function mobile_event(&$vars) { if (!($_SERVER['REMOTE_ADDR'] == '204.244.102.2')) { trigger_error('Sorry but your IP address is unlike the Zeep server', E_USER_ERROR); } extract($vars); $Post =& $db->model('Post'); $Identity =& $db->model('Identity'); if ($_POST['event'] == 'MO') { // Array ( [sms_prefix] => omb__ [short_code] => 88147 [uid] => 243132 // [body] => test from deep [min] => +15035554444 [event] => MO ) $p = $Post->base(); $p->set_value('profile_id', $_POST['uid']); $p->set_value('parent_id', 0); $p->set_value('title', $_POST['body']); $p->save_changes(); $i = $Identity->find($_POST['uid']); if ($i) { $p->set_etag($i->person_id); } $response->set_var('profile', $i); load_apps(); trigger_after('insert_from_post', $Post, $p); $response = ""; } else { $response = "Welcome to " . environment('site_title'); } $header = array("Status: 200 OK", "Date: " . gmdate(DATE_RFC822), "Content-Type: text/plain", "Content-Length: " . strval(strlen($response))); foreach ($header as $str) { header($str); } echo substr($response, 0, 100); exit; }
function routematch($url = NULL) { // Match a URL against against one of the routes contained. if ($this->activeroute) { return; } $return = false; trigger_before('routematch', $this, $this->activeroute); if ($url === NULL) { $url = $this->uri; } foreach ($this->routes as $route) { if ($this->match($url, $route)) { break; $return = true; } } if (isset($this->params['method']) && !is_array($this->params['method'])) { $this->action = $this->method; } if (isset($this->params['forward_to'])) { $this->controller = $this->forward_to; } if (isset($this->action)) { if (!(strpos($this->action, ".") === false)) { // check for period $actionsplit = split("\\.", $this->action); $this->set_param('action', $actionsplit[0]); $this->set('client_wants', $actionsplit[1]); } } if (isset($this->resource)) { if (!(strpos($this->resource, ".") === false)) { // check for period $actionsplit = split("\\.", $this->resource); $this->set_param('resource', $actionsplit[0]); $this->set('client_wants', $actionsplit[1]); } } trigger_after('routematch', $this, $this->activeroute); return $return; }
function get_query($id = NULL, $find_by = NULL, &$model) { if (isset($model->query)) { $q = $model->query; unset($model->query); return $q; } $model->set_param('id', $id); $model->set_param('find_by', $find_by); trigger_before('get_query', $model, $this); $pkfield = $model->primary_key; if ($model->find_by == NULL) { $model->set_param('find_by', $model->primary_key); } $relfields = array(); $relfields = $model->relations; $table = $this->prefix . $model->table; $fieldstring = ''; $sql = "SELECT " . "\n"; if (!array_key_exists($pkfield, $model->field_array)) { $sql .= "{$table}.{$pkfield} as \"{$table}.{$pkfield}\", " . "\n"; } foreach ($model->field_array as $fieldname => $datatypename) { if (strpos($fieldname, ".") === false) { $fieldname = $table . "." . $fieldname; } $fieldstring .= "{$fieldname} as \"{$fieldname}\", " . "\n"; } $leftsql = ""; $first = true; if (count($relfields) > 0) { foreach ($relfields as $key => $val) { $spl = split("\\.", $val["fkey"]); if (!$this->models[$spl[0]]->exists) { ${$spl}[0] =& $this->get_table($spl[0]); } $leftsql .= "("; } foreach ($relfields as $key => $val) { $spl = split("\\.", $val["fkey"]); if ($val["type"] == 'child-many') { $join =& $this->get_table($model->join_table_for($table, $val['tab'])); $spl[0] = $this->prefix . $join->table; $val["fkey"] = $this->prefix . $join->table . '.' . strtolower(classify($table)) . "_" . $model->foreign_key_for($table); } else { foreach ($this->models[$spl[0]]->field_array as $fieldname => $datatypename) { $fieldstring .