public static function init() { $uri = explode('?', $_SERVER['REQUEST_URI']); $ajax = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' ? true : false; static::$params = ['user_agent' => $_SERVER['HTTP_USER_AGENT'], 'status' => $_SERVER['REDIRECT_STATUS'], 'host' => $_SERVER['SERVER_NAME'], 'port' => $_SERVER['SERVER_PORT'], 'ip_address' => $_SERVER['REMOTE_ADDR'], 'method' => strtolower($_SERVER['REQUEST_METHOD']), 'query_string' => $_SERVER['QUERY_STRING'], 'uri' => $uri[0], 'ajax' => $ajax, 'accept' => $_SERVER['HTTP_ACCEPT'], 'accept_encoding' => $_SERVER['HTTP_ACCEPT_ENCODING'], 'accept_language' => $_SERVER['HTTP_ACCEPT_LANGUAGE']]; if (isset($_POST['_method'])) { static::$params['method'] = strtolower($_POST['_method']); unset($_POST['_method']); } foreach ($_GET as $key => $value) { static::$inputs[$key] = $value; } foreach ($_POST as $key => $value) { static::$inputs[$key] = $value; } foreach ($_FILES as $input_name => $file_properties) { if (is_array($file_properties['name'])) { // Closure $filter = function ($path) use($input_name) { // get the type as: name, tmp_name, size, error, type (mime-type) $type = substr($path, 0, strpos($path, '.')); // get the value of path in $_FILES array from $path :P $pathWitoutType = substr($path, strpos($path, '.') + 1); if ($type === 'tmp_name') { $file = new File(get_array_value($_FILES, $input_name . '.tmp_name.' . $pathWitoutType), static::$file_error_codes[get_array_value($_FILES, $input_name . '.error.' . $pathWitoutType)], get_array_value($_FILES, $input_name . '.name.' . $pathWitoutType)); $file->setArrayPath($input_name . '.' . $pathWitoutType); return $file; } return null; }; static::$files = array_merge(static::$files, array_paths($_FILES[$input_name], [], null, $filter)); } else { $file = new File($file_properties['tmp_name'], static::$file_error_codes[$file_properties['error']], $file_properties['name']); $file->setArrayPath($input_name); static::$files = array_merge(static::$files, [$file]); } } unset($_FILES); unset($_GET); unset($_POST); unset($_SERVER); }
/** * */ function requestParser($template) { if (!user_allowed_to('manage files')) { return $template; } $module_name = 'filemanager'; // check if something to do if (@$_GET['module'] != $module_name && @$_POST['module'] != $module_name) { return $template; } // filter input $input_filter = array('action' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^(update_file|upload|delete)$~ui')), 'category' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => REGEXP_ALIAS)), 'filename' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^(?!(\\.\\.|\\|//|[a-zA-Zа-яА-Я0-9\\s_\\-\\(\\)]:)).*$~u')), 'new_filename' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~^(?!(\\.\\.|\\|//|[a-zA-Zа-яА-Я0-9\\s_\\-\\(\\)]:)).*$~u')), 'filecontent' => array('filter' => FILTER_VALIDATE_REGEXP, 'options' => array('regexp' => '~.*~'))); $_INPUT = get_filtered_input($input_filter); // prepare redirect $redirect_target = './?module=' . $module_name . '&action=manage&category=' . $_INPUT['category']; $redirect_status = false; switch (get_array_value($_INPUT, 'action')) { case 'upload': for ($i = 0; $i < count($_FILES['files']['name']); $i++) { // check extension against directory configuration, use only if matches if (($dir = $this->getUserFolderParams($_FILES['files']['name'][$i], $_INPUT['category'])) != false) { move_uploaded_file($_FILES['files']['tmp_name'][$i], iconv('utf-8', filesystem_encoding(), $dir['dir'] . $_FILES['files']['name'][$i])); } } $redirect_status = true; break; case 'delete': if ($this->getUserFolderParams($_INPUT['filename']) != false) { unlink($_INPUT['filename']); } $redirect_status = true; break; case 'update_file': // check if filenames (old and new) are ok if ($this->getUserFolderParams($_INPUT['filename']) === false || $this->getUserFolderParams($_INPUT['new_filename']) === false) { popup_message_add('Расширение не подходит для этой папки', JCMS_MESSAGE_ERROR); return $template; } // write contents, yeah file_put_contents(iconv('utf-8', filesystem_encoding(), $_INPUT['filename']), $_INPUT['filecontent']); // rename if requested if ($_INPUT['filename'] != $_INPUT['new_filename']) { rename($_INPUT['filename'], $_INPUT['new_filename']); } popup_message_add('Файл обновлен', JCMS_MESSAGE_OK); $redirect_status = true; break; } // check for redirect if ($redirect_status) { terminate('', 'Location: ' . $redirect_target, 302); }
