protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$audioID = pg_escape_string($this->fieldData['audioID']);
$sql = "SELECT jinglepkgid FROM audiojinglepkgs WHERE audioid = {$audioID}";
$jinglepkgID = $db->getOne($sql);
$sql = "SELECT name FROM jinglepkgs WHERE id = {$jinglepkgID}";
$currentpkg = $db->getOne($sql);
if ($currentpkg == '') {
$currentpkg = 'Default';
}
$sql = "SELECT title FROM audio WHERE id = {$audioID}";
$jinglename = $db->getOne($sql);
$sql = "SELECT name, id FROM jinglepkgs";
$jinglepkgs = $db->getAll($sql);
$this->assign('access_playlist', AuthUtil::getDetailedUserrealmAccess(array(3, 21, 33), $userID));
$this->assign('access_sue', AuthUtil::getDetailedUserrealmAccess(array(24, 20, 3), $userID));
$this->assign('Admin', AuthUtil::getDetailedUserrealmAccess(array(1), $userID));
$this->assign('jinglepkgs', $jinglepkgs);
$this->assign('currentpkg', $currentpkg);
$this->assign('currentpkgid', $jinglepkgID);
$this->assign('jinglename', $jinglename);
$this->assign('jingleID', $audioID);
}
function __construct()
{
parent::__construct();
$this->setTitle(sprintf(Messages::getString('EnterDataPage.Title'), $this->project->getName()));
$this->menu = array(Messages::getString('General.AdminMenu') => "admin.php") + $this->menu;
$this->db = Database::getInstance();
}
/**
* constructor
*/
function sfCategory($id = null)
{
$this->db =& Database::getInstance();
$this->initVar("categoryid", XOBJ_DTYPE_INT, null, false);
$this->initVar("parentid", XOBJ_DTYPE_INT, null, false);
$this->initVar("name", XOBJ_DTYPE_TXTBOX, null, true, 100);
$this->initVar("description", XOBJ_DTYPE_TXTAREA, null, false, 255);
$this->initVar("total", XOBJ_DTYPE_INT, 1, false);
$this->initVar("weight", XOBJ_DTYPE_INT, 1, false);
$this->initVar("created", XOBJ_DTYPE_INT, null, false);
$this->initVar("last_faq", XOBJ_DTYPE_INT);
//not persistent values
$this->initVar("faqcount", XOBJ_DTYPE_INT, 0, false);
$this->initVar('last_faqid', XOBJ_DTYPE_INT);
$this->initVar('last_question_link', XOBJ_DTYPE_TXTBOX);
if (isset($id)) {
if (is_array($id)) {
$this->assignVars($id);
} else {
$category_handler = new sfCategoryHandler($this->db);
$category =& $category_handler->get($id);
foreach ($category->vars as $k => $v) {
$this->assignVar($k, $v['value']);
}
$this->assignOtherProperties();
}
}
}
public function getConfiguration($param)
{
$dc = Database::getInstance();
$obj = $dc->prepare('SELECT * FROM tl_rs_settings ORDER BY have_license,language, language_demo ASC')->execute()->fetchAllAssoc();
$returner = array();
$error = true;
$edit_link = '<a href="contao/main.php?do=readspeaker_settings&act=edit&id=%s&rt=%s&ref=%s" title="" class="edit"><img src="system/themes/default/images/edit.gif" width="12" height="16" alt="Edit "></a>';
if (count($obj) >= 1) {
$error = false;
foreach ($obj as $key => $row) {
if ($row['have_license']) {
$returner['ID: ' . $row['customer_id']][$row['id']] = $GLOBALS['TL_LANG']['MSC']['rs_language_codes'][$row['language']] . ' ' . ($row['domain'] ? '[' . $row['domain'] . ']' : '');
// . ' ' . ($row['note'] ? '<span class="tl_blue" >[' . $row['note'] . ']</span>' : '');
} else {
$returner['DEMO'][$row['id']] = $GLOBALS['TL_LANG']['MSC']['rs_language_codes'][$row['language_demo']] . ' ' . ($row['domain'] ? '[' . $row['domain'] . ']' : '');
// . ' ' . ($row['note'] ? '<span class="tl_blue" >[' . $row['note'] . ']</span>' : '');
}
}
}
if ($error) {
$session = $this->Session->get('referer');
$session[TL_REFERER_ID]['current'] = substr(\Environment::get('requestUri'), strlen(TL_PATH) + 1);
$this->Session->set('referer', $session);
Message::addRaw(sprintf($GLOBALS['TL_LANG']['tl_module']['error']['error_no_settings'], REQUEST_TOKEN, TL_REFERER_ID));
}
return $returner;
}
public function run($blnInstalled)
{
$this->db = \Database::getInstance();
if ($blnInstalled) {
$this->convertSerializedValues();
}
}
/**
* @param array $navigation
* @param $showAll
*
* @return array
* @SuppressWarnings(PHPMD.CyclomaticComplexity)
*/
public static function hookGetUserNavigation(array $navigation, $showAll)
{
if (TL_MODE == 'BE') {
try {
if (!$showAll) {
$database = \Database::getInstance();
if ($database->tableExists('orm_avisota_message_category')) {
$category = Helper::resolveCategoryFromInput();
if ($category) {
$foundCustomEntry = false;
