static function getForm($id)
{
$id = sqlescape($id);
$form = sqlfetch(sqlquery("SELECT * FROM btx_form_builder_forms WHERE id = '{$id}'"));
if (!$form) {
return false;
}
$fields = array();
$object_count = 0;
$field_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE form = '{$id}' AND `column` = '0' ORDER BY position DESC, id ASC");
while ($field = sqlfetch($field_query)) {
$object_count++;
if ($field["type"] == "column") {
// Get left column
$column_fields = array();
$column_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE `column` = '" . $field["id"] . "' AND `alignment` = 'left' ORDER BY position DESC, id ASC");
while ($sub_field = sqlfetch($column_query)) {
$column_fields[] = $sub_field;
$object_count++;
}
$field["fields"] = $column_fields;
$fields[] = $field;
// Get right column
$column_fields = array();
$column_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE `column` = '" . $field["id"] . "' AND `alignment` = 'right' ORDER BY position DESC, id ASC");
while ($sub_field = sqlfetch($column_query)) {
$column_fields[] = $sub_field;
$object_count++;
}
$field["fields"] = $column_fields;
$fields[] = $field;
// Column start/end count as objects so we add 3 since there's two columns
$object_count += 3;
} else {
$fields[] = $field;
}
}
$form["fields"] = $fields;
$form["object_count"] = $object_count - 1;
// We start at 0
return $form;
}
protected static function syncData($query, $service, $data)
{
if (is_array($data->Results)) {
// If we have results, let's find out what categories they need to be tagged to.
$categories = array();
$cq = sqlquery("SELECT * FROM btx_social_feed_query_categories WHERE `query` = '" . $query["id"] . "'");
while ($cf = sqlfetch($cq)) {
$categories[] = $cf["category"];
}
foreach ($data->Results as $r) {
$id = sqlescape($r->ID);
// Check for existing
$existing = sqlfetch(sqlquery("SELECT id FROM btx_social_feed_stream WHERE service = '{$service}' AND service_id = '{$id}'"));
if (!$existing) {
$data = sqlescape(json_encode($r));
if ($r->Timestamp) {
$date = sqlescape($r->Timestamp);
} elseif ($r->CreatedAt) {
$date = sqlescape($r->CreatedAt);
} elseif ($r->Dates->Posted) {
$date = sqlescape($r->Dates->Posted);
} else {
$date = date("Y-m-d H:i:s");
}
sqlquery("INSERT INTO btx_social_feed_stream (`date`,`service`,`service_id`,`data`,`approved`) VALUES ('{$date}','{$service}','{$id}','{$data}','" . self::$DefaultApprovedState . "')");
$existing["id"] = sqlid();
self::$ItemsToCache[] = array("id" => sqlid(), "date" => $date, "service" => $service, "service_id" => $id, "data" => json_encode($r), "approved" => self::$DefaultApprovedState);
}
// Tag to categories
foreach ($categories as $c) {
sqlquery("DELETE FROM btx_social_feed_stream_categories WHERE item = '" . $existing["id"] . "' AND category = '{$c}'");
sqlquery("INSERT INTO btx_social_feed_stream_categories (`item`,`category`) VALUES ('" . $existing["id"] . "','{$c}')");
}
// Tag to the query
sqlquery("DELETE FROM btx_social_feed_stream_queries WHERE `item` = '" . $existing["id"] . "' AND `query` = '" . $query["id"] . "'");
sqlquery("INSERT INTO btx_social_feed_stream_queries (`item`,`query`) VALUES ('" . $existing["id"] . "','" . $query["id"] . "')");
}
}
}
function update($id, $fields, $values = false, $ignore_cache = false)
{
$id = sqlescape($id);
// Turn a key => value array into pairs
if ($values === false && is_array($fields)) {
$values = $fields;
$fields = array_keys($fields);
}
// Multiple columns to update
if (is_array($fields)) {
$query_parts = array();
foreach ($fields as $key) {
$val = current($values);
if (is_array($val)) {
$val = BigTree::json(BigTree::translateArray($val));
} else {
$val = BigTreeAdmin::autoIPL($val);
}
$query_parts[] = "`{$key}` = '" . sqlescape($val) . "'";
next($values);
}
sqlquery("UPDATE `" . $this->Table . "` SET " . implode(", ", $query_parts) . " WHERE id = '{$id}'");
// Single column to update
} else {
if (is_array($values)) {
$val = json_encode(BigTree::translateArray($values));
} else {
$val = BigTreeAdmin::autoIPL($values);
}
sqlquery("UPDATE `" . $this->Table . "` SET `{$fields}` = '" . sqlescape($val) . "' WHERE id = '{$id}'");
}
if (!$ignore_cache) {
BigTreeAutoModule::recacheItem($id, $this->Table);
}
}
$type["use_cases"] = array("templates" => $type["pages"], "modules" => $type["modules"], "callouts" => $type["callouts"], "settings" => $type["settings"]);
}
$use_cases = is_array($type["use_cases"]) ? sqlescape(json_encode($type["use_cases"])) : sqlescape($type["use_cases"]);
$self_draw = $type["self_draw"] ? "'on'" : "NULL";
sqlquery("INSERT INTO bigtree_field_types (`id`,`name`,`use_cases`,`self_draw`) VALUES ('" . sqlescape($type["id"]) . "','" . sqlescape($type["name"]) . "','{$use_cases}',{$self_draw})");
}
}
// Import files
foreach ($json["files"] as $file) {
BigTree::copyFile(SERVER_ROOT . "cache/package/{$file}", SERVER_ROOT . $file);
}
// Run SQL
foreach ($json["sql"] as $sql) {
sqlquery($sql);
}
// Empty view cache
sqlquery("DELETE FROM bigtree_module_view_cache");
// Remove the package directory, we do it backwards because the "deepest" files are last
$contents = @array_reverse(BigTree::directoryContents(SERVER_ROOT . "cache/package/"));
foreach ($contents as $file) {
@unlink($file);
@rmdir($file);
}
@rmdir(SERVER_ROOT . "cache/package/");
// Clear module class cache and field type cache.
