function save()
{
global $database;
importlib('model.common.setting');
if (isset($this->name)) {
$this->name = trim($this->name);
if (!BlogSetting::validateName($this->name)) {
return $this->_error('name');
}
Setting::setBlogSettingGlobal('name', $this->name);
}
if (isset($this->secondaryDomain)) {
$this->secondaryDomain = trim($this->secondaryDomain);
if (!Validator::domain($this->secondaryDomain)) {
return $this->_error('secondaryDomain');
}
Setting::setBlogSettingGlobal('secondaryDomain', $this->secondaryDomain);
}
if (isset($this->defaultDomain)) {
Setting::setBlogSettingGlobal('defaultDomain', Validator::getBit($this->defaultDomain));
}
if (isset($this->title)) {
$this->title = trim($this->title);
Setting::setBlogSettingGlobal('title', $this->title);
}
if (isset($this->description)) {
$this->description = trim($this->description);
Setting::setBlogSettingGlobal('description', $this->description);
}
if (isset($this->banner)) {
if (strlen($this->banner) != 0 && !Validator::filename($this->banner)) {
return $this->_error('banner');
}
Setting::setBlogSettingGlobal('logo', $this->banner);
}
if (isset($this->useSloganOnPost)) {
Setting::setBlogSettingGlobal('useSloganOnPost', Validator::getBit($this->useSloganOnPost));
}
if (isset($this->useSloganOnCategory)) {
Setting::setBlogSettingGlobal('useSloganOnCategory', Validator::getBit($this->useSloganOnCategory));
}
if (isset($this->useSloganOnTag)) {
Setting::setBlogSettingGlobal('useSloganOnTag', Validator::getBit($this->useSloganOnTag));
}
if (isset($this->postsOnPage)) {
if (!Validator::number($this->postsOnPage, 1)) {
return $this->_error('postsOnPage');
}
Setting::setBlogSettingGlobal('entriesOnPage', $this->postsOnPage);
}
if (isset($this->postsOnList)) {
if (!Validator::number($this->postsOnList, 1)) {
return $this->_error('postsOnList');
}
Setting::setBlogSettingGlobal('entriesOnList', $this->postsOnList);
}
if (isset($this->postsOnFeed)) {
if (!Validator::number($this->postsOnFeed, 1)) {
return $this->_error('postsOnFeed');
}
Setting::setBlogSettingGlobal('entriesOnRSS', $this->postsOnFeed);
}
if (isset($this->publishWholeOnFeed)) {
Setting::setBlogSettingGlobal('publishWholeOnRSS', Validator::getBit($this->publishWholeOnFeed));
}
if (isset($this->acceptGuestComment)) {
Setting::setBlogSettingGlobal('allowWriteOnGuestbook', Validator::getBit($this->acceptGuestComment));
}
if (isset($this->acceptcommentOnGuestComment)) {
Setting::setBlogSettingGlobal('allowWriteDblCommentOnGuestbook', Validator::getBit($this->acceptcommentOnGuestComment));
}
if (isset($this->language)) {
if (!Validator::language($this->language)) {
return $this->_error('language');
}
Setting::setBlogSettingGlobal('language', $this->language);
}
if (isset($this->timezone)) {
if (empty($this->timezone)) {
return $this->_error('timezone');
}
Setting::setBlogSettingGlobal('timezone', $this->timezone);
}
return true;
}
public function save()
{
if (isset($this->skin)) {
if (strncmp($this->skin, 'customize/', 10) == 0) {
if (strcmp($this->skin, "customize/" . getBlogId()) != 0) {
return $this->_error('skin');
}
} else {
if (!Validator::filename($this->skin)) {
return $this->_error('skin');
}
}
if (!Validator::path($this->skin) || !file_exists(ROOT . '/skin/' . $this->skin)) {
return $this->_error('skin');
}
Setting::setSkinSetting('skin', $this->skin);
}
if (isset($this->entriesOnRecent)) {
if (!Validator::number($this->entriesOnRecent, 1)) {
return $this->_error('entriesOnRecent');
}