$menu =& $navigation['avisota'];
foreach ($menu['modules'] as $name => &$module) {
if ($name == 'avisota_category_' . $category->getId()) {
$module['class'] .= ' active';
$foundCustomEntry = true;
}
}
if ($foundCustomEntry) {
$classes = explode(' ', $menu['modules']['avisota_newsletter']['class']);
$classes = array_map('trim', $classes);
$pos = array_search('active', $classes);
if ($pos !== false) {
unset($classes[$pos]);
}
$menu['modules']['avisota_newsletter']['class'] = implode(' ', $classes);
}
}
}
}
} catch (\Exception $exception) {
// silently ignore
}
}
return $navigation;
}
public function getArticleOptions(CreateOptionsEvent $event)
{
\Controller::loadLanguageFile('tl_article');
$database = \Database::getInstance();
$dataContainer = $event->getDataContainer();
$options = $event->getOptions();
// add articles in this page to options array
$resultSet = $database->prepare('SELECT a.id, a.title, a.inColumn
FROM tl_article a
INNER JOIN tl_article b
ON a.pid = b.pid
INNER JOIN tl_content c
ON c.pid = b.id
WHERE c.id = ?
ORDER BY a.inColumn, a.sorting')->execute($dataContainer->id);
while ($resultSet->next()) {
if (isset($GLOBALS['TL_LANG']['tl_article'][$resultSet->inColumn])) {
$sectionName = $GLOBALS['TL_LANG']['tl_article'][$resultSet->inColumn];
} else {
$sectionName = $resultSet->inColumn;
}
if (isset($GLOBALS['TL_LANG']['tl_article'][$sectionName])) {
$sectionName = $GLOBALS['TL_LANG']['tl_article'][$sectionName];
}
$options[$sectionName][$resultSet->id] = $resultSet->title;
}
}
/**
* Retrieve the type name from an attribute.
*
* @param int $value The id of an attribute.
*
* @return string
*/
public function getTypeOfAttribute($value)
{
if (!isset(self::$attributeTypes[$value])) {
self::$attributeTypes[$value] = \Database::getInstance()->prepare('SELECT type FROM tl_metamodel_attribute WHERE id=?')->limit(1)->execute($value)->type;
}
return self::$attributeTypes[$value];
}
function login($email, $password)
{
$db = Database::getInstance();
$mysqli = $db->getConnection();
$mysqli->query("SET NAMES utf8");
$sql_query = 'SELECT * FROM user WHERE email="' . $email . '"';
$result = $mysqli->query($sql_query);
$user = mysqli_fetch_assoc($result);
global $password;
//if password correct
if (password_verify($password, $user['password'])) {
session_start();
$_SESSION['auth'] = true;
$_SESSION['id'] = $user['id'];
$_SESSION['user'] = $user['user'];
//check keep login, set coockie
if ($_POST['loginkeeping'] == "on") {
$key = md5(generate(7, 15));
setcookie('login', $user['user'], time() + 60 * 60 * 24 * 365);
setcookie('key', $key, time() + 60 * 60 * 24 * 365);
$sql_query = "UPDATE user SET cookie='" . $key . "' WHERE id='" . $user['id'] . "'";
$mysqli->query($sql_query);
//if no keep login, set cookie as NULL
} else {
$sql_query = "UPDATE user SET cookie=NULL WHERE id='" . $user['id'] . "'";
$mysqli->query($sql_query);
}
header("Location: http://" . $_SERVER['SERVER_NAME']);
} else {
echo "Email or password is incorrect";
}
}
public static function doesUserHasAccess($moduleName, $userId, $accessType)
{
try {
$db = Database::getInstance();
$conn = $db->getConnection();
$stmt = $conn->prepare("SELECT `isSuperUser` FROM `usermaster` WHERE `userId` =:userId");
$stmt->bindParam(':userId', $userId, PDO::PARAM_STR);
$stmt->execute();
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
$isSuperUser = $result[0]['isSuperUser'];
if ($isSuperUser) {
return true;
}
$stmt = $conn->prepare("SELECT * FROM `roleaccesspermission` WHERE `accessId` IN (SELECT `accessId` FROM `accesspermission` WHERE `ModuleName`=:moduleName AND `accessType`=:accessType) AND `roleId` IN (SELECT `roleId` FROM `userroleinfo` WHERE `userId`=:userId)");
$stmt->bindParam(':moduleName', $moduleName, PDO::PARAM_STR);
$stmt->bindParam(':userId', $userId, PDO::PARAM_STR);
$stmt->bindParam(':accessType', $accessType, PDO::PARAM_STR);
if ($stmt->execute()) {
$result = $stmt->fetchAll(PDO::FETCH_ASSOC);
if (count($result) > 0) {
return true;
} else {
return false;
}
} else {
return false;
}
} catch (Exception $e) {
return false;
}
return false;
}
/**
* @param GetEditModeButtonsEvent $objEvent
*/
public function addButton(GetEditModeButtonsEvent $objEvent)
{
if (!$this->isRightContext($objEvent->getEnvironment())) {
return;
}
// Check the file cache.
