function db_delete($params, $node)
{
global $FUNCS, $DB, $CTX;
if (count($node->children)) {
die("ERROR: Tag \"" . $node->name . "\" is a self closing tag");
}
// handle params
extract($FUNCS->get_named_vars(array('masterpage' => '', 'page_id' => '', 'invalidate_cache' => '0'), $params));
$masterpage = trim($masterpage);
if (!$masterpage) {
die("ERROR: Tag \"" . $node->name . "\": 'masterpage' attribute missing");
}
$page_id = isset($page_id) && $FUNCS->is_non_zero_natural($page_id) ? (int) $page_id : null;
if (!$page_id) {
die("ERROR: Tag \"" . $node->name . "\": 'page_id' required");
}
// get down to business
$rs = $DB->select(K_TBL_TEMPLATES, array('id', 'clonable'), "name='" . $DB->sanitize($masterpage) . "'");
if (!count($rs)) {
die("ERROR: Tag \"" . $node->name . "\" - masterpage does not exist");
}
if (!$rs[0]['clonable']) {
die("ERROR: Tag \"" . $node->name . "\" - cannot delete non-clonable template");
}
$pg = new KWebpage($rs[0]['id'], $page_id);
if ($pg->error) {
die("ERROR: Tag \"" . $node->name . "\" - " . $pg->err_msg);
}
// delete..
$pg->delete();
// if we are here, delete was successful (script would have died otherwise)
$pg->destroy();
unset($pg);
if ($invalidate_cache) {
$FUNCS->invalidate_cache();
}
}
// HOOK: alter_template_delete
$rec = $rs[0];
$msg = 'Unable to delete template';
$skip = $FUNCS->dispatch_event('alter_template_delete', array($rec, &$msg));
if ($skip) {
die($msg);
}
// Confirm no cloned pages exist
if ($rs[0]['clonable']) {
$rs2 = $DB->select(K_TBL_PAGES, array('*'), "template_id='" . $DB->sanitize($tpl_id) . "'");
if (count($rs2)) {
die('Template has existing cloned pages');
}
} else {
// delete default page for the template
$PAGE = new KWebpage($tpl_id, null);
if ($PAGE->error) {
ob_end_clean();
die('ERROR: ' . $PAGE->err_msg);
}
$PAGE->delete();
}
// remove template along with the fields and folders defined for it
$rs = $DB->delete(K_TBL_TEMPLATES, "id='" . $DB->sanitize($tpl_id) . "'");
if ($rs == -1) {
die("ERROR: Unable to delete template from K_TBL_TEMPLATES");
}
$rs = $DB->delete(K_TBL_FIELDS, "template_id='" . $DB->sanitize($tpl_id) . "'");
if ($rs == -1) {
die("ERROR: Unable to delete template data from K_TBL_FIELDS");
}
function invoke($ignore_level = 0)
{
global $DB, $FUNCS, $PAGE, $AUTH, $CTX, $k_cache_file;
if ($ignore_level > 0) {
$ignore_canonical_url = 1;
// if set, the url used to access page is not checked to be canonical.
if ($ignore_level > 1) {
$ignore_context = 1;
// if set, all canonical GET variables are ignored. Page always remains in home-view.
}
}
// $page_id, $folder_id and $archive_date are mutually exclusive.
// If more than one are provided, $page_id will be preferred over the
// others and $folder_id will be preferred over $archive_date.
// All ids will be preferred over names.
// comment_id actually resolves to becoming the page_id of
// the associated page hence it is processed the foremost.