/** * This function parses input data for both requestParser and AJAXHandler * * @param string $template page template for calling from requestParser * @param string &$redirect_target location to redirect to * @return string|bool modified template or true/false */ private function takeAction($template, &$redirect_target) { $I = $this->getInput(); switch ($I['action']) { // login case 'login': // check login/password $ok = $this->tryLogin($I['username'], $I['password'], $login_result_html); // different actions on different call methods (straight vs AJAX) if (get_array_value($I, 'module', false) == 'auth') { while (preg_match(macro_regexp('auth'), $template, $match)) { $params = parse_plugin_template($match[0]); if (get_array_value($params, 'mode', false) == 'login-message') { $template = str_replace($match, $login_result_html, $template); } } return $template; } if (get_array_value($I, 'ajaxproxy', false) == 'auth') { return ($ok ? 'OK' : 'NO') . ':' . $login_result_html; } break; // logout. always returns true // logout. always returns true case 'logout': $this->logout(); $redirect_target = '.'; return 'OK'; break; // password change form. avoid calling it via "ajaxproxy" // password change form. avoid calling it via "ajaxproxy" case 'change_password': $template = content_replace_body($template, file_get_contents(__DIR__ . '/chpass.html')); $template = content_replace_title($template, 'Изменение пароля'); return $template; break; // actual password changing // actual password changing case 'chpass': if (!user_allowed_to('change other passwords')) { terminate('Forbidden', '', 403); } $ok = $this->tryChangePassword($I['username'], $I['password'], $I['password1'], $I['password2'], $chpass_result_html) ? 'OK' : 'NO'; return $ok . ':' . $chpass_result_html; break; } return $template; }
/** * */ function contentGenerator($template) { if (!user_allowed_to('manage site')) { return $template; } // create XML with admin panel description $xml = new DOMDocument('1.0', 'utf-8'); $root_node = $xml->createElement('admin-buttons'); $xml->appendChild($root_node); // detect active module_definition. no active module means some content is displayd $root_node->appendChild($xml->createElement('active-module'))->nodeValue = isset($_GET['module']) ? $_GET['module'] : ''; $root_node->appendChild($xml->createElement('cms-settings-phantom'))->nodeValue = self::CMS_SETTINGS_MODULE_PHANTOM; $root_node->appendChild($xml->createElement('active-page'))->nodeValue = isset($_GET['p_id']) ? $_GET['p_id'] : ''; $root_node->appendChild($xml->createElement('edit-mode'))->nodeValue = isset($_GET['edit']) ? 'yes' : 'no'; $root_node->appendChild($xml->createElement('show-config-link'))->nodeValue = empty($_GET['module']) || empty(CMS::$cache[$_GET['module']]['config']['config']) ? 'no' : 'yes'; // get all modules' admin buttons, where exists foreach (CMS::$cache as $module_name => $module) { if (in_array($module_name, CMS::$R['modules_apply_order']) && isset($module['config']['admin_caption']) && $module['config']['admin_caption'] > '') { $root_node->appendChild($button_node = $xml->createElement('button')); $button_node->appendChild($xml->createElement('caption'))->nodeValue = $module['config']['admin_caption']; $button_node->appendChild($xml->createElement('module-name'))->nodeValue = $module_name; } } // if any module requests admin part, replace all the content with module's admin code and add CSS/JS // otherwise, display page editorial buttons // TAG_TODO move them to content module if (isset($_GET['module']) && isset(CMS::$cache[$_GET['module']]) && isset($_GET['action']) && $_GET['action'] == 'manage') { $module_name = $_GET['module']; module_init($module_name); $module = CMS::$cache[$module_name]; // replace content $template = preg_replace('~<body(.*?)>.*</body>~smui', '<body$1><div class="admin-content">' . $module['object']->AdminGenerator() . '</div></body>', $template, 1); $template = preg_replace(macro_regexp('page_title'), 'администрирование: "' . CMS::$cache[$_GET['module']]['config']['comment'] . '"', $template, 1); // remove user's CSS from template $template = preg_replace('~<link[^>]*rel="stylesheet"[^>]*href="(\\./|)userfiles[^">]*"[^>]*>~', '', $template); $template = preg_replace('~<link[^>]*href="(\\./|)userfiles[^">]*"[^>]*rel="stylesheet"[^>]*>~', '', $template); // also add module's admin CSSes and scripts add_CSS(get_array_value($module['config'], 'admin_css', array()), MODULES_DIR . $module_name . '/'); add_JS(get_array_value($module['config'], 'admin_js', array()), MODULES_DIR . $module_name . '/'); } // add button box to the template $admin_box_html = XSLTransform($xml->saveXML($root_node), __DIR__ . '/admin_box.xsl'); $template = preg_replace('~<body(.*?)>~', '<body$1>' . $admin_box_html, $template, 1); return $template; }
