function trigger() { $username = $_POST['username']; $password = md5($_POST['password']); if (isset($_COOKIE[__SYM_COOKIE__]) && !isset($_POST['action']['login'])) { $args = unserialize(base64_decode($_COOKIE[__SYM_COOKIE_SAFE__])); $username = $args['username']; $password = $args['password']; } $sql = "SELECT *\n\t\t\t\t\tFROM `tbl_authors`\n\t\t\t\t\tWHERE `username` = '" . addslashes($username) . "'\n\t\t\t\t\tAND `password` = '" . $password . "'"; $row = $this->_db->fetchRow(0, $sql); if (!empty($row) && is_array($row)) { $sql = "UPDATE `tbl_authors` SET `lastvisit` = UNIX_TIMESTAMP() WHERE `id` = '" . $row['id'] . "'"; $this->_db->query($sql); setcookie(__SYM_COOKIE__, serialize($row), time() + 31536000, $this->_parent->getCookieDomain()); setcookie(__SYM_COOKIE_SAFE__, base64_encode(serialize($row)), time() + 31536000, $this->_parent->getCookieDomain()); $status = 'Author'; if ($row['owner'] == 1) { $status = 'Owner'; } elseif ($row['superuser'] == 1) { $status = 'Administrator'; } $result = new XMLElement("user"); $result->setAttribute("logged-in", "true"); $result->addChild(new XMLElement("username", $row['username'])); $result->addChild(new XMLElement("first-name", $row['firstname'])); $result->addChild(new XMLElement("last-name", $row['lastname'])); $result->addChild(new XMLElement("email", $row['email'])); $result->addChild(new XMLElement("account-type", $status)); } else { $result = new XMLElement("user"); $result->setAttribute("logged-in", "false"); } return $result; }
function grab($param = array()) { extract($this->_env, EXTR_PREFIX_ALL, 'env'); include_once TOOLKIT . '/class.entrymanager.php'; $entryManager = new EntryManager($this->_parent); $section_id = $entryManager->fetchSectionIDFromHandle($this->__resolveDefine("dsFilterPARENTSECTION")); $schema = $entryManager->fetchEntryFieldSchema($section_id, NULL, $this->_dsFilterCUSTOMFIELD); $schema = $schema[0]; ##Check the cache $hash_id = md5(get_class($this)); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("categories-list"); $xml->setAttribute("section", "customfield"); ##Populate the XML if (empty($schema) || !is_array($schema)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { $ops = preg_split('/,/', $schema['values'], -1, PREG_SPLIT_NO_EMPTY); $ops = array_map("trim", $ops); $xml->addChild(new XMLElement("name", $schema['name'])); $xml->setAttribute("handle", $schema['handle']); $options = new XMLElement("options"); foreach ($ops as $o) { if ($schema['type'] == 'multiselect') { $table = 'tbl_entries2customfields_list'; } else { $table = 'tbl_entries2customfields'; } $count = $this->_db->fetchVar('count', 0, "SELECT count(id) AS `count` FROM `{$table}` WHERE `field_id` = '" . $schema['id'] . "' AND value_raw = '{$o}' "); $xO = new XMLElement("option", $o); $xO->setAttribute('entry-count', $count); $xO->setAttribute('handle', Lang::createHandle($o, $this->_parent->getConfigVar('handle_length', 'admin'))); $options->addChild($xO); } $xml->addChild($options); } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }
break; case "boolean": $sql = "SELECT DISTINCT t1.entry_id,\n\t\t\t\t MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE) AS score\n\t\t\t\t FROM tbl_entries2customfields AS t1\n\t LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n\t WHERE 1 AND MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE)\n\t\t\t\t " . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n\t\t\t\t ORDER BY score DESC LIMIT 5"; break; } $result = $db->fetchCol('entry_id', $sql); $result = array_flip($result); $result = array_flip($result); if (@count($result) >= 1) { $parent =& new ParentShell($db, $config); include_once LIBRARY . "/core/class.manager.php"; include_once LIBRARY . "/core/class.symphonylog.php"; include_once LIBRARY . "/core/class.textformattermanager.php"; include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($parent); foreach ($result as $entry_id) { $row = $entryManager->fetchEntriesByID($entry_id, false, true); $locked = 'content'; ##Generate the XML $entry = new XMLElement("item"); $entry->setAttribute("class", $locked); $entry->addChild(new XMLElement("title", strip_tags($row['fields'][$row['primary_field']]['value']))); $entry->addChild(new XMLElement("date", $cDate->get(true, true, strtotime($row['publish_date_gmt'])))); $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&_sid=" . $row['section_id'] . "&id=" . $row['id'])); $entry->addChild(new XMLElement("handle", $row['primary_field'])); if (isset($row['fields']['body']) && $row['fields']['body']['type'] == 'textarea') { $entry->addChild(new XMLElement("description", General::limitWords(strip_tags($row['fields']['body']['value']), 100, true, false))); } $xml->addChild($entry); } }