Setting::setSkinSetting('entriesOnRecent', $this->entriesOnRecent);
}
if (isset($this->commentsOnRecent)) {
if (!Validator::number($this->commentsOnRecent, 1)) {
return $this->_error('commentsOnRecent');
}
Setting::setSkinSetting('commentsOnRecent', $this->commentsOnRecent);
}
if (isset($this->trackbacksOnRecent)) {
if (!Validator::number($this->trackbacksOnRecent, 1)) {
return $this->_error('trackbacksOnRecent');
}
Setting::setSkinSetting('trackbacksOnRecent', $this->trackbacksOnRecent);
}
if (isset($this->commentsOnGuestbook)) {
if (!Validator::number($this->commentsOnGuestbook, 1)) {
return $this->_error('commentsOnGuestbook');
}
Setting::setSkinSetting('commentsOnGuestbook', $this->commentsOnGuestbook);
}
if (isset($this->tagsOnTagbox)) {
if (!Validator::number($this->tagsOnTagbox, 1)) {
return $this->_error('tagsOnTagbox');
}
Setting::setSkinSetting('tagsOnTagbox', $this->tagsOnTagbox);
}
if (isset($this->alignOnTagbox)) {
if (!Validator::number($this->alignOnTagbox, 1, 3)) {
return $this->_error('alignOnTagbox');
}
Setting::setSkinSetting('tagboxAlign', $this->alignOnTagbox);
}
if (isset($this->expandComment)) {
Setting::setSkinSetting('expandComment', Validator::getBit($this->expandComment));
}
if (isset($this->expandTrackback)) {
Setting::setSkinSetting('expandTrackback', Validator::getBit($this->expandTrackback));
}
if (isset($this->recentNoticeLength)) {
if (!Validator::number($this->recentNoticeLength, 0)) {
return $this->_error('recentNoticeLength');
}
Setting::setSkinSetting('recentNoticeLength', $this->recentNoticeLength);
}
if (isset($this->recentPageLength)) {
if (!Validator::number($this->recentPageLength, 0)) {
return $this->_error('recentPageLength');
}
Setting::setSkinSetting('recentPageLength', $this->recentPageLength);
}
if (isset($this->recentTrackbackLength)) {
if (!Validator::number($this->recentTrackbackLength, 0)) {
return $this->_error('recentTrackbackLength');
}
Setting::setSkinSetting('recentTrackbackLength', $this->recentTrackbackLength);
}
if (isset($this->linkLength)) {
if (!Validator::number($this->linkLength, 0)) {
return $this->_error('linkLength');
}
Setting::setSkinSetting('linkLength', $this->linkLength);
}
if (isset($this->showListOnCategory)) {
Setting::setSkinSetting('showListOnCategory', Validator::getBit($this->showListOnCategory));
}
if (isset($this->showListOnArchive)) {
Setting::setSkinSetting('showListOnArchive', Validator::getBit($this->showListOnArchive));
}
if (isset($this->tree)) {
if (!Validator::directory($this->tree) || !file_exists(ROOT . '/skin/tree/' . $this->tree)) {
return $this->_error('tree');
}
Setting::setSkinSetting('tree', $this->tree);
}
if (isset($this->colorOnTree)) {
Setting::setSkinSetting('colorOnTree', $this->colorOnTree);
}
if (isset($this->bgcolorOnTree)) {
Setting::setSkinSetting('bgcolorOnTree', $this->bgcolorOnTree);
}
if (isset($this->activecolorOnTree)) {
Setting::setSkinSetting('activecolorOnTree', $this->activecolorOnTree);
}
if (isset($this->activebgcolorOnTree)) {
Setting::setSkinSetting('activebgcolorOnTree', $this->activebgcolorOnTree);
}
if (isset($this->labelLengthOnTree)) {
if (!Validator::number($this->labelLengthOnTree, 0)) {
return $this->_error('labelLengthOnTree');
}
Setting::setSkinSetting('labelLengthOnTree', $this->labelLengthOnTree);
}
if (isset($this->showValueOnTree)) {
Setting::setSkinSetting('showValueOnTree', Validator::getBit($this->showValueOnTree));
}
return true;
}
static function validateArray(&$array, &$rules)
{
// Workaround for non Fancy-URL user.
