foreach ($logger->queries as $query) {
// Skip "PRAGMA .." queries by SQLITE.
if (strpos($query['sql'], "PRAGMA ") === 0) {
continue;
}
$queries[] = array('query' => $query['sql'], 'params' => $query['params'], 'types' => $query['types'], 'duration' => sprintf("%0.2f", $query['executionMS']));
$querycount++;
$querytime += $query['executionMS'];
}
$twig = $app['twig.loader'];
$templates = hackislyParseRegexTemplates($twig);
$route = $request->get('_route');
$route_params = $request->get('_route_params');
$log = $app['log']->getMemorylog();
// echo "<pre>\n" . util::var_dump($log, true) . "</pre>\n";
$servervars = array('cookies <small>($_COOKIES)</small>' => $request->cookies->all(), 'headers' => makeValuepairs($request->headers->all(), '', '0'), 'query <small>($_GET)</small>' => $request->query->all(), 'request <small>($_POST)</small>' => $request->request->all(), 'session <small>($_SESSION)</small>' => $request->getSession()->all(), 'server <small>($_SERVER)</small>' => $request->server->all(), 'response' => makeValuepairs($response->headers->all(), '', '0'), 'statuscode' => $response->getStatusCode());
echo $app['twig']->render('debugbar.twig', array('timetaken' => timeTaken(), 'memtaken' => getMem(), 'memtaken' => getMaxMem(), 'querycount' => $querycount, 'querytime' => sprintf("%0.2f", $querytime), 'queries' => $queries, 'servervars' => $servervars, 'templates' => $templates, 'log' => $log, 'route' => "/" . $route, 'route_params' => $route_params, 'editlink' => $app['editlink'], 'paths' => getPaths($app['config'])));
});
}
$app->after(function (Request $request, Response $response) use($app) {
$end = !empty($app['end']) ? $app['end'] : false;
if ($end == "frontend") {
$html = $response->getContent();
// Insert our 'generator' after the last <meta ..> tag.
$app['extensions']->insertSnippet('aftermeta', '<meta name="generator" content="Bolt">');
$html = $app['extensions']->processSnippetQueue($html);
$response->setContent($html);
}
});
/**
* Error page.
public function useredit($id, \Bolt\Application $app, Request $request)
{
// Get the user we want to edit (if any)
if (!empty($id)) {
$user = $app['users']->getUser($id);
$title = "<strong>" . __('Edit user') . "</strong> » " . htmlencode($user['displayname']);
} else {
$user = $app['users']->getEmptyUser();
$title = "<strong>" . __('Create a new user') . "</strong>";
}
$enabledoptions = array(1 => __('yes'), 0 => __('no'));
$contenttypes = makeValuepairs($app['config']->get('contenttypes'), 'slug', 'name');
$allRoles = $app['permissions']->getDefinedRoles($app);
$roles = array();
$userRoles = isset($user['roles']) ? $user['roles'] : array();
foreach ($allRoles as $roleName => $role) {
$roles[$roleName] = $role['label'];
}
// If we're creating the first user, we should make sure that we can only create
// a user that's allowed to log on.
if (!$app['users']->getUsers()) {
$firstuser = true;
$title = __('Create the first user');
// If we get here, chances are we don't have the tables set up, yet.
$app['integritychecker']->repairTables();
// Grant 'root' to first user by default
$user['roles'] = array(Permissions::ROLE_ROOT);
} else {
$firstuser = false;
}
// Start building the form..
