function get($item) { if (!is_array($item)) { $item = sqlfetch(sqlquery("SELECT * FROM `" . $this->Table . "` WHERE id = '" . sqlescape($item) . "'")); } if (!$item) { return false; } foreach ($item as $key => $val) { if (is_array($val)) { $item[$key] = BigTree::untranslateArray($val); } elseif (is_array(json_decode($val, true))) { $item[$key] = BigTree::untranslateArray(json_decode($val, true)); } else { $item[$key] = BigTreeCMS::replaceInternalPageLinks($val); } } return $item; }
static function getSettings($ids) { global $bigtree; // If for some reason we only requested one, just call getSetting if (!is_array($ids)) { return array(static::getSetting($ids)); } // If we're in an extension, just call getSetting on the whole array since we need to make inferences on each ID if (defined("EXTENSION_ROOT")) { $settings = array(); foreach ($ids as $id) { $settings[$id] = static::getSetting($id); } return $settings; } // Not in an extension, we can query them all at once $parts = array(); foreach ($ids as $id) { $parts[] = "id = '" . sqlescape($id) . "'"; } $settings = array(); $q = sqlquery("SELECT * FROM bigtree_settings WHERE (" . implode(" OR ", $parts) . ") ORDER BY id ASC"); while ($f = sqlfetch($q)) { // If the setting is encrypted, we need to re-pull just the value. if ($f["encrypted"]) { $f = sqlfetch(sqlquery("SELECT AES_DECRYPT(`value`,'" . sqlescape($bigtree["config"]["settings_key"]) . "') AS `value` FROM bigtree_settings WHERE id = '" . $f["id"] . "'")); } $value = json_decode($f["value"], true); if (is_array($value)) { $settings[$f["id"]] = BigTree::untranslateArray($value); } else { $settings[$f["id"]] = static::replaceInternalPageLinks($value); } } return $settings; }
function getSettings($ids) { global $bigtree; if (!is_array($ids)) { $ids = array($ids); } $parts = array(); foreach ($ids as $id) { $parts[] = "id = '" . sqlescape($id) . "'"; } $settings = array(); $q = sqlquery("SELECT * FROM bigtree_settings WHERE (" . implode(" OR ", $parts) . ") ORDER BY id ASC"); while ($f = sqlfetch($q)) { // If the setting is encrypted, we need to re-pull just the value. if ($f["encrypted"]) { $f = sqlfetch(sqlquery("SELECT AES_DECRYPT(`value`,'" . sqlescape($bigtree["config"]["settings_key"]) . "') AS `value` FROM bigtree_settings WHERE id = '" . $f["id"] . "'")); } $value = json_decode($f["value"], true); if (is_array($value)) { $settings[$f["id"]] = BigTree::untranslateArray($value); } else { $settings[$f["id"]] = $this->replaceInternalPageLinks($value); } } return $settings; }
static function getReportResults($report, $view, $form, $filters, $sort_field = "id", $sort_direction = "DESC") { // Prevent SQL injection $sort_field = "`" . str_replace("`", "", $sort_field) . "`"; $sort_direction = $sort_direction == "ASC" ? "ASC" : "DESC"; $where = $items = $parsers = $poplists = array(); // Figure out if we have db populated lists and parsers if ($report["type"] == "view") { foreach ($view["fields"] as $key => $field) { if ($field["parser"]) { $parsers[$key] = $field["parser"]; } } } foreach ($form["fields"] as $key => $field) { if ($field["type"] == "list" && $field["options"]["list_type"] == "db") { $poplists[$key] = array("description" => $form["fields"][$key]["options"]["pop-description"], "table" => $form["fields"][$key]["options"]["pop-table"]); } } $query = "SELECT * FROM `" . $report["table"] . "`"; foreach ($report["filters"] as $id => $filter) { if ($filters[$id]) { // Search field if ($filter["type"] == "search") { $where[] = "`{$id}` LIKE '%" . sqlescape($filters[$id]) . "%'"; // Dropdown } elseif ($filter["type"] == "dropdown") { $where[] = "`{$id}` = '" . sqlescape($filters[$id]) . "'"; // Yes / No / Both } elseif ($filter["type"] == "boolean") { if ($filters[$id] == "Yes") { $where[] = "(`{$id}` = 'on' OR `{$id}` = '1' OR `{$id}` != '')"; } elseif ($filters[$id] == "No") { $where[] = "(`{$id}` = '' OR `{$id}` = '0' OR `{$id}` IS NULL)"; } // Date Range } elseif ($filter["type"] == "date-range") { if ($filter[$id]["start"]) { $where[] = "`{$id}` >= '" . sqlescape($filter[$id]["start"]) . "'"; } if ($filter[$id]["end"]) { $where[] = "`{$id}` <= '" . sqlescape($filter[$id]["end"]) . "'"; } } } } if (count($where)) { $query .