Example #1
0
function cleanString($data, $ishtml = false, $allowadv = false, $dbo = false)
{
    if (!$ishtml) {
        $data = str_replace("<", "&lt;", str_replace(">", "&gt;", $data));
    } else {
        $data = cleanHTML($data, $allowadv);
    }
    $data = addslashes_EX($data, $ishtml, $dbo);
    return $data;
}
Example #2
0
 function generateBackup($echo = false)
 {
     $maxLine = 5000;
     // largest line size
     $bck = CONS_PATH_BACKUP . $_SESSION['CODE'] . "/" . $this->dbname . ".sql";
     if (!is_dir(CONS_PATH_BACKUP . $_SESSION['CODE'] . "/")) {
         makeDirs(CONS_PATH_BACKUP . $_SESSION['CODE'] . "/");
     }
     if (is_file($bck)) {
         @unlink($bck);
     }
     $fd = fopen($bck, "wb");
     if ($fd) {
         $sql = "SELECT * FROM " . $this->dbname;
         $this->parent->dbo->query($sql, $r, $n);
         $baseLine = "INSERT INTO " . $this->dbname . " (";
         foreach ($this->fields as $fn => &$f) {
             $baseLine .= $fn . ",";
         }
         $baseLine = substr($baseLine, 0, strlen($baseLine) - 1) . ") VALUES (";
         $line = $baseLine;
         for ($c = 0; $c < $n; $c++) {
             $data = $this->parent->dbo->fetch_assoc($r);
             foreach ($this->fields as $fn => &$f) {
                 if ($f[CONS_XML_TIPO] == CONS_TIPO_INT || $f[CONS_XML_TIPO] == CONS_TIPO_FLOAT) {
                     // integer
                     $line .= (is_numeric($data[$fn]) ? $data[$fn] : "NULL") . ",";
                 } else {
                     if ($f[CONS_XML_TIPO] == CONS_TIPO_DATE || $f[CONS_XML_TIPO] == CONS_TIPO_DATETIME) {
                         // dates
                         $line .= ($data[$fn] != '' ? $data[$fn] : "NULL") . ",";
                     } else {
                         if ($f[CONS_XML_TIPO] == CONS_TIPO_LINK) {
                             // link, must get the link db type
                             // TODO: format the output for null data as well?
                             if ($this->parent->modules[$f[CONS_XML_MODULE]]->fields[$this->parent->modules[$f[CONS_XML_MODULE]]->keys[0]][CONS_XML_TIPO] == CONS_TIPO_INT) {
                                 $line .= (is_numeric($data[$fn]) ? $data[$fn] : "NULL") . ",";
                             } else {
                                 $line .= "\"" . addslashes_EX($data[$fn], true) . "\",";
                             }
                         } else {
                             // not integer
                             $line .= "\"" . addslashes_EX($data[$fn], true) . "\",";
                         }
                     }
                 }
             }
             $line = substr($line, 0, strlen($line) - 1) . ")";
             // removes ,
             if (strlen($line) > $maxLine) {
                 $line .= ";\n";
                 fwrite($fd, $line);
                 $line = $baseLine;
             } else {
                 $line .= ",(";
             }
         }
         if ($line != $baseLine) {
             $line = substr($line, 0, strlen($line) - 2) . ";\n";
             // removes ,(
             fwrite($fd, $line);
         }
         fclose($fd);
         if ($echo) {
             echo $line;
         }
     }
 }
Example #3
0
 function notifyEvent(&$module, $action, $data, $startedAt = "", $earlyNotify = false)
 {
     # notify followup for this field (happens before standard notify)
     if ($module === false || $module->options[CONS_MODULE_SYSTEM] || isset($module->options[CONS_MODULE_NOUNDO])) {
         return;
     }
     $ws = "";
     $ka = array();
     if ($action != CONS_ACTION_INCLUDE) {
         if ($earlyNotify) {
             // saves INTENTION of performing an action. If it FAILS, we don't need to store UNDO data.
