public function titleAlias($title) { $result = iaSanitize::tags($title); $this->iaCore->factory('util'); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); utf8_is_ascii($result) || ($result = utf8_to_ascii($result)); $result = preg_replace('#' . self::ALIAS_SUFFIX . '$#i', '', $result); $result = iaSanitize::alias($result); $result = substr($result, 0, 150); // the DB scheme applies this limitation $result .= self::ALIAS_SUFFIX; return $result; }
protected function _modifyGridResult(array &$entries) { $currentLanguage = $this->_iaCore->iaView; foreach ($entries as &$entry) { $entry['contents'] = iaSanitize::tags($entry['contents']); if (!$entry['multilingual']) { if ($titleLanguages = $this->_iaDb->keyvalue(array('code', 'value'), "`key` = 'block_title_blc{$entry['id']}'", iaLanguage::getTable())) { if ($titleLanguages[$currentLanguage]) { $entry['title'] = $titleLanguages[$currentLanguage]; } else { unset($titleLanguages[$currentLanguage]); foreach ($titleLanguages as $languageTitle) { if ($languageTitle) { $entry['title'] = $languageTitle; break; } } } } } } }
protected function _postSaveEntry(array &$entry, array $data, $action) { iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); foreach ($this->_iaCore->languages as $code => $language) { $title = iaSanitize::tags($data['title'][$code]); utf8_is_valid($title) || ($title = utf8_bad_replace($title)); iaLanguage::addPhrase('usergroup_' . $entry['name'], $title, $code); } // copy privileges if ($data['copy_from']) { $this->_iaDb->setTable('acl_privileges'); $where = '`type_id` = :id AND `type` = :type'; $this->_iaDb->bind($where, array('id' => (int) $data['copy_from'], 'type' => 'group')); $rows = $this->_iaDb->all(iaDb::ALL_COLUMNS_SELECTION, $where); foreach ($rows as $key => &$row) { $row['type_id'] = $this->getEntryId(); unset($rows[$key]['id']); } $this->_iaDb->insert($rows); $this->_iaDb->resetTable(); } }
$page = $page < 1 ? 1 : $page; $pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('blog'); $pagination = array('start' => ($page - 1) * $iaCore->get('blog_number'), 'limit' => (int) $iaCore->get('blog_number'), 'template' => $pageUrl . '?page={page}'); $order = 'date' == $iaCore->get('blog_order') ? 'ORDER BY `date_added` DESC' : 'ORDER BY `title` ASC'; $stmt = '`status` = :status AND `lang` = :language'; $iaDb->bind($stmt, array('status' => iaCore::STATUS_ACTIVE, 'language' => $iaView->language)); $sql = 'SELECT SQL_CALC_FOUND_ROWS ' . 'b.`id`, b.`title`, b.`date_added`, b.`body`, b.`alias`, b.`image`, m.`fullname` ' . 'FROM `:prefix:table_blog_entries` b ' . 'LEFT JOIN `:prefix:table_members` m ON (b.`member_id` = m.`id`) ' . 'WHERE b.' . $stmt . $order . ' LIMIT :start, :limit'; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries' => 'blog_entries', 'table_members' => 'members', 'start' => $pagination['start'], 'limit' => $pagination['limit'])); $rows = $iaDb->getAll($sql); $pagination['total'] = $iaDb->foundRows(); $sql = 'SELECT bt.`title`, bt.`alias`, bet.`blog_id` ' . 'FROM `:prefix:table_blog_tags` bt ' . 'LEFT JOIN `:prefix:table_blog_entries_tags` bet ON (bt.`id` = bet.`tag_id`) ' . 'ORDER BY bt.`title`'; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries_tags' => 'blog_entries_tags', 'table_blog_tags' => 'blog_tags')); $blogTags = $iaDb->getAll($sql); $iaView->assign('tags', $blogTags); $iaView->assign('blog_entries', $rows); $iaView->assign('pagination', $pagination); } $pageActions[] = array('icon' => 'rss', 'title' => '', 'url' => IA_URL . 