public function gridRead($params, $columns, array $filterParams = array(), array $persistentConditions = array()) { $params || ($params = array()); $start = isset($params['start']) ? (int) $params['start'] : 0; $limit = isset($params['limit']) ? (int) $params['limit'] : 15; $sort = $params['sort']; $dir = in_array($params['dir'], array(iaDb::ORDER_ASC, iaDb::ORDER_DESC)) ? $params['dir'] : iaDb::ORDER_ASC; $order = $sort && $dir ? " ORDER BY `{$sort}` {$dir}" : ''; $where = $values = array(); foreach ($filterParams as $name => $type) { if (isset($params[$name]) && $params[$name]) { $value = iaSanitize::sql($params[$name]); switch ($type) { case 'equal': $where[] = sprintf('`%s` = :%s', $name, $name); $values[$name] = $value; break; case 'like': $where[] = sprintf('`%s` LIKE :%s', $name, $name); $values[$name] = '%' . $value . '%'; } } } $where = array_merge($where, $persistentConditions); $where || ($where[] = iaDb::EMPTY_CONDITION); $where = implode(' AND ', $where); $this->_iaDb->bind($where, $values); if (is_array($columns)) { $columns = array_merge(array('id', 'update' => 1, 'delete' => 1), $columns); } return array('data' => $this->_iaDb->all($columns, $where . $order, $start, $limit), 'total' => (int) $this->_iaDb->one(iaDb::STMT_COUNT_ROWS, $where)); }
protected function _modifyGridParams(&$conditions, &$values) { if (!empty($_GET['text'])) { $conditions[] = '(`title` LIKE :text OR `body` LIKE :text)'; $values['text'] = '%' . iaSanitize::sql($_GET['text']) . '%'; } }
protected function _preSaveEntry(array &$entry, array $data, $action) { $iaAcl = $this->_iaCore->factory('acl'); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); $entry['id'] = $iaAcl->obtainFreeId(); $entry['assignable'] = $data['visible']; $entry['visible'] = $data['visible']; if (iaCore::ACTION_ADD == $action) { if (empty($data['name'])) { $this->addMessage('error_usergroup_incorrect'); } else { $entry['name'] = strtolower(iaSanitize::paranoid($data['name'])); if (!iaValidate::isAlphaNumericValid($entry['name'])) { $this->addMessage('error_usergroup_incorrect'); } elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) { $this->addMessage('error_usergroup_exists'); } } } foreach ($this->_iaCore->languages as $iso => $title) { if (empty($data['title'][$iso])) { $this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $this->_iaCore->languages[$iso])), false); } elseif (!utf8_is_valid($data['title'][$iso])) { $data['title'][$iso] = utf8_bad_replace($data['title'][$iso]); } } if (!$this->getMessages()) { foreach ($this->_iaCore->languages as $iso => $title) { iaLanguage::addPhrase('usergroup_' . $entry['name'], $data['title'][$iso], $iso); } } return !$this->getMessages(); }
protected function _modifyGridParams(&$conditions, &$values) { if (isset($_GET['item']) && $_GET['item']) { $value = 'core' == strtolower($_GET['item']) ? '' : iaSanitize::sql($_GET['item']); $conditions[] = '`extras` = :extras'; $values['extras'] = $value; } }
protected function _gridRead($params) { $action = 1 == count($this->_iaCore->requestPath) ? $this->_iaCore->requestPath[0] : null; switch ($action) { case 'items': $output = array('data' => null); if ($items = $this->_iaCore->factory('item')->getItems(true)) { foreach ($items as $key => $item) { $output['data'][] = array('title' => iaLanguage::get($item), 'value' => $item); } } break; case 'plans': $output = array('data' => null); $stmt = ''; if (!isset($params['itemname']) || isset($params['itemname']) && iaUsers::getItemName() == $params['itemname']) { $stmt = iaDb::convertIds(iaUsers::getItemName(), 'item'); $output['data'][] = array('title' => iaLanguage::get('funds'), 'value' => 0); } elseif (!empty($params['itemname'])) { $stmt = iaDb::convertIds($params['itemname'], 'item'); } $this->_iaCore->factory('plan'); if ($planIds = $this->_iaDb->onefield(iaDb::ID_COLUMN_SELECTION, $stmt, null, null, iaPlan::getTable())) { foreach ($planIds as $planId) { $output['data'][] = array('title' => iaLanguage::get('plan_title_' . $planId), 'value' => $planId); } } break; case 'gateways': $output = array('data' => null); if ($items = $this->getHelper()->getPaymentGateways()) { foreach ($items as $name => $title) { $output['data'][] = array('value' => $name, 'title' => $title); } } break; case 'members': $output = array('data' => null); if (!empty($params['query'])) { $where[] = 'CONCAT(`username`, `fullname`) LIKE :username'; $values['username'] = '******' . iaSanitize::sql($params['query']) . '%'; } $where || ($where[] = iaDb::EMPTY_CONDITION); $where = implode(' AND ', $where); $this->_iaDb->bind($where, $values); if ($members = $this->_iaDb->all(array('id', 'username', 'fullname'), $where, null, null, iaUsers::getTable())) { foreach ($members as $member) { $output['data'][] = array('title' => $member['username'], 'value' => $member['id']); } } break; default: $output = parent::_gridRead($params); } return $output; }
private function _deleteFile($params) { $result = array('error' => true, 'message' => iaLanguage::get('invalid_parameters')); $item = isset($params['item']) ? iaSanitize::sql($params['item']) : null; $field = isset($params['field']) ? iaSanitize::sql($params['field']) : null; $path = isset($params['path']) ? iaSanitize::sql($params['path']) : null; $itemId = isset($params['itemid']) ? (int) $params['itemid'] : null; if ($itemId && $item && $field && $path) { $tableName = $this->_iaCore->factory('item')->getItemTable($item); $itemValue = $this->_iaDb->one($field, iaDb::convertIds($itemId), $tableName); $iaAcl = $this->_iaCore->factory('acl'); if ($iaAcl->isAdmin() && $itemValue) { $pictures = $itemValue[1] == ':' ? unserialize($itemValue) : $itemValue; $key = null; if (is_array($pictures)) { if ($primitive = !is_array($pictures[key($pictures)])) { $pictures = array($pictures); } foreach ($pictures as $k => $v) { if ($path == $v['path']) { $key = $k; break; } } if (!is_null($key)) { unset($pictures[$key]); } $newItemValue = $primitive ? '' : serialize($pictures); } else { // single image $newItemValue = ''; if ($pictures == $path) { $key = true; } } if (!is_null($key)) { if ($this->_iaCore->factory('picture')->delete($path)) { if ($this->_iaDb->update(array($field => $newItemValue), iaDb::convertIds($itemId), null, $tableName)) { if (iaUsers::getItemName() == $item) { // update current profile data if ($itemId == iaUsers::getIdentity()->id) { iaUsers::reloadIdentity(); } } } $result['error'] = false; $result['message'] = iaLanguage::get('deleted'); } else { $result['message'] = iaLanguage::get('error'); } } } } return $result; }
public function titleAlias($title) { $result = iaSanitize::tags($title); $this->iaCore->factory('util'); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); utf8_is_ascii($result) || ($result = utf8_to_ascii($result)); $result = preg_replace('#' . self::ALIAS_SUFFIX . '$#i', '', $result); $result = iaSanitize::alias($result); $result = substr($result, 0, 150); // the DB scheme applies this limitation $result .= self::ALIAS_SUFFIX; return $result; }
function smarty_function_ia_hooker($params, &$smarty) { if (!isset($params['name'])) { return; } $name = $params['name']; iaDebug::debug('smarty', $name, 'hooks'); iaSystem::renderTime('smarty', $name); $iaCore = iaCore::instance(); $hooks = $iaCore->getHooks(); if (!array_key_exists($name, $hooks) || empty($hooks[$name])) { return; } foreach ($hooks[$name] as $hook) { $hook['type'] = in_array($hook['type'], array('php', 'html', 'plain', 'smarty')) ? $hook['type'] : 'php'; if (empty($hook['pages']) || in_array($iaCore->iaView->name(), $hook['pages'])) { if ($hook['filename']) { switch ($hook['type']) { case 'php': if (file_exists(IA_HOME . $hook['filename'])) { include IA_HOME . $hook['filename']; } break; case 'smarty': echo $smarty->fetch(IA_HOME . $hook['filename']); } } else { switch ($hook['type']) { case 'php': eval($hook['code']); break; case 'smarty': echo $smarty->fetch('eval:' . $hook['code']); break; case 'html': echo $hook['code']; break; case 'plain': echo iaSanitize::html($hook['code']); } } } } }
function lyrics_search($aQuery, $aFields, $aStart, $aLimit, &$aNumAll, $aWhere = '', $cond = 'AND') { $iaCore =& iaCore::instance(); $iaLyric = $iaCore->factoryPackage('lyric', 'lyrics'); $ret = array(); $match = array(); // additional fields if ($aFields && is_array($aFields)) { foreach ($aFields as $fname => $data) { if ('LIKE' == $data['cond']) { $data['val'] = "%{$data['val']}%"; } // for multiple values, like combo or checkboxes if (is_array($data['val'])) { if ('!=' == $data['cond']) { $data['cond'] = count($data['val']) > 1 ? 'NOT IN' : '!='; } else { $data['cond'] = count($data['val']) > 1 ? 'IN' : '='; } $data['val'] = count($data['val']) > 1 ? '(' . implode(',', $data['val']) . ')' : array_shift($data['val']); } else { if (preg_match('/^(\\d+)\\s*-\\s*(\\d+)$/', $data['val'], $range)) { // search in range $data['cond'] = sprintf('BETWEEN %d AND %d', $range[1], $range[2]); $data['val'] = ''; } else { $data['val'] = "'" . iaSanitize::sql($data['val']) . "'"; } } $match[] = "t1.`{$fname}` {$data['cond']} {$data['val']} "; } } $lyrics = array(); $lyrics = $match ? $iaLyric->getSearchLyrics($aStart, $aLimit, ' AND (' . implode(' ' . $cond . ' ', $match) . ')') : array(); $aNumAll += $iaCore->iaDb->foundRows(); foreach ($lyrics as $lyric) { $iaCore->iaSmarty->assign('lyric', $lyric); $lyricinfo = $iaLyric->goToItem(array('item' => $lyric)); //$ret[] = $iaCore->iaSmarty->fetch(IA_PACKAGES . 'lyrics/templates/common/brief_article.tpl'); $ret[] = sprintf('<p><a href="%s">%s</a></p>', $lyricinfo[0], $lyric['title']); } return $ret; }
protected function _postSaveEntry(array &$entry, array $data, $action) { iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); foreach ($this->_iaCore->languages as $code => $language) { $title = iaSanitize::tags($data['title'][$code]); utf8_is_valid($title) || ($title = utf8_bad_replace($title)); iaLanguage::addPhrase('usergroup_' . $entry['name'], $title, $code); } // copy privileges if ($data['copy_from']) { $this->_iaDb->setTable('acl_privileges'); $where = '`type_id` = :id AND `type` = :type'; $this->_iaDb->bind($where, array('id' => (int) $data['copy_from'], 'type' => 'group')); $rows = $this->_iaDb->all(iaDb::ALL_COLUMNS_SELECTION, $where); foreach ($rows as $key => &$row) { $row['type_id'] = $this->getEntryId(); unset($rows[$key]['id']); } $this->_iaDb->insert($rows); $this->_iaDb->resetTable(); } }
protected function _preSaveEntry(array &$entry, array $data, $action) { $entry['assignable'] = (int) $data['visible']; $entry['visible'] = (int) $data['visible']; if (iaCore::ACTION_ADD == $action) { if (empty($data['name'])) { $this->addMessage('error_usergroup_incorrect'); } else { $entry['name'] = strtolower(iaSanitize::paranoid($data['name'])); if (!iaValidate::isAlphaNumericValid($entry['name'])) { $this->addMessage('error_usergroup_incorrect'); } elseif ($this->_iaDb->exists('`name` = :name', array('name' => $entry['name']))) { $this->addMessage('error_usergroup_exists'); } } } foreach ($this->_iaCore->languages as $code => $language) { if (empty($data['title'][$code])) { $this->addMessage(iaLanguage::getf('error_lang_title', array('lang' => $language['title'])), false); } } return !$this->getMessages(); }
private static function _deepSanitizeHtml($value) { if (is_array($value)) { foreach ($value as $k => $v) { $value[$k] = call_user_func(array(__CLASS__, __METHOD__), $v); } return $value; } else { return iaSanitize::html($value); } }
private function _queryPage(&$iaView) { if (isset($_SESSION['queries'])) { $iaView->assign('history', $_SESSION['queries']); } if (isset($_POST['exec_query'])) { iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); $sql = $_POST['query']; $outerData = ''; utf8_is_valid($sql) || ($sql = utf8_bad_replace($sql)); $queries = false === strpos($sql, ';' . PHP_EOL) ? array($sql) : explode(";\r\n", $sql); foreach ($queries as $key => $sqlQuery) { $sql = trim(str_replace('{prefix}', $this->_iaDb->prefix, $sqlQuery)); $this->_iaCore->startHook('phpAdminBeforeRunSqlQuery', array('query' => $sql)); $result = $this->_iaDb->query($sql); $this->_iaCore->startHook('phpAdminAfterRunSqlQuery'); $numrows = 0; if ($result) { isset($_SESSION['queries']) || ($_SESSION['queries'] = array()); if (!in_array($sqlQuery, $_SESSION['queries'])) { if (count($_SESSION['queries']) >= 5) { array_shift($_SESSION['queries']); } $_SESSION['queries'][] = $sqlQuery; } $numrows = $rows = $this->_iaDb->getNumRows($result); if ($rows) { $rows .= $rows > 1 ? ' rows' : ' row'; $this->addMessage("<b>Query OK:</b> {$rows} selected.", false); } else { $this->addMessage('<b>Query OK:</b> ' . $this->_iaDb->getAffected() . ' rows affected.', false); } } else { $this->_error = true; $this->addMessage('<b>Query Failed:</b><br />' . $this->_iaDb->getError()); } if ($numrows) { // get field names $fieldNames = $this->_iaDb->getFieldNames($result); $outerData .= '<table class="table table-hover table-condensed"><thead><tr>'; $i = 0; foreach ($fieldNames as $field) { $outerData .= '<th ' . (!$i ? 'class="first"' : '') . '>' . $field->name . '</th>'; $i++; } $outerData .= '</tr></thead><tbody>'; $numFields = $this->_iaDb->getNumFields($result); while ($row = $this->_iaDb->fetchRow($result)) { $outerData .= '<tr>'; for ($i = 0; $i < $numFields; $i++) { $outerData .= '<td' . (!$i ? ' class="first"' : '') . '>' . iaSanitize::html($row[$i]) . '</td>'; } $outerData .= '</tr>'; } $outerData .= '</tbody></table>'; } } $iaView->assign('sql', $sql); $iaView->assign('queryOut', $outerData); } $iaView->assign('tables', $this->getHelper()->getTables()); }
protected function _modifyGridResult(array &$entries) { foreach ($entries as $key => &$entry) { $entry['title'] = iaLanguage::get(self::PATTERN_TITLE . $entry['id']); $entry['description'] = iaSanitize::tags(iaLanguage::get(self::PATTERN_DESCRIPTION . $entry['id'])); $entry['item'] = iaLanguage::get($entry['item']); $entry['duration'] .= ' ' . iaLanguage::get($entry['unit'] . ($entry['duration'] > 1 ? 's' : '')); if ($entry['recurring'] && $entry['cycles'] != -1) { $entry['duration'] .= ' (' . $entry['cycles'] . ' ' . iaLanguage::get('cycles') . ')'; } $entry['duration'] = strtolower($entry['duration']); unset($entries[$key]['unit'], $entries[$key]['cycles']); } }
public function output() { $outputValues = $this->getValues(); switch ($this->getRequestType()) { case self::REQUEST_JSON: header('Content-Type: application/json'); $iaUtil = $this->iaCore->factory('util'); if (isset($outputValues[self::JSON_MAGIC_KEY]) && 1 == count($outputValues)) { $outputValues = array_values($outputValues[self::JSON_MAGIC_KEY]); } echo $iaUtil->jsonEncode($outputValues); break; case self::REQUEST_HTML: header('Content-Type: text/html'); $iaSmarty =& $this->iaSmarty; foreach ($outputValues as $key => $value) { $iaSmarty->assign($key, $value); } // set page notifications $messages = $this->getMessages(); $notifications = array(); foreach (array(self::ERROR, self::SUCCESS, self::ALERT, self::SYSTEM) as $type) { empty($messages[$type]) || ($notifications[$type] = is_array($messages[$type]) ? $messages[$type] : array($messages[$type])); } $pageName = $this->name(); if (iaCore::ACCESS_ADMIN == $this->iaCore->getAccessType()) { $adminActions = self::PAGE_ERROR == $pageName ? array() : $this->_getAdminToolbarActions(); $this->set('toolbarActions', $adminActions); } $iaSmarty->assign('member', iaUsers::hasIdentity() ? iaUsers::getIdentity(true) : array()); // define smarty super global $core $core = array('actions' => $this->_setActions(), 'config' => $this->iaCore->getConfig(), 'customConfig' => $this->iaCore->getCustomConfig(), 'language' => $this->iaCore->languages[$this->language], 'languages' => $this->iaCore->languages, 'notifications' => $notifications, 'packages' => $this->iaCore->packagesData, 'page' => array('breadcrumb' => iaBreadcrumb::render(), 'info' => $this->getParams(), 'nonProtocolUrl' => $this->assetsUrl, 'name' => $pageName, 'title' => $this->get('caption', $this->get('title', 'Subrion CMS'))), 'providers' => iaUsers::getAuthProviders()); if (iaCore::ACCESS_FRONT == $this->iaCore->getAccessType()) { // get meta-description $value = $this->get('description'); $metaDescription = empty($value) && iaLanguage::exists('page_metadescr_' . $pageName) ? iaLanguage::get('page_metadescr_' . $pageName) : $value; $core['page']['meta-description'] = iaSanitize::html($metaDescription); // get meta-keywords $value = $this->get('keywords'); $metaKeywords = empty($value) && iaLanguage::exists('page_metakeyword_' . $pageName) ? iaLanguage::get('page_metakeyword_' . $pageName) : $value; $core['page']['meta-keywords'] = iaSanitize::html($metaKeywords); $this->_logStatistics(); header('X-Powered-CMS: Subrion CMS'); } $iaSmarty->assignByRef('core', $core); $this->iaCore->startHook('phpCoreDisplayBeforeShowBody'); $content = ''; if ($this->get('body', self::NONE) != self::NONE) { $content = $iaSmarty->fetch($this->_retrieveTemplatePath($this->get('body'))); } if ($this->_layoutEnabled) { $iaSmarty->assign('_content_', $content); $content = $iaSmarty->fetch('layout' . self::TEMPLATE_FILENAME_EXT); } echo $content; break; case self::REQUEST_XML: header('Content-Type: text/xml'); function htmldecode($text) { $text = html_entity_decode($text); $text = htmlspecialchars($text); return $text; } function xmlEncode(array $array, &$parentObject) { static $section; foreach ($array as $key => $value) { switch (true) { case is_array($array[key($array)]): if (!is_numeric($key)) { $node = $parentObject->addChild($key); xmlEncode($value, $node); } else { $node = $parentObject->addChild($section); foreach ($value as $k => $v) { $node->addChild($k, htmldecode($v)); } } break; case is_array($value): $section = $key; xmlEncode($value, $parentObject); break; default: $parentObject->addChild($key, htmldecode($value)); } } } $xmlObject = new SimpleXMLElement('<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/"></rss>'); xmlEncode($outputValues, $xmlObject); echo $xmlObject->asXML(); break; default: header('HTTP/1.1 501'); exit; } }
} else { $data['member_id'] = $member_id; } } else { $data['member_id'] = iaUsers::getIdentity()->id; } if (!defined('IA_NOUTF')) { iaUtf8::loadUTF8Core(); iaUtf8::loadUTF8Util('ascii', 'validation', 'bad', 'utf8_to_ascii'); } // validate title_alias $data['title_alias'] = !empty($_POST['title_alias']) ? $_POST['title_alias'] : $_POST['title']; if (!utf8_is_ascii($data['title_alias'])) { $data['title_alias'] = utf8_to_ascii($data['title_alias']); } $data['title_alias'] = iaSanitize::convertStr($data['title_alias']); // check for duplicate title_alias in case a new album is added or title_alias has been updated if (!isset($item['title_alias']) || isset($item['title_alias']) && $data['title_alias'] != $item['title_alias']) { if ($iaAlbum->existsAlias($data['title_alias'])) { $error = true; $messages[] = iaLanguage::get('album_already_exists'); } } if (!$error) { $iaCore->startHook("phpAdminBeforeAlbumSubmit"); if (!empty($_POST['artist'])) { $artist_info = $iaArtist->getArtistByTitle($_POST['artist']); $data['id_artist'] = $artist_info['id']; $data['artist_alias'] = $artist_info['title_alias']; } $data['status'] = check_post('status');
protected function _parseUrl() { $iaView =& $this->iaView; $domain = $_SERVER['HTTP_HOST']; $requestPath = preg_replace('#^\\/#', '', $_SERVER['REQUEST_URI']); if (!preg_match('#^www\\.#', $domain) && preg_match('#:\\/\\/www\\.#', $this->get('baseurl'))) { $domain = preg_replace('#^#', 'www.', $domain); $this->factory('util')->go_to('http://' . $domain . IA_URL_DELIMITER . $requestPath); } elseif (preg_match('#^www\\.#', $domain) && !preg_match('#:\\/\\/www\\.#', $this->get('baseurl'))) { $domain = preg_replace('#^www\\.#', '', $domain); $this->factory('util')->go_to('http://' . $domain . IA_URL_DELIMITER . $requestPath); } $iaView->assetsUrl = '//' . $domain . IA_URL_DELIMITER . FOLDER_URL; $iaView->domain = $domain; $iaView->domainUrl = 'http' . (isset($_SERVER['HTTPS']) && 'on' == $_SERVER['HTTPS'] ? 's' : '') . ':' . $iaView->assetsUrl; $iaView->language = $this->get('lang'); $doExit = false; $changeLang = false; if (isset($_GET['_p'])) { $url = $_GET['_p']; unset($_GET['_p']); } else { $url = !isset($_SERVER['REDIRECT_URL']) || $_SERVER['REQUEST_URI'] != $_SERVER['REDIRECT_URL'] ? $_SERVER['REQUEST_URI'] : $_SERVER['REDIRECT_URL']; $url = substr($url, strlen(FOLDER) + 1); } $extension = IA_URL_DELIMITER; $url = explode('?', $url); $url = array_shift($url); $url = explode(IA_URL_DELIMITER, iaSanitize::urlInjectionFilter(trim($url, IA_URL_DELIMITER))); $lastChunk = end($url); if ($pos = strrpos($lastChunk, '.')) { $extension = substr($lastChunk, $pos + 1); switch ($extension) { case self::EXTENSION_JSON: $iaView->setRequestType(iaView::REQUEST_JSON); break; case self::EXTENSION_XML: $iaView->setRequestType(iaView::REQUEST_XML); } $extension = '.' . $extension; $url = str_replace($extension, '', $url); } $iaView->set('extension', $extension); if (isset($_POST['_lang']) && isset($this->languages[$_POST['_lang']])) { $iaView->language = $_POST['_lang']; $changeLang = true; } $isSystemChunk = true; $array = array(); foreach ($url as $value) { if (!$isSystemChunk) { $array[] = $value; continue; } switch (true) { case $this->get('admin_page') == $value: // admin panel $this->_accessType = self::ACCESS_ADMIN; continue 2; case 'logout' == $value: // logging out $doExit = true; continue 2; case 2 == strlen($value): // current language if (isset($this->languages[$value])) { $changeLang || ($iaView->language = $value); array_shift($url); // #1715 continue 2; } default: $iaView->name(empty($value) && 1 == count($url) ? $this->get('home_page') : $value); $isSystemChunk = false; } } if (self::ACCESS_ADMIN == $this->getAccessType()) { if ($isSystemChunk && $this->get('home_page') == $iaView->name()) { $iaView->name(iaView::DEFAULT_HOMEPAGE); } } $iaView->url = empty($url[0]) ? array() : $url; $this->requestPath = $array; // set system language $this->language = $this->languages[$iaView->language]; // set dynamic config $this->set('date_format', $this->language['date_format']); $this->set('locale', $this->language['locale']); define('IA_EXIT', $doExit); }
$page = $page < 1 ? 1 : $page; $pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('blog'); $pagination = array('start' => ($page - 1) * $iaCore->get('blog_number'), 'limit' => (int) $iaCore->get('blog_number'), 'template' => $pageUrl . '?page={page}'); $order = 'date' == $iaCore->get('blog_order') ? 'ORDER BY `date_added` DESC' : 'ORDER BY `title` ASC'; $stmt = '`status` = :status AND `lang` = :language'; $iaDb->bind($stmt, array('status' => iaCore::STATUS_ACTIVE, 'language' => $iaView->language)); $sql = 'SELECT SQL_CALC_FOUND_ROWS ' . 'b.`id`, b.`title`, b.`date_added`, b.`body`, b.`alias`, b.`image`, m.`fullname` ' . 'FROM `:prefix:table_blog_entries` b ' . 'LEFT JOIN `:prefix:table_members` m ON (b.`member_id` = m.`id`) ' . 'WHERE b.' . $stmt . $order . ' LIMIT :start, :limit'; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries' => 'blog_entries', 'table_members' => 'members', 'start' => $pagination['start'], 'limit' => $pagination['limit'])); $rows = $iaDb->getAll($sql); $pagination['total'] = $iaDb->foundRows(); $sql = 'SELECT bt.`title`, bt.`alias`, bet.`blog_id` ' . 'FROM `:prefix:table_blog_tags` bt ' . 'LEFT JOIN `:prefix:table_blog_entries_tags` bet ON (bt.`id` = bet.`tag_id`) ' . 'ORDER BY bt.`title`'; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries_tags' => 'blog_entries_tags', 'table_blog_tags' => 'blog_tags')); $blogTags = $iaDb->getAll($sql); $iaView->assign('tags', $blogTags); $iaView->assign('blog_entries', $rows); $iaView->assign('pagination', $pagination); } $pageActions[] = array('icon' => 'rss', 'title' => '', 'url' => IA_URL . 'blog.xml', 'classes' => 'btn-warning'); $iaView->set('actions', $pageActions); $iaView->display('index'); } if (iaView::REQUEST_XML == $iaView->getRequestType()) { $output = array('title' => $iaCore->get('site') . ' :: ' . $iaView->title(), 'description' => '', 'url' => IA_URL . 'blog', 'item' => array()); $listings = $iaDb->all(iaDb::ALL_COLUMNS_SELECTION, "`lang`= '" . $iaView->language . "'", 0, 20); $pageUrl = $iaCore->factory('page', iaCore::FRONT)->getUrlByName('blog'); foreach ($listings as $entry) { $output['item'][] = array('title' => $entry['title'], 'link' => $pageUrl . $entry['id'] . '-' . $entry['alias'], 'pubDate' => date('D, d M Y H:i:s T', strtotime($entry['date_modified'])), 'description' => iaSanitize::tags($entry['body'])); } $iaView->assign('channel', $output); } $iaDb->resetTable();
protected function _assignValues(&$iaView, array &$entryData) { $iaUsers = $this->_iaCore->factory('users'); $owner = empty($entryData['member_id']) ? iaUsers::getIdentity(true) : $iaUsers->getInfo($entryData['member_id']); $entryData['owner'] = $owner['fullname'] . " ({$owner['email']})"; /* commented for cases when SET SESSION group_concat_max_len doesn't work $tagIds = $this->_iaDb->all('tag_id', "`blog_id` = {$this->getEntryId()}",0, null, $this->_tableBlogEntriesTags); $entryData['tags'] = ''; foreach ($tagIds as $tagId) { $tags = $this->_iaDb->all('title', "`id` = {$tagId['tag_id']}",0, null, $this->_tableBlogTags); $entryData['tags'] .= $tags[0]['title'] . ','; } $entryData['tags'] = rtrim($entryData['tags'], ','); */ $this->_iaDb->query("SET SESSION group_concat_max_len = 2000"); if ($this->getEntryId()) { $entryData['tags'] = $this->getHelper()->getTags($this->getEntryId()); } else { if (isset($_POST['tags'])) { $entryData['tags'] = iaSanitize::sql($_POST['tags']); } } }
private function _downloadLanguage(&$iaView) { $language = isset($_POST['lang']) ? iaSanitize::paranoid($_POST['lang']) : $this->_iaCore->requestPath[1]; $format = isset($_POST['file_format']) && in_array($_POST['file_format'], array('csv', 'sql')) ? $_POST['file_format'] : 'sql'; $phrases = $this->_iaDb->all(iaDb::ALL_COLUMNS_SELECTION, "`code` = '" . $language . "'"); $fileName = urlencode(isset($_POST['filename']) ? $_POST['filename'] . '.' . $format : 'subrion_' . IA_VERSION . '_' . $this->_iaCore->requestPath[1] . '.' . $format); header('Content-Type: text/plain; charset=utf-8'); header('Content-Disposition: attachment; filename="' . $fileName . '"'); $stream = fopen('php://output', 'w'); if ('sql' == $format) { fwrite($stream, 'INSERT INTO `{prefix}language` (`id`, `key`, `original`, `value`, `category`, `code`, `extras`) VALUES' . PHP_EOL); } foreach ($phrases as $i => $entry) { switch ($format) { case 'sql': $data = '('; foreach ($entry as $key => $value) { $data .= $value ? 'id' == $key ? 'NULL' : "'" . iaSanitize::sql($value) . "'" : "''"; $data .= ', '; } $data = substr($data, 0, -2); $data .= isset($phrases[$i + 1]) ? '),' . PHP_EOL : ');'; fwrite($stream, $data); break; default: unset($entry['id']); $entry['value'] = str_replace(array("\r\n", "\r", "\n"), '\\n', $entry['value']); $entry['original'] = str_replace(array("\r\n", "\r", "\n"), '\\n', $entry['original']); fputcsv($stream, $entry, '|', '"'); } } fclose($stream); $iaView->set('nodebug', true); exit; }
public function uninstall($extraName) { if (empty($extraName)) { $this->error = true; $this->setMessage('Extra name is empty.'); return false; } $this->iaCore->startHook('phpExtrasUninstallBefore', array('extra' => $extraName)); if ($this->iaCore->get('default_package', false) == $extraName) { $this->iaCore->set('default_package', '', true); } $this->checkValidity(); $extraName = iaSanitize::sql($extraName); $iaDb =& $this->iaDb; $code = $iaDb->row_bind(array('uninstall_code', 'uninstall_sql', 'rollback_data'), '`name` = :name', array('name' => $extraName), self::getTable()); $pagesList = $iaDb->onefield('`name`', "`extras` = '{$extraName}'", null, null, 'pages'); $iaDb->delete("`page_name` IN ('" . implode("','", $pagesList) . "')", 'menus'); if (in_array($this->iaCore->get('home_page'), $pagesList)) { $this->iaCore->set('home_page', 'index', true); } if ($itemsList = $iaDb->onefield('item', "`package` = '{$extraName}'", null, null, 'items')) { $stmt = "`item` IN ('" . implode("','", $itemsList) . "')"; $iaDb->cascadeDelete(array('items_pages', 'favorites', 'views_log'), $stmt); } if ($pagesList) { $iaDb->cascadeDelete(array('objects_pages'), "`page_name` IN ('" . implode("','", $pagesList) . "')"); $iaDb->setTable(iaLanguage::getTable()); $iaDb->delete("`key` IN ('page_title_" . implode("','page_title_", $pagesList) . "')"); $iaDb->delete("`key` IN ('page_content_" . implode("','page_content_", $pagesList) . "')"); $iaDb->delete("`key` IN ('page_metakeyword_" . implode("','page_metakeyword_", $pagesList) . "')"); $iaDb->delete("`key` IN ('page_metadescr_" . implode("','page_metadescr_", $pagesList) . "')"); $iaDb->resetTable(); } $tableList = array('admin_actions', 'admin_pages_groups', 'admin_pages', 'acl_privileges', iaLanguage::getTable(), iaCore::getConfigGroupsTable(), iaCore::getConfigTable(), iaCore::getCustomConfigTable(), 'pages', 'hooks', 'acl_objects', 'fields_groups', 'fields_pages', 'fields_relations', 'fields_tree_nodes', 'cron'); $iaDb->cascadeDelete($tableList, "`extras` = '{$extraName}'"); $this->iaCore->factory('field'); $iaDb->setTable(iaField::getTable()); $stmt = '`extras` LIKE :extras'; $this->iaDb->bind($stmt, array('extras' => '%' . $extraName . '%')); if ($itemsList) { $stmt .= " OR `item` IN ('" . implode("','", $itemsList) . "')"; } if ($fields = $iaDb->all(array('id', 'extras'), $stmt)) { foreach ($fields as $field) { $pluginsList = explode(',', $field['extras']); if (count($pluginsList) > 1) { unset($pluginsList[array_search($extraName, $pluginsList)]); $iaDb->update(array('extras' => implode(',', $pluginsList), 'id' => $field['id'])); } else { $iaDb->delete(iaDb::convertIds($field['id'])); } } } $iaDb->resetTable(); $iaBlock = $this->iaCore->factory('block', iaCore::ADMIN); if ($blockIds = $iaDb->onefield(iaDb::ID_COLUMN_SELECTION, "`extras` = '{$extraName}'", null, null, iaBlock::getTable())) { foreach ($blockIds as $blockId) { $iaBlock->delete($blockId, false); } } if ($code['uninstall_sql']) { $code['uninstall_sql'] = unserialize($code['uninstall_sql']); if ($code['uninstall_sql'] && is_array($code['uninstall_sql'])) { foreach ($code['uninstall_sql'] as $sql) { $iaDb->query(str_replace('{prefix}', $iaDb->prefix, $sql['query'])); } } } $entry = $iaDb->row_bind(iaDb::ALL_COLUMNS_SELECTION, '`name` = :name', array('name' => $extraName), self::getTable()); $iaDb->delete('`name` = :plugin', self::getTable(), array('plugin' => $extraName)); $iaDb->delete('`package` = :plugin', 'items', array('plugin' => $extraName)); empty($entry) || $this->_processCategory($entry, self::ACTION_UNINSTALL); if ($code['uninstall_code']) { $this->_runPhpCode($code['uninstall_code']); } if ($code['rollback_data']) { $rollbackData = unserialize($code['rollback_data']); if (is_array($rollbackData)) { $existPositions = $this->iaView->positions; foreach ($rollbackData as $sectionName => $actions) { foreach ($actions as $name => $itemData) { if (isset($itemData['position'])) { if (!in_array($itemData['position'], $existPositions)) { $itemData['position'] = ''; $itemData['status'] = iaCore::STATUS_INACTIVE; } } $stmt = iaDb::printf("`name` = ':name'", array('name' => $name)); $this->iaDb->update($itemData, $stmt, null, $sectionName); } } } } // clear usergroups if ($usergroups = $iaDb->all(iaDb::ALL_COLUMNS_SELECTION, iaDb::convertIds($extraName, 'extras'), 0, null, iaUsers::getUsergroupsTable())) { $iaUsers = $this->iaCore->factory('users'); foreach ($usergroups as $usergroup) { $iaUsers->deleteUsergroup($usergroup['id']); } } $this->iaCore->startHook('phpExtrasUninstallAfter', array('extra' => $extraName)); $this->iaCore->iaCache->clearAll(); return true; }
/** * Internal utility function used to generate SET stmt * * @param array $values values to be set checking by type * @param array $rawValues values to be set without processing * * @return string */ protected function _wrapValues($values, $rawValues) { $result = ''; // no need for further processing if (empty($values) && empty($rawValues)) { return $result; } $array = array(); if (is_array($values)) { foreach ($values as $columnName => $value) { $pattern = "`%s` = '%s'"; switch (true) { case is_bool($value): $pattern = '`%s` = %s'; $value = $value ? 1 : 0; break; case is_null($value): $pattern = '`%s` = %s'; $value = 'NULL'; break; case is_scalar($value): $value = iaSanitize::sql($value); break; default: // arrays, objects & resources are now actually ignored continue; } $array[] = sprintf($pattern, $columnName, $value); } } if (is_array($rawValues) && $rawValues) { foreach ($rawValues as $field => $value) { $array[] = "`{$field}` = {$value}"; } } $result = implode(', ', $array); return $result; }
/** * makeDataBackup * * Return data sql dump * * @param string $tableName $tableName table name * @param bool $aComplete if true use complete inserts * @param bool $prefix if true use prefix * @access public * * @return string */ public function makeDataBackup($tableName, $aComplete = false, $prefix = true) { $tableNameReplacement = $prefix ? $tableName : str_replace($this->iaDb->prefix, '{prefix}', $tableName); $out = ''; $complete = ''; $this->iaDb->setTable($tableName, false); if ($aComplete) { $fields = $this->iaDb->describe($tableName, false); $complete = ' ('; foreach ($fields as $value) { $complete .= "`" . $value['Field'] . "`, "; } $complete = preg_replace('/(,\\n|, )?$/', '', $complete); $complete .= ')'; } if ($data = $this->iaDb->all()) { foreach ($data as $value) { $out .= 'INSERT INTO `' . $tableNameReplacement . '`' . $complete . " VALUES ("; foreach ($value as $key2 => $value2) { if (!isset($value[$key2])) { $out .= "null, "; } elseif ($value[$key2] != '') { $out .= "'" . iaSanitize::sql($value[$key2]) . "', "; } else { $out .= "'', "; } } $out = rtrim($out, ', '); $out .= ');' . PHP_EOL; } } $this->iaDb->resetTable(); return $out; }
private function _reset($domain) { $_GET['type'] = isset($_GET['type']) ? $_GET['type'] : 2; $url = ''; switch ($_GET['type']) { case 1: $url = 'http://' . iaSanitize::sql(str_replace('www.', '', $_GET['url'][1])) . '.' . $domain . IA_URL_DELIMITER; break; case 2: $url = $_GET['url'][2]; } if ($url) { $url = trim($url, IA_URL_DELIMITER) . IA_URL_DELIMITER; $this->_changeDefault($url); $this->addMessage('reset_default_success'); return true; } else { return false; } }
protected function _modifyGridParams(&$conditions, &$values) { if (!empty($_GET['name'])) { $conditions[] = "CONCAT(`username`, `fullname`, `email`) LIKE '%" . iaSanitize::sql($_GET['name']) . "%'"; } }
protected function _assignValues(&$iaView, array &$entryData) { $pageGroups = array(); $visibleOn = array(); // get groups $groups = $this->_iaDb->onefield('`group`', '1 GROUP BY `group`', null, null, 'pages'); $rows = $this->_iaDb->all(array('id', 'name', 'title'), null, null, null, 'admin_pages_groups'); foreach ($rows as $row) { if (in_array($row['id'], $groups)) { $pageGroups[$row['id']] = $row; } } if (iaCore::ACTION_EDIT == $iaView->get('action')) { if ($array = $this->_iaDb->onefield('page_name', "`object_type` = 'blocks' && " . iaDb::convertIds($this->getEntryId(), 'object'), null, null, 'objects_pages')) { $visibleOn = $array; } } elseif (!empty($_POST['pages'])) { $visibleOn = $_POST['pages']; } if (!empty($_POST['menus'])) { $iaView->assign('treeData', iaSanitize::html(iaUtil::jsonEncode($_POST['menus']))); } $iaView->assign('visibleOn', $visibleOn); $iaView->assign('pages', $this->_getPages()); $iaView->assign('pagesGroup', $pageGroups); $iaView->assign('positions', $this->getHelper()->getPositions()); }
//##copyright## $iaUsers = $iaCore->factory('users'); $iaDb->setTable(iaUsers::getTable()); if (iaView::REQUEST_JSON == $iaView->getRequestType()) { if (isset($_GET['email'])) { $code = isset($_GET['code']) ? trim($_GET['code']) : false; $email = isset($_POST['email']) ? $_POST['email'] : (isset($_GET['email']) ? $_GET['email'] : ''); $error = false; $message = array(); if ($email) { if (!iaValidate::isEmail($email)) { $error = true; $message = iaLanguage::get('error_email_incorrect'); } $email = iaSanitize::sql($email); $member = $iaDb->row_bind(iaDb::ALL_COLUMNS_SELECTION, '`email` = :email', array('email' => $email)); if (empty($member)) { $error = true; $message = iaLanguage::get('error_no_member_email'); } if (false !== $code && $member['sec_key'] != $code) { $error = true; $message = iaLanguage::get('confirmation_code_incorrect'); } if (!$error && false === $code) { $mail = array(); $token = $iaCore->factory('util')->generateToken(); $confirmationUrl = IA_URL . "forgot/?email={$email}&code={$token}"; $iaMailer = $iaCore->factory('mailer'); $iaMailer->loadTemplate('password_restoration');
/** * Prints picture in the box uses for display listing thumbnails, listing full picture, member avatar * * @param array $params image params * * @return string */ public static function printImage($params) { $thumbUrl = iaCore::instance()->iaView->assetsUrl; // temporary solution // TODO: remove if ('a:' == substr($params['imgfile'], 0, 2)) { $array = unserialize($params['imgfile']); $params['imgfile'] = $array['path']; $params['title'] = $array['title']; } // if (!empty($params['imgfile'])) { $thumbUrl .= 'uploads/'; if (isset($params['fullimage']) && $params['fullimage']) { $imgfile = explode('/', $params['imgfile']); $imgfile[count($imgfile) - 1] = str_replace('.', '~.', $imgfile[count($imgfile) - 1]); $thumbUrl .= implode('/', $imgfile); } else { $thumbUrl .= $params['imgfile']; } } else { $thumbUrl .= 'templates/' . iaCore::instance()->iaView->theme . '/img/no-preview.png'; } if (!empty($params['url'])) { return $thumbUrl; } $width = isset($params['width']) ? ' width="' . $params['width'] . '"' : ''; $height = isset($params['height']) ? ' height="' . $params['height'] . '"' : ''; $title = isset($params['title']) ? iaSanitize::html($params['title']) : ''; $class = isset($params['class']) ? ' class="' . $params['class'] . '"' : ''; return sprintf('<img src="%s" alt="%s" title="%s"%s>', $thumbUrl, $title, $title, $width . $height . $class); }
public function getImageFields($pluginFilter = null) { $conditions = array("`type` IN ('image','pictures')"); empty($pluginFilter) || ($conditions[] = "`extras` = '" . iaSanitize::sql($pluginFilter) . "'"); $conditions = implode(' AND ', $conditions); return $this->iaDb->onefield('name', $conditions, null, null, self::getTable()); }
private function _processSorting(array $sorting) { if ($sorting[0]) { $field = $this->getOption('columnAlias')->{$sorting[0]} ? $this->getOption('columnAlias')->{$sorting[0]} : iaSanitize::sql($sorting[0]); $order = empty($sorting[1]) || !in_array($sorting[1], array('asc', 'desc')) ? iaDb::ORDER_ASC : strtoupper($sorting[1]); $this->_sorting = sprintf('`%s` %s', $field, $order); } else { $this->_sorting = ''; } }