public function test_ascii_to_entities() { $strs = array('“‘ “test”' => '“‘ “test”', '†¥¨ˆøåß∂ƒ©˙∆˚¬' => '†¥¨ˆøåß∂ƒ©˙∆˚¬'); foreach ($strs as $str => $expect) { $this->assertEquals($expect, ascii_to_entities($str)); } }
public function editService($id = 0) { // Xử lý dấu tiếng việt cho đường link $slug = $this->input->post('service_name'); $slug = mb_strtolower(url_title(removesign($slug))); $data = array('service_name' => ascii_to_entities($this->input->post('service_name')), 'status' => $this->input->post('status'), 'online' => $this->input->post('online'), 'coquan' => ascii_to_entities($this->input->post('coquan')), 'trinhtu' => ascii_to_entities($this->input->post('trinhtu')), 'cachthuc' => ascii_to_entities($this->input->post('cachthuc')), 'doituong' => ascii_to_entities($this->input->post('doituong')), 'thoihan' => ascii_to_entities($this->input->post('thoihan')), 'lephi' => ascii_to_entities($this->input->post('lephi')), 'ketqua' => ascii_to_entities($this->input->post('ketqua')), 'donmau' => ascii_to_entities($this->input->post('donmau')), 'profile' => ascii_to_entities($this->input->post('profile')), 'profile_quantity' => ascii_to_entities($this->input->post('profile_quantity')), 'yeucau' => ascii_to_entities($this->input->post('yeucau')), 'cancuphaply' => ascii_to_entities($this->input->post('cancuphaply')), 'slug' => $slug, 'field_id' => $this->input->post('field_id'), 'staff_id' => $this->session->userdata('staff_id')); return $this->db->update('service', $data, array('service_id' => $id)); }
public function index() { $str = "chứng minh"; $str = strtolower($str); $str = ascii_to_entities($str); $query = $this->db->get('service'); $result = $query->result_array(); foreach ($result as $item) { $str_data = strtolower($item['service_name']); if (preg_match('/' . $str . '/', $str_data, $matches)) { echo $item['service_id']; echo $matches[0] . "<br />"; } } }
public function edit($id = 0) { $this->load->helper('text'); if (isset($_POST['submit']) && !empty($_POST['submit'])) { $agency_name = $this->input->post('agency_name'); $agency_name = ascii_to_entities($agency_name); $this->agency_model->editAgency($id, $agency_name); redirect('./admin/agency'); } else { $data['title'] = "Thêm cơ quan"; $data['base'] = $this->base; // Lưu đường dẫn cơ bản, tên của các file css $data['resetcss'] = $this->resetcss; $data['admincss'] = $this->admincss; $result = $this->agency_model->getAgencyById($id); $data['row'] = $result; // Gọi các template $this->load->view('admin/templates/header', $data); $this->load->view('admin/templates/sidebar', $data); $this->load->view('admin/agency/edit', $data); $this->load->view('admin/templates/footer', $data); } }
/** * Edit Post * * @access public * @param parameter list * @return void */ function editPost($plist) { $this->EE->load->library('xmlrpc'); $parameters = $plist->output_parameters(); if (!$this->fetch_member_data($parameters['2'], $parameters['3'])) { return $this->EE->xmlrpc->send_error_message('802', $this->EE->lang->line('invalid_access')); } if (!$this->userdata['can_access_content']) { return $this->EE->xmlrpc->send_error_message('802', $this->EE->lang->line('invalid_access')); } if (!$this->userdata['can_edit_other_entries']) { // If there aren't any channels assigned to the user, bail out if (count($this->userdata['allowed_channels']) == 0) { return $this->EE->xmlrpc->send_error_message('802', $this->EE->lang->line('invalid_access')); } } /** --------------------------------------- /** Details from Parameters /** ---------------------------------------*/ $entry_id = $parameters['1']; $this->status = $parameters['5'] == '0' ? 'closed' : 'open'; $sticky = 'n'; /** --------------------------------------- /** Retrieve Entry Information /** ---------------------------------------*/ $this->EE->db->select('channel_id, author_id, title'); $this->EE->db->where('entry_id', $entry_id); $query = $this->EE->db->get('channel_titles'); if ($query->num_rows() == 0) { return $this->EE->xmlrpc->send_error_message('802', $this->EE->lang->line('no_entry_found')); } if (!$this->userdata['can_edit_other_entries']) { if ($query->row('author_id') != $this->userdata['member_id']) { return $this->EE->xmlrpc->send_error_message('802', $this->EE->lang->line('entry_uneditable')); } } $this->channel_id = $query->row('channel_id'); $this->title = $query->row('title'); $this->parse_channel($this->channel_id); /** --------------------------------------- /** Parse Channel Meta-Information /** ---------------------------------------*/ // using entities because of <title> conversion by xss_clean() if (preg_match('/<title>(.+?)<\\/title>/is', $parameters['4'], $matches)) { // Load the text helper $this->EE->load->helper('text'); $this->title = $this->EE->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities(trim($matches['1'])) : $matches['1']; $parameters['4'] = str_replace($matches['0'], '', $parameters['4']); } if (preg_match('/<category>(.*?)<\\/category>/is', $parameters['4'], $matches)) { $this->categories = trim($matches['1']); $parameters['4'] = str_replace($matches['0'], '', $parameters['4']); if ($this->categories != '') { $this->check_categories($this->channel_id, '1'); } } if (preg_match('/<sticky>(.+?)<\\/sticky>/is', $parameters['4'], $matches)) { $sticky = (trim($matches['1']) == 'yes' or trim($matches['1']) == 'y') ? 'y' : 'n'; $parameters['4'] = str_replace($matches['0'], '', $parameters['4']); } /** --------------------------------- /** Build our query string /** ---------------------------------*/ $metadata = array('entry_id' => $entry_id, 'title' => $this->title, 'ip_address' => $this->EE->input->ip_address(), 'sticky' => $sticky, 'status' => $this->status); /** --------------------------------------- /** Parse Channel Field Data /** ---------------------------------------*/ $entrydata = array('channel_id' => $this->channel_id); if (count($this->fields) > 0) { foreach ($this->fields as $field_id => $afield) { if ($this->block_entry === TRUE) { // Empty all fields. Default field will be set with all // content. $entry_data['field_id_' . $field_id] = ''; $entry_data['field_ft_' . $field_id] = $afield['1']; } elseif (preg_match('/<' . $afield['0'] . '>(.*?)<\\/' . $afield['0'] . '>/is', $parameters['4'], $matches)) { if (!isset($entry_data['field_id_' . $field_id])) { $entry_data['field_id_' . $field_id] = $matches['1']; $entry_data['field_ft_' . $field_id] = $afield['1']; } else { $entry_data['field_id_' . $field_id] .= "\n" . $matches['1']; } $parameters['4'] = trim(str_replace($matches['0'], '', $parameters['4'])); } } } // Default Field for Remaining Content if (trim($parameters['4']) != '' && count($this->fields) > 0) { if (!isset($entry_data[$this->field])) { $entry_data['field_id_' . $this->field] = trim($parameters['4']); $entry_data['field_ft_' . $this->field] = $this->fields[$this->field]['1']; } else { $entry_data[$this->field] .= $this->block_entry === TRUE ? trim($parameters['4']) : "\n" . trim($parameters['4']); } } /** --------------------------------- /** Update the entry data /** ---------------------------------*/ $this->EE->db->where('entry_id', $entry_id); $this->EE->db->update('channel_titles', $metadata); $this->EE->db->where('entry_id', $entry_id); $this->EE->db->update('channel_data', $entry_data); /** --------------------------------- /** Insert Categories, if any /** ---------------------------------*/ if (count($this->ecategories) > 0) { $this->EE->db->where('entry_id', $entry_id); $this->EE->db->delete('category_posts'); foreach ($this->ecategories as $cat_id => $cat_name) { $data = array('entry_id' => $entry_id, 'cat_id' => $cat_id); $this->EE->db->insert('category_posts', $data); } } /** --------------------------------- /** Clear caches if needed /** ---------------------------------*/ if ($this->EE->config->item('new_posts_clear_caches') == 'y') { $this->EE->functions->clear_caching('all'); } else { $this->EE->functions->clear_caching('sql'); } /** --------------------------------- /** Return Boolean TRUE /** ---------------------------------*/ return $this->EE->xmlrpc->send_response(array(1, 'boolean')); }
/** * Process Template * * @access public * @param string * @param string * @param bool * @param string|integer * @return null */ public function process_string_as_template($str) { // -------------------------------------------- // Solves the problem of redirect links (?URL=) // being added by Typography in a CP request // -------------------------------------------- if (REQ == 'CP') { $this->old_get = isset($_GET['M']) ? $_GET['M'] : ''; $_GET['M'] = 'send_email'; } // standardize newlines $str = preg_replace("/(\r\n)|(\r)|(\n)/", "\n", $str); ee()->load->helper('text'); // convert high ascii $str = ee()->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($str) : $str; // ------------------------------------- // Prepare for Processing // ------------------------------------- //need to make sure this isn't run as static or cached $this->template_type = 'webpage'; $this->cache_status = 'NO_CACHE'; //restore_xml_declaration gets calls in parse_globals $this->template = $this->convert_xml_declaration($this->remove_ee_comments($str)); $this->log_item("Template Type: " . $this->template_type); // -------------------------------------` // add our globals to global vars // ------------------------------------- $this->log_item("Solspace globals added (Keys): " . implode('|', array_keys($this->global_vars))); $this->log_item("Solspace globals added (Values): " . trim(implode('|', $this->global_vars))); ee()->config->_global_vars = array_merge(ee()->config->_global_vars, $this->global_vars); $this->parse($str, false, ee()->config->item('site_id')); if (REQ == 'CP') { $_GET['M'] = $this->old_get; } // ------------------------------------------- // 'template_post_parse' hook. // - Modify template after tag parsing // if (ee()->extensions->active_hook('template_post_parse') === TRUE) { $this->final_template = ee()->extensions->call('template_post_parse', $this->final_template, false, ee()->config->item('site_id')); } // // ------------------------------------------- // -------------------------------------------- // Finish with Global Vars and Return! // -------------------------------------------- return $this->parse_globals($this->final_template); }
/** * Edit table datasource * * Must remain public so that it can be called from the * table library! * * @access public */ public function _table_datasource($tbl_settings, $defaults) { // Get filter information // ---------------------------------------------------------------- $keywords = (string) $this->input->post('keywords'); $channel_id = (string) $this->input->get_post('channel_id'); if ($channel_id == 'null') { $channel_id = NULL; } if (!$keywords) { $keywords = (string) $this->input->get('keywords'); if ($keywords) { $keywords = base64_decode($keywords); } } if ($keywords) { $this->load->helper('search'); $keywords = sanitize_search_terms($keywords); if (substr(strtolower($keywords), 0, 3) == 'ip:') { $keywords = str_replace('_', '.', $keywords); } } // Because of the auto convert we prepare a specific variable with the converted ascii // characters while leaving the $keywords variable intact for display and URL purposes $this->load->helper('text'); $search_keywords = $this->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($keywords) : $keywords; $perpage = $this->input->get_post('perpage'); $perpage = $perpage ? $perpage : $defaults['perpage']; $rownum = $tbl_settings['offset']; // We want the filter to work based on both get and post $filter_data = array('channel_id' => $channel_id, 'keywords' => $keywords, 'cat_id' => $this->input->get_post('cat_id'), 'status' => $this->input->get_post('status'), 'order' => $this->input->get_post('order'), 'date_range' => $this->input->get_post('date_range'), 'author_id' => $this->input->get_post('author_id'), 'exact_match' => $this->input->get_post('exact_match'), 'cat_id' => $this->input->get_post('cat_id') != 'all' ? $this->input->get_post('cat_id') : '', 'search_in' => $this->input->get_post('search_in') ? $this->input->get_post('search_in') : 'title', 'rownum' => $rownum, 'perpage' => $perpage, 'search_keywords' => $search_keywords); $channels = $defaults['channels']; $order = $tbl_settings['sort']; $columns = $tbl_settings['columns']; // ------------------------------------------- // 'edit_entries_additional_where' hook. // - Add additional where, where_in, where_not_in // $_hook_wheres = $this->extensions->call('edit_entries_additional_where', $filter_data); if ($this->extensions->end_script === TRUE) { return; } // // ------------------------------------------- $filter_data['_hook_wheres'] = is_array($_hook_wheres) ? $_hook_wheres : array(); $this->load->model('search_model'); $filter_result = $this->search_model->get_filtered_entries($filter_data, $order); $rows = $filter_result['results']; $total = $filter_result['total_count']; unset($filter_result); $filter_url = $this->_create_return_filter($filter_data); // Gather up ids for a single quick query down the line $entry_ids = array(); foreach ($rows as $row) { $entry_ids[] = $row['entry_id']; } // Load the site's templates // ---------------------------------------------------------------- $templates = array(); $tquery = $this->db->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id\n\t\t\t\t\t\t\tFROM exp_template_groups, exp_templates\n\t\t\t\t\t\t\tWHERE exp_template_groups.group_id = exp_templates.group_id\n\t\t\t\t\t\t\tAND exp_templates.site_id = '" . $this->db->escape_str($this->config->item('site_id')) . "'"); foreach ($tquery->result_array() as $row) { $templates[$row['template_id']] = $row['group_name'] . '/' . $row['template_name']; } // Comment count // ---------------------------------------------------------------- $show_link = TRUE; $comment_counts = array(); if (count($entry_ids) and $this->db->table_exists('comments')) { $comment_qry = $this->db->select('entry_id, COUNT(*) as count')->where_in('entry_id', $entry_ids)->group_by('entry_id')->get('comments'); foreach ($comment_qry->result() as $row) { $comment_counts[$row->entry_id] = $row->count; } } // Date formatting $date_fmt = $this->session->userdata('time_format') != '' ? $this->session->userdata('time_format') : $this->config->item('time_format'); $datestr = '%m/%d/%y %h:%i %a'; if ($date_fmt != 'us') { $datestr = '%Y-%m-%d %H:%i'; } // Autosave - Grab all autosaved entries // ---------------------------------------------------------------- $this->prune_autosave(); $this->db->select('entry_id, original_entry_id, channel_id, title, author_id, status, entry_date, dst_enabled, comment_total'); $autosave = $this->db->get('channel_entries_autosave'); $autosave_array = array(); $autosave_show = FALSE; if ($autosave->num_rows()) { $this->load->helper('snippets'); $autosave_show = TRUE; } foreach ($autosave->result() as $entry) { if ($entry->original_entry_id) { $autosave_array[] = $entry->original_entry_id; } } // Status Highlight Colors // ---------------------------------------------------------------- $status_color_q = $this->db->from('channels AS c, statuses AS s, status_groups AS sg')->select('c.channel_id, c.channel_name, s.status, s.highlight')->where('sg.group_id = c.status_group', NULL, FALSE)->where('sg.group_id = s.group_id', NULL, FALSE)->where('sg.site_id', $this->config->item('site_id'))->where('s.highlight !