q, "{$op} "); // Remove trailing OR if (trim($where)) { $q .= "AND {$where} "; } // Append additional $where query $q .= ') '; return $q; }
/** * The form was successfuly processed */ function formSuccess() { // Template $this->r->text['back_url'] = suxFunct::getPreviousURL(); $this->r->title .= " | {$this->r->gtext['success']}"; $this->tpl->display('success.tpl'); }
/** * Display RSS Feed */ function rss() { // Cache $cache_id = 'rss'; $this->tpl->caching = 1; if (!$this->tpl->isCached('rss.tpl', $cache_id)) { $fp = $this->bm->get($this->pager->limit); if ($fp) { $rss = new suxRSS(); $title = "{$this->r->title} | {$this->r->gtext['bookmarks']}"; $url = suxFunct::makeUrl('/bookmarks', null, true); $rss->outputRSS($title, $url, null); foreach ($fp as $item) { $rss->addOutputItem($item['title'], $item['url'], $item['body_html']); } $this->tpl->assign('xml', $rss->saveXML()); } } // Template header('Content-type: text/xml; charset=utf-8'); $this->tpl->display('rss.tpl', $cache_id); }
/** * @param string $string the string to get the tokens from * @param bool $stopwords use stopwords? * @return array keys = tokens, values = count */ private function parseTokens($string, $stopwords = true) { return suxFunct::parseTokens($string, $stopwords, true); }
<?php require_once dirname(__FILE__) . '/../includes/suxFunct.php'; // Configuration // Cache dirs to delete $cache = array(); $cache[] = realpath(dirname(__FILE__) . '/../temporary/cache/'); $cache[] = realpath(dirname(__FILE__) . '/../temporary/rss_cache/'); $cache[] = realpath(dirname(__FILE__) . '/../temporary/templates_c/'); // Go! foreach ($cache as $dir) { suxFunct::obliterateDir($dir); }
// Set utf-8 header('Content-Type: text/html;charset=utf-8'); mb_internal_encoding('UTF-8'); mb_regex_encoding('UTF-8'); mb_language('uni'); // Avoid problems with arg_separator.output ini_set('arg_separator.output', '&'); // Set the default timezone date_default_timezone_set($GLOBALS['CONFIG']['TIMEZONE']); // Get rid of magic quotes if (get_magic_quotes_gpc() && !ini_get('magic_quotes_sybase')) { $in = array(&$_GET, &$_POST, &$_REQUEST, &$_COOKIE, &$_FILES); while (list($k, $v) = each($in)) { foreach ($v as $key => $val) { if (!is_array($val)) { $in[$k][$key] = stripslashes($val); continue; } $in[] =& $in[$k][$key]; } } unset($in); } // Include suxUser require_once $GLOBALS['CONFIG']['PATH'] . '/includes/suxUser.php'; // Validate user $_SESSION if (isset($_SESSION['users_id']) || isset($_SESSION['nickname'])) { $u = new suxUser(); $u->loginCheck(suxFunct::makeUrl('/home')); } unset($u);
/** * Listing * * @param int $feeds_id a feed id */ function listing($feeds_id = null) { // Check if the user has any subscriptions $subscriptions = array(); if (isset($_SESSION['users_id'])) { $subscriptions = $this->link->getLinks('link__rss_feeds__users', 'users', $_SESSION['users_id']); $this->tpl->assign('users_id', $_SESSION['users_id']); } // Assign stuff $this->r->text['form_url'] = suxFunct::makeUrl("/feeds/{$feeds_id}"); // Forum Url $cache_id = null; // Title if ($feeds_id) { $this->r->title .= " | {$this->r->gtext['feed']}"; $tmp = $this->rss->getFeedByID($feeds_id); if ($tmp) { $this->r->title .= " | {$tmp['title']}"; } } else { $this->r->title .