protected function _preSaveEntry(array &$entry, array $data, $action) { $iaAcl = $this->_iaCore->factory('acl'); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); $entry['id'] = $iaAcl->obtainFreeId(); $entry['assignable'] = $data['visible']; $entry['visible'] = $data['visible']; if (iaCore::ACTION_ADD == $action) { if (empty($data['name'])) { $this->addMessage('error_usergroup_incorrect'); } else { $entry['name'] = strtolower(iaSanitize::paranoid($data['name'])); if (!iaValidate::isAlphaNumericValid($entry['name'])) { $this->addMessage('error_usergroup_incorrect'); } elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) { $this->addMessage('error_usergroup_exists'); } } } foreach ($this->_iaCore->languages as $iso => $title) { if (empty($data['title'][$iso])) { $this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $this->_iaCore->languages[$iso])), false); } elseif (!utf8_is_valid($data['title'][$iso])) { $data['title'][$iso] = utf8_bad_replace($data['title'][$iso]); } } if (!$this->getMessages()) { foreach ($this->_iaCore->languages as $iso => $title) { iaLanguage::addPhrase('usergroup_' . $entry['name'], $data['title'][$iso], $iso); } } return !$this->getMessages(); }
public function doAjaxItemSearch($itemName, array $params) { $page = isset($params[self::GET_PARAM_PAGE]) ? max((int) $params[self::GET_PARAM_PAGE], 1) : 1; $sorting = array(isset($params[self::GET_PARAM_SORTING_FIELD]) ? $params[self::GET_PARAM_SORTING_FIELD] : null, isset($params[self::GET_PARAM_SORTING_ORDER]) && in_array($params[self::GET_PARAM_SORTING_ORDER], array('asc', 'desc')) ? $params[self::GET_PARAM_SORTING_ORDER] : null); $result = array('hash' => $this->httpBuildQuery($params)); unset($params[self::GET_PARAM_PAGE], $params[self::GET_PARAM_SORTING_FIELD], $params[self::GET_PARAM_SORTING_ORDER]); if ($this->_loadItemInstance($itemName)) { $this->_limit = 1; $this->_start = ($page - 1) * $this->_limit; $this->_sorting = empty($sorting[0]) ? array() : array(iaSanitize::paranoid($sorting[0]), $sorting[1]); $this->_processParams($params); if ($search = $this->_performItemSearch()) { $p = empty($_GET['page']) ? null : $_GET['page']; $_GET['page'] = $page; // dirty hack to make this work correctly $result['pagination'] = iaSmarty::pagination(array('aTotal' => $search[0], 'aItemsPerPage' => $this->_limit, 'aTemplate' => '#'), $this->iaView->iaSmarty); is_null($p) || ($_GET['page'] = $p); $result['html'] = $this->_renderResults($search[1]); } } return $result; }
protected function _preSaveEntry(array &$entry, array $data, $action) { $entry['assignable'] = (int) $data['visible']; $entry['visible'] = (int) $data['visible']; if (iaCore::ACTION_ADD == $action) { if (empty($data['name'])) { $this->addMessage('error_usergroup_incorrect'); } else { $entry['name'] = strtolower(iaSanitize::paranoid($data['name'])); if (!iaValidate::isAlphaNumericValid($entry['name'])) { $this->addMessage('error_usergroup_incorrect'); } elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) { $this->addMessage('error_usergroup_exists'); } } } foreach ($this->_iaCore->languages as $code => $language) { if (empty($data['title'][$code])) { $this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $language['title'])), false); } } return !$this->getMessages(); }
private function _downloadLanguage(&$iaView) { $language = isset($_POST['lang']) ? iaSanitize::paranoid($_POST['lang']) : $this->_iaCore->requestPath[1]; $format = isset($_POST['file_format']) && in_array($_POST['file_format'], array('csv', 'sql')) ? $_POST['file_format'] : 'sql'; $phrases = $this->_iaDb->all(iaDb::ALL_COLUMNS_SELECTION, "`code` = '" . $language . "'"); $fileName = urlencode(isset($_POST['filename']) ? $_POST['filename'] . '.' . $format : 'subrion_' . IA_VERSION . '_' . $this->_iaCore->requestPath[1] . '.' . $format); header('Content-Type: text/plain; charset=utf-8'); header('Content-Disposition: attachment; filename="' . $fileName . '"'); $stream = fopen('php://output', 'w'); if ('sql' == $format) { fwrite($stream, 'INSERT INTO `{prefix}language` (`id`, `key`, `original`, `value`, `category`, `code`, `extras`) VALUES' . PHP_EOL); } foreach ($phrases as $i => $entry) { switch ($format) { case 'sql': $data = '('; foreach ($entry as $key => $value) { $data .