/**
* This function determines whether an there is a currently logged in
* Author for Symphony by using the `$Cookie`'s username
* and password. If an Author is found, they will be logged in, otherwise
* the `$Cookie` will be destroyed.
*
* @see core.Cookie#expire()
*/
public function isLoggedIn()
{
// Ensures that we're in the real world.. Also reduces three queries from database
// We must return true otherwise exceptions are not shown
if (is_null(self::$_instance)) {
return true;
}
if ($this->Author) {
return true;
} else {
$username = self::$Database->cleanValue($this->Cookie->get('username'));
$password = self::$Database->cleanValue($this->Cookie->get('pass'));
if (strlen(trim($username)) > 0 && strlen(trim($password)) > 0) {
$id = self::$Database->fetchVar('id', 0, "SELECT `id` FROM `tbl_authors` WHERE `username` = '{$username}' AND `password` = '{$password}' LIMIT 1");
if ($id) {
self::$Database->update(array('last_seen' => DateTimeObj::get('Y-m-d H:i:s')), 'tbl_authors', " `id` = '{$id}'");
$this->Author = AuthorManager::fetchByID($id);
Lang::set($this->Author->get('language'));
return true;
}
}
$this->Cookie->expire();
return false;
}
}
public function view()
{
$database = Symphony::Configuration()->get('db', 'database');
$field_ids = array_map(array('General', 'intval'), explode(',', General::sanitize($_GET['field_id'])));
$search = MySQL::cleanValue(General::sanitize($_GET['query']));
$types = array_map(array('MySQL', 'cleanValue'), explode(',', General::sanitize($_GET['types'])));
$limit = General::intval(General::sanitize($_GET['limit']));
// Set limit
if ($limit === 0) {
$max = '';
} elseif ($limit < 0) {
$max = ' LIMIT 100';
} else {
$max = sprintf(' LIMIT %d', $limit);
}
// Entries
if (in_array('entry', $types)) {
foreach ($field_ids as $field_id) {
$this->get($database, intval($field_id), $search, $max);
}
}
// Associations
if (in_array('association', $types)) {
foreach ($field_ids as $field_id) {
$association_id = $this->getAssociationId($field_id);
if ($association_id) {
$this->get($database, $association_id, $search, $max);
}
}
}
// Static values
if (in_array('static', $types)) {
foreach ($field_ids as $field_id) {
$this->getStatic($field_id, $search);
}
}
// Return results
return $this->_Result;
}
/**
* Given a resource type, a handle and a page, this function detaches
* the given handle (which represents either a datasource or event) to that page.
*
* @param integer $type
* The resource type, either `RESOURCE_TYPE_EVENT` or `RESOURCE_TYPE_DS`
* @param string $r_handle
* The handle of the resource.
* @param integer $page_id
* The ID of the page.
*/
public static function detach($type, $r_handle, $page_id)
{
$col = self::getColumnFromType($type);
$pages = PageManager::fetch(false, array($col), array(sprintf('`id` = %d', $page_id)));
if (is_array($pages) && count($pages) == 1) {
$result = $pages[0][$col];
$values = explode(',', $result);
$idx = array_search($r_handle, $values, false);
if ($idx !== false) {
array_splice($values, $idx, 1);
$result = implode(',', $values);
return PageManager::edit($page_id, array($col => MySQL::cleanValue($result)));
}
}
return false;
}
private function __unregisterToList($tbl, $ip = '')
{
$filter = MySQL::cleanValue($this->getIP($ip));
return Symphony::Database()->delete($tbl, "IP = '{$filter}'");
}
private function __sendEmail()
{
$emailUnban = ABF::instance()->getConfigVal(ABF::SETTING_AUTO_UNBAN);
