/**
* Class constructor
*
* @access public
*/
public function __construct()
{
$this->_url = 'cache/';
$this->_post = VPost::all(false);
$this->_get = VGet::all(false);
$this->build_url();
$this->exist();
}
/**
* Check if post data are correct
*
* @access private
*/
private function check_data()
{
$this->_data = VPost::all();
if (!isset($this->_data['name']) || !isset($this->_data['content']) || !isset($this->_data['email']) || !isset($this->_data['id']) || !isset($this->_data['type'])) {
$this->_return_msg = array('message' => 'Data missing!');
return false;
}
return true;
}
public function __construct()
{
$this->_display_html = false;
if (VGet::loggedout()) {
$this->_msg = ActionMessages::custom_good('You\'ve been logged out');
}
try {
$this->_session = new Session();
if (VPost::login(false)) {
$this->_session->login();
}
} catch (Exception $e) {
$this->_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
/**
* Retrieve the template list from lynxpress.org
*
* @access private
*/
private function get_templates()
{
try {
$url = 'http://lynxpress.org/admin/index.php?ns=rpc&action=get_templates';
if (VPost::search_button(false) && VPost::search(false)) {
$url .= '&search=' . VPost::search();
} else {
$url .= '&limit=10';
}
$curl = new Curl($url);
$this->_templates = json_decode($curl->_content, true);
if (isset($this->_templates['message'])) {
throw new Exception($this->_templates['message']);
}
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
$this->_templates = array();
}
}
/**
* Log in the user if credentials are correct
*
* @access public
*/
public function login()
{
$to_read['table'] = 'user';
$to_read['columns'] = array('USER_ID', 'user_username', 'user_password');
$to_read['condition_columns'][':name'] = 'user_username';
$to_read['condition_types'][':name'] = 'AND';
$to_read['condition_select_types'][':name'] = '=';
$to_read['condition_values'][':name'] = VPost::login();
$to_read['value_types'][':name'] = 'str';
$user = $this->_db->read($to_read);
if ($user === false || empty($user)) {
throw new Exception('Invalid Username');
} else {
if ($user[0]['user_username'] == VPost::login() && $user[0]['user_password'] == Helper::make_password(VPost::login(), VPost::password())) {
$_SESSION['username'] = $user[0]['user_username'];
$_SESSION['user_id'] = $user[0]['USER_ID'];
header('Location: index.php');
} else {
throw new Exception('Invalid Password');
}
}
}
/**
* Delete a plugin
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && VPost::plg_id() && $this->_user['delete_content']) {
try {
$plg = new Setting(VPost::plg_id());
$plg->_data = json_decode($plg->_data, true);
foreach ($plg->_data['admin'] as $file) {
File::delete('includes/' . $plg->_data['namespace'] . '/' . $file);
}
foreach ($plg->_data['site'] as $file) {
File::delete(PATH . 'includes/' . $file);
}
foreach ($plg->_data['library'] as $file) {
File::delete('library/' . $plg->_data['namespace'] . '/' . $file);
}
foreach ($plg->_data['uninstall'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
File::delete(PATH . 'css/' . $plg->_data['namespace'] . '.css', false);
$plg->delete();
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (VPost::delete(false) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Delete selected posts
*
* @access private
*/
private function delete()
{
if ((VRequest::action() == 'delete' && VRequest::id() || VPost::delete(false) || VPost::empty_trash(false)) && $this->_user['delete_content']) {
try {
$post = new Post();
if (VGet::action() == 'delete' && VGet::id()) {
$post->_id = VGet::id();
$post->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "post"');
$result = $post->_result_action;
} elseif (VPost::delete(false)) {
foreach (VPost::post_id() as $id) {
$post->_id = $id;
$post->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "post"');
}
$result = $post->_result_action;
} elseif (VPost::empty_trash(false)) {
$to_read['table'] = 'post';
$to_read['columns'] = array('POST_ID');
$to_read['condition_columns'][':s'] = 'post_status';
$to_read['condition_select_types'][':s'] = '=';
$to_read['condition_values'][':s'] = 'trash';
$to_read['value_types'][':s'] = 'str';
$posts = $this->_db->read($to_read);
foreach ($posts as $post) {
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $post['POST_ID'] . ' AND comment_rel_type = "post"');
}
$to_delete['table'] = 'post';
