/**
* Publish an existing article
*
* @return bool
*/
private function publishArticle()
{
# Validate the user is logged in
if (!$this->isLoggedIn) {
return false;
}
# Sanitize and validate the POST variables
$postVars = $this->GUMP->sanitize($this->postVars);
# Filter and sanitize the POST variables
$this->GUMP->validation_rules(['type' => 'required|contains,post page']);
$this->GUMP->filter_rules(['id' => 'sanitize_numbers', 'title' => 'trim|sanitize_string', 'category' => 'trim|sanitize_string', 'tags' => 'trim|sanitize_string', 'type' => 'trim|sanitize_string', 'excerpt' => 'trim|sanitize_string', 'category' => 'trim|sanitize_string', 'thumbnail' => 'trim|sanitize_string']);
$validated_data = $this->GUMP->run($postVars);
if (!$validated_data) {
return false;
}
$validated_data['status'] = 'published';
if (isset($validated_data['id']) && (int) $validated_data['id'] > 0) {
$newArticle = false;
$validated_data['id'] = (int) $validated_data['id'];
} else {
$newArticle = true;
$validated_data['id'] = 0;
}
$validated_data['comments_enabled'] = \Kanso\Utility\Str::bool($validated_data['comments']);
$article = $newArticle ? \Kanso\Kanso::getInstance()->Bookkeeper->create() : \Kanso\Kanso::getInstance()->Bookkeeper->existing($validated_data['id']);
# Get the article content directly from the _POST global
# so it is not filtered in any way
if (isset($_POST['content'])) {
$validated_data['content'] = $_POST['content'];
}
foreach ($validated_data as $key => $value) {
$article->{$key} = $value;
}
# save the article
$save = $article->save();
if ($save) {
return ['id' => $article->id, 'slug' => $article->slug];
}
return false;
}
/**
* Filter and sanitize the configuration to unsure Kanso will run
*
* @return array
*/
private function filterConfig($throwError = false)
{
# Merge the config with the defaults
$config = array_merge($this->defaults, $this->tempConfig);
# Filter and sanitize the config
$config['host'] = filter_var($config['host'], FILTER_SANITIZE_STRING);
$config['user'] = filter_var($config['user'], FILTER_SANITIZE_STRING);
$config['password'] = filter_var($config['password'], FILTER_SANITIZE_STRING);
$config['dbname'] = filter_var($config['dbname'], FILTER_SANITIZE_STRING);
$config['table_prefix'] = filter_var($config['table_prefix'], FILTER_SANITIZE_STRING);
$config['KANSO_THEME_NAME'] = filter_var($config['KANSO_THEME_NAME'], FILTER_SANITIZE_STRING);
$config['KANSO_SITE_TITLE'] = filter_var($config['KANSO_SITE_TITLE'], FILTER_SANITIZE_STRING);
$config['KANSO_SITE_DESCRIPTION'] = filter_var($config['KANSO_SITE_DESCRIPTION'], FILTER_SANITIZE_STRING);
$config['KANSO_SITEMAP'] = filter_var($config['KANSO_SITEMAP'], FILTER_SANITIZE_STRING);
$config['KANSO_PERMALINKS'] = filter_var($config['KANSO_PERMALINKS'], FILTER_SANITIZE_STRING);
$config['KANSO_PERMALINKS_ROUTE'] = filter_var($config['KANSO_PERMALINKS_ROUTE'], FILTER_SANITIZE_STRING);
$config['KANSO_POSTS_PER_PAGE'] = (int) $config['KANSO_POSTS_PER_PAGE'];
$config['KANSO_ROUTE_TAGS'] = \Kanso\Utility\Str::bool($config['KANSO_ROUTE_TAGS']);
$config['KANSO_ROUTE_CATEGORIES'] = \Kanso\Utility\Str::bool($config['KANSO_ROUTE_CATEGORIES']);
$config['KANSO_ROUTE_AUTHORS'] = \Kanso\Utility\Str::bool($config['KANSO_ROUTE_AUTHORS']);
$config['KANSO_THUMBNAILS'] = $config['KANSO_THUMBNAILS'];
$config['KANSO_IMG_QUALITY'] = (int) $config['KANSO_IMG_QUALITY'];
$config['KANSO_USE_CDN'] = \Kanso\Utility\Str::bool($config['KANSO_USE_CDN']);
$config['KASNO_CDN_URL'] = filter_var($config['KASNO_CDN_URL'], FILTER_SANITIZE_STRING);