if ($emailUnban != 'on') {
// do nothing
$this->_email_sent = null;
return;
}
$author = Symphony::Database()->fetchRow(0, "SELECT `id`, `email`, `first_name` FROM `tbl_authors` WHERE `email` = '" . MySQL::cleanValue($_POST['email']) . "'");
$failure = ABF::instance()->getFailureByIp();
$emailSettings = ABF::instance()->getEmailSettings();
if (is_array($author) && isset($author['email']) && is_array($failure) && isset($failure[0]) && isset($failure[0]->Hash)) {
// safe run
try {
// use default values
$email = Email::create();
// if no default values are set
if (!is_array($emailSettings) || empty($emailSettings['from_address'])) {
$email->setFrom($author['email'], Symphony::Configuration()->get('sitename', 'general'));
} else {
$email->setFrom($emailSettings['from_address'], $emailSettings['from_name']);
}
$email->recipients = $author['email'];
$email->subject = __('Unban IP link');
$email->text_plain = __('Please follow this link to unban your IP: ') . SYMPHONY_URL . ABF::UNBAND_LINK . $failure[0]->Hash . '/' . PHP_EOL . __('If you do not remember your password, follow the "forgot password" link on the login page.') . PHP_EOL . __('The Symphony Team');
// set error flag
$this->_email_sent = $email->validate() && $email->send();
} catch (Exception $e) {
//var_dump($e);
// do nothing
$this->_email_sent = false;
}
}
}
/**
* Process the URL and translate the localised page handles to Symphony handles.
*
* @param array $context - see delegate description
*/
public function dFrontendPrePageResolve($context)
{
if ($this->first_pass === true && $this->_validateDependencies()) {
$this->first_pass = false;
$url = MySQL::cleanValue($context['page']);
$context['page'] = PLHManagerURL::lang2sym($url, Flang::getLangCode());
}
}
/**
*
* Builds the content view
*/
public function view()
{
// _context[0] => entry values
// _context[1] => fieldId
if (!is_array($this->_context) || empty($this->_context)) {
$this->_Result->appendChild(new XMLElement('error', __('Parameters not found')));
return;
} else {
if (count($this->_context) < self::NUMBER_OF_URL_PARAMETERS) {
$this->_Result->appendChild(new XMLElement('error', __('Not enough parameters')));
return;
} else {
if (count($this->_context) > self::NUMBER_OF_URL_PARAMETERS) {
$this->_Result->appendChild(new XMLElement('error', __('Too many parameters')));
return;
}
}
}
$entriesId = explode(',', MySQL::cleanValue($this->_context[0]));
$entriesId = array_map(array('General', 'intval'), $entriesId);
if (!is_array($entriesId) || empty($entriesId)) {
$this->_Result->appendChild(new XMLElement('error', __('No entry no found')));
return;
}
$parentFieldId = General::intval($this->_context[1]);
if ($parentFieldId < 1) {
$this->_Result->appendChild(new XMLElement('error', __('Parent field id not valid')));
return;
}
$parentField = $this->fieldManager->fetch($parentFieldId);
if (!$parentField || empty($parentField)) {
$this->_Result->appendChild(new XMLElement('error', __('Parent field not found')));
return;
}
if ($parentField->get('type') != 'entry_relationship') {
$this->_Result->appendChild(new XMLElement('error', __('Parent field is `%s`, not `entry_relationship`', array($parentField->get('type')))));
return;
}
$includedElements = $this->parseIncludedElements($parentField);
$xmlParams = self::getXmlParams();
// Get entries one by one since they may belong to
// different sections, which prevents us from
// passing an array of entryId.