@unlink(SERVER_ROOT . "cache/bigtree-module-class-list.json");
@unlink(SERVER_ROOT . "cache/bigtree-form-field-types.json");
sqlquery("INSERT INTO bigtree_extensions (`id`,`type`,`name`,`version`,`last_updated`,`manifest`) VALUES ('" . sqlescape($json["id"]) . "','package','" . sqlescape($json["title"]) . "','" . sqlescape($json["version"]) . "',NOW(),'" . sqlescape(json_encode($json)) . "')");
sqlquery("SET foreign_key_checks = 1");
$admin->growl("Developer", "Installed Package");
BigTree::redirect(DEVELOPER_ROOT . "packages/install/complete/");
function handle404($url)
{
$url = sqlescape(htmlspecialchars(strip_tags(rtrim($url, "/"))));
$f = sqlfetch(sqlquery("SELECT * FROM bigtree_404s WHERE broken_url = '{$url}'"));
if (!$url) {
return true;
}
if ($f["redirect_url"]) {
if ($f["redirect_url"] == "/") {
$f["redirect_url"] = "";
}
if (substr($f["redirect_url"], 0, 7) == "http://" || substr($f["redirect_url"], 0, 8) == "https://") {
$redirect = $f["redirect_url"];
} else {
$redirect = WWW_ROOT . str_replace(WWW_ROOT, "", $f["redirect_url"]);
}
sqlquery("UPDATE bigtree_404s SET requests = (requests + 1) WHERE id = '" . $f["id"] . "'");
BigTree::redirect($redirect, "301");
return false;
} else {
header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
if ($f) {
sqlquery("UPDATE bigtree_404s SET requests = (requests + 1) WHERE id = '" . $f["id"] . "'");
} else {
sqlquery("INSERT INTO bigtree_404s (`broken_url`,`requests`) VALUES ('{$url}','1')");
}
define("BIGTREE_DO_NOT_CACHE", true);
return true;
}
}
static function updateUserPassword($id, $password)
{
global $bigtree;
$id = sqlescape($id);
$phpass = new PasswordHash($bigtree["config"]["password_depth"], TRUE);
$password = sqlescape($phpass->HashPassword(trim($password)));
sqlquery("UPDATE bigtree_users SET password = '******' WHERE id = '{$id}'");
}
}
}
// Sanitize the form data so it fits properly in the database (convert dates to MySQL-friendly format and such)
$bigtree["entry"] = BigTreeAutoModule::sanitizeData($bigtree["form"]["table"], $bigtree["entry"]);
// Make some easier to write out vars for below.
$tags = $_POST["_tags"];
$edit_id = $_POST["id"] ? $_POST["id"] : false;
$new_id = false;
$table = $bigtree["form"]["table"];
$item = $bigtree["entry"];
$many_to_many = $bigtree["many-to-many"];
// Check to see if this is a positioned element
// If it is and the form is setup to create new items at the top and this is a new record, update the position column.
$table_description = BigTree::describeTable($table);
if (isset($table_description["columns"]["position"]) && $bigtree["form"]["default_position"] == "Top" && !$_POST["id"]) {
$max = sqlrows(sqlquery("SELECT id FROM `{$table}`")) + sqlrows(sqlquery("SELECT id FROM `bigtree_pending_changes` WHERE `table` = '" . sqlescape($table) . "'"));
$item["position"] = $max;
}
// Let's stick it in the database or whatever!
$data_action = $_POST["save_and_publish"] || $_POST["save_and_publish_x"] || $_POST["save_and_publish_y"] ? "publish" : "save";
$did_publish = false;
// We're an editor or "Save" was chosen
if ($bigtree["access_level"] == "e" || $data_action == "save") {
// We have an existing module entry we're saving a change to.
if ($edit_id) {
BigTreeAutoModule::submitChange($bigtree["module"]["id"], $table, $edit_id, $item, $many_to_many, $tags);
$admin->growl($bigtree["module"]["name"], "Saved " . $bigtree["form"]["title"] . " Draft");
// It's a new entry, so we create a pending item.
