function section_save()
{
global $txpcfg;
$in = psa(array('name', 'title', 'page', 'css', 'is_default', 'on_frontpage', 'in_rss', 'searchable', 'old_name'));
extract(doSlash($in));
if (empty($title)) {
$title = $name;
}
//Prevent non url chars on section names
include_once $txpcfg['txpath'] . '/lib/classTextile.php';
$textile = new Textile();
$title = $textile->TextileThis($title, 1);
$name = dumbDown($textile->TextileThis($name, 1));
$name = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $name));
if ($name == 'default') {
safe_update("txp_section", "page='{$page}',css='{$css}'", "name='default'");
} else {
if ($is_default) {
// note this means 'selected by default' not 'default page'
safe_update("txp_section", "is_default=0", "name!='{$old_name}'");
}
safe_update("txp_section", "name = '{$name}',\n\t\t\t\ttitle = '{$title}',\n\t\t\t\tpage = '{$page}',\n\t\t\t\tcss = '{$css}',\n\t\t\t\tis_default = '{$is_default}',\n\t\t\t\ton_frontpage = '{$on_frontpage}',\n\t\t\t\tin_rss = '{$in_rss}',\n\t\t\t\tsearchable = '{$searchable}'", "name = '{$old_name}'");
safe_update("textpattern", "Section='{$name}'", "Section='{$old_name}'");
}
sec_section_list(messenger('section', $name, 'updated'));
}
function import_mt_item($item, $section, $status, $invite)
{
# Untested import code follows
if (empty($item)) {
return;
}
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
$title = $textile->TextileThis($item['TITLE'], 1);
//nice non-english permlinks
$url_title = stripSpace(dumbDown($title));
$body = $item['BODY'][0]['content'] . (isset($item['EXTENDED_BODY']) ? "\n<!--more-->\n" . $item['EXTENDED_BODY'][0]['content'] : '');
$body_html = $textile->textileThis($body);
$excerpt = @$item['EXCERPT'][0]['content'];
$excerpt_html = $textile->textileThis($excerpt);
$date = strtotime($item['DATE']);
$date = date('Y-m-d H:i:s', $date);
if (isset($item['STATUS'])) {
$post_status = $item['STATUS'] == 'Draft' ? 1 : 4;
} else {
$post_status = $status;
}
$category1 = @$item['PRIMARY CATEGORY'];
if ($category1 and !safe_field("name", "txp_category", "name = '{$category1}'")) {
safe_insert('txp_category', "name='" . doSlash($category1) . "', type='article', parent='root'");
}
$keywords = @$item['KEYWORDS'][0]['content'];
$authorid = safe_field('user_id', 'txp_users', "name = '" . doSlash($item['AUTHOR']) . "'");
if (!$authorid) {
// $authorid = safe_field('user_id', 'txp_users', 'order by user_id asc limit 1');
//Add new authors
safe_insert('txp_users', "name='" . doSlash($item['AUTHOR']) . "'");
}
if (!safe_field("ID", "textpattern", "Title = '" . doSlash($title) . "' AND Posted = '" . doSlash($date) . "'")) {
safe_insert('textpattern', "Posted='" . doSlash($date) . "'," . "LastMod='" . doSlash($date) . "'," . "AuthorID='" . doSlash($item['AUTHOR']) . "'," . "LastModID='" . doSlash($item['AUTHOR']) . "'," . "Title='" . doSlash($title) . "'," . "Body='" . doSlash($body) . "'," . "Body_html='" . doSlash($body_html) . "'," . "Excerpt='" . doSlash($excerpt) . "'," . "Excerpt_html='" . doSlash($excerpt_html) . "'," . "Category1='" . doSlash($category1) . "'," . "AnnotateInvite='" . doSlash($invite) . "'," . "Status='" . doSlash($post_status) . "'," . "Section='" . doSlash($section) . "'," . "Keywords='" . doSlash($keywords) . "'," . "uid='" . md5(uniqid(rand(), true)) . "'," . "feed_time='" . substr($date, 0, 10) . "'," . "url_title='" . doSlash($url_title) . "'");
