public function __construct()
{
$this->_display_html = false;
if (VGet::loggedout()) {
$this->_msg = ActionMessages::custom_good('You\'ve been logged out');
}
try {
$this->_session = new Session();
if (VPost::login(false)) {
$this->_session->login();
}
} catch (Exception $e) {
$this->_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
/**
* Retrieve all categories from the database for a specific type
*
* @static
* @access public
* @param array [$array] Array to populate with categories (passed by reference)
* @param string [$msg] Attribute to return a message to if error raisen (passed by reference)
* @param string [$type] Category type that has to be retrieved
*/
public static function get_categories(&$array, &$msg, $type)
{
try {
$db =& Database::load();
$to_read['table'] = 'category';
$to_read['columns'] = array('CATEGORY_ID', 'category_name');
$to_read['condition_columns'][':t'] = 'category_type';
$to_read['condition_select_types'][':t'] = '=';
$to_read['condition_values'][':t'] = $type;
$to_read['value_types'][':t'] = 'str';
$cats = $db->read($to_read);
if (is_array($cats)) {
foreach ($cats as $cat) {
$array[$cat['CATEGORY_ID']] = $cat['category_name'];
}
}
} catch (Exception $e) {
$msg = ActionMessages::custom_wrong($e->getMessage());
}
}
/**
* Retrieve all plugins installed
*
* @access private
*/
private function get_plugins()
{
try {
$to_read['table'] = 'setting';
$to_read['columns'] = array('SETTING_ID');
$to_read['condition_columns'][':t'] = 'setting_type';
$to_read['condition_select_types'][':t'] = '=';
$to_read['condition_values'][':t'] = 'plugin';
$to_read['value_types'][':t'] = 'str';
$this->_plugins = $this->_db->read($to_read);
if (!empty($this->_plugins)) {
foreach ($this->_plugins as &$plg) {
$plg = new Setting($plg['SETTING_ID']);
$plg->_data = json_decode($plg->_data, true);
}
}
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
/**
* Delete a plugin
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && VPost::plg_id() && $this->_user['delete_content']) {
try {
$plg = new Setting(VPost::plg_id());
$plg->_data = json_decode($plg->_data, true);
foreach ($plg->_data['admin'] as $file) {
File::delete('includes/' . $plg->_data['namespace'] . '/' . $file);
}
foreach ($plg->_data['site'] as $file) {
File::delete(PATH . 'includes/' . $file);
}
foreach ($plg->_data['library'] as $file) {
File::delete('library/' . $plg->_data['namespace'] . '/' . $file);
}
foreach ($plg->_data['uninstall'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
File::delete(PATH . 'css/' . $plg->_data['namespace'] . '.css', false);
$plg->delete();
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (VPost::delete(false) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Retrieve the timeline of a website
*
* @access private
*/
private function get_timeline()
{
try {
$site = VGet::website();
if (!empty($site) || $site === 0) {
$this->_key = VGet::website();
} else {
$data = $this->_prefs->_data['timeline'];
reset($data);
$this->_key = key($data);
}
if (empty($this->_prefs->_data['timeline'])) {
throw new Exception('No website in your preferences!');
}
if (!isset($this->_prefs->_data['timeline'][$this->_key])) {
throw new Exception('Requested website not found!');
}
$url = $this->_prefs->_data['timeline'][$this->_key]['url'] . 'admin/index.php?ns=rpc&ctl=timeline&since=' . $this->_since;
$curl = new Curl($url);
$this->_timeline = json_decode($curl->_content, true);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
/**
* Create a new user
*
* @access private
*/
private function create()
{
if ($this->check_post_data()) {
try {
$to_read['table'] = 'user';
$to_read['columns'] = array('USER_ID');
$to_read['condition_columns'][':u'] = 'user_username';
$to_read['condition_select_types'][':u'] = 'LIKE';
$to_read['condition_values'][':u'] = $this->_new_user->_username;
$to_read['value_types'][':u'] = 'str';
$user = $this->_db->read($to_read);
if (!empty($user)) {
throw new Exception('Username already used!');
}
$this->_new_user->create();
Session::monitor_activity('added a new member: ' . $this->_new_user->_username);
if ($this->_new_user->_result_action === true && VPost::send_pwd(false)) {
$to = $this->_new_user->_email;
$subject = 'Your password for ' . WS_NAME;
$message = 'This is your password: '******'Location: index.php?ns=users&ctl=manage');
} elseif ($this->_new_user->_result_action === true) {
header('Location: index.php?ns=users&ctl=manage');
}
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Delete all registered activity
*
* @access private
*/
private function delete()
{
if (VPost::reset(false) && $this->_user['delete_content']) {
