function get_subgroups_count() { $sql = $this->site->db->prepare("SELECT COUNT(*) FROM groups WHERE parent_group_id=?", $this->group_id); $sth = new SQL($sql); $subgroups_count = $sth->fetchsingle(); return $subgroups_count; }
public function __construct() { $sql = "SELECT description FROM version WHERE version_nr = '4.7.FINAL'"; $result = new SQL($sql); $this->lastUpdate = (int) $result->fetchsingle(); if (!$this->lastUpdate) { $this->lastUpdate = 479; } $this->cli = php_sapi_name() == 'cli' ? true : false; $this->ln = $this->cli == 'cli' ? "\n" : '<br>'; }
/** * This source file is is part of Saurus CMS content management software. * It is licensed under MPL 1.1 (http://www.opensource.org/licenses/mozilla1.1.php). * Copyright (C) 2000-2010 Saurused Ltd (http://www.saurus.info/). * Redistribution of this file must retain the above copyright notice. * * Please note that the original authors never thought this would turn out * such a great piece of software when the work started using Perl in year 2000. * Due to organic growth, you may find parts of the software being * a bit (well maybe more than a bit) old fashioned and here's where you can help. * Good luck and keep your open source minds open! * * @package SaurusCMS * @copyright 2000-2010 Saurused Ltd (http://www.saurus.info/) * @license Mozilla Public License 1.1 (http://www.opensource.org/licenses/mozilla1.1.php) * */ function smarty_function_save_mailinglist($params, &$smarty) { global $site; extract($params); $user_id = (int) $user; if (!$user_id) { $user_id = $site->user->user_id; } ################### # salvestame mailinglistide valik # muide, kui kasutaja e-mail salvestati tühjana, siis ei lisata ka ühtegi meili-listi ja kustutatakse vanadki if ($user_id) { // get user data $sql = $site->db->prepare('select * from users where user_id = ?', $user_id); $result = new SQL($sql); $user_data = $result->fetch('ASSOC'); ################### # salvestame mailinglistide valik # ja lisada uued mailinglistid ################### # kustutada vanad mailinglistid $sql = $site->db->prepare("SELECT user_mailinglist.objekt_id FROM user_mailinglist LEFT JOIN objekt ON user_mailinglist.objekt_id = objekt.objekt_id WHERE user_mailinglist.user_id = ? AND objekt.keel=?", $user_id, $site->keel); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $del_obj = array(); while ($del_obj_id = $sth->fetchsingle()) { $del_obj[] = $del_obj_id; } $sql = $site->db->prepare("DELETE FROM user_mailinglist WHERE user_id=? AND FIND_IN_SET(objekt_id,?)", $user_id, join(",", $del_obj)); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); # ja lisada uued (NB! aga ainult siis kui kasutaja e-mail ei ole tühi) if (trim($site->user->all['email'] != '') && is_array($fields)) { # rubrigide ID kontroll # kas on seal meilinglist, kas on rubriik avaldatud $sql = $site->db->prepare("SELECT obj_rubriik.objekt_id FROM obj_rubriik,objekt WHERE obj_rubriik.objekt_id=objekt.objekt_id AND objekt.on_avaldatud='1' AND obj_rubriik.on_meilinglist = '1' AND find_in_set(obj_rubriik.objekt_id, ?)", join(",", $fields)); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $values = array(); while ($objekt_id = $sth->fetchsingle()) { $values[] = $site->db->prepare("(?,?)", $user_id, $objekt_id); } if (sizeof($values)) { $sql = "INSERT INTO user_mailinglist (user_id, objekt_id) VALUES " . join(",", $values); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); } } # if mõni meilinglist oli chekitud } # kui kasutaja lisati edukalt # / salvestame mailinglistide valik ################### }
function smarty_function_sync_folder($params, &$smarty) { global $site, $leht, $class_path; ############## # default values extract($params); //if(!isset($name)) { $name = 'folder'; } //eelista id'd if (isset($id)) { $id = (int) $id; $objekt = new Objekt(array('objekt_id' => $id)); //printr($objekt->all); //kui on album if ($objekt->all['tyyp_id'] == 16) { $conf = new CONFIG($objekt->all['ttyyp_params']); if ($folder_path = $conf->get('path')) { $folder_path = preg_replace('#^/#', '', $folder_path); $folder_path = preg_replace('#/$#', '', $folder_path); $folder_abs_path = $site->absolute_path . $folder_path; $sql = $site->db->prepare('select objekt_id from obj_folder where relative_path = ?', '/' . $folder_path); $result = new SQL($sql); if ($result->rows) { $id = $result->fetchsingle(); include_once $class_path . 'picture.inc.php'; generate_images($folder_abs_path, $conf->get('tn_size'), $conf->get('pic_size')); } else { //no such folder return; } } else { //no image folder set return; } } elseif ($objekt->all['tyyp_id'] != 22) { return; } } elseif (isset($path)) { $path = (string) $path; $path = preg_replace('#^/#', '', $path); $path = preg_replace('#/$#', '', $path); $sql = $site->db->prepare('select objekt_id from obj_folder where relative_path = ?', $path); $result = new SQL($sql); if ($result->rows) { $id = $result->fetchsingle(); } else { //no such folder return; } } include_once $class_path . 'adminpage.inc.php'; synchronise_folder($id); }
function rep_id($vana_id, $sitename) { global $site; if (!$vana_id || !$sitename) { return 0; } if ($site->CONF['hostname'] == $sitename) { return $vana_id; } else { $sql = $site->db->prepare("\n\t\t\tSELECT objekt_id FROM objekt WHERE related_objekt_id = ?", $vana_id); $sth = new SQL($sql); $id = $sth->fetchsingle(); $site->debug->msg($sth->debug->get_msgs()); return $sth->rows ? $id : $vana_id; } }
function get_obj_all_parents($objekt_id = '') { # --------------------------------------- # objekti k�igi parentite v�ljastamine massiivi # --------------------------------------- $parents = array(); if (!is_numeric($objekt_id)) { $objekt_id = $this->objekt_id; } if ($objekt_id) { $sql = $this->site->db->prepare("\n\t\t\t\tSELECT objekt_objekt.parent_id\n\t\t\t\tFROM objekt_objekt \n\t\t\t\tWHERE objekt_objekt.objekt_id=?", $objekt_id); $sth = new SQL($sql); while ($par = $sth->fetchsingle()) { $parents[] = $par; } return $parents; } }
window.opener.location = window.opener.location; window.close(); //--></SCRIPT> <? } if ($site->fdat['op2'] == 'deleteconfirmed') { /*------------------------------------- //Valime kasutaja_id kelle oma see kommentaar on --------------------------------------*/ $sql = $site->db->prepare("SELECT kasutaja_id FROM obj_kommentaar WHERE objekt_id = ?",$site->fdat[id]); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $kommenteerija_id = $sth->fetchsingle(); $curr_obj = new Objekt(array( objekt_id => $site->fdat['id'], )); $parent_obj = new Objekt(array( objekt_id => $curr_obj->parent_id, )); # $alamlist_count - kui palju üldse kommentaare on, parent jaoks $alamlist_count = new Alamlist(array( parent => $curr_obj->parent_id, klass => "kommentaar", asukoht => 0,
$faulty_obj_arr[$rec['objekt_id']] = $sisu_strip; } } # while rec ####### 2) comments/messages $sql = "SELECT objekt_id, text FROM obj_kommentaar"; $sth = new SQL ($sql); while($rec = $sth->fetch()){ # strip HTML tags from lyhi, sisu for strip-fields $sisu_strip = $rec['text']; $sisu_strip = convert_sisu_strip($sisu_strip); ##### check if fields match $sql2 = $site->db->prepare("SELECT sisu_strip FROM objekt WHERE objekt_id= ?", $rec['objekt_id']); $sth2 = new SQL ($sql2); $sisu_strip_in_db = $sth2->fetchsingle(); if(trim($sisu_strip_in_db) != trim($sisu_strip) ){ $faulty_obj_arr[$rec['objekt_id']] = $sisu_strip; } } # while rec ################## # sql if (!$site->fdat['run']){ echo " <tr> <td><b>object search: Faulty strip-fields</b><br></td> </tr> "; }
/** * import into CMS dictionary from a CSV text file, returns true on success, false if failes * * @param string $cvs_file * @param boolean $overwrite_user_translations default false * @param boolean $delete_old_data default false * @param boolean $write_log default true * @return boolean */ function import_dict_from_file($cvs_file, $overwrite_user_translations = false, $delete_old_data = false, $write_log = true) { global $site; //printr($overwrite_user_translations); //printr($delete_old_data); if ($filep = @fopen($cvs_file, 'r')) { // read file contents into a string $cvs_file = fread($filep, filesize($cvs_file)); // chop the strings into lines $cvs_file = str_replace("\r\n", "\n", $cvs_file); // bug #2397, change the windows linebreaks $cvs_file = explode("\n", $cvs_file); $cvs_checksum = null; $cvs_date = null; $cvs_encoding = null; $sys_words = array(); $k = null; /* create an array($sys_words) of translation */ // for each line in the file foreach ($cvs_file as $i => $cvs_line) { //lines with starting with [ if ($cvs_line[0] == '[') { //chekcsum if (ereg('^\\[CHECKSUM', $cvs_line)) { $cvs_checksum = str_replace(array('[CHECKSUM=', ']'), '', $cvs_line); $cvs_checksum = explode(':', $cvs_checksum); $cvs_checksum['lang_id'] =& $cvs_checksum[0]; $cvs_checksum['types'] =& $cvs_checksum[1]; $cvs_checksum['words'] =& $cvs_checksum[2]; unset($cvs_file[$i]); } elseif (ereg('^\\[DATE', $cvs_line)) { $cvs_date = str_replace(array('[DATE=', ']'), '', $cvs_line); unset($cvs_file[$i]); } elseif (ereg('^\\[ENCODING', $cvs_line)) { $cvs_encoding = trim(str_replace(array('[ENCODING=', ']'), '', $cvs_line)); unset($cvs_file[$i]); } else { $k = array_push($sys_words, explode(':', str_replace(array('[', ']'), '', $cvs_line))); $k--; $sys_words[$k]['key'] =& $sys_words[$k][0]; $sys_words[$k]['sst_id'] =& $sys_words[$k][1]; $sys_words[$k]['name'] =& $sys_words[$k][2]; } } elseif ($cvs_line[0] == '#') { unset($cvs_file[$i]); } elseif (empty($cvs_line)) { unset($cvs_file[$i]); } elseif ($k !== null) { $cvs_line = explode(';', $cvs_line); $sys_words[$k]['words'][] = array('sys_word' => $cvs_line[0], 'description' => $cvs_line[1], 'translation' => $cvs_line[2]); } } ## check if CHECKSUM line was successfully detected, if not, return error and stop (Bug #2566) if (trim($cvs_checksum['lang_id']) == '') { new Log(array('action' => 'import', 'component' => 'Languages', 'type' => 'ERROR', 'message' => 'Dictionary import: invalid language file - CHECKSUM line not detected!')); return false; } /* // check if the dict file is the same encoding as the language // no longer neccesssary, because langaugaes and glossaries are different things $sql = $site->db->prepare('select nimi, encoding from keel where keel_id = ?;', $cvs_checksum['lang_id']); $result = new SQL($sql); $result = $result->fetch('ASSOC'); $lang_name = $result['nimi']; if($write_log && $result['encoding'] != $cvs_encoding) { new Log(array( 'action' => 'import', 'component' => 'Languages', 'type' => 'ERROR', 'message' => 'Dictionary import: CSV file encoding does not match language encoding. CSV = "'.$cvs_encoding.'" '.$lang_name.' = "'.