/**
* Get menu
*
* @param string $category Category name
*/
public static function get($category = '')
{
// Get menu table
$menu = new Table('menu');
// Display view
View::factory('box/menu/views/frontend/index')->assign('items', $menu->select('[category="' . $category . '"]', 'all', null, array('id', 'name', 'link', 'target', 'order', 'category'), 'order', 'ASC'))->assign('uri', Uri::segments())->assign('defpage', Option::get('defaultpage'))->display();
}
public function select()
{
$select = parent::select();
$select->from($this, array('id', 'name'));
if (!$this->isAdmin()) {
$select->where('public = 1');
}
$select->setIntegrityCheck(false)->joinLeft('gallery_info', 'gallery_info.file_id = files.id', array('title', 'description'));
return $select;
}
/**
* Get slider
*
* @param string $category Category name
*/
public static function get($category = '')
{
if ($category == 'default') {
$category = '';
}
// Get slider table
$slider = new Table('slider');
// Display view
View::factory('slider/views/frontend/index')->assign('items', $slider->select('[category="' . $category . '"]', 'all', null, null, 'order', 'ASC'))->assign('uri', Uri::segments())->assign('defpage', Option::get('defaultpage'))->display();
}
protected function _realRefresh()
{
$where = $this->_getWhereQuery();
$row = $this->_table->select()->whereClauses($where)->fetchRow();
if (null === $row) {
throw new DataObjectException('Cannot refresh row as parent is missing');
}
$this->exchangeArray($row->getArrayCopy());
$this->_cleanData = [];
}
/**
* init
*
* @return self
*/
public function init()
{
$adapter = new \Bluz\Grid\Source\SelectSource();
$musician = Table::select();
$adapter->setSource($musician);
$this->setAdapter($adapter);
$this->setAllowOrders(['title', 'id', 'created', 'updated']);
$this->setAllowFilters(['id', 'nickname', 'image', 'music_id', 'group', 'concert_date']);
return $this;
}
/**
* Construct
*/
protected function __construct()
{
// Get plugins Table
$plugins = new Table('plugins');
// Select all plugins
$records = $plugins->select(null, 'all', null, array('location', 'status', 'priority'), 'priority', 'ASC');
// Now include plugins from $records plugins array
// If plugin is active then load it to the system.
foreach ($records as $record) {
if ($record['status'] == 'active') {
include_once ROOT . DS . $record['location'];
}
}
}
/**
* Construct
*/
protected function __construct($locale)
{
// Redefine arguments
$locale = (string) $locale;
// Get lang table for current locale
$lang_table = Cache::get('i18n', $locale);
// If lang_table is empty then create new
if (!$lang_table) {
// Get plugins Table
$plugins = new Table('plugins');
// Get all plugins
$records = $plugins->select(null, 'all', null, array('location', 'priority'), 'priority', 'ASC');
// Init var
$lang_table = array();
// Loop through each installed plugin
foreach ($records as $record) {
if (is_dir(ROOT . DS . dirname($record['location']) . DS . 'languages')) {
// Init var
$t = array();
// Check lang file
if (file_exists(ROOT . DS . dirname($record['location']) . DS . 'languages' . DS . $locale . '.lang.php')) {
// Merge the language strings into the sub table
$t = array_merge($t, include ROOT . DS . dirname($record['location']) . DS . 'languages' . DS . $locale . '.lang.php');
}
// Append the sub table, preventing less specific language files from overloading more specific files
$lang_table += $t;
}
}
// Save lang table for current locale
Cache::put('i18n', $locale, $lang_table);
// Update dictionary
I18n::$dictionary = $lang_table;
}
// Update dictionary
I18n::$dictionary = $lang_table;
}
/**
* Get pages
*/
public static function getPages()
{
// Init vars
$pages_array = array();
$count = 0;
// Get pages table
$pages = new Table('pages');
// Get Pages List
$pages_list = $pages->select('[slug!="error404" and status="published"]');
foreach ($pages_list as $page) {
$pages_array[$count]['title'] = Html::toText($page['title']);
$pages_array[$count]['meta_title'] = !empty($page['meta_title']) ? Html::toText($page['meta_title']) : $page['title'];
$pages_array[$count]['parent'] = $page['parent'];
$pages_array[$count]['date'] = $page['date'];
$pages_array[$count]['author'] = $page['author'];
$pages_array[$count]['slug'] = $page['slug'] == Option::get('defaultpage') ? '' : $page['slug'];
if (isset($page['parent'])) {
$c_p = $page['parent'];
} else {
$c_p = '';
}
if ($c_p != '') {
$_page = $pages->select('[slug="' . $page['parent'] . '"]', null);
if (isset($_page['title'])) {
$_title = $_page['title'];
} else {
$_title = '';
}
$pages_array[$count]['sort'] = $_title . ' ' . $page['title'];
} else {
$pages_array[$count]['sort'] = $page['title'];
}
$_title = '';
$count++;
}
// Sort pages
$_pages_list = Arr::subvalSort($pages_array, 'sort');
// return
return $_pages_list;
}
<?php
class Table
{
public static function select()
{
$table = get_called_class();
$table = strtolower($table);
return "SELECT * FROM {$table}";
}
}
class Produtos extends Table
{
}
echo Table::select();
echo "\n";
echo Produtos::select();
?>
define('DS', DIRECTORY_SEPARATOR);
define('ROOT', rtrim(str_replace(array('admin'), array(''), dirname(__FILE__)), '\\/'));
define('BACKEND', true);
define('MONSTRA_ACCESS', true);
// Load Monstra engine _init.php file
require_once ROOT . DS . 'engine' . DS . '_init.php';
// Errors var when users login failed
$login_error = '';
// Get users Table
$users = new Table('users');
// Admin login
if (Request::post('login_submit')) {
if (Cookie::get('login_attempts') && Cookie::get('login_attempts') >= 5) {
$login_error = __('You are banned for 10 minutes. Try again later', 'users');
} else {
$user = $users->select("[login='******'login')) . "']", null);
if (count($user) !== 0) {
if ($user['login'] == Request::post('login')) {
if (trim($user['password']) == Security::encryptPassword(Request::post('password'))) {
if ($user['role'] == 'admin' || $user['role'] == 'editor') {