$strInitFilePath = '/system/config/initconfig.php';
if (file_exists(TL_ROOT . $strInitFilePath)) {
$strFile = new \File($strInitFilePath);
$arrFileContent = $strFile->getContentAsArray();
foreach ($arrFileContent as $strContent) {
if (!preg_match("/(\\/\\*|\\*|\\*\\/|\\/\\/)/", $strContent)) {
//system/tmp.
if (preg_match("/system\\/tmp/", $strContent)) {
// Set data.
\Message::addInfo($GLOBALS['TL_LANG']['MSC']['disabled_cache']);
}
}
}
}
// Update a field with last sync information
$objSyncTime = \Database::getInstance()->prepare("SELECT cl.syncFrom_tstamp as syncFrom_tstamp, user.name as syncFrom_user, user.username as syncFrom_alias\n FROM tl_synccto_clients as cl\n INNER JOIN tl_user as user\n ON cl.syncTo_user = user.id\n WHERE cl.id = ?")->limit(1)->execute(\Input::get("id"));
if ($objSyncTime->syncFrom_tstamp != 0 && strlen($objSyncTime->syncFrom_user) != 0 && strlen($objSyncTime->syncFrom_alias) != 0) {
$strLastSync = vsprintf($GLOBALS['TL_LANG']['MSC']['last_sync'], array(date($GLOBALS['TL_CONFIG']['timeFormat'], $objSyncTime->syncFrom_tstamp), date($GLOBALS['TL_CONFIG']['dateFormat'], $objSyncTime->syncFrom_tstamp), $objSyncTime->syncFrom_user, $objSyncTime->syncFrom_alias));
// Set data
\Message::addInfo($strLastSync);
}
// Set buttons.
$objEvent->setButtons(array('start_sync' => '<input type="submit" name="start_sync" id="start_sync" class="tl_submit" accesskey="s" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['sync']) . '" />', 'start_sync_all' => '<input type="submit" name="start_sync_all" id="start_sync_all" class="tl_submit" accesskey="o" value="' . specialchars($GLOBALS['TL_LANG']['MSC']['syncAll']) . '" />'));
}
function createActivityList()
{
$db = Database::getInstance();
$cxn = $db->getConnection();
if ($this->activityid == '') {
$query = "SELECT * FROM Activity";
} else {
if (in_array($this->activityid, $this->production)) {
$query = "SELECT * FROM Activity WHERE Activity_ID IN(1,2,3,16)";
} else {
if (in_array($this->activityid, $this->nonproduction)) {
$query = "SELECT * FROM Activity WHERE Activity_ID IN(4,8,9,11,12)";
}
}
}
// print("$query<br>");
if (!($res = $cxn->query($query))) {
echo "error :", $cxn->error;
} else {
$rows = array();
while ($r = mysqli_fetch_assoc($res)) {
$rows[] = $r;
}
$this->activitylist = json_encode($rows);
}
}
/**
* Fill the object's arrProducts array
*
* @param array|null $arrCacheIds
*
* @return array
*/
protected function findProducts($arrCacheIds = null)
{
$t = Product::getTable();
$arrColumns = array();
$arrCategories = $this->findCategories();
$arrProductIds = \Database::getInstance()->query("\n SELECT pid\n FROM tl_iso_product_category\n WHERE page_id IN (" . implode(',', $arrCategories) . ")\n ")->fetchEach('pid');
$arrTypes = \Database::getInstance()->query("SELECT id FROM tl_iso_producttype WHERE variants='1'")->fetchEach('id');
if (empty($arrProductIds)) {
return array();
