/**
* Validate and add a topic.
*
* @access public
* @param array $data
* @return boolean|int
*/
public function add($data)
{
$this->set($data);
if ($this->validates()) {
$isAdmin = $this->Session->read('Forum.isAdmin');
if (($secondsLeft = $this->checkFlooding($this->settings['topic_flood_interval'])) > 0 && !$isAdmin) {
return $this->invalidate('title', 'You must wait %s more second(s) till you can post a topic', $secondsLeft);
} else {
if ($this->checkHourly($this->settings['topics_per_hour']) && !$isAdmin) {
return $this->invalidate('title', 'You are only allowed to post %s topic(s) per hour', $this->settings['topics_per_hour']);
} else {
$data['title'] = Sanitize::clean($data['title']);
$this->create();
$this->save($data, false, array('forum_id', 'user_id', 'title', 'slug', 'status', 'type'));
$data['topic_id'] = $this->id;
$data['post_id'] = $this->Post->addFirstPost($data);
$this->update($data['topic_id'], array('firstPost_id' => $data['post_id'], 'lastPost_id' => $data['post_id'], 'lastUser_id' => $data['user_id']));
$this->Forum->chainUpdate($data['forum_id'], array('lastTopic_id' => $data['topic_id'], 'lastPost_id' => $data['post_id'], 'lastUser_id' => $data['user_id']));
if (isset($data['options'])) {
$this->Poll->addPoll($data);
}
// Subscribe
if ($this->settings['auto_subscribe_self']) {
$this->Subscription->subscribeToTopic($data['user_id'], $data['topic_id']);
}
return $data['topic_id'];
}
}
}
return false;
}
public function register()
{
$this->data = Sanitize::clean($this->data, array('encode' => false));
$email = $this->data['Users']['email'];
$this->data = array();
$this->User->create();
$this->data['User']['email'] = (string) $email;
//$password = $this->data['User']['password']= $this->__randomString();
$username = $this->data['User']['username'] = (string) $email;
$this->User->set($this->data);
if ($this->User->validates()) {
$this->User->save();
//$user_record_1=array();
//$user_record_1['Auth']['username']=$username;
//$user_record_1['Auth']['password']=$password;
//$joe = $username;
// $this->Auth->authenticate_from_oauth($user_record_1['Auth']);
$this->redirect(array('controller' => 'mail', 'action' => 'send_welcome_message', $email, $username));
//$this->data['User']['name']));
} else {
$errors = $this->User->invalidFields();
// contains validationErrors array
$this->Session->setFlash($errors['email'], 'default');
$this->redirect('/');
}
}
function admin_addedit($id = null)
{
$this->set('id', $id);
if (empty($this->request->data)) {
$this->request->data = $this->Site->read(null, base64_decode($id));
$this->set('preSelectedPatients', $this->request->data);
} elseif (!empty($this->request->data)) {
//pr($this->request->data);exit;
$this->request->data = Sanitize::clean($this->request->data, array('encode' => false));
$id = base64_decode($id);
$this->request->data['Site']['id'] = $id;
$this->Site->set($this->request->data);
if ($this->Site->validates()) {
if ($this->Site->saveAll($this->request->data['Site'], array('false'))) {
$this->Session->setFlash("The Site Type Name has been saved successfully.", 'default', array('class' => 'alert alert-success'));
$this->redirect(array('action' => 'admin_index'));
}
}
}
$this->loadModel('SiteType');
$siteTypes = $this->SiteType->find('list', array('SiteType.status' => 1));
$textAction = $id == null ? 'Add' : 'Edit';
$buttonText = $id == null ? 'Submit' : 'Update';
$this->set('navadmins', 'class = "active"');
$this->set('action', $textAction);
$this->set('breadcrumb', 'Sites/' . $textAction);
$this->set('buttonText', $buttonText);
$this->set('siteTypes', $siteTypes);
}
public function useBetaKey($email)
{
$key = $this->find('first', array('conditions' => array('email' => null)));
$this->id = $key['BetaKey']['id'];
$this->saveField('email', Sanitize::clean($email));
return $key;
}
/**
* This callback method extract exif data from image and sets fields as customized in settings.