Session::set('admin', true);
Session::set('user_id', (int) $user['id']);
Session::set('user_login', (string) $user['login']);
Session::set('user_role', (string) $user['role']);
Session::set('user_email', (string) $user['email']);
Request::redirect('index.php');
}
} else {
$login_error = __('Wrong <b>username</b> or <b>password</b>', 'users');
if (Cookie::get('login_attempts')) {
if (Cookie::get('login_attempts') < 5) {
/**
* Returns true if location has events assigned
*
* @param int $id Location ID to check
*
* @return bool
*
*/
public static function hasEvents($id)
{
$events = new Table('events');
return sizeof($events->select('[location=' . $id . ' and deleted=0]', 'all')) > 0;
}
/**
* Get configured list of events
*
* @param string $time
* @param string $count
* @param string $order
* @param string $groupby
* @param bool $is_archive
*
* @return array
*
*/
public static function getList($time, $count, $order, $groupby = '', $is_archive = false)
{
// get db table object
$objects = self::getTable();
// handle order
$roworder = '';
if (in_array(trim($order), array('ASC', 'DESC'))) {
$roworder = trim($order);
} else {
$roworder = 'ASC';
}
// handle time
$now = self::_getTime();
switch ($time) {
case 'future':
$eventlist = $objects->select('[number(translate(timestamp_end,"-: ",""))>=' . $now . ' and status="published" and deleted=0]', 'all', null, null, 'timestamp', $roworder);
break;
case 'past':
$eventlist = $objects->select('[number(translate(timestamp,"-: ",""))<' . $now . ' and status="published" and deleted=0]', 'all', null, null, 'timestamp', $roworder);
break;
case 'all':
default:
$eventlist = $objects->select('[status="published" and deleted=0]', 'all', null, null, 'timestamp', $roworder);
break;
}
// handle count
if (trim($count) != 'all') {
if ($roworder == 'ASC') {
$eventlist = array_slice($eventlist, 0, (int) $count);
} else {
$offset = count($eventlist) - (int) $count;
$offset = $offset < 0 ?: $offset;
$eventlist = array_slice($eventlist, $offset);
}
}
// handle archive (remove events of category with flag (hidden_in_archive))
if ($is_archive) {
$categories = new Table('categories');
$category_ids = array();
foreach ($categories->select('[hidden_in_archive=1]', 'all', null, array('id')) as $category) {
$category_ids[] = $category['id'];
}
foreach ($eventlist as $key => $event) {
if (in_array($event['category'], $category_ids)) {
unset($eventlist[$key]);
}
}
}
// handle group by
if ($groupby == 'year') {
$eventlistyears = array();
foreach ($eventlist as $event) {
$year = date('Y', strtotime($event['timestamp']));
$eventlistyears[$year][] = $event;
}
return $eventlistyears;
}
return $eventlist;
}
/**
* Users admin
*/
public static function main()
{
// Users roles
$roles = array('admin' => __('Admin', 'users'), 'editor' => __('Editor', 'users'), 'user' => __('User', 'users'));
// Get uses table
$users = new Table('users');
if (Option::get('users_frontend_registration') === 'true') {
$users_frontend_registration = true;
} else {
$users_frontend_registration = false;
}
if (Request::post('users_frontend_submit')) {
if (Security::check(Request::post('csrf'))) {
if (Request::post('users_frontend_registration')) {
$users_frontend_registration = 'true';
} else {
$users_frontend_registration = 'false';
}
if (Option::update('users_frontend_registration', $users_frontend_registration)) {
Notification::set('success', __('Your changes have been saved.', 'users'));
} else {
Notification::set('error', __('Your changes was not saved.', 'users'));
}
Request::redirect('index.php?id=users');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Check for get actions
// ---------------------------------------------
if (Request::get('action')) {
// Switch actions
// -----------------------------------------
switch (Request::get('action')) {
// Add
// -------------------------------------
case "add":
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
// Errors
$errors = array();
if (Request::post('register')) {
if (Security::check(Request::post('csrf'))) {
$user_login = trim(Request::post('login'));
$user_password = trim(Request::post('password'));
$user_email = trim(Request::post('email'));
if ($user_login == '') {
$errors['users_empty_login'] = __('Required field', 'users');
}
if ($user_password == '') {
$errors['users_empty_password'] = __('Required field', 'users');
}
if ($user_email == '') {
$errors['users_empty_email'] = __('Required field', 'users');
}
if ($users->select("[login='******']")) {
$errors['users_this_user_already_exists'] = __('This user already exists', 'users');
}
if ($users->select("[email='" . $user_email . "']")) {
$errors['users_this_email_already_exists'] = __('This email already exists', 'users');
}
if (count($errors) == 0) {
if ($users->insert(array('login' => Security::safeName($user_login), 'password' => Security::encryptPassword(Request::post('password')), 'email' => Request::post('email'), 'hash' => Text::random('alnum', 12), 'date_registered' => time(), 'role' => Request::post('role')))) {
Notification::set('success', __('New user have been registered.', 'users'));
} else {
Notification::set('error', __('New user was not registered.', 'users'));
}
Request::redirect('index.php?id=users');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Display view
View::factory('box/users/views/backend/add')->assign('roles', $roles)->assign('errors', $errors)->display();
} else {
Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id'));
}
break;
// Edit
// -------------------------------------
// Edit
// -------------------------------------
case "edit":
// Get current user record
$user = $users->select("[id='" . (int) Request::get('user_id') . "']", null);
if (isset($user['firstname'])) {
$user_firstname = $user['firstname'];
} else {
$user_firstname = '';
}
if (isset($user['lastname'])) {
$user_lastname = $user['lastname'];
} else {
$user_lastname = '';
}
if (isset($user['email'])) {