$form = $app['form.factory']->createBuilder('form', $user)->add('id', 'hidden')->add('username', 'text', array('constraints' => array(new Assert\NotBlank(), new Assert\Length(array('min' => 2, 'max' => 32))), 'label' => __('Username')))->add('password', 'password', array('required' => false, 'label' => __('Password')))->add('password_confirmation', 'password', array('required' => false, 'label' => __("Password (confirmation)")))->add('email', 'text', array('constraints' => new Assert\Email(), 'label' => __('Email')))->add('displayname', 'text', array('constraints' => array(new Assert\NotBlank(), new Assert\Length(array('min' => 2, 'max' => 32))), 'label' => __('Display name')));
// If we're adding the first user, add them as 'developer' by default, so don't
// show them here..
if (!$firstuser) {
$form->add('enabled', 'choice', array('choices' => $enabledoptions, 'expanded' => false, 'constraints' => new Assert\Choice(array_keys($enabledoptions)), 'label' => __("User is enabled")))->add('roles', 'choice', array('choices' => $roles, 'expanded' => true, 'multiple' => true, 'label' => __("Assigned roles")));
}
// If we're adding a new user, these fields will be hidden.
if (!empty($id)) {
$form->add('lastseen', 'text', array('disabled' => true, 'label' => __('Last seen')))->add('lastip', 'text', array('disabled' => true, 'label' => __('Last IP')));
}
// Make sure the passwords are identical and some other check, with a custom validator..
$form->addEventListener(FormEvents::POST_SUBMIT, function (FormEvent $event) use($app) {
$form = $event->getForm();
$id = $form['id']->getData();
$pass1 = $form['password']->getData();
$pass2 = $form['password_confirmation']->getData();
// If adding a new user (empty $id) or if the password is not empty (indicating we want to change it),
// then make sure it's at least 6 characters long.
if ((empty($id) || !empty($pass1)) && strlen($pass1) < 6) {
// screw it. Let's just not translate this message for now. Damn you, stupid non-cooperative translation thingy.
//$error = new FormError("This value is too short. It should have {{ limit }} characters or more.", array('{{ limit }}' => 6), 2);
$error = new FormError(__("This value is too short. It should have 6 characters or more."));
$form['password']->addError($error);
}
// Passwords must be identical..
if ($pass1 != $pass2) {
$form['password_confirmation']->addError(new FormError(__('Passwords must match.')));
}
// Usernames must be unique..
if (!$app['users']->checkAvailability('username', $form['username']->getData(), $id)) {
$form['username']->addError(new FormError(__('This username is already in use. Choose another username.')));
}
// Email addresses must be unique..
if (!$app['users']->checkAvailability('email', $form['email']->getData(), $id)) {
$form['email']->addError(new FormError(__('This email address is already in use. Choose another email address.')));
}
// Displaynames must be unique..
if (!$app['users']->checkAvailability('displayname', $form['displayname']->getData(), $id)) {
$form['displayname']->addError(new FormError(__('This displayname is already in use. Choose another displayname.')));
}
});
/**
* @var \Symfony\Component\Form\Form $form
*/
$form = $form->getForm();
// Check if the form was POST-ed, and valid. If so, store the user.
if ($request->getMethod() == "POST") {
//$form->bindRequest($request);
$form->submit($app['request']->get($form->getName()));
if ($form->isValid()) {
$user = $form->getData();
if ($firstuser) {
$user['roles'] = array(Permissions::ROLE_ROOT);
}
$res = $app['users']->saveUser($user);
if ($user['id']) {
$app['log']->add(__("Updated user '%s'.", array('%s' => $user['displayname'])), 3, '', 'user');
} else {
$app['log']->add(__("Added user '%s'.", array('%s' => $user['displayname'])), 3, '', 'user');
}
if ($res) {
$app['session']->getFlashBag()->set('success', __('User %s has been saved.', array('%s' => $user['displayname'])));
} else {
$app['session']->getFlashBag()->set('error', __('User %s could not be saved, or nothing was changed.', array('%s' => $user['displayname'])));
}
if ($firstuser) {
// To the dashboard, where 'login' will be triggered..
return redirect('dashboard');
} else {
return redirect('users');
}
}
}
return $app['render']->render('edituser.twig', array('form' => $form->createView(), 'title' => $title));
}
/**
* Creates a feed of entries.