=', '')->where_in('c.channel_id', array_keys($channels))->get(); $c_array = array(); foreach ($status_color_q->result_array() as $rez) { $c_array[$rez['channel_id'] . '_' . $rez['status']] = str_replace('#', '', $rez['highlight']); } $colors = array(); // Fetch Color Library if (file_exists(APPPATH . 'config/colors.php')) { include APPPATH . 'config/colors.php'; } // Generate row data // ---------------------------------------------------------------- foreach ($rows as &$row) { $url = $this->publish_base_uri . AMP . "M=entry_form" . AMP . "channel_id={$row['channel_id']}" . AMP . "entry_id={$row['entry_id']}" . AMP . $filter_url; $row['title'] = anchor(BASE . AMP . $url, $row['title']); $row['view'] = '---'; $row['channel_name'] = $channels[$row['channel_id']]->channel_title; $row['entry_date'] = $this->localize->decode_date($datestr, $row['entry_date'], TRUE); $row['_check'] = form_checkbox('toggle[]', $row['entry_id'], '', ' class="toggle" id="delete_box_' . $row['entry_id'] . '"'); // autosave indicator if (in_array($row['entry_id'], $autosave_array)) { $row['title'] .= NBS . required(); } // screen name email link if (!$row['screen_name']) { $row['screen_name'] = $row['username']; } $row['screen_name'] = mailto($row['email'], $row['screen_name']); // live look template $llt = $row['live_look_template']; if ($llt && isset($templates[$llt])) { $url = $this->functions->create_url($templates[$row['live_look_template']] . '/' . $row['entry_id']); $row['view'] = anchor($this->cp->masked_url($url), lang('view')); } // Status $color_info = ''; $color_key = $row['channel_id'] . '_' . $row['status']; $status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? lang($row['status']) : $row['status']; if (isset($c_array[$color_key]) and $c_array[$color_key] != '') { $color = strtolower($c_array[$color_key]); $prefix = isset($colors[$color]) ? '' : '#'; // There are custom colours, override the class above $color_info = 'style="color:' . $prefix . $color . ';"'; } $row['status'] = '<span class="status_' . $row['status'] . '"' . $color_info . '>' . $status_name . '</span>'; // comment_total link if (isset($this->installed_modules['comment'])) { $all_or_own = 'all'; if ($row['author_id'] == $this->session->userdata('member_id')) { $all_or_own = 'own'; } // do not move these to the new allowed_group style - they are ANDs not ORs if (!$this->cp->allowed_group('can_edit_' . $all_or_own . '_comments') and !$this->cp->allowed_group('can_delete_' . $all_or_own . '_comments') and !$this->cp->allowed_group('can_moderate_comments')) { $row['comment_total'] = '<div class="lightLinks">--</div>'; } else { $comment_count = isset($comment_counts[$row['entry_id']]) ? $comment_counts[$row['entry_id']] : 0; $view_url = BASE . AMP . 'C=addons_modules' . AMP . 'M=show_module_cp' . AMP . 'module=comment' . AMP . 'method=index' . AMP . 'entry_id=' . $row['entry_id']; $row['comment_total'] = '<div class="lightLinks">(' . $comment_count . ')' . NBS . anchor($view_url, lang('view')) . '</div>'; } } $row = array_intersect_key($row, $columns); } // comes out with an added: // table_html // pagination_html return array('rows' => $rows, 'no_results' => lang('no_entries_matching_that_criteria'), 'pagination' => array('per_page' => $filter_data['perpage'], 'total_rows' => $total), 'filter_data' => $filter_data, 'autosave_show' => $autosave_show, 'autosave_array' => $autosave_array); }
/** * Clean Tag String * * @access private * @param string * @return string */ private function _clean_str($str = '') { $this->EE->load->helper('text'); if ($this->EE->config->item('auto_convert_high_ascii') == 'y') { $str = ascii_to_entities($str); } return $this->EE->security->xss_clean($str); }
function generate_csv($req, $entete) { // $dbconn = pg_connect(CONFIG_DB) or die('Connexion impossible : ' . pg_last_error()); $result = gquery($req); // pg_query($req) or die('Échec de la requête : ' . pg_last_error()); $data = array(); $i = 0; while ($ligne = pg_fetch_array($result, NULL, PGSQL_NUM)) { $data[$i] = $ligne; foreach ($data[$i] as &$a) { $a = ascii_to_entities($a); } $i = $i + 1; } //$data = flipDiagonally($data); //pg_close($dbconn); header('Content-Encoding: UTF-8'); header("Content-type: text/csv; charset=UTF-8"); header("Content-Disposition: attachment; filename=file.csv"); header("Pragma: no-cache"); header("Expires: 0"); $content = json_encode($data, JSON_NUMERIC_CHECK); $content = str_replace('],[', "\n", $content); $content = str_replace(',', ';', $content); $content = str_replace('[', '', $content); $content = str_replace(']', '', $content); echo html_entity_decode(ascii_to_entities($entete)) . "\n" . html_entity_decode($content); }
/** * ASCII to Entities */ function _array_ascii_to_entities($vals) { if (is_array($vals)) { foreach ($vals as &$val) { $val = FF2EE2::_array_ascii_to_entities($val); } } else { get_instance()->load->helper('text'); $vals = ascii_to_entities($vals); } return $vals; }
/** * Recursive ASCII to entities. * * This is a helper method used for Arrays POSTed, a la Matrix * * @param array * @return array */ function _recursive_ascii_to_entities($arr) { $result = array(); foreach ($arr as $key => $value) { if (is_array($value)) { $result[$key] = $this->_recursive_ascii_to_entities($value); } else { $result[$key] = ascii_to_entities($value); } } return $result; }
/** * Datepicker Javascript * * @param bool allows the turning off of some options for 2.x * @return string */ public function datepicker_js($include_jqui = TRUE) { ee()->load->helper('text'); $output = ''; $app_ver = substr((string) APP_VER, 0, 1); $output .= "\n\t\t\t<script type='text/javascript'>\n\t\t\t\tvar SSCalendar\t\t\t\t\t= {};\n\t\t\t\tSSCalendar.version\t\t\t\t= {$app_ver};\n\t\t\t\tSSCalendar.dateFormat\t\t\t= 'DATEFORMAT';\n\t\t\t\tSSCalendar.firstDay\t\t\t\t= FIRSTDAY;\n\t\t\t\tSSCalendar.dateFormatSettings\t= {\n\t\t\t\t\tdayNamesMin\t\t: [DAYNAMESMIN],\n\t\t\t\t\tdayNamesShort\t: [DAYNAMESSHORT],\n\t\t\t\t\tdayNames\t\t: [DAYNAMESLONG],\n\t\t\t\t\tmonthNamesShort\t: [MONTHNAMESSHORT],\n\t\t\t\t\tmonthNames\t\t: [MONTHNAMESLONG]\n\t\t\t\t};\n\t\t\t\tSSCalendar.lang\t\t\t\t= {\n\t\t\t\t\t[LANG]\n\t\t\t\t};\n\t\t\t\t// if there is not a default_entry_title set\n\t\t\t\t// when you insert entries into exp_channels\n\t\t\t\t// it defaults to NULL instead of a blank string\n\t\t\t\t// we fixed it in an update, but this is just in case\n\t\t\t\tsetTimeout(function(){\n\t\t\t\t\tif (typeof EE !== 'undefined' &&\n\t\t\t\t\t\ttypeof EE.publish !== 'undefined' &&\n\t\t\t\t\t\t( typeof EE.publish.default_entry_title !== 'undefined' ||\n\t\t\t\t\t\t ! EE.publish.default_entry_title )\n\t\t\t\t\t)\n\t\t\t\t\t{\n\t\t\t\t\t\tEE.publish.default_entry_title = '';\n\t\t\t\t\t}\n\t\t\t\t}, 0);\n\t\t\t</script>"; if ($include_jqui and (REQ == 'PAGE' or APP_VER < 2.0)) { $output .= "\n<script type='text/javascript' src='" . $this->sc->addon_theme_url . "js/ui.datepicker.js'></script>"; } else { if (APP_VER >= 2.0 and REQ == 'CP' and isset(ee()->cp)) { ee()->load->library('javascript'); ee()->cp->add_js_script(array('ui' => 'datepicker')); } } $publish_js = "\n<script type='text/javascript' src='" . $this->sc->addon_theme_url . "js/calendar_publish.js'></script>"; if (APP_VER >= 2.0 and REQ == 'CP') { ee()->cp->add_to_head($publish_js); } else { $output .= $publish_js; } $daynamesmin = $daynamesshort = $daynameslong = $monthnamesshort = $monthnameslong = array(); for ($i = 0; $i < 7; $i++) { $daynamesmin[] = ascii_to_entities(lang('day_' . $i . '_2')); $daynamesshort[] = ascii_to_entities(lang('day_' . $i . '_3')); $daynameslong[] = ascii_to_entities(lang('day_' . $i . '_full')); } for ($i = 1; $i <= 12; $i++) { $monthnamesshort[] = ascii_to_entities(lang('month_' . $i . '_3')); $monthnameslong[] = ascii_to_entities(lang('month_' . $i . '_full')); } $find = array('DATEFORMAT', 'DAYNAMESMIN', 'DAYNAMESSHORT', 'DAYNAMESLONG', 'MONTHNAMESSHORT', 'MONTHNAMESLONG', 'FIRSTDAY'); $replace = array($this->data->preference('date_format'), "'" . implode("', '", $daynamesmin) . "'", "'" . implode("', '", $daynamesshort) . "'", "'" . implode("', '", $daynameslong) . "'", "'" . implode("', '", $monthnamesshort) . "'", "'" . implode("', '", $monthnameslong) . "'", $this->data->preference('first_day_of_week')); $output = str_replace($find, $replace, $output); $find = array('type' => lang('type'), 'include' => lang('include'), 'exclude' => lang('exclude'), 'repeat' => lang('repeat'), 'none' => lang('none'), 'daily' => lang('daily'), 'weekly' => lang('weekly'), 'monthly' => lang('monthly'), 'yearly' => lang('yearly'), 'select_dates' => lang('select_dates'), 'all_day_event' => lang('all_day_event'), 'from' => lang('from'), 'to' => lang('to'), 'every' => lang('every'), 'day_s' => lang('day_s'), 'week_s_on' => lang('week_s_on'), 'at' => lang('at'), 'month_s_by_day_of' => lang('month_s_by_day_of'), 'x1st' => lang('1st'), 'x2nd' => lang('2nd'), 'x3rd' => lang('3rd'), 'x4th' => lang('4th'), 'x5th' => lang('5th'), 'only_on' => lang('only_on'), 'year_s' => lang('year_s'), 'end' => lang('end'), 'never' => lang('never'), 'by_date' => lang('by_date'), 'after' => lang('after'), 'time_s' => lang('time_s'), 'am' => lang('AM'), 'pm' => lang('PM'), 'day_1_3' => lang('day_1_3'), 'day_2_3' => lang('day_2_3'), 'day_3_3' => lang('day_3_3'), 'day_4_3' => lang('day_4_3'), 'day_5_3' => lang('day_5_3'), 'day_6_3' => lang('day_6_3'), 'day_0_3' => lang('day_0_3'), 'today' => lang('today'), 'yesterday' => lang('yesterday'), 'tomorrow' => lang('tomorrow'), 'day' => lang('day'), 'week' => lang('week'), 'month' => lang('month'), 'year' => lang('year'), 'ago' => lang('ago'), 'begin' => lang('begin'), 'last' => lang('last')); $lang = ''; foreach ($find as $k => $v) { $lang .= "'{$k}': '" . ascii_to_entities(addslashes($v)) . "',\n"; } $lang = substr($lang, 0, strlen($lang) - 2) . "\n"; $output = str_replace('[LANG]', $lang, $output); return $output; }
/** * Post Entry */ function post_entry() { // Default Channel Data $channel_id = $this->moblog_array['moblog_channel_id']; $this->EE->db->select('site_id, channel_title, channel_url, rss_url, comment_url, deft_comments, cat_group, field_group, channel_notify, channel_notify_emails'); $query = $this->EE->db->get_where('channels', array('channel_id' => $channel_id)); if ($query->num_rows() == 0) { $this->message_array[] = 'invalid_channel'; // How the hell did this happen? return FALSE; } $site_id = $query->row('site_id'); $notify_address = ($query->row('channel_notify') == 'y' and $query->row('channel_notify_emails') != '') ? $query->row('channel_notify_emails') : ''; // Collect the meta data $this->post_data['subject'] = strip_tags($this->post_data['subject']); $this->moblog_array['moblog_author_id'] = $this->moblog_array['moblog_author_id'] == 'none' ? '1' : $this->moblog_array['moblog_author_id']; $author_id = $this->author != '' ? $this->author : $this->moblog_array['moblog_author_id']; if (!is_numeric($author_id) or $author_id == '0') { $author_id = '1'; } // Load the text helper $this->EE->load->helper('text'); $entry_date = $this->EE->localize->now + $this->entries_added - $this->time_offset; $data = array('channel_id' => $channel_id, 'site_id' => $site_id, 'author_id' => $author_id, 'title' => $this->EE->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($this->post_data['subject']) : $this->post_data['subject'], 'ip_address' => $this->post_data['ip'], 'entry_date' => $entry_date, 'edit_date' => gmdate("YmdHis", $entry_date), 'year' => gmdate('Y', $entry_date), 'month' => gmdate('m', $entry_date), 'day' => gmdate('d', $entry_date), 'sticky' => isset($this->post_data['sticky']) ? $this->post_data['sticky'] : $this->sticky, 'status' => $this->post_data['status'] == 'none' ? 'open' : $this->post_data['status'], 'allow_comments' => $query->row('deft_comments')); // Remove ignore text $this->body = preg_replace("#<img\\s+src=\\s*[\"']cid:(.*?)\\>#si", '', $this->body); // embedded images $this->moblog_array['moblog_ignore_text'] = $this->remove_newlines($this->moblog_array['moblog_ignore_text'], $this->newline); // One biggo chunk if ($this->moblog_array['moblog_ignore_text'] != '' && stristr($this->body, $this->moblog_array['moblog_ignore_text']) !== FALSE) { $this->body = str_replace($this->moblog_array['moblog_ignore_text'], '', $this->body); } elseif ($this->moblog_array['moblog_ignore_text'] != '') { // By line $delete_text = $this->remove_newlines($this->moblog_array['moblog_ignore_text'], $this->newline); $delete_array = explode($this->newline, $delete_text); if (count($delete_array) > 0) { foreach ($delete_array as $ignore) { if (trim($ignore) != '') { $this->body = str_replace(trim($ignore), '', $this->body); } } } } /** ------------------------------------- /** Specified Fields for Email Text /** -------------------------------------*/ if (preg_match_all("/[\\<\\{]field\\:(.*?)[\\}\\>](.*?)[\\<\\{]\\/field\\:(.*?)[\\}\\>]/", $this->body, $matches)) { $this->EE->db->select('channel_fields.field_id, channel_fields.field_name, channel_fields.field_label, channel_fields.field_fmt'); $this->EE->db->from('channels, channel_fields'); $this->EE->db->where('channels.field_group = ' . $this->EE->db->dbprefix('channel_fields') . '.group_id', NULL, FALSE); $this->EE->db->where('channels.channel_id', $this->moblog_array['moblog_channel_id']); /* ------------------------------------- /* Hidden Configuration Variable /* - moblog_allow_nontextareas => Removes the textarea only restriction /* for custom fields in the moblog module (y/n) /* -------------------------------------*/ if ($this->EE->config->item('moblog_allow_nontextareas') != 'y') { $this->EE->db->where('channel_fields.field_type', 'textarea'); } $results = $this->EE->db->get(); if ($results->num_rows() > 0) { $field_name = array(); $field_label = array(); $field_format = array(); foreach ($results->result_array() as $row) { $field_name[$row['field_id']] = $row['field_name']; $field_label[$row['field_id']] = $row['field_label']; $field_format[$row['field_id']] = $row['field_fmt']; } unset($results); for ($i = 0; $i < count($matches[0]); $i++) { $x = preg_split("/[\\s]+/", $matches['1'][$i]); if ($key = array_search($x['0'], $field_name) or $key = array_search($x['0'], $field_label)) { $format = (!isset($x['1']) or !stristr($x['1'], "format")) ? $field_format[$key] : preg_replace("/format\\=[\"\\'](.