= $value ? 'id' == $key ? 'NULL' : "'" . iaSanitize::sql($value) . "'" : "''"; $data .= ', '; } $data = substr($data, 0, -2); $data .= isset($phrases[$i + 1]) ? '),' . PHP_EOL : ');'; fwrite($stream, $data); break; default: unset($entry['id']); $entry['value'] = str_replace(array("\r\n", "\r", "\n"), '\\n', $entry['value']); $entry['original'] = str_replace(array("\r\n", "\r", "\n"), '\\n', $entry['original']); fputcsv($stream, $entry, '|', '"'); } } fclose($stream); $iaView->set('nodebug', true); exit; }
protected function _preSaveEntry(array &$entry, array $data, $action) { if ($data['name']) { if ($name = iaSanitize::paranoid(iaSanitize::tags($data['name']))) { $entry['name'] = $name; } else { $this->addMessage('incorrect_menu_name'); return false; } } $entry['title'] = empty($data['title']) ? iaLanguage::get('without_title') : $data['title']; $entry['position'] = empty($data['position']) ? 'left' : $data['position']; $entry['classname'] = $data['classname']; $entry['sticky'] = (int) $data['sticky']; $entry['pages'] = empty($data['pages']) ? array() : $data['pages']; $entry['header'] = (int) $data['header']; $entry['collapsible'] = (int) $data['collapsible']; $entry['collapsed'] = (int) $data['collapsed']; $menuExists = $this->_iaDb->exists('`name` = :name', $entry); if (iaCore::ACTION_EDIT == $action) { $menuExists || $this->addMessage('menu_doesnot_exists'); } else { empty($menuExists) || $this->addMessage('menu_exists'); } return !$this->getMessages(); }
protected function _preSaveEntry(array &$entry, array $data, $action) { $entry = array('name' => iaSanitize::alias(iaUtil::checkPostParam('name')), 'item' => iaUtil::checkPostParam('item'), 'default' => iaUtil::checkPostParam('default'), 'lang_values' => iaUtil::checkPostParam('lang_values'), 'text_default' => iaSanitize::html(iaUtil::checkPostParam('text_default')), 'type' => iaUtil::checkPostParam('type'), 'annotation' => iaUtil::checkPostParam('annotation'), 'fieldgroup_id' => (int) iaUtil::checkPostParam('fieldgroup_id'), 'text_length' => (int) iaUtil::checkPostParam('text_length', 255), 'length' => iaUtil::checkPostParam('length', false), 'title' => iaUtil::checkPostParam('title'), 'pages' => iaUtil::checkPostParam('pages', array()), 'required' => iaUtil::checkPostParam('required'), 'use_editor' => (int) iaUtil::checkPostParam('use_editor'), 'empty_field' => iaSanitize::html(iaUtil::checkPostParam('empty_field')), 'url_nofollow' => (int) iaUtil::checkPostParam('url_nofollow'), 'groups' => iaUtil::checkPostParam('groups'), 'searchable' => (int) iaUtil::checkPostParam('searchable'), 'adminonly' => (int) iaUtil::checkPostParam('adminonly'), 'for_plan' => (int) iaUtil::checkPostParam('for_plan'), 'required_checks' => iaUtil::checkPostParam('required_checks'), 'extra_actions' => iaUtil::checkPostParam('extra_actions'), 'link_to' => (int) iaUtil::checkPostParam('link_to'), 'values' => '', 'relation' => iaUtil::checkPostParam('relation', iaField::RELATION_REGULAR), 'parents' => isset($data['parents']) && is_array($data['parents']) ? $data['parents'] : array(), 'children' => isset($data['children']) && is_array($data['children']) ? $data['children'] : array(), 'status' => iaUtil::checkPostParam('status', iaCore::STATUS_ACTIVE)); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad'); if (!