$result['encoding'].'".', )); return false; } */ // update glossary encoding from the language file $sql = $site->db->prepare("update keel set encoding = ? where keel_id = ?", $cvs_encoding, $cvs_checksum['lang_id']); $result = new SQL($sql); if ($result->error) { new Log(array('action' => 'import', 'component' => 'Languages', 'type' => 'ERROR', 'message' => 'Dictionary import: Could not update glossary encoding. CSV = "' . $cvs_encoding . '" ' . $lang_name . '.')); return false; } //printr($sys_words); //printr($cvs_checksum); foreach ($sys_words as $sys_word) { $sql = $site->db->prepare('select sst_id from sys_sona_tyyp where voti = ?', $sys_word['key']); $result = new SQL($sql); $sys_word['sst_id'] = $result->fetchsingle(); if ($result->rows == 0) { // create sys_word type $sql = $site->db->prepare('insert into sys_sona_tyyp (voti, nimi) values (?, ?);', $sys_word['key'], $sys_word['name']); $result = new SQL($sql); $sys_word['sst_id'] = $result->insert_id; } else { // update sys_word type $sql = $site->db->prepare('update sys_sona_tyyp set voti = ?, nimi = ? where sst_id = ?;', $sys_word['key'], $sys_word['name'], $sys_word['sst_id']); new SQL($sql); } if ($delete_old_data) { $sql = $site->db->prepare('delete from sys_sonad where sst_id = ? and keel = ?', $sys_word['sst_id'], $cvs_checksum['lang_id']); new SQL($sql); } if (isset($sys_word['words'])) { foreach ($sys_word['words'] as $word) { $sql = $site->db->prepare('select 1 from sys_sonad_kirjeldus where sst_id = ? and sys_sona = ?', $sys_word['sst_id'], $word['sys_word']); $result = new SQL($sql); if ($result->rows == 0) { // insert new $sql = $site->db->prepare('insert into sys_sonad_kirjeldus (sst_id, sys_sona, sona, last_update) values (?, ?, ? , now());', $sys_word['sst_id'], $word['sys_word'], $word['description']); new SQL($sql); } else { // update only last_update $sql = $site->db->prepare('update sys_sonad_kirjeldus set sona = ?, last_update = now() where sst_id = ? and sys_sona = ?;', $word['description'], $sys_word['sst_id'], $word['sys_word']); new SQL($sql); } $sql = $site->db->prepare('select id from sys_sonad where sst_id = ? and sys_sona = ? and keel = ?', $sys_word['sst_id'], $word['sys_word'], $cvs_checksum['lang_id']); $result = new SQL($sql); if ($result->rows == 0) { // insert new $sql = $site->db->prepare('insert into sys_sonad (sys_sona, keel, sona, origin_sona, sst_id) values (?, ?, ? , ?, ?);', $word['sys_word'], $cvs_checksum['lang_id'], $word['translation'], $word['translation'], $sys_word['sst_id']); new SQL($sql); } elseif ($overwrite_user_translations) { // update $sql = $site->db->prepare('update sys_sonad set sona = ?, origin_sona = ? where id = ?;', $word['translation'], $word['translation'], $result->fetchsingle()); new SQL($sql); } else { // update $sql = $site->db->prepare('update sys_sonad set origin_sona = ? where id = ?;', $word['translation'], $result->fetchsingle()); new SQL($sql); } } } } new Log(array('action' => 'import', 'component' => 'Languages', 'type' => 'NOTICE', 'message' => 'Dictionary import successful. Language: ' . $lang_name)); return true; } else { if ($write_log) { new Log(array('action' => 'import', 'component' => 'Languages', 'type' => 'ERROR', 'message' => 'Dictionary import: could not open CSV file "' . $cvs_file . '.')); } return false; } }
<input type=hidden name=op value="<?=$site->fdat['op']?>"> <input type=hidden name=op2 value=""> <table border="0" cellpadding="0" cellspacing="0" style="width:100%; height:100px"> <tr> <td valign="top" width="100%" class="scms_confirm_delete_cell" height="100%"> <? # check if allowed to delete # 1. if exists any data row with that form, then don't allow to delete $data_count = 0; ############ form content data $sql = $site->db->prepare("SELECT COUNT(*) FROM ".$form_def['source_table']." WHERE form_id=? ",$form_def['form_id']); $sth = new SQL($sql); $form_count = $sth->fetchsingle(); $data_count += $form_count; if($data_count > 0) { # show error message echo "<font color=red>".$site->sys_sona(array(sona => "Permission denied", tyyp=>"editor"))."</font><br><br>"; echo $site->sys_sona(array(sona => "Children count", tyyp=>"admin")).": <b>".$data_count."</b>"; } # show confirmation else { echo $site->sys_sona(array(sona => "kustuta", tyyp=>"editor"))." \"<b>".$form_def['name']."</b>\"? "; echo $site->sys_sona(array(sona => "are you sure?", tyyp=>"admin")); $allow_delete = 1; } ?> </td>
?> </td> </tr> <!-- / forms group --> <!-- extrenal tabels group --> <tr height=100%> <td valign=top> <?php ########### EXTERNAL TABLES TREES $sql = $site->db->prepare("show tables"); $sth = new SQL($sql); while ($tbl_data = $sth->fetchsingle()) { $tables[] = $tbl_data; } #printr($tables); $ext_tables = array(); foreach ($tables as $table) { # add table name to array if this has right external prefix if (substr($table, 0, 4) == 'ext_') { $ext_tables[] = $table; } # if correct prefix } ##### loop over external tables foreach ($ext_tables as $ext_table) { ############ PRINT TREE $sql = $site->db->prepare("SELECT profile_id AS id, source_table AS parent, name FROM object_profiles WHERE source_table=? ORDER BY name", $ext_table);
function print_kast($kast, $is_custom = 0, $archive_link_on = 1) { #Muutujad mis hoiab custom stringid $custom_buttons = ''; $custom_title = ''; $custom_contents = ''; if (get_class($kast) == "Objekt" || is_subclass_of($kast, "Objekt")) { # ---------------------------- # Uudiste kogumik # ---------------------------- if ($kast->all[klass] == "kogumik") { $kast->load_sisu(); if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="1"> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " class="boxhead" height="24"> <?php echo $kast->pealkiri(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); ?> </td> </tr> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " bgcolor="<?php echo $kast->site->dbstyle("menyy_border", "color") ? $kast->site->dbstyle("menyy_border", "color") : "#CCCCCC"; ?> "> <table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="<?php echo $kast->site->dbstyle("menyy_taust", "color") ? $kast->site->dbstyle("menyy_taust", "color") : "#FAFAFA"; ?> "> <tr> <td align="right" valign="top"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="<?php echo $kast->site->dbstyle("menyy_laius", "layout") - 42; ?> " height="10"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> </tr> <?php } else { //Custom print out ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= $kast->pealkiri(); $custom_contents .= "<ul class=\"boxlist\">"; } //if is_custom # rubriigid kus uudised otsida $sql = "SELECT objekt.objekt_id FROM objekt LEFT JOIN objekt_objekt ON objekt_objekt.objekt_id=objekt.objekt_id WHERE objekt_objekt.parent_id=" . $kast->objekt_id . " AND (objekt.kesk = 0 or objekt.kesk = 5 or objekt.kesk = 9) AND objekt.tyyp_id=1"; ####### POOLELI if (!$kast->site->in_editor) { $sql .= " AND objekt.on_avaldatud=1"; } if (!$kast->site->in_editor) { $sql .= " AND !FIND_IN_SET(objekt.objekt_id, '" . join(",", $kast->site->noaccess_hash) . "')"; } $sth = new SQL($sql); while ($rid = $sth->fetchsingle()) { $news_rubrics .= "," . $rid; } $kast->debug->msg($sth->debug->get_msgs()); $kast->debug->msg("Rubriigid: {$news_rubrics}"); $sql = "\r\n\t\t\t\t\t\t\tSELECT objekt.objekt_id, objekt.pealkiri, objekt.aeg, objekt.on_avaldatud, objekt_objekt.parent_id \r\n\t\t\t\t\t\t\tFROM objekt \r\n\t\t\t\t\t\t\tLEFT JOIN objekt_objekt ON objekt_objekt.objekt_id=objekt.objekt_id \r\n\t\t\t\t\t\t\tWHERE find_in_set(objekt_objekt.parent_id,'{$news_rubrics}') AND (objekt.kesk=0 OR objekt.kesk=6) AND (objekt.tyyp_id=2 OR objekt.tyyp_id=15)"; if (!$kast->site->in_editor) { $sql .= " AND objekt.on_avaldatud=1 "; } $sql .= " ORDER BY objekt.aeg DESC, objekt_objekt.sorteering DESC limit 0," . ($kast->all[art_arv] ? $kast->all[art_arv] : 5); $kast->debug->msg($sth->debug->get_msgs()); $sth = new SQL($sql); $kast->debug->msg("Leitud " . $sth->rows . " alamobjekte"); $esimene = 1; while ($ary = $sth->fetch()) { $kast->debug->msg("Objekt leitud: {$ary['objekt_id']}. " . $ary[pealkiri]); $obj = new Objekt(array(ary => $ary)); if (!$is_custom) { if (!$esimene) { # eraldaja ?> <tr valign="top"> <td align="right" valign="top"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> <td background="<?php echo $kast->site->img_path; ?> /stripe1.gif"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="10"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> </tr> <?php } if ($obj->site->in_editor) { ?> <!--tr valign="top"> <td colspan="3" align=left> </td> </tr--> <?php } # if in_editor ?> <tr valign="top"> <td align="right" valign="top"><img src="<?php echo $kast->site->img_path; ?> /nupp1.gif" width="10" height="10" align="texttop"></td> <td><a href="<?php echo $kast->site->self; ?> ?id=<?php echo $obj->objekt_id; ?> " class="navi2_on"><?php echo $obj->pealkiri(); ?> </a><?php echo $kast->all[on_kp_nahtav] ? "<br><font class=txt><font class=date>" . $obj->aeg() . "</font></font>" : ""; $obj->edit_buttons(array(tyyp_idlist => 3, only_edit => 1)); ?> </td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> </tr> <?php $esimene = 0; } else { //Custom print out if ($obj->site->in_editor) { ob_start(); $obj->edit_buttons(array(tyyp_idlist => 3, only_edit => 1)); $custom_contents .= ob_get_contents(); ob_end_clean(); } if ($kast->all[on_kp_nahtav]) { $cu_date = ' <font class=date>' . $obj->aeg() . ' </font>'; } else { $cu_date = ''; } $custom_contents .= '<li class="list"><a href="' . $kast->site->self . '?id=' . $obj->objekt_id . '" class="navi2_on">' . $obj->pealkiri() . $cu_date . '</a>' . '</li>' . ($obj->site->in_editor ? "<br clear=all>" : ""); } //if is_custom } # while if (!$is_custom) { ?> <tr> <td colspan="3"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="10"></td> </tr> </table> </td> </tr> </table> <br> <?php } else { $custom_contents .= "</ul>"; } //if is_custom } else { if ($kast->all[klass] == "rubriik") { # ---------------------------- # Lingide kast # ---------------------------- if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="1"> <tr> <td width="100%" class="boxhead" height="24"> <?php echo $kast->pealkiri(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); ?> </td> </tr> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " bgcolor="<?php echo $kast->site->dbstyle("menyy_border", "color") ? $kast->site->dbstyle("menyy_border", "color") : "#CCCCCC"; ?> "> <table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="<?php echo $kast->site->dbstyle("menyy_taust", "color") ? $kast->site->dbstyle("menyy_taust", "color") : "#FAFAFA"; ?> "> <tr> <td align="right" valign="top"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="<?php echo $kast->site->dbstyle("menyy_laius", "layout") - 52; ?> " height="10" border=0></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> </tr> <?php } else { //Custom print out $custom_contents .= '<div class="linkbox">'; ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= $kast->pealkiri(); } //if is_custom $lingi_alamlist = new Alamlist(array(parent => $kast->objekt_id, klass => "link", asukoht => $kast->all[kesk])); $esimene = 1; while ($viit = $lingi_alamlist->next()) { if (!$is_custom) { if (!$esimene) { # eraldaja ?> <tr valign="top"> <td align="right" valign="top"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> <td background="<?php echo $kast->site->img_path; ?> /stripe1.gif"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="10"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> </tr> <?php } # if !esimene $viit->load_sisu(); if ($viit->site->in_editor) { ?> <!--tr valign="top"> <td colspan="3" align=left> </td> </tr--> <?php } # if in_editor ?> <tr valign="top"> <td align="right" valign="top"><img src="<?php echo $kast->site->img_path; ?> /nupp1.gif" width="10" height="10" align="texttop"></td> <td><a href="<?php echo $viit->all[url]; ?> " target="<?php echo $viit->all[on_uusaken] ? "_blank" : "_self"; ?> " class="navi2_on"><?php echo $viit->pealkiri(); ?> </a><?php $viit->edit_buttons(array(tyyp_idlist => 3)); ?> </td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="20" height="10"></td> </tr> <?php $esimene = 0; } else { //Custom print out $viit->load_sisu(); if ($viit->site->in_editor) { ob_start(); $viit->edit_buttons(array(tyyp_idlist => 3)); $custom_contents .