public function index()
 {
     clear_cache();
     $note = file_get_contents(FANWE_ROOT . 'update/update.txt');
     $this->assign("note", nl2br($note));
     $this->display();
 }
Example #2
0
function weekly()
{
    echo "Clearing cache directories.\n";
    clear_cache(IMAGE_DIR . '/cache/');
    clear_cache(TEMPLATE_DIR . '/cache/');
    echo "Cache cleared.\n";
}
Example #3
0
/**
 * Delete the cache if a cache clear has been requested
 */
function handle_clear_cache()
{
    if (!isset($_POST['ms_clear_cache'])) {
        return;
    }
    clear_cache();
}
 function pushOut()
 {
     $numbers = array_keys(session('avatar'));
     if (isset($_GET['type'])) {
         D('Out')->setOut($numbers, $_GET['type']);
         D('Score')->where(array('number' => array('in', $numbers), 'type' => $_GET['type']))->delete();
     }
     clear_cache();
     redirect($_SERVER["HTTP_REFERER"]);
 }
 public function index()
 {
     clear_cache();
     //$note = file_get_contents(FANWE_ROOT.'update/update.txt');
     $dir = FANWE_ROOT . 'update/sql';
     $db = $this->getDB();
     $db_version = $db->query("select val from " . C('DB_PREFIX') . "sys_conf where name='SYS_VERSION'");
     $db_version = trim($db_version[0]['val']);
     $files = array();
     $is = false;
     if (is_dir($dir)) {
         if ($dh = opendir($dir)) {
             while (($file = readdir($dh)) !== false) {
                 if (strpos($file, $db_version . '-') !== false) {
                     $flie_type = filetype($dir . '/' . $file);
                     if ($flie_type == 'file') {
                         $path = $dir . '/' . $file;
                         if ($this->is_sql($file)) {
                             $is = true;
                             $file_stat = stat($path);
                             $note = file_get_contents($path);
                             $is_utf8 = $this->is_utf8($note);
                             if (!$is_utf8) {
                                 $note = $this->to_utf8($note);
                             }
                             $files['sql'] = array('name' => $file, 'note' => nl2br($note), 'path' => $path, 'mtime' => date('Y-m-d H:i:s', $file_stat['mtime']), 'is_utf8' => $is_utf8);
                         } elseif ($this->is_txt($file)) {
                             $note = file_get_contents($path);
                             $is_utf8 = $this->is_utf8($note);
                             if (!$is_utf8) {
                                 $note = $this->to_utf8($note);
                             }
                             $files['txt'] = array('name' => $file, 'note' => $note, 'path' => $path, 'is_utf8' => $is_utf8);
                         }
                     }
                 }
             }
         }
         closedir();
     }
     $this->assign('is', $is);
     $this->assign('files', $files);
     $this->assign('sql', $files['sql']['name']);
     if ($is) {
         $note = nl2br($files['txt']['note']);
     } else {
         $note = file_get_contents($dir . '/no.txt');
         if (!$this->is_utf8($note)) {
             $note = $this->to_utf8($note);
         }
     }
     $this->assign("note", $note);
     $this->display();
 }
function cache_display()
{
    $file = cache_file();
    // check that cache file exists and is not too old
    if (!file_exists($file)) {
        return;
    }
    if (filemtime($file) < time() - CACHE_TIME * 3600) {
        clear_cache();
        return;
    }
    // if so, display cache file and stop processing
    echo gzuncompress(file_get_contents($file));
    exit;
}
 public function index()
 {
     clear_cache();
     //系统安装
     if (file_exists($this->install_lock)) {
         $this->assign("jumpUrl", __ROOT__ . "/admin.php");
         $this->error("系统已经安装");
     } else {
         $this->assign("is_short_open_tag", ini_get('short_open_tag'));
         $_SESSION['from_items'] = "";
         $rs = $this->checkEnv();
         //检测系统环境
         $this->assign("result", $rs);
         $this->display();
         //输出检测结果
     }
 }
Example #8
0
function genereFileReferencement()
{
    genRobot();
    genSitemap();
    genRss();
    clear_cache();
}
        $site->debug->msg("Wrong sort parameter found! Trying to fix it...");
        $sql = $site->db->prepare("SELECT objekt.objekt_id, sorteering FROM objekt \r\n\t\t\tLEFT JOIN objekt_objekt on objekt.objekt_id=objekt_objekt.objekt_id \r\n\t\t\tWHERE kesk=? AND parent_id=? AND sorteering='0'\r\n\t\t\tORDER BY objekt_objekt.sorteering DESC", $args['asukoht'], $viga['parent_id']);
        $sth = new SQL($sql);
        $site->debug->msg($sth->debug->get_msgs());
        $sth2 = new SQL("SELECT MAX(sorteering) FROM objekt_objekt");
        $site->debug->msg($sth2->debug->get_msgs());
        $max_sort = $sth2->fetchsingle();
        $super_sort = $max_sort + $sth->rows;
        while ($data = $sth->fetch()) {
            $sql3 = $site->db->prepare("UPDATE objekt_objekt SET sorteering=? WHERE objekt_id=? AND sorteering=0", $super_sort, $data['objekt_id']);
            $sth3 = new SQL($sql3);
            $site->debug->msg($sth3->debug->get_msgs());
            $super_sort--;
        }
    }
    clear_cache("ALL");
    if (!$site->on_debug) {
        header("Location: " . (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $site->CONF['hostname'] . $site->fdat['url']);
    }
} else {
    ?>
Wrong ID
<?php 
}
if ($site->user) {
    $site->user->debug->print_msg();
}
if ($site->guest) {
    $site->guest->debug->print_msg();
}
$site->debug->print_msg();
function print_me($template)
{
    $leht =& $template->leht;
    $curr_rub_id = $leht->id;
    $site =& $template->site;
    ?>
<table width="<?php 
    echo $template->site->dbstyle("sisu_tabeli_laius", "layout");
    ?>
" height="<?php 
    echo $template->site->dbstyle("sisu_tabeli_korgus", "layout");
    ?>
"  border="0" cellspacing="<?php 
    echo $template->site->dbstyle("sisu_tabeli_cellspacing", "layout");
    ?>
" cellpadding="0">
<tr><td>
<?php 
    $objekt = new Objekt(array(objekt_id => $site->fdat[gallup_id], on_sisu => 1));
    if ($objekt && $objekt->all[on_avatud] && preg_match("/^\\d+\$/", $site->fdat[vastus])) {
        # gallup on korras
        ######## CHECK IF VISITOR is VOTED
        # 1) IP-based gallup
        if ($site->CONF[gallup_ip_check] == 1) {
            # kas kasutaja juba hääletanud?
            $sql = $site->db->prepare("SELECT COUNT(gi_id) FROM gallup_ip WHERE objekt_id=? AND ip=?", $objekt->objekt_id, $_SERVER["REMOTE_ADDR"]);
            $sth = new SQL($sql);
            $template->debug->msg($sth->debug->get_msgs());
            $is_ip_ok = !$sth->fetchsingle();
        } else {
            if ($site->CONF[gallup_ip_check] == 2 && $site->cookie["gallup[" . $kast->objekt_id . "]"] == 1) {
                $is_ip_ok = 0;
            } else {
                if ($site->CONF[gallup_ip_check] == 3) {
                    $sql = $site->db->prepare("SELECT COUNT(gi_id) FROM gallup_ip WHERE objekt_id=? AND user_id=?", $objekt->objekt_id, $site->user->user_id);
                    $sth = new SQL($sql);
                    $template->debug->msg($sth->debug->get_msgs());
                    $is_ip_ok = !$sth->fetchsingle();
                } else {
                    $is_ip_ok = 1;
                }
            }
        }
        ######## / CHECK IF VISITOR is VOTED
        ######## visitor CAN VOTE => UPDATE votes in DATABASE
        if ($is_ip_ok) {
            # UPDATE votes SUM
            $sql = $site->db->prepare("UPDATE gallup_vastus SET count=count+1 WHERE gv_id=? AND objekt_id=?", $site->fdat[vastus], $objekt->objekt_id);
            $sth = new SQL($sql);
            $template->debug->msg($sth->debug->get_msgs());
            # ------------------------
            # Kustutame cache-ist
            # ------------------------
            clear_cache("ALL");
            /*
            		$artikkel = new Objekt(array(
            			objekt_id => $site->alias("art_gallup_ok_id"),
            			on_sisu	=> 1,
            		));
            		$template->debug->msg($artikkel->debug->get_msgs());
            */
            $return_ok = 1;
            # paneme kirja: IP + user_id + time + vastus(gv_id)
            $sql = $site->db->prepare("INSERT INTO gallup_ip (objekt_id, ip, user_id, vote_time, gv_id) VALUES (?, ?, ?, " . $site->db->unix2db_datetime(time()) . ", ?)", $objekt->objekt_id, $_SERVER["REMOTE_ADDR"], $site->user->user_id, $site->fdat[vastus]);
            $sth = new SQL($sql);
            $template->debug->msg($sth->debug->get_msgs());
        } else {
            $artikkel = new Objekt(array(objekt_id => $site->alias("art_gallup_ip_olemas_id"), on_sisu => 1));
            $template->debug->msg($artikkel->debug->get_msgs());
        }
        ####### SHOW POLL
        header('Location: ' . $site->CONF['wwwroot'] . '/?id=' . $artikkel->objekt_id);
        exit;
    }
    #$site->debug->print_msg();
    $site->debug->print_hash($site->CONF, 1, "FDAT");
    ?>

<?php 
    if ($return_ok) {
        ?>
<script language="JavaScript">
<!--
window.location.replace('<?php 
        echo $site->fdat[uri];
        ?>
');
//-->
</script>
<?php 
    } else {
        ?>
	<p><a href="<?php 
        echo $site->fdat[uri];
        ?>
"><?php 