}
$queryBuilder = new FilterQueryBuilder(Isotope::getRequestCache()->getFiltersForModules($this->iso_filterModules));
$arrColumns[] = "(\n ({$t}.id IN (" . implode(',', $arrProductIds) . ") AND {$t}.type NOT IN (" . implode(',', $arrTypes) . "))\n OR {$t}.pid IN (" . implode(',', $arrProductIds) . ")\n )";
if (!empty($arrCacheIds) && is_array($arrCacheIds)) {
$arrColumns[] = Product::getTable() . ".id IN (" . implode(',', $arrCacheIds) . ")";
}
// Apply new/old product filter
if ($this->iso_newFilter == 'show_new') {
$arrColumns[] = Product::getTable() . ".dateAdded>=" . Isotope::getConfig()->getNewProductLimit();
} elseif ($this->iso_newFilter == 'show_old') {
$arrColumns[] = Product::getTable() . ".dateAdded<" . Isotope::getConfig()->getNewProductLimit();
}
if ($this->iso_list_where != '') {
$arrColumns[] = $this->iso_list_where;
}
if ($queryBuilder->hasSqlCondition()) {
$arrColumns[] = $queryBuilder->getSqlWhere();
}
$arrSorting = Isotope::getRequestCache()->getSortingsForModules($this->iso_filterModules);
if (empty($arrSorting) && $this->iso_listingSortField != '') {
$direction = $this->iso_listingSortDirection == 'DESC' ? Sort::descending() : Sort::ascending();
$arrSorting[$this->iso_listingSortField] = $direction;
}
$objProducts = Product::findAvailableBy($arrColumns, $queryBuilder->getSqlValues(), array('order' => 'c.sorting', 'filters' => $queryBuilder->getFilters(), 'sorting' => $arrSorting));
return null === $objProducts ? array() : $objProducts->getModels();
}
public function __construct()
{
//SINGLETON------------------------------------
$this->msgs = messages::getInstance();
$this->db = Database::getInstance();
//---------------------------------------------
}
function XoopsTree($table_name, $id_name, $pid_name)
{
$this->db =& Database::getInstance();
$this->table = $table_name;
$this->id = $id_name;
$this->pid = $pid_name;
}
function processForm()
{
if (!$_POST['name']) {
return Messages::getString('CreateProjectPage.ProjectNameNotEmpty');
}
if (!$_POST['pwd']) {
return Messages::getString('CreateProjectPage.PasswordNotEmpty');
}
if ($_POST['pwd'] != $_POST['pwd2']) {
return Messages::getString('CreateProjectPage.PasswordsNotEqual');
}
if (!$this->CheckPostMasterPassword()) {
return Messages::getString('CreateProjectPage.MasterPasswordWrong');
}
try {
$db = Database::getInstance();
$project_info = array('name' => stripslashes($_POST['name']), 'pwd' => stripslashes($_POST['pwd']), 'info' => Config::$default_project_info['info'], 'access' => Config::$default_project_info['access'], 'introduction' => Config::$default_project_info['introduction'], 'hint' => Config::$default_project_info['hint']);
if (!($this->new_project_id = $db->insertProject($project_info))) {
return sprintf("%s: %s", Messages::getString('General.dbError'), $db->lastError());
}
} catch (Exception $exception) {
// in this case, render exception as error.
