/** * Parses a template looking for nv tags and replacing them with the generated HTML code * * @param $template string HTML code to parse * @return string HTML page generated */ function nvweb_template_parse($template) { global $dictionary; global $DB; global $current; global $website; global $structure; global $theme; global $idn; global $session; $html = $template; // now parse autoclosing tags $tags = nvweb_tags_extract($html, 'nv', true, true, 'UTF-8'); foreach ($tags as $tag) { $content = ''; switch ($tag['attributes']['object']) { // MAIN OBJECT TYPES case 'nvweb': case 'widget': case 'webget': case '': // webgets on lib/webgets have priority over private/webgets nvweb_webget_load($tag['attributes']['name']); $fname = 'nvweb_' . $tag['attributes']['name']; $tag['attributes']['nvweb_html'] = $html; // always pass the current buffered output to the webget if (function_exists($fname)) { $content = $fname($tag['attributes']); } break; case 'root': $content = NVWEB_ABSOLUTE; break; case 'nvajax': $content = NVWEB_AJAX; break; case 'url': $content = ''; if (!empty($tag['attributes']['lang'])) { $lang = $tag['attributes']['lang']; } else { $lang = $current['lang']; } if (!empty($tag['attributes']['type']) && !empty($tag['attributes']['id'])) { $url = nvweb_source_url($tag['attributes']['type'], $tag['attributes']['id'], $lang); if (!empty($url)) { $content .= $url; } } else { if (!empty($tag['attributes']['type']) && !empty($tag['attributes']['property'])) { $tag['attributes']['id'] = nvweb_properties(array('property' => $tag['attributes']['property'])); $url = nvweb_source_url($tag['attributes']['type'], $tag['attributes']['id'], $lang); if (!empty($url)) { $content .= $url; } } else { if (!empty($tag['attributes']['type']) && empty($tag['attributes']['id'])) { // get structure parent for this element and return its path if ($current['type'] == 'structure') { $category = $current['object']->parent; if (empty($category)) { $category = $current['object']->id; } } else { $category = $current['object']->category; } $url = nvweb_source_url($tag['attributes']['type'], $category, $lang); if (!empty($url)) { $content .= $url; } } else { $content .= '/' . $current['route']; } } } $content = nvweb_prepare_link($content); break; case 'd': case 'dict': case 'dictionary': if (!empty($tag['attributes']['type'])) { if ($tag['attributes']['type'] == 'structure' || $tag['attributes']['type'] == 'category') { // force loading dictionary for all elements in structure (for the current language) nvweb_menu_load_dictionary(); if (!is_numeric($tag['attributes']['id'])) { // maybe it's a property name instead of a category id $tag['attributes']['id'] = nvweb_properties(array('property' => $tag['attributes']['property'])); } $content = $structure['dictionary'][$tag['attributes']['id']]; } else { if ($tag['attributes']['type'] == 'item') { $tmp = webdictionary::load_element_strings('item', $tag['attributes']['id']); $content = $tmp[$current['lang']]['title']; } } } else { $content = $dictionary[$tag['attributes']['id']]; } if (empty($content)) { $content = $tag['attributes']['label']; } if (empty($content)) { $content = $tag['attributes']['default']; } break; case 'request': if (!empty($tag['attributes']['name'])) { $content = $_REQUEST[$tag['attributes']['name']]; } else { // deprecated: use "request" as attribute [will be removed on navigate cms 2.0] $content = $_REQUEST[$tag['attributes']['request']]; } if (is_array($content)) { $content = implode(',', $content); } break; case 'constant': case 'variable': switch ($tag['attributes']['name']) { case "structure": case "category": // retrieve the category ID from current session $tmp = NULL; if ($current['type'] == 'structure') { $tmp = $current['id']; } else { if (!empty($current['category'])) { $tmp = $current['category']; } else { if (!empty($current['object']->category)) { $tmp = $current['object']->category; } } } if (empty($tmp)) { $content = ''; } else { $content = $DB->query_single('text', 'nv_webdictionary', ' node_type = "structure" AND subtype = "title" AND node_id = ' . $tmp . ' AND lang = ' . protect($current['lang']) . ' AND website = ' . $website->id); } break; case "year": $content = date('Y'); break; case "website_name": $content = $website->name; break; case "website_description": $content = $website->metatag_description[$current['lang']]; break; case "lang_code": $content = $current['lang']; break; default: break; } break; case 'php': if (!empty($tag['attributes']['code'])) { eval('$content = ' . $tag['attributes']['code'] . ';'); } break; case 'theme': // compatibility with Navigate < 1.8.9 // deprecated! code will be removed in Navigate 2.0 if ($tag['attributes']['name'] == 'url') { $tag['attributes']['mode'] = 'url'; } else { if ($tag['attributes']['name'] == 'style') { $tag['attributes']['name'] = $tag['attributes']['mode']; $tag['attributes']['mode'] = 'style'; } } // new syntax ("mode" first) switch ($tag['attributes']['mode']) { case "style": $content = $website->theme_options->style; if (!empty($tag['attributes']['name'])) { switch ($tag['attributes']['name']) { case 'name': $content = $website->theme_options->style; break; case 'color': default: // return theme definition file location for the requested substyle if (!empty($website->theme_options->style)) { $content = $theme->styles->{$website->theme_options->style}->{$tag['attributes']['name']}; } if (empty($content)) { // return first available $theme_styles = array_keys(get_object_vars($theme->styles)); $content = $theme->styles->{$theme_styles[0]}->{$tag['attributes']['name']}; } break; } } break; case "url": $content = $idn->encode($website->absolute_path(false)); $content .= NAVIGATE_FOLDER . '/themes/' . $theme->name . '/'; break; } break; default: //var_dump($tag['attributes']['object']); break; } $html = str_replace($tag['full_tag'], $content, $html); } return $html; }