/** * Sends a single SMS * * @param mixed $to string or string array, phone(s) to send message to * @param string $from sender's name as it will be visible * @param string $text message text, in UTF-8 encoding * @param string &$text_result server response (error text on error, sms ID on success) * @param array $options various options: * @return true on success, false on error. Text explanation will be contained in $text_result */ public function sendSingle($phone, $text, &$text_result, $options = array()) { $phone_filtered = preg_replace('~[^0-9]~', '', $phone); if (!preg_match('~^[0-9]{11}$~', $phone_filtered)) { $text_result = 'bad number'; return false; } $url = str_replace(array('%api_id%', '%to%', '%text%', '%from%'), array($this->CONFIG['api_id'], $phone_filtered, urlencode($text), get_array_value($this->CONFIG, 'from', '')), $this->template_send); $result = file_get_contents($url); // $result = "100\n201531-1000005\nbalance=0"; $result_strings = preg_split('~[\\x0A\\x0D]+~smui', $result); file_put_contents(__DIR__ . '/log.log', '--- ' . date('Y.m.d H:i:s') . ' ---' . PHP_EOL . 'to: ' . $phone . PHP_EOL . $result . PHP_EOL, FILE_APPEND); if ($result_strings[0] == '100') { $text_result = $result_strings[1]; return true; } else { $text_result = self::$status_messages[$result_strings[0]]; return false; } }
/** * Places feedback form from the file * * Macro parameters available: * "form" : specifies a file to get a form from (no extension, will be added automatically, "default" by default) * "target" : get recipient from the config list (first item by default) * "template" : forces to add "template" hidden input to the form causing sender to use alternate email template * * @param string $template source template * @return string */ function contentGenerator($template) { // look for macro while (preg_match(macro_regexp('feedback'), $template, $match) > 0) { $params = parse_plugin_template($match[0]); // now get form HTML. if no source found specified, try to use "default.html". Malformed values always generate an error if ($filename = get_array_value($params, 'form', 'default', REGEXP_IDENTIFIER)) { if (file_exists(__DIR__ . '/forms/' . $filename . '.html')) { $form = file_get_contents(__DIR__ . '/forms/' . $filename . '.html'); } else { $form = '<b>[JuliaCMS][feedback] error:</b> form file "' . $filename . '.html" not found'; } } else { $form = '<b>[JuliaCMS][feedback] error:</b> bad form name "' . $params['form'] . '"'; } // let's determine form target (source form's one will be deleted automatically) $target = get_array_value($params, 'target', false); $address_keys = array_keys($this->CONFIG['addresses']); $recipient = isset($this->CONFIG['addresses'][$target]) ? $target : array_shift($address_keys); // ok, implant recipient field into a form (first, cut existing if any) $form = preg_replace('~<input\\s[^>]*?name="recipient"[^/>]*/?>~', '', $form); $form = str_insert_before('</form>', '<input type="hidden" name="recipient" value="' . $recipient . '" />', $form); // add (or replace) template identifier, if specified $message_template_name = get_array_value($params, 'template', '', REGEXP_IDENTIFIER); if ($message_template_name > '') { $form = preg_replace('~<input\\s[^>]*?name="template"[^/>]*/?>~', '', $form); $form = str_insert_before('</form>', '<input type="hidden" name="template" value="' . $message_template_name . '" />', $form); } // form ready, add it to template! $template = str_replace($match[0], $form, $template); } return $template; }
/** * */ public function requestParser($template) { if (!user_allowed_to('search')) { return $template; } if (!isset($_GET['module']) || $_GET['module'] != 'search' || !isset($_GET['search'])) { return $template; } // generated HTML will be here // some init $this->chars_to_include = get_array_value($this->CONFIG, 'chars_to_include', 60); $wrap_tag = get_array_value($this->CONFIG, 'wrap_tag', 'b'); $xml = new DOMDocument('1.0', 'utf-8'); $xml->preserveWhiteSpace = false; $xml->formatOutput = true; $root_node = $xml->createElement('search-results'); $xml->appendChild($root_node); // parse search string $search_pattern = preg_replace('~[.,:;\\(\\)\\-\\\\/\'\\"]+~', ' ', $_GET['search']); if (preg_match_all('~[^\\s]{2,}~smui', $search_pattern, $matches) == 0) { $template = preg_replace(macro_regexp('content'), 'Некорректный запрос', $template); return $template; } $search = $matches[0]; // enumarate all user pages if content module exists if (module_get_config('content', $content_module_config) === true) { $files = scandir('userfiles/pages/'); foreach ($files as $file) { // skip some files (".", "..", .htaccess) if (substr($file, 0, 1) == '.') { continue; } // skip generator pages if (pathinfo($file, PATHINFO_EXTENSION) == 'php') { continue; } // ok, let's test this $content = file_get_contents('userfiles/pages/' . $file); if ($highlighted = $this->highlightPatternsItTheString($search, $content, $wrap_tag)) { // get title and link, skip if filename is not in the base (possibly means corrupted database) $query = CMS::$DB->query("select alias, title from `{$content_module_config['config']['table']}` where filename = '{$file}'"); if ($row = $query->fetch(PDO::FETCH_ASSOC)) { $root_node->appendChild($more_node = $xml->createElement('result')); $more_node->appendChild($xml->createElement('alias'))->nodeValue = $row['alias']; $more_node->appendChild($xml->createElement('title'))->nodeValue = $row['title']; $more_node->appendChild($xml->createElement('highlight'))->appendChild($xml->createCDATASection($highlighted)); } } } } // also look up at news if (module_get_config('news', $news_module_config) === true) { $query = CMS::$DB->query("select * from `{$news_module_config['config']['table']}` order by stamp desc"); while ($data = $query->fetch(PDO::FETCH_ASSOC)) { // ok, let's test this $content = $data['summary']; if ($highlighted = $this->highlightPatternsItTheString($search, $content, $wrap_tag)) { // get title and link, skip if filename is not in the base (possibly means corrupted database) $root_node->appendChild($more_node = $xml->createElement('result')); $more_node->appendChild($xml->createElement('alias'))->nodeValue = $data['page']; $more_node->appendChild($xml->createElement('title'))->nodeValue = $data['caption']; $more_node->appendChild($xml->createElement('highlight'))->appendChild($xml->createCDATASection($highlighted)); } } } $root_node->appendChild($xml->createElement('pattern'))->nodeValue = implode($search, ' '); // final HTML $result = XSLTransform($xml->saveXML($root_node), __DIR__ . '/output.xsl'); // replace content with search results $template = preg_replace(macro_regexp('content'), $result, $template); // replace page title $template = preg_replace(macro_regexp('page_title'), 'Поиск: ' . implode($search, ' '), $template); return $template; }
function get_array_value($array, $indexes) { if (count($indexes) == 1) { return $array[$indexes[0]]; } $index = array_shift($indexes); return get_array_value($array[$index], $indexes); }
$delivery_company_id = $db->f("delivery_company_id"); $delivery_state_id = $db->f("delivery_state_id"); $delivery_country_id = $db->f("delivery_country_id"); } $t->set_var("registration_date", $registration_date_string); $plain_password = get_session("session_plain_password"); if ($plain_password) { $t->set_var("password", $plain_password); set_session("session_plain_password", ""); } $company_select = $company_id ? get_array_value($company_id, $companies) : ""; $state = $state_id ? get_array_value($state_id, $states) : ""; $country = $country_id ? get_array_value($country_id, $countries) : ""; $delivery_company_select = $delivery_company_id ? get_array_value($delivery_company_id, $companies) : ""; $delivery_state = $delivery_state_id ? get_array_value($delivery_state_id, $states) : ""; $delivery_country = $delivery_country_id ? get_array_value($delivery_country_id, $countries) : ""; $t->set_var("company_select", $company_select); $t->set_var("state", $state); $t->set_var("country", $country); $t->set_var("delivery_company_select", $delivery_company_select); $t->set_var("delivery_state", $delivery_state); $t->set_var("country", $country); $t->set_var("delivery_country", $delivery_country); // parse custom fields $custom_fields = array(); $sql = " SELECT upp.property_id, upp.control_type, upp.property_name, upp.property_description "; $sql .= " FROM " . $table_prefix . "user_profile_properties upp "; $sql .= " WHERE upp.user_type_id=" . $db->tosql($type_id, INTEGER); $sql .= " ORDER BY upp.property_order, upp.property_id "; $db->query($sql); while ($db->next_record()) {
/** * return a config value * @param string $name it gives the config list array key path * ex.: config_file.first.second -> config_file.php return ['first' => ['second' => 'value']] * @param mixed $default if not exists $name then return it * @return mixed|null */ public static function get($name, $default = null) { return get_array_value(static::$list, $name, $default); }
