function show_error($code, $message, $file = null, $line = null)
{
$vars = array('error_code' => $code, 'error_name' => get_http_error($code), 'error_message' => $message);
$file = BASEPATH . "modules/errors/error.php";
if (file_exists($file)) {
ob_start();
extract($vars);
include $file;
$message = ob_get_contents();
ob_end_clean();
add_errors($message, 'fatal');
}
}
function db_start()
{
$config = get_config('database');
$retval = false;
$db = @mysqli_connect($config->host, $config->user, $config->pass, $config->name);
if (mysqli_connect_errno()) {
add_errors(mysqli_connect_error());
} else {
if (!mysqli_set_charset($db, 'utf8')) {
add_errors(mysqli_error($db));
} else {
set_var('db', $db);
$retval = true;
}
}
return $retval;
}
public function _form($id = null)
{
$this->load->library('form_builder');
$this->js_controller_params['method'] = 'add_edit';
// create fields... start with the table info and go from there
$values = array('id' => $id);
$fields = $this->fuel_users_model->form_fields($values);
// remove permissions
unset($fields['permissions']);
// get saved data
$saved = array();
if (!empty($id)) {
$saved = $this->fuel_users_model->user_info($id);
}
// remove active from field list to prevent them from updating it
unset($fields['active'], $fields['Permissions']);
if (!empty($_POST)) {
$field_values = $this->fuel_users_model->clean();
} else {
$field_values = $saved;
}
$this->form_builder->form->validator =& $this->fuel_users_model->get_validation();
$this->form_builder->submit_value = lang('btn_save');
$this->form_builder->use_form_tag = false;
$this->form_builder->set_fields($fields);
$this->form_builder->display_errors = false;
$this->form_builder->set_field_values($field_values);
$vars['form'] = $this->form_builder->render();
// other variables
$vars['id'] = $id;
$vars['data'] = $saved;
// active or publish fields
$errors = $this->fuel_users_model->get_errors();
if (!empty($errors)) {
add_errors($errors);
}
$this->fuel->admin->set_titlebar_icon('ico_users');
$crumbs = lang('section_my_profile');
$this->fuel->admin->set_titlebar($crumbs);
$this->fuel->admin->render('my_profile', $vars, '', FUEL_FOLDER);
}
function _process_comment($post)
{
if (!is_true_val($this->fuel_blog->settings('allow_comments'))) {
return;
}
$notified = FALSE;
// check captcha
if (!$this->_is_valid_captcha()) {
add_error(lang('blog_error_captcha_mismatch'));
}
// check that the site is submitted via the websit
if (!$this->_is_site_submitted()) {
add_error(lang('blog_error_comment_site_submit'));
}
// check consecutive posts
if (!$this->_is_not_consecutive_post()) {
add_error(lang('blog_error_consecutive_comments'));
}
$this->load->module_model(FUEL_FOLDER, 'users_model');
$user = $this->users_model->find_one(array('email' => $this->input->post('author_email', TRUE)));
// create comment
$this->load->module_model(BLOG_FOLDER, 'blog_comments_model');
$comment = $this->blog_comments_model->create();
$comment->post_id = $post->id;
$comment->author_id = !empty($user->id) ? $user->id : NULL;
$comment->author_name = $this->input->post('author_name', TRUE);
$comment->author_email = $this->input->post('author_email', TRUE);
$comment->author_website = $this->input->post('author_website', TRUE);
$comment->author_ip = $_SERVER['REMOTE_ADDR'];
$comment->content = trim($this->input->post('new_comment', TRUE));
$comment->date_added = NULL;
// will automatically be added
//http://googleblog.blogspot.com/2005/01/preventing-comment-spam.html
//http://en.wikipedia.org/wiki/Spam_in_blogs
// check double posts by IP address
if ($comment->is_duplicate()) {
add_error(lang('blog_error_comment_already_submitted'));
}
// if no errors from above then proceed to submit
