/** * Simple Debug info * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public function systeminfo() { $objSQL = Core_Classes_coreObj::getDBO(); $objTPL = Core_Classes_coreObj::getTPL(); $objTime = Core_Classes_coreObj::getTime(); $objForm = Core_Classes_coreObj::getForm(); $objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl')); // checkers // grab some info about GD if (function_exists('gd_info')) { $a = gd_info(); $gdVer = preg_replace('/[[:alpha:][:space:]()]+/', '', $a['GD Version']); } else { $gdVer = 'Not Installed.'; } $info = '<div class="alert alert-info"><strong>Important!</strong> This panel needs more updating to output more useful data that has been made avaliable during the last overhaul</div>'; $content = 'This panel gives the CMS dev team some information about your setup. ;--System Setup CMS Version: ' . CMS_VERSION . ' PHP Version: ' . PHP_VERSION . ' (' . (@ini_get('safe_mode') == '1' || strtolower(@ini_get('safe_mode')) == 'on' ? 'Safe Mode Enabled' : 'Safe Mode Disabled') . ') MySQL Version: ' . mysql_get_server_info() . ' GD Version: ' . $gdVer . ' ;--CMS Setup Install Path: /' . root() . ' ' . json_encode($objSQL->fetchAll('SELECT * FROM `#__config`')) . ''; Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'System Info', 'CONTENT' => $info . $objForm->textarea('sysInfo', $content, array('style' => 'width: 99%', 'rows' => 20)), 'ICON' => 'fa-icon-user'))); }
/** * Get plugin list from the database, and attempt to load them in * * @version 1.1 * @since 1.0.0 * @author Dan Aldridge * * @param array $plugins * * @return bool */ public function load($plugins = array()) { if ($this->dontExec == true) { return false; } $objSQL = Core_Classes_coreObj::getDBO(); // make sure we didn't get an empty var... if (!is_array($plugins) || is_empty($plugins)) { // if we did try and get a fresh copy from the db $objCache = Core_Classes_coreObj::getCache(); $plugins = $objCache->load('plugins'); if (!is_array($plugins) || is_empty($plugins)) { $this->dontExec = true; return false; // no luck this time so just return quietly } } // loop though each plugin foreach ($plugins as $hook) { $hookStr = $hook['path']; // make sure its actually a file and is readable if (!is_file($hookStr) && !is_readable($hookStr)) { continue; } // also make sure its enabled.. if ($hook['enabled'] === false) { continue; } // and then include it :D include_once str_replace('./', cmsROOT . '', $hookStr); } // everything worked as expected so just return true; return true; }
/** * Outputs a table with the currently detected set of modules on * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public function modules() { $objSQL = Core_Classes_coreObj::getDBO(); $objTPL = Core_Classes_coreObj::getTPL(); $objModule = Core_Classes_coreObj::getModule(); $objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/modules/default/module_list.tpl')); $files = glob(sprintf('%smodules/*', cmsROOT)); foreach ($files as $file) { $moduleName = str_replace('modules/', '', $file); // Determine the status of the module if (parent::moduleExists($moduleName) === false) { continue; } $query = $objSQL->queryBuilder()->select('*')->from('#__modules')->where('name', '=', $moduleName)->build(); $row = $objSQL->fetchLine($query); $moduleInstalled = parent::moduleInstalled($moduleName); if (empty($row) || $moduleInstalled === false) { $details = $objModule->getModuleDetails($moduleName); if (!empty($details)) { $version = $details['version']; $hash = $details['hash']; } } $objTPL->assign_block_vars('module', array('NAME' => $moduleName, 'VERSION' => $version, 'HASH' => $hash, 'STATUS' => $moduleInstalled === false ? 'Not Installed' : 'Installed', 'STATUS_ICON' => $moduleInstalled === false ? 'default' : 'success')); } $objTPL->parse('panel', false); Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Module List', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'icon-th-list'))); }
/** * Add a new user to the system * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public function add() { $objSQL = Core_Classes_coreObj::getDBO(); $objTPL = Core_Classes_coreObj::getTPL(); $objTime = Core_Classes_coreObj::getTime(); Core_Classes_coreObj::getPage()->addBreadcrumbs(array(array('url' => doArgs('REQUEST_URI', '', $_SERVER), 'name' => 'Add User'))); $objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/users/add.tpl')); $objTPL->parse('panel', false); Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Add User', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'faicon-user'))); }