return $exception;
}
return '';
}
function b_waiting_PDlinks()
{
$xoopsDB =& Database::getInstance();
$ret = array();
// PDlinks waiting
$block = array();
$result = $xoopsDB->query("SELECT COUNT(*) FROM " . $xoopsDB->prefix("PDlinks_links") . " WHERE status=0");
if ($result) {
$block['adminlink'] = XOOPS_URL . "/modules/PDlinks/admin/newlinks.php";
list($block['pendingnum']) = $xoopsDB->fetchRow($result);
$block['lang_linkname'] = _PI_WAITING_WAITINGS;
}
$ret[] = $block;
// PDlinks broken
$block = array();
$result = $xoopsDB->query("SELECT COUNT(*) FROM " . $xoopsDB->prefix("PDlinks_broken"));
if ($result) {
$block['adminlink'] = XOOPS_URL . "/modules/PDlinks/admin/brokenlink.php";
list($block['pendingnum']) = $xoopsDB->fetchRow($result);
$block['lang_linkname'] = _PI_WAITING_BROKENS;
}
$ret[] = $block;
// PDlinks modreq
$block = array();
$result = $xoopsDB->query("SELECT COUNT(*) FROM " . $xoopsDB->prefix("PDlinks_mod"));
if ($result) {
$block['adminlink'] = XOOPS_URL . "/modules/PDlinks/admin/index.php?op=listModReq";
list($block['pendingnum']) = $xoopsDB->fetchRow($result);
$block['lang_linkname'] = _PI_WAITING_MODREQS;
}
$ret[] = $block;
return $ret;
}
public static function getPropertyEvents($pID)
{
try {
$DBH = Database::getInstance();
$DBH->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
} catch (PDOException $e) {
echo "Unable to connect";
file_put_contents(__DIR__ . '/../Log/PDOErrorLog.txt', $e->getMessage(), FILE_APPEND);
exit;
}
try {
$eventArray = [];
$statement = $DBH->prepare("SELECT * FROM calendar WHERE propertyID = :propertyID");
$statement->bindParam(':propertyID', $pID);
$statement->execute();
while ($row = $statement->fetch(PDO::FETCH_OBJ)) {
$eventArray[] = $row;
}
return $eventArray;
#close db connection
$DBH = NULL;
exit;
} catch (PDOException $e) {
echo "Could not load calendar events";
file_put_contents(__DIR__ . '/../Log/PDOErrorLog.txt', $e->getMessage(), FILE_APPEND);
$DBH = NULL;
exit;
}
}
/**
* public queueNewUser($email, $password)
*
* Creates a new user and stores it in the TEMP database, setting
* the local object's data. It then sends an email with an activation links.
*
* Returns true on success.
*/
public function queueNewUser($email, $username, $pw)
{
// Send back a return code to state whether its success/fail
// eg 1 would be success
// 2 means "email already registered"
$db = Database::getInstance();
$query = "\n\t\t\t\tINSERT INTO users_confirm (\n\t\t\t\t\temail,\n\t\t\t\t\tusername,\n\t\t\t\t\tpassword,\n\t\t\t\t\tsalt,\n\t\t\t\t\tactivation_key\n\t\t\t\t) VALUES (\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?,\n\t\t\t\t\t?\n\t\t\t\t)\n\t\t\t";
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
// This hashes the password with the salt so it can be stored securely.
$password = hash('sha256', $pw . $salt);
// Next we hash the hash value 65536 more times. The purpose of this is to
// protect against brute force attacks. Now an attacker must compute the hash 65537
// times for each guess they make against a password, whereas if the password
// were hashed only once the attacker would have been able to make 65537 different
// guesses in the same amount of time instead of only one.
for ($round = 0; $round < 65536; $round++) {
$password = hash('sha256', $password . $salt);
}
// Uncomment to actually register accounts
$key = md5(time());
$db->query($query, array($email, $username, $password, $salt, $key));
$result = $db->firstResult();
// Send email
$em = new Email();
$em->sendEmail($email, "Confirm your account", "This is an email test, please use this key to register: " . $key, true);
return true;
}
public static function run()
{
$objDatabase = \Database::getInstance();
\Controller::loadDataContainer('tl_module');