$parentid = mysql_insert_id();
if (!empty($item['COMMENT'])) {
foreach ($item['COMMENT'] as $comment) {
$comment_date = date('Y-m-d H:i:s', strtotime(@$comment['DATE']));
$comment_content = $textile->TextileThis(nl2br(@$comment['content']), 1);
if (!safe_field("discussid", "txp_discuss", "posted = '" . doSlash($comment_date) . "' AND message = '" . doSlash($comment_content) . "'")) {
safe_insert('txp_discuss', "parentid='" . doSlash($parentid) . "'," . "name='" . doSlash(@$comment['AUTHOR']) . "'," . "email='" . doSlash(@$comment['EMAIL']) . "'," . "web='" . doSlash(@$comment['URL']) . "'," . "ip='" . doSlash(@$comment['IP']) . "'," . "posted='" . doSlash($comment_date) . "'," . "message='" . doSlash($comment_content) . "'," . "visible='1'");
}
}
}
return $title;
}
return $title . ' already imported';
}
function section_update($id, $atts)
{
$old = safe_row('*', 'txp_section', "id='" . doSlash($id) . "'");
if (!$old) {
return false;
}
$rec = array_merge($old, $atts);
$default = section_default();
if (empty($rec['parent'])) {
$rec['parent'] = $default['id'];
}
if (empty($rec['name'])) {
$rec['name'] = dumbDown($rec['title']);
}
$res = safe_update_rec('txp_section', $rec, "id='" . doSlash($id) . "'");
if ($res) {
section_resolve_inheritance($id);
}
return $res;
}
function sanitizeForUrl($text)
{
// any overrides?
$out = callback_event('sanitize_for_url', '', 0, $text);
if ($out !== '') {
return $out;
}
$in = $text;
// Remove names entities and tags
$text = preg_replace("/(^|&\\S+;)|(<[^>]*>)/U", "", dumbDown($text));
// Dashify high-order chars leftover from dumbDown()
$text = preg_replace("/[€-ÿ]/", "-", $text);
// Collapse spaces, minuses, (back-)slashes and non-words
$text = preg_replace('/[\\s\\-\\/\\\\]+/', '-', trim(preg_replace('/[^\\w\\s\\-\\/\\\\]/', '', $text)));
// Remove all non-whitelisted characters
$text = preg_replace("/[^A-Za-z0-9\\-_]/", "", $text);
// Sanitizing shouldn't leave us with plain nothing to show.
// Fall back on percent-encoded URLs as a last resort for RFC 1738 conformance.
if (empty($text) || $text == '-') {
$text = rawurlencode($in);
}
return $text;
}
function sanitizeForUrl($text)
{
// any overrides?
$out = callback_event('sanitize_for_url', '', 0, $text);
if ($out !== '') {
return $out;
}
// Remove names entities and tags
$text = preg_replace("/(^|&\\S+;)|(<[^>]*>)/U", "", dumbDown($text));
// Dashify high-order chars leftover from dumbDown()
$text = preg_replace("/[€-ÿ]/", "-", $text);
// Collapse spaces, minuses, (back-)slashes and non-words
$text = preg_replace('/[\\s\\-\\/\\\\]+/', '-', trim(preg_replace('/[^\\w\\s\\-\\/\\\\]/', '', $text)));
// Remove all non-whitelisted characters
$text = preg_replace("/[^A-Za-z0-9\\-_]/", "", $text);
return $text;
}
function stripSpace($text, $force = 0)
{
global $prefs;
if ($force or !empty($prefs['attach_titles_to_permalinks'])) {
$text = dumbDown($text);
$text = preg_replace("/(^|&\\S+;)|(<[^>]*>)/U", "", $text);
if ($prefs['permalink_title_format']) {
$text = strtolower(preg_replace('/[\\s\\-]+/', '-', trim(preg_replace('/[^\\w\\s\\-]/', '', $text))));
return preg_replace("/[^A-Za-z0-9\\-]/", "", $text);
} else {
return preg_replace("/[^A-Za-z0-9]/", "", $text);