} else {
$edit_id = "p" . BigTreeAutoModule::createPendingItem($bigtree["module"]["id"], $table, $item, $many_to_many, $tags);
$admin->growl($bigtree["module"]["name"], "Created " . $bigtree["form"]["title"] . " Draft");
<?php
header("Content-type: text/javascript");
$id = sqlescape($_GET["id"]);
// Grab View Data
$view = BigTreeAutoModule::getView(sqlescape($_GET["view"]));
$table = $view["table"];
// Get module
$module = $admin->getModule(BigTreeAutoModule::getModuleForView($view["id"]));
// Get the item
$current_item = BigTreeAutoModule::getPendingItem($table, $id);
$item = $current_item["item"];
// Check permission
$access_level = $admin->getAccessLevel($module, $item, $table);
if ($access_level != "n") {
$original_item = BigTreeAutoModule::getItem($table, $id);
$original_access_level = $admin->getAccessLevel($module, $original_item["item"], $table);
if ($original_access_level != "p") {
$access_level = $original_access_level;
}
}
<?php
$total_results = 0;
$results = array();
$search_term = $_GET["query"];
// If this is a link, see if it's internal.
if (substr($search_term, 0, 7) == "http://" || substr($search_term, 0, 8) == "https://") {
$search_term = $admin->makeIPL($search_term);
}
$w = "'%" . sqlescape($search_term) . "%'";
// Get the "Pages" results.
$r = $admin->searchPages($search_term, array("title", "resources", "meta_keywords", "meta_description", "nav_title"), "50");
$pages = array();
foreach ($r as $f) {
$access_level = $admin->getPageAccessLevel($f["id"]);
if ($access_level) {
$res = json_decode($f["resources"], true);
$bc = $cms->getBreadcrumbByPage($f);
$bc_parts = array();
foreach ($bc as $part) {
$bc_parts[] = '<a href="' . ADMIN_ROOT . 'pages/view-tree/' . $part["id"] . '/">' . $part["title"] . '</a>';
}
$result = array("id" => $f["id"], "title" => $f["nav_title"], "description" => BigTree::trimLength(strip_tags($res["page_content"]), 450), "link" => ADMIN_ROOT . "pages/edit/" . $f["id"] . "/", "breadcrumb" => implode(" › ", $bc_parts));
$pages[] = $result;
$total_results++;
}
}
if (count($pages)) {
$results["Pages"] = $pages;
}
// Get every module's results based on auto module views.
}
if (!$files) {
BigTree::deleteDirectory($cache_root);
$_SESSION["upload_error"] = "The zip file uploaded was corrupt.";
BigTree::redirect(DEVELOPER_ROOT . "extensions/install/");
}
// Read the manifest
$json = json_decode(file_get_contents($cache_root . "manifest.json"), true);
// Make sure it's legit -- we check the alphanumeric status of the ID because if it's invalid someone may be trying to put files in a bad directory
if ($json["type"] != "extension" || !isset($json["id"]) || !isset($json["title"]) || !ctype_alnum(str_replace(array(".", "_", "-"), "", $json["id"]))) {
BigTree::deleteDirectory($cache_root);
$_SESSION["upload_error"] = "The zip file uploaded does not appear to be a BigTree extension.";
BigTree::redirect(DEVELOPER_ROOT . "extensions/install/");
}
// Check if it's already installed
if (sqlrows(sqlquery("SELECT * FROM bigtree_extensions WHERE id = '" . sqlescape($json["id"]) . "'"))) {
BigTree::deleteDirectory($cache_root);
$_SESSION["upload_error"] = "An extension with the id of " . htmlspecialchars($json["id"]) . " is already installed.";
BigTree::redirect(DEVELOPER_ROOT . "extensions/install/");
}
// Check for table collisions
foreach ((array) $json["components"]["tables"] as $table => $create_statement) {
if (sqlrows(sqlquery("SHOW TABLES LIKE '{$table}'"))) {
$warnings[] = "A table named “{$table}” already exists — the table will be overwritten.";
}
}
// Check file permissions and collisions
foreach ((array) $json["files"] as $file) {
if (!BigTree::isDirectoryWritable(SERVER_ROOT . $file)) {
$errors[] = "Cannot write to {$file} — please make the root directory or file writable.";
} elseif (file_exists(SERVER_ROOT . $file)) {
function store($local_file, $file_name, $relative_path, $remove_original = true, $prefixes = array())
{
// If the file name ends in a disabled extension, fail.