        echo $site->sys_sona(array(sona => "Tagasi", tyyp => "kujundus"));
        ?>
</a>
<?php 
    }
    ?>

</td>
</tr>
</table>
<?php 
}
Example #11
0
                 $my_cat = array();
                 foreach ($category_list as $element) {
                     $my_cat[] = $cat_info[$element]['name'];
                 }
                 $my_cat = stripslashes(implode(', ', $my_cat));
                 $row['template'] = str_replace("{%category%}", $my_cat, $row['template']);
                 $mail->send($config['admin_mail'], $lang['mail_news'], $row['template']);
             }
         }
         if ($config['allow_alt_url']) {
             msgbox($lang['add_ok'], "{$msg} <a href=\"{$config['http_home_url']}" . "addnews.html\">{$lang['add_noch']}</a> {$lang['add_or']} <a href=\"{$config['http_home_url']}\">{$lang['all_prev']}</a>");
         } else {
             msgbox($lang['add_ok'], "{$msg} <a href=\"{$PHP_SELF}?do=addnews\">{$lang['add_noch']}</a> {$lang['add_or']} <a href=\"{$config['http_home_url']}\">{$lang['all_prev']}</a>");
         }
         if ($approve) {
             clear_cache(array('news_', 'related_', 'tagscloud_', 'archives_', 'calendar_', 'topnews_', 'rss', 'stats'));
         }
     }
 } elseif ($is_logged and $user_group[$member_id['user_group']]['allow_adds']) {
     $tpl->load_template('addnews.tpl');
     $id = isset($_REQUEST['id']) ? intval($_REQUEST['id']) : 0;
     $found = false;
     $addtype = "addnews";
     if (!$user_group[$member_id['user_group']]['allow_html']) {
         $config['allow_site_wysiwyg'] = 0;
     }
     if ($config['allow_site_wysiwyg']) {
         include_once ENGINE_DIR . '/editor/shortsite.php';
         include_once ENGINE_DIR . '/editor/fullsite.php';
         $bb_code = "";
     } else {
Example #12
0
 function restore()
 {
     global $config, $lang, $dblink;
     if (!isset($_POST['file'])) {
         $_POST['file'] = $_GET['file'];
     }
     @set_error_handler("SXD_errorHandler", E_ALL ^ E_NOTICE);
     $buttons = "";
     echo tpl_page(tpl_process($lang['dumper_18']), $buttons);
     $this->SET['last_action'] = 1;
     $this->SET['last_db_restore'] = DBNAMES;
     $file = isset($_POST['file']) ? $_POST['file'] : '';
     $file = str_replace("\\", "/", $file);
     $file = str_replace("..", "", $file);
     $file = str_replace("/", "", $file);
     if (stripos($file, "php") !== false) {
         die("Hacking attempt!");
     }
     $db = $this->SET['last_db_restore'];
     if (!$db) {
         echo tpl_l($lang['dumper_19'], C_ERROR);
         exit;
     }
     echo tpl_l("{$lang['dumper_20']} `{$db}`.");
     // Определение формата файла
     if (preg_match("/^(.+?)\\.sql(\\.(bz2|gz))?\$/", $file, $matches)) {
         if (isset($matches[3]) && $matches[3] == 'bz2') {
             $this->SET['comp_method'] = 2;
         } elseif (isset($matches[2]) && $matches[3] == 'gz') {
             $this->SET['comp_method'] = 1;
         } else {
             $this->SET['comp_method'] = 0;
         }
         $this->SET['comp_level'] = '';
         if (!file_exists(PATH . "/{$file}")) {
             echo tpl_l($lang['dumper_21'], C_ERROR);
             exit;
         }
         echo tpl_l("{$lang['dumper_22']} `{$file}`.");
         $file = $matches[1];
     } else {
         echo tpl_l($lang['dumper_21'], C_ERROR);
         exit;
     }
     echo tpl_l(str_repeat("-", 60));
     $fp = $this->fn_open($file, "r");
     $this->file_cache = $sql = $table = $insert = '';
     $is_skd = $query_len = $execute = $q = $t = $i = $aff_rows = 0;
     $limit = 300;
     $index = 4;
     $tabs = 0;
     $cache = '';
     $info = array();
     $convert = false;
     // Установка кодировки соединения
     if ($this->mysql_version > 40101 && (CHARSET != 'auto' || $this->forced_charset)) {
         // Кодировка по умолчанию, если в дампе не указана кодировка
         mysqli_query("SET NAMES '" . $this->restore_charset . "'") or trigger_error($lang['dumper_6'] . mysqli_error($dblink), E_USER_ERROR);
         echo tpl_l("{$lang['dumper_7']} `" . $this->restore_charset . "`.", C_WARNING);
         $last_charset = $this->restore_charset;
     } else {
         $last_charset = '';
     }
     $last_showed = '';
     while (($str = $this->fn_read_str($fp)) !== false) {
         if (empty($str) || preg_match("/^(#|--)/", $str)) {
             if (!$is_dle and !empty($str)) {
                 $dle_info = explode("|", $str);
                 if ($dle_info[0] == "#DLE" and $dle_info[1] == $config['version_id']) {
                     $is_dle = 1;
                 } else {
                     echo tpl_l($lang['dumper_32'], C_ERROR);
                     exit;
                 }
             }
             if (!$is_skd && preg_match("/^#SKD101\\|/", $str)) {
                 $info = explode("|", $str);
                 echo tpl_s(0, $t / $info[4]);
                 $is_skd = 1;
             }
             continue;
         }
         $query_len += strlen($str);
         if (!$insert && preg_match("/^(INSERT INTO `?([^` ]+)`? .*?VALUES)(.*)\$/i", $str, $m)) {
             if ($table != $m[2]) {
                 $table = $m[2];
                 $tabs++;
                 $cache .= tpl_l("Таблица `{$table}`.");
                 $last_showed = $table;
                 $i = 0;
                 if ($is_skd) {
                     echo tpl_s(100, $t / $info[4]);
                 }
             }
             $insert = $m[1] . ' ';
             $sql .= $m[3];
             $index++;
             $info[$index] = isset($info[$index]) ? $info[$index] : 0;
             $limit = round($info[$index] / 20);
             $limit = $limit < 300 ? 300 : $limit;
             if ($info[$index] > $limit) {
                 echo $cache;
                 $cache = '';
                 echo tpl_s(0 / $info[$index], $t / $info[4]);
             }
         } else {
             $sql .= $str;
             if ($insert) {
                 $i++;
                 $t++;
                 if ($is_skd && $info[$index] > $limit && $t % $limit == 0) {
                     echo tpl_s($i / $info[$index], $t / $info[4]);
                 }
             }
         }
         if (!$insert && preg_match("/^CREATE TABLE (IF NOT EXISTS )?`?([^` ]+)`?/i", $str, $m) && $table != $m[2]) {
             $table = $m[2];
             $insert = '';
             $tabs++;
             $is_create = true;
             $i = 0;
         }
         if ($sql) {
             if (preg_match("/;\$/", $str)) {
                 $sql = rtrim($insert . $sql, ";");
                 if (empty($insert)) {
                     if ($this->mysql_version < 40101) {
                         $sql = preg_replace("/ENGINE\\s?=/", "TYPE=", $sql);
                     } elseif (preg_match("/CREATE TABLE/i", $sql)) {
                         // Выставляем кодировку соединения
                         if (preg_match("/(CHARACTER SET|CHARSET)[=\\s]+(\\w+)/i", $sql, $charset)) {
                             if (!$this->forced_charset && $charset[2] != $last_charset) {
                                 if (CHARSET == 'auto') {
                                     if ($config['charset'] == "utf-8" and $charset[2] == "cp1251") {
                                         $convert = true;
                                         $charset[2] = "utf8";
                                         $this->restore_charset = "utf8";
                                     }
                                     mysqli_query($dblink, "SET NAMES '" . $charset[2] . "'") or trigger_error("{$lang['dumper_6']}{$sql}<BR>" . mysqli_error($dblink), E_USER_ERROR);
                                     $cache .= tpl_l("{$lang['dumper_7']} `" . $charset[2] . "`.", C_WARNING);
                                     $last_charset = $charset[2];
                                 } else {
                                     $cache .= tpl_l($lang['dumper_8'], C_ERROR);
                                     $cache .= tpl_l($lang['dumper_9'] . ' `' . $table . '` -> ' . $charset[2] . ' (' . $lang['dumper_10'] . ' ' . $this->restore_charset . ')', C_ERROR);
                                 }
                             }
                             // Меняем кодировку если указано форсировать кодировку
                             if ($this->forced_charset or $convert) {
                                 $sql = preg_replace("/(\\/\\*!\\d+\\s)?((COLLATE)[=\\s]+)\\w+(\\s+\\*\\/)?/i", '', $sql);
                                 $sql = preg_replace("/((CHARACTER SET|CHARSET)[=\\s]+)\\w+/i", "\\1" . $this->restore_charset . $this->restore_collate, $sql);
                             }
                         } elseif (CHARSET == 'auto') {
                             // Вставляем кодировку для таблиц, если она не указана и установлена auto кодировка
                             $sql .= ' DEFAULT CHARSET=' . $this->restore_charset . $this->restore_collate;
                             if ($this->restore_charset != $last_charset) {
                                 mysqli_query($dblink, "SET NAMES '" . $this->restore_charset . "'") or trigger_error("{$lang['dumper_6']}{$sql}<BR>" . mysqli_error($dblink), E_USER_ERROR);
                                 $cache .= tpl_l("{$lang['dumper_7']} `" . $this->restore_charset . "`.", C_WARNING);