*?)[\\'\"]/", "\$1", trim($x['1'])); $matches['2'][$i] = str_replace($this->newline, "\n", $matches['2'][$i]); if (!isset($this->entry_data[$key])) { $this->entry_data[$key] = array('data' => $matches['2'][$i], 'format' => $format); } else { $this->entry_data[$key] = array('data' => $matches['2'][$i] . $this->entry_data[$key]['data'], 'format' => $format); } $this->body = str_replace($matches['0'][$i], '', $this->body); } } } } // Return New Lines $this->body = str_replace($this->newline, "\n", $this->body); // Parse template $tag = 'field'; if (!preg_match_all("/" . LD . $tag . "(.*?)" . RD . "(.*?)" . LD . '\\/' . $tag . RD . "/s", $this->template, $matches)) { $this->parse_field($this->moblog_array['moblog_field_id'], $this->template, $query->row('field_group')); } else { for ($i = 0; $i < count($matches['0']); $i++) { $params = $this->assign_parameters($matches['1'][$i]); $params['format'] = !isset($params['format']) ? '' : $params['format']; $params['name'] = !isset($params['name']) ? '' : $params['name']; $this->parse_field($params, $matches['2'][$i], $query->row('field_group')); $this->template = str_replace($matches['0'], '', $this->template); } if (trim($this->template) != '') { $this->parse_field($this->moblog_array['moblog_field_id'], $this->template, $query->row('field_group')); } } // Prep entry data if (count($this->entry_data) > 0) { foreach ($this->entry_data as $key => $value) { // ---------------------------------------- // Put this in here in case some one has // {field:body}{/field:body} in their email // and yet has their default field set to none // ---------------------------------------- if ($key == 'none') { continue; } // Load the text helper $this->EE->load->helper('text'); $combined_data = $value['data']; $combined_data = $this->EE->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities(trim($combined_data)) : trim($combined_data); $data['field_id_' . $key] = $combined_data; $data['field_ft_' . $key] = $value['format']; } } $data['category'] = array(); if ($this->post_data['categories'] == 'all') { $cat_groups = explode('|', $query->row('cat_group')); $this->EE->load->model('category_model'); foreach ($cat_groups as $cat_group_id) { $cats_q = $this->EE->category_model->get_channel_categories($cat_group_id); if ($cats_q->num_rows() > 0) { foreach ($cats_q->result() as $row) { $data['category'][] = $row->cat_id; } } } $data['category'] = array_unique($data['category']); } elseif ($this->post_data['categories'] != 'none') { $data['category'] = explode('|', $this->post_data['categories']); $data['category'] = array_unique($data['category']); } // forgive me, please. $orig_group_id = $this->EE->session->userdata('group_id'); $orig_can_assign = $this->EE->session->userdata('can_assign_post_authors'); $orig_can_edit = $this->EE->session->userdata('can_edit_other_entries'); $this->EE->session->userdata['group_id'] = 1; $this->EE->session->userdata['can_assign_post_authors'] = 'y'; $this->EE->session->userdata['can_edit_other_entries'] = 'y'; // Insert the Entry $this->EE->load->library('api'); $this->EE->api->instantiate('channel_entries'); $this->EE->api->instantiate('channel_fields'); $this->EE->api_channel_fields->setup_entry_settings($data['channel_id'], $data); $result = $this->EE->api_channel_entries->submit_new_entry($data['channel_id'], $data); if ($result) { $this->entries_added++; } $this->EE->session->userdata['can_assign_post_authors'] = $orig_can_assign; $this->EE->session->userdata['group_id'] = $orig_group_id; $this->EE->session->userdata['can_edit_other_entries'] = $orig_can_edit; }
public function text_helper() { $this->load->helper('text'); $string = "Here is a nice text string consisting of eleven words."; $string = word_limiter($string, 4, "..."); $this->htmlp($string); $string = "Here is a nice text string consisting of eleven words."; $string = character_limiter($string, 20, "..."); $this->htmlp($string); $string = ascii_to_entities($string); $this->htmlp($string); $string = convert_accented_characters($string); $this->htmlp($string); $string = "darn shit sucks dinner"; $disallowed = array('darn', 'shucks', 'golly', 'phooey'); $string = word_censor($string, $disallowed, 'Beep!'); $this->htmlp($string); $string = highlight_code($string); $this->htmlp($string); $string = "Here is a nice text string about nothing in particular."; $this->htmlp(highlight_phrase($string, "nice text", '<span style="color:#990000;">', '</span>')); $string = "Here is a simple string of text that will help us demonstrate this function."; $this->htmlp(word_wrap($string, 25)); $str = 'this_string_is_entirely_too_long_and_might_break_my_design.jpg'; $this->htmlp(ellipsize($str, 32, 0.5)); }
/** * Process Template * * @access public * @param string * @param string * @param bool * @param string|integer * @return null */ public function process_string_as_template($str) { // standardize newlines $str = preg_replace("/(\r\n)|(\r)|(\n)/", "\n", $str); ee()->load->helper('text'); // convert high ascii $str = ee()->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($str) : $str; // ------------------------------------- // Prepare for Processing // ------------------------------------- $this->template_type = 'webpage'; $this->template = $this->convert_xml_declaration($this->remove_ee_comments($str)); $this->log_item("Template Type: " . $this->template_type); // -------------------------------------------------- // Parse 'Site' variables // -------------------------------------------------- $this->log_item("Parsing Site Variables"); foreach (array('site_id', 'site_label', 'site_short_name') as $site_var) { $this->global_vars[$site_var] = stripslashes(ee()->config->item($site_var)); } // Parse {last_segment} variable $seg_array = ee()->uri->segment_array(); ee()->config->_global_vars['last_segment'] = end($seg_array); // -------------------------------------------- // Parse Global Vars - EE 2.x // -------------------------------------------- $this->log_item("Snippets (Keys): " . implode('|', array_keys(ee()->config->_global_vars))); $this->log_item("Snippets (Values): " . trim(implode('|', ee()->config->_global_vars))); foreach (ee()->config->_global_vars as $key => $val) { $this->template = str_replace(LD . $key . RD, $val, $this->template); } // in case any of these variables have EE comments of their own $this->template = $this->remove_ee_comments($this->template); // ------------------------------------- // Parse Global Vars - Solspace Modules // (which use this for setting own globals) // ------------------------------------- if (count($this->global_vars) > 0) { $this->log_item("Global Path.php Variables (Keys): " . implode('|', array_keys($this->global_vars))); $this->log_item("Global Path.php Variables (Values): " . trim(implode('|', $this->global_vars))); foreach ($this->global_vars as $key => $val) { $this->template = str_replace(LD . $key . RD, $val, $this->template); } } // ------------------------------------- // Parse URI segments // ------------------------------------- for ($i = 1; $i < 10; $i++) { $this->template = str_replace(LD . 'segment_' . $i . RD, ee()->uri->segment($i), $this->template); $this->segment_vars['segment_' . $i] = ee()->uri->segment($i); } /** ------------------------------------- /** Parse date format string "constants" /** -------------------------------------*/ $date_constants = array('DATE_ATOM' => '%Y-%m-%dT%H:%i:%s%Q', 'DATE_COOKIE' => '%l, %d-%M-%y %H:%i:%s UTC', 'DATE_ISO8601' => '%Y-%m-%dT%H:%i:%s%O', 'DATE_RFC822' => '%D, %d %M %y %H:%i:%s %O', 'DATE_RFC850' => '%l, %d-%M-%y %H:%m:%i UTC', 'DATE_RFC1036' => '%D, %d %M %y %H:%i:%s %O', 'DATE_RFC1123' => '%D, %d %M %Y %H:%i:%s %O', 'DATE_RFC2822' => '%D, %d %M %Y %H:%i:%s %O', 'DATE_RSS' => '%D, %d %M %Y %H:%i:%s %O', 'DATE_W3C' => '%Y-%m-%dT%H:%i:%s%Q'); $this->log_item("Parse Date Format String Constants"); foreach ($date_constants as $key => $val) { $this->template = str_replace(LD . $key . RD, $val, $this->template); } // -------------------------------------------------- // Current time {current_time format="%Y %m %d %H:%i:%s"} // -------------------------------------------------- $this->log_item("Parse Current Time Variables"); $this->template = str_replace(LD . 'current_time' . RD, ee()->localize->now, $this->template); if (strpos($this->template, LD . 'current_time') !== FALSE and preg_match_all("/" . LD . "current_time\\s+format=([\"\\'])([^\\1]*?)\\1" . RD . "/", $this->template, $matches)) { for ($j = 0; $j < count($matches['0']); $j++) { //EE2.6+ support $func = is_callable(array(ee()->localize, 'format_date')) ? 'format_date' : 'decode_date'; $this->template = preg_replace("/" . preg_quote($matches['0'][$j], '/') . "/", ee()->localize->{$func}($matches['2'][$j], ee()->localize->now), $this->template, 1); } } // -------------------------------------------- // Remove White Space from Variables // - Prevents errors apparently, // particularly when PHP is used in a template. // -------------------------------------------- $this->template = preg_replace("/" . LD . "\\s*(\\S+)\\s*" . RD . "/U", LD . "\\1" . RD, $this->template); // ------------------------------------- // Parse Input Stage PHP // ------------------------------------- if ($this->parse_php == TRUE and $this->php_parse_location == 'input') { $this->log_item("Parsing PHP on Input"); $this->template = $this->parse_template_php($this->template); } // ------------------------------------- // Smite Our Enemies: Conditionals // ------------------------------------- $this->log_item("Parsing Segment, Embed, and Global Vars Conditionals"); $this->template = $this->parse_simple_segment_conditionals($this->template); $this->template = $this->simple_conditionals($this->template, $this->embed_vars); $this->template = $this->simple_conditionals($this->template, ee()->config->_global_vars); // ------------------------------------- // Set global variable assignment // ------------------------------------- if (strpos($this->template, LD . 'assign_variable:') !== FALSE and preg_match_all("/" . LD . "assign_variable:(.+?)=([\"\\'])([^\\2]*?)\\2" . RD . "/i", $this->template, $matches)) { $this->log_item("Processing Assigned Variables: " . trim(implode('|', $matches['1']))); for ($j = 0; $j < count($matches['0']); $j++) { $this->template = str_replace($matches['0'][$j], "", $this->template); $this->template = str_replace(LD . $matches['1'][$j] . RD, $matches['3'][$j], $this->template); } } // ------------------------------------- // Replace Forward Slashes with Entity // because of silliness about pre_replace errors. // ------------------------------------- if (strpos($str, '{/exp:') !== FALSE) { $this->template = str_replace('/', '/', $this->template); } // -------------------------------------------- // Fetch Installed Modules and Plugins // -------------------------------------------- $this->fetch_addons(); // -------------------------------------------- // Parse Template's Tags! // -------------------------------------------- $this->log_item(" - Beginning Tag Processing - "); while (is_int(strpos($this->template, LD . 'exp:'))) { // Initialize values between loops $this->tag_data = array(); $this->var_single = array(); $this->var_cond = array(); $this->var_pair = array(); $this->loop_count = 0; $this->log_item("Parsing Tags in Template"); // Run the template parser $this->parse_tags(); $this->log_item("Processing Tags"); // Run the class/method handler $this->process_tags(); if ($this->cease_processing === TRUE) { return; } } $this->log_item(" - End Tag Processing - "); // -------------------------------------------- // Convert Slash Entity Back // -------------------------------------------- $this->template = str_replace(SLASH, '/', $this->template); // ------------------------------------- // Parse Output Stage PHP // ------------------------------------- if ($this->parse_php == TRUE and $this->php_parse_location == 'output') { $this->log_item("Parsing PHP on Output"); $this->template = $this->parse_template_php($this->template); } // ------------------------------------- // Parse Our Uncacheable Forms // ------------------------------------- $this->template = $this->parse_nocache($this->template); // ------------------------------------- // Smite Our Enemies: Advanced Conditionals // ------------------------------------- if (stristr($this->template, LD . 'if')) { $this->log_item("Processing Advanced Conditionals"); $this->template = $this->advanced_conditionals($this->template); } // ------------------------------------- // Build finalized template // ------------------------------------- // The sub-template routine will insert embedded // templates into the master template $this->final_template = $this->template; $this->process_sub_templates($this->template); // -------------------------------------------- // Finish with Global Vars and Return! // -------------------------------------------- return $this->parse_globals($this->final_template); }