try {
$this->_db->query('TRUNCATE TABLE ' . DB_PREFIX . 'activity');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (VPost::reset(false) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Update link object
*
* @access private
*/
private function update()
{
if ($this->_user['settings']) {
if ($this->check_post_data()) {
try {
$this->_link->update('_name', 'str');
$this->_link->update('_link', 'str');
$this->_link->update('_rss_link', 'str');
$this->_link->update('_notes', 'str');
$this->_link->update('_priority', 'int');
header('Location: index.php?ns=links&ctl=manage');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
} else {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Install a template from github
*
* @access private
*/
private function create()
{
if (VGet::action() == 'install' && VGet::user() && VGet::repo() && VGet::download()) {
try {
$curl = new Curl('https://api.github.com/repos/' . VGet::user() . '/' . VGet::repo() . '/downloads');
$downloads = json_decode($curl->_content, true);
if (empty($downloads)) {
throw new Exception('Archive doesn\'t exist on Github');
}
if (isset($downloads['message'])) {
throw new Exception($downloads['message']);
}
$url = null;
foreach ($downloads as $download) {
if ($download['name'] == VGet::download()) {
if ($download['content_type'] != 'application/zip') {
throw new Exception('Invalid archive type! (.zip only)');
} else {
$url = $download['html_url'];
}
}
}
unset($curl);
$curl = new Curl($url);
$zip = new File();
$zip->_content = $curl->_content;
$zip->save('tmp/template.zip');
$tmp = 'tmp/tpl_' . md5_file('tmp/template.zip') . '/';
File::unzip('tmp/template.zip', $tmp);
File::delete('tmp/template.zip');
$json = File::read($tmp . 'manifest.json');
$conf = json_decode($json->_content, true);
//check if the manifest is complete
if (!isset($conf['name']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['namespace']) || !isset($conf['files'])) {
throw new Exception('Invalid manifest!');
}
if (is_dir(PATH . 'includes/templates/' . $conf['namespace'] . '/')) {
throw new Exception('Template already exist');
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['files'] as $file) {
File::read($tmp . $file);
}
foreach ($conf['files'] as $file) {
File::move($tmp . $file, PATH . 'includes/templates/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . $file);
}
File::delete($tmp . 'manifest.json');
$setting = new Setting();
$setting->_name = $conf['name'];
$setting->_type = 'template';
$setting->_data = json_encode($conf);
$setting->create();
$this->_action_msg = ActionMessages::custom_good('Template "' . $setting->_name . '" installed');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Move uploaded files to the right place and insert metadata in the database
*
* @access private
*/
private function create()
{
if (VPost::upload(false)) {
try {
$path = 'content/' . date('Y/m/');
$img = new HandleMedia();
$img->load_upload('file');
$name = Helper::remove_accent($img->_name);
$mime = $img->_mime;
if (file_exists(PATH . $path . $name)) {
throw new Exception('The file "' . $name . '" already exists');
}
$img->save(PATH . $path . $name);
if (substr($mime, 0, 5) == 'image') {
$img->thumb(150, 0);
$img->thumb(300, 0);
$img->thumb(1000, 0);
$this->_media->_status = 'draft';
} elseif (substr($mime, 0, 5) == 'video') {
$this->_media->_status = 'publish';
}
$this->_media->_name = $name;
$this->_media->_type = $mime;
$this->_media->_author = $this->_user['user_id'];
$this->_media->_allow_comment = 'closed';
$this->_media->_permalink = $path . $name;
$this->_media->_album = 0;
$this->_media->create();
Session::monitor_activity('has uploaded a file named: ' . $this->_media->_name);
if (substr($mime, 0, 5) == 'video') {
header('Location: index.php?ns=media&ctl=manage&type=video');
} else {
header('Location: index.php?ns=media&ctl=manage');
}
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif (VPost::create_album(false) && $this->_user['album_photo']) {
if (!VPost::name()) {
$this->_action_msg = ActionMessages::custom_wrong('Album name missing');
} else {
try {
$name = VPost::name();
$path = 'content/albums/' . Helper::slug($name) . '/';
if (file_exists(PATH . $path)) {
throw new Exception('The album "' . $name . '" already exists');
}
$this->_media->_name = $name;
$this->_media->_type = 'album';
$this->_media->_author = $this->_user['user_id'];
$this->_media->_status = 'draft';
$this->_media->_permalink = $path;
$this->_media->_description = stripslashes(VPost::description());
$this->_media->_category = implode(',', VPost::cat(array()));