                                 $last_charset = $this->restore_charset;
                             }
                         }
                     }
                     if ($last_showed != $table) {
                         $cache .= tpl_l("{$lang['dumper_9']} `{$table}`.");
                         $last_showed = $table;
                     }
                 } elseif ($this->mysql_version > 40101 && empty($last_charset)) {
                     // Устанавливаем кодировку на случай если отсутствует CREATE TABLE
                     mysqli_query($dblink, "SET {$this->restore_charset} '" . $this->restore_charset . "'") or trigger_error("{$lang['dumper_6']}{$sql}<BR>" . mysqli_error($dblink), E_USER_ERROR);
                     echo tpl_l("{$lang['dumper_7']} `" . $this->restore_charset . "`.", C_WARNING);
                     $last_charset = $this->restore_charset;
                 }
                 $insert = '';
                 $execute = 1;
             }
             if ($query_len >= 65536 && preg_match("/,\$/", $str)) {
                 $sql = rtrim($insert . $sql, ",");
                 $execute = 1;
             }
             if ($execute) {
                 $q++;
                 if ($convert) {
                     if (function_exists('mb_convert_encoding')) {
                         $sql = mb_convert_encoding($sql, 'UTF-8', 'WINDOWS-1251');
                     } elseif (function_exists('iconv')) {
                         $sql = iconv('WINDOWS-1251', 'UTF-8//IGNORE', $sql);
                     }
                 }
                 mysqli_query($dblink, $sql) or trigger_error($lang['dumper_23'] . mysqli_error($dblink), E_USER_ERROR);
                 if (preg_match("/^insert/i", $sql)) {
                     $aff_rows += mysqli_affected_rows($dblink);
                 }
                 $sql = '';
                 $query_len = 0;
                 $execute = 0;
             }
         }
     }
     echo $cache;
     echo tpl_s(1, 1);
     echo tpl_l(str_repeat("-", 60));
     echo tpl_l($lang['dumper_24'], C_RESULT);
     if (isset($info[3])) {
         echo tpl_l("{$lang['dumper_25']} {$info[3]}", C_RESULT);
     }
     echo tpl_l("{$lang['dumper_26']} {$q}", C_RESULT);
     echo tpl_l("{$lang['dumper_27']} {$tabs}", C_RESULT);
     echo tpl_l("{$lang['dumper_28']} {$aff_rows}", C_RESULT);
     $this->tabs = $tabs;
     $this->records = $aff_rows;
     $this->size = filesize(PATH . $this->filename);
     $this->comp = $this->SET['comp_method'] * 10 + $this->SET['comp_level'];
     $this->fn_close($fp);
     $fdir = opendir(ENGINE_DIR . '/cache/system/');
     while ($file = readdir($fdir)) {
         if ($file != '.' and $file != '..' and $file != '.htaccess' and $file != 'cron.php') {
             @unlink(ENGINE_DIR . '/cache/system/' . $file);
         }
     }
     clear_cache();
 }
 public function set_default()
 {
     $adm_id = intval($_REQUEST['id']);
     $admin = M("Admin")->getById($adm_id);
     if ($admin) {
         M("Conf")->where("name = 'DEFAULT_ADMIN'")->setField("value", $admin['adm_name']);
         //开始写入配置文件
         $sys_configs = M("Conf")->findAll();
         $config_str = "<?php\n";
         $config_str .= "return array(\n";
         foreach ($sys_configs as $k => $v) {
             $config_str .= "'" . $v['name'] . "'=>'" . addslashes($v['value']) . "',\n";
         }
         $config_str .= ");\n ?>";
         $filename = get_real_path() . "public/sys_config.php";
         if (!($handle = fopen($filename, 'w'))) {
             $this->error(l("OPEN_FILE_ERROR") . $filename);
         }
         if (fwrite($handle, $config_str) === FALSE) {
             $this->error(l("WRITE_FILE_ERROR") . $filename);
         }
         fclose($handle);
         save_log(l("CHANGE_DEFAULT_ADMIN"), 1);
         clear_cache();
         $this->success(L("SET_DEFAULT_SUCCESS"));
     } else {
         $this->error(L("NO_ADMIN"));
     }
 }
Example #14
0
        for ($i = 0; $i < $n; $i++) {
            if ($comm_txt[$i] == "<") {
                $i++;
                continue;
            }
            $comm_txt[$i] = preg_replace("#([^\\s\n\r]{" . intval($config['auto_wrap']) . "})#i", "\\1<br />", $comm_txt[$i]);
        }
        $comm_txt = join("", $comm_txt);
    }
    $comm_update = $db->safesql($comm_txt);
    $db->query("UPDATE " . PREFIX . "_{$allowed_areas[$area]['comments_table']} SET text='{$comm_update}', approve='1' WHERE id = '{$id}'");
    if (!$row['approve']) {
        $db->query("UPDATE " . PREFIX . "_post SET comm_num=comm_num+1 WHERE id='{$row['post_id']}'");
    }
    $comm_txt = str_replace("[hide]", "", str_replace("[/hide]", "", $comm_txt));
    $buffer = stripslashes($comm_txt);
    $buffer = str_replace('{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $buffer);
    if (!$row['approve']) {
        if ($config['allow_alt_url'] == "yes" and !$config['seo_type']) {
            clear_cache('full_');
        } else {
            clear_cache('full_' . $row['post_id']);
        }
    }
    clear_cache('comm_' . $row['post_id']);
} else {
    die("error");
}
$db->close();
@header("Content-type: text/html; charset=" . $config['charset']);
echo $buffer;
Example #15
0
                    $tags_array[] = trim($value);
                }
            }
        }
        if (count($tags_array)) {
            $_POST['tags'] = implode(", ", $tags_array);
        } else {
            $_POST['tags'] = "";
        }
    }
    if ($_POST['tags']) {
        foreach ($selected_news as $id) {
            $edit_articles++;
            $id = intval($id);
            $db->query("DELETE FROM " . PREFIX . "_tags WHERE news_id = '{$id}'");
            $db->query("UPDATE " . PREFIX . "_post SET tags='{$_POST['tags']}' WHERE id='{$id}'");
            $tags = array();
            $tags_array = explode(",", $_POST['tags']);
            foreach ($tags_array as $value) {
                $tags[] = "('" . $id . "', '" . trim($value) . "')";
            }
            $tags = implode(", ", $tags);
            $db->query("INSERT INTO " . PREFIX . "_tags (news_id, tag) VALUES " . $tags);
        }
    }
    $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '46', '')");
    clear_cache();
    msg("info", $lang['mass_cloud_ok'], $lang['mass_cloud_ok'] . " ({$edit_articles})", $_SESSION['admin_referrer']);
} else {
    msg("info", $lang['mass_noact'], $lang['mass_noact_1'], $_SESSION['admin_referrer']);
}
Example #16
0
    $editreason = $db->safesql(htmlspecialchars(strip_tags(stripslashes(trim(convert_unicode($_POST['reason'], $config['charset'])))), ENT_QUOTES));
    if ($editreason != "") {
        $view_edit = 1;
    } else {
        $view_edit = 0;
    }
    $added_time = time() + $config['date_adjust'] * 60;
    if (!trim($_POST['title'])) {
        die($lang['add_err_7']);
    }
    if ($parse->not_allowed_text) {
        die($lang['news_err_39']);
    }
    $db->query("UPDATE " . PREFIX . "_post SET title='{$_POST['title']}', short_story='{$news_txt}', full_story='{$full_txt}', xfields='{$filecontents}', approve='{$approve}', allow_br='{$allow_br}' WHERE id = '{$id}'");
    $db->query("UPDATE " . PREFIX . "_post_extras SET editdate='{$added_time}', editor='{$member_id['name']}', reason='{$editreason}', view_edit='{$view_edit}' WHERE news_id = '{$id}'");
    if ($user_group[$member_id['user_group']]['allow_admin']) {
        $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$_TIME}', '{$_IP}', '25', '{$_POST['title']}')");
    }
    if ($config['allow_alt_url'] == "yes" and !$config['seo_type']) {
        $cprefix = "full_";
    } else {
        $cprefix = "full_" . $id;
    }
    clear_cache(array('news_', 'rss', $cprefix));
    $buffer = "ok";
} else {
    die("error");
}
$db->close();
$buffer = str_replace('{THEME}', $config['http_home_url'] . 'templates/' . $config['skin'], $buffer);
echo $buffer;
 public function reCalculate()
 {
     $this->clearPoints();
     $users = array();
     foreach ($this->GetIdNameTournament() as $t_id => $name) {
         foreach ($this->GetMatches(array("tournament_id" => $t_id, 'calculate' => 1)) as $m_id => $matche) {
             if ($rates = $this->GetRate(array("matche_id" => $m_id))) {
                 foreach ($rates as $rate) {
                     $point = intval(GetPoint($matche['points_1'], $matche['points_2'], $rate['rpoints_1'], $rate['rpoints_2']));
                     if (empty($users[$rate['user_id']])) {
                         $users[$rate['user_id']] = 0;
                     }
                     $users[$rate['user_id']] += $point;
                 }
             }
         }
     }
     foreach ($users as $id => $points) {
         $this->db->query("UPDATE " . PREFIX . "_users SET points={$points} WHERE user_id=" . $id);
     }
     clear_cache();
 }
Example #18
0
            $db->query("UPDATE " . PREFIX . "_{$allowed_areas[$area]['counter_table']} SET comm_num=comm_num-1 where id='{$post_id}'");
        }
        clear_cache(array('news_', 'full_', 'comm_', 'rss'));
        header("Location: {$_SESSION['referrer']}");
        die;
    } else {
        msgbox($lang['comm_err_2'], $lang['comm_err_4']);
    }
} elseif ($_POST['mass_action'] == "mass_delete" and count($_POST['selected_comments'])) {
