function remove_404($id) { // find the user to delete if ($error = Record::findByIdFrom('Redirector404s', $id)) { if ($error->delete()) { Flash::set('success', __('404 Error has been deleted!')); } else { Flash::set('error', __('There was a problem deleting this 404 error!')); } } else { Flash::set('error', __('404 Error not found!')); } redirect(get_url('plugin/redirector/')); }
function unapprove($id) { // find the user to unapprove if ($comment = Record::findByIdFrom('Comment', $id)) { $comment->is_approved = 0; if ($comment->save()) { Flash::set('success', __('Comment has been unapproved!')); Observer::notify('comment_after_unapprove', $comment); } } else { Flash::set('error', __('Comment not found!')); } redirect(get_url('plugin/comment')); }
function delete() { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $homeimage = Record::findByIdFrom('HomeImage', $id); //Remove folders and all images $dir = FILES_DIR . '/homeimage/images/' . $homeimage->filename; unlink($dir); $dir2 = FILES_DIR . '/homeimage/images/' . $homeimage->filename_hover; unlink($dir2); // End remove folders and all images if ($homeimage->delete()) { Flash::set('success', __('This homeimage has been deleted.')); } else { Flash::set('error', __('This homeimage could not be deleted!')); } redirect(get_url('homeimage')); }
function delete_album() { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); //Remove folders and all images $dir = FILES_DIR . '/gallery/images/' . $id . '/'; foreach (glob($dir . '*.*') as $v) { unlink($v); } rmdir($dir); // End remove folders and all images $galleries = Record::findAllFrom('Gallery', 'album_id="' . $id . '"'); if (count($galleries) > 0) { foreach ($galleries as $gallery) { // find the image to delete if ($delete_gallery = Record::findByIdFrom('Gallery', $gallery->id)) { $delete_gallery->delete(); } } } $album = Record::query('DELETE from ' . TABLE_PREFIX . 'album where id="' . $id . '"'); $album->execute(); Flash::set('success', __('This album has been deleted.')); redirect(get_url('gallery')); }
/** * Checks if the cookie is still valid. * * @param string $cookie Cookie's content. * @return boolean True if cookie is valid, otherwise false. */ private static final function challengeCookie($cookie) { $params = self::explodeCookie($cookie); if (isset($params['exp'], $params['id'], $params['digest'])) { if (!($user = Record::findByIdFrom('User', $params['id']))) { return false; } if (self::bakeUserCookie($params['exp'], $user) == $cookie && $params['exp'] > $_SERVER['REQUEST_TIME']) { return $user; } } return false; }
?> </th> <th class="size" width=50><?php echo __('Order'); ?> </th> <th class="modify" width=50><?php echo __('Action'); ?> </th> </tr> </thead> <tbody> <?php foreach ($banners as $banner) { $page = Record::findByIdFrom('Page', $banner->page_id); $type_detail = $banner->type == 'home' ? $banner->location : ''; ?> <!--ws 2/10/2015 for non-object prroperty problem--> <tr class="<?php echo odd_even(); ?> "> <td><?php echo $banner->name; ?> </td> <td><?php echo $banner->filename != '' ? '<img src="' . BASE_FILES_DIR . '/banner/' . $banner->filename . '" width=100 />' : ''; ?> </td>
function delete_mainimage($id) { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $featureimage = Record::findByIdFrom('Facilities', $id); if ($featureimage) { $file = FILES_DIR . '/facilities/images/' . $featureimage->filename; $filename = array_pop($paths); $paths = join('/', $paths); if (is_file($file)) { if (!unlink($file)) { Flash::set('error', __('Permission denied!')); } } //$featureimage->filename=""; // delete record if ($featureimage->update('Facilities', array('filename' => ''), 'id=' . $id)) { Flash::set('success', __('This image has been deleted.')); } else { Flash::set('error', __('This image could not be deleted!')); } } else { Flash::set('error', __('image could not be found!')); } redirect(get_url('facilities/edit/' . $featureimage->id)); }
?> </th> <th class="size" width=50><?php echo __('Order'); ?> </th> <th class="modify" width=50><?php echo __('Action'); ?> </th> </tr> </thead> <tbody> <?php foreach ($abouts as $about) { $page = Record::findByIdFrom('Page', $about->page_id); $type_detail = $about->type == 'home' ? $about->location : ''; ?> <!--ws 2/10/2015 for non-object prroperty problem--> <tr class="<?php echo odd_even(); ?> "> <td><?php echo $about->name; ?> </td> <td><?php echo $about->filename != '' ? '<img src="' . BASE_FILES_DIR . '/about/' . $about->filename . '" width=100 />' : ''; ?> </td>