$this->_iaDb->exists(iaDb::convertIds($entry['fieldgroup_id']), null, iaField::getTableGroups())) { $entry['fieldgroup_id'] = 0; } foreach ($this->_iaCore->languages as $code => $language) { if (!empty($entry['annotation'][$code])) { if (!utf8_is_valid($entry['annotation'][$code])) { $entry['annotation'][$code] = utf8_bad_replace($entry['annotation'][$code]); } } if (!empty($entry['title'][$code])) { if (!utf8_is_valid($entry['title'][$code])) { $entry['title'][$code] = utf8_bad_replace($entry['title'][$code]); } } else { $this->addMessage(iaLanguage::getf('field_is_empty', array('field' => $language['title'] . ' ' . iaLanguage::get('title'))), false); break; } } if (iaCore::ACTION_ADD == $action) { $entry['name'] = trim(strtolower(iaSanitize::paranoid($entry['name']))); if (empty($entry['name'])) { $this->addMessage('field_name_incorrect'); } } else { unset($entry['name']); } $fieldTypes = $this->_iaDb->getEnumValues(iaField::getTable(), 'type'); if ($fieldTypes['values'] && !in_array($entry['type'], $fieldTypes['values'])) { $this->addMessage('field_type_invalid'); } else { if (!$entry['length']) { $entry['length'] = iaField::DEFAULT_LENGTH; } switch ($entry['type']) { case iaField::TEXT: if (empty($entry['text_length'])) { $entry['text_length'] = 255; } $entry['length'] = min(255, max(1, $entry['text_length'])); $entry['default'] = $entry['text_default']; break; case iaField::TEXTAREA: $entry['default'] = ''; break; case iaField::COMBO: case iaField::RADIO: case iaField::CHECKBOX: if (!empty($data['values']) && is_array($data['values'])) { $keys = array(); $lang_values = array(); $multiDefault = explode('|', iaUtil::checkPostParam('multiple_default')); $_keys = iaUtil::checkPostParam('keys'); $_values = iaUtil::checkPostParam('values'); $_langValues = iaUtil::checkPostParam('lang_values'); foreach ($_keys as $index => $key) { if (trim($key) == '') { $key = $index + 1; $_keys[$index] = $key; } if (isset($_values[$index]) && trim($_values[$index]) != '') { $values[$key] = $_values[$index]; $keys[$key] = $key; } else { unset($_keys[$index], $_values[$index]); } if ($_langValues) { foreach ($this->_iaCore->languages as $code => $language) { if ($code != $this->_iaCore->iaView->language) { if (!isset($_values[$index])) { unset($_langValues[$code][$index]); } elseif (!isset($_langValues[$code][$index]) || trim($_langValues[$code][$index]) == '') { $lang_values[$code][$key] = $values[$key]; } else { $lang_values[$code][$key] = $_langValues[$code][$index]; } } } } } // delete default values if not exists in values foreach ($multiDefault as $index => $default) { if (!in_array($default, $values)) { unset($multiDefault[$index]); } else { $k = array_search($default, $values); $multiDefault[$index] = $k; } } $multiDefault = array_values($multiDefault); if (iaField::CHECKBOX == $entry['type']) { $multiDefault = implode(',', $multiDefault); } elseif (isset($multiDefault[0])) { // multiple default is available for checkboxes only $_POST['multiple_default'] = $multiDefault = $multiDefault[0]; } else { $_POST['multiple_default'] = $multiDefault = ''; } $entry['default'] = $multiDefault; $entry['keys'] = $keys; $entry['values'] = $values; $entry['lang_values'] = $lang_values; } else { $this->addMessage('one_value'); } break; case iaField::STORAGE: if (!empty($data['file_types'])) { $entry['file_types'] = str_replace(' ', '', iaUtil::checkPostParam('file_types')); $entry['length'] = (int) iaUtil::checkPostParam('max_files', 5); } else { $this->addMessage('error_file_type'); } break; case iaField::DATE: $entry['timepicker'] = (int) iaUtil::checkPostParam('timepicker'); break; case iaField::URL: $entry['url_nofollow'] = (int) iaUtil::checkPostParam('url_nofollow'); break; case iaField::IMAGE: $entry['length'] = 1; $entry['image_height'] = (int) iaUtil::checkPostParam('image_height'); $entry['image_width'] = (int) iaUtil::checkPostParam('image_width'); $entry['thumb_height'] = (int) iaUtil::checkPostParam('thumb_height'); $entry['thumb_width'] = (int) iaUtil::checkPostParam('thumb_width'); $entry['file_prefix'] = iaUtil::checkPostParam('file_prefix'); $entry['resize_mode'] = iaUtil::checkPostParam('resize_mode'); break; case iaField::NUMBER: $entry['length'] = (int) iaUtil::checkPostParam('number_length', 8); $entry['default'] = iaUtil::checkPostParam('number_default'); break; case iaField::PICTURES: $entry['length'] = (int) iaUtil::checkPostParam('pic_max_images', 5); $entry['file_prefix'] = iaUtil::checkPostParam('pic_file_prefix'); $entry['image_height'] = (int) iaUtil::checkPostParam('pic_image_height'); $entry['image_width'] = (int) iaUtil::checkPostParam('pic_image_width'); $entry['thumb_height'] = (int) iaUtil::checkPostParam('pic_thumb_height'); $entry['thumb_width'] = (int) iaUtil::checkPostParam('pic_thumb_width'); $entry['resize_mode'] = iaUtil::checkPostParam('pic_resize_mode'); break; case iaField::TREE: $parsedTree = $this->_parseTreeNodes(iaUtil::checkPostParam('nodes')); $entry['values'] = $parsedTree[0]; $entry['tree_nodes'] = $parsedTree[1]; $entry['timepicker'] = (int) iaUtil::checkPostParam('multiple'); } unset($entry['text_length'], $entry['text_default'], $entry['nodes'], $entry['multiple']); } if (!$entry['adminonly'] && empty($entry['pages']) && 'transactions' != $entry['item']) { $this->addMessage('mark_at_least_one_page'); } $entry['required'] = (int) iaUtil::checkPostParam('required'); if ($entry['required']) { $entry['required_checks'] = iaUtil::checkPostParam('required_checks'); } $entry['extra_actions'] = iaUtil::checkPostParam('extra_actions'); if ($entry['searchable']) { if (isset($data['show_as']) && $entry['type'] != iaField::NUMBER && in_array($data['show_as'], array(iaField::COMBO, iaField::RADIO, iaField::CHECKBOX))) { $entry['show_as'] = $data['show_as']; } elseif ($entry['type'] == iaField::NUMBER && !empty($data['_values'])) { $entry['sort_order'] = 'asc' == $data['sort_order'] ? $data['sort_order'] : 'desc'; $entry['_numberRangeForSearch'] = $data['_values']; } } $this->_iaCore->startHook('phpAdminFieldsEdit', array('field' => &$entry)); return !$this->getMessages(); }
protected function _preSaveEntry(array &$entry, array $data, $action) { $this->_iaCore->startHook('adminAddBlockValidation'); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); // validate block name if (iaCore::ACTION_ADD == $action) { if (empty($data['name'])) { $entry['name'] = 'block_' . mt_rand(1000, 9999); } else { $entry['name'] = strtolower(iaSanitize::paranoid($data['name'])); if (!iaValidate::isAlphaNumericValid($entry['name'])) { $this->addMessage('error_block_name'); } elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) { $this->addMessage('error_block_name_duplicate'); } } } $entry['classname'] = $data['classname']; $entry['position'] = $data['position']; $entry['type'] = $data['type']; $entry['status'] = isset($data['status']) ? in_array($data['status'], array(iaCore::STATUS_ACTIVE, iaCore::STATUS_INACTIVE)) ? $data['status'] : iaCore::STATUS_ACTIVE : iaCore::STATUS_ACTIVE; $entry['header'] = (int) $data['header']; $entry['collapsible'] = (int) $data['collapsible']; $entry['collapsed'] = (int) $data['collapsed']; $entry['multilingual'] = (int) $data['multilingual']; $entry['sticky'] = (int) $data['sticky']; $entry['external'] = (int) $data['external']; $entry['filename'] = $data['filename']; $entry['pages'] = isset($data['pages']) ? $data['pages'] : array(); $entry['title'] = $data['title']; $entry['contents'] = $data['content']; if ($entry['multilingual']) { if (empty($entry['title'])) { $this->addMessage('title_is_empty'); } elseif (!utf8_is_valid($entry['title'])) { $entry['title'] = utf8_bad_replace($entry['title']); } if (empty($entry['contents']) && !