    if ($_POST['dle_allow_hash'] != "" and $_POST['dle_allow_hash'] == $dle_login_hash and $is_logged and $user_group[$member_id['user_group']]['del_allc']) {
        foreach ($_POST['selected_comments'] as $id) {
            $id = intval($id);
            $row = $db->super_query("SELECT * FROM " . PREFIX . "_{$allowed_areas[$area]['comments_table']} where id = '{$id}'");
            $author = $db->safesql($row['autor']);
            $is_reg = $row['is_register'];
            $post_id = $row['post_id'];
            $db->query("DELETE FROM " . PREFIX . "_{$allowed_areas[$area]['comments_table']} WHERE id = '{$id}'");
            if ($is_reg) {
                $db->query("UPDATE " . USERPREFIX . "_users set comm_num=comm_num-1 where name ='{$author}'");
            }
            $db->query("UPDATE " . PREFIX . "_{$allowed_areas[$area]['counter_table']} SET comm_num=comm_num-1 where id='{$post_id}'");
        }
        clear_cache(array('news_', 'full_', 'comm_', 'rss'));
        header("Location: {$_SESSION['referrer']}");
        die;
    } else {
        msgbox($lang['comm_err_2'], $lang['comm_err_4']);
    }
} else {
    msgbox($lang['comm_err_2'], $lang['comm_err_5'] . "&nbsp;<a href=\"javascript:history.go(-1);\">{$lang['all_prev']}</a>");
}
Example #19
0
function poller_run(&$argv, &$argc)
{
    global $a, $db;
    if (is_null($a)) {
        $a = new App();
    }
    if (is_null($db)) {
        @(include ".htconfig.php");
        require_once "include/dba.php";
        $db = new dba($db_host, $db_user, $db_pass, $db_data);
        unset($db_host, $db_user, $db_pass, $db_data);
    }
    require_once 'include/session.php';
    require_once 'include/datetime.php';
    require_once 'library/simplepie/simplepie.inc';
    require_once 'include/items.php';
    require_once 'include/Contact.php';
    require_once 'include/email.php';
    require_once 'include/socgraph.php';
    require_once 'include/pidfile.php';
    load_config('config');
    load_config('system');
    $maxsysload = intval(get_config('system', 'maxloadavg'));
    if ($maxsysload < 1) {
        $maxsysload = 50;
    }
    if (function_exists('sys_getloadavg')) {
        $load = sys_getloadavg();
        if (intval($load[0]) > $maxsysload) {
            logger('system: load ' . $load . ' too high. Poller deferred to next scheduled run.');
            return;
        }
    }
    $lockpath = get_lockpath();
    if ($lockpath != '') {
        $pidfile = new pidfile($lockpath, 'poller');
        if ($pidfile->is_already_running()) {
            logger("poller: Already running");
            if ($pidfile->running_time() > 9 * 60) {
                $pidfile->kill();
                logger("poller: killed stale process");
                // Calling a new instance
                proc_run('php', 'include/poller.php');
            }
            exit;
        }
    }
    $a->set_baseurl(get_config('system', 'url'));
    load_hooks();
    logger('poller: start');
    // run queue delivery process in the background
    proc_run('php', "include/queue.php");
    // run diaspora photo queue process in the background
    proc_run('php', "include/dsprphotoq.php");
    // expire any expired accounts
    q("UPDATE user SET `account_expired` = 1 where `account_expired` = 0 \n\t\tAND `account_expires_on` != '0000-00-00 00:00:00' \n\t\tAND `account_expires_on` < UTC_TIMESTAMP() ");
    // delete user and contact records for recently removed accounts
    $r = q("SELECT * FROM `user` WHERE `account_removed` = 1 AND `account_expires_on` < UTC_TIMESTAMP() - INTERVAL 3 DAY");
    if ($r) {
        foreach ($r as $user) {
            q("DELETE FROM `contact` WHERE `uid` = %d", intval($user['uid']));
            q("DELETE FROM `user` WHERE `uid` = %d", intval($user['uid']));
        }
    }
    $abandon_days = intval(get_config('system', 'account_abandon_days'));
    if ($abandon_days < 1) {
        $abandon_days = 0;
    }
    // Check OStatus conversations
    check_conversations();
    // To-Do: Regenerate usage statistics
    // q("ANALYZE TABLE `item`");
    // once daily run birthday_updates and then expire in background
    $d1 = get_config('system', 'last_expire_day');
    $d2 = intval(datetime_convert('UTC', 'UTC', 'now', 'd'));
    if ($d2 != intval($d1)) {
        update_contact_birthdays();
        update_suggestions();
        set_config('system', 'last_expire_day', $d2);
        proc_run('php', 'include/expire.php');
    }
    $last = get_config('system', 'cache_last_cleared');
    if ($last) {
        $next = $last + 3600;
        // Once per hour
        $clear_cache = $next <= time();
    } else {
        $clear_cache = true;
    }
    if ($clear_cache) {
        // clear old cache
        Cache::clear();
        // clear old item cache files
        clear_cache();
        // clear cache for photos
        clear_cache($a->get_basepath(), $a->get_basepath() . "/photo");
        // clear smarty cache
        clear_cache($a->get_basepath() . "/view/smarty3/compiled", $a->get_basepath() . "/view/smarty3/compiled");
        // clear cache for image proxy
        if (!get_config("system", "proxy_disabled")) {
            clear_cache($a->get_basepath(), $a->get_basepath() . "/proxy");
            $cachetime = get_config('system', 'proxy_cache_time');
            if (!$cachetime) {
                $cachetime = PROXY_DEFAULT_TIME;
            }
            q('DELETE FROM `photo` WHERE `uid` = 0 AND `resource-id` LIKE "pic:%%" AND `created` < NOW() - INTERVAL %d SECOND', $cachetime);
        }
        set_config('system', 'cache_last_cleared', time());
    }
    $manual_id = 0;
    $generation = 0;
    $hub_update = false;
    $force = false;
    $restart = false;
    if ($argc > 1 && $argv[1] == 'force') {
        $force = true;
    }
    if ($argc > 1 && $argv[1] == 'restart') {
        $restart = true;
        $generation = intval($argv[2]);
        if (!$generation) {
            killme();
        }
    }
    if ($argc > 1 && intval($argv[1])) {
        $manual_id = intval($argv[1]);
        $force = true;
    }
    $interval = intval(get_config('system', 'poll_interval'));
    if (!$interval) {
        $interval = get_config('system', 'delivery_interval') === false ? 3 : intval(get_config('system', 'delivery_interval'));
    }
    $sql_extra = $manual_id ? " AND `id` = {$manual_id} " : "";
    reload_plugins();
    $d = datetime_convert();
    if (!$restart) {
        proc_run('php', 'include/cronhooks.php');
    }
    // Only poll from those with suitable relationships,
    // and which have a polling address and ignore Diaspora since
    // we are unable to match those posts with a Diaspora GUID and prevent duplicates.
    $abandon_sql = $abandon_days ? sprintf(" AND `user`.`login_date` > UTC_TIMESTAMP() - INTERVAL %d DAY ", intval($abandon_days)) : '';
    $contacts = q("SELECT `contact`.`id` FROM `contact` INNER JOIN `user` ON `user`.`uid` = `contact`.`uid` \n\t\tWHERE ( `rel` = %d OR `rel` = %d ) AND `poll` != ''\n\t\tAND NOT `network` IN ( '%s', '%s', '%s' )\n\t\t{$sql_extra} \n\t\tAND `self` = 0 AND `contact`.`blocked` = 0 AND `contact`.`readonly` = 0 \n\t\tAND `contact`.`archive` = 0 \n\t\tAND `user`.`account_expired` = 0 AND `user`.`account_removed` = 0 {$abandon_sql} ORDER BY RAND()", intval(CONTACT_IS_SHARING), intval(CONTACT_IS_FRIEND), dbesc(NETWORK_DIASPORA), dbesc(NETWORK_FACEBOOK), dbesc(NETWORK_PUMPIO));
    if (!count($contacts)) {
        return;
    }
    foreach ($contacts as $c) {
        $res = q("SELECT * FROM `contact` WHERE `id` = %d LIMIT 1", intval($c['id']));
        if (!$res || !count($res)) {
            continue;
        }
        foreach ($res as $contact) {
            $xml = false;
            if ($manual_id) {
                $contact['last-update'] = '0000-00-00 00:00:00';
            }
            if ($contact['network'] === NETWORK_DFRN) {
                $contact['priority'] = 2;
            }
            if (!get_config('system', 'ostatus_use_priority') and $contact['network'] === NETWORK_OSTATUS) {
                $contact['priority'] = 2;
            }
            if ($contact['priority'] || $contact['subhub']) {
                $hub_update = true;
                $update = false;
                $t = $contact['last-update'];
                // We should be getting everything via a hub. But just to be sure, let's check once a day.
                // (You can make this more or less frequent if desired by setting 'pushpoll_frequency' appropriately)
                // This also lets us update our subscription to the hub, and add or replace hubs in case it
                // changed. We will only update hubs once a day, regardless of 'pushpoll_frequency'.
                if ($contact['subhub']) {
                    $poll_interval = get_config('system', 'pushpoll_frequency');
                    $contact['priority'] = $poll_interval !== false ? intval($poll_interval) : 3;
                    $hub_update = false;
                    if (datetime_convert('UTC', 'UTC', 'now') > datetime_convert('UTC', 'UTC', $t . " + 1 day") || $force) {
                        $hub_update = true;
                    }
                } else {
                    $hub_update = false;
                }
                /**
                 * Based on $contact['priority'], should we poll this site now? Or later?