*
* @param Model $model Object of model
*
* @return boolean Return method's status
*/
function beforeValidate(&$model)
{
// If photo is uploaded
if (isset($model->data[$model->name][$this->settings[$model->name]['filename']]) && 0 == $model->data[$model->name][$this->settings[$model->name]['filename']]['error']) {
// Name of image file
//$filename = $model->data[$model->name][$this->settings[$model->name]['filename']]['tmp_name'];
$filename = WWW_ROOT . 'files' . DS . 'pictures' . DS . $model->data[$model->name][$this->settings[$model->name]['filename']];
// Read exif data from file
$exif = read_exif_data_raw($filename, 0);
// If exif data contains maker note then set it empty
if (isset($exif['SubIFD']['MakerNote'])) {
$exif['SubIFD']['MakerNote'] = '';
}
// Create new sanitize object and clean exif data
Sanitize::clean($exif);
if (isset($exif['SubIFD']['DateTimeOriginal']) && isset($this->settings[$model->name]['exifDateField'])) {
$model->data[$model->name][$this->settings[$model->name]['exifDateField']] = date($this->settings[$model->name]['exifDateFormat'], strtotime($exif['SubIFD']['DateTimeOriginal']));
}
// If the GPS Latitude and Longitude is set then add to proper fields
if (isset($exif['GPS'])) {
if (isset($this->settings[$model->name]['gpsLattitudeField'])) {
$model->data[$model->name][$this->settings[$model->name]['gpsLattitudeField']] = $exif['GPS']['Latitude'];
}
if (isset($this->settings[$model->name]['gpsLattitudeField'])) {
$model->data[$model->name][$this->settings[$model->name]['gpsLongitudeField']] = $exif['GPS']['Longitude'];
}
}
// Store serialized exif data in model's data
if (isset($this->settings[$model->name]['exifField'])) {
$model->data[$model->name][$this->settings[$model->name]['exifField']] = serialize($exif);
}
}
return true;
}
/**
* get_slides
*
*/
public function get_slides()
{
$this->Prg->commonProcess();
$add_query = array('Slide.convert_status = ' . SUCCESS_CONVERT_COMPLETED);
$val = isset($this->passedArgs['created_f']) ? $this->passedArgs['created_f'] : null;
if (!empty($val)) {
$add_query[] = "Slide.created >= '" . Sanitize::clean($val) . "'";
}
$val = isset($this->passedArgs['created_t']) ? $this->passedArgs['created_t'] : null;
if (!empty($val)) {
$add_query[] = "Slide.created <= '" . Sanitize::clean($val) . "'";
}
$this->Paginator->settings = array('conditions' => array($this->Slide->parseCriteria($this->passedArgs), $add_query), 'limit' => 200, 'recursive' => 1, 'order' => array('created' => 'desc'));
try {
$records = $this->Paginator->paginate('Slide');
} catch (Exception $e) {
$this->response->statusCode(400);
$result['error']['message'] = __('Failed to retrieve results');
$this->set('error', $result['error']);
return $this->render('slides');
}
$this->response->statusCode(200);
$this->set('slides', $records);
return $this->render('slides');
}
public function __construct($method, $messages)
{
App::import('Core', 'Sanitize');
static $__previousError = null;
if ($__previousError != array($method, $messages)) {
$__previousError = array($method, $messages);
$this->controller =& new CakeErrorController();
} else {
$this->controller =& new Controller();
$this->controller->viewPath = 'errors';
}
$options = array('escape' => false);
$messages = Sanitize::clean($messages, $options);
if (!isset($messages[0])) {
$messages = array($messages);
}
if (method_exists($this->controller, 'apperror')) {
return $this->controller->appError($method, $messages);
}
if (!in_array(strtolower($method), array_map('strtolower', get_class_methods($this)))) {
$method = 'error';
}
$this->dispatchMethod($method, $messages);
$this->_stop();
}
function index()
{
$this->layout = '';
$login = true;
// Verifica se há dados em POST
if ($this->data) {
// Disponibiliza os dados postados para a model
$this->Funcionario->set($this->data);
// Verifica as regras de validação
//if($this->Funcionario->validates()){