$arrRenameFields = array('tl_module' => array('jumpToSuccess' => array('name' => 'jumpTo', 'syncValue' => true), 'jumpToSuccessPreserveParams' => array('name' => 'formHybridJumpToPreserveParams', 'syncValue' => false), 'allowIdAsGetParameter' => array('name' => 'formHybridAllowIdAsGetParameter', 'syncValue' => true), 'idGetParameter' => array('name' => 'formHybridIdGetParameter', 'syncValue' => true), 'appendIdToUrlOnCreation' => array('name' => 'formHybridAppendIdToUrlOnCreation', 'syncValue' => true)));
foreach ($arrRenameFields as $strTable => $arrFields) {
if (!$objDatabase->tableExists($strTable)) {
continue;
}
foreach ($arrFields as $strOldName => $arrConfig) {
if (!$objDatabase->fieldExists($strOldName, $strTable)) {
continue;
}
$strNewName = $arrConfig['name'];
$sql =& $GLOBALS['TL_DCA']['tl_module']['fields'][$strNewName]['sql'];
if (!$objDatabase->fieldExists($arrConfig['name'], $strTable) && $sql) {
$sql =& $GLOBALS['TL_DCA']['tl_module']['fields'][$strNewName]['sql'];
$objDatabase->query("ALTER TABLE {$strTable} ADD `{$strNewName}` {$sql}");
}
if (!$arrConfig['syncValue']) {
continue;
}
$objDatabase->prepare('UPDATE ' . $strTable . ' SET ' . $arrConfig['name'] . ' = ' . $strOldName)->execute();
}
}
return;
}
function getAllPosts($topic_id, $order = "ASC", $perpage = 0, &$start, $post_id = 0)
{
$db =& Database::getInstance();
if ($order == "DESC") {
$operator_for_position = '>';
} else {
$order = "ASC";
$operator_for_position = '<';
}
if ($perpage <= 0) {
$perpage = 10;
}
if (empty($start)) {
$start = 0;
}
// GIJ start
if (!empty($post_id)) {
$result = $db->query("SELECT COUNT(post_id) FROM " . $db->prefix('xhnewbb_posts') . " WHERE topic_id={$topic_id} AND post_id {$operator_for_position} {$post_id}");
list($position) = $db->fetchRow($result);
$start = intval($position / $perpage) * $perpage;
}
// GIJ end
$sql = 'SELECT p.*, t.post_text FROM ' . $db->prefix('xhnewbb_posts') . ' p, ' . $db->prefix('xhnewbb_posts_text') . " t WHERE p.topic_id={$topic_id} AND p.post_id = t.post_id ORDER BY p.post_id {$order}";
$result = $db->query($sql, $perpage, $start);
$ret = array();
while ($myrow = $db->fetchArray($result)) {
$ret[] = new ForumPosts($myrow);
}
return $ret;
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['MVC']['dsn']);
$sql = 'SELECT regionid FROM cmsregions ORDER BY name';
$rIDs = $db->getColumn($sql);
$sql = 'SELECT name FROM cmsregions ORDER BY name';
$rNames = $db->getColumn($sql);
$regions = array_combine($rIDs, $rNames);
$this->assign('regions', $regions);
if (isset($this->fieldData['regionID'])) {
$sql = 'SELECT cmsregions.inlinetoolbar,
cmsregions.windowtoolbar,
cmsregions.editrealm,
cmsregions.viewrealm,
cmsregions.name FROM cmsregions
WHERE cmsregions.regionid = ?';
$regionData = $db->getRow($sql, array($this->fieldData['regionID']));
$this->assign('inlineToolbar', $regionData['inlinetoolbar']);
$this->assign('windowToolbar', $regionData['windowtoolbar']);
$this->assign('editRealm', $regionData['editrealm']);
$this->assign('viewRealm', $regionData['viewrealm']);
$this->assign('name', $regionData['name']);
$sql = 'SELECT realmid, name, depth FROM realms ORDER BY realmpath';
$realmInfo = $db->getAll($sql);
$realms = array();
foreach ($realmInfo as $row) {
$realms[$row['realmid']] = str_repeat('--', $row['depth']) . ' ' . $row['name'];
}
$this->assign('realms', $realms);
}
}
function getAllpriv_msgsconts($criteria = array(), $asobject = false, $sort = "", $order = "ASC", $limit = 0, $start = 0)
{
$db =& Database::getInstance();
$ret = array();
$where_query = "";
if (is_array($criteria) && count($criteria) > 0) {
$where_query = " WHERE";
foreach ($criteria as $c) {
$where_query .= " {$c} AND";
}
$where_query = substr($where_query, 0, -4);
} elseif (!is_array($criteria) && $criteria) {
$where_query = " WHERE " . $criteria;
}
if (!$asobject) {
$sql = "SELECT FROM " . $db->prefix("priv_msgscont") . "{$where_query} ORDER BY {$sort} {$order}";
$result = $db->query($sql, $limit, $start);
while ($myrow = $db->fetchArray($result)) {
$ret[] = $myrow['priv_msgscont_id'];
}