                 */
                switch ($contact['priority']) {
                    case 5:
                        if (datetime_convert('UTC', 'UTC', 'now') > datetime_convert('UTC', 'UTC', $t . " + 1 month")) {
                            $update = true;
                        }
                        break;
                    case 4:
                        if (datetime_convert('UTC', 'UTC', 'now') > datetime_convert('UTC', 'UTC', $t . " + 1 week")) {
                            $update = true;
                        }
                        break;
                    case 3:
                        if (datetime_convert('UTC', 'UTC', 'now') > datetime_convert('UTC', 'UTC', $t . " + 1 day")) {
                            $update = true;
                        }
                        break;
                    case 2:
                        if (datetime_convert('UTC', 'UTC', 'now') > datetime_convert('UTC', 'UTC', $t . " + 12 hour")) {
                            $update = true;
                        }
                        break;
                    case 1:
                    default:
                        if (datetime_convert('UTC', 'UTC', 'now') > datetime_convert('UTC', 'UTC', $t . " + 1 hour")) {
                            $update = true;
                        }
                        break;
                }
                if (!$update && !$force) {
                    continue;
                }
            }
            proc_run('php', 'include/onepoll.php', $contact['id']);
            if ($interval) {
                @time_sleep_until(microtime(true) + (double) $interval);
            }
        }
    }
    return;
}
         unset($result);
     }
     ##
     ###########################
     $sql = $site->db->prepare("INSERT INTO templ_tyyp (ttyyp_id, op, nimi, templ_fail, on_page_templ, on_nahtav, on_auto_avanev) values(?,?,?,?,?,?,?)", $max_id, $site->fdat['op_value'], $site->fdat[nimi], $filename, $site->fdat[on_page_templ], $site->fdat[on_nahtav], $site->fdat[on_auto_avanev]);
     $sth_i = new SQL($sql);
     $site->debug->msg($sth_i->debug->get_msgs());
     new Log(array('action' => 'create', 'component' => 'Templates', 'message' => "New template '" . $site->fdat[nimi] . "' (ID=" . $max_id . ") added"));
     $site->fdat['id'] = $sth_i->insert_id;
 } elseif ($site->fdat['op'] == "edit") {
     # --------------------------
     # UPDATE - MUUDA
     # --------------------------
     if (!$filename) {
         $filename = $ttyyp['templ_fail'];
         clear_cache('ALL');
     }
     ############################
     ## set op with posted value to NULL
     if ($type != 'page') {
         # dont show op for page templates (bug #1964)
         $sql = $site->db->prepare("update templ_tyyp set op=NULL where op=?;", $site->fdat['op_value']);
         $result = new SQL($sql);
         unset($result);
     }
     ##
     ###########################
     $sql = $site->db->prepare("UPDATE templ_tyyp SET nimi=?, op=?, templ_fail=?, on_page_templ=?, on_nahtav=?, on_auto_avanev=? WHERE ttyyp_id=?", $site->fdat[nimi], $site->fdat['op_value'], $filename, $site->fdat[on_page_templ], $site->fdat[on_nahtav], $site->fdat[on_auto_avanev], $id);
     $sth_i = new SQL($sql);
     $site->debug->msg($sth_i->debug->get_msgs());
     new Log(array('action' => 'update', 'component' => 'Templates', 'message' => "Template '" . $ttyyp[nimi] . "' (ID=" . $id . ") updated"));
Example #21
0
function clear_cache($basepath = "", $path = "")
{
    if ($path == "") {
        $basepath = get_config('system', 'itemcache');
        $path = $basepath;
    }
    if ($path == "" or !is_dir($path)) {
        return;
    }
    if (substr(realpath($path), 0, strlen($basepath)) != $basepath) {
        return;
    }
    $cachetime = (int) get_config('system', 'itemcache_duration');
    if ($cachetime == 0) {
        $cachetime = 86400;
    }
    if ($dh = opendir($path)) {
        while (($file = readdir($dh)) !== false) {
            $fullpath = $path . "/" . $file;
            if (filetype($fullpath) == "dir" and $file != "." and $file != "..") {
                clear_cache($basepath, $fullpath);
            }
            if (filetype($fullpath) == "file" and filectime($fullpath) < time() - $cachetime) {
                unlink($fullpath);
            }
        }
        closedir($dh);
    }
}
Example #22
0
            }
            $db->free();
            if ($_POST['allow_subscribe'] and $user_group[$member_id['user_group']]['allow_subscribe'] and !$found_subscribe) {
                if (function_exists('openssl_random_pseudo_bytes')) {
                    $stronghash = md5(openssl_random_pseudo_bytes(15));
                } else {
                    $stronghash = md5(uniqid(mt_rand(), TRUE));
                }
                $salt = str_shuffle($stronghash);
                $s_hash = "";
                for ($i = 0; $i < 10; $i++) {
                    $s_hash .= $salt[mt_rand(0, 31)];
                }
                $s_hash = md5($s_hash);
                $db->query("INSERT INTO " . PREFIX . "_subscribe (user_id, name, email, news_id, hash) values ('{$member_id['user_id']}', '{$member_id['name']}', '{$member_id['email']}', '{$post_id}', '{$s_hash}')");
            }
        }
        if ($config['allow_alt_url'] and !$config['seo_type']) {
            $cprefix = "full_";
        } else {
            $cprefix = "full_" . $post_id;
        }
        clear_cache(array('news_', 'rss', 'comm_' . $post_id, $cprefix));
        if (!$ajax_adds and !$CN_HALT) {
            header("Location: {$_SERVER['REQUEST_URI']}");
            die;
        }
    } else {
        msgbox($lang['all_err_1'], implode("<br />", $stop) . "<br /><br /><a href=\"javascript:history.go(-1)\">" . $lang['all_prev'] . "</a>");
    }
}
Example #23
0
 public function uninstall()
 {
     $class_name = $_REQUEST['class_name'];
     $directory = APP_ROOT_PATH . "system/integrate/";
     $file = $directory . $class_name . "_integrate.php";
     if (file_exists($file)) {
         require_once $file;
         $integrate_class = $class_name . "_integrate";
         $integrate_item = new $integrate_class();
         $integrate_item->uninstall();
     }
     M("Conf")->where("name='INTEGRATE_CODE'")->setField("value", '');
     M("Conf")->where("name='INTEGRATE_CFG'")->setField("value", '');
     //开始写入配置文件
     $sys_configs = M("Conf")->findAll();
     $config_str = "<?php\n";
     $config_str .= "return array(\n";
     foreach ($sys_configs as $k => $v) {
         $config_str .= "'" . $v['name'] . "'=>'" . addslashes($v['value']) . "',\n";
     }
     $config_str .= ");\n ?>";
     $filename = get_real_path() . "public/sys_config.php";
     if (!($handle = fopen($filename, 'w'))) {
         $this->error(l("OPEN_FILE_ERROR") . $filename);
     }
     if (fwrite($handle, $config_str) === FALSE) {
         $this->error(l("WRITE_FILE_ERROR") . $filename);
     }
     fclose($handle);
     clear_cache();
     write_timezone();
     $this->assign("jumpUrl", u(MODULE_NAME . "/index"));
     save_log(l("UNINSTALL_SUCCESS"), 1);
     $this->success(l("UNINSTALL_SUCCESS"), 0);
 }
Example #24
0
function remove_product()
{
    $c = get_connection();
    if (isset($_GET['id'])) {
        $id = $_GET['id'];
    } else {
        return false;
    }
    $sql = 'delete from product where id=' . $id;
    $res = mysqli_query($c, $sql);
    if ($res) {
        clear_cache();
        return true;
    }
    return false;
}
Example #25
0
                        $file = $url[1];
                    } else {
                        $folder_prefix = "";
                        $file = $url[0];
                    }
                    $file = totranslit($file, false);
                    if (trim($file) == ".htaccess") {
                        die("Hacking attempt!");
                    }
                    @unlink(ROOT_DIR . "/uploads/files/" . $folder_prefix . $file);
                }
                $db->query("DELETE FROM " . PREFIX . "_files WHERE news_id = '{$item_db['0']}'");
            }
        } else {
            $no_permission = TRUE;
        }
    }
    clear_cache(array('news_', 'full_' . $item_db[0], 'comm_' . $item_db[0], 'tagscloud_', 'archives_', 'calendar_', 'rss'));
    if (!$_SESSION['admin_referrer']) {
        $_SESSION['admin_referrer'] = "?mod=editnews&amp;action=list";
    }
    if ($no_permission) {
        msg("error", $lang['addnews_error'], $lang['edit_denied'], $_SESSION['admin_referrer']);
    } elseif ($okdeleted) {
        msg("info", $lang['edit_delok'], $lang['edit_delok_1'], $_SESSION['admin_referrer']);
    } elseif ($okchanges) {
        msg("info", $lang['edit_alleok'], $lang['edit_alleok_1'], $_SESSION['admin_referrer']);
    } else {
        msg("error", $lang['addnews_error'], $lang['edit_allerr'], $_SESSION['admin_referrer']);
    }
}
Example #26
0
function check_install()
{
    if (!file_exists(get_real_path() . "public/install.lock")) {
        clear_cache();
        header('Location:' . APP_ROOT . '/install');
        exit;
    }
}
Example #27
0
    }
    if ($config['comments_rating_type'] == "1" and $allrate['rating'] < 0) {
        $db->query("UPDATE " . PREFIX . "_comments SET rating='{$go_rate}', vote_num='1' WHERE id ='{$c_id}'");
    } elseif (!$config['comments_rating_type'] and $allrate['rating'] < 0) {
        $db->query("UPDATE " . PREFIX . "_comments SET rating='{$go_rate}', vote_num='1' WHERE id ='{$c_id}'");
    } else {
        $db->query("UPDATE " . PREFIX . "_comments SET rating=rating+'{$go_rate}', vote_num=vote_num+1 WHERE id ='{$c_id}'");
    }
    if ($db->get_affected_rows()) {
        if ($is_logged) {
            $user_name = $member_id['name'];
        } else {
            $user_name = "noname";
        }
        $db->query("INSERT INTO " . PREFIX . "_comment_rating_log (c_id, ip, member, rating) values ('{$c_id}', '{$_IP}', '{$user_name}', '{$go_rate}')");
        clear_cache(array("comm_"));
    }
} elseif ($row['rating'] and $row['rating'] != $go_rate) {
    $allrate = $db->super_query("SELECT user_id, rating FROM " . PREFIX . "_comments WHERE id ='{$c_id}'");
    if ($config['comments_rating_type'] == "1" and $allrate['rating'] < 0) {
        $db->query("UPDATE " . PREFIX . "_comments SET rating='{$go_rate}', vote_num='1' WHERE id ='{$c_id}'");
    } elseif (!$config['comments_rating_type'] and $allrate['rating'] < 0) {
        $db->query("UPDATE " . PREFIX . "_comments SET rating='{$go_rate}', vote_num='1' WHERE id ='{$c_id}'");
    } else {
        $db->query("UPDATE " . PREFIX . "_comments SET rating=rating-'{$row['rating']}' WHERE id ='{$c_id}'");
        $db->query("UPDATE " . PREFIX . "_comments SET rating=rating+'{$go_rate}' WHERE id ='{$c_id}'");
    }
    $db->query("UPDATE " . PREFIX . "_comment_rating_log SET rating='{$go_rate}' WHERE c_id ='{$c_id}' AND {$where}");
} else {
    $db->close();
    echo "{\"error\":true, \"errorinfo\":\"{$lang['rating_error5']}\"}";
Example #28
0
/**
 *	Verify main admin data
 */
function e_verify()
{
    global $mySQLprefix;
    if (ACTIVE !== TRUE) {
        exit;
    }
    if (MAGIC_QUOTES_GPC == FALSE) {
        $a_name = addslashes($_POST['a_name']);
    } else {
        $a_name = $_POST['a_name'];
    }
    $a_name = str_replace('/*', '', $a_name);
    $result = mysql_query("SELECT * FROM " . $mySQLprefix . "user WHERE user_name='" . $a_name . "'");
    $row = mysql_fetch_array($result);
    // @TODO: Will need to handle other password encodings as well
    if ($row['user_password'] === md5($_POST['a_password']) && $row['user_perms'] === '0' && ACTIVE === TRUE) {
        clear_cache();
        return $row;
    } else {
        return FALSE;
    }
}
/**
* save object info to database
*
* Uses sub-scripts to save different data for different object types.