// Consulta a função criada na model para validar o login, o método Sanitize::clean torna a string livre de sql hacks
$result = $this->Funcionario->checkUsuario(Sanitize::clean($this->data));
if ($result) {
$this->Session->start();
$_SESSION['funcionario'] = array('id' => $result['Funcionario']['id'], 'data' => date('d-m-Y'), 'hora' => date('h:m:i'), 'perfil_id' => $result['Funcionario']['perfil_id']);
if ($result['Funcionario']['perfil_id'] == 1) {
$this->redirect('/dashboard');
} else {
// $this->redirect('/dashboard/index') ;
}
} else {
$this->set('error', true);
}
//}
}
}
public function s()
{
$result = array();
if (isset($this->request->query['term'])) {
$keyword = Sanitize::clean($this->request->query['term']);
}
if (!empty($keyword)) {
$cacheKey = "ElectionsS{$keyword}";
$result = Cache::read($cacheKey, 'long');
if (!$result) {
$keywords = explode(' ', $keyword);
$countKeywords = 0;
$conditions = array('Election.parent_id IS NOT NULL');
foreach ($keywords as $k => $keyword) {
$keyword = trim($keyword);
if (!empty($keyword) && ++$countKeywords < 4) {
$conditions[] = "Election.keywords LIKE '%{$keyword}%'";
}
}
$result = $this->Election->find('all', array('fields' => array('Election.id', 'Election.name', 'Election.lft', 'Election.rght'), 'conditions' => $conditions, 'limit' => 50));
foreach ($result as $k => $v) {
$parents = $this->Election->getPath($v['Election']['id'], array('name'));
$result[$k]['Election']['name'] = implode(' > ', Set::extract($parents, '{n}.Election.name'));
}
Cache::write($cacheKey, $result, 'long');
}
}
$this->set('result', $result);
}
public function admin_add()
{
$customerdata = $this->User->find("all");
$this->set('customer_data', $customerdata);
//pr($customerdata); exit;
if ($this->request->is('post')) {
//pr($this->request->data['Fcode']);
$unique = time();
$this->request->data['Fcode'] = Sanitize::clean($this->request->data['Fcode'], array("remove_html" => TRUE));
$productIds = $this->request->data['Fcode']['fcode_product'];
$productnames = $this->request->data['Fcode']['fcode_product_names'];
if ($this->Fcode->save($this->request->data['Fcode'])) {
$arr['FcodeProduct']['fcode_id'] = $fcode_id = $this->Fcode->id;
$arr['FcodeProduct']['quantity'] = 1;
for ($i = 0; $i < count($productIds); $i++) {
//$this->Product->id = $productIds[$i];
$product_q = $this->Product->findById($productIds[$i]);
//pr($product_q);exit;
$this->Product->id = $productIds[$i];
$this->Product->saveField('quantity', $product_q['Product']['quantity'] - 1);
$arr['FcodeProduct']['product_id'] = $productIds[$i];
$arr['FcodeProduct']['product_name'] = $productnames[$i];
$this->FcodeProduct->create();
$this->FcodeProduct->save($arr);
}
$this->Session->setFlash('<div class="alert alert-success"><i class="fa fa-check-circle"></i> Fcode Details Added Successfully...<button data-dismiss="alert" class="close" type="button">×</button> </div>');
} else {
$this->Session->setFlash('<div class="alert alert-fail"><i class="fa fa-check-circle"></i> Fcode Details Not Added Successfully...<button data-dismiss="alert" class="close" type="button">×</button> </div>');
}
return $this->redirect(array('action' => 'index'));
}
}
public function add()
{
if ($this->request->is('post')) {
/*
* sanitize data
*/
$this->request->data = Sanitize::clean($this->request->data, array('encode' => true, 'remove_html' => true));
$checkRoleExists = $this->CloggyUserRole->isRoleExists($this->request->data['CloggyUserRole']['role_name']);
/*
* validation rules
*/
$dataValidate = $this->request->data['CloggyUserRole'];
$this->CloggyValidation->set($dataValidate);
$this->CloggyValidation->validate = array('role_name' => array('empty' => array('rule' => 'notEmpty', 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'Role name field required')), 'exists' => array('rule' => array('isValueEqual', $checkRoleExists, false), 'message' => __d('cloggy', 'This role name has exists.'))));