if (preg_match($this->DisabledExtensionRegEx, $file_name)) {
$this->DisabledFileError = true;
return false;
}
// If we're auto converting images to JPG from PNG
$file_name = $this->convertJPEG($local_file, $file_name);
// Enforce trailing slashe on relative_path
$relative_path = $relative_path ? rtrim($relative_path, "/") . "/" : "files/";
if ($this->Cloud) {
// Clean up the file name
global $cms;
$parts = BigTree::pathInfo($file_name);
$clean_name = $cms->urlify($parts["filename"]);
if (strlen($clean_name) > 50) {
$clean_name = substr($clean_name, 0, 50);
}
// Best case name
$file_name = $clean_name . "." . strtolower($parts["extension"]);
$x = 2;
// Make sure we have a unique name
while (!$file_name || sqlrows(sqlquery("SELECT `timestamp` FROM bigtree_caches WHERE `identifier` = 'org.bigtreecms.cloudfiles' AND `key` = '" . sqlescape($relative_path . $file_name) . "'"))) {
$file_name = $clean_name . "-{$x}." . strtolower($parts["extension"]);
$x++;
// Check all the prefixes, make sure they don't exist either
if (is_array($prefixes) && count($prefixes)) {
$prefix_query = array();
foreach ($prefixes as $prefix) {
$prefix_query[] = "`key` = '" . sqlescape($relative_path . $prefix . $file_name) . "'";
}
if (sqlrows(sqlquery("SELECT `timestamp` FROM bigtree_caches WHERE identifier = 'org.bigtreecms.cloudfiles' AND (" . implode(" OR ", $prefix_query) . ")"))) {
$file_name = false;
}
}
}
// Upload it
$success = $this->Cloud->uploadFile($local_file, $this->Settings->Container, $relative_path . $file_name, true);
if ($success) {
sqlquery("INSERT INTO bigtree_caches (`identifier`,`key`,`value`) VALUES ('org.bigtreecms.cloudfiles','" . sqlescape($relative_path . $file_name) . "','" . sqlescape(json_encode(array("name" => $file_name, "path" => $relative_path . $file_name, "size" => filesize($local_file)))) . "')");
}
if ($remove_original) {
unlink($local_file);
}
return $success;
} else {
$safe_name = BigTree::getAvailableFileName(SITE_ROOT . $relative_path, $file_name, $prefixes);
if ($remove_original) {
$success = BigTree::moveFile($local_file, SITE_ROOT . $relative_path . $safe_name);
} else {
$success = BigTree::copyFile($local_file, SITE_ROOT . $relative_path . $safe_name);
}
if ($success) {
return "{staticroot}" . $relative_path . $safe_name;
} else {
return false;
}
}
}
private function geocodeYahoo($address)
{
$response = BigTree::cURL("http://query.yahooapis.com/v1/public/yql?format=json&q=" . urlencode('SELECT * FROM geo.placefinder WHERE text="' . sqlescape($address) . '"'));
try {
if (is_string($response)) {
$response = json_decode($response, true);
}
$lat = $response["query"]["results"]["Result"]["latitude"];
$lon = $response["query"]["results"]["Result"]["longitude"];
if ($lat && $lon) {
return array("latitude" => $lat, "longitude" => $lon);
} else {
return false;
}
} catch (Exception $e) {
return false;
}
}
<?php
// Grab View Data
$view = BigTreeAutoModule::getView($_POST["view"]);
$module = $admin->getModule(BigTreeAutoModule::getModuleForView($view));
$access_level = $admin->getAccessLevel($module);
$table = $view["table"];
if ($access_level == "p") {
parse_str($_POST["sort"]);
foreach ($row as $position => $id) {
if (is_numeric($id)) {
sqlquery("UPDATE `{$table}` SET position = '" . (count($row) - $position) . "' WHERE id = '" . sqlescape($id) . "'");
BigTreeAutoModule::recacheItem($id, $table);
} else {
BigTreeAutoModule::updatePendingItemField(substr($id, 1), "position", count($row) - $position);
BigTreeAutoModule::recacheItem(substr($id, 1), $table, true);
}
}
}
// Find any view that uses this table for grouping and wipe its view cache
$dependant = BigTreeAutoModule::getDependantViews($table);
foreach ($dependant as $v) {
BigTreeAutoModule::clearCache($v["table"]);
}
function cacheInformation()
{
$cache = array();
// First we're going to update the monthly view counts for all pages.
