function createHandle($string, $max_length = 50, $delim = "-", $uriencode = false, $apply_transliteration = true) { ## Use the transliteration table if provided if ($apply_transliteration) { include LANG . '/transliteration.php'; $string = strtr($string, $kTransliteration); } $max_length = intval($max_length); ## Strip out any tag $string = strip_tags($string); ## Remove punctuation $string = preg_replace('/([\\.\'"]++)/', "", $string); ## Trim it $string = General::limitWords($string, $max_length); ## Replace spaces (tab, newline etc) with the delimiter $string = preg_replace('/([\\s]++)/', $delim, $string); ## Replace underscores and other non-word, non-digit characters with hyphens //$string = preg_replace('/[^a-zA-Z0-9]++/', $delim, $string); $string = preg_replace('/[<>?@:!-\\/\\[-`ëí;‘’]++/', $delim, $string); ## Remove leading or trailing delim characters $string = trim($string, $delim); ## Encode it for URI use if ($uriencode) { $string = urlencode($string); } ## Make it lowercase $string = strtolower($string); return $string; }
break; case "boolean": $sql = "SELECT DISTINCT t1.entry_id,\n\t\t\t\t MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE) AS score\n\t\t\t\t FROM tbl_entries2customfields AS t1\n\t LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n\t WHERE 1 AND MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE)\n\t\t\t\t " . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n\t\t\t\t ORDER BY score DESC LIMIT 5"; break; } $result = $db->fetchCol('entry_id', $sql); $result = array_flip($result); $result = array_flip($result); if (@count($result) >= 1) { $parent =& new ParentShell($db, $config); include_once LIBRARY . "/core/class.manager.php"; include_once LIBRARY . "/core/class.symphonylog.php"; include_once LIBRARY . "/core/class.textformattermanager.php"; include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($parent); foreach ($result as $entry_id) { $row = $entryManager->fetchEntriesByID($entry_id, false, true); $locked = 'content'; ##Generate the XML $entry = new XMLElement("item"); $entry->setAttribute("class", $locked); $entry->addChild(new XMLElement("title", strip_tags($row['fields'][$row['primary_field']]['value']))); $entry->addChild(new XMLElement("date", $cDate->get(true, true, strtotime($row['publish_date_gmt'])))); $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&_sid=" . $row['section_id'] . "&id=" . $row['id'])); $entry->addChild(new XMLElement("handle", $row['primary_field'])); if (isset($row['fields']['body']) && $row['fields']['body']['type'] == 'textarea') { $entry->addChild(new XMLElement("description", General::limitWords(strip_tags($row['fields']['body']['value']), 100, true, false))); } $xml->addChild($entry); } }
function createMarkupForLocation($location, $fields, $field_schema) { global $DB; if (!is_array($field_schema) || empty($field_schema)) { return NULL; } $code = NULL; foreach ($field_schema as $row) { if ($location == $row['location']) { if ($row['type'] != 'upload' && $row['type'] != 'checkbox') { $code .= "<label>" . $row['name']; if (trim($row['description']) != "") { $code .= "<small>" . $row['description'] . "</small>" . CRLF; } } switch ($row['type']) { case 'textarea': $row['size'] = min(120, $row['size']); $row['size'] = max(6, $row['size']); $value = $fields["custom"][$row['handle']]; if (!empty($_POST['fields'])) { $value = General::sanitize($value); } $code .= '<textarea name="fields[custom][' . $row['handle'] . ']" rows="' . $row['size'] . '" cols="75">' . General::fieldValue("textarea", $value, $row['value']) . '</textarea></label>' . CRLF; break; case 'input': $value = $fields["custom"][$row['handle']]; if (!empty($_POST['fields'])) { $value = General::sanitize($value); } $code .