/*
* validate data
*/
if ($this->CloggyValidation->validates()) {
/*
* save and create new user role
*/
$this->CloggyUserRole->createRole($this->request->data['CloggyUserRole']['role_name']);
//set notification
$this->set('success', '<strong>' . $this->request->data['CloggyUserRole']['role_name'] . '</strong> ' . __d('cloggy', 'has been created.'));
} else {
$this->set('errors', $this->CloggyValidation->validationErrors);
}
}
$this->set('title_for_layout', __d('cloggy', 'Cloggy - Role Management - Create New Role'));
}
public function contactus()
{
if ($this->request->data) {
$this->request->data['Contact'] = Sanitize::clean($this->request->data, array("remove_html" => TRUE));
$cakeEmail = new CakeEmail('default');
if ($this->request->data['Contact']['emailbool'] == "2") {
$email_to = Configure::read('Config.general');
$cakeEmail->template('enquiry', 'default')->emailFormat('html')->to($email_to)->subject('HaRiMau - General Enquiry');
} else {
$email_to = Configure::read('Config.business');
$cakeEmail->template('enquiry', 'default')->emailFormat('html')->to($email_to)->subject('HaRiMau - Business Enquiry');
}
$cakeEmail->viewVars(array('user' => $this->request->data));
if ($cakeEmail->send()) {
$cnt_data = $this->Notification->find('count', array('conditions' => array('markas' => 'Unread', 'type' => 'Contact')));
$arr['Notification']['type'] = 'Contact';
$arr['Notification']['status'] = 'Approve';
$arr['Notification']['count'] = $cnt_data + 1;
$arr['Notification']['markas'] = 'Unread';
$arr['Notification']['bell'] = 'On';
$noti = $this->Notification->save($arr);
$noti_data = $this->Notification->find('all', array('conditions' => array('markas' => 'Unread')));
$numNoti = count($noti_data);
$this->set('count', $numNoti);
$this->Session->setFlash('<div class="alert alert-success"><i class="fa fa-check-circle"></i> An email with details is sent to system admin as earliest as will replied you. <button data-dismiss="alert" class="close" type="button">×</button> </div>');
//$this->Session->setFlash(__('An email with details is sent to system admin as earliest as will replied you. '));
} else {
$this->Session->setFlash('<div class="alert alert-danger"><i class="fa fa-exclamation-circle"></i> Problem on sending email to enquiry department. Please contact to administrator.<button data-dismiss="alert" class="close" type="button">×</button> </div>');
//$this->Session->setFlash(__('Problem on sending email to enquiry department. Please contact to administrator'));
}
} else {
$this->set('count', 0);
}
}
function createComment(&$model, $id, $data = array())
{
if (!empty($data[$this->__settings[$model->alias]['class']])) {
unset($data[$model->alias]);
$model->Comment->validate = array($this->__settings[$model->alias]['column_author'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_content'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_email'] => array('notempty' => array('rule' => array('notempty')), 'email' => array('rule' => array('email'), 'message' => 'Please enter a valid email address')), $this->__settings[$model->alias]['column_class'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_foreign_id'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_status'] => array('notempty' => array('rule' => array('notempty'))), $this->__settings[$model->alias]['column_points'] => array('notempty' => array('rule' => array('notempty')), 'numeric' => array('rule' => array('numeric'))));
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_class']] = $model->alias;
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_foreign_id']] = $id;
$data[$this->__settings[$model->alias]['class']] = $this->_rateComment($model, $data['Comment']);
if ($data[$this->__settings[$model->alias]['class']]['status'] == 'spam') {
$data[$this->__settings[$model->alias]['class']]['active'] == 0;
} else {