= ob_get_contents(); ob_end_clean(); } $custom_contents .= '<a href="' . $viit->all[url] . '" target="' . ($viit->all[on_uusaken] ? "_blank" : "_self") . '" class="navi2_on">' . $viit->pealkiri() . '</a><br>'; } //if is_custom } # while next() if (!$is_custom) { if ($lingi_alamlist->size == 0) { ?> <tr> <td colspan="3"> <?php $lingi_alamlist->edit_buttons(array(tyyp_idlist => 3)); ?> </td> </tr> <?php } ?> <tr> <td colspan="3"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="10"></td> </tr> </table> </td> </tr> </table> <br> <?php } else { //Custom print out if ($lingi_alamlist->size == 0) { ob_start(); $lingi_alamlist->edit_buttons(array(tyyp_idlist => 3)); $custom_contents .= ob_get_contents(); ob_end_clean(); } $custom_contents .= '</div>'; } //if is_custom } else { if ($kast->all[klass] == "loginkast") { # ---------------------------- # Login kast # ---------------------------- if ($kast->all[on_pealkiri] || $kast->site->in_editor) { if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="1"> <form action="<?php echo $kast->site->self; ?> " method=post> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " class="boxhead" height="24"> <?php echo $kast->site->user->user_id ? $kast->site->sys_sona(array(sona => "tere", tyyp => "kasutaja")) . " " . $kast->site->user->all['username'] : $kast->pealkiri(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); ?> </td> </tr> <tr> <td width="100%" bgcolor="<?php echo $kast->site->dbstyle("menyy_border", "color") ? $kast->site->dbstyle("menyy_border", "color") : "#CCCCCC"; ?> "> <table width="100%" border="0" cellspacing="0" cellpadding="11" bgcolor="<?php echo $kast->site->dbstyle("menyy_taust", "color") ? $kast->site->dbstyle("menyy_taust", "color") : "#FAFAFA"; ?> "> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> "> <?php } else { //Custom print out $custom_contents .= '<div class="loginbox">'; ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= $kast->site->user->user_id ? $kast->site->sys_sona(array(sona => "tere", tyyp => "kasutaja")) . " " . $kast->site->user->all['username'] : $kast->pealkiri(); } //if is_custom } # pealkiri if ($is_custom) { ob_start(); } //if is_custom ?> <font class=<?php echo $kast->site->agent ? "txt" : "txt1"; ?> > <?php # kasutaja login form # vüi tema andmed ja lingid if ($kast->site->user->user_id) { ?> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr valign="top"> <td align="right"><img src="<?php echo $kast->site->img_path; ?> /nupp1.gif" width="10" height="10" align="texttop"></td> <td colspan=2><a href="<?php echo $kast->site->self; ?> ?id=<?php echo $kast->objekt_id; ?> &op=register" class="navi2_on"><?php echo $kast->site->sys_sona(array(sona => "Muuda oma andmeid", tyyp => "kasutaja")); ?> </a></td> </tr> <tr valign="top"> <td align="right"><img src="<?php echo $kast->site->img_path; ?> /nupp1.gif" width="10" height="10" align="texttop"></td> <td colspan=2><a href="<?php echo $kast->site->self; ?> ?id=<?php echo $kast->objekt_id; ?> &op=logout&url=<?php echo $kast->site->safeURI; ?> " class="navi2_on"><?php echo $kast->site->sys_sona(array(sona => "Logi valja", tyyp => "kasutaja")); ?> </a></td> </tr> </table> <?php } else { # ---------------- # login kast # ---------------- ?> <form action="<?php echo $kast->site->self; ?> " method=post> <input type=hidden name="op" value="login"> <input type=hidden name="url" value="<?php echo $kast->site->safeURI; ?> "> <input type=hidden name="id" value="<?php echo $kast->objekt_id; ?> "> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="1%"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="13" height="1"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="1"></td> <td><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="62" height="1"></td> </tr> <tr> <td colspan=2 align="right"><font class=txt1><?php echo $kast->site->sys_sona(array(sona => "Login", tyyp => "kasutaja")); ?> : </font></td> <td> <input type=text class=searchbox size=3 name=user style="width:60"> </td> </tr> <tr> <td colspan=2 align="right" width="1%"><font class=txt1><?php echo $kast->site->sys_sona(array(sona => "Password", tyyp => "kasutaja")); ?> : </font></td> <td> <input type=password class=searchbox size=3 name=pass style="width:60"> </td> </tr> <tr> <td colspan=3 align=center height="34"> <INPUT class=searchbtn type=submit value="<?php echo $kast->site->sys_sona(array(sona => "nupp login", tyyp => "kasutaja")); ?> "> </td> </tr> <?php if ($kast->site->CONF['allow_forgot_password']) { ?> <tr valign="top"> <td align="right"><img src="<?php echo $kast->site->img_path; ?> /nupp1.gif" width="10" height="10" align="texttop"></td> <td colspan=2><a href="<?php echo $kast->site->self; ?> ?id=<?php echo $kast->objekt_id; ?> &op=remindpass" class="navi2_on"><?php echo $kast->site->sys_sona(array(sona => "Unustasid parooli", tyyp => "kasutaja")); ?> </a></td> </tr> <?php } if ($kast->site->CONF[users_can_register] == 1) { ?> <tr valign="top"> <td align="right"><img src="<?php echo $kast->site->img_path; ?> /nupp1.gif" width="10" height="10" align="texttop"></td> <td colspan=2><a href="<?php echo $kast->site->self; ?> ?id=<?php echo $kast->objekt_id; ?> &op=register" class="navi2_on"><?php echo $kast->site->sys_sona(array(sona => "Registeeru", tyyp => "kasutaja")); ?> </a></td> </tr> <?php } ?> </table> </form> <?php } # $kast->print_text(); ?> </font> <?php if ($is_custom) { $custom_contents .= ob_get_contents(); ob_end_clean(); $custom_contents .= '</div>'; } //if is_custom if ($kast->all[on_pealkiri] || $kast->site->in_editor) { if (!$is_custom) { ?> </td> </tr> </table> </td> </tr> </form> </table> <br> <?php } //if is_custom } else { if (!$is_custom) { echo "<br>"; } //if is_custom } } else { if ($kast->all[klass] == "artikkel") { # ---------------------------- # Artikkel kastis # ---------------------------- if ($kast->all[on_pealkiri] || $kast->site->in_editor) { if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="1"> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " class="boxhead" height="24"> <?php echo $kast->pealkiri(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); ?> </td> </tr> <tr> <td width="100%" bgcolor="<?php echo $kast->site->dbstyle("menyy_border", "color") ? $kast->site->dbstyle("menyy_border", "color") : "#CCCCCC"; ?> "> <table width="100%" border="0" cellspacing="0" cellpadding="11" bgcolor="<?php echo $kast->site->dbstyle("menyy_taust", "color") ? $kast->site->dbstyle("menyy_taust", "color") : "#FAFAFA"; ?> "> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> "> <?php } else { //Custom print out $custom_contents .= '<div class="articlebox">'; ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= $kast->pealkiri(); } //if is_custom } # pealkiri if (!$is_custom) { ?> <font class=<?php echo $kast->site->agent ? "txt" : "txt1"; ?> > <?php $kast->print_text(); ?> </font> <?php if ($kast->all[on_pealkiri] || $kast->site->in_editor) { ?> </td> </tr> </table> </td> </tr> </table> <br> <?php } else { echo "<br>"; } } else { //Custom print out ob_start(); echo "<font class=" . ($kast->site->agent ? "txt" : "txt1") . ">" . $kast->print_text() . "</font>"; $custom_contents .= ob_get_contents(); ob_end_clean(); $custom_contents .= '</div>'; } //if is_custom ############## GALLUP } else { if ($kast->all[klass] == "gallup") { $kast->load_sisu(); ######### HEADER ##### 1) default html if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="1"> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " class="boxhead" height="24"> <?php echo $kast->site->sys_sona(array(sona => 'Gallup', tyyp => "kujundus")); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); ?> </td> </tr> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " bgcolor="<?php echo $kast->site->dbstyle("menyy_border", "color") ? $kast->site->dbstyle("menyy_border", "color") : "#CCCCCC"; ?> "> <table width="100%" border="0" cellspacing="0" cellpadding="11" bgcolor="<?php echo $kast->site->dbstyle("menyy_taust", "color") ? $kast->site->dbstyle("menyy_taust", "color") : "#FAFAFA"; ?> "> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> "><font class="<?php echo $kast->site->agent ? "txt" : "txt1"; ?> "><?php echo $kast->pealkiri(); ?> </font> <br> <table width="100%" border="0" cellspacing="0" cellpadding="2"> <tr> <td valign="top" colspan="2"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="3"></td> </tr> <?php } else { $custom_contents .= '<div class="gallupbox">'; ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= ' ' . $kast->site->sys_sona(array(sona => 'Gallup', tyyp => "kujundus")); $custom_contents .= '<font class="' . ($kast->site->agent ? "txt" : "txt1") . '">' . $kast->pealkiri() . '</font><br>'; } //if is_custom ######### / HEADER ######### CHECK voting # 1) IP-based gallup if ($kast->site->CONF[gallup_ip_check] == 1) { $sql = $kast->site->db->prepare("SELECT COUNT(gi_id) FROM gallup_ip WHERE objekt_id=? AND ip LIKE ?", $kast->objekt_id, $_SERVER["REMOTE_ADDR"]); $sth = new SQL($sql); $count = $sth->fetchsingle(); $kast->debug->msg($sth->debug->get_msgs()); } else { if ($kast->site->CONF[gallup_ip_check] == 2 && $kast->site->cookie["gallup"][$kast->objekt_id] == 1) { $count = 1; } else { if ($kast->site->CONF[gallup_ip_check] == 3) { $sql = $kast->site->db->prepare("SELECT COUNT(gi_id) FROM gallup_ip WHERE objekt_id=? AND user_id=?", $kast->objekt_id, $kast->site->user->user_id); $sth = new SQL($sql); # count=1: not logged in users are not allowed to vote: $count = $kast->site->user->user_id ? $sth->fetchsingle() : 1; $kast->debug->msg($sth->debug->get_msgs()); } else { $count = 0; } } } ######### / CHECK voting ######### GET VOTES (SUMS) $sql = $kast->site->db->prepare("SELECT * FROM gallup_vastus WHERE objekt_id=?", $kast->objekt_id); $sth = new SQL($sql); if ($is_custom) { # custom html ob_start(); print '<table width="100%" border="0" cellspacing="0" cellpadding="0">'; } //if is_custom #################### 1. SHOW FORM & radio buttons if (!$count && !$kast->site->fdat[results] && !$kast->site->in_editor) { ?> <SCRIPT LANGUAGE="JavaScript"><!-- //See script on keerulisem kui see peaks olema //kuna muidu see ei tööta IE peal function do_it(vorm) { if (vorm.java_check.value==1) { return true } else { return false } } //--></SCRIPT> <form action="<?php echo $kast->site->self; ?> " method=get> <input type=hidden name="uri" value="<?php echo $kast->site->URI; ?> "> <input type=hidden name="gallup_id" value="<?php echo $kast->objekt_id; ?> "> <input type=hidden name="op" value="vote"> <?php ####### loop over VASTUS (votes sum) while ($vastus = $sth->fetch()) { ?> <tr> <td valign="top" width="15"> <input type=radio id="vastus_<?php echo $vastus[gv_id]; ?> " name=vastus value="<?php echo $vastus[gv_id]; ?> " onclick="javascript:if(this.checked){this.form.java_check.value=1;};"> </td> <td valign="top" class="<?php echo $kast->site->agent ? "txt" : "txt1"; ?> "><label for="vastus_<?php echo $vastus[gv_id]; ?> "><?php echo $vastus[vastus]; ?> </label></td> </tr> <?php } # while vastus ?> <?php ######## submit-button ?> <tr align="right"> <input type="hidden" name="java_check" value="0"> <td valign="top" colspan="2"><input type="submit" name="haaleta" value="<?php echo $kast->site->sys_sona(array(sona => 'haaleta', tyyp => "kujundus")); ?