= " | {$this->r->gtext['feeds']}"; } if (list($vec_id, $cat_id, $threshold, $start, $search) = $this->nb->isValidFilter()) { // --------------------------------------------------------------- // Filtered results // --------------------------------------------------------------- if ($feeds_id || !count($subscriptions)) { // Regular queries $max = $this->rss->countItems($feeds_id); $eval = '$this->rss->getItems($this->pager->limit, $start, ' . ($feeds_id ? $feeds_id : 'null') . ')'; } else { // User has subscriptions, we need special JOIN queries $max = $this->countUserItems($_SESSION['users_id']); $eval = '$this->getUserItems($_SESSION[\'users_id\'], $this->pager->limit, $start)'; } $this->r->arr['feeds'] = $this->filter($max, $vec_id, $cat_id, $threshold, $start, $eval, $search); // Important: $start is a reference if ($start < $max) { if ($threshold !== false) { $params = array('threshold' => $threshold, 'filter' => $cat_id); } else { $params = array('filter' => $cat_id); } $params['search'] = $search; $url = suxFunct::makeUrl("/feeds/{$feeds_id}", $params); $this->r->text['pager'] = $this->pager->continueURL($start, $url); } } else { // --------------------------------------------------------------- // Paged results, cached // --------------------------------------------------------------- // Get nickname if (isset($_SESSION['nickname'])) { $nn = $_SESSION['nickname']; } else { $nn = 'nobody'; } $this->pager->setStart(); // Start pager // "Cache Groups" using a vertical bar | $cache_id = "{$nn}|listing|{$feeds_id}|{$this->pager->start}"; $this->tpl->caching = 1; if (!$this->tpl->isCached('scroll.tpl', $cache_id)) { if ($feeds_id || !count($subscriptions)) { // Regular queries $this->pager->setPages($this->rss->countItems($feeds_id)); $this->r->arr['feeds'] = $this->rss->getItems($this->pager->limit, $this->pager->start, $feeds_id); } else { // User has subscriptions, we need special JOIN queries $this->pager->setPages($this->countUserItems($_SESSION['users_id'])); $this->r->arr['feeds'] = $this->getUserItems($_SESSION['users_id'], $this->pager->limit, $this->pager->start); } $this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/feeds/{$feeds_id}")); if (!count($this->r->arr['feeds'])) { $this->tpl->caching = 0; } // Nothing to cache, avoid writing to disk } } $this->tpl->display('scroll.tpl', $cache_id); }
/** * array_walk_recursive wrapper to sanitizeHtml() * * array_walk needs to be working with the actual values of the array, * so the parameter of funcname is specified as a reference (i.e. &) * * @param string &$value */ private function sanitizeByReference(&$value) { // Reverse htmlentities, we want usable html $value = html_entity_decode(stripslashes($value), ENT_QUOTES, 'UTF-8'); // Get rid of font tags before handing off to htmLawed, // see: http://www.bioinformatics.org/phplabware/forum/viewtopic.php?id=64 $value = preg_replace('/<font([^>]+)>/i', '', $value); $value = str_ireplace('</font>', '', $value); // Sanitize $value = suxFunct::sanitizeHtml($value, 0); }
/** * The form was successfuly processed */ function formSuccess() { $this->tpl->clearCache(null, $_SESSION['nickname']); // Clear cache suxFunct::redirect(suxFunct::makeUrl('/blog/bookmarks/' . $this->id)); // Pass this on to bookmarks for scanning }
// --------------------------------------------------------------------------- if (!isset($_SESSION['users_id'])) { exit; } if (!isset($_POST['id']) || !filter_var($_POST['id'], FILTER_VALIDATE_INT)) { exit; } if (!isset($_POST['description'])) { exit; } // --------------------------------------------------------------------------- // Secondary error checking // --------------------------------------------------------------------------- $log = new suxLog(); $photo = new suxPhoto(); $text = suxFunct::gtext('photos'); // Verify if user is allowed to edit this photo. if (!$photo->isPhotoOwner($_POST['id'], $_SESSION['users_id'])) { exit; } $clean = array('id' => $_POST['id'], 'description' => $_POST['description']); try { $photo->savePhoto($_SESSION['users_id'], $clean); $tmp = $photo->getPhotoByID($clean['id']); if ($tmp['description']) { echo $tmp['description']; } else { echo $text['clickme']; } $log->write($_SESSION['users_id'], "sux0r::photos::describe() photos_id: {$clean['id']}", 1); // Private