$cropArray = array();
foreach ($array as $name => $value) {
$doesHaveRequest = strpos($name, '?');
if ($doesHaveRequest !== false) {
$name = substr($name, $doesHaveRequest + 1);
}
$cropArray[$name] = $value;
}
$array = $cropArray;
foreach ($rules as $key => $rule) {
if (!isset($rule[0])) {
trigger_error("Validator: The type of '{$key}' is not defined", E_USER_WARNING);
continue;
}
if (isset($array[$key]) && ($rule[0] == 'file' || strlen($array[$key]) > 0)) {
$value =& $array[$key];
if (isset($rule['min'])) {
$rule[1] = $rule['min'];
}
if (isset($rule['max'])) {
$rule[2] = $rule['max'];
}
if (isset($rule['bypass'])) {
$rule[3] = $rule['bypass'];
}
switch ($rule[0]) {
case 'any':
if (isset($rule[1]) && strlen($value) < $rule[1]) {
return false;
}
if (isset($rule[2]) && strlen($value) > $rule[2]) {
return false;
}
break;
case 'bit':
$array[$key] = Validator::getBit($value);
break;
case 'bool':
$array[$key] = Validator::getBool($value);
break;
case 'number':
if (!Validator::number($value, isset($rule[1]) ? $rule[1] : null, isset($rule[2]) ? $rule[2] : null, isset($rule[3]) ? $rule[3] : false)) {
return false;
}
break;
case 'int':
if (!Validator::isInteger($value, isset($rule[1]) ? $rule[1] : -2147483648.0, isset($rule[2]) ? $rule[2] : 2147483647, isset($rule[3]) ? $rule[3] : false)) {
return false;
}
break;
case 'id':
if (!Validator::id($value, isset($rule[1]) ? $rule[1] : 1, isset($rule[2]) ? $rule[2] : 2147483647)) {
return false;
}
break;
case 'url':
case 'string':
if (!Utils_Unicode::validate($value)) {
$value = Utils_Unicode::bring($value);
if (!Utils_Unicode::validate($value)) {
return false;
}
}
$value = $array[$key] = Utils_Unicode::correct($value);
if (isset($rule[1]) && Utils_Unicode::length($value) < $rule[1]) {
return false;
}
if (isset($rule[2]) && Utils_Unicode::length($value) > $rule[2]) {
return false;
}
break;
case 'list':
if (!Validator::isList($value)) {
return false;
}
break;
case 'timestamp':
if (!Validator::timestamp($value)) {
return false;
}
break;
case 'period':
if (!Validator::period($value)) {
return false;
}
break;
case 'ip':
if (!Validator::ip($value)) {
return false;
}
break;
case 'domain':
if (!Validator::domain($value)) {
return false;
}
break;
case 'email':
if (!Validator::email($value)) {
return false;
}
break;
case 'language':
if (!Validator::language($value)) {
return false;
}
break;
case 'filename':
if (!Validator::filename($value)) {
return false;
}
break;
case 'directory':
if (!Validator::directory($value)) {
return false;
}
break;
case 'path':
if (!Validator::path($value)) {
return false;
}
break;
case 'file':
if (!isset($value['name']) || preg_match('@[/\\\\]@', $value['name'])) {
return false;
}
break;
default:
if (is_array($rule[0])) {
if (!in_array($value, $rule[0])) {
return false;
}
} else {
trigger_error("Validator: The type of '{$key}' is unknown", E_USER_WARNING);
}
break;
}
if (isset($rule['check'])) {
$rule[5] = $rule['check'];
}
if (isset($rule[5])) {
if (function_exists($rule[5])) {
if (!call_user_func($rule[5], $value)) {
return false;
}
} else {
trigger_error("Validator: The check function of '{$key}' is not defined", E_USER_WARNING);
}
}
} else {
if (array_key_exists(3, $rule)) {
$array[$key] = $rule[3];