$results = $this->getData($this->Settings["profile"], "1 month ago", "today", "pageviews", "pagePath");
$used_paths = array();
foreach ($results as $item) {
$clean_path = sqlescape(trim($item->pagePath, "/"));
$views = sqlescape($item->pageviews);
// Sometimes Google has slightly different routes like "cheese" and "cheese/" so we need to add these page views together.
if (in_array($clean_path, $used_paths)) {
sqlquery("UPDATE bigtree_pages SET ga_page_views = (ga_page_views + {$views}) WHERE `path` = '{$clean_path}'");
} else {
sqlquery("UPDATE bigtree_pages SET ga_page_views = {$views} WHERE `path` = '{$clean_path}'");
$used_paths[] = $clean_path;
}
}
// Service Provider report
$results = $this->getData($this->Settings["profile"], "1 month ago", "today", array("pageviews", "visits"), "networkLocation", "-ga:pageviews");
foreach ($results as $item) {
$cache["service_providers"][] = array("name" => $item->networkLocation, "views" => $item->pageviews, "visits" => $item->visits);
}
// Referrer report
$results = $this->getData($this->Settings["profile"], "1 month ago", "today", array("pageviews", "visits"), "source", "-ga:pageviews");
foreach ($results as $item) {
$cache["referrers"][] = array("name" => $item->source, "views" => $item->pageviews, "visits" => $item->visits);
}
// Keyword report
$results = $this->getData($this->Settings["profile"], "1 month ago", "today", array("pageviews", "visits"), "keyword", "-ga:pageviews");
foreach ($results as $item) {
$cache["keywords"][] = array("name" => $item->keyword, "views" => $item->pageviews, "visits" => $item->visits);
}
// Yearly Report
$this->getData($this->Settings["profile"], date("Y-01-01"), date("Y-m-d"), array("pageviews", "visits", "bounces", "timeOnSite"), "browser");
$cache["year"] = $this->cacheParseLastData();
$this->getData($this->Settings["profile"], date("Y-01-01", strtotime("-1 year")), date("Y-m-d", strtotime("-1 year")), array("pageviews", "visits", "bounces", "timeOnSite"), "browser");
$cache["year_ago_year"] = $this->cacheParseLastData();
// Quarterly Report
$quarters = array(1, 3, 6, 9);
$current_quarter_month = $quarters[floor((date("m") - 1) / 3)];
$this->getData($this->Settings["profile"], date("Y-" . str_pad($current_quarter_month, 2, "0", STR_PAD_LEFT) . "-01"), date("Y-m-d"), array("pageviews", "visits", "bounces", "timeOnSite"), "browser");
$cache["quarter"] = $this->cacheParseLastData();
$this->getData($this->Settings["profile"], date("Y-" . str_pad($current_quarter_month, 2, "0", STR_PAD_LEFT) . "-01", strtotime("-1 year")), date("Y-m-d", strtotime("-1 year")), array("pageviews", "visits", "bounces", "timeOnSite"), "browser");
$cache["year_ago_quarter"] = $this->cacheParseLastData();
// Monthly Report
$this->getData($this->Settings["profile"], date("Y-m-01"), date("Y-m-d"), array("pageviews", "visits", "bounces", "timeOnSite"), "browser");
$cache["month"] = $this->cacheParseLastData();
$this->getData($this->Settings["profile"], date("Y-m-01", strtotime("-1 year")), date("Y-m-d", strtotime("-1 year")), array("pageviews", "visits", "bounces", "timeOnSite"), "browser");
$cache["year_ago_month"] = $this->cacheParseLastData();
// Two Week Heads Up
$results = $this->getData($this->Settings["profile"], date("Y-m-d", strtotime("-2 weeks")), date("Y-m-d", strtotime("-1 day")), "visits", "date", "date");
foreach ($results as $item) {
$cache["two_week"][$item->date] = $item->visits;
}
BigTree::putFile(SERVER_ROOT . "cache/analytics.json", BigTree::json($cache));
}
<?php
// Update the count
sqlquery("UPDATE btx_form_builder_forms SET entries = (entries - 1) WHERE id = '" . sqlescape($_POST["form"]) . "'");
BigTreeAutoModule::recacheItem($_POST["form"], "btx_form_builder_forms");
// Delete the entry
BigTreeAutoModule::deleteItem("btx_form_builder_entries", $_POST["id"]);
// Show the growl and update the table
header("Content-type: text/javascript");
?>
BigTree.growl("Form Builder","Deleted Entry");
$("#row_<?php
echo $_POST["id"];
?>
").remove();
<?php
$fieldMod = new BigTreeModule("btx_form_builder_fields");
BigTree::globalizePOSTVars("htmlspecialchars");
$form = sqlescape($bigtree["commands"][0]);
// Get cleaned up prices, dates, and entries
if ($early_bird) {
$early_bird_date = "'" . date("Y-m-d H:i:s", strtotime(str_replace("@", "", $_POST["early_bird_date"]))) . "'";
$early_bird_base_price = floatval(str_replace(array('$', ',', ' '), '', $_POST["early_bird_base_price"]));
} else {
$early_bird_date = "NULL";
}
$base_price = floatval(str_replace(array('$', ',', ' '), '', $_POST["base_price"]));
$max_entries = intval($max_entries);
BigTreeAutoModule::updateItem("btx_form_builder_forms", $form, array("title" => $title, "paid" => $paid, "base_price" => $base_price, "early_bird_base_price" => $early_bird_base_price, "early_bird_date" => $early_bird_date, "limit_entries" => $limit_entries, "max_entries" => $max_entries));
// Setup the default column, sort position, alignment inside columns.