function grab($param = array()) { ## Decide if we return an emtpy set or not if ($this->__forceEmptySet()) { ##Create the XML container $xml = new XMLElement("archive-overview"); $xml->setAttribute("section", $this->getType()); $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } $obDate = $this->_parent->getDateObj(); extract($this->_env, EXTR_PREFIX_ALL, 'env'); $where = $sort = $joins = NULL; include_once TOOLKIT . '/class.entrymanager.php'; $entryManager = new EntryManager($this->_parent); $section_id = $entryManager->fetchSectionIDFromHandle($this->getType()); ##Prepare the Query if ($handle = $this->__resolveDefine("dsFilterHANDLE")) { $entries = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $handle); $where .= " AND t1.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entries) . "') "; } if ($date = $this->__resolveDefine("dsFilterDAY")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' "; } if ($month = $this->__resolveDefine("dsFilterMONTH")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' "; } if ($year = $this->__resolveDefine("dsFilterYEAR")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' "; } if ($this->_dsFilterINCLUDEPOSTDATED != 'yes') { $where .= " AND UNIX_TIMESTAMP(t1.publish_date_gmt) <= '" . $obDate->get(false, false) . "' "; } if (is_array($this->_dsFilterCUSTOM) && !empty($this->_dsFilterCUSTOM)) { $table_id = 15; foreach ($this->_dsFilterCUSTOM as $handle => $value) { $field = $this->_db->fetchRow(0, "SELECT `id`, `type`, `foreign_select_multiple` FROM `tbl_customfields` WHERE `parent_section` = '{$section_id}' AND `handle` = '{$handle}' LIMIT 1"); $value_handle = Lang::createHandle($value, $this->_parent->getConfigVar('handle_length', 'admin')); if ($field['type'] == 'multiselect' || $field['type'] == 'foreign' && $field['foreign_select_multiple'] == 'yes') { $joins .= " LEFT JOIN `tbl_entries2customfields_list` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " "; $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') "; } else { $joins .= " LEFT JOIN `tbl_entries2customfields` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " "; $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') "; } $table_id++; } } if ($this->_dsFilterSORT != '') { $sort = strtoupper($this->_dsFilterSORT); } $sql = "SELECT t1.id, t1.publish_date_gmt " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date_gmt` " . $sort; ##Check the cache $hash_id = md5(get_class($this) . serialize($env_url)); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("archive-overview"); $xml->setAttribute("section", $this->getType()); ##Grab the records $entries = $this->_db->fetch($sql); $current_month = date("m", $obDate->get(true, false)); $current_year = date("Y", $obDate->get(true, false)); ##Populate the XML if (empty($entries) || !is_array($entries)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { $bin = array(); foreach ($entries as $e) { list($dYear, $dMonth, $dDay) = explode("-", date("Y-m-d", $obDate->get(true, false, strtotime($e['publish_date_gmt'])))); $bin[$dYear][intval($dMonth)]++; } $years = @array_keys($bin); if ($sort && $sort == 'DESC') { $end_year = $current_year; $bin_years = array_keys($bin); rsort($bin_years); for ($ii = $bin_years[0] + 1; $ii <= $current_year; $ii++) { $bin[$ii] = array(); } $bin = array_reverse($bin, true); } else { $start_year = $years[0]; } foreach ($bin as $year => $months) { $xYear = new XMLElement("year"); $xYear->setAttribute("value", $year); #foreach($months as $month => $count){ if ($sort && $sort == 'DESC') { for ($month = 12; $month > 0; $month--) { if ($current_year > $year || $current_year == $year && $current_month >= $month) { $xMonth = new XMLElement("month"); $xMonth->setAttribute("value", $month < 10 ? "0{$month}" : $month); $xMonth->setAttribute("entry-count", "" . max(0, intval($months[$month])) . ""); $xYear->addChild($xMonth); } } } else { for ($month = 1; $month <= 12; $month++) { if ($current_year > $year || $current_year == $year && $current_month >= $month) { $xMonth = new XMLElement("month"); $xMonth->setAttribute("value", $month < 10 ? "0{$month}" : $month); $xMonth->setAttribute("entry-count", "" . max(0, intval($months[$month])) . ""); $xYear->addChild($xMonth); } } } $xml->addChild($xYear); if ($sort && $sort == 'DESC') { $start_year = $year; } else { $end_year = $year; } } $xml->setAttribute("year-start", $start_year); $xml->setAttribute("year-end", $end_year); } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }
function grab($param = array()) { ## Decide if we return an emtpy set or not if ($this->__forceEmptySet()) { ##Create the XML container $xml = new XMLElement("archive-entry-list"); $xml->setAttribute("section", $this->getType()); $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } $obDate = $this->_parent->getDateObj(); extract($this->_env, EXTR_PREFIX_ALL, 'env'); $where = $sort = $joins = NULL; include_once TOOLKIT . '/class.entrymanager.php'; $entryManager = new EntryManager($this->_parent); $section_id = $entryManager->fetchSectionIDFromHandle($this->getType()); ##Prepare the Query if ($handle = $this->__resolveDefine("dsFilterHANDLE")) { $entries = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $handle); $where .= " AND t1.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entries) . "') "; } if ($date = $this->__resolveDefine("dsFilterDAY")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' "; } if ($month = $this->__resolveDefine("dsFilterMONTH")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' "; } if ($year = $this->__resolveDefine("dsFilterYEAR")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' "; } if ($this->_dsFilterINCLUDEPOSTDATED != 'yes') { $where .