$to_delete['condition_columns'][':status'] = 'post_status';
$to_delete['condition_values'][':status'] = 'trash';
$to_delete['value_types'][':status'] = 'str';
$result = $this->_db->delete($to_delete);
}
Session::monitor_activity('deleted post(s)');
$this->_action_msg = ActionMessages::deleted($result);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif ((VRequest::action() == 'delete' && VRequest::id() || VPost::delete(false) || VPost::empty_trash(false)) && $this->_user['delete_content'] === false) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Delete all registered activity
*
* @access private
*/
private function delete()
{
if (VPost::reset(false) && $this->_user['delete_content']) {
try {
$this->_db->query('TRUNCATE TABLE ' . DB_PREFIX . 'activity');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (VPost::reset(false) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Update user data
*
* @access private
*/
private function update()
{
if ($this->check_post_data()) {
try {
$this->_profile->update('_firstname', 'str');
$this->_profile->update('_lastname', 'str');
$this->_profile->update('_nickname', 'str');
$this->_profile->update('_publicname', 'str');
$this->_profile->update('_email', 'str');
$this->_profile->update('_website', 'str');
$this->_profile->update('_msn', 'str');
$this->_profile->update('_twitter', 'str');
$this->_profile->update('_facebook', 'str');
$this->_profile->update('_google', 'str');
$this->_profile->update('_avatar', 'int');
$this->_profile->update('_bio', 'str');
if (VPost::role(false)) {
$this->_profile->update('_role', 'str');
}
$pwd = $this->_profile->_password;
if (!empty($pwd)) {
$this->_profile->update('_password', 'str');
}
$this->build_avatar();
$this->_action_msg = ActionMessages::profile_update(true);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::profile_update(ucfirst($e->getMessage()));
}
}
}
/**
* Update lynxpress
*
* @access private
*/
private function update()
{
if (VPost::update()) {
try {
if (Helper::check_update() === false) {
throw new Exception('No update available!');
}
//make a backup of the database first, with an email sent to webmaster with the whole dump
$bk = new Backup();
$bk->save('backup/dump-' . date('Y-m-d-H:i:s') . '.sql');
$html = new File();
$html->_content = '<!--The Lynx is not here!-->';
$html->save('backup/index.html');
$mail = new Mail(WS_EMAIL, 'Databse dump made before update at ' . date('Y-m-d H:i:s'), $bk->_sql);
$mail->send();
//end backup
//retrieve json manifest from the server
$manifest = new Curl('http://update.lynxpress.org/manifest.json');
$manifest = json_decode($manifest->_content, true);
//retrieve zip with all files inside
$curl_zip = new Curl('http://versions.lynxpress.org/Lynxpress-' . $manifest['version'] . '.zip');
if ($curl_zip->_content == '<!--The Lynx is not here!-->') {
throw new Exception('Can\'t retrieve lynxpress archive');
}
$zip = new File();
$zip->_content = $curl_zip->_content;
$zip->save('tmp/update.zip');
unset($zip);
unset($curl_zip);
File::unzip('tmp/update.zip', 'tmp/update/');
File::delete('tmp/update.zip');
//check if all files are readable
foreach ($manifest['src'] as $src) {
File::read('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src);
}
//replace all files registered in the manifest
foreach ($manifest['src'] as $key => $src) {
File::read('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src)->save($manifest['dest'][$key]);
File::delete('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src);
}
//execute special queries
foreach ($manifest['queries'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
//remove files
foreach ($manifest['remove'] as $file) {
File::delete($file, false);
}
$config = File::read(PATH . 'config.php');
$config->_content = str_replace('(\'WS_VERSION\', \'' . WS_VERSION . '\')', '(\'WS_VERSION\', \'' . $manifest['version'] . '\')', $config->_content);
$config->save();
unset($config);
$config = File::read(PATH . 'config.sample.php');
$config->_content = str_replace('(\'WS_VERSION\', \'' . WS_VERSION . '\')', '(\'WS_VERSION\', \'' . $manifest['version'] . '\')', $config->_content);
$config->save();
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::ws_update($result);
}
}
/**
* Delete medias from database and on hard drive
*
* @access private
*/
private function delete()
{