$user_email = $user['email'];
} else {
$user_email = '';
}
if (isset($user['twitter'])) {
$user_twitter = $user['twitter'];
} else {
$user_twitter = '';
}
if (isset($user['skype'])) {
$user_skype = $user['skype'];
} else {
$user_skype = '';
}
if (isset($user['about_me'])) {
$user_about_me = $user['about_me'];
} else {
$user_about_me = '';
}
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin', 'editor'))) {
if (Request::post('edit_profile') and ((int) Session::get('user_id') == (int) Request::get('user_id') or in_array(Session::get('user_role'), array('admin')))) {
if (Security::check(Request::post('csrf'))) {
if (Security::safeName(Request::post('login')) != '') {
if ($users->update(Request::post('user_id'), array('login' => Security::safeName(Request::post('login')), 'firstname' => Request::post('firstname'), 'lastname' => Request::post('lastname'), 'email' => Request::post('email'), 'skype' => Request::post('skype'), 'twitter' => Request::post('twitter'), 'about_me' => Request::post('about_me'), 'role' => Request::post('role')))) {
Notification::set('success', __('Your changes have been saved.', 'users'));
} else {
Notification::set('error', __('Your changes was not saved.', 'users'));
}
Request::redirect('index.php?id=users&action=edit&user_id=' . Request::post('user_id'));
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if (Request::post('edit_profile_password')) {
if (Security::check(Request::post('csrf'))) {
if (trim(Request::post('new_password')) != '') {
if ($users->update(Request::post('user_id'), array('password' => Security::encryptPassword(trim(Request::post('new_password')))))) {
Notification::set('success', __('Your changes have been saved.', 'users'));
} else {
Notification::set('error', __('Your changes was not saved.', 'users'));
}
Request::redirect('index.php?id=users&action=edit&user_id=' . Request::post('user_id'));
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
if ((int) Session::get('user_id') == (int) Request::get('user_id') or in_array(Session::get('user_role'), array('admin')) && count($user) != 0) {
// Display view
View::factory('box/users/views/backend/edit')->assign('user', $user)->assign('user_firstname', $user_firstname)->assign('user_lastname', $user_lastname)->assign('user_email', $user_email)->assign('user_twitter', $user_twitter)->assign('user_skype', $user_skype)->assign('user_about_me', $user_about_me)->assign('roles', $roles)->display();
} else {
echo __('Monstra says: This is not your profile...', 'users');
}
}
break;
// Delete
// -------------------------------------
// Delete
// -------------------------------------
case "delete":
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin')) && (int) $_SESSION['user_id'] != (int) Request::get('user_id')) {
if (Security::check(Request::get('token'))) {
$user = $users->select('[id="' . Request::get('user_id') . '"]', null);
if ($users->delete(Request::get('user_id'))) {
Notification::set('success', __('User <i>:user</i> have been deleted.', 'users', array(':user' => $user['login'])));
} else {
Notification::set('error', __('User <i>:user</i> was not deleted.', 'users', array(':user' => $user['login'])));
}
Request::redirect('index.php?id=users');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
}
} else {
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
// Dislay view
View::factory('box/users/views/backend/index')->assign('roles', $roles)->assign('users_list', $users->select())->assign('users_frontend_registration', $users_frontend_registration)->display();
} else {
Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id'));
}
}
}
<?php
/* Example: Simple and Object Select Query */
/* Including the Class */
include_once 'lib/Database.php';
/* select a database table */
$test = new Table("test");
/* 1. Applying Simple Query */
$rows = $test->select("*");
/* Iterating Results */
foreach ($rows as $r) {
/* Printing Data */
echo "Simple Query Result: " . $r['name'] . '<br/>';
}
/* 2. Applying Object Query */
$rows = $test->selectObject("*");
/* Iterating Results */
while ($row = $rows->getAndNext()) {
/* Printing Data */
echo "Object Query Result: " . $row->name . '<br/>';
}
/**
* Pages admin function
*/
public static function main()
{
$current_theme = Option::get('theme_site_name');
$site_url = Option::get('siteurl');
$templates_path = THEMES_SITE;
$errors = array();
$pages = new Table('pages');
PagesAdmin::$pages = $pages;
$users = new Table('users');
$user = $users->select('[id=' . Session::get('user_id') . ']', null);
// Page author
if (!empty($user['firstname'])) {
$author = empty($user['lastname']) ? $user['firstname'] : $user['firstname'] . ' ' . $user['lastname'];
} else {
$author = Session::get('user_login');
}
$author = Html::toText($author);
// Status array
$status_array = array('published' => __('Published', 'pages'), 'draft' => __('Draft', 'pages'));
// Access array
$access_array = array('public' => __('Public', 'pages'), 'registered' => __('Registered', 'pages'));
// Check for get actions
// ---------------------------------------------
if (Request::get('action')) {
// Switch actions
// -----------------------------------------
switch (Request::get('action')) {
// Clone page
// -------------------------------------
case "clone_page":
if (Security::check(Request::get('token'))) {
// Generate rand page name
$rand_page_name = Request::get('name') . '_clone_' . date("Ymd_His");
// Get original page
$orig_page = $pages->select('[slug="' . Request::get('name') . '"]', null);
// Generate rand page title
$rand_page_title = $orig_page['title'] . ' [copy]';
// Clone page
