public function gridRead($params, $columns, array $filterParams = array(), array $persistentConditions = array())
{
$params || ($params = array());
$start = isset($params['start']) ? (int) $params['start'] : 0;
$limit = isset($params['limit']) ? (int) $params['limit'] : 15;
$sort = $params['sort'];
$dir = in_array($params['dir'], array(iaDb::ORDER_ASC, iaDb::ORDER_DESC)) ? $params['dir'] : iaDb::ORDER_ASC;
$order = $sort && $dir ? " ORDER BY `{$sort}` {$dir}" : '';
$where = $values = array();
foreach ($filterParams as $name => $type) {
if (isset($params[$name]) && $params[$name]) {
$value = iaSanitize::sql($params[$name]);
switch ($type) {
case 'equal':
$where[] = sprintf('`%s` = :%s', $name, $name);
$values[$name] = $value;
break;
case 'like':
$where[] = sprintf('`%s` LIKE :%s', $name, $name);
$values[$name] = '%' . $value . '%';
}
}
}
$where = array_merge($where, $persistentConditions);
$where || ($where[] = iaDb::EMPTY_CONDITION);
$where = implode(' AND ', $where);
$this->_iaDb->bind($where, $values);
if (is_array($columns)) {
$columns = array_merge(array('id', 'update' => 1, 'delete' => 1), $columns);
}
return array('data' => $this->_iaDb->all($columns, $where . $order, $start, $limit), 'total' => (int) $this->_iaDb->one(iaDb::STMT_COUNT_ROWS, $where));
}
protected function _modifyGridParams(&$conditions, &$values)
{
if (!empty($_GET['text'])) {
$conditions[] = '(`title` LIKE :text OR `body` LIKE :text)';
$values['text'] = '%' . iaSanitize::sql($_GET['text']) . '%';
}
}
protected function _preSaveEntry(array &$entry, array $data, $action)
{
$iaAcl = $this->_iaCore->factory('acl');
iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii');
$entry['id'] = $iaAcl->obtainFreeId();
$entry['assignable'] = $data['visible'];
$entry['visible'] = $data['visible'];
if (iaCore::ACTION_ADD == $action) {
if (empty($data['name'])) {
$this->addMessage('error_usergroup_incorrect');
} else {
$entry['name'] = strtolower(iaSanitize::paranoid($data['name']));
if (!iaValidate::isAlphaNumericValid($entry['name'])) {
$this->addMessage('error_usergroup_incorrect');
} elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) {
$this->addMessage('error_usergroup_exists');
}
}
}
foreach ($this->_iaCore->languages as $iso => $title) {
if (empty($data['title'][$iso])) {
$this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $this->_iaCore->languages[$iso])), false);
} elseif (!utf8_is_valid($data['title'][$iso])) {
$data['title'][$iso] = utf8_bad_replace($data['title'][$iso]);
}
}
if (!$this->getMessages()) {
foreach ($this->_iaCore->languages as $iso => $title) {
iaLanguage::addPhrase('usergroup_' . $entry['name'], $data['title'][$iso], $iso);
}
}
return !$this->getMessages();
}
protected function _modifyGridParams(&$conditions, &$values)
{
if (isset($_GET['item']) && $_GET['item']) {
$value = 'core' == strtolower($_GET['item']) ? '' : iaSanitize::sql($_GET['item']);
$conditions[] = '`extras` = :extras';
$values['extras'] = $value;
}
}
protected function _gridRead($params)
{
$action = 1 == count($this->_iaCore->requestPath) ? $this->_iaCore->requestPath[0] : null;
switch ($action) {
case 'items':
$output = array('data' => null);
if ($items = $this->_iaCore->factory('item')->getItems(true)) {
foreach ($items as $key => $item) {
$output['data'][] = array('title' => iaLanguage::get($item), 'value' => $item);
}
}
break;
case 'plans':
$output = array('data' => null);
$stmt = '';
if (!isset($params['itemname']) || isset($params['itemname']) && iaUsers::getItemName() == $params['itemname']) {
$stmt = iaDb::convertIds(iaUsers::getItemName(), 'item');
$output['data'][] = array('title' => iaLanguage::get('funds'), 'value' => 0);
} elseif (!empty($params['itemname'])) {
$stmt = iaDb::convertIds($params['itemname'], 'item');
}
$this->_iaCore->factory('plan');
if ($planIds = $this->_iaDb->onefield(iaDb::ID_COLUMN_SELECTION, $stmt, null, null, iaPlan::getTable())) {
foreach ($planIds as $planId) {
$output['data'][] = array('title' => iaLanguage::get('plan_title_' . $planId), 'value' => $planId);
}
}
break;
case 'gateways':
$output = array('data' => null);
if ($items = $this->getHelper()->getPaymentGateways()) {
foreach ($items as $name => $title) {
$output['data'][] = array('value' => $name, 'title' => $title);
}
}
break;
case 'members':
$output = array('data' => null);
if (!empty($params['query'])) {
$where[] = 'CONCAT(`username`, `fullname`) LIKE :username';
$values['username'] = '******' . iaSanitize::sql($params['query']) . '%';
}
$where || ($where[] = iaDb::EMPTY_CONDITION);
$where = implode(' AND ', $where);
$this->_iaDb->bind($where, $values);
if ($members = $this->_iaDb->all(array('id', 'username', 'fullname'), $where, null, null, iaUsers::getTable())) {
foreach ($members as $member) {
$output['data'][] = array('title' => $member['username'], 'value' => $member['id']);
}
}
break;
default:
$output = parent::_gridRead($params);
}
return $output;
}
private function _deleteFile($params)
{
$result = array('error' => true, 'message' => iaLanguage::get('invalid_parameters'));
$item = isset($params['item']) ? iaSanitize::sql($params['item']) : null;
$field = isset($params['field']) ? iaSanitize::sql($params['field']) : null;
$path = isset($params['path']) ? iaSanitize::sql($params['path']) : null;
$itemId = isset($params['itemid']) ? (int) $params['itemid'] : null;
if ($itemId && $item && $field && $path) {
$tableName = $this->_iaCore->factory('item')->getItemTable($item);
$itemValue = $this->_iaDb->one($field, iaDb::convertIds($itemId), $tableName);
$iaAcl = $this->_iaCore->factory('acl');
if ($iaAcl->isAdmin() && $itemValue) {
$pictures = $itemValue[1] == ':' ? unserialize($itemValue) : $itemValue;
$key = null;
if (is_array($pictures)) {
if ($primitive = !is_array($pictures[key($pictures)])) {
$pictures = array($pictures);
}
foreach ($pictures as $k => $v) {
if ($path == $v['path']) {
$key = $k;
break;
}
}
if (!is_null($key)) {
unset($pictures[$key]);
}
$newItemValue = $primitive ? '' : serialize($pictures);
} else {
// single image
$newItemValue = '';
if ($pictures == $path) {
$key = true;
}
}
if (!is_null($key)) {
if ($this->_iaCore->factory('picture')->delete($path)) {
if ($this->_iaDb->update(array($field => $newItemValue), iaDb::convertIds($itemId), null, $tableName)) {
if (iaUsers::getItemName() == $item) {
// update current profile data
if ($itemId == iaUsers::getIdentity()->id) {
iaUsers::reloadIdentity();
}
}
}
$result['error'] = false;
$result['message'] = iaLanguage::get('deleted');
} else {
$result['message'] = iaLanguage::get('error');
}
}
}
}
return $result;
}
public function titleAlias($title)
{
$result = iaSanitize::tags($title);
$this->iaCore->factory('util');
iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii');
utf8_is_ascii($result) || ($result = utf8_to_ascii($result));
$result = preg_replace('#' . self::ALIAS_SUFFIX . '$#i', '', $result);
$result = iaSanitize::alias($result);
$result = substr($result, 0, 150);
// the DB scheme applies this limitation
$result .= self::ALIAS_SUFFIX;
return $result;
}
function smarty_function_ia_hooker($params, &$smarty)
{
if (!isset($params['name'])) {
return;
}
$name = $params['name'];
iaDebug::debug('smarty', $name, 'hooks');
iaSystem::renderTime('smarty', $name);
$iaCore = iaCore::instance();
$hooks = $iaCore->getHooks();
if (!array_key_exists($name, $hooks) || empty($hooks[$name])) {
return;
}
foreach ($hooks[$name] as $hook) {
$hook['type'] = in_array($hook['type'], array('php', 'html', 'plain', 'smarty')) ? $hook['type'] : 'php';
if (empty($hook['pages']) || in_array($iaCore->iaView->name(), $hook['pages'])) {
if ($hook['filename']) {
switch ($hook['type']) {
case 'php':
if (file_exists(IA_HOME . $hook['filename'])) {
include IA_HOME . $hook['filename'];
}
break;
case 'smarty':
echo $smarty->fetch(IA_HOME . $hook['filename']);
}
} else {
switch ($hook['type']) {
case 'php':
eval($hook['code']);
break;
case 'smarty':
echo $smarty->fetch('eval:' . $hook['code']);
break;
case 'html':
echo $hook['code'];
break;
case 'plain':
echo iaSanitize::html($hook['code']);
}
}
}
}
}
function lyrics_search($aQuery, $aFields, $aStart, $aLimit, &$aNumAll, $aWhere = '', $cond = 'AND')
{
$iaCore =& iaCore::instance();
$iaLyric = $iaCore->factoryPackage('lyric', 'lyrics');
$ret = array();
$match = array();
// additional fields
if ($aFields && is_array($aFields)) {
foreach ($aFields as $fname => $data) {
if ('LIKE' == $data['cond']) {
$data['val'] = "%{$data['val']}%";
}
// for multiple values, like combo or checkboxes
if (is_array($data['val'])) {
if ('!=' == $data['cond']) {
$data['cond'] = count($data['val']) > 1 ? 'NOT IN' : '!=';
} else {
$data['cond'] = count($data['val']) > 1 ? 'IN' : '=';
}
$data['val'] = count($data['val']) > 1 ? '(' . implode(',', $data['val']) . ')' : array_shift($data['val']);
} else {
if (preg_match('/^(\\d+)\\s*-\\s*(\\d+)$/', $data['val'], $range)) {
// search in range
$data['cond'] = sprintf('BETWEEN %d AND %d', $range[1], $range[2]);
$data['val'] = '';
} else {
$data['val'] = "'" . iaSanitize::sql($data['val']) . "'";
}
}
$match[] = "t1.`{$fname}` {$data['cond']} {$data['val']} ";
}
}
$lyrics = array();
$lyrics = $match ? $iaLyric->getSearchLyrics($aStart, $aLimit, ' AND (' . implode(' ' . $cond . ' ', $match) . ')') : array();
$aNumAll += $iaCore->iaDb->foundRows();
foreach ($lyrics as $lyric) {
$iaCore->iaSmarty->assign('lyric', $lyric);
$lyricinfo = $iaLyric->goToItem(array('item' => $lyric));
//$ret[] = $iaCore->iaSmarty->fetch(IA_PACKAGES . 'lyrics/templates/common/brief_article.tpl');
$ret[] = sprintf('<p><a href="%s">%s</a></p>', $lyricinfo[0], $lyric['title']);
}
return $ret;
}
protected function _postSaveEntry(array &$entry, array $data, $action)
{
iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii');
foreach ($this->_iaCore->languages as $code => $language) {
$title = iaSanitize::tags($data['title'][$code]);
utf8_is_valid($title) || ($title = utf8_bad_replace($title));
iaLanguage::addPhrase('usergroup_' . $entry['name'], $title, $code);
}
// copy privileges
if ($data['copy_from']) {
$this->_iaDb->setTable('acl_privileges');
$where = '`type_id` = :id AND `type` = :type';
$this->_iaDb->bind($where, array('id' => (int) $data['copy_from'], 'type' => 'group'));
$rows = $this->_iaDb->all(iaDb::ALL_COLUMNS_SELECTION, $where);
foreach ($rows as $key => &$row) {
$row['type_id'] = $this->getEntryId();
unset($rows[$key]['id']);
}
$this->_iaDb->insert($rows);
$this->_iaDb->resetTable();
}
}
protected function _preSaveEntry(array &$entry, array $data, $action)
{
$entry['assignable'] = (int) $data['visible'];
$entry['visible'] = (int) $data['visible'];
if (iaCore::ACTION_ADD == $action) {
if (empty($data['name'])) {
$this->addMessage('error_usergroup_incorrect');
} else {
$entry['name'] = strtolower(iaSanitize::paranoid($data['name']));
if (!iaValidate::isAlphaNumericValid($entry['name'])) {
$this->addMessage('error_usergroup_incorrect');
} elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) {
$this->addMessage('error_usergroup_exists');
}
}
}
foreach ($this->_iaCore->languages as $code => $language) {
if (empty($data['title'][$code])) {
$this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $language['title'])), false);
}
}
return !$this->getMessages();
}
private static function _deepSanitizeHtml($value)
{
if (is_array($value)) {
foreach ($value as $k => $v) {
$value[$k] = call_user_func(array(__CLASS__, __METHOD__), $v);
}
return $value;
} else {
return iaSanitize::html($value);
}
}
private function _queryPage(&$iaView)
{
if (isset($_SESSION['queries'])) {
$iaView->assign('history', $_SESSION['queries']);
}
if (isset($_POST['exec_query'])) {
iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii');
$sql = $_POST['query'];
$outerData = '';
utf8_is_valid($sql) || ($sql = utf8_bad_replace($sql));
$queries = false === strpos($sql, ';' . PHP_EOL) ? array($sql) : explode(";\r\n", $sql);
foreach ($queries as $key => $sqlQuery) {
$sql = trim(str_replace('{prefix}', $this->_iaDb->prefix, $sqlQuery));
$this->_iaCore->startHook('phpAdminBeforeRunSqlQuery', array('query' => $sql));
$result = $this->_iaDb->query($sql);
$this->_iaCore->startHook('phpAdminAfterRunSqlQuery');
$numrows = 0;
if ($result) {
isset($_SESSION['queries']) || ($_SESSION['queries'] = array());
if (!in_array($sqlQuery, $_SESSION['queries'])) {
if (count($_SESSION['queries']) >= 5) {
array_shift($_SESSION['queries']);
}
$_SESSION['queries'][] = $sqlQuery;
}
$numrows = $rows = $this->_iaDb->getNumRows($result);
if ($rows) {
$rows .= $rows > 1 ? ' rows' : ' row';
$this->addMessage("<b>Query OK:</b> {$rows} selected.", false);
} else {
$this->addMessage('<b>Query OK:</b> ' . $this->_iaDb->getAffected() . ' rows affected.', false);
}
} else {
$this->_error = true;
$this->addMessage('<b>Query Failed:</b><br />' . $this->_iaDb->getError());
}
if ($numrows) {
// get field names
$fieldNames = $this->_iaDb->getFieldNames($result);
$outerData .= '<table class="table table-hover table-condensed"><thead><tr>';
$i = 0;
foreach ($fieldNames as $field) {
$outerData .= '<th ' . (!$i ? 'class="first"' : '') . '>' . $field->name . '</th>';
$i++;
}
$outerData .= '</tr></thead><tbody>';
$numFields = $this->_iaDb->getNumFields($result);
while ($row = $this->_iaDb->fetchRow($result)) {
$outerData .= '<tr>';
for ($i = 0; $i < $numFields; $i++) {
$outerData .= '<td' . (!$i ? ' class="first"' : '') . '>' . iaSanitize::html($row[$i]) . '</td>';
}
$outerData .= '</tr>';
}
$outerData .= '</tbody></table>';
}
}
$iaView->assign('sql', $sql);
$iaView->assign('queryOut', $outerData);
}
$iaView->assign('tables', $this->getHelper()->getTables());
}
protected function _modifyGridResult(array &$entries)
{
foreach ($entries as $key => &$entry) {
$entry['title'] = iaLanguage::get(self::PATTERN_TITLE . $entry['id']);
$entry['description'] = iaSanitize::tags(iaLanguage::get(self::PATTERN_DESCRIPTION . $entry['id']));
$entry['item'] = iaLanguage::get($entry['item']);
$entry['duration'] .= ' ' . iaLanguage::get($entry['unit'] . ($entry['duration'] > 1 ? 's' : ''));
if ($entry['recurring'] && $entry['cycles'] != -1) {
$entry['duration'] .= ' (' . $entry['cycles'] . ' ' . iaLanguage::get('cycles') . ')';
}
$entry['duration'] = strtolower($entry['duration']);
unset($entries[$key]['unit'], $entries[$key]['cycles']);
}
}
public function output()
{
$outputValues = $this->getValues();
switch ($this->getRequestType()) {
case self::REQUEST_JSON:
header('Content-Type: application/json');
$iaUtil = $this->iaCore->factory('util');
if (isset($outputValues[self::JSON_MAGIC_KEY]) && 1 == count($outputValues)) {
$outputValues = array_values($outputValues[self::JSON_MAGIC_KEY]);
}
echo $iaUtil->jsonEncode($outputValues);
break;
case self::REQUEST_HTML:
header('Content-Type: text/html');
$iaSmarty =& $this->iaSmarty;
foreach ($outputValues as $key => $value) {
$iaSmarty->assign($key, $value);
}
// set page notifications
$messages = $this->getMessages();
$notifications = array();
foreach (array(self::ERROR, self::SUCCESS, self::ALERT, self::SYSTEM) as $type) {
empty($messages[$type]) || ($notifications[$type] = is_array($messages[$type]) ? $messages[$type] : array($messages[$type]));
}
$pageName = $this->name();
if (iaCore::ACCESS_ADMIN == $this->iaCore->getAccessType()) {
$adminActions = self::PAGE_ERROR == $pageName ? array() : $this->_getAdminToolbarActions();
$this->set('toolbarActions', $adminActions);
}
$iaSmarty->assign('member', iaUsers::hasIdentity() ? iaUsers::getIdentity(true) : array());
// define smarty super global $core
$core = array('actions' => $this->_setActions(), 'config' => $this->iaCore->getConfig(), 'customConfig' => $this->iaCore->getCustomConfig(), 'language' => $this->iaCore->languages[$this->language], 'languages' => $this->iaCore->languages, 'notifications' => $notifications, 'packages' => $this->iaCore->packagesData, 'page' => array('breadcrumb' => iaBreadcrumb::render(), 'info' => $this->getParams(), 'nonProtocolUrl' => $this->assetsUrl, 'name' => $pageName, 'title' => $this->get('caption', $this->get('title', 'Subrion CMS'))), 'providers' => iaUsers::getAuthProviders());
if (iaCore::ACCESS_FRONT == $this->iaCore->getAccessType()) {
// get meta-description
$value = $this->get('description');
$metaDescription = empty($value) && iaLanguage::exists('page_metadescr_' . $pageName) ? iaLanguage::get('page_metadescr_' . $pageName) : $value;
$core['page']['meta-description'] = iaSanitize::html($metaDescription);
// get meta-keywords
$value = $this->get('keywords');
$metaKeywords = empty($value) && iaLanguage::exists('page_metakeyword_' . $pageName) ? iaLanguage::get('page_metakeyword_' . $pageName) : $value;
$core['page']['meta-keywords'] = iaSanitize::html($metaKeywords);
$this->_logStatistics();
header('X-Powered-CMS: Subrion CMS');
}
$iaSmarty->assignByRef('core', $core);
$this->iaCore->startHook('phpCoreDisplayBeforeShowBody');
$content = '';
if ($this->get('body', self::NONE) != self::NONE) {
$content = $iaSmarty->fetch($this->_retrieveTemplatePath($this->get('body')));
}
if ($this->_layoutEnabled) {
$iaSmarty->assign('_content_', $content);
$content = $iaSmarty->fetch('layout' . self::TEMPLATE_FILENAME_EXT);
}
echo $content;
break;
case self::REQUEST_XML:
header('Content-Type: text/xml');
function htmldecode($text)
{
$text = html_entity_decode($text);
$text = htmlspecialchars($text);
return $text;
}
function xmlEncode(array $array, &$parentObject)
{
static $section;
foreach ($array as $key => $value) {
switch (true) {
case is_array($array[key($array)]):
if (!is_numeric($key)) {
$node = $parentObject->addChild($key);
xmlEncode($value, $node);
} else {
$node = $parentObject->addChild($section);
foreach ($value as $k => $v) {
$node->addChild($k, htmldecode($v));
}
}
break;
case is_array($value):
$section = $key;
xmlEncode($value, $parentObject);
break;
default:
$parentObject->addChild($key, htmldecode($value));
}
}
}
$xmlObject = new SimpleXMLElement('<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"></rss>');
xmlEncode($outputValues, $xmlObject);
echo $xmlObject->asXML();
break;
default:
header('HTTP/1.1 501');
exit;
}
}
} else {
$data['member_id'] = $member_id;
}
} else {
$data['member_id'] = iaUsers::getIdentity()->id;
}
if (!defined('IA_NOUTF')) {
iaUtf8::loadUTF8Core();
iaUtf8::loadUTF8Util('ascii', 'validation', 'bad', 'utf8_to_ascii');
}
// validate title_alias
$data['title_alias'] = !empty($_POST['title_alias']) ? $_POST['title_alias'] : $_POST['title'];
if (!utf8_is_ascii($data['title_alias'])) {
$data['title_alias'] = utf8_to_ascii($data['title_alias']);
}
$data['title_alias'] = iaSanitize::convertStr($data['title_alias']);
// check for duplicate title_alias in case a new album is added or title_alias has been updated
if (!isset($item['title_alias']) || isset($item['title_alias']) && $data['title_alias'] != $item['title_alias']) {
if ($iaAlbum->existsAlias($data['title_alias'])) {
$error = true;
$messages[] = iaLanguage::get('album_already_exists');
}
}
if (!$error) {
$iaCore->startHook("phpAdminBeforeAlbumSubmit");
if (!empty($_POST['artist'])) {
$artist_info = $iaArtist->getArtistByTitle($_POST['artist']);
$data['id_artist'] = $artist_info['id'];
$data['artist_alias'] = $artist_info['title_alias'];
}
$data['status'] = check_post('status');
protected function _parseUrl()
{
$iaView =& $this->iaView;
$domain = $_SERVER['HTTP_HOST'];
$requestPath = preg_replace('#^\\/#', '', $_SERVER['REQUEST_URI']);
if (!preg_match('#^www\\.#', $domain) && preg_match('#:\\/\\/www\\.#', $this->get('baseurl'))) {
$domain = preg_replace('#^#', 'www.', $domain);
$this->factory('util')->go_to('http://' . $domain . IA_URL_DELIMITER . $requestPath);
} elseif (preg_match('#^www\\.#', $domain) && !preg_match('#:\\/\\/www\\.#', $this->get('baseurl'))) {
$domain = preg_replace('#^www\\.#', '', $domain);
$this->factory('util')->go_to('http://' . $domain . IA_URL_DELIMITER . $requestPath);
}
$iaView->assetsUrl = '//' . $domain . IA_URL_DELIMITER . FOLDER_URL;
$iaView->domain = $domain;
$iaView->domainUrl = 'http' . (isset($_SERVER['HTTPS']) && 'on' == $_SERVER['HTTPS'] ? 's' : '') . ':' . $iaView->assetsUrl;
$iaView->language = $this->get('lang');
$doExit = false;
$changeLang = false;
if (isset($_GET['_p'])) {
$url = $_GET['_p'];
unset($_GET['_p']);
} else {
$url = !isset($_SERVER['REDIRECT_URL']) || $_SERVER['REQUEST_URI'] != $_SERVER['REDIRECT_URL'] ? $_SERVER['REQUEST_URI'] : $_SERVER['REDIRECT_URL'];
$url = substr($url, strlen(FOLDER) + 1);
}
$extension = IA_URL_DELIMITER;
$url = explode('?', $url);
$url = array_shift($url);
$url = explode(IA_URL_DELIMITER, iaSanitize::urlInjectionFilter(trim($url, IA_URL_DELIMITER)));
$lastChunk = end($url);
if ($pos = strrpos($lastChunk, '.')) {
$extension = substr($lastChunk, $pos + 1);
switch ($extension) {
case self::EXTENSION_JSON:
$iaView->setRequestType(iaView::REQUEST_JSON);
break;
case self::EXTENSION_XML:
$iaView->setRequestType(iaView::REQUEST_XML);
}
$extension = '.' . $extension;
$url = str_replace($extension, '', $url);
}
$iaView->set('extension', $extension);
if (isset($_POST['_lang']) && isset($this->languages[$_POST['_lang']])) {
$iaView->language = $_POST['_lang'];
$changeLang = true;
}
$isSystemChunk = true;
$array = array();
foreach ($url as $value) {
if (!$isSystemChunk) {
$array[] = $value;
continue;
}
switch (true) {
case $this->get('admin_page') == $value:
// admin panel
$this->_accessType = self::ACCESS_ADMIN;
continue 2;
case 'logout' == $value:
// logging out
$doExit = true;
continue 2;
case 2 == strlen($value):
// current language
if (isset($this->languages[$value])) {
$changeLang || ($iaView->language = $value);
array_shift($url);
// #1715
continue 2;
}
default:
$iaView->name(empty($value) && 1 == count($url) ? $this->get('home_page') : $value);
$isSystemChunk = false;
}
}
if (self::ACCESS_ADMIN == $this->getAccessType()) {
if ($isSystemChunk && $this->get('home_page') == $iaView->name()) {
$iaView->name(iaView::DEFAULT_HOMEPAGE);
}
}
$iaView->url = empty($url[0]) ? array() : $url;
$this->requestPath = $array;
// set system language
$this->language = $this->languages[$iaView->language];
// set dynamic config
$this->set('date_format', $this->language['date_format']);
$this->set('locale', $this->language['locale']);
define('IA_EXIT', $doExit);
}
$page = $page < 1 ? 1 : $page;
$pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('blog');
$pagination = array('start' => ($page - 1) * $iaCore->get('blog_number'), 'limit' => (int) $iaCore->get('blog_number'), 'template' => $pageUrl . '?page={page}');
$order = 'date' == $iaCore->get('blog_order') ? 'ORDER BY `date_added` DESC' : 'ORDER BY `title` ASC';
$stmt = '`status` = :status AND `lang` = :language';
$iaDb->bind($stmt, array('status' => iaCore::STATUS_ACTIVE, 'language' => $iaView->language));
$sql = 'SELECT SQL_CALC_FOUND_ROWS ' . 'b.`id`, b.`title`, b.`date_added`, b.`body`, b.`alias`, b.`image`, m.`fullname` ' . 'FROM `:prefix:table_blog_entries` b ' . 'LEFT JOIN `:prefix:table_members` m ON (b.`member_id` = m.`id`) ' . 'WHERE b.' . $stmt . $order . ' LIMIT :start, :limit';
$sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries' => 'blog_entries', 'table_members' => 'members', 'start' => $pagination['start'], 'limit' => $pagination['limit']));
$rows = $iaDb->getAll($sql);
$pagination['total'] = $iaDb->foundRows();
$sql = 'SELECT bt.`title`, bt.`alias`, bet.`blog_id` ' . 'FROM `:prefix:table_blog_tags` bt ' . 'LEFT JOIN `:prefix:table_blog_entries_tags` bet ON (bt.`id` = bet.`tag_id`) ' . 'ORDER BY bt.`title`';
$sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries_tags' => 'blog_entries_tags', 'table_blog_tags' => 'blog_tags'));
$blogTags = $iaDb->getAll($sql);
$iaView->assign('tags', $blogTags);
$iaView->assign('blog_entries', $rows);
$iaView->assign('pagination', $pagination);
}
$pageActions[] = array('icon' => 'rss', 'title' => '', 'url' => IA_URL . 'blog.xml', 'classes' => 'btn-warning');
$iaView->set('actions', $pageActions);
$iaView->display('index');
}
if (iaView::REQUEST_XML == $iaView->getRequestType()) {
$output = array('title' => $iaCore->get('site') . ' :: ' . $iaView->title(), 'description' => '', 'url' => IA_URL . 'blog', 'item' => array());
$listings = $iaDb->all(iaDb::ALL_COLUMNS_SELECTION, "`lang`= '" . $iaView->language . "'", 0, 20);
$pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('blog');
foreach ($listings as $entry) {
$output['item'][] = array('title' => $entry['title'], 'link' => $pageUrl . $entry['id'] . '-' . $entry['alias'], 'pubDate' => date('D, d M Y H:i:s T', strtotime($entry['date_modified'])), 'description' => iaSanitize::tags($entry['body']));
}
$iaView->assign('channel', $output);
}
$iaDb->resetTable();
protected function _assignValues(&$iaView, array &$entryData)
{
$iaUsers = $this->_iaCore->factory('users');
$owner = empty($entryData['member_id']) ? iaUsers::getIdentity(true) : $iaUsers->getInfo($entryData['member_id']);
$entryData['owner'] = $owner['fullname'] . " ({$owner['email']})";
/*
commented for cases when SET SESSION group_concat_max_len doesn't work
$tagIds = $this->_iaDb->all('tag_id', "`blog_id` = {$this->getEntryId()}",0, null, $this->_tableBlogEntriesTags);
$entryData['tags'] = '';
foreach ($tagIds as $tagId)
{
$tags = $this->_iaDb->all('title', "`id` = {$tagId['tag_id']}",0, null, $this->_tableBlogTags);
$entryData['tags'] .= $tags[0]['title'] . ',';
}
$entryData['tags'] = rtrim($entryData['tags'], ',');
*/
$this->_iaDb->query("SET SESSION group_concat_max_len = 2000");
if ($this->getEntryId()) {
$entryData['tags'] = $this->getHelper()->getTags($this->getEntryId());
} else {
if (isset($_POST['tags'])) {
$entryData['tags'] = iaSanitize::sql($_POST['tags']);
}
}
}
private function _downloadLanguage(&$iaView)
{
$language = isset($_POST['lang']) ? iaSanitize::paranoid($_POST['lang']) : $this->_iaCore->requestPath[1];
$format = isset($_POST['file_format']) && in_array($_POST['file_format'], array('csv', 'sql')) ? $_POST['file_format'] : 'sql';
$phrases = $this->_iaDb->all(iaDb::ALL_COLUMNS_SELECTION, "`code` = '" . $language . "'");
$fileName = urlencode(isset($_POST['filename']) ? $_POST['filename'] . '.' . $format : 'subrion_' . IA_VERSION . '_' . $this->_iaCore->requestPath[1] . '.' . $format);
header('Content-Type: text/plain; charset=utf-8');
header('Content-Disposition: attachment; filename="' . $fileName . '"');
$stream = fopen('php://output', 'w');
if ('sql' == $format) {
fwrite($stream, 'INSERT INTO `{prefix}language` (`id`, `key`, `original`, `value`, `category`, `code`, `extras`) VALUES' . PHP_EOL);
}
foreach ($phrases as $i => $entry) {
switch ($format) {
case 'sql':
$data = '(';
foreach ($entry as $key => $value) {
$data .= $value ? 'id' == $key ? 'NULL' : "'" . iaSanitize::sql($value) . "'" : "''";
$data .= ', ';
}
$data = substr($data, 0, -2);
$data .= isset($phrases[$i + 1]) ? '),' . PHP_EOL : ');';
fwrite($stream, $data);
break;
default:
unset($entry['id']);
$entry['value'] = str_replace(array("\r\n", "\r", "\n"), '\\n', $entry['value']);
$entry['original'] = str_replace(array("\r\n", "\r", "\n"), '\\n', $entry['original']);
fputcsv($stream, $entry, '|', '"');
}
}
fclose($stream);
$iaView->set('nodebug', true);
exit;
}
public function uninstall($extraName)
{
if (empty($extraName)) {
$this->error = true;
$this->setMessage('Extra name is empty.');
return false;
}
$this->iaCore->startHook('phpExtrasUninstallBefore', array('extra' => $extraName));
if ($this->iaCore->get('default_package', false) == $extraName) {
$this->iaCore->set('default_package', '', true);
}
$this->checkValidity();
$extraName = iaSanitize::sql($extraName);
$iaDb =& $this->iaDb;
$code = $iaDb->row_bind(array('uninstall_code', 'uninstall_sql', 'rollback_data'), '`name` = :name', array('name' => $extraName), self::getTable());
$pagesList = $iaDb->onefield('`name`', "`extras` = '{$extraName}'", null, null, 'pages');
$iaDb->delete("`page_name` IN ('" . implode("','", $pagesList) . "')", 'menus');
if (in_array($this->iaCore->get('home_page'), $pagesList)) {
$this->iaCore->set('home_page', 'index', true);
}
if ($itemsList = $iaDb->onefield('item', "`package` = '{$extraName}'", null, null, 'items')) {
$stmt = "`item` IN ('" . implode("','", $itemsList) . "')";
$iaDb->cascadeDelete(array('items_pages', 'favorites', 'views_log'), $stmt);
}
if ($pagesList) {
$iaDb->cascadeDelete(array('objects_pages'), "`page_name` IN ('" . implode("','", $pagesList) . "')");
$iaDb->setTable(iaLanguage::getTable());
$iaDb->delete("`key` IN ('page_title_" . implode("','page_title_", $pagesList) . "')");
$iaDb->delete("`key` IN ('page_content_" . implode("','page_content_", $pagesList) . "')");
$iaDb->delete("`key` IN ('page_metakeyword_" . implode("','page_metakeyword_", $pagesList) . "')");
$iaDb->delete("`key` IN ('page_metadescr_" . implode("','page_metadescr_", $pagesList) . "')");
$iaDb->resetTable();
}
$tableList = array('admin_actions', 'admin_pages_groups', 'admin_pages', 'acl_privileges', iaLanguage::getTable(), iaCore::getConfigGroupsTable(), iaCore::getConfigTable(), iaCore::getCustomConfigTable(), 'pages', 'hooks', 'acl_objects', 'fields_groups', 'fields_pages', 'fields_relations', 'fields_tree_nodes', 'cron');
$iaDb->cascadeDelete($tableList, "`extras` = '{$extraName}'");
$this->iaCore->factory('field');
$iaDb->setTable(iaField::getTable());
$stmt = '`extras` LIKE :extras';
$this->iaDb->bind($stmt, array('extras' => '%' . $extraName . '%'));
if ($itemsList) {
$stmt .= " OR `item` IN ('" . implode("','", $itemsList) . "')";
}
if ($fields = $iaDb->all(array('id', 'extras'), $stmt)) {
foreach ($fields as $field) {
$pluginsList = explode(',', $field['extras']);
if (count($pluginsList) > 1) {
unset($pluginsList[array_search($extraName, $pluginsList)]);
$iaDb->update(array('extras' => implode(',', $pluginsList), 'id' => $field['id']));
} else {
$iaDb->delete(iaDb::convertIds($field['id']));
}
}
}
$iaDb->resetTable();
$iaBlock = $this->iaCore->factory('block', iaCore::ADMIN);
if ($blockIds = $iaDb->onefield(iaDb::ID_COLUMN_SELECTION, "`extras` = '{$extraName}'", null, null, iaBlock::getTable())) {
foreach ($blockIds as $blockId) {
$iaBlock->delete($blockId, false);
}
}
if ($code['uninstall_sql']) {
$code['uninstall_sql'] = unserialize($code['uninstall_sql']);
if ($code['uninstall_sql'] && is_array($code['uninstall_sql'])) {
foreach ($code['uninstall_sql'] as $sql) {
$iaDb->query(str_replace('{prefix}', $iaDb->prefix, $sql['query']));
}
}
}
$entry = $iaDb->row_bind(iaDb::ALL_COLUMNS_SELECTION, '`name` = :name', array('name' => $extraName), self::getTable());
$iaDb->delete('`name` = :plugin', self::getTable(), array('plugin' => $extraName));
$iaDb->delete('`package` = :plugin', 'items', array('plugin' => $extraName));
empty($entry) || $this->_processCategory($entry, self::ACTION_UNINSTALL);
if ($code['uninstall_code']) {
$this->_runPhpCode($code['uninstall_code']);
}
if ($code['rollback_data']) {
$rollbackData = unserialize($code['rollback_data']);
if (is_array($rollbackData)) {
$existPositions = $this->iaView->positions;
foreach ($rollbackData as $sectionName => $actions) {
foreach ($actions as $name => $itemData) {
if (isset($itemData['position'])) {
if (!in_array($itemData['position'], $existPositions)) {
$itemData['position'] = '';
$itemData['status'] = iaCore::STATUS_INACTIVE;
}
}
$stmt = iaDb::printf("`name` = ':name'", array('name' => $name));
$this->iaDb->update($itemData, $stmt, null, $sectionName);
}
}
}
}
// clear usergroups
if ($usergroups = $iaDb->all(iaDb::ALL_COLUMNS_SELECTION, iaDb::convertIds($extraName, 'extras'), 0, null, iaUsers::getUsergroupsTable())) {
$iaUsers = $this->iaCore->factory('users');
foreach ($usergroups as $usergroup) {
$iaUsers->deleteUsergroup($usergroup['id']);
}
}
$this->iaCore->startHook('phpExtrasUninstallAfter', array('extra' => $extraName));
$this->iaCore->iaCache->clearAll();
return true;
}
/**
* Internal utility function used to generate SET stmt
*
* @param array $values values to be set checking by type
* @param array $rawValues values to be set without processing
*
* @return string
*/
protected function _wrapValues($values, $rawValues)
{
$result = '';
// no need for further processing
if (empty($values) && empty($rawValues)) {
return $result;
}
$array = array();
if (is_array($values)) {
foreach ($values as $columnName => $value) {
$pattern = "`%s` = '%s'";
switch (true) {
case is_bool($value):
$pattern = '`%s` = %s';
$value = $value ? 1 : 0;
break;
case is_null($value):
$pattern = '`%s` = %s';
$value = 'NULL';
break;
case is_scalar($value):
$value = iaSanitize::sql($value);
break;
default:
// arrays, objects & resources are now actually ignored
continue;
}
$array[] = sprintf($pattern, $columnName, $value);
}
}
if (is_array($rawValues) && $rawValues) {
foreach ($rawValues as $field => $value) {
$array[] = "`{$field}` = {$value}";
}
}
$result = implode(', ', $array);
return $result;
}
/**
* makeDataBackup
*
* Return data sql dump
*
* @param string $tableName $tableName table name
* @param bool $aComplete if true use complete inserts
* @param bool $prefix if true use prefix
* @access public
*
* @return string
*/
public function makeDataBackup($tableName, $aComplete = false, $prefix = true)
{
$tableNameReplacement = $prefix ? $tableName : str_replace($this->iaDb->prefix, '{prefix}', $tableName);
$out = '';
$complete = '';
$this->iaDb->setTable($tableName, false);
if ($aComplete) {
$fields = $this->iaDb->describe($tableName, false);
$complete = ' (';
foreach ($fields as $value) {
$complete .= "`" . $value['Field'] . "`, ";
}
$complete = preg_replace('/(,\\n|, )?$/', '', $complete);
$complete .= ')';
}
if ($data = $this->iaDb->all()) {
foreach ($data as $value) {
$out .= 'INSERT INTO `' . $tableNameReplacement . '`' . $complete . " VALUES (";
foreach ($value as $key2 => $value2) {
if (!isset($value[$key2])) {
$out .= "null, ";
} elseif ($value[$key2] != '') {
$out .= "'" . iaSanitize::sql($value[$key2]) . "', ";
} else {
$out .= "'', ";
}
}
$out = rtrim($out, ', ');
$out .= ');' . PHP_EOL;
}
}
$this->iaDb->resetTable();
return $out;
}
private function _reset($domain)
{
$_GET['type'] = isset($_GET['type']) ? $_GET['type'] : 2;
$url = '';
switch ($_GET['type']) {
case 1:
$url = 'http://' . iaSanitize::sql(str_replace('www.', '', $_GET['url'][1])) . '.' . $domain . IA_URL_DELIMITER;
break;
case 2:
$url = $_GET['url'][2];
}
if ($url) {
$url = trim($url, IA_URL_DELIMITER) . IA_URL_DELIMITER;
$this->_changeDefault($url);
$this->addMessage('reset_default_success');
return true;
} else {
return false;
}
}
protected function _modifyGridParams(&$conditions, &$values)
{
if (!empty($_GET['name'])) {
$conditions[] = "CONCAT(`username`, `fullname`, `email`) LIKE '%" . iaSanitize::sql($_GET['name']) . "%'";
}
}
protected function _assignValues(&$iaView, array &$entryData)
{
$pageGroups = array();
$visibleOn = array();
// get groups
$groups = $this->_iaDb->onefield('`group`', '1 GROUP BY `group`', null, null, 'pages');
$rows = $this->_iaDb->all(array('id', 'name', 'title'), null, null, null, 'admin_pages_groups');
foreach ($rows as $row) {
if (in_array($row['id'], $groups)) {
$pageGroups[$row['id']] = $row;
}
}
if (iaCore::ACTION_EDIT == $iaView->get('action')) {
if ($array = $this->_iaDb->onefield('page_name', "`object_type` = 'blocks' && " . iaDb::convertIds($this->getEntryId(), 'object'), null, null, 'objects_pages')) {
$visibleOn = $array;
}
} elseif (!empty($_POST['pages'])) {
$visibleOn = $_POST['pages'];
}
if (!empty($_POST['menus'])) {
$iaView->assign('treeData', iaSanitize::html(iaUtil::jsonEncode($_POST['menus'])));
}
$iaView->assign('visibleOn', $visibleOn);
$iaView->assign('pages', $this->_getPages());
$iaView->assign('pagesGroup', $pageGroups);
$iaView->assign('positions', $this->getHelper()->getPositions());
}
//##copyright##
$iaUsers = $iaCore->factory('users');
$iaDb->setTable(iaUsers::getTable());
if (iaView::REQUEST_JSON == $iaView->getRequestType()) {
if (isset($_GET['email'])) {
$code = isset($_GET['code']) ? trim($_GET['code']) : false;
$email = isset($_POST['email']) ? $_POST['email'] : (isset($_GET['email']) ? $_GET['email'] : '');
$error = false;
$message = array();
if ($email) {
if (!iaValidate::isEmail($email)) {
$error = true;
$message = iaLanguage::get('error_email_incorrect');
}
$email = iaSanitize::sql($email);
$member = $iaDb->row_bind(iaDb::ALL_COLUMNS_SELECTION, '`email` = :email', array('email' => $email));
if (empty($member)) {
$error = true;
$message = iaLanguage::get('error_no_member_email');
}
if (false !== $code && $member['sec_key'] != $code) {
$error = true;
$message = iaLanguage::get('confirmation_code_incorrect');
}
if (!$error && false === $code) {
$mail = array();
$token = $iaCore->factory('util')->generateToken();
$confirmationUrl = IA_URL . "forgot/?email={$email}&code={$token}";
$iaMailer = $iaCore->factory('mailer');
$iaMailer->loadTemplate('password_restoration');
/**
* Prints picture in the box uses for display listing thumbnails, listing full picture, member avatar
*
* @param array $params image params
*
* @return string
*/
public static function printImage($params)
{
$thumbUrl = iaCore::instance()->iaView->assetsUrl;
// temporary solution
// TODO: remove
if ('a:' == substr($params['imgfile'], 0, 2)) {
$array = unserialize($params['imgfile']);
$params['imgfile'] = $array['path'];
$params['title'] = $array['title'];
}
//
if (!empty($params['imgfile'])) {
$thumbUrl .= 'uploads/';
if (isset($params['fullimage']) && $params['fullimage']) {
$imgfile = explode('/', $params['imgfile']);
$imgfile[count($imgfile) - 1] = str_replace('.', '~.', $imgfile[count($imgfile) - 1]);
$thumbUrl .= implode('/', $imgfile);
} else {
$thumbUrl .= $params['imgfile'];
}
} else {
$thumbUrl .= 'templates/' . iaCore::instance()->iaView->theme . '/img/no-preview.png';
}
if (!empty($params['url'])) {
return $thumbUrl;
}
$width = isset($params['width']) ? ' width="' . $params['width'] . '"' : '';
$height = isset($params['height']) ? ' height="' . $params['height'] . '"' : '';
$title = isset($params['title']) ? iaSanitize::html($params['title']) : '';
$class = isset($params['class']) ? ' class="' . $params['class'] . '"' : '';
return sprintf('<img src="%s" alt="%s" title="%s"%s>', $thumbUrl, $title, $title, $width . $height . $class);
}
public function getImageFields($pluginFilter = null)
{
$conditions = array("`type` IN ('image','pictures')");
empty($pluginFilter) || ($conditions[] = "`extras` = '" . iaSanitize::sql($pluginFilter) . "'");
$conditions = implode(' AND ', $conditions);
return $this->iaDb->onefield('name', $conditions, null, null, self::getTable());
}
private function _processSorting(array $sorting)
{
if ($sorting[0]) {
$field = $this->getOption('columnAlias')->{$sorting[0]} ? $this->getOption('columnAlias')->{$sorting[0]} : iaSanitize::sql($sorting[0]);
$order = empty($sorting[1]) || !in_array($sorting[1], array('asc', 'desc')) ? iaDb::ORDER_ASC : strtoupper($sorting[1]);
$this->_sorting = sprintf('`%s` %s', $field, $order);
} else {
$this->_sorting = '';
}
}