if ($this->_user['delete_content'] && VPost::delete(false) && VPost::media_id()) {
$results = array();
$global_result = true;
foreach (VPost::media_id() as $id) {
try {
$media = new Media();
$media->_id = $id;
$media->read('_permalink');
$path = $media->_permalink;
$media->delete();
unset($media);
HandleMedia::delete(PATH . $path);
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "media"');
if (VPost::type() == 'alien') {
$to_update['table'] = 'media';
$to_update['columns'] = array(':attach' => 'media_attachment');
$to_update['condition_columns'] = array(':ca' => 'media_attachment');
$to_update['column_values'] = array(':attach' => null, ':ca' => $id);
$to_update['value_types'] = array(':attach' => 'null', ':ca' => 'int');
$this->_db->update($to_update);
}
array_push($results, true);
} catch (Exception $e) {
array_push($results, false);
}
}
foreach ($results as $result) {
if ($result !== true) {
$global_result = false;
}
}
Session::monitor_activity('deleted ' . count(VPost::media_id()) . ' file(s)');
$this->_action_msg = ActionMessages::deleted($global_result);
} elseif ($this->_user['delete_content'] && VGet::action() == 'delete' && VGet::id()) {
try {
$media = new Media();
$media->_id = VGet::id();
$media->read('_permalink');
$path = $media->_permalink;
$media->delete();
unset($media);
HandleMedia::delete(PATH . $path);
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "media"');
if (VGet::type() == 'alien') {
$to_update['table'] = 'media';
$to_update['columns'] = array(':attach' => 'media_attachment');
$to_update['condition_columns'] = array(':ca' => 'media_attachment');
$to_update['column_values'] = array(':attach' => null, ':ca' => VGet::id());
$to_update['value_types'] = array(':attach' => 'null', ':ca' => 'int');
$this->_db->update($to_update);
}
Session::monitor_activity('deleted a file');
$result = true;
} catch (Exception $e) {
error_log($e->getMessage(), 0);
$result = false;
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (!$this->_user['delete_content'] && (VPost::delete(false) || VGet::action() == 'delete')) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Send mail to webmaster
*
* @access private
*/
private function send()
{
if (VPost::submit(false)) {
if (!VPost::c_email() || !VPost::c_object() || !VPost::c_content()) {
$this->_result = false;
} elseif (!preg_match("/^([a-zA-Z0-9])+([a-zA-Z0-9\\._-])*@([a-zA-Z0-9_-])+([a-zA-Z0-9\\._-]+)+\$/", VPost::c_email())) {
$this->_result = 'false email';
} else {
$mail = new Mail(VPost::recaiver(), VPost::c_object(), VPost::c_content(), VPost::c_email());
$mail->send();
$this->_result = true;
}
}
}
/**
* Delete files on hard drive and metadata in database
*
* @access private
*/
private function delete()
{
if (VPost::apply_action(false) && VPost::action() == 'delete' && $this->_user['delete_content']) {
if (VPost::album_id()) {
try {
foreach (VPost::album_id() as $id) {
$album = new Media();
$album->_id = $id;
$album->read('_permalink');
$to_read['table'] = 'media';
$to_read['columns'] = array('MEDIA_ID');
$to_read['condition_columns'][':id'] = 'media_album';
$to_read['condition_select_types'][':id'] = '=';
$to_read['condition_values'][':id'] = $id;
$to_read['value_types'][':id'] = 'int';
$ids = $this->_db->read($to_read);
if (!empty($ids)) {
foreach ($ids as $pid) {
$pic = new Media();
$pic->_id = $pid['MEDIA_ID'];
$pic->read('_permalink');
$permalink = $pic->_permalink;
HandleMedia::delete(PATH . $permalink);
$pic->delete();
}
}
$permalink = $album->_permalink;
HandleMedia::delete(PATH . $permalink . 'cover.png');
@rmdir(PATH . $permalink);
$album->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "media"');
}
Session::monitor_activity('deleted ' . count(VPost::album_id()) . ' album(s)');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
}
} elseif (VGet::action() == 'delete' && VGet::id() && $this->_user['delete_content']) {
try {
$pic = new Media();
$pic->_id = VGet::id();
$pic->read('_permalink');
$permalink = $pic->_permalink;
HandleMedia::delete(PATH . $permalink);
$pic->delete();
$this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "media"');
Session::monitor_activity('deleted a picture of an album');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif (VPost::delete_pics(false)) {
if (VPost::picture_id()) {
try {
foreach (VPost::picture_id() as $id) {
$pic = new Media();