} else {
$sql = "SELECT * FROM " . $db->prefix("priv_msgscont") . "{$where_query} ORDER BY {$sort} {$order}";
$result = $db->query($sql, $limit, $start);
while ($myrow = $db->fetchArray($result)) {
$ret[] = new priv_msgscont($myrow);
}
}
return $ret;
}
public function pastePage(DataContainer $dc, $row, $table, $cr, $clipboardData = false)
{
if ($row['type'] == 'avisota') {
$disablePA = false;
// Disable all buttons if there is a circular reference
if ($clipboardData !== false && ($clipboardData['mode'] == 'cut' && ($cr == 1 || $clipboardData['id'] == $row['id']) || $clipboardData['mode'] == 'cutAll' && ($cr == 1 || in_array($row['id'], $clipboardData['id'])))) {
$disablePA = true;
}
// Check permissions if the user is not an administrator
if (!$this->User->isAdmin) {
$page = \Database::getInstance()->prepare("SELECT * FROM " . $table . " WHERE id=?")->limit(1)->execute($row['pid']);
// Disable "paste after" button if there is no permission 2 for the parent page
if (!$disablePA && $page->numRows) {
if (!$this->User->isAllowed(2, $page->row())) {
$disablePA = true;
}
}
// Disable "paste after" button if the parent page is a root page and the user is not an administrator
if (!$disablePA && ($row['pid'] < 1 || in_array($row['id'], $dc->rootIds))) {
$disablePA = true;
}
}
// Return the buttons
$imagePasteAfter = $this->generateImage('pasteafter.gif', sprintf($GLOBALS['TL_LANG'][$table]['pasteafter'][1], $row['id']), 'class="blink"');
if ($row['id'] > 0) {
return $disablePA ? $this->generateImage('pasteafter_.gif', '', 'class="blink"') . ' ' : '<a href="' . $this->addToUrl('act=' . $clipboardData['mode'] . '&mode=1&pid=' . $row['id'] . (!is_array($clipboardData['id']) ? '&id=' . $clipboardData['id'] : '')) . '" title="' . specialchars(sprintf($GLOBALS['TL_LANG'][$table]['pasteafter'][1], $row['id'])) . '" onclick="Backend.getScrollOffset();">' . $imagePasteAfter . '</a> ' . $this->generateImage('pasteinto_.gif', '', 'class="blink"');
}
return '';
}
return parent::pastePage($dc, $row, $table, $cr, $clipboardData);
}
private function getLoginForm()
{
try {
$db = Database::getInstance();
$frontpage_info = $db->getFrontpageInfo();
} catch (Exception $exception) {
// in this case, render exception as error.
return $exception;
}
$result = '<form action="admin.php" name="login_form" method="post"><div id="loginform">';
if (count($frontpage_info) > 1) {
$result .= sprintf('<label for="project_id">%s: </label>', Messages::getString('General.Project'));
$result .= '<select name="project_id" id="project_id_selector">';
foreach ($frontpage_info as $id => $project) {
$result .= sprintf('<option value="%03d" %s>%s </option>', $id, $id == Config::$default_project_id ? 'selected="selected"' : '', $project->name);
}
$result .= '</select><br/>';
} else {
foreach ($frontpage_info as $id => $project) {
$result .= sprintf('<input type="hidden" name="project_id" value="%03d" />', $id);
}
}
$result .= sprintf('<label for="password">%s: </label>', Messages::getString('LoginPage.EnterPassword')) . ' <input type="password" name="pwd" value="" /> ' . ' <input type="submit" value="Login" />' . '</div></form> ';
return $result;
}
function Post($id = null)
{
$this->db =& Database::getInstance();
$this->initVar('post_id', XOBJ_DTYPE_INT);
$this->initVar('topic_id', XOBJ_DTYPE_INT);
$this->initVar('forum_id', XOBJ_DTYPE_INT);
$this->initVar('post_time', XOBJ_DTYPE_INT);
$this->initVar('poster_ip', XOBJ_DTYPE_INT);
$this->initVar('poster_name', XOBJ_DTYPE_TXTBOX);
$this->initVar('subject', XOBJ_DTYPE_TXTBOX);
$this->initVar('pid', XOBJ_DTYPE_INT);
$this->initVar('dohtml', XOBJ_DTYPE_INT, 0);
$this->initVar('dosmiley', XOBJ_DTYPE_INT, 1);
$this->initVar('doxcode', XOBJ_DTYPE_INT, 1);
$this->initVar('uid', XOBJ_DTYPE_INT, 1);
$this->initVar('icon', XOBJ_DTYPE_TXTBOX);
$this->initVar('attachsig', XOBJ_DTYPE_INT);
$this->initVar('approved', XOBJ_DTYPE_INT, 1);
