/**
* Simple Debug info
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function systeminfo()
{
$objSQL = Core_Classes_coreObj::getDBO();
$objTPL = Core_Classes_coreObj::getTPL();
$objTime = Core_Classes_coreObj::getTime();
$objForm = Core_Classes_coreObj::getForm();
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl'));
// checkers
// grab some info about GD
if (function_exists('gd_info')) {
$a = gd_info();
$gdVer = preg_replace('/[[:alpha:][:space:]()]+/', '', $a['GD Version']);
} else {
$gdVer = 'Not Installed.';
}
$info = '<div class="alert alert-info"><strong>Important!</strong> This panel needs more updating to output more useful data that has been made avaliable during the last overhaul</div>';
$content = 'This panel gives the CMS dev team some information about your setup.
;--System Setup
CMS Version: ' . CMS_VERSION . '
PHP Version: ' . PHP_VERSION . ' (' . (@ini_get('safe_mode') == '1' || strtolower(@ini_get('safe_mode')) == 'on' ? 'Safe Mode Enabled' : 'Safe Mode Disabled') . ')
MySQL Version: ' . mysql_get_server_info() . '
GD Version: ' . $gdVer . '
;--CMS Setup
Install Path: /' . root() . '
' . json_encode($objSQL->fetchAll('SELECT * FROM `#__config`')) . '';
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'System Info', 'CONTENT' => $info . $objForm->textarea('sysInfo', $content, array('style' => 'width: 99%', 'rows' => 20)), 'ICON' => 'fa-icon-user')));
}
/**
* Get plugin list from the database, and attempt to load them in
*
* @version 1.1
* @since 1.0.0
* @author Dan Aldridge
*
* @param array $plugins
*
* @return bool
*/
public function load($plugins = array())
{
if ($this->dontExec == true) {
return false;
}
$objSQL = Core_Classes_coreObj::getDBO();
// make sure we didn't get an empty var...
if (!is_array($plugins) || is_empty($plugins)) {
// if we did try and get a fresh copy from the db
$objCache = Core_Classes_coreObj::getCache();
$plugins = $objCache->load('plugins');
if (!is_array($plugins) || is_empty($plugins)) {
$this->dontExec = true;
return false;
// no luck this time so just return quietly
}
}
// loop though each plugin
foreach ($plugins as $hook) {
$hookStr = $hook['path'];
// make sure its actually a file and is readable
if (!is_file($hookStr) && !is_readable($hookStr)) {
continue;
}
// also make sure its enabled..
if ($hook['enabled'] === false) {
continue;
}
// and then include it :D
include_once str_replace('./', cmsROOT . '', $hookStr);
}
// everything worked as expected so just return true;
return true;
}
/**
* Outputs a table with the currently detected set of modules on
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function modules()
{
$objSQL = Core_Classes_coreObj::getDBO();
$objTPL = Core_Classes_coreObj::getTPL();
$objModule = Core_Classes_coreObj::getModule();
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/modules/default/module_list.tpl'));
$files = glob(sprintf('%smodules/*', cmsROOT));
foreach ($files as $file) {
$moduleName = str_replace('modules/', '', $file);
// Determine the status of the module
if (parent::moduleExists($moduleName) === false) {
continue;
}
$query = $objSQL->queryBuilder()->select('*')->from('#__modules')->where('name', '=', $moduleName)->build();
$row = $objSQL->fetchLine($query);
$moduleInstalled = parent::moduleInstalled($moduleName);
if (empty($row) || $moduleInstalled === false) {
$details = $objModule->getModuleDetails($moduleName);
if (!empty($details)) {
$version = $details['version'];
$hash = $details['hash'];
}
}
$objTPL->assign_block_vars('module', array('NAME' => $moduleName, 'VERSION' => $version, 'HASH' => $hash, 'STATUS' => $moduleInstalled === false ? 'Not Installed' : 'Installed', 'STATUS_ICON' => $moduleInstalled === false ? 'default' : 'success'));
}
$objTPL->parse('panel', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Module List', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'icon-th-list')));
}
/**
* Add a new user to the system
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function add()
{
$objSQL = Core_Classes_coreObj::getDBO();
$objTPL = Core_Classes_coreObj::getTPL();
$objTime = Core_Classes_coreObj::getTime();
Core_Classes_coreObj::getPage()->addBreadcrumbs(array(array('url' => doArgs('REQUEST_URI', '', $_SERVER), 'name' => 'Add User')));
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/users/add.tpl'));
$objTPL->parse('panel', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Add User', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'faicon-user')));
}
/**
* Install a block from a Module method
*
* @version 1.0
