/**
* reminder form
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Reminder
* @author Henry Ruhs
*/
function reminder_form()
{
$output = Redaxscript\Hook::trigger(__FUNCTION__ . '_start');
/* disable fields if attack blocked */
if (ATTACK_BLOCKED > 9) {
$code_disabled = ' disabled="disabled"';
}
/* captcha object */
$captcha = new Redaxscript\Captcha(Redaxscript\Language::getInstance());
$captcha->init();
/* collect output */
$output .= '<h2 class="title_content">' . l('reminder') . '</h2>';
$output .= form_element('form', 'form_reminder', 'js_validate_form form_default form_reminder', '', '', '', 'action="' . REWRITE_ROUTE . 'reminder" method="post"');
$output .= form_element('fieldset', '', 'set_reminder', '', '', l('reminder_request') . l('point')) . '<ul>';
$output .= '<li>' . form_element('email', 'email', 'field_text field_note', 'email', '', l('email'), 'maxlength="50" required="required" autofocus="autofocus"' . $code_disabled) . '</li>';
/* collect captcha task output */
$output .= '<li>' . form_element('number', 'task', 'field_text field_note', 'task', '', $captcha->getTask(), 'min="1" max="20" required="required"' . $code_disabled) . '</li>';
$output .= '</ul></fieldset>';
/* collect captcha solution output */
$captchaHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$captchaHash->init($captcha->getSolution());
$output .= form_element('hidden', '', '', 'solution', $captchaHash->getHash());
/* collect hidden and button output */
$output .= form_element('hidden', '', '', 'token', TOKEN);
$output .= form_element('button', '', 'js_submit button_default', 'reminder_post', l('submit'), '', $code_disabled);
$output .= '</form>';
$output .= Redaxscript\Hook::trigger(__FUNCTION__ . '_end');
$_SESSION[ROOT . '/reminder'] = 'visited';
echo $output;
}
/**
* db backup render start
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Modules
* @author Henry Ruhs
*/
function db_backup_render_start()
{
if (LOGGED_IN == TOKEN && FIRST_PARAMETER == 'admin' && SECOND_PARAMETER == 'db-backup') {
define('TITLE', l('database_backup', 'db_backup'));
/* registry object */
$registry = Redaxscript\Registry::getInstance();
$registry->set('title', l('database_backup', 'db_backup'));
/* config object */
$config = Redaxscript\Config::getInstance();
/* download database backup */
if (THIRD_PARAMETER == 'download') {
define('RENDER_BREAK', 1);
db_backup($config::get('name'), 0);
}
/* send database backup */
if (THIRD_PARAMETER == 'send') {
define('CENTER_BREAK', 1);
/* prepare body parts */
$urlLink = anchor_element('external', '', '', ROOT, ROOT);
$fileName = $config::get('name') . '-' . db_backup_clean_date(NOW) . '.sql';
/* prepare mail inputs */
$toArray = $fromArray = array(s('author') => s('email'));
$subject = l('database_backup', 'db_backup');
$bodyArray = array('<strong>' . l('url') . l('colon') . '</strong> ' . $urlLink, '<strong>' . l('database') . l('colon') . '</strong> ' . $config::get('name'), '<br />', '<strong>' . l('message') . l('colon') . '</strong> ' . l('save_attachment', 'db_backup') . l('point'));
$attachmentArray = array($fileName => db_backup($config::get('name'), 1));
/* mail object */
$mail = new Redaxscript\Mailer($toArray, $fromArray, $subject, $bodyArray, $attachmentArray);
$mail->send();
}
}
}
/**
* login form
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Login
* @author Henry Ruhs
*/
function login_form()
{
$output = Redaxscript\Hook::trigger(__FUNCTION__ . '_start');
/* disable fields if attack blocked */
if (ATTACK_BLOCKED > 9) {
$code_disabled = ' disabled="disabled"';
}
/* captcha object */
if (s('captcha') > 0) {
$captcha = new Redaxscript\Captcha(Redaxscript\Language::getInstance());
$captcha->init();
}
/* reminder question */
if (s('reminder') == 1) {
$legend = anchor_element('internal', '', 'link_legend', l('reminder_question') . l('question_mark'), 'reminder', '', 'rel="nofollow"');
} else {
$legend = l('fields_limited') . l('point');
}
/* collect output */
$output .= '<h2 class="title_content">' . l('login') . '</h2>';
$output .= form_element('form', 'form_login', 'js_validate_form form_default form_login', '', '', '', 'action="' . REWRITE_ROUTE . 'login" method="post"');
$output .= form_element('fieldset', '', 'set_login', '', '', $legend) . '<ul>';
$output .= '<li>' . form_element('text', 'user', 'field_text field_note', 'user', '', l('user'), 'maxlength="50" required="required" autofocus="autofocus"' . $code_disabled) . '</li>';
$output .= '<li>' . form_element('password', 'password', 'js_unmask_password field_text field_note', 'password', '', l('password'), 'maxlength="50" required="required" autocomplete="off"' . $code_disabled) . '</li>';
/* collect captcha task output */
if (LOGGED_IN != TOKEN && s('captcha') > 0) {
$output .= '<li>' . form_element('number', 'task', 'field_text field_note', 'task', '', $captcha->getTask(), 'min="1" max="20" required="required"' . $code_disabled) . '</li>';
}
$output .= '</ul></fieldset>';
/* collect captcha solution output */
if (s('captcha') > 0) {
$captchaHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$captchaHash->init($captcha->getSolution());
if (LOGGED_IN == TOKEN) {
$output .= form_element('hidden', '', '', 'task', $captchaHash->getRaw());
}
$output .= form_element('hidden', '', '', 'solution', $captchaHash->getHash());
}
/* collect hidden and button output */
$output .= form_element('hidden', '', '', 'token', TOKEN);
$output .= form_element('button', '', 'js_submit button_default', 'login_post', l('submit'), '', $code_disabled);
$output .= '</form>';
$output .= Redaxscript\Hook::trigger(__FUNCTION__ . '_end');
$_SESSION[ROOT . '/login'] = '******';
echo $output;
}
/**
* write config
*
* @since 2.4.0
* @deprecated 2.4.0
*
* @package Redaxscript
* @category Install
* @author Henry Ruhs
*/
function write_config()
{
global $d_type, $d_host, $d_name, $d_user, $d_password, $d_prefix, $d_salt;
$config = Redaxscript\Config::getInstance();
$config->set('dbType', $d_type);
$config->set('dbHost', $d_host);
$config->set('dbName', $d_name);
$config->set('dbUser', $d_user);
$config->set('dbPassword', $d_password);
$config->set('dbPrefix', $d_prefix);
$config->set('dbSalt', $d_salt);
$config->write();
}
/**
* startup
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Startup
* @author Henry Ruhs
*/
function startup()
{
/* ini set */
if (function_exists('ini_set')) {
if (error_reporting() == 0) {
ini_set('display_startup_errors', 0);
ini_set('display_errors', 0);
}
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', 0);
ini_set('mbstring.substitute_character', 0);
}
/* define general */
$request = Redaxscript\Request::getInstance();
$file = new Redaxscript\Server\File($request);
$root = new Redaxscript\Server\Root($request);
define('FILE', $file->getOutput());
define('ROOT', $root->getOutput());
/* session start */
session_start();
/* prevent session hijacking */
if (!$_SESSION[ROOT . '/regenerate_id']) {