$this->initVar('post_karma', XOBJ_DTYPE_INT);
$this->initVar('require_reply', XOBJ_DTYPE_INT);
$this->initVar('attachment', XOBJ_DTYPE_TXTAREA);
$this->initVar('post_text', XOBJ_DTYPE_TXTAREA);
$this->initVar('post_edit', XOBJ_DTYPE_TXTAREA);
$this->initVar('doimage', XOBJ_DTYPE_INT, 1);
$this->initVar('dobr', XOBJ_DTYPE_INT, 1);
}
function tplsadmin_import_data($tplset, $tpl_file, $tpl_source, $lastmodified = 0)
{
$db =& Database::getInstance();
// check the file is valid template
list($count) = $db->fetchRow($db->query("SELECT COUNT(*) FROM " . $db->prefix("tplfile") . " WHERE tpl_tplset='default' AND tpl_file='" . addslashes($tpl_file) . "'"));
if (!$count) {
return false;
}
// check the template exists in the tplset
if ($tplset != 'default') {
list($count) = $db->fetchRow($db->query("SELECT COUNT(*) FROM " . $db->prefix("tplfile") . " WHERE tpl_tplset='" . addslashes($tplset) . "' AND tpl_file='" . addslashes($tpl_file) . "'"));
if ($count <= 0) {
// copy from 'default' to the tplset
$result = $db->query("SELECT * FROM " . $db->prefix("tplfile") . " WHERE tpl_tplset='default' AND tpl_file='" . addslashes($tpl_file) . "'");
while ($row = $db->fetchArray($result)) {
$db->queryF("INSERT INTO " . $db->prefix("tplfile") . " SET tpl_refid='" . addslashes($row['tpl_refid']) . "',tpl_module='" . addslashes($row['tpl_module']) . "',tpl_tplset='" . addslashes($tplset) . "',tpl_file='" . addslashes($tpl_file) . "',tpl_desc='" . addslashes($row['tpl_desc']) . "',tpl_type='" . addslashes($row['tpl_type']) . "'");
$tpl_id = $db->getInsertId();
$db->queryF("INSERT INTO " . $db->prefix("tplsource") . " SET tpl_id='{$tpl_id}', tpl_source=''");
}
}
}
// UPDATE just tpl_lastmodified and tpl_source
$drs = $db->query("SELECT tpl_id FROM " . $db->prefix("tplfile") . " WHERE tpl_tplset='" . addslashes($tplset) . "' AND tpl_file='" . addslashes($tpl_file) . "'");
while (list($tpl_id) = $db->fetchRow($drs)) {
$db->queryF("UPDATE " . $db->prefix("tplfile") . " SET tpl_lastmodified='" . addslashes($lastmodified) . "',tpl_lastimported=UNIX_TIMESTAMP() WHERE tpl_id='{$tpl_id}'");
$db->queryF("UPDATE " . $db->prefix("tplsource") . " SET tpl_source='" . addslashes($tpl_source) . "' WHERE tpl_id='{$tpl_id}'");
altsys_template_touch($tpl_id);
}
return true;
}
protected function setupTemplate()
{
global $cfg;
parent::setupTemplate();
$db = Database::getInstance($cfg['DPS']['dsn']);
$auth = Auth::getInstance();
$userID = $auth->getUserID();
$scriptID = pg_escape_string($this->fieldData['scriptID']);
if (!is_numeric($scriptID)) {
$this->assign('permError', 't');
} else {
$sql = "SELECT count(*) FROM v_tree_script\n\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
if ($db->getOne($sql) > 0) {
$sql = "SELECT dirid FROM scriptsdir\n\t\t\t\t\tWHERE scriptid = {$scriptID}";
$dirID = $db->getOne($sql);
"SELECT count(*) FROM v_tree_dir\n\t\t\t\t\tWHERE id = {$dirID}\n\t\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileW'] . "' = '" . $cfg['DPS']['fileW'] . "'";
if ($db->getOne($sql) > 0) {
$flag = true;
}
}
if ($flag) {
$sql = "SELECT * FROM scripts WHERE id = {$scriptID}";
$script = $db->getRow($sql);
$sql = "SELECT count(*) FROM v_tree_script\n\t\t\t\t\tWHERE id = {$scriptID}\n\t\t\t\t\t\tAND\tuserid = {$userID}\n\t\t\t\t\t\tAND permissions & B'" . $cfg['DPS']['fileO'] . "' = '" . $cfg['DPS']['fileO'] . "'";
$check = $db->getOne($sql);
if ($check > 0) {
$this->assign('own', 't');
}
$this->assign('script', $script);
$this->assign('treeType', '');
} else {
$this->assign('permError', 't');
}
}
}
/**
* Class constructor
*/
function __construct()
{
//get database class instance
$this->db = Database::getInstance();
//create new object of Email class
$this->mailer = new Email();
}
function callback_rm()
{
global $CACHE;
$DB = Database::getInstance();
$DB->query("UPDATE " . DB_PREFIX . "navi SET hide='y' WHERE url='" . BLOG_URL . "?plugin=archiver'");
$CACHE->updateCache('navi');
}