> " onclick="javascript:return do_it(this.form);" class="searchbtn"></td> </tr> </form> </table> <?php $kast->debug->msg($sth->debug->get_msgs()); } else { $sql = $kast->site->db->prepare("SELECT SUM(count) AS kokku, MAX(count) AS maksi FROM gallup_vastus WHERE objekt_id=? ", $kast->objekt_id); $sth_c = new SQL($sql); $stat = $sth_c->fetch(); $kast->debug->msg("kokku = {$stat['kokku']}, maks = {$stat['maksi']}"); $kast->debug->msg($sth_c->debug->get_msgs()); ###### voters vount: ?> <tr> <td valign="top" class="<?php echo $kast->site->agent ? "txt" : "txt1"; ?> "><?php echo $kast->site->sys_sona(array(sona => "vastajaid", tyyp => "kujundus")); ?> : <b><?php echo $stat[kokku]; ?> </b></td> </tr> <tr> <td valign="top"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="3"></td> </tr> <?php ###### one colored row while ($vastus = $sth->fetch()) { $percent = $stat[kokku] ? sprintf('%2.0f', 100 * $vastus[count] / $stat[kokku]) : 0; ?> <tr> <td valign="top" class="<?php echo $kast->site->agent ? "txt" : "txt1"; ?> "><?php echo $vastus[vastus]; ?> </td> </tr> <tr> <td valign="top"><b><font class="<?php echo $kast->site->agent ? "txt" : "txt1"; ?> ">- <?php echo $percent; ?> %</font></b> <img src="<?php echo $kast->site->img_path; ?> /gallup_bar<?php echo $stat[maksi] == $vastus[count] && $vastus[count] ? "2" : "1"; ?> .gif" width="<?php echo 110 * ($percent / 100); ?> " height=8 border="1"></td> </tr> <?php } # while vastus ############## archive link # added 12.12.2003 by Dima Bug #744 if ($archive_link_on) { ?> <tr> <td valign="top"><img src="<?php echo $kast->site->img_path; ?> /px.gif" width="1" height="3"></td> </tr> <tr align="right"> <td valign="top"><a href="<?php echo $kast->site->self; ?> ?op=gallup_arhiiv" class="navi2_on"><?php echo $kast->site->sys_sona(array(sona => 'Arhiiv', tyyp => "kujundus")); ?> </a></td> </tr> <?php } ?> </table> <?php } #################### / 2. SHOW RESULTS ##### 1) default html if (!$is_custom) { ?> </td> </tr> </table> </td> </tr> </table> <br> <?php } //if is_custom ##### 2) custom html if ($is_custom) { $custom_contents .= ob_get_contents(); ob_end_clean(); $custom_contents .= '</div>'; } //if is_custom } else { if ($kast->all[klass] == "iframekast") { $kast->load_sisu(); $conf = new CONFIG($kast->all[ttyyp_params]); $src_file = $conf->get("src_file"); $predefined = $conf->get("predefined"); $height = $conf->get("height"); # kui tegemist saidi sisese failiga, panna id juurde if (trim($predefined) != '') { $src_file .= "&id=" . ($kast->site->fdat[id] ? $kast->site->fdat[id] : $kast->site->alias("rub_home_id")); } if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="2"> <tr> <td class="boxhead" height="24"> <?php echo $kast->pealkiri(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); ?> </td> </tr> <tr valign="top"> <td class=box><?php if (strlen(trim($src_file)) > 0) { ?> <iframe name="iifreim" src="<?php echo $src_file; ?> " width="<?php echo $is_custom ? "100%" : $kast->site->dbstyle("menyy_laius", "layout"); ?> " frameborder=0 height="<?php echo $height; ?> " ></iframe><?php } ?> </td> </tr> </table> <br> <?php } else { //Custom print out $custom_contents .= '<div class="iframebox">'; ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17")); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= $kast->pealkiri(); if (strlen(trim($src_file)) > 0) { $custom_contents .= '<iframe name="iifreim" src="' . $src_file . '" width="100%" frameborder=0 height="' . $height . '" ></iframe>'; } $custom_contents .= '</div>'; } //if is_custom } } } } } } ########################################################### } else { if (get_class($kast) == "Alamlist" || is_subclass_of($kast, "Alamlist")) { # ---------------------- # kui parameetrina on alamlist, # siis teeme "uus kast" nupp # ---------------------- if (!($kast->size > 0)) { if (!$is_custom) { ?> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="1"> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " class="boxhead" height="24"> <?php echo $kast->site->sys_sona(array(sona => 'new', tyyp => "editor")); ?> <?php echo $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17", no_br => 1)); ?> </nobr></td> </tr> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " bgcolor="<?php echo $kast->site->dbstyle("menyy_border", "color") ? $kast->site->dbstyle("menyy_border", "color") : "#CCCCCC"; ?> "> <table width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> " border="0" cellspacing="0" cellpadding="11" bgcolor="<?php echo $kast->site->dbstyle("menyy_taust", "color") ? $kast->site->dbstyle("menyy_taust", "color") : "#FAFAFA"; ?> "> <tr> <td width="<?php echo $kast->site->dbstyle("menyy_laius", "layout"); ?> "> </td> </tr> </table> </td> </tr> </table> <br> <?php } else { //Custom print out ob_start(); $kast->edit_buttons(array(tyyp_idlist => "8,2,6,9,13,17", no_br => 1)); $custom_buttons .= ob_get_contents(); ob_end_clean(); $custom_title .= $kast->site->sys_sona(array(sona => 'new', tyyp => "editor")); } //if is_custom } # if ! size > 0 } else { $GLOBALS[site]->debug->msg("print_kast() argument \"kast\" on vale"); } } #print "<br>"; return array('buttons' => $custom_buttons, 'title' => $custom_title, 'contents' => $custom_contents); }
$sql = $site->db->prepare("UPDATE objekt SET on_avaldatud=?, last_modified=? WHERE objekt_id=?", 1, time(), $site->fdat['id']); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); } ##################### # insert into objekt: $sql = $site->db->prepare("INSERT INTO objekt (pealkiri, tyyp_id, on_avaldatud, keel, kesk, pealkiri_strip, sisu_strip, aeg, check_in, last_modified, created_user_id, created_user_name, created_time) values (?, ?, ?, ?, ?, ?, ?, " . $site->db->unix2db_datetime(time()) . ", ?, ?, ?, ?, ?)", big_string_remove(strip_tags($site->fdat['pealkiri'])), $tyyp_id, $publish, $site->keel, 0, big_string_remove(strip_tags($site->fdat['pealkiri'])), big_string_remove(strip_tags($site->fdat['text'])), time(), 0, $site->user->id, $site->user->name, date("Y-m-d H:i:s")); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $id = $sth->insert_id; ##################### # insert into objekt_objekt: $sql = "SELECT MAX(sorteering) FROM objekt_objekt"; $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $sorteering = $sth->fetchsingle(); $sql = $site->db->prepare("INSERT INTO objekt_objekt (objekt_id, parent_id, sorteering) VALUES (?,?,?)", $id, $site->fdat['id'], $sorteering + 1); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $name = big_string_remove(strip_tags($site->fdat['nimi'])); $email = strip_tags($site->fdat['email']); $blog_url = strip_tags($site->fdat['url']); ##################### # insert into obj_kommentaar: $sql = $site->db->prepare("INSERT INTO obj_kommentaar (objekt_id, nimi, email, on_saada_email, on_peida_email, ip, text, kasutaja_id, url) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)", $id, $name, $email, $site->fdat['on_saada_email'] ? 1 : 0, $site->fdat['on_peida_email'] ? 1 : 0, $_SERVER["REMOTE_ADDR"], big_string_remove(strip_tags($site->fdat['text'])), $site->user->user_id, $blog_url); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $comment_inserted = $sth->rows; ##################### # UPDATE LAST_COMMENTED_TIME, COMMENT_COUNT # get comment count for object:
function get_default_profile_id() { $args = func_get_arg(0); # source_table param is required if (!$args['source_table']) { return; } $sql = $this->db->prepare("SELECT profile_id FROM object_profiles WHERE source_table=? AND is_default=?", $args['source_table'], 1); $sth = new SQL($sql); return $sth->fetchsingle(); }
} else { ?> <script type="text/javascript"> window.opener.location.href = window.opener.location.href.replace(/#$/, ''); window.close(); </script> <?php exit; } } } // get the extensions which have a default page template defined // active template $sql = "select page_ttyyp_id from keel where on_default = '1'"; $result = new SQL($sql); $active_template_id = $result->fetchsingle(); // extensions with page templates $extensions = array(); if ($site->fdat['extension']) { $where = $site->db->prepare('and templ_tyyp.extension = ?', $site->fdat['extension']); } $sql = "select * from templ_tyyp where on_page_templ = '1' and is_default = 1 {$where}"; $result = new SQL($sql); while ($template = $result->fetch('ASSOC')) { if ($template['extension']) { $extension = get_extensions('DB', false, $template['extension']); $extension = $extension[$template['extension']]; // for sorting $extension_titles[$extension['extension_id']] = $extension['title']; // preview if ($template['preview']) {
new SQL($site->db->prepare('update config set sisu = ? where nimi = \'image_width\'', $site->fdat['image_width'])); new SQL($site->db->prepare('update config set sisu = ? where nimi = \'thumb_width\'', $site->fdat['thumb_width'])); } // / save image configs // get image configs $configs = array(); $sql = 'select * from config where nimi in (\'image_width\', \'thumb_width\')'; $result = new SQL($sql); while ($row = $result->fetch('ASSOC')) { $configs[$row['nimi']] = $row; } // / get image configs // get custom translations group sst_id $sql = 'select sst_id from sys_sona_tyyp where voti = \'custom\' limit 1'; $result = new SQL($sql); $custom_sst_id = $result->fetchsingle(); // / get custom translations group sst_id // get image size definitions $definitions = array(); $sql = 'select * from config_images'; $result = new SQL($sql); while ($row = $result->fetch('ASSOC')) { $definitions[$row['definition_id']] = $row; } // /get image size definitions // process image definitions form $delete_ids = array(); if (is_array($site->fdat['definitions'])) { verify_form_token(); foreach ($site->fdat['definitions'] as $def_id => $definition) { // delete
} if ($at_least_one_translation) { $sql = $site->db->prepare('select sys_sona from sys_sonad where sys_sona = ? and sst_id = ? limit 1', $site->fdat['sys_word'], $sst_id); $result = new SQL($sql); if ($result->rows) { $error = $site->sys_sona(array('sona' => 'glossary_translation_exists', 'tyyp' => 'admin')); } else { $sql = "select distinct keel_id, nimi from sys_sonad left join keel on keel = keel_id"; $sth = new SQL($sql); ################ # tsükkel üle kõigi keelte while ($keel = $sth->fetch()) { # kontrolli, kas süssõna leidub $sql = $site->db->prepare("SELECT count(*) FROM sys_sonad WHERE sys_sona = ? and keel=? and sst_id=?", $site->fdat['sys_word'], $keel[keel_id], $sst_id); $sth_s = new SQL($sql); $exists = $sth_s->fetchsingle(); # kui ei leidu: if (!$exists) { # lisa ainult siis kui süssõna pole tühi # sys_sonad $sql = $site->db->prepare("INSERT INTO sys_sonad (sys_sona, keel, sona, origin_sona, sst_id) values(?,?,?,?,?)", $site->fdat['sys_word'], $keel[keel_id], $site->fdat['translation'][$keel['keel_id']], $site->fdat['translation_in_cms'][$keel['keel_id']], $sst_id); $sth_i = new SQL($sql); } } # / tsükkel üle kõigi keelte ################ # sys_sonad_kirjeldus $sql = $site->db->prepare("INSERT INTO sys_sonad_kirjeldus (sys_sona, sona, sst_id, last_update) values(?,?,?,now())", $site->fdat['sys_word'], $site->fdat['translation'][1] ? $site->fdat['translation'][1] : array_pop($site->fdat['translation']), $sst_id); $sth_i = new SQL($sql); if ($site->fdat['type'] == 'popup') { ?>