session_regenerate_id();
$_SESSION[ROOT . '/regenerate_id'] = 1;
}
/* database status */
Redaxscript\Registry::set('dbStatus', Redaxscript\Db::getStatus());
/* define token */
$token = new Redaxscript\Server\Token($request);
define('TOKEN', $token->getOutput());
/* prefix and salt */
define('PREFIX', Redaxscript\Config::get('dbPrefix'));
define('SALT', Redaxscript\Config::get('dbSalt'));
/* define session */
define('LOGGED_IN', $_SESSION[ROOT . '/logged_in']);
define('ATTACK_BLOCKED', $_SESSION[ROOT . '/attack_blocked']);
/* setup charset */
if (function_exists('ini_set') && Redaxscript\Registry::get('dbStatus') === 2) {
ini_set('default_charset', s('charset'));
}
/* define parameter */
$parameter = new Redaxscript\Parameter($request);
$parameter->init();
define('FIRST_PARAMETER', $parameter->getFirst());
define('FIRST_SUB_PARAMETER', $parameter->getSub());
define('SECOND_PARAMETER', $parameter->getSecond());
define('SECOND_SUB_PARAMETER', $parameter->getSub());
define('THIRD_PARAMETER', $parameter->getThird());
define('THIRD_SUB_PARAMETER', $parameter->getSub());
if (LOGGED_IN == TOKEN && FIRST_PARAMETER == 'admin') {
define('ADMIN_PARAMETER', $parameter->getAdmin());
define('TABLE_PARAMETER', $parameter->getTable());
define('ID_PARAMETER', $parameter->getId());
define('ALIAS_PARAMETER', $parameter->getAlias());
} else {
undefine(array('ADMIN_PARAMETER', 'TABLE_PARAMETER', 'ID_PARAMETER', 'ALIAS_PARAMETER'));
}
define('LAST_PARAMETER', $parameter->getLast());
define('LAST_SUB_PARAMETER', $parameter->getSub());
define('TOKEN_PARAMETER', $parameter->getToken());
/* define routes */
$router = new Redaxscript\Router($request);
$router->init();
define('LITE_ROUTE', $router->getLite());
define('FULL_ROUTE', $router->getFull());
if (function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules()) == '' || file_exists('.htaccess') == '' || FILE == 'install.php') {
define('REWRITE_ROUTE', '?p=');
define('LANGUAGE_ROUTE', '&l=');
define('TEMPLATE_ROUTE', '&t=');
} else {
define('REWRITE_ROUTE', '');
define('LANGUAGE_ROUTE', '.');
define('TEMPLATE_ROUTE', '.');
}
/* define tables */
if (Redaxscript\Registry::get('dbStatus') === 2) {
if (FULL_ROUTE == '' || FIRST_PARAMETER == 'admin' && SECOND_PARAMETER == '') {
/* check for homepage */
if (s('homepage') > 0) {
$table = 'articles';
$id = s('homepage');
} else {
$table = 'categories';
$id = 0;
/* check order */
if (s('order') == 'asc') {
$rank = Redaxscript\Db::forTablePrefix($table)->min('rank');
} else {
if (s('order') == 'desc') {
$rank = Redaxscript\Db::forTablePrefix($table)->max('rank');
}
}
/* if category is published */
if ($rank) {
$status = Redaxscript\Db::forTablePrefix($table)->where('rank', $rank)->findOne()->status;
if ($status == 1) {
$id = Redaxscript\Db::forTablePrefix($table)->where('rank', $rank)->findOne()->id;
}
}
}
define('FIRST_TABLE', $table);
define('SECOND_TABLE', '');
define('THIRD_TABLE', '');
define('LAST_TABLE', $table);
} else {
if (FIRST_PARAMETER) {
define('FIRST_TABLE', query_table(FIRST_PARAMETER));
} else {
define('FIRST_TABLE', '');
}
if (FIRST_TABLE) {
define('SECOND_TABLE', query_table(SECOND_PARAMETER));
} else {
define('SECOND_TABLE', '');
}
if (SECOND_TABLE) {
define('THIRD_TABLE', query_table(THIRD_PARAMETER));
} else {
define('THIRD_TABLE', '');
}
if (LAST_PARAMETER) {
define('LAST_TABLE', query_table(LAST_PARAMETER));
} else {
define('LAST_TABLE', '');
}
if (LAST_TABLE) {
$id = Redaxscript\Db::forTablePrefix(LAST_TABLE)->where('alias', LAST_PARAMETER)->findOne()->id;
}
}
} else {
undefine(array('FIRST_TABLE', 'SECOND_TABLE', 'THIRD_TABLE', 'LAST_TABLE'));
}
/* define ids */
if (LAST_TABLE == 'categories') {
define('CATEGORY', $id);
define('ARTICLE', '');
define('LAST_ID', $id);
} else {
if (LAST_TABLE == 'articles') {
define('CATEGORY', '');
define('ARTICLE', $id);
define('LAST_ID', $id);
} else {
undefine(array('CATEGORY', 'ARTICLE', 'LAST_ID'));
}
}
/* define content error */
$aliasValidator = new Redaxscript\Validator\Alias();
if (LAST_ID == '' && $aliasValidator->validate(FIRST_PARAMETER, Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\ValidatorInterface::FAILED) {
define('CONTENT_ERROR', 1);
} else {
define('CONTENT_ERROR', 0);
}
/* define user */
$browser = new Redaxscript\Client\Browser($request);
$version = new Redaxscript\Client\Version($request);
$engine = new Redaxscript\Client\Engine($request);
$mobile = new Redaxscript\Client\Mobile($request);
$tablet = new Redaxscript\Client\Tablet($request);
define('MY_BROWSER', $browser->getOutput());
define('MY_BROWSER_VERSION', $version->getOutput());
define('MY_ENGINE', $engine->getOutput());
define('MY_MOBILE', $mobile->getOutput());
define('MY_TABLET', $tablet->getOutput());
/* if mobile or tablet */
if (MY_MOBILE || MY_TABLET) {
define('MY_DESKTOP', '');
} else {
$desktop = new Redaxscript\Client\Desktop($request);
define('MY_DESKTOP', $desktop->getOutput());
}
/* if logged in */
if (LOGGED_IN == TOKEN) {
define('MY_ID', $_SESSION[ROOT . '/my_id']);
define('MY_NAME', $_SESSION[ROOT . '/my_name']);
define('MY_USER', $_SESSION[ROOT . '/my_user']);
define('MY_EMAIL', $_SESSION[ROOT . '/my_email']);
define('MY_GROUPS', $_SESSION[ROOT . '/my_groups']);
/* define access */
$access_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users');
foreach ($access_array as $value) {
define(strtoupper($value) . '_NEW', $_SESSION[ROOT . '/' . $value . '_new']);
define(strtoupper($value) . '_EDIT', $_SESSION[ROOT . '/' . $value . '_edit']);
define(strtoupper($value) . '_DELETE', $_SESSION[ROOT . '/' . $value . '_delete']);
if (TABLE_PARAMETER == 'users' && ID_PARAMETER == MY_ID && $value == 'users') {
define('USERS_EXCEPTION', 1);
} else {
if ($value == 'users') {
define('USERS_EXCEPTION', 0);
}
}
}
define('MODULES_INSTALL', $_SESSION[ROOT . '/modules_install']);
define('MODULES_EDIT', $_SESSION[ROOT . '/modules_edit']);
define('MODULES_UNINSTALL', $_SESSION[ROOT . '/modules_uninstall']);
define('SETTINGS_EDIT', $_SESSION[ROOT . '/settings_edit']);
define('FILTER', $_SESSION[ROOT . '/filter']);
} else {
define('FILTER', 1);
}
/* define table access */
define('TABLE_NEW', constant(strtoupper(TABLE_PARAMETER) . '_NEW'));
define('TABLE_INSTALL', constant(strtoupper(TABLE_PARAMETER) . '_INSTALL'));
define('TABLE_EDIT', constant(strtoupper(TABLE_PARAMETER) . '_EDIT'));
define('TABLE_DELETE', constant(strtoupper(TABLE_PARAMETER) . '_DELETE'));
define('TABLE_UNINSTALL', constant(strtoupper(TABLE_PARAMETER) . '_UNINSTALL'));
/* define time */
define('GMDATE', gmdate('D, d M Y H:i:s') . ' GMT');
define('GMDATE_PLUS_WEEK', gmdate('D, d M Y H:i:s', strtotime('+1 week')) . ' GMT');
define('GMDATE_PLUS_YEAR', gmdate('D, d M Y H:i:s', strtotime('+1 year')) . ' GMT');
define('NOW', date('Y-m-d H:i:s'));
Redaxscript\Registry::set('now', NOW);
define('DELAY', date('Y-m-d H:i:s', strtotime('+1 minute')));
define('TODAY', date('Y-m-d'));
/* future update */
define('UPDATE', $_SESSION[ROOT . '/update']);