if (!has_errors()) {
// submit to akisment for validity
$comment = $this->_process_akismet($comment);
// process links and add no follow attribute
$comment = $this->_filter_comment($comment);
// set published status
if (is_true_val($comment->is_spam) or $this->fuel_blog->settings('monitor_comments')) {
$comment->published = 'no';
}
// save comment if saveable and redirect
if (!is_true_val($comment->is_spam) or is_true_val($comment->is_spam) and $this->fuel_blog->settings('save_spam')) {
if ($comment->save()) {
$notified = $this->_notify($comment, $post);
$this->load->library('session');
$vars['post'] = $post;
$vars['comment'] = $comment;
$this->session->set_flashdata('thanks', TRUE);
$this->session->set_userdata('last_comment_ip', $_SERVER['REMOTE_ADDR']);
$this->session->set_userdata('last_comment_time', time());
redirect($post->url);
} else {
add_errors($comment->errors());
}
} else {
add_error(lang('blog_comment_is_spam'));
}
}
return $notified;
}
public function _process_page_vars($id, $posted, $fields, $layout)
{
//$vars = $this->input->post('vars');
$vars = array();
$vars['page_id'] = $id;
// process post vars... can't use an array because of file upload complications'
foreach ($posted as $key => $val) {
if (strncmp('vars--', $key, 6) === 0) {
$new_key = end(explode('--', $key));
$vars[$new_key] = $val;
}
}
$this->form_builder->load_custom_fields(APPPATH . 'config/custom_fields.php');
$this->form_builder->set_fields($fields);
$this->form_builder->set_field_values($vars);
$vars = $this->form_builder->post_process_field_values($vars);
// manipulates the $_POST values directly
// run layout variable processing
$vars = $layout->process_saved_values($vars);
// validate before deleting
if (!$layout->validate($vars)) {
add_errors($layout->errors());
return FALSE;
}
return $vars;
}
function edit($id = null)
{
if (empty($id) or !$this->fuel_auth->module_has_action('save')) {
show_404();
}
if ($this->input->post($this->model->key_field())) {
$this->model->on_before_post();
$posted = $this->_process();
if ($this->model->save($posted)) {
// process $_FILES
if (!$this->_process_uploads($posted)) {
$this->session->set_flashdata('error', get_error());
redirect(fuel_uri($this->module_uri . '/edit/' . $id));
}
$this->model->on_after_post($posted);
if (!$this->model->is_valid()) {
add_errors($this->model->get_errors());
} else {
// archive data
if ($this->archivable) {
$this->model->archive($id, $this->model->cleaned_data());
}
$data = $this->model->find_one_array(array($this->model->table_name() . '.' . $this->model->key_field() => $id));
$msg = lang('module_edited', $this->module_name, $data[$this->display_field]);
$this->logs_model->logit($msg);
$this->session->set_flashdata('success', $this->lang->line('data_saved'));
$this->_clear_cache();
redirect(fuel_uri($this->module_uri . '/edit/' . $id));
}
}
}
$vars = $this->_form($id);
$this->_render($this->views['create_edit'], $vars);
}
public function create($dir = NULL, $inline = FALSE)
{
$id = NULL;
if (!empty($dir)) {
$dir = uri_safe_decode($dir);
}
if ($inline !== FALSE) {
$this->fuel->admin->set_inline(TRUE);
}
$inline = $this->fuel->admin->is_inline();
if (!empty($_POST)) {
if (!empty($_FILES['userfile']) and $_FILES['userfile']['error'] != 4 or !empty($_FILES['userfile___0']) and $_FILES['userfile___0']['error'] != 4) {
$this->model->on_before_post();
if ($this->input->post('asset_folder')) {
$dir = $this->input->get_post('asset_folder', TRUE);
if (!in_array($dir, array_keys($this->fuel->assets->dirs()))) {
show_404();
}
}
$subfolder = $this->config->item('assets_allow_subfolder_creation', 'fuel') ? str_replace('..' . DIRECTORY_SEPARATOR, '', $this->input->get_post('subfolder', TRUE)) : '';
