/**
* quickbox::__construct()
*
* @param array $init Initialization configuration
*
* Constructor which basically creates quickbox
* and readies it for doing things.
*/
public function __construct ($init)
{
# We need to include initialize the config class because it allows us to get and
# set configuration variables without using a global
require $init['quickbox/path'] . '/classes/core/config.class.php';
config::init($init);
define(DEBUG, config::get('debug'));
# Start a database connection
$this->db = new database();
try
{
$this->db->init();
} catch (Exception $e)
{
trigger_error(text::get('system/fatalError',$e->getMessage()), E_USER_ERROR);
}
require $init['quickbox/path'] . '/classes/core/metaclass.class.php';
metaclass::init($this->db);
# Put the post and get variables into a private for later use.
$_POST = $_POST;
$this->qbGet = $_GET;
# Start the session, giving it the database connection.
$this->qbSession = new session($this->db);
if ($this->qbGet['page'] == 'logout')
{
$this->qbSession->logout();
}
$this->qbSession->checkCookie();
if (strlen($_POST['user']) > 0 && $_POST['login'] == 1)
{
$this->qbErrors['login'] = $this->qbSession->login($_POST['user'], $_POST['password']);
}
$this->qbPage = ($_GET['page'] ? janitor::cleanData($_GET['page']) : 'home');
}
public function checkCookie ($cookie)
{
$user = janitor::cleanData($cookie['user'], 'sql');
$query = new query();
$query->select()->from('userUsers')->joinLeft('userGroups', 'userUsers.group', 'id')->where('username', $user)->limit(
'1');
$result = $this->sDb->query($query);
if ($this->sDb->numRows($result) > 0)
{
$data = $this->sDb->assoc($result);
if ($cookie['hash'] == md5(md5($data['email']) . $data['email']))
{
$query = new query();
$this->user = $user;
$this->userData = $data;
$this->setCookie($user, $_SESSION['userdata']['email']);
$this->setSession();
}
}
}
function output ()
{
# Make GET and POST safe for the template if there are no magicquotes
$safePost = janitor::cleanData($_POST);
$safeGet = janitor::cleanData($_GET);
include $this->dInclude;
# Standard page data
include $this->dispatcherPath("standardPage");
$this->dOutput['debug'] = config::get('quickbox/debug');
$this->dOutput['pageName'] = $this->dPageName;
$this->dOutput['path'] = $this->dPage['path'];
$this->dOutput['hostpage'] = $this->dPage['hostpage'];
$this->dOutput['title'] = $this->dPage['title'];
$this->dOutput['sCssId'] = $this->dPage['sCssId'];
$this->dOutput['sName'] = $this->dPage['sName'];
$this->dOutput['sTitle'] = $this->dPage['sTitle'];
$this->dOutput['pageTitle'] = ($this->dOutput['pageTitle'] ? $this->dOutput['pageTitle'] : $this->dPage['pageTitle']);
$this->dOutput['pagePrefix'] = config::get('site/pagePrefix');
$this->dOutput['htmlRoot'] = config::get('site/htmlRoot');
$this->dOutput['pageVars'] = $this->dPage['pageVars'];
$this->dOutput['isDefaultPage'] = ($this->dPage['sDefaultPage'] == $this->dPageName ? true : false);
return $this->dOutput;
}
</h3>
<?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['existant']['invalid'])): ?>
<?php foreach($this->tData['form']['validation']['existant']['invalid'] as $k): ?>
<p class="warningtext"><?php echo $k?> is invalid.</p>
<?php endforeach; ?>
<?php endif; ?>
<?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['untaken']['invalid'])): ?>
<?php foreach($this->tData['form']['validation']['untaken']['invalid'] as $k => $v): ?>
<p class="warningtext"><?php echo $k?> ‘<?php echo $v?>’ already exists.</p>
<?php endforeach; ?>
<?php endif; ?>
<?php if($this->tData['form']['validation']['passed']): ?>
<p class="infotext">Database Updated.</p>
<?php endif; ?>
<form
action="<?php echo $tData['pagePrefix']?>admin/content<?php echo janitor::getUrlString(($_GET['id'] ? "id=".$_GET['id'] : null)."&commit=true")?>"
method="POST">
<p><label for="qbPageId"> Page: </label> <select name="qbPageId">
<option value="">Select a Page...</option>
<?php foreach($this->tData['form']['pages'] as $a => $b): ?>
<option
value="<?php echo (strpos($a,'sect') !== false ? '' : $a)?>"
<?php echo ($a == $form['qbPageId'] ? 'selected' : '')?>><?php echo $b?></option>
<?php endforeach; ?>
</select></p>
<p><label for="name"> Name: </label> <input type="text" name="name"
value="<?php echo $form['name']?>" /></p>
<p><label for="title"> Identifiable Title: </label> <input type="text"
name="title" value="<?php echo $form['title']?>" /></p>
<p>Hints: To get a page URL relative to the site root, type
{page}page_name - Instead of worrying about relative/absolute links etc.
