/**
* @covers Xoops\Core\FilterInput::clean
*/
public function testClean()
{
$input = 'Lorem ipsum </i><script>alert();</script>';
$expected = 'Lorem ipsum alert();';
$this->assertEquals($expected, FilterInput::clean($input, 'string'));
$input = 'Lorem ipsum <script>alert();</script>';
$expected = 'Lorem ipsum alert();';
$this->assertEquals($expected, FilterInput::clean($input, 'string'), FilterInput::clean($input, 'string'));
$input = 'Lorem ipsum';
$expected = $input;
$this->assertEquals($expected, FilterInput::clean($input, 'string'));
}
public function update($id, $strName, $strDescription, $strAlias, $intPublished, $intPortalLayout, $intArticlePerPage, $intParentCategory, $intListType, $intShowChilds, $arrAggregation, $intFeaturedOnly, $intSocialButtons, $intArticlePublishedState, $arrPermissions, $intNotifyUnpublishedArticles, $intHideHeader, $intSortationType, $intFeaturedOntop, $intHideOnRSS)
{
if ($strAlias == "") {
$arrName = unserialize($strName);
$strDefaultLanguage = $this->config->get('default_lang');
$strAlias = $this->create_alias($arrName[$strDefaultLanguage]);
} elseif ($strAlias != $this->pdh->get('article_categories', 'alias', array($id))) {
$strAlias = $this->create_alias($strAlias);
}
//Check Alias
$blnAliasResult = $this->check_alias($id, $strAlias);
if (!$blnAliasResult) {
return false;
}
$strDescription = $this->bbcode->replace_shorttags($strDescription);
if ($this->config->get('enable_embedly')) {
$strDescription = $this->embedly->parseString($strDescription);
}
if (!$this->user->check_auth('u_articles_script', false)) {
include_once $this->root_path . "libraries/inputfilter/input.class.php";
$filter = new FilterInput(get_tag_blacklist(), get_attr_blacklist(), 1, 1);
$strDescription = htmlspecialchars($filter->clean($strDescription));
}
$arrQuery = array('name' => $strName, 'alias' => $strAlias, 'portal_layout' => $intPortalLayout, 'description' => $strDescription, 'per_page' => $intArticlePerPage, 'permissions' => serialize($arrPermissions), 'published' => $intPublished, 'parent' => $intParentCategory, 'list_type' => $intListType, 'aggregation' => serialize($arrAggregation), 'featured_only' => $intFeaturedOnly, 'social_share_buttons' => $intSocialButtons, 'show_childs' => $intShowChilds, 'article_published_state' => $intArticlePublishedState, 'notify_on_onpublished_articles' => $intNotifyUnpublishedArticles, 'hide_header' => $intHideHeader, 'sortation_type' => $intSortationType, 'featured_ontop' => $intFeaturedOntop, 'hide_on_rss' => $intHideOnRSS);
$arrOldData = $this->pdh->get('article_categories', 'data', array($id));
$objQuery = $this->db->prepare("UPDATE __article_categories :p WHERE id=?")->set($arrQuery)->execute($id);
if ($objQuery) {
$this->pdh->enqueue_hook('article_categories_update');
$log_action = $this->logs->diff($arrOldData, $arrQuery, $this->arrLogLang, array('description' => 1), true);
$this->log_insert("action_articlecategory_updated", $log_action, $id, $this->user->multilangValue($arrOldData["name"]), 1, 'article');
return $id;
}
return false;
}
public function update($id, $strTitle, $strText, $arrTags, $strPreviewimage, $strAlias, $intPublished, $intFeatured, $intCategory, $intUserID, $intComments, $intVotes, $intDate, $strShowFrom, $strShowTo, $intHideHeader)
{
if ($strAlias == "") {
$arrName = unserialize($strTitle);
$strDefaultLanguage = $this->config->get('default_lang');
$strAlias = $this->create_alias($arrName[$strDefaultLanguage]);
} elseif ($strAlias != $this->pdh->get('articles', 'alias', array($id))) {
$strAlias = $this->create_alias($strAlias);
}
//Check Alias
$blnAliasResult = $this->check_alias($id, $strAlias);
if (!$blnAliasResult) {
return false;
}
$strText = str_replace('<p></p>', '<br />', $strText);
$strText = $this->bbcode->replace_shorttags($strText);
if ($this->config->get('enable_embedly')) {
$strText = $this->embedly->parseString($strText, false, false);
}
$arrPageObjects = array();