$pic->_id = $id;
$pic->read('_permalink');
$permalink = $pic->_permalink;
HandleMedia::delete(PATH . $permalink);
$pic->delete();
}
Session::monitor_activity('deleted ' . count(VPost::picture_id(array())) . ' picture(s) of an album');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
}
} elseif ((VPost::apply_action(false) && VPost::action() == 'delete' || VGet::action() == 'delete' || VPost::delete_pics(false)) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Add a new Plugin
*
* @access private
*/
private function create()
{
if (VPost::upload(false)) {
try {
$plg = VFiles::plg();
if ($plg['error'] != 0) {
throw new Exception('No file uploaded');
}
$tmp = 'tmp/plg_' . md5_file($plg['tmp_name']) . '/';
File::unzip($plg['tmp_name'], $tmp);
$json = File::read($tmp . 'manifest.json');
$conf = json_decode($json->_content, true);
//check if manifest is complete
if (!isset($conf['name']) || !isset($conf['namespace']) || !isset($conf['entry_point']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['admin']) || !isset($conf['site']) || !isset($conf['library']) || !isset($conf['queries']) || !isset($conf['uninstall'])) {
throw new Exception('Invalid manifest!');
}
if (is_dir('includes/' . $conf['namespace']) || is_dir('library/' . $conf['namespace'])) {
throw new Exception('The namespace "' . $conf['namespace'] . '" is already taken');
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['admin'] as $file) {
File::read($tmp . 'admin/' . $file);
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['site'] as $file) {
if (file_exists(PATH . 'includes/' . $file)) {
throw new Exception('The file "' . $file . '" already exists in site directory');
}
File::read($tmp . 'site/' . $file);
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['library'] as $file) {
File::read($tmp . 'library/' . $file);
}
foreach ($conf['admin'] as $file) {
File::move($tmp . 'admin/' . $file, 'includes/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . 'admin/' . $file);
}
foreach ($conf['site'] as $file) {
File::move($tmp . 'site/' . $file, PATH . 'includes/' . $file);
File::delete($tmp . 'site/' . $file);
}
foreach ($conf['library'] as $file) {
File::move($tmp . 'library/' . $file, 'library/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . 'library/' . $file);
}
if (isset($conf['css'])) {
foreach ($conf['css'] as $file) {
File::move($tmp . 'css/' . $file, PATH . 'css/' . $conf['namespace'] . '.css');
File::delete($tmp . 'css/' . $file);
}
}
foreach ($conf['queries'] as $query) {
$this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
}
File::delete($tmp . 'manifest.json');
$setting = new Setting();
$setting->_name = $conf['name'];
$setting->_type = 'plugin';
$setting->_data = json_encode($conf);
$setting->create();
header('Location: index.php?ns=plugins&ctl=manage');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Upload and move into place a new template
*
* @access private
*/
private function create()
{
if (VPost::upload(false)) {
try {
$tpl = VFiles::tpl();
if ($tpl['error'] != 0) {
throw new Exception('No file uploaded');
}
$tmp = 'tmp/tpl_' . md5_file($tpl['tmp_name']) . '/';
File::unzip($tpl['tmp_name'], $tmp);
$json = File::read($tmp . 'manifest.json');
$conf = json_decode($json->_content, true);
//check if the manifest is complete
if (!isset($conf['name']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['namespace']) || !isset($conf['files'])) {
throw new Exception('Invalid manifest!');
}
if (is_dir(PATH . 'includes/templates/' . $conf['namespace'] . '/')) {
throw new Exception('Template already exist');
}
//if one of files doesn't exists, an exception will be raised
foreach ($conf['files'] as $file) {
File::read($tmp . $file);
}
foreach ($conf['files'] as $file) {
File::move($tmp . $file, PATH . 'includes/templates/' . $conf['namespace'] . '/' . $file);
File::delete($tmp . $file);
}
File::delete($tmp . 'manifest.json');
$setting = new Setting();
$setting->_name = $conf['name'];
$setting->_type = 'template';
$setting->_data = json_encode($conf);
$setting->create();
header('Location: index.php?ns=templates&ctl=manage');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Set data from the form into the object
*
* If errors detected in the object it's returned into an array
*
* @access private
* @return boolean
*/
private function check_post_data()