<h3><?php echo ($this->tData['form']['editing'] ? 'Edit' : 'Add')?> Subpage</h3>
<?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['existant']['invalid'])): ?>
<?php foreach($this->tData['form']['validation']['existant']['invalid'] as $k): ?>
<p class="warningtext"><?php echo $k?> is invalid.</p>
<?php endforeach; ?>
<?php endif; ?>
<?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['untaken']['invalid'])): ?>
<?php foreach($this->tData['form']['validation']['untaken']['invalid'] as $k => $v): ?>
<p class="warningtext"><?php echo $k?> ‘<?php echo $v?>’ already exists.</p>
<?php endforeach; ?>
<?php endif; ?>
<?php if($this->tData['form']['validation']['passed']): ?>
<p class="infotext">Database Updated.</p>
<?php endif; ?>
<form
action="<?php echo $this->tData['pagePrefix']?>admin/subPages<?php echo janitor::getUrlString("&id=".$_GET['id']."&commit=true")?>"
method="POST">
<p><label for="title"> Group Title: </label> <input type="text"
name="title" value="<?php echo $form['title']?>" /></p>
<p><label for="qbPageNameLinked"> Linked to Page: </label> <select
name="qbPageNameLinked">
<?php foreach($this->tData['form']['pages'] as $a => $b): ?>
<option
value="<?php echo (strpos($a,'sect') !== false ? '' : $a)?>"
<?php echo ($a == $form['qbPageNameLinked'] ? 'selected' : '')?>><?php echo $b?></option>
<?php endforeach; ?>
</select></p>
<p><label for="order"> Order: </label> <input type="text" name="order"
style="width: 30px;" value="<?php echo $form['order']?>" /></p>
<p style="text-align: center;"><input type="hidden" name="id"
value="<?php echo $form['id']?>" /> <input type="submit"
$this->dOutput['form']['validation']['existant'] = $dValidator->arrayItems($this->dOutput['form']['data'],
$necessaryItems);
$this->dOutput['form']['validation']['untaken'] = $dValidator->isTaken($this->dOutput['form']['data'], $uniqueItems,
'qbUsers');
if (! isset($this->dOutput['form']['validation']['existant']['invalid']) && ! isset(
$this->dOutput['form']['validation']['untaken']['invalid']))
{
# Telling template all went okay
$this->dOutput['form']['validation']['passed'] = true;
# Sanitizing our input
foreach ($this->dOutput['form']['data'] as $k => $v)
{
$cleanData[$k] = $this->db->escape($v);
}
$passwd = janitor::passwd($cleanData['password']);
# Queries are here.
if ($this->dOutput['form']['editing'])
{
$query = "UPDATE `qbUsers` SET
`user` = '" . $cleanData['user'] . "',
`email` = '" . $cleanData['email'] . "',
`fullname` = '" . $cleanData['fullname'] . "',
" . ($cleanData['password'] == "(no change)" ? '' : "`password` = '" .
$passwd['passwd'] . "',") . "
" . ($cleanData['password'] == "(no change)" ? '' : "`salt` = '" .
$passwd['salt'] . "',") . "
`accessLevel` = '" . $cleanData['accessLevel'] . "'
WHERE `qbUsers`.`user` = '" . $cleanData['user'] . "' LIMIT 1 ;";
} else
{
public static function get ()
{
return (janitor::notNull($_SESSION['locale']) ? $_SESSION['locale'] : 'en');
}
/**
* database::assoc()
*
* @param mixed $result
* @return array Associative array of items.
