public function getDatabaseRow()
{
$sanitizer = new Sanitizer();
$stmt = DatabaseFactory::getInstance()->prepareSelectById('finance_accounts', $sanitizer->filterUint('id'), 'title', 'assigned_to');
$stmt->execute();
return $stmt->fetchRowNotNull();
}
public function __construct()
{
parent::__construct('formCreateFinanceEntry', 'Create Finance Entry');
$sanitizer = new Sanitizer();
$this->addElement(new ElementInput('description', 'Description'));
$this->addElement(new ElementNumeric('amount', 'Amount'));
$this->addElement(new ElementHidden('account', 'Account', $sanitizer->filterUint('account')));
$this->addDefaultButtons();
}
public function __construct($gallery, $filename)
{
parent::__construct('editImageForm');
$sanitizer = new Sanitizer();
$gallery = $sanitizer->filterUint('gallery');
$filename = $sanitizer->filterString('filename');
$sql = 'SELECT i.filename, i.gallery, i.caption, i.promo, i.published, g.title FROM images i, galleries g WHERE i.gallery = g.id AND g.id = :gallery AND i.filename = :filename LIMIT 1';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':gallery', $gallery);
$stmt->bindValue(':filename', $filename);
$stmt->execute();
if ($stmt->numRows() == 0) {
throw new Exception('Image entry not found in the database. The image may exist on the filesystem.');
}
$current = $stmt->fetchRow();
$this->addElement(new ElementHidden('mode', null, 'editImage'));
$this->addElement(new ElementHidden('gallery', null, $gallery));
$this->addElement(new ElementHidden('filename', null, $filename));
$this->addElement(new ElementInput('caption', 'Caption', $current['caption']));
$this->addElement(new ElementCheckbox('promo', 'Promotional image', $current['promo'], 'Is this image a promotional image? Promotional images are used on the homepage.'));
$this->addElement(new ElementCheckbox('published', 'Published', $current['published']));
$this->addButtons(Form::BTN_SUBMIT);
$this->setTitle('<a href = "gallery.php">Galleries</a> » Gallery: <a href = "viewGallery.php?id=' . $gallery . '">' . $current['title'] . '</a> » Edit image');
}
require_once 'includes/common.php';
require_once 'includes/classes/Group.php';
require_once 'includes/classes/FormUpdateGroupPrivileges.php';
require_once 'includes/classes/FormGroupEdit.php';
require_once 'includes/classes/FormGroupCreate.php';
use libAllure\Sanitizer;
use libAllure\Session;
use libAllure\DatabaseFactory;
use libAllure\ElementHidden;
use libAllure\User;
$sanitizer = new Sanitizer();
$action = $sanitizer->filterString('action');
switch ($action) {
case 'makePrimary':
Session::requirePriv('GROUP_PRIMARY');
$groupId = $sanitizer->filterUint('group');
$userId = $sanitizer->filterUint('user');
$sql = 'UPDATE users SET `group` = :groupId WHERE id = :userId LIMIT 1';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':groupId', $groupId);
$stmt->bindValue(':userId', $userId);
$stmt->execute();
redirect('profile.php?id=' . $userId, 'Primary group changed for user.');
break;
case 'delete':
Session::requirePriv('GROUP_DELETE');
try {
$id = $sanitizer->filterUint('id');
$group = new Group($id);
} catch (Exception $e) {
$tpl->error('Group not found');
<?php
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
require_once 'libAllure/Sanitizer.php';
use libAllure\DatabaseFactory;
use libAllure\Sanitizer;
$sanitizer = new Sanitizer();
$sql = 'SELECT a.id, a.title FROM finance_accounts a WHERE a.id = :id ';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':id', $sanitizer->filterUint('id'));
$stmt->execute();
$tpl->assign('account', $stmt->fetchRow());
$sql = 'SELECT t.id, t.amount, t.description, t.timestamp FROM finance_transactions t WHERE t.account = :accountId';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue('accountId', $sanitizer->filterUint('id'));
$stmt->execute();
$tpl->assign('listTransactions', $stmt->fetchAll());
$tpl->display('viewFinanceAccount.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/common.php';
require_once 'libAllure/Inflector.php';
use libAllure\Sanitizer;
use libAllure\FormHandler;
use libAllure\Inflector;
$sanitizer = new Sanitizer();
$gallery = $sanitizer->filterUint('gallery');
$filename = $sanitizer->filterString('filename');
$handler = new FormHandler('FormGalleryImageEdit', $tpl);
$handler->setConstructorArgument(0, $gallery);
$handler->setConstructorArgument(1, $filename);
$handler->setRedirect('viewGalleryImage.php?gallery=' . $gallery . '&filename=' . $filename, 'Gallery image edited.');
$handler->handle();
<?php
use libAllure\HtmlLinksCollection;
use liballure\Sanitizer;
$sanitizer = new Sanitizer();
$menu = new HtmlLinksCollection('View Finance Account');
$menu->add('form.php?form=FormCreateFinanceEntry&account=' . $sanitizer->filterUint('id'), 'Create finance entry');
$menu->add('updateFinanceAccount.php?id=' . $sanitizer->filterUint('id'), 'Update');
$menu->addIf($sanitizer->filterUint('id') != 1, 'deleteFinanceAccount.php?id=' . $sanitizer->filterUint('id'), 'Delete');
$tpl->assign('links', $menu);
$tpl->display('sidebarLinks.tpl');
<?php
require_once 'includes/common.php';
use libAllure\Sanitizer;
$sanitizer = new Sanitizer();
$gallery = Galleries::GetById($sanitizer->filterUint('gallery'));
$image = Galleries::getImage($sanitizer->filterString('filename'), $gallery);
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
Galleries::getPrevNext($image['filename'], $gallery, $prev, $next, $cii, $count);
$tpl->assign('imageNumber', $cii + 1);
$tpl->assign('imageCount', $count);
$tpl->assign('prevFilename', $prev);
$tpl->assign('nextFilename', $next);
$tpl->assign('image', $image);
$tpl->assign('gallery', $gallery);
if (strpos($image['filename'], '.jpg') != null) {
$tpl->assign('exifData', \libAllure\array_flatten(@exif_read_data($gallery['fullPath'] . $image['filename'])));
} else {
$tpl->assign('exifData', null);
}
$tpl->display('viewGalleryImage.tpl');
require_once 'includes/widgets/footer.php';
<?php
require_once 'includes/common.php';
require_once 'includes/classes/FormUpdateAvatar.php';
use libAllure\Session;
use libAllure\Sanitizer;
requireLogin();
if (!Session::hasPriv('CHANGE_AVATAR')) {
redirect('account.php', 'You do not have permission to change you avatar.');
}
if (isset($_REQUEST['user']) && Session::hasPriv('CHANGE_OTHERS_AVATAR')) {
$sanitizer = new Sanitizer();
$user = $sanitizer->filterUint('user');
} else {
$user = Session::getUser()->getId();
}
$f = new FormUpdateAvatar($user);
if ($f->validate()) {
$f->process();
redirect('updateAvatar.php?user='******'Avatar updated.');
}
require_once 'includes/widgets/header.php';
require_once 'includes/widgets/sidebar.php';
echo '<div class = "box"><h2><a href = "account.php">Account</a> » Avatar</h2>';
$avatar = 'resources/images/avatars/' . $user . '.png';
if (!file_exists($avatar)) {
$avatar = 'resources/images/defaultAvatar.png';
}
echo '<div style = "width:20%; display: inline-block; vertical-align: top;">';
echo '<img src = "' . $avatar . '" alt = "avatar" />';
echo '</div>';