foreach ($entriesId as $key => $entryId) {
$entry = $this->entryManager->fetch($entryId);
if (empty($entry)) {
$li = new XMLElement('li', null, array('data-entry-id' => $entryId));
$header = new XMLElement('header', null, array('class' => 'frame-header'));
$title = new XMLElement('h4');
$title->appendChild(new XMLElement('strong', __('Entry %s not found', array($entryId))));
$header->appendChild($title);
$options = new XMLElement('div', null, array('class' => 'destructor'));
if ($parentField->is('allow_link')) {
$options->appendChild(new XMLElement('a', __('Un-link'), array('class' => 'unlink', 'data-unlink' => $entryId)));
}
$header->appendChild($options);
$li->appendChild($header);
$this->_Result->appendChild($li);
} else {
$entry = $entry[0];
$entryData = $entry->getData();
$entrySection = $this->sectionManager->fetch($entry->get('section_id'));
$entryVisibleFields = $entrySection->fetchVisibleColumns();
$entryFields = $entrySection->fetchFields();
$entrySectionHandle = $this->getSectionName($entry, 'handle');
$li = new XMLElement('li', null, array('data-entry-id' => $entryId, 'data-section' => $entrySectionHandle, 'data-section-id' => $entrySection->get('id')));
$header = new XMLElement('header', null, array('class' => 'frame-header'));
$title = new XMLElement('h4');
$title->appendChild(new XMLElement('strong', $this->getEntryTitle($entry, $entryVisibleFields, $entryFields)));
$title->appendChild(new XMLElement('span', $this->getSectionName($entry)));
$header->appendChild($title);
$options = new XMLElement('div', null, array('class' => 'destructor'));
if ($parentField->is('allow_edit')) {
$title->setAttribute('data-edit', $entryId);
$options->appendChild(new XMLElement('a', __('Edit'), array('class' => 'edit', 'data-edit' => $entryId)));
}
if ($parentField->is('allow_delete')) {
$options->appendChild(new XMLElement('a', __('Delete'), array('class' => 'delete', 'data-delete' => $entryId)));
}
if ($parentField->is('allow_link')) {
$options->appendChild(new XMLElement('a', __('Replace'), array('class' => 'unlink', 'data-replace' => $entryId)));
}
if ($parentField->is('allow_delete') || $parentField->is('allow_link')) {
$options->appendChild(new XMLElement('a', __('Un-link'), array('class' => 'unlink', 'data-unlink' => $entryId)));
}
$header->appendChild($options);
$li->appendChild($header);
$xslFilePath = WORKSPACE . '/er-templates/' . $entrySectionHandle . '.xsl';
if (!empty($entryData) && !!@file_exists($xslFilePath)) {
$xmlData = new XMLElement('data');
$xmlData->setIncludeHeader(true);
$xml = new XMLElement('entry');
$xml->setAttribute('id', $entryId);
$xmlData->appendChild($xmlParams);
$xmlData->appendChild($xml);
foreach ($entryData as $fieldId => $data) {
$filteredData = array_filter($data, function ($value) {
return $value != null;
});
if (empty($filteredData)) {
continue;
}
$field = $entryFields[$fieldId];
$fieldName = $field->get('element_name');
$fieldIncludedElement = $includedElements[$entrySectionHandle];
if (FieldEntry_relationship::isFieldIncluded($fieldName, $fieldIncludedElement)) {
$fieldIncludableElements = $field->fetchIncludableElements();
if ($field instanceof FieldEntry_relationship) {
$fieldIncludableElements = null;
}
if (!empty($fieldIncludableElements) && count($fieldIncludableElements) > 1) {
foreach ($fieldIncludableElements as $fieldIncludableElement) {
$submode = preg_replace('/^' . $fieldName . '\\s*\\:\\s*/i', '', $fieldIncludableElement, 1);
$field->appendFormattedElement($xml, $data, false, $submode, $entryId);
}
} else {
$field->appendFormattedElement($xml, $data, false, null, $entryId);
}
}
}
$indent = false;
$mode = $parentField->get('mode');
if (isset($_REQUEST['debug'])) {
$mode = 'debug';
}
if ($mode == 'debug') {
$indent = true;
}
$xmlMode = empty($mode) ? '' : 'mode="' . $mode . '"';