*
* @param string $feed_template
* @param array $entries
* @return string
*/
function _renderFeedEntries($feed_template, $entries)
{
global $PIVOTX;
// Getting category display names
$categories = $PIVOTX['categories']->getCategories();
$categories = makeValuepairs($categories, 'name', 'display');
// Loop through the entries..
foreach ($entries as $entry) {
// Get the full entry..
$entry = $PIVOTX['db']->read_entry($entry['code']);
$link = makeFileURL($entry['uid'], "", "");
$title = trim(unentify($entry['title']));
$subtitle = trim(unentify($entry['subtitle']));
// parse fields and remove scripting from the feed. Script in feed is bad..
$introduction = parse_intro_or_body($entry['introduction'], false, $entry['convert_lb']);
$introduction = $this->_cleanFeedText($introduction);
$body = parse_intro_or_body($entry['body'], false, $entry['convert_lb']);
$body = $this->_cleanFeedText($body);
$year = formatDate($entry['date'], "%year%");
$tag = safeString($PIVOTX['config']->get('sitename'), TRUE) . "," . $year . ":" . safeString($PIVOTX['weblogs']->get('', 'name'), TRUE) . "." . $entry['uid'];
$tag = str_replace("_", "", strtolower($tag));
$date = formatDate($entry['date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . $this->_rssOffset();
$date_rfc = formatDate($entry['date'], "%english_dname%, %day% %english_monname% %year% %hour24%:%minute%:00 ") . $this->_rssOffset("rfc822");
if ($PIVOTX['db']->entry['edit_date'] != "") {
$edit_date = formatDate($entry['edit_date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . $this->_rssOffset();
} else {
// if the entry was never edited, use the entrydate
$edit_date = $date;
}
$summary = unentify(strip_tags($introduction));
$summary = trim(str_replace("&", "&", str_replace(" ", " ", $summary)));
// Set content (Atom 1.0) and description (RSS 2.0) according to completeness settings
if ($PIVOTX['weblogs']->get('', 'rss_full') == 0) {
// don't put anything in the content.
$content = "";
$description = trim($introduction);
if (strlen($body) > 5) {
$description .= makeMoreLink($entry, '', array('html' => true));
$summary .= ' ...';
}
} else {
// put the introduction and body in the content..
$content = trim(str_replace(" ", " ", $introduction . $body));
$description = trim($introduction . $body);
}
// Handling viatitle special to avoid validation errors
if (!empty($entry['viatitle'])) {
$viatitle = 'title="' . addslashes($entry['viatitle']) . '"';
} else {
$viatitle = "";
}
// Getting user information..
$user = $PIVOTX['users']->getUser($entry['user']);
if (!$user) {
$user = array('username' => $entry['user'], 'email' => '', 'nickname' => $entry['user']);
}
// Setting the category display names
$cat_display = array();
foreach ($entry['category'] as $cat) {
if (!empty($categories[$cat])) {
$cat_display[] = $categories[$cat];
}
}
$replace = array("%title%" => htmlspecialchars(strip_tags($title)), "%subtitle%" => htmlspecialchars(strip_tags($subtitle)), "%link%" => $link, "%description%" => relativeToAbsoluteURLS($description), "%summary%" => relativeToAbsoluteURLS($summary), "%author%" => $user['username'], "%author-email%" => $user['email'], "%author-nick%" => $user['nickname'], "%guid%" => $entry['uid'] . "@" . str_replace('http://', '', $PIVOTX['paths']['canonical_host']) . $PIVOTX['paths']['site_url'], "%date%" => $date, "%edit_date%" => $edit_date, "%date_rfc%" => $date_rfc, "%category%" => htmlspecialchars(implode(", ", $cat_display)), "%categorynames%" => htmlspecialchars(implode(", ", $entry['category'])), "%content%" => relativeToAbsoluteURLS($content), "%tag%" => $tag, "%lang%" => $PIVOTX['languages']->getCode(), "%vialink%" => $PIVOTX['db']->entry['vialink'], "%viatitle%" => $viatitle);
// Execute the 'feed_entry' hook, if present.