= $this->prefix . $spl[0] . "." . $fieldname . " as \"" . $this->prefix . $spl[0] . "." . $fieldname . "\", " . "\n"; } } if ($first) { $leftsql .= $table; } $leftsql .= " left join " . $this->prefix . $spl[0] . " on " . $table . "." . $val["col"] . " = " . $val["fkey"]; $leftsql .= ")"; $first = false; } } $fieldstring = substr($fieldstring, 0, -3) . " " . "\n"; $sql .= $fieldstring; $sql .= "FROM "; $sql .= $leftsql; if (!(strlen($leftsql) > 1)) { $sql .= $table; } if (is_array($model->find_by)) { $findfirst = true; $op = "AND"; $eq = '='; foreach ($model->find_by as $col => $val) { if (is_array($val)) { list($col, $val) = each($val); } if ($col == 'op') { $op = $val; } elseif ($col == 'eq') { $eq = $val; } else { if (strpos($col, ".") === false) { $field = "{$table}.{$col}"; } else { $field = $this->prefix . $col; } if ($findfirst) { $sql .= " WHERE {$field} {$eq} '{$val}' "; } else { $sql .= " {$op} {$field} {$eq} '{$val}' "; } $findfirst = false; } } } elseif ($model->id != NULL) { if (strpos($model->find_by, ".") === false) { $field = $table . "." . $model->find_by; } else { $field = $model->find_by; } $sql .= " WHERE {$field} = '" . $model->id . "' "; } if (!isset($model->orderby)) { $model->orderby = $table . "." . $pkfield; } if (!isset($model->order)) { $model->order = "DESC"; } if (!isset($model->offset)) { $model->offset = 0; } if (!isset($model->limit)) { $model->limit = 20; } if (isset($model->groupby)) { $sql .= " GROUP BY " . $model->groupby . " "; } $sql .= " ORDER BY " . $model->orderby . " "; $sql .= $model->order . $this->query_limit($model->limit, $model->offset); trigger_after('get_query', $model, $this); return $sql; }
/** * Save Changes * * Save attributes changed via ->set_value( field, new_value ) * * @author Brian Hendrickson <*****@*****.**> * @access public */ function save_changes() { global $db; $result = $db->save_record($this); if ($result) { $this->exists = true; } trigger_after('save_changes', $db, $this); return $result; }
function render_partial(&$request, $template) { trigger_before('render_partial', $this, $this); // content_for_layout() passes the $request->action as $template $ext = $this->pick_template_extension($request, $template); $view = $request->get_template_path($ext, $template); if ($template == 'get') { $template = 'index'; } if (file_exists($view)) { $action = "_" . $template; } else { $action = $template; } global $db; if (file_exists($view) && function_exists($action)) { trigger_before($request->action, $request, $db); $result = $action(array_merge($this->named_vars, $db->get_resource())); trigger_after($request->action, $request, $db); if (is_array($result)) { extract($result); } if (!$this->header_sent) { $content_type = 'Content-Type: ' . $this->pick_content_type($ext); if ($this->pick_content_charset($ext)) { $content_type .= '; charset=' . $this->pick_content_charset($ext); } header($content_type); $this->header_sent = true; } include $view; } else { // no template, check for blobcall if (in_array(type_of($ext), mime_types()) && !$this->header_sent) { $model =& $db->get_table($request->resource); if (isset($model->blob)) { $template = $model->blob; } trigger_before($request->action, $request, $db); $Member = $this->collection->MoveFirst(); render_blob($Member->{$template}, $ext); } else { if (strpos($request->uri, 'robots') === false || strpos($request->uri, 'crawl') === false) { admin_alert($request->uri . " {$view} {$action} " . $_SERVER[REMOTE_HOST]); } } } }
