public function proccess($data = NULL, $validations = FALSE)
{
if (is_array($validations)) {
foreach ($validations as $field => $validation) {
if ($validation === "required") {
if (!POST($field)) {
$field = $this->rename($field);
return array("error" => getAlert("{$field} is required"));
}
} elseif ($validation === "email?") {
if (!isEmail(POST($field))) {
return array("error" => getAlert("{$field} is not a valid email"));
}
} elseif ($validation === "injection?") {
if (isInjection(POST($field))) {
return array("error" => getAlert("SQL/HTML injection attempt blocked"));
}
} elseif ($validation === "spam?") {
if (isSPAM(POST($field))) {
return array("error" => getAlert("SPAM prohibited"));
}
} elseif ($validation === "vulgar?") {
if (isVulgar(POST($field))) {
return array("error" => getAlert("Your {$field} is very vulgar"));
}
} elseif ($validation === "ping") {
if (!ping(POST($field))) {
return array("error" => getAlert("Invalid URL"));
}
} elseif (is_string($validation) and substr($validation, 0, 6) === "length") {
$count = (int) substr($validation, 7, 8);
$count = $count > 0 ? $count : 6;
if (strlen(POST($field)) < $count) {
return array("error" => getAlert("{$field} must have at least {$count} characters"));
}
} elseif (isset($field["exists"]) and isset($this->table) and POST("save")) {
if (is_array($validation)) {
$exists = $this->Db->findBy($validation);
if ($exists) {
return array("error" => getAlert("The record already exists"));
}
}
}
}
}
if (is_null($data)) {
$data = array();
}
$POST = POST(TRUE);
foreach ($POST as $field => $value) {
if (!in_array($field, $this->ignore)) {
if (!isset($data[$this->rename($field)])) {
$data[$this->rename($field)] = decode(filter($value, "escape"));
}
}
}
return $data;
}
public function saveComments()
{
$this->ID_Application = POST("ID_Application");
$this->ID_Record = POST("ID_Record");
$this->comment = POST("comment", "clean", FALSE);
$this->email = POST("email");
$this->website = POST("website");
$this->name = SESSION("ZanUser") ? NULL : POST("name");
$this->username = SESSION("ZanUser") ? SESSION("ZanUser") : NULL;
$this->ID_User = SESSION("ZanUserID") ? (int) SESSION("ZanUserID") : 0;
$this->state = "Active";
$this->date1 = now(4);
$this->date2 = now(2);
$this->year = date("Y");
$this->month = date("m");
$this->day = date("d");
$this->URL = POST("URL");
if ($this->ID_Application === "3") {
if ($this->comment === NULL) {
return getAlert("Empty Comment");
}
if (isSPAM($this->comment) === TRUE) {
return getAlert("STOP, SPAM");
}
if (isVulgar($this->comment) === TRUE) {
return getAlert("STOP, The Comment is Vulgar");
}
if (isInjection($this->comment) === TRUE) {
return getAlert("STOP, Injection");
} else {
cleanHTML($this->comment);
}
if ($this->ID_User > 0) {
$this->Db->table($this->table);
$repost = $this->Db->findBySQL("Comment = '{$this->comment}' AND Year = '{$this->year}' AND Month = '{$this->month}' AND Day = '{$this->day}' AND Name = '{$this->name}'");
if (is_array($repost)) {
return getAlert("This Comment has been posted yet");
}
$fields = "ID_User, Username, Comment, Start_Date, Text_Date, Year, Month, Day, State";
$values = "'{$this->ID_User}', '{$this->username}', '{$this->comment}', '{$this->date1}', '{$this->date2}', '{$this->year}', '{$this->month}', '{$this->day}', '{$this->state}'";
$this->Db->table($this->table, $fields);
$this->Db->values($values);
$this->insertID1 = $this->Db->save();
$fields = "ID_Application, ID_Comment";
$values = "'3', '{$this->insertID1}'";
$this->Db->table("comments2applications", $fields);
$this->Db->values($values);
$this->insertID2 = $this->Db->save();
$fields = "ID_Comment2Application, ID_Record";
$values = "'{$this->insertID2}', '{$this->ID_Record}'";
$this->Db->table("comments2records", $fields);
$this->Db->values($values);
$this->insertID3 = $this->Db->save();
} else {
$this->Db->table($this->table);
$repost = $this->Db->findBySQL("ID_User = '******' AND Comment = '{$this->comment}' AND Year = '{$this->year}' AND Month = '{$this->month}' AND Day = '{$this->day}'");
if (is_array($repost)) {
return getAlert("This Comment has been posted yet");
}
if ($this->name === NULL) {
return getAlert("Empty Name");
}
if (isVulgar($this->name) === TRUE) {
return getAlert("STOP, Vulgar Name");
}
if (isInjection($this->name) === TRUE) {