* * @package SaurusCMS * @copyright 2000-2010 Saurused Ltd (http://www.saurus.info/) * @license Mozilla Public License 1.1 (http://www.opensource.org/licenses/mozilla1.1.php) * */ $class_path = 'classes/'; include $class_path . 'port.inc.php'; include $class_path . 'Update.class.php'; include_once $class_path . "install.inc.php"; # all installation related functions $site = new Site(array('on_debug' => $_COOKIE['debug'] ? 1 : 0, 'on_admin_keel' => 1)); ini_set('display_errors', 0); $sqlK = "SELECT encoding FROM keel WHERE on_default = '1'"; $sthK = new SQL($sqlK); $encoding = $sthK->fetchsingle(); $encoding = $encoding ? $encoding : 'UTF-8'; $cli = php_sapi_name() == 'cli' ? true : false; if (!($site->user->is_superuser || $cli)) { print '<font color=red>Error: you need permissions to run updates.</font>'; exit; } ############# CONF $CONF = ReadConf(); # db connect data from config.php ############# VERSION CHECK $current_ver = current_version(); # try to connect database and find which version is installed returns 0, if no database found //$current_ver = '4.7.FINAL'; ############# VERSION NUMBERS $versions = array('4.0.0', '4.0.1', '4.0.2', '4.0.3', '4.0.4', '4.0.5', '4.0.6', '4.0.7', '4.0.8', '4.0.9', '4.0.10', '4.0.11', '4.0.12', '4.0.13', '4.0.14', '4.0.15', '4.1.0', '4.1.1', '4.2.0', '4.2.1', '4.2.2', '4.2.3', '4.2.4', '4.3.0', '4.3.1', '4.3.2', '4.3.3', '4.3.4', '4.3.5', '4.3.6', '4.4.0', '4.4.1', '4.4.2', '4.4.3', '4.4.4', '4.4.5', '4.4.6', '4.4.7', '4.4.8', '4.5.0', '4.5.1', '4.5.2', '4.5.3', '4.5.4', '4.5.5', '4.5.6', '4.5.7', '4.5.8', '4.6.0', '4.6.1', '4.6.2', '4.6.3', '4.6.4', '4.6.5', '4.6.6', '4.7.0', '4.7.1');
function remove_glossary($glossary_id) { global $site; $sql = $site->db->prepare('select keel_id, nimi from keel where keel_id = ?', $glossary_id); $result = new SQL($sql); if ($result->rows == 1) { $glossary_data = $result->fetch('ASSOC'); $sql = $site->db->prepare("DELETE FROM sys_sonad WHERE keel=?", $glossary_id); $sth = new SQL($sql); $sql = $site->db->prepare('select glossary_id from keel where on_default = 1'); $result = new SQL($sql); $default_glossary_id = $result->fetchsingle(); $sql = $site->db->prepare('update keel set glossary_id = ? where glossary_id = ?', $default_glossary_id, $glossary_id); $result = new SQL($sql); new Log(array('action' => 'delete', 'component' => 'Languages', 'message' => 'Glossary "' . $glossary_data['nimi'] . ' has been removed."')); return true; } else { return 'no_such_glossary'; } }
function store_admin_data() { global $CONF, $conn, $FDAT; // connect to database if (!$conn) { dbconnect(0, '', '', ''); } // check if admin password matches with password confirmation if ($FDAT["adminpasswd"] != $FDAT["adminpasswd_check"]) { return "Passwords don't match! Please go back and try again."; } // check if admin password is not empty if (trim($FDAT["adminpasswd"]) == '') { return "Please go back and set default password for administrator login!"; } // check if admin password is not default "saurus" if ($FDAT["adminpasswd"] == 'saurus') { return "Please go back and change default password for administrator login!"; } // TODO: add adminemail field to user creation form if ($FDAT["adminemail"] && !filter_var($FDAT["adminemail"], FILTER_VALIDATE_EMAIL)) { return "Please go back and set correct e-mail address for administrator!"; } // write admin user data db if ($FDAT["adminpasswd"]) { $pass_sql = $conn->prepare(", password=? ", crypt($FDAT["adminpasswd"], Chr(rand(65, 91)) . Chr(rand(65, 91)))); $pass = crypt($FDAT["adminpasswd"], Chr(rand(65, 91)) . Chr(rand(65, 91))); } // check if exists default admin, if yes, then update, if no, then insert $sql = "SELECT COUNT(*) FROM users where username='******'"; $sth = new SQL($sql); $exists = $sth->fetchsingle(); if ($exists) { $sql = $conn->prepare("UPDATE users SET firstname=?, username=?, email=?, group_id=? {$pass_sql} where username='******'", $FDAT["adminname"], $FDAT["admin"], $FDAT["adminemail"], 1); $sth = new SQL($sql); } else { $sql = $conn->prepare("INSERT INTO users (firstname, username, email, group_id, password) VALUES (?, ?, ?, ?, ?)", $FDAT["adminname"], $FDAT["admin"], $FDAT["adminemail"], 1, $pass); $sth = new SQL($sql); $sql = "SELECT last_insert_id()"; $sth = new SQL($sql); $admin_id = $sth->fetchsingle(); } return 0; }
function print_me($template) { $leht =& $template->leht; $curr_rub_id = $leht->id; $site =& $template->site; ?> <table width="<?php echo $template->site->dbstyle("sisu_tabeli_laius", "layout"); ?> " height="<?php echo $template->site->dbstyle("sisu_tabeli_korgus", "layout"); ?> " border="0" cellspacing="<?php echo $template->site->dbstyle("sisu_tabeli_cellspacing", "layout"); ?> " cellpadding="0"> <tr><td> <?php $objekt = new Objekt(array(objekt_id => $site->fdat[gallup_id], on_sisu => 1)); if ($objekt && $objekt->all[on_avatud] && preg_match("/^\\d+\$/", $site->fdat[vastus])) { # gallup on korras ######## CHECK IF VISITOR is VOTED # 1) IP-based gallup if ($site->CONF[gallup_ip_check] == 1) { # kas kasutaja juba hääletanud? $sql = $site->db->prepare("SELECT COUNT(gi_id) FROM gallup_ip WHERE objekt_id=? AND ip=?", $objekt->objekt_id, $_SERVER["REMOTE_ADDR"]); $sth = new SQL($sql); $template->debug->msg($sth->debug->get_msgs()); $is_ip_ok = !$sth->fetchsingle(); } else { if ($site->CONF[gallup_ip_check] == 2 && $site->cookie["gallup[" . $kast->objekt_id . "]"] == 1) { $is_ip_ok = 0; } else { if ($site->CONF[gallup_ip_check] == 3) { $sql = $site->db->prepare("SELECT COUNT(gi_id) FROM gallup_ip WHERE objekt_id=? AND user_id=?", $objekt->objekt_id, $site->user->user_id); $sth = new SQL($sql); $template->debug->msg($sth->debug->get_msgs()); $is_ip_ok = !$sth->fetchsingle(); } else { $is_ip_ok = 1; } } } ######## / CHECK IF VISITOR is VOTED ######## visitor CAN VOTE => UPDATE votes in DATABASE if ($is_ip_ok) { # UPDATE votes SUM $sql = $site->db->prepare("UPDATE gallup_vastus SET count=count+1 WHERE gv_id=? AND objekt_id=?", $site->fdat[vastus], $objekt->objekt_id); $sth = new SQL($sql); $template->debug->msg($sth->debug->get_msgs()); # ------------------------ # Kustutame cache-ist # ------------------------ clear_cache("ALL"); /* $artikkel = new Objekt(array( objekt_id => $site->alias("art_gallup_ok_id"), on_sisu => 1, )); $template->debug->msg($artikkel->debug->get_msgs()); */ $return_ok = 1; # paneme kirja: IP + user_id + time + vastus(gv_id) $sql = $site->db->prepare("INSERT INTO gallup_ip (objekt_id, ip, user_id, vote_time, gv_id) VALUES (?, ?, ?, " . $site->db->unix2db_datetime(time()) . ", ?)", $objekt->objekt_id, $_SERVER["REMOTE_ADDR"], $site->user->user_id, $site->fdat[vastus]); $sth = new SQL($sql); $template->debug->msg($sth->debug->get_msgs()); } else { $artikkel = new Objekt(array(objekt_id => $site->alias("art_gallup_ip_olemas_id"), on_sisu => 1)); $template->debug->msg($artikkel->debug->get_msgs()); } ####### SHOW POLL header('Location: ' . $site->CONF['wwwroot'] . '/?id=' . $artikkel->objekt_id); exit; } #$site->debug->print_msg(); $site->debug->print_hash($site->CONF, 1, "FDAT"); ?> <?php if ($return_ok) { ?> <script language="JavaScript"> <!-- window.location.replace('<?php echo $site->fdat[uri]; ?> '); //--> </script> <?php } else { ?> <p><a href="<?php echo $site->fdat[uri]; ?> "><?php echo $site->sys_sona(array(sona => "Tagasi", tyyp => "kujundus")); ?> </a> <?php } ?> </td> </tr> </table> <?php }
/** * save permissions to database * * Deletes all old values and inserts new ones. * NB! Used some global variables (doesn't have to be this way later... only for development convienence now) * * @package CMS * * @param string type - permission type (OBJ/ADMIN/ACL/..) * * Call: * save_permissions(array( * "type" => 'OBJ' * )); */ function save_permissions($args) { global $site; global $objekt; global $class_path; global $keel; # if objekt is not created (probably error situation), try to create it again if(!$objekt->objekt_id){ $objekt = new Objekt(array( objekt_id => $site->fdat['id'] )); } if($args['type']) { ############ 1. DELETE ALL OLD PERMISSIONS for object $sql = $site->db->prepare("DELETE FROM permissions WHERE type=? AND source_id=?", $args['type'], $site->fdat['id'] ); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); # print "<br>".$sql; ############ # loop over permission rows foreach ($site->fdat as $field=>$value) { if(substr($field,0,strlen('permission')) == 'permission') { # get type (role/group/user) and ID (role_id or group_id or user_id) from fieldname list($name,$type,$id) = split("_",$field); #print "<br>".$field." => ".$acl. ", ".$type. ", ". $id. " => C:".$site->fdat[$type.'_C_'.$id]." R:".$site->fdat[$type.'_R_'.$id]; #echo " U:".$site->fdat[$type.'_U_'.$id]; echo " P:".$site->fdat[$type.'_P_'.$id]; echo " D:".$site->fdat[$type.'_D_'.$id]; #echo " subtree:".$site->fdat[$type.'_S_'.$id]; ############ 2. INSERT NEW PERMISSIONS for object $sql = $site->db->prepare("INSERT INTO permissions (type,source_id,role_id,group_id,user_id,C,R,U,P,D) VALUES (?,?,?,?,?,?,?,?,?,?)", $args['type'], $site->fdat['id'], ($type=='role'?$id:0), ($type=='group'?$id:0), ($type=='user'?$id:0), ($site->fdat[$type.'_C_'.$id]?$site->fdat[$type.'_C_'.$id]:0), ($site->fdat[$type.'_R_'.$id]?$site->fdat[$type.'_R_'.$id]:0), ($site->fdat[$type.'_U_'.$id]?$site->fdat[$type.'_U_'.$id]:0), ($site->fdat[$type.'_P_'.$id]?$site->fdat[$type.'_P_'.$id]:0), ($site->fdat[$type.'_D_'.$id]?$site->fdat[$type.'_D_'.$id]:0) ); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); #print "<br>".$sql; } # if permission field } # / loop over permission rows ############ ############ # write log # type= OBJ if($args['type'] == 'OBJ') { new Log(array( 'action' => 'update', 'component' => 'ACL', 'objekt_id' => $objekt->objekt_id, 'message' => "Object '".$objekt->all['pealkiri']."' (ID=".$site->fdat['id'].") permissions updated", )); } # type= ADMIN elseif($args['type'] == 'ADMIN') { #USE FUNCTIONN! POOELLI ####### get adminpage name $sql = $site->db->prepare("SELECT eng_nimetus FROM admin_osa WHERE id=?", $site->fdat['id'] ); $sth = new SQL($sql); $pagename = $sth->fetchsingle(); $site->debug->msg($sth->debug->get_msgs()); ####### write log new Log(array( 'action' => 'update', 'component' => 'ACL', 'message' => "Adminpage '".$pagename."' permissions updated", )); } # if permission type # / write log ############ } # if permission type provided }
$site->debug->msg("i=" . $i . "; sort=" . $uus_sort[$i] . "; obj=" . $objekt_id[$i] . "; parent=" . $objekt->parent_id); # 20.03.2003 Evgeny bugfix: kui sorteering=0 if (!$uus_sort[$i]) { $viga['parent_id'] = $objekt->parent_id; } } } new Log(array('action' => 'update', 'objekt_id' => $objekt->objekt_id, 'message' => sprintf("%s '%s' (ID = %s) %s", ucfirst(translate_en($objekt->all[klass])), $objekt->pealkiri(), $objekt->objekt_id, "re-sorted"))); if ($viga['parent_id']) { $site->debug->msg("Wrong sort parameter found! Trying to fix it..."); $sql = $site->db->prepare("SELECT objekt.objekt_id, sorteering FROM objekt \r\n\t\t\tLEFT JOIN objekt_objekt on objekt.objekt_id=objekt_objekt.objekt_id \r\n\t\t\tWHERE kesk=? AND parent_id=? AND sorteering='0'\r\n\t\t\tORDER BY objekt_objekt.sorteering DESC", $args['asukoht'], $viga['parent_id']); $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $sth2 = new SQL("SELECT MAX(sorteering) FROM objekt_objekt"); $site->debug->msg($sth2->debug->get_msgs()); $max_sort = $sth2->fetchsingle(); $super_sort = $max_sort + $sth->rows; while ($data = $sth->fetch()) { $sql3 = $site->db->prepare("UPDATE objekt_objekt SET sorteering=? WHERE objekt_id=? AND sorteering=0", $super_sort, $data['objekt_id']); $sth3 = new SQL($sql3); $site->debug->msg($sth3->debug->get_msgs()); $super_sort--; } } clear_cache("ALL"); if (!$site->on_debug) { header("Location: " . (empty($_SERVER['HTTPS']) ? 'http://' : 'https://') . $site->CONF['hostname'] . $site->fdat['url']); } } else { ?> Wrong ID
/** * uninstall (private) * * * * * * @package CMS * */ function uninstall() { $args = $this->args; if ($this->name) { # sanity check ############# DELETE TEMPLATES $sql = $this->site->db->prepare("DELETE FROM templ_tyyp WHERE extension=?", $this->name); $sth = new SQL($sql); #print "<br>".$sql; $this->site->debug->msg($sth->debug->get_msgs()); ############# DELETE ADMIN-PAGES $sql = $this->site->db->prepare("DELETE FROM admin_osa WHERE extension=?", $this->name); $sth = new SQL($sql); #print "<br>".$sql; $this->site->debug->msg($sth->debug->get_msgs()); ############# DELETE RECORD $sql = $this->site->db->prepare("DELETE FROM extensions WHERE name=?", $this->name); $sth = new SQL($sql); #print "<br>".$sql; $this->site->debug->msg($sth->debug->get_msgs()); ############# DELETE EXT DIR if (is_dir($this->absolute_path)) { $dir_deleted = deldir($this->absolute_path); } ############# DELETE GLOSSARY $sql = $this->site->db->prepare("SELECT sst_id FROM sys_sona_tyyp WHERE extension=? AND sst_id >= 100", $this->name); $sth = new SQL($sql); $sst_id = $sth->fetchsingle(); $sql = $this->site->db->prepare("DELETE FROM sys_sona_tyyp WHERE sst_id=?", $sst_id); $sth = new SQL($sql); $this->site->debug->msg($sth->debug->get_msgs()); $sql = $this->site->db->prepare("DELETE FROM sys_sonad WHERE sst_id=?", $sst_id); $sth = new SQL($sql); $this->site->debug->msg($sth->debug->get_msgs()); $sql = $this->site->db->prepare("DELETE FROM sys_sonad_kirjeldus WHERE sst_id=?", $sst_id); $sth = new SQL($sql); $this->site->debug->msg($sth->debug->get_msgs()); ####### write log new Log(array('action' => 'delete', 'component' => 'Extensions', 'message' => "Extension '" . $this->name . "' uninstalled. Directory '" . $this->absolute_path . "' " . ($dir_deleted ? 'deleted' : 'not deleted - <font color=red>permission denied</font>'))); } # sanity check }
<script type="text/javascript" src="<?php echo $site->CONF['wwwroot']; ?> /common.js.php"></script> </head> <?php ###################### # get type name for object TABNAME # specialcase: if type is asset, then show profile name instead of word "Asset" if (strtolower($tyyp['nimi']) == 'asset') { # k�si profiili nimi pealkirjaks $profile_id = $objekt->objekt_id ? $objekt->all['profile_id'] : $site->fdat['profile_id']; $sqltmp = $site->db->prepare("SELECT name FROM object_profiles WHERE object_profiles.profile_id = ?", $profile_id); $sthtmp = new SQL($sqltmp); $typename = $sthtmp->fetchsingle(); } else { $typename = $site->sys_sona(array(sona => "tyyp_" . $tyyp['nimi'], tyyp => "System")); } ###################### # 1. tab OBJECT # Note: this page was entire edit-page before in ver 3 if ($site->fdat['tab'] == 'object') { # ONLOAD if ($site->fdat['op2'] != 'saveclose') { $body_par .= "setHeadlineFocus();\""; } ################# BODY START ?> <body class="popup_body" onLoad="this.focus();<?php echo $body_par;
} ?> </select> </td> </form> <?php ###### pagenumbers ###### ?> <td class="scms_small_toolbar"> <?php # get records total count $sql = "SELECT COUNT(*) " . $from_sql . $where; $sth = new SQL($sql); $total_count = $sth->fetchsingle(); ######### print pagenumbers table $pagenumbers = print_pagenumbers(array("total_count" => $total_count, "rows_count" => 40)); ?> </td> <?php ###### / pagenumbers ###### ?> </tr> </table> </td> </tr> <?php # / FUNCTION BAR ################
/** * admin_login_form * * prints admin-area login page html * * * @package CMS * * usage: include_once($class_path."login_html.inc.php"); * admin_login_form(array("site" => $this, "auth_error" => 1)); */ function admin_login_form() { $args = func_get_arg(0); $site = &$args['site']; # pointer to site instance $auth_error = $args['auth_error']; # 1/0, 1 kui sisselogimine ebaõnnestus, 2 kui kasutaja lukustatud ##### if auth_error parameter not provided, try to find out it: if($site->fdat["op"] == 'login' && $site->fdat["url"]){ # POOLELI } ################# # language selectbox data $sql = "select distinct keel.keel_id, keel.keel_id as keel, keel.nimi, keel.on_default_admin from keel left join sys_sonad on keel.keel_id = sys_sonad.keel where sys_sonad.keel is not null and keel.keel_id < 500 order by keel.nimi"; $sth = new SQL($sql); $site->debug->msg($sth->debug->get_msgs()); $lang_count = $sth->rows; ####### loop over in use languages while ($lang = $sth->fetch()) { $reserv_output .= "<option value=\"".$lang['keel']."\" ".($lang['on_default_admin'] ? 'selected':'').">".$lang['nimi']."</option>\n"; # ARVUTA TÕLGITUD sõnade arv: nii, et kui näiteks teed somaalia keele saiti ja admin osa stringe pole tõlgitud, siis ei näidata keele valikuna seda sisselogimise juures $sql2 = $site->db->prepare(" SELECT COUNT(sona) AS cnt_sona, COUNT(origin_sona) AS cnt_origin_sona FROM sys_sonad WHERE sst_id = 12 AND keel = ?", $lang[keel] ); $sth2 = new SQL($sql2); $site->debug->msg($sth2->debug->get_msgs()); $tmp_rec = $sth2->fetchrow(); $translated = ($tmp_rec['cnt_sona'] > 30 || $tmp_rec['cnt_origin_sona'] > 30) ? 1 : 0; # Naitame valikus ainult keeled, mis juba t6lkitud. if ($translated){ $output .= "<option value=\"".$lang['keel']."\" ".($lang['on_default_admin'] ? 'selected':'').">".$lang['nimi']."</option>\n"; $naidatud = 1; } if (!$naidatud){ $output = $reserv_output; }; } # / loop over in use languages # / language selectbox data ################# ################# # get default admin language $sql = $site->db->prepare("SELECT glossary_id FROM keel WHERE keel.on_default_admin='1' LIMIT 1"); $sth = new SQL($sql); $default_admin_lang = $sth->fetchsingle(); ################# # get site metadata # metadata is saved in the HOME SECTION object $home_id = $site->alias(array( 'key' => 'rub_home_id', 'keel' => $site->keel, )); # can't use "new Objekt" here, beacuse site is not fully loaded yet. $sql = $site->db->prepare("SELECT objekt_id, meta_title FROM objekt WHERE objekt_id=?", $home_id); $sth = new SQL($sql); $home_objekt = $sth->fetch(); $meta_title = $home_objekt['meta_title']; # / get site metadata ################# $url = str_replace(array('?op=logout', '&op=logout', urlencode('?op=logout'), urlencode('&op=logout')), '', $site->safeURI); ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title><?=$meta_title?></title> <meta http-equiv="Content-Type" content="text/html; charset=<?=$site->encoding?>"> <link rel="stylesheet" type="text/css" href="<?=$site->CONF['wwwroot'].$site->CONF['styles_path'] ?>/loginscreen.css"> </head> <body style="overflow-y: auto; overflow-x: auto;" onLoad="document.forms['loginform'].user.focus()"> <?########### FORM ?> <form method="post" name="loginform" action="<?=$site->wwwroot?><?if($site->in_admin){echo "/admin";}if($site->in_editor){echo "/editor";}?>/index.php"> <? foreach ($site->fdat as $key=>$value) { if (!is_array($value) && $key!="user" && $key!="pass" && !($key == 'op' && $value == 'logout')) { ?> <input type="hidden" name="<?php echo htmlspecialchars(xss_clean($key)); ?>" value="<?php echo htmlspecialchars(xss_clean($value)); ?>"> <? } } ?> <input type=hidden name="op" value="login"> <input type=hidden name="url" value="<?php echo $url ?>"> <table width="100%" height="99%" cellspacing=0 cellpadding=0 border=0> <tr> <td valign=middle align=center> <table class="shadow_box_wrapper" cellspacing="0" cellpadding="0"> <tr><td class="tl"></td><td class="tc"></td><td class="tr"></td></tr> <tr> <td class="ml"></td> <td> <!-- shadow_box_wrapper content --> <div id="loginbox"> <div id="loginhead"> <h1><?=$site->sys_sona(array(sona => "Admin login", tyyp=>"Admin")) ?></h1> <a href="<?=$site->wwwroot?>" title="<?=$meta_title?>"><?=strlen($meta_title)>50?substr($meta_title,0,50).'..':$meta_title?></a> </div> <div id="loginmain"> <?######## error #######?> <? if ($auth_error == 1) { ?> <div class="errormessage"><?=$site->sys_sona(array(sona => "Unauthorized access", tyyp=>"Admin")) ?></div> <? } elseif ($auth_error == 2) { ?> <div class="errormessage"><?=str_replace("[minutes]",$site->CONF['login_locked_time'], $site->sys_sona(array(sona => "Maximum logins error", tyyp=>"Admin"))) ?></div> <? } ?> <?### / error ####?> <div></div> <?## IE7 bug - needs this to show errormessage, otherwise it will dissapera#?> <table> <?######## username #######?> <?php $username = ''; ?> <tr> <td class="label"><?=$site->sys_sona(array(sona => "Username", tyyp=>"Admin")) ?>:</td> <td><input type="text" name="user" value="<?=xss_clean($username);?>"></td> </tr> <?######## password #######?> <tr> <td class="label"><?=$site->sys_sona(array(sona => "Password", tyyp=>"Admin")) ?>:</td> <td><input type="password" name="pass"></td> </tr> <?######## language selectbox: #######?> <? # show only if more than one language found if($lang_count > 1) { ?> <tr> <td class="label"><?=$site->sys_sona(array(sona => "translations", tyyp=>"Admin")) ?>:</td> <td><select name="keel"><?=$output?></select></td> </tr> <? } # otherwise display hidden field with default lang ID value (Bug #2460) else { ?> <input type="hidden" name="keel" value="<?=$default_admin_lang?>"> <?} ?> <tr> <td colspan="2"><div class="separator"></div></td> </tr> <tr id="bottomrow"> <td></td> <td> <input id="loginbutton" type="submit" name="Submit" value="<?=$site->sys_sona(array(sona => "Login", tyyp=>"Admin")) ?>"> <? if($site->CONF['allow_forgot_password']){ ?> <a href="?op=remindpass"><?=$site->sys_sona(array(sona => "Unustasid parooli", tyyp=>"kasutaja"))?></a> <?}?> </td> </tr> </table> </div> </div> </td> <!-- shadow_box_wrapper content --> <td class="mr"></td> </tr> <tr><td class="bl"></td><td class="bc"></td><td class="br"></td></tr> </table> <!-- shadow_box_wrapper --> <div id="logindisclaimer">Saurus CMS <a href="http://www.saurus.info/" title="Web content management software Saurus CMS">www.saurus.info</a></div> </td> </tr> </table> </form> <?########### / FORM ?> </body> </html> <? if($site->user) { $site->user->debug->print_msg(); } # guest debug: if($site->guest) { $site->guest->debug->print_msg(); } $site->debug->print_msg(); exit(); }
case 'register': // update only if the op has not been set $sql = "select op from templ_tyyp where templ_fail = '../../../extensions/saurus4/content_templates/register.html'"; $inner_result = new SQL($sql); if (!$inner_result->fetchsingle()) { $sql = "update templ_tyyp set op = '" . $row['op'] . "' where templ_fail = '../../../extensions/saurus4/content_templates/register.html'"; new SQL($sql); } break; // error // error case 'error': // update only if the op has not been set $sql = "select op from templ_tyyp where templ_fail = 'templ_error.php'"; $inner_result = new SQL($sql); if ($inner_result->fetchsingle()) { $sql = "update templ_tyyp set op = '" . $row['op'] . "' where templ_fail = '../../../extensions/saurus4/object_templates/error_article.html'"; new SQL($sql); } break; default: break; } } include_once $class_path . 'adminpage.inc.php'; include_once $class_path . 'picture.inc.php'; // export galleries from database to public/galleries $sql = 'select objekt_id, pealkiri, friendly_url, ttyyp_params from objekt where tyyp_id = 16'; $result = new SQL($sql); while ($album = $result->fetch('ASSOC')) { $conf = new CONFIG($album['ttyyp_params']);