= " AND UNIX_TIMESTAMP(t1.publish_date_gmt) <= '" . $obDate->get(false, false) . "' "; } if (is_array($this->_dsFilterCUSTOM) && !empty($this->_dsFilterCUSTOM)) { $table_id = 15; foreach ($this->_dsFilterCUSTOM as $handle => $value) { $field = $this->_db->fetchRow(0, "SELECT `id`, `type`, `foreign_select_multiple` FROM `tbl_customfields` WHERE `parent_section` = '{$section_id}' AND `handle` = '{$handle}' LIMIT 1"); $value_handle = Lang::createHandle($value, $this->_parent->getConfigVar('handle_length', 'admin')); if ($field['type'] == 'multiselect' || $field['type'] == 'foreign' && $field['foreign_select_multiple'] == 'yes') { $joins .= " LEFT JOIN `tbl_entries2customfields_list` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " "; $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') "; } else { $joins .= " LEFT JOIN `tbl_entries2customfields` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " "; $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') "; } $table_id++; } } if ($this->_dsFilterSORT != '') { $sort = strtoupper($this->_dsFilterSORT); } if ($max_months = $this->__resolveDefine("dsFilterLIMIT_MONTHS")) { $sql = "SELECT UNIX_TIMESTAMP(t1.publish_date) AS publish_timestamp " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date` {$sort} " . "LIMIT 1"; $relative_start = $this->_db->fetchVar('publish_timestamp', 0, $sql); switch ($sort) { case "DESC": $end = mktime(0, 0, 0, date('m', $relative_start) - $max_months + 1, 1, date('Y', $relative_start)); $where .= " AND (UNIX_TIMESTAMP(t1.publish_date) <= '{$relative_start}' AND UNIX_TIMESTAMP(t1.publish_date) >= '{$end}')"; break; case "ASC": ## Since this is assending, we need to start from 0. The DS editor will give us 1+ $max_months--; $last_day = date('d', mktime(0, 0, 0, date('m', $relative_start) + 1, 0, date('Y', $relative_start))); $end = mktime(23, 59, 59, date('m', $relative_start) + $max_months, $last_day, date('Y', $relative_start)); $where .= " AND (UNIX_TIMESTAMP(t1.publish_date) >= '{$relative_start}' AND UNIX_TIMESTAMP(t1.publish_date) <= '{$end}')"; break; } } else { ##We are trying to preview if (isset($param['limit'])) { $limit = " LIMIT 0, " . $param['limit']; } elseif ($this->_dsFilterLIMIT != '') { $limit = " LIMIT 0, " . $this->_dsFilterLIMIT; } elseif ($where == NULL) { $limit = " LIMIT 0, 50"; } } $sql = "SELECT t1.id " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date_gmt` " . $sort . $limit; ##Check the cache $hash_id = md5(get_class($this) . serialize($env_url)); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("archive-entry-list"); $xml->setAttribute("section", $this->getType()); $xml->setAttribute("section-id", $section_id); ##Grab the records $entries = $this->_db->fetchCol("id", $sql); ##Populate the XML if (empty($entries) || !is_array($entries)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { $bin = array(); foreach ($entries as $id) { $row = $entryManager->fetchEntriesByID($id, false, true); list($dYear, $dMonth, $dDay) = explode("-", date("Y-m-d", $obDate->get(true, false, strtotime($row['publish_date_gmt'])))); $bin[$dYear][$dMonth][$dDay][] = $row; } foreach ($bin as $year => $months) { $xYear = new XMLElement("year"); $xYear->setAttribute("value", $year); foreach ($months as $month => $days) { $xMonth = new XMLElement("month"); $xMonth->setAttribute("value", $month); foreach ($days as $day => $entries) { $xDay = new XMLElement("day"); $xDay->setAttribute("value", $day); foreach ($entries as $row) { $entry = new XMLElement("entry"); $entry->setAttribute("id", $row['id']); $entry->setAttribute("handle", trim($row['fields'][$row['primary_field']]['handle'])); $entry->setAttribute('linked-count', '' . count($row['linked_entries']) . ''); $date_local = $obDate->get(true, false, $row['timestamp_gmt']); $entry_fields = array("date" => General::createXMLDateObject($date_local), "time" => General::createXMLTimeObject($date_local), "rfc822-date" => date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, $row['timestamp_gmt']))); $this->__addChildFieldsToXML($entry_fields, $entry); ##Author Details $author_rec = $this->_db->fetchRow(0, "SELECT * FROM `tbl_authors` WHERE `id` = '" . $row['author_id'] . "' LIMIT 1"); $author = new XMLElement("author"); $author_fields = array("first-name" => $author_rec['firstname'], "last-name" => $author_rec['lastname'], "email" => $author_rec['email'], "username" => $author_rec['username']); $this->__addChildFieldsToXML($author_fields, $author, "author"); $entry->addChild($author); ##Custom Fields $fields = $row['fields']; if (is_array($fields) && !empty($fields)) { $customFields = new XMLElement("fields"); foreach ($fields as $f) { if (@in_array($f['field_handle'], $this->_dsFilterXMLFIELDS)) { $newField = new XMLElement($f['field_handle']); if ($f['type'] == 'list' || $f['type'] == 'multiselect') { foreach ($f['value_raw'] as $val) { $item = new XMLElement("item", $val); $item->setAttribute("handle", Lang::createHandle($val, $this->_parent->getConfigVar('handle_length', 'admin'))); $newField->addChild($item); } } elseif ($f['type'] == 'foreign') { $sid = $f['foreign_section']; $section_handle = $this->_db->fetchVar('handle', 0, "SELECT `handle` FROM `tbl_sections` WHERE `id` = '{$sid} ' LIMIT 1"); $newField->setAttribute("handle", $f['handle']); $newField->setAttribute("type", 