function category_update() { if (!$this->cp->allowed_group('can_edit_categories')) { show_error($this->lang->line('unauthorized_access')); } $group_id = $this->input->get_post('group_id'); if ($group_id == '' or !is_numeric($group_id)) { show_error($this->lang->line('unauthorized_access')); } $edit = $this->input->post('cat_id') == '' ? FALSE : TRUE; $this->lang->loadfile('admin_content'); $this->load->model('category_model'); $this->load->library('api'); $this->api->instantiate('channel_categories'); // Create and validate Category URL Title // Kill all the extraneous characters. (We want the URL title to be pure alpha text) $word_separator = $this->config->item('word_separator'); $this->load->library('form_validation'); if ($this->input->post('cat_url_title') == '') { $_POST['cat_url_title'] = url_title($this->input->post('cat_name'), $word_separator, TRUE); } else { $_POST['cat_url_title'] = url_title($_POST['cat_url_title'], $word_separator); } $this->form_validation->set_rules('cat_name', 'lang:category_name', 'required'); $this->form_validation->set_rules('cat_url_title', 'lang:cat_url_title', 'callback__cat_url_title'); $this->form_validation->set_rules('cat_description', '', ''); $this->form_validation->set_rules('cat_image', '', ''); // Finish data prep for insertion if ($this->config->item('auto_convert_high_ascii') == 'y') { // Load the text helper $this->load->helper('text'); $_POST['cat_name'] = ascii_to_entities($_POST['cat_name']); } $_POST['cat_name'] = str_replace(array('<', '>'), array('<', '>'), $_POST['cat_name']); // Pull out custom field data for later insertion $fields = array(); foreach ($_POST as $key => $val) { if (strpos($key, 'field') !== FALSE) { $fields[$key] = $val; } } // Check for missing required custom fields $this->db->select('field_id, field_label'); $this->db->where('group_id', $group_id); $this->db->where('field_required', 'y'); $query = $this->db->get('category_fields'); $required_cat_fields = array(); if ($query->num_rows() > 0) { foreach ($query->result_array() as $row) { $required_cat_fields[$row['field_id']] = $row['field_label']; $this->form_validation->set_rules('field_id_' . $row['field_id'], $row['field_label'], 'required'); $this->form_validation->set_rules('field_ft_' . $row['field_id'], '', ''); } } foreach ($fields as $id => $val) { if (!isset($required_cat_fields[$id])) { $this->form_validation->set_rules('field_id_' . $id, '', ''); $this->form_validation->set_rules('field_ft_' . $id, '', ''); } } $this->form_validation->set_error_delimiters('<br /><span class="notice">', '<br />'); if ($this->form_validation->run() === FALSE) { return $this->category_edit(); } /* foreach ($fields as $id => $val) { unset($_POST[$id]); } */ $_POST['site_id'] = $this->config->item('site_id'); if ($edit == FALSE) { $category_data = array('group_id' => $this->input->post('group_id'), 'cat_name' => $this->input->post('cat_name'), 'cat_url_title' => $this->input->post('cat_url_title'), 'cat_description' => $this->input->post('cat_description'), 'cat_image' => $this->input->post('cat_image'), 'parent_id' => $this->input->post('parent_id'), 'cat_order' => $this->input->post('cat_order'), 'site_id' => $this->input->post('site_id')); $this->db->insert('categories', $category_data); $update = FALSE; // need this later for custom fields $field_cat_id = $this->db->insert_id(); // Re-order categories // When a new category is inserted we need to assign it an order. // Since the list of categories might have a custom order, all we // can really do is position the new category alphabetically. // First we'll fetch all the categories alphabetically and assign // the position of our new category $this->db->select('cat_id, cat_name'); $this->db->where('group_id', $group_id); $this->db->where('parent_id', $_POST['parent_id']); $this->db->order_by('cat_name', 'ASC'); $query = $this->db->get('categories'); $position = 0; $cat_id = ''; foreach ($query->result_array() as $row) { if ($_POST['cat_name'] == $row['cat_name']) { $cat_id = $row['cat_id']; break; } $position++; } // Next we'll fetch the list of categories ordered by the custom order // and create an array with the category ID numbers $this->db->select('cat_id, cat_name'); $this->db->where('group_id', $group_id); $this->db->where('parent_id', $_POST['parent_id']); $this->db->where('cat_id !=', $cat_id); $this->db->order_by('cat_order'); $query = $this->db->get('categories'); $cat_array = array(); foreach ($query->result_array() as $row) { $cat_array[] = $row['cat_id']; } // Now we'll splice in our new category to the array. // Thus, we now have an array in the proper order, with the new // category added in alphabetically array_splice($cat_array, $position, 0, $cat_id); // Lastly, update the whole list $i = 1; foreach ($cat_array as $val) { $this->db->query("UPDATE exp_categories SET cat_order = '{$i}' WHERE cat_id = '{$val}'"); $i++; } } else { if ($_POST['cat_id'] == $_POST['parent_id']) { $_POST['parent_id'] = 0; } // Check for parent becoming child of its child...oy! $this->db->select('parent_id, group_id'); $this->db->where('cat_id', $this->input->post('cat_id')); $query = $this->db->get('categories'); if ($this->input->get_post('parent_id') !== 0 && $query->num_rows() > 0 && $query->row('parent_id') !== $this->input->get_post('parent_id')) { $children = array(); // Fetch parent info $this->db->select('cat_name, cat_id, parent_id'); $this->db->where('group_id', $group_id); $this->db->from('categories'); $this->db->order_by('parent_id, cat_name'); $query = $this->db->get(); if ($query->num_rows() == 0) { $update = FALSE; return $this->category_editor($group_id, $update); } // Assign the query result to a multi-dimensional array foreach ($query->result_array() as $row) { $cat_array[$row['cat_id']] = array($row['parent_id'], $row['cat_name']); } foreach ($cat_array as $key => $values) { if ($values['0'] == $this->input->post('cat_id')) { $children[] = $key; } } if (count($children) > 0) { if (($key = array_search($this->input->get_post('parent_id'), $children)) !== FALSE) { $this->db->query($this->db->update_string('exp_categories', array('parent_id' => $query->row('parent_id')), "cat_id = '" . $children[$key] . "'")); } else { while (count($children) > 0) { $now = array_shift($children); foreach ($cat_array as $key => $values) { if ($values[0] == $now) { if ($key == $this->input->get_post('parent_id')) { $this->db->query($this->db->update_string('exp_categories', array('parent_id' => $query->row('parent_id')), "cat_id = '" . $key . "'")); break 2; } $children[] = $key; } } } } } } $sql = $this->db->update_string('exp_categories', array('cat_name' => $this->input->post('cat_name'), 'cat_url_title' => $this->input->post('cat_url_title'), 'cat_description' => $this->input->post('cat_description'), 'cat_image' => $this->input->post('cat_image'), 'parent_id' => $this->input->post('parent_id')), array('cat_id' => $this->input->post('cat_id'), 'group_id' => $this->input->post('group_id'))); $this->db->query($sql); $update = TRUE; // need this later for custom fields $field_cat_id = $this->input->post('cat_id'); } // Insert / Update Custom Field Data if ($edit == FALSE) { $fields['site_id'] = $this->config->item('site_id'); $fields['cat_id'] = $field_cat_id; $fields['group_id'] = $group_id; $this->db->insert('category_field_data', $fields); } elseif (!empty($fields)) { $this->db->query($this->db->update_string('exp_category_field_data', $fields, array('cat_id' => $field_cat_id))); } $this->functions->clear_caching('relationships'); $this->session->set_flashdata('message_success', $this->lang->line('preference_updated')); $this->functions->redirect(BASE . AMP . 'C=admin_content' . AMP . 'M=category_editor' . AMP . "group_id={$group_id}"); }
/** * Edit ajax filter */ public function edit_ajax_filter() { if (!AJAX_REQUEST) { show_error($this->lang->line('unauthorized_access')); } $this->output->enable_profiler(FALSE); $this->load->helper(array('form', 'text', 'url', 'snippets')); $filter_data['channel_id'] = $this->input->get_post('channel_id') != 'null' && $this->input->get_post('channel_id') != 'all' ? $this->input->get_post('channel_id') : ''; $filter_data['cat_id'] = $this->input->get_post('cat_id') != 'all' ? $this->input->get_post('cat_id') : ''; $filter_data['status'] = $this->input->get_post('status') != 'all' ? $this->input->get_post('status') : ''; $filter_data['date_range'] = $this->input->get_post('date_range'); $filter_data['author_id'] = $this->input->get_post('author_id'); $filter_data['keywords'] = $this->input->get_post('keywords') ? $this->input->get_post('keywords') : ''; $filter_data['search_in'] = $this->input->get_post('search_in') != '' ? $this->input->get_post('search_in') : 'title'; $filter_data['exact_match'] = $this->input->get_post('exact_match'); // Because of the auto convert we prepare a specific variable with the converted ascii // characters while leaving the $keywords variable intact for display and URL purposes $search_keywords = $this->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($filter_data['keywords']) : $filter_data['keywords']; $filter_data['search_keywords'] = $search_keywords; $filter = $this->create_return_filter($filter_data); // Apply only to comments- not part of edit page filter $filter_data['entry_id'] = $this->input->get_post('entry_id'); $filter_data['comment_id'] = $this->input->get_post('comment_id'); $filter_data['id_array'] = $this->input->get_post('id_array') ? explode($this->input->get_post('id_array')) : array(); $filter_data['validate'] = $this->input->get_post('validate') == 'true' ? TRUE : FALSE; $validate = $filter_data['validate']; $perpage = $this->input->get_post('iDisplayLength'); $offset = $this->input->get_post('iDisplayStart') ? $this->input->get_post('iDisplayStart') : 0; // Display start point $filter_data['perpage'] = $perpage; $filter_data['rownum'] = $offset; $sEcho = $this->input->get_post('sEcho'); if (isset($this->installed_modules['comment'])) { $col_map = array('exp_channel_titles.entry_id', 'title', 'view', 'comment_total', 'screen_name', 'entry_date', 'channel_name', 'status', ''); } else { $col_map = array('exp_channel_titles.entry_id', 'title', 'view', 'screen_name', 'entry_date', 'channel_name', 'status', ''); } /* Ordering */ $order = array(); if ($this->input->get('iSortCol_0') !== FALSE) { for ($i = 0; $i < $this->input->get('iSortingCols'); $i++) { if (isset($col_map[$this->input->get('iSortCol_' . $i)])) { $order[$col_map[$this->input->get('iSortCol_' . $i)]] = $this->input->get('sSortDir_' . $i) == 'asc' ? 'asc' : 'desc'; } } } $filtered_entries = $this->search_model->get_filtered_entries($filter_data, $order); // No result? Show the "no results" message $total = $filtered_entries['total_count']; $query_results = $filtered_entries['results']; $j_response['sEcho'] = $sEcho; $j_response['iTotalRecords'] = $this->db->count_all('channel_titles'); $j_response['iTotalDisplayRecords'] = $total; // -------------------------------------------- // Fetch the channel information we need later // -------------------------------------------- // Fetch channel ID numbers assigned to the current user $allowed_channels = $this->functions->fetch_assigned_channels(); if (empty($allowed_channels)) { show_error($this->lang->line('no_channels')); } // Fetch Color Library - We use this to assist with our status colors if (file_exists(APPPATH . 'config/colors' . EXT)) { include APPPATH . 'config/colors' . EXT; } else { $colors = ''; } $sql = "SELECT channel_id, channel_name FROM exp_channels "; $sql .= "WHERE site_id = '" . $this->db->escape_str($this->config->item('site_id')) . "' "; $w_array = array(); $result = $this->db->query($sql); if ($result->num_rows() > 0) { foreach ($result->result_array() as $rez) { $w_array[$rez['channel_id']] = $rez['channel_name']; } } // -------------------------------------------- // Fetch the status highlight colors // -------------------------------------------- $cql = "SELECT exp_channels.channel_id, exp_channels.channel_name, exp_statuses.status, exp_statuses.highlight\n\t\t\t\t FROM exp_channels, exp_statuses, exp_status_groups\n\t\t\t\t WHERE exp_status_groups.group_id = exp_channels.status_group\n\t\t\t\t AND exp_status_groups.group_id = exp_statuses.group_id\n\t\t\t\t AND\texp_statuses.highlight != ''\n\t\t\t\t AND\texp_status_groups.site_id = '" . $this->db->escape_str($this->config->item('site_id')) . "' "; // Limit to channels assigned to user $sql .= " AND exp_channels.channel_id IN ("; foreach ($allowed_channels as $val) { $sql .= "'" . $val . "',"; } $sql = substr($sql, 0, -1) . ')'; $result = $this->db->query($cql); $c_array = array(); if ($result->num_rows() > 0) { foreach ($result->result_array() as $rez) { $c_array[$rez['channel_id'] . '_' . $rez['status']] = str_replace('#', '', $rez['highlight']); } } // load the site's templates $templates = array(); $tquery = $this->db->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id\n\t\t\t\t\t\t\tFROM exp_template_groups, exp_templates\n\t\t\t\t\t\t\tWHERE exp_template_groups.group_id = exp_templates.group_id\n\t\t\t\t\t\t\tAND exp_templates.site_id = '" . $this->db->escape_str($this->config->item('site_id')) . "'"); if ($tquery->num_rows() > 0) { foreach ($tquery->result_array() as $row) { $templates[$row['template_id']] = $row['group_name'] . '/' . $row['template_name']; } } $tdata = array(); $i = 0; // Grab all autosaved entries $this->db->select('original_entry_id'); $autosave = $this->db->get('channel_entries_autosave'); $autosave_array = array(); foreach ($autosave->result() as $entry) { $autosave_array[] = $entry->original_entry_id; } foreach ($query_results as $row) { $m[] = $row['entry_id']; $title_output = anchor(BASE . AMP . 'C=content_publish' . AMP . 'M=entry_form' . AMP . 'channel_id=' . $row['channel_id'] . AMP . 'entry_id=' . $row['entry_id'] . $filter, $row['title']); $title_output .= in_array($row['entry_id'], $autosave_array) ? NBS . required() : ''; $m[] = $title_output; // "View" if ($row['live_look_template'] != 0 && isset($templates[$row['live_look_template']])) { $qm = $this->config->item('force_query_string') == 'y' ? '' : '?'; $url = $this->functions->create_url($templates[$row['live_look_template']] . '/' . $row['entry_id']); $view_link = anchor($this->functions->fetch_site_index() . $qm . 'URL=' . $url, $this->lang->line('view')); } else { $view_link = '--'; } $m[] = $view_link; // Add live look template // Comment count $show_link = TRUE; if ($row['author_id'] == $this->session->userdata('member_id')) { if (!$this->cp->allowed_group('can_edit_own_comments') and !$this->cp->allowed_group('can_delete_own_comments') and !$this->cp->allowed_group('can_moderate_comments')) { $show_link = FALSE; } } else { if (!$this->cp->allowed_group('can_edit_all_comments') and !$this->cp->allowed_group('can_delete_all_comments') and !$this->cp->allowed_group('can_moderate_comments')) { $show_link = FALSE; } } if (isset($this->installed_modules['comment'])) { // Comment Link if ($show_link !== FALSE) { $res = $this->db->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '" . $row['entry_id'] . "'"); $this->db->query_count--; $view_url = BASE . AMP . 'C=addons_modules' . AMP . 'M=show_module_cp' . AMP . 'module=comment' . AMP . 'method=index' . AMP . 'entry_id=' . $row['entry_id']; } $view_link = $show_link == FALSE ? '<div class="lightLinks">--</div>' : '<div class="lightLinks">(' . $res->row('count') . ')' . NBS . anchor($view_url, $this->lang->line('view')) . '</div>'; $m[] = $view_link; } // Username $name = $row['screen_name'] != '' ? $row['screen_name'] : $row['username']; $m[] = mailto($row['email'], $name); // Date $date_fmt = $this->session->userdata('time_format') != '' ? $this->session->userdata('time_format') : $this->config->item('time_format'); if ($date_fmt == 'us') { $datestr = '%m/%d/%y %h:%i %a'; } else { $datestr = '%Y-%m-%d %H:%i'; } $m[] = $this->localize->decode_date($datestr, $row['entry_date'], TRUE); // Channel $m[] = isset($w_array[$row['channel_id']]) ? '<div class="smallNoWrap">' . $w_array[$row['channel_id']] . '</div>' : ''; // Status $status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? $this->lang->line($row['status']) : $row['status']; $color_info = ''; if (isset($c_array[$row['channel_id'] . '_' . $row['status']]) and $c_array[$row['channel_id'] . '_' . $row['status']] != '') { $color = $c_array[$row['channel_id'] . '_' . $row['status']]; $prefix = (is_array($colors) and !array_key_exists(strtolower($color), $colors)) ? '#' : ''; // There are custom colours, override the class above $color_info = 'style="color:' . $prefix . $color . ';"'; } $m[] = '<span class="status_' . $row['status'] . '"' . $color_info . '>' . $status_name . '</span>'; // Delete checkbox $m[] = form_checkbox('toggle[]', $row['entry_id'], '', ' class="toggle" id="delete_box_' . $row['entry_id'] . '"'); $tdata[$i] = $m; $i++; unset($m); } // End foreach $j_response['aaData'] = $tdata; $this->output->send_ajax_response($j_response); }