/** * save object info to database * * Uses sub-scripts to save different data for different object types. * No parameters used, only globals, it is included script. * * @package CMS * * Call: * include_once("edit_object.php"); * save_object(); */ function save_object() { global $site; global $objekt; global $class_path; global $keel; global $tyyp; verify_form_token(); ################### # 1. special case: if object is NEW picture if ($tyyp['klass'] == "pilt" && !$objekt->objekt_id) { include_once "edit_" . $tyyp['klass'] . ".php"; if (function_exists("save_objekts")) { save_objekts(array(tyyp_id => $tyyp[tyyp_id], keel => $keel)); } } else { # pealkiri peab olema! if ($site->fdat[pealkiri] == '' && $tyyp['klass'] != "kommentaar") { $errors .= $site->sys_sona(array(sona => "maaratud pealkiri", tyyp => "editor")) . "<br>"; } ################### # Salvestame tyybi parameetrid if (file_exists("edit_" . $tyyp['klass'] . ".php")) { include_once "edit_" . $tyyp['klass'] . ".php"; if (function_exists("save_tyyp_params")) { $templ_params = save_tyyp_params(array(objekt => $objekt)); } } ################### # Salvestame malli parameetrid - old ver3 style # arvestame, et malli parameetrid k�ivad ainult sisumalli kohta $sql = $site->db->prepare("SELECT ttyyp_id, templ_fail FROM templ_tyyp WHERE ttyyp_id = ?", $site->fdat['ttyyp_id']); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sth->debug->get_msgs()); $temp_ttyyp = $sth->fetch(); if ($temp_ttyyp['templ_fail'] && strpos($temp_ttyyp['templ_fail'], '../') !== 0 && file_exists("../" . $temp_ttyyp['templ_fail'])) { include_once "../" . $temp_ttyyp['templ_fail']; } if (function_exists("save_params")) { $templ_params = save_params(array(objekt => $objekt)); } ### ttyyp_params - ver3 style vs ver4. Bug #2506 if (!empty($templ_params)) { $oldstyle_tyyp_params = true; # if old-ver-style fixed params are used } else { # use new ver4 style custom conf save/load by default $oldstyle_tyyp_params = false; } ################### # if no errors occured , begin saving to database if (!$errors) { $site->debug->msg("EDIT: Objekti salvestamine"); ################### # strip HTML tags from headline, lyhi, sisu for strip-fields // folder title is folder filesystem name if ($site->fdat['tyyp_id'] == 22) { $site->fdat['pealkiri'] = safe_filename2($site->fdat['pealkiri']); } $pealkiri_strip = $site->fdat['pealkiri']; $sisu_strip = $site->fdat['scms_article_editor'] ? $site->fdat['scms_article_editor'] : ($site->fdat['sisu'] ? $site->fdat['sisu'] : $site->fdat['text']); # replace some tags with space before stripping tags (bug #1568 ) $replace_tags_arr = array("<br>", "<BR>", "<br />", "<BR />", " "); $pealkiri_strip = str_replace($replace_tags_arr, " ", $pealkiri_strip); $sisu_strip = str_replace($replace_tags_arr, " ", $sisu_strip); $replace_tags_arr = array("&"); $pealkiri_strip = str_replace($replace_tags_arr, "&", $pealkiri_strip); $sisu_strip = str_replace($replace_tags_arr, "&", $sisu_strip); $pealkiri_strip = strip_tags($pealkiri_strip); $sisu_strip = strip_tags($sisu_strip); // remove excess spaces $sisu_strip = preg_replace('/\\s+/', ' ', $sisu_strip); // overwrite catch for files, this is here so when a new file is being uploaded but // a file with a same name already exists // there wouldn't be double objects // instead use the existing object and move on as that objects update if ($site->fdat['tyyp_id'] == 21 && $_FILES['fileupload']['name']) { $parent_folder = new Objekt(array('objekt_id' => $objekt->parent_id, 'on_sisu' => 1)); $parent_folder_path = preg_replace('#/$#', '', $site->absolute_path) . $parent_folder->all['relative_path']; // delete file if (file_exists($parent_folder_path . '/' . safe_filename2($_FILES['fileupload']['name']))) { unlink($parent_folder_path . '/' . safe_filename2($_FILES['fileupload']['name'])); } $file_path = preg_replace('#/$#', '', $site->absolute_path) . $objekt->all['relative_path']; // delete the file itself (bug #2586) if ($objekt->objekt_id && file_exists($file_path)) { unlink($file_path); } $sql = $site->db->prepare('select objekt_id from obj_file where relative_path = ?', $parent_folder->all['relative_path'] . '/' . safe_filename2($_FILES['fileupload']['name'])); $result = new SQL($sql); if ($result->rows && ($existing_id = $result->fetchsingle())) { // delete the object used to overwrite // don't delete if it's the same object (bug # 2576) if ($objekt->objekt_id && $objekt->objekt_id != $existing_id) { $objekt->del(); } $objekt = new Objekt(array('objekt_id' => $existing_id, 'on_sisu' => 1, 'no_cache' => 1)); } } // / overwrite catch ################### # UPDATE if ($objekt->objekt_id) { /* Check if avaldamise_algus & avaldamise_lopp has the right format if not fix it. */ if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat[avaldamise_algus], $aa_reg)) { if (!$aa_reg[2] && !$aa_reg[3]) { $site->fdat['avaldamise_algus'] = $aa_reg[1] . " 00:00:00"; } else { $site->fdat['avaldamise_algus'] = $aa_reg[1] . " " . $aa_reg[2] . ":" . $aa_reg[3] . ":00"; } } if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat['avaldamise_lopp'], $al_reg)) { if (!$al_reg[2] && !$al_reg[3]) { $site->fdat['avaldamise_lopp'] = $al_reg[1] . " 23:59:59"; } else { $site->fdat['avaldamise_lopp'] = $al_reg[1] . " " . $al_reg[2] . ":" . $al_reg[3] . ":59"; } } /* End of check */ $sql = $site->db->prepare("UPDATE objekt SET pealkiri=?, on_pealkiri=?, on_foorum=?, on_saadetud=?, ttyyp_id=?, page_ttyyp_id=?, pealkiri_strip=?, sisu_strip=?, aeg=?, avaldamisaeg_algus=?, avaldamisaeg_lopp=?, last_modified=" . time() . ", author=?, friendly_url=?, is_hided_in_menu=?, kesk=?, check_in=?, changed_user_id=?, changed_user_name=?, changed_time=?, on_avaldatud = ? WHERE objekt_id=?", $site->fdat['pealkiri'], $site->fdat['on_pealkiri'], $site->fdat['on_foorum'] ? 1 : 0, $site->fdat['on_saadetud'] ? 0 : 1, $site->fdat['ttyyp_id'], $site->fdat['page_ttyyp_id'], $pealkiri_strip, $sisu_strip, $site->db->ee_MySQL($site->fdat['aeg']), $site->db->ee_MySQL_long($site->fdat['avaldamise_algus']), $site->db->ee_MySQL_long($site->fdat['avaldamise_lopp']), $site->fdat['author'], $site->fdat['friendly_url'], $site->fdat['is_hided_in_menu'] ? 1 : 0, $site->fdat['kesk'], 0, $site->user->id, $site->user->name, date("Y-m-d H:i:s"), isset($site->fdat['publish']) && is_numeric($site->fdat['publish']) ? (int) $site->fdat['publish'] : $objekt->all['on_avaldatud'], $objekt->objekt_id); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sth->debug->get_msgs()); # save old-ver3-style tyyp_params. Bug #2506 # this SQL should happen only as exception and not by default if ($oldstyle_tyyp_params === true) { $sql = $site->db->prepare("UPDATE objekt SET ttyyp_params = ? WHERE objekt_id=?", $templ_params ? $templ_params : 'ttyyp_params', $objekt->objekt_id); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sth->debug->get_msgs()); } # ------------------------ # Kustutame chache-ist ka # ------------------------ clear_cache("ALL"); new Log(array('action' => 'update', 'objekt_id' => $objekt->objekt_id, 'message' => sprintf("%s '%s' (ID = %s) %s", ucfirst(translate_en($objekt->all['klass'])), $objekt->pealkiri(), $objekt->objekt_id, "changed"))); } else { /* Check if avaldamise_algus & avaldamise_lopp has the right format if not fix it. */ if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat['avaldamise_algus'], $aa_reg)) { if (!$aa_reg[2] && !$aa_reg[3]) { $site->fdat['avaldamise_algus'] = $aa_reg[1] . " 00:00:00"; } else { $site->fdat['avaldamise_algus'] = $aa_reg[1] . " " . $aa_reg[2] . ":" . $aa_reg[3] . ":00"; } } if (preg_match("/(\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d[\\:\\\\.\\/\\-]\\d?\\d?\\d\\d)\\s?(\\d?\\d?)[\\:\\\\.\\/\\-]?(\\d?\\d?)/", $site->fdat['avaldamise_lopp'], $al_reg)) { if (!$al_reg[2] && !$al_reg[3]) { $site->fdat['avaldamise_lopp'] = $al_reg[1] . " 23:59:59"; } else { $site->fdat['avaldamise_lopp'] = $al_reg[1] . " " . $al_reg[2] . ":" . $al_reg[3] . ":59"; } } /* End of check */ $sql = $site->db->prepare("INSERT INTO objekt (pealkiri, on_pealkiri, on_foorum, on_saadetud, tyyp_id, author, on_avaldatud, keel, kesk, ttyyp_id, page_ttyyp_id, pealkiri_strip, sisu_strip, aeg, sys_alias, ttyyp_params, avaldamisaeg_algus, avaldamisaeg_lopp, last_modified, friendly_url, is_hided_in_menu, check_in, check_in_admin_id, created_user_id, created_user_name, created_time) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)", $site->fdat['pealkiri'], $site->fdat['on_pealkiri'], $site->fdat['on_foorum'], $site->fdat['on_saadetud'] ? 0 : 1, $tyyp['tyyp_id'], $site->fdat['author'], $site->fdat['sys_alias'] || $site->fdat['publish'] ? 1 : 0, $tyyp['tyyp_id'] == 21 || $tyyp['tyyp_id'] == 22 ? 1 : $keel, $site->fdat['kesk'], $site->fdat['ttyyp_id'], $site->fdat['page_ttyyp_id'], $pealkiri_strip, $sisu_strip, $site->db->ee_MySQL($site->fdat['aeg']), $site->fdat['sys_alias'], $templ_params, $site->db->ee_MySQL_long($site->fdat['avaldamise_algus']), $site->db->ee_MySQL_long($site->fdat['avaldamise_lopp']), time(), $site->fdat['friendly_url'], $site->fdat['is_hided_in_menu'] ? 1 : 0, 0, $site->user->id, $site->user->id, $site->user->name, date("Y-m-d H:i:s")); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sth->debug->get_msgs()); $obj_insert_id = $sth->insert_id; # ------------------------ # Kustutame chache-ist ka # ------------------------ clear_cache("ALL"); $objekt = new Objekt(array(objekt_id => $obj_insert_id, no_cache => 1, creating => 1)); if (!is_numeric($objekt->objekt_id)) { $objekt->objekt_id = $obj_insert_id; } $site->fdat['id'] = $objekt->objekt_id; new Log(array('action' => 'create', 'objekt_id' => $objekt->objekt_id, 'message' => sprintf("%s '%s' (ID = %s) %s", ucfirst(translate_en($objekt->all['klass'])), $objekt->pealkiri(), $objekt->objekt_id, "inserted"))); $is_new = 1; } # / INSERT ################### ################### # WHAT IS THIS? $objekt->all["on_peida_vmenyy"] = $site->fdat["on_peida_vmenyy"] ? 