function nvweb_menu($vars = array()) { global $website; global $DB; global $structure; global $current; $out = ''; nvweb_menu_load_dictionary(); nvweb_menu_load_routes(); nvweb_menu_load_structure(); nvweb_menu_load_actions(); $parent = intval(@$vars['parent']) + 0; $from = intval(@$vars['from']) + 0; $of = intval(@$vars['of']) + 0; if (isset($vars['parent']) && !is_numeric($vars['parent'])) { // assume parent attribute contains a property_id which has the category value $parent_property = nvweb_properties(array('property' => $vars['parent'])); if (!empty($parent_property)) { $parent = $parent_property; } } if ($of > 0) { // get options of the parent x in the order of the structure // example: // Home [5] Products [6] Contact [7] // | // -- Computers [8] Mobile Phones [9] // | // -- Apple [10] Dell [11] // // we want the categories under Products [6]: "Computers" [8] and "Mobile Phones" [9] // of: 2 (second item in the main structure) // <nv object="nvweb" name="menu" of="2" /> $parent = $structure['cat-0'][intval($of) - 1]->id; } if (empty($current['hierarchy'])) { $inverse_hierarchy = array(); // discover the parent from which get the menu if (!empty($current['category'])) { $inverse_hierarchy[] = $current['category']; $last = $current['category']; } else { $inverse_hierarchy[] = $current['object']->category; $last = $current['object']->category; } // get category parents until root (to know how many levels count from) while ($last > 0) { $last = $DB->query_single('parent', 'nv_structure', ' id = ' . protect($last)); $inverse_hierarchy[] = $last; } $current['hierarchy'] = array_reverse($inverse_hierarchy); } if ($from > 0) { // get a certain level of the menu based on the path to current item category with offset // example: // Home [5] Products [6] Contact [7] // | // -- Computers [8] Mobile Phones [9] // | // -- Apple [10] Dell [11] // // current item is a Dell computer (category = 11) // we want the menu from level 1 // from: 1 --> 8, 9 $parent = $current['hierarchy'][$from]; if (is_null($parent)) { return ''; } // the requested level of menu does not exist under the current category } $option = -1; if (isset($vars['option'])) { $option = intval($vars['option']); } if ($vars['mode'] == 'next' || $vars['mode'] == 'previous') { $out = nvweb_menu_render_arrow($vars); } else { $out = nvweb_menu_generate($vars['mode'], $vars['levels'], $parent, 0, $option, $vars['class']); if ($vars['mode'] == 'select') { nvweb_after_body('js', ' // jQuery required $("select.menu_level_0").off("change").on("change", function() { var option = $(this).find("option[value=" + $(this).val() + "]"); if($(option).attr("target") == "_blank") window.open($(option).attr("href")); else { if($(option).attr("href")=="#") window.location.replace($(option).attr("href") + "sid_" + $(option).attr("value")); else window.location.replace($(option).attr("href")); } }); '); } } return $out; }
function nvweb_search($vars = array()) { global $website; global $webuser; global $DB; global $current; global $cache; global $structure; global $theme; $out = array(); $search_what = $_REQUEST[$vars['request']]; $search_archive = array(); if (!empty($_REQUEST['archive'])) { $search_archive = explode("-", $_REQUEST['archive']); } // YEAR, MONTH, CATEGORIES (separated by commas) if (isset($_REQUEST[$vars['request']]) || !empty($search_archive[0]) && !empty($search_archive[1])) { // LOG search request $wu_id = 0; if (!empty($webuser->id)) { $wu_id = $webuser->id; } $DB->execute(' INSERT INTO nv_search_log (id, website, date, webuser, origin, text) VALUES (0, :website, :date, :webuser, :origin, :text) ', array('website' => $website->id, 'date' => time(), 'webuser' => $wu_id, 'origin' => empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'], 'text' => $search_what)); // prepare and execute the search $search_what = explode(' ', $search_what); $search_what = array_filter($search_what); if (empty($search_what)) { $search_what = array(); } $likes = array(); $likes[] = ' 1=1 '; foreach ($search_what as $what) { if (substr($what, 0, 1) == '-') { $likes[] = 'd.text NOT LIKE ' . protect('%' . substr($what, 1) . '%') . ' AND i.id IN( SELECT p.node_id FROM nv_properties_items p WHERE p.element = "item" AND p.website = ' . protect($website->id) . ' AND p.value NOT LIKE ' . protect('%' . substr($what, 1) . '%') . ' )'; } else { $likes[] = 'd.text LIKE ' . protect('%' . $what . '%') . ' OR i.id IN( SELECT p.node_id FROM nv_properties_items p WHERE p.element = "item" AND p.website = ' . protect($website->id) . ' AND p.value LIKE ' . protect('%' . $what . '%') . ' )'; } } if (!empty($search_archive)) { $start_date = gmmktime(0, 0, 0, $search_archive[1], 1, $search_archive[0]); $end_date = gmmktime(0, 0, 0, $search_archive[1] + 1, 1, $search_archive[0]); $likes[] = ' (i.date_to_display >= ' . $start_date . ')'; $likes[] = ' (i.date_to_display <= ' . $end_date . ')'; } if (!empty($search_archive[2])) { $vars['categories'] = $search_archive[2]; } $categories = NULL; if (isset($vars['categories'])) { if ($vars['categories'] == 'all') { $categories = array(0); $vars['children'] = 'true'; } else { if ($vars['categories'] == 'parent') { $categories = array($current['object']->id); $parent = $DB->query_single('parent', 'nv_structure', 'id = ' . intval($categories[0])); $categories = array($parent); } else { if ($vars['categories'] == 'nvlist_parent') { if ($vars['nvlist_parent_type'] === 'structure') { $categories = array($vars['nvlist_parent_item']->id); } } else { if (!is_numeric($vars['categories'])) { // if "categories" attribute has a comma, then we suppose it is a list of comma separated values // if not, then maybe we want to get the categories from a specific property of the current page if (strpos($vars['categories'], ',') === false) { $categories = nvweb_properties(array('property' => $vars['categories'])); } if (empty($categories) && @$vars['nvlist_parent_vars']['source'] == 'block_group') { $categories = nvweb_properties(array('mode' => 'block_group_block', 'property' => $vars['categories'])); } if (empty($categories)) { $categories = $vars['categories']; } if (!is_array($categories)) { $categories = explode(',', $categories); $categories = array_filter($categories); // remove empty elements } } else { $categories = explode(',', $vars['categories']); $categories = array_filter($categories); // remove empty elements } } } } } if ($vars['children'] == 'true') { $categories = nvweb_menu_get_children($categories); } // if we have categories="x" children="true" [to get the children of a category, but not itself] if ($vars['children'] == 'only') { $children = nvweb_menu_get_children($categories); for ($c = 0; $c < count($categories); $c++) { array_shift($children); } $categories = $children; } if (!empty($vars['children']) && intval($vars['children']) > 0) { $children = nvweb_menu_get_children($categories, intval($vars['children'])); for ($c = 0; $c < count($categories); $c++) { array_shift($children); } $categories = $children; } // apply a filter on categories, if given // example: request_categories="c" ... in the url &q=text&c=23,35 if (!empty($vars['request_categories'])) { $categories_filter = explode(",", $_REQUEST[$vars['request_categories']]); if (empty($categories)) { // note: categories may be empty by the rules applies on categories + children; // in this case we give preference to the request_categories filter $categories = array_values($categories_filter); } else { for ($cf = 0; $cf < count($categories_filter); $cf++) { if (!in_array($categories_filter[$cf], $categories)) { unset($categories_filter[$cf]); } $categories_filter = array_filter($categories_filter); } $categories = $categories_filter; } } // retrieve entries $permission = !empty($_SESSION['APP_USER#' . APP_UNIQUE]) ? 1 : 0; $access = !empty($current['webuser']) ? 1 : 2; if (empty($_GET['page'])) { $_GET['page'] = 1; } $offset = intval($_GET['page'] - 1) * $vars['items']; // get order type: PARAMETER > NV TAG PROPERTY > DEFAULT (priority given in CMS) $order = @$_REQUEST['order']; if (empty($order)) { $order = @$vars['order']; } if (empty($order)) { // default order: latest $order = 'latest'; } $orderby = nvweb_list_get_orderby($order); if (empty($vars['items']) || $vars['items'] == '0') { $vars['items'] = 500; //2147483647; // maximum integer // NOTE: having >500 items on a page without a paginator is probably a bad idea... disagree? Contact Navigate CMS team! } else { if (!is_numeric($vars['items'])) { $max_items = ""; // the number of items is defined by a property $max_items = nvweb_properties(array('property' => $vars['items'])); if (empty($max_items) && @$vars['nvlist_parent_vars']['source'] == 'block_group') { $max_items = nvweb_properties(array('mode' => 'block_group_block', 'property' => $vars['items'], 'id' => $vars['nvlist_parent_item']->id, 'uid' => $vars['nvlist_parent_item']->uid)); } if (!empty($max_items)) { $vars['items'] = $max_items; } else { $vars['items'] = 500; } // default maximum } } // TODO: try to optimize search to use less memory and increase the maximum number of items $DB->query(' SELECT SQL_CALC_FOUND_ROWS rs.id FROM ( SELECT i.id as id, i.permission, i.date_published, i.date_unpublish, i.date_to_display, COALESCE(NULLIF(i.date_to_display, 0), i.date_created) as pdate, i.position as position, wd.text as title FROM nv_items i, nv_webdictionary d LEFT JOIN nv_webdictionary wd ON wd.node_id = d.node_id AND wd.lang = ' . protect($current['lang']) . ' AND wd.node_type = "item" AND wd.website = ' . protect($website->id) . ' WHERE i.website = ' . $website->id . ' AND i.permission <= ' . $permission . ' AND (i.date_published = 0 OR i.date_published < ' . core_time() . ') AND (i.date_unpublish = 0 OR i.date_unpublish > ' . core_time() . ') AND (i.access = 0 OR i.access = ' . $access . ') AND d.website = ' . protect($website->id) . ' AND d.node_id = i.id AND d.lang = ' . protect($current['lang']) . ' AND (d.node_type = "item" OR d.node_type = "tags") AND ( ' . implode(' AND ', $likes) . ' ) ' . (empty($categories) ? '' : 'AND category IN(' . implode(",", $categories) . ')') . ' ' . $orderby . ' ) rs GROUP BY rs.id LIMIT ' . $vars['items'] . ' OFFSET ' . $offset); $rs = $DB->result(); $total = $DB->foundRows(); for ($i = 0; $i < count($rs); $i++) { if (empty($rs[$i]->id)) { break; } $item = new item(); $item->load($rs[$i]->id); // get the nv list template $item_html = $vars['template']; // now, parse the nvlist_conditional tags (with html source code inside (and other nvlist tags)) unset($nested_condition_fragments); list($item_html, $nested_conditional_fragments) = nvweb_list_isolate_conditionals($item_html); $conditional_placeholder_tags = nvweb_tags_extract($item_html, 'nvlist_conditional_placeholder', true, true, 'UTF-8'); // selfclosing = true while (!empty($conditional_placeholder_tags)) { $tag = $conditional_placeholder_tags[0]; $conditional = $nested_conditional_fragments[$tag["attributes"]["id"]]; $conditional_html_output = nvweb_list_parse_conditional($conditional, $item, $conditional['nvlist_conditional_template'], $i, count($rs)); $item_html = str_replace($tag["full_tag"], $conditional_html_output, $item_html); $conditional_placeholder_tags = nvweb_tags_extract($item_html, 'nvlist_conditional_placeholder', true, true, 'UTF-8'); // selfclosing = true } // now parse the (remaining) common nvlist tags $template_tags = nvweb_tags_extract($item_html, 'nvlist', true, true, 'UTF-8'); // selfclosing = true if (empty($item_html)) { $item_html = array(); $item_html[] = '<div class="search-result-item">'; $item_html[] = ' <div class="search-result-title"><a href="' . $website->absolute_path() . $item->paths[$current['lang']] . '">' . $item->dictionary[$current['lang']]['title'] . '</a></div>'; $item_html[] = ' <div class="search-result-summary">' . core_string_cut($item->dictionary[$current['lang']]['section-main'], 300, '…') . '</div>'; $item_html[] = '</div>'; $item_html = implode("\n", $item_html); $out[] = $item_html; } else { // parse special template tags foreach ($template_tags as $tag) { $content = nvweb_list_parse_tag($tag, $item, $vars['source'], $i, $i + $offset, $total); $item_html = str_replace($tag['full_tag'], $content, $item_html); } $out[] = $item_html; } } if ($total == 0) { $search_results_empty_text = $theme->t("no_results_found"); if (isset($vars['no_results_found'])) { $search_results_empty_text = $theme->t($vars["no_results_found"]); } if (empty($search_results_empty_text) || $search_results_empty_text == 'no_results_found') { $search_results_empty_text = t(645, "No results found"); } // display the error message only if // 1) it's not empty // 2) the template is preventing the display of any error message in the search ( no_results_found="" ) if (!empty($search_results_empty_text) && (!isset($vars['no_results_found']) || isset($vars['no_results_found']) && !empty($vars['no_results_found']))) { $out[] = '<div class="search-results-empty">'; $out[] = $search_results_empty_text; $out[] = '</div>'; } } $archive = $_REQUEST['archive']; if (!empty($archive)) { $archive = 'archive=' . $archive . '&'; } if (isset($vars['paginator']) && $vars['paginator'] != 'false') { $search_url = '?' . $archive . $vars['request'] . '=' . $_REQUEST[$vars['request']] . '&page='; $out[] = nvweb_list_paginator($vars['paginator'], $_GET['page'], $total, $vars['items'], $vars, $search_url); } } return implode("\n", $out); }
function nvweb_list_parse_filters($raw, $object = 'item') { global $website; global $current; $filters = array(); if (!is_array($raw)) { $raw = str_replace("'", '"', $raw); $aFilters = json_decode($raw, true); } else { $aFilters = $raw; } if (APP_DEBUG && json_last_error() > 0) { firephp_nv::log($raw, json_last_error_msg()); } $comparators = array('eq' => '=', 'neq' => '!=', 'gt' => '>', 'gte' => '>=', 'lt' => '<', 'lte' => '<='); for ($f = 0; $f < count($aFilters); $f++) { $filter = $aFilters[$f]; $key = array_keys($filter); $key = $key[0]; $value = $filter[$key]; if (substr($key, 0, 9) == 'property.') { // object property value // TODO: filters for values in DICTIONARY $key = substr($key, 9); if (!is_array($value)) { if (substr($value, 0, 1) == '$') { if (!isset($_REQUEST[substr($value, 1)])) { continue; } // ignore this filter $value = $_REQUEST[substr($value, 1)]; if (empty($value)) { // ignore empty values continue; } } else { if (strpos($value, 'property.') === 0) { // retrieve the property value $value = nvweb_properties(array('property' => str_replace("property.", "", $value))); } } $filters[] = ' AND i.id IN ( SELECT node_id FROM nv_properties_items WHERE website = ' . $website->id . ' AND property_id = ' . protect($key) . ' AND element = "item" AND value = ' . protect($value) . ' )'; } else { foreach ($value as $comp_type => $comp_value) { if (!is_array($comp_value) && substr($comp_value, 0, 1) == '$') { if (!isset($_REQUEST[substr($comp_value, 1)])) { continue; } // ignore this filter $comp_value = $_REQUEST[substr($comp_value, 1)]; if (empty($comp_value)) { // ignore empty values continue; } } else { if (!is_array($comp_value) && strpos($comp_value, 'property.') === 0) { // retrieve the property value $comp_value = nvweb_properties(array('property' => str_replace("property.", "", $comp_value))); } } if (isset($comparators[$comp_type])) { $filters[] = ' AND i.id IN ( SELECT node_id FROM nv_properties_items WHERE website = ' . $website->id . ' AND property_id = ' . protect($key) . ' AND element = "item" AND value ' . $comparators[$comp_type] . ' ' . protect($comp_value, null, true) . ' )'; } else { if ($comp_type == 'like' || $comp_type == 'not_like') { if (is_array($comp_value)) { // multivalue, query with REGEXP: http://dev.mysql.com/doc/refman/5.7/en/string-functions.html#function_regexp $filters[] = ' AND i.id IN ( SELECT node_id FROM nv_properties_items WHERE website = ' . $website->id . ' AND property_id = ' . protect($key) . ' AND element = "item" AND value ' . ($comp_type == 'like' ? 'REGEXP' : 'NOT REGEXP') . ' "' . implode('|', $comp_value) . '" )'; } else { // single value, standard LIKE $filters[] = ' AND i.id IN ( SELECT node_id FROM nv_properties_items WHERE website = ' . $website->id . ' AND property_id = ' . protect($key) . ' AND element = "item" AND value ' . ($comp_type == 'like' ? 'LIKE' : 'NOT LIKE') . ' ' . protect('%' . $comp_value . '%', null, true) . ' )'; } } else { if ($comp_type == 'in' || $comp_type == 'nin') { if ($comp_type == 'nin') { $comp_type = 'NOT IN'; } else { $comp_type = 'IN'; } if (!is_array($comp_value)) { $comp_value = explode(",", $comp_value); } if (empty($comp_value)) { $comp_value = array(0); } // avoid SQL query exception $filters[] = ' AND i.id IN ( SELECT node_id FROM nv_properties_items WHERE website = ' . $website->id . ' AND property_id = ' . protect($key) . ' AND element = "item" AND value ' . $comp_type . '(' . implode(",", array_map(function ($v) { return protect($v); }, array_values($comp_value))) . ') )'; } } } } } } else { // object value switch ($key) { case 'id': $field = 'i.id'; $direct_filter = true; break; case 'author': $field = 'i.author'; $direct_filter = true; break; case 'date_to_display': $field = 'i.date_to_display'; $direct_filter = true; break; case 'score': $field = 'i.score'; $direct_filter = true; break; case 'votes': $field = 'i.votes'; $direct_filter = true; break; default: continue; break; } if ($direct_filter) { if (!is_array($value)) { if (substr($value, 0, 1) == '$') { if (!isset($_REQUEST[substr($value, 1)])) { continue; } // ignore this filter $value = $_REQUEST[substr($value, 1)]; if (empty($value)) { // ignore empty values continue; } } else { if (strpos($value, 'property.') === 0) { // retrieve the property value $value = nvweb_properties(array('property' => str_replace("property.", "", $value))); } } $filters[] = ' AND ' . $field . ' = ' . protect($value); } else { foreach ($value as $comp_type => $comp_value) { if (!is_array($comp_value) && substr($comp_value, 0, 1) == '$') { if (!isset($_REQUEST[substr($comp_value, 1)])) { continue; } // ignore this filter $comp_value = $_REQUEST[substr($comp_value, 1)]; if (empty($comp_value)) { // ignore empty values continue; } } else { if (!is_array($comp_value) && strpos($comp_value, 'property.') === 0) { // retrieve the property value $comp_value = nvweb_properties(array('property' => str_replace("property.", "", $comp_value))); } } if (isset($comparators[$comp_type])) { $filters[] = ' AND ' . $field . ' ' . $comparators[$comp_type] . ' ' . protect($comp_value, null, true); } else { if ($comp_type == 'like' || $comp_type == 'not_like') { if (is_array($comp_value)) { // multivalue, query with REGEXP: http://dev.mysql.com/doc/refman/5.7/en/string-functions.html#function_regexp $filters[] = ' AND ' . $field . ' ' . ($comp_type == 'like' ? 