'foreign'); $newField->setAttribute("section-id", $sid); $newField->setAttribute("section-handle", $sid); if (!is_array($f['value_raw'])) { $f['value_raw'] = array($f['value_raw']); } foreach ($f['value_raw'] as $h) { $entry_id = $entryManager->fetchEntryIDFromPrimaryFieldHandle($sid, $h); $e = $entryManager->fetchEntriesByID($entry_id, false, true); $item = new XMLElement("item", trim($e['fields'][$e['primary_field']]['value'])); $item->setAttribute("entry-id", $entry_id[0]); $item->setAttribute("entry-handle", $e['fields'][$e['primary_field']]['handle']); $newField->addChild($item); } } elseif ($f['type'] == 'upload') { foreach ($f['value_raw'] as $val) { $item = new XMLElement("item"); $item->addChild(new XMLElement("path", trim($val['path'], '/'))); $item->addChild(new XMLElement("type", $val['type'])); $item->addChild(new XMLElement("size", General::formatFilesize($val['size']))); $newField->addChild($item); } } elseif ($f['type'] == 'checkbox') { $newField->setValue($f['value_raw']); } elseif ($f['type'] == 'select') { $newField->setValue($f['value_raw']); $newField->setAttribute("handle", $f['handle']); } else { $key = 'value'; if ($f['format'] != 1) { $key = 'value_raw'; } $f[$key] = trim($f[$key]); $value = $f[$key]; if ($this->_dsFilterENCODE == "yes") { $value = trim(General::sanitize($f[$key])); } if ($f['type'] == 'textarea') { $newField->setValue($value); $newField->setAttribute("word-count", General::countWords(strip_tags($f['value']))); } elseif ($f['type'] == 'input' && $f['field_id'] != $row['primary_field']) { $newField->setAttribute("handle", $f['handle']); $newField->setValue($value); } } $customFields->addChild($newField); } } $entry->addChild($customFields); } ##Comments $commenting = $this->_db->fetchVar('commenting', 0, "SELECT `commenting` FROM `tbl_sections` WHERE `id` = '{$section_id}' LIMIT 1"); if ($commenting == 'on') { $comments = new XMLElement("comments"); $sql = "SELECT count(*) as `count` " . "FROM `tbl_comments` " . "WHERE `entry_id` = '" . $row['id'] . "'"; $comment_count = max(0, @intval($this->_db->fetchVar("count", 0, $sql . " AND `spam` = 'no'"))); $spam_count = max(0, @intval($this->_db->fetchVar("count", 0, $sql . " AND `spam` = 'yes'"))); $comments->setAttribute("count", "" . $comment_count . ""); $comments->setAttribute("spam", "" . $spam_count . ""); $entry->addChild($comments); } $xDay->addChild($entry); } $xMonth->addChild($xDay); } $xYear->addChild($xMonth); } $xml->addChild($xYear); } } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }
function trigger() { $result = new XMLElement("post-comment"); $comment = array(); $comment['author_name'] = $_POST['name']; $comment['author_url'] = $_POST['website']; $comment['author_email'] = $_POST['email']; $comment['body'] = $_POST['comment']; $comment['entry_handle'] = $_POST['entry-handle']; $comment['section'] = $_POST['section']; $comment = array_map("stripslashes", $comment); ## Create the cookie elements $cookie = new XMLElement("cookie"); $cookie->addChild(new XMLElement("name", General::sanitize($comment['author_name']))); $cookie->addChild(new XMLElement("email", General::sanitize($comment['author_email']))); $cookie->addChild(new XMLElement("url", General::validateURL($comment['author_url']))); $cookie->addChild(new XMLElement("comment", General::sanitize($comment['body']))); $result->addChild($cookie); $canProceed = true; if ($comment['author_name'] == "" || $comment['author_email'] == "" || $comment['body'] == "") { $xMissing = new XMLElement("missing"); if ($comment['author_name'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "name"); $xMissing->addChild($missing); } if ($comment['author_email'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "email"); $xMissing->addChild($missing); } if ($comment['body'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "comment"); $xMissing->addChild($missing); } $result->addChild($xMissing); $canProceed = false; } if ($comment['author_email'] != "" && !ereg('^[a-zA-Z0-9_\\.\\-]+@[a-zA-Z0-9\\-]+\\.[a-zA-Z0-9\\-\\.]+$', $comment['author_email'])) { $invalid = new XMLElement("invalid"); $xInvalid = new XMLElement("input"); $xInvalid->setAttribute("name", "email"); $invalid->addChild($xInvalid); $result->addChild($invalid); $canProceed = false; } if (!$canProceed) { $result->setAttribute("sent", "false"); } else { require_once TOOLKIT . "/class.commenting.php"; $oCommenting = new Commenting(array("parent" => $this->_parent)); ## By default 'body', 'author_name' and 'author_ip' are required, but we ## want an email ('author_email') address as well. $oCommenting->setRequiredField('author_email'); #if(is_array($oCommenting->_notices) && !empty($oCommenting->_notices)){ if (!$oCommenting->insertComment($comment)) { $result->addChild(new XMLElement("notice", $oCommenting->_notices[0])); $result->setAttribute("sent", "false"); } else { $result->setAttribute("sent", "true"); $result->addChild(new XMLElement("notice", "Comment saved successfully")); } if ($oCommenting->isLastCommentSpam) { $result->setAttribute("spam", "true"); } $prefix = $this->_parent->getConfigVar('cookie_prefix', 'symphony'); if ($_POST['remember'] == 'on') { setcookie($prefix . 'comment-remember[name]', $comment['author_name'], time() + TWO_WEEKS, $this->_parent->getCookieDomain()); setcookie($prefix . 'comment-remember[url]', $comment['author_url'], time() + TWO_WEEKS, $this->_parent->getCookieDomain()); setcookie($prefix . 'comment-remember[email]', $comment['author_email'], time() + TWO_WEEKS, $this->_parent->getCookieDomain()); } else { setcookie($prefix . 'comment-remember', ' ', time() - TWO_WEEKS, $this->_parent->getCookieDomain()); } } return $result; }