1 : 0; ################### # SALVESTA t��bist s�ltuv osa #$fdat{objekt}->{klass} = "artikkel" if ($fdat{objekt}->{klass} eq "oigusakt"); # INCLUDE t��bist s�ltuv fail include_once "edit_" . $tyyp['klass'] . ".php"; # salvesta objekti t��bist s�ltuv osa salvesta_objekt(); # save all profile fields: if ($site->fdat['profile_id']) { # if profile set save_obj_profile(); } # / SALVESTA t��bist s�ltuv osa ################### ################### # PARENTS (tbl 'objekt_objekt') ################### $site->debug->msg("------------ PARENTS -------------"); ################### ####################### # 1. FIND NEW PARENTS $new_parents = array(); # parentit on lubatud select-boxis muuta j�rgmistel objektidel: # artikkel, dokument, rubriik, album, asset, gallup, kommentaar # 1) kui tegu on lubatud objektiga JA vormis oli parent rubriik valitud, # siis if (($tyyp['klass'] == "artikkel" || $tyyp['klass'] == "dokument" || $tyyp['klass'] == "rubriik" || $tyyp['klass'] == "album" || $tyyp['klass'] == "asset" || $tyyp['klass'] == "gallup" || $tyyp['klass'] == "kommentaar" || $tyyp['klass'] == "link") && is_array($site->fdat['rubriik'])) { # salvesta k�ik vormis valitud rubriigid massiivi foreach ($site->fdat['rubriik'] as $value) { $new_parents[$value] = 1; } # kui parenti ID oli 0, siis what the hell siin tehakse? /* if ($site->fdat['parent_id']==0) { $new_parents[$site->fdat['parent_id']] = 1; } */ } elseif ($site->fdat['parent_id']) { $new_parents[$site->fdat['parent_id']] = 1; } ######### get parent object if ($site->fdat['parent_id']) { $parent = new Objekt(array(objekt_id => $site->fdat['parent_id'])); } # kui objektil leidub korrektne parent ja pole tegu rubriigiga, # siis pane parentiks 'parent_id' parameeter (eee, j�lle?) # Lauri: parent ise ei tohiks saada new_parentiks. seega kommentaari juures konkreetselt keelan ara if ($parent && $parent->all['klass'] != "rubriik" && $tyyp['klass'] != "kommentaar") { $new_parents[$site->fdat['parent_id']] = 1; } ######## gallupi erijuht if ($tyyp['klass'] == "gallup") { if ($site->fdat['on_avatud']) { $objekt->load_sisu(); $site->debug->msg("EDIT: vana parent rullib!"); # removed by Bug #1896: gallupit ei saa teise rubriigi alla t�sta # $new_parents = array($objekt->all["orig_parent_id"] => 1); } else { # kui suletud gallup, siis liiguta gallupi arhiivi $new_parents = array($site->alias("gallup_arhiiv") => 1); } } $site->debug->msg("EDIT: Selected new parents: " . join(",", array_keys($new_parents))); # 1. / FIND NEW PARENTS ####################### ####################### # 2. FIND CURRENT PARENTS $current_parents = array(); ########### RUBRIIK V�I LINGIKAST if ($tyyp['klass'] == "rubriik") { ######## Otsime, kas rubriik kuulub ka m�ne uudistekogu alla - need on vaja uutele parentitele vaikselt lisada $sql = $site->db->prepare("SELECT objekt_objekt.parent_id FROM objekt_objekt LEFT JOIN objekt ON objekt.objekt_id=objekt_objekt.parent_id WHERE objekt_objekt.objekt_id=? and objekt.tyyp_id=9", $objekt->objekt_id); $sth = new SQL($sql); while ($tmp_data = $sth->fetchsingle()) { $newslist_parents[$tmp_data] = 1; # lisa salaja uudistekogu ID samuti uute parentite massiivile $new_parents[$tmp_data] = 1; } unset($tmp_data); if ($sth->rows) { $site->debug->msg("EDIT: Parent news lists: " . join(",", array_keys($newslist_parents))); } ########## leia rubriigi praegused parentid $sql = $site->db->prepare("SELECT parent_id FROM objekt_objekt WHERE objekt_id=?", $objekt->objekt_id); $sth = new SQL($sql); while ($tmp_data = $sth->fetch()) { $parent_id = $tmp_data['parent_id']; $current_parents[$parent_id] = 1; } ######### K�IK �LEJ��NUD objektid v.a rubriik ja lingikast } else { # ----------------------------------- # siin on need objektid mille jaoks # on lubatud rohkem kui 1 �lema omama # ----------------------------------- $sql = $site->db->prepare("SELECT parent_id FROM objekt_objekt WHERE objekt_id=?", $objekt->objekt_id); $sth = new SQL($sql); while ($tmp_data = $sth->fetch()) { $parent_id = $tmp_data['parent_id']; $current_parents[$parent_id] = 1; } # mis siin tehakse? # Lauri: oeldakse jargmise IF-i jaoks, et ara sinna sisse mine. vaata 10 rida allapoole if ($current_parents[0]) { $new_parents[0] = 1; } } $site->debug->msg("EDIT: Current parents: " . join(",", array_keys($current_parents))); # / 2. FIND CURRENT PARENTS ####################### # kui uute parentite massiiv on t�hi, siis kasuta vormis alati kaasas olnud # peidetud v��rtust 'permanent_parent_id' if ($site->fdat['permanent_parent_id'] != "" && !count(array_keys($new_parents))) { $new_parents[$site->fdat['permanent_parent_id']] = 1; } $site->debug->msg("EDIT: Final parents: " . join(",", array_keys($new_parents))); ####################### # 3. CHECK NEW PARENTS PERMISSIONS foreach (array_keys($new_parents) as $parent_id) { if ($parent_id) { # kui uus �lem (varem polnud), siis kontrolli �iguseid if (!$current_parents[$parent_id]) { ####### check permissions $perm = get_obj_permission(array("objekt_id" => $parent_id)); # kui uuel parentil on CREATE �igus, siis luba lisada objekt selle parenti alla, # muidu mitte if ($perm['C']) { $site->debug->msg("EDIT: New parent " . $parent_id . " permissions " . $perm['mask'] . " allow to create object under it => OK"); } else { $site->debug->msg("EDIT: New parent " . $parent_id . " permissions " . $perm['mask'] . " don't allow to create object under it => FORBIDDEN"); # v�ta see parent maha uute parentite massiivist unset($new_parents[$parent_id]); } # new parent permissions } } # if parent_id } $site->debug->msg("EDIT: Final parents after permission check: " . join(",", array_keys($new_parents))); # / 3. CHECK NEW PARENTS PERMISSIONS ####################### # kui uute parentite arv on 0 st objekti ei tohi uue parenti alla lisada, # siis �ra tee �ldse midagi if (!count(array_keys($new_parents))) { $site->debug->msg("EDIT: Can't move under new parent => don't do anything at all"); $fatal_parent_error = 1; } # kui uued parentid on ainult uudistekogud (samad mis enne), siis �ra tee �ldse midagi if (sizeof($newslist_parents) > 0) { $result = array_diff(array_keys($new_parents), array_keys($newslist_parents)); if (sizeof($result) <= 0) { # kui massiivid pole erinevad $site->debug->msg("EDIT: New parents are equal to existing newslist parents => don't do anything at all"); $fatal_parent_error = 1; } } else { if (!$fatal_parent_error) { # if not fatal parent error ####################### # 4. INSERT NEW PARENTS (siin on juba ainult need parentid, mille alla v�ib objekti lisada) foreach (array_keys($new_parents) as $parent_id) { if ($parent_id) { # �lem on olemas, siis pole vaja midagi teha if ($current_parents[$parent_id]) { $current_parents[$parent_id] = 0; $site->debug->msg("EDIT: Parent {$parent_id} j��b nagu oli"); } else { if ($site->fdat["sorting"]) { $sorteering = $site->fdat["sorting"]; } else { $sql = "SELECT max(sorteering) FROM objekt_objekt"; $sth = new SQL($sql); $sorteering = $sth->fetchsingle(); } #move objects forward so new object can be inserted in the middle $sql = $site->db->prepare("UPDATE objekt_objekt SET sorteering=sorteering+1 WHERE sorteering>?", $sorteering); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); ################ INSERT $sql = $site->db->prepare("INSERT INTO objekt_objekt (objekt_id, parent_id, sorteering) VALUES (?,?,?)", $objekt->objekt_id, $parent_id, $sorteering + 1); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); if ($tyyp['klass'] == 'kommentaar') { $sql = $site->db->prepare("UPDATE objekt SET comment_count = comment_count+1 WHERE objekt_id=?", $parent_id); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); } } # uus �lem, lisa } # if parent_id } # / 4. INSERT NEW PARENTS ####################### ####################### # 5. DELETE OLD PARENTS function notnull($a) { return $a > 0; } $to_delete = join(",", array_keys(array_filter($current_parents, "notnull"))); $site->debug->msg("EDIT: Current Parents, allowed to delete: " . $to_delete); # kui vormis oli valitud m�ni parent rubriik JA objekt on lubatud t��pi (tal v�ib parentit muuta), # siis... mis tehakse? if (sizeof($site->fdat['rubriik']) > 0 && ($tyyp['klass'] == "artikkel" || $tyyp['klass'] == "dokument" || $tyyp['klass'] == "gallup" || $tyyp['klass'] == "rubriik" || $tyyp['klass'] == "album" || $tyyp['klass'] == "asset" || $tyyp['klass'] == "dokument" || $tyyp['klass'] == "gallup" || $tyyp['klass'] == "kommentaar" || $tyyp['klass'] == "link")) { $parent_ids = array(); foreach (array_unique(array_merge($site->fdat['rubriik'], array_keys($new_parents))) as $tmp_id) { if ((int) $tmp_id) { $parent_ids[] = (int) $tmp_id; } } ########### Lauri 04092009: store parents that will be deleted so we can reduce their comment_count $sql = $site->db->prepare("SELECT parent_id FROM objekt_objekt WHERE objekt_id=? AND parent_id NOT IN(" . implode(',', $parent_ids) . ")", $objekt->objekt_id); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); $parents_to_delete = array(); while ($return_row = $sth->fetch()) { $parents_to_delete[] = $return_row['parent_id']; } ############ DELETE $sql = $site->db->prepare("DELETE FROM objekt_objekt WHERE objekt_id=? AND parent_id NOT IN(" . implode(',', $parent_ids) . ")", $objekt->objekt_id); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); ########## Lauri 04092009: reduce comment count for parents from which kommentaar was deleted if ($tyyp['klass'] == 'kommentaar') { $sql = $site->db->prepare("UPDATE objekt SET comment_count = comment_count-1 WHERE objekt_id IN(" . implode(',', $parents_to_delete) . ")"); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); } } ############ DELETE # kui on parenteid, mida kustutada: if ($to_delete) { $sql = $site->db->prepare("DELETE FROM objekt_objekt WHERE objekt_id=? AND parent_id IN(?)", $objekt->objekt_id, $to_delete); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); ############ Lauri 04092009: if some more parents got removed, reduce comment_count on them too. have to make sure not to do it twice tho $comments_to_substract = array_diff((array) $to_delete, $parents_to_delete); if ($tyyp['klass'] == 'kommentaar' && count($comments_to_substract)) { $sql = $site->db->prepare("UPDATE objekt SET comment_count = comment_count-1 WHERE objekt_id IN (" . implode(',', $comments_to_substract) . ")"); $sth = new SQL($sql); $site->debug->msg("EDIT: " . $sql); } } # / 5. DELETE OLD PARENTS ####################### } } # if not fatal parent error (new parent permissions) ################################## / DATABASE SQL-s ################################## $site->debug->msg("------------ PARENTS END -------------"); # / PARENTS ################### ######################## # INSERT PERMISSIONS # lisame uuele objektile t�pselt samad �igused nagu on tema parent objektile. # OBJ class check: save permissions only for objects having class "rubriik" (1) or "folder" (22). # NB! if you change class conditions here, be sure to change them in Repair database script also! # (see also bug #1545) if ($tyyp[tyyp_id] == 1 || $tyyp[tyyp_id] == 22) { # if object is section or folder if ($is_new) { # leia k�ik parenti �igused userite/gruppide kohta: $sql = $site->db->prepare("SELECT * FROM permissions WHERE type=? AND source_id=?", 'OBJ', $parent->objekt_id); $sth = new SQL($sql); # ts�kkel �le parenti �iguste while ($perm = $sth->fetch()) { # lisa �igus uuele objektile $sql2 = $site->db->prepare("INSERT INTO permissions (type,source_id,role_id,group_id,user_id,C,R,U,P,D) VALUES (?,?,?,?,?,?,?,?,?,?)", 'OBJ', $objekt->objekt_id, $perm['role_id'], $perm['group_id'], $perm['user_id'], $perm['C'], $perm['R'], $perm['U'], $perm['P'], $perm['D']); $sth2 = new SQL($sql2); } # ts�kkel �le parenti �iguste // reload permissions for user if (!$site->user->is_superuser) { if ($site->user) { $site->user->permissions = $site->user->load_objpermissions(); } elseif ($site->guest) { $site->guest->permissions = $site->guest->load_objpermissions(); } } } # if new, just created object } # if object is section or folder # / INSERT PERMISSIONS ######################## return 1; } else { ?> <center><font class=txt> <br> <font color=red> <?php echo $errors; ?> </font> <br> <a href="javascript:history.back();"><?php echo $site->sys_sona(array(sona => "Tagasi", tyyp => "editor")); ?> </a> </font></center> <?php } # / print errors ################### } # / 2. usual case ################### }
function get_active_lang() { global $CMS_SETTINGS, $DB, $site; # a) at first search keel from session if (isset($_SESSION['keel'])) { #echo "FOUND SESSION KEEL:".$_SESSION['keel']['keel_id']; $sql = $DB->prepare("SELECT extension FROM keel WHERE keel_id=?", $_SESSION['keel']['keel_id']); $sth = new SQL($sql); $keel_ext = $sth->fetchsingle(); } # b) if not extension found at this point (either no session set or faulty value set) # then get default keel if (!$keel_ext) { $sql = $DB->prepare("SELECT extension FROM keel WHERE on_default=1"); $sth = new SQL($sql); $keel_ext = $sth->fetchsingle(); } return $keel_ext; }