$entry['external']) { $this->addMessage('error_contents'); } elseif (empty($entry['filename']) && $entry['external']) { $this->addMessage('error_filename'); } if (iaBlock::TYPE_HTML != $entry['type']) { if (!utf8_is_valid($entry['contents'])) { $entry['contents'] = utf8_bad_replace($entry['contents']); } } } else { $this->_multilingualContent = $data['content']; if (isset($data['languages']) && $data['languages']) { $entry['languages'] = $data['languages']; $entry['titles'] = $data['titles']; $entry['contents'] = $data['contents']; foreach ($entry['languages'] as $langCode) { if (isset($entry['titles'][$langCode])) { if (empty($entry['titles'][$langCode])) { $this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $this->_iaCore->languages[$langCode]['title'])), false); } elseif (!utf8_is_valid($entry['titles'][$langCode])) { $entry['titles'][$langCode] = utf8_bad_replace($entry['titles'][$langCode]); } } if (isset($entry['contents'][$langCode])) { if (empty($entry['contents'][$langCode])) { $this->addMessage(iaLanguage::getf('error_lang_contents', array('lang' => $this->_iaCore->languages[$langCode]['title'])), false); } if (iaBlock::TYPE_HTML != $entry['type']) { if (!utf8_is_valid($entry['contents'][$langCode])) { $entry['contents'][$langCode] = utf8_bad_replace($entry['contents'][$langCode]); } } } } } else { $this->addMessage('block_languages_empty'); } } $this->_iaCore->startHook('phpAdminBlocksEdit', array('block' => &$entry)); return !$this->getMessages(); }
protected function _assignItem($memberData) { if ($salt = $this->_getSalt()) { foreach ($salt['items'] as $item) { $values = array('salt' => '', 'member_id' => $memberData['id']); $this->iaDb->update($values, iaDb::convertIds($salt['salt'], 'salt'), null, iaSanitize::paranoid($item)); } } setcookie('salt', '', time() - 3600, '/'); }
* (at your option) any later version. * * Subrion is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Subrion. If not, see <http://www.gnu.org/licenses/>. * * * @link http://www.subrion.org/ * ******************************************************************************/ if (iaView::REQUEST_HTML == $iaView->getRequestType()) { $transactionId = isset($iaCore->requestPath[0]) ? iaSanitize::paranoid($iaCore->requestPath[0]) : 0; $action = isset($iaCore->requestPath[1]) ? iaSanitize::sql($iaCore->requestPath[1]) : null; if (empty($transactionId)) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $iaTransaction = $iaCore->factory('transaction'); $iaPage = $iaCore->factory('page', iaCore::FRONT); $transaction = $iaTransaction->getBy('sec_key', $transactionId); if (empty($transaction)) { return iaView::errorPage(iaView::ERROR_NOT_FOUND, iaLanguage::get('no_transaction')); } // delete transaction if (isset($_GET['delete'])) { $iaTransaction->delete($transaction['id']); $iaView->setMessages(iaLanguage::get('invoice_deleted'), iaView::SUCCESS); iaUtil::go_to($iaPage->getUrlByName('member_funds'));
* GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Subrion. If not, see <http://www.gnu.org/licenses/>. * * * @link http://www.subrion.org/ * ******************************************************************************/ if (iaView::REQUEST_JSON == $iaView->getRequestType()) { if (empty($_POST) && 2 == count($iaCore->requestPath)) { $iaItem = $iaCore->factory('item'); $iaPage = $iaCore->factory('page', iaCore::FRONT); $iaUtil = $iaCore->factory('util'); $item = iaSanitize::paranoid($iaCore->requestPath[0]); $itemId = iaSanitize::paranoid($iaCore->requestPath[1]); $itemTable = $iaItem->getItemTable($item); $itemData = $iaDb->row(iaDb::ALL_COLUMNS_SELECTION, iaDb::convertIds($itemId), $itemTable); $blockData = array('formUrl' => $iaPage->getUrlByName('claim_listing') . 'process.json', 'options' => array('email' => $iaCore->get('cl_enable_email_approval') && isset($itemData['email']), 'ftp' => $iaCore->get('cl_enable_ftp_approval') && !empty($itemData['url'])), 'id' => $itemId, 'item' => $item); if ($blockData['options']['email']) { $blockData['email'] = $itemData['email']; } if ($blockData['options']['ftp']) { // extra processing because of Subrion CMS URL fields saving specific $url = explode('|', $itemData['url']); $url = array_shift($url); $url = rtrim($url, IA_URL_DELIMITER) . IA_URL_DELIMITER; $blockData['url'] = $url; $blockData['filename'] = iaUtil::generateToken(30) . '.html'; } $iaView->loadSmarty(true);