if ($pages->insert(array('slug' => $rand_page_name, 'template' => $orig_page['template'], 'parent' => $orig_page['parent'], 'robots_index' => $orig_page['robots_index'], 'robots_follow' => $orig_page['robots_follow'], 'status' => $orig_page['status'], 'access' => isset($orig_page['access']) ? $orig_page['access'] : 'public', 'expand' => isset($orig_page['expand']) ? $orig_page['expand'] : '0', 'title' => $rand_page_title, 'meta_title' => $orig_page['meta_title'], 'description' => $orig_page['description'], 'keywords' => $orig_page['keywords'], 'tags' => $orig_page['tags'], 'date' => $orig_page['date'], 'author' => $orig_page['author']))) {
// Get cloned page ID
$last_id = $pages->lastId();
// Save cloned page content
File::setContent(STORAGE . DS . 'pages' . DS . $last_id . '.page.txt', File::getContent(STORAGE . DS . 'pages' . DS . $orig_page['id'] . '.page.txt'));
// Send notification
Notification::set('success', __('The page <i>:page</i> cloned.', 'pages', array(':page' => Security::safeName(Request::get('name'), '-', true))));
}
// Run add extra actions
Action::run('admin_pages_action_clone');
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
break;
// Add page
// -------------------------------------
// Add page
// -------------------------------------
case "add_page":
// Add page
if (Request::post('add_page') || Request::post('add_page_and_exit')) {
if (Security::check(Request::post('csrf'))) {
// Get parent page
if (Request::post('pages') == '0') {
$parent_page = '';
} else {
$parent_page = Request::post('pages');
}
// Validate
//--------------
if (trim(Request::post('page_name')) == '') {
$errors['pages_empty_name'] = __('Required field', 'pages');
}
if (trim(Request::post('page_title')) == '') {
$errors['pages_empty_title'] = __('Required field', 'pages');
}
if (count($pages->select('[slug="' . Security::safeName(Request::post('page_name'), '-', true) . '"]')) != 0) {
$errors['pages_exists'] = __('This page already exists', 'pages');
}
// Prepare date
if (Valid::date(Request::post('page_date'))) {
$date = strtotime(Request::post('page_date'));
} else {
$date = time();
}
if (Request::post('robots_index')) {
$robots_index = 'noindex';
} else {
$robots_index = 'index';
}
if (Request::post('robots_follow')) {
$robots_follow = 'nofollow';
} else {
$robots_follow = 'follow';
}
// If no errors then try to save
if (count($errors) == 0) {
// Insert new page
if ($pages->insert(array('slug' => Security::safeName(Request::post('page_name'), '-', true), 'template' => Request::post('templates'), 'parent' => $parent_page, 'status' => Request::post('status'), 'access' => Request::post('access'), 'expand' => '0', 'robots_index' => $robots_index, 'robots_follow' => $robots_follow, 'title' => Request::post('page_title'), 'meta_title' => Request::post('page_meta_title'), 'description' => Request::post('page_description'), 'keywords' => Request::post('page_keywords'), 'tags' => Request::post('page_tags'), 'date' => $date, 'author' => $author))) {
// Get inserted page ID
$last_id = $pages->lastId();
// Save content
File::setContent(STORAGE . DS . 'pages' . DS . $last_id . '.page.txt', XML::safe(Request::post('editor')));
// Send notification
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Security::safeName(Request::post('page_title'), '-', true))));
}
// Run add extra actions
Action::run('admin_pages_action_add');
// Redirect
if (Request::post('add_page_and_exit')) {
Request::redirect('index.php?id=pages');
} else {
Request::redirect('index.php?id=pages&action=edit_page&name=' . Security::safeName(Request::post('page_name'), '-', true));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Get all pages
$pages_list = $pages->select('[slug!="error404" and parent=""]');
$pages_array[] = '-none-';
foreach ($pages_list as $page) {
$pages_array[$page['slug']] = $page['title'];
}
// Get all templates
$templates_list = File::scan($templates_path, '.template.php');
foreach ($templates_list as $file) {
$templates_array[basename($file, '.template.php')] = basename($file, '.template.php');
}
// Save fields
if (Request::post('page_name')) {
$post_name = Request::post('page_name');
} else {
$post_name = '';
}
if (Request::post('page_title')) {
$post_title = Request::post('page_title');
} else {
$post_title = '';
}
if (Request::post('page_meta_title')) {
$post_meta_title = Request::post('page_meta_title');
} else {
$post_meta_title = '';
}
if (Request::post('page_keywords')) {
$post_keywords = Request::post('page_keywords');
} else {
$post_keywords = '';
}
if (Request::post('page_description')) {
$post_description = Request::post('page_description');
} else {
$post_description = '';
}
if (Request::post('page_tags')) {
$post_tags = Request::post('page_tags');
} else {
$post_tags = '';
}
if (Request::post('editor')) {
$post_content = Request::post('editor');
} else {
$post_content = '';
}
if (Request::post('templates')) {
$post_template = Request::post('templates');
} else {
$post_template = 'index';
}
if (Request::post('status')) {
$post_status = Request::post('status');
} else {
$post_status = 'published';
}
if (Request::post('access')) {
$post_access = Request::post('access');
} else {
$post_access = 'public';
}
if (Request::post('pages')) {
$parent_page = Request::post('pages');
} else {
if (Request::get('parent_page')) {
$parent_page = Request::get('parent_page');
} else {
$parent_page = '';
}
}
if (Request::post('robots_index')) {
$post_robots_index = true;
} else {
$post_robots_index = false;
}
if (Request::post('robots_follow')) {
$post_robots_follow = true;
} else {
$post_robots_follow = false;
}
//--------------
// Generate date
$date = Date::format(time(), 'Y-m-d H:i:s');
// Set Tabs State - page
Notification::setNow('page', 'page');
// Display view
View::factory('box/pages/views/backend/add')->assign('post_name', $post_name)->assign('post_title', $post_title)->assign('post_meta_title', $post_meta_title)->assign('post_description', $post_description)->assign('post_keywords', $post_keywords)->assign('post_tags', $post_tags)->assign('post_content', $post_content)->assign('pages_array', $pages_array)->assign('parent_page', $parent_page)->assign('templates_array', $templates_array)->assign('post_template', $post_template)->assign('post_status', $post_status)->assign('post_access', $post_access)->assign('status_array', $status_array)->assign('access_array', $access_array)->assign('date', $date)->assign('post_robots_index', $post_robots_index)->assign('post_robots_follow', $post_robots_follow)->assign('errors', $errors)->display();