*/
public function assoc ($result)
{
$result = mysql_fetch_assoc($result);
if ($this->brokenEncoding == true)
{
$result = janitor::utfEncode($result);
}
return $result;
}
$query->select('id')->from('articles')->where('name', $name)->limit('1');
$result = $this->db->query($query);
$row = $this->db->assoc($result);
$article = metaclass::load('article', $row['id']);
$this->dOutput['article']['header'] = $article->getProperty('title');
$this->dOutput['article']['date'] = janitor::formatMysqlDateTime($article->getProperty('date'), 'l jS F, Y');
$this->dOutput['article']['fulltext'] = $md->process($article->getProperty('fulltext'));
$this->dOutput['pageTitle'] = $article->getProperty('title');
} else
{
$query = new query();
$query->select(array (
'id' ,
'name' ,
'date' ,
'title' ,
'preview'
))->from('articles')->order('date', 'desc');
$result = $this->db->query($query);
$i = 0;
while ($row = $this->db->assoc($result))
{
$this->dOutput['articles']['listing'] = true;
$row['dateLink'] = $row['name'];
$this->dOutput['articles']['articles'][$i] = $row;
$this->dOutput['articles']['articles'][$i]['preview'] = $md->process($row['preview']);
$this->dOutput['articles']['articles'][$i]['date'] = janitor::formatMysqlDateTime($row['date'], 'jS M, Y');
$i ++;
}
}
?>
<?php $form = $this->tData['form']['data']; ?>
<?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['existant']['invalid'])): ?>
<?php foreach($this->tData['form']['validation']['existant']['invalid'] as $k): ?>
<p class="warningtext"><?php echo $k?> is invalid.</p>
<?php endforeach; ?>
<?php endif; ?>
<?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['untaken']['invalid'])): ?>
<?php foreach($this->tData['form']['validation']['untaken']['invalid'] as $k => $v): ?>
<p class="warningtext"><?php echo $k?> ‘<?php echo $v?>’ already exists.</p>
<?php endforeach; ?>
<?php endif; ?>
<?php if($this->tData['form']['validation']['passed']): ?>
<p class="infotext">Database Updated.</p>
<?php endif; ?>
<form
action="<?php echo $this->tData['pagePrefix']?>admin/pages<?php echo janitor::getUrlString("&name=".$_GET['name']."&commit=true")?>"
method="POST">
<p><label for="name"> Internal Name: </label> <input type="text"
name="name" value="<?php echo $form['name']?>" /></p>
<p><label for="title"> Title: </label> <input type="text" name="title"
value="<?php echo $form['title']?>" /></p>
<p><label for="pageTitle"> Page Title: </label> <input type="text"
name="pageTitle" value="<?php echo $form['pageTitle']?>" /></p>
<p><label for="qbDispatcher"> Dispatcher: </label> <input type="text"
name="qbDispatcher" value="<?php echo $form['qbDispatcher']?>" /></p>
<p><label for="path"> Template: </label> <input type="text" name="path"
value="<?php echo $form['path']?>" /></p>
<p><label for="order"> Order: </label> <input type="text" name="order"
style="width: 30px;" value="<?php echo $form['order']?>" /></p>
<p><label for="visible"> Visible on Menu: </label> <input
type="checkbox" name="visible" style="width: 14px;"
public function save ()
{
# Set a registration date if one doesn't exist (ie, a new user).
if ($this->getProperty('registrationDate', true) == null)
{
$this->setProperty('registrationDate', date('Y-m-d'));
} else
{
$this->setProperty('registrationDate', $this->getProperty('registrationDate', true));
}
# Do not change password if password boxes are empty.
if ($this->getProperty('password') == null)
{
$this->setProperty('password', $this->getProperty('password', true));
$this->setProperty('password_check', $this->getProperty('password', true));
$this->setProperty('salt', $this->getProperty('salt', true));