= '<input name="fields[custom][' . $row['handle'] . ']" ' . General::fieldValue("value", $value, $row['value']) . ' /></label>' . CRLF; break; case 'list': if (is_array($fields["custom"][$row['handle']])) { $fields["custom"][$row['handle']] = @implode(", ", $fields["custom"][$row['handle']]); } $value = $fields["custom"][$row['handle']]; if (!empty($_POST['fields'])) { $value = General::sanitize($value); } $code .= '<input name="fields[custom][' . $row['handle'] . ']" ' . General::fieldValue("value", $fields["custom"][$row['handle']], $row['value']) . ' /></label>' . CRLF; break; case 'foreign': if ($row['foreign_select_multiple'] == 'yes') { $code .= '<select multiple="multiple" name="fields[custom][' . $row['handle'] . '][]">' . CRLF; } else { $code .= '<select name="fields[custom][' . $row['handle'] . ']">' . CRLF; if ($row['required'] == 'no') { $code .= '<option value=""></option>' . CRLF; } } $sql = "SELECT * FROM `tbl_sections` WHERE `id` = '" . $row['foreign_section'] . "'"; $section = $DB->fetchRow(0, $sql); $sql = "SELECT * FROM `tbl_entries2customfields` WHERE `field_id` = '" . $section['primary_field'] . "' ORDER BY `value_raw` ASC"; $values = $DB->fetch($sql); foreach ($values as $option) { $o = NULL; $o = General::limitWords($option['value'], 100, true, true); $h = $option['handle']; if ($row['foreign_select_multiple'] == 'yes') { $code .= '<option ' . (@in_array($h, $fields["custom"][$row['handle']]) ? 'selected="selected"' : '') . ' value="' . $h . '">' . $o . "</option>" . CRLF; } else { $code .= '<option ' . General::fieldValue("select", $fields["custom"][$row['handle']], "", $h) . ' value="' . $h . '">' . $o . "</option>" . CRLF; } } $code .= "</select></label>" . CRLF; break; case 'multiselect': $code .= '<select multiple="multiple" name="fields[custom][' . $row['handle'] . '][]">' . CRLF; $options = preg_split('/,/', $row['values'], -1, PREG_SPLIT_NO_EMPTY); $options = array_map("trim", $options); foreach ($options as $o) { $o = General::sanitize($o); $code .= '<option ' . (@in_array($o, $fields["custom"][$row['handle']]) ? 'selected="selected"' : '') . ' value="' . $o . '">' . $o . "</option>" . CRLF; } $code .= "</select></label>" . CRLF; break; case 'checkbox': $code .= ' <label><input name="fields[custom][' . $row['handle'] . ']" type="checkbox" ' . General::fieldValue("checkbox", $fields['custom'][$row['handle']], "", "yes") . ' /> ' . ($row['description'] != '' ? $row['description'] : $row['name']) . '</label>' . CRLF; break; case 'upload': $code .= ' <div class="attachment">' . $row['name'] . ' ' . (trim($row['description']) != "" ? '<small>' . $row['description'] . '</small>' : '') . ' <div><input name="fields[custom][' . $row['handle'] . '][]" type="file" /></div>' . CRLF; $tmp_files = $fields["custom"][$row['handle']]; if (is_array($tmp_files) && !empty($tmp_files)) { $code .= ' <ul>' . CRLF; unset($tmp_files['upload_directory']); unset($tmp_files['deleted_files']); foreach ($tmp_files as $f) { $code .= ' <li><a href="' . URL . $f['path'] . '">' . $f['path'] . '</a></li>' . CRLF; } $code .= ' </ul>' . CRLF; } $code .= ' <input name="fields[custom][' . $row['handle'] . '][upload_directory]" type="hidden" value="' . $row['destination_folder'] . '" /> <input name="fields[custom][' . $row['handle'] . '][deleted_files]" type="hidden" value="" /> </div>' . CRLF; break; case 'select': $code .= '<select name="fields[custom][' . $row['handle'] . ']">' . CRLF; if ($row['required'] == 'no') { $code .= '<option value=""></option>' . CRLF; } $options = preg_split('/,/', $row['values'], -1, PREG_SPLIT_NO_EMPTY); $options = array_map("trim", $options); foreach ($options as $o) { $o = General::sanitize($o); $code .= '<option ' . General::fieldValue("select", $fields["custom"][$row['handle']], "", $o) . ' value="' . $o . '">' . $o . "</option>" . CRLF; } $code .= '</select></label>' . CRLF; break; } $code .= CRLF; } } return $code; }
?> edit/&id=<?php print $c['id']; ?> " title="<?php print $c['handle']; ?> "><?php print General::limitWords($c['name'], 42, true); ?> </a></td> <td<?php print $c['description'] ? '' : ' class="inactive"'; ?> ><?php print $c['description'] ? General::limitWords($c['description'], 85, true) : "None"; ?> </td> <td<?php print $links ? "" : ' class="inactive"'; ?> ><?php print $links ? $links : "None"; ?> <input name="items[<?php print $id; ?> ]" type="checkbox" /></td> </tr> <?php
/** * Given a string, this will clean it for use as a Symphony handle. Preserves multi-byte characters. * * @since Symphony 2.2.1 * @param string $string * String to be cleaned up * @param integer $max_length * The maximum number of characters in the handle * @param string $delim * All non-valid characters will be replaced with this * @param boolean $uriencode * Force the resultant string to be uri encoded making it safe for URLs * @param array $additional_rule_set * An array of REGEX patterns that should be applied to the `$string`. This * occurs after the string has been trimmed and joined with the `$delim` * @return string * Returns resultant handle */ public static function createHandle($string, $max_length = 255, $delim = '-', $uriencode = false, $additional_rule_set = null) { $max_length = intval($max_length); // Strip out any tag $string = strip_tags($string); // Remove punctuation $string = preg_replace('/[\\.\'"]+/', null, $string); // Trim it if ($max_length > 0) { $string = General::limitWords($string, $max_length); } // Replace spaces (tab, newline etc) with the delimiter $string = preg_replace('/[\\s]+/', $delim, $string); // Find all legal characters preg_match_all('/[^<>?@:!-\\/\\[-`;‘’…]+/u', $string, $matches); // Join only legal character with the $delim $string = implode($delim, $matches[0]); // Allow for custom rules if (is_array($additional_rule_set) && !empty($additional_rule_set)) { foreach ($additional_rule_set as $rule => $replacement) { $string = preg_replace($rule, $replacement, $string); } } // Remove leading or trailing delim characters $string = trim($string, $delim); // Encode it for URI use if ($uriencode) { $string = urlencode($string); } // Make it lowercase $string = strtolower($string); return $string; }
foreach ($comments as $c) { $comment = new XMLElement("comment"); $tmp_time = strtotime($c['creation_date_gmt']); if (!$done) { $comment->setAttribute("new", "true"); } elseif ($tmp_time > $lastrefresh) { if ($tmp_time > @file_get_contents($done_path)) { $comment->setAttribute("new", "true"); @unlink($done_path); } } $body = strip_tags($c['body']); $body = ereg_replace("[^[:space:]a-zA-Z0-9,*_.-\\'\\\"&;\\]]", "", $body); $body = General::stripEntities($body, ' '); $comment->setAttribute("class", "comment" . ($c['spam'] == "yes" ? "-spam" : "")); $comment->addChild(new XMLElement("title", General::limitWords(General::sanitize(strip_tags($body)), 100, true, false))); $comment->addChild(new XMLElement("link", "?page=/publish/comments/edit/&id=" . $c['id'])); if (kFULL_MODE) { $comment->addChild(new XMLElement('body', $body)); $comment->addChild(new XMLElement('date', $c['creation_date_gmt'])); $comment->addChild(new XMLElement('referrer', $c['referrer'])); $comment->addChild(new XMLElement('author-name', $c['author_name'])); $comment->addChild(new XMLElement('author-email', $c['author_email'])); if ($c['author_url'] != '') { $comment->addChild(new XMLElement('author-url', $c['author_url'])); } } $xml->addChild($comment); } } }
die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>"); } $cDate = new SymDate($settings["region"]["time_zone"], "d"); $month = isset($_REQUEST['month']) || $_REQUEST['month'] != "" ? $_REQUEST['month'] : date("F", time()); $year = isset($_REQUEST['year']) || $_REQUEST['year'] != "" ? $_REQUEST['year'] : date("Y", time()); $startdate = strtotime("1 " . $month . " " . $year); $enddate = mktime(0, 0, 0, date("m", $startdate) + 1, 1, $year); $sql = "SELECT t1.*, t2.section_id, t3.value_raw as `title`,\n\t\t\tUNIX_TIMESTAMP(t1.publish_date_gmt) as `timestamp_gmt`\n\t\t\tFROM `tbl_entries` as t1, `tbl_sections` as t4, `tbl_entries2sections` as t2, `tbl_entries2customfields` as t3\n\t\t\tWHERE UNIX_TIMESTAMP(t1.publish_date) >= '{$startdate}'\n\t\t\tAND UNIX_TIMESTAMP(t1.publish_date) <= '{$enddate}'\n\t\t\tAND t1.`id` = t2.entry_id\n\t\t\tAND t1.`id` = t3.entry_id AND t4.primary_field = t3.field_id\n\t\t\tAND t2.section_id = t4.id\n\t\t\tORDER BY t1.publish_date DESC "; $result = $db->fetch($sql); $xml->addChild(new XMLElement("month", $month . " " . $year)); if (@count($result) >= 1) { $final = array(); foreach ($result as $row) { if ($Author->canAccessSection($row['section_id'])) { $final[$cDate->get(true, true, $row['timestamp_gmt'])][] = $row; } } foreach ($final as $date => $entries) { $item = new XMLElement("item"); $item->addChild(new XMLElement("date", intval($date))); foreach ($entries as $row) { $locked = 'content'; $entry = new XMLElement("entry"); $entry->setAttribute("class", $locked); $entry->addChild(new XMLElement("title", General::limitWords(strip_tags($row['title']), 32, true, true))); $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&_sid=" . $row['section_id'] . "&id=" . $row['id'])); $item->addChild($entry); } $xml->addChild($item); } }
?> <tr<?php print $class != "" ? ' class="' . $class . '"' : ""; ?> > <td><a href="<?php print $Admin->getCurrentPageURL(); ?> edit/&id=<?php print $p['id']; ?> " class="content" title="<?php print $p['handle']; ?> "><?php print General::limitWords($p['title'], 75, true); ?> </a></td> <td><a href="<?php print URL . "/" . $Admin->resolvePagePath($p['id']) . "/"; ?> "><?php print URL . "/" . $Admin->resolvePagePath($p['id']) . "/"; ?> </a></td> <td<?php print trim($p['master']) == "None" ? ' class="inactive"' : ""; ?> ><?php print $p['master']; ?>
$bits = preg_split('/,/', $f['values'], -1, PREG_SPLIT_NO_EMPTY); foreach ($bits as $o) { $o = trim($o); print "\t\t\t\t\t\t<option value=\"{$o}\" " . General::fieldValue("select", $fields['custom'][$s['handle']][$f['handle']], "", $o) . ">{$o}</option>\n"; } $match = @in_array($fields['custom'][$s['handle']][$f['handle']], $bits); } elseif ($f['type'] == 'foreign') { $row = $f; $sql = "SELECT * FROM `tbl_sections` WHERE `id` = '" . $row['foreign_section'] . "'"; $section = $DB->fetchRow(0, $sql); $sql = "SELECT * FROM `tbl_entries2customfields` WHERE `field_id` = '" . $section['primary_field'] . "' ORDER BY `value_raw` ASC"; $values = $DB->fetch($sql); $match = false; foreach ($values as $option) { $o = NULL; $o = General::limitWords($option['value'], 100, true, true); $h = $option['handle']; if ($h == $fields['custom'][$s['handle']][$f['handle']]) { $match = true; } print "\t\t\t\t\t\t<option value=\"{$h}\" " . ($h == $fields['custom'][$s['handle']][$f['handle']] ? ' selected="selected"' : '') . ">{$o}</option>\n"; } } elseif ($f['type'] == 'input') { print ' <input type="text" name="fields[custom][' . $s['handle'] . '][' . $f['handle'] . ']" value="' . $fields['custom'][$s['handle']][$f['handle']] . '" />' . CRLF; } else { $bits = preg_split('/,/', $f['values'], -1, PREG_SPLIT_NO_EMPTY); foreach ($bits as $o) { $o = trim($o); print "\t\t\t\t\t\t<option value=\"{$o}\" " . (@in_array($o, $fields['custom'][$s['handle']][$f['handle']]) ? ' selected="selected"' : '') . ">{$o}</option>\n"; } $match = @in_array($fields['custom'][$s['handle']][$f['handle']], $bits);
} if (!$error && is_array($entries) && !empty($entries)) { foreach ($entries as $e) { $error = false; $Admin->log->pushToLog("Converting '" . $e['title'] . "' ... ", SYM_LOG_NOTICE, true, false); $fields = array(); if ($e['formatter'] && !($formatter = $TFM->create($e['formatter'], array(), true))) { $error = true; $Admin->log->pushToLog("Failed (Could not create formatter '" . $e['formatter'] . "')", SYM_LOG_NOTICE, true, true, true); } else { if ($e['formatter'] != NULL) { $fields['body'] = $formatter->run(General::reverse_sanitize($e['body_raw'])); } else { $fields['body'] = General::reverse_sanitize($e['body_raw']); } $fields['excerpt'] = General::limitWords($fields['body']); $fields['excerpt'] = preg_replace('/[\\s]+/', ' ', $fields['excerpt']); ##Update the entry if (!$DB->update($fields, "tbl_entries", "WHERE `id` = '" . $e['id'] . "' LIMIT 1")) { $error = true; $Admin->log->pushToLog("Failed (Problem updating fields)", SYM_LOG_NOTICE, true, true, true); } else { $Admin->updateMetadata("entry", $e['id'], false); } ##Update the custom fields $sql = "SELECT * FROM `tbl_entries2customfields` WHERE `entry_id` = '" . $e['id'] . "'"; $customfields = $DB->fetch($sql); if (!$error && is_array($customfields) && !empty($customfields)) { foreach ($customfields as $c) { $fields = array(); $format = $DB->fetchVar("format", 0, "SELECT `format` FROM `tbl_customfields` WHERE `id` = '" . $c['field_id'] . "' LIMIT 1");
function createFileName($string, $max_length = 50, $delim = "-") { ##Replace underscores and other non-word, non-digit characters with hyphens $string = trim(preg_replace('/[^a-zA-Z0-9\\._]++/', $delim, $string), $delim); ##Trim it $string = General::limitWords($string, $max_length); return strtolower($string); }
public static function createHandle($string, $max_length = 50, $delim = '-', $uriencode = false, $apply_transliteration = true, $additional_rule_set = NULL) { ## Use the transliteration table if provided if ($apply_transliteration) { $string = _t($string); } $max_length = intval($max_length); ## Strip out any tag $string = strip_tags($string); ## Remove punctuation $string = preg_replace('/([\\.\'"]++)/', '', $string); ## Trim it if ($max_length != NULL && is_numeric($max_length)) { $string = General::limitWords($string, $max_length); } ## Replace spaces (tab, newline etc) with the delimiter $string = preg_replace('/([\\s]++)/', $delim, $string); ## Replace underscores and other non-word, non-digit characters with $delim //$string = preg_replace('/[^a-zA-Z0-9]++/', $delim, $string); $string = preg_replace('/[<>?@:!-\\/\\[-`ëí;‘’]++/', $delim, $string); ## Allow for custom rules if (is_array($additional_rule_set) && !empty($additional_rule_set)) { foreach ($additional_rule_set as $rule => $replacement) { $string = preg_replace($rule, $replacement, $string); } } ## Remove leading or trailing delim characters $string = trim($string, $delim); ## Encode it for URI use if ($uriencode) { $string = urlencode($string); } ## Make it lowercase $string = strtolower($string); return $string; }
} $value = '<a title="' . $handle . '" class="' . $locked . '" href="' . $Admin->getCurrentPageURL() . 'edit/&_sid=' . $section_id . '&id=' . $row['id'] . '">' . $value . '</a>'; } if ($type == 'checkbox') { $tmp = array("value" => ucwords($value)); } elseif ($type == 'foreign' && $value != '') { $value = ''; $items = $row['fields'][$c['title']]['value']; if (!is_array($items)) { $items = array($items); } if (!empty($items)) { foreach ($items as $ii) { $id = $entryManager->fetchEntryIDFromPrimaryFieldHandle($row['fields'][$c['title']]['foreign_section'], $ii); if ($link = $entryManager->fetchEntriesByID($id, true)) { $value .= '<a href="' . $Admin->getCurrentPageURL() . 'edit/&_sid=' . $row['fields'][$c['title']]['foreign_section'] . '&id=' . $id[0] . '">' . General::limitWords($link['fields'][$link['primary_field']]['value'], 50, true) . '</a>, '; } } $value = rtrim($value, ', '); } $tmp = array("value" => $value ? $value : 'None'); } elseif ($type == 'upload') { $files = $row['fields'][$c['title']]['value']; if (is_array($files) && !empty($files)) { $links = array(); foreach ($files as $f) { $links[] = '<a href="' . URL . $f['path'] . '" title="' . $f['path'] . ' (' . $f['size'] . ' bytes)">' . basename($f['path']) . '</a>'; } $tmp = array("value" => implode(', ', $links)); } else { $tmp = array("value" => 'None');
None found. </td> </tr> <?php } else { $bEven = false; $date = $Admin->getDateObj(); foreach ($comments as $comment) { foreach ($comment as $index => $value) { $comment[$index] = htmlspecialchars(stripslashes($value)); } $url = $Admin->getCurrentPageURL() . 'edit/&id=' . $comment['id']; extract($comment, EXTR_PREFIX_ALL, "comment"); $comment_creation_timestamp_gmt = $DB->fetchVar("creation_timestamp_gmt", 0, "SELECT UNIX_TIMESTAMP(creation_date_gmt) as `creation_timestamp_gmt` FROM `tbl_metadata` WHERE `relation_id` = '{$comment_id}' AND `class` = 'comment' LIMIT 1"); $comment_body = strip_tags(General::reverse_sanitize(General::reverse_sanitize($comment_body))); $comment_body_short = General::limitWords($comment_body, 75); if (strlen($comment_body_short) < strlen($comment_body)) { $comment_body_short .= "..."; } $class = ""; if (isset($_REQUEST['_f']) && $_REQUEST['id'] == $comment['id']) { $class = "active "; } if ($bEven) { $class .= "even"; } $class = trim($class); ?> <tr<?php print $class ? ' class="' . $class . '"' : "";
public static function createHandle($string, $max_length = 255, $delim = '-', $uriencode = false, $apply_transliteration = true, $additional_rule_set = NULL) { ## Use the transliteration table if provided if ($apply_transliteration) { $string = _t($string); } $max_length = intval($max_length); ## Strip out any tag $string = strip_tags($string); ## Remove punctuation $string = preg_replace('/[\\.\'"]+/', NULL, $string); ## Trim it if ($max_length != NULL && is_numeric($max_length)) { $string = General::limitWords($string, $max_length); } ## Replace spaces (tab, newline etc) with the delimiter $string = preg_replace('/[\\s]+/', $delim, $string); ## Find all legal characters preg_match_all('/[^<>?@:!-\\/\\[-`ëí;‘’]+/u', $string, $matches); ## Join only legal character with the $delim $string = implode($delim, $matches[0]); ## Allow for custom rules if (is_array($additional_rule_set) && !empty($additional_rule_set)) { foreach ($additional_rule_set as $rule => $replacement) { $string = preg_replace($rule, $replacement, $string); } } ## Remove leading or trailing delim characters $string = trim($string, $delim); ## Encode it for URI use if ($uriencode) { $string = urlencode($string); } ## Make it lowercase $string = strtolower($string); return $string; }