// remove any going down the folder structure for protections
$upload_path = $this->config->item('assets_server_path') . $this->fuel->assets->dir($dir) . DIRECTORY_SEPARATOR . $subfolder;
//assets_server_path is in assets config
$posted['upload_path'] = $upload_path;
$posted['overwrite'] = $this->input->get_post('overwrite') ? TRUE : FALSE;
$posted['create_thumb'] = $this->input->get_post('create_thumb') ? TRUE : FALSE;
$posted['resize_method'] = $this->input->get_post('resize_method') ? $this->input->get_post('resize_method', TRUE) : 'maintain_ratio';
$posted['resize_and_crop'] = $this->input->get_post('resize_and_crop', TRUE);
$posted['width'] = $this->input->get_post('width', TRUE);
$posted['height'] = $this->input->get_post('height', TRUE);
$posted['master_dim'] = $this->input->get_post('master_dim', TRUE);
$posted['file_name'] = $this->input->get_post('userfile_file_name', TRUE);
$posted['unzip'] = $this->input->get_post('unzip') ? TRUE : FALSE;
$posted['remove_subfolder'] = $this->input->get_post('remove_subfolder', TRUE);
$redirect_to = uri_safe_decode($this->input->get_post('redirect_to'));
$id = $posted['file_name'];
// run before_create hook
$this->_run_hook('before_create', $posted);
// run before_save hook
$this->_run_hook('before_save', $posted);
if ($this->fuel->assets->upload($posted)) {
foreach ($_FILES as $filename => $fileinfo) {
$msg = lang('module_edited', $this->module_name, $fileinfo['name']);
$this->fuel->logs->write($msg);
}
// explicitly set the flash values to save cookie space
$flashdata['asset_folder'] = $this->input->post('asset_folder', TRUE);
$flashdata['userfile_file_name'] = $this->input->post('userfile_file_name', TRUE);
$flashdata['subfolder'] = $this->input->post('subfolder', TRUE);
$flashdata['overwrite'] = $this->input->post('overwrite', TRUE);
$flashdata['resize_method'] = $this->input->post('resize_method', TRUE);
$flashdata['width'] = $this->input->post('width', TRUE);
$flashdata['height'] = $this->input->post('height', TRUE);
$flashdata['resize_method'] = $this->input->post('resize_method', TRUE);
$flashdata['master_dim'] = $this->input->post('master_dim', TRUE);
$flashdata['resize_method'] = $this->input->post('resize_method', TRUE);
$uploaded_data = $this->fuel->assets->uploaded_data();
$first_file = current($uploaded_data);
$uploaded_file_name_arr = array();
$uploaded_file_webpath_arr = array();
foreach ($uploaded_data as $ud) {
$uploaded_path = assets_server_path() . $dir;
if (is_true_val($posted['remove_subfolder'])) {
$uploaded_path = $uploaded_path . '/' . $subfolder;
}
$uploaded_file_name_arr[] = trim(str_replace($uploaded_path, '', $ud['full_path']), '/');
$uploaded_file_webpath_arr[] = assets_server_to_web_path($ud['full_path']);
}
// set the uploaded file name to a concatenated string separated by commas
$uploaded_file_name = implode(', ', $uploaded_file_name_arr);
$flashdata['uploaded_file_name'] = $uploaded_file_name;
$flashdata['uploaded_file_webpath'] = $uploaded_file_webpath_arr;
$this->session->set_flashdata('uploaded_post', $flashdata);
$this->fuel->admin->set_notification(lang('data_saved'), Fuel_admin::NOTIFICATION_SUCCESS);
$this->model->on_after_post($posted);
$inline = $this->fuel->admin->is_inline();
$query_str = query_str(array(), TRUE);
if (!empty($redirect_to)) {
$url = $redirect_to;
} else {
if ($inline === TRUE) {
$url = fuel_uri($this->module . '/inline_create/' . uri_safe_encode($dir) . $query_str, FALSE);
} else {
$url = fuel_uri($this->module . '/create/' . uri_safe_encode($dir) . $query_str, FALSE);
}
}
redirect($url);
} else {
add_errors($this->fuel->assets->errors());
}
} else {
add_errors(lang('error_upload'));
}
}
