/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT) $IV = array('GET' => array('category' => array('int', 0, 'mandatory' => false), 'page' => array('int', 1, 'default' => 1), 'mode' => array(array('mobile', 'desktop', 'tablet'), 'mandatory' => false), 'commentId' => array('int', 0, 'mandatory' => false), 'commentInput' => array('bool', 'mandatory' => false))); require ROOT . '/library/preprocessor.php'; if (empty($suri['value'])) { list($entries, $paging) = getEntriesWithPaging($blogid, $suri['page'], $blog['entriesOnPage']); } else { if (isset($_GET['category'])) { // category exists if (Validator::isInteger($_GET['category'], 0)) { list($entries, $paging) = getEntryWithPagingBySlogan($blogid, $suri['value'], false, $_GET['category']); } } else { // Just normal entry view list($entries, $paging) = getEntryWithPagingBySlogan($blogid, $suri['value']); if (isset($_GET['commentId']) || isset($_GET['commentInput'])) { if (isset($_GET['commentId']) && Validator::isInteger($_GET['commentId'], 1)) { $commentId = $_GET['commentId']; } else { $commentId = 1; } $suri['page'] = getCommentPageById(getBlogId(), $entries[0]['id'], $commentId); $context->setProperty('blog.showCommentBox', true); } } } fireEvent('OBStart'); require ROOT . '/interface/common/blog/begin.php'; if (empty($suri['value'])) { require ROOT . '/interface/common/blog/entries.php'; } else { if (empty($entries)) {
private function validate() { if (is_null($this->id)) { $this->id = $this->getNextId(); } $this->category = Utils_Unicode::lessenAsByte($this->category, 11); $this->content = Utils_Unicode::lessenAsByte($this->content, 512); if (empty($this->author)) { $this->author = User::getName(); } $this->author = Utils_Unicode::lessenAsByte($this->author, 32); if (!Validator::isInteger($this->blogid, 1)) { return $this->error('blogid'); } if (!Validator::timestamp($this->created)) { return $this->error('created'); } return true; }
function addCategory($blogid, $parent, $name, $id = null, $priority = null) { $pool = DBModel::getInstance(); if (empty($name)) { return false; } if (!is_null($parent) && !Validator::id($parent)) { return false; } if (!is_null($id) && !Validator::isInteger($id, 0)) { return false; } if ($priority !== null && !Validator::isInteger($priority, 0)) { return false; } if (!is_null($parent)) { $pool->reset('Categories'); $pool->setQualifier('blogid', 'eq', $blogid); $pool->setQualifier('id', 'eq', $parent); $label = $pool->getCell('name'); if ($label === null) { return false; } $label .= '/' . $name; } else { $parent = 'NULL'; $label = $name; } $label = Utils_Unicode::lessenAsEncoding($label, 255); $name = Utils_Unicode::lessenAsEncoding($name, 127); $pool->reset('Categories'); $pool->setQualifier('blogid', 'eq', $blogid); $pool->setQualifier('name', 'eq', $name, true); if ($parent == 'NULL') { $pool->setQualifier('parent', 'eq', NULL); } else { $pool->setQualifier('parent', 'eq', $parent); } if ($pool->getCount() > 0) { return false; } if (!is_null($priority)) { $pool->reset('Categories'); $pool->setQualifier('blogid', 'eq', $blogid); $pool->setQualifier('priority', 'eq', $priority); if ($pool->doesExist()) { return false; } else { $newPriority = $priority; } } else { $pool->reset('Categories'); $pool->setQualifier('blogid', 'eq', $blogid); $newPriority = $pool->getCell('MAX(priority)') + 1; } // Determine ID. if (!is_null($id)) { $pool->reset('Categories'); $pool->setQualifier('blogid', 'eq', $blogid); $pool->setQualifier('id', 'eq', $id); if ($pool->doesExist()) { return false; } else { $newId = $id; } } else { $pool->reset('Categories'); $pool->setQualifier('blogid', 'eq', $blogid); $newId = $pool->getCell('MAX(id)') + 1; } $pool->reset('Categories'); $pool->setAttribute('blogid', $blogid); $pool->setAttribute('id', $newId); if ($parent == 'NULL') { $pool->setAttribute('parent', NULL); } else { $pool->setAttribute('parent', $parent); } $pool->setAttribute('name', $name, true); $pool->setAttribute('priority', $newPriority); $pool->setAttribute('entries', 0); $pool->setAttribute('entriesinlogin', 0); $pool->setAttribute('label', $label, true); $pool->setAttribute('visibility', 2); $result = $pool->insert(); updateEntriesOfCategory($blogid, $newId); return $result ? true : false; }