/** * Parses a string of keywords into keywords and not keywords * * @access public * @param string // string of keywords * @return array */ public function keywords_parsing($keywords) { $return = array('keywords_exact_phrase' => '', 'keyword_terms' => array(), 'non_keyword_terms' => array()); if (empty($keywords)) { return $return; } ee()->load->helper('text'); // ---------------------------------------------- // Keywords Search! Yay! // ---------------------------------------------- $keywords = $this->keyword_clean(stripslashes($keywords)); $keywords = ee()->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($keywords) : $keywords; $keywords_exact_phrase = $keywords; // -------------------------------------------- // Parse Out Non-Keyword Terms // -------------------------------------------- $non_keyword_terms = array(); if (preg_match_all("/-\"(.*?)\"/", $keywords, $matches)) { for ($m = 0; $m < sizeof($matches[1]); $m++) { $non_keyword_terms[] = trim(str_replace('"', '', $matches[0][$m])); $keywords = str_replace($matches[0][$m], '', $keywords); } } if (preg_match_all("/-\\w/", $keywords, $matches)) { for ($m = 0; $m < sizeof($matches[1]); $m++) { $non_keyword_terms[] = trim(str_replace('"', '', $matches[0][$m])); } } // -------------------------------------------- // Parse Out Keyword Terms // -------------------------------------------- $keyword_terms = array(); if (preg_match_all("/\"(.*?)\"/", $keywords, $matches)) { for ($m = 0; $m < sizeof($matches['1']); $m++) { $keyword_terms[] = trim(str_replace('"', '', $matches[0][$m])); $keywords = str_replace($matches[0][$m], '', $keywords); } } if (trim($keywords) != '') { $keyword_terms = array_merge($keyword_terms, preg_split("/\\s+/", trim($keywords))); } return array('keywords_exact_phrase' => $keywords_exact_phrase, 'keyword_terms' => $keyword_terms, 'non_keyword_terms' => $non_keyword_terms); }
public function editField($id = 0) { $data = array('field_name' => ascii_to_entities($this->input->post('field_name')), 'agency_id' => $this->input->post('agency_id')); return $this->db->update('field', $data, array('field_id' => $id)); }
public function form_submit() { //no, you can't access this method as an exp:tag if ( ! empty($this->EE->TMPL)) { return; } if (version_compare(APP_VER, '2.8.0', '<') && ! $this->EE->security->secure_forms_check($this->EE->input->post('XID'))) { $this->EE->functions->redirect(stripslashes($this->EE->input->post('RET'))); } $return = $this->EE->input->post('return', TRUE); $secure_return = $this->EE->input->post('secure_return'); foreach (array('ACT', 'XID', 'RET', 'site_id', 'return', 'submit', 'secure_return', 'csrf_token') as $key) { unset($_POST[$key]); } $_POST = $this->EE->security->xss_clean($_POST); //convert some of POST like arrays -> pipe delimited lists foreach ($_POST as $key => $value) { if (is_array($value)) { foreach ($value as $_key => $_value) { //this is so we can keep 0 and '0', but get rid of '', NULL, and FALSE if ((string) $_value === '') { unset($value[$_key]); } } $_POST[$key] = implode('|', $value); } } if ($keywords = $this->EE->input->post('keywords')) { $this->EE->load->library('dynamo_cp', NULL, 'cp'); $this->EE->load->helper('text'); $this->EE->load->model('search_model'); $search = array( 'channel_id' => '', 'cat_id' => '', 'status' => '', 'date_range' => '', 'author_id' => '', 'search_in' => $this->EE->input->post('search_in') ? $this->EE->input->post('search_in') : 'body', 'exact_match' => $this->EE->input->post('exact_match'), 'keywords' => $keywords, 'search_keywords' => ($this->EE->config->item('auto_convert_high_ascii') === 'y') ? ascii_to_entities($keywords) : $keywords, '_hook_wheres' => array(), ); $data = $this->EE->search_model->build_main_query($search, array('title' => 'asc'), FALSE); if ($data['result_obj']->num_rows() === 0) { $_POST['entry_ids'] = array('X'); } else { $_POST['entry_ids'] = array(); foreach ($data['result_obj']->result() as $row) { $_POST['entry_ids'][] = $row->entry_id; } } } //clean, serialize, and encode the search parameter array for storage $parameters = base64_encode(serialize($_POST)); //get matching search if it already exists $search_id = $this->EE->db->select('search_id') ->from('dynamo') ->where('parameters', $parameters) ->get() ->row('search_id'); //generate a new search id if ( ! $search_id) { $search_id = $this->EE->functions->random('md5'); $this->EE->db->insert('dynamo', array( 'search_id' => $search_id, 'date' => $this->EE->localize->now, 'parameters' => $parameters, )); } $return = $this->EE->functions->create_url(rtrim($return, '/').'/'.$search_id); if ($secure_return) { $return = str_replace('http://', 'https://', $return); } $this->EE->functions->redirect($return); }
?> " width="328" height="35" /> </a> </span> </div> <h4>About <?php echo $profile_name; ?> </h4> <div id="about" class="scroll-content" style="margin-left:335px;"> <div class="block-box"> <div class="scroll-content"> <div class="scroll-pane"> <p><?php echo nl2br(ascii_to_entities($info1)); ?> </p> </div> </div> </div> </div> <div class="clear"></div> </div> </div> <div class="clear"></div> </div> <div class="left-content"> <div class="block-content"> <div class="block-bar inline"> <h3>VIDEO</h3>
public function editFaq($id = 0) { $data = array('faq_name' => ascii_to_entities($this->input->post('faq_name')), 'faq_answer' => ascii_to_entities($this->input->post('faq_answer'))); return $this->db->update('faq', $data, array('faq_id' => $id)); }
public function timkiem() { if (isset($_POST['submit']) && !empty($_POST['submit'])) { if (isset($this->session->userdata['txt_search'])) { $this->session->unset_userdata('txt_search'); } //$result = $this->service_model->getSearch(); // Lấy từ khóa tìm kiếm $str = ascii_to_entities($this->input->post('txt_search')); $str = strtolower($str); $this->session->set_userdata('txt_search', $str); } $str = $this->session->userdata('txt_search'); // Lấy dữ liệu về tên dịch vụ $query = $this->db->get('service'); $result10 = $query->result_array(); //echo $result10[3]['service_name']; $total = 0; // Lặp để tìm kiếm qua tất cả các dịch vụ foreach ($result10 as $item) { $str_data = strtolower($item['service_name']); if (preg_match('/' . $str . '/', $str_data, $matches)) { $result9[$total] = $item; $total += 1; } } //echo $result9[1]['service_name']; //echo "<br />".$total; $data['title'] = "Tìm kiếm thủ tục"; $data['base'] = $this->base; $data['resetcss'] = $this->resetcss; $data['maincss'] = $this->maincss; if ($total > 0) { // Cấu hình phân trang $config['base_url'] = 'http://localhost/publicservice/thutuchanhchinh/timkiem/pages/'; $config['total_rows'] = $total; $config['per_page'] = 5; $config['num_links'] = 20; $config['first_link'] = 'First'; $config['last_link'] = 'Last'; $config['next_link'] = '>'; $config['prev_link'] = '<'; $config['full_tag_open'] = '<div class="pagination">'; $config['full_tag_close'] = '</div>'; $config['uri_segment'] = 4; $this->pagination->initialize($config); $i = $this->uri->segment(4); if ($i == NULL) { $i = 0; } $for_length = $total < $i + $config['per_page'] ? $total : $i + $config['per_page']; for ($i; $i < $for_length; $i++) { $result[$i] = $result9[$i]; } $data['row5'] = $result; foreach ($result as $item) { $result2[$item['service_id']] = $this->field_model->getFieldById($item['field_id']); } $data['row6'] = $result2; foreach ($result as $item) { $field_id = $item['field_id']; $result3[$item['service_id']] = $this->agency_model->getAgencyByField($field_id); } $data['row7'] = $result3; $data['total'] = $total; $this->load->view('templates/header', $data); $this->load->view('templates/sidebar', $data); $this->load->view('thutuchanhchinh/search', $data); $this->load->view('templates/footer', $data); } else { $this->load->view('templates/header', $data); $this->load->view('templates/sidebar', $data); $this->load->view('thutuchanhchinh/search_not', $data); $this->load->view('templates/footer', $data); } //} }
public function editStaff($id = 0) { $data = array('username' => $this->input->post('username'), 'password' => $this->input->post('password'), 'fullname' => ascii_to_entities($this->input->post('fullname')), 'birthday' => $this->input->post('birthday'), 'agency_id' => $this->input->post('agency_id')); return $this->db->update('staff', $data, array('staff_id' => $id)); }
/** * Do Search */ function do_search() { $this->EE->lang->loadfile('search'); // Get hidden meta vars if (isset($_POST['meta'])) { $this->_get_meta_vars(); } /** ---------------------------------------- /** Profile Exception /** ----------------------------------------*/ // This is an exception to the normal search routine. // It permits us to search for all posts by a particular user's screen name // We look for the "mbr" $_GET variable. If it exsists it will // trigger our exception if ($this->EE->input->get_post('mbr')) { $this->_meta['result_page'] = $this->EE->input->get_post('result_path') != '' ? $this->EE->input->get_post('result_path') : 'search/results'; $_POST['keywords'] = ''; $_POST['exact_match'] = 'y'; $_POST['exact_keyword'] = 'n'; } // RP can be used in a query string, // so we need to clean it a bit $this->_meta['result_page'] = str_replace(array('=', '&'), '', $this->_meta['result_page']); /** ---------------------------------------- /** Pulldown Addition - Any, All, Exact /** ----------------------------------------*/ if (isset($this->_meta['where']) && $this->_meta['where'] == 'exact') { $_POST['exact_keyword'] = 'y'; } /** ---------------------------------------- /** Do we have a search results page? /** ----------------------------------------*/ // The search results template is specified as a parameter in the search form tag. // If the parameter is missing we'll issue an error since we don't know where to // show the results if (!isset($this->_meta['result_page']) or $this->_meta['result_page'] == '') { return $this->EE->output->show_user_error('general', array(lang('search_path_error'))); } /** ---------------------------------------- /** Is the current user allowed to search? /** ----------------------------------------*/ if ($this->EE->session->userdata('can_search') == 'n' and $this->EE->session->userdata('group_id') != 1) { return $this->EE->output->show_user_error('general', array(lang('search_not_allowed'))); } /** ---------------------------------------- /** Flood control /** ----------------------------------------*/ if ($this->EE->session->userdata['search_flood_control'] > 0 and $this->EE->session->userdata['group_id'] != 1) { $cutoff = time() - $this->EE->session->userdata['search_flood_control']; $sql = "SELECT search_id FROM exp_search WHERE site_id = '" . $this->EE->db->escape_str($this->EE->config->item('site_id')) . "' AND search_date > '{$cutoff}' AND "; if ($this->EE->session->userdata['member_id'] != 0) { $sql .= "(member_id='" . $this->EE->db->escape_str($this->EE->session->userdata('member_id')) . "' OR ip_address='" . $this->EE->db->escape_str($this->EE->input->ip_address()) . "')"; } else { $sql .= "ip_address='" . $this->EE->db->escape_str($this->EE->input->ip_address()) . "'"; } $query = $this->EE->db->query($sql); $text = str_replace("%x", $this->EE->session->userdata['search_flood_control'], lang('search_time_not_expired')); if ($query->num_rows() > 0) { return $this->EE->output->show_user_error('general', array($text)); } } /** ---------------------------------------- /** Did the user submit any keywords? /** ----------------------------------------*/ // We only require a keyword if the member name field is blank if (!isset($_GET['mbr']) or !is_numeric($_GET['mbr'])) { if (!isset($_POST['member_name']) or $_POST['member_name'] == '') { if (!isset($_POST['keywords']) or $_POST['keywords'] == "") { return $this->EE->output->show_user_error('general', array(lang('search_no_keywords'))); } } } /** ---------------------------------------- /** Strip extraneous junk from keywords /** ----------------------------------------*/ if ($_POST['keywords'] != "") { // Load the search helper so we can filter the keywords $this->EE->load->helper('search'); $this->keywords = sanitize_search_terms($_POST['keywords']); /** ---------------------------------------- /** Is the search term long enough? /** ----------------------------------------*/ if (strlen($this->keywords) < $this->min_length) { $text = lang('search_min_length'); $text = str_replace("%x", $this->min_length, $text); return $this->EE->output->show_user_error('general', array($text)); } // Load the text helper $this->EE->load->helper('text'); $this->keywords = $this->EE->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($this->keywords) : $this->keywords; /** ---------------------------------------- /** Remove "ignored" words /** ----------------------------------------*/ if ((!isset($_POST['exact_keyword']) or $_POST['exact_keyword'] != 'y') && @(include_once APPPATH . 'config/stopwords.php')) { $parts = explode('"', $this->keywords); $this->keywords = ''; foreach ($parts as $num => $part) { // The odd breaks contain quoted strings. if ($num % 2 == 0) { foreach ($ignore as $badword) { $part = preg_replace("/\\b" . preg_quote($badword, '/') . "\\b/i", "", $part); } } $this->keywords .