if (Configure::read('Comments.auto_moderate') === true && $data[$this->__settings[$model->alias]['class']]['status'] != 'spam') {
$data[$this->__settings[$model->alias]['class']]['active'] == 1;
}
}
if ($this->__settings[$model->alias]['sanitize']) {
App::import('Sanitize');
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']] = Sanitize::clean($data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']]);
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']] = Sanitize::clean($data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']]);
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']] = Sanitize::clean($data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']]);
} else {
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']] = $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_author']];
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']] = $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_email']];
$data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']] = $data[$this->__settings[$model->alias]['class']][$this->__settings[$model->alias]['column_content']];
}
if ($this->_checkForEmptyVal($data[$this->__settings[$model->alias]['class']]) == false) {
$model->Comment->create();
if ($model->Comment->save($data)) {
return true;
}
}
}
return false;
}
function testClean()
{
$string = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line';
$expected = 'test & "quote" 'other' ;.$ symbol.another line';
$result = Sanitize::clean($string);
$this->assertEqual($result, $expected);
$string = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line';
$expected = 'test & ' . Sanitize::escape('"quote"') . ' ' . Sanitize::escape('\'other\'') . ' ;.$ symbol.another line';
$result = Sanitize::clean($string, array('encode' => false));
$this->assertEqual($result, $expected);
$string = 'test & "quote" \'other\' ;.$ \\$ symbol.' . "\r" . 'another line';
$expected = 'test & "quote" \'other\' ;.$ $ symbol.another line';
$result = Sanitize::clean($string, array('encode' => false, 'escape' => false));
$this->assertEqual($result, $expected);
$string = 'test & "quote" \'other\' ;.$ \\$ symbol.' . "\r" . 'another line';
$expected = 'test & "quote" \'other\' ;.$ \\$ symbol.another line';
$result = Sanitize::clean($string, array('encode' => false, 'escape' => false, 'dollar' => false));
$this->assertEqual($result, $expected);
$string = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line';
$expected = 'test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line';
$result = Sanitize::clean($string, array('encode' => false, 'escape' => false, 'carriage' => false));
$this->assertEqual($result, $expected);
$array = array(array('test & "quote" \'other\' ;.$ symbol.' . "\r" . 'another line'));
$expected = array(array('test & "quote" 'other' ;.$ symbol.another line'));
$result = Sanitize::clean($array);
$this->assertEqual($result, $expected);
$array = array(array('test & "quote" \'other\' ;.$ \\$ symbol.' . "\r" . 'another line'));
$expected = array(array('test & "quote" \'other\' ;.$ $ symbol.another line'));
$result = Sanitize::clean($array, array('encode' => false, 'escape' => false));
$this->assertEqual($result, $expected);
}
/**
*This function use for product category edit in admin panel
* @param string $category_id
*/
function shophead_edit($category_id = "")
{
$this->layout = 'admin_layout';
App::import('Model', 'ProductCategory');
$this->ProductCategory = new ProductCategory();
$id = base64_decode($category_id);
// pr($id);
$this->loadModel('ProductSubCategory');
$this->set('categories', $this->ProductCategory->find('list', array('fields' => array('ProductCategory.id', 'ProductCategory.name'), 'conditions' => array('ProductCategory.status' => 1))));
$data = $this->ProductSubCategory->find('first', array('conditions' => array('ProductSubCategory.id' => $id)));
if (!empty($data)) {
if (!empty($this->request->data)) {