'REGEXP' : 'NOT REGEXP') . ' "' . implode('|' . $comp_value) . '"'; } else { // single value, standard LIKE $filters[] = ' AND ' . $field . ' ' . ($comp_type == 'like' ? 'LIKE' : 'NOT LIKE') . ' ' . protect('%' . $comp_value . '%', null, true); } } else { if ($comp_type == 'in' || $comp_type == 'nin') { if ($comp_type == 'nin') { $comp_type = 'NOT IN'; } else { $comp_type = 'IN'; } if (is_array($comp_value)) { $comp_value = implode(",", array_map(function ($v) { return protect($v); }, array_values($comp_value))); } else { if (empty($comp_value)) { $comp_value = 0; // avoid SQL query exception } } $filters[] = ' AND ' . $field . ' ' . $comp_type . '(' . $comp_value . ')'; } } } } } } } } $filters = implode("\n", $filters); return $filters; }
function nvweb_properties_render($property, $vars) { global $website; global $current; global $DB; global $session; global $theme; global $structure; $out = ''; setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']); // if this property is null (no value assigned (null), (empty) is a value!) // get the default value if (!isset($property->value)) { $property->value = $property->dvalue; } // check multilanguage properties, where the value can be saved in a language but may be (null) in another language if (in_array($property->type, array("text", "textarea", "rich_textarea", "link")) || $property->multilanguage == 'true') { // cast variable as array if (is_object($property->value)) { $property->value = (array) $property->value; } if (!isset($property->value) || !isset($property->value[$current['lang']])) { if (isset($property->dvalue->{$current['lang']})) { $property->value[$current['lang']] = $property->dvalue->{$current['lang']}; } else { if (!is_array($property->value)) { $property->value = array(); } $property->value[$current['lang']] = $property->dvalue; } } } switch ($property->type) { case 'value': $out = $property->value; break; case 'decimal': $out = $property->value; if (isset($vars['precision'])) { $out = number_format($property->value, $vars['precision']); } break; case 'boolean': $out = $property->value; break; case 'option': $options = mb_unserialize($property->options); $options = (array) $options; switch (@$vars['return']) { case 'value': $out = $property->value; break; default: $out = $theme->t($options[$property->value]); } break; case 'moption': $options = mb_unserialize($property->options); $selected = explode(",", $property->value); switch (@$vars['return']) { case 'value': case 'values': $out = $property->value; break; default: $buffer = array(); foreach ($selected as $seloption) { $buffer[] = '<span>' . $theme->t($options[$seloption]) . '</span>'; } $out .= implode(', ', $buffer); } break; case 'text': $out = htmlspecialchars($property->value[$current['lang']]); break; case 'textarea': $out = nl2br(htmlspecialchars($property->value[$current['lang']])); break; case 'rich_textarea': $out = $property->value[$current['lang']]; break; case 'source_code': if (@$property->multilanguage == 'true' || $property->multilanguage == '1') { $out = $property->value[$current['lang']]; } else { $out = $property->value; } break; case 'date': if (!empty($vars['format'])) { $out = Encoding::toUTF8(strftime($vars['format'], $property->value)); } else { $out = date($website->date_format, $property->value); } break; case 'datetime': if (!empty($vars['format'])) { $out = Encoding::toUTF8(strftime($vars['format'], $property->value)); } else { $out = date($website->date_format . ' H:i', $property->value); } break; case 'link': // split title and link $link = explode('##', $property->value[$current['lang']]); if (is_array($link)) { $target = @$link[2]; $title = @$link[1]; $link = $link[0]; if (empty($title)) { $title = $link; } } else { $title = $property->value[$current['lang']]; $link = $property->value[$current['lang']]; $target = '_self'; } if (strpos($link, '://') === false) { $link = $website->absolute_path() . $link; } if ($vars['link'] === 'false') { $out = $link; } else { if (isset($vars['return'])) { if ($vars['return'] == 'title') { $out = $title; } else { if ($vars['return'] == 'link' || $vars['return'] == 'url') { $out = $link; } else { if ($vars['return'] == 'target') { $out = $target; } } } } else { $out = '<a href="' . $link . '" target="' . $target . '">' . $title . '</a>'; } } break; case 'image': $add = ''; $extra = ''; if (@$property->multilanguage == 'true' || $property->multilanguage == '1') { $image_id = $property->value[$session['lang']]; } else { $image_id = $property->value; } if (isset($vars['width'])) { $add .= ' width="' . $vars['width'] . '" '; $extra .= '&width=' . $vars['width']; } if (isset($vars['height'])) { $add .= ' height="' . $vars['height'] . '" '; $extra .= '&height=' . $vars['height']; } if (isset($vars['border'])) { $extra .= '&border=' . $vars['border']; } if (isset($vars['quality'])) { $extra .= '&quality=' . $vars['quality']; } $img_url = NVWEB_OBJECT . '?type=image&id=' . $image_id . $extra; if (empty($image_id)) { $out = ''; } else { if ($vars['return'] == 'url') { $out = $img_url; } else { // retrieve additional info (title/alt), if available if (is_numeric($image_id)) { $f = new file(); $f->load($image_id); $ftitle = $f->title[$current['lang']]; $falt = $f->description[$current['lang']]; if (!empty($ftitle)) { $add .= ' title="' . $ftitle . '" '; } if (!empty($falt)) { $add .