'blog.xml', 'classes' => 'btn-warning'); $iaView->set('actions', $pageActions); $iaView->display('index'); } if (iaView::REQUEST_XML == $iaView->getRequestType()) { $output = array('title' => $iaCore->get('site') . ' :: ' . $iaView->title(), 'description' => '', 'url' => IA_URL . 'blog', 'item' => array()); $listings = $iaDb->all(iaDb::ALL_COLUMNS_SELECTION, "`lang`= '" . $iaView->language . "'", 0, 20); $pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('blog'); foreach ($listings as $entry) { $output['item'][] = array('title' => $entry['title'], 'link' => $pageUrl . $entry['id'] . '-' . $entry['alias'], 'pubDate' => date('D, d M Y H:i:s T', strtotime($entry['date_modified'])), 'description' => iaSanitize::tags($entry['body'])); } $iaView->assign('channel', $output); } $iaDb->resetTable();
protected function _modifyGridResult(array &$entries) { foreach ($entries as $key => &$entry) { $entry['title'] = iaLanguage::get(self::PATTERN_TITLE . $entry['id']); $entry['description'] = iaSanitize::tags(iaLanguage::get(self::PATTERN_DESCRIPTION . $entry['id'])); $entry['item'] = iaLanguage::get($entry['item']); $entry['duration'] .= ' ' . iaLanguage::get($entry['unit'] . ($entry['duration'] > 1 ? 's' : '')); if ($entry['recurring'] && $entry['cycles'] != -1) { $entry['duration'] .= ' (' . $entry['cycles'] . ' ' . iaLanguage::get('cycles') . ')'; } $entry['duration'] = strtolower($entry['duration']); unset($entries[$key]['unit'], $entries[$key]['cycles']); } }
protected function _preSaveEntry(array &$entry, array $data, $action) { if ($data['name']) { if ($name = iaSanitize::paranoid(iaSanitize::tags($data['name']))) { $entry['name'] = $name; } else { $this->addMessage('incorrect_menu_name'); return false; } } $entry['title'] = empty($data['title']) ? iaLanguage::get('without_title') : $data['title']; $entry['position'] = empty($data['position']) ? 'left' : $data['position']; $entry['classname'] = $data['classname']; $entry['sticky'] = (int) $data['sticky']; $entry['pages'] = empty($data['pages']) ? array() : $data['pages']; $entry['header'] = (int) $data['header']; $entry['collapsible'] = (int) $data['collapsible']; $entry['collapsed'] = (int) $data['collapsed']; $menuExists = $this->_iaDb->exists('`name` = :name', $entry); if (iaCore::ACTION_EDIT == $action) { $menuExists || $this->addMessage('menu_doesnot_exists'); } else { empty($menuExists) || $this->addMessage('menu_exists'); } return !$this->getMessages(); }
public function parsePost(array $fields, $previousValues = null) { $iaCore =& $this->iaCore; $error = false; $messages = array(); $invalidFields = array(); $item = array(); $data =& $_POST; // access to the data source by link if (iaCore::ACCESS_ADMIN == $this->iaCore->getAccessType()) { if (isset($data['sponsored'])) { $item['sponsored'] = (int) $data['sponsored']; $item['sponsored_plan_id'] = $item['sponsored'] ? (int) $data['plan_id'] : 0; $item['sponsored_start'] = $item['sponsored'] ? date(iaDb::DATETIME_SHORT_FORMAT) : null; $item['sponsored_end'] = $item['sponsored'] ? $data['sponsored_end'] : null; } if (isset($data['featured'])) { $item['featured'] = (int) $data['featured']; if ($item['featured']) { if (isset($data['featured_end']) && $data['featured_end']) { $item['featured_start'] = date(iaDb::DATETIME_SHORT_FORMAT); $item['featured_end'] = iaSanitize::html($data['featured_end']); } else { $error = true; $messages[] = iaLanguage::get('featured_status_finished_date_is_empty'); $invalidFields[] = 'featured_end'; } } else { $item['featured_start'] = null; $item['featured_end'] = null; } } if (isset($data['status'])) { $item['status'] = iaSanitize::html($data['status']); } if (isset($data['date_added'])) { $time = strtotime($data['date_added']); if (!