foreach ($comments as $c) { $comment = new XMLElement("comment"); $tmp_time = strtotime($c['creation_date_gmt']); if (!$done) { $comment->setAttribute("new", "true"); } elseif ($tmp_time > $lastrefresh) { if ($tmp_time > @file_get_contents($done_path)) { $comment->setAttribute("new", "true"); @unlink($done_path); } } $body = strip_tags($c['body']); $body = ereg_replace("[^[:space:]a-zA-Z0-9,*_.-\\'\\\"&;\\]]", "", $body); $body = General::stripEntities($body, ' '); $comment->setAttribute("class", "comment" . ($c['spam'] == "yes" ? "-spam" : "")); $comment->addChild(new XMLElement("title", General::limitWords(General::sanitize(strip_tags($body)), 100, true, false))); $comment->addChild(new XMLElement("link", "?page=/publish/comments/edit/&id=" . $c['id'])); if (kFULL_MODE) { $comment->addChild(new XMLElement('body', $body)); $comment->addChild(new XMLElement('date', $c['creation_date_gmt'])); $comment->addChild(new XMLElement('referrer', $c['referrer'])); $comment->addChild(new XMLElement('author-name', $c['author_name'])); $comment->addChild(new XMLElement('author-email', $c['author_email'])); if ($c['author_url'] != '') { $comment->addChild(new XMLElement('author-url', $c['author_url'])); } } $xml->addChild($comment); } } }
die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>"); } $cDate = new SymDate($settings["region"]["time_zone"], "d"); $month = isset($_REQUEST['month']) || $_REQUEST['month'] != "" ? $_REQUEST['month'] : date("F", time()); $year = isset($_REQUEST['year']) || $_REQUEST['year'] != "" ? $_REQUEST['year'] : date("Y", time()); $startdate = strtotime("1 " . $month . " " . $year); $enddate = mktime(0, 0, 0, date("m", $startdate) + 1, 1, $year); $sql = "SELECT t1.*, t2.section_id, t3.value_raw as `title`,\n\t\t\tUNIX_TIMESTAMP(t1.publish_date_gmt) as `timestamp_gmt`\n\t\t\tFROM `tbl_entries` as t1, `tbl_sections` as t4, `tbl_entries2sections` as t2, `tbl_entries2customfields` as t3\n\t\t\tWHERE UNIX_TIMESTAMP(t1.publish_date) >= '{$startdate}'\n\t\t\tAND UNIX_TIMESTAMP(t1.publish_date) <= '{$enddate}'\n\t\t\tAND t1.`id` = t2.entry_id\n\t\t\tAND t1.`id` = t3.entry_id AND t4.primary_field = t3.field_id\n\t\t\tAND t2.section_id = t4.id\n\t\t\tORDER BY t1.publish_date DESC "; $result = $db->fetch($sql); $xml->addChild(new XMLElement("month", $month . " " . $year)); if (@count($result) >= 1) { $final = array(); foreach ($result as $row) { if ($Author->canAccessSection($row['section_id'])) { $final[$cDate->get(true, true, $row['timestamp_gmt'])][] = $row; } } foreach ($final as $date => $entries) { $item = new XMLElement("item"); $item->addChild(new XMLElement("date", intval($date))); foreach ($entries as $row) { $locked = 'content'; $entry = new XMLElement("entry"); $entry->setAttribute("class", $locked); $entry->addChild(new XMLElement("title", General::limitWords(strip_tags($row['title']), 32, true, true))); $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&_sid=" . $row['section_id'] . "&id=" . $row['id'])); $item->addChild($entry); } $xml->addChild($item); } }
$description = '<p><strong>Author:</strong> ' . $fragment['data']['author-name'][0] . '<br />' . CRLF . '<strong>Email:</strong> ' . $fragment['data']['author-email'][0] . '<br />' . CRLF . (isset($fragment['data']['author-url']) ? '<strong>Website:</strong> ' . $fragment['data']['author-url'][0] . '<br />' . CRLF : '') . '<strong>Entry:</strong> <a href="' . $fragment['data']['referrer'][0] . '">' . $fragment['data']['referrer'][0] . '</a></p>' . CRLF . CRLF . '<p>' . $fragment['data']['body'][0] . '</p>'; break; case 'version': $fragment = flattenFragment($fragment, $type); ## Skip this one if there is no update if (!isset($fragment['data']['update'])) { continue 2; } $title = '[Update] ' . $fragment['data']['announcement'][0]; $link = $guid = 'http://accounts.symphony21.com'; $pubdate = date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, strtotime($fragment['data']['releasedate'][0]))); $description = '<p><em>You get this update from <a href="' . $link . '">your account</a> page.</em></p>' . $fragment['data']['change-log'][0]; break; } $item->addChild(new XMLElement('title', General::sanitize($title))); if ($description) { $item->addChild(new XMLElement('description', General::sanitize($description))); } $item->addChild(new XMLElement('link', General::sanitize($link))); $item->addChild(new XMLElement('pubDate', $pubdate)); $item->addChild(new XMLElement('guid', General::sanitize($guid))); $channel->addChild($item); } $rss->addChild($channel); ##RSS XML is returned, make sure the browser knows it header("Content-Type: text/xml"); $rss->setIncludeHeader(true); print $rss->generate(true); ## Important. Need this otherwise rest of Symphony admin ## laods. exit;