= ' alt="' . $falt . '" '; } } $out = '<img class="' . $vars['class'] . '" src="' . $img_url . '" ' . $add . ' />'; } } break; case 'file': if (!empty($property->value)) { $file = $DB->query_single('name', 'nv_files', ' id = ' . protect($property->value) . ' AND website = ' . $website->id); if ($vars['return'] == 'url' || $vars['return'] == 'url-download') { $out = NVWEB_OBJECT . '?type=file&id=' . $property->value . '&disposition=attachment'; } else { if ($vars['return'] == 'url-inline') { $out = NVWEB_OBJECT . '?type=file&id=' . $property->value . '&disposition=inline'; } else { $out = '<a href="' . NVWEB_OBJECT . '?type=file&id=' . $property->value . '&disposition=attachment">' . $file . '</a>'; } } } break; case 'comment': $out = $property->value; break; case 'coordinates': $coordinates = explode('#', $property->value); $out = implode(',', $coordinates); break; case 'rating': // half stars are always enabled (ratings fixed to 0..10) $out = $property->value; // we want nearest integer down if ($vars['option'] == 'floor') { $out = floor($out / 2); } break; case 'color': $out = $property->value; break; case 'video': // value may be a numeric file ID or a provider#id structure, f.e. youtube#3MteSlpxCpo // compatible providers: file,youtube,vimeo if (@$property->multilanguage == 'true' || $property->multilanguage == '1') { $video_id = $property->value[$session['lang']]; } else { $video_id = $property->value; } $provider = ''; $reference = ''; $add = ''; if (isset($vars['width'])) { $add .= ' width="' . $vars['width'] . '" '; } if (isset($vars['height'])) { $add .= ' height="' . $vars['height'] . '" '; } $url_add = '&type=image'; if (isset($vars['width'])) { $url_add .= '&width=' . $vars['width'] . ''; } if (isset($vars['height'])) { $url_add .= '&height=' . $vars['height'] . ''; } if (isset($vars['border'])) { $url_add .= '&border=' . $vars['border'] . ''; } if (strpos($video_id, '#') !== false) { list($provider, $reference) = explode("#", $video_id); } if ($provider == 'file') { $video_id = $reference; } $file = new file(); if (is_numeric($video_id)) { $file->load($video_id); $embed = file::embed('file', $file, $add); } else { if ($provider == 'youtube') { $embed = file::embed('youtube', $reference, $add); if (!empty($vars['part']) || $vars['part'] != 'embed') { $file->load_from_youtube($reference); } } else { if ($provider == 'vimeo') { $embed = file::embed('vimeo', $reference, $add); if (!empty($vars['part']) || $vars['part'] != 'embed') { $file->load_from_vimeo($reference); } } } } switch (@$vars['return']) { case 'title': $out = $file->title; break; case 'mime': $out = $file->mime; break; case 'author': if (is_numeric($file->uploaded_by)) { $out = $website->name; } else { $out = $file->uploaded_by; } break; case 'path': case 'url': $out = $file->extra['link']; break; case 'thumbnail_url': $out = file::file_url($file->extra['thumbnail_cache']) . $url_add; break; case 'thumbnail': $out = '<img src="' . file::file_url($file->extra['thumbnail_cache']) . $url_add . '" class="' . $vars['class'] . '" ' . $add . ' />'; break; case 'reference': $out = $reference; break; case 'provider': $out = $provider; break; case 'embed': default: $out = $embed; } break; case 'article': // TO DO break; case 'category': $return = @$vars['return']; switch ($return) { case 'title': case 'name': nvweb_menu_load_dictionary(); $out = $structure['dictionary'][$property->value]; break; case 'url': case 'link': $out = nvweb_source_url('structure', $property->value); break; default: $out = $property->value; } break; case 'categories': $return = @$vars['return']; $value = explode(",", $property->value); $position = intval(@vars['position']) + 0; switch ($return) { case 'title': case 'name': nvweb_menu_load_dictionary(); $out = $structure['dictionary'][$value[$position]]; break; case 'url': case 'link': $out = nvweb_source_url('structure', $value[$position]); break; default: $out = $property->value; } break; case 'country': $return = @$vars['return']; switch ($return) { case 'name': $countries = property::countries(); $out = $countries[$property->value]; break; case 'id': case 'code': default: $out = $property->value; break; } break; case 'elements': $out = $property->value; break; case 'element': case 'item': // deprecated $return = @$vars['return']; switch ($return) { case 'title': $item = new item(); $item->load($property->value); $out = $item->dictionary[$current['lang']]['title']; break; case 'url': case 'path': $out = nvweb_source_url('item', $property->value, $current['lang']); break; case 'section': $item = new item(); $item->load($property->value); $out = $item->dictionary[$current['lang']]['section-' . $vars['section']]; break; case 'property': $params = array(); foreach ($vars as $attr_name => $attr_value) { if (strpos($attr_name, 'element-property-') === 0) { $attr_name = str_replace('element-property-', '', $attr_name); $params[$attr_name] = $attr_value; } else { if ($attr_name == 'element-property') { $params['property'] = $attr_value; } } } // default parameters $params['mode'] = 'item'; $params['id'] = $property->value; $out = nvweb_properties($params); break; case 'id': default: $out = $property->value; break; } break; default: } return $out; }
function nvweb_conditional($vars = array()) { global $website; global $DB; global $current; global $cache; global $structure; global $webgets; global $webuser; $out = array(); $webget = 'conditional'; $categories = array(); $item = new item(); if ($current['type'] == 'item') { $item->load($current['object']->id); $item_type = 'element'; } else { $item_type = 'structure'; if (isset($vars['scope']) && $vars['scope'] == 'element') { // the current path belongs to a structure category, but the template is asking for an element value, // so we try to find the first element assigned to the current category $categories = array(); if (!empty($current['object']->id)) { $categories = array($current['object']->id); } if (isset($vars['categories'])) { $categories = explode(',', $vars['categories']); $categories = array_filter($categories); // remove empty elements } $permission = !empty($_SESSION['APP_USER#' . APP_UNIQUE]) ? 