/** * Creates context menu HTML for given report, row and field * * @param string $report_id report to get menu items * @param string $row_id row identifier * @param string $field_name field name * @param resource $DB database connection resource * @return * */ public static function generateContextMenu($report_id, $row_id, $field_name, $DB) { $params = array('menu_items' => get_array_value(CMS::$R['db_api_reports'][$report_id], 'context_menu', array()), 'row_id' => $row_id, 'field_name' => $field_name); return XSLTransform(J_DB_API::generateContextMenuXML($params, $return_metadata, $DB), __DIR__ . '/xsl/contextmenu.xsl'); }
/** * Admin! * */ function adminGenerator() { if (($table = get_array_value($this->CONFIG, 'table', false, '~^[a-zA-Z_][a-zA-Z_0-9]*$~')) == false) { popup_message_add('[ NEWS ] table not defined or configuration error', JCMS_MESSAGE_ERROR); return false; } // get all news $query = CMS::$DB->query("select stamp, id, caption, link, page, streams, summary from `{$table}`"); if ($query == false) { popup_message_add('Query error: ' . get_array_value(CMS::$DB->errorInfo(), 2), JCMS_MESSAGE_ERROR); return false; } // format all items at a time into XML and then transform to HTML $xml = array_to_xml($query->fetchAll(PDO::FETCH_ASSOC), array('all-news-list', 'news')); return XSLTransform($xml->saveXML($xml->documentElement), __DIR__ . '/list.xsl'); }
function loadCustomFields(&$plem_settings, &$custom_fileds) { global $use_image_picker, $use_content_editior, $variations_fields; for ($I = 0; $I < 8; $I++) { $n = $I + 1; if (isset($plem_settings["wooccf_at_enabled" . $n])) { if ($plem_settings["wooccf_at_enabled" . $n]) { $cfield = new stdClass(); $cfield->type = get_array_value($plem_settings, "wooccf_at_type" . $n, ""); if (!$cfield->type) { continue; } $cfield->title = get_array_value($plem_settings, "wooccf_at_title" . $n, ""); if (!$cfield->title) { continue; } $cfield->source = get_array_value($plem_settings, "wooccf_at_source" . $n, ""); if (!$cfield->source) { continue; } $cfield->options = get_array_value($plem_settings, "wooccf_at_editoptions" . $n, ""); if ($cfield->options) { $cfield->options = json_decode($cfield->options); } else { $cfield->options = new stdClass(); $cfield->options->formater = ''; } if ($cfield->type == 'term') { $cfield->terms = array(); $terms = get_terms($cfield->source, array('hide_empty' => false)); foreach ($terms as $val) { $value = new stdClass(); $value->value = $val->term_id; //$value->slug = $val->slug; $value->name = $val->name; //$value->parent = $val->parent; $cfield->terms[] = $value; } } else { if ($cfield->options->formater == "content") { $use_content_editior = true; } elseif ($cfield->options->formater == "image") { $use_image_picker = true; } } $cfield->name = 'cf_' . strtolower($cfield->source); $custom_fileds[$cfield->name] = $cfield; if (get_array_value($plem_settings, "wooccf_at_varedit" . $n, "")) { $variations_fields[] = $cfield->name; } } } } }
$variables["delivery_state"] = get_array_value($r->get_value("delivery_state_id"), $states); $variables["delivery_state_code"] = ""; $sql = "SELECT * FROM " . $table_prefix . "states WHERE state_id=" . $db->tosql($variables["delivery_state_id"], INTEGER, true, false); $db->query($sql); if ($db->next_record()) { $variables["delivery_state_code"] = $db->f("state_code"); $r->set_value("delivery_state_code", $variables["delivery_state_code"]); } if (strlen($variables["delivery_state_code"])) { $variables["delivery_state_code_or_province"] = $variables["delivery_state_code"]; $variables["delivery_state_or_province"] = $variables["delivery_state"]; } else { $variables["delivery_state_code_or_province"] = $variables["delivery_province"]; $variables["delivery_state_or_province"] = $variables["delivery_province"]; } $variables["delivery_country"] = get_array_value($r->get_value("delivery_country_id"), $countries); $delivery_country_code = ""; $delivery_country_number = ""; $sql = "SELECT * FROM " . $table_prefix . "countries WHERE country_id=" . $db->tosql($variables["delivery_country_id"], INTEGER, true, false); $db->query($sql); if ($db->next_record()) { $delivery_country_code = $db->f("country_code"); $delivery_country_number = $db->f("country_iso_number"); $r->set_value("delivery_country_code", $delivery_country_code); } $variables["delivery_country_code"] = $delivery_country_code; $variables["delivery_country_number"] = $delivery_country_number; $t->set_var("company_select", $variables["company_select"]); $t->set_var("state", $variables["state"]); $t->set_var("country", $variables["country"]); $t->set_var("delivery_company_select", $variables["delivery_company_select"]);