{
$results = array();
$errors = array();
array_push($results, $this->_post->__set('_title', VPost::title()));
array_push($results, $this->_post->__set('_content', VPost::content()));
array_push($results, $this->_post->__set('_allow_comment', VPost::allow_comment('closed')));
if (VPost::publish(false)) {
array_push($results, $this->_post->__set('_status', 'publish'));
} else {
array_push($results, $this->_post->__set('_status', 'draft'));
}
array_push($results, $this->_post->__set('_category', implode(',', VPost::categories(array()))));
//insertion of an empty aarray to return error message defined in the object
array_push($results, $this->_post->__set('_tags', VPost::tags('divers')));
if ($this->_action == 'to_insert') {
array_push($results, $this->_post->__set('_permalink', Helper::slug($this->_post->__get('_title'))));
}
//we should make it in create method, but we need to handle the error
foreach ($results as $result) {
if ($result !== true) {
array_push($errors, '<li>- ' . $result . '</li>');
}
}
if (!empty($errors)) {
$error_msg = 'Check your informations:<br/><ul>' . implode('', $errors) . '</ul>';
$this->_action_msg = ActionMessages::custom_wrong($error_msg);
return false;
} else {
return true;
}
}
/**
* Delete a template
*
* Current and main template will raise an error
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && VPost::tpl_id() && $this->_user['delete_content']) {
try {
$tpl = new Setting(VPost::tpl_id());
$tpl->_data = json_decode($tpl->_data, true);
if ($tpl->_data['namespace'] == $this->_setting->_data) {
throw new Exception('Template currently used, action aborted');
}
if ($tpl->_data['namespace'] == 'main' || $tpl->_data['namespace'] == 'bobcat') {
throw new Exception('Default template can\'t be deleted, action aborted');
}
foreach ($tpl->_data['files'] as $file) {
File::delete(PATH . 'includes/templates/' . $tpl->_data['namespace'] . '/' . $file);
}
$tpl->delete();
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::template_deleted($result);
} elseif (VPost::delete(false) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Delete links
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && VPost::link_id() && $this->_user['delete_content']) {
try {
foreach (VPost::link_id() as $id) {
$link = new Link();
$link->_id = $id;
$link->delete();
$this->_action_msg = ActionMessages::deleted($link->_result_action);
}
Session::monitor_activity('deleted ' . count(VPost::link_id()) . ' link(s)');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif (VGet::action() == 'delete' && VGet::id() && $this->_user['delete_content']) {
try {
$link = new Link();
$link->_id = Vget::id();
$link->delete();
Session::monitor_activity('deleted a link');
$this->_action_msg = ActionMessages::deleted($link->_result_action);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif ((VPost::delete(false) || VGet::action() == 'delete') && $this->_user['delete_content'] === false) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Create a comment on a distant website
*
* @access private
*/
private function create()
{
if (VPost::submit(false) && VPost::content(false)) {
try {
$user = new User();
$user->_id = $this->_user['user_id'];
$user->read('_publicname');
$user->read('_email');
$data = array('name' => $user->_publicname, 'email' => $user->_email, 'content' => VPost::content(), 'id' => $this->_content['post']['POST_ID'], 'type' => 'post');
$url = $this->_prefs->_data['timeline'][$this->_key]['url'] . 'admin/index.php?ns=rpc&ctl=comment';
$curl = new Curl();
$curl->_post = true;
$curl->_data = $data;
$curl->_url = $url;
$curl->connect();
$msg = json_decode($curl->_content, true);
if ($msg['message'] !== true) {
throw new Exception('Error on distant website! ' . $this->_prefs->_data['timeline'][$this->_key]['title'] . ' says "' . $msg['message'] . '"');
}
$this->_action_msg = ActionMessages::custom_good('Comment submitted');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Create new comment
*
* @access private
*/
private function create()
{
if ($this->check_data()) {
try {
$this->_comment->_name = VPost::respond_name();
$this->_comment->_email = VPost::respond_email();
$this->_comment->_content = VPost::respond_content();
$this->_comment->_rel_id = $this->_id;
$this->_comment->_rel_type = $this->_sql_table;
$this->_comment->_status = 'pending';