$PIVOTX['extensions']->executeHook('feed_entry', $replace);
// Replace all items in $replace, unless it's an empty array. This way the feed_entry
// hook can set $replace to an empty array, in order to skip it entirely.
if (!empty($replace)) {
$feed .= str_replace(array_keys($replace), array_values($replace), $feed_template);
}
}
return $feed;
}
/**
* Get Tags that are related to a certain Tag
*
* @param string $tag
* @return unknown
*/
function getRelatedTags($tag)
{
global $PIVOTX, $paths;
if ($PIVOTX['config']->get('db_model') == "flat") {
// Getting related tags for flat files..
$filename = urlencode($tag) . '.rel';
if (file_exists($PIVOTX['paths']['db_path'] . "tagdata/{$filename}")) {
$sTagString = file_get_contents($PIVOTX['paths']['db_path'] . "tagdata/{$filename}", "r");
$taglist = explode(",", $sTagString);
}
} else {
// Getting tags for SQL
$tagtable = safeString($PIVOTX['config']->get('db_prefix') . "tags", true);
// [JAN]
// Set up DB factory
$sqlFactory = new sqlFactory($PIVOTX['config']->get('db_model'), $PIVOTX['config']->get('db_databasename'), $PIVOTX['config']->get('db_hostname'), $PIVOTX['config']->get('db_username'), $PIVOTX['config']->get('db_password'));
// Get a DB connection..
$sql = $sqlFactory->getSqlInstance();
// $sql = new sql('mysql',
//$PIVOTX['config']->get('db_databasename'),
// $PIVOTX['config']->get('db_hostname'),
// $PIVOTX['config']->get('db_username'),
// $PIVOTX['config']->get('db_password')
// );
// [/JAN]
// Getting related tags for MySQL db..
$sql->query("SELECT DISTINCT(t2.tag)\n FROM {$tagtable} AS t1, {$tagtable} AS t2\n WHERE (t1.tag=" . $sql->quote($tag) . " AND t1.target_uid=t2.target_uid AND t2.tag!=" . $sql->quote($tag) . ")\n ORDER BY t2.tag ASC");
$rows = $sql->fetch_all_rows();
$taglist = makeValuepairs($rows, '', 'tag');
}
if (is_array($taglist)) {
$output = array();
foreach ($taglist as $thistag) {
$output[] = "<a href=\"" . tagLink(str_replace(" ", "+", $thistag)) . "\" class=\"taglinkext\">{$thistag}</a>";
}
$output = implode(", \n", $output);
} else {
$output .= "\n<p>" . __('No related tags') . "</p>\n";
}
return $output;
}
/**
* Read a bunch of entries
*
* @param array $params
* @return array
*/
function read_entries($params)
{
global $PIVOTX;
$qry = array();
$qry['select'] = "e.*, e.uid AS code, e.comment_count AS commcount, e.comment_names AS commnames, e.trackback_count AS trackcount, e.trackback_names AS tracknames";
$qry['from'] = $this->entriestable . " AS e";
if (!empty($params['offset'])) {
$params['date'] = "";
$qry['limit'] = intval($params['offset']) . ", " . $params['show'];
} else {
$qry['limit'] = $params['show'];
}
if (substr($params['orderby'], 0, 12) == "extrafields_") {
if (empty($params['extrafields'])) {
$qry['select'] .= ", ef.target_uid, ef.value";
$qry['leftjoin'][$this->extrafieldstable . " AS ef"] = "e.uid = ef.target_uid";
}
$qry['where'][] = "ef.contenttype = 'entry'";
$qry['where'][] = "ef.fieldkey = '" . safeString(substr($params['orderby'], 12)) . "'";
if ($params['ordertype'] == "int") {
$orderby = "CAST(ef.value as SIGNED)";
} else {
$orderby = "ef.value";
}
} elseif (!empty($params['orderby'])) {