} else {
if (array_key_exists('default', $rule)) {
$array[$key] = $rule['default'];
} else {
if ((!isset($rule[4]) || $rule[4]) && (!isset($rule['mandatory']) || $rule['mandatory'])) {
return false;
}
}
}
}
}
return true;
}
function deleteAttachmentMulti($blogid, $parent, $names)
{
importlib('model.blog.feed');
$pool = DBModel::getInstance();
$files = explode('!^|', $names);
foreach ($files as $name) {
if ($name == '') {
continue;
}
if (!Validator::filename($name)) {
continue;
}
$origname = $name;
$pool->reset('Attachments');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('parent', 'eq', intval($parent));
$pool->setQualifier('name', 'eq', $name, true);
if ($pool->delete()) {
unlink(__TEXTCUBE_ATTACH_DIR__ . "/{$blogid}/{$origname}");
} else {
}
}
clearFeed();
return true;
}
function _buildQuery()
{
if (!Validator::filename($this->name)) {
return $this->_error('name');
}
$query = DBModel::getInstance();
$query->reset('Attachments');
$query->setQualifier('blogid', 'equals', getBlogId());
$query->setQualifier('name', 'equals', $this->name, true);
if (isset($this->parent)) {
if (!Validator::number($this->parent, -1)) {
return $this->_error('parent');
}
$query->setAttribute('parent', $this->parent);
}
if (isset($this->label)) {
$this->label = Utils_Unicode::lessenAsEncoding(trim($this->label), 64);
if (empty($this->label)) {
return $this->_error('label');
}
$query->setAttribute('label', $this->label, true);
}
if (isset($this->mime)) {
$this->mime = Utils_Unicode::lessenAsEncoding(trim($this->mime), 32);
$query->setAttribute('mime', $this->mime, true);
}
if (isset($this->size)) {
if (!Validator::number($this->size, 0)) {
return $this->_error('size');
}
$query->setAttribute('size', $this->size);
}
if (isset($this->width)) {
if (!Validator::number($this->width, 0)) {
return $this->_error('width');
}
$query->setAttribute('width', $this->width);
}
if (isset($this->height)) {
if (!Validator::number($this->height, 0)) {
return $this->_error('height');
}
$query->setAttribute('height', $this->height);
}
if (isset($this->downloads)) {
if (!Validator::number($this->downloads, 0)) {
return $this->_error('downloads');
}
$query->setAttribute('downloads', $this->downloads);
}
if (isset($this->enclosure)) {
$query->setAttribute('enclosure', Validator::getBit($this->enclosure));
}
if (isset($this->attached)) {
if (!Validator::number($this->attached, 1)) {
return $this->_error('attached');
}
$query->setAttribute('attached', $this->attached);
}
return $query;
}
<?php
/// Copyright (c) 2004-2016, Needlworks / Tatter Network Foundation
/// All rights reserved. Licensed under the GPL.
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
require ROOT . '/library/preprocessor.php';
importlib('model.blog.entry');
if (!Validator::filename($_GET['skin']) && $_GET['skin'] != "customize/{$blogid}") {
Respond::NotFoundPage();
}
$skinSetting['skin'] = $_GET['skin'];
$skin = new Skin($skinSetting['skin'], true);
list($entries, $paging) = getEntriesWithPaging($blogid, $suri['page'], $blog['entriesOnPage']);
require ROOT . '/interface/common/blog/begin.php';
require ROOT . '/interface/common/blog/entries.php';
$pageTitle = _t('스킨 미리보기');
require ROOT . '/interface/common/blog/end.php';