function getEntriesWithPagingForOwner($blogid, $category, $search, $page, $count, $visibility = null, $starred = null, $draft = null, $tag = null) { global $database, $suri; $teamMemberFilter = ""; if (!Acl::check("group.editors", "entry.list")) { $teamMemberFilter = " AND e.userid = " . getUserId(); } $sqlTable = "SELECT e.*, c.label AS categoryLabel, d.id AS draft \n\t\tFROM {$database['prefix']}Entries e \n\t\tLEFT JOIN {$database['prefix']}Categories c ON e.category = c.id AND e.blogid = c.blogid \n\t\tLEFT JOIN {$database['prefix']}Entries d ON e.blogid = d.blogid AND e.id = d.id AND d.draft = 1 "; $sql = " WHERE e.blogid = {$blogid} AND e.draft = 0" . $teamMemberFilter; if ($category > 0) { $categories = POD::queryColumn("SELECT id FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND parent = {$category}"); array_push($categories, $category); $sql .= ' AND e.category IN (' . implode(', ', $categories) . ')'; } else { if ($category == -3) { $sql .= ' AND e.category = 0'; } else { if ($category == -5) { $sql .= ' AND e.category >= -2'; } else { if ($category == 0) { $sql .= ' AND e.category >= 0'; } else { $sql .= ' AND e.category = ' . $category; } } } } if (isset($visibility)) { if (Validator::isInteger($visibility, 0, 3)) { $sql .= ' AND e.visibility = ' . $visibility; } else { $sql .= ' AND e.visibility ' . $visibility; } } if (isset($starred)) { if (Validator::isInteger($starred, 0, 3)) { $sql .= ' AND e.starred = ' . $starred; } else { $sql .= ' AND e.starred ' . $starred; } } if (!empty($search)) { $search = escapeSearchString($search); $sql .= " AND (e.title LIKE '%{$search}%' OR e.content LIKE '%{$search}%')"; } if (!empty($tag)) { $sqlTable .= " LEFT JOIN {$database['prefix']}TagRelations t ON e.id = t.entry AND e.blogid = t.blogid "; $sql .= ' AND t.tag = ' . $tag; } $sql .= ' ORDER BY e.published DESC'; return Paging::fetch($sqlTable . $sql, $page, $count); }
function addCategory($blogid, $parent, $name, $id = null, $priority = null) { global $database; if (empty($name)) { return false; } if (!is_null($parent) && !Validator::id($parent)) { return false; } if (!is_null($id) && !Validator::isInteger($id, 0)) { return false; } if ($priority !== null && !Validator::isInteger($priority, 0)) { return false; } if (!is_null($parent)) { $label = POD::queryCell("SELECT name FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND id = {$parent}"); if ($label === null) { return false; } $label .= '/' . $name; } else { $parent = 'NULL'; $label = $name; } $label = POD::escapeString(UTF8::lessenAsEncoding($label, 255)); $name = POD::escapeString(UTF8::lessenAsEncoding($name, 127)); if ($parent == 'NULL') { $parentStr = 'AND parent is null'; } else { $parentStr = "AND parent = {$parent}"; } $sql = "SELECT count(*) FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND name = '{$name}' {$parentStr}"; if (POD::queryCell($sql) > 0) { return false; } if (!is_null($priority)) { if (POD::queryExistence("SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND priority = {$priority}")) { return false; } else { $newPriority = $priority; } } else { $newPriority = POD::queryCell("SELECT MAX(priority) FROM {$database['prefix']}Categories WHERE blogid = {$blogid}") + 1; } // Determine ID. if (!is_null($id)) { $sql = "SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND id = {$id}"; if (POD::queryExistence($sql)) { return false; } else { $newId = $id; } } else { $newId = POD::queryCell("SELECT MAX(id) FROM {$database['prefix']}Categories WHERE blogid = {$blogid}") + 1; } $result = POD::query("INSERT INTO {$database['prefix']}Categories (blogid, id, parent, name, priority, entries, entriesinlogin, label, visibility) VALUES ({$blogid}, {$newId}, {$parent}, '{$name}', {$newPriority}, 0, 0, '{$label}', 2)"); updateEntriesOfCategory($blogid, $newId); return $result ? true : false; }