$this->_media->_allow_comment = VPost::allow_comment('closed');
$this->_media->_album = 0;
$img = new HandleMedia();
$img->load_upload('cover');
$img->save(PATH . $path . 'cover.png');
$img->thumb(150, 0);
$img->thumb(300, 0);
$img->thumb(1000, 0);
$this->_media->create();
Session::monitor_activity('created an album named: ' . $this->_media->_name);
header('Location: index.php?ns=media&ctl=albums&action=edit&id=' . $this->_media->_id);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
} elseif (VPost::link_alien(false)) {
if (!VPost::name() || !VPost::embed_code()) {
$this->_action_msg = ActionMessages::custom_wrong('There\'s missing informations');
} else {
try {
$this->_media->_name = VPost::name();
$this->_media->_type = 'alien';
$this->_media->_author = $this->_user['user_id'];
$this->_media->_status = 'draft';
$this->_media->_allow_comment = 'closed';
$this->_media->_permalink = Helper::slug(VPost::name());
$this->_media->_embed_code = VPost::embed_code();
$this->_media->_album = 0;
$this->_media->create();
Session::monitor_activity('linked a new video named: ' . $this->_media->_name);
header('Location: index.php?ns=media&ctl=manage&type=video');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
} elseif (VPost::register_video(false)) {
try {
if (!file_exists(PATH . VPost::url())) {
throw new Exception('Video not found');
}
if (!VPost::mime()) {
throw new Exception('Video mime type missing');
}
$this->_media->_name = VPost::name();
$this->_media->_type = VPost::mime();
$this->_media->_author = $this->_user['user_id'];
$this->_media->_status = 'publish';
$this->_media->_allow_comment = 'closed';
$this->_media->_permalink = VPost::url();
$this->_media->_album = 0;
$this->_media->create();
Session::monitor_activity('registered a new video named: ' . $this->_media->_name);
header('Location: index.php?ns=media&ctl=manage&action=edit&type=video&id=' . $this->_media->_id);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Delete links
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && VPost::link_id() && $this->_user['delete_content']) {
try {
foreach (VPost::link_id() as $id) {
$link = new Link();
$link->_id = $id;
$link->delete();
$this->_action_msg = ActionMessages::deleted($link->_result_action);
}
Session::monitor_activity('deleted ' . count(VPost::link_id()) . ' link(s)');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif (VGet::action() == 'delete' && VGet::id() && $this->_user['delete_content']) {
try {
$link = new Link();
$link->_id = Vget::id();
$link->delete();
Session::monitor_activity('deleted a link');
$this->_action_msg = ActionMessages::deleted($link->_result_action);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif ((VPost::delete(false) || VGet::action() == 'delete') && $this->_user['delete_content'] === false) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Delete medias from database and on hard drive
*
* @access private
*/
private function delete()
{
if ($this->_user['delete_content'] && VPost::delete(false) && VPost::media_id()) {
$results = array();
$global_result = true;
foreach (VPost::media_id() as $id) {
try {
$media = new Media();
$media->_id = $id;
$media->read('_permalink');
$path = $media->_permalink;
$media->delete();
unset($media);
HandleMedia::delete(PATH . $path);
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "media"');
if (VPost::type() == 'alien') {
$to_update['table'] = 'media';
$to_update['columns'] = array(':attach' => 'media_attachment');
$to_update['condition_columns'] = array(':ca' => 'media_attachment');
$to_update['column_values'] = array(':attach' => null, ':ca' => $id);
$to_update['value_types'] = array(':attach' => 'null', ':ca' => 'int');
$this->_db->update($to_update);
}
array_push($results, true);
} catch (Exception $e) {
array_push($results, false);
}
}
foreach ($results as $result) {
if ($result !== true) {
$global_result = false;
}
}
Session::monitor_activity('deleted ' . count(VPost::media_id()) . ' file(s)');
$this->_action_msg = ActionMessages::deleted($global_result);
} elseif ($this->_user['delete_content'] && VGet::action() == 'delete' && VGet::id()) {
try {
$media = new Media();
$media->_id = VGet::id();
$media->read('_permalink');
$path = $media->_permalink;
$media->delete();
unset($media);
HandleMedia::delete(PATH . $path);
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "media"');
if (VGet::type() == 'alien') {
$to_update['table'] = 'media';
$to_update['columns'] = array(':attach' => 'media_attachment');
$to_update['condition_columns'] = array(':ca' => 'media_attachment');
$to_update['column_values'] = array(':attach' => null, ':ca' => VGet::id());