$form_vars = $this->input->get(NULL, TRUE);
if (!empty($dir)) {
$form_vars['asset_folder'] = $dir;
}
$form_vars['asset_folder'] = !empty($form_vars['asset_folder']) ? trim($form_vars['asset_folder'], '/') : '';
$vars = $this->_form($form_vars, $inline);
$vars['related_items'] = $this->model->related_items($vars);
$list_view = $inline ? $this->module_uri . '/inline_items/' : $this->module_uri;
$crumbs = array($list_view => $this->module_name, lang('assets_upload_action'));
$this->fuel->admin->set_titlebar($crumbs);
$this->fuel->admin->set_inline($inline === TRUE);
if ($inline === TRUE) {
$this->fuel->admin->set_display_mode(Fuel_admin::DISPLAY_COMPACT_TITLEBAR);
} else {
$vars['actions'] = $this->load->module_view(FUEL_FOLDER, '_blocks/module_create_edit_actions', $vars, TRUE);
}
$this->fuel->admin->render($this->views['create_edit'], $vars, '', FUEL_FOLDER);
return $id;
}
<?php
if (!empty($error)) {
add_errors($error);
echo display_errors('error ico_error');
} elseif ($this->session->flashdata('error') and $this->session->flashdata('error') !== TRUE and $this->session->flashdata('success') !== '1') {
add_errors($this->session->flashdata('error'));
echo display_errors('error ico_error');
} elseif ($this->session->flashdata('success') and $this->session->flashdata('success') !== TRUE and $this->session->flashdata('success') !== '1') {
?>
<div class="success ico_success"><?php
echo $this->session->flashdata('success');
?>
</div>
<?php
} else {
?>
<?php
echo display_errors('error ico_error');
}
/**
* Processes the form data to save
*
* @access protected
* @param int The ID value of the record to edit
* @return boolean
*/
protected function _process_edit($id)
{
$this->model->on_before_post($this->input->post());
$posted = $this->_process();
// run before_edit hook
$this->_run_hook('before_edit', $posted);
// run before_save hook
$this->_run_hook('before_save', $posted);
if ($this->model->save($posted)) {
// process $_FILES...
if (!$this->_process_uploads($posted)) {
return FALSE;
}
$this->model->on_after_post($posted);
if (!$this->model->is_valid()) {
add_errors($this->model->get_errors());
} else {
// archive data
$archive_data = $this->model->cleaned_data();
if ($this->archivable) {
$this->model->archive($id, $archive_data);
}
$data = $this->model->find_one_array(array($this->model->table_name() . '.' . $this->model->key_field() => $id));
// run after_edit hook
$this->_run_hook('after_edit', $data);
// run after_save hook
$this->_run_hook('after_save', $data);
$msg = lang('module_edited', $this->module_name, $data[$this->display_field]);
$this->fuel->logs->write($msg);
$this->_clear_cache();
return TRUE;
}
}
return FALSE;
}
public function _save_page_vars($id, $posted)
{
//$vars = $this->input->post('vars');
$vars = array();
// process post vars... can't use an array because of file upload complications'
foreach ($posted as $key => $val) {
if (strncmp('vars--', $key, 6) === 0) {
$new_key = end(explode('--', $key));
$vars[$new_key] = $val;
}
}
if (!empty($vars) && is_array($vars)) {
// run any form field post processing hooks
$layout = $this->fuel->layouts->get($this->input->post('layout', TRUE));
$fields = $layout->fields();
// add in block fields
foreach ($fields as $key => $val) {
if (isset($val['type']) and $val['type'] == 'block' and isset($posted[$key]['block_name'])) {
$block_layout = $this->fuel->layouts->get($posted[$key]['block_name'], 'block');
if ($block_layout) {
$block_fields = $block_layout->fields();
$fields = array_merge($fields, $block_fields);
}
}
}
$this->form_builder->load_custom_fields(APPPATH . 'config/custom_fields.php');
$this->form_builder->set_fields($fields);
$this->form_builder->set_field_values($vars);