if (UPDATE == '' && Redaxscript\Registry::get('dbStatus') === 2) {
future_update('articles');
future_update('comments');
future_update('extras');
$_SESSION[ROOT . '/update'] = DELAY;
} else {
if (UPDATE < NOW) {
$_SESSION[ROOT . '/update'] = '';
}
}
}
/**
* router
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Center
* @author Henry Ruhs
*/
function router()
{
$firstParameter = Redaxscript\Registry::get('firstParameter');
$secondParameter = Redaxscript\Registry::get('secondParameter');
$thirdParameter = Redaxscript\Registry::get('thirdParameter');
$thirdSubParameter = Redaxscript\Registry::get('thirdSubParameter');
$config = Redaxscript\Config::getInstance();
Redaxscript\Hook::trigger('routerStart');
if (Redaxscript\Registry::get('routerBreak')) {
return;
}
/* check token */
$messenger = new Redaxscript\Messenger(Redaxscript\Registry::getInstance());
if ($_POST && $_POST['token'] != Redaxscript\Registry::get('token')) {
echo $messenger->setRoute(Redaxscript\Language::get('home'), Redaxscript\Registry::get('root'))->error(Redaxscript\Language::get('token_incorrect'), Redaxscript\Language::get('error_occurred'));
return;
}
/* install routing */
if (Redaxscript\Registry::get('file') === 'install.php' && $config->get('env') !== 'production') {
if (Redaxscript\Request::getPost('Redaxscript\\View\\InstallForm')) {
$installController = new Redaxscript\Controller\Install(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance(), Redaxscript\Request::getInstance(), Redaxscript\Config::getInstance());
echo $installController->process();
return;
} else {
$systemStatus = new Redaxscript\View\SystemStatus(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance());
$installForm = new Redaxscript\View\InstallForm(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance());
echo $systemStatus->render() . $installForm->render();
return;
}
}
/* general routing */
$post_list = ['Redaxscript\\View\\LoginForm' => 'Redaxscript\\Controller\\Login', 'Redaxscript\\View\\RegisterForm' => 'Redaxscript\\Controller\\Register', 'Redaxscript\\View\\ResetForm' => 'Redaxscript\\Controller\\Reset', 'Redaxscript\\View\\RecoverForm' => 'Redaxscript\\Controller\\Recover', 'Redaxscript\\View\\CommentForm' => 'Redaxscript\\Controller\\Comment'];
foreach ($post_list as $key => $value) {
if (Redaxscript\Request::getPost($key)) {
if (class_exists($value)) {
$controller = new $value(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance(), Redaxscript\Request::getInstance());
echo $controller->process();
}
return;
}
}
/* search routing */
if (Redaxscript\Request::getPost('Redaxscript\\View\\SearchForm')) {
$messenger = new Redaxscript\Messenger(Redaxscript\Registry::getInstance());
$table = Redaxscript\Request::getPost('table');
if ($table) {
$table = '/' . $table;
}
echo $messenger->setRoute(Redaxscript\Language::get('continue'), 'search' . $table . '/' . Redaxscript\Request::getPost('search'))->doRedirect(0)->success(Redaxscript\Language::get('search'));
}
/* parameter routing */
switch ($firstParameter) {
case 'admin':
if (Redaxscript\Registry::get('loggedIn') == Redaxscript\Registry::get('token')) {
admin_router();
} else {
echo $messenger->setRoute(Language::get('login'), 'login')->error(Language::get('access_no'), Language::get('error_occurred'));
}
return;
case 'login':
switch ($secondParameter) {
case 'recover':
if (Redaxscript\Db::getSetting('recovery') == 1) {
$recoverForm = new Redaxscript\View\RecoverForm(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance());
echo $recoverForm->render();
return;
}
case 'reset':
if (Redaxscript\Db::getSetting('recovery') == 1 && $thirdParameter && $thirdSubParameter) {
$resetForm = new Redaxscript\View\ResetForm(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance());
echo $resetForm->render();
return;
}
/* show error */
echo $messenger->setRoute(Language::get('login'), 'login')->error(Language::get('access_no'), Language::get('error_occurred'));
return;
default:
$loginForm = new Redaxscript\View\LoginForm(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance());
echo $loginForm->render();
return;
}
case 'logout':
if (Redaxscript\Registry::get('loggedIn') == Redaxscript\Registry::get('token')) {
$logoutController = new Redaxscript\Controller\Logout(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance(), Redaxscript\Request::getInstance());
echo $logoutController->process();
return;
}
/* show error */
echo $messenger->setRoute(Language::get('login'), 'login')->error(Language::get('access_no'), Language::get('error_occurred'));
return;
case 'register':
if (Redaxscript\Db::getSetting('registration')) {
$registerForm = new Redaxscript\View\RegisterForm(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance());
echo $registerForm->render();
return;
}
/* show error */
echo $messenger->setRoute(Language::get('home'), Redaxscript\Registry::get('root'))->error(Language::get('access_no'), Language::get('error_occurred'));
return;
case 'search':
$searchController = new Redaxscript\Controller\Search(Redaxscript\Registry::getInstance(), Redaxscript\Language::getInstance(), Redaxscript\Request::getInstance());
echo $searchController->process();
return;
default:
contents();
return;
}
Redaxscript\Hook::trigger('routerEnd');
}
/**
* comment form
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Comments
* @author Henry Ruhs
*
* @param integer $article
* @param string $language
*/
function comment_form($article = '', $language = '')
{
$output = Redaxscript\Hook::trigger(__FUNCTION__ . '_start');
/* disable fields if attack blocked */
if (ATTACK_BLOCKED > 9) {
$code_readonly = $code_disabled = ' disabled="disabled"';
} else {
if (LOGGED_IN == TOKEN) {
$author = MY_USER;
$email = MY_EMAIL;
$code_readonly = ' readonly="readonly"';
}
}
/* captcha object */
if (s('captcha') > 0) {
$captcha = new Redaxscript\Captcha(Redaxscript\Language::getInstance());
$captcha->init();
}
/* collect output */
$output .= '<h2 class="title_content">' . l('comment_new') . '</h2>';
$output .= form_element('form', 'form_comment', 'js_validate_form form_default form_comment', '', '', '', 'method="post"');
$output .= form_element('fieldset', '', 'set_comment', '', '', l('fields_required') . l('point')) . '<ul>';
$output .= '<li>' . form_element('text', 'author', 'field_text field_note', 'author', $author, '* ' . l('author'), 'maxlength="50" required="required"' . $code_readonly) . '</li>';
$output .= '<li>' . form_element('email', 'email', 'field_text field_note', 'email', $email, '* ' . l('email'), 'maxlength="50" required="required"' . $code_readonly) . '</li>';
$output .= '<li>' . form_element('url', 'url', 'field_text', 'url', '', l('url'), 'maxlength="50"' . $code_disabled) . '</li>';
$output .= '<li>' . form_element('textarea', 'text', 'js_auto_resize js_editor_textarea field_textarea field_note', 'text', '', '* ' . l('comment'), 'rows="5" cols="100" required="required"' . $code_disabled) . '</li>';
/* collect captcha task output */
if (LOGGED_IN != TOKEN && s('captcha') > 0) {
$output .= '<li>' . form_element('number', 'task', 'field_text field_note', 'task', '', $captcha->getTask(), 'min="1" max="20" required="required"' . $code_disabled) . '</li>';
}
$output .= '</ul></fieldset>';
/* collect hidden output */
$output .= form_element('hidden', '', '', 'language', $language);
$output .= form_element('hidden', '', '', 'date', NOW);
$output .= form_element('hidden', '', '', 'article', $article);
/* collect captcha solution output */
if (s('captcha') > 0) {
$captchaHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$captchaHash->init($captcha->getSolution());
if (LOGGED_IN == TOKEN) {
$output .= form_element('hidden', '', '', 'task', $captchaHash->getRaw());
}
$output .= form_element('hidden', '', '', 'solution', $captchaHash->getHash());
}
/* collect hidden and button output */
$output .= form_element('hidden', '', '', 'token', TOKEN);
$output .= form_element('button', '', 'js_submit button_default', 'comment_post', l('create'), '', $code_disabled);
$output .= '</form>';
$output .= Redaxscript\Hook::trigger(__FUNCTION__ . '_end');
$_SESSION[ROOT . '/comment'] = 'visited';
echo $output;
}
/**
* admin process
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Admin
* @author Henry Ruhs
*/
function admin_process()
{
$aliasValidator = new Redaxscript\Validator\Alias();
$loginValidator = new Redaxscript\Validator\Login();
$specialFilter = new Redaxscript\Filter\Special();
/* clean post */
switch (TABLE_PARAMETER) {
/* categories */
case 'categories':
$parent = $r['parent'] = clean($_POST['parent'], 0);
/* articles */
/* articles */
case 'articles':
$r['keywords'] = clean($_POST['keywords'], 5);
$r['template'] = clean($_POST['template'], 0);
/* extras */
/* extras */
case 'extras':
$title = $r['title'] = clean($_POST['title'], 5);
if (TABLE_PARAMETER != 'categories') {
$r['headline'] = clean($_POST['headline'], 0);
}
$r['sibling'] = clean($_POST['sibling'], 0);
/* comments */
/* comments */
case 'comments':
if (TABLE_PARAMETER == 'comments') {
$r['url'] = clean($_POST['url'], 4);
}
$author = $r['author'] = clean($_POST['author'], 0);
if (TABLE_PARAMETER != 'categories') {
$text = $r['text'] = clean($_POST['text'], 1);
$date = $_POST['year'] . '-' . $_POST['month'] . '-' . $_POST['day'] . ' ' . $_POST['hour'] . ':' . $_POST['minute'] . ':00';
$date = $r['date'] = clean($date, 5);
}
$rank = $r['rank'] = clean($_POST['rank'], 0);
/* groups */
/* groups */
case 'groups':
if (TABLE_PARAMETER != 'comments') {
$alias = $r['alias'] = clean($_POST['alias'], 2);
}
/* users */
/* users */
case 'users':
if (TABLE_PARAMETER != 'groups') {
$language = $r['language'] = clean($_POST['language'], 0);
}
/* modules */
/* modules */
case 'modules':
$alias = clean($_POST['alias'], 2);
$status = $r['status'] = clean($_POST['status'], 0);
if (TABLE_PARAMETER != 'groups' && TABLE_PARAMETER != 'users' && GROUPS_EDIT == 1) {
$access = array_map(array($specialFilter, 'sanitize'), $_POST['access']);
$access = array_map('clean', $access);
$access_string = implode(', ', $access);
if ($access_string == '') {
$access_string = null;
}
$access = $r['access'] = $access_string;
}
if (TABLE_PARAMETER != 'extras' && TABLE_PARAMETER != 'comments') {
$r['description'] = clean($_POST['description'], 5);
}
$token = $_POST['token'];
break;
}
/* clean contents post */
if (TABLE_PARAMETER == 'articles') {
$r['infoline'] = clean($_POST['infoline'], 0);
$comments = $r['comments'] = clean($_POST['comments'], 0);
if ($category && ID_PARAMETER == '') {
$status = $r['status'] = Redaxscript\Db::forTablePrefix('categories')->where('id', $category)->findOne()->status;
}
}
if (TABLE_PARAMETER == 'articles' || TABLE_PARAMETER == 'extras') {
$category = $r['category'] = clean($_POST['category'], 0);
}
if (TABLE_PARAMETER == 'articles' || TABLE_PARAMETER == 'extras' || TABLE_PARAMETER == 'comments') {
if ($date > NOW) {
$status = $r['status'] = 2;
} else {
$date = $r['date'] = NOW;
}
}
if (TABLE_PARAMETER == 'extras' || TABLE_PARAMETER == 'comments') {
$article = $r['article'] = clean($_POST['article'], 0);
}
if (TABLE_PARAMETER == 'comments' && ID_PARAMETER == '') {
$status = $r['status'] = Redaxscript\Db::forTablePrefix('articles')->where('id', $article)->findOne()->status;
}
if (TABLE_PARAMETER == 'comments' || TABLE_PARAMETER == 'users') {
$email = $r['email'] = clean($_POST['email'], 3);
}
/* clean groups post */
if (TABLE_PARAMETER == 'groups' && (ID_PARAMETER == '' || ID_PARAMETER > 1)) {
$groups_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users', 'modules');
foreach ($groups_array as $value) {
${$value} = array_map(array($specialFilter, 'sanitize'), $_POST[$value]);
${$value} = array_map('clean', ${$value});
$groups_string = implode(', ', ${$value});
if ($groups_string == '') {
$groups_string = 0;
}
$r[$value] = $groups_string;
}
$r['settings'] = clean($_POST['settings'], 0);
$r['filter'] = clean($_POST['filter'], 0);
}
if ((TABLE_PARAMETER == 'groups' || TABLE_PARAMETER == 'users') && ID_PARAMETER == 1) {
$status = $r['status'] = 1;
}
if (TABLE_PARAMETER == 'groups' || TABLE_PARAMETER == 'users' || TABLE_PARAMETER == 'modules') {
$name = $r['name'] = clean($_POST['name'], 0);
}
/* clean users post */
if (TABLE_PARAMETER == 'users') {
if ($_POST['user']) {
$user = $r['user'] = clean($_POST['user'], 0);
} else {
$user = $r['user'] = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('id', ID_PARAMETER)->findOne()->user;
}
$password_check = $password_confirm = 1;
if ($_POST['edit'] && $_POST['password'] == '' && $_POST['password_confirm'] == '' || $_POST['delete']) {
$password_check = 0;
}
if ($_POST['password'] != $_POST['password_confirm']) {
$password_confirm = 0;
}
$password = clean($_POST['password'], 0);
if ($password_check == 1 && $password_confirm == 1) {
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
$r['password'] = $passwordHash->getHash();
}
if ($_POST['new']) {
$r['first'] = $r['last'] = NOW;
}
if (ID_PARAMETER == '' || ID_PARAMETER > 1) {
$groups = array_map(array($specialFilter, 'sanitize'), $_POST['groups']);
$groups = array_map('clean', $groups);
$groups_string = implode(', ', $groups);
if ($groups_string == '') {
$groups_string = 0;
}
$groups = $r['groups'] = $groups_string;
}
}
$r_keys = array_keys($r);
$last = end($r_keys);
/* validate post */
switch (TABLE_PARAMETER) {
/* contents */
case 'categories':
case 'articles':
case 'extras':
if ($title == '') {
$error = l('title_empty');
} else {
$title_id = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('id', ID_PARAMETER)->findOne()->title;
$id_title = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('title', $title)->findOne()->id;
}
if ($id_title && strcasecmp($title_id, $title) < 0) {
$error = l('title_exists');
}
if (TABLE_PARAMETER == 'categories') {
$opponent_id = Redaxscript\Db::forTablePrefix('articles')->where('alias', $alias)->findOne()->id;
}
if (TABLE_PARAMETER == 'articles') {
$opponent_id = Redaxscript\Db::forTablePrefix('categories')->where('alias', $alias)->findOne()->id;
}
if ($opponent_id) {
$error = l('alias_exists');
}
if (TABLE_PARAMETER != 'groups' && $aliasValidator->validate($alias, Redaxscript\Validator\Alias::MODE_GENERAL) == Redaxscript\Validator\ValidatorInterface::PASSED || $aliasValidator->validate($alias, Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\ValidatorInterface::PASSED) {
$error = l('alias_incorrect');
}
/* groups */
/* groups */
case 'groups':
if ($alias == '') {
$error = l('alias_empty');
} else {
$alias_id = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('id', ID_PARAMETER)->findOne()->alias;
$id_alias = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('alias', $alias)->findOne()->id;
}
if ($id_alias && strcasecmp($alias_id, $alias) < 0) {
$error = l('alias_exists');
}
}
/* validate general post */
switch (TABLE_PARAMETER) {
case 'articles':
case 'extras':
case 'comments':
if ($text == '') {
$error = l('text_empty');
}
break;
case 'groups':
case 'users':
case 'modules':
if ($name == '') {
$error = l('name_empty');
}
break;
}
/* validate users post */
if (TABLE_PARAMETER == 'users') {
if ($user == '') {
$error = l('user_incorrect');
} else {
$user_id = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('id', ID_PARAMETER)->findOne()->user;
$id_user = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('user', $user)->findOne()->id;
}
if ($id_user && strcasecmp($user_id, $user) < 0) {
$error = l('user_exists');
}
if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('user_incorrect');
}
if ($password_check == 1) {
if ($password == '') {
$error = l('password_empty');
}
if ($password_confirm == 0 || $loginValidator->validate($password) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('password_incorrect');
}
}
}
/* validate last post */
$emailValidator = new Redaxscript\Validator\Email();
switch (TABLE_PARAMETER) {
case 'comments':
if ($author == '') {
$error = l('author_empty');
}
case 'users':
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
}
}
$route = 'admin';
/* handle error */
if ($error) {
if (ID_PARAMETER == '') {
$route .= '/new/' . TABLE_PARAMETER;
} else {
$route .= '/edit/' . TABLE_PARAMETER . '/' . ID_PARAMETER;
}
notification(l('error_occurred'), $error, l('back'), $route);
return;
} else {
if (TABLE_EDIT == 1 || TABLE_DELETE == 1) {
$route .= '/view/' . TABLE_PARAMETER;
if ($alias) {
$route .= '#' . $alias;
} else {
if ($user) {
$route .= '#' . $user;
}
}
}
}
/* process */
switch (true) {
/* query new */
case $_POST['new']:
Redaxscript\Db::forTablePrefix(Redaxscript\Registry::get('tableParameter'))->create()->set($r)->save();
notification(l('operation_completed'), '', l('continue'), $route);
return;
/* query edit */
/* query edit */
case $_POST['edit']:
Redaxscript\Db::forTablePrefix(Redaxscript\Registry::get('tableParameter'))->whereIdIs(Redaxscript\Registry::get('idParameter'))->findOne()->set($r)->save();
/* query categories */
if (TABLE_PARAMETER == 'categories') {
$categoryChildren = Redaxscript\Db::forTablePrefix(TABLE_PARAMETER)->where('parent', ID_PARAMETER);
$categoryArray = array_merge($categoryChildren->findArrayFlat(), array(ID_PARAMETER));
$articleChildren = Redaxscript\Db::forTablePrefix('articles')->whereIn('category', $categoryArray);
$articleArray = $articleChildren->findArrayFlat();
if (count($articleArray) > 0) {
Redaxscript\Db::forTablePrefix('comments')->whereIn('article', $articleArray)->findMany()->set(array('status' => $status, 'access' => $access))->save();
}
$categoryChildren->findMany()->set(array('status' => $status, 'access' => $access))->save();
$articleChildren->findMany()->set(array('status' => $status, 'access' => $access))->save();
}
/* query articles */
if (TABLE_PARAMETER == 'articles') {
if ($comments == 0) {
$status = 0;
}
Redaxscript\Db::forTablePrefix('comments')->where('article', ID_PARAMETER)->findMany()->set(array('status' => $status, 'access' => $access))->save();
}
if (USERS_EXCEPTION == 1) {
$_SESSION[ROOT . '/my_name'] = $name;
$_SESSION[ROOT . '/my_email'] = $email;
if (file_exists('languages/' . $language . '.php')) {
$_SESSION[ROOT . '/language'] = $language;
$_SESSION[ROOT . '/language_selected'] = 1;
}
}
notification(l('operation_completed'), '', l('continue'), $route);
return;
}
}
/**
* startup
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Startup
* @author Henry Ruhs
*/
function startup()
{
/* ini set */
if (function_exists('ini_set')) {
if (error_reporting() == 0) {
ini_set('display_startup_errors', 0);
ini_set('display_errors', 0);
}
ini_set('session.use_trans_sid', 0);
ini_set('url_rewriter.tags', 0);
}
/* session start */
session_start();
/* define general */
define('FILE', get_file());
define('ROOT', get_root());
define('TOKEN', get_token());
/* prefix and salt */
define('PREFIX', Redaxscript\Config::get('prefix'));
define('SALT', Redaxscript\Config::get('salt'));
/* database connect */
database_connect(Redaxscript\Config::get('host'), Redaxscript\Config::get('name'), Redaxscript\Config::get('user'), Redaxscript\Config::get('password'));
/* define session */
define('DB_CONNECTED', $_SESSION[ROOT . '/db_connected']);
define('DB_ERROR', $_SESSION[ROOT . '/db_error']);
define('LOGGED_IN', $_SESSION[ROOT . '/logged_in']);
define('ATTACK_BLOCKED', $_SESSION[ROOT . '/attack_blocked']);
/* setup charset */
if (function_exists('ini_set')) {
ini_set('default_charset', s('charset'));
}
/* define parameter */
define('FIRST_PARAMETER', get_parameter('first'));
define('FIRST_SUB_PARAMETER', get_parameter('first_sub'));
define('SECOND_PARAMETER', get_parameter('second'));
define('SECOND_SUB_PARAMETER', get_parameter('second_sub'));
define('THIRD_PARAMETER', get_parameter('third'));
define('THIRD_SUB_PARAMETER', get_parameter('third_sub'));
if (LOGGED_IN == TOKEN && FIRST_PARAMETER == 'admin') {
define('ADMIN_PARAMETER', get_parameter('admin'));
define('TABLE_PARAMETER', get_parameter('table'));
define('ID_PARAMETER', get_parameter('id'));
define('ALIAS_PARAMETER', get_parameter('alias'));
} else {
undefine(array('ADMIN_PARAMETER', 'TABLE_PARAMETER', 'ID_PARAMETER', 'ALIAS_PARAMETER'));
}
define('LAST_PARAMETER', get_parameter('last'));
define('LAST_SUB_PARAMETER', get_parameter('last_sub'));
define('TOKEN_PARAMETER', get_parameter('token'));
/* define routes */
define('FULL_ROUTE', get_route(0));
define('FULL_TOP_ROUTE', get_route(1));
if (function_exists('apache_get_modules') && in_array('mod_rewrite', apache_get_modules()) == '' || file_exists('.htaccess') == '' || FILE == 'install.php') {
define('REWRITE_ROUTE', '?p=');
define('LANGUAGE_ROUTE', '&l=');
define('TEMPLATE_ROUTE', '&t=');
} else {
define('REWRITE_ROUTE', '');
define('LANGUAGE_ROUTE', '.');
define('TEMPLATE_ROUTE', '.');
}
/* redirect to install */
if (DB_CONNECTED == 0 && file_exists('install.php')) {
define('REFRESH_ROUTE', ROOT . '/install.php');
}
/* define tables */
if (FULL_ROUTE == '' || FIRST_PARAMETER == 'admin' && SECOND_PARAMETER == '') {
/* check for homepage */
if (s('homepage') > 0) {
$table = 'articles';
$id = s('homepage');
} else {
$table = 'categories';
$id = 0;
/* check order */
if (s('order') == 'asc') {
$function = 'min';
} else {
if (s('order') == 'desc') {
$function = 'max';
}
}
$rank = query_plumb('rank', $table, $function);
/* if category is published */
if ($rank) {
$status = retrieve('status', $table, 'rank', $rank);
if ($status == 1) {
$id = retrieve('id', $table, 'rank', $rank);
}
}
}
define('FIRST_TABLE', $table);
define('SECOND_TABLE', '');
define('THIRD_TABLE', '');
define('LAST_TABLE', $table);
} else {
if (FIRST_PARAMETER) {
define('FIRST_TABLE', query_table(FIRST_PARAMETER));
} else {
define('FIRST_TABLE', '');
}
if (FIRST_TABLE) {
define('SECOND_TABLE', query_table(SECOND_PARAMETER));
} else {
define('SECOND_TABLE', '');
}
if (SECOND_TABLE) {
define('THIRD_TABLE', query_table(THIRD_PARAMETER));
} else {
define('THIRD_TABLE', '');
}
if (LAST_PARAMETER) {
define('LAST_TABLE', query_table(LAST_PARAMETER));
} else {
define('LAST_TABLE', '');
}
if (LAST_TABLE) {
$id = retrieve('id', LAST_TABLE, 'alias', LAST_PARAMETER);
}
}
/* define ids */
if (LAST_TABLE == 'categories') {
define('CATEGORY', $id);
define('ARTICLE', '');
define('LAST_ID', $id);
} else {
if (LAST_TABLE == 'articles') {
define('CATEGORY', '');
define('ARTICLE', $id);
define('LAST_ID', $id);
} else {
undefine(array('CATEGORY', 'ARTICLE', 'LAST_ID'));
}
}
/* define content error */
$aliasValidator = new Redaxscript\Validator\Alias();
if (LAST_ID == '' && $aliasValidator->validate(FIRST_PARAMETER, Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\Validator::FAILED) {
define('CONTENT_ERROR', 1);
} else {
define('CONTENT_ERROR', 0);
}
/* define user */
define('MY_IP', get_user_ip());
define('MY_BROWSER', get_user_agent(0));
define('MY_BROWSER_VERSION', get_user_agent(1));
define('MY_ENGINE', get_user_agent(2));
define('MY_MOBILE', get_user_agent(4));
define('MY_TABLET', get_user_agent(5));
/* if mobile or tablet */
if (MY_MOBILE || MY_TABLET) {
define('MY_DESKTOP', '');
} else {
define('MY_DESKTOP', get_user_agent(3));
}
/* if logged in */
if (LOGGED_IN == TOKEN) {
define('MY_ID', $_SESSION[ROOT . '/my_id']);
define('MY_NAME', $_SESSION[ROOT . '/my_name']);
define('MY_USER', $_SESSION[ROOT . '/my_user']);
define('MY_EMAIL', $_SESSION[ROOT . '/my_email']);
define('MY_GROUPS', $_SESSION[ROOT . '/my_groups']);
/* define access */
$access_array = array('categories', 'articles', 'extras', 'comments', 'groups', 'users');
foreach ($access_array as $value) {
define(strtoupper($value) . '_NEW', $_SESSION[ROOT . '/' . $value . '_new']);
define(strtoupper($value) . '_EDIT', $_SESSION[ROOT . '/' . $value . '_edit']);
define(strtoupper($value) . '_DELETE', $_SESSION[ROOT . '/' . $value . '_delete']);
if (TABLE_PARAMETER == 'users' && ID_PARAMETER == MY_ID && $value == 'users') {
define('USERS_EXCEPTION', 1);
} else {
if ($value == 'users') {
define('USERS_EXCEPTION', 0);
}
}
}
define('MODULES_INSTALL', $_SESSION[ROOT . '/modules_install']);
define('MODULES_EDIT', $_SESSION[ROOT . '/modules_edit']);
define('MODULES_UNINSTALL', $_SESSION[ROOT . '/modules_uninstall']);
define('SETTINGS_EDIT', $_SESSION[ROOT . '/settings_edit']);
define('FILTER', $_SESSION[ROOT . '/filter']);
} else {
define('FILTER', 1);
}
/* define table access */
define('TABLE_NEW', constant(strtoupper(TABLE_PARAMETER) . '_NEW'));
define('TABLE_INSTALL', constant(strtoupper(TABLE_PARAMETER) . '_INSTALL'));
define('TABLE_EDIT', constant(strtoupper(TABLE_PARAMETER) . '_EDIT'));
define('TABLE_DELETE', constant(strtoupper(TABLE_PARAMETER) . '_DELETE'));
define('TABLE_UNINSTALL', constant(strtoupper(TABLE_PARAMETER) . '_UNINSTALL'));
/* define time */
define('GMDATE', gmdate('D, d M Y H:i:s') . ' GMT');
define('GMDATE_PLUS_WEEK', gmdate('D, d M Y H:i:s', strtotime('+1 week')) . ' GMT');
define('GMDATE_PLUS_YEAR', gmdate('D, d M Y H:i:s', strtotime('+1 year')) . ' GMT');
define('NOW', date('Y-m-d H:i:s'));
define('DELAY', date('Y-m-d H:i:s', strtotime('+1 minute')));
define('TODAY', date('Y-m-d'));
/* future update */
define('UPDATE', $_SESSION[ROOT . '/update']);
if (UPDATE == '') {
future_update('articles');
future_update('extras');
$_SESSION[ROOT . '/update'] = DELAY;
} else {
if (UPDATE < NOW) {
$_SESSION[ROOT . '/update'] = '';
}
}
}
/**
* admin process
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Admin
* @author Henry Ruhs
*/
function admin_process()
{
$aliasFilter = new Redaxscript\Filter\Alias();
$emailFilter = new Redaxscript\Filter\Email();
$urlFilter = new Redaxscript\Filter\Url();
$htmlFilter = new Redaxscript\Filter\Html();
$aliasValidator = new Redaxscript\Validator\Alias();
$loginValidator = new Redaxscript\Validator\Login();
$specialFilter = new Redaxscript\Filter\Special();
$messenger = new Redaxscript\Admin\Messenger(Redaxscript\Registry::getInstance());
$filter = Redaxscript\Registry::get('filter');
$tableParameter = Redaxscript\Registry::get('tableParameter');
$idParameter = Redaxscript\Registry::get('idParameter');
/* clean post */
switch ($tableParameter) {
/* categories */
case 'categories':
$parent = $r['parent'] = $specialFilter->sanitize($_POST['parent']);
/* articles */
/* articles */
case 'articles':
$r['keywords'] = $_POST['keywords'];
$r['robots'] = $specialFilter->sanitize($_POST['robots']);
$r['template'] = $specialFilter->sanitize($_POST['template']);
/* extras */
/* extras */
case 'extras':
$title = $r['title'] = $_POST['title'];
if ($tableParameter != 'categories') {
$r['headline'] = $specialFilter->sanitize($_POST['headline']);
}
$r['sibling'] = $specialFilter->sanitize($_POST['sibling']);
$author = $r['author'] = Redaxscript\Registry::get('myUser');
/* comments */
/* comments */
case 'comments':
if ($tableParameter == 'comments') {
$r['url'] = $urlFilter->sanitize($_POST['url']);
$author = $r['author'] = $_POST['author'];
}
if ($tableParameter != 'categories') {
$text = $r['text'] = $filter ? $htmlFilter->sanitize($_POST['text']) : $_POST['text'];
$date = $r['date'] = $_POST['date'];
}
$rank = $r['rank'] = $specialFilter->sanitize($_POST['rank']);
/* groups */
/* groups */
case 'groups':
if ($tableParameter != 'comments') {
$alias = $r['alias'] = $aliasFilter->sanitize($_POST['alias']);
}
/* users */
/* users */
case 'users':
if ($tableParameter != 'groups') {
$language = $r['language'] = $specialFilter->sanitize($_POST['language']);
}
/* modules */
/* modules */
case 'modules':
$alias = $aliasFilter->sanitize($_POST['alias']);
$status = $r['status'] = $specialFilter->sanitize($_POST['status']);
if ($tableParameter != 'groups' && $tableParameter != 'users' && Redaxscript\Registry::get('groupsEdit')) {
$access = array_map([$specialFilter, 'sanitize'], $_POST['access']);
$access_string = implode(', ', $access);
if (!$access_string) {
$access_string = null;
}
$access = $r['access'] = $access_string;
}
if ($tableParameter != 'extras' && $tableParameter != 'comments') {
$r['description'] = $_POST['description'];
}
$token = $_POST['token'];
break;
}
/* clean contents post */
if ($tableParameter == 'articles') {
$r['byline'] = $specialFilter->sanitize($_POST['byline']);
$comments = $r['comments'] = $specialFilter->sanitize($_POST['comments']);
if ($category && !$idParameter) {
$status = $r['status'] = Redaxscript\Db::forTablePrefix('categories')->where('id', $category)->findOne()->status;
}
}
if ($tableParameter == 'articles' || $tableParameter == 'extras') {
$category = $r['category'] = $specialFilter->sanitize($_POST['category']);
}
if ($tableParameter == 'articles' || $tableParameter == 'extras' || $tableParameter == 'comments') {
if ($date > Redaxscript\Registry::get('now')) {
$status = $r['status'] = 2;
}
if (!$date) {
$r['date'] = Redaxscript\Registry::get('now');
}
}
if ($tableParameter == 'extras' || $tableParameter == 'comments') {
$article = $r['article'] = $specialFilter->sanitize($_POST['article']);
}
if ($tableParameter == 'comments' && !$idParameter) {
$status = $r['status'] = Redaxscript\Db::forTablePrefix('articles')->where('id', $article)->findOne()->status;
}
if ($tableParameter == 'comments' || $tableParameter == 'users') {
$email = $r['email'] = $emailFilter->sanitize($_POST['email']);
}
/* clean groups post */
if ($tableParameter == 'groups' && (!$idParameter || $idParameter > 1)) {
$groups_array = ['categories', 'articles', 'extras', 'comments', 'groups', 'users', 'modules'];
foreach ($groups_array as $value) {
${$value} = array_map([$specialFilter, 'sanitize'], $_POST[$value]);
$groups_string = implode(', ', ${$value});
if (!$groups_string) {
$groups_string = 0;
}
$r[$value] = $groups_string;
}
$r['settings'] = $specialFilter->sanitize($_POST['settings']);
$r['filter'] = $specialFilter->sanitize($_POST['filter']);
}
if (($tableParameter == 'groups' || $tableParameter == 'users') && $idParameter == 1) {
$status = $r['status'] = 1;
}
if ($tableParameter == 'groups' || $tableParameter == 'users' || $tableParameter == 'modules') {
$name = $r['name'] = $specialFilter->sanitize($_POST['name']);
}
/* clean users post */
if ($tableParameter == 'users') {
if ($_POST['user']) {
$user = $r['user'] = $specialFilter->sanitize($_POST['user']);
} else {
$user = $r['user'] = Redaxscript\Db::forTablePrefix($tableParameter)->where('id', $idParameter)->findOne()->user;
}
$password_check = $password_confirm = 1;
if ($_POST['edit'] && !$_POST['password'] && !$_POST['password_confirm'] || $_POST['delete']) {
$password_check = 0;
}
if ($_POST['password'] != $_POST['password_confirm']) {
$password_confirm = 0;
}
$password = $specialFilter->sanitize($_POST['password']);
if ($password_check == 1 && $password_confirm == 1) {
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
$r['password'] = $passwordHash->getHash();
}
if ($_POST['new']) {
$r['first'] = $r['last'] = Redaxscript\Registry::get('now');
}
if (!$idParameter || $idParameter > 1) {
$groups = array_map([$specialFilter, 'sanitize'], $_POST['groups']);
$groups_string = implode(', ', $groups);
if (!$groups_string) {
$groups_string = 0;
}
$groups = $r['groups'] = $groups_string;
}
}
$r_keys = array_keys($r);
$last = end($r_keys);
/* validate post */
switch ($tableParameter) {
/* contents */
case 'categories':
case 'articles':
case 'extras':
if (!$title) {
$error = Redaxscript\Language::get('title_empty');
}
if ($tableParameter == 'categories') {
$opponent_id = Redaxscript\Db::forTablePrefix('articles')->where('alias', $alias)->findOne()->id;
}
if ($tableParameter == 'articles') {
$opponent_id = Redaxscript\Db::forTablePrefix('categories')->where('alias', $alias)->findOne()->id;
}
if ($opponent_id) {
$error = Redaxscript\Language::get('alias_exists');
}
if ($tableParameter != 'groups' && $aliasValidator->validate($alias, Redaxscript\Validator\Alias::MODE_GENERAL) == Redaxscript\Validator\ValidatorInterface::PASSED || $aliasValidator->validate($alias, Redaxscript\Validator\Alias::MODE_DEFAULT) == Redaxscript\Validator\ValidatorInterface::PASSED) {
$error = Redaxscript\Language::get('alias_incorrect');
}
/* groups */
/* groups */
case 'groups':
if (!$alias) {
$error = Redaxscript\Language::get('alias_empty');
} else {
$alias_id = Redaxscript\Db::forTablePrefix($tableParameter)->where('id', $idParameter)->findOne()->alias;
$id_alias = Redaxscript\Db::forTablePrefix($tableParameter)->where('alias', $alias)->findOne()->id;
}
if ($id_alias && strcasecmp($alias_id, $alias) < 0) {
$error = Redaxscript\Language::get('alias_exists');
}
}
/* validate general post */
switch ($tableParameter) {
case 'articles':
case 'extras':
case 'comments':
if (!$text) {
$error = Redaxscript\Language::get('text_empty');
}
break;
case 'groups':
case 'users':
case 'modules':
if (!$name) {
$error = Redaxscript\Language::get('name_empty');
}
break;
}
/* validate users post */
if ($tableParameter == 'users') {
if (!$user) {
$error = Redaxscript\Language::get('user_incorrect');
} else {
$user_id = Redaxscript\Db::forTablePrefix($tableParameter)->where('id', $idParameter)->findOne()->user;
$id_user = Redaxscript\Db::forTablePrefix($tableParameter)->where('user', $user)->findOne()->id;
}
if ($id_user && strcasecmp($user_id, $user) < 0) {
$error = Redaxscript\Language::get('user_exists');
}
if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = Redaxscript\Language::get('user_incorrect');
}
if ($password_check == 1) {
if (!$password) {
$error = Redaxscript\Language::get('password_empty');
}
if ($password_confirm == 0 || $loginValidator->validate($password) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = Redaxscript\Language::get('password_incorrect');
}
}
}
/* validate last post */
$emailValidator = new Redaxscript\Validator\Email();
switch ($tableParameter) {
case 'comments':
if (!$author) {
$error = Redaxscript\Language::get('author_empty');
}
case 'users':
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = Redaxscript\Language::get('email_incorrect');
}
}
$route = 'admin';
/* handle error */
if ($error) {
if (!$idParameter) {
$route .= '/new/' . $tableParameter;
} else {
$route .= '/edit/' . $tableParameter . '/' . $idParameter;
}
/* show error */
echo $messenger->setRoute(Redaxscript\Language::get('back'), $route)->error($error, Redaxscript\Language::get('error_occurred'));
return;
} else {
if (Redaxscript\Registry::get('tableEdit') == 1 || Redaxscript\Registry::get('tableEdit') == 1) {
$route .= '/view/' . $tableParameter;
if ($alias) {
$route .= '#' . $alias;
} else {
if ($user) {
$route .= '#' . $user;
}
}
}
}
/* select to null */
foreach ($r as $key => $value) {
if ($value == 'select') {
$r[$key] = null;
}
}
/* process */
switch (true) {
/* query new */
case $_POST['new']:
Redaxscript\Db::forTablePrefix(Redaxscript\Registry::get('tableParameter'))->create()->set($r)->save();
/* show success */
echo $messenger->setRoute(Redaxscript\Language::get('continue'), $route)->doRedirect()->success(Redaxscript\Language::get('operation_completed'));
return;
/* query edit */
/* query edit */
case $_POST['edit']:
Redaxscript\Db::forTablePrefix(Redaxscript\Registry::get('tableParameter'))->whereIdIs(Redaxscript\Registry::get('idParameter'))->findOne()->set($r)->save();
/* query categories */
if ($tableParameter == 'categories') {
$categoryChildren = Redaxscript\Db::forTablePrefix($tableParameter)->where('parent', $idParameter);
$categoryArray = array_merge($categoryChildren->findFlatArray(), [$idParameter]);
$articleChildren = Redaxscript\Db::forTablePrefix('articles')->whereIn('category', $categoryArray);
$articleArray = $articleChildren->findFlatArray();
if (count($articleArray) > 0) {
Redaxscript\Db::forTablePrefix('comments')->whereIn('article', $articleArray)->findMany()->set(['status' => $status, 'access' => $access])->save();
}
$categoryChildren->findMany()->set(['status' => $status, 'access' => $access])->save();
$articleChildren->findMany()->set(['status' => $status, 'access' => $access])->save();
}
/* query articles */
if ($tableParameter == 'articles') {
if ($comments == 0) {
$status = 0;
}
Redaxscript\Db::forTablePrefix('comments')->where('article', $idParameter)->findMany()->set(['status' => $status, 'access' => $access])->save();
}
if ($tableParameter == 'users' && $idParameter == Redaxscript\Registry::get('myId')) {
$auth = new Redaxscript\Auth(Redaxscript\Request::getInstance());
$auth->init();
$auth->setUser('name', $name);
$auth->setUser('email', $email);
$auth->setUser('language', $language);
$auth->save();
Redaxscript\Request::setSession('language', $language);
}
/* show success */
echo $messenger->setRoute(Redaxscript\Language::get('continue'), $route)->doRedirect()->success(Redaxscript\Language::get('operation_completed'));
return;
}
}
/**
* registration post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Registration
* @author Henry Ruhs
*/
function registration_post()
{
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/registration'] == 'visited') {
$name = $r['name'] = clean($_POST['name'], 0);
$user = $r['user'] = clean($_POST['user'], 0);
$email = $r['email'] = clean($_POST['email'], 3);
$password = substr(sha1(uniqid()), 0, 10);
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
$r['password'] = $passwordHash->getHash();
$r['description'] = '';
$r['language'] = Redaxscript\Registry::get('language');
$r['first'] = $r['last'] = NOW;
$r['groups'] = Redaxscript\Db::forTablePrefix('groups')->where('alias', 'members')->findOne()->id;
if ($r['groups'] == '') {
$r['groups'] = 0;
}
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* validate post */
$loginValidator = new Redaxscript\Validator\Login();
$emailValidator = new Redaxscript\Validator\Email();
$captchaValidator = new Redaxscript\Validator\Captcha();
if ($name == '') {
$error = l('name_empty');
} else {
if ($user == '') {
$error = l('user_empty');
} else {
if ($email == '') {
$error = l('email_empty');
} else {
if ($loginValidator->validate($user) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('user_incorrect');
} else {
if ($emailValidator->validate($email) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('email_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if (Redaxscript\Db::forTablePrefix('users')->where('user', $user)->findOne()->id) {
$error = l('user_exists');
} else {
if (USERS_NEW == 0 && s('verification') == 1) {
$r['status'] = 0;
$success = l('registration_verification');
} else {
$r['status'] = 1;
$success = l('registration_sent');
}
/* send login information */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($name => $email);
if (s('notification') == 1) {
$toArray[s('author')] = s('email');
}
$fromArray = array($author => $email);
$subject = l('registration');
$bodyArray = array('<strong>' . l('name') . l('colon') . '</strong> ' . $name, '<br />', '<strong>' . l('user') . l('colon') . '</strong> ' . $user, '<br />', '<strong>' . l('password') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '<strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* create user */
Redaxscript\Db::forTablePrefix('users')->create()->set($r)->save();
}
}
}
}
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
notification(l('error_occurred'), $error, l('back'), 'registration');
} else {
notification(l('operation_completed'), $success, l('login'), 'login');
}
$_SESSION[ROOT . '/registration'] = '';
}
/**
* password reset post
*
* @since 1.2.1
* @deprecated 2.0.0
*
* @package Redaxscript
* @category Password
* @author Henry Ruhs
*/
function password_reset_post()
{
$captchaValidator = new Redaxscript\Validator\Captcha();
/* clean post */
if (ATTACK_BLOCKED < 10 && $_SESSION[ROOT . '/password_reset'] == 'visited') {
$post_id = clean($_POST['id'], 0);
$post_password = clean($_POST['password'], 0);
$password = substr(sha1(uniqid()), 0, 10);
$task = $_POST['task'];
$solution = $_POST['solution'];
}
/* query user information */
if ($post_id && $post_password) {
$users_result = Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'status' => 1))->findArray();
foreach ($users_result as $r) {
foreach ($r as $key => $value) {
$key = 'my_' . $key;
${$key} = stripslashes($value);
}
}
}
/* validate post */
if ($post_id == '' || $post_password == '') {
$error = l('input_incorrect');
} else {
if ($captchaValidator->validate($task, $solution) == Redaxscript\Validator\ValidatorInterface::FAILED) {
$error = l('captcha_incorrect');
} else {
if ($my_id == '' || sha1($my_password) != $post_password) {
$error = l('access_no');
} else {
/* send new password */
$loginRoute = ROOT . '/' . REWRITE_ROUTE . 'login';
$loginLink = anchor_element('external', '', '', $loginRoute, $loginRoute);
$toArray = array($my_name => $my_email);
$fromArray = array(s('author') => s('email'));
$subject = l('password_new');
$bodyArray = array('<strong>' . l('password_new') . l('colon') . '</strong> ' . $password, '<br />', '<strong>' . l('login') . l('colon') . '</strong> ' . $loginLink);
/* mailer object */
$mailer = new Redaxscript\Mailer();
$mailer->init($toArray, $fromArray, $subject, $bodyArray);
$mailer->send();
/* update password */
$passwordHash = new Redaxscript\Hash(Redaxscript\Config::getInstance());
$passwordHash->init($password);
Redaxscript\Db::forTablePrefix('users')->where(array('id' => $post_id, 'status' => 1))->findOne()->set('password', $passwordHash->getHash())->save();
}
}
}
/* handle error */
if ($error) {
if (s('blocker') == 1) {
$_SESSION[ROOT . '/attack_blocked']++;
}
if ($post_id && $post_password) {
$back_route = 'password_reset/' . $post_id . '/' . $post_password;
} else {
$back_route = 'reminder';
}
notification(l('error_occurred'), $error, l('back'), $back_route);
} else {
notification(l('operation_completed'), l('password_sent'), l('login'), 'login');
}
$_SESSION[ROOT . '/password_reset'] = '';
}