/** * Install a block from a Module method * * @version 1.0 * @since 1.0 * @author Daniel Noel-Davies * * @param string $var Parameter Description * */ public function installFromModule($module, $method) { $objModule = Core_Classes_coreObj::getModule(); $objSQL = Core_Classes_coreObj::getDBO(); $details = $objModule->getDetails($module); // Check method is callable and the module is enabled // Not okay if ($details === false || $objModule->moduleInstalled() === false) { // Error + return false trigger_error('Module x is not installed, No block was created'); return false; } $data = array('uniqueid' => randcode(8), 'label' => '', 'title' => '', 'region_name' => '', 'order' => '', 'enabled' => '', 'info' => json_encode(), 'args' => json_encode(), 'whitelist' => '', 'content' => ''); // Add into db + display status $query = $objSQL->queryBuilder()->insertInto('#__blocks')->set($data)->build(); $result = $objSQL->insert($query); if ($result) { return true; } return false; }
/** * Retrieves all the SQL Queries and pumps them out * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param bool $output If True, The function will output the HTML * * @return array */ public function getSQLQueries($output = false) { if ($output !== true) { return ''; } $output = ''; $objSQL = Core_Classes_coreObj::getDBO(); $debug = $objSQL->getVar('debug'); if (!empty($debug)) { foreach ($debug as $query) { $output .= '<table class="table">'; //$output .= '</tr>'; $output .= sprintf('<tr class="%s"><td colspan="11" style="height: 5px; padding: 0;"></td></tr>', $query['affected_rows'] == '-1' ? 'error' : 'success'); $replace = array('FROM', 'LEFT JOIN', 'RIGHT JOIN', 'INNER JOIN', 'ON', 'OR', 'AND', 'SET', 'WHERE', 'LIMIT', 'GROUP BY', 'ORDER BY', 'VALUES'); if (strlen($query['query']) > 100) { foreach ($replace as $r) { $replace = "\n"; $r = ' ' . $r; $query['query'] = str_replace($r, $replace . $r, $query['query']); } } $geshi = Core_Classes_coreObj::getLib('GeSHi', array($query['query'], 'sql')); $output .= '</tr><tr>'; $output .= sprintf('<tr><td style="background-color: #1E1E1E; color: white;"> <strong>%1$s</strong> @ <strong>%2$s</strong> // Affected %3$d Rows <span class="pull-right">%5$s</span> <br /> %4$s </td></tr>', str_replace($this->config('global', 'realPath'), '', $query['file']), $query['line'], $query['affected_rows'], $geshi->parse_code(), $query['time_taken']); if ($query['affected_rows'] == '-1') { $output .= '</tr><tr>'; $output .= sprintf('<td style="background-color: #1E1E1E; color: white;"> %s </td>', dump($query) . $query['error']); } $output .= '</tr>'; $output .= '</table>'; } } return array('count' => count($debug) . ' / ' . $objSQL->totalTime, 'content' => sprintf('<ul>%s</ul>', $output)); }
/** * Handles securing input/output * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param string $string * @param string $mode * * @return string */ function secureMe($string, $mode = 'html') { $objSQL = Core_Classes_coreObj::getDBO(); switch (strtolower($mode)) { case 'html': $string = htmlspecialchars_decode($string); $string = htmlspecialchars($string); break; case 'url': $string = urlencode($string); break; case 'sql': case 'mres': $string = $objSQL->escape($string); break; case 'langvar': $string = htmlspecialchars($string); $string = str_replace(array('>', '<', '&', '"'), array('>', '<', '&', '"'), $string); break; case 'num': if (!ctype_digit((string) $string)) { $string = preg_replace('/[^0-9]/', '', $string); } break; case 'alphanum': if (!ctype_alnum((string) $string)) { $string = preg_replace('/[^a-zA-Z0-9-_]/', '', $string); } break; } return $string; }
/** * Generates a menu from an array * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ protected function generateNav($links = array()) { $objSQL = Core_Classes_coreObj::getDBO(); $objTPL = Core_Classes_coreObj::getTPL(); $objPage = Core_Classes_coreObj::getPage(); // Loop through the links foreach ($links as $link) { $objTPL->assign_block_vars('menu', array()); // If this navigational piece has subnavigation, deal with it. if (isset($link['subs']) && !empty($link['subs'])) { // Setup our dropdown parent item $objTPL->assign_block_vars('menu.dropdown', array('TITLE' => $link['link_title'])); // Loop through our subnavigational items foreach ($link['subs'] as $subLink) { // If the title and / or url isn't set, ignore it if (!isset($subLink['link_title']) || !isset($subLink['link_url'])) { continue; } $objTPL->assign_block_vars('menu.dropdown.subnav', array('URL' => $subLink['link_url'], 'TITLE' => $subLink['link_title'])); } // Looks like a normal link, sweet. } else { if (isset($link['link_url'])) { $objTPL->assign_block_vars('menu.normal', array('URL' => $link['link_url'], 'TITLE' => $link['link_title'])); } } } }