$to_update['value_types'] = array(':attach' => 'null', ':ca' => 'int');
$this->_db->update($to_update);
}
Session::monitor_activity('deleted a file');
$result = true;
} catch (Exception $e) {
error_log($e->getMessage(), 0);
$result = false;
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (!$this->_user['delete_content'] && (VPost::delete(false) || VGet::action() == 'delete')) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Delete files on hard drive and metadata in database
*
* @access private
*/
private function delete()
{
if (VPost::apply_action(false) && VPost::action() == 'delete' && $this->_user['delete_content']) {
if (VPost::album_id()) {
try {
foreach (VPost::album_id() as $id) {
$album = new Media();
$album->_id = $id;
$album->read('_permalink');
$to_read['table'] = 'media';
$to_read['columns'] = array('MEDIA_ID');
$to_read['condition_columns'][':id'] = 'media_album';
$to_read['condition_select_types'][':id'] = '=';
$to_read['condition_values'][':id'] = $id;
$to_read['value_types'][':id'] = 'int';
$ids = $this->_db->read($to_read);
if (!empty($ids)) {
foreach ($ids as $pid) {
$pic = new Media();
$pic->_id = $pid['MEDIA_ID'];
$pic->read('_permalink');
$permalink = $pic->_permalink;
HandleMedia::delete(PATH . $permalink);
$pic->delete();
}
}
$permalink = $album->_permalink;
HandleMedia::delete(PATH . $permalink . 'cover.png');
@rmdir(PATH . $permalink);
$album->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "media"');
}
Session::monitor_activity('deleted ' . count(VPost::album_id()) . ' album(s)');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
}
} elseif (VGet::action() == 'delete' && VGet::id() && $this->_user['delete_content']) {
try {
$pic = new Media();
$pic->_id = VGet::id();
$pic->read('_permalink');
$permalink = $pic->_permalink;
HandleMedia::delete(PATH . $permalink);
$pic->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "media"');
Session::monitor_activity('deleted a picture of an album');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (VPost::delete_pics(false)) {
if (VPost::picture_id()) {
try {
foreach (VPost::picture_id() as $id) {
$pic = new Media();
$pic->_id = $id;
$pic->read('_permalink');
$permalink = $pic->_permalink;
HandleMedia::delete(PATH . $permalink);
$pic->delete();
}
Session::monitor_activity('deleted ' . count(VPost::picture_id(array())) . ' picture(s) of an album');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
}
} elseif ((VPost::apply_action(false) && VPost::action() == 'delete' || VGet::action() == 'delete' || VPost::delete_pics(false)) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Add a new Plugin
*
* @access private
*/
private function create()
{
if (VPost::upload(false)) {
try {
$plg = VFiles::plg();
if ($plg['error'] != 0) {
throw new Exception('No file uploaded');
}
$tmp = 'tmp/plg_' . md5_file($plg['tmp_name']) . '/';
File::unzip($plg['tmp_name'], $tmp);
$json = File::read($tmp . 'manifest.json');
$conf = json_decode($json->_content, true);
//check if manifest is complete
if (!isset($conf['name']) || !isset($conf['namespace']) || !isset($conf['entry_point']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['admin']) || !isset($conf['site']) || !isset($conf['library']) || !isset($conf['queries']) || !isset($conf['uninstall'])) {
throw new Exception('Invalid manifest!');
}
if (is_dir('includes/' . $conf['namespace']) || is_dir('library/' . $conf['namespace'])) {
throw new Exception('The namespace "' . $conf['namespace'] . '" is already taken');
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['admin'] as $file) {
File::read($tmp . 'admin/' . $file);
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['site'] as $file) {
if (file_exists(PATH . 'includes/' . $file)) {
throw new Exception('The file "' . $file . '" already exists in site directory');
}
File::read($tmp . 'site/' . $file);
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['library'] as $file) {
File::read($tmp . 'library/' . $file);
}
foreach ($conf['admin'] as $file) {
File::move($tmp . 'admin/' . $file, 'includes/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . 'admin/' . $file);
}
foreach ($conf['site'] as $file) {
File::move($tmp . 'site/' . $file, PATH . 'includes/' . $file);
File::delete($tmp . 'site/' . $file);
}
foreach ($conf['library'] as $file) {
File::move($tmp . 'library/' . $file, 'library/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . 'library/' . $file);
}
if (isset($conf['css'])) {
foreach ($conf['css'] as $file) {
File::move($tmp . 'css/' . $file, PATH . 'css/' . $conf['namespace'] . '.css');
File::delete($tmp . 'css/' . $file);
}
}