return getAlert("STOP, Injection");
} else {
cleanHTML($this->comment);
}
if ($this->email === NULL) {
return getAlert("Empty Email");
}
if (isEmail($this->email) === FALSE) {
return getAlert("Invalid Email");
}
if (isset($this->website) and ping($this->website) === FALSE) {
if (isInjection($this->website) === TRUE) {
return getAlert("STOP, Injection");
} else {
cleanHTML($this->website);
}
return getAlert("Invalid Website");
}
$fields = "ID_User, Comment, Start_Date, Text_Date, Year, Month, Day, Name, Email, Website, State";
$values = "'{$this->ID_User}', '{$this->comment}', '{$this->date1}', '{$this->date2}', '{$this->year}', '{$this->month}', '{$this->day}', '{$this->name}', '{$this->email}', '{$this->website}', '{$this->state}'";
$this->Db->table($this->table, $fields);
$this->Db->values($values);
$this->insertID1 = $this->Db->save();
$fields = "ID_Application, ID_Comment";
$values = "'3', '{$this->insertID1}'";
$this->Db->table("comments2applications", $fields);
$this->Db->values($values);
$this->insertID2 = $this->Db->save();
$fields = "ID_Comment2Application, ID_Record";
$values = "'{$this->insertID2}', '{$this->ID_Record}'";
$this->Db->table("comments2records", $fields);
$this->Db->values($values);
$this->insertID3 = $this->Db->save();
}
if ($this->insertID1 === "rollback" or $this->insertID2 === "rollback" or $this->insertID3 === "rollback") {
$this->Db->rollBack();
return getAlert("Insert error");
} else {
$this->Db->commit();
return getAlert("The comment has been saved correctly", "success");
}
}
}
public function process($data = null, $validations = false)
{
if (is_array($validations)) {
foreach ($validations as $field => $validation) {
if ($validation === "required") {
if (!POST($field)) {
$field = $this->rename($field);
return array("error" => getAlert(__("{$field} is required")));
}
} elseif ($validation === "name?") {
if (!isName(POST($field))) {
return array("error" => getAlert(__("{$field} is not a valid name")));
}
} elseif ($validation === "email?") {
if (!isEmail(POST($field))) {
return array("error" => getAlert(__("{$field} is not a valid email")));
}
} elseif ($validation === "captcha?") {
if (!POST("captcha_token") or !POST("captcha_type")) {
return array("error" => getAlert(__(POST("captcha_type") === "aritmethic" ? "Please enter your answer again" : "Please type the characters you see in the picture")));
} elseif (POST("captcha_type") === "aritmethic") {
if (SESSION("ZanCaptcha" . POST("captcha_token")) != POST($field)) {
return array("error" => getAlert(__("Your answer was incorrect")));
}
} else {
if (SESSION("ZanCaptcha" . POST("captcha_token")) !== POST($field)) {
return array("error" => getAlert(__("The characters did not match the picture")));
}
}
} elseif ($validation === "injection?") {
if (isInjection(POST($field))) {
return array("error" => getAlert(__("SQL/HTML injection attempt blocked")));
}
} elseif ($validation === "spam?") {
if (isSPAM(POST($field))) {
return array("error" => getAlert(__("SPAM prohibited")));
}
} elseif ($validation === "vulgar?") {
if (isVulgar(POST($field))) {
return array("error" => getAlert(__("Your {$field} is very vulgar")));
}
} elseif ($validation === "ping") {
if (!ping(POST($field))) {
return array("error" => getAlert(__("Invalid URL")));
}
} elseif (is_string($validation) and substr($validation, 0, 6) === "length") {
$count = (int) substr($validation, 7, 8);
$count = $count > 0 ? $count : 6;
if (strlen(POST($field)) < $count) {
return array("error" => getAlert(__("{$field}") . " " . __("must have at least") . " {$count} " . __("characters")));
}
} elseif (isset($field["exists"]) and isset($this->table)) {
if (is_array($validation)) {
if (isset($validation["or"]) and count($validation) > 2) {
unset($validation["or"]);
$fields = array_keys($validation);
for ($i = 0; $i <= count($fields) - 1; $i++) {
$exists = $this->Db->findBy($fields[$i], $validation[$fields[$i]]);
if ($exists) {
return array("error" => getAlert(__("The " . strtolower($fields[$i]) . " already exists")));
}
}
} else {
$field = array_keys($validation);
$exists = $this->Db->findBy($field[0], $validation[$field[0]]);
if ($exists) {
return array("error" => getAlert(__("The " . strtolower($field[0]) . " already exists")));
}
}
}
}
}
}
if (is_null($data)) {