$this->_comment->create();
$this->_submitted = true;
$_SESSION['visitor_name'] = $this->_comment->_name;
$_SESSION['visitor_email'] = $this->_comment->_email;
} catch (Exception $e) {
$this->_submitted = false;
}
}
}
/**
* Move uploaded files to the right place and insert metadata in the database
*
* @access private
*/
private function create()
{
if (VPost::upload(false)) {
try {
$path = 'content/' . date('Y/m/');
$img = new HandleMedia();
$img->load_upload('file');
$name = Helper::remove_accent($img->_name);
$mime = $img->_mime;
if (file_exists(PATH . $path . $name)) {
throw new Exception('The file "' . $name . '" already exists');
}
$img->save(PATH . $path . $name);
if (substr($mime, 0, 5) == 'image') {
$img->thumb(150, 0);
$img->thumb(300, 0);
$img->thumb(1000, 0);
$this->_media->_status = 'draft';
} elseif (substr($mime, 0, 5) == 'video') {
$this->_media->_status = 'publish';
}
$this->_media->_name = $name;
$this->_media->_type = $mime;
$this->_media->_author = $this->_user['user_id'];
$this->_media->_allow_comment = 'closed';
$this->_media->_permalink = $path . $name;
$this->_media->_album = 0;
$this->_media->create();
Session::monitor_activity('has uploaded a file named: ' . $this->_media->_name);
if (substr($mime, 0, 5) == 'video') {
header('Location: index.php?ns=media&ctl=manage&type=video');
} else {
header('Location: index.php?ns=media&ctl=manage');
}
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
} elseif (VPost::create_album(false) && $this->_user['album_photo']) {
if (!VPost::name()) {
$this->_action_msg = ActionMessages::custom_wrong('Album name missing');
} else {
try {
$name = VPost::name();
$path = 'content/albums/' . Helper::slug($name) . '/';
if (file_exists(PATH . $path)) {
throw new Exception('The album "' . $name . '" already exists');
}
$this->_media->_name = $name;
$this->_media->_type = 'album';
$this->_media->_author = $this->_user['user_id'];
$this->_media->_status = 'draft';
$this->_media->_permalink = $path;
$this->_media->_description = stripslashes(VPost::description());
$this->_media->_category = implode(',', VPost::cat(array()));
$this->_media->_allow_comment = VPost::allow_comment('closed');
$this->_media->_album = 0;
$img = new HandleMedia();
$img->load_upload('cover');
$img->save(PATH . $path . 'cover.png');
$img->thumb(150, 0);
$img->thumb(300, 0);
$img->thumb(1000, 0);
$this->_media->create();
Session::monitor_activity('created an album named: ' . $this->_media->_name);
header('Location: index.php?ns=media&ctl=albums&action=edit&id=' . $this->_media->_id);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
} elseif (VPost::link_alien(false)) {
if (!VPost::name() || !VPost::embed_code()) {
$this->_action_msg = ActionMessages::custom_wrong('There\'s missing informations');
} else {
try {
$this->_media->_name = VPost::name();
$this->_media->_type = 'alien';
$this->_media->_author = $this->_user['user_id'];
$this->_media->_status = 'draft';
$this->_media->_allow_comment = 'closed';
$this->_media->_permalink = Helper::slug(VPost::name());
$this->_media->_embed_code = VPost::embed_code();
$this->_media->_album = 0;
$this->_media->create();
Session::monitor_activity('linked a new video named: ' . $this->_media->_name);
header('Location: index.php?ns=media&ctl=manage&type=video');
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
} elseif (VPost::register_video(false)) {
try {
if (!file_exists(PATH . VPost::url())) {
throw new Exception('Video not found');
}
if (!VPost::mime()) {
throw new Exception('Video mime type missing');
}
$this->_media->_name = VPost::name();
$this->_media->_type = VPost::mime();
$this->_media->_author = $this->_user['user_id'];
$this->_media->_status = 'publish';
$this->_media->_allow_comment = 'closed';
$this->_media->_permalink = VPost::url();
$this->_media->_album = 0;
$this->_media->create();
Session::monitor_activity('registered a new video named: ' . $this->_media->_name);
header('Location: index.php?ns=media&ctl=manage&action=edit&type=video&id=' . $this->_media->_id);
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Method that permits to delete one or more comments at a time
*
* @access private
*/
private function delete()
{
if ((isset($_POST['empty']) || VRequest::action() == 'delete') && $this->_user['delete_content']) {
if (isset($_POST['empty']) && VPost::comment_status() && in_array(VPost::comment_status(), array('spam', 'trash'))) {