} } // third loop: template processors foreach ($modules_apply_order as $module_name) { logthis('trying template processor at module: ' . $module_name); if (!isset(CMS::$cache[$module_name])) { logthis('module description not loaded: ' . $module_name, ZLogger::LOG_LEVEL_WARNING); continue; } if (get_array_value(CMS::$cache[$module_name]['config'], 'disabled' === true)) { continue; } logthis('applying template processor at module: ' . $module_name); $template = CMS::$cache[$module_name]['object']->ContentGenerator($template); logthis('template processor finished at module: ' . $module_name); if (get_array_value(CMS::$cache[$module_name]['config'], 'break_after', false)) { break; } } // remove unused templates $template = preg_replace('~</?macro.*?>~', '', $template); $template = preg_replace('~\\[/?macro.*?\\]~', '', $template); // back-replace protected templates $template = str_replace('<protected-macro', '<macro', $template); $template = str_replace('[protected-macro', '[macro', $template); $template = str_replace('</protected-macro', '</macro', $template); $template = str_replace('[/protected-macro', '[/macro', $template); logthis('unused templates removed'); $template = popup_messages_to_template($template); logthis('popups added'); // flush CSS and JS storages
/** * Creates XML structure with all modules wich can respond to "p_id" parameter in _GET (such as content and menus in catalog mode) * * @param array $options XML options: * root (string) : root node name * use (array) : modules to scan (items or "*") * skip (array) : filter array with modules names to use * @return DOMDocument */ function aliasCatchersAsXML($options = array('root' => 'alias-catchers', 'use' => array('*'), 'skip' => array())) { $xml = new DOMDOcument('1.0', 'utf-8'); $root_node_name = get_array_value($options, 'root', 'alias-catchers'); $xml->appendChild($root_node = $xml->createElement($root_node_name)); $skip_modules = get_array_value($options, 'skip', array()); $use_modules = get_array_value($options, 'skip', array('*')); // content module if ((in_array('*', $use_modules) || in_array('content', $use_modules)) && !in_array('content', $skip_modules)) { if (($content_config_ok = module_get_config('content', $content_config)) && ($pages_table = get_array_value($content_config['config'], 'table', false, REGEXP_IDENTIFIER)) != false) { $root_node->appendChild($module_node = $xml->createElement('module'))->setAttribute('name', 'Страницы'); $query = CMS::$DB->query("select alias, title from `{$pages_table}` order by title"); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $module_node->appendChild($catcher_node = $xml->createElement('catcher')); $catcher_node->appendChild($xml->createElement('title'))->nodeValue = $row['title']; $catcher_node->appendChild($xml->createElement('alias'))->nodeValue = $row['alias']; } } } // menu module if ((in_array('*', $use_modules) || in_array('menu', $use_modules)) && !in_array('menu', $skip_modules)) { if ($menu_config_ok = module_get_config('menu', $menu_config)) { $root_node->appendChild($module_node = $xml->createElement('module'))->setAttribute('name', 'Каталоги'); if (($menu_table = get_array_value($menu_config['config'], 'table_menu', false, REGEXP_IDENTIFIER)) != false) { $query = CMS::$DB->query("select alias, caption from `{$menu_table}` where alias > ''order by caption"); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $module_node->appendChild($catcher_node = $xml->createElement('catcher')); $catcher_node->appendChild($xml->createElement('title'))->nodeValue = $row['caption']; $catcher_node->appendChild($xml->createElement('alias'))->nodeValue = $row['alias']; } } } } return $xml; }
/** * Creates SELECT statement based on report and its field definitions. No filters and security * limitations are applied here * * @param mixed $report_id_or_def report ID to generate SQL for, or direct report definition * @param resource $DB database connection (needed to get brackets samples) * @return string SQL statement */ public static function getReportMainSQL($report_id_or_def, $DB) { if (is_array($report_id_or_def)) { $report = $report_id_or_def; } else { $report = CMS::$R['db_api_reports'][$report_id_or_def]; } // always use manual SQL if "use auto" is not set if (($sql = get_array_value($report, 'sql_select', false)) > '') { return $sql; } // just shorthands $lb = $DB->lb; $rb = $DB->rb; // all fields to constuct report from $fields = $report['fields']; // first, create FROM clause using table list. Main table always in list ;-) $table_list = $report['main_table']; if (isset($report['joined_tables'])) { foreach ($report['joined_tables'] as $joined) { // table to join. (join SECOND_TABLE as table_alias). can be real table/view (default) or sub-query $joined_table = !isset($joined['type']) || $joined['type'] == 'real' ? $lb . $joined['table'] . $rb : '(' . $joined['sql'] . ')'; // alias to join table as (join second_table as TABLE_ALIAS) $joined_alias = $lb . (isset($joined['alias']) ? $joined['alias'] : $joined['table']) . $rb; // field to join BY (join second_table as table_alias on table_alias.SOME_FIELD = first_table.id) $join_by_field = $lb . $joined['join_field'] . $rb; // table to join TO (join second_table as table_alias on table_alias.some_field = FIRST_TABLE.id) $join_to_table = $lb . $joined['join_to_table'] . $rb; // field to join TO (join second_table as table_alias on table_alias.some_field = first_table.ID) $join_to_field = $lb . $joined['join_to_field'] . $rb; // join hint (LEFT, RIGHT or some other) $join_hint = isset($joined['join_hint']) ? $joined['join_hint'] : 'left'; // add to table list $table_list .= PHP_EOL . "{$join_hint} join {$joined_table} as {$joined_alias} on {$joined_alias}.{$join_by_field} = {$join_to_table}.{$join_to_field}"; } } // second, fields to select $select_list = ''; foreach ($fields as $field_part_1 => $field_part_2) { $field_definition = self::getFullFieldDefinition($field_part_1, $field_part_2); $table_alias = $lb . $field_definition['table'] . $rb; // table alias to select from $field_name = $lb . $field_definition['table_field'] . $rb; // real field name in the source table $field_alias = $lb . $field_definition['field'] . $rb; // field name as it will be selected (aka alias) // add to list! $select_list .= ($select_list > '' ? ', ' . PHP_EOL : '') . "\t{$table_alias}.{$field_name} as {$field_alias}"; } // combine parts into final SQL $sql = 'select ' . PHP_EOL . $select_list . PHP_EOL . 'from ' . $table_list; // yeah, finished! return $sql; }
$delivery_company_select = get_db_value("SELECT company_name FROM " . $table_prefix . "companies WHERE company_id=" . $db->tosql($delivery_company_id, INTEGER)); $state = get_db_value("SELECT state_name FROM " . $table_prefix . "states WHERE state_id=" . $db->tosql($state_id, INTEGER, true, false)); $delivery_state = get_db_value("SELECT state_name FROM " . $table_prefix . "states WHERE state_id=" . $db->tosql($delivery_state_id, INTEGER, true, false)); $country = get_db_value("SELECT country_name FROM " . $table_prefix . "countries WHERE country_id=" . $db->tosql($country_id, INTEGER, true, false)); $delivery_country = get_db_value("SELECT country_name FROM " . $table_prefix . "countries WHERE country_id=" . $db->tosql($delivery_country_id, INTEGER, true, false)); $t->set_var("company_select", $company_select); $t->set_var("state", $state); $t->set_var("country", $country); $t->set_var("delivery_company_select", $delivery_company_select); $t->set_var("delivery_state", $delivery_state); $t->set_var("delivery_country", $delivery_country); $t->set_var("cc_number", $cc_number); $t->set_var("cc_number_first", get_session("session_cc_number_first")); $t->set_var("cc_number_last", get_session("session_cc_number_last")); $t->set_var("cc_security_code", $cc_security_code); $cc_type = get_array_value($r->get_value("cc_type"), $credit_cards); $t->set_var("cc_type", $cc_type); $cc_start = va_date(array("MM", " / ", "YYYY"), $r->get_value("cc_start_date")); $cc_expiry = va_date(array("MM", " / ", "YYYY"), $r->get_value("cc_expiry_date")); $t->set_var("cc_start_date", $cc_start); $t->set_var("cc_expiry_date", $cc_expiry); $t->set_block("payment_info", $payment_info); $t->parse("payment_info", false); } if ($cc_info["admin_notification"]) { $admin_subject = get_setting_value($cc_info, "admin_subject", ""); $admin_subject = get_translation($admin_subject); $admin_message = get_currency_message(get_translation($admin_message), $currency); // PGP enable $admin_notification_pgp = get_setting_value($cc_info, "admin_notification_pgp", 0); $t->set_block("admin_subject", $admin_subject);