break;
// Edit page
// -------------------------------------
// Edit page
// -------------------------------------
case "edit_page":
if (Request::post('edit_page') || Request::post('edit_page_and_exit')) {
if (Security::check(Request::post('csrf'))) {
// Get pages parent
if (Request::post('pages') == '0') {
$parent_page = '';
} else {
$parent_page = Request::post('pages');
}
// Save field
$post_parent = Request::post('pages');
// Validate
//--------------
if (trim(Request::post('page_name')) == '') {
$errors['pages_empty_name'] = __('Required field', 'pages');
}
if (count($pages->select('[slug="' . Security::safeName(Request::post('page_name'), '-', true) . '"]')) != 0 and Security::safeName(Request::post('page_old_name'), '-', true) !== Security::safeName(Request::post('page_name'), '-', true)) {
$errors['pages_exists'] = __('This page already exists', 'pages');
}
if (trim(Request::post('page_title')) == '') {
$errors['pages_empty_title'] = __('Required field', 'pages');
}
// Save fields
if (Request::post('page_name')) {
$post_name = Request::post('page_name');
} else {
$post_name = '';
}
if (Request::post('page_title')) {
$post_title = Request::post('page_title');
} else {
$post_title = '';
}
if (Request::post('page_meta_title')) {
$post_meta_title = Request::post('page_meta_title');
} else {
$post_meta_title = '';
}
if (Request::post('page_keywords')) {
$post_keywords = Request::post('page_keywords');
} else {
$post_keywords = '';
}
if (Request::post('page_description')) {
$post_description = Request::post('page_description');
} else {
$post_description = '';
}
if (Request::post('page_tags')) {
$post_tags = Request::post('page_tags');
} else {
$post_tags = '';
}
if (Request::post('editor')) {
$post_content = Request::post('editor');
} else {
$post_content = '';
}
if (Request::post('templates')) {
$post_template = Request::post('templates');
} else {
$post_template = 'index';
}
if (Request::post('status')) {
$post_status = Request::post('status');
} else {
$post_status = 'published';
}
if (Request::post('access')) {
$post_access = Request::post('access');
} else {
$post_access = 'public';
}
if (Request::post('robots_index')) {
$post_robots_index = true;
} else {
$post_robots_index = false;
}
if (Request::post('robots_follow')) {
$post_robots_follow = true;
} else {
$post_robots_follow = false;
}
//--------------
// Prepare date
if (Valid::date(Request::post('page_date'))) {
$date = strtotime(Request::post('page_date'));
} else {
$date = time();
}
if (Request::post('robots_index')) {
$robots_index = 'noindex';
} else {
$robots_index = 'index';
}
if (Request::post('robots_follow')) {
$robots_follow = 'nofollow';
} else {
$robots_follow = 'follow';
}
if (count($errors) == 0) {
// Update parents in all childrens
if (Security::safeName(Request::post('page_name'), '-', true) !== Security::safeName(Request::post('page_old_name'), '-', true) and Request::post('old_parent') == '') {
$_pages = $pages->select('[parent="' . Text::translitIt(trim(Request::post('page_old_name'))) . '"]');
if (!empty($_pages)) {
foreach ($_pages as $_page) {
$pages->updateWhere('[parent="' . $_page['parent'] . '"]', array('parent' => Security::safeName(Request::post('page_name'), '-', true)));
}
}
if ($pages->updateWhere('[slug="' . Request::get('name') . '"]', array('slug' => Security::safeName(Request::post('page_name'), '-', true), 'template' => Request::post('templates'), 'parent' => $parent_page, 'title' => Request::post('page_title'), 'meta_title' => Request::post('page_meta_title'), 'description' => Request::post('page_description'), 'keywords' => Request::post('page_keywords'), 'tags' => Request::post('page_tags'), 'robots_index' => $robots_index, 'robots_follow' => $robots_follow, 'status' => Request::post('status'), 'access' => Request::post('access'), 'date' => $date, 'author' => $author))) {
File::setContent(STORAGE . DS . 'pages' . DS . Request::post('page_id') . '.page.txt', XML::safe(Request::post('editor')));
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Security::safeName(Request::post('page_title'), '-', true))));
}
// Run edit extra actions
Action::run('admin_pages_action_edit');
} else {
if ($pages->updateWhere('[slug="' . Request::get('name') . '"]', array('slug' => Security::safeName(Request::post('page_name'), '-', true), 'template' => Request::post('templates'), 'parent' => $parent_page, 'title' => Request::post('page_title'), 'meta_title' => Request::post('page_meta_title'), 'description' => Request::post('page_description'), 'keywords' => Request::post('page_keywords'), 'tags' => Request::post('page_tags'), 'robots_index' => $robots_index, 'robots_follow' => $robots_follow, 'status' => Request::post('status'), 'access' => Request::post('access'), 'date' => $date, 'author' => $author))) {
File::setContent(STORAGE . DS . 'pages' . DS . Request::post('page_id') . '.page.txt', XML::safe(Request::post('editor')));
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Security::safeName(Request::post('page_title'), '-', true))));
}
// Run edit extra actions
Action::run('admin_pages_action_edit');
}
// Redirect
if (Request::post('edit_page_and_exit')) {
Request::redirect('index.php?id=pages');
} else {
Request::redirect('index.php?id=pages&action=edit_page&name=' . Security::safeName(Request::post('page_name'), '-', true));
}
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Get all pages
$pages_list = $pages->select();
$pages_array[] = '-none-';
// Foreach pages find page whithout parent
foreach ($pages_list as $page) {
if (isset($page['parent'])) {
$c_p = $page['parent'];