$to_delete['table'] = 'comment';
$to_delete['condition_columns'][':status'] = 'comment_status';
$to_delete['condition_values'][':status'] = VPost::comment_status();
$to_delete['value_types'][':status'] = 'str';
$global_result = $this->_db->delete($to_delete);
} elseif (VPost::action() == 'delete' && VPost::comment_id()) {
$results = array();
$global_result = true;
foreach (VPost::comment_id() as $id) {
try {
$comment = new Comment();
$comment->_id = $id;
$comment->delete();
unset($comment);
array_push($results, true);
} catch (Exception $e) {
array_push($results, false);
}
}
foreach ($results as $result) {
if ($result !== true) {
$global_result = false;
}
}
} elseif (VGet::action() == 'delete' && VGet::comment_id()) {
try {
$comment = new Comment();
$comment->_id = VGet::comment_id();
$comment->delete();
$global_result = true;
} catch (Exception $e) {
$global_result = false;
}
}
if (isset($global_result)) {
$this->_action_msg = ActionMessages::deleted($global_result);
}
} elseif ((isset($POST['empty']) || VRequest::action() == 'delete') && $this->_user['delete_content'] === false) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Update setting
*
* @access private
*/
private function update()
{
if (VPost::update_setting(false)) {
try {
$array = VPost::settings(array('media' => false));
$settings = array('media' => false);
foreach ($settings as $key => &$value) {
if (in_array($key, $array)) {
$value = true;
}
}
$this->_setting->_data = json_encode($settings);
$this->_setting->update('_data', 'str');
$this->_setting->_data = json_decode($this->_setting->_data, true);
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::updated($result);
}
}
/**
* Display plugins action in library
*
* @static
* @access public
*/
public static function lib_actions()
{
echo '<div id="lib_plg_act">' . '<h3>This is the list of plugins registered on lynxpress.org</h3>' . '<input id="search_input" class="input" type="text" name="search" value="' . VPost::search() . '" placeholder="Search" />' . '<input class="button" type="submit" name="search_button" value="Search Plugins" />' . '</div>';
}
/**
* Method to insert form data in the object
*
* and loads error messages if data doesn't fit
*
* @access private
* @return boolean
*/
private function check_post_data()
{
$results = array();
$errors = array();
array_push($results, $this->_link->__set('_name', VPost::name()));
array_push($results, $this->_link->__set('_link', VPost::url()));
array_push($results, $this->_link->__set('_rss_link', VPost::rss()));
array_push($results, $this->_link->__set('_notes', VPost::notes()));
array_push($results, $this->_link->__set('_priority', VPost::lvl()));
foreach ($results as $result) {
if ($result !== true) {
array_push($errors, '<li>- ' . $result . '</li>');
}
}
if (!empty($errors)) {
$error_msg = 'Check your informations:<br/><ul>' . implode('', $errors) . '</ul>';
$this->_action_msg = ActionMessages::custom_wrong($error_msg);
return false;
} else {
return true;
}
}
/**
* Install database with config.php already created
*
* @access private
*/
private function install_woc()
{
require_once 'config.php';
$this->_db_host = DB_HOST;
$this->_db_name = DB_NAME;
$this->_db_user = DB_USER;
$this->_db_pwd = DB_PWD;
$this->_db_prefix = DB_PREFIX;
$this->_ws_url = WS_URL;
$this->_ws_name = WS_NAME;
$this->_ws_email = WS_EMAIL;
$this->_username = VPost::username();
$this->_password = VPost::password();
try {
//try to connect to database, if not exception raisen and we create it
$this->_db = new PDO('mysql:dbname=' . $this->_db_name . ';host=' . $this->_db_host . ';', $this->_db_user, $this->_db_pwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
//create tables
$this->create_activity();
$this->create_category();
$this->create_comment();
$this->create_link();
$this->create_media();
$this->create_post();
$this->create_setting();
$this->create_user();
$this->_result = 'successful';
} catch (Exception $e) {
if ($e->getMessage() == 'SQLSTATE[42000] [1049] Unknown database \'' . $this->_db_name . '\'') {
try {
$this->_db = new PDO('mysql:host=' . $this->_db_host . ';', $this->_db_user, $this->_db_pwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
$this->create_database();