/** * Gnerates menu as XML structure, starting from $start_from * * XML has the following structure: * <menu> * <elem> * <description> * <caption>element caption</caption> * ... * </description> * <child-elements> * <elem> * ... * </elem> * ... * </child-elements> * </menu> * * @param string|int $start_from XML will include this element's children and all their descendants. Empty string means * exactly that must - empty ID (global menu root, will output all elements) * @param array $options building options. Possible keys: * depth : now many levels to include (0 to plain structure) * with-hidden : include or not elements with "hidden" mark. Default is false (not include) * @return mixed DOMDocument on success, text message on fail */ private function generateMenuAsXML($start_from = '', $options = array()) { // get alements. note that ORDER BY is required by algorythm $sql = "select menu.*, ifnull(c.childcount,0) as childcount from `{$this->CONFIG['table_menu']}` left join (select parent_id, count(*) as childcount from {$this->CONFIG['table_menu']} group by parent_id) c on c.parent_id = menu.id order by menu.parent_id, menu.ordermark"; $q = CMS::$DB->query($sql); // note that is also serves as rowcount check. $menu_data = $q->fetchAll(PDO::FETCH_ASSOC); // start menu as DOM structure $xml = new DOMDocument('1.0', 'utf-8'); $xml->appendChild($root = $xml->createElement('menu')); // if id is not numeric, try locate alias if (!is_numeric($start_from) && $start_from > '' && preg_match(REGEXP_ALIAS, $start_from)) { $start_from = CMS::$DB->querySingle("select id from `{$this->CONFIG['table_menu']}` where alias = '{$start_from}'"); } // not located, start from root if (!is_numeric($start_from) && $start_from > '') { return 'bad ID'; } $root->setAttribute('element-id', $start_from); $this->addMenuXMLNodes($root, $menu_data, get_array_value($options, 'depth', -1), $options); return $xml; }
/** * Updates the record in database * * @param array $input parameters * @param array $return metadata parameters * @param resource $DB database connection to use * @return string 'OK' or some error text */ public static function recordSave($input, &$return_metadata, $DB) { // input check : report if (!isset($input['report_id'])) { $return_metadata['status'] = 'error'; return '[recordSave] no report ID specified'; } $report_id = $input['report_id']; if (($report_config = get_array_value(CMS::$R['db_api_reports'], $report_id, false)) === false) { $return_metadata['status'] = 'error'; return '[recordSave] no report with this ID'; } // input check: row identifier if (!isset($input['row_id'])) { $return_metadata['status'] = 'error'; return '[recordSave] no record ID specified'; } $row_id = $input['row_id']; // also must math field check regexp $id_field_regexp = get_array_value(J_DB_Helpers::getFullFieldDefinition($report_config['id_field']), 'regexp', '.*'); if (preg_match('~' . $id_field_regexp . '~', $row_id) === 0) { $return_metadata['status'] = 'error'; return '[recordSave] bad record ID'; } // if there no explicit UPDATE SQL specified, generate it // TAG_TODO TAG_CRAZY generate!!! if (($sql = get_array_value($report_config, 'sql_update', false)) === false) { $return_metadata['status'] = 'error'; return 'ERROR: no update SQL'; } // ok, prepare SQL statement and bind values to it $prepared = $DB->prepare($sql); foreach ($report_config['fields'] as $part1 => $part2) { $field_definition = J_DB_Helpers::getFullFieldDefinition($part1, $part2); // read-only fields should not be placed to the query if (get_array_value($field_definition, 'readonly', false) === true) { continue; } $new_value = get_array_value($input, 'edit_' . $field_definition['field'], J_DB_Helpers::getFieldDefaultValue($field_definition)); // skip binding if no placeholder exists if (preg_match('~:' . $field_definition['field'] . '($|[^a-zA-Z0-9_])~', $sql)) { $prepared->bindValue(':' . $field_definition['field'], $new_value); } } // also add row identifier $prepared->bindValue(':row_id', $row_id); // yeah go on $prepared->execute(); return 'OK'; }
function ping_url($url) { //predicate that will have our url //$d_url= NS_DGP .'Dataset_url'; $ret = array(); echo "\n pinging... {$url}\n"; // check url $url_info = parse_url($url); if ($url_info !== false && strncmp($url_info['scheme'], 'http', 4) == 0) { $head = get_headers($url, 1); if (empty($head) || empty($head['0'])) { $ret["status"] = "server offline"; return $ret; } } else { $ret["status"] = "not-http"; return $ret; } //connected $temp = get_array_value($head, "0"); if (!preg_match("/200/", $head['0'])) { $ret["status"] = $head['0']; // file size return $ret; } $ret["status"] = 'alive'; $temp = get_array_value($head, "Last-Modified"); if (strlen($temp) > 0) { $ret["modified"] = $temp; //store date for real } /*else{ $temp = get_array_value( $head, "Date"); if(strlen($temp)>0)//connected and have a date $ret["modified"] = $temp;//store date for real }*/ $temp = get_array_value($head, "Content-Length"); if (strlen($temp) > 0) { $ret["bytes"] = $temp; // file size } return $ret; }