/** * Runs checks and stores a page. * * @param string $action What kind of action this is: add or edit. * @param mixed $id Page to edit if any. */ private function _store($action, $id = false) { // Sanity checks if ($action == 'edit' && !$id) { throw new Exception('Trying to edit page when $id is false.'); } use_helper('Validate'); $data = $_POST['page']; $data['is_protected'] = !empty($data['is_protected']) ? 1 : 0; Flash::set('post_data', (object) $data); $pagesetting = array(); //For homepage info & about page info okstmtcc if ($id == 1 || $id == 4) { $upload = $_POST['upload']; $pagesetting = $_POST['pagesetting']; //Flash::set('post_settingdata', (object) $pagesetting); } // Add pre-save checks here $errors = false; $error_fields = false; // CSRF checks if (isset($_POST['csrf_token'])) { $csrf_token = $_POST['csrf_token']; $csrf_id = ''; if ($action === 'edit') { $csrf_id = '/' . $id; } if (!SecureToken::validateToken($csrf_token, BASE_URL . 'page/' . $action . $csrf_id)) { $errors[] = __('Invalid CSRF token found!'); } } else { $errors[] = __('No CSRF token found!'); } $data['title'] = trim($data['title']); if (empty($data['title'])) { $error_fields[] = __('Page Title'); } /** homepage setting check okstmtcc **/ if ($id == 1) { /** homepage page title **/ if (empty($pagesetting['homepage_discover_title'])) { $error_fields[] = __('Homepage Title'); } if (empty($pagesetting['homepage_discover_teaser'])) { $error_fields[] = __('Homepage Teaser'); } /** highlight 1 **/ // if (empty($pagesetting['highlight_title'])){ // $error_fields[] = __('Highlight 1´s Title'); // } // if (empty($pagesetting['highlight_text1'])){ // $error_fields[] = __('Highlight 1´s Text 1'); // } // if (empty($pagesetting['highlight_url'])){ // $error_fields[] = __('Highlight 1´s Read More URL'); // } // $pagesetting_ori = PageSetting::init(); // if (isset($_FILES)) { // if(empty($_FILES['upload_highlight_image']['name'])){ // $pagesetting['highlight_image'] = $pagesetting_ori->highlight_image; // } else { // $pagesetting['highlight_image'] = $_FILES['upload_highlight_image']['name']; // } // } else { // $pagesetting['highlight_image'] = $pagesetting_ori->highlight_image; // } // if (empty($pagesetting['highlight_image'])){ // $error_fields[] = __('Highlight 1´s Image'); // } // /** highlight 2 **/ // if (empty($pagesetting['highlight2_title'])){ // $error_fields[] = __('Highlight 2´s Title'); // } // if (empty($pagesetting['highlight2_text1'])){ // $error_fields[] = __('Highlight 2´s Text 1'); // } // if (empty($pagesetting['highlight2_url'])){ // $error_fields[] = __('Highlight 2´s Read More URL'); // } // if (isset($_FILES)) { // if(empty($_FILES['upload_highlight2_image']['name'])){ // $pagesetting['highlight2_image'] = $pagesetting_ori->highlight2_image; // } else { // $pagesetting['highlight2_image'] = $_FILES['upload_highlight2_image']['name']; // } // } else { // $pagesetting['highlight2_image'] = $pagesetting_ori->highlight2_image; // } // if (empty($pagesetting['highlight2_image'])){ // $error_fields[] = __('Highlight 2´s Image'); // } // if (isset($_FILES)) { // if(empty($_FILES['upload_newdev_image']['name'])){ // $pagesetting['newdev_image'] = $pagesetting_ori->newdev_image; // } else { // $pagesetting['newdev_image'] = $_FILES['upload_newdev_image']['name']; // } // } else { // $pagesetting['newdev_image'] = $pagesetting_ori->newdev_image; // } // if (empty($pagesetting['newdev_image'])){ // $error_fields[] = __('New Development Image'); // } } /** homepage setting check okstmtcc **/ $data['slug'] = !empty($data['slug']) ? trim($data['slug']) : ''; if (empty($data['slug']) && $id != '1') { $error_fields[] = __('Slug'); } else { if ($data['slug'] == ADMIN_DIR) { $errors[] = __('You cannot have a slug named :slug!', array(':slug' => ADMIN_DIR)); } if (!Validate::slug($data['slug']) && (!empty($data['slug']) && $id == '1')) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'slug')); } } // Check all numerical fields for a page $fields = array('parent_id', 'layout_id', 'needs_login'); foreach ($fields as $field) { if (!Validate::digit($data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } } // Check all date fields for a page $fields = array('created_on', 'published_on', 'valid_until'); foreach ($fields as $field) { if (isset($data[$field])) { $data[$field] = trim($data[$field]); if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/D', (string) $data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } } } // Check all time fields for a page $fields = array('created_on_time', 'published_on_time', 'valid_until_time'); foreach ($fields as $field) { if (isset($data[$field])) { $data[$field] = trim($data[$field]); if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{2}:[0-9]{2}:[0-9]{2}$/D', (string) $data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } } } // Check alphanumerical fields $fields = array('keywords', 'description'); foreach ($fields as $field) { use_helper('Kses'); $data[$field] = kses(trim($data[$field]), array()); /* if (!empty($data[$field]) && !Validate::alpha_comma($data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } * */ } // Check behaviour_id field if (!empty($data['behaviour_id']) && !Validate::slug($data['behaviour_id'])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'behaviour_id')); } // Make sure the title doesn't contain HTML if (Setting::get('allow_html_title') == 'off') { use_helper('Kses'); $data['title'] = kses(trim($data['title']), array()); } // Create the page object to be manipulated and populate data if ($action == 'add') { $page = new Page($data); } else { $page = Record::findByIdFrom('Page', $id); $page->setFromData($data); } // Upon errors, rebuild original page and return to screen with errors if (false !== $errors || $error_fields !== false) { $tags = $_POST['page_tag']; // Rebuild time fields if (isset($page->created_on) && isset($page->created_on_time)) { $page->created_on = $page->created_on . ' ' . $page->created_on_time; } if (isset($page->published_on) && isset($page->published_on_time)) { $page->published_on = $page->published_on . ' ' . $page->published_on_time; } if (isset($page->valid_until)) { $page->valid_until = $page->valid_until . ' ' . $page->valid_until_time; } // Rebuild parts $part = ''; if (!empty($_POST['part'])) { $part = $_POST['part']; $tmp = false; foreach ($part as $key => $val) { $tmp[$key] = (object) $val; } $part = $tmp; } // Set the errors to be displayed. $err_msg = $errors != false ? implode('<br/>', $errors) : ''; $err_msg .= $error_fields != false ? '<br />Please specify these fields: ' . implode(', ', $error_fields) : ''; Flash::setNow('error', $err_msg); //$settingdata = 'aaa'; // display things ... $this->setLayout('backend'); $pagesettingobj = new stdClass(); foreach ($pagesetting as $name => $value) { $pagesettingobj->{$name} = $value; } $this->display('page/edit', array('action' => $action, 'csrf_token' => SecureToken::generateToken(BASE_URL . 'page/' . $action), 'page' => (object) $page, 'pagesetting' => $pagesettingobj, 'tags' => $tags, 'filters' => Filter::findAll(), 'behaviors' => Behavior::findAll(), 'page_parts' => $part, 'layouts' => Record::findAllFrom('Layout'))); } // Notify if ($action == 'add') { Observer::notify('page_add_before_save', $page); } else { Observer::notify('page_edit_before_save', $page); } // Time to actually save the page // @todo rebuild this so parts are already set before save? // @todo determine lazy init impact $page->newwindow = !empty($data['newwindow']) ? '1' : '0'; if ($page->save()) { // Get data for parts of this page $data_parts = $_POST['part']; Flash::set('post_parts_data', (object) $data_parts); if ($action == 'edit') { $old_parts = PagePart::findByPageId($id); // check if all old page part are passed in POST // if not ... we need to delete it! foreach ($old_parts as $old_part) { $not_in = true; foreach ($data_parts as $part_id => $data) { $data['name'] = trim($data['name']); if ($old_part->name == $data['name']) { $not_in = false; // this will not really create a new page part because // the id of the part is passed in $data $part = new PagePart($data); $part->page_id = $id; Observer::notify('part_edit_before_save', $part); $part->save(); Observer::notify('part_edit_after_save', $part); unset($data_parts[$part_id]); break; } } if ($not_in) { $old_part->delete(); } } } // add