/** * Firstly, try to find controller class described in file * if not found, try initialize crud controller from database automatically * * @param string $controller - name on controller, interpreted in function * as part of filename or part of tablename * @return object controller **/ function get_controller_by_name($controller) { $ctrl_file = '../app/controller/' . $controller . '.php'; if (file_exists($ctrl_file)) { exec("echo 'Controller [{$GLOBALS['controller']}] loaded.' >> /tmp/weblog"); require_once $ctrl_file; #TODO: find way to make class name independ of file name $ctl_class_name = $controller . '_ctl'; if (!class_exists($ctl_class_name)) { exit; } $ctl = new $ctl_class_name(); } else { #TODO: add security restrictions (black/white lists) for crud cotroller #TODO: improve search algorythm (strict compare instead of "like '%name'") $table = db_fetch_value('show tables like "%' . db_escape($controller) . '"'); if ($table) { $ctl = new crud_ctl(); $ctl->table = $table; } else { exec("echo 'ERROR: Controller [{$controller}] not found (requested {$_SERVER['PATH_INFO']}).' >> /tmp/weblog"); die("<pre>Controller <strong>[{$controller}]</strong> not found.\n\n"); } } return $ctl; }
function create() { if ($_POST) { $_POST['user_id'] = $this->user->id; $id = db_insert($this->table, $_POST); if ($id) { foreach (preg_split('/,\\s*/', $_POST['tags']) as $tag) { $tag_id = db_fetch_value('SELECT id FROM tag WHERE name = "' . db_escape($tag) . '"'); if (!$tag_id) { $tag_id = db_insert('tag', array('name' => $tag)); } db_insert('note_to_tag', array('note_id' => $id, 'tag_id' => $tag_id)); } $this->index('notes'); $response->html = $this->tpl->fetch('in.notes_list.tpl'); die(php2js($response)); } else { die('{error: 1}'); } } }
public static function updateOrInsertVerifyCode($phone, $code) { $sql = "SELECT count(1) from VerifyCode where phone=?"; bindParams($sql, array($phone)); $count = db_fetch_value($sql); $date = date('Y-m-d H:i:s', time()); if ($count > 0) { $sql = "UPDATE VerifyCode set status=0, time=?, code=? where phone=?"; bindParams($sql, array($date, $code, $phone)); $r = db_execute($sql); return $r; } $sql = "INSERT INTO VerifyCode(phone, code, status, time) VALUES(?, ?, 0, ?)"; bindParams($sql, array($phone, $code, $date)); $r = db_execute($sql); return $r; }
function print_topics_list($where) { /* {{{ */ global $config, $PAGE_LIMIT; if (isset($_SESSION['user']) && $_SESSION['user']['id']) { $maybe_lj = 'LEFT JOIN topic_vote tv ON tv.topic_id = t.id AND tv.user_id = ' . $_SESSION['user']['id']; $maybe_lj2 = ',tv.id as voted'; } else { $maybe_lj = ''; $maybe_lj2 = ''; } // count query $count = db_fetch_value("SELECT count(*) as c FROM topic t WHERE is_actual = 1 AND {$where};", 'c'); // data query $page = isset($_GET['page']) ? $_GET['page'] : 0; $skip = $PAGE_LIMIT * $page; $tops = db_fetch_all("\n\t\tSELECT t.