Example #1
0
 public static function set_by_name($strName, $strValue)
 {
     if (!preg_match("/^[a-zA-Z0-9_.]*\$/", $strName)) {
         throw new Exception(ERRORMSG_INVALID);
     }
     $arrResults = clsDB::selectQueryObjects('setting', "\n\t\t\t\t\t\t\t\tSELECT *\n\t\t\t\t\t\t\t\tFROM `<<tbl><setting>>` \n\t\t\t\t\t\t\t\tWHERE `<<setting><name>>`='{$strName}'\n\t\t\t\t\t\t\t\t\tAND `<<isdel><setting>>`='0' ");
     if (sizeof($arrResults) == 0) {
         $objSetting = new clsDB('setting');
         $objSetting->set('name', $strName);
         $objSetting->set('valud', $strValue);
         $objSetting->save();
     } else {
         $objSetting = $arrResults[0];
         $objSetting->set('value', $strValue);
         $objSetting->save();
     }
 }
Example #2
0
 public function update($intFrom, $intTo)
 {
     if ($intFrom <= 0) {
         die("Invalid version, couldn't upgrade.");
     }
     if ($intTo <= 0) {
         die("Invalid version, couldn't upgrade.");
     }
     if ($intFrom > $intTo) {
         die("Database version newer than code version. Upgrade the code.");
     }
     for ($i = $intFrom; $i < $intTo; $i++) {
         if (isset($this->arrChanges[$i])) {
             foreach ($this->arrChanges[$i] as $strQuery) {
                 clsDB::insertQuery($strQuery);
             }
         }
         clsSetting::set_by_name('DB_BUILD', $i + 1);
     }
 }
Example #3
0
 public static function getThumbnail($objUser, $picture_id, $intWidth, $intHeight, $objAlbum)
 {
     if (!is_numeric($picture_id)) {
         throw new Exception(INVALID_VALUE);
     }
     if (!is_numeric($intWidth)) {
         throw new Exception(INVALID_VALUE);
     }
     if (!is_numeric($intHeight)) {
         throw new Exception(INVALID_VALUE);
     }
     /* This prevents the thumbnails from being bigger than the original. */
     if (!$objAlbum->isNew()) {
         $intWidth = min($intWidth, $objAlbum->get('max_width'));
         $intHeight = min($intHeight, $objAlbum->get('max_height'));
     }
     $arrThumbnails = clsDB::getListStatic('thumbnail', "`<<foreign><thumbnail><picture>>`='{$picture_id}' AND `<<thumbnail><width>>`='{$intWidth}' AND `<<thumbnail><height>>`='{$intHeight}'");
     if (sizeof($arrThumbnails) == 0) {
         $objPicture = new clsPicture($picture_id);
         list($img, $intActualWidth, $intActualHeight) = $objPicture->getResized($objUser, $intWidth, $intHeight);
         if (is_string($img)) {
             return $img;
         }
         $objThumbnail = new clsThumbnail();
         $objThumbnail->set('picture_id', $picture_id);
         $objThumbnail->set('width', $intWidth);
         $objThumbnail->set('height', $intHeight);
         $objThumbnail->set('actual_width', $intActualWidth);
         $objThumbnail->set('actual_height', $intActualHeight);
         $objThumbnail->set('date', date('Y-m-d H:i:s'));
         $result = $objThumbnail->setImage($img);
         if ($result) {
             return $result;
         }
         $objThumbnail->save();
     } else {
         $objThumbnail = new clsThumbnail($arrThumbnails[0]->get('id'));
     }
     return $objThumbnail;
 }
Example #4
0
        }
        $objNewsUser = $objNews->getForeignObject('user');
        $objAlbum = $objNews->getForeignObject('album');
        $objNewsTemplate->setText('ID', $objNews->get('id'));
        $objNewsTemplate->setText('USERID', $objNewsUser->get('id'));
        $objNewsTemplate->setText('USERNAME', $objNewsUser->get('username'));
        $objNewsTemplate->setText('DATE', date('Y-m-d', strtotime($objNews->get('date'))));