the new parts foreach ($data_parts as $data) { $data['name'] = trim($data['name']); $part = new PagePart($data); $part->page_id = $page->id; Observer::notify('part_add_before_save', $part); $part->save(); Observer::notify('part_add_after_save', $part); } // save tags $page->saveTags($_POST['page_tag']['tags']); // save homepage banner info okstmtcc if ($id == 1) { // upload home banner image 1, 2 if (isset($_FILES) && !empty($_FILES['upload_banner_image1']['name'])) { //okstmtcc 20150827 Replace image filename spaces $_FILES['upload_banner_image1']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_banner_image1']['name']); $file = $this->upload_file($_FILES['upload_banner_image1']['name'], FILES_DIR . '/pagesetting/images/', $_FILES['upload_banner_image1']['tmp_name'], $overwrite); if ($file === false) { Flash::set('error', __('Home banner could not be uploaded!')); redirect(get_url('page/edit/1')); } else { $pagesetting['banner_image1'] = $file; } } if (isset($_FILES) && !empty($_FILES['upload_banner_image2']['name'])) { //okstmtcc 20150827 Replace image filename spaces $_FILES['upload_banner_image2']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_banner_image2']['name']); $file = $this->upload_file($_FILES['upload_banner_image2']['name'], FILES_DIR . '/pagesetting/images/', $_FILES['upload_banner_image2']['tmp_name'], $overwrite); if ($file === false) { Flash::set('error', __('Home banner could not be uploaded!')); redirect(get_url('page/edit/1')); } else { $pagesetting['banner_image2'] = $file; } } PageSetting::saveFromData($pagesetting); } // save homepage banner info okstmtcc // save about banner info okstmtcc if ($id == 4) { // upload about page image 1 if (isset($_FILES) && !empty($_FILES['upload_about_image1']['name'])) { //okstmtcc 20150827 Replace image filename spaces $_FILES['upload_about_image1']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_about_image1']['name']); $file = $this->upload_file($_FILES['upload_about_image1']['name'], FILES_DIR . '/pagesetting/images/', $_FILES['upload_about_image1']['tmp_name'], $overwrite); if ($file === false) { Flash::set('error', __('Home banner could not be uploaded!')); redirect(get_url('page/edit/1')); } else { $pagesetting['about_image1'] = $file; } } PageSetting::saveFromData($pagesetting); } // save about banner info okstmtcc Flash::set('success', __('Page has been saved.')); } else { Flash::set('error', __('Page has not been saved!')); $url = 'page/'; $url .= $action == 'edit' ? 'edit/' . $id : 'add/'; redirect(get_url($url)); } if ($action == 'add') { Observer::notify('page_add_after_save', $page); } else { Observer::notify('page_edit_after_save', $page); } // save and quit or save and continue editing ? if (isset($_POST['commit'])) { redirect(get_url('page')); } else { redirect(get_url('page/edit/' . $page->id)); } }
/** * Ajax action to copy a page or page tree * */ function copy($parent_id) { parse_str($_POST['data']); $page = Record::findByIdFrom('Page', $dragged_id); $new_root_id = Page::cloneTree($page, $parent_id); foreach ($pages as $position => $page_id) { if ($page_id == $dragged_id) { /* Move the cloned tree, not original. */ $page = Record::findByIdFrom('Page', $new_root_id); } else { $page = Record::findByIdFrom('Page', $page_id); } $page->position = (int) $position; $page->parent_id = (int) $parent_id; $page->save(); } }
function delete_category() { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $category = Record::findByIdFrom('NewsCategory', $id); //Remove all news folders and all images $news_arr = News::findByCatId($id); foreach ($news_arr as $news) { $dir = FILES_DIR . '/news/images/' . $news->filename; unlink($dir); if ($news->delete()) { } } // End remove all news folders and all images if ($category->delete()) { Flash::set('success', __('This category has been deleted.')); } else { Flash::set('error', __('This category could not be deleted!')); } redirect(get_url('news')); }
?> </th> <th class="size" width=50><?php echo __('Order'); ?> </th> <th class="modify" width=50><?php echo __('Action'); ?> </th> </tr> </thead> <tbody> <?php foreach ($latests as $latest) { $page = Record::findByIdFrom('Page', $latest->page_id); $type_detail = $latest->type == 'home' ? $latest->location : ''; ?> <!--ws 2/10/2015 for non-object prroperty problem--> <tr class="<?php echo odd_even(); ?> "> <td><?php echo $latest->name; ?> </td> <td><?php echo $latest->filename != '' ? '<img src="' . BASE_FILES_DIR . '/latest/' . $latest->filename . '" width=100 />' : ''; ?> </td>