$time) { $error = true; $messages[] = iaLanguage::get('added_date_is_incorrect'); } elseif ($time > time()) { $error = true; $messages[] = iaLanguage::get('future_date_specified_for_added_date'); } else { $item['date_added'] = date(iaDb::DATETIME_SHORT_FORMAT, $time); } } if (isset($data['owner'])) { if (empty($data['owner'])) { $error = true; $messages[] = iaLanguage::get('owner_is_not_specified'); } else { if ($memberId = $iaCore->iaDb->one_bind('id', '`username` = :name OR `fullname` = :name', array('name' => iaSanitize::sql($_POST['owner'])), iaUsers::getTable())) { $item['member_id'] = $memberId; } else { $error = true; $messages[] = iaLanguage::get('incorrect_owner_specified'); } } } if (isset($data['locked'])) { $item['locked'] = (int) $data['locked']; } } // the code block below filters fields based on parent/dependent structure $activeFields = array(); $parentFields = array(); foreach ($fields as $field) { $activeFields[$field['name']] = $field; if (iaField::RELATION_PARENT == $field['relation']) { $parentFields[$field['name']] = $field['children']; } } foreach ($parentFields as $fieldName => $dependencies) { if (isset($data[$fieldName])) { $value = $data[$fieldName]; foreach ($dependencies as $dependentFieldName => $values) { if (!in_array($value, $values)) { unset($activeFields[$dependentFieldName]); } } } } // $iaCore->factory('util'); iaUtil::loadUTF8Functions('validation', 'bad'); foreach ($activeFields as $fieldName => $field) { isset($data[$fieldName]) || ($data[$fieldName] = ''); // Check the UTF-8 is well formed if (!is_array($data[$fieldName]) && !utf8_is_valid($data[$fieldName])) { $data[$fieldName] = utf8_bad_replace($data[$fieldName]); } if ($field['extra_actions']) { if (false === eval($field['extra_actions'])) { continue; // make possible to stop further processing of this field by returning FALSE } } if (in_array($field['type'], array(self::TEXT, self::TEXTAREA, self::NUMBER, self::RADIO, self::CHECKBOX, self::COMBO))) { if ($field['required']) { if ($field['required_checks']) { eval($field['required_checks']); } if (empty($data[$fieldName])) { $error = true; $messages[] = in_array($field['type'], array(self::RADIO, self::CHECKBOX, self::COMBO)) ? iaLanguage::getf('field_is_not_selected', array('field' => iaLanguage::get('field_' . $fieldName))) : iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } } switch ($field['type']) { case self::NUMBER: $item[$fieldName] = (double) str_replace(' ', '', $data[$fieldName]); break; case self::TEXT: $item[$fieldName] = iaSanitize::tags($data[$fieldName]); break; case self::TEXTAREA: $item[$fieldName] = $field['use_editor'] ? iaUtil::safeHTML($data[$fieldName]) : iaSanitize::tags($data[$fieldName]); break; default: $item[$fieldName] = is_array($data[$fieldName]) ? implode(',', $data[$fieldName]) : $data[$fieldName]; } } elseif (self::DATE == $field['type']) { if ($field['required'] && $field['required_checks']) { eval($field['required_checks']); } elseif ($field['required'] && empty($data[$fieldName])) { $error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } $data[$fieldName] = trim($data[$fieldName]); if (empty($data[$fieldName])) { $item[$fieldName] = $field['allow_null'] ? null : ''; } else { if (strpos($data[$fieldName], ' ') === false) { $date = $data[$fieldName]; $time = false; } else { list($date, $time) = explode(' ', $data[$fieldName]); } // FIXME: f*****g shit $array = explode('-', $date); $year = (int) $array[0]; $month = max(1, (int) $array[1]); $day = max(1, (int) $array[2]); $year = strlen($year) == 4 ? $year : 2000; $month = strlen($month) < 2 ? '0' . $month : $month; $day = strlen($day) < 2 ? '0' . $day : $day; $item[$fieldName] = $year . '-' . $month . '-' . $day; if ($field['timepicker'] && $time) { $time = explode(':', $time); $hour = max(1, (int) $time[0]); $minute = max(1, (int) $time[1]); $seconds = max(1, (int) $time[2]); $hour = strlen($hour) < 2 ? '0' . $hour : $hour; $minute = strlen($minute) < 2 ? '0' . $minute : $minute; $seconds = strlen($seconds) < 2 ? '0' . $seconds : $seconds; $item[$fieldName] .= ' ' . $hour . ':' . $minute . ':' . $seconds; } } } elseif (self::URL == $field['type']) { $validProtocols = array('http://', 'https://'); $item[$fieldName] = ''; $req_error = false; if ($field['required']) { if ($field['required_checks']) { eval($field['required_checks']); } elseif (empty($data[$fieldName]['url']) || in_array($data[$fieldName]['url'], $validProtocols)) { $error = $req_error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } } if (!$req_error && !empty($data[$fieldName]['url']) && !in_array($data[$fieldName]['url'], $validProtocols)) { if (false === stripos($data[$fieldName]['url'], 'http://') && false === stripos($data[$fieldName]['url'], 'https://')) { $data[$fieldName]['url'] = 'http://' . $data[$fieldName]['url']; } if (iaValidate::isUrl($data[$fieldName]['url'])) { $item[$fieldName] = array(); $item[$fieldName]['url'] = iaSanitize::tags($data[$fieldName]['url']); $item[$fieldName]['title'] = empty($data[$fieldName]['title']) ? str_replace($validProtocols, '', $data[$fieldName]['url']) : $data[$fieldName]['title']; $item[$fieldName] = implode('|', $item[$fieldName]); } else { $error = true; $messages[] = iaLanguage::get('field_' . $fieldName) . ': ' . iaLanguage::get('error_url'); $invalidFields[] = $fieldName; } } } elseif (in_array($field['type'], array(self::IMAGE, self::STORAGE, self::PICTURES)) && is_array($_FILES[$fieldName]['tmp_name']) && !empty($_FILES[$fieldName]['tmp_name'])) { if (!is_writable(IA_UPLOADS)) { $error = true; $messages[] = iaLanguage::get('error_directory_readonly'); } else { // run required field checks if ($field['required'] && $field['required_checks']) { eval($field['required_checks']); } elseif ($field['required'] && empty($_FILES[$fieldName]['tmp_name'])) { $error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } // custom folder for uploaded images if (!empty($field['folder_name'])) { if (!is_dir(IA_UPLOADS . $field['folder_name'])) { mkdir(IA_UPLOADS . $field['folder_name']); } $path = $field['folder_name'] . IA_DS; } else { $path = iaUtil::getAccountDir(); } $item[$fieldName] = isset($data[$fieldName]) && $data[$fieldName] ? $data[$fieldName] : array(); // initialize class to work with images $methodName = self::STORAGE == $field['type'] ? '_processFileField' : '_processImageField'; // process uploaded files foreach ($_FILES[$fieldName]['tmp_name'] as $id => $tmp_name) { if ($_FILES[$fieldName]['error'][$id]) { continue; } // files limit exceeded or rewrite image value if (self::IMAGE != $field['type'] && count($item[$fieldName]) >= $field['length']) { break; } $file = array(); foreach ($_FILES[$fieldName] as $key => $value) { $file[$key] = $_FILES[$fieldName][$key][$id]; } $processing = self::$methodName($field, $file, $path); // 0 - filename, 1 - error, 2 - textual error description if (!