foreach ($conf['queries'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
File::delete($tmp . 'manifest.json');
$setting = new Setting();
$setting->_name = $conf['name'];
$setting->_type = 'plugin';
$setting->_data = json_encode($conf);
$setting->create();
header('Location: index.php?ns=plugins&ctl=manage');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Upload and move into place a new template
*
* @access private
*/
private function create()
{
if (VPost::upload(false)) {
try {
$tpl = VFiles::tpl();
if ($tpl['error'] != 0) {
throw new Exception('No file uploaded');
}
$tmp = 'tmp/tpl_' . md5_file($tpl['tmp_name']) . '/';
File::unzip($tpl['tmp_name'], $tmp);
$json = File::read($tmp . 'manifest.json');
$conf = json_decode($json->_content, true);
//check if the manifest is complete
if (!isset($conf['name']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['namespace']) || !isset($conf['files'])) {
throw new Exception('Invalid manifest!');
}
if (is_dir(PATH . 'includes/templates/' . $conf['namespace'] . '/')) {
throw new Exception('Template already exist');
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['files'] as $file) {
File::read($tmp . $file);
}
foreach ($conf['files'] as $file) {
File::move($tmp . $file, PATH . 'includes/templates/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . $file);
}
File::delete($tmp . 'manifest.json');
$setting = new Setting();
$setting->_name = $conf['name'];
$setting->_type = 'template';
$setting->_data = json_encode($conf);
$setting->create();
header('Location: index.php?ns=templates&ctl=manage');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Create a comment on a distant website
*
* @access private
*/
private function create()
{
if (VPost::submit(false) && VPost::content(false)) {
try {
$user = new User();
$user->_id = $this->_user['user_id'];
$user->read('_publicname');
$user->read('_email');
$data = array('name' => $user->_publicname, 'email' => $user->_email, 'content' => VPost::content(), 'id' => $this->_content['post']['POST_ID'], 'type' => 'post');
$url = $this->_prefs->_data['timeline'][$this->_key]['url'] . 'admin/index.php?ns=rpc&ctl=comment';
$curl = new Curl();
$curl->_post = true;
$curl->_data = $data;
$curl->_url = $url;
$curl->connect();
$msg = json_decode($curl->_content, true);
if ($msg['message'] !== true) {
throw new Exception('Error on distant website! ' . $this->_prefs->_data['timeline'][$this->_key]['title'] . ' says "' . $msg['message'] . '"');
}
$this->_action_msg = ActionMessages::custom_good('Comment submitted');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Update user data
*
* @access private
*/
private function update()
{
if ($this->check_post_data()) {
try {
$this->_profile->update('_firstname', 'str');
$this->_profile->update('_lastname', 'str');
$this->_profile->update('_nickname', 'str');
$this->_profile->update('_publicname', 'str');
$this->_profile->update('_email', 'str');
$this->_profile->update('_website', 'str');
$this->_profile->update('_msn', 'str');
$this->_profile->update('_twitter', 'str');
$this->_profile->update('_facebook', 'str');
$this->_profile->update('_google', 'str');
$this->_profile->update('_avatar', 'int');
$this->_profile->update('_bio', 'str');
if (VPost::role(false)) {
$this->_profile->update('_role', 'str');
}
$pwd = $this->_profile->_password;
if (!empty($pwd)) {
$this->_profile->update('_password', 'str');
}
$this->build_avatar();
$this->_action_msg = ActionMessages::profile_update(true);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::profile_update(ucfirst($e->getMessage()));
}
}
}
/**
* Update default page setting
*
* @access private
*/
private function update()
{
if (VPost::update(false)) {
try {
$array = array('type' => '', 'view' => '');
if ($this->_setting->_data['type'] != VPost::type()) {
$array['view'] = 'all';
} else {
$array['view'] = VPost::view();
}
$array['type'] = VPost::type();
$this->_setting->_data = json_encode($array);
$this->_setting->update('_data', 'str');
$this->_setting->_data = json_decode($this->_setting->_data, true);
Session::monitor_activity('changed default page setting');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::updated($result);
}
}
/**
* Update setting
*
* @access private
*/
private function update()
{
if (VPost::update_setting(false)) {
try {
$array = VPost::settings(array('media' => false));
$settings = array('media' => false);
foreach ($settings as $key => &$value) {
if (in_array($key, $array)) {
$value = true;
}
}
$this->_setting->_data = json_encode($settings);
$this->_setting->update('_data', 'str');
$this->_setting->_data = json_decode($this->_setting->_data, true);