preg_match_all('#<p(.*)class="system-article"(.*) title="(.*)">(.*)</p>#iU', $strText, $arrTmpPageObjects, PREG_PATTERN_ORDER);
if (count($arrTmpPageObjects[0])) {
foreach ($arrTmpPageObjects[3] as $key => $val) {
$arrPageObjects[] = $val;
}
}
if (!$this->user->check_auth('u_articles_script', false)) {
include_once $this->root_path . "libraries/inputfilter/input.class.php";
$filter = new FilterInput(get_tag_blacklist(), get_attr_blacklist(), 1, 1);
$strText = $filter->clean($strText);
}
$strText = htmlspecialchars($strText);
$arrOldData = $this->pdh->get('articles', 'data', array($id));
$arrData = array('title' => $strTitle, 'text' => $strText, 'category' => $intCategory, 'featured' => $intFeatured, 'comments' => $intComments, 'votes' => $intVotes, 'published' => $intPublished, 'show_from' => $strShowFrom, 'show_to' => $strShowTo, 'user_id' => $intUserID, 'date' => $intDate, 'previewimage' => $strPreviewimage, 'alias' => $strAlias, 'tags' => serialize($arrTags), 'last_edited' => $this->time->time, 'last_edited_user' => $this->user->id, 'page_objects' => serialize($arrPageObjects), 'hide_header' => $intHideHeader);
//if category changed, make sure that there is only one index article
if ($intCategory != $arrOldData["category"]) {
$intIndexArticle = $this->pdh->get('article_categories', 'index_article', array($intCategoryID));
if ($intIndexArticle > 0) {
$arrData['`index`'] = 0;
}
}
$objQuery = $this->db->prepare("UPDATE __articles :p WHERE id=?")->set($arrData)->execute($id);
if ($objQuery) {
$this->pdh->enqueue_hook('articles_update');
$this->pdh->enqueue_hook('article_categories_update');
//Log changes
$arrNew = array('title' => $strTitle, 'text' => $strText, 'category' => $intCategory, 'featured' => $intFeatured, 'comments' => $intComments, 'votes' => $intVotes, 'published' => $intPublished, 'show_from' => $strShowFrom, 'show_to' => $strShowTo, 'user_id' => $intUserID, 'date' => $intDate, 'previewimage' => $strPreviewimage, 'alias' => $strAlias, 'tags' => implode(", ", $arrTags), 'page_objects' => implode(", ", $arrPageObjects), 'hide_header' => $intHideHeader);
$arrOld = array('title' => $arrOldData["title"], 'text' => $arrOldData["text"], 'category' => $arrOldData["category"], 'featured' => $arrOldData["featured"], 'comments' => $arrOldData["comments"], 'votes' => $arrOldData["votes"], 'published' => $arrOldData["published"], 'show_from' => $arrOldData["show_from"], 'show_to' => $arrOldData["show_to"], 'user_id' => $arrOldData["user_id"], 'date' => $arrOldData["date"], 'previewimage' => $arrOldData["previewimage"], 'alias' => $arrOldData["alias"], 'tags' => implode(", ", unserialize($arrOldData["tags"])), 'page_objects' => implode(", ", unserialize($arrOldData["page_objects"])), 'hide_header' => $arrOldData["hide_header"]);
$arrFlags = array('text' => 1);
$arrChanges = $this->logs->diff($arrOld, $arrNew, $this->arrLang, $arrFlags);
if ($arrChanges) {
$this->log_insert('action_article_updated', $arrChanges, $id, $this->user->multilangValue($arrOldData["title"]), 1, 'article');
}
return $id;
}
return false;
}
public function import()
{
$this->user->check_auth('u_localitembase_import');
$strCachePath = $this->pfh->FolderPath('cache', 'localitembase');
$strIconPath = $this->pfh->FolderPath('icons', 'localitembase');
$strImagePath = $this->pfh->FolderPath('images', 'localitembase');
$uploader = register('uploader');
$strZipName = $uploader->upload_mime('file', '', array('application/zip'), array('zip'), 'localitembase_dump', $strCachePath);
if (!$strZipName || !file_exists($strCachePath . $strZipName)) {
header("HTTP/1.1 500 Internal Error");
exit;
}
$objZIP = registry::register('zip', array($strCachePath . $strZipName));
$objZIP->extract($strCachePath . 'import/');
$objZIP->close();
$arrItemIDs = array();
$arrJSON = file_get_contents($strCachePath . 'import/localitembase_dump.json');
$arrJSON = json_decode($arrJSON, true);
foreach ($this->pdh->get('localitembase', 'id_list', array()) as $itemID) {