*, c.name as category_name {$maybe_lj2} \n\t\tFROM topic t INNER JOIN categories c ON c.id = t.category_id\n\t\t{$maybe_lj}\n\t\tWHERE is_actual = 1 AND {$where}\n\t\tORDER BY t.id DESC LIMIT {$skip}, {$PAGE_LIMIT};", true); $tt = array(); foreach ($tops as $t) { $tt[] = $t['id']; } if (count($tt)) { $tags = db_fetch_all("\n\t\t\tSELECT tt.topic_id, t.name\n\t\t\tFROM topics_tags tt\n\t\t\t\tINNER JOIN tag t ON t.id = tt.tag_id\n\t\t\tWHERE tt.topic_id IN (" . join(',', $tt) . ")\n\t\t\tORDER BY tt.id;\n\t\t", true); } else { $tags = array(); } $res = array(); foreach ($tags as $tag) { if (empty($res[$tag['topic_id']])) { $res[$tag['topic_id']] = array(); } $res[$tag['topic_id']][] = '<a href="/read/tag/' . $tag['name'] . '/">' . $tag['name'] . '</a>'; } foreach ($tops as $t) { $arr = split('<topcut', $t['content']); $sc = $arr[0]; if (count($arr) > 1) { preg_match('/^\\s*text="(.*)"|\'(.*)\'/', $arr[1], $m); $lnk = '<div style="margin-top:10px;"><a href="/read/post/' . $t['id'] . '/">' . ($m[1] ? $m[1] : 'Далее') . ' →</a></div>'; } else { $lnk = ''; } echo '<div class="entry">'; echo '<div class="rating">' . (int) $t['rating']; if (!$t['voted']) { echo '<a href="?addvote" onclick="addvote(this,' . $t['id'] . '); return false;">+</a>'; } echo '</div>'; echo '<div class="topic_title" style="margin-left:60px;">' . '<a href="/read/category/' . $t['category_id'] . '/">' . $t['category_name'] . '</a> → ' . '<a href="/read/post/' . $t['id'] . '/">' . $t['title'] . '</a></div>'; echo '<div class="topic_info">'; echo '<div class="content">' . $sc . $lnk . '</div>'; if (isset($res[$t['id']])) { echo '<div class="tags">' . join(', ', $res[$t['id']]) . '</div>'; } echo '<div class="topic_info">Опубликовано ' . $t['pub_date'] . '</div>'; echo '</div></div>'; } $i = 0; if ($count > $PAGE_LIMIT) { //echo '<div style="clear:both;margin-bottom:20px;">'; $pages_delta = 5; for ($i = max(0, $page - $pages_delta); $i <= min(ceil($count / $PAGE_LIMIT), $page + $pages_delta); $i++) { $class = $i == $page ? 'page_active' : 'page_go'; echo '<div class="' . $class . '"><a href="?page=' . $i . '">' . ($i + 1) . '</a></div>'; } /* while($i++<ceil($count/$PAGE_LIMIT)){ $class = $i==$page+1?'page_active':'page_go'; echo '<div class="'.$class.'"><a href="?page='.($i-1).'">'.$i.'</a></div>'; } */ //echo '</div>'; } /* }}} */ }
/** * Table data * @path: /ctl/$db_name/$tbl_name/data * @accept: get * @view: db.table_data * **/ function data() { /* {{{ */ $page = (int) @$_GET['page'] or $page = 0; $iop = 10; $data = new stdClass(); $data->total_row_count = db_fetch_value('SELECT count(*) FROM ' . $this->full_tbl_name); $data->rows = db_fetch_all(' SELECT * FROM ' . $this->full_tbl_name . ' LIMIT ' . $iop * $page . ', ' . $iop); $data->current_page = $page; $data->pages_count = ceil($data->total_row_count / $iop); $data->columns = db_fetch_array('DESCRIBE ' . $this->full_tbl_name, 'Field'); $this->tpl->add('data', $data, 'grid_rows'); $this->tpl->view('db.table_data'); /* }}} */ }
function create() { if ($_POST) { $_POST['user_id'] = $this->user->id; if (isset($_POST['mixed_value']) && strlen($_POST['mixed_value']) && preg_match('/^(\\d+[.,]?\\d*)\\s+([^:]+):?\\s*(.*)$/', $_POST['mixed_value'], $matches)) { $_POST['value'] = (double) str_replace(',', '.', $matches[1]); $_POST['note'] = trim($matches[3]); $category_name = trim($matches[2]); $catetory_id = db_fetch_value(' SELECT id FROM outlay_category WHERE `name` = "' . db_escape($category_name) . '" LIMIT 1 '); if (!$catetory_id) { $catetory_id = db_insert('outlay_category', array('name' => $category_name)); } $_POST['outlay_category_id'] = $catetory_id; $id = db_insert($this->table, $_POST); } $this->_relative_redirect('index'); } }