        $objNewsTemplate->setText('TITLE', $objNews->get('title'));
        $objNewsTemplate->setText('TEXT', bbcode_format($objNews->get('text')));
        echo $objNewsTemplate->get();
    }
} else {
    if (!$objUser || $objUser->get('is_admin') != 1) {
        throw new Exception("exception_accessdenied");
    }
    $objNews = new clsDB('news');
    $objNews->getFromRequest(array('id', 'title', 'text'));
    if ($strSubAction == 'edit') {
        $objNews->load();
        echo "<form action='index.php' method='post'>";
        echo "<input type='hidden' name='subaction' value='save'>";
        echo $objNews->getHiddenField('id');
        echo "Title:<br>";
        echo $objNews->getTextField('title', new clsParameters('size', 40)) . "<br><br>";
        echo "Post:<br>";
        echo $objNews->getTextArea('text', 4, 45) . "<br><br>";
        echo $objNews->getSubmit('Post');
    } else {
        if ($strSubAction == 'save') {
            if ($objNews->isNew()) {
                $objNews->set('user_id', $objUser->get('id'));
Example #5
0
 public static function getVoteCount($objPicture)
 {
     return clsDB::getCountStatic('vote', "`<<foreign><vote><picture>>`='" . $objPicture->get('id') . "'");
 }
Example #6
0
 public static function getPicturesByGroup($objUser, $objGroup)
 {
     $arrPictures = clsDB::selectQueryObjects('picture', "SELECT `<<tbl><picture>>`.*\n                                        FROM `<<tbl><album>>`\n                                            LEFT JOIN `<<tbl><picture>>` ON `<<foreign><picture><album>>`=`<<album><id>>`\n                                        WHERE `<<foreign><album><group>>`='" . $objGroup->get('id') . "' \n                                            AND `<<isdel><album>>`='0'\n                                            AND `<<isdel><picture>>`='0'\n                                            AND `<<picture><confirmed>>`='1'\n                                        ORDER BY `<<picture><date>>` DESC\n                                        ");
     $arrRet = array();
     /* TODO: Might be able to make this more efficient. Make sure that canView() isn't running a query every time. */
     foreach ($arrPictures as $objPicture) {
         $objAlbum = new clsAlbum($objPicture->get('album_id'));
         if ($objAlbum->canView($objUser)) {
             $arrRet[] = new clsPicture($objPicture->get('id'));
         }
     }
     return $arrRet;
 }
Example #7
0
    $objGroup->getFromRequest(array('id', 'name', 'is_private', 'is_hidden'));
    if ($objGroup->isNew()) {
        $objGroup->set('user_id', $objUser->get('id'));
    }
    $objGroup->save();
    header("Location: index.php?action=groups&subaction=view&message=group_saved&" . $objGroup->getIDPair());
}
if ($strSubAction == 'invite') {
    if (!$objGroup->isMember($objUser)) {
        throw new Exception('exception_accessdenied');
    }
    if ($objMember->isNew()) {
        $objTemplate->setText('PAGETITLE', "Inviting a user");
        $objBreadcrumbs->add('Inviting', 'index.php?action=groups&subaction=invite&' . $objGroup->getIDPair());
        $objMiniMenu->add('Back', 'index.php?action=groups&subaction=view&' . $objGroup->getIDPair());
        $arrMembers = clsDB::getListStatic('user', '', 'username');
        foreach ($arrMembers as $objMember) {
            print "<ul>";
            if (!$objGroup->isMemberOrPotential($objMember)) {
                print "<li><a href='index.php?action=groups&subaction=invite&" . $objGroup->getIDPair() . "&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></li>";
            }
            print "</ul>";
        }
    } else {
        $strResult = $objGroup->inviteUser($objMember, $objUser);
        header("Location: index.php?action=groups&subaction=invite&message={$strResult}&" . $objGroup->getIDPair());
    }
}
if ($strSubAction == 'join') {
    if ($objGroup->isMemberOrPotential($objUser)) {
        throw new Exception('exception_accessdenied');
Example #8
0
    }
    /* Make sure that users can only edit their own pictures. */
    $objPicture->delete();
    $objPicture->save();
    header("Location: index.php?action=upload&subaction=preview");
}
if ($strSubAction == 'preview') {
    $objTemplate->setText('PAGETITLE', "Pending Pictures");
    $objBreadcrumbs->add('Upload', 'index.php?action=upload');
    $objBreadcrumbs->add('Pending', 'index.php?action=upload&subaction=preview');
    $arrPictures = clsPicture::getPending($objUser);
    print "You have <strong>" . sizeof($arrPictures) . "</strong> pictures waiting for attention" . ($objUser ? "" : " (note: unsaved images from all guests will appear here)") . ":<br><br>";
    foreach ($arrPictures as $objPicture) {
        $objPicture = new clsPicture($objPicture->get('id'));
        $objAlbum = new clsAlbum($objPicture->get('album_id'));
        $objTemplate = new clsTemplate('preview');
        $objTemplate->setText('HIDDEN', $objPicture->getHiddenField('id'));
        $objTemplate->setText('ALBUM', $objPicture->getCombo('album_id', clsDB::getOptionsFromList($objAlbum->getPostableAlbums($objUser), 'name', 'id', "Select an album")));
        $objTemplate->setText('ID', $objPicture->get('id'));
        $objTemplate->setText('IMAGE', $objPicture->getHtmlThumbnail(250, 250));
        /* TODO: Customizable? */
        $objTemplate->setText('NAME', $objPicture->get('original_name'));
        $objTemplate->setText('WIDTH', $objPicture->get('width'));
        $objTemplate->setText('HEIGHT', $objPicture->get('height'));
        $objTemplate->setText('SAVEDELETE', $objPicture->getCombo('subaction', array('confirm' => 'Keep', 'delete' => 'Don\'t keep'), null, true));
        $objTemplate->setText('TITLE', $objPicture->getTextField('title'));
        $objTemplate->setText('CAPTION', $objPicture->getTextArea('caption'));
        $objTemplate->setText('SUBMIT', $objPicture->getSubmit('Save'));
        print $objTemplate->get();
    }
}
Example #9
0
 public static function getNewPictures($objUser)
 {
     $arrPictures = clsDB::selectQueryObjects('picture', "\n\t\t\tSELECT `<<tbl><picture>>`.*\n\t\t\tFROM `<<tbl><picture>>` \n\t\t\t\t\tJOIN `<<tbl><album>>` ON `<<foreign><picture><album>>`=`<<album><id>>`\n\t\t\t\tWHERE `<<isdel><picture>>`='0'\n\t\t\t\t\tAND `<<picture><confirmed>>`='1'\n\t\t\t\t\tAND `<<isdel><album>>`='0'\n\t\t\t\t\tAND `<<picture><id>>` NOT IN \n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT `<<foreign><userpictureview><picture>>`\n\t\t\t\t\t\t\tFROM `<<tbl><userpictureview>>`\n\t\t\t\t\t\t\tWHERE `<<foreign><userpictureview><user>>`='" . $objUser->get('id') . "'\n\t\t\t\t\t\t\t\tAND `<<isdel><userpictureview>>`='0'\n\t\t\t\t\t)\n\t\t\t\tORDER BY `<<picture><date>>` DESC\n\t\t\t\t\t");
     $arrRet = array();
     foreach ($arrPictures as $objPicture) {
         $objAlbum = new clsAlbum($objPicture->get('album_id'));
         /* TODO: Speed this up? */
         if ($objAlbum->canView($objUser)) {
             $arrRet[] = new clsPicture($objPicture->get('id'));
         }
     }
     return $arrRet;
 }
Example #10
0
 public static function getByName($strName)
 {
     /* By putting the username into an object, it is sanitized. */
     $objUser = new clsUser();
     $objUser->set('username', $strName);
     $arrResults = clsDB::getListStatic('user', "`<<user><username>>`='" . $objUser->get('username') . "'");
     if (sizeof($arrResults) == 0) {
         return null;
     }
     // Username wasn't found
     if (sizeof($arrResults) > 1) {
         throw new Exception("exception_multiplenames");
     }
     /* should never happen, but who knows? */
     return new clsUser($arrResults[0]->get('id'));
 }
Example #11
0
 public static function getUserFilter($strZeroCaption)
 {
     $str = "<form method='get'>\n\t\t\t\t\t<input type='hidden' name='action' value='albums'>\n\t\t\t\t\t<input type='hidden' name='subaction' value='useralbums'>\n\t\t\t\t\t<select name='user_id'> \n\t\t\t\t\t\t<option value='0'>{$strZeroCaption}</option>\n\t\t\t\t\t";
     $arrUsers = clsDB::getListStatic('user', '', 'username');
     foreach ($arrUsers as $objUser) {
         $str .= "<option value='" . $objUser->get('id') . "'>" . $objUser->get('username') . "</option>\n";
     }
     $str .= "\n\t\t\t\t\t</select>\n\t\t\t\t\t<input type='submit' value='Filter'>\n\t\t\t\t</form>";
     return $str;
 }
Example #12
0
                            $objPicture->set('confirmed', 1);
                            $objPicture->save();
                            print "<img src='" . clsThumbnail::getUrl($objPicture, 70, 70) . "'> ";
                            if (++$i % 6 == 0) {
                                print "<br>";
                            }
                        }
                        print "<br><br>";
                    }
                }
            }
        }
    }
}
if ($strSubAction == 'settings_save') {
    $objSetting = new clsDB('setting');
    $objSetting->getFromRequest(array('id', 'value'));
    $objSetting->save();
    $strSubAction = 'settings';
}
if ($strSubAction == 'settings') {
    $arrSettings = clsDB::getListStatic('setting');
    print "<table>";
    print "<tr>";
    print "<td>Name</td><td>Value</td><td>Comments</td><td>Save</td>";
    print "</tr>";
    foreach ($arrSettings as $objSetting) {
        print "<form action='index.php' method='get'>";
        print $objSetting->getHiddenField('id');
        print "<input type='hidden' name='action'    value='admin'>";
        print "<input type='hidden' name='subaction' value='settings_save'>";
Example #13
0
 /** Same as getOptionsFromList, except it uses an array of arrays (such as is returned by selectQuery()).  */
 public static function getOptionsFromArray($strTableName, $arrDB, $strValueElement = 'name', $strKeyElement = 'id', $strZeroCaption = 'Please make a selection')
 {
     return clsDB::getOptionsFromList(clsDB::arrayToObjects($strTableName, $arrDB), $strValueElement, $strKeyElement, $strZeroCaption);
 }
Example #14
0
     $objAlbum->set('mime', DEFAULT_MIME);
 }
 /* The template that looks after the edit page. */
 $objEditTemplate = new clsTemplate('editalbum');
 $objEditTemplate->setText('HIDDEN', $objAlbum->getHiddenField('id'));
 $objEditTemplate->setText('HIDDEN', $objAlbumGuest->getHiddenField('id'));
 $objEditTemplate->setText('HIDDEN', $objAlbumMember->getHiddenField('id'));
 $objEditTemplate->setText('HIDDEN', $objAlbumGroup->getHiddenField('id'));
 $objEditTemplate->setText('HIDDEN', $objAlbum->getHiddenField('album_id'));
 $objEditTemplate->setText('HIDDEN', "<input type='hidden' name='action' value='albums'>");
 $objEditTemplate->setText('HIDDEN', "<input type='hidden' name='subaction' value='save'>");
 $objEditTemplate->setText('MAXWIDTH', MAX_X);
 $objEditTemplate->setText('MAXHEIGHT', MAX_Y);
 $objEditTemplate->setText('NAME', $objAlbum->getTextField('name', new clsParameters('SIZE', 40)));
 $objEditTemplate->setText('PARENT', $objParent->isNew() ? "n/a" : $objParent->get('name'));
 $objEditTemplate->setText('GROUP', $objAlbum->getCombo('group_id', clsDB::getOptionsFromList(clsGroup::getGroups($objUser), 'name', 'id', "No group.")));
 $objEditTemplate->setText('CAPTION', $objAlbum->getTextArea('caption', 4, 45));
 $objEditTemplate->setText('EXPORTKEY', $objAlbum->getTextField('export_tag', new clsParameters('SIZE', 4)));
 $objEditTemplate->setText('WIDTH', $objAlbum->getTextField('max_width', new clsParameters('SIZE', 3)));
 $objEditTemplate->setText('HEIGHT', $objAlbum->getTextField('max_height', new clsParameters('SIZE', 3)));
 $objEditTemplate->setText('MIME', $objAlbum->getTextField('mime'));
 $strGroup = '';
 $strGroup .= "View pictures? " . $objAlbumGroup->getCombo('allow_view', $arrOptions) . "<br>";
 $strGroup .= "Rate pictures? " . $objAlbumGroup->getCombo('allow_rate', $arrOptions) . "<br>";
 $strGroup .= "Post pictures? " . $objAlbumGroup->getCombo('allow_post_picture', $arrOptions) . "<br>";
 $strGroup .= "Post comments? " . $objAlbumGroup->getCombo('allow_post_comment', $arrOptions) . "<br>";
 $strGroup .= "Delete pictures? " . $objAlbumGroup->getCombo('allow_delete_picture', $arrOptions) . "<br>";
 $strGroup .= "Create sub-albums?" . $objAlbumGroup->getCombo('allow_create_subalbum', $arrOptions) . "<br>";
 $objEditTemplate->setText('GROUPPERMISSIONS', $strGroup);
 $strMember = '';
 $strMember .= "View pictures? " . $objAlbumMember->getCombo('allow_view', $arrOptions) . "<br>";
	<title>Installation de la Base de donnée pour XI-PHP.</title>
</head>

<body>

<?php 
/**
 * Installation de la Base de donnée pour XI-PHP.
 */
require_once './inc/clsDB.php';
clsKernel::ShowInfoXIPHP();
echo " <h1>Installation de la requête SQL -> config.sql</h1> ";
echo ' <p>
    	Vérifier que vous avez bien configurer le fichier "connect.php" pour que
		la requête SQL s\'exécute correctement.
	</p><br />';
try {
    $oDB = new clsDB();
    if (!$oDB->RunQueryFromFile('./config/config.sql')) {
        throw new Exception(clsKernel::Lng('ERR_9111'), 9111);
    }
    echo 'Installation terminé avec succes.';
} catch (Exception $e) {
    clsKernel::ShowException($e);
}
$oDB = null;
?>

</body>

</html>
Example #16
0
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">

<head>
	<title>Test de la classe clsDB</title>
</head>

<body>
	<h1>Test de la classe clsDB</h1>

<?php 
require_once './inc/clsDB.php';
// Affichage des infos du projet
clsKernel::ShowInfoXIPHP();
$oDB = new clsDB();
$tData = array('txt' => 'Text Add 1', 'numb' => 455);
echo $oDB->Add('test', $tData);
$tData = array('txt' => 'Text Add 2', 'numb' => 456);
echo $oDB->Add('test', $tData);
$tData = array('txt' => 'Text Add 3', 'numb' => 457);
echo $oDB->Add('test', $tData);
$tData = array('txt' => 'Text Add 2b', 'numb' => 4561);
echo $oDB->Update('test', $tData, 'numb=456');
echo $oDB->Delete('test', 'id>2 and id<5');
$oDB = null;
?>

	<p>Requête exécuté.</p>

</body>
Example #17
0
 public function getGenreRssUrls($genre = "")
 {
     $db = new clsDB();
     //DBコネクション
     if ($db->connect() == -1) {
         $this->errormsg = $db->errormsg;
         return -1;
     }
     //取得SQL
     $sql = "select GENRE, SITE_NAME, SITE_URL from mst_rss ";
     if ($genre != "") {