if ($params['ordertype'] == "int") {
$orderby = "CAST(e." . safeString($params['orderby'], true) . " as SIGNED)";
} else {
$orderby = "e." . safeString($params['orderby'], true);
}
} else {
$orderby = "e.date";
}
if ($params['order'] == "random") {
$qry['order'] = "RAND()";
} elseif ($params['order'] == "desc") {
$qry['order'] = $orderby . " DESC";
} else {
$qry['order'] = $orderby . " ASC";
}
if (!empty($params['uid'])) {
if (is_array($params['uid'])) {
$aUids = $params['uid'];
} else {
$aUids = explode(",", $params['uid']);
}
foreach ($aUids as $k => $uid) {
if (!is_numeric($uid)) {
unset($aUids[$k]);
}
}
if (!empty($aUids)) {
$uids = implode(', ', $aUids);
$qry['where'][] = "e.uid in (" . $uids . ")";
}
} else {
if (!empty($params['start'])) {
$params['date'] = "";
$params['start'] = explode("-", $params['start']);
$start = sprintf("%s-%02s-%02s %02s:%02s:00", $params['start'][0], $params['start'][1], $params['start'][2], $params['start'][3], $params['start'][4]);
$qry['where'][] = $orderby . " > " . $this->sql->quote($start);
}
if (!empty($params['end'])) {
$params['date'] = "";
$params['end'] = explode("-", $params['end']);
$end = sprintf("%s-%02s-%02s %02s:%02s:00", $params['end'][0], $params['end'][1], $params['end'][2], $params['end'][3], $params['end'][4]);
$qry['where'][] = $orderby . " < " . $this->sql->quote($end);
}
if (!empty($params['date'])) {
$params['date'] = explode("-", $params['date']);
$year = (int) $params['date'][0];
if (count($params['date']) == 1) {
$start = sprintf("%s-%02s-%02s 00:00:00", $year, 1, 1);
$year++;
$end = sprintf("%s-%02s-%02s 00:00:00", $year, 1, 1);
} elseif (count($params['date']) == 2) {
$month = (int) $params['date'][1];
$start = sprintf("%s-%02s-%02s 00:00:00", $year, $month, 1);
$month++;
if ($month > 12) {
$month = 1;
$year++;
}
$end = sprintf("%s-%02s-%02s 00:00:00", $year, $month, 1);
} else {
$month = (int) $params['date'][1];
$day = (int) $params['date'][2];
$start = sprintf("%s-%02s-%02s 00:00:00", $year, $month, $day);
$end = sprintf("%s-%02s-%02s 23:59:00", $year, $month, $day);
}
$qry['where'][] = "{$orderby} > " . $this->sql->quote($start);
$qry['where'][] = "{$orderby} < " . $this->sql->quote($end);
}
// Do not use a limit if a date range is given
if (!empty($params['start']) && !empty($params['end']) || !empty($params['date'])) {
unset($qry['limit']);
}
if (!empty($params['status'])) {
$qry['where'][] = "e.status = " . $this->sql->quote($params['status']);
}
if (!empty($params['user'])) {
$qry['where'][] = "e.user = "******"e.date DESC, e.uid DESC";
$qry['group'] = "e.date, e.uid";
//[/JAN]
if (!empty($params['cats'])) {
$qry['select'] .= ", c.category";
$qry['leftjoin'][$this->categoriestable . " AS c"] = "e.uid = c.target_uid";
if (is_array($params['cats'])) {
$qry['where'][] = "c.category IN('" . implode("', '", $params['cats']) . "')";
} else {
$qry['where'][] = "c.category= " . $this->sql->quote($params['cats']);
}
$qry['where'][] = "c.contenttype= 'entry'";
}
if (!empty($params['tags'])) {
$qry['select'] .= ", t.tag";
$qry['leftjoin'][$this->tagstable . " AS t"] = "e.uid = t.target_uid";
if (strpos($params['tags'], ",") !== false) {