$vars = $this->form_builder->post_process_field_values($vars);
// manipulates the $_POST values directly
$save = array();
$lang = $this->input->post('language', TRUE);
// clear out all other variables
$delete = array('page_id' => $id);
if ($this->input->post('language')) {
$delete['language'] = $this->input->post('language', TRUE);
}
$this->fuel_pagevariables_model->delete($delete);
$pagevariable_table = $this->db->table_info($this->fuel_pagevariables_model->table_name());
$var_types = $pagevariable_table['type']['options'];
$page_variables_archive = array();
// field types that shouldn't be saved
$non_recordable_fields = array('section', 'copy', 'fieldset');
foreach ($fields as $key => $val) {
if (!isset($val['type'])) {
$val['type'] = 'string';
}
if (!in_array($val['type'], $non_recordable_fields)) {
$value = !empty($vars[$key]) ? $vars[$key] : NULL;
if (is_array($value) or $val['type'] == 'array' or $val['type'] == 'multi') {
//$value = array_map('zap_gremlins', $value);
//$value = serialize($value);
$val['type'] = 'array';
// force the type to be an array
}
if (!in_array($val['type'], $var_types)) {
$val['type'] = 'string';
}
$save = array('page_id' => $id, 'name' => $key, 'value' => $value, 'type' => $val['type']);
$where = array('page_id' => $id, 'name' => $key, 'language' => $lang);
if ($lang) {
$save['language'] = $lang;
$where['language'] = $lang;
}
$where = !empty($id) ? $where : array();
if (!$layout->validate($vars)) {
add_errors($layout->errors());
return FALSE;
}
if (!$this->fuel_pagevariables_model->save($save, $where)) {
add_error(lang('error_saving'));
return FALSE;
}
}
}
$page_variables_archive = $this->fuel_pagevariables_model->find_all_array(array('page_id' => $id));
// archive
$archive = $this->model->cleaned_data();
$archive[$this->model->key_field()] = $id;
$archive['variables'] = $page_variables_archive;
$this->model->archive($id, $archive);
// save to navigation if config allows it
if ($this->input->post('navigation_label')) {
$this->fuel->load_model('fuel_navigation');
$save = array();
$save['label'] = $this->input->post('navigation_label', TRUE);
$save['location'] = $this->input->post('location', TRUE);
$save['group_id'] = $this->fuel->config('auto_page_navigation_group_id');
$save['parent_id'] = 0;
$save['published'] = $this->input->post('published', TRUE);
if (!$this->fuel->auth->has_permission($this->permission, 'publish')) {
$save['published'] = 'no';
}
// reset $where and create where clause to try and find an existing navigation item
$where = array();
$where['location'] = $save['location'];
$where['group_id'] = $save['group_id'];
$where['parent_id'] = $save['parent_id'];
$does_it_exist_already = $this->fuel_navigation_model->record_exists($where);
if (!$does_it_exist_already) {
// determine parent based off of location
$location_arr = explode('/', $this->input->post('location', TRUE));
$parent_location = implode('/', array_slice($location_arr, 0, count($location_arr) - 1));
if (!empty($parent_location)) {
$parent = $this->fuel_navigation_model->find_by_location($parent_location);
}
if (!empty($parent)) {
$save['parent_id'] = $parent['id'];
}
$this->fuel_navigation_model->add_validation('parent_id', array(&$this->fuel_navigation_model, 'no_location_and_parent_match'), lang('error_location_parents_match'), '{location}');
$this->fuel_navigation_model->save($save, array('location' => $this->input->post('location', TRUE), 'group_id' => $save['group_id']));
}
}
}
$this->fuel->admin->set_notification(lang('data_saved'), Fuel_admin::NOTIFICATION_SUCCESS);
// reset cache for that page only
if ($this->input->post('location')) {
$this->fuel->cache->clear_page($this->input->post('location', TRUE));
}
return TRUE;
}