* @since 1.0
* @author Daniel Noel-Davies
*
* @param string $var Parameter Description
*
*/
public function installFromModule($module, $method)
{
$objModule = Core_Classes_coreObj::getModule();
$objSQL = Core_Classes_coreObj::getDBO();
$details = $objModule->getDetails($module);
// Check method is callable and the module is enabled
// Not okay
if ($details === false || $objModule->moduleInstalled() === false) {
// Error + return false
trigger_error('Module x is not installed, No block was created');
return false;
}
$data = array('uniqueid' => randcode(8), 'label' => '', 'title' => '', 'region_name' => '', 'order' => '', 'enabled' => '', 'info' => json_encode(), 'args' => json_encode(), 'whitelist' => '', 'content' => '');
// Add into db + display status
$query = $objSQL->queryBuilder()->insertInto('#__blocks')->set($data)->build();
$result = $objSQL->insert($query);
if ($result) {
return true;
}
return false;
}
/**
* Retrieves all the SQL Queries and pumps them out
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param bool $output If True, The function will output the HTML
*
* @return array
*/
public function getSQLQueries($output = false)
{
if ($output !== true) {
return '';
}
$output = '';
$objSQL = Core_Classes_coreObj::getDBO();
$debug = $objSQL->getVar('debug');
if (!empty($debug)) {
foreach ($debug as $query) {
$output .= '<table class="table">';
//$output .= '</tr>';
$output .= sprintf('<tr class="%s"><td colspan="11" style="height: 5px; padding: 0;"></td></tr>', $query['affected_rows'] == '-1' ? 'error' : 'success');
$replace = array('FROM', 'LEFT JOIN', 'RIGHT JOIN', 'INNER JOIN', 'ON', 'OR', 'AND', 'SET', 'WHERE', 'LIMIT', 'GROUP BY', 'ORDER BY', 'VALUES');
if (strlen($query['query']) > 100) {
foreach ($replace as $r) {
$replace = "\n";
$r = ' ' . $r;
$query['query'] = str_replace($r, $replace . $r, $query['query']);
}
}
$geshi = Core_Classes_coreObj::getLib('GeSHi', array($query['query'], 'sql'));
$output .= '</tr><tr>';
$output .= sprintf('<tr><td style="background-color: #1E1E1E; color: white;"> <strong>%1$s</strong> @ <strong>%2$s</strong> // Affected %3$d Rows <span class="pull-right">%5$s</span> <br /> %4$s </td></tr>', str_replace($this->config('global', 'realPath'), '', $query['file']), $query['line'], $query['affected_rows'], $geshi->parse_code(), $query['time_taken']);
if ($query['affected_rows'] == '-1') {
$output .= '</tr><tr>';
$output .= sprintf('<td style="background-color: #1E1E1E; color: white;"> %s </td>', dump($query) . $query['error']);
}
$output .= '</tr>';
$output .= '</table>';
}
}
return array('count' => count($debug) . ' / ' . $objSQL->totalTime, 'content' => sprintf('<ul>%s</ul>', $output));
}
/**
* Handles securing input/output
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param string $string
* @param string $mode
*
* @return string
*/
function secureMe($string, $mode = 'html')
{
$objSQL = Core_Classes_coreObj::getDBO();
switch (strtolower($mode)) {
case 'html':
$string = htmlspecialchars_decode($string);
$string = htmlspecialchars($string);
break;
case 'url':
$string = urlencode($string);
break;
case 'sql':
case 'mres':
$string = $objSQL->escape($string);
break;
case 'langvar':
$string = htmlspecialchars($string);
$string = str_replace(array('>', '<', '&', '"'), array('>', '<', '&', '"'), $string);
break;
case 'num':
if (!ctype_digit((string) $string)) {
$string = preg_replace('/[^0-9]/', '', $string);
}
break;
case 'alphanum':
if (!ctype_alnum((string) $string)) {
$string = preg_replace('/[^a-zA-Z0-9-_]/', '', $string);
}
break;
}
return $string;
}
/**
* Generates a menu from an array
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
protected function generateNav($links = array())
{
$objSQL = Core_Classes_coreObj::getDBO();
$objTPL = Core_Classes_coreObj::getTPL();
$objPage = Core_Classes_coreObj::getPage();
// Loop through the links
foreach ($links as $link) {
$objTPL->assign_block_vars('menu', array());
// If this navigational piece has subnavigation, deal with it.
if (isset($link['subs']) && !empty($link['subs'])) {
// Setup our dropdown parent item
$objTPL->assign_block_vars('menu.dropdown', array('TITLE' => $link['link_title']));
// Loop through our subnavigational items
foreach ($link['subs'] as $subLink) {
// If the title and / or url isn't set, ignore it
if (!isset($subLink['link_title']) || !isset($subLink['link_url'])) {
continue;
}
$objTPL->assign_block_vars('menu.dropdown.subnav', array('URL' => $subLink['link_url'], 'TITLE' => $subLink['link_title']));
}
// Looks like a normal link, sweet.