}
}
}
function sanitizeForUrl($text)
{
// Remove names entities and tags
$text = preg_replace("/(^|&\\S+;)|(<[^>]*>)/U", "", dumbDown($text));
// Collapse spaces, minuses and non-words
$text = preg_replace('/[\\s\\-]+/', '-', trim(preg_replace('/[^\\w\\s\\-]/', '', $text)));
// Remove all non-whitelisted characters
$text = preg_replace("/[^A-Za-z0-9\\-_]/", "", $text);
return $text;
}
function import_blogger_item($item, $section, $status, $invite)
{
# Untested import code follows
if (empty($item)) {
return;
}
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
$title = $textile->TextileThis($item['TITLE'], 1);
$url_title = stripSpace(dumbDown($title));
$body = $item['BODY'][0]['content'];
$body_html = $textile->textileThis($body, 1);
$date = strtotime($item['DATE']);
$date = date('Y-m-d H:i:s', $date);
if (isset($item['STATUS'])) {
$post_status = $item['STATUS'] == 'Draft' ? 1 : 4;
} else {
$post_status = $status;
}
//Bogger can use special chars on author names. Strip them and check for realname
$authorid = safe_field('user_id', 'txp_users', "RealName = '" . doSlash($item['AUTHOR']) . "'");
if (!$authorid) {
// $authorid = safe_field('user_id', 'txp_users', 'order by user_id asc limit 1');
//Add new authors
safe_insert('txp_users', "name='" . doSlash(stripSpace(dumbDown($textile->TextileThis($item['AUTHOR'], 1)))) . "', RealName='" . doSlash($item['AUTHOR']) . "'");
}
if (!safe_field("ID", "textpattern", "Title = '" . doSlash($title) . "' AND Posted = '" . doSlash($date) . "'")) {
safe_insert('textpattern', "Posted='" . doSlash($date) . "'," . "LastMod='" . doSlash($date) . "'," . "AuthorID='" . doSlash($item['AUTHOR']) . "'," . "LastModID='" . doSlash($item['AUTHOR']) . "'," . "Title='" . doSlash($title) . "'," . "Body='" . doSlash($body) . "'," . "Body_html='" . doSlash($body_html) . "'," . "AnnotateInvite='" . doSlash($invite) . "'," . "Status='" . doSlash($post_status) . "'," . "Section='" . doSlash($section) . "'," . "uid='" . md5(uniqid(rand(), true)) . "'," . "feed_time='" . substr($date, 0, 10) . "'," . "url_title='" . doSlash($url_title) . "'");
$parentid = mysql_insert_id();
if (!empty($item['COMMENT'])) {
foreach ($item['COMMENT'] as $comment) {
$comment_date = date('Y-m-d H:i:s', strtotime(@$comment['DATE']));
$comment_content = $textile->TextileThis(nl2br(@$comment['content']), 1);
//Check for Comments authors
if (preg_match('/<a href="(.*)">(.*)<\\/a>/', @$comment['AUTHOR'], $match)) {
@($comment['URL'] = $match[1]);
@($comment['AUTHOR'] = $match[2]);
}
if (!safe_field("discussid", "txp_discuss", "posted = '" . doSlash($comment_date) . "' AND message = '" . doSlash($comment_content) . "'")) {
safe_insert('txp_discuss', "parentid='" . doSlash($parentid) . "'," . "name='" . doSlash(strip_tags(@$comment['AUTHOR'])) . "'," . "web='" . doSlash(@$comment['URL']) . "'," . "posted='" . doSlash($comment_date) . "'," . "message='" . doSlash($comment_content) . "'," . "visible='1'");
}
}
}
return $title;
}
return $title . ' already imported';
}
function cat_vendor_category_create($name)
{
global $txpcfg;
//Prevent non url chars on category names
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
//$name = ps('name');
$title = doSlash($name);
$name = dumbDown($textile->TextileThis(trim(doSlash($name)), 1));