} else {
$c_p = '';
}
if ($c_p == '') {
// error404 is system "constant" and no child for it
if ($page['slug'] !== 'error404' && $page['slug'] !== Request::get('name')) {
$pages_array[$page['slug']] = $page['title'];
}
}
}
// Get all templates
$templates_list = File::scan($templates_path, '.template.php');
foreach ($templates_list as $file) {
$templates_array[basename($file, '.template.php')] = basename($file, '.template.php');
}
$page = $pages->select('[slug="' . Request::get('name') . '"]', null);
if ($page) {
$page_content = File::getContent(STORAGE . DS . 'pages' . DS . $page['id'] . '.page.txt');
// Safe fields or load fields
if (Request::post('page_name')) {
$slug_to_edit = Request::post('page_name');
} else {
$slug_to_edit = $page['slug'];
}
if (Request::post('page_title')) {
$title_to_edit = Request::post('page_title');
} else {
$title_to_edit = $page['title'];
}
if (Request::post('page_meta_title')) {
$meta_title_to_edit = Request::post('page_meta_title');
} else {
$meta_title_to_edit = isset($page['meta_title']) ? $page['meta_title'] : '';
}
if (Request::post('page_description')) {
$description_to_edit = Request::post('page_description');
} else {
$description_to_edit = $page['description'];
}
if (Request::post('page_keywords')) {
$keywords_to_edit = Request::post('page_keywords');
} else {
$keywords_to_edit = $page['keywords'];
}
if (Request::post('page_tags')) {
$tags_to_edit = Request::post('page_tags');
} else {
$tags_to_edit = isset($page['tags']) ? $page['tags'] : '';
}
if (Request::post('editor')) {
$to_edit = Request::post('editor');
} else {
$to_edit = Text::toHtml($page_content);
}
if (Request::post('robots_index')) {
$post_robots_index = true;
} else {
if ($page['robots_index'] == 'noindex') {
$post_robots_index = true;
} else {
$post_robots_index = false;
}
}
if (Request::post('robots_follow')) {
$post_robots_follow = true;
} else {
if ($page['robots_follow'] == 'nofollow') {
$post_robots_follow = true;
} else {
$post_robots_follow = false;
}
}
if (Request::post('pages')) {
// Get pages parent
if (Request::post('pages') == '-none-') {
$parent_page = '';
} else {
$parent_page = Request::post('pages');
}
// Save field
$parent_page = Request::post('pages');
} else {
$parent_page = $page['parent'];
}
if (Request::post('templates')) {
$template = Request::post('templates');
} else {
$template = $page['template'];
}
if (Request::post('status')) {
$status = Request::post('status');
} else {
$status = $page['status'];
}
if (Request::post('access')) {
$access = Request::post('access');
} else {
$access = isset($page['access']) ? $page['access'] : 'public';
}
// Generate date
$date = Request::post('date') ? Request::post('date') : Date::format($page['date'], 'Y-m-d H:i:s');
Notification::setNow('page', 'page');
// Display view
View::factory('box/pages/views/backend/edit')->assign('slug_to_edit', $slug_to_edit)->assign('title_to_edit', $title_to_edit)->assign('meta_title_to_edit', $meta_title_to_edit)->assign('description_to_edit', $description_to_edit)->assign('keywords_to_edit', $keywords_to_edit)->assign('tags_to_edit', $tags_to_edit)->assign('page', $page)->assign('to_edit', $to_edit)->assign('pages_array', $pages_array)->assign('parent_page', $parent_page)->assign('templates_array', $templates_array)->assign('template', $template)->assign('status_array', $status_array)->assign('access_array', $access_array)->assign('status', $status)->assign('access', $access)->assign('date', $date)->assign('post_robots_index', $post_robots_index)->assign('post_robots_follow', $post_robots_follow)->assign('errors', $errors)->display();
}
break;
// Delete page
// -------------------------------------
// Delete page
// -------------------------------------
case "delete_page":
// Error 404 page can not be removed
if (Request::get('slug') !== 'error404') {
if (Security::check(Request::get('token'))) {
// Get specific page
$page = $pages->select('[slug="' . Request::get('name') . '"]', null);
// Delete page and update <parent> fields
if ($pages->deleteWhere('[slug="' . $page['slug'] . '" ]')) {
$_pages = $pages->select('[parent="' . $page['slug'] . '"]');
if (!empty($_pages)) {
foreach ($_pages as $_page) {
$pages->updateWhere('[slug="' . $_page['slug'] . '"]', array('parent' => ''));
}
}
File::delete(STORAGE . DS . 'pages' . DS . $page['id'] . '.page.txt');
Notification::set('success', __('Page <i>:page</i> deleted', 'pages', array(':page' => Html::toText($page['title']))));
}
// Run delete extra actions
Action::run('admin_pages_action_delete');
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
// Update page access
// -------------------------------------
// Update page access
// -------------------------------------
case "update_access":
if (Request::get('slug') !== 'error404') {
if (Security::check(Request::get('token'))) {
$pages->updateWhere('[slug="' . Request::get('slug') . '"]', array('access' => Request::get('access')));
// Run delete extra actions
Action::run('admin_pages_action_update_access');
// Send notification
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Request::get('slug'))));
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
// Update page status
// -------------------------------------
// Update page status
// -------------------------------------
case "update_status":
if (Request::get('name') !== 'error404') {
if (Security::check(Request::get('token'))) {
$pages->updateWhere('[slug="' . Request::get('slug') . '"]', array('status' => Request::get('status')));
// Run delete extra actions
Action::run('admin_pages_action_update_status');
// Send notification
Notification::set('success', __('Your changes to the page <i>:page</i> have been saved.', 'pages', array(':page' => Request::get('slug'))));
// Redirect
Request::redirect('index.php?id=pages');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
break;
}
// Its mean that you can add your own actions for this plugin