function buildXML($page_handle = NULL, $utilities = NULL, $indent = false, $caching = true) { $events = new XMLElement("events"); $xml = new XMLElement("data"); $xml->setIncludeHeader(true); $page_handle = $page_handle ? $page_handle : $this->_page; $sql = "SELECT t1.*,\n\t\t\t\t\t\t t2.events as `master_events`,\n\t\t\t\t\t\t t2.data_sources as `master_data_sources`\n\n\t\t\t\t\tFROM `tbl_pages` AS `t1`\n\t\t\t\t\tLEFT JOIN `tbl_masters` AS `t2` ON t1.`master` = concat(t2.`name`, '.xsl')\n\t\t\t\t\tWHERE t1.`handle` = '" . $page_handle . "' LIMIT 1"; if (!($page = $this->_db->fetchRow(0, $sql))) { $this->fatalError("Requested page '" . $page_handle . "' could not be found"); } $page_data = preg_split('/,/', $page['data_sources'] . "," . $page['master_data_sources'], -1, PREG_SPLIT_NO_EMPTY); $page_events = preg_split('/,/', $page['events'] . "," . $page['master_events'], -1, PREG_SPLIT_NO_EMPTY); $page_data = General::array_remove_duplicates($page_data); $page_events = General::array_remove_duplicates($page_events); ##EVENTS if (is_array($page_events) && !empty($page_events)) { foreach ($page_events as $e) { $this->_EventManager->addEvent($e); } } $this->_EventManager->fireEvents($events, array('parent' => $this, 'env' => $this->_env)); $this->_EventManager->flush(); $xml->addChild($events); $this->_events = $events; ##DATASOURCES $dsParam = array("indent-depth" => 1, "caching" => $caching, "indent" => $indent, "preview" => $this->_preview, "allow_optimise" => $page['optimise_xml'] == "yes" ? 'on' : 'off'); if (is_array($page_data) && !empty($page_data)) { foreach ($page_data as $d) { $this->_DatasourceManager->addDatasource($d, $dsParam); } } $this->_DatasourceManager->renderData($xml, array('parent' => $this, 'env' => $this->_env)); $this->_DatasourceManager->flush(); ##Generate the final XML $this->_xml_final = $xml->generate($indent, 0); $doctor = new XMLRepair(); $doctor->repair($this->_xml_final); unset($doctor); $this->_xml_final = trim($this->_xml_final); return $this->_xml_final; }
function update(&$Page, &$Contents) { /* <form action="" method="post"> <h2>Update Symphony</h2> <p>Symphony is ready to update from version 1.6.2 to version 1.6.3.</p> <div class="submit"> <input name="action[update]" type="submit" value="Update Symphony" /> <input name="action[update]" type="hidden" value="true" /> </div> </form> */ $Form = new XMLElement('form'); $Form->setAttribute('action', 'install.php'); $Form->setAttribute('method', 'post'); $Form->addChild(new XMLElement('h2', 'Update Symphony')); $Form->addChild(new XMLElement('p', 'Symphony is ready to update from version ' . kCURRENT_VERSION . ' to version ' . kVERSION)); $Submit = new XMLElement('div'); $Submit->setAttribute('class', 'submit'); ### submit $Submit->addChild(Widget::input('submit', 'Update Symphony', NULL, 'submit')); ### action[update] $Submit->addChild(Widget::input('action[update' . kCURRENT_BUILD . ']', 'true', NULL, 'hidden')); $Form->addChild($Submit); $Contents->addChild($Form); $Page->setTemplateVar('title', 'Update Symphony'); $Page->setTemplateVar('tagline', 'Version ' . kVERSION); }
function grab($param = array()) { ## Decide if we return an emtpy set or not if ($this->__forceEmptySet()) { ##Create the XML container $xml = new XMLElement("comments"); $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } $obDate = $this->_parent->getDateObj(); extract($this->_env, EXTR_PREFIX_ALL, 'env'); $where = NULL; include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($this->_parent); ##Prepare the Query if ($section_id = $entryManager->fetchSectionIDFromHandle($this->_dsFilterSECTION)) { $comment_where .= " AND t4.`section_id` = '{$section_id}' "; if ($entries = $this->__resolveDefine("dsFilterHANDLE", true)) { $entry_ids = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $entries); $comment_where .= " AND t3.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entry_ids) . "') "; } } if ($date = $this->__resolveDefine("dsFilterDAY")) { $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' "; } if ($month = $this->__resolveDefine("dsFilterMONTH")) { $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' "; } if ($year = $this->__resolveDefine("dsFilterYEAR")) { $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' "; } $sort = "DESC"; if ($this->_dsFilterSORT != '') { $sort = strtoupper($this->_dsFilterSORT); } if (!isset($this->_dsFilterSHOWSPAM) || $this->_dsFilterSHOWSPAM != 'yes') { $comment_where .= " AND `t1`.`spam` = 'no' "; } if ($max_months = $this->__resolveDefine("dsFilterLIMIT_MONTHS")) { $sql = "SELECT UNIX_TIMESTAMP(t2.creation_date_gmt) as `creation_timestamp_gmt` " . "FROM `tbl_comments` as t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where . "GROUP BY t1.`id` " . "ORDER BY `creation_timestamp_gmt` {$sort} " . "LIMIT 1"; $relative_start = $this->_db->fetchVar('creation_timestamp_gmt', 0, $sql); switch ($sort) { case "DESC": $end = mktime(0, 0, 0, date('m', $relative_start) - $max_months + 1, 1, date('Y', $relative_start)); $comment_where .= " AND (UNIX_TIMESTAMP(t2.creation_date_gmt) <= '{$relative_start}' AND UNIX_TIMESTAMP(t2.creation_date_gmt) >= '{$end}')"; break; case "ASC": ## Since this is assending, we need to start from 0. The DS editor will give us 1+ $max_months--; $last_day = date('d', mktime(0, 0, 0, date('m', $relative_start) + 1, 0, date('Y', $relative_start))); $end = mktime(23, 59, 59, date('m', $relative_start) + $max_months, $last_day, date('Y', $relative_start)); $comment_where .