function delete_location($id) { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $location = Record::findByIdFrom('Location', $id); if ($location) { $file = FILES_DIR . '/fnb/location/' . $location->filename; $filename = array_pop($paths); $paths = join('/', $paths); if (is_file($file)) { if (!unlink($file)) { Flash::set('error', __('Permission denied!')); } } // delete record if ($location->delete()) { Flash::set('success', __('This location has been deleted.')); } else { Flash::set('error', __('This Location could not be deleted!')); } } else { Flash::set('error', __('Location could not be found!')); } redirect(get_url('fnb/edit/' . $location->fnbid)); }
/** * View callback function. Adds the page_part_form to the admin page. * * @param page the current page to edit */ public static function callback_view_page($page) { // Because the metadata is not visible, we can't use $page->metadata[self::PLUGIN_ID] if (isset($page->id) && ($form = PageMetadata::FindOneByPageAndKeyword($page->id, self::PLUGIN_ID)) || ($form = PageMetadata::FindOneByPageAndKeyword($page->parent_id, self::PLUGIN_ID . '_children'))) { if ($definition = Record::findByIdFrom('PagePartForm', $form->value)) { // Convert page_parts array to hash $page_parts = array(); if (isset($page->id)) { foreach (PagePart::findByPageId($page->id) as $page_part) { $page_parts[$page_part->name] = $page_part; } } // Add the page_part_form to the admin view self::Get_instance()->create_view('observers/page_form', array('page' => $page, 'page_parts' => $page_parts, 'structure' => self::Get_structure($definition)))->display(); } } }
?> </th> <th class="size" width=50><?php echo __('Order'); ?> </th> <th class="modify" width=50><?php echo __('Action'); ?> </th> </tr> </thead> <tbody> <?php foreach ($menus as $menu) { $page = Record::findByIdFrom('Page', $menu->page_id); $type_detail = $menu->type == 'home' ? $menu->location : ''; ?> <!--ws 2/10/2015 for non-object prroperty problem--> <tr class="<?php echo odd_even(); ?> "> <td><?php echo $menu->name; ?> </td> <td><?php echo $menu->filename != '' ? '<img src="' . BASE_FILES_DIR . '/menu/' . $menu->filename . '" width=100 />' : ''; ?> </td>
public function edit($id) { if ($_POST["action"] == "edit") { $data = $_POST['sidebarlink']; Flash::set('postdata', $data); $sidebarlink = Record::findByIdFrom('SidebarLink', $id); if (!$sidebarlink) { Flash::set('error', __('Sidebar link is not found!')); redirect(get_url('sidebarlink')); } $sidebarlink->setFromData($data); $sidebarlink->updated_by_id = AuthUser::getId(); $sidebarlink->updated_on = date('Y-m-d H:i:s'); if (!$sidebarlink->save()) { Flash::set('error', __('Sidebar link is not updated!')); redirect(get_url('sidebarlink/view/' . $id)); } else { $this->upload($id); Flash::set('success', __('Sidebar link has been updated!')); if (isset($_POST['commit'])) { redirect(get_url('sidebarlink')); } else { redirect(get_url('sidebarlink/view/' . $id)); } } } }
public static function cloneTree($page, $parent_id) { /* This will hold new id of root of cloned tree. */ static $new_root_id = false; /* Clone passed in page. */ $clone = Record::findByIdFrom('Page', $page->id); $clone->parent_id = (int) $parent_id; $clone->id = null; $clone->title .= " (copy)"; $clone->slug .= "-copy"; $clone->save(); /* Also clone the page parts. */ $page_part = PagePart::findByPageId($page->id); if (count($page_part)) { foreach ($page_part as $part) { $part->page_id = $clone->id; $part->id = null; $part->save(); } } /* This gets set only once even when called recursively. */ if (!$new_root_id) { $new_root_id = $clone->id; } /* Clone and update childrens parent_id to clones new id. */ if (Page::hasChildren($page->id)) { foreach (Page::childrenOf($page->id) as $child) { Page::cloneTree($child, $clone->id); } } return $new_root_id; }