} else {
if (isset($link['link_url'])) {
$objTPL->assign_block_vars('menu.normal', array('URL' => $link['link_url'], 'TITLE' => $link['link_title']));
}
}
}
}
/**
* Generates the config cache
*
* @version 2.0
* @since 1.0.0
* @author Dan Aldridge
*
*
*/
public function generate_config_cache()
{
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('key', 'var', 'value', 'default')->from('#__config')->orderBy('key', 'DESC')->build();
$results = $objSQL->fetchAll($query);
if (!count($results)) {
echo $objSQL->getError();
return false;
}
$return = array();
foreach ($results as $row) {
$return[$row['key']][$row['var']] = isset($row['value']) && !is_empty($row['value']) ? $row['value'] : $row['default'];
}
return $return;
}
/**
* Check if a module is installed in the database and enabled
*
* @version 1.0.0
* @since 1.0.0
* @author Richard Clifford
*
* @param string $moduleName
*
* @return bool
*/
public static function moduleInstalled($moduleName)
{
return true;
// Temp Fix
if (is_empty($moduleName)) {
return false;
}
// return true here, apparently the module table isnt complete
// return true;
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('enabled')->from('#__modules')->where('name', '=', $moduleName)->build();
$result = $objSQL->fetchLine($query);
if ($result && isset($result['enabled']) && $result['enabled'] === 1) {
return true;
}
return false;
}
/**
* Returns an array of user id in said group according to whether they are $pending
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param int $uid User's ID
* @param int $pending
*
* @return array
*/
function usersInGroup($gid, $pending = 0)
{
if (!is_number($gid)) {
trigger_error('$gid is not valid');
return false;
}
if (!is_number($pending)) {
trigger_error('$pending is not valid');
return false;
}
$objSQL = Core_Classes_coreObj::getDBO();
// Get Group
/*$query = $objSQL->query(vsprintf('SELECT ug.uid, ug.pending, g.type, g.moderator
FROM `#__groups` g, `#__group_subs` ug
WHERE g.id = "%s"
AND ug.gid = g.id',
array($gid)));*/
$query = $objSQL->queryBuilder()->select('ug.uid', 'ug.pending', 'g.type', 'g.moderator')->from(array('g' => '#__groups'))->leftJoin(array('ug' => '#__group_subs'))->on('ug.gid', '=', 'g.id')->where(sprintf('g.id = %d', $gid))->build();
$result = $objSQL->fetchAll($query);
if (is_empty($result)) {
trigger_error('No group for ID: ' . $gid);
return false;
}
// create an array of uid's in group according to $pending
$users = array();
foreach ($result as $row) {
if ($row['pending'] == $pending) {
$users[] = $row['uid'];
}
}
return $users;
}
/**
* Checks whether the user has exceeded the login quota
*
* @version 1.0
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @param bool $dontUpdate
*
* @return bool
*/
public function attemptsCheck($dontUpdate = false)
{
if ($this->onlineData['login_time'] >= time()) {
return false;
} elseif ($this->onlineData['login_attempts'] > $this->config('login', 'max_login_tries')) {
if ($this->onlineData['login_time'] == '0') {
$objSQL = Core_Classes_coreObj::getDBO();
$objTime = Core_Classes_coreObj::getTime();
$objUser = Core_Classes_coreObj::getUser();
$query = $objSQL->queryBuilder()->update('#__sessions')->set(array('login_time' => $objTime->mod_time(time(), 0, 15), 'login_attempts' => '0'))->where('sid', '=', $objUser->grab('userkey'))->build();
$objSQL->query($query);
}
return false;
}
if ($dontUpdate === true) {
return true;
}
if ($this->userData['login_attempts'] >= $this->config('login', 'max_login_tries')) {
if ($this->userData['login_attempts'] === $this->config('login', 'max_login_tries')) {
//deactivate the users account
Core_Classes_coreObj::getUser()->toggle($this->userData['id'], 'active', false);
}
return false;
}
return true;
}
/**
* Generates the cache for the routing system, used as a callback in the caching class
*
* @version 1.0
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @todo Use 2 Queries, One to select non-structure url's (without :'s)
* and one with structure'd url's. The first should be listed
* before the second, to allow for successful processing and
* precedence.