/** * Generates the config cache * * @version 2.0 * @since 1.0.0 * @author Dan Aldridge * * */ public function generate_config_cache() { $objSQL = Core_Classes_coreObj::getDBO(); $query = $objSQL->queryBuilder()->select('key', 'var', 'value', 'default')->from('#__config')->orderBy('key', 'DESC')->build(); $results = $objSQL->fetchAll($query); if (!count($results)) { echo $objSQL->getError(); return false; } $return = array(); foreach ($results as $row) { $return[$row['key']][$row['var']] = isset($row['value']) && !is_empty($row['value']) ? $row['value'] : $row['default']; } return $return; }
/** * Check if a module is installed in the database and enabled * * @version 1.0.0 * @since 1.0.0 * @author Richard Clifford * * @param string $moduleName * * @return bool */ public static function moduleInstalled($moduleName) { return true; // Temp Fix if (is_empty($moduleName)) { return false; } // return true here, apparently the module table isnt complete // return true; $objSQL = Core_Classes_coreObj::getDBO(); $query = $objSQL->queryBuilder()->select('enabled')->from('#__modules')->where('name', '=', $moduleName)->build(); $result = $objSQL->fetchLine($query); if ($result && isset($result['enabled']) && $result['enabled'] === 1) { return true; } return false; }
/** * Returns an array of user id in said group according to whether they are $pending * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param int $uid User's ID * @param int $pending * * @return array */ function usersInGroup($gid, $pending = 0) { if (!is_number($gid)) { trigger_error('$gid is not valid'); return false; } if (!is_number($pending)) { trigger_error('$pending is not valid'); return false; } $objSQL = Core_Classes_coreObj::getDBO(); // Get Group /*$query = $objSQL->query(vsprintf('SELECT ug.uid, ug.pending, g.type, g.moderator FROM `#__groups` g, `#__group_subs` ug WHERE g.id = "%s" AND ug.gid = g.id', array($gid)));*/ $query = $objSQL->queryBuilder()->select('ug.uid', 'ug.pending', 'g.type', 'g.moderator')->from(array('g' => '#__groups'))->leftJoin(array('ug' => '#__group_subs'))->on('ug.gid', '=', 'g.id')->where(sprintf('g.id = %d', $gid))->build(); $result = $objSQL->fetchAll($query); if (is_empty($result)) { trigger_error('No group for ID: ' . $gid); return false; } // create an array of uid's in group according to $pending $users = array(); foreach ($result as $row) { if ($row['pending'] == $pending) { $users[] = $row['uid']; } } return $users; }
/** * Checks whether the user has exceeded the login quota * * @version 1.0 * @since 1.0.0 * @author Daniel Noel-Davies * * @param bool $dontUpdate * * @return bool */ public function attemptsCheck($dontUpdate = false) { if ($this->onlineData['login_time'] >= time()) { return false; } elseif ($this->onlineData['login_attempts'] > $this->config('login', 'max_login_tries')) { if ($this->onlineData['login_time'] == '0') { $objSQL = Core_Classes_coreObj::getDBO(); $objTime = Core_Classes_coreObj::getTime(); $objUser = Core_Classes_coreObj::getUser(); $query = $objSQL->queryBuilder()->update('#__sessions')->set(array('login_time' => $objTime->mod_time(time(), 0, 15), 'login_attempts' => '0'))->where('sid', '=', $objUser->grab('userkey'))->build(); $objSQL->query($query); } return false; } if ($dontUpdate === true) { return true; } if ($this->userData['login_attempts'] >= $this->config('login', 'max_login_tries')) { if ($this->userData['login_attempts'] === $this->config('login', 'max_login_tries')) { //deactivate the users account Core_Classes_coreObj::getUser()->toggle($this->userData['id'], 'active', false); } return false; } return true; }