?> </th> <th class="size" width=50><?php echo __('Order'); ?> </th> <th class="modify" width=50><?php echo __('Action'); ?> </th> </tr> </thead> <tbody> <?php foreach ($events as $event) { $page = Record::findByIdFrom('Page', $event->page_id); $type_detail = $event->type == 'home' ? $event->location : ''; ?> <!--ws 2/10/2015 for non-object prroperty problem--> <tr class="<?php echo odd_even(); ?> "> <td><?php echo $event->name; ?> </td> <td><?php echo $event->filename != '' ? '<img src="' . BASE_FILES_DIR . '/event/' . $event->filename . '" width=100 />' : ''; ?> </td>
function delete_featureimage($id) { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $featureimage = Record::findByIdFrom('FeatureImage', $id); if ($featureimage) { $file = FILES_DIR . '/attraction/feature/' . $featureimage->filename; $filename = array_pop($paths); $paths = join('/', $paths); if (is_file($file)) { if (!unlink($file)) { Flash::set('error', __('Permission denied!')); } } // delete record if ($featureimage->delete()) { Flash::set('success', __('This Feature image has been deleted.')); } else { Flash::set('error', __('This Feature image could not be deleted!')); } } else { Flash::set('error', __('Feature image could not be found!')); } redirect(get_url('attraction/edit/' . $featureimage->attractionid)); }
/** * Reorders a Snippet's position relative to other Snippets. * * @todo Add input cleaning. */ public function reorder() { parse_str($_POST['data']); foreach ($snippets as $position => $snippet_id) { $snippet = Record::findByIdFrom('Snippet', $snippet_id); $snippet->position = (int) $position + 1; $snippet->save(); } }
function reorder() { parse_str($_POST['data']); foreach ($layouts as $position => $layout_id) { $layout = Record::findByIdFrom('Layout', $layout_id); $layout->position = (int) $position + 1; $layout->save(); } }
/** * Ends relationship between page and tag * * @since 1.1.0 * * @param string $ids */ public function endrelationship($ids) { $id = explode('-', $ids); $page_id = $id[0]; $tag_id = $id[1]; if ($page = Record::findByIdFrom('Page', $page_id)) { if ($tag = Record::findByIdFrom('Tag', $tag_id)) { if (TaggerTag::deletePageTagRelationship($page_id, $tag_id)) { Flash::set('success', __('Page :page_name has been deleted from association with Tag :tag_name!', array(':page_name' => $page->title, ':tag_name' => $tag->name))); } else { Flash::set('error', __('Nothing was deleted!')); } } } else { Flash::set('error', __('Page not found!')); } redirect(get_url('plugin/tagger')); }
function delete() { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $news = Record::findByIdFrom('News', $id); //Remove folders and all images $dir = FILES_DIR . '/promo/images/' . $news->filename; unlink($dir); // End remove folders and all images if ($news->delete()) { Flash::set('success', __('This promo has been deleted.')); } else { Flash::set('error', __('This promo could not be deleted!')); } redirect(get_url('news')); }
function delete() { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $event = Record::findByIdFrom('Event', $id); //Remove folders and all images $dir = FILES_DIR . '/event/images/' . $event->image; unlink($dir); // End remove folders and all images if ($event->delete()) { Flash::set('success', __('This event has been deleted.')); } else { Flash::set('error', __('This event has not been deleted!')); } redirect(get_url('event')); }
/** * Runs checks and stores a page. * * @param string $action What kind of action this is: add or edit. * @param mixed $id Page to edit if any. */ private function _store($action, $id = false) { // Sanity checks if ($action == 'edit' && !$id) { throw new Exception('Trying to edit page when $id is false.'); } use_helper('Validate'); $data = $_POST['page']; $data['is_protected'] = !empty($data['is_protected']) ? 1 : 0; Flash::set('post_data', (object) $data); // Add pre-save checks here $errors = false; // CSRF checks if (isset($_POST['csrf_token'])) { $csrf_token = $_POST['csrf_token']; if (!SecureToken::validateToken($csrf_token, BASE_URL . 