$processing[1]) { $fieldValue = array('title' => isset($data[$fieldName . '_title'][$id]) ? substr(trim($data[$fieldName . '_title'][$id]), 0, 100) : '', 'path' => $processing[0]); if (self::IMAGE == $field['type']) { $item[$fieldName] = $fieldValue; } else { $item[$fieldName][] = $fieldValue; } } else { $error = true; $messages[] = $processing[2]; } } } // If already has images, append them. $item[$fieldName] = empty($item[$fieldName]) ? '' : serialize(array_merge($item[$fieldName])); // array_merge is used to reset numeric keys } if (isset($item[$fieldName])) { // process hook if field value exists $iaCore->startHook('phpParsePostAfterCheckField', array('field_name' => $fieldName, 'item' => &$item[$fieldName], 'value' => $field, 'error' => &$error, 'error_fields' => &$invalidFields, 'msg' => &$messages)); } } return array($item, $error, $messages, implode(',', $invalidFields)); }
/** * @return array */ protected function _searchByBlocks() { $iaCore =& $this->iaCore; $iaDb =& $this->iaDb; $sql = 'SELECT ' . 'b.`name`, b.`external`, b.`filename`, b.`title`, ' . 'b.`extras`, b.`sticky`, b.`contents`, b.`type`, b.`header`, ' . 'o.`page_name` `page` ' . 'FROM `:prefix:table_blocks` b ' . "LEFT JOIN `:prefix:table_objects` o ON (o.`object` = b.`id` AND o.`object_type` = 'blocks' AND o.`access` = 1) " . "WHERE b.`type` IN('plain','smarty','html') " . "AND b.`status` = ':status' " . "AND b.`extras` IN (':extras') " . "AND (CONCAT(b.`contents`,IF(b.`header` = 1, b.`title`, '')) LIKE ':query' OR b.`external` = 1) " . 'AND o.`page_name` IS NOT NULL ' . 'GROUP BY b.`id`'; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blocks' => 'blocks', 'table_objects' => 'objects_pages', 'status' => iaCore::STATUS_ACTIVE, 'query' => '%' . iaSanitize::sql($this->_query) . '%', 'extras' => implode("','", $iaCore->get('extras')))); $blocks = array(); if ($rows = $iaDb->getAll($sql)) { $extras = $iaDb->keyvalue(array('name', 'type'), iaDb::convertIds(iaCore::STATUS_ACTIVE, 'status'), 'extras'); foreach ($rows as $row) { $pageName = empty($row['page']) ? $iaCore->get('home_page') : $row['page']; if (empty($pageName)) { continue; } if ($row['external']) { switch ($extras[$row['extras']]) { case 'package': case 'plugin': $fileName = explode(':', $row['filename']); array_shift($fileName); $fileName = explode('/', $fileName[0]); array_shift($fileName); $fileName = $fileName[0] . iaView::TEMPLATE_FILENAME_EXT; $type = $extras[$row['extras']] . 's'; $tpl = IA_HOME . sprintf('templates/%s/%s/%s/%s', iaCore::instance()->get('tmpl'), $type, $row['extras'], $fileName); is_file($tpl) || ($tpl = IA_HOME . sprintf('%s/%s/templates/%s/%s', $type, $row['extras'], 'plugins' == $type ? 'front' : 'common', $fileName)); break; default: $tpl = IA_HOME . 'templates/' . $row['extras'] . IA_DS; } $content = @file_get_contents($tpl); if (false === $content) { continue; } $content = self::_stripSmartyTags(iaSanitize::tags($content)); if (false === stripos($content, $this->_query)) { continue; } } else { switch ($row['type']) { case 'smarty': $content = self::_stripSmartyTags(iaSanitize::tags($row['contents'])); break; case 'html': $content = iaSanitize::tags($row['contents']); break; default: $content = $row['contents']; } } isset($blocks[$pageName]) || ($blocks[$pageName] = array()); $blocks[$pageName][] = array('title' => $row['header'] ? $row['title'] : null, 'content' => $this->_extractSnippet($content)); } } return $blocks; }