         $sql .= " where GENRE = '" . $genre . "' ";
     }
     //SQL生成
     $db->setSQL($sql);
     //SQL実行
     if ($db->execute() == -1) {
         //dbクローズ
         $db->close();
         $this->errormsg = $db->errormsg;
         return -1;
     }
     //結果取得
     while ($db->fetch()) {
         //追加インデックスを取得
         if (!isset($this->rss_urls)) {
             $idx = 0;
         } else {
             $idx = count($this->rss_urls);
         }
         //リクエストURLの追加
         $this->rss_urls[$idx] = new urlRssapi();
         $this->rss_urls[$idx]->genre = $db->row('GENRE');
         $this->rss_urls[$idx]->site_name = $db->row('SITE_NAME');
         $this->rss_urls[$idx]->rss_url = $db->row('SITE_URL');
     }
     //dbクローズ
     $db->close();
     return 0;
 }
Example #18
0
     $objUser = clsUser::getCookie();
 } else {
     $objUser = $_SESSION['objUser'];
 }
 /* This re-loads the user object in case it's changed. */
 if ($objUser) {
     $objUser = new clsUser($objUser->get('id'));
 }
 if ($objUser && $objUser->isNew()) {
     $objUser = null;
 }
 if (!preg_match('/^[a-zA-Z2-9_-]*$/', $strAction)) {
     throw new Exception(ERRORMSG_INVALID);
 }
 $objTemplate = new clsTemplate('default');
 $objTemplate->setText('SCRIPT', clsDB::initializeJS());
 $objTemplate->setText('TITLE', "OSPAP2");
 /* Inline CSS for advanced. */
 $objTemplate->setText('HEAD', clsUser::getAdvancedStyle($objUser));
 if (isset($_REQUEST['error']) && isset($arrMessages[$_REQUEST['error']])) {
     $objTemplate->setText('ERROR', $arrMessages[$_REQUEST['error']]);
 } else {
     if (isset($_REQUEST['message']) && isset($arrMessages[$_REQUEST['message']])) {
         $objTemplate->setText('MESSAGE', $arrMessages[$_REQUEST['message']]);
     }
 }
 $objTemplate->setScript('MENU', 'menu');
 $objTemplate->setScript('LOGO', 'logo');
 $objTemplate->setText('COPYRIGHT', "Written by <a href='mailto:ronospap@skullsecurity.org'>Ron</a>. This page and code are public domain. Code is available upon request. No warranty or promises of any kind.");
 switch ($strAction) {
     case '':
Example #19
0
 public static function getNewComments($objUser)
 {
     $arrPictures = clsDB::selectQueryObjects('comment', "\n\t\t\t\t\tSELECT * \n\t\t\t\t\t\t\t, `<<comment><id>>` AS COMMENTFILTER \n\t\t\t\t\t\tFROM `<<tbl><comment>>`\n\t\t\t\t\t\t\tJOIN `<<tbl><picture>>` ON `<<foreign><comment><picture>>`=`<<picture><id>>`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`<<isdel><comment>>`='0'\n\t\t\t\t\t\t\tAND `<<isdel><picture>>`='0'\n\t\t\t\t\t\t\tAND `<<picture><confirmed>>`='1'\n\t\t\t\t\t\t\tAND `<<foreign><picture><user>>`='" . $objUser->get('id') . "' \n\t\t\t\t\t\t\tAND `<<comment><id>>` NOT IN\n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\tSELECT `<<comment><id>>`\n\t\t\t\t\t\t\t\t\tFROM `<<tbl><usercommentview>>` \n\t\t\t\t\t\t\t\t\t\tJOIN `<<tbl><comment>>` ON `<<foreign><usercommentview><comment>>`=`<<comment><id>>`\n\t\t\t\t\t\t\t\t\t\tJOIN `<<tbl><picture>>` ON `<<foreign><comment><picture>>`=`<<picture><id>>`\n\t\t\t\t\t\t\t\t\tWHERE `<<isdel><comment>>`='0'\n\t\t\t\t\t\t\t\t\t\tAND `<<isdel><usercommentview>>`='0'\n\t\t\t\t\t\t\t\t\t\tAND `<<isdel><picture>>`='0'\n\t\t\t\t\t\t\t\t\t\tAND `<<picture><confirmed>>`='1'\n\t\t\t\t\t\t\t\t\t\tAND `<<foreign><usercommentview><user>>`='" . $objUser->get('id') . "'\n\t\t\t\t\t\t\t\t\t\t" . ($blnAllPictures ? "" : " AND `<<foreign><picture><user>>`='" . $objUser->get('id') . "' ") . "\n\t\t\t\t\t\t\t\t\t\tAND `<<comment><id>>`=`COMMENTFILTER`\n\t\t\t\t\t\t\t)\n\t\t\t\t\t\t");
     return $arrPictures;
 }