= $num != 0 ? '"' . $part : $part; } if (trim($this->keywords) == '') { return $this->EE->output->show_user_error('general', array(lang('search_no_stopwords'))); } } /** ---------------------------------------- /** Log Search Terms /** ----------------------------------------*/ $this->EE->functions->log_search_terms($this->keywords); } if (isset($_POST['member_name']) and $_POST['member_name'] != "") { $_POST['member_name'] = $this->EE->security->xss_clean($_POST['member_name']); } /** ---------------------------------------- /** Build and run query /** ----------------------------------------*/ $original_keywords = $this->keywords; $mbr = !isset($_GET['mbr']) ? '' : $_GET['mbr']; $sql = $this->build_standard_query(); /** ---------------------------------------- /** No query results? /** ----------------------------------------*/ if ($sql == FALSE) { if (isset($this->_meta['no_results_page']) and $this->_meta['no_results_page'] != '') { $hash = $this->EE->functions->random('md5'); $data = array('search_id' => $hash, 'search_date' => time(), 'member_id' => $this->EE->session->userdata('member_id'), 'keywords' => $original_keywords != '' ? $original_keywords : $mbr, 'ip_address' => $this->EE->input->ip_address(), 'total_results' => 0, 'per_page' => 0, 'query' => '', 'custom_fields' => '', 'result_page' => '', 'site_id' => $this->EE->config->item('site_id')); $this->EE->db->query($this->EE->db->insert_string('exp_search', $data)); return $this->EE->functions->redirect($this->EE->functions->create_url($this->EE->functions->extract_path("='" . $this->_meta['no_results_page'] . "'")) . '/' . $hash . '/'); } else { return $this->EE->output->show_user_error('off', array(lang('search_no_result')), lang('search_result_heading')); } } /** ---------------------------------------- /** If we have a result, cache it /** ----------------------------------------*/ $hash = $this->EE->functions->random('md5'); $sql = str_replace("\\", "\\\\", $sql); // This fixes a bug that occurs when a different table prefix is used $sql = str_replace('exp_', 'MDBMPREFIX', $sql); $data = array('search_id' => $hash, 'search_date' => time(), 'member_id' => $this->EE->session->userdata('member_id'), 'keywords' => $original_keywords != '' ? $original_keywords : $mbr, 'ip_address' => $this->EE->input->ip_address(), 'total_results' => $this->num_rows, 'per_page' => (isset($_POST['RES']) and is_numeric($_POST['RES']) and $_POST['RES'] < 999) ? $_POST['RES'] : 50, 'query' => addslashes(serialize($sql)), 'custom_fields' => addslashes(serialize($this->fields)), 'result_page' => $this->_meta['result_page'], 'site_id' => $this->EE->config->item('site_id')); $this->EE->db->query($this->EE->db->insert_string('exp_search', $data)); /** ---------------------------------------- /** Redirect to search results page /** ----------------------------------------*/ // Load the string helper $this->EE->load->helper('string'); $path = $this->EE->functions->remove_double_slashes($this->EE->functions->create_url(trim_slashes($this->_meta['result_page'])) . '/' . $hash . '/'); return $this->EE->functions->redirect($path); }
<div style="background-image:none;min-height:300px"> <h1><?php echo $title; ?> </h1> <p> <ul class="single_list"> <?php foreach ($faqs as $q) { ?> <li><span style="font-size:15px;font-weight:bold;"><?php echo ascii_to_entities($q->faq_title); ?> </span> <ul><li style="background-image:none;margin:10px 0px"><?php echo ascii_to_entities($q->description); ?> </li></ul> </li> <?php } ?> </ul> </p> </div> <br class="cl" />
public function editAq($id = 0) { $data = array('aq_answer' => ascii_to_entities($this->input->post('aq_answer')), 'status' => $this->input->post('status')); return $this->db->update('aq', $data, array('aq_id' => $id)); }
function category_update() { if (AJAX_REQUEST) { if (!$this->cp->allowed_group('can_edit_categories')) { show_error(lang('unauthorized_access')); } } else { $this->_restrict_prefs_access(); } $group_id = $this->input->get_post('group_id'); if ($group_id == '' or !is_numeric($group_id)) { show_error(lang('unauthorized_access')); } $edit = $this->input->post('cat_id') == '' ? FALSE : TRUE; $this->load->model('category_model'); $this->load->library('api'); $this->api->instantiate('channel_categories'); // Create and validate Category URL Title // Kill all the extraneous characters. (We want the URL title to be pure alpha text) $word_separator = $this->config->item('word_separator'); $this->load->library('form_validation'); if ($this->input->post('cat_url_title') == '') { $_POST['cat_url_title'] = url_title($this->input->post('cat_name'), $word_separator, TRUE); } else { $_POST['cat_url_title'] = url_title($_POST['cat_url_title'], $word_separator); } $this->form_validation->set_rules('cat_name', 'lang:category_name', 'required'); $this->form_validation->set_rules('cat_url_title', 'lang:cat_url_title', 'callback__cat_url_title'); $this->form_validation->set_rules('cat_description', '', ''); // Get the Category Image $this->load->library('file_field'); $cat_image = $this->file_field->validate($this->input->post('cat_image'), 'cat_image'); $_POST['cat_image'] = $cat_image['value']; // Finish data prep for insertion if ($this->config->item('auto_convert_high_ascii') == 'y') { // Load the text helper $this->load->helper('text'); $_POST['cat_name'] = ascii_to_entities($_POST['cat_name']); } $_POST['cat_name'] = str_replace(array('<', '>'), array('<', '>'), $_POST['cat_name']); // Pull out custom field data for later insertion $fields = array(); foreach ($_POST as $key => $val) { if (strpos($key, 'field') !== FALSE) { $fields[$key] = $val; } } // Check for missing required custom fields $this->db->select('field_id, field_label'); $this->db->where('group_id', $group_id); $this->db->where('field_required', 'y'); $query = $this->db->get('category_fields'); $required_cat_fields = array(); if ($query->num_rows() > 0) { foreach ($query->result_array() as $row) { $required_cat_fields[$row['field_id']] = $row['field_label']; $this->form_validation->set_rules('field_id_' . $row['field_id'], $row['field_label'], 'required'); $this->form_validation->set_rules('field_ft_' . $row['field_id'], '', ''); } } foreach ($fields as $id => $val) { if (!isset($required_cat_fields[$id])) { $this->form_validation->set_rules('field_id_' . $id, '', ''); $this->form_validation->set_rules('field_ft_' . $id, '', ''); } } $this->form_validation->set_error_delimiters('<br /><span class="notice">', '<br />'); if ($this->form_validation->run() === FALSE) { return $this->category_edit(); } $_POST['site_id'] = $this->config->item('site_id'); $category_data = array('group_id' => $group_id, 'cat_name' => $this->input->post('cat_name'), 'cat_url_title' => $this->input->post('cat_url_title'), 'cat_description' => $this->input->post('cat_description'), 'cat_image' => $this->input->post('cat_image'), 'parent_id' => $this->input->post('parent_id'), 'cat_order' => 1, 'site_id' => $this->input->post('site_id')); if ($edit == FALSE) { $this->db->insert('categories', $category_data); $cat_id = $this->db->insert_id(); $update = FALSE; // Increment each pre-existing category's sort order to make room for the n00b $this->db->set('cat_order', 'cat_order + 1', FALSE); $this->db->where('cat_id !=', $cat_id); $this->db->where('group_id', $group_id); $this->db->where('parent_id', $_POST['parent_id']); $this->db->update('categories'); } else { if ($_POST['cat_id'] == $_POST['parent_id']) { $_POST['parent_id'] = 0; } // Check for parent becoming child of its child...oy! $this->db->select('parent_id, group_id'); $this->db->where('cat_id', $this->input->post('cat_id')); $query = $this->db->get('categories'); if ($this->input->get_post('parent_id') !== 0 && $query->num_rows() > 0 && $query->row('parent_id') !== $this->input->get_post('parent_id')) { $children = array(); // Fetch parent info $this->db->select('cat_name, cat_id, parent_id'); $this->db->where('group_id', $group_id); $this->db->from('categories'); $this->db->order_by('parent_id, cat_name'); $query = $this->db->get(); if ($query->num_rows() == 0) { $update = FALSE; return $this->category_editor($group_id, $update); } // Assign the query result to a multi-dimensional array foreach ($query->result_array() as $row) { $cat_array[$row['cat_id']] = array($row['parent_id'], $row['cat_name']); } foreach ($cat_array as $key => $values) { if ($values['0'] == $this->input->post('cat_id')) { $children[] = $key; } } if (count($children) > 0) { if (($key = array_search($this->input->get_post('parent_id'), $children)) !== FALSE) { $this->db->update('categories', array('parent_id' => $query->row('parent_id')), array('cat_id' => $children[$key])); } else { while (count($children) > 0) { $now = array_shift($children); foreach ($cat_array as $key => $values) { if ($values[0] == $now) { if ($key == $this->input->get_post('parent_id')) { $this->db->update('categories', array('parent_id' => $query->row('parent_id')), array('cat_id' => $key)); break 2; } $children[] = $key; } } } } } } $sql = $this->db->update_string('exp_categories', array('cat_name' => $this->input->post('cat_name'), 'cat_url_title' => $this->input->post('cat_url_title'), 'cat_description' => $this->input->post('cat_description'), 'cat_image' => $this->input->post('cat_image'), 'parent_id' => $this->input->post('parent_id')), array('cat_id' => $this->input->post('cat_id'), 'group_id' => $this->input->post('group_id'))); $this->db->query($sql); $update = TRUE; // need this later for custom fields $cat_id = $this->input->post('cat_id'); } // Need to re-sort alphabetically now? $this->db->select('sort_order'); $query = $this->db->get_where('category_groups', array('group_id' => $group_id)); if ($query->num_rows() == 1 && $query->row()->sort_order == 'a') { $this->_reorder_cats_alphabetically($group_id); } // Insert / Update Custom Field Data if ($edit == FALSE) { $fields['site_id'] = $this->config->item('site_id'); $fields['cat_id'] = $cat_id; $fields['group_id'] = $group_id; $this->db->insert('category_field_data', $fields); } elseif (!empty($fields)) { $this->db->query($this->db->update_string('exp_category_field_data', $fields, array('cat_id' => $cat_id))); } // ------------------------------------------- // 'category_save' hook. // if (ee()->extensions->active_hook('category_save') === TRUE) { ee()->extensions->call('category_save', $cat_id, $category_data); } // // ------------------------------------------- $this->session->set_flashdata('message_success', lang('preference_updated')); $this->functions->redirect(BASE . AMP . 'C=admin_content' . AMP . 'M=category_editor' . AMP . "group_id={$group_id}"); }
function add_items($channel_id = '', $message = '', $extra_sql = '', $search_url = '', $form_url = '', $action = '', $extra_fields_search = '', $extra_fields_entries = '', $heading = '') { ee()->lang->loadfile('content'); ee()->load->helper('url'); $channel_id = ''; $extra_sql = array(); ee()->db->select('entry_id'); $query = ee()->db->get('simple_commerce_items'); if ($query->num_rows() > 0) { $extra_sql['where'] = " AND exp_channel_titles.entry_id NOT IN ('"; foreach ($query->result_array() as $row) { $extra_sql['where'] .= $row['entry_id'] . "','"; } $extra_sql['where'] = substr($extra_sql['where'], 0, -2) . ') '; } ee()->load->library('api'); // $action, $extra_fields_*, and $heading are used by move_comments $vars['message'] = $message; $action = $action ? $action : ee()->input->get_post('action'); // Security check if (!ee()->cp->allowed_group('can_access_edit')) { show_error(lang('unauthorized_access')); } ee()->load->library('pagination'); ee()->load->library('table'); ee()->load->helper(array('form', 'text', 'url', 'snippets')); ee()->api->instantiate('channel_categories'); ee()->load->model('channel_model'); ee()->load->model('channel_entries_model'); ee()->load->model('category_model'); ee()->load->model('status_model'); // Load the search helper so we can filter the keywords ee()->load->helper('search'); ee()->view->cp_page_title = lang('edit'); ee()->cp->add_js_script('ui', 'datepicker'); ee()->javascript->output(array(ee()->javascript->hide(".paginationLinks .first"), ee()->javascript->hide(".paginationLinks .previous"))); ee()->javascript->output(' $(".toggle_all").toggle( function(){ $("input.toggle").each(function() { this.checked = true; }); }, function (){ var checked_status = this.checked; $("input.toggle").each(function() { this.checked = false; }); } ); '); ee()->jquery->tablesorter('.mainTable', '{ headers: { 2: {sorter: false}, 3: { // BLARG!!! This should be human readable sorted... }, 5: {dateFormat: "mm/dd/yy"}, 8: {sorter: false} }, widgets: ["zebra"] }'); ee()->javascript->output(' $("#custom_date_start_span").datepicker({ dateFormat: "yy-mm-dd", prevText: "<<", nextText: ">>", onSelect: function(date) { $("#custom_date_start").val(date); dates_picked(); } }); $("#custom_date_end_span").datepicker({ dateFormat: "yy-mm-dd", prevText: "<<", nextText: ">>", onSelect: function(date) { $("#custom_date_end").val(date); dates_picked(); } }); $("#custom_date_start, #custom_date_end").focus(function(){ if ($(this).val() == "yyyy-mm-dd") { $(this).val(""); } }); $("#custom_date_start, #custom_date_end").keypress(function(){ if ($(this).val().length >= 9) { dates_picked(); } }); function dates_picked() { if ($("#custom_date_start").val() != "yyyy-mm-dd" && $("#custom_date_end").val() != "yyyy-mm-dd") { // populate dropdown box focus_number = $("#date_range").children().length; $("#date_range").append("<option id=\\"custom_date_option\\">" + $("#custom_date_start").val() + " to " + $("#custom_date_end").val() + "</option>"); document.getElementById("date_range").options[focus_number].selected=true; // hide custom date picker again $("#custom_date_picker").slideUp("fast"); } } '); ee()->javascript->change("#date_range", "\n\t\t\tif (\$('#date_range').val() == 'custom_date')\n\t\t\t{\n\t\t\t\t// clear any current dates, remove any custom options\n\t\t\t\t\$('#custom_date_start').val('yyyy-mm-dd');\n\t\t\t\t\$('#custom_date_end').val('yyyy-mm-dd');\n\t\t\t\t\$('#custom_date_option').remove();\n\n\t\t\t\t// drop it down\n\t\t\t\t\$('#custom_date_picker').slideDown('fast');\n\t\t\t}\n\t\t\telse\n\t\t\t{\n\t\t\t\t\$('#custom_date_picker').hide();\n\t\t\t}\n\t\t"); ee()->javascript->output(' $(".paginationLinks a.page").click(function() { current_rownum = $("#perpage").val()*$(this).text()-$("#perpage").val(); current_perpage = $("#perpage").val(); $.getJSON("' . BASE . '&C=javascript&M=json&perpage="+$("#perpage").val()+"&rownum="+($("#perpage").val()*$(this).text()-$("#perpage").val())' . ', {ajax: "true"}, doPagination); return false; }); var current_rownum = 0; var current_perpage = 20; var total_entries = 