/** * Saves an album to the database * * @param int $users_id users_id * @param array $album required keys => (url, title, body) optional keys => (id, published_on, draft) * @param int $trusted passed on to sanitizeHtml() * @return int insert id */ function saveAlbum($users_id, array $album, $trusted = -1) { // ------------------------------------------------------------------- // Sanitize // ------------------------------------------------------------------- if (!filter_var($users_id, FILTER_VALIDATE_INT) || $users_id < 1) { throw new Exception('Invalid user id'); } if (!isset($album['title']) || !isset($album['body'])) { throw new Exception('Invalid $album array'); } // Album id if (isset($album['id'])) { if (!filter_var($album['id'], FILTER_VALIDATE_INT) || $album['id'] < 1) { throw new Exception('Invalid album id'); } else { $clean['id'] = $album['id']; } } // Users id $clean['users_id'] = $users_id; // No HTML in title $clean['title'] = strip_tags($album['title']); // Sanitize HTML in body $clean['body_html'] = suxFunct::sanitizeHtml($album['body'], $trusted); // Convert and copy body to UTF-8 plaintext $converter = new suxHtml2UTF8($clean['body_html']); $clean['body_plaintext'] = $converter->getText(); // Draft, boolean / tinyint $clean['draft'] = false; if (isset($album['draft']) && $album['draft']) { $clean['draft'] = true; } // Publish date if (isset($album['published_on'])) { // ISO 8601 date format // regex must match '2008-06-18 16:53:29' or '2008-06-18T16:53:29-04:00' $regex = '/^(\\d{4})-(0[0-9]|1[0,1,2])-([0,1,2][0-9]|3[0,1]).+(\\d{2}):(\\d{2}):(\\d{2})/'; if (!preg_match($regex, $album['published_on'])) { throw new Exception('Invalid date'); } $clean['published_on'] = $album['published_on']; } else { $clean['published_on'] = date('Y-m-d H:i:s'); } // We now have the $clean[] array // -------------------------------------------------------------------- // Go! // -------------------------------------------------------------------- // http://bugs.php.net/bug.php?id=44597 // As of 5.2.6 you still can't use this function's $input_parameters to // pass a boolean to PostgreSQL. To do that, you'll have to call // bindParam() with explicit types for *each* parameter in the query. // Annoying much? This sucks more than you can imagine. if (isset($clean['id'])) { // UPDATE unset($clean['users_id']); // Don't override the original submitter $query = suxDB::prepareUpdateQuery($this->db_albums, $clean); $st = $this->db->prepare($query); if ($this->db_driver == 'pgsql') { $st->bindParam(':id', $clean['id'], PDO::PARAM_INT); $st->bindParam(':title', $clean['title'], PDO::PARAM_STR); $st->bindParam(':body_html', $clean['body_html'], PDO::PARAM_STR); $st->bindParam(':body_plaintext', $clean['body_plaintext'], PDO::PARAM_STR); $st->bindParam(':draft', $clean['draft'], PDO::PARAM_BOOL); $st->bindParam(':published_on', $clean['published_on'], PDO::PARAM_STR); $st->execute(); } else { $st->execute($clean); } } else { // INSERT $query = suxDB::prepareInsertQuery($this->db_albums, $clean); $st = $this->db->prepare($query); if ($this->db_driver == 'pgsql') { $st->bindParam(':users_id', $clean['users_id'], PDO::PARAM_INT); $st->bindParam(':title', $clean['title'], PDO::PARAM_STR); $st->bindParam(':body_html', $clean['body_html'], PDO::PARAM_STR); $st->bindParam(':body_plaintext', $clean['body_plaintext'], PDO::PARAM_STR); $st->bindParam(':draft', $clean['draft'], PDO::PARAM_BOOL); $st->bindParam(':published_on', $clean['published_on'], PDO::PARAM_STR); $st->execute(); } else { $st->execute($clean); } if ($this->db_driver == 'pgsql') { $clean['id'] = $this->db->lastInsertId("{$this->db_albums}_id_seq"); } else { $clean['id'] = $this->db->lastInsertId(); } } return $clean['id']; }
<?php /* Navigation menu */ $gtext['navcontainer'] = array('Home' => suxFunct::makeUrl('/home'), 'Blog' => array(suxFunct::makeUrl('/blog'), suxFunct::getModuleMenu('blog')), 'Feeds' => array(suxFunct::makeUrl('/feeds'), suxFunct::getModuleMenu('feeds')), 'Bookmarks' => array(suxFunct::makeUrl('/bookmarks'), suxFunct::getModuleMenu('bookmarks')), 'Photos' => array(suxFunct::makeUrl('/photos'), suxFunct::getModuleMenu('photos')), 'Source Code' => 'http://sourceforge.net/projects/sux0r/'); /* Copyright */ $gtext['copyright'] = '<a href="http://sux0r.trotch.com/">sux0r</a> is copyleft © <a href="http://www.trotch.com/">Trotch.com</a> ' . date('Y') . ' and is distributed under the <a href="http://www.fsf.org/licensing/licenses/gpl-3.0.html">GNU General Public License</a>. Hosting by <a href="http://www.networkredux.com/">Network Redux</a>.'; $gtext['data_license'] = 'Unless otherwise specified, contents of this site are copyright by the contributors and available under the <br /> <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a>. Contributors should be attributed by full name or nickname.'; /* Now back our regular scheduled program */ $gtext['404_continue'] = 'Click here to continue'; $gtext['404_h1'] = 'Oops, Page Not Found (Error 404)'; $gtext['404_p1'] = 'For some reason (mis-typed URL, faulty referral from another site, out-of-date search engine listing or we simply deleted a file) the page you were after is not here.'; $gtext['admin'] = 'Administration'; $gtext['banned_continue'] = 'Click here to continue'; $gtext['banned_h1'] = 'Banned'; $gtext['banned_p1'] = 'You have been a bad person, a very very bad person.'; $gtext['continue'] = 'Continue'; $gtext['home'] = 'Home'; $gtext['login'] = '******'; $gtext['logout'] = 'Logout'; $gtext['register'] = 'Register'; $gtext['welcome'] = 'Welcome';
<?php // Ajax // Echo the content of a bayesian document if (isset($_POST['id']) && filter_var($_POST['id'], FILTER_VALIDATE_INT)) { require_once dirname(__FILE__) . '/../../config.php'; require_once dirname(__FILE__) . '/../../initialize.php'; $nb = new suxNaiveBayesian(); $doc = $nb->getDocument($_POST['id']); if ($doc) { $text = suxFunct::gtext('bayes'); $tmp = null; $link = new suxLink(); foreach ($link->getLinkTables('bayes_documents') as $table) { $links = $link->getLinks($table, 'bayes_documents', $_POST['id']); if ($links && count($links)) { $table = str_replace('link__', '', $table); $table = str_replace('bayes_documents', '', $table); $table = str_replace('__', '', $table); $tmp .= "[ {$text['to']} {$table}_id -> "; foreach ($links as $val) { $tmp .= " {$val},"; } $tmp = rtrim($tmp, ', '); $tmp .= ' ]'; } } echo '<em>bayes_document_id: ', $_POST['id'], '</em><br />'; if ($tmp) { echo "<em><strong>{$text['is_linked']}</strong></em> "; echo $tmp;