$this->request->data = Sanitize::clean($this->request->data, array('encode' => false));
$this->ProductSubCategory->set($this->request->data);
if ($this->request->data['ProductSubCategory']['name'] == $data['ProductSubCategory']['name']) {
unset($this->request->data['ProductSubCategory']['name']);
}
if ($this->ProductSubCategory->validates()) {
if ($this->ProductSubCategory->save($this->request->data)) {
$this->Session->write('flash', array(EDIT_RECORD, 'success'));
$this->redirect(array('controller' => 'ProductSubCategories', 'action' => 'index'));
} else {
$this->Session->write('flash', array(FAILURE_MSG, 'failure'));
$this->redirect(array('controller' => 'ProductSubCategories', 'action' => 'index'));
}
}
}
$this->request->data = $data;
} else {
$this->redirect(array('controller' => 'ProductSubCategories', 'action' => 'index'));
}
}
public function create()
{
/*
* form submitted
*/
if ($this->request->is('post')) {
$dataToSave = array();
/*
* sanitize data
*/
$this->request->data = Sanitize::clean($this->request->data, array('encode' => true, 'remove_html' => true));
/*
* permission data
*/
$dataToSave['CloggyUserPerm']['aro_object_id'] = $this->request->data['CloggyUserPerm']['role_id'];
$dataToSave['CloggyUserPerm']['aro_object'] = $this->request->data['CloggyUserPerm']['role_id'] == 0 ? '*' : 'roles';
$dataToSave['CloggyUserPerm']['aco_object'] = $this->request->data['CloggyUserPerm']['aco_object'];
$dataToSave['CloggyUserPerm']['aco_adapter'] = $this->request->data['CloggyUserPerm']['aco_adapter'];
/*
* permission value type(allow/deny)
*/
$perm = $this->request->data['CloggyUserPerm']['perm'];
switch ($perm) {
case 0:
$dataToSave['CloggyUserPerm']['allow'] = 0;
$dataToSave['CloggyUserPerm']['deny'] = 1;
break;
default:
$dataToSave['CloggyUserPerm']['allow'] = 1;
$dataToSave['CloggyUserPerm']['deny'] = 0;
break;
}
/*
* check if aro has permission to aco
*/
$checkPermExists = $this->CloggyUserPerm->isAroConnectedWithAco($dataToSave['CloggyUserPerm']['aro_object_id'], $dataToSave['CloggyUserPerm']['aro_object'], $dataToSave['CloggyUserPerm']['aco_object']);
/*
* prepare validation
*/
$this->CloggyValidation->set($this->request->data['CloggyUserPerm']);
$this->CloggyValidation->validate = array('aco_adapter' => array('empty' => array('rule' => 'notEmpty', 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'Adapter name field required')), 'comparison' => array('rule' => array('inList', array('module', 'model', 'url')), 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'You must choose adapter.'))), 'role_id' => array('rule' => array('isValueEqual', $checkPermExists, false), 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'This role and permission has been exists.')), 'aco_object' => array('rule' => 'notEmpty', 'required' => true, 'allowEmpty' => false, 'message' => __d('cloggy', 'Object field required')));
/*
* validate data
*/
if ($this->CloggyValidation->validates()) {
$this->CloggyUserPerm->create();
$this->CloggyUserPerm->save($dataToSave);
$this->set('success', __d('cloggy', 'Permission has been setup'));
} else {
$this->set('errors', $this->CloggyValidation->validationErrors);
}
}
/*
* get roles
*/
$roles = $this->CloggyUserRole->find('list', array('contain' => false, 'fields' => array('CloggyUserRole.id', 'CloggyUserRole.role_name'), 'order' => array('CloggyUserRole.role_name' => 'asc')));
$this->set('title_for_layout', __d('cloggy', 'Cloggy - Users Permission Management - Setup Permission'));
$this->set(compact('roles'));
}
public function insert($ip, $username)
{
$expire = Configure::read('SecureAuth.expire');
// sanitize fields
$ip = Sanitize::clean($ip);
$username = Sanitize::clean($username);
$this->query("INSERT INTO `bruteforces` (`ip` , `username` , `expire` ) VALUES ('{$ip}', '{$username}', TIMESTAMPADD(SECOND,{$expire}, NOW()));");
}
function post()
{
App::import('Sanitize');
$this->data = Sanitize::clean($this->data);