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::updated($result);
}
}
/**
* Install a plugin from github
*
* @access private
*/
private function create()
{
if (VGet::action() == 'install' && VGet::user() && VGet::repo() && VGet::download()) {
try {
$curl = new Curl('https://api.github.com/repos/' . VGet::user() . '/' . VGet::repo() . '/downloads');
$downloads = json_decode($curl->_content, true);
if (empty($downloads)) {
throw new Exception('Archive doesn\'t exist on Github');
}
if (isset($downloads['message'])) {
throw new Exception($downloads['message']);
}
$url = null;
foreach ($downloads as $download) {
if ($download['name'] == VGet::download()) {
if ($download['content_type'] != 'application/zip') {
throw new Exception('Invalid archive type! (.zip only)');
} else {
$url = $download['html_url'];
}
}
}
unset($curl);
$curl = new Curl($url);
$zip = new File();
$zip->_content = $curl->_content;
$zip->save('tmp/plugin.zip');
$tmp = 'tmp/plg_' . md5_file('tmp/plugin.zip') . '/';
File::unzip('tmp/plugin.zip', $tmp);
File::delete('tmp/plugin.zip');
$json = File::read($tmp . 'manifest.json');
$conf = json_decode($json->_content, true);
//check if manifest is complete
if (!isset($conf['name']) || !isset($conf['namespace']) || !isset($conf['entry_point']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['admin']) || !isset($conf['site']) || !isset($conf['library']) || !isset($conf['queries']) || !isset($conf['uninstall'])) {
throw new Exception('Invalid manifest');
}
if (is_dir('includes/' . $conf['namespace']) || is_dir('library/' . $conf['namespace'])) {
throw new Exception('The namespace "' . $conf['namespace'] . '" is already taken');
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['admin'] as $file) {
File::read($tmp . 'admin/' . $file);
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['site'] as $file) {
if (file_exists(PATH . 'includes/' . $file)) {
throw new Exception('The file "' . $file . '" already exists in site directory');
}
File::read($tmp . 'site/' . $file);
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['library'] as $file) {
File::read($tmp . 'library/' . $file);
}
foreach ($conf['admin'] as $file) {
File::move($tmp . 'admin/' . $file, 'includes/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . 'admin/' . $file);
}
foreach ($conf['site'] as $file) {
File::move($tmp . 'site/' . $file, PATH . 'includes/' . $file);
File::delete($tmp . 'site/' . $file);
}
foreach ($conf['library'] as $file) {
File::move($tmp . 'library/' . $file, 'library/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . 'library/' . $file);
}
if (isset($conf['css'])) {
foreach ($conf['css'] as $file) {
File::move($tmp . 'css/' . $file, PATH . 'css/' . $conf['namespace'] . '.css');
File::delete($tmp . 'css/' . $file);
}
}
foreach ($conf['queries'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
File::delete($tmp . 'manifest.json');
$setting = new Setting();
$setting->_name = $conf['name'];
$setting->_type = 'plugin';
$setting->_data = json_encode($conf);
$setting->create();
$this->_action_msg = ActionMessages::custom_good('Plugin "' . $setting->_name . '" installed');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
//remove files
foreach ($conf['admin'] as $file) {
File::delete($tmp . 'admin/' . $file, false);
}
foreach ($conf['site'] as $file) {
File::delete($tmp . 'site/' . $file, false);
}
foreach ($conf['library'] as $file) {
File::delete($tmp . 'library/' . $file, false);
}
}
}
}
/**
* Display page content
*
* @access public
*/
public function display_content()
{
$this->display_menu();
if ($this->_user['settings']) {
$this->display_settings();
} else {
echo ActionMessages::part_no_perm();
}
}
/**
* Method that permits to delete one or more comments at a time
*
* @access private
*/
private function delete()
{
if ((isset($_POST['empty']) || VRequest::action() == 'delete') && $this->_user['delete_content']) {
if (isset($_POST['empty']) && VPost::comment_status() && in_array(VPost::comment_status(), array('spam', 'trash'))) {
$to_delete['table'] = 'comment';
$to_delete['condition_columns'][':status'] = 'comment_status';
$to_delete['condition_values'][':status'] = VPost::comment_status();
$to_delete['value_types'][':status'] = 'str';
$global_result = $this->_db->delete($to_delete);
} elseif (VPost::action() == 'delete' && VPost::comment_id()) {
$results = array();
$global_result = true;
foreach (VPost::comment_id() as $id) {
try {
$comment = new Comment();
$comment->_id = $id;
$comment->delete();
unset($comment);
array_push($results, true);
} catch (Exception $e) {
array_push($results, false);