= " WHERE " . implode(" AND ", $where); } $q = sqlquery($query . " ORDER BY {$sort_field} {$sort_direction}"); while ($f = sqlfetch($q)) { $item = BigTree::untranslateArray($f); foreach ($item as $key => $value) { if ($poplists[$key]) { $p = sqlfetch(sqlquery("SELECT `" . $poplists[$key]["description"] . "` FROM `" . $poplists[$key]["table"] . "` WHERE id = '" . sqlescape($value) . "'")); $item[$key] = $p[$poplists[$key]["description"]]; } if ($parsers[$key]) { $item[$key] = BigTree::runParser($item, $value, $parsers[$key]); } } $items[] = $item; } // If the field we sort by was a poplist or parser, we need to resort. if (isset($parsers[$sort_field]) || isset($poplists[$sort_field])) { $sort_values = array(); foreach ($items as $item) { $sort_values[] = $item[$sort_field]; } if ($sort_direction == "ASC") { array_multisort($sort_values, SORT_ASC, $items); } else { array_multisort($sort_values, SORT_DESC, $items); } } return $items; }
static function getSetting($id, $decode = true) { global $bigtree; $id = BigTreeCMS::extensionSettingCheck($id); $setting = sqlfetch(sqlquery("SELECT * FROM bigtree_settings WHERE id = '{$id}'")); // Setting doesn't exist if (!$setting) { return false; } // Encrypted setting if ($setting["encrypted"]) { $v = sqlfetch(sqlquery("SELECT AES_DECRYPT(`value`,'" . sqlescape($bigtree["config"]["settings_key"]) . "') AS `value` FROM bigtree_settings WHERE id = '{$id}'")); $setting["value"] = $v["value"]; } // Decode the JSON value if ($decode) { $setting["value"] = json_decode($setting["value"], true); if (is_array($setting["value"])) { $setting["value"] = BigTree::untranslateArray($setting["value"]); } else { $setting["value"] = BigTreeCMS::replaceInternalPageLinks($setting["value"]); } } return $setting; }
if (isset($_POST["resources"])) { $bigtree["resources"] = json_decode(base64_decode($_POST["resources"]),true); } if (isset($_POST["type"])) { $bigtree["resources"]["type"] = $_POST["type"]; } if (isset($_POST["key"])) { $bigtree["callout_key"] = htmlspecialchars($_POST["key"]); } foreach ($bigtree["resources"] as &$val) { if (is_array($val)) { $val = BigTree::untranslateArray($val); } elseif (is_array(json_decode($val,true))) { $val = BigTree::untranslateArray(json_decode($val,true)); } else { $val = $cms->replaceInternalPageLinks($val); } } unset($val); $bigtree["callout_count"] = intval($_POST["count"]); $bigtree["callout"] = $admin->getCallout($bigtree["resources"]["type"]); $cached_types = $admin->getCachedFieldTypes(); $bigtree["field_types"] = $cached_types["callouts"]; if ($bigtree["callout"]["description"]) { ?> <p class="callout_description"><?php
function getSetting($id, $decode = true) { global $bigtree, $cms; $id = sqlescape($id); $f = sqlfetch(sqlquery("SELECT * FROM bigtree_settings WHERE id = '{$id}'")); if (!$f) { return false; } if ($f["encrypted"]) { $v = sqlfetch(sqlquery("SELECT AES_DECRYPT(`value`,'" . sqlescape($bigtree["config"]["settings_key"]) . "') AS `value` FROM bigtree_settings WHERE id = '{$id}'")); $f["value"] = $v["value"]; } $f["value"] = json_decode($f["value"], true); if ($decode) { if (is_array($f["value"])) { $f["value"] = BigTree::untranslateArray($f["value"]); } else { $f["value"] = $cms->replaceInternalPageLinks($f["value"]); } } return $f; }
?> </link> <description><?php echo $feed["description"]; ?> </description> <language>en-us</language> <generator>BigTree CMS (http://www.bigtreecms.org)</generator> <?php $sort = $feed["options"]["sort"] ? $feed["options"]["sort"] : "id DESC"; $limit = $feed["options"]["limit"] ? $feed["options"]["limit"] : "15"; $q = sqlquery("SELECT * FROM `" . $feed["table"] . "` ORDER BY {$sort} LIMIT {$limit}"); while ($item = sqlfetch($q)) { foreach ($item as $key => $val) { if (is_array(json_decode($val, true))) { $item[$key] = BigTree::untranslateArray(json_decode($val, true)); } else { $item[$key] = $cms->replaceInternalPageLinks($val); } } if ($feed["options"]["link_gen"]) { $link = $feed["options"]["link_gen"]; foreach ($item as $key => $val) { $link = str_replace("{" . $key . "}", $val, $link); } } else { $link = $item[$feed["options"]["link"]]; } $content = $item[$feed["options"]["description"]]; $limit = $feed["options"]["content_limit"] ? $feed["options"]["content_limit"] : 500; $blurb = BigTree::trimLength($content, $limit);