$page_id = null;
$folder_id = null;
$archive_date = null;
$page_name = null;
$folder_name = null;
$comment_id = null;
$comment_date = '';
if (!$ignore_context) {
// if comment id given, find the associated page_id
if (isset($_GET['comment']) && $FUNCS->is_non_zero_natural($_GET['comment'])) {
$rs = $DB->select(K_TBL_COMMENTS, array('page_id', 'date', 'approved'), "id='" . $DB->sanitize(intval($_GET['comment'])) . "'");
if (count($rs)) {
$comment_id = intval($_GET['comment']);
$comment_date = $rs[0]['date'];
$_GET['p'] = $rs[0]['page_id'];
}
}
if (isset($_GET['p']) && $FUNCS->is_non_zero_natural($_GET['p'])) {
$page_id = (int) $_GET['p'];
} else {
if (isset($_GET['f']) && $FUNCS->is_non_zero_natural($_GET['f'])) {
$folder_id = (int) $_GET['f'];
} else {
if (isset($_GET['d']) && $FUNCS->is_non_zero_natural($_GET['d'])) {
$date = (int) $_GET['d'];
// example valid values:
// ?d=20080514
// ?d=200805
// ?d=2008
$len = strlen($date);
if ($len >= 4) {
$year = substr($date, 0, 4);
$archive_date = $year;
if ($len >= 6) {
$month = substr($date, 4, 2);
$archive_date .= '-' . $month;
if ($len > 6) {
$day = substr($date, 6, 2);
$archive_date .= '-' . $day;
}
}
if ($day) {
$next_archive_date = date('Y-m-d H:i:s', mktime(0, 0, 0, $month, $day + 1, $year));
$is_archive_day_view = 1;
} elseif ($month) {
$next_archive_date = date('Y-m-d H:i:s', mktime(0, 0, 0, $month + 1, 1, $year));
$is_archive_month_view = 1;
} else {
$next_archive_date = date('Y-m-d H:i:s', mktime(0, 0, 0, 1, 1, $year + 1));
$is_archive_year_view = 1;
}
$archive_date = $FUNCS->make_date($archive_date);
}
} else {
if (isset($_GET['pname']) && $FUNCS->is_title_clean($_GET['pname'])) {
$page_name = $_GET['pname'];
} else {
if (isset($_GET['fname']) && $FUNCS->is_title_clean($_GET['fname'])) {
$folder_name = $_GET['fname'];
}
}
}
}
}
} else {
$CTX->ignore_context = 1;
// necessary for nested_pages with prettyurls
}
if ($AUTH->user->access_level >= K_ACCESS_LEVEL_SUPER_ADMIN) {
$DB->begin();
// Serialize access for super-admins.. hack of a semaphore
$DB->update(K_TBL_SETTINGS, array('k_value' => K_COUCH_VERSION), "k_key='k_couch_version'");
}
// Get the requested page.
// for folder view and archive view, page_id would be null,
// causing the default page to be loaded.
//
$CTX->folder_info = !is_null($folder_name) ? $folder_name : (!is_null($folder_id) ? (int) $folder_id : null);
// added for 404 on non-existent folders
if (!is_null($page_name)) {
$PAGE = new KWebpage(null, null, $page_name);
} else {
$PAGE = new KWebpage(null, $page_id);
}
if ($PAGE->error) {
ob_end_clean();
$DB->rollback();
if ($PAGE->err_msg == 'Page not found') {
header('HTTP/1.1 404 Not Found');
header('Status: 404 Not Found');
header('Content-Type: text/html; charset=' . K_CHARSET);
$html = '';
if (file_exists(K_SITE_DIR . '404.php')) {
$html = $FUNCS->file_get_contents(K_SITE_URL . '404.php');
}
if (!$html) {
$html = 'Page not found';
}
} else {
die('ERROR: ' . $PAGE->err_msg);
}
} else {
$access_level = $PAGE->get_access_level($inherited);
$AUTH->check_access($access_level);
// set the requested view, if any
if ($folder_id) {
$PAGE->is_folder_view = 1;
$PAGE->folder_id = $folder_id;
} elseif ($archive_date) {
$PAGE->is_archive_view = 1;
$PAGE->archive_date = $archive_date;
$PAGE->next_archive_date = $next_archive_date;
if ($is_archive_day_view) {
$PAGE->is_archive_day_view = 1;
} elseif ($is_archive_month_view) {
$PAGE->is_archive_month_view = 1;
} else {
$PAGE->is_archive_year_view = 1;
}
$PAGE->day = $day;
$PAGE->month = $month;
$PAGE->year = $year;
} elseif ($folder_name) {
if (!$PAGE->changed_from_folder_to_page) {
// can happen with nested pages
$PAGE->is_folder_view = 1;
$PAGE->folder_name = $folder_name;
}
} elseif ($comment_id) {
// not a view but just to remind the page that it was fetched on the basis of comment id.