$config['KANSO_USE_CACHE'] = \Kanso\Utility\Str::bool($config['KANSO_USE_CACHE']);
$config['KANSO_CACHE_LIFE'] = filter_var($config['KANSO_CACHE_LIFE'], FILTER_SANITIZE_STRING);
$config['KANSO_COMMENTS_OPEN'] = \Kanso\Utility\Str::bool($config['KANSO_COMMENTS_OPEN']);
$config['KANSO_OWNER_USERNAME'] = filter_var($config['KANSO_OWNER_USERNAME'], FILTER_SANITIZE_STRING);
$config['KANSO_OWNER_EMAIL'] = filter_var($config['KANSO_OWNER_EMAIL'], FILTER_SANITIZE_STRING);
$config['KANSO_OWNER_PASSWORD'] = filter_var($config['KANSO_OWNER_PASSWORD'], FILTER_SANITIZE_STRING);
$config['KANSO_STATIC_PAGES'] = $config['KANSO_STATIC_PAGES'];
$config['KANSO_AUTHOR_SLUGS'] = $config['KANSO_AUTHOR_SLUGS'];
# Filter the sanitize the sitemap
if (strpos($config['KANSO_SITEMAP'], '.') === false) {
$config['KANSO_SITEMAP'] = $this->defaults['KANSO_SITEMAP'];
}
# Fiter and sanitize the permalinks
$permalinks = $this->createPermalinks($config['KANSO_PERMALINKS']);
if (empty($permalinks['KANSO_PERMALINKS']) || empty($permalinks['KANSO_PERMALINKS_ROUTE'])) {
$config['KANSO_PERMALINKS_ROUTE'] = $this->defaults['KANSO_PERMALINKS_ROUTE'];
$config['KANSO_PERMALINKS'] = $this->defaults['KANSO_PERMALINKS'];
}
# Fiter and sanitize the posts per page
if ($config['KANSO_POSTS_PER_PAGE'] <= 0) {
$config['KANSO_POSTS_PER_PAGE'] = $this->defaults['KANSO_POSTS_PER_PAGE'];
}
# Fiter and sanitize the thumbnail sizes
if (!is_array($config['KANSO_THUMBNAILS'])) {
$config['KANSO_THUMBNAILS'] = array_map('trim', explode(',', (string) $config['KANSO_THUMBNAILS']));
}
foreach ($config['KANSO_THUMBNAILS'] as $i => $thumbs) {
if (is_integer($thumbs) || is_array($thumbs)) {
continue;
}
$thumbs = array_map('trim', explode(' ', $thumbs));
if (count($thumbs) === 2) {
$config['KANSO_THUMBNAILS'][$i] = [intval($thumbs[0]), intval($thumbs[1])];
} else {
$config['KANSO_THUMBNAILS'][$i] = intval($thumbs[0]);
}
}
# Fiter and sanitize the image quality
if ($config['KANSO_IMG_QUALITY'] <= 0 || $config['KANSO_IMG_QUALITY'] > 100) {
$config['KANSO_IMG_QUALITY'] = $this->defaults['KANSO_IMG_QUALITY'];
}
# Filter and sanitize the CDN options
if ($config['KANSO_USE_CDN'] === true && !filter_var($config['KASNO_CDN_URL'], FILTER_VALIDATE_URL)) {
$config['KANSO_USE_CDN'] = false;
$config['KASNO_CDN_URL'] = '';
}
# Filter and sanitize the cahce options
if ($config['KANSO_USE_CACHE'] === true) {
$validCacheLife = $this->validateCacheLife($config['KANSO_CACHE_LIFE']);
if (!$validateCacheLife) {
$config['KANSO_USE_CACHE'] = false;
$config['KANSO_CACHE_LIFE'] = '';
} else {
$config['KANSO_CACHE_LIFE'] = $validCacheLife;
}
}
# Filter and sanitize the static pages
if (!is_array($config['KANSO_STATIC_PAGES'])) {
$config['KANSO_STATIC_PAGES'] = [];
}
# Filter and sanitize author pages pages
if (!is_array($config['KANSO_AUTHOR_SLUGS'])) {
$config['KANSO_AUTHOR_SLUGS'] = [];
}
# Filter and santize the password
if (empty($config['KANSO_OWNER_PASSWORD'])) {
$config['KANSO_OWNER_PASSWORD'] = $this->defaults['KANSO_OWNER_PASSWORD'];
}
# Filter and santize the email
if (empty($config['KANSO_OWNER_EMAIL'])) {
$config['KANSO_OWNER_EMAIL'] = $this->defaults['KANSO_OWNER_EMAIL'];
}
# Filter and santize the username
if (empty($config['KANSO_OWNER_USERNAME'])) {
$config['KANSO_OWNER_USERNAME'] = $this->defaults['KANSO_OWNER_USERNAME'];
}
# Filter and sanitize the table prefix
if (empty($config['table_prefix'])) {
$config['table_prefix'] = $this->defaults['table_prefix'];
}
$config['table_prefix'] = preg_replace('/[^a-z_-]+/', '_', strtolower($config['table_prefix']));
# Return the config
return $config;
}
