function tbxAboutShow() { Privileges::CheckSuper(); $output = array(); $link_removal = LIC_POWEREDBY == 'true' ? 'Not Purchased' : 'Purchased'; $product = LIC_PRODUCT; $licensee = LIC_LICENSEE; $domain = LIC_DOMAIN; $output['html'] = <<<STUFF <div id="dialog-header" class="ui-widget-header ui-corner-all"> <div id="dialog-close"></div> About {$product} </div> <div id="dialog-panel"> <div style="padding: 8px;"> <span style="font-size: 130%; font-weight: bold;"> This is {$product} version 1.0.1 released on August 4th, 2013 </span> <div class="field"> <label>Licensee:</label> <span class="text-container">All</span> </div> <div class="field"> <label>Licensed Domain:</label> <span class="text-container">{$domain}</span> </div> <div class="field"> <label>Link Removal:</label> <span class="text-container">Yes</span> </div> </div> </div> <div id="dialog-buttons"> <input type="button" id="dialog-button-cancel" value="Close" style="margin-left: 10px;" /> </div> STUFF; JSON::Success($output); }
function tbxGenericSearch() { $DB = GetDB(); $schema = GetDBSchema(); $_REQUEST['per_page'] = isset($_REQUEST['per_page']) && $_REQUEST['per_page'] > 0 ? $_REQUEST['per_page'] : 20; $_REQUEST['page'] = isset($_REQUEST['page']) && $_REQUEST['page'] > 0 ? $_REQUEST['page'] : 1; // Sanity checking $table = Request::GetSafe('table'); $xtable = $schema->el('//table[name="' . $table . '"]'); if (empty($xtable)) { throw new BaseException('The supplied database table does not exist', $table); } // Get custom and merge tables $custom_table = $xtable->custom->val(); $merge_tables = empty($custom_table) ? array() : array($custom_table); foreach ($xtable->xpath('./merge') as $xmerge) { $merge_tables[] = $xmerge->val(); } // Start building the SQL query $s = new SQL_SelectBuilder($table); // Fulltext searches if (isset($_REQUEST['text_search']) && !String::IsEmpty($_REQUEST['text_search'])) { $columns = array(); foreach ($xtable->xpath('.//fulltext[1]/column') as $xcolumn) { $columns[] = $table . '.' . $xcolumn->val(); } $s->AddFulltextWhere($columns, $_REQUEST['text_search_type'], $_REQUEST['text_search']); if ($_REQUEST['text_search_type'] == SQL::FULLTEXT) { $_REQUEST['sort_field'] = array(); } } // Standard search fields for ($i = 0; $i < count($_REQUEST['search_field']); $i++) { $s->AddWhere($_REQUEST['search_field'][$i], $_REQUEST['search_operator'][$i], $_REQUEST['search_term'][$i], $_REQUEST['search_connector'][$i], true); } // Sort fields for ($i = 0; $i < count($_REQUEST['sort_field']); $i++) { $s->AddOrder($_REQUEST['sort_field'][$i], $_REQUEST['sort_direction'][$i]); } $primary_key = $xtable->columns->primaryKey->val(); $result = $DB->QueryWithPagination($s->Generate(), $s->Binds(), $_REQUEST['page'], $_REQUEST['per_page'], $primary_key); if ($result['handle']) { $global_item_include_file = File::Sanitize('cp-' . $xtable->naming->type . '-search-item-global.php', 'php'); $item_include_file = File::Sanitize('cp-' . $xtable->naming->type . '-search-item.php', 'php'); if (!is_file("includes/{$item_include_file}")) { throw new BaseException('The required include file could not be found', $item_include_file); } ob_start(); if (is_file("includes/{$global_item_include_file}")) { include $global_item_include_file; } while ($original = $DB->NextRow($result['handle'])) { foreach ($merge_tables as $merge_table) { $row = $DB->Row('SELECT * FROM # WHERE #=?', array($merge_table, $primary_key, $original[$primary_key])); if (is_array($row)) { $original = array_merge($row, $original); } } $item = String::HtmlSpecialChars($original); include $item_include_file; } $result['html'] = ob_get_clean(); $DB->Free($result['handle']); unset($result['handle']); } JSON::Success($result); }
function _xChangeLogin() { $v =& Validator::Get(); list($username, $password) = explode('|', file_first_line(FILE_CP_USER)); $v->Register($_REQUEST['username'], VT_NOT_EMPTY, 'The Username field is required'); $v->Register($_REQUEST['password'], VT_NOT_EMPTY, 'The Password field is required'); $v->Register(sha1($_REQUEST['old_password']), VT_EQUALS, 'The Old Password is invalid', $password); $v->Register($_REQUEST['username'] . $_REQUEST['password'], VT_NOT_CONTAINS, 'The | character is not allowed in your username or password', '|'); $v->Register(FILE_CP_USER, VT_FILE_IS_WRITEABLE, 'The ' . FILE_CP_USER . ' file has incorrect permissions; change them to 666'); if (!$v->Validate()) { return JSON::Warning(array(JSON_KEY_MESSAGE => 'Login information could not be updated; please fix the following items', JSON_KEY_WARNINGS => $v->GetErrors())); } file_write(FILE_CP_USER, $_REQUEST['username'] . '|' . sha1($_REQUEST['password'])); JSON::Success(array(JSON_KEY_MESSAGE => 'Control panel login has been successfully updated', JSON_KEY_DIALOG => _xIncludeCapture('change-login.php'))); }