public function validate($in = false)
{
$valid = http_request::getString($this->name, false, false);
if (($valid == false || $valid == "") && $this->required == true) {
return false;
}
return $valid;
}
protected function uploadFile($value)
{
$uploadPressed = http_request::getString('upload');
$fileExists = false;
if ($value == "4d988458b51093c7ee3a4e1582b5fd9b" && $uploadPressed == 'Ladda upp') {
$value = $imgStr = randomString();
file::tempName($imgStr);
$fileExists = true;
}
$uploadState = file::append($this->name, $this->mimes, $this->max, $this->dir, $value);
if ($uploadPressed !== false && $uploadPressed == 'Ladda upp' && $uploadState === false) {
$this->error = 'Filuppladdningen misslyckades: för stor fil eller bild av ej tillåtet format.';
$this->value = sprintf('%s/%d.%s', $this->dir, 0, 'png');
return false;
}
$removePressed = http_request::getString('remove');
$doRemove = $removePressed !== false && in_array($removePressed, array('Ta bort Avatar', 'Ta bort Bild'));
if ($uploadState !== false) {
$bajs = fe($uploadState);
$fileExists = true;
$this->value = str_replace(ROOT . '/public/', '/', $uploadState);
$this->uploaded = true;
if (isset($_SESSION['fileTempName'])) {
$_SESSION['fileTempName'] = basename($this->value);
}
foreach ($this->mimes as $fe) {
$f = sprintf('%s/%s.%s', $this->dir, $value, $fe);
if (file_exists($f) && $fe != $bajs) {
file::remove($f);
}
}
if ($doRemove === true) {
file::remove($uploadState);
}
} else {
foreach ($this->mimes as $fe) {
$f = sprintf('%s/%s.%s', $this->dir, $value, $fe);
if (file_exists($f)) {
if ($doRemove === true) {
file::remove($f);
}
$fileExists = true;
$this->value = str_replace(ROOT . '/public/', '/', $f);
if (isset($_SESSION['fileTempName'])) {
$_SESSION['fileTempName'] = $this->value;
}
$this->uploaded = true;
break;
}
}
}
if ($fileExists === false) {
$this->value = sprintf('%s/%d.%s', $this->dir, 0, 'png');
}
return $fileExists ? true : false;
}
static function getModels()
{
// registry preparation
$registry = registry::getInstance();
// validate input
$modelId = http_request::getString('model');
$entityId = http_request::getString('entityId');
// get all models
$registry['models'] = new model_dir(ROOT . '/model');
}
public function validate($in = false)
{
$user =& user::getInstance();
if ($user->isOnline()) {
if ($this->editable) {
$this->value = http_request::getString('userid');
} else {
$this->value = $user->getId();
}
}
return false;
}
public function validate($in = false)
{
$passwordNotEditable = http_request::getString('passwdkeptsafe');
$valid = false;
if ($passwordNotEditable == 'yes') {
$this->editable = false;
$valid = true;
return $valid;
} else {
$isSecure = http_request::getPassword('password_give');
$valid = http_request::getPassword('password_give', 'password_confirm');
if ($valid === false) {
$this->error = "Ditt bekräftande stämmer ej överens med ditt önskade lösenord.";
return false;
}
if ($isSecure === false) {
$this->error = "Ditt önskade lösenord uppfyller ej kriterierna för att vara ett säkert lösenord.";
return false;
}
if ($isSecure && $valid) {
return $valid;
}
}
}
<?php
/**
* Basic getter api. Works on every valid model.
*/
if (empty($modelId)) {
$modelId = http_request::getString('modelId');
}
if (empty($id)) {
$id = http_request::getString('id');
}
if (empty($pres)) {
$pres = http_request::getString('format');
}
if (!$modelId) {
die('NO MODEL');
}
if (!file_exists(sprintf('%s/model/%s.php', ROOT, $modelId))) {
die('BAD MODEL');
}
$modelstr = 'model_' . strtr($modelId, '/', '_');
$model = new $modelstr();
if ($id) {
$data = $model->getEntity($id);
} else {
$data = $model->getSummary();
}
if ($pres == 'atom' || $pres == 'xml') {
ob_start();
require LIBRARY . '/view/atom.phtml';
$out = ob_get_clean();
<?php
$user = user::getInstance();
$registry = registry::getInstance();
// validate model and construct if correct.
$registry['modelLabel'] = http_request::getString('model');
if ($registry['modelLabel'] == false || !file_exists(ROOT . '/model/' . $registry['modelLabel'] . ".php")) {
throw new Exception("the model <b>" . $registry['modelLabel'] . "</b> does not exist in this application. It could have been removed, or has ever existed. Check the spelling and try again.");
}
$qryModel = "model_" . $registry['modelLabel'];
$model = new $qryModel();
// needed for the page header.
admin::getModels();
$registry['controls'] = $model->getEntityProperties();
// setup page
$registry['entities'] = $model->getSummary();
$registry['title'] = $registry['modelLabel'];
$registry['bclass'] = $registry['modelLabel'] . " list model";
//see if there is any custom template. Else,fall back on default.
$ct = sprintf("%s/view/cms/list/%s.phtml", ROOT, $registry['modelLabel']);
if (!file_exists($ct)) {
$ct = sprintf("%s/list/%s.phtml", VIEW, $registry['modelLabel']);
}
if (file_exists($ct)) {
$view = new view($ct);
$view->isFragment();
$registry['customList'] = $view->compile();
}
<?php
$registry = registry::getInstance();
admin::getModels();
$registry['modelLabel'] = http_request::getString('model');
$actionLabel = http_request::getString('action');
// validate action and store to registry
$validActions = array('new', 'edit');
if ($actionLabel == false || !in_array($actionLabel, $validActions)) {
$registry['actionLabel'] = 'list';
} else {
$registry['actionRoute'] = $actionLabel;
$registry['actionLabel'] = 'manage';
}
// see if there is any controller actions and include the file if so.
if ($actionLabel != false) {
$controller = sprintf("%s/pages/%s.php", CONTROLLER, $registry['actionLabel']);
if (file_exists($controller)) {
require $controller;
}
}
public function validate($in = false)
{
return http_request::getString('site');
}
*
* login script
* @author Anders Ytterström <*****@*****.**>
* @since 2007-08-13
*/
require '../init.php';
$registry =& registry::getInstance();
$user =& user::getInstance();
$model = new model_photos();
$modeld = new model_dir(IMAGES);
// fetch inputs
$name = http_request::getString('name');
$alt = http_request::getString('alt');
$body = http_request::getString('body');
//$delete = http_request::getCheckboxes('delete',array('1'));
$action = http_request::getString('action');
// conditions for further execution
if (!$user->isOnline()) {
http_response::redir('/login.php');
}
if (!$alt || !$body || $action == "new" && count($_FILES) == 0) {
echo $alt . "<br>";
echo $body . "<br>";
// redirect and tell user that input contained errors.
die("sopa");
}
// delete action is chosen, delete photo.
//if($delete[0] == '1') {
// $model->delete($name);
// http_response::redir('/admin/fotoalbum.php?success=delete');
//} else {
}
if ($missingRequiredUpload !== true) {
$value = $control->validate("4d988458b51093c7ee3a4e1582b5fd9b");
if ($control->editable == true && $control->name != 'tags' && !$control->isFile()) {
$checksum[$control->name] = $value === false ? 1 : 2;
$values[] = $value;
$sfvalues[$control->name] = $value;
}
if ($control->name == 'tags') {
$sfvalues[$control->name] = $value;
}
}
}
// if upload button was pressed, save and return
$uploadPressed = http_request::getString('upload');
$removePressed = http_request::getString('remove');
if ($uploadPressed !== false && in_array($uploadPressed, $validButtonLabels)) {
if ($missingRequiredUpload !== true) {
form::setSF($formId, $sfvalues, array_map('resetErrors', $sferrors));
}
$returnPath = sprintf("/admin/model/%s/new", $registry['modelLabel']);
} else {
if ($removePressed !== false && in_array($removePressed, $validButtonLabels)) {
if ($remember == true) {
form::setSF($formId, $sfvalues, array_map('resetErrors', $sferrors));
}
$returnPath = sprintf("/admin/model/%s/new", $registry['modelLabel']);
} else {
$formId = sprintf("%s%s", strtolower(substr($registry['actionRoute'], 0, strrpos($registry['actionRoute'], '.'))), ucfirst($registry['modelLabel']));
if (array_sum($checksum) == count($checksum) * 2) {
$entityId = $model->append($values);
<?php
/**
* do.login.php
*
* login script
* @author Anders Ytterström <*****@*****.**>
* @since 2007-08-13
*/
require 'init.php';
$registry =& registry::getInstance();
$user =& user::getInstance();
// fetch password
$password = http_request::getString('password');
// validate password
if (md5($password) == ADMIN_PASSWORD) {
// the password is ok, login
$user->login(1, 'admin', array(1));
http_response::redir('/admin/index.php');
} else {
$user->logInvalidLogin();
// wrong password, return to login form
http_response::redir('/login.php');
}
// no id, ad new entity to model
$done = newObj('model_' . $modelId)->append($in);
if (!$done) {
rest_utils::sendResponse($data, 500);
} else {
rest_utils::sendResponse($data, 201, $done);
$tags = http_request::getString('tags');
if ($tags) {
tag::set($modelId, $done, $tags);
}
}
}
break;
case 'put':
rest_utils::authenticate();
$in = newObj('entity_' . $modelId)->validate($data->getRequestVars(), sprintf('madr_%s_%s', $data->getMethod(), $modelId));
if (!$in) {
rest_utils::sendResponse($data, 400);
}
$post_vars = $data->getRequestVars();
newObj('model_' . $modelId)->update($in);
rest_utils::sendResponse($data, 201, $done);
$tags = http_request::getString('tags');
if ($tags) {
tag::set($modelId, $post_vars['id'], $tags);
}
break;
case 'delete':
rest_utils::sendResponse($data, 501, $done);
break;
}
public function validate($in = false)
{
return explode(' ', strtolower(trim(http_request::getString('tags', false, false))));
}
<?php
/**
* fotoalbum.php
*
* photoalbum admin page
* @author Anders Ytterström <*****@*****.**>
* @since 2007-12-29
*/
require '../../../init.php';
$registry =& registry::getInstance();
$user =& user::getInstance();
$view = new view(ROOT . '/view/admin/photos/edit.phtml');
$model = new model_photos();
if (!$user->isOnline()) {
http_response::redir('/login.php');
}
$imageName = http_request::getString('image');
if ($imageName !== false) {
$registry['imagedata'] = $model->getImage($imageName);
}
$formId = 'editPhoto';
$formNames = array('alt', 'body');
form::getSF($formId, $formNames);
$registry['sidebar'] = false;
echo $view->compile();
public function validate($in = false)
{
return http_request::getString($this->name, $this->min, $this->max);
}
<?php
/**
* do.login.php
*
* login script
* @author Anders Ytterström <*****@*****.**>
* @since 2007-08-13
*/
require '../../../init.php';
$registry =& registry::getInstance();
$user =& user::getInstance();
$model = new model_photos();
$name = http_request::getString('id');
$alt = http_request::getString('alt');
$body = http_request::getString('body');
if (!$user->isOnline()) {
http_response::redir('/login.php');
}
if (!$alt || !$body) {
form::setSF('editPhoto', array('alt' => $alt, 'body' => $body));
$_SESSION['msg'] = "badData";
http_response::redir('/admin/fotoalbum/redigera.php?id=' . $name);
}
$model->update($name, $alt, $body);
form::clearSF('editPhoto');
$_SESSION['success'] = true;
http_response::redir('/admin/fotoalbum/');
<?php
/**
* do.login.php
*
* login script
* @author Anders Ytterström <*****@*****.**>
* @since 2007-08-13
*/
require '../init.php';
$registry =& registry::getInstance();
$user =& user::getInstance();
$model = new model_content();
if (!$user->isOnline()) {
http_response::redir('/login.php');
}
$id = http_request::getString('id');
$body = http_request::getString('body');
$description = http_request::getString('description');
$title = http_request::getString('title');
$model->update($id, $title, $description, $body);
http_response::redir('/admin/innehall.php');