             if (isset($this->internalMemory[$module->name])) {
                 $this->internalMemory[$module->name] = array();
             }
             $module->getKeys($ws, $ka, $data);
             $sql = "SELECT * FROM " . $module->dbname . " WHERE {$ws}";
             $ok = $this->parent->dbo->query($sql, $r, $n);
             if ($ok && $n > 0) {
                 $data = $this->parent->dbo->fetch_assoc($r);
                 $files = array();
                 // saves files ... this will be saved even if a DELETE fails, but we can't wait as the data above since later it will be deleted
                 // move files (only mains, no thumbs)
                 foreach ($ka as $value) {
                     $keys = $value . "_";
                 }
                 // keys (searchable)
                 $keys = substr($keys, 0, strlen($keys) - 1);
                 // remove last _
                 foreach ($module->fields as $fname => $field) {
                     if ($field[CONS_XML_TIPO] == CONS_TIPO_UPLOAD) {
                         $arquivo = CONS_FMANAGER . $module->name . "/" . $fname . "_" . $keys . "_1";
                         if (locateanyfile($arquivo, $ext)) {
                             $dest = CONS_FMANAGER . "_undodata/" . $module->name . $fname . "_" . $keys . "." . $ext;
                             if (is_file($dest)) {
                                 @unlink($dest);
                             }
                             $ok = copy($arquivo, $dest);
                             if ($ok) {
                                 $files[$module->name . $fname . "_" . $keys . "." . $ext] = true;
                             }
                         }
                     }
                 }
                 $data['___FILES___'] = $files;
                 $this->internalMemory[$module->name][] = array($action, $data);
             }
         } else {
             // checks for the stored data from BEFORE the action (not the case in INCLUDE), since it has been confirmed changed
             // note that FILES have already been backed up
             if (isset($this->internalMemory[$module->name])) {
                 // so for each stored action on this module
                 foreach ($this->internalMemory[$module->name] as $iMi) {
                     if ($iMi[0] == $action) {
                         // that is the same action
                         // check if it's the same keys
                         foreach ($module->keys as $key) {
                             if ($data[$key] != $iMi[1][$key]) {
                                 continue 2;
                             }
                             // not this item, next item please ...
                         }
                         // if we got here, the keys were compared sucessfuly. Save
                         $undoModule = $this->parent->loaded($this->moduleRelation);
                         $module->getKeys($ws, $ka, $data);
                         foreach ($ka as $value) {
                             $keys = $value . "_";
                         }
                         // keys (searchable)
                         $keys = substr($keys, 0, strlen($keys) - 1);
                         // remove last _
                         $files = $iMi[1]['___FILES___'];
                         $sql = "INSERT INTO " . $undoModule->dbname . " SET\n\t\t\t\t\t\t\t\t\tmodulo='" . $module->name . "',\n\t\t\t\t\t\t\t\t\tevent='" . ($action == CONS_ACTION_DELETE ? 'delete' : 'update') . "',\n\t\t\t\t\t\t\t\t\tids='{$keys}',\n\t\t\t\t\t\t\t\t\thistory=\"" . addslashes_EX(serialize($iMi[1])) . "\",\n\t\t\t\t\t\t\t\t\tfiles=\"" . addslashes_EX(serialize($files)) . "\",\n\t\t\t\t\t\t\t\t\tdata=NOW(),\n\t\t\t\t\t\t\t\t\tid_author = '" . ($this->parent->logged() ? $_SESSION[CONS_SESSION_ACCESS_USER]['id'] : 0) . "'";
                         $ok = $this->parent->dbo->simpleQuery($sql);
                         break;
                     }
                 }
             }
         }
     }
 }
Example #4
0
 function onCheckActions()
 {
     # replace auth object with new one
     if (!$this->authReplaced) {
         $this->parent->authControl = null;
         require_once CONS_PATH_SYSTEM . "plugins/" . $this->name . "/authControl.php";
         $this->parent->authControl = new CauthControlEx($this->parent);
     }
     if ($this->registrationMode == 2 && $this->action == "authuser" && isset($_REQUEST['authcode']) && isset($_REQUEST['user']) && is_numeric($_REQUEST['user'])) {
         $data = array("id" => $_REQUEST['user'], "active" => "y", "authcode" => addslashes_EX($ao, false, $this->parent->dbo));
         $this->parent->safety = false;
         $this->parent->runAction(CONS_AUTH_USERMODULE, CONS_ACTION_UPDATE, $data);
         $this->parent->safety = false;
     }
 }