$this->data['Chat']['ip_address'] = $_SERVER['REMOTE_ADDR'];
$this->Chat->save($this->data);
die;
}
/**
* JSON format tag suggestions based on first letters of tag name
*/
function suggest()
{
if ($this->RequestHandler->isAjax() && $this->RequestHandler->isPost()) {
App::import('Core', 'Sanitize');
$first_letters = Sanitize::clean($this->params['form']['tag']);
$limit = Sanitize::clean($this->params['form']['limit']);
$this->set('matches', $this->Tag->suggest($first_letters, $limit));
}
}
function shout()
{
$this->data['UserThread']['user_id'] = $this->Session->read('Auth.User.id');
$this->data['UserThread']['target_id'] = $this->data['UserThread']['target_id'];
$this->data['UserThread']['content'] = Sanitize::clean($this->data['UserThread']['content']);
$this->data['UserThread']['private'] = $this->data['UserThread']['private'];
$this->UserThread->save($this->data);
$this->redirect($this->referer());
}
function view($mixed)
{
$mixed = Sanitize::clean($mixed);
$project = $this->Project->findMixed($mixed);
if (!$project) {
$this->cakeError("error404");
}
$this->set('project', $project);
}
public function beforeSave($options = array())
{
parent::beforeSave($options);
$formatted = $this->formatDateFields($this->data, $this->datesToSave, "%Y-%m-%d");
if (isset($formatted[0])) {
$this->data[$this->alias] = array_replace($this->data[$this->alias], $formatted[0][$this->alias]);
}
$this->data = Sanitize::clean($this->data);
return true;
}
/**
* Cette fonction permet la gestion de l'inscription à la lettre d'informations
*
* @access public
* @author koéZionCMS
* @version 0.1 - 10/02/2012 by FI
* @version 0.2 - 27/06/2013 by FI - Correction sur la gestion de l'élément suite au changement dans la gestion des templates plus nettoyage des données
*/
function newsletter()
{
if ($this->request->data) {
//Si des données sont postées
if ($this->Contact->validates($this->request->data)) {
//Si elles sont valides
//Récupération du contenu à envoyer dans le mail
$vars = $this->get('vars');
$messageContent = $vars['websiteParams']['txt_mail_newsletter'];
if (defined('LAYOUT_VIEWS')) {
$emailElement = LAYOUT_VIEWS . DS . 'elements' . DS . 'email' . DS . 'newsletter';
} else {
$emailElement = ELEMENTS . DS . 'email' . DS . 'default';
}
$this->request->data = Sanitize::clean($this->request->data, array('remove_html' => true));
//Petit nettoyage des données avant envoi et insertion
///////////////////////
// ENVOI DE MAIL //
$mailDatas = array('subject' => '::Newsletter::', 'to' => $this->request->data['email'], 'element' => $emailElement, 'vars' => array('messageContent' => $messageContent));
$this->components['Email']->send($mailDatas, $this);
//On fait appel au composant email
///////////////////////
$this->Contact->save($this->request->data);
//On procède à la sauvegarde des données
if (isset($this->request->data['id']) && isset($this->request->data['name'])) {
$message = '<p class="confirmation">Votre demande a bien été prise en compte.</p>';
$messageOk = '<p>Votre demande a bien été prise en compte.</p>';
$this->request->data = false;
} else {
$message = '<p class="confirmation">Votre demande a bien été prise en compte. <br /> Vous pouvez compléter vos informations si vous le souhaitez.</p>';
$messageOk = '<p>Votre demande a bien été prise en compte. <br /> Vous pouvez compléter vos informations si vous le souhaitez.</p>';
$this->set('newsletter_id', $this->Contact->id);
}
$this->set('message', $message);
$this->set('messageOk', $messageOk);
} else {
//Gestion des erreurs
$message = '<p class="error"><strong>Merci de corriger vos informations</strong>';
foreach ($this->Contact->errors as $k => $v) {
$message .= '<br />' . $v;
}
$message .= '</p>';
$messageKo = '<p><strong>Merci de corriger vos informations</strong>';
foreach ($this->Contact->errors as $k => $v) {
$messageKo .= '<br />' . $v;
}
$messageKo .= '</p>';