$arrItemIDs[$itemID] = $this->pdh->get('localitembase', 'item_gameid', array($itemID));
}
include_once $this->root_path . "libraries/inputfilter/input.class.php";
$filter = new FilterInput(get_tag_blacklist(), get_attr_blacklist(), 1, 1);
foreach ($arrJSON as $arrItemDump) {
if (!in_array($arrItemDump['item_gameid'], $arrItemIDs)) {
$oldText = unserialize($arrItemDump['text']);
foreach ($oldText as $key => $val) {
$oldText[$key] = $filter->clean($val);
}
$arrLanguages = unserialize($arrItemDump['languages']);
$arrNewLanguage = sanitize($arrLanguages);
$this->pdh->put('localitembase', 'insert', array(sanitize($arrItemDump['item_gameid']), sanitize($arrItemDump['icon']), sanitize($arrItemDump['quality']), sanitize(unserialize($arrItemDump['item_name'])), $oldText, sanitize(unserialize($arrItemDump['image'])), serialize($arrNewLanguage)));
if (!empty($arrItemDump['icon'])) {
$strIcon = preg_replace("/[^a-zA-Z0-9_.-]/iU", "", $arrItemDump['icon']);
$strExtension = strtolower(pathinfo($strIcon, PATHINFO_EXTENSION));
if (in_array($strExtension, array('jpg', 'png'))) {
$this->pfh->FileMove($strCachePath . 'import/icons/' . $strIcon, $strIconPath . $strIcon);
}
}
$arrImages = unserialize($arrItemDump['image']);
foreach ($arrImages as $strImage) {
$strImage = preg_replace("/[^a-zA-Z0-9_.-]/iU", "", $strImage);
$strExtension = strtolower(pathinfo($strImage, PATHINFO_EXTENSION));
if (in_array($strExtension, array('jpg', 'png'))) {
$this->pfh->FileMove($strCachePath . 'import/images/' . $strImage, $strImagePath . $strImage);
}
}
}
}
$this->pdh->process_hook_queue();
$this->pfh->Delete($strCachePath . 'import/');
exit;
}
public function filterParams(&$params)
{
$filter_input = new FilterInput();
$filter_input->tool = Get::cfg('filter_tool', 'htmlpurifier');
$params = $filter_input->clean($params);
}
public function save()
{
$objForm = register('form', array('lit_settings'));
$objForm->langPrefix = 'lit_';
$objForm->validate = true;
$objForm->add_fieldsets($this->fields());
$arrValues = $objForm->return_values();
include_once $this->root_path . "libraries/inputfilter/input.class.php";
$filter = new FilterInput(get_tag_blacklist(), get_attr_blacklist(), 1, 1);
$strGameID = $arrValues['item_gameid'];
$strQuality = $arrValues['quality'];
if ($arrValues['icon'] != "") {
$strIcon = str_replace($this->pfh->FolderPath('icons', 'localitembase', 'relative'), "", $this->root_path . $arrValues['icon']);
} elseif ($this->in->get('i', 0) > 0) {
$strIcon = $this->pdh->get('localitembase', 'icon', array($this->in->get('i', 0)));
} else {
$strIcon = "";
}
$arrName = array();
$arrImage = array();
$arrText = array();
$arrUsedLanguages = array();
$arrLanguages = $this->user->getAvailableLanguages(false, false, true);
foreach ($arrLanguages as $key => $val) {
if ($arrValues['name__' . $key] != "" || $arrValues['image__' . $key] != "" || $arrValues['text__' . $key] != "") {
$arrUsedLanguages[] = $key;
$arrName[$key] = $arrValues['name__' . $key];
if ($arrValues['image__' . $key] != "") {
$arrImage[$key] = str_replace($this->pfh->FolderPath('images', 'localitembase', 'relative'), "", $this->root_path . $arrValues['image__' . $key]);
} elseif ($this->in->get('i', 0) > 0) {
$arrImages = unserialize($this->pdh->get('localitembase', 'image', array($this->in->get('i', 0))));
if (isset($arrImages[$key])) {
$arrImage[$key] = $arrImages[$key];
}
}
$arrText[$key] = $filter->clean($arrValues['text__' . $key]);
}
}
if ($this->in->get('i', 0) > 0) {
$this->pdh->put('localitembase', 'update', array($this->in->get('i', 0), $strGameID, $strIcon, $strQuality, $arrName, $arrText, $arrImage, $arrUsedLanguages));
} else {
//$strGameID, $strIcon, $strQuality, $arrNames, $arrText, $arrImages, $arrLanguages
$this->pdh->put('localitembase', 'insert', array($strGameID, $strIcon, $strQuality, $arrName, $arrText, $arrImage, $arrUsedLanguages));
}
$this->pdh->process_hook_queue();
$this->display();
}