$xmlString = $xmlData->generate($indent, 0);
$xsl = '<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
<xsl:import href="' . str_replace('\\', '/', $xslFilePath) . '"/>
<xsl:output method="xml" omit-xml-declaration="yes" encoding="UTF-8" indent="no" />
<xsl:template match="/">
<xsl:apply-templates select="/data" ' . $xmlMode . ' />
</xsl:template>
<xsl:template match="/data" ' . $xmlMode . '>
<xsl:apply-templates select="entry" ' . $xmlMode . ' />
</xsl:template>
<xsl:template match="/data" mode="debug">
<xsl:copy-of select="/" />
</xsl:template>
</xsl:stylesheet>';
$xslt = new XsltProcess();
$result = $xslt->process($xmlString, $xsl, $this->params);
if ($mode == 'debug') {
$result = '<pre><code>' . str_replace('<', '<', str_replace('>', '>', $xmlString)) . '</code></pre>';
}
if ($xslt->isErrors()) {
$error = $xslt->getError();
$result = $error[1]['message'];
}
if (!!$xslt && strlen($result) > 0) {
$content = new XMLElement('div', $result, array('class' => 'content'));
$li->appendChild($content);
}
}
$this->_Result->appendChild($li);
}
}
}
/**
*
* Builds the content view
*/
public function view()
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->_Result['status'] = Page::HTTP_STATUS_BAD_REQUEST;
$this->_Result['error'] = __('This page accepts posts only');
$this->setHttpStatus($this->_Result['status']);
return;
}
// _context[0] => entry id to delete
// _context[1] => fieldId
// _context[2] => current entry id (parent of entry id to delete)
if (!is_array($this->_context) || empty($this->_context)) {
$this->_Result['error'] = __('Parameters not found');
return;
} else {
if (count($this->_context) < self::NUMBER_OF_URL_PARAMETERS) {
$this->_Result['error'] = __('Not enough parameters');
return;
} else {
if (count($this->_context) > self::NUMBER_OF_URL_PARAMETERS) {
$this->_Result['error'] = __('Too many parameters');
return;
}
}
}
// Validate to delete entry ID
$rawToDeleteEntryId = MySQL::cleanValue($this->_context[0]);
$toDeleteEntryId = General::intval($rawToDeleteEntryId);
if ($toDeleteEntryId < 1) {
$this->_Result['error'] = __('No entry no found');
return;
}
// Validate parent field exists
$parentFieldId = General::intval(MySQL::cleanValue($this->_context[1]));
if ($parentFieldId < 1) {
$this->_Result['error'] = __('Parent id not valid');
return;
}
$parentField = FieldManager::fetch($parentFieldId);
if (!$parentField || empty($parentField)) {
$this->_Result['error'] = __('Parent field not found');
return;
}
// Validate parent entry ID
$rawEntryId = MySQL::cleanValue($this->_context[2]);
$entryId = General::intval($rawEntryId);
if ($entryId < 1) {
$this->_Result['error'] = sprintf(__('Parent entry id `%s` not valid'), $rawEntryId);
return;
}
// Validate parent entry exists
$entry = EntryManager::fetch($entryId);
if ($entry == null || count($entry) != 1) {
$this->_Result['error'] = __('Parent entry not found');
return;
}
if (is_array($entry)) {
$entry = $entry[0];
}
if ($entry->get('section_id') != $parentField->get('parent_section')) {
$this->_Result['error'] = __('Field and entry do not belong together');
return;
}
// Validate to delete entry exists
$toDeleteEntry = EntryManager::fetch($toDeleteEntryId);
if ($toDeleteEntry == null || count($toDeleteEntry) != 1) {
$this->_Result['error'] = __('Entry not found');
return;
}
if (is_array($toDeleteEntry)) {
$toDeleteEntry = $toDeleteEntry[0];
}
// Validate entry is not linked anywhere else
if (!isset($_REQUEST['no-assoc'])) {
//$toDeleteSection = SectionManager::fetch($toDeleteEntry->get('section_id'));
//$toDeleteAssoc = $toDeleteSection->fetchChildAssociations(false);
$toDeleteAssoc = SectionManager::fetchChildAssociations($toDeleteEntry->get('section_id'), false);
//var_dump($toDeleteAssoc);die;
// TODO: find if the toDeleteEntry is linked or not.