}
# Only change password if different from old password.
if ($this->originalProperties['password'] != $this->properties['password'])
{
$newPass = janitor::passwd($this->getProperty('password'));
$newPassCheck = janitor::passwd($this->getProperty('password_check'), $newPass['salt']);
$this->setProperty('password', $newPass['passwd']);
$this->setProperty('password_check', $newPassCheck['passwd']);
$this->setProperty('salt', $newPass['salt']);
}
$this->saveObject();
}
<script type="text/javascript">
<!--
function deleteitem(id,name,url){
var answer = confirm ("Are you sure you wish to delete \"" + name + "\"")
if (answer){
window.location= url + "<?php
echo janitor::getUrlString("&delete=")?>" + id
}
}
// -->
</script>
<?php if($_GET['mode'] != 'single' && !$_GET['id']): ?>
<h5><button type="button" onclick="window.location= '<?php
echo $tData['baseurl']?>?mode=single'" class="button neutral"><img src="<?php
echo config::get('site/htmlRoot')?>qbres/images/new.png"/> <?php echo text::get('scaffold/createnew') ?></button></h5>
<hr />
<?php
echo $tData['table']?>
<?php else: ?>
<h5><button type="button" onClick="window.location = '<?php
echo $tData['baseurl']?>?mode='" class="button neutral"> <img src="<?php
echo config::get('site/htmlRoot')?>qbres/images/back.png"/><?php echo text::get('scaffold/returntoitems') ?></button></h5>
<hr />
</div>
</form>
<div>
<h4><a href="<?php echo $this->tData['pagePrefix']?>admin/users">Create
New...</a></h4>
</div>
<table style="width: 98%; margin: 10px;">
<th>Table of Users</th>
<th>E-Mail</th>
<th>Full Name</th>
<th>Access Level</th>
<th></th>
<?php foreach($this->tData['form']['userlist'] as $k => $v): ?>
<tr>
<td><a
href="<?php echo $this->tData['pagePrefix']?>admin/users<?php echo janitor::getUrlString("&user=$k")?>"><?php echo $k?></a>
</td>
<td>
<?php echo $v['email'] ?>
</td>
<td>
<?php echo $v['fullname'] ?>
</td>
<td style="width: 40px">
<?php echo $v['accessLevel'] ?>
</td>
<td style="width: 50px"><a
href="javascript:deleteuser('<?php echo $k?>')">[x]</a></td>
</tr>
<?php endforeach; ?>
</table>
public static function utfEncode ($data)
# getting rid of some weird characters in the database.
{
if (is_array($data))
{
foreach ($data as $k => $v)
{
$data[$k] = janitor::utfEncode($v);
}
} else
{
# Actual processing
$data = utf8_encode($data);
}
return $data;
}
public function makeTable ($fields = false)
{
if (! $fields)
{
$fields[] = 'id';
foreach ($this->definitions as $k => $v)
{
if ($v['ontable'])
{
$fields[] = $k;
}
if ($v['linkfield'])
{
$linkfield = $k;
}
}
}
$fields2['id'] = "ID";
foreach ($fields as $v)
{
$fields2[$v] = $this->definitions[$v]['title'];
}
$fields2['delete'] = "";
$table = new table($fields2, array (
'class' => 'span-16'
));
$fieldsList = metaclass::getItems($this->table, $fields, $this->keyField);
foreach ($fieldsList as $k => $v)
{
$v['delete'] = text::get('form/delete');
$table->addRow($v,
array (
$linkfield => array (
'type' => 'link' ,
'href' => $this->urlbase . '?id=' . $v['id']
) ,
'delete' => array (
'type' => 'link' ,
'href' => 'javascript:deleteitem(\'' . $v['id'] . '\',\'' . janitor::cleanData(
$v['title']) . '\',\'' . $this->urlbase . '\')'
)
));
}
return $table->output();
}
/**
* Creates a table in the image of the property definitions supplied to it.
*
* @param string $tableName What the table will be called.
* @param array $propertyDefinitions The structure of the table.
*
* @todo Need to make this use the query class.
*/
private static function createTable ($tableName, $propertyDefinitions)
{
$query .= " CREATE TABLE `" . metaclass::$db->getProperty('database') . "`.`$tableName` (\n";
$query .= " `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,\n";
foreach ($propertyDefinitions as $k => $v)
{
$vars = metaclass::getClassVars($v['type'], 'datatypes');
$querylines[] .= "`$k` " . (janitor::notNull($vars['fieldtype']) ? $vars['fieldtype'] : 'VARCHAR( 255 )') .
" NOT NULL ";
}
$query .= implode(",\n", $querylines);
$query .= ")";
metaclass::$db->query($query);
metaclass::$tablesLoaded[] = $tableName;
}