$position = count($_POST["type"]);
$column = 0;
$alignment = "";
// Get all the previous fields so we know which to delete.
$fields_to_delete = array();
$existing_fields = $fieldMod->getMatching("form", $form);
foreach ($existing_fields as $field) {
$fields_to_delete[$field["id"]] = $field["id"];
}
foreach ($_POST["type"] as $key => $type) {
$id = $_POST["id"][$key];
// The field still exists, remove it from the list to delete
if ($id) {
unset($fields_to_delete[$id]);
}
<?php
if (!$field["value"]) {
$field["value"] = array();
} elseif (!is_array($field["value"])) {
$field["value"] = json_decode($field["value"], true);
}
// Throw an exception if they didn't setup the field type properly
if (!$field["options"]["table"] || !$field["options"]["title_column"]) {
throw Exception("One-to-Many field type requires a table and a title field to be setup to function.");
}
$entries = array();
$sort = $field["options"]["sort_by_column"] ? $field["options"]["sort_by_column"] : $field["options"]["title_column"] . " ASC";
// Get existing entries' titles
foreach ($field["value"] as $entry) {
$g = sqlfetch(sqlquery("SELECT `id`,`" . $field["options"]["title_column"] . "` FROM `" . $field["options"]["table"] . "` WHERE id = '" . sqlescape($entry) . "'"));
if ($g) {
$entries[$g["id"]] = $g[$field["options"]["title_column"]];
}
}
// Gather a list of the items that could possibly be used
$list = array();
$q = sqlquery("SELECT `id`,`" . $field["options"]["title_column"] . "` FROM `" . $field["options"]["table"] . "` ORDER BY {$sort}");
while ($f = sqlfetch($q)) {
$list[$f["id"]] = $f[$field["options"]["title_column"]];
}
// If we have a parser, send a list of the entries and available items through it.
if (!empty($field["options"]["parser"])) {
$list = call_user_func($field["options"]["parser"], $list, true);
$entries = call_user_func($field["options"]["parser"], $entries, false);
}
function resetCache($data)
{
sqlquery("DELETE FROM bigtree_caches WHERE `identifier` = 'org.bigtreecms.cloudfiles'");
foreach ($data as $item) {
sqlquery("INSERT INTO bigtree_caches (`identifier`,`key`,`value`) VALUES ('org.bigtreecms.cloudfiles','" . sqlescape($item["path"]) . "','" . sqlescape(json_encode(array("name" => $item["name"], "path" => $item["path"], "size" => $item["size"]))) . "')");
}
}
file_put_contents(SERVER_ROOT . "cache/package/manifest.json", $json);
// Create the zip
@unlink(SERVER_ROOT . "cache/package.zip");
include BigTree::path("inc/lib/pclzip.php");
$zip = new PclZip(SERVER_ROOT . "cache/package.zip");
$zip->create(BigTree::directoryContents(SERVER_ROOT . "cache/package/"), PCLZIP_OPT_REMOVE_PATH, SERVER_ROOT . "cache/package/");
// Remove the package directory, we do it backwards because the "deepest" files are last
$contents = array_reverse(BigTree::directoryContents(SERVER_ROOT . "cache/package/"));
foreach ($contents as $file) {
@unlink($file);
@rmdir($file);
}
@rmdir(SERVER_ROOT . "cache/package/");
// Store it in the database for future updates
if (sqlrows(sqlquery("SELECT * FROM bigtree_extensions WHERE id = '" . sqlescape($id) . "'"))) {
sqlquery("UPDATE bigtree_extensions SET name = '" . sqlescape($title) . "', version = '" . sqlescape($version) . "', last_updated = NOW(), manifest = '" . sqlescape($json) . "' WHERE id = '" . sqlescape($id) . "'");
} else {
sqlquery("INSERT INTO bigtree_extensions (`id`,`type`,`name`,`version`,`last_updated`,`manifest`) VALUES ('" . sqlescape($id) . "','package','" . sqlescape($title) . "','" . sqlescape($version) . "',NOW(),'" . sqlescape($json) . "')");
}
?>
<div class="container">
<section>
<p>Package created successfully.</p>
</section>
<footer>
<a href="<?php
echo DEVELOPER_ROOT;
?>
packages/build/download/" class="button blue">Download</a>
</footer>
</div>
static function tableExists($table)
{
$r = sqlrows(sqlquery("SHOW TABLES LIKE '" . sqlescape($table) . "'"));
if ($r) {
return true;
}
return false;
}
function getMatching($fields, $values, $order = "Id ASC", $limit = false, $full_response = false)
{
if (!is_array($fields)) {
$where = "{$fields} = '" . sqlescape($values) . "'";
} else {
$x = 0;
$where = array();
while ($x < count($fields)) {
$where[] = $fields[$x] . " = '" . sqlescape($values[$x]) . "'";
$x++;
}
$where = implode(" AND ", $where);
}
if ($where) {
$query = "SELECT " . $this->QueryFieldNames . " FROM " . $this->Name . " WHERE {$where} ORDER BY {$order}";
} else {
$query = "SELECT " . $this->QueryFieldNames . " FROM " . $this->Name . " ORDER BY {$order}";