'page/' . $action)) { $errors[] = __('Invalid CSRF token found!'); } } else { $errors[] = __('No CSRF token found!'); } $data['title'] = trim($data['title']); if (empty($data['title'])) { $errors[] = __('You have to specify a title!'); } $data['slug'] = trim($data['slug']); if (empty($data['slug']) && $id != '1') { $errors[] = __('You have to specify a slug!'); } else { if ($data['slug'] == ADMIN_DIR) { $errors[] = __('You cannot have a slug named :slug!', array(':slug' => ADMIN_DIR)); } if (!Validate::slug($data['slug']) && (!empty($data['slug']) && $id == '1')) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'slug')); } } // Check all numerical fields for a page $fields = array('parent_id', 'layout_id', 'needs_login'); foreach ($fields as $field) { if (!Validate::digit($data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } } // Check all date fields for a page $fields = array('created_on', 'published_on', 'valid_until'); foreach ($fields as $field) { if (isset($data[$field])) { $data[$field] = trim($data[$field]); if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/D', (string) $data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } } } // Check all time fields for a page $fields = array('created_on_time', 'published_on_time', 'valid_until_time'); foreach ($fields as $field) { if (isset($data[$field])) { $data[$field] = trim($data[$field]); if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{2}:[0-9]{2}:[0-9]{2}$/D', (string) $data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } } } // Check alphanumerical fields $fields = array('keywords', 'description'); foreach ($fields as $field) { use_helper('Kses'); $data[$field] = kses(trim($data[$field]), array()); /* if (!empty($data[$field]) && !Validate::alpha_comma($data[$field])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field)); } * */ } // Check behaviour_id field if (!empty($data['behaviour_id']) && !Validate::slug($data['behaviour_id'])) { $errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'behaviour_id')); } // Make sure the title doesn't contain HTML if (Setting::get('allow_html_title') == 'off') { use_helper('Kses'); $data['title'] = kses(trim($data['title']), array()); } // Create the page object to be manipulated and populate data if ($action == 'add') { $page = new Page($data); } else { $page = Record::findByIdFrom('Page', $id); $page->setFromData($data); } // Upon errors, rebuild original page and return to screen with errors if (false !== $errors) { $tags = $_POST['page_tag']; // Rebuild time fields if (isset($page->created_on)) { $page->created_on = $page->created_on . ' ' . $page->created_on_time; } if (isset($page->published_on)) { $page->published_on = $page->published_on . ' ' . $page->published_on_time; } if (isset($page->valid_until)) { $page->valid_until = $page->valid_until . ' ' . $page->valid_until_time; } // Rebuild parts $part = $_POST['part']; if (!empty($part)) { $tmp = false; foreach ($part as $key => $val) { $tmp[$key] = (object) $val; } $part = $tmp; } // Set the errors to be displayed. Flash::setNow('error', implode('<br/>', $errors)); // display things ... $this->setLayout('backend'); $this->display('page/edit', array('action' => $action, 'csrf_token' => SecureToken::generateToken(BASE_URL . 'page/' . $action), 'page' => (object) $page, 'tags' => $tags, 'filters' => Filter::findAll(), 'behaviors' => Behavior::findAll(), 'page_parts' => (object) $part, 'layouts' => Record::findAllFrom('Layout'))); } // Notify if ($action == 'add') { Observer::notify('page_add_before_save', $page); } else { Observer::notify('page_edit_before_save', $page); } // Time to actually save the page // @todo rebuild this so parts are already set before save? // @todo determine lazy init impact if ($page->save()) { // Get data for parts of this page $data_parts = $_POST['part']; Flash::set('post_parts_data', (object) $data_parts); if ($action == 'edit') { $old_parts = PagePart::findByPageId($id); // check if all old page part are passed in POST // if not ... we need to delete it! foreach ($old_parts as $old_part) { $not_in = true; foreach ($data_parts as $part_id => $data) { $data['name'] = trim($data['name']); if ($old_part->name == $data['name']) { $not_in = false; // this will not really create a new page part because // the id of the part is passed in $data $part = new PagePart($data); $part->page_id = $id; Observer::notify('part_edit_before_save', $part); $part->save(); Observer::notify('part_edit_after_save', $part); unset($data_parts[$part_id]); break; } } if ($not_in) { $old_part->delete(); } } } // add the new parts foreach ($data_parts as $data) { $data['name'] = trim($data['name']); $part = new PagePart($data); $part->page_id = $page->id; Observer::notify('part_add_before_save', $part); $part->save(); Observer::notify('part_add_after_save', $part); } // save tags $page->saveTags($_POST['page_tag']['tags']); Flash::set('success', __('Page has been saved!')); } else { Flash::set('error', __('Page has not been saved!')); $url = 'page/'; $url .