public function saveAction() { $farr = array("/<(\\/?)(script|iframe|style|html|body|title|link|meta|\\?|\\%)([^>]*?)>/isU", "/(<[^>]*)on[a-zA-Z] \\s*=([^>]*>)/isU"); $tarr = array("<\\1\\2\\3>", "\\1\\2"); $entry = $this->reqs->params; $entry['content'] = preg_replace($farr, $tarr, $entry['content']); if (!isset($entry['auto_summary']) && isset($entry['summary']) && strlen(trim($entry['summary']))) { $entry['summary'] = preg_replace($farr, $tarr, $entry['summary']); } else { $entry['summary'] = NULL; } $validator = new Cm_Model_EntryValidate(); if (!$validator->isValid($entry, $message)) { $this->view->message = Core_Message::get('error', $message); return $this->editAction(); } $dbentry = Core_Dao::factory(array('name' => 'data_entry')); try { if ($entry['id'] == "") { $entry['id'] = Core_Util_Uuid::create(); $dbentry->insert($entry); } else { $where = array('id' => $entry['id']); //unset($entry['id']); $dbentry->update($entry, $where); } } catch (Exception $e) { $this->view->message = Core_Message::get('error', $e->getMessage()); return $this->editAction(); } $this->reqs->params = $entry; $this->view->message = Core_Message::get('success', 'Success'); $this->editAction(); }
public function in($params) { try { $_user = Core_Dao::factory(array('name' => 'user')); $where = array('uname' => $params['uname']); $rs = $_user->getList($where, array(), 1); if (isset($rs[0]['uname'])) { $user = $rs[0]; } else { throw new Exception('No items found'); } } catch (Exception $e) { throw $e; } if (!isset($user['pass'])) { throw new Exception('Username and pass do not match'); } $pass = md5($params['pass']); if ($pass != $user['pass']) { throw new Exception('Username and pass do not match'); } $sid = Core_Util_Uuid::create(); $timeout = 365 * 24 * 60 * 60; $data = array('id' => $sid, 'uid' => $user['id'], 'uname' => $user['uname'], 'persistent' => $params['persistent'], 'source' => Core_Util_Ip::getRemoteAddr()); try { $_session = Core_Dao::factory(array('name' => 'user_session')); $_session->insert($data); } catch (Exception $e) { throw $e; } $_SESSION['sid'] = $sid; $_SESSION['uid'] = $user['id']; setcookie("sid", $sid, time() + $timeout, '/'); setcookie("uid", $user['id'], time() + $timeout, '/'); }