}
if ($limit) {
$query .= " LIMIT {$limit}";
}
return $this->query($query, $full_response);
}
}
// Check for settings collisions
foreach ((array) $json["components"]["settings"] as $setting) {
if (sqlrows(sqlquery("SELECT * FROM bigtree_settings WHERE id = '" . sqlescape($setting["id"]) . "'"))) {
$warnings[] = "A setting already exists with the id “" . $setting["id"] . "” — the setting will be overwritten.";
}
}
// Check for feed collisions
foreach ((array) $json["components"]["feeds"] as $feed) {
if (sqlrows(sqlquery("SELECT * FROM bigtree_feeds WHERE route = '" . sqlescape($feed["route"]) . "'"))) {
$warnings[] = "A feed already exists with the route “" . $feed["route"] . "” — the feed will be overwritten.";
}
}
// Check for field type collisions
foreach ((array) $json["components"]["field_types"] as $type) {
if (sqlrows(sqlquery("SELECT * FROM bigtree_field_types WHERE id = '" . sqlescape($type["id"]) . "'"))) {
$warnings[] = "A field type already exists with the id “" . $type["id"] . "” — the field type will be overwritten.";
}
}
// Check for table collisions
foreach ((array) $json["sql"] as $command) {
if (substr($command, 0, 14) == "CREATE TABLE `") {
$table = substr($command, 14);
$table = substr($table, 0, strpos($table, "`"));
if (sqlrows(sqlquery("SHOW TABLES LIKE '{$table}'"))) {
$warnings[] = "A table named “{$table}” already exists — the table will be overwritten.";
}
}
}
// Check file permissions and collisions
foreach ((array) $json["files"] as $file) {
static function updatePendingItemField($id, $field, $value)
{
$id = sqlescape($id);
$item = sqlfetch(sqlquery("SELECT * FROM bigtree_pending_changes WHERE id = '{$id}'"));
$changes = json_decode($item["changes"], true);
if (is_array($value)) {
$value = BigTree::translateArray($value);
}
$changes[$field] = $value;
$changes = sqlescape(json_encode($changes));
sqlquery("UPDATE bigtree_pending_changes SET changes = '{$changes}' WHERE id = '{$id}'");
}
function disconnect()
{
sqlquery("DELETE FROM bigtree_caches WHERE identifier = '" . sqlescape($this->CacheIdentifier) . "'");
sqlquery("DELETE FROM bigtree_settings WHERE id = '" . $this->SettingID . "'");
}
function _local_bigtree_update_103()
{
global $cms;
// Converting resource thumbnail sizes to a properly editable feature and naming it better.
$current = $cms->getSetting("resource-thumbnail-sizes");
$thumbs = json_decode($current, true);
$value = array();
foreach (array_filter((array) $thumbs) as $title => $info) {
$value[] = array("title" => $title, "prefix" => $info["prefix"], "width" => $info["width"], "height" => $info["height"]);
}
sqlquery("INSERT INTO bigtree_settings (`id`,`value`,`type`,`options`,`name`,`locked`) VALUES ('bigtree-file-manager-thumbnail-sizes','" . sqlescape(json_encode($value)) . "','array','" . sqlescape('{"fields":[{"key":"title","title":"Title","type":"text"},{"key":"prefix","title":"File Prefix (i.e. thumb_)","type":"text"},{"key":"width","title":"Width","type":"text"},{"key":"height","title":"Height","type":"text"}]}') . "','File Manager Thumbnail Sizes','on')");
sqlquery("DELETE FROM bigtree_settings WHERE id = 'resource-thumbnail-sizes'");
}
" name="permissions[module][<?php
echo $m["id"];
?>
]" value="n" <?php
if (!$permissions["module"][$m["id"]] || $permissions["module"][$m["id"]] == "n") {
?>
checked="checked" <?php
}
?>
/></span>
<?php
if (isset($gbp["enabled"]) && $gbp["enabled"]) {
if (BigTree::tableExists($gbp["other_table"])) {
$categories = array();
$ot = sqlescape($gbp["other_table"]);
$tf = sqlescape($gbp["title_field"]);
if ($tf && $ot) {
$q = sqlquery("SELECT id,`{$tf}` FROM `{$ot}` ORDER BY `{$tf}` ASC");
?>
<ul class="depth_2"<?php
if ($closed) {
?>
style="display: none;"<?php
}
?>
>
<?php
while ($c = sqlfetch($q)) {
?>
<li>
<span class="depth"></span>
<?php
// If we're replacing an existing file, find out its name
if (isset($_POST["replace"])) {
$admin->requireLevel(1);
$replacing = $admin->getResource($_POST["replace"]);
$pinfo = BigTree::pathInfo($replacing["file"]);
$replacing = $pinfo["basename"];
// Set a recently replaced cookie so we don't use cached images
setcookie('bigtree_admin[recently_replaced_file]', true, time() + 300, str_replace(DOMAIN, "", WWW_ROOT));
} else {
$replacing = false;
}
$folder = isset($_POST["folder"]) ? sqlescape($_POST["folder"]) : false;
$f = $_FILES["file"];
$file_name = $replacing ? $replacing : $f["name"];
// If the user doesn't have permission to upload to this folder, throw an error.
$perm = $admin->getResourceFolderPermission($folder);
if ($perm != "p") {
$f["error"] = 9;
}
$error = false;
// Check for file upload errors (or the permission error we faked above)
if ($f["error"]) {
if ($f["error"] == 2 || $f["error"] == 1) {
$error = "The uploaded file was too large. (" . BigTree::formatBytes(BigTree::uploadMaxFileSize()) . " max)";
} elseif ($f["error"] == 9) {
$error = "You do not have permission to upload to this folder.";
} else {
$error = "The upload failed (unknown error).";
}
<?php
// If we always genereate a new route, don't have a route, or we're updating a pending entry.
if (!$field["options"]["keep_original"] || !$bigtree["existing_data"][$field["key"]] || isset($bigtree["edit_id"]) && !is_numeric($bigtree["edit_id"])) {
if ($field["options"]["not_unique"]) {
$field["output"] = $cms->urlify(strip_tags($bigtree["post_data"][$field["options"]["source"]]));
} else {
$oroute = $cms->urlify(strip_tags($bigtree["post_data"][$field["options"]["source"]]));
$field["output"] = $oroute;
$x = 2;
// We're going to try 1000 times at most so we don't time out
while ($x < 1000 && sqlrows(sqlquery("SELECT * FROM `" . $bigtree["form"]["table"] . "` WHERE `" . $field["key"] . "` = '" . sqlescape($field["output"]) . "' AND id != '" . sqlescape($bigtree["edit_id"]) . "'"))) {
$field["output"] = $oroute . "-" . $x;
$x++;
}
if ($x == 1000) {
$field["output"] = "";
}
}
} else {
$field["ignore"] = true;
}
}
}
$find = array("[host]", "[db]", "[user]", "[password]", "[port]", "[socket]", "[write_host]", "[write_db]", "[write_user]", "[write_password]", "[write_port]", "[write_socket]", "[domain]", "[wwwroot]", "[staticroot]", "[email]", "[settings_key]", "[force_secure_login]", "[routing]");
$replace = array($host, $db, $user, $password, $port, $socket, isset($loadbalanced) ? $write_host : "", isset($loadbalanced) ? $write_db : "", isset($loadbalanced) ? $write_user : "", isset($loadbalanced) ? $write_password : "", isset($loadbalanced) ? $write_port : "", isset($loadbalanced) ? $write_socket : "", $domain, $www_root, $static_root, $cms_user, uniqid("", true), isset($force_secure_login) ? "true" : "false", $routing == "basic" ? "basic" : "htaccess");
// Make sure we're not running in a special mode that forces values for textareas that aren't allowing null.
sqlquery("SET SESSION sql_mode = ''");
$sql_queries = explode("\n", file_get_contents("bigtree.sql"));
foreach ($sql_queries as $query) {
$query = trim($query);
if ($query != "") {
$q = sqlquery($query);
}
}
include "core/inc/lib/PasswordHash.php";
$phpass = new PasswordHash(8, TRUE);
$enc_pass = sqlescape($phpass->HashPassword($cms_pass));
sqlquery("INSERT INTO bigtree_users (`email`,`password`,`name`,`level`) VALUES ('{$cms_user}','{$enc_pass}','Developer','2')");
// Determine whether Apache is running as the owner of the BigTree files -- only works if we have posix_getuid
// We do this to determine whether we need to make the files the script writes 777
if (function_exists("posix_getuid")) {
if (posix_getuid() == getmyuid()) {
define("BT_SU_EXEC", true);
} else {
define("BT_SU_EXEC", false);
}
} else {
define("BT_SU_EXEC", false);
}
function bt_mkdir_writable($dir)
{
global $root;
<?php
header("Content-type: text/javascript");
$id = sqlescape($_GET["id"]);
// Grab View Data
$view = BigTreeAutoModule::getView($_GET["view"]);
$table = $view["table"];
// Get module
$module = $admin->getModule(BigTreeAutoModule::getModuleForView($_GET["view"]));
// Get the item
$current_item = BigTreeAutoModule::getPendingItem($table, $id);
$item = $current_item["item"];
// Check permission
$access_level = $admin->getAccessLevel($module, $item, $table);
if ($access_level != "n") {
$original_item = BigTreeAutoModule::getItem($table, $id);
$original_access_level = $admin->getAccessLevel($module, $original_item["item"], $table);
if ($original_access_level != "p") {
$access_level = $original_access_level;
}
}