60; // needs to be set via PHP var next_page = current_perpage; function doPagination(e){ var entries = ""; for (var i = 0; i < e.length; i++) { entries += "<tr>"; entries += "<td>" + e[i].id + "</td>"; entries += "<td><a href=\\"#\\">" + e[i].title + "</a></td>"; entries += "<td><a href=\\"#\\">Live Look</a></td>"; entries += "<td>(" + e[i].comment_count + ") <a href=\\"#\\">View</a></td>"; entries += "<td><div class=\'smallLinks\'><a href=\\"mailto:" + e[i].author_email + "\\">" + e[i].author + "</a></div></td>"; entries += "<td>" + e[i].entry_date + "</td>"; entries += "<td>" + e[i].channel_name + "</td>"; if (e[i].status == "Open") { entries += "<td><span style=\\"color:#339900;\\">" + e[i].status + "</span></td>"; } else { entries += "<td><span style=\\"color:#cc0000;\\">" + e[i].status + "</span></td>"; } entries += "<td><input class=\'checkbox\' type=\'checkbox\' name=\'toggle[]\' value=\'" + e[i].id + "\' /></td>"; entries += "</tr>"; } $(".mainTable tbody").html(entries); $(".mainTable").trigger("update"); var current_sort = $(".mainTable").get(0).config.sortList; $(".mainTable").trigger("sorton", [current_sort]); // add or remove first and last links (current_rownum >= current_perpage) ? $(".paginationLinks .first").show() : $(".paginationLinks .first").hide() ; (current_rownum >= current_perpage) ? $(".paginationLinks .previous").show() : $(".paginationLinks .previous").hide() ; (current_rownum >= (total_entries - current_perpage)) ? $(".paginationLinks .last").hide() : $(".paginationLinks .last").show() ; (current_rownum >= (total_entries - current_perpage)) ? $(".paginationLinks .next").hide() : $(".paginationLinks .next").show() ; // readjust page numbers for links } $(".paginationLinks .first").click(function() { current_perpage = $("#perpage").val(); current_rownum = 0; $.getJSON("' . BASE . '&C=javascript&M=json&per_page="+current_perpage+"&rownum="+current_rownum, {ajax: "true"}, doPagination); return false; }); $(".paginationLinks .previous").click(function() { current_perpage = $("#perpage").val(); current_rownum = Number(current_rownum) - Number($("#perpage").val()); $.getJSON("' . BASE . '&C=javascript&M=json&per_page="+current_perpage+"&rownum="+current_rownum, {ajax: "true"}, doPagination); return false; }); $(".paginationLinks .next").click(function() { current_perpage = $("#perpage").val(); current_rownum = Number(current_rownum) + Number($("#perpage").val()); $.getJSON("' . BASE . '&C=javascript&M=json&per_page="+current_perpage+"&rownum="+current_rownum, {ajax: "true"}, doPagination); return false; }); $(".paginationLinks .last").click(function() { current_perpage = $("#perpage").val(); current_rownum = total_entries; $.getJSON("' . BASE . '&C=edit&M=json_entries&per_page="+current_perpage+"&rownum="+current_rownum, {ajax: "true"}, doPagination); return false; }); '); $cp_theme = !ee()->session->userdata('cp_theme') ? ee()->config->item('cp_theme') : ee()->session->userdata('cp_theme'); $turn_on_robot = FALSE; // Fetch channel ID numbers assigned to the current user $allowed_channels = ee()->functions->fetch_assigned_channels(); if (empty($allowed_channels)) { show_error(lang('no_channels')); } // Fetch Color Library - We use this to assist with our status colors if (file_exists(APPPATH . 'config/colors.php')) { include APPPATH . 'config/colors.php'; } else { $colors = ''; } // We need to determine which channel to show entries from // if the channel_id combined if ($channel_id == '') { $channel_id = ee()->input->get_post('channel_id'); } if ($channel_id == 'null' or $channel_id === FALSE or !is_numeric($channel_id)) { $channel_id = ''; } $cat_group = ''; $cat_id = ee()->input->get_post('cat_id'); $status = ee()->input->get_post('status'); $order = ee()->input->get_post('order'); $date_range = ee()->input->get_post('date_range'); $total_channels = count($allowed_channels); // If we have more than one channel we'll write the JavaScript menu switching code if ($total_channels > 1) { ee()->javascript->output($this->filtering_menus()); } // Do we have a message to show? // Note: a message is displayed on this page after editing or submitting a new entry if (ee()->input->get_post("U") == 'mu') { $vars['message'] = lang('multi_entries_updated'); } // Declare the "filtering" form $vars['search_form'] = $search_url != '' ? $search_url : 'C=addons_modules' . AMP . 'M=show_module_cp' . AMP . 'module=simple_commerce' . AMP . 'method=add_items'; // If we have more than one channel we'll add the "onchange" method to // the form so that it'll automatically switch categories and statuses if ($total_channels > 1) { $vars['channel_select']['onchange'] = 'changemenu(this.selectedIndex);'; } // Design note: Because the JavaScript code dynamically switches the information inside the // pull-down menus we can't show any particular menu in a "selected" state unless there is only // one channel. Each channel is fully independent, so it can have its own categories, statuses, etc. // Channel selection pull-down menu // Fetch the names of all channels and write each one in an <option> field $fields = array('channel_title', 'channel_id', 'cat_group'); $where = array(); // If the user is restricted to specific channels, add that to the query if (ee()->session->userdata['group_id'] != 1) { $where[] = array('channel_id' => $allowed_channels); } $query = ee()->channel_model->get_channels(ee()->config->item('site_id'), $fields, $where); if ($query->num_rows() == 1) { $channel_id = $query->row('channel_id'); $cat_group = $query->row('cat_group'); } elseif ($channel_id != '') { foreach ($query->result_array() as $row) { if ($row['channel_id'] == $channel_id) { $channel_id = $row['channel_id']; $cat_group = $row['cat_group']; } } } $vars['channel_selected'] = ee()->input->get_post('channel_id'); $vars['channel_select_options'] = array('null' => lang('filter_by_channel')); if ($query->num_rows() > 1) { $vars['channel_select_options']['all'] = lang('all'); } foreach ($query->result_array() as $row) { $vars['channel_select_options'][$row['channel_id']] = $row['channel_title']; } // Category pull-down menu $vars['category_selected'] = $cat_id; $vars['category_select_options'][''] = lang('filter_by_category'); if ($total_channels > 1) { $vars['category_select_options']['all'] = lang('all'); } $vars['category_select_options']['none'] = lang('none'); if ($cat_group != '') { foreach (ee()->api_channel_categories->cat_array as $key => $val) { if (!in_array($val['0'], explode('|', $cat_group))) { unset(ee()->api_channel_categories->cat_array[$key]); } } $i = 1; $new_array = array(); foreach (ee()->api_channel_categories->cat_array as $ckey => $cat) { if ($ckey - 1 < 0 or !isset(ee()->api_channel_categories->cat_array[$ckey - 1])) { $vars['category_select_options']['NULL_' . $i] = '-------'; } $vars['category_select_options'][$cat['1']] = str_replace("!-!", " ", $cat['2']); if (isset(ee()->api_channel_categories->cat_array[$ckey + 1]) && ee()->api_channel_categories->cat_array[$ckey + 1]['0'] != $cat['0']) { $vars['category_select_options']['NULL_' . $i] = '-------'; } $i++; } } // Authors list $vars['author_selected'] = ee()->input->get_post('author_id'); $query = ee()->member_model->get_authors(); $vars['author_select_options'][''] = lang('filter_by_author'); foreach ($query->result_array() as $row) { $vars['author_select_options'][$row['member_id']] = $row['screen_name'] == '' ? $row['username'] : $row['screen_name']; } // Status pull-down menu $vars['status_selected'] = $status; $vars['status_select_options'][''] = lang('filter_by_status'); $vars['status_select_options']['all'] = lang('all'); $sel_1 = ''; $sel_2 = ''; if ($cat_group != '') { $sel_1 = $status == 'open' ? 1 : ''; $sel_2 = $status == 'closed' ? 1 : ''; } if ($cat_group != '') { $rez = ee()->db->query("SELECT status_group FROM exp_channels WHERE channel_id = '{$channel_id}'"); $query = ee()->db->query("SELECT status FROM exp_statuses WHERE group_id = '" . ee()->db->escape_str($rez->row('status_group')) . "' ORDER BY status_order"); if ($query->num_rows() > 0) { foreach ($query->result_array() as $row) { $status_name = ($row['status'] == 'closed' or $row['status'] == 'open') ? lang($row['status']) : $row['status']; $vars['status_select_options'][$row['status']] = $status_name; } } } else { $vars['status_select_options']['open'] = lang('open'); $vars['status_select_options']['closed'] = lang('closed'); } // Date range pull-down menu $vars['date_selected'] = $date_range; $vars['date_select_options'][''] = lang('date_range'); $vars['date_select_options']['1'] = lang('today'); $vars['date_select_options']['7'] = lang('past_week'); $vars['date_select_options']['31'] = lang('past_month'); $vars['date_select_options']['182'] = lang('past_six_months'); $vars['date_select_options']['365'] = lang('past_year'); $vars['date_select_options']['custom_date'] = lang('any_date'); // Display order pull-down menu $vars['order_selected'] = $order; $vars['order_select_options'][''] = lang('order'); $vars['order_select_options']['asc'] = lang('ascending'); $vars['order_select_options']['desc'] = lang('descending'); $vars['order_select_options']['alpha'] = lang('alpha'); // Results per page pull-down menu if (!($perpage = ee()->input->get_post('perpage'))) { $perpage = ee()->input->cookie('perpage'); } if ($perpage == '') { $perpage = 50; } ee()->functions->set_cookie('perpage', $perpage, 60 * 60 * 24 * 182); $vars['perpage_selected'] = $perpage; $vars['perpage_select_options']['10'] = '10 ' . lang('results'); $vars['perpage_select_options']['25'] = '25 ' . lang('results'); $vars['perpage_select_options']['50'] = '50 ' . lang('results'); $vars['perpage_select_options']['75'] = '75 ' . lang('results'); $vars['perpage_select_options']['100'] = '100 ' . lang('results'); $vars['perpage_select_options']['150'] = '150 ' . lang('results'); if (isset($_POST['keywords'])) { $keywords = sanitize_search_terms($_POST['keywords']); } elseif (isset($_GET['keywords'])) { $keywords = sanitize_search_terms(base64_decode($_GET['keywords'])); } else { $keywords = ''; } if (substr(strtolower($keywords), 0, 3) == 'ip:') { $keywords = str_replace('_', '.', $keywords); } // Because of the auto convert we prepare a specific variable with the converted ascii // characters while leaving the $keywords variable intact for display and URL purposes $search_keywords = ee()->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($keywords) : $keywords; $vars['exact_match'] = ee()->input->get_post('exact_match'); $vars['keywords'] = array('name' => 'keywords', 'value' => stripslashes($keywords), 'id' => 'keywords', 'maxlength' => 200); $search_in = ee()->input->get_post('search_in') != '' ? ee()->input->get_post('search_in') : 'title'; $vars['search_in_selected'] = $search_in; $vars['search_in_options']['title'] = lang('title_only'); $vars['search_in_options']['body'] = lang('title_and_body'); if (isset(ee()->installed_modules['comment'])) { $vars['search_in_options']['everywhere'] = lang('title_body_comments'); $vars['search_in_options']['comments'] = $this->lang->line('comments'); } // Build the main query if ($search_url != '') { $pageurl = BASE . AMP . $search_url; } else { $pageurl = BASE . AMP . 'C=addons_modules' . AMP . 'M=show_module_cp' . AMP . 'module=simple_commerce' . AMP . 'method=add_items'; } $sql_a = "SELECT "; if ($search_in == 'comments') { $sql_b = "DISTINCT(exp_comments.comment_id) "; } else { $sql_b = ($cat_id == 'none' or $cat_id != "") ? "DISTINCT(exp_channel_titles.entry_id) " : "exp_channel_titles.entry_id "; } $sql = "FROM exp_channel_titles\n\t\t\t\tLEFT JOIN exp_channels ON exp_channel_titles.channel_id = exp_channels.channel_id "; if ($keywords != '') { if ($search_in != 'title') { $sql .= "LEFT JOIN exp_channel_data ON exp_channel_titles.entry_id = exp_channel_data.entry_id "; } if ($search_in == 'everywhere' or $search_in == 'comments') { $sql .= "LEFT JOIN exp_comments ON exp_channel_titles.entry_id = exp_comments.entry_id "; } } elseif ($search_in == 'comments') { $sql .= "LEFT JOIN exp_comments ON exp_channel_titles.entry_id = exp_comments.entry_id "; } $sql .= "LEFT JOIN exp_members ON exp_members.member_id = exp_channel_titles.author_id "; if ($cat_id == 'none' or $cat_id != "") { $sql .= "LEFT JOIN exp_category_posts ON exp_channel_titles.entry_id = exp_category_posts.entry_id\n\t\t\t\t\t LEFT JOIN exp_categories ON exp_category_posts.cat_id = exp_categories.cat_id "; } if (is_array($extra_sql) && isset($extra_sql['tables'])) { $sql .= ' ' . $extra_sql['tables'] . ' '; } // Limit to channels assigned to user $sql .= " WHERE exp_channels.site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "' AND exp_channel_titles.channel_id IN ("; foreach ($allowed_channels as $val) { $sql .= "'" . $val . "',"; } $sql = substr($sql, 0, -1) . ')'; if (!ee()->cp->allowed_group('can_edit_other_entries') and !ee()->cp->allowed_group('can_view_other_entries')) { $sql .= " AND exp_channel_titles.author_id = " . ee()->session->userdata('member_id'); } if (is_array($extra_sql) && isset($extra_sql['where'])) { $sql .= ' ' . $extra_sql['where'] . ' '; } if ($keywords != '') { $pageurl .= AMP . 'keywords=' . base64_encode($keywords); if ($search_in == 'comments') { // When searching in comments we do not want to search the entry title. // However, by removing this we would have to make the rest of the query creation code // below really messy so we simply check for an empty title, which should never happen. // That makes this check pointless and allows us some cleaner code. -Paul $sql .= " AND (exp_channel_titles.title = '' "; } else { if ($vars['exact_match'] != 'yes') { $sql .= " AND (exp_channel_titles.title LIKE '%" . ee()->db->escape_like_str($search_keywords) . "%' "; } else { $pageurl .= AMP . 'exact_match=yes'; $sql .= " AND (exp_channel_titles.title = '" . ee()->db->escape_str($search_keywords) . "' OR exp_channel_titles.title LIKE '" . ee()->db->escape_like_str($search_keywords) . " %' OR exp_channel_titles.title LIKE '% " . ee()->db->escape_like_str($search_keywords) . " %' "; } } $pageurl .= AMP . 'search_in=' . $search_in; if ($search_in == 'body' or $search_in == 'everywhere') { // --------------------------------------- // Fetch the searchable field names // --------------------------------------- $fields = array(); $xql = "SELECT DISTINCT(field_group) FROM exp_channels"; if ($channel_id != '') { $xql .= " WHERE channel_id = '" . ee()->db->escape_str($channel_id) . "' "; } $query = ee()->db->query($xql); if ($query->num_rows() > 0) { $fql = "SELECT field_id FROM exp_channel_fields WHERE group_id IN ("; foreach ($query->result_array() as $row) { $fql .