$this->set('message', $message);
$this->set('messageKo', $messageKo);
if (isset($this->request->data['id'])) {
$this->set('newsletter_id', $this->request->data['id']);
}
}
}
}
public function update_puchaseid()
{
$this->autoRender = false;
if ($this->data) {
App::uses('Sanitize', 'Utility');
$purchase_id = Sanitize::clean($this->data['Invoice']['purchaseorder_id']);
$this->Invoice->id = $this->data['Invoice']['id'];
$this->Invoice->saveField('customer_puchaseorder_no', $purchase_id);
echo $purchase_id;
}
}
/**
* List of link categories
*/
public function admin_index()
{
$this->set('title_for_layout', __d('hurad', 'Link Categories'));
$this->Linkcat->recursive = 0;
if (isset($this->request->params['named']['q'])) {
App::uses('Sanitize', 'Utility');
$q = Sanitize::clean($this->request->params['named']['q']);
$this->Paginator->settings = Hash::merge($this->paginate, array('Linkcat' => array('conditions' => array('Linkcat.name LIKE' => '%' . $q . '%'))));
}
$this->set('linkcats', $this->Paginator->paginate('Linkcat'));
}
public function auto()
{
$this->jsonData = array();
if (!empty($_GET['term'])) {
$keyword = trim(Sanitize::clean($_GET['term']));
$items = $this->Drug->find('all', array('contain' => array('License'), 'fields' => array('Drug.id', 'Drug.license_id', 'License.license_id', 'License.name', 'License.name_english'), 'conditions' => array('OR' => array('License.name LIKE' => "%{$keyword}%", 'License.name_english LIKE' => "%{$keyword}%", 'License.license_id LIKE' => "%{$keyword}%")), 'limit' => 20));
foreach ($items as $item) {
$this->jsonData[] = array('label' => "[{$item['License']['license_id']}]{$item['License']['name']}({$item['License']['name_english']})", 'value' => $item['Drug']['id'], 'license_id' => $item['Drug']['license_id'], 'name' => $item['License']['name'], 'name_english' => $item['License']['name_english']);
}
}
}
public function auto()
{
$this->jsonData = array();
if (!empty($_GET['term'])) {
$keyword = trim(Sanitize::clean($_GET['term']));
$items = $this->Point->find('all', array('fields' => array('id', 'nhi_id', 'name', 'city', 'town', 'address', 'phone'), 'conditions' => array('OR' => array('name LIKE' => "%{$keyword}%", 'nhi_id LIKE' => "%{$keyword}%")), 'limit' => 20));
foreach ($items as $item) {
$this->jsonData[] = array('label' => "[{$item['Point']['nhi_id']}]{$item['Point']['name']} @ {$item['Point']['city']}{$item['Point']['town']}", 'value' => $item['Point']['id'], 'name' => $item['Point']['name'], 'nhi_id' => $item['Point']['nhi_id'], 'city' => $item['Point']['city'], 'town' => $item['Point']['town'], 'address' => $item['Point']['address'], 'phone' => $item['Point']['phone']);
}
}
}
function remove($id)
{
$this->layout = '';
if ($this->Banco->deleteBanco(Sanitize::clean($id))) {
$this->Session->setFlash('Banco excluído com sucesso!', 'flash_confirm');
$this->redirect(array('action' => 'index'));
} else {
$this->Session->setFlash('Erro ao excluir Banco!', 'flash_error');
$this->redirect(array('action' => 'index'));
}
}
public function auto()
{
$this->jsonData = array();
if (!empty($_GET['term'])) {
$keyword = trim(Sanitize::clean($_GET['term']));
$items = $this->Vendor->find('all', array('fields' => array('id', 'name'), 'conditions' => array('name LIKE' => "%{$keyword}%"), 'limit' => 20));
foreach ($items as $item) {
$this->jsonData[] = array('label' => "{$item['Vendor']['name']}", 'value' => $item['Vendor']['id']);
}
}
}
/**
* Returns a list of episodes for the show and season numbers
*
* @param show_id the id of the show
* @param season the season to return, 0 for all seasons
*/
function get_episodes($show_id, $season)
{
// Sanitize the arguments
$show_id = Sanitize::clean($show_id);
$season = Sanitize::clean($season);
// Retrieve the raw data
$episodes = $this->get_raw_episodes($show_id, $season);
// Filter air dates
$episodes = $this->filter_episodes($episodes);
return $episodes;
}