if (count($toDeleteAssoc) > 1) {
$this->_Result['assoc'] = true;
$this->_Result['error'] = __('Entry might be link elsewhere. Do you want to continue?');
return;
}
}
// Delete the entry
if (!EntryManager::delete($toDeleteEntryId)) {
$this->_Result['error'] = __('Could not delete the entry');
return;
}
$this->_Result['entry-id'] = $entryId;
$this->_Result['ok'] = true;
}
public static function updateFieldData_Driver()
{
$tbl = self::FIELD_TBL_NAME;
// allow all drivers for fields that already exists
$drivers = MySQL::cleanValue(implode(',', ServiceDispatcher::getAllDriversNames()));
return Symphony::Database()->query("\n\t\t\t\tUPDATE `{$tbl}`\n\t\t\t\t\tSET `driver` = '{$drivers}'\n\t\t\t");
}
/**
*
* Builds the content view
*/
public function view()
{
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
$this->_Result['status'] = Page::HTTP_STATUS_BAD_REQUEST;
$this->_Result['error'] = __('This page accepts posts only');
$this->setHttpStatus($this->_Result['status']);
return;
}
// _context[0] => entry values
// _context[1] => fieldId
// _context[2] => current entry id
if (!is_array($this->_context) || empty($this->_context)) {
$this->_Result['error'] = __('Parameters not found');
return;
} else {
if (count($this->_context) < self::NUMBER_OF_URL_PARAMETERS) {
$this->_Result['error'] = __('Not enough parameters');
return;
} else {
if (count($this->_context) > self::NUMBER_OF_URL_PARAMETERS) {
$this->_Result['error'] = __('Too many parameters');
return;
}
}
}
// Validate ALL entries ID
$rawEntriesId = explode(',', MySQL::cleanValue($this->_context[0]));
$entriesId = array_map(array('General', 'intval'), $rawEntriesId);
if (!is_array($entriesId) || empty($entriesId)) {
$this->_Result['error'] = __('No entry no found');
return;
}
if (in_array('null', $rawEntriesId)) {
$entriesId = array();
}
foreach ($entriesId as $entryPos => $entryId) {
if ($entryId < 1) {
$this->_Result['error'] = sprintf(__('Entry id `%s` not valid'), $rawEntriesId[$entryPos]);
return;
}
}
// Validate parent field exists
$parentFieldId = General::intval(MySQL::cleanValue($this->_context[1]));
if ($parentFieldId < 1) {
$this->_Result['error'] = __('Parent id not valid');
return;
}
$parentField = FieldManager::fetch($parentFieldId);
if (!$parentField || empty($parentField)) {
$this->_Result['error'] = __('Parent field not found');
return;
}
// Validate parent entry ID
$rawEntryId = MySQL::cleanValue($this->_context[2]);
$entryId = General::intval($rawEntryId);
if ($entryId < 1) {
$this->_Result['error'] = sprintf(__('Parent entry id `%s` not valid'), $rawEntryId);
return;
}
// Validate parent entry exists
$entry = EntryManager::fetch($entryId);
if ($entry == null || count($entry) != 1) {
$this->_Result['error'] = __('Parent entry not found');
return;
}
if (is_array($entry)) {
$entry = $entry[0];
}
if ($entry->get('section_id') != $parentField->get('parent_section')) {
$this->_Result['error'] = __('Field and entry do not belong together');
return;
}
$entryData = $entry->getData();
// set new data
$entryData[$parentFieldId]['entries'] = implode(',', $entriesId);
// check if data are valid
$resMessage = null;
$res = $parentField->checkPostFieldData($entryData[$parentFieldId], $resMessage, $entryId);
if ($res != Field::__OK__) {
$this->_Result['error'] = $resMessage;
return;
}
// save the new data
$entry->setData($parentFieldId, $entryData[$parentFieldId]);
if (!$entry->commit()) {
$this->_Result['error'] = __('Could not save entry');
return;
}
$this->_Result['entry-id'] = $entryId;
$this->_Result['ok'] = true;
$this->_Result['entries'] = $entryData[$parentFieldId]['entries'];
}