}
}
foreach ($results as $result) {
if ($result !== true) {
$global_result = false;
}
}
} elseif (VGet::action() == 'delete' && VGet::comment_id()) {
try {
$comment = new Comment();
$comment->_id = VGet::comment_id();
$comment->delete();
$global_result = true;
} catch (Exception $e) {
$global_result = false;
}
}
if (isset($global_result)) {
$this->_action_msg = ActionMessages::deleted($global_result);
}
} elseif ((isset($POST['empty']) || VRequest::action() == 'delete') && $this->_user['delete_content'] === false) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Method that display the page
*
* @access public
*/
public function display_content()
{
$this->display_menu();
if ($this->_user['dashboard']) {
echo $this->_action_msg;
echo '<div id="dashbord_wrapper">' . '<div class="widget_wrapper widget_wrapper_left">';
$this->display_activity();
$this->display_recent_comments();
echo '</div>' . '<div class="widget_wrapper">';
$this->display_quickpress();
$this->display_draft();
echo '</div>';
} else {
echo ActionMessages::part_no_perm();
}
}
/**
* Remove one website from the timeline
*
* @access private
*/
private function delete()
{
if (VGet::action() == 'remove' && VGet::id(false) !== false) {
try {
$data = $this->_prefs->_data;
unset($data['timeline'][VGet::id()]);
$this->_prefs->_data = json_encode($data);
$this->_prefs->update('_data', 'str');
$this->_prefs->_data = json_decode($this->_prefs->_data, true);
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::pref_updated($result);
}
}
/**
* Update an existing post
*
* @access private
*/
private function update()
{
if ($this->check_post_data()) {
try {
$old = new Post();
$old->_id = $this->_post->_id;
$old->read('_status');
//if post move from draft to published, creation date is updated
if ($old->_status == 'draft' && $this->_post->_status == 'publish') {
$this->_post->_date = date('Y-m-d H:i:s');
$this->_post->update('_date', 'str');
}
$this->_post->update('_title', 'str');
$this->_post->update('_content', 'str');
$this->_post->update('_allow_comment', 'str');
$this->_post->update('_date', 'str');
$this->_post->update('_status', 'str');
$this->_post->update('_tags', 'str');
$this->_post->update('_category', 'str');
if ($this->_post->_status == 'publish') {
$this->_post->_updated = 'yes';
$this->_post->_update_author = $this->_user['user_id'];
$this->_post->update('_updated', 'str');
$this->_post->update('_update_author', 'int');
}
$this->_action_msg = ActionMessages::post_update(true);
Session::monitor_activity('updated the post "' . $this->_post->_title . '" (status: ' . $this->_post->_status . ')');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::post_update(ucfirst($e->getMessage()));
}
}
$this->_action = 'to_update';
}
/**
* Delete a template
*
* Current and main template will raise an error
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && VPost::tpl_id() && $this->_user['delete_content']) {
try {
$tpl = new Setting(VPost::tpl_id());
$tpl->_data = json_decode($tpl->_data, true);
if ($tpl->_data['namespace'] == $this->_setting->_data) {
throw new Exception('Template currently used, action aborted');
}
if ($tpl->_data['namespace'] == 'main' || $tpl->_data['namespace'] == 'bobcat') {
throw new Exception('Default template can\'t be deleted, action aborted');
}
foreach ($tpl->_data['files'] as $file) {
File::delete(PATH . 'includes/templates/' . $tpl->_data['namespace'] . '/' . $file);
}
$tpl->delete();
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::template_deleted($result);
} elseif (VPost::delete(false) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Delete selected posts
*
* @access private
*/
private function delete()
{
if ((VRequest::action() == 'delete' && VRequest::id() || VPost::delete(false) || VPost::empty_trash(false)) && $this->_user['delete_content']) {
try {
$post = new Post();
if (VGet::action() == 'delete' && VGet::id()) {
$post->_id = VGet::id();
$post->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "post"');
$result = $post->_result_action;
} elseif (VPost::delete(false)) {
foreach (VPost::post_id() as $id) {
$post->_id = $id;
$post->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "post"');
}
$result = $post->_result_action;
} elseif (VPost::empty_trash(false)) {
$to_read['table'] = 'post';
$to_read['columns'] = array('POST_ID');
$to_read['condition_columns'][':s'] = 'post_status';
$to_read['condition_select_types'][':s'] = '=';
$to_read['condition_values'][':s'] = 'trash';
$to_read['value_types'][':s'] = 'str';
$posts = $this->_db->read($to_read);
foreach ($posts as $post) {