*
* @return array
*/
public static function generate_cache()
{
$output = array();
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('module', 'label', 'pattern', 'method', 'arguments', 'requirements', 'status', 'redirect')->addField('pattern LIKE "%:%" as `dynamic`')->from('#__routes')->where('status = 1')->orderBy('`dynamic` ASC, method DESC, CHAR_LENGTH(pattern)', 'DESC')->build();
$results = $objSQL->fetchAll($query);
$methods = array('ANY', 'HEAD', 'PUT', 'GET', 'OPTIONS', 'POST', 'DELETE', 'TRACE', 'CONNECT', 'PATCH');
foreach ($results as $result) {
$args = json_decode($result['arguments'], true);
if ($args === null) {
$args = array();
}
$reqs = json_decode($result['requirements'], true);
if ($reqs === null) {
$reqs = array();
}
// Error if the route label exists more than once
if (isset($output[$result['label']])) {
hmsgDie('fail', 'Route label exists more than once.. :/ Weird eh?');
}
$output[$result['label']] = array('method' => in_array($result['method'], $methods) ? $result['method'] : 'ANY', 'pattern' => $result['pattern'], 'module' => $result['module'], 'arguments' => $args, 'requirements' => $reqs, 'label' => $result['label'], 'status' => $result['status'], 'redirect' => $result['redirect']);
}
return $output;
}
/**
* Loads an already active session for this user
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
*/
public function getData()
{
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('*')->from('#__sessions')->where('admin', '=', Core_Classes_User::$IS_ADMIN ? '1' : '0')->andWhere('sid', '=', md5(session_id()))->andWhere('hostname', '=', Core_Classes_User::getIP())->build();
$results = $objSQL->fetchLine($query);
if ($objSQL->affectedRows() > 0) {
return $results;
}
return false;
}
/**
* Retrieves one uploaded image, or set of them
*
* @version 1.0
* @since 1.0
* @author Daniel Noel-Davies
*
* @param int|array $id Single Upload ID, or array of Upload IDs
*
*/
public function getInfo($id, $onlyPublic = true)
{
// Check we've got what we need
if (!is_int($id) && !is_numeric($id) && !is_array($id)) {
trigger_error('Invalid arguments supplied for ' . __FUNCTION__);
return array();
}
$objSQL = Core_Classes_coreObj::getDBO();
$where = false;
$query = $objSQL->queryBuilder()->select('*')->from('#__uploads');
if (is_array($id)) {
foreach ($id as $i) {
if (is_int($i)) {
if ($where == true) {
$query->orWhere('id', '=', $i);
} else {
$query->where('id', '=', $i);
}
}
}
} else {
$query->where('id', '=', $id);
}
$query = $query->build();
$info = $objSQL->fetchAll($query, 'id');
if (sizeOf($info) == 1) {
return $info[$id];
}
return $info;
}
/**
* Saves the data from the menu editor
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
* @data-access AJAX Only
*
* @return string
*/
public function editSave($args = array())
{
if (!HTTP_POST) {
die('Error: Could not get post data.');
}
$data = array('menu_name' => doArgs('1', false, $args), 'menu_data' => doArgs('menu', false, $_POST));
if (in_array($data, false)) {
die('Error: could not retrieve proper data.');
}
$data['menu_data'] = json_decode($data['menu_data'], true);
$data['menu_data'] = $this->generateFlatTable($data['menu_data']);
if (!is_array($data['menu_data']) || is_empty($data['menu_data'])) {
die('Error: Could not process array.');
}
$parents = null;
$orders = null;
foreach ($data['menu_data'] as $id => $row) {
$parents .= sprintf(' WHEN `id`="%s" THEN "%s"' . "\n", $id, $row['parent']);
$orders .= sprintf(' WHEN `id`="%s" THEN "%s"' . "\n", $id, $row['order']);
}
// raw query, but honestly wouldnt know where to start with the query builder & this baby XD
$objSQL = Core_Classes_coreObj::getDBO();
$query = '
UPDATE #__menus SET
`parent_id` = CASE
' . $parents . '
ELSE `parent_id` END,
`order` = CASE
' . $orders . '
ELSE `order` END
WHERE id IN("' . implode('", "', array_keys($data['menu_data'])) . '")
';
$query = $objSQL->query($query);
if ($query === false) {
die('Error: Could not run update query. SQL Said: ' . $objSQL->getError());
}
die('Info: Updated Successfully.');
exit;
}
/**
* Verifies a Users Credentials to ensure they are valid
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @param string $username
* @param string $password
*
* @return bool
*/
public function verifyUserCredentials($username, $password)
{
$objSQL = Core_Classes_coreObj::getDBO();
// Grab the user's id
$uid = $this->getIDByUsername($username);
// if the username doesn't exist, return false;
if ($uid === 0) {
return false;
}
// Grab the phpass library
$objPass = Core_classes_coreObj::getLib('phpass', array(8, true));
// Fetch the hashed password from the database
$hash = $this->get('password', $uid);
if ($objPass->CheckPassword($password, $hash)) {
return true;
}
return false;
}