public static function authorize($blogid, $userid, $expires = null) { if (is_null(self::$context)) { self::initialize(); } $blogid = intval($blogid); $userid = intval($userid); if (!Validator::isInteger($expires, 0)) { return false; } $session_cookie_path = "/"; $t = self::$context->getProperty('service.session_cookie_path'); if (!empty($t)) { $session_cookie_path = self::$context->getProperty('service.session_cookie_path'); } if (!is_numeric($userid)) { return false; } $current = Timestamp::getUNIXtime(); if (is_null($expires)) { $expires = $current + self::$context->getProperty('service.timeout'); } if ($userid != SESSION_OPENID_USERID) { /* OpenID session : -1 */ $_SESSION['userid'] = $userid; $id = session_id(); if (self::isGuestOpenIDSession($id)) { $result = self::query('execute', "UPDATE " . self::$context->getProperty('database.prefix') . "Sessions " . "SET userid = {$userid} WHERE id = '{$id}'"); if ($result) { return true; } } } if (self::isAuthorized(session_id())) { return true; } for ($i = 0; $i < 3; $i++) { $id = dechex(rand(0x10000000, 0x7fffffff)) . dechex(rand(0x10000000, 0x7fffffff)) . dechex(rand(0x10000000, 0x7fffffff)) . dechex(rand(0x10000000, 0x7fffffff)); $result = self::query('execute', "INSERT INTO " . self::$context->getProperty('database.prefix') . "Sessions\n\t\t\t\t(id, address, userid, created, updated, expires)\n\t\t\t\tVALUES('{$id}', '{$_SERVER['REMOTE_ADDR']}', {$userid}, {$current}, {$current}, {$expires})"); if ($result) { @session_id($id); //$service['domain'] = $service['domain'].':8888'; setcookie(self::getName(), $id, 0, $session_cookie_path, self::$context->getProperty('service.session_cookie_domain')); return true; } } return false; }
/** * Valid: Jan 1 1971 ~ Dec 31 2037 GMT */ static function timestamp($value) { return Validator::isInteger($value) && $value >= 31536000 && $value < 2145916800; }
function getEntriesWithPagingForOwner($blogid, $category, $search, $page, $count, $visibility = null, $starred = null, $draft = null, $tag = null) { $pool = DBModel::getInstance(); if ($category > 0) { $categories = getChildCategoryId($blogid, $category); array_push($categories, $category); } $pool->reset("Entries"); $pool->setAlias("Entries", "e"); $pool->extend("Categories", "LEFT", array(array('e.blogid', 'eq', 'c.blogid'), array('e.category', '=', 'c.id'))); $pool->setAlias("Categories", "c"); $pool->extend("Entries d", "LEFT", array(array('e.blogid', 'eq', 'd.blogid'), array('e.id', 'eq', 'd.id'), array("d.draft", "eq", 1))); if (!Acl::check("group.editors", "entry.list")) { $pool->setQualifier("e.userid", "eq", getUserId()); } $pool->setQualifier("e.blogid", "eq", $blogid); $pool->setQualifier("e.draft", "eq", 0); $pool->setProjection("e.*", "c.label AS categoryLabel", "d.id AS draft"); $pool->setOrder("e.published", "DESC"); if (!Acl::check("group.editors", "entry.list")) { $pool->setQualifier("e.userid", "eq", getUserId()); } if ($category > 0) { $pool->setQualifier("e.category", "hasoneof", $categories); } else { if ($category == -3) { $pool->setQualifier("e.category", "eq", 0); } else { if ($category == -5) { $pool->setQualifier("e.category", ">=", -3); } else { if ($category == 0) { $pool->setQualifier("e.category", ">=", 0); } else { $pool->setQualifier("e.category", "eq", $category); } } } } if (isset($visibility)) { if (Validator::isInteger($visibility, 0, 3)) { $pool->setQualifier("e.visibility", "eq", $visibility); } } if (isset($starred)) { if (Validator::isInteger($starred, 0, 3)) { $pool->setQualifier("e.starred", "eq", $starred); } } if (!empty($search)) { $search = escapeSearchString($search); $pool->setQualifierSet(array("e.title", "like", $search, true), "OR", array("e.content", "like", $search, true)); } if (!empty($tag)) { $pool->join("TagRelations", "left", array(array("e.id", "eq", "t.entry"), array("e.blogid", "eq", "t.blogid"))); $pool->setAlias("TagRelations", "t"); $pool->setQualifier("t.tag", "eq", $tag, true); } return Paging::fetch($pool, $page, $count); }
require ROOT . '/interface/common/blog/begin.php'; require ROOT . '/interface/common/blog/end.php'; } } } } else { list($entries, $paging) = getEntriesWithPaging($blogid, $suri['page'], $blog['entriesOnPage']); require ROOT . '/interface/common/blog/begin.php'; require ROOT . '/interface/common/blog/entries.php'; require ROOT . '/interface/common/blog/end.php'; } } else { // With id. if (isset($_GET['category'])) { // category exists if (Validator::isInteger($_GET['category'], 0)) { list($entries, $paging) = getEntryWithPaging($blogid, $suri['id'], false, $_GET['category']); } } else { // Just normal entry view list($entries, $paging) = getEntryWithPaging($blogid, $suri['id']); } if (isset($_POST['partial'])) { // Partial output. header('Content-Type: text/plain; charset=utf-8'); $skin = new Skin($context->getProperty('skin.skin')); $view = '[##_article_rep_##]'; require ROOT . '/interface/common/blog/entries.php'; $view = removeAllTags($view); if ($view != '[##_article_rep_##]') { print $view;