1 : 0; // public access / webuser based / webuser groups based $access = 2; $access_extra = ''; if (!empty($current['webuser'])) { $access = 1; if (!empty($webuser->groups)) { $access_groups = array(); foreach ($webuser->groups as $wg) { if (empty($wg)) { continue; } $access_groups[] = 's.groups LIKE "%g' . $wg . '%"'; } if (!empty($access_groups)) { $access_extra = ' OR (s.access = 3 AND (' . implode(' OR ', $access_groups) . '))'; } } } // get order type: PARAMETER > NV TAG PROPERTY > DEFAULT (priority given in CMS) $order = @$_REQUEST['order']; if (empty($order)) { $order = @$vars['order']; } if (empty($order)) { // default order: latest $order = 'latest'; } $orderby = nvweb_list_get_orderby($order); $rs = NULL; $access_extra_items = str_replace('s.', 'i.', $access_extra); if (empty($categories)) { // force executing the query; search in all categories $categories = nvweb_menu_get_children(array(0)); } // default source for retrieving items $DB->query(' SELECT SQL_CALC_FOUND_ROWS i.id, i.permission, i.date_published, i.date_unpublish, i.date_to_display, COALESCE(NULLIF(i.date_to_display, 0), i.date_created) as pdate, d.text as title, i.position as position FROM nv_items i, nv_structure s, nv_webdictionary d WHERE i.category IN(' . implode(",", $categories) . ') AND i.website = ' . $website->id . ' AND i.permission <= ' . $permission . ' AND (i.date_published = 0 OR i.date_published < ' . core_time() . ') AND (i.date_unpublish = 0 OR i.date_unpublish > ' . core_time() . ') AND s.id = i.category AND (s.date_published = 0 OR s.date_published < ' . core_time() . ') AND (s.date_unpublish = 0 OR s.date_unpublish > ' . core_time() . ') AND s.permission <= ' . $permission . ' AND (s.access = 0 OR s.access = ' . $access . $access_extra . ') AND (i.access = 0 OR i.access = ' . $access . $access_extra_items . ') AND d.website = i.website AND d.node_type = "item" AND d.subtype = "title" AND d.node_id = i.id AND d.lang = ' . protect($current['lang']) . ' ' . $orderby . ' LIMIT 1 OFFSET 0'); $rs = $DB->result(); // now we have the element against which the condition will be checked $i = 0; $item->load($rs[$i]->id); $item_type = 'element'; } else { if (!isset($vars['scope']) || $vars['scope'] == 'structure') { $item = $current['object']; $item_type = 'structure'; } } } // get the template $item_html = $vars['_template']; // now, parse the conditional tags (with html source code inside) switch ($vars['by']) { case 'property': $property_value = NULL; $property_name = $vars['property_name']; if (empty($vars['property_name'])) { $property_name = $vars['property_id']; } if ($vars['property_scope'] == "element") { $property_value = $item->property($property_name); } else { if ($vars['property_scope'] == "structure") { $property = nvweb_properties(array('mode' => 'structure', 'property' => $property_name, 'return' => 'object')); if (!empty($property)) { $property_value = $property->value; } } else { if ($vars['property_scope'] == "website") { $property_value = $website->theme_options->{$property_name}; } else { // no scope defined, so we have to check ELEMENT > STRUCTURE > WEBSITE (the first with a property with the given name) // element $property_value = $item->property($property_name); if (!$item->property_exists($property_name) && $item_type == 'structure') { // get the first embedded element and check find the property $ci = nvweb_content_items(array($item->id), true, 1, true, 'priority'); $item = new item(); if (isset($ci[0])) { $item->load($ci[0]->id); $property_value = $item->property($property_name); } } if (!$item->property_exists($property_name)) { // structure $property = nvweb_properties(array('mode' => 'structure', 'property' => $property_name, 'return' => 'object')); if (!empty($property)) { $property_value = $property->value; } else { // website if (isset($website->theme_options->{$property_name})) { $property_value = $website->theme_options->{$property_name}; } else { $property_value = ''; } } } } } } // if the property is multilanguage, get the value for the current language if (is_array($property_value)) { $property_value = $property_value[$current['lang']]; } // check the given condition if (isset($vars['empty']) || isset($vars['property_empty'])) { if (@$vars['empty'] == 'true' || @$vars['property_empty'] == 'true') { if (empty($property_value)) { $out = $item_html; } else { $out = ''; } } else { if (@$vars['empty'] == 'false' || @$vars['property_empty'] == 'false') { if (!empty($property_value)) { $out = $item_html; } else { $out = ''; } } } } else { if (isset($vars['property_value'])) { $condition_value = $vars['property_value']; switch ($vars['property_compare']) { case '>': case 'gt': $condition = $property_value > $condition_value; break; case '<': case 'lt': $condition = $property_value < $condition_value; break; case '>=': case '=>': case 'gte': $condition = $property_value >= $condition_value; break; case '<=': case '=<': case 'lte': $condition = $property_value <= $condition_value; break; case 'in': $condition_values = explode(",", $condition_value); $condition = in_array($property_value, $condition_values); break; case 'nin': $condition_values = explode(",", $condition_value); $condition = !in_array($property_value, $condition_values); break; case '!=': case 'neq': if (is_numeric($property_value)) { if ($condition_value == 'true' || $condition_value === true) { $condition_value = '1'; } else { if ($condition_value == 'false' || $condition_value === false) { $condition_value = '0'; } } } $condition = $property_value != $condition_value; break; case '=': case '==': case 'eq': default: if (is_numeric($property_value)) { if ($condition_value == 'true' || $condition_value === true) { $condition_value = '1'; } else { if ($condition_value == 'false' || $condition_value === false) { $condition_value = '0'; } } } $condition = $property_value == $condition_value; break; } if ($condition) { $out = $item_html; } else { $out = ''; } } } break; case 'template': case 'templates': $templates = array(); if (isset($vars['templates'])) { $templates = explode(",", $vars['templates']); } else { if (isset($vars['template'])) { $templates = array($vars['template']); } } if (in_array($item->template, $templates)) { $out = $item_html; } else { $out = ''; } break; case 'section': $section_empty = empty($item->dictionary[$current['lang']]['section-' . $vars['section']]); if ($vars['empty'] == 'true' && $section_empty || $vars['empty'] == 'false' && !