= "'" . $row['field_group'] . "',"; } $fql = substr($fql, 0, -1) . ')'; $query = ee()->db->query($fql); if ($query->num_rows() > 0) { foreach ($query->result_array() as $row) { $fields[] = $row['field_id']; } } } foreach ($fields as $val) { if ($exact_match != 'yes') { $sql .= " OR exp_channel_data.field_id_" . $val . " LIKE '%" . ee()->db->escape_like_str($search_keywords) . "%' "; } else { $sql .= " OR (exp_channel_data.field_id_" . $val . " LIKE '" . ee()->db->escape_like_str($search_keywords) . " %' OR exp_channel_data.field_id_" . $val . " LIKE '% " . ee()->db->escape_like_str($search_keywords) . " %' OR exp_channel_data.field_id_" . $val . " = '" . ee()->db->escape_str($search_keywords) . "') "; } } } if ($search_in == 'everywhere' or $search_in == 'comments') { if ($search_in == 'comments' && (substr(strtolower($search_keywords), 0, 3) == 'ip:' or substr(strtolower($search_keywords), 0, 4) == 'mid:')) { if (substr(strtolower($search_keywords), 0, 3) == 'ip:') { $sql .= " OR (exp_comments.ip_address = '" . ee()->db->escape_str(str_replace('_', '.', substr($search_keywords, 3))) . "') "; } elseif (substr(strtolower($search_keywords), 0, 4) == 'mid:') { $sql .= " OR (exp_comments.author_id = '" . ee()->db->escape_str(substr($search_keywords, 4)) . "') "; } } else { $sql .= " OR (exp_comments.comment LIKE '%" . ee()->db->escape_like_str($keywords) . "%') "; // No ASCII conversion here! } } $sql .= ")"; } if ($channel_id) { $pageurl .= AMP . 'channel_id=' . $channel_id; $sql .= " AND exp_channel_titles.channel_id = {$channel_id}"; } if ($date_range) { $pageurl .= AMP . 'date_range=' . $date_range; $date_range = time() - $date_range * 60 * 60 * 24; $sql .= " AND exp_channel_titles.entry_date > {$date_range}"; } if (is_numeric($cat_id)) { $pageurl .= AMP . 'cat_id=' . $cat_id; $sql .= " AND exp_category_posts.cat_id = '{$cat_id}'\n\t\t\t\t\t AND exp_category_posts.entry_id = exp_channel_titles.entry_id "; } if ($cat_id == 'none') { $pageurl .= AMP . 'cat_id=' . $cat_id; $sql .= " AND exp_category_posts.entry_id IS NULL "; } if ($status && $status != 'all') { $pageurl .= AMP . 'status=' . $status; $sql .= " AND exp_channel_titles.status = '{$status}'"; } $end = " ORDER BY "; if ($order) { $pageurl .= AMP . 'order=' . $order; switch ($order) { case 'asc': $end .= "entry_date asc"; break; case 'desc': $end .= "entry_date desc"; break; case 'alpha': $end .= "title asc"; break; default: $end .= "entry_date desc"; } } else { $end .= "entry_date desc"; } // ------------------------------ // Are there results? // ------------------------------ $query = ee()->db->query($sql_a . $sql_b . $sql); // No result? Show the "no results" message $vars['total_count'] = $query->num_rows(); if ($vars['total_count'] == 0) { ee()->javascript->compile(); $vars['heading'] = 'edit_channel_entries'; $vars['search_form_hidden'] = array(); ee()->load->view('edit_rip', $vars, TRUE); return; } // Get the current row number and add the LIMIT clause to the SQL query if (!($rownum = ee()->input->get_post('rownum'))) { $rownum = 0; } // -------------------------------------------- // Run the query again, fetching ID numbers // -------------------------------------------- if ($search_in == 'comments') { $rownum = ee()->input->get('current_page') ? ee()->input->get('current_page') : 0; } else { $pageurl .= AMP . 'perpage=' . $perpage; $vars['form_hidden']['pageurl'] = base64_encode($pageurl); // for pagination } $query = ee()->db->query($sql_a . $sql_b . $sql . $end . " LIMIT " . $rownum . ", " . $perpage); // Filter comments if ($search_in == 'comments') { $comment_array = array(); foreach ($query->result_array() as $row) { $comment_array[] = $row['comment_id']; } if ($keywords == '') { $pageurl .= AMP . 'keywords=' . base64_encode($keywords) . AMP . 'search_in=' . $search_in; } return ee()->view_comments('', '', '', FALSE, array_unique($comment_array), $vars['total_count'], $pageurl); } // -------------------------------------------- // Fetch the channel information we need later // -------------------------------------------- $sql = "SELECT channel_id, channel_name FROM exp_channels "; $sql .= "WHERE site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "' "; $w_array = array(); $result = ee()->db->query($sql); if ($result->num_rows() > 0) { foreach ($result->result_array() as $rez) { $w_array[$rez['channel_id']] = $rez['channel_name']; } } // -------------------------------------------- // Fetch the status highlight colors // -------------------------------------------- $cql = "SELECT exp_channels.channel_id, exp_channels.channel_name, exp_statuses.status, exp_statuses.highlight\n\t\t\t\t FROM exp_channels, exp_statuses, exp_status_groups\n\t\t\t\t WHERE exp_status_groups.group_id = exp_channels.status_group\n\t\t\t\t AND exp_status_groups.group_id = exp_statuses.group_id\n\t\t\t\t AND\texp_statuses.highlight != ''\n\t\t\t\t AND\texp_status_groups.site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "' "; // Limit to channels assigned to user $sql .= " AND exp_channels.channel_id IN ("; foreach ($allowed_channels as $val) { $sql .= "'" . $val . "',"; } $sql = substr($sql, 0, -1) . ')'; $result = ee()->db->query($cql); $c_array = array(); if ($result->num_rows() > 0) { foreach ($result->result_array() as $rez) { $c_array[$rez['channel_id'] . '_' . $rez['status']] = str_replace('#', '', $rez['highlight']); } } // information for entries table $vars['entries_form'] = $form_url != '' ? $form_url : 'C=addons_modules' . AMP . 'M=show_module_cp' . AMP . 'module=simple_commerce' . AMP . 'method=add_item'; $vars['form_hidden'] = $extra_fields_entries; $vars['search_form_hidden'] = $extra_fields_search ? $extra_fields_search : array(); // table headings $table_headings = array('#', lang('title'), lang('view')); // comments module installed? If so, add it to the list of headings. if (isset(ee()->installed_modules['comment'])) { $table_headings[] .= lang('comments'); } $table_headings = array_merge($table_headings, array(lang('author'), lang('date'), lang('channel'), lang('status'), form_checkbox('select_all', 'true', FALSE, 'class="toggle_all"'))); $vars['table_headings'] = $table_headings; // Build and run the full SQL query $sql = "SELECT "; $sql .= ($cat_id == 'none' or $cat_id != "") ? "DISTINCT(exp_channel_titles.entry_id), " : "exp_channel_titles.entry_id, "; $sql .= "exp_channel_titles.channel_id,\n\t\t\t\texp_channel_titles.title,\n\t\t\t\texp_channel_titles.author_id,\n\t\t\t\texp_channel_titles.status,\n\t\t\t\texp_channel_titles.entry_date,\n\t\t\t\texp_channel_titles.comment_total,\n\t\t\t\texp_channels.live_look_template,\n\t\t\t\texp_members.username,\n\t\t\t\texp_members.email,\n\t\t\t\texp_members.screen_name"; $sql .= " FROM exp_channel_titles\n\t\t\t\t LEFT JOIN exp_channels ON exp_channel_titles.channel_id = exp_channels.channel_id\n\t\t\t\t LEFT JOIN exp_members ON exp_members.member_id = exp_channel_titles.author_id "; if ($cat_id != 'none' and $cat_id != "") { $sql .= "INNER JOIN exp_category_posts ON exp_channel_titles.entry_id = exp_category_posts.entry_id\n\t\t\t\t\t INNER JOIN exp_categories ON exp_category_posts.cat_id = exp_categories.cat_id "; } $sql .= "WHERE exp_channel_titles.entry_id IN ("; foreach ($query->result_array() as $row) { $sql .= $row['entry_id'] . ','; } $sql = substr($sql, 0, -1) . ') ' . $end; $query = ee()->db->query($sql); // load the site's templates $templates = array(); $tquery = ee()->db->query("SELECT exp_template_groups.group_name, exp_templates.template_name, exp_templates.template_id\n\t\t\t\t\t\t\tFROM exp_template_groups, exp_templates\n\t\t\t\t\t\t\tWHERE exp_template_groups.group_id = exp_templates.group_id\n\t\t\t\t\t\t\tAND exp_templates.site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "'"); if ($tquery->num_rows() > 0) { foreach ($tquery->result_array() as $row) { $templates[$row['template_id']] = $row['group_name'] . '/' . $row['template_name']; } } // Grab all autosaved entries // Removed for here $vars['autosave_show'] = FALSE; // Loop through the main query result and set up data structure for table $vars['entries'] = array(); foreach ($query->result_array() as $row) { // Entry ID number $vars['entries'][$row['entry_id']][] = $row['entry_id']; // Channel entry title (view entry) $output = '<a href="' . BASE . AMP . 'C=content_publish' . AMP . 'M=entry_form' . AMP . 'channel_id=' . $row['channel_id'] . AMP . 'entry_id=' . $row['entry_id'] . '">' . $row['title'] . '</a>'; $vars['entries'][$row['entry_id']][] = $output; // "View" if ($row['live_look_template'] != 0 && isset($templates[$row['live_look_template']])) { $qm = ee()->config->item('force_query_string') == 'y' ? '' : '?'; $view_link = anchor(ee()->functions->fetch_site_index() . $qm . 'URL=' . ee()->functions->create_url($templates[$row['live_look_template']] . '/' . $row['entry_id']), lang('view'), '', TRUE); } else { $view_link = '--'; } $vars['entries'][$row['entry_id']][] = $view_link; // Comment count $show_link = TRUE; if ($row['author_id'] == ee()->session->userdata('member_id')) { if (!ee()->cp->allowed_group('can_edit_own_comments') and !ee()->cp->allowed_group('can_delete_own_comments') and !ee()->cp->allowed_group('can_moderate_comments')) { $show_link = FALSE; } } else { if (!ee()->cp->allowed_group('can_edit_all_comments') and !ee()->cp->allowed_group('can_delete_all_comments') and !ee()->cp->allowed_group('can_moderate_comments')) { $show_link = FALSE; } } if (isset(ee()->installed_modules['comment'])) { // Comment Link if ($show_link !== FALSE) { $res = ee()->db->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '" . $row['entry_id'] . "'"); ee()->db->query_count--; $view_url = BASE . AMP . 'C=content_edit' . AMP . 'M=view_comments' . AMP . 'channel_id=' . $row['channel_id'] . AMP . 'entry_id=' . $row['entry_id']; } $view_link = $show_link == FALSE ? '<div class="lightLinks">--</div>' : '<div class="lightLinks">(' . $res->row('count') . ')' . NBS . anchor($view_url, lang('view')) . '</div>'; $vars['entries'][$row['entry_id']][] = $view_link; } // Username $name = $row['screen_name'] != '' ? $row['screen_name'] : $row['username']; $vars['entries'][$row['entry_id']][] = mailto($row['email'], $name); // Date $date_fmt = ee()->session->userdata('time_format') != '' ? ee()->session->userdata('time_format') : ee()->config->item('time_format'); if ($date_fmt == 'us') { $datestr = '%m/%d/%y %h:%i %a'; } else { $datestr = '%Y-%m-%d %H:%i'; } $vars['entries'][$row['entry_id']][] = ee()->localize->format_date($datestr, $row['entry_date']); // Channel $vars['entries'][$row['entry_id']][] = isset($w_array[$row['channel_id']]) ? '<div class="smallNoWrap">' . $w_array[$row['channel_id']] . '</div>' : ''; // Status $status_name = ($row['status'] == 'open' or $row['status'] == 'closed') ? lang($row['status']) : $row['status']; $color_info = ''; if (isset($c_array[$row['channel_id'] . '_' . $row['status']]) and $c_array[$row['channel_id'] . '_' . $row['status']] != '') { $color = $c_array[$row['channel_id'] . '_' . $row['status']]; $prefix = (is_array($colors) and !array_key_exists(strtolower($color), $colors)) ? '#' : ''; // There are custom colours, override the class above $color_info = 'style="color:' . $prefix . $color . ';"'; } $vars['entries'][$row['entry_id']][] = '<span class="status_' . $row['status'] . '"' . $color_info . '>' . $status_name . '</span>'; // Delete checkbox $vars['entries'][$row['entry_id']][] = form_checkbox('toggle[]', $row['entry_id'], '', ' class="toggle" id="delete_box_' . $row['entry_id'] . '"'); } // End foreach // Pass the relevant data to the paginate class $config['base_url'] = $pageurl; $config['total_rows'] = $vars['total_count']; $config['per_page'] = $perpage; $config['page_query_string'] = TRUE; $config['query_string_segment'] = 'rownum'; $config['full_tag_open'] = '<p id="paginationLinks">'; $config['full_tag_close'] = '</p>'; $config['prev_link'] = '<img src="' . ee()->cp->cp_theme_url . 'images/pagination_prev_button.gif" width="13" height="13" alt="<" />'; $config['next_link'] = '<img src="' . ee()->cp->cp_theme_url . 'images/pagination_next_button.gif" width="13" height="13" alt=">" />'; $config['first_link'] = '<img src="' . ee()->cp->cp_theme_url . 'images/pagination_first_button.gif" width="13" height="13" alt="< <" />'; $config['last_link'] = '<img src="' . ee()->cp->cp_theme_url . 'images/pagination_last_button.gif" width="13" height="13" alt="> >" />'; ee()->pagination->initialize($config); $vars['pagination'] = ee()->pagination->create_links(); $vars['heading'] = $heading ? $heading : 'edit_channel_entries'; $vars['action_options'] = ''; if ($action == '') { $vars['action_options'] = array('add' => lang('add_items')); } elseif (is_array($action)) { $vars['action_options'] = $action; } ee()->javascript->compile(); return ee()->load->view('edit_rip', $vars, TRUE); }
/** * Sanitize earch terms * * @access private * @param string $keywords * @param boolean $exact_keyword * @return boolean */ private function _sanitize_search_terms($keywords, $exact_keyword = false) { /** ---------------------------------------- /** Strip extraneous junk from keywords /** ----------------------------------------*/ if ($keywords != "") { // Load the search helper so we can filter the keywords $this->EE->load->helper('search'); $keywords = sanitize_search_terms($keywords); /** ---------------------------------------- /** Is the search term long enough? /** ----------------------------------------*/ if (strlen($keywords) < $this->min_length) { $text = $this->EE->lang->line('search_min_length'); $text = str_replace("%x", $this->min_length, $text); return $this->EE->output->show_user_error('general', array($text)); } // Load the text helper $this->EE->load->helper('text'); $keywords = $this->EE->config->item('auto_convert_high_ascii') == 'y' ? ascii_to_entities($keywords) : $keywords; /** ---------------------------------------- /** Remove "ignored" words /** ----------------------------------------*/ if (!$exact_keyword) { $parts = explode('"', $keywords); $keywords = ''; foreach ($parts as $num => $part) { // The odd breaks contain quoted strings. if ($num % 2 == 0) { foreach ($this->_ignore as $badword) { $part = preg_replace("/\\b" . preg_quote($badword, '/') . "\\b/i", "", $part); } } $keywords .= $num != 0 ? '"' . $part : $part; } if (trim($keywords) == '') { return $this->EE->output->show_user_error('general', array($this->EE->lang->line('search_no_stopwords'))); } } } // finally, double spaces $keywords = str_replace(" ", " ", $keywords); return $keywords; }