* No parameters used, only globals, it is included script.
*
* @package CMS
*
* Call:
*		include_once("edit_object.php");
*		save_object();
*/
function save_object()
{
    global $site;
    global $objekt;
    global $class_path;
    global $keel;
    global $tyyp;
    verify_form_token();
    ###################
    # 1. special case: if object is NEW picture
    if ($tyyp['klass'] == "pilt" && !$objekt->objekt_id) {
        include_once "edit_" . $tyyp['klass'] . ".php";
        if (function_exists("save_objekts")) {
            save_objekts(array(tyyp_id => $tyyp[tyyp_id], keel => $keel));
        }
    } else {
        # pealkiri peab olema!
        if ($site->fdat[pealkiri] == '' && $tyyp['klass'] != "kommentaar") {
            $errors .= $site->sys_sona(array(sona => "maaratud pealkiri", tyyp => "editor")) . "<br>";
        }
        ###################
        # Salvestame tyybi parameetrid
        if (file_exists("edit_" . $tyyp['klass'] . ".php")) {
            include_once "edit_" . $tyyp['klass'] . ".php";
            if (function_exists("save_tyyp_params")) {
                $templ_params = save_tyyp_params(array(objekt => $objekt));
            }
        }
        ###################
        # Salvestame malli parameetrid - old ver3 style
        # arvestame, et malli parameetrid k�ivad ainult sisumalli kohta
        $sql = $site->db->prepare("SELECT ttyyp_id, templ_fail FROM templ_tyyp WHERE ttyyp_id = ?", $site->fdat['ttyyp_id']);
        $sth = new SQL($sql);
        $site->debug->msg("EDIT: " . $sth->debug->get_msgs());
        $temp_ttyyp = $sth->fetch();
        if ($temp_ttyyp['templ_fail'] && strpos($temp_ttyyp['templ_fail'], '../') !== 0 && file_exists("../" . $temp_ttyyp['templ_fail'])) {
            include_once "../" . $temp_ttyyp['templ_fail'];
        }
        if (function_exists("save_params")) {
            $templ_params = save_params(array(objekt => $objekt));
        }
        ### ttyyp_params - ver3 style vs ver4. Bug #2506
        if (!empty($templ_params)) {
            $oldstyle_tyyp_params = true;
            # if old-ver-style fixed params are used
        } else {
            # use new ver4 style custom conf save/load by default
            $oldstyle_tyyp_params = false;
        }
        ###################
        # if no errors occured , begin saving to database
        if (!$errors) {
            $site->debug->msg("EDIT: Objekti salvestamine");
            ###################
            # strip HTML tags from headline, lyhi, sisu for strip-fields
            // folder title is folder filesystem name
            if ($site->fdat['tyyp_id'] == 22) {
                $site->fdat['pealkiri'] = safe_filename2($site->fdat['pealkiri']);
            }
            $pealkiri_strip = $site->fdat['pealkiri'];
            $sisu_strip = $site->fdat['scms_article_editor'] ? $site->fdat['scms_article_editor'] : ($site->fdat['sisu'] ? $site->fdat['sisu'] : $site->fdat['text']);
            # replace some tags with space before stripping tags (bug #1568 )
            $replace_tags_arr = array("<br>", "<BR>", "<br />", "<BR />", "&nbsp;");
            $pealkiri_strip = str_replace($replace_tags_arr, " ", $pealkiri_strip);
            $sisu_strip = str_replace($replace_tags_arr, " ", $sisu_strip);
            $replace_tags_arr = array("&amp;");
            $pealkiri_strip = str_replace($replace_tags_arr, "&", $pealkiri_strip);
            $sisu_strip = str_replace($replace_tags_arr, "&", $sisu_strip);
            $pealkiri_strip = strip_tags($pealkiri_strip);
            $sisu_strip = strip_tags($sisu_strip);
            // remove excess spaces
            $sisu_strip = preg_replace('/\\s+/', ' ', $sisu_strip);
            // overwrite catch for files, this is here so when a new file is being uploaded but
            // a file with a same name already exists
            // there wouldn't be double objects
            // instead use the existing object and move on as that objects update
            if ($site->fdat['tyyp_id'] == 21 && $_FILES['fileupload']['name']) {
                $parent_folder = new Objekt(array('objekt_id' => $objekt->parent_id, 'on_sisu' => 1));
                $parent_folder_path = preg_replace('#/$#', '', $site->absolute_path) . $parent_folder->all['relative_path'];
                // delete file
                if (file_exists($parent_folder_path . '/' . safe_filename2($_FILES['fileupload']['name']))) {
                    unlink($parent_folder_path . '/' . safe_filename2($_FILES['fileupload']['name']));
                }
                $file_path = preg_replace('#/$#', '', $site->absolute_path) . $objekt->all['relative_path'];
                // delete the file itself (bug #2586)
                if ($objekt->objekt_id && file_exists($file_path)) {
                    unlink($file_path);
                }
                $sql = $site->db->prepare('select objekt_id from obj_file where relative_path = ?', $parent_folder->all['relative_path'] . '/' . safe_filename2($_FILES['fileupload']['name']));
                $result = new SQL($sql);
                if ($result->rows && ($existing_id = $result->fetchsingle())) {
                    // delete the object used to overwrite
                    // don't delete if it's the same object (bug # 2576)
                    if ($objekt->objekt_id && $objekt->objekt_id != $existing_id) {
                        $objekt->del();
                    }
                    $objekt = new Objekt(array('objekt_id' => $existing_id, 'on_sisu' => 1, 'no_cache' => 1));
                }
            }
            // / overwrite catch
            ###################
            # UPDATE
            if ($objekt->objekt_id) {
                /* Check if avaldamise_algus & avaldamise_lopp has the right format
                			   if not fix it.
                			*/
                if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat[avaldamise_algus], $aa_reg)) {
                    if (!$aa_reg[2] && !$aa_reg[3]) {
                        $site->fdat['avaldamise_algus'] = $aa_reg[1] . " 00:00:00";
                    } else {
                        $site->fdat['avaldamise_algus'] = $aa_reg[1] . " " . $aa_reg[2] . ":" . $aa_reg[3] . ":00";
                    }
                }
                if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat['avaldamise_lopp'], $al_reg)) {
                    if (!$al_reg[2] && !$al_reg[3]) {
                        $site->fdat['avaldamise_lopp'] = $al_reg[1] . " 23:59:59";
                    } else {
                        $site->fdat['avaldamise_lopp'] = $al_reg[1] . " " . $al_reg[2] . ":" . $al_reg[3] . ":59";
                    }
                }
                /* End of check */
                $sql = $site->db->prepare("UPDATE objekt SET pealkiri=?, on_pealkiri=?, on_foorum=?, on_saadetud=?, ttyyp_id=?, page_ttyyp_id=?, pealkiri_strip=?, sisu_strip=?, aeg=?, avaldamisaeg_algus=?, avaldamisaeg_lopp=?, last_modified=" . time() . ", author=?, friendly_url=?, is_hided_in_menu=?, kesk=?, check_in=?, changed_user_id=?, changed_user_name=?, changed_time=?, on_avaldatud = ? WHERE objekt_id=?", $site->fdat['pealkiri'], $site->fdat['on_pealkiri'], $site->fdat['on_foorum'] ? 1 : 0, $site->fdat['on_saadetud'] ? 0 : 1, $site->fdat['ttyyp_id'], $site->fdat['page_ttyyp_id'], $pealkiri_strip, $sisu_strip, $site->db->ee_MySQL($site->fdat['aeg']), $site->db->ee_MySQL_long($site->fdat['avaldamise_algus']), $site->db->ee_MySQL_long($site->fdat['avaldamise_lopp']), $site->fdat['author'], $site->fdat['friendly_url'], $site->fdat['is_hided_in_menu'] ? 1 : 0, $site->fdat['kesk'], 0, $site->user->id, $site->user->name, date("Y-m-d H:i:s"), isset($site->fdat['publish']) && is_numeric($site->fdat['publish']) ? (int) $site->fdat['publish'] : $objekt->all['on_avaldatud'], $objekt->objekt_id);
                $sth = new SQL($sql);
                $site->debug->msg("EDIT: " . $sth->debug->get_msgs());
                # save old-ver3-style tyyp_params. Bug #2506
                # this SQL should happen only as exception and not by default
                if ($oldstyle_tyyp_params === true) {
                    $sql = $site->db->prepare("UPDATE objekt SET ttyyp_params = ? WHERE objekt_id=?", $templ_params ? $templ_params : 'ttyyp_params', $objekt->objekt_id);
                    $sth = new SQL($sql);
                    $site->debug->msg("EDIT: " . $sth->debug->get_msgs());
                }
                # ------------------------
                # Kustutame chache-ist ka
                # ------------------------
                clear_cache("ALL");
                new Log(array('action' => 'update', 'objekt_id' => $objekt->objekt_id, 'message' => sprintf("%s '%s' (ID = %s) %s", ucfirst(translate_en($objekt->all['klass'])), $objekt->pealkiri(), $objekt->objekt_id, "changed")));
            } else {
                /* Check if avaldamise_algus & avaldamise_lopp has the right format
                			   if not fix it.