Action::run('admin_pages_extra_actions');
} else {
// Index action
// -------------------------------------
// Init vars
$pages_array = array();
$count = 0;
// Get pages
$pages_list = $pages->select(null, 'all', null, array('slug', 'title', 'status', 'date', 'author', 'expand', 'access', 'parent', 'template', 'tags'));
// Loop
foreach ($pages_list as $page) {
$pages_array[$count]['title'] = $page['title'];
$pages_array[$count]['meta_title'] = isset($page['meta_title']) ? $page['meta_title'] : '';
$pages_array[$count]['parent'] = $page['parent'];
$pages_array[$count]['_status'] = $page['status'];
$pages_array[$count]['_access'] = $page['access'];
$pages_array[$count]['status'] = $status_array[$page['status']];
$pages_array[$count]['access'] = isset($access_array[$page['access']]) ? $access_array[$page['access']] : $access_array['public'];
// hack for old Monstra Versions
$pages_array[$count]['date'] = $page['date'];
$pages_array[$count]['author'] = $page['author'];
$pages_array[$count]['expand'] = $page['expand'];
$pages_array[$count]['slug'] = $page['slug'];
$pages_array[$count]['tags'] = $page['tags'];
$pages_array[$count]['template'] = $page['template'];
if (isset($page['parent'])) {
$c_p = $page['parent'];
} else {
$c_p = '';
}
if ($c_p != '') {
$_page = $pages->select('[slug="' . $page['parent'] . '"]', null);
if (isset($_page['title'])) {
$_title = $_page['title'];
} else {
$_title = '';
}
$pages_array[$count]['sort'] = $_title . ' ' . $page['title'];
} else {
$pages_array[$count]['sort'] = $page['title'];
}
$_title = '';
$count++;
}
// Sort pages
$pages = Arr::subvalSort($pages_array, 'sort');
// Display view
View::factory('box/pages/views/backend/index')->assign('pages', $pages)->assign('site_url', $site_url)->display();
}
}
/**
* Plugins admin
*/
public static function main()
{
// Get siteurl
$site_url = Option::get('siteurl');
// Get installed plugin from $plugins array
$installed_plugins = Plugin::$plugins;
// Get installed users plugins
$_users_plugins = array();
foreach (Plugin::$plugins as $plugin) {
if ($plugin['privilege'] !== 'box') {
$_users_plugins[] = $plugin['id'];
}
}
// Get plugins table
$plugins = new Table('plugins');
// Delete plugin
// -------------------------------------
if (Request::get('delete_plugin')) {
if (Security::check(Request::get('token'))) {
// Nobody cant remove box plugins
if ($installed_plugins[Text::lowercase(str_replace("Plugin", "", Request::get('delete_plugin')))]['privilege'] !== 'box') {
// Run plugin uninstaller file
$plugin_name = Request::get('delete_plugin');
if (File::exists(PLUGINS . DS . $plugin_name . DS . 'install' . DS . $plugin_name . '.uninstall.php')) {
include PLUGINS . DS . $plugin_name . DS . 'install' . DS . $plugin_name . '.uninstall.php';
}
// Clean Monstra TMP folder.
Monstra::cleanTmp();
// Increment Styles and Javascript version
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
// Delete plugin form plugins table
$plugins->deleteWhere('[name="' . Request::get('delete_plugin') . '"]');
// Redirect
Request::redirect('index.php?id=plugins');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Install new plugin
// -------------------------------------
if (Request::get('install')) {
if (Security::check(Request::get('token'))) {
// Load plugin install xml file
$plugin_xml = XML::loadFile(PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . Request::get('install'));
// Add plugin to plugins table
$plugins->insert(array('name' => basename(Request::get('install'), '.manifest.xml'), 'location' => (string) $plugin_xml->plugin_location, 'status' => (string) $plugin_xml->plugin_status, 'priority' => (int) $plugin_xml->plugin_priority));
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
// Run plugin installer file
$plugin_name = str_replace(array("Plugin", ".manifest.xml"), "", Request::get('install'));
if (File::exists(PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . $plugin_name . '.install.php')) {
include PLUGINS . DS . basename(Text::lowercase(Request::get('install')), '.manifest.xml') . DS . 'install' . DS . $plugin_name . '.install.php';
}
Request::redirect('index.php?id=plugins');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete plugin from server
// -------------------------------------
if (Request::get('delete_plugin_from_server')) {
if (Security::check(Request::get('token'))) {
// Clean Monstra TMP folder.
Monstra::cleanTmp();
Stylesheet::stylesVersionIncrement();
Javascript::javascriptVersionIncrement();
Dir::delete(PLUGINS . DS . basename(Request::get('delete_plugin_from_server'), '.manifest.xml'));
Request::redirect('index.php?id=plugins');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Upload & extract plugin archive
// -------------------------------------
if (Request::post('upload_file')) {
if (Security::check(Request::post('csrf'))) {
if ($_FILES['file']) {
if (in_array(File::ext($_FILES['file']['name']), array('zip'))) {
$tmp_dir = ROOT . DS . 'tmp' . DS . uniqid('plugin_');
$error = 'Plugin was not uploaded';
if (Dir::create($tmp_dir)) {
$file_locations = Zip::factory()->extract($_FILES['file']['tmp_name'], $tmp_dir);
if (!empty($file_locations)) {
$manifest = '';
foreach ($file_locations as $filepath) {
if (substr($filepath, -strlen('.manifest.xml')) === '.manifest.xml') {
$manifest = $filepath;
break;
}
}
if (!empty($manifest) && basename(dirname($manifest)) === 'install') {
$manifest_file = pathinfo($manifest, PATHINFO_BASENAME);
$plugin_name = str_replace('.manifest.xml', '', $manifest_file);
if (Dir::create(PLUGINS . DS . $plugin_name)) {
$tmp_plugin_dir = dirname(dirname($manifest));
Dir::copy($tmp_plugin_dir, PLUGINS . DS . $plugin_name);
Notification::set('success', __('Plugin was uploaded', 'plugins'));
$error = false;
}
}
}
} else {
$error = 'System error';
}
} else {
$error = 'Forbidden plugin file type';
}
} else {
$error = 'Plugin was not uploaded';
}
if ($error) {