$data = array();
}
$POST = POST(true);
foreach ($POST as $field => $value) {
if (!in_array($field, $this->ignore)) {
if (!isset($data[$this->rename($field)])) {
$data[$this->rename($field)] = decode(filter($value, "escape"));
}
}
}
return $data;
}
private function setReply()
{
$ID_Topic = segment(3);
if (segment(4) === "edit") {
$action = "edit";
$ID_Reply = segment(5);
} elseif (segment(4) === "new") {
$action = "save";
}
if (segment(6) > 0) {
$page = segment(6);
} else {
$page = 1;
}
if (SESSION("ZanUserID") > 0) {
$this->js("tiny-mce", NULL, "basic");
$this->js("validations", $this->application);
if (POST("cancel")) {
redirect($this->application . _sh . segment(2) . _sh . segment(3) . _sh);
}
if (!POST("doAction")) {
if ($action === "save") {
$topic = $this->Forums_Model->getTopicByID($ID_Topic);
} elseif ($action === "edit") {
$topic = $this->Forums_Model->getTopicByID($ID_Reply);
}
if ($topic) {
$vars["ID_Post"] = $topic[0]["ID_Post"];
$vars["ID_Forum"] = $topic[0]["ID_Forum"];
if ($action === "save") {
$vars["title"] = "Re: " . $topic[0]["Title"];
$vars["content"] = "";
$vars["href"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . "new");
$vars["hrefURL"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh);
} elseif ($action === "edit") {
$vars["title"] = $topic[0]["Title"];
$vars["content"] = $topic[0]["Content"];
$vars["ID_Topic"] = $topic[0]["ID_Parent"];
$vars["hrefURL"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . "page" . _sh . $page);
$vars["href"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . "edit" . _sh . $ID_Reply . _sh . $page);
}
$vars["action"] = $action;
$vars["view"] = $this->view("reply", $this->application, TRUE);
$this->template("content", $vars);
}
} else {
if (!POST("title")) {
$alert = getAlert("You must to write a title");
} elseif (isEmptyTiny(POST("content", "decode", FALSE))) {
$alert = getAlert("You must to a write a content");
} elseif (strlen(POST("title")) < 4) {
$alert = getAlert("You must to write a valid title");
} elseif (!POST("content")) {
$alert = getAlert("You must to a write a content");
} elseif (strlen(POST("content")) < 4) {
$alert = getAlert("You must to write a valid content");
} elseif (isInjection(POST("content", "decode", FALSE))) {
$alert = getAlert("The content is invalid");
} elseif (isEmptyTiny(POST("content", "decode", FALSE))) {
$alert = getAlert("The content is invalid");
} elseif (isVulgar(strtolower(POST("title")))) {
$alert = getAlert("The title is vulgar");
} elseif (isVulgar(strtolower(POST("content")))) {
$alert = getAlert("The content is vulgar");
} elseif (isSPAM(POST("content"))) {
$alert = getAlert("The content has spam");
}
if (isset($alert)) {
$vars["alert"] = $alert;
$vars["ID_Post"] = POST("ID_Post");
$vars["ID_Forum"] = POST("ID_Forum");
$vars["title"] = POST("title");
$vars["content"] = cleanTiny(POST("content", "decode", FALSE));
$vars["action"] = $action;
if ($action === "save") {
$vars["href"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . "new");
$vars["hrefURL"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh);
} elseif ($action === "edit") {
$vars["ID_Topic"] = POST("ID_Topic");
$vars["href"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . "edit" . _sh . $ID_Reply . _sh . $page);
$vars["hrefURL"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . "page" . _sh . $page);
}
$vars["view"] = $this->view("reply", $this->application, TRUE);
$this->template("content", $vars);
} else {
if ($action === "save") {
$success = $this->Forums_Model->setReply();
if ($success > 0) {
$page = $this->Forums_Model->getPage($ID_Topic);
$reply = $this->Forums_Model->addUserReply();
} else {
$page = 1;
}
} elseif ($action === "edit") {
$success = $this->Forums_Model->editReply();
}
$vars["success"] = $success;
$vars["action"] = $action;
if ($action === "save") {
$vars["href"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . _page . _sh . $page . _sh . "#bottom");
} elseif ($action === "edit") {
$vars["href"] = path($this->application . _sh . segment(2) . _sh . $ID_Topic . _sh . _page . _sh . $page);
}
$vars["view"] = $this->view("reply", $this->application, TRUE);
$this->template("content", $vars);
}
}
} else {
redirect($this->application . _sh . segment(2) . _sh . segment(3) . _sh);
}
}