$name = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $name));
$check = safe_field("name", "txp_category", "name='{$name}' and type='article'");
if (!$check) {
if ($name) {
$q = safe_insert("txp_category", "name='{$name}', title='{$title}', type='article', parent='Vendors'");
//rebuild_tree('Vendor', 2, "article");
rebuild_tree('root', 1, "article");
}
}
}
function event_category_save($evname, $table_name)
{
global $txpcfg;
//Prevent non url chars on category names
include_once $txpcfg['txpath'] . '/lib/classTextile.php';
$textile = new Textile();
$in = psa(array('id', 'name', 'old_name', 'parent', 'title'));
extract(doSlash($in));
$title = $textile->TextileThis($title, 1);
$name = dumbDown($textile->TextileThis($name, 1));
$name = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $name));
$parent = $parent ? $parent : 'root';
safe_update("txp_category", "name='{$name}',parent='{$parent}',title='{$title}'", "id={$id}");
rebuild_tree('root', 1, $evname);
if ($evname == 'article') {
safe_update("textpattern", "Category1='{$name}'", "Category1 = '{$old_name}'");
safe_update("textpattern", "Category2='{$name}'", "Category2 = '{$old_name}'");
} else {
safe_update($table_name, "category='{$name}'", "category='{$old_name}'");
}
category_list(messenger($evname . '_category', stripslashes($name), 'saved'));
}
function encode_url($text)
{
return urlencode(trim(dumbDown(urldecode($text))));
}
/**
* Sanitises a string for use in a URL.
*
* Be aware that you still have to urlencode the string when appropriate.
* This function just makes the string look prettier and excludes some
* unwanted characters, but leaves UTF-8 letters and digits intact.
*
* @param string $text The string
* @return string
* @package URL
*/
function sanitizeForUrl($text)
{
$out = callback_event('sanitize_for_url', '', 0, $text);
if ($out !== '') {
return $out;
}
$in = $text;
// Remove names entities and tags.
$text = preg_replace("/(^|&\\S+;)|(<[^>]*>)/U", "", dumbDown($text));
// Remove all characters except letter, number, dash, space and backslash
$text = preg_replace('/[^\\p{L}\\p{N}\\-_\\s\\/\\\\]/u', '', $text);
// Collapse spaces, minuses, (back-)slashes.
$text = trim(preg_replace('/[\\s\\-\\/\\\\]+/', '-', $text), '-');
return $text;
}
function product_import()
{
global $txp_user, $textile;
define("TEMP_IMPATH", '../images/_import/');
if (isset($_FILES["thefile"])) {
$thefile = $_FILES["thefile"]["tmp_name"];
move_uploaded_file($thefile, "../files/import.csv");
chmod("../files/import.csv", 0666);
$data = parse_csv("../files/import.csv", true);
foreach ($data as $row) {
$title = implode(",", $row);
$title = explode(",", $title);
$title = $title[0];
extract($row);
if ($row['STATUS'] == 'Live') {
$status = 4;
} else {
if ($row['STATUS'] == 'Hidden') {
$status = 2;
} else {
$status = 3;
}
}
if (!empty($row['VENDOR'])) {
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
$vendor = dumbDown($textile->TextileThis(trim(doSlash($row['VENDOR'])), 1));
$vendor = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $row['VENDOR']));
}
if (!empty($CATEGORY_1)) {
$CATEGORY_1 = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $CATEGORY_1));
}
if (!empty($CATEGORY_2)) {
$CATEGORY_2 = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $CATEGORY_2));
}