$section_empty) { $out = $item_html; } else { $out = ''; } break; case 'access': $access = 0; switch ($vars['access']) { case 3: case 'webuser_groups': $access = 3; break; case 2: case 'not_signed_in': $access = 2; break; case 1: case 'signed_in': $access = 1; break; case 0: case 'everyone': default: $access = 0; break; } if ($item->access == $access) { $out = $item_html; } else { $out = ''; } break; case 'webuser': if ($vars['signed_in'] == 'true' && !empty($webuser->id)) { $out = $item_html; } else { if ($vars['signed_in'] == 'false' && empty($webuser->id)) { $out = $item_html; } else { $out = ''; } } break; case 'languages': if (count($website->languages_published) >= $vars['min']) { $out = $item_html; } else { if (count($website->languages_published) <= $vars['max']) { $out = $item_html; } } break; case 'language': if ($current['lang'] == $vars['lang']) { $out = $item_html; } break; case 'gallery': if ($vars['empty'] == 'true') { if (empty($item->galleries[0])) { $out = $item_html; } } else { if ($vars['empty'] == 'false') { if (!empty($item->galleries[0])) { $out = $item_html; } } else { if (isset($vars['min']) && count($item->galleries[0]) >= intval($vars['min'])) { $out = $item_html; } else { if (isset($vars['max']) && count($item->galleries[0]) <= intval($vars['max'])) { $out = $item_html; } } } } break; case 'tags': if ($vars['empty'] == 'true') { if (empty($item->dictionary[$current['lang']]['tags'])) { $out = $item_html; } } else { if ($vars['empty'] == 'false') { if (!empty($item->dictionary[$current['lang']]['tags'])) { $out = $item_html; } } } break; case 'comments': $DB->query(' SELECT COUNT(*) as total FROM nv_comments WHERE website = ' . protect($website->id) . ' AND item = ' . protect($item->id) . ' AND status = 0 '); $rs = $DB->result(); $comments_count = $rs[0]->total + 0; if (isset($vars['allowed'])) { if ($vars['allowed'] == 'true' || $vars['allowed'] == '1' || empty($vars['allowed'])) { // comments allowed to everybody (2) or to registered users only (1) if ($item->comments_enabled_to == 2 || $item->comments_enabled_to == 1 && !empty($webuser->id)) { $out = $item_html; } } else { if ($vars['allowed'] == 'false') { // comments not allowed for anyone or for webusers but there is no webuser active right now if ($item->comments_enabled_to == 0 || $item->comments_enabled_to == 1 && empty($webuser->id)) { $out = $item_html; } } } } else { if (isset($vars['min']) && $comments_count >= intval($vars['min'])) { $out = $item_html; } else { if (isset($vars['max']) && $comments_count <= intval($vars['max'])) { $out = $item_html; } } } break; default: // unknown nvlist_conditional, discard $out = ''; } // return the new html code after applying the condition return $out; }
function nvweb_archive($vars = array()) { global $website; global $DB; global $current; global $webgets; $webget = "archive"; $out = array(); $permission = !empty($_SESSION['APP_USER#' . APP_UNIQUE]) ? 1 : 0; $access = !empty($current['webuser']) ? 1 : 2; if (empty($vars['categories'])) { if ($current['type'] == 'structure') { $categories = array($current['id']); } else { $categories = array($current['object']->category); } $categories = nvweb_menu_get_children($categories); } else { if (!empty($vars['categories'])) { if (!is_numeric($vars['categories']) && strpos($vars['categories'], ',') === false) { // we want to get the categories from a specific property of the current page $categories = nvweb_properties(array('property' => $vars['categories'])); if (empty($categories) && @$vars['nvlist_parent_vars']['source'] == 'block_group') { $categories = nvweb_properties(array('mode' => 'block_group_block', 'property' => $vars['categories'], 'id' => $vars['nvlist_parent_item']->id, 'uid' => $vars['nvlist_parent_item']->uid)); } if (!is_array($categories)) { $categories = explode(',', $categories); $categories = array_filter($categories); // remove empty elements } } else { $categories = explode(',', $vars['categories']); $categories = array_filter($categories); // remove empty elements } if ($vars['children'] == 'true') { $categories = nvweb_menu_get_children($categories); } } } if ($vars['search_page_type'] == 'theme') { $archive_url = $website->absolute_path() . '/nvsearch'; } else { $archive_url = nvweb_source_url($vars['search_page_type'], $vars['search_page_id']); } if (strpos($vars['nvweb_html'], 'jquery') === false) { $out[] = '<script language="javascript" type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>'; } // retrieve posts number by year, month, and... // checking if there are available in the current language (items must have custom paths assigned) $DB->query(' SELECT COUNT(i.id) AS total, MONTH(FROM_UNIXTIME(COALESCE(NULLIF(i.date_to_display, 0), i.date_created))) as month, YEAR(FROM_UNIXTIME(COALESCE(NULLIF(i.date_to_display, 0), i.date_created))) as year FROM nv_items i WHERE i.website = ' . $website->id . ' AND i.permission <= ' . $permission . ' AND (i.date_published = 0 OR i.date_published < ' . core_time() . ') AND (i.date_unpublish = 0 OR i.date_unpublish > ' . core_time() . ') AND i.category IN(' . implode(",", $categories) . ') AND (i.access = 0 OR i.access = ' . $access . ') AND 0 < ( SELECT COUNT(p.id) FROM nv_paths p WHERE p.website = ' . $website->id . ' AND p.type = "item" AND p.object_id = i.id AND p.lang = "' . $current['lang'] . '" ) GROUP BY year, month ORDER BY year DESC, month DESC '); $dataset = $DB->result(); switch (@$vars['mode']) { case 'month': $out[] = nvweb_archive_render('month', $dataset, $archive_url, $categories); break; case 'year': $type = 'year'; if ($vars['collapsed'] == 'true') { $type = 'year-collapsed'; } $out[] = nvweb_archive_render($type, $dataset, $archive_url, $categories); break; case 'adaptive': default: // let the webget decide the render type // ---> less or equal than 12 months in the list: month view if (count($dataset) <= 12) { $out[] = nvweb_archive_render('month', $dataset, $archive_url, $categories); } else { // year view $out[] = nvweb_archive_render('year', $dataset, $archive_url, $categories); } break; } $out = implode("\n", $out); return $out; }