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $post['POST_ID'] . ' AND comment_rel_type = "post"');
}
$to_delete['table'] = 'post';
$to_delete['condition_columns'][':status'] = 'post_status';
$to_delete['condition_values'][':status'] = 'trash';
$to_delete['value_types'][':status'] = 'str';
$result = $this->_db->delete($to_delete);
}
Session::monitor_activity('deleted post(s)');
$this->_action_msg = ActionMessages::deleted($result);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif ((VRequest::action() == 'delete' && VRequest::id() || VPost::delete(false) || VPost::empty_trash(false)) && $this->_user['delete_content'] === false) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Update lynxpress
*
* @access private
*/
private function update()
{
if (VPost::update()) {
try {
if (Helper::check_update() === false) {
throw new Exception('No update available!');
}
//make a backup of the database first, with an email sent to webmaster with the whole dump
$bk = new Backup();
$bk->save('backup/dump-' . date('Y-m-d-H:i:s') . '.sql');
$html = new File();
$html->_content = '<!--The Lynx is not here!-->';
$html->save('backup/index.html');
$mail = new Mail(WS_EMAIL, 'Databse dump made before update at ' . date('Y-m-d H:i:s'), $bk->_sql);
$mail->send();
//end backup
//retrieve json manifest from the server
$manifest = new Curl('http://update.lynxpress.org/manifest.json');
$manifest = json_decode($manifest->_content, true);
//retrieve zip with all files inside
$curl_zip = new Curl('http://versions.lynxpress.org/Lynxpress-' . $manifest['version'] . '.zip');
if ($curl_zip->_content == '<!--The Lynx is not here!-->') {
throw new Exception('Can\'t retrieve lynxpress archive');
}
$zip = new File();
$zip->_content = $curl_zip->_content;
$zip->save('tmp/update.zip');
unset($zip);
unset($curl_zip);
File::unzip('tmp/update.zip', 'tmp/update/');
File::delete('tmp/update.zip');
//check if all files are readable
foreach ($manifest['src'] as $src) {
File::read('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src);
}
//replace all files registered in the manifest
foreach ($manifest['src'] as $key => $src) {
File::read('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src)->save($manifest['dest'][$key]);
File::delete('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src);
}
//execute special queries
foreach ($manifest['queries'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
//remove files
foreach ($manifest['remove'] as $file) {
File::delete($file, false);
}
$config = File::read(PATH . 'config.php');
$config->_content = str_replace('(\'WS_VERSION\', \'' . WS_VERSION . '\')', '(\'WS_VERSION\', \'' . $manifest['version'] . '\')', $config->_content);
$config->save();
unset($config);
$config = File::read(PATH . 'config.sample.php');
$config->_content = str_replace('(\'WS_VERSION\', \'' . WS_VERSION . '\')', '(\'WS_VERSION\', \'' . $manifest['version'] . '\')', $config->_content);
$config->save();
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::ws_update($result);
}
}
/**
* Method that permits to delete one or more categories
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && $this->_user['delete_content']) {
if (VPost::category_id()) {
try {
foreach (VPost::category_id() as $id) {
$cat = new Category();
$cat->_id = $id;
$cat->read('_name');
$cat->read('_type');
$type = $cat->_type;
if ($this->check_usage($id, $type)) {
throw new Exception('Can\'t delete ' . $cat->_name . ' because it\'s used!');
}
$cat->delete();
$this->check_empty($type);
}
Session::monitor_activity('deleted ' . count(VPost::category_id()) . ' category(ies)');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
}
} elseif (VGet::action() == 'delete' && VGet::id()) {
try {
$cat = new Category();
$cat->_id = VGet::id();
$cat->read('_name');
$cat->read('_type');
$type = $cat->_type;
if ($this->check_usage(VGet::id(), $type)) {
throw new Exception('Can\'t delete ' . ucwords($cat->_name) . ' because it\'s used!');
}
$cat->delete();
$this->check_empty($type);
Session::monitor_activity('deleted a category');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif ((VPost::delete(false) || VGet::action() == 'delete' && VGet::id()) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Update setting
*
* @access private
*/
private function update()
{
if (VPost::update_setting(false)) {
try {
$this->_setting->_data = json_encode(VPost::networks(array()));
$this->_setting->update('_data', 'str');
$this->_setting->_data = json_decode($this->_setting->_data, true);
$result = true;
} catch (Exception $e) {
$resut = $e->getMessage();
}
$this->_action_msg = ActionMessages::updated($result);
}
}