$aTags = explode(",", str_replace(" ", "", $params['tags']));
$tags = implode("', '", $aTags);
$qry['where'][] = "t.tag IN ('" . $tags . "')";
} else {
$qry['where'][] = "t.tag= " . $this->sql->quote($params['tags']);
}
$qry['where'][] = "t.contenttype= 'entry'";
}
if (!empty($params['extrafields'])) {
$qry['select'] .= ", ef.target_uid";
$qry['leftjoin'][$this->extrafieldstable . " AS ef"] = "e.uid = ef.target_uid";
foreach ($params['extrafields'] as $k => $v) {
$qry['where_or'][] = "(ef.contenttype='entry' AND ef.fieldkey = '" . $k . "' AND ef.value = '" . $v . "')";
}
}
}
if ($params['count_only'] === true) {
// if we only want to count - override the select, group and order
$qry['select'] = 'count(e.uid) as number';
unset($qry['order']);
unset($qry['group']);
//debug_printr($qry);
$query = $this->sql->build_select($qry);
//debug(nl2br($query));
$this->sql->query();
$result = $this->sql->fetch_row();
// return the result and skip the recht if read_entries
return $result;
}
$query = $this->sql->build_select($qry);
$this->sql->query();
// echo nl2br(htmlentities($query));
$rows = $this->sql->fetch_all_rows();
$entries = array();
if (!is_array($rows)) {
$rows = array();
}
foreach ($rows as $entry) {
$entries[$entry['uid']] = $entry;
// Make the 'excerpts'..
$entries[$entry['uid']]['excerpt'] = makeExcerpt($entry['introduction']);
// Set the link..
$entries[$entry['uid']]['link'] = makeFileLink($entry, '', '');
}
if (is_array($entries)) {
$ids = makeValuepairs($entries, '', 'uid');
$ids = "'" . implode("', '", $ids) . "'";
// Ok, now we need to do a second query to get the correct arrays with all of the categories.
$this->sql->query("SELECT * FROM " . $this->categoriestable . " AS c WHERE contenttype = 'entry' AND target_uid IN ({$ids})");
$tempcats = $this->sql->fetch_all_rows();
if ($tempcats) {
// group them together by entry.
foreach ($tempcats as $cat) {
$cats[$cat['target_uid']][] = $cat['category'];
}
// Add them to our simple cache, for later retrieval..
$PIVOTX['cache']->setMultiple("categories", $cats);
// Now, attach the categories to the entries..
foreach ($cats as $uid => $cat) {
foreach ($entries as $key => $entry) {
if ($entries[$key]['uid'] == $uid) {
$entries[$key]['category'] = $cat;
continue;
}
}
}
}
// And a third query to get the correct records with all of the extra fields.
$this->sql->query("SELECT * FROM " . $this->extrafieldstable . " AS e WHERE contenttype='entry' AND target_uid IN ({$ids})");
$tempfields = $this->sql->fetch_all_rows();
// Now, attach the tempfields to the entries..
if (!empty($tempfields)) {
foreach ($tempfields as $tempfield) {
foreach ($entries as $key => $entry) {
if ($entries[$key]['uid'] == $tempfield['target_uid']) {
if (!is_array($entries[$key]['extrafields'])) {
$entries[$key]['extrafields'] = array();
}
// Check if it's a serialised value..
if (is_array(unserialize($temp_field['value']))) {
$temp_field['value'] = unserialize($temp_field['value']);
}
$entries[$key]['extrafields'][$tempfield['fieldkey']] = $tempfield['value'];
}
}
}
}
}
// Add them to our simple cache, for later retrieval..
$PIVOTX['cache']->setMultiple("entries", $entries);
return $entries;
}