$PAGE->comment_id = $comment_id;
$PAGE->comment_date = $comment_date;
}
$html = ob_get_contents();
ob_end_clean();
// HOOK: pre_process_page
$FUNCS->dispatch_event('pre_process_page', array(&$html, &$PAGE, &$ignore_canonical_url));
$parser = new KParser($html);
$html = $parser->get_HTML();
//echo $parser->get_info();
$FUNCS->post_process_page();
if ($AUTH->user->access_level >= K_ACCESS_LEVEL_SUPER_ADMIN) {
$DB->commit(1);
}
// Verify that the url used to access this page is the page's canonical url
if ($comment_id) {
// if page accessed via comment_id, rectify the url
$canonical_url = K_SITE_URL . $PAGE->link;
if ($PAGE->comment_page) {
$sep = strpos($canonical_url, '?') === false ? '?' : '&';
$canonical_url .= $sep . 'comments_pg=' . $PAGE->comment_page;
}
$redirect_url = $canonical_url . "#comment-" . $comment_id;
} elseif (K_PRETTY_URLS && $_SERVER['REQUEST_METHOD'] != 'POST' && !$PAGE->parent_id && $CTX->script != '404.php' && !$ignore_canonical_url) {
$url = $FUNCS->get_url();
if ($url) {
if ($_GET['_nr_']) {
//page link being masqueraded. Normalize before comparision.
$masq_tpl_name = $FUNCS->get_pretty_template_link($PAGE->tpl_name);
/*masquereded name*/
$unmasq_tpl_name = $FUNCS->get_pretty_template_link_ex($PAGE->tpl_name, $dummy, 0);
/*unmasquereded name*/
$canonical_url = K_SITE_URL . $unmasq_tpl_name . substr($PAGE->link, strlen($masq_tpl_name));
//replace masquered name with unmasqueraded
} else {
$canonical_url = K_SITE_URL . $PAGE->link;
}
if ($url != $canonical_url) {
// Redirect to canonical url
// append querystring params, if any
$sep = '';
foreach ($_GET as $qk => $qv) {
if ($qk == 'p' || $qk == 'f' || $qk == 'd' || $qk == 'fname' || $qk == 'pname' || $qk == '_nr_') {
continue;
}
$qs .= $sep . $qk . '=' . urlencode($qv);
$sep = '&';
}
if ($qs) {
$qs = '?' . $qs;
}
if ($_GET['_nr_']) {
//page link being masqueraded
$redirect_url = K_SITE_URL . $PAGE->link . $qs;
} else {
$redirect_url = $canonical_url . $qs;
}
}
}
}
}
$content_type = $PAGE->content_type ? $PAGE->content_type : 'text/html';
$content_type_header = 'Content-Type: ' . $content_type . ';';
$content_type_header .= ' charset=' . K_CHARSET;
// Add our link to the document (if not commercial license)
// Apply only to text/html, text/html-sandboxed, application/xhtml+xml mime-types
// application/xml and text/xml can also be used to serve xhtml documents but we'll allow that.
if (!(K_PAID_LICENSE || K_REMOVE_FOOTER_LINK)) {
if (strpos($content_type, 'html') !== false) {
$_cnt = preg_match_all("/<\\/[^\\S]*BODY[^\\S]*>/is", $html, $matches, PREG_OFFSET_CAPTURE);
if ($_cnt) {
$_split_at = $matches[0][count($matches[0]) - 1][1];
} else {
$_cnt = preg_match_all("/<\\/[^\\S]*HTML[^\\S]*>/is", $html, $matches, PREG_OFFSET_CAPTURE);
if ($_cnt) {
$_split_at = $matches[0][count($matches[0]) - 1][1];
}
}
$_link = "\n <div style=\"clear:both; text-align: center; z-index:99999 !important; display:block !important; visibility:visible !important;\">\n <div style=\"position:relative; top:0; margin-right:auto;margin-left:auto; z-index:99999; display:block !important; visibility:visible !important;\">\n <center><a href=\"http://www.couchcms.com/\" title=\"CouchCMS - Simple Open-Source Content Management\" style=\"display:block !important; visibility:visible !important;\">Powered by CouchCMS</a></center><br />\n </div>\n </div>\n ";
if ($_split_at) {
$_pre = substr($html, 0, $_split_at);
$_post = substr($html, $_split_at);
$html = $_pre . $_link . $_post;
} else {
$html .= $_link;
}
}
}
// HOOK: alter_final_page_output
$FUNCS->dispatch_event('alter_final_page_output', array(&$html, &$PAGE, &$k_cache_file, &$redirect_url, &$content_type_header));
// See if ouput needs to be cached
if ($k_cache_file && strlen(trim($html)) && !$PAGE->no_cache) {
$handle = @fopen($k_cache_file, 'w');
if ($handle) {
if ($redirect_url) {
$pg['redirect_url'] = $redirect_url;
} else {
$pg['mime_type'] = $content_type_header;
$cached_html = $html . "\n<!-- Cached page";
if (!K_PAID_LICENSE) {
$cached_html .= " served by CouchCMS - Simple Open-Source Content Management";
}
$cached_html .= " -->\n";
$pg['cached_html'] = $cached_html;
if ($PAGE->err_msg == 'Page not found') {
$pg['res_404'] = 1;
}
}
@flock($handle, LOCK_EX);
@fwrite($handle, serialize($pg));
@flock($handle, LOCK_UN);
@fclose($handle);
}
}
if ($redirect_url) {
header("Location: " . $redirect_url, TRUE, 301);
die;
}
if (!K_PAID_LICENSE) {
$html .= "\n<!-- Page generated by CouchCMS - Simple Open-Source Content Management";
$html .= " -->\n";
}
if (defined('K_IS_MY_TEST_MACHINE')) {
$html .= "\n<!-- in: " . k_timer_stop() . " -->\n";
$html .= "\n<!-- Queries: " . $DB->queries . " -->\n";
}
header($content_type_header);
echo $html;
}
}
} else {
// Any drafts marked for deletion?
if (isset($_POST['bulk-action'])) {
if (isset($_POST['draft-id'])) {
$FUNCS->validate_nonce('bulk_action_draft');
foreach ($_POST['draft-id'] as $v) {
if ($FUNCS->is_non_zero_natural($v)) {
$draft_id = intval($v);
if (!$tpl_id) {
$rs = $DB->select(K_TBL_PAGES, array('template_id'), "id = '" . $DB->sanitize($draft_id) . "'");
$_tpl_id = $rs[0]['template_id'];
} else {
$_tpl_id = $tpl_id;
}
$PAGE = new KWebpage($_tpl_id, $draft_id);
if ($PAGE->error) {
ob_end_clean();
die('ERROR in deletion: ' . $PAGE->err_msg);
}
// execute action
if ($_POST['bulk-action'] == 'delete') {
$PAGE->delete(1);
} elseif ($_POST['bulk-action'] == 'apply') {
$DB->begin();
$res = $PAGE->update_parent();
if ($FUNCS->is_error($res)) {
ob_end_clean();
die($res->err_msg);
}
$PAGE->delete(1);
function update_parent()
{
global $DB, $FUNCS, $Config;
if (!$this->parent_id) {
return $FUNCS->raise_error("Does not have a parent to update");
}
// get parent
$rs = $DB->select(K_TBL_PAGES, array('page_name'), "id='" . $DB->sanitize($this->parent_id) . "'");
if (count($rs)) {
$parent_of_draft = $rs[0]['page_name'];
}
// if parent of draft no longer exists, recreate one with the original ID (..probably unused now)
if (!$parent_of_draft) {
$res = $this->_recreate_parent();
if ($FUNCS->is_error($res)) {
return $res;
}
}
// update parent ..
$_PAGE = new KWebpage($this->tpl_id, $this->parent_id);
if ($_PAGE->error) {
return $FUNCS->raise_error($_PAGE->err_msg);
}
for ($x = 0; $x < count($_PAGE->fields); $x++) {
$f =& $_PAGE->fields[$x];
if ($f->system) {
if ($f->name == 'k_page_title') {
$f->store_posted_changes($this->fields[$x]->get_data());
} elseif ($f->name == 'k_page_name' && !$parent_of_draft) {
// if recreating parent, blank out name. Will be generated by the system.
$f->store_posted_changes('');
} else {
unset($f);
continue;
}
} else {
if ($this->tpl_gallery) {
// if gallery, delete the images associated with the original (if changed)
if ($f->k_type == 'image' && $f->name == 'gg_image' || $f->k_type == 'thumbnail' && $f->assoc_field == 'gg_image') {
$orig_img = $f->data;
$cur_img = $this->fields[$x]->data;
if ($orig_img != $cur_img) {
if ($orig_img[0] == ':') {
// if local
$orig_img = $Config['UserFilesAbsolutePath'] . 'image/' . substr($orig_img, 1);
@unlink($orig_img);
}
}
}
}
if ($f->k_type == 'thumbnail' || $f->k_type == 'hidden' || $f->k_type == 'message' || $f->k_type == 'group') {
unset($f);
continue;
}
if ($f->udf) {
// Intimate about the 'uncloning' event
$f->_unclone($this->fields[$x]);
}
$f->data = $this->fields[$x]->data;
$f->modified = 1;
}
unset($f);
}
$errors = $_PAGE->save();
if ($errors) {
return $FUNCS->raise_error($_PAGE->err_msg);
}
return 1;
}
function entries($params, $node)
{
global $FUNCS, $CTX;
extract($FUNCS->get_named_vars(array('limit' => '', 'skip_custom_fields' => '0'), $params));
$limit = $FUNCS->is_non_zero_natural($limit) ? intval($limit) : 1000;
//Practically unlimited.
$skip_custom_fields = $skip_custom_fields == 1 ? 1 : 0;
// get the entries array object supplied by days tag
$entries =& $CTX->get_object('entries', 'days');
if (is_array($entries)) {
$count = count($entries);
$limit = $limit < $count ? $limit : $count;
for ($x = 0; $x < $limit; $x++) {
$entry =& $entries[$x];
$pg = new KWebpage($entry['template_id'], $entry['id'], 0, 0, $skip_custom_fields);
if ($pg->error) {
ob_end_clean();
die('ERROR: ' . $pg->err_msg);
}
$pg->set_context();
foreach ($node->children as $child) {
$html .= $child->get_HTML();
}
}
}
return $html;
}
function create_cloned_page($tpl_id, $fid, $cid, $rid, $page_title, $img_url)
{
global $FUNCS;
// create a single cloned page
$pg = new KWebpage($tpl_id, -1);
if ($pg->error) {
return $FUNCS->raise_error($pg->err_msg);
}
// fill fields
$f =& $pg->_fields['k_page_title'];
// title
$f->store_posted_changes($page_title);
unset($f);
$f =& $pg->_fields['k_page_folder_id'];
// folder
$f->store_posted_changes($fid);
unset($f);
$f =& $pg->_fields['k_publish_date'];
// publish date
$f->store_posted_changes($FUNCS->get_current_desktop_time());
unset($f);
// find the image field (set 'required' off for all other fields as we go)
// also find the relation field if specified
if ($cid && $rid) {
$find_related = 1;
}
for ($x = 0; $x < count($pg->fields); $x++) {
$f =& $pg->fields[$x];
if (!$f->system) {
if ($f->k_type == 'image' && $f->name == 'gg_image') {
$f->store_posted_changes($img_url);
}
// related?
if ($find_related) {
if ($f->id == $rid && $f->k_type == 'relation') {
$f->store_posted_changes($cid);
$find_related = 0;
}
}
}
$f->required = 0;
unset($f);
}
// save
$errors = $pg->save();
if ($errors) {
$sep = '';
if (count($errors)) {
$str_err = '';
for ($x = 0; $x < count($pg->fields); $x++) {
$f =& $pg->fields[$x];
if ($f->err_msg) {
$str_err .= $sep . '<b>' . $f->name . ':</b> ' . $f->err_msg;
$sep = '<br/>';
}
}
return $FUNCS->raise_error($str_err);
}
}
$page_id = $pg->id;
$pg->destroy();
unset($pg);
return $page_id;
}
function edit()
{
global $FUNCS, $PAGE, $CTX;
$tpl_id = isset($_GET['tpl']) && $FUNCS->is_non_zero_natural($_GET['tpl']) ? (int) $_GET['tpl'] : null;
if (is_null($tpl_id)) {
die('No template specified');
}
$page_id = isset($_GET['p']) && $FUNCS->is_non_zero_natural($_GET['p']) ? (int) $_GET['p'] : null;
$obj_id = $page_id ? $page_id : $tpl_id;
$FUNCS->validate_nonce('edit_page_' . $obj_id);
$is_ajax = isset($_GET['ajax']) && $_GET['ajax'] == '1' ? 1 : 0;
// if called from 'cms:inline_link'
$PAGE = new KWebpage($tpl_id, $page_id);
if ($PAGE->error) {
ob_end_clean();
die('ERROR: ' . $PAGE->err_msg);
}
// get fields to render
$arr_fields = array_flip(array_filter(array_map("trim", explode('|', $_GET['flist']))));
if (!count($arr_fields)) {
die('No Fields specified');
}
$requires_multipart = 0;
for ($x = 0; $x < count($PAGE->fields); $x++) {
$f =& $PAGE->fields[$x];
if ($f->deleted || $f->k_type == 'group') {
unset($f);
continue;
}
if (array_key_exists($f->name, $arr_fields)) {
if ($is_ajax) {
// can have only one field .. complete all processing here
$f->store_posted_changes($_POST['data']);
$errors = $PAGE->save();
if (!$errors) {
$FUNCS->invalidate_cache();
$html = $f->get_data(1);
} else {
$html = '<font color="red"><i>(' . $f->err_msg . ')</i></font>';
}
ob_end_clean();
echo $html;
exit;
} else {
$f->resolve_dynamic_params();
if ($f->requires_multipart) {
$requires_multipart = 1;
}
if ($f->k_type == 'richtext') {
require_once K_COUCH_DIR . 'includes/ckeditor/ckeditor.php';
}
$arr_fields[$f->name] =& $f;
}
}
unset($f);
}
foreach ($arr_fields as $k => $v) {
if (!is_object($v)) {
die('Field not found: ' . $FUNCS->escape_HTML($k));
}
}
// form posted?
$errors = '';
if (isset($_POST['op']) && $_POST['op'] == 'save') {
// move posted data into fields
$refresh_form = $refresh_errors = 0;
foreach ($arr_fields as $k => $v) {
$f =& $arr_fields[$k];
$f->store_posted_changes($_POST['f_' . $f->name]);
if ($f->refresh_form) {
$refresh_form = 1;
}
if ($f->err_msg_refresh) {
$refresh_errors++;
}
unset($f);
}
if (!$refresh_form) {
$errors = $PAGE->save();
if (!$errors) {
$FUNCS->invalidate_cache();
ob_end_clean();
// redirect
echo '<font color="green"><b>Saved.</b></font><br/>Reloading page..<script>parent.location.reload()</script>';
exit;
}
} else {
$errors = $refresh_errors;
}
}
// render fields
ob_start();
require_once K_COUCH_DIR . 'addons/inline/view/edit.php';
$html = ob_get_contents();
ob_end_clean();
// header needs to be called after all fields are rendered as it includes css/js set by fields
ob_start();
require_once K_COUCH_DIR . 'addons/inline/view/header.php';
$html = ob_get_contents() . $html;
ob_end_clean();
echo $html;
exit;
}
} elseif ($_GET['act'] == 'list') {
if ($tpl_id) {
// Any pages marked for deletion?
if (isset($_POST['page-id']) && $_POST['bulk-action'] == 'delete') {
$FUNCS->validate_nonce('bulk_action_page');
$DB->begin();
$rs = $DB->select(K_TBL_TEMPLATES, array('id, name, description, access_level, nested_pages'), "id='" . $DB->sanitize($tpl_id) . "'");
if (!count($rs)) {
die('ERROR: Template not found');
}
// serialize access.. lock template as this could involve working with nested pages tree.
$DB->update(K_TBL_TEMPLATES, array('description' => $DB->sanitize($rs[0]['description'])), "id='" . $DB->sanitize($tpl_id) . "'");
foreach ($_POST['page-id'] as $v) {
if ($FUNCS->is_non_zero_natural($v)) {
$page_id = intval($v);
$PAGE = new KWebpage($tpl_id, $page_id);
if ($PAGE->error) {
ob_end_clean();
die('ERROR in deletion: ' . $PAGE->err_msg);
}
// execute action
$PAGE->delete();
$FUNCS->invalidate_cache();
}
}
if ($rs[0]['nested_pages']) {
$PAGE->reset_weights_of();
// entire tree
}
$DB->commit();
$qs = '?act=list&tpl=' . $tpl_id;
function add_item()
{
global $FUNCS, $DB;
if (isset($_POST['pp_id']) && $FUNCS->is_non_zero_natural($_POST['pp_id'])) {
$item_number = (int) $_POST['pp_id'];
$rs = $DB->select(K_TBL_PAGES, array('id', 'template_id'), "id = '" . $DB->sanitize($item_number) . "'");
if (count($rs)) {
$rec = $rs[0];
$pg = new KWebpage($rec['template_id'], $rec['id']);
if (!$pg->error) {
// get all cart related fields from page
$arr_pp_fields = array('pp_price', 'pp_options', 'pp_requires_shipping');
$arr_custom_fields = array();
for ($x = 0; $x < count($pg->fields); $x++) {
if ($pg->fields[$x]->system || $pg->fields[$x]->deleted) {
continue;
}
$fname = $pg->fields[$x]->name;
if (in_array($fname, $arr_pp_fields)) {
${$fname} = trim($pg->fields[$x]->get_data());
} else {
// is it a custom field? Check if prefixed with a 'pp_'
if (substr($fname, 0, 3) == 'pp_') {
$arr_custom_fields[substr($fname, 3)] = trim($pg->fields[$x]->get_data());
// strip off the 'pp_' prefix
}
}
}
$all_ok = 1;
// valid price
if (!isset($pp_price) || !is_numeric($pp_price)) {
$all_ok = 0;
}
// valid quantity
$quantity = trim($_POST['qty']);
if ($this->get_config('allow_decimal_qty')) {
if (!is_numeric($quantity) || !preg_match("/^[0-9.]+\$/i", $quantity) || !($quantity > 0)) {
$all_ok = 0;
}
} else {
if (!$FUNCS->is_non_zero_natural($quantity)) {
$all_ok = 0;
}
}
if ($all_ok) {
$arr_sort_keys = array();
// used to sort items in the cart
$arr_display_attrs = array();
// an array of all selected variant options with values
$arr_sort_keys[] = $pg->page_name;
//get the price modifiers, if any
if (isset($pp_options)) {
$arr_opts = $this->_parse_options($pp_options);
if (count($arr_opts)) {
for ($x = 0; $x < count($arr_opts); $x++) {
$os = $_POST['os' . $x];
$opt_name = $arr_opts[$x]['name'];
$opt_values = $arr_opts[$x]['values'];
// valid attributes
if ($this->_is_option_text($arr_opts[$x])) {
// textbox
if (is_string($os)) {
$os = trim($os);
if (strlen($os)) {
$arr_sort_keys[] = md5($os);
// save selected attribute and value for latter display
$arr_display_attrs[$opt_name] = $FUNCS->excerpt($FUNCS->cleanXSS($os, 0, 'none'), 200);
// adjust price
$pp_price = $pp_price + $opt_values[0]['price'];
}
} else {
$all_ok = 0;
break;
}
} else {
// select list
if ($FUNCS->is_natural($os) && $os < count($opt_values)) {
$arr_sort_keys[] = $os;
// save selected attribute and value for latter display
$arr_display_attrs[$opt_name] = $opt_values[$os]['attr'];
// e.g Color=>Black;
// adjust price
$pp_price = $pp_price + $opt_values[$os]['price'];
} else {
$all_ok = 0;
break;
}
}
}
}
}
// if all ok, add to cart
if ($all_ok) {
// create the sorting key - page_name + attributes
$sorting_key = $FUNCS->make_key($arr_sort_keys);
// create a unique id for this item. Will be passed on for future actions on cart.
$unique_key = md5($sorting_key);
// if item already exists in cart, update the original else add a new item.
if (isset($this->items[$sorting_key])) {
// update quantity
$this->updated_rows[$sorting_key] = $this->items[$sorting_key]['quantity'];
// save original quantity
$this->items[$sorting_key]['quantity'] += $quantity;
} else {
$this->items[$sorting_key] = array('line_id' => $unique_key, 'id' => $pg->id, 'name' => $pg->page_name, 'title' => $pg->page_title, 'link' => K_SITE_URL . $pg->get_page_view_link(), 'price' => $pp_price, 'quantity' => $quantity, 'line_total' => 0, 'skip_line_total' => 0, 'options' => $arr_display_attrs, 'requires_shipping' => $pp_requires_shipping ? 1 : 0);
// Add custom attributes if any
foreach ($arr_custom_fields as $k => $v) {
$this->items[$sorting_key][$k] = $v;
}
$this->updated_rows[$sorting_key] = 0;
// sort
ksort($this->items);
}
// finally persist in session
$this->current_action_success = 1;
$this->serialize();
} else {
// report error?
}
}
}
}
}
$this->redirect(1);
}