function handle_posted_file($filename = "", $att, $profile) { global $db, $request, $response; $response->set_var('profile', $profile); load_apps(); if (isset($_FILES['media']['tmp_name'])) { $table = 'uploads'; } else { $table = 'posts'; } $modelvar = classify($table); $_FILES = array(strtolower($modelvar) => array('name' => array('attachment' => $filename), 'tmp_name' => array('attachment' => $att))); $Post =& $db->model('Post'); $Upload =& $db->model('Upload'); $field = 'attachment'; $request->set_param('resource', $table); $request->set_param(array(strtolower(classify($table)), $field), $att); trigger_before('insert_from_post', ${$modelvar}, $request); $content_type = 'text/html'; $rec = ${$modelvar}->base(); $content_type = type_of($filename); $rec->set_value('profile_id', get_profile_id()); $rec->set_value('parent_id', 0); if (isset($request->params['message'])) { $rec->set_value('title', $request->params['message']); } else { $rec->set_value('title', ''); } if ($table == 'uploads') { $rec->set_value('tmp_name', 'new'); } $upload_types = environment('upload_types'); if (!$upload_types) { $upload_types = array('jpg', 'jpeg', 'png', 'gif'); } $ext = extension_for(type_of($filename)); if (!in_array($ext, $upload_types)) { trigger_error('Sorry, this site only allows the following file types: ' . implode(',', $upload_types), E_USER_ERROR); } $rec->set_value($field, $att); $rec->save_changes(); $tmp = $att; if (is_jpg($tmp)) { $thumbsize = environment('max_pixels'); $Thumbnail =& $db->model('Thumbnail'); $t = $Thumbnail->base(); $newthumb = tempnam("/tmp", "new" . $rec->id . ".jpg"); resize_jpeg($tmp, $newthumb, $thumbsize); $t->set_value('target_id', $atomentry->id); $t->save_changes(); update_uploadsfile('thumbnails', $t->id, $newthumb); $t->set_etag(); } $atomentry = ${$modelvar}->set_metadata($rec, $content_type, $table, 'id'); ${$modelvar}->set_categories($rec, $request, $atomentry); $url = $request->url_for(array('resource' => $table, 'id' => $rec->id)); // $title = substr($rec->title,0,140); // $over = ((strlen($title) + strlen($url) + 1) - 140); // if ($over > 0) // $rec->set_value('title',substr($title,0,-$over)." ".$url); // else // $rec->set_value('title',$title." ".$url); // $rec->save_changes(); trigger_after('insert_from_post', ${$modelvar}, $rec); return true; }
/** * render_static * * filter to intercept calls to static views * * @author Brian Hendrickson <*****@*****.**> * @access public * @param object $req * @param object $route */ function render_static(&$req, &$route) { trigger_before('render_static', $req, $route); if (!session_started()) { session_start(); } ob_start(); /* * List of known content types based on file extension. * Note: These must be built-in somewhere... */ $known_content_types = array("htm" => "text/html", "html" => "text/html", "js" => "text/javascript", "css" => "text/css", "xml" => "text/xml", "gif" => "image/gif", "jpg" => "image/jpeg", "jpeg" => "image/jpeg", "png" => "image/png", "txt" => "text/plain"); /* * Get the path of the target file. */ if (in_array('static', $req->params, true)) { $resource = ""; $slash = ""; for ($i = 4; $i < count($req->params); $i++) { $resource .= $slash . $req->params[$i]; $slash = "/"; } /* * Verify the existence of the target file. * Return HTTP 404 if needed. */ if (($src_uri = realpath($resource)) === false) { /* The file does not exist */ header("HTTP/1.1 404 Not Found"); echo "<html><body><h1>HTTP 404 - Not Found</h1></body></html>"; exit; } /* * Verify the requested file is under the doc root for security reasons. */ $doc_root = realpath("."); if (strpos($src_uri, $doc_root) !