= " AND (UNIX_TIMESTAMP(t2.creation_date_gmt) >= '{$relative_start}' AND UNIX_TIMESTAMP(t2.creation_date_gmt) <= '{$end}')"; break; } } else { ##We are trying to preview if (isset($param['limit'])) { $limit = $param['limit']; } elseif ($this->_dsFilterLIMIT != '') { $limit = intval($this->_dsFilterLIMIT); ##Prevent things from getting too big } else { $limit = 50; } } $start = 0; $sql = "SELECT count(t1.id) AS `total-comments` " . "FROM `tbl_comments` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where; $kTotalCommentCount = $this->_db->fetchVar('total-comments', 0, $sql); if (isset($this->_dsFilterPAGENUMBER)) { $pagenumber = $this->__resolveDefine("dsFilterPAGENUMBER"); $kPageNumber = max(1, intval($pagenumber)); if (!$limit) { $limit = 50; } $kTotalPages = ceil($kTotalCommentCount * (1 / $limit)); $start = $limit * ($kPageNumber - 1); } $sql = "SELECT t1.*, UNIX_TIMESTAMP(t2.creation_date_gmt) as `creation_timestamp_gmt` " . "FROM `tbl_comments` as t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where . "GROUP BY t1.`id` " . "ORDER BY `creation_timestamp_gmt` {$sort} " . ($limit ? " LIMIT {$start}, {$limit}" : ''); ##Check Cache $hash_id = md5(get_class($this) . $sql); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("comments"); ##Grab the records $comments = $this->_db->fetch($sql); ##Populate the XML if (empty($comments) || !is_array($comments)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { $entries = array(); foreach ($comments as $c) { $entries[$c['entry_id']]['commenting'] = $c['commenting']; $entries[$c['entry_id']]['comments'][] = $c; } if (in_array("pagination-info", $this->_dsFilterXMLFIELDS)) { $pageinfo = new XMLElement("pagination-info"); $pageinfo->setAttribute("total-comments", $kTotalCommentCount); $pageinfo->setAttribute("total-pages", $kTotalPages); $pageinfo->setAttribute("comment-per-page", $limit); $pageinfo->setAttribute("current-page", $kPageNumber); $xml->addChild($pageinfo); } foreach ($entries as $id => $row) { $entry_data = $entryManager->fetchEntriesByID($id, false, true); $entry = new XMLElement("entry"); $entry->setAttribute("id", $id); $entry->setAttribute('section-id', $entry_data['section_id']); $entry->setAttribute("handle", trim($entry_data['fields'][$entry_data['primary_field']]['handle'])); $entry->setAttribute("commenting", $row['commenting']); $entry->addChild(new XMLElement("entry-title", trim($entry_data['fields'][$entry_data['primary_field']]['value']))); $fields = $row['comments']; $entry->setAttribute("count", $kTotalCommentCount); if (is_array($fields) && !empty($fields)) { foreach ($fields as $c) { $comment = new XMLElement("comment"); $comment->setAttribute("id", $c['id']); if ($c['author_id'] != NULL) { $comment->setAttribute('authorised', 'yes'); $comment->setAttribute('author_id', $c['author_id']); } if (@in_array('spam', $this->_dsFilterXMLFIELDS)) { $comment->setAttribute("spam", $c['spam']); } $date_local = $obDate->get(true, false, $c['creation_timestamp_gmt']); $comment_fields = array("author" => $c['author_name'], "date" => General::createXMLDateObject($date_local), "time" => General::createXMLTimeObject($date_local), "rfc822-date" => date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, $row['creation_timestamp_gmt'])), "message" => $this->_dsFilterENCODE != 'yes' ? $c['body'] : General::sanitize($c['body']), "url" => $c['author_url'], "email" => $c['author_email'], "email-hash" => md5($c['author_email'])); $this->__addChildFieldsToXML($comment_fields, $comment); $entry->addChild($comment); } } $xml->addChild($entry); } } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }
* Symphony web publishing system * * Copyright 2004–2006 Twenty One Degrees Pty. Ltd. * * @version 1.7 * @licence https://github.com/symphonycms/symphony-1.7/blob/master/LICENCE * ***/ if (!defined("__IN_SYMPHONY__")) { die("<h2>Symphony Fatal Error</h2><p>You cannot directly access this file</p>"); } $sql = "SELECT data_sources as `master_data_sources`, events as `master_events`\n\t\t\tFROM `tbl_masters`\n\t\t\tWHERE `id` = '" . $_REQUEST['master'] . "' LIMIT 1"; $master_data_sources = $db->fetchVar('master_data_sources', 0, $sql); $master_data_sources = preg_split('/,/', $master_data_sources, -1, PREG_SPLIT_NO_EMPTY); $master_data_sources = array_map("trim", $master_data_sources); $master_events = $db->fetchVar('master_events', 0, $sql); $master_events = preg_split('/,/', $master_events, -1, PREG_SPLIT_NO_EMPTY); $master_events = array_map("trim", $master_events); $datasources = preg_split('/,/', $_REQUEST['datasources'], -1, PREG_SPLIT_NO_EMPTY); $datasources = array_map("trim", $datasources); $events = preg_split('/,/', $_REQUEST['events'], -1, PREG_SPLIT_NO_EMPTY); $events = array_map("trim", $events); $datasources = array_merge($datasources, $master_data_sources); $events = array_merge($events, $master_events); $utilities = $db->fetch("SELECT DISTINCT t1.*\n\t\t\t\t\t\t\t FROM `tbl_utilities` as t1\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2datasources` as t2 ON t1.id = t2.utility_id\n\t\t\t\t\t\t\t LEFT JOIN `tbl_utilities2events` as t3 ON t1.id = t3.utility_id\n\t\t\t\t\t\t\t WHERE (t2.`data_source` IS NULL AND t3.`event` IS NULL)\n\t\t\t\t\t\t\t OR (t2.`data_source` IN ('" . @implode("', '", $datasources) . "')\n\t\t\t\t\t\t\t OR t3.`event` IN ('" . @implode("', '", $events) . "'))"); foreach ($utilities as $u) { $utility = new XMLElement("utility"); $utility->addChild(new XMLElement("name", $u['name'])); $utility->addChild(new XMLElement("link", URL . "/symphony/?page=/blueprint/utilities/edit/&id=" . $u['id'])); $xml->addChild($utility); }