                			*/
                if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat['avaldamise_algus'], $aa_reg)) {
                    if (!$aa_reg[2] && !$aa_reg[3]) {
                        $site->fdat['avaldamise_algus'] = $aa_reg[1] . " 00:00:00";
                    } else {
                        $site->fdat['avaldamise_algus'] = $aa_reg[1] . " " . $aa_reg[2] . ":" . $aa_reg[3] . ":00";
                    }
                }
                if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat['avaldamise_lopp'], $al_reg)) {
                    if (!$al_reg[2] && !$al_reg[3]) {
                        $site->fdat['avaldamise_lopp'] = $al_reg[1] . " 23:59:59";
                    } else {
                        $site->fdat['avaldamise_lopp'] = $al_reg[1] . " " . $al_reg[2] . ":" . $al_reg[3] . ":59";
                    }
                }
                /* End of check */
                $sql = $site->db->prepare("INSERT INTO objekt (pealkiri, on_pealkiri, on_foorum, on_saadetud, tyyp_id, author, on_avaldatud, keel, kesk, ttyyp_id, page_ttyyp_id, pealkiri_strip, sisu_strip, aeg, sys_alias, ttyyp_params, avaldamisaeg_algus, avaldamisaeg_lopp, last_modified, friendly_url, is_hided_in_menu, check_in, check_in_admin_id, created_user_id, created_user_name, created_time) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", $site->fdat['pealkiri'], $site->fdat['on_pealkiri'], $site->fdat['on_foorum'], $site->fdat['on_saadetud'] ? 0 : 1, $tyyp['tyyp_id'], $site->fdat['author'], $site->fdat['sys_alias'] || $site->fdat['publish'] ? 1 : 0, $tyyp['tyyp_id'] == 21 || $tyyp['tyyp_id'] == 22 ? 1 : $keel, $site->fdat['kesk'], $site->fdat['ttyyp_id'], $site->fdat['page_ttyyp_id'], $pealkiri_strip, $sisu_strip, $site->db->ee_MySQL($site->fdat['aeg']), $site->fdat['sys_alias'], $templ_params, $site->db->ee_MySQL_long($site->fdat['avaldamise_algus']), $site->db->ee_MySQL_long($site->fdat['avaldamise_lopp']), time(), $site->fdat['friendly_url'], $site->fdat['is_hided_in_menu'] ? 1 : 0, 0, $site->user->id, $site->user->id, $site->user->name, date("Y-m-d H:i:s"));
                $sth = new SQL($sql);
                $site->debug->msg("EDIT: " . $sth->debug->get_msgs());
                $obj_insert_id = $sth->insert_id;
                # ------------------------
                # Kustutame chache-ist ka
                # ------------------------
                clear_cache("ALL");
                $objekt = new Objekt(array(objekt_id => $obj_insert_id, no_cache => 1, creating => 1));
                if (!is_numeric($objekt->objekt_id)) {
                    $objekt->objekt_id = $obj_insert_id;
                }
                $site->fdat['id'] = $objekt->objekt_id;
                new Log(array('action' => 'create', 'objekt_id' => $objekt->objekt_id, 'message' => sprintf("%s '%s' (ID = %s) %s", ucfirst(translate_en($objekt->all['klass'])), $objekt->pealkiri(), $objekt->objekt_id, "inserted")));
                $is_new = 1;
            }
            # / INSERT
            ###################
            ###################
            # WHAT IS THIS?
            $objekt->all["on_peida_vmenyy"] = $site->fdat["on_peida_vmenyy"] ? 1 : 0;
            ###################
            # SALVESTA t��bist s�ltuv osa
            #$fdat{objekt}->{klass} = "artikkel" if ($fdat{objekt}->{klass} eq "oigusakt");
            # INCLUDE t��bist s�ltuv fail
            include_once "edit_" . $tyyp['klass'] . ".php";
            # salvesta objekti t��bist s�ltuv osa
            salvesta_objekt();
            # save all profile fields:
            if ($site->fdat['profile_id']) {
                # if profile set
                save_obj_profile();
            }
            # / SALVESTA t��bist s�ltuv osa
            ###################
            ###################
            # PARENTS (tbl 'objekt_objekt')
            ###################
            $site->debug->msg("------------ PARENTS -------------");
            ###################
            #######################
            # 1. FIND NEW PARENTS
            $new_parents = array();
            # parentit on lubatud select-boxis muuta j�rgmistel objektidel:
            # artikkel, dokument, rubriik, album, asset, gallup, kommentaar
            # 1) kui tegu on lubatud objektiga JA vormis oli parent rubriik valitud,
            # siis
            if (($tyyp['klass'] == "artikkel" || $tyyp['klass'] == "dokument" || $tyyp['klass'] == "rubriik" || $tyyp['klass'] == "album" || $tyyp['klass'] == "asset" || $tyyp['klass'] == "gallup" || $tyyp['klass'] == "kommentaar" || $tyyp['klass'] == "link") && is_array($site->fdat['rubriik'])) {
                # salvesta k�ik vormis valitud rubriigid massiivi
                foreach ($site->fdat['rubriik'] as $value) {
                    $new_parents[$value] = 1;
                }
                # kui parenti ID oli 0, siis what the hell siin tehakse?
                /*
                if ($site->fdat['parent_id']==0) {
                	$new_parents[$site->fdat['parent_id']] = 1;
                }
                */
            } elseif ($site->fdat['parent_id']) {
                $new_parents[$site->fdat['parent_id']] = 1;
            }
            ######### get parent object
            if ($site->fdat['parent_id']) {
                $parent = new Objekt(array(objekt_id => $site->fdat['parent_id']));
            }
            # kui objektil leidub korrektne parent ja pole tegu rubriigiga,
            # siis pane parentiks 'parent_id' parameeter (eee, j�lle?)
            # Lauri: parent ise ei tohiks saada new_parentiks. seega kommentaari juures konkreetselt keelan ara
            if ($parent && $parent->all['klass'] != "rubriik" && $tyyp['klass'] != "kommentaar") {
                $new_parents[$site->fdat['parent_id']] = 1;
            }
            ######## gallupi erijuht
            if ($tyyp['klass'] == "gallup") {
                if ($site->fdat['on_avatud']) {
                    $objekt->load_sisu();
                    $site->debug->msg("EDIT: vana parent rullib!");
                    # removed by Bug #1896: gallupit ei saa teise rubriigi alla t�sta
                    # $new_parents = array($objekt->all["orig_parent_id"] => 1);
                } else {
                    # kui suletud gallup, siis liiguta gallupi arhiivi
                    $new_parents = array($site->alias("gallup_arhiiv") => 1);
                }
            }
            $site->debug->msg("EDIT: Selected new parents: " . join(",", array_keys($new_parents)));
            # 1. / FIND NEW PARENTS
            #######################
            #######################
            # 2. FIND CURRENT PARENTS
            $current_parents = array();
            ########### RUBRIIK V�I LINGIKAST
            if ($tyyp['klass'] == "rubriik") {
                ######## Otsime, kas rubriik kuulub ka m�ne uudistekogu alla - need on vaja uutele parentitele vaikselt lisada
                $sql = $site->db->prepare("SELECT objekt_objekt.parent_id FROM objekt_objekt LEFT JOIN objekt ON objekt.objekt_id=objekt_objekt.parent_id WHERE objekt_objekt.objekt_id=? and objekt.tyyp_id=9", $objekt->objekt_id);
                $sth = new SQL($sql);
                while ($tmp_data = $sth->fetchsingle()) {
                    $newslist_parents[$tmp_data] = 1;
                    # lisa salaja uudistekogu ID samuti uute parentite massiivile
                    $new_parents[$tmp_data] = 1;
                }
                unset($tmp_data);
                if ($sth->rows) {
                    $site->debug->msg("EDIT: Parent news lists: " . join(",", array_keys($newslist_parents)));
                }
                ########## leia rubriigi praegused parentid
                $sql = $site->db->prepare("SELECT parent_id FROM objekt_objekt WHERE objekt_id=?", $objekt->objekt_id);
                $sth = new SQL($sql);
                while ($tmp_data = $sth->fetch()) {
                    $parent_id = $tmp_data['parent_id'];
                    $current_parents[$parent_id] = 1;
                }
                ######### K�IK �LEJ��NUD objektid v.a rubriik ja lingikast
            } else {
                # -----------------------------------
                # siin on need objektid mille jaoks
                # on lubatud rohkem kui 1 �lema omama
                # -----------------------------------
                $sql = $site->db->prepare("SELECT parent_id FROM objekt_objekt WHERE objekt_id=?", $objekt->objekt_id);
                $sth = new SQL($sql);
                while ($tmp_data = $sth->fetch()) {
                    $parent_id = $tmp_data['parent_id'];
                    $current_parents[$parent_id] = 1;
                }
                # mis siin tehakse?
                # Lauri: oeldakse jargmise IF-i jaoks, et ara sinna sisse mine. vaata 10 rida allapoole
                if ($current_parents[0]) {
                    $new_parents[0] = 1;
                }
            }
            $site->debug->msg("EDIT: Current parents: " . join(",", array_keys($current_parents)));
            # / 2. FIND CURRENT PARENTS
            #######################
            # kui uute parentite massiiv on t�hi, siis kasuta vormis alati kaasas olnud
            # peidetud v��rtust 'permanent_parent_id'
            if ($site->fdat['permanent_parent_id'] != "" && !count(array_keys($new_parents))) {
                $new_parents[$site->fdat['permanent_parent_id']] = 1;
            }
            $site->debug->msg("EDIT: Final parents: " . join(",", array_keys($new_parents)));
            #######################
            # 3. CHECK NEW PARENTS PERMISSIONS
            foreach (array_keys($new_parents) as $parent_id) {
                if ($parent_id) {
                    # kui uus �lem (varem polnud), siis kontrolli �iguseid
                    if (!$current_parents[$parent_id]) {
                        ####### check permissions
                        $perm = get_obj_permission(array("objekt_id" => $parent_id));
                        # kui uuel parentil on CREATE �igus, siis luba lisada objekt selle parenti alla,
                        # muidu mitte
                        if ($perm['C']) {
                            $site->debug->msg("EDIT: New parent " . $parent_id . " permissions " . $perm['mask'] . " allow to create object under it => OK");
                        } else {
                            $site->debug->msg("EDIT: New parent " . $parent_id . " permissions " . $perm['mask'] . " don't allow to create object under it => FORBIDDEN");
                            # v�ta see parent maha uute parentite massiivist
                            unset($new_parents[$parent_id]);
                        }
                        # new parent permissions
                    }
                }
                # if parent_id
            }
            $site->debug->msg("EDIT: Final parents after permission check: " . join(",", array_keys($new_parents)));
            # / 3. CHECK NEW PARENTS PERMISSIONS
            #######################
            # kui uute parentite arv on 0 st objekti ei tohi uue parenti alla lisada,
            # siis �ra tee �ldse midagi
            if (!count(array_keys($new_parents))) {
                $site->debug->msg("EDIT: Can't move under new parent => don't do anything at all");
                $fatal_parent_error = 1;
            }
            # kui uued parentid on ainult uudistekogud (samad mis enne), siis �ra tee �ldse midagi
            if (sizeof($newslist_parents) > 0) {
                $result = array_diff(array_keys($new_parents), array_keys($newslist_parents));
                if (sizeof($result) <= 0) {
                    # kui massiivid pole erinevad
                    $site->debug->msg("EDIT: New parents are equal to existing newslist parents => don't do anything at all");
                    $fatal_parent_error = 1;
                }
            } else {
                if (!$fatal_parent_error) {
                    # if not fatal parent error
                    #######################
                    # 4. INSERT NEW PARENTS (siin on juba ainult need parentid, mille alla v�ib objekti lisada)
                    foreach (array_keys($new_parents) as $parent_id) {
                        if ($parent_id) {
                            # �lem on olemas, siis pole vaja midagi teha
                            if ($current_parents[$parent_id]) {
                                $current_parents[$parent_id] = 0;
                                $site->debug->msg("EDIT: Parent {$parent_id} j��b nagu oli");
                            } else {
                                if ($site->fdat["sorting"]) {
                                    $sorteering = $site->fdat["sorting"];
                                } else {
                                    $sql = "SELECT max(sorteering) FROM objekt_objekt";
                                    $sth = new SQL($sql);
                                    $sorteering = $sth->fetchsingle();
                                }
                                #move objects forward so new object can be inserted in the middle
                                $sql = $site->db->prepare("UPDATE objekt_objekt SET sorteering=sorteering+1 WHERE sorteering>?", $sorteering);
                                $sth = new SQL($sql);
                                $site->debug->msg("EDIT: " . $sql);
                                ################ INSERT
                                $sql = $site->db->prepare("INSERT INTO objekt_objekt (objekt_id, parent_id, sorteering) VALUES (?,?,?)", $objekt->objekt_id, $parent_id, $sorteering + 1);
                                $sth = new SQL($sql);
                                $site->debug->msg("EDIT: " . $sql);
                                if ($tyyp['klass'] == 'kommentaar') {
                                    $sql = $site->db->prepare("UPDATE objekt SET comment_count = comment_count+1 WHERE objekt_id=?", $parent_id);
                                    $sth = new SQL($sql);
                                    $site->debug->msg("EDIT: " . $sql);
                                }
                            }
                            # uus �lem, lisa
                        }
                        # if parent_id
                    }
                    # / 4. INSERT NEW PARENTS
                    #######################
                    #######################
                    # 5. DELETE OLD PARENTS
                    function notnull($a)
                    {
                        return $a > 0;
                    }
                    $to_delete = join(",", array_keys(array_filter($current_parents, "notnull")));
                    $site->debug->msg("EDIT: Current Parents, allowed to delete: " . $to_delete);
                    # kui vormis oli valitud m�ni parent rubriik JA objekt on lubatud t��pi (tal v�ib parentit muuta),
                    # siis... mis tehakse?
                    if (sizeof($site->fdat['rubriik']) > 0 && ($tyyp['klass'] == "artikkel" || $tyyp['klass'] == "dokument" || $tyyp['klass'] == "gallup" || $tyyp['klass'] == "rubriik" || $tyyp['klass'] == "album" || $tyyp['klass'] == "asset" || $tyyp['klass'] == "dokument" || $tyyp['klass'] == "gallup" || $tyyp['klass'] == "kommentaar" || $tyyp['klass'] == "link")) {
                        $parent_ids = array();
                        foreach (array_unique(array_merge($site->fdat['rubriik'], array_keys($new_parents))) as $tmp_id) {
                            if ((int) $tmp_id) {
                                $parent_ids[] = (int) $tmp_id;
                            }
                        }
                        ########### Lauri 04092009: store parents that will be deleted so we can reduce their comment_count
                        $sql = $site->db->prepare("SELECT parent_id FROM objekt_objekt WHERE objekt_id=? AND parent_id NOT IN(" . implode(',', $parent_ids) . ")", $objekt->objekt_id);
                        $sth = new SQL($sql);
                        $site->debug->msg("EDIT: " . $sql);
                        $parents_to_delete = array();
                        while ($return_row = $sth->fetch()) {
                            $parents_to_delete[] = $return_row['parent_id'];
                        }
                        ############ DELETE
                        $sql = $site->db->prepare("DELETE FROM objekt_objekt WHERE objekt_id=? AND parent_id NOT IN(" . implode(',', $parent_ids) . ")", $objekt->objekt_id);
                        $sth = new SQL($sql);
                        $site->debug->msg("EDIT: " . $sql);
                        ########## Lauri 04092009: reduce comment count for parents from which kommentaar was deleted
                        if ($tyyp['klass'] == 'kommentaar') {
                            $sql = $site->db->prepare("UPDATE objekt SET comment_count = comment_count-1 WHERE objekt_id IN(" . implode(',', $parents_to_delete) . ")");
                            $sth = new SQL($sql);
                            $site->debug->msg("EDIT: " . $sql);
                        }
                    }
                    ############ DELETE
                    # kui on parenteid, mida kustutada:
                    if ($to_delete) {
                        $sql = $site->db->prepare("DELETE FROM objekt_objekt WHERE objekt_id=? AND parent_id IN(?)", $objekt->objekt_id, $to_delete);
                        $sth = new SQL($sql);
                        $site->debug->msg("EDIT: " . $sql);
                        ############ Lauri 04092009: if some more parents got removed, reduce comment_count on them too. have to make sure not to do it twice tho
                        $comments_to_substract = array_diff((array) $to_delete, $parents_to_delete);
                        if ($tyyp['klass'] == 'kommentaar' && count($comments_to_substract)) {
                            $sql = $site->db->prepare("UPDATE objekt SET comment_count = comment_count-1 WHERE objekt_id IN (" . implode(',', $comments_to_substract) . ")");
                            $sth = new SQL($sql);
                            $site->debug->msg("EDIT: " . $sql);
                        }
                    }
                    # / 5. DELETE OLD PARENTS
                    #######################
                }
            }
            # if not fatal parent error (new parent permissions)
            ################################## / DATABASE SQL-s ##################################
            $site->debug->msg("------------ PARENTS END -------------");
            # / PARENTS
            ###################
            ########################
            # INSERT PERMISSIONS
            # lisame uuele objektile t�pselt samad �igused nagu on tema parent objektile.
            # OBJ class check: save permissions only for objects having class "rubriik" (1) or "folder" (22).
            # NB! if you change class conditions here, be sure to change them in Repair database script also!
            # (see also bug #1545)
            if ($tyyp[tyyp_id] == 1 || $tyyp[tyyp_id] == 22) {
                # if object is section or folder
                if ($is_new) {
                    # leia k�ik parenti �igused userite/gruppide kohta:
                    $sql = $site->db->prepare("SELECT * FROM permissions WHERE type=? AND source_id=?", 'OBJ', $parent->objekt_id);
                    $sth = new SQL($sql);
                    # ts�kkel �le parenti �iguste
                    while ($perm = $sth->fetch()) {
                        # lisa �igus uuele objektile
                        $sql2 = $site->db->prepare("INSERT INTO permissions (type,source_id,role_id,group_id,user_id,C,R,U,P,D) VALUES (?,?,?,?,?,?,?,?,?,?)", 'OBJ', $objekt->objekt_id, $perm['role_id'], $perm['group_id'], $perm['user_id'], $perm['C'], $perm['R'], $perm['U'], $perm['P'], $perm['D']);
                        $sth2 = new SQL($sql2);
                    }
                    # ts�kkel �le parenti �iguste
                    // reload permissions for user
                    if (!$site->user->is_superuser) {
                        if ($site->user) {
                            $site->user->permissions = $site->user->load_objpermissions();
                        } elseif ($site->guest) {
                            $site->guest->permissions = $site->guest->load_objpermissions();
                        }
                    }
                }
                # if new, just created object
            }
            # if object is section or folder
            # / INSERT PERMISSIONS
            ########################
            return 1;
        } else {
            ?>
	<center><font class=txt>
		<br>
		<font color=red>&nbsp;<?php 
            echo $errors;
            ?>
</font>
		<br>
		<a href="javascript:history.back();"><?php 
            echo $site->sys_sona(array(sona => "Tagasi", tyyp => "editor"));
            ?>
</a>
	</font></center>
<?php 
        }
        # / print errors
        ###################
    }
    # / 2. usual case
    ###################
}
Example #30
0
        while ($row = $db->get_row($sql_result)) {
            deletecomments($row['id']);
        }
    }
}
$row = $db->super_query("SELECT id, post_id, user_id, date, is_register FROM " . PREFIX . "_comments WHERE id = '{$id}'");
if ($row['id']) {
    $have_perm = false;
    $row['date'] = strtotime($row['date']);
    if ($_GET['dle_allow_hash'] != "" and $_GET['dle_allow_hash'] == $dle_login_hash and ($member_id['user_id'] == $row['user_id'] and $row['is_register'] and $user_group[$member_id['user_group']]['allow_delc'] or $member_id['user_group'] == '1' or $user_group[$member_id['user_group']]['del_allc'])) {
        $have_perm = true;
    }
    if ($user_group[$member_id['user_group']]['edit_limit'] and $row['date'] + $user_group[$member_id['user_group']]['edit_limit'] * 60 < $_TIME) {
        $have_perm = false;
    }
    if ($have_perm) {
        deletecomments($row['id']);
        if ($config['allow_alt_url'] and !$config['seo_type']) {
            $cprefix = "full_";
        } else {
            $cprefix = "full_" . $row['post_id'];
        }
        clear_cache(array('news_', 'rss', 'comm_' . $row['post_id'], $cprefix));
        @header("Content-type: text/html; charset=" . $config['charset']);
        echo $row['id'];
    } else {
        die("error");
    }
} else {
    die("error");
}