== 0) { header("HTTP/1.1 403 Forbidden"); echo "<html><body><h1>HTTP 403 - Forbidden</h1></body></html>"; exit; } /* * Set the HTTP response headers that will * tell the client to cache the resource. */ $file_last_modified = filemtime($src_uri); header("Last-Modified: " . date("r", $file_last_modified)); $max_age = 300 * 24 * 60 * 60; // 300 days $expires = $file_last_modified + $max_age; header("Expires: " . date("r", $expires)); $etag = dechex($file_last_modified); header("ETag: " . $etag); $cache_control = "must-revalidate, proxy-revalidate, max-age=" . $max_age . ", s-maxage=" . $max_age; header("Cache-Control: " . $cache_control); /* * Check if the client should use the cached version. * Return HTTP 304 if needed. */ if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE']) && $file_last_modified <= strtotime($_SERVER['HTTP_IF_MODIFIED_SINCE'])) { //error_log('using cached static file'); header("HTTP/1.1 304 Not Modified"); exit; } if (isset($_SERVER['HTTP_IF_NONE_MATCH']) && stripslashes($_SERVER['HTTP_IF_NONE_MATCH']) === $etag) { //error_log('using cached static file'); header("HTTP/1.1 304 Not Modified"); exit; } /* * Extract the directory, file name and file * extension from the "uri" parameter. */ $uri_dir = ""; $file_name = ""; $content_type = ""; $uri_parts = explode("/", $src_uri); for ($i = 0; $i < count($uri_parts) - 1; $i++) { $uri_dir .= $uri_parts[$i] . "/"; } $file_name = end($uri_parts); $file_parts = explode(".", $file_name); if (count($file_parts) > 1) { $file_extension = end($file_parts); $content_type = $known_content_types[$file_extension]; } /* * Get the target file. * If the browser accepts gzip encoding, the target file * will be the gzipped version of the requested file. */ $dst_uri = $src_uri; $compress = true; /* * Let's compress only text files... */ $compress = $compress && strpos($content_type, "text") !== false; /* * Finally, see if the client sent us the correct Accept-encoding: header value... */ $compress = $compress && strpos($_SERVER["HTTP_ACCEPT_ENCODING"], "gzip") !== false; if ($compress) { $gz_uri = "tmp/gzip/" . $src_uri . ".gz"; if (file_exists($gz_uri)) { $src_last_modified = filemtime($src_uri); $dst_last_modified = filemtime($gz_uri); // The gzip version of the file exists, but it is older // than the source file. We need to recreate it... if ($src_last_modified > $dst_last_modified) { unlink($gz_uri); } } if (!file_exists($gz_uri)) { if (!file_exists("tmp/gzip/" . $uri_dir)) { mkdir_r("tmp/gzip/" . $uri_dir); } $error = false; if ($fp_out = gzopen($gz_uri, "wb")) { if ($fp_in = fopen($src_uri, "rb")) { while (!feof($fp_in)) { gzwrite($fp_out, fread($fp_in, 1024 * 512)); } fclose($fp_in); } else { $error = true; } gzclose($fp_out); } else { $error = true; } if (!$error) { $dst_uri = $gz_uri; header("Content-Encoding: gzip"); } } else { $dst_uri = $gz_uri; header("Content-Encoding: gzip"); } } /* * Output the target file and set the appropriate HTTP headers. */ if ($content_type) { header("Content-Type: " . $content_type); } header("Content-Length: " . filesize($dst_uri)); readfile($dst_uri); ob_end_flush(); } trigger_after('render_static', $req, $route); }
function find($id = NULL, $find_by = NULL) { trigger_before('find', $this, $this); global $db; global $request; trigger_before('find', $this, $db); if (isset($this->find_by) && $find_by == NULL) { $find_by = $this->find_by; } if (isset($this->id) && $id == NULL) { $find_by = $this->find_by; } if ($id != NULL) { $id = $db->escape_string($id); } if ($find_by != NULL) { foreach ($find_by as $k => $v) { $v = $db->escape_string($v); } } // special index-find subselect behavior for (metadata) tables (tables with a target_id field) if (strstr($request->action, "index") && array_key_exists('target_id', $this->field_array)) { $find_by = 'target_id'; } $db->recordsets[$this->table] = $db->get_recordset($this->get_query($id, $find_by)); $rs =& $db->recordsets[$this->table]; unset($this->find_by); unset($this->id); if (!$rs) { return false; } if ($id != NULL && $rs->rowcount > 0) { if ($find_by != NULL) { return $rs->Load($this->table, 0); } else { return $rs->Load($this->table, $rs->rowmap[$this->table][$id]); } } trigger_after('find', $this, $db); return false; }
function Load($table, $row) { global $db; trigger_before('Load', $db, $this); if (!($row < $this->rowcount)) { return false; } if (array_key_exists($table, $this->fieldlist)) { $this->activerow[$table] = $db->fetch_array($this->result, $row); foreach ($this->fieldlist[$table] as $field => $idx) { $this->fieldlist[$table][$field] =& $this->activerow[$table][$db->prefix . $table . "." . $field]; } trigger_after('Load', $db, $this); return $db->iterator_load_record($table, $this->fieldlist[$table], $this); } else { return false; } }
function post(&$vars) { extract($vars); global $request; $modelvar = classify($request->resource); trigger_before('insert_from_post', ${$modelvar}, $request); $table = $request->resource; $content_type = 'text/html'; $rec = ${$modelvar}->base(); if (!${$modelvar}->can_create($table)) { trigger_error("Sorry, you do not have permission to " . $request->action . " " . $table, E_USER_ERROR); } $fields = ${$modelvar}->fields_from_request($request); $fieldlist = $fields[$table]; foreach ($fieldlist as $field => $type) { if (${$modelvar}->has_metadata && is_blob($table . '.' . $field)) { if (isset($_FILES[strtolower(classify($table))]['name'][$field])) { $content_type = type_of($_FILES[strtolower(classify($table))]['name'][$field]); } } $rec->set_value($field, $request->params[strtolower(classify($table))][$field]); } $rec->set_value('profile_id', get_profile_id()); $result = $rec->save_changes(); if (!$result) { trigger_error("The record could not be saved into the database.", E_USER_ERROR); } $atomentry = ${$modelvar}->set_metadata($rec, $content_type, $table, 'id'); ${$modelvar}->set_categories($rec, $request, $atomentry); if (is_upload($table, 'attachment')) { $upload_types = environment('upload_types'); if (!$upload_types) { $upload_types = array('jpg', 'jpeg', 'png', 'gif'); } $ext = extension_for(type_of($_FILES[strtolower(classify($table))]['name']['attachment'])); if (!in_array($ext, $upload_types)) { trigger_error('Sorry, this site only allows the following file types: ' . implode(',', $upload_types), E_USER_ERROR); } $url = $request->url_for(array('resource' => $table, 'id' => $rec->id)); $title = substr($rec->title, 0, 140); $over = strlen($title) + strlen($url) + 1 - 140; if ($over > 0) { $rec->set_value('title', substr($title, 0, -$over) . " " . $url); } else { $rec->set_value('title', $title . " " . $url); } $rec->save_changes(); $tmp = $_FILES[strtolower(classify($table))]['tmp_name']['attachment']; if (is_jpg($tmp)) { $thumbsize = environment('max_pixels'); $Thumbnail =& $db->model('Thumbnail'); $t = $Thumbnail->base(); $newthumb = tempnam("/tmp", "new" . $rec->id . ".jpg"); resize_jpeg($tmp, $newthumb, $thumbsize); $t->set_value('target_id', $atomentry->id); $t->save_changes(); update_uploadsfile('thumbnails', $t->id, $newthumb); $t->set_etag(); } } trigger_after('insert_from_post', ${$modelvar}, $rec); header_status('201 Created'); redirect_to($request->base); }
$request->set_param(array('post', 'url'), $tweeturl); $request->set_param(array('post', 'title'), $title); $request->set_param(array('post', 'profile_id'), $u->profile_id); $table = 'posts'; $content_type = 'text/html'; $rec = $Post->base(); $fields = $Post->fields_from_request($request); $fieldlist = $fields['posts']; foreach ($fieldlist as $field => $type) { $rec->set_value($field, $request->params[strtolower(classify($table))][$field]); } $Identity =& $db->model('Identity'); $id = $Identity->find($u->profile_id); $rec->save_changes(); $rec->set_etag($id->person_id); trigger_after('insert_tweets_via_cron', $Post, $rec); } } } } } } if ($latest) { $options[1]['last_id'] = $latest; } $options[1]['busy'] = 0; update_option($options[0], $options[1]); } function add_tweet_user($data) { global $db;
function oauth_omb_post(&$vars) { extract($vars); wp_plugin_include(array('wp-oauth')); $store = new OAuthWordpressStore(); $server = new OAuthServer($store); $sha1_method = new OAuthSignatureMethod_HMAC_SHA1(); $plaintext_method = new OAuthSignatureMethod_PLAINTEXT(); $server->add_signature_method($sha1_method); $server->add_signature_method($plaintext_method); $req = OAuthRequest::from_request(); //$token = $server->fetch_access_token($req); list($consumer, $token) = $server->verify_request($req); $version = $req->get_parameter('omb_version'); if ($version != OMB_VERSION) { trigger_error('invalid omb version', E_USER_ERROR); } $listenee = $req->get_parameter('omb_listenee'); $Identity =& $db->model('Identity'); $sender = $Identity->find_by('profile', $listenee); if (!$sender) { header('HTTP/1.1 403 Forbidden'); exit; } $Subscription =& $db->model('Subscription'); $sub = $Subscription->find_by(array('subscribed' => $sender->id)); if (!$sub) { header('HTTP/1.1 403 Forbidden'); exit; } $content = $req->get_parameter('omb_notice_content'); $notice_uri = $req->get_parameter('omb_notice'); $notice_url = $req->get_parameter('omb_notice_url'); $Post =& $db->model('Post'); $p = $Post->find_by('uri', $notice_uri); if (!$p) { $p = $Post->base(); $p->set_value('profile_id', $sender->id); $p->set_value('parent_id', 0); $p->set_value('uri', $notice_uri); $p->set_value('url', $notice_url); $p->set_value('title', $content); $p->save_changes(); $p->set_etag($sender->person_id); trigger_after('insert_from_post', $Post, $p); } print "omb_version=" . OMB_VERSION; exit; }
/** * Delete Record * * delete a record from the database * * @author Brian Hendrickson <*****@*****.**> * @access public * @param Record rec * @return boolean */ function delete_record(&$rec) { $return = false; trigger_before('delete_record', $this, $rec); if ($rec->exists) { if (isset($rec->attributes['entry_id']) && $this->table_exists('entries')) { $Entry =& $this->model('Entry'); $e = $Entry->find_by(array('resource' => $rec->table, 'record_id' => $rec->id)); if ($e) { $join =& $this->get_table($Entry->join_table_for('categories', 'entries')); $join->find_by('entry_id', $e->id); while ($j = $join->MoveNext()) { $jdel = $this->get_result($this->sql_delete_for($j)); } } } if (strlen($rec->attributes[$rec->primary_key]) > 0) { $result = $this->get_result($this->sql_delete_for($rec)); } if (!$result) { $return = false; } else { $rec->exists = false; $return = true; } } trigger_after('delete_record', $this, $rec); return $return; }
/** * Set Value * * change a Record attribute value, and * register the change in the database * * @author Brian Hendrickson <*****@*****.**> * @access public * @param string field_name * @param string value */ function set_value($field, $value) { global $db; trigger_before('set_value', $this, $db); if (!isset($this->attributes[$this->primary_key])) { $pkfield = $this->primary_key; $this->attributes[$pkfield] = ""; $this->{$pkfield} =& $this->attributes[$pkfield]; } if ($this->validate_field($field, $value)) { if ($db->models[$this->table]->is_blob($field) && is_array($value)) { $value = $value['tmp_name']; } $this->attributes[$field] = $value; if (!isset($this->{$field})) { $this->{$field} =& $this->attributes[$field]; } $this->modified_fields[] = $field; } else { trigger_error("the new value for {$field} is invalid", E_USER_ERROR); } trigger_after('set_value', $this, $db); }