Notification::set('error', __($error, 'plugins'));
}
if (Request::post('dragndrop')) {
Request::shutdown();
} else {
Request::redirect($site_url . '/admin/index.php?id=plugins#installnew');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Installed plugins
$plugins_installed = array();
// New plugins
$plugins_new = array();
// Plugins to install
$plugins_to_intall = array();
// Scan plugins directory for .manifest.xml
$plugins_new = File::scan(PLUGINS, '.manifest.xml');
// Get installed plugins from plugins table
$plugins_installed = $plugins->select(null, 'all', null, array('location', 'priority'), 'priority', 'ASC');
// Update $plugins_installed array. extract plugins names
foreach ($plugins_installed as $plg) {
$_plg[] = basename($plg['location'], 'plugin.php') . 'manifest.xml';
}
// Diff
$plugins_to_install = array_diff($plugins_new, $_plg);
// Create array of plugins to install
$count = 0;
foreach ($plugins_to_install as $plugin) {
$plg_path = PLUGINS . DS . Text::lowercase(basename($plugin, '.manifest.xml')) . DS . 'install' . DS . $plugin;
if (file_exists($plg_path)) {
$plugins_to_intall[$count]['path'] = $plg_path;
$plugins_to_intall[$count]['plugin'] = $plugin;
$count++;
}
}
// Draw template
View::factory('box/plugins/views/backend/index')->assign('installed_plugins', $installed_plugins)->assign('plugins_to_intall', $plugins_to_intall)->assign('_users_plugins', $_users_plugins)->assign('fileuploader', array('uploadUrl' => $site_url . '/admin/index.php?id=plugins', 'csrf' => Security::token(), 'errorMsg' => __('Upload server error', 'filesmanager')))->display();
}
/**
* System plugin admin
*/
public static function main()
{
if (Session::exists('user_role') && in_array(Session::get('user_role'), array('admin'))) {
$filters = Filter::$filters;
$plugins = Plugin::$plugins;
$components = Plugin::$components;
$actions = Action::$actions;
// Get pages table
$pages = new Table('pages');
// Get system timezone
$system_timezone = Option::get('timezone');
// Get languages files
$language_files = File::scan(PLUGINS_BOX . DS . 'system' . DS . 'languages' . DS, '.lang.php');
foreach ($language_files as $language) {
$parts = explode('.', $language);
$languages_array[$parts[0]] = I18n::$locales[$parts[0]];
}
// Get all pages
$pages_array = array();
$pages_list = $pages->select('[slug!="error404" and parent="" and status="published"]');
foreach ($pages_list as $page) {
$pages_array[$page['slug']] = Html::toText($page['title']);
}
// Create Sitemap
// -------------------------------------
if (Request::get('sitemap') == 'create') {
if (Security::check(Request::get('token'))) {
Notification::set('success', __('Sitemap created', 'system'));
Sitemap::create();
Request::redirect('index.php?id=system');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Delete temporary files
// -------------------------------------
if (Request::get('temporary_files') == 'delete') {
if (Security::check(Request::get('token'))) {
Monstra::cleanTmp();
if (count(File::scan(MINIFY, array('css', 'js', 'php'))) == 0 && count(Dir::scan(CACHE)) == 0) {
Notification::set('success', __('Temporary files deleted', 'system'));
Request::redirect('index.php?id=system');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Set maintenance state on or off
// -------------------------------------
if (Request::get('maintenance')) {
if (Security::check(Request::get('token'))) {
if ('on' == Request::get('maintenance')) {
Option::update('maintenance_status', 'on');
Request::redirect('index.php?id=system');
}
if ('off' == Request::get('maintenance')) {
Option::update('maintenance_status', 'off');
Request::redirect('index.php?id=system');
}
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Edit settings
// -------------------------------------
if (Request::post('edit_settings')) {
if (Security::check(Request::post('csrf'))) {
// Add trailing slashes
$_site_url = Request::post('system_url');
Option::update(array('sitename' => Request::post('site_name'), 'keywords' => Request::post('site_keywords'), 'description' => Request::post('site_description'), 'slogan' => Request::post('site_slogan'), 'defaultpage' => Request::post('site_default_page'), 'siteurl' => $_site_url, 'timezone' => Request::post('system_timezone'), 'system_email' => Request::post('system_email'), 'language' => Request::post('system_language'), 'maintenance_message' => Request::post('site_maintenance_message')));
Notification::set('success', __('Your changes have been saved.', 'system'));
Request::redirect('index.php?id=system');
} else {
die('Request was denied because it contained an invalid security token. Please refresh the page and try again.');
}
}
// Its mean that you can add your own actions for this plugin
Action::run('admin_system_extra_actions');
// Display view
View::factory('box/system/views/backend/index')->assign('pages_array', $pages_array)->assign('languages_array', $languages_array)->display();
} else {
Request::redirect('index.php?id=users&action=edit&user_id=' . Session::get('user_id'));
}
}
$uid = $authorizer->isLogged();
require_once '../func/admin.class.php';
require_once '../inc/vars.php';
function makefile($file, $table)
{
$fh = fopen($file, 'w') or die("Error opening file!");
fwrite($fh, "<?php define(MT_TABLE,'" . $table . "'); ?>");
fclose($fh);
}
if ($_POST['_table']) {
$file = '../inc/vars.php';
if (!is_writable($file)) {
if (chmod($file, 0777)) {
makefile($file, $_POST['_table']);
} else {
echo '<div id="error">Your inc/vars.php file is not writable! (hint: chmod 0777)</div>';
}
} else {
makefile($file, $_POST['_table']);
}
die("The table: " . $_POST['_table'] . " has been correctly selected.");
}
$admin = new Table(MT_TABLE);
?>
<div id="form-small">
<select id="gruppo" name="gruppo" onchange="table = this.options[this.selectedIndex].value; return select_table(table);"><option value="0">Choose one..</option>
<?php
$admin->select();
?>
</select>
</div>