$id = (int) $iaCore->requestPath[0]; if (!$id) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $portfolioEntry = $iaDb->row_bind(iaDb::ALL_COLUMNS_SELECTION, 'id = :id AND `status` = :status', array('id' => $id, 'status' => iaCore::STATUS_ACTIVE)); if (empty($portfolioEntry)) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } iaBreadcrumb::toEnd($portfolioEntry['title'], IA_SELF); $openGraph = array('title' => $portfolioEntry['title'], 'url' => IA_SELF, 'description' => $portfolioEntry['body']); if (isset($portfolioEntry['image'])) { $openGraph['image'] = IA_CLEAR_URL . 'uploads/' . $portfolioEntry['image']; } $iaView->set('og', $openGraph); $iaView->assign('portfolio_entry', $portfolioEntry); $iaView->title(iaSanitize::tags($portfolioEntry['title'])); } else { $page = empty($_GET['page']) ? 0 : (int) $_GET['page']; $page = $page < 1 ? 1 : $page; $pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('portfolio'); $pagination = array('start' => ($page - 1) * $iaCore->get('portfolio_entries_per_page'), 'limit' => (int) $iaCore->get('portfolio_entries_per_page'), 'template' => $pageUrl . '?page={page}'); $order = 'date' == $iaCore->get('portfolio_entries_order') ? 'ORDER BY `date_added` DESC' : 'ORDER BY `title` ASC'; $stmt = '`status` = :status AND `lang` = :language'; $iaDb->bind($stmt, array('status' => iaCore::STATUS_ACTIVE, 'language' => $iaView->language)); $rows = $iaDb->all('SQL_CALC_FOUND_ROWS `id`, `title`, `date_added`, `body`, `alias`, `image`', $stmt . ' ' . $order, $pagination['start'], $pagination['limit']); $pagination['total'] = $iaDb->foundRows(); $iaView->assign('portfolio_entries', $rows); $iaView->assign('pagination', $pagination); } $iaView->display('index'); }
function searchByPages($query, &$results) { $iaCore = iaCore::instance(); $iaDb =& $iaCore->iaDb; $iaSmarty =& $iaCore->iaView->iaSmarty; $iaPage = $iaCore->factory('page', iaCore::FRONT); $stmt = '`value` LIKE :query AND `category` = :category AND `code` = :language ORDER BY `key`'; $iaDb->bind($stmt, array('query' => '%' . iaSanitize::sql($query) . '%', 'category' => iaLanguage::CATEGORY_PAGE, 'language' => $iaCore->iaView->language)); $pages = array(); if ($rows = $iaDb->all(array('key', 'value'), $stmt, null, null, iaLanguage::getTable())) { foreach ($rows as $row) { $pageName = str_replace(array('page_title_', 'page_content_'), '', $row['key']); $key = false === stripos($row['key'], 'page_content_') ? 'title' : 'content'; $value = iaSanitize::tags($row['value']); isset($pages[$pageName]) || ($pages[$pageName] = array()); if ('content' == $key) { $value = extractSnippet($value, $query); if (empty($pages[$pageName]['title'])) { $pages[$pageName]['title'] = iaLanguage::get('page_title_' . $pageName); } } $pages[$pageName]['url'] = $iaPage->getUrlByName($pageName, false); $pages[$pageName][$key] = $value; } } // blocks content will be printed out as a pages content if ($blocks = searchThroughBlocks($query)) { foreach ($blocks as $pageName => $blocksData) { if (isset($pages[$pageName])) { $pages[$pageName]['extraItems'] = $blocksData; } else { $pages[$pageName] = array('url' => $iaPage->getUrlByName($pageName), 'title' => iaLanguage::get('page_title_' . $pageName), 'content' => '', 'extraItems' => $blocksData); } } } if ($pages) { $iaSmarty->assign('pages', $pages); $results['num'] += count($pages); $results['html']['pages'] = $iaSmarty->fetch('search-list-pages.tpl'); } }