/**
* admin process
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Admin
* @author Henry Ruhs
*/
function admin_process()
{
$aliasFilter = new Redaxscript\Filter\Alias();
$emailFilter = new Redaxscript\Filter\Email();
$urlFilter = new Redaxscript\Filter\Url();
$htmlFilter = new Redaxscript\Filter\Html();
$aliasValidator = new Redaxscript\Validator\Alias();
$loginValidator = new Redaxscript\Validator\Login();
$specialFilter = new Redaxscript\Filter\Special();
$messenger = new Redaxscript\Admin\Messenger(Redaxscript\Registry::getInstance());
$filter = Redaxscript\Registry::get('filter');
$tableParameter = Redaxscript\Registry::get('tableParameter');
$idParameter = Redaxscript\Registry::get('idParameter');
/* clean post */
switch ($tableParameter) {
/* categories */
case 'categories':
$parent = $r['parent'] = $specialFilter->sanitize($_POST['parent']);
/* articles */
/* articles */
case 'articles':
$r['keywords'] = $_POST['keywords'];
$r['robots'] = $specialFilter->sanitize($_POST['robots']);
$r['template'] = $specialFilter->sanitize($_POST['template']);
/* extras */
/* extras */
case 'extras':
$title = $r['title'] = $_POST['title'];
if ($tableParameter != 'categories') {
$r['headline'] = $specialFilter->sanitize($_POST['headline']);
}
$r['sibling'] = $specialFilter->sanitize($_POST['sibling']);
$author = $r['author'] = Redaxscript\Registry::get('myUser');
/* comments */
/* comments */
case 'comments':
if ($tableParameter == 'comments') {
$r['url'] = $urlFilter->sanitize($_POST['url']);
$author = $r['author'] = $_POST['author'];
}
if ($tableParameter != 'categories') {
$text = $r['text'] = $filter ? $htmlFilter->sanitize($_POST['text']) : $_POST['text'];
$date = $r['date'] = $_POST['date'];
}
$rank = $r['rank'] = $specialFilter->sanitize($_POST['rank']);
/* groups */
/* groups */
case 'groups':
if ($tableParameter != 'comments') {
$alias = $r['alias'] = $aliasFilter->sanitize($_POST['alias']);
}
/* users */
/* users */
case 'users':
if ($tableParameter != 'groups') {
$language = $r['language'] = $specialFilter->sanitize($_POST['language']);
}
/* modules */
/* modules */
case 'modules':
$alias = $aliasFilter->sanitize($_POST['alias']);
$status = $r['status'] = $specialFilter->sanitize($_POST['status']);
if ($tableParameter != 'groups' && $tableParameter != 'users' && Redaxscript\Registry::get('groupsEdit')) {
$access = array_map([$specialFilter, 'sanitize'], $_POST['access']);
$access_string = implode(', ', $access);
if (!$access_string) {
$access_string = null;
}
$access = $r['access'] = $access_string;
}
if ($tableParameter != 'extras' && $tableParameter != 'comments') {
$r['description'] = $_POST['description'];
}
$token = $_POST['token'];
break;
}
/* clean contents post */
if ($tableParameter == 'articles') {
$r['byline'] = $specialFilter->sanitize($_POST['byline']);
$comments = $r['comments'] = $specialFilter->sanitize($_POST['comments']);
if ($category && !$idParameter) {
$status = $r['status'] = Redaxscript\Db::forTablePrefix('categories')->where('id', $category)->findOne()->status;
}
}
if ($tableParameter == 'articles' || $tableParameter == 'extras') {
$category = $r['category'] = $specialFilter->sanitize($_POST['category']);
}
if ($tableParameter == 'articles' || $tableParameter == 'extras' || $tableParameter == 'comments') {
if ($date > Redaxscript\Registry::get('now')) {
$status = $r['status'] = 2;
}
if (!$date) {
$r['date'] = Redaxscript\Registry::get('now');
}
}
if ($tableParameter == 'extras' || $tableParameter == 'comments') {
$article = $r['article'] = $specialFilter->sanitize($_POST['article']);
}
if ($tableParameter == 'comments' && !$idParameter) {
$status = $r['status'] = Redaxscript\Db::forTablePrefix('articles')->where('id', $article)->findOne()->status;
}
if ($tableParameter == 'comments' || $tableParameter == 'users') {
$email = $r['email'] = $emailFilter->sanitize($_POST['email']);
}
/* clean groups post */
if ($tableParameter == 'groups' && (!$idParameter || $idParameter > 1)) {
$groups_array = ['categories', 'articles', 'extras', 'comments', 'groups', 'users', 'modules'];
foreach ($groups_array as $value) {
${$value} = array_map([$specialFilter, 'sanitize'], $_POST[$value]);
$groups_string = implode(', ', ${$value});
if (!$groups_string) {
$groups_string = 0;
}
$r[$value] = $groups_string;
}
$r['settings'] = $specialFilter->sanitize($_POST['settings']);
$r['filter'] = $specialFilter->sanitize($_POST['filter']);
}
if (($tableParameter == 'groups' || $tableParameter == 'users') && $idParameter == 1) {
$status = $r['status'] = 1;
}
if ($tableParameter == 'groups' || $tableParameter == 'users' || $tableParameter == 'modules') {
$name = $r['name'] = $specialFilter->sanitize($_POST['name']);
}
/* clean users post */
if ($tableParameter == 'users') {
if ($_POST['user']) {
$user = $r['user'] = $specialFilter->sanitize($_POST['user']);
} else {
$user = $r['user'] = Redaxscript\Db::forTablePrefix($tableParameter)->where('id', $idParameter)->findOne()->user;
}
$password_check = $password_confirm = 1;
if ($_POST['edit'] && !$_POST['password'] && !$_POST['password_confirm'] || $_POST['delete']) {
$password_check = 0;
}
if ($_POST['password'] != $_POST['password_confirm']) {
$password_confirm = 0;
}
$password = $specialFilter->sanitize($_POST['password']);
if ($password_check == 1 && $password_confirm == 1) {
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
$r['password'] = $passwordHash->getHash();
}
if ($_POST['new']) {
$r['first'] = $r['last'] = Redaxscript\Registry::get('now');
}
if (!$idParameter || $idParameter > 1) {
$groups = array_map([$specialFilter, 'sanitize'], $_POST['groups']);
$groups_string = implode(', ', $groups);
if (!$groups_string) {
$groups_string = 0;
}
$groups = $r['groups'] = $groups_string;
}
}
$r_keys = array_keys($r);
$last = end($r_keys);
/* validate post */
switch ($tableParameter) {
/* contents */
case 'categories':
case 'articles':
case 'extras':
if (!$title) {
$error = Redaxscript\Language::get('title_empty');
}
if ($tableParameter == 'categories') {
$opponent_id = Redaxscript\Db::forTablePrefix('articles')->where('alias', $alias)->findOne()->id;
}
if ($tableParameter == 'articles') {
$opponent_id = Redaxscript\Db::forTablePrefix('categories')->where('alias', $alias)->findOne()->id;
}
if ($opponent_id) {
$error = Redaxscript\Language::get('alias_exists');
}
if ($tableParameter != 'groups' && $aliasValidator->validate($alias, Redaxscript\Validator\Alias::MODE_GENERAL) == Redaxscript\Validator\ValidatorInterface::PASSED || $aliasValidator->validate($alias, Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\ValidatorInterface::PASSED) {
$error = Redaxscript\Language::get('alias_incorrect');
}
/* groups */
/* groups */
case 'groups':
if (!$alias) {
$error = Redaxscript\Language::get('alias_empty');
} else {
$alias_id = Redaxscript\Db::forTablePrefix($tableParameter)->where('id', $idParameter)->findOne()->alias;
$id_alias = Redaxscript\Db::forTablePrefix($tableParameter)->where('alias', $alias)->findOne()->id;
}
if ($id_alias && strcasecmp($alias_id, $alias) < 0) {
$error = Redaxscript\Language::get('alias_exists');
}
}
/* validate general post */
switch ($tableParameter) {
case 'articles':
case 'extras':
case 'comments':
if (!$text) {
$error = Redaxscript\Language::get('text_empty');
}
break;
case 'groups':
case 'users':
case 'modules':
if (!$name) {
$error = Redaxscript\Language::get('name_empty');
}
break;
}
/* validate users post */
if ($tableParameter == 'users') {
if (!$user) {
$error = Redaxscript\Language::get('user_incorrect');
} else {
$user_id = Redaxscript\Db::forTablePrefix($tableParameter)->where('id', $idParameter)->findOne()->user;
$id_user = Redaxscript\Db::forTablePrefix($tableParameter)->where('user', $user)->findOne()->id;
}
if ($id_user && strcasecmp($user_id, $user) < 0) {
$error = Redaxscript\Language::get('user_exists');
}
if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = Redaxscript\Language::get('user_incorrect');
}
if ($password_check == 1) {
if (!$password) {
$error = Redaxscript\Language::get('password_empty');
}
if ($password_confirm == 0 || $loginValidator->validate($password) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = Redaxscript\Language::get('password_incorrect');
}
}
}
/* validate last post */
$emailValidator = new Redaxscript\Validator\Email();
switch ($tableParameter) {
case 'comments':
if (!$author) {
$error = Redaxscript\Language::get('author_empty');
}
case 'users':
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = Redaxscript\Language::get('email_incorrect');
}
}
$route = 'admin';
/* handle error */
if ($error) {
if (!$idParameter) {
$route .= '/new/' . $tableParameter;
} else {
$route .= '/edit/' . $tableParameter . '/' . $idParameter;
}
/* show error */
echo $messenger->setRoute(Redaxscript\Language::get('back'), $route)->error($error, Redaxscript\Language::get('error_occurred'));
return;
} else {
if (Redaxscript\Registry::get('tableEdit') == 1 || Redaxscript\Registry::get('tableEdit') == 1) {
$route .= '/view/' . $tableParameter;
if ($alias) {
$route .= '#' . $alias;
} else {
if ($user) {
$route .= '#' . $user;
}
}
}
}
/* select to null */
foreach ($r as $key => $value) {
if ($value == 'select') {
$r[$key] = null;
}
}
/* process */
switch (true) {
/* query new */
case $_POST['new']:
Redaxscript\Db::forTablePrefix(Redaxscript\Registry::get('tableParameter'))->create()->set($r)->save();
/* show success */
echo $messenger->setRoute(Redaxscript\Language::get('continue'), $route)->doRedirect()->success(Redaxscript\Language::get('operation_completed'));
return;
/* query edit */
/* query edit */
case $_POST['edit']:
Redaxscript\Db::forTablePrefix(Redaxscript\Registry::get('tableParameter'))->whereIdIs(Redaxscript\Registry::get('idParameter'))->findOne()->set($r)->save();
/* query categories */
if ($tableParameter == 'categories') {
$categoryChildren = Redaxscript\Db::forTablePrefix($tableParameter)->where('parent', $idParameter);
$categoryArray = array_merge($categoryChildren->findFlatArray(), [$idParameter]);
$articleChildren = Redaxscript\Db::forTablePrefix('articles')->whereIn('category', $categoryArray);
$articleArray = $articleChildren->findFlatArray();
if (count($articleArray) > 0) {
Redaxscript\Db::forTablePrefix('comments')->whereIn('article', $articleArray)->findMany()->set(['status' => $status, 'access' => $access])->save();
}
$categoryChildren->findMany()->set(['status' => $status, 'access' => $access])->save();
$articleChildren->findMany()->set(['status' => $status, 'access' => $access])->save();
}
/* query articles */
if ($tableParameter == 'articles') {
if ($comments == 0) {
$status = 0;
}
Redaxscript\Db::forTablePrefix('comments')->where('article', $idParameter)->findMany()->set(['status' => $status, 'access' => $access])->save();
}
if ($tableParameter == 'users' && $idParameter == Redaxscript\Registry::get('myId')) {
$auth = new Redaxscript\Auth(Redaxscript\Request::getInstance());
$auth->init();
$auth->setUser('name', $name);
$auth->setUser('email', $email);
$auth->setUser('language', $language);
$auth->save();
Redaxscript\Request::setSession('language', $language);
}
/* show success */
echo $messenger->setRoute(Redaxscript\Language::get('continue'), $route)->doRedirect()->success(Redaxscript\Language::get('operation_completed'));
return;
}
}
/**
* startup
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Startup
* @author Henry Ruhs
*/
function startup()
{
/* ini set */
if (function_exists('ini_set')) {
if (error_reporting() == 0) {
ini_set('display_startup_errors', 0);
ini_set('display_errors', 0);
}
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', 0);
ini_set('mbstring.substitute_character', 0);
}
/* define general */
$request = Redaxscript\Request::getInstance();
$registry = Redaxscript\Registry::getInstance();
$file = new Redaxscript\Server\File($request);
$root = new Redaxscript\Server\Root($request);
$host = new Redaxscript\Server\Host($request);
$registry->set('file', $file->getOutput());
$registry->set('root', $root->getOutput());
$registry->set('host', $host->getOutput());
/* session */
session_start();
/* prevent session hijacking */
$request->refreshSession();
if (!$request->getSession('regenerateId')) {
session_regenerate_id();
$request->setSession('regenerateId', true);
}
/* database status */
$registry->set('dbStatus', Redaxscript\Db::getStatus());
/* define token */
$token = new Redaxscript\Server\Token($request);
$auth = new Redaxscript\Auth($request);
$registry->set('token', $token->getOutput());
if ($auth->getStatus()) {
$registry->set('loggedIn', $token->getOutput());
}
/* setup charset */
if (function_exists('ini_set') && $registry->get('dbStatus') === 2) {
ini_set('default_charset', Redaxscript\Db::getSetting('charset'));
}
/* define status */
$pdoDriverArray = PDO::getAvailableDrivers();
$fallbackModuleArray = ['mod_deflate', 'mod_headers', 'mod_rewrite'];
$apacheModuleArray = function_exists('apache_get_modules') ? apache_get_modules() : $fallbackModuleArray;
$registry->set('phpOs', strtolower(php_uname('s')));
$registry->set('phpVersion', phpversion());
$registry->set('pdoDriverArray', $pdoDriverArray);
$registry->set('apacheModuleArray', $apacheModuleArray);
$registry->set('sessionStatus', session_status());
/* define parameter */
$parameter = new Redaxscript\Router\Parameter($request);
$parameter->init();
$registry->set('firstParameter', $parameter->getFirst());
$registry->set('firstSubParameter', $parameter->getSub());
$registry->set('secondParameter', $parameter->getSecond());
$registry->set('secondSubParameter', $parameter->getSub());
$registry->set('thirdParameter', $parameter->getThird());
$registry->set('thirdSubParameter', $parameter->getSub());
if ($registry->get('loggedIn') == $registry->get('token') && $registry->get('firstParameter') == 'admin') {
$registry->set('adminParameter', $parameter->getAdmin());
$registry->set('tableParameter', $parameter->getTable());
$registry->set('idParameter', $parameter->getId());
$registry->set('aliasParameter', $parameter->getAlias());
}
$registry->set('lastParameter', $parameter->getLast());
$registry->set('lastSubParameter', $parameter->getSub());
$registry->set('tokenParameter', $parameter->getToken());
/* define routes */
$resolver = new Redaxscript\Router\Resolver($request);
$resolver->init();
$registry->set('liteRoute', $resolver->getLite());
$registry->set('fullRoute', $resolver->getFull());
if (!in_array('mod_rewrite', $registry->get('apacheModuleArray')) || !file_exists('.htaccess') || $registry->get('file') == 'install.php') {
$registry->set('parameterRoute', '?p=');
$registry->set('languageRoute', '&l=');
$registry->set('templateRoute', '&t=');
} else {
$registry->set('parameterRoute', null);
$registry->set('languageRoute', '.');
$registry->set('templateRoute', '.');
}
/* define tables */
if ($registry->get('dbStatus') === 2) {
if (!$registry->get('fullRoute') || $registry->get('firstParameter') == 'admin' && !$registry->get('secondParameter')) {
/* check for homepage */
if (Redaxscript\Db::getSetting('homepage') > 0) {
$table = 'articles';
$id = Redaxscript\Db::getSetting('homepage');
} else {
$table = 'categories';
$id = 0;
/* check order */
if (Redaxscript\Db::getSetting('order') == 'asc') {
$rank = Redaxscript\Db::forTablePrefix($table)->min('rank');
} else {
if (Redaxscript\Db::getSetting('order') == 'desc') {
$rank = Redaxscript\Db::forTablePrefix($table)->max('rank');
}
}
/* category is published */
if ($rank) {
$status = Redaxscript\Db::forTablePrefix($table)->where('rank', $rank)->findOne()->status;
if ($status == 1) {
$id = Redaxscript\Db::forTablePrefix($table)->where('rank', $rank)->findOne()->id;
}
}
}
$registry->set('firstTable', $table);
$registry->set('lastTable', $table);
} else {
if ($registry->get('firstParameter')) {
$registry->set('firstTable', query_table($registry->get('firstParameter')));
}
if ($registry->get('firstTable')) {
$registry->set('secondTable', query_table($registry->get('secondParameter')));
}
if ($registry->get('secondTable')) {
$registry->set('thirdTable', query_table($registry->get('thirdParameter')));
}
if ($registry->get('lastParameter')) {
$registry->set('lastTable', query_table($registry->get('lastParameter')));
}
if ($registry->get('lastTable')) {
$id = Redaxscript\Db::forTablePrefix($registry->get('lastTable'))->where('alias', $registry->get('lastParameter'))->findOne()->id;
}
}
}
/* define ids */
$aliasValidator = new Redaxscript\Validator\Alias();
if ($registry->get('firstParameter') === 'admin' || $aliasValidator->validate($registry->get('firstParameter'), Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\ValidatorInterface::FAILED) {
if ($registry->get('lastTable') == 'categories') {
$registry->set('categoryId', $id);
$registry->set('lastId', $id);
} else {
if ($registry->get('lastTable') == 'articles') {
$registry->set('articleId', $id);
$registry->set('lastId', $id);
}
}
}
/* define content error */
if (!$registry->get('lastId') && $aliasValidator->validate($registry->get('firstParameter'), Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$registry->set('contentError', true);
} else {
$registry->set('contentError', false);
}
/* define user */
$browser = new Redaxscript\Client\Browser($request);
$version = new Redaxscript\Client\Version($request);
$engine = new Redaxscript\Client\Engine($request);
$mobile = new Redaxscript\Client\Mobile($request);
$tablet = new Redaxscript\Client\Tablet($request);
$desktop = new Redaxscript\Client\Desktop($request);
$registry->set('myBrowser', $browser->getOutput());
$registry->set('myBrowserVersion', $version->getOutput());
$registry->set('myEngine', $engine->getOutput());
$registry->set('myMobile', $mobile->getOutput());
$registry->set('myTablet', $tablet->getOutput());
if (!$registry->get('myMobile') || !$registry->get('myTablet')) {
$registry->set('myDesktop', $desktop->getOutput());
}
/* auth */
Redaxscript\Request::refreshSession();
$auth->init();
if ($auth->getStatus()) {
$registry->set('myId', $auth->getUser('id'));
$registry->set('myName', $auth->getUser('name'));
$registry->set('myUser', $auth->getUser('user'));
$registry->set('myEmail', $auth->getUser('email'));
$registry->set('myLanguage', $auth->getUser('language'));
$registry->set('myGroups', $auth->getUser('groups'));
$registry->set('categoriesNew', $auth->getPermissionNew('categories'));
$registry->set('categoriesEdit', $auth->getPermissionEdit('categories'));
$registry->set('categoriesDelete', $auth->getPermissionDelete('categories'));
$registry->set('articlesNew', $auth->getPermissionNew('articles'));
$registry->set('articlesEdit', $auth->getPermissionEdit('articles'));
$registry->set('articlesDelete', $auth->getPermissionDelete('articles'));
$registry->set('extrasNew', $auth->getPermissionNew('extras'));
$registry->set('extrasEdit', $auth->getPermissionEdit('extras'));
$registry->set('extrasDelete', $auth->getPermissionDelete('extras'));
$registry->set('commentsNew', $auth->getPermissionNew('comments'));
$registry->set('commentsEdit', $auth->getPermissionEdit('comments'));
$registry->set('commentsDelete', $auth->getPermissionDelete('comments'));
$registry->set('groupsNew', $auth->getPermissionNew('groups'));
$registry->set('groupsEdit', $auth->getPermissionEdit('groups'));
$registry->set('groupsDelete', $auth->getPermissionDelete('groups'));
$registry->set('usersNew', $auth->getPermissionNew('users'));
$registry->set('usersEdit', $auth->getPermissionEdit('users'));
$registry->set('usersDelete', $auth->getPermissionDelete('users'));
$registry->set('modulesInstall', $auth->getPermissionInstall('modules'));
$registry->set('modulesEdit', $auth->getPermissionEdit('modules'));
$registry->set('modulesUninstall', $auth->getPermissionUninstall('modules'));
$registry->set('settingsEdit', $auth->getPermissionEdit('settings'));
}
$registry->set('filter', $auth->getFilter());
/* define table access */
$tableParameter = $registry->get('tableParameter');
$registry->set('tableNew', $registry->get($tableParameter . 'New'));
$registry->set('tableInstall', $registry->get($tableParameter . 'Install'));
$registry->set('tableEdit', $registry->get($tableParameter . 'Edit'));
$registry->set('tableDelete', $registry->get($tableParameter . 'Delete'));
$registry->set('tableUninstall', $registry->get($tableParameter . 'Uninstall'));
/* define time */
$registry->set('now', date('Y-m-d H:i:s'));
/* cron update */
$registry->set('cronUpdate', false);
if (!Redaxscript\Request::getSession('timerUpdate') && $registry->get('dbStatus') === 2 && function_exists('future_update')) {
Redaxscript\Request::setSession('timerUpdate', date('Y-m-d H:i:s', strtotime('+1 minute')));
$registry->set('cronUpdate', true);
} else {
if (Redaxscript\Request::getSession('timerUpdate') < $registry->get('now')) {
Redaxscript\Request::setSession('timerUpdate', false);
}
}
/* future update */
if ($registry->get('cronUpdate')) {
Redaxscript\Hook::trigger('cronUpdate');
future_update('categories');
future_update('articles');
future_update('comments');
future_update('extras');
}
/* cache */
$registry->set('noCache', false);
$filterBoolean = new Redaxscript\Filter\Boolean();
$noCache = $filterBoolean->sanitize($request->getQuery('no-cache'));
if ($registry->get('loggedIn') == $registry->get('token') || $noCache) {
$registry->set('noCache', true);
}
}