= $action == 'edit' ? 'edit/' . $id : 'add/'; redirect(get_url($url)); } if ($action == 'add') { Observer::notify('page_add_after_save', $page); } else { Observer::notify('page_edit_after_save', $page); } // save and quit or save and continue editing ? if (isset($_POST['commit'])) { redirect(get_url('page')); } else { redirect(get_url('page/edit/' . $page->id)); } }
public function delete($id) { if (!AuthUser::hasPermission('user_delete')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } // Sanity checks use_helper('Validate'); if (!Validate::numeric($id)) { Flash::set('error', __('Invalid input found!')); redirect(get_url()); } // CSRF checks if (isset($_GET['csrf_token'])) { $csrf_token = $_GET['csrf_token']; if (!SecureToken::validateToken($csrf_token, BASE_URL . 'user/delete/' . $id)) { Flash::set('error', __('Invalid CSRF token found!')); redirect(get_url('user')); } } else { Flash::set('error', __('No CSRF token found!')); redirect(get_url('user')); } // security (dont delete the first admin) if ($id > 1) { // find the user to delete if ($user = Record::findByIdFrom('User', $id)) { if ($user->delete()) { Flash::set('success', __('User <strong>:name</strong> has been deleted!', array(':name' => $user->name))); Observer::notify('user_after_delete', $user->name); } else { Flash::set('error', __('User <strong>:name</strong> has not been deleted!', array(':name' => $user->name))); } } else { Flash::set('error', __('User not found!')); } } else { Flash::set('error', __('Action disabled!')); } redirect(get_url('user')); }
function delete($id) { $testimonial = Record::findByIdFrom('Testimonial', $id); // find the testimonial to delete if ($testimonial) { if ($testimonial->delete()) { Flash::set('success', __('This testimonial has been deleted.')); } else { Flash::set('error', __('This testimonial has not been deleted!')); } } else { Flash::set('error', __('Testimonial not found!')); } redirect(get_url('testimonial')); }
public function delete($id) { if (!AuthUser::hasPermission('user_delete')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } // security (dont delete the first admin) if ($id > 1) { // find the user to delete if ($user = Record::findByIdFrom('User', $id)) { if ($user->delete()) { Flash::set('success', __('User <strong>:name</strong> has been deleted!', array(':name' => $user->name))); Observer::notify('user_after_delete', $user->name); } else { Flash::set('error', __('User <strong>:name</strong> has not been deleted!', array(':name' => $user->name))); } } else { Flash::set('error', __('User not found!')); } } else { Flash::set('error', __('Action disabled!')); } redirect(get_url('user')); }
function delete_image($id) { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $about = Record::findByIdFrom('About', $id); $file = FILES_DIR . '/about/' . $about->filename; $filename = array_pop($paths); $paths = join('/', $paths); if (is_file($file)) { if (!unlink($file)) { Flash::set('error', __('Permission denied!')); } } // find the about to delete if ($about = Record::findByIdFrom('About', $id)) { if ($about->update('About', array('filename' => '', 'source' => ''), 'id=' . $id)) { Flash::set('success', __('This image has been deleted.')); } else { Flash::set('error', __('This image has not been deleted!')); } } else { Flash::set('error', __('Image not found!')); } redirect(get_url('about/view/' . $id)); }
function delete($id) { $pdf = Record::findByIdFrom('Pdf', $id); // find the pdf to delete if ($pdf) { $file = FILES_DIR . '/pdf/' . $pdf->filename; //$file2 = FILES_DIR.'/pdf/bg/'.$pdf->left_bg; //$file3 = FILES_DIR.'/pdf/bg/'.$pdf->right_bg; $filename = array_pop($paths); $paths = join('/', $paths); if (is_file($file)) { if (!unlink($file)) { Flash::set('error', __('Permission denied!')); } } if ($pdf->delete()) { Flash::set('success', __('This pdf has been deleted.')); } else { Flash::set('error', __('This pdf has not been deleted!')); } } else { Flash::set('error', __('Menu not found!')); } redirect(get_url('pdf')); }