/** * Generates the cache for the routing system, used as a callback in the caching class * * @version 1.0 * @since 1.0.0 * @author Daniel Noel-Davies * * @todo Use 2 Queries, One to select non-structure url's (without :'s) * and one with structure'd url's. The first should be listed * before the second, to allow for successful processing and * precedence. * * @return array */ public static function generate_cache() { $output = array(); $objSQL = Core_Classes_coreObj::getDBO(); $query = $objSQL->queryBuilder()->select('module', 'label', 'pattern', 'method', 'arguments', 'requirements', 'status', 'redirect')->addField('pattern LIKE "%:%" as `dynamic`')->from('#__routes')->where('status = 1')->orderBy('`dynamic` ASC, method DESC, CHAR_LENGTH(pattern)', 'DESC')->build(); $results = $objSQL->fetchAll($query); $methods = array('ANY', 'HEAD', 'PUT', 'GET', 'OPTIONS', 'POST', 'DELETE', 'TRACE', 'CONNECT', 'PATCH'); foreach ($results as $result) { $args = json_decode($result['arguments'], true); if ($args === null) { $args = array(); } $reqs = json_decode($result['requirements'], true); if ($reqs === null) { $reqs = array(); } // Error if the route label exists more than once if (isset($output[$result['label']])) { hmsgDie('fail', 'Route label exists more than once.. :/ Weird eh?'); } $output[$result['label']] = array('method' => in_array($result['method'], $methods) ? $result['method'] : 'ANY', 'pattern' => $result['pattern'], 'module' => $result['module'], 'arguments' => $args, 'requirements' => $reqs, 'label' => $result['label'], 'status' => $result['status'], 'redirect' => $result['redirect']); } return $output; }
/** * Loads an already active session for this user * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * */ public function getData() { $objSQL = Core_Classes_coreObj::getDBO(); $query = $objSQL->queryBuilder()->select('*')->from('#__sessions')->where('admin', '=', Core_Classes_User::$IS_ADMIN ? '1' : '0')->andWhere('sid', '=', md5(session_id()))->andWhere('hostname', '=', Core_Classes_User::getIP())->build(); $results = $objSQL->fetchLine($query); if ($objSQL->affectedRows() > 0) { return $results; } return false; }
/** * Retrieves one uploaded image, or set of them * * @version 1.0 * @since 1.0 * @author Daniel Noel-Davies * * @param int|array $id Single Upload ID, or array of Upload IDs * */ public function getInfo($id, $onlyPublic = true) { // Check we've got what we need if (!is_int($id) && !is_numeric($id) && !is_array($id)) { trigger_error('Invalid arguments supplied for ' . __FUNCTION__); return array(); } $objSQL = Core_Classes_coreObj::getDBO(); $where = false; $query = $objSQL->queryBuilder()->select('*')->from('#__uploads'); if (is_array($id)) { foreach ($id as $i) { if (is_int($i)) { if ($where == true) { $query->orWhere('id', '=', $i); } else { $query->where('id', '=', $i); } } } } else { $query->where('id', '=', $id); } $query = $query->build(); $info = $objSQL->fetchAll($query, 'id'); if (sizeOf($info) == 1) { return $info[$id]; } return $info; }
/** * Saves the data from the menu editor * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * @data-access AJAX Only * * @return string */ public function editSave($args = array()) { if (!HTTP_POST) { die('Error: Could not get post data.'); } $data = array('menu_name' => doArgs('1', false, $args), 'menu_data' => doArgs('menu', false, $_POST)); if (in_array($data, false)) { die('Error: could not retrieve proper data.'); } $data['menu_data'] = json_decode($data['menu_data'], true); $data['menu_data'] = $this->generateFlatTable($data['menu_data']); if (!is_array($data['menu_data']) || is_empty($data['menu_data'])) { die('Error: Could not process array.'); } $parents = null; $orders = null; foreach ($data['menu_data'] as $id => $row) { $parents .= sprintf(' WHEN `id`="%s" THEN "%s"' . "\n", $id, $row['parent']); $orders .= sprintf(' WHEN `id`="%s" THEN "%s"' . "\n", $id, $row['order']); } // raw query, but honestly wouldnt know where to start with the query builder & this baby XD $objSQL = Core_Classes_coreObj::getDBO(); $query = ' UPDATE #__menus SET `parent_id` = CASE ' . $parents . ' ELSE `parent_id` END, `order` = CASE ' . $orders . ' ELSE `order` END WHERE id IN("' . implode('", "', array_keys($data['menu_data'])) . '") '; $query = $objSQL->query($query); if ($query === false) { die('Error: Could not run update query. SQL Said: ' . $objSQL->getError()); } die('Info: Updated Successfully.'); exit; }
/** * Verifies a Users Credentials to ensure they are valid * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param string $username * @param string $password * * @return bool */ public function verifyUserCredentials($username, $password) { $objSQL = Core_Classes_coreObj::getDBO(); // Grab the user's id $uid = $this->getIDByUsername($username); // if the username doesn't exist, return false; if ($uid === 0) { return false; } // Grab the phpass library $objPass = Core_classes_coreObj::getLib('phpass', array(8, true)); // Fetch the hashed password from the database $hash = $this->get('password', $uid); if ($objPass->CheckPassword($password, $hash)) { return true; } return false; }