$this->_db = new PDO('mysql:dbname=' . $this->_db_name . ';host=' . $this->_db_host . ';', $this->_db_user, $this->_db_pwd, array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8'));
$this->create_activity();
$this->create_category();
$this->create_comment();
$this->create_link();
$this->create_media();
$this->create_post();
$this->create_setting();
$this->create_user();
$this->_result = 'successful';
} catch (Exception $e) {
if ($e->getMessage() == 'false create') {
$this->_result = 'false create';
} else {
$this->_result = 'unknown';
}
}
} elseif ($e->getMessage() == 'false create') {
$this->_result = 'false create';
} else {
$this->_result = 'unknown';
}
}
}
/**
* Create a new user
*
* @access private
*/
private function create()
{
if ($this->check_post_data()) {
try {
$to_read['table'] = 'user';
$to_read['columns'] = array('USER_ID');
$to_read['condition_columns'][':u'] = 'user_username';
$to_read['condition_select_types'][':u'] = 'LIKE';
$to_read['condition_values'][':u'] = $this->_new_user->_username;
$to_read['value_types'][':u'] = 'str';
$user = $this->_db->read($to_read);
if (!empty($user)) {
throw new Exception('Username already used!');
}
$this->_new_user->create();
Session::monitor_activity('added a new member: ' . $this->_new_user->_username);
if ($this->_new_user->_result_action === true && VPost::send_pwd(false)) {
$to = $this->_new_user->_email;
$subject = 'Your password for ' . WS_NAME;
$message = 'This is your password: '******'Location: index.php?ns=users&ctl=manage');
} elseif ($this->_new_user->_result_action === true) {
header('Location: index.php?ns=users&ctl=manage');
}
} catch (Exception $e) {
$this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
}
}
}
/**
* Add a website to the timeline
*
* @access private
*/
private function create()
{
if (VPost::add(false)) {
try {
foreach ($this->_prefs->_data['timeline'] as $website) {
if ($website['url'] == VPost::url()) {
throw new Exception('Website already in your timeline with the name "' . $website['title'] . '"');
}
}
$curl = new Curl(VPost::url() . 'admin/index.php?ns=rpc&ctl=timeline&action=check');
if ($curl->_content != '{"lynxpress":"true"}') {
throw new Exception('Wished website is not running Lynxpress! Or not a compatible version!');
}
$data = $this->_prefs->_data;
$data['timeline'][] = array('title' => VPost::title(), 'url' => VPost::url());
$this->_prefs->_data = $data;
$this->_prefs->_data = json_encode($this->_prefs->_data);
$this->_prefs->update('_data', 'str');
$this->_prefs->_data = json_decode($this->_prefs->_data, true);
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::pref_updated($result);
}
}
/**
* Method that permits to delete one or more categories
*
* @access private
*/
private function delete()
{
if (VPost::delete(false) && $this->_user['delete_content']) {
if (VPost::category_id()) {
try {
foreach (VPost::category_id() as $id) {
$cat = new Category();
$cat->_id = $id;
$cat->read('_name');
$cat->read('_type');
$type = $cat->_type;
if ($this->check_usage($id, $type)) {
throw new Exception('Can\'t delete ' . $cat->_name . ' because it\'s used!');
}
$cat->delete();
$this->check_empty($type);
}
Session::monitor_activity('deleted ' . count(VPost::category_id()) . ' category(ies)');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
}
} elseif (VGet::action() == 'delete' && VGet::id()) {
try {
$cat = new Category();
$cat->_id = VGet::id();
$cat->read('_name');
$cat->read('_type');
$type = $cat->_type;
if ($this->check_usage(VGet::id(), $type)) {
throw new Exception('Can\'t delete ' . ucwords($cat->_name) . ' because it\'s used!');
}
$cat->delete();
$this->check_empty($type);
Session::monitor_activity('deleted a category');
$result = true;
} catch (Exception $e) {
$result = $e->getMessage();
}
$this->_action_msg = ActionMessages::deleted($result);
} elseif ((VPost::delete(false) || VGet::action() == 'delete' && VGet::id()) && !$this->_user['delete_content']) {
$this->_action_msg = ActionMessages::action_no_perm();
}
}
/**
* Update setting
*
* @access private
*/
private function update()
{
if (VPost::update_setting(false)) {
try {
$this->_setting->_data = json_encode(VPost::networks(array()));
$this->_setting->update('_data', 'str');
$this->_setting->_data = json_decode($this->_setting->_data, true);
$result = true;
} catch (Exception $e) {
$resut = $e->getMessage();
}
$this->_action_msg = ActionMessages::updated($result);
}
}