safe_insert("textpattern", "Title = '{$title}',\r\n\t\t\t\t\tBody = '{$DESCRIPTION}',\r\n\t\t\t\t\tStatus = {$status},\r\n\t\t\t\t\tPosted = now(),\r\n\t\t\t\t\tLastMod = now(),\r\n\t\t\t\t\tAuthorID = '{$txp_user}',\r\n\t\t\t\t\tSection = 'store',\r\n\t\t\t\t\tCategory1 = '{$CATEGORY_1}',\r\n\t\t\t\t\tCategory2 = '{$CATEGORY_2}',\r\n\t\t\t\t\tcustom_1 = '{$PRICE}',\r\n\t\t\t\t\tcustom_2 = '{$WEIGHT}',\r\n\t\t\t\t\tcustom_3 = '{$SKU}',\r\n\t\t\t\t\tcustom_4 = '{$ITEMS_IN_STOCK}',\r\n\t\t\t\t\tcustom_5 = '{$vendor}',\r\n\t\t\t\t\tuid\t\t\t\t= '" . md5(uniqid(rand(), true)) . "',\r\n\t\t\t\t\tfeed_time\t\t= now()");
//echo mysql_error();
$ID = mysql_insert_id();
//echo $ID; print_r($product); die();
if (!empty($row['PRODUCT_IMAGE_1'])) {
$img = TEMP_IMPATH . $row['PRODUCT_IMAGE_1'];
upload_image($img, '1', $ID);
}
if (!empty($row['PRODUCT_IMAGE_2'])) {
$img = TEMP_IMPATH . $row['PRODUCT_IMAGE_2'];
upload_image($img, '2', $ID);
}
if (!empty($row['PRODUCT_IMAGE_3'])) {
$img = TEMP_IMPATH . $row['PRODUCT_IMAGE_3'];
upload_image($img, '3', $ID);
}
if (!empty($row['PRODUCT_IMAGE_4'])) {
$img = TEMP_IMPATH . $row['PRODUCT_IMAGE_4'];
upload_image($img, '4', $ID);
}
$customFields = '';
if (!empty($row['CUSTOM_FIELD_LABEL_1'])) {
$field = array('label' => $row['CUSTOM_FIELD_LABEL_1'], 'value' => $row['CUSTOM_FIELD_VALUE_1']);
$customFields[] = $field;
}
if (!empty($row['CUSTOM_FIELD_LABEL_2'])) {
$field = array('label' => $row['CUSTOM_FIELD_LABEL_2'], 'value' => $row['CUSTOM_FIELD_VALUE_2']);
$customFields[] = $field;
}
if (!empty($row['CUSTOM_FIELD_LABEL_3'])) {
$field = array('label' => $row['CUSTOM_FIELD_LABEL_3'], 'value' => $row['CUSTOM_FIELD_VALUE_3']);
$customFields[] = $field;
}
if (!empty($row['CUSTOM_FIELD_LABEL_4'])) {
$field = array('label' => $row['CUSTOM_FIELD_LABEL_4'], 'value' => $row['CUSTOM_FIELD_VALUE_4']);
$customFields[] = $field;
}
if (count($customFields) > 0) {
save_custom_fields($customFields, $ID);
}
}
products_list('', '', "Products Imported");
} else {
products_list('', '', 'Error: Couldn\'t Find Uploaded File!');
}
}
function insert_post()
{
global $txpcfg;
$name = doSlash(ps('name'));
// prevent non url chars on section names
include_once txpath . '/lib/classTextile.php';
$textile = new Textile();
$title = $textile->TextileThis($name, 1);
$name = dumbDown($textile->TextileThis(trim(doSlash($name)), 1));
$name = preg_replace("/[^[:alnum:]\\-_]/", "", str_replace(" ", "-", $name));
// prevent duplicate section names
// @todo: lose this for nested sections when parents differ
$chk = fetch('name', 'txp_section', 'name', $name);
if (!$chk) {
if ($name) {
$rs = safe_insert("txp_section", "name = '{$name}',\n\t\t\t\t\ttitle = '{$title}',\n\t\t\t\t\tpage = 'default',\n\t\t\t\t\tcss = 'default',\n\t\t\t\t\tis_default = 0,\n\t\t\t\t\tin_rss = 1,\n\t\t\t\t\ton_frontpage = 1");
if ($rs) {
$message = gTxt('section_created', array('{name}' => $name));
$this->_message($message);
$this->_set_view('list');
} else {
$message = gTxt('section_not_created', array('{name}' => $name));
$this->_error($message);
$this->_set_view('list');
// @todo: stay in detail view
}
} else {
$this->_set_view('list');
}
} else {
$message = gTxt('section_name_already_exists', array('{name}' => $name));
$this->_error($message);
$this->_set_view('list');
}
}