function trigger() { $result = new XMLElement("send-email"); $fields['recipient_username'] = $_POST['recipient-username']; $fields['email'] = $_POST['email']; $fields['name'] = $_POST['name']; $fields['subject'] = stripslashes(strip_tags($_POST['subject'])); $fields['message'] = stripslashes(strip_tags($_POST['message'])); $fields = array_map("trim", $fields); ## Create the cookie elements $cookie = new XMLElement("cookie"); $cookie->addChild(new XMLElement("name", $fields['name'])); $cookie->addChild(new XMLElement("email", $fields['email'])); $cookie->addChild(new XMLElement("subject", $fields['subject'])); $cookie->addChild(new XMLElement("message", General::sanitize($fields['message']))); $result->addChild($cookie); $usernames = @implode("', '", @explode(" ", $fields['recipient_username'])); $email_addresses = $this->_parent->_db->fetchCol("email", "SELECT `email` FROM `tbl_authors` WHERE `username` IN ('" . $usernames . "')"); $canProceed = true; if ($fields['email'] == "" || $fields['name'] == "" || $fields['subject'] == "" || $fields['message'] == "") { $xMissing = new XMLElement("missing"); if ($fields['email'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "email"); $xMissing->addChild($missing); } if ($fields['name'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "name"); $xMissing->addChild($missing); } if ($fields['subject'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "subject"); $xMissing->addChild($missing); } if ($fields['message'] == "") { $missing = new XMLElement("input"); $missing->setAttribute("name", "message"); $xMissing->addChild($missing); } $result->addChild($xMissing); $canProceed = false; } if (!ereg('^[a-zA-Z0-9_\\.\\-]+@[a-zA-Z0-9\\-]+\\.[a-zA-Z0-9\\-\\.]+$', $fields['email'])) { $invalid = new XMLElement("invalid"); $xInvalid = new XMLElement("input"); $xInvalid->setAttribute("name", "email"); $invalid->addChild($xInvalid); $result->addChild($invalid); $canProceed = false; } if (!$canProceed) { $result->setAttribute("sent", "false"); } else { $errors = array(); foreach ($email_addresses as $e) { if (!General::sendEmail($e, $fields['email'], $fields['name'], $fields['subject'], $fields['message'])) { $errors[] = $fields['recipient-email']; } } if (!empty($errors)) { $result->addChild(new XMLElement("notice", "Email could not be sent. An unknown error occurred.")); $result->setAttribute("sent", "false"); } else { $result->addChild(new XMLElement("notice", "Email sent successfully")); $result->setAttribute("sent", "true"); } } return $result; }
function grab($param = array()) { $date = $this->_parent->getDateObj(); extract($this->_env, EXTR_PREFIX_ALL, 'env'); $where = NULL; ##Prepare the Query if ($usernames = $this->__resolveDefine('dsFilterUSERNAME', true)) { $where .= " AND `tbl_authors`.username " . ($this->__isDefineNotClause("dsFilterUSERNAME") ? 'NOT' : '') . " IN ('" . @implode("', '", $usernames) . "') "; } if ($account_type = $this->__resolveDefine("dsFilterSTATUS")) { switch ($account_type) { case "author": $where .= " AND `tbl_authors`.owner = '0' AND `tbl_authors`.superuser = '******' "; break; case "owner": $where .= " AND `tbl_authors`.owner = '1' "; break; case "administrator": $where .= " AND `tbl_authors`.superuser = '******' "; break; } } ##We are trying to preview if (isset($param['limit'])) { $limit = " LIMIT 0, " . $param['limit']; } elseif ($where == NULL) { $limit = " LIMIT 0, 50"; } $sql = "SELECT tbl_authors.*, count(tbl_entries.id) as `entry_count` FROM `tbl_authors` " . "LEFT JOIN `tbl_entries` ON `tbl_entries`.`author_id` = `tbl_authors`.`id` " . "WHERE 1 " . $where . "GROUP BY `tbl_authors`.id " . "ORDER BY `tbl_authors`.username ASC " . $sort . $limit; ##Check Cache $hash_id = md5(get_class($this) . $sql); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("owner"); ##Grab the records $authors = $this->_db->fetch($sql); ##Populate the XML if (empty($authors) || !is_array($authors)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { foreach ($authors as $row) { $status = 'Author'; if ($row['owner'] == 1) { $status = 'Owner'; } elseif ($row['superuser'] == 1) { $status = 'Adminstrator'; } ##Author Details $fields = array(); $fields["entry-count"] = $row['entry_count']; $fields["first-name"] = $row['firstname']; $fields["last-name"] = $row['lastname']; $fields["email"] = $row['email']; $fields["username"] = array($row['username'], "attr"); $fields["status"] = $status; $fields["auth-token"] = substr(md5($row['username'] . $row['password']), 0, 8); $author = new XMLElement("author"); $this->__addChildFieldsToXML($fields, $author); $xml->addChild($author); } } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }