/**
* Print a question mark with a tool tip.
*
* @param $help_string
* @param string $image
* @param string $id
* @param string $class
* @param null $url
*
* @todo this needs JS injection and should be moved to a view.
*/
public static function render($help_string, $image = '/images/qmark.png', $id = '', $class = '', $url = NULL)
{
if ($url) {
echo '<a href="' . $url . '">';
}
echo '<img data-tooltip aria-haspopup="true" class="has-tip" title="' . Scrub::toHTML($help_string) . '" src="' . $image . '" border="0" class="help tooltip ' . $class . '" id="' . $id . '" />';
if ($url) {
echo '</a>';
}
}
/**
* Build a CK editor in an iframe.
*
* @param string $id
* The field name / id.
* @param string $value
* The preset value.
* @param array $options
* A list of options.
*
* @return string
* The output HTML.
*/
public static function iframe($id, $value, $options = array())
{
self::init();
JS::startup('lightning.ckeditors["' . $id . '"] = CKEDITOR.replace("' . $id . '", ' . json_encode($options) . ');');
if (!empty($options['finder'])) {
JS::add('/js/ckfinder/ckfinder.js', false, false);
JS::startup('CKFinder.setupCKEditor(lightning.ckeditors["' . $id . '"], "/js/ckfinder/")');
}
return '<textarea name="' . $id . '" id="' . $id . '">' . Scrub::toHTML($value) . '</textarea>';
}
public static function implodeAttributes($attributes)
{
$output = '';
foreach ($attributes as $name => &$value) {
if (is_array($value)) {
$value = implode(' ', $value);
}
$output .= $name . '="' . Scrub::toHTML($value) . '" ';
}
return $output;
}
/**
* Create an admin account. Will prompt for email address and password.
*/
public function executeCreateAdmin()
{
do {
if (!empty($email_input)) {
$this->out('That is not a valid email.');
}
$email_input = $this->readline('Email: ');
} while (!($email = Scrub::email($email_input)));
do {
$password = $this->readline('Password: '******'success']) {
$user = UserModel::loadById($res['data']);
$user->setType(UserModel::TYPE_ADMIN);
} else {
$this->out('Failed to create user.');
}
}
/**
* Get the encoded default value for a form element.
*
* @param string $var
* The name of the field.
* @param string $alt_default
* A default if nothing was submitted.
* @param string $type
* The type, usually html ot text.
*
* @return string
* The HTML encoded value.
*/
public static function defaultValue($var, $alt_default = null, $type = 'text') {
$default = Request::get($var, $type) !== null ? Request::get($var, $type) : $alt_default;
return Scrub::toHTML($default);
}
/**
* Insert a new user if he doesn't already exist.
*
* @param string $email
* The new email
* @param string $pass
* The new password
* @param string $first_name
* The first name
* @param string $last_name
* The last name.
*
* @return integer
* The new user's ID.
*/
protected static function insertUser($email, $pass = NULL, $first_name = '', $last_name = '')
{
$user_details = array('email' => Scrub::email(strtolower($email)), 'first' => $first_name, 'last' => $last_name, 'created' => Time::today(), 'confirmed' => static::requiresConfirmation() ? static::UNCONFIRMED : static::CONFIRMED, 'type' => 0, 'referrer' => 0);
if ($pass) {
$salt = static::getSalt();
$user_details['password'] = static::passHash($pass, $salt);
$user_details['salt'] = bin2hex($salt);
$user_details['registered'] = Time::today();
}
return Database::getInstance()->insert('user', $user_details);
}
/**
* Show just the registration page.
*/
public function getRegister()
{
$template = Template::getInstance();
$template->set('action', 'register');
$template->set('redirect', Scrub::toURL(Request::get('redirect', 'string')));
}
public function postSave()
{
$user = ClientUser::getInstance();
if (!$user->isAdmin()) {
return $this->get();
}
$page_id = Request::post('page_id', 'int');
$title = Request::post('title');
$url = Request::post('url', 'url');
// Create an array of the new values.
$new_values = array('title' => $title, 'url' => !empty($url) ? $url : Scrub::url($title), 'keywords' => Request::post('keywords'), 'description' => Request::post('description'), 'site_map' => Request::post('sitemap', 'int'), 'body' => Request::post('page_body', 'html', '', '', true), 'last_update' => time(), 'layout' => Request::post('layout', 'int'));
// Save the page.
if ($page_id != 0) {
Database::getInstance()->update('page', $new_values, array('page_id' => $page_id));
} else {
$page_id = Database::getInstance()->insert('page', $new_values);
}
$output = array();
$output['url'] = $new_values['url'];
$output['page_id'] = $page_id;
$output['title'] = $title;
Output::json($output);
}
function categories_list()
{
$list = $this->allCategories();
if ($list->rowCount() > 0) {
echo "<ul>";
foreach ($list as $r) {
echo "<li><a href='/category/" . Scrub::url($r['category']) . ".htm'>{$r['category']}</a> ({$r['count']})</li>";
}
echo "</ul>";
}
}
public static function XMLSegment($items, $type = null) {
$output = '';
foreach ($items as $key => $item) {
if (is_numeric($key) && $type) {
$key = $type;
}
if (is_array($item)) {
$output .= "<$key>" . self::XMLSegment($item) . "</$key>";
} else {
$output .= "<$key>" . Scrub::toHTML($item) . "</$key>";
}
}
return $output;
}
/**
* Clean any data before it's returned.
*
* @param $data
* The value of the parameter.
* @param $type
* The type of data to scrub the input.
*
* @return bool|float|int|string
*/
protected static function clean($data, $type = 'text')
{
if (get_magic_quotes_gpc()) {
$data = stripslashes($data);
}
// Return the value.
switch ($type) {
case 'int':
return Scrub::int($data);
break;
case 'float':
return Scrub::float($data);
break;
case 'boolean-int':
return intval(Scrub::boolean($data));
break;
case 'explode':
$data = explode(',', trim($data, ','));
case 'array':
case 'array_keys':
$args = func_get_args();
if (!is_array($data) || count($data) == 0) {
return false;
}
$output = array();
foreach ($data as $k => $v) {
$output[] = self::clean($type == 'array_keys' ? $k : $v, !empty($args[2]) ? $args[2] : null);
}
return $output;
break;
case 'keyed_array':
$args = func_get_args();
if (!is_array($data) || count($data) == 0) {
return false;
}
$output = array();
foreach ($data as $k => $v) {
$output[$k] = self::clean($v, !empty($args[2]) ? $args[2] : null);
}
return $output;
break;
case 'url':
case 'email':
case 'boolean':
case 'hex':
case 'base64':
case 'encrypted':
case 'html':
$args = func_get_args();
// It's possible that a + was changed to a space in URL decoding.
if ($type == 'base64' || $type == 'encrypted') {
$args[0] = str_replace(' ', '+', $args[0]);
}
// Remove the second item, the type.
if (count($args) > 2) {
unset($args[1]);
$args = array_values($args);
}
return call_user_func_array("Lightning\\Tools\\Scrub::{$type}", $args);
break;
case 'urlencoded':
return urldecode($data);
break;
case 'text':
// This still allows some basic HTML.
return Scrub::text($data);
break;
case 'string':
default:
// This does nothing to the string. Assume it is not sanitized.
return $data;
break;
}
}
<? if (!empty($post['author_name']) && !empty($post['author_url'])): ?>
<li>
<a href="/blog/author/<?php
echo $post['author_url'];
?>
"><?php
echo $post['author_name'];
?>
</a>
</li>
<? endif; ?>
<? if (!empty($post['categories'])):
foreach ($post['categories'] as $cat): ?>
<li>
<a href="/blog/category/<?php
echo Scrub::toURL($cat);
?>
"><?php
echo $cat;
?>
</a>
</li>
<? endforeach;
endif; ?>
</ul>
<div class="blog_body" <? if (!$blog->isList()):?>id='blog_body'<? endif; ?>>
<? if ($user->isAdmin()): ?><a href="/blog/edit?return=view&id=<?php
echo $post['blog_id'];
?>
" class="button">Edit this Post</a><br /><? endif; ?>
<? if ($blog->isList()): ?>
function executeTask()
{
// do we load a subset or ss vars?
if (isset($_REQUEST['ss'])) {
$this->cur_subset = Scrub::variable($_REQUEST['ss']);
} elseif ($this->subset_default) {
$this->cur_subset = $this->subset_default;
}
// if the table is not set explicitly, look for one in the url
if (!isset($this->table)) {
if (isset($_REQUEST['table'])) {
$this->table = Request::get('table');
$this->table_url = true;
} else {
return false;
}
}
// see if we are calling an action from a link
$action = Request::get('action');
if ($action == "action" && isset($this->action_fields[$_GET['f']])) {
switch ($this->action_fields[$_GET['f']]['type']) {
case "function":
$this->id = intval($_GET['id']);
$this->get_row();
$this->action_fields[$_GET['f']]['function']($this->list);
header("Location: " . $this->createUrl($_GET['ra'], $row[$this->getKey()]));
exit;
break;
}
}
// check for a singularity, only allow edit/update (this means a user only has access to one of these entries, so there is no list view)
if ($this->singularity) {
$row = Database::getInstance()->selectRow($this->table, array($this->singularity => $this->singularityID));
if (count($row) > 0) {
$singularity_exists = true;
}
if ($singularity_exists) {
$this->id = $row[$this->getKey()];
}
// there can be no "new", "delete", "delconf", "list"
if ($this->action == "new" || $this->action == "edit" || $this->action == "delete" || $this->action == "delconf" || $this->action == "list" || $this->action == '') {
if ($singularity_exists) {
$this->action = "edit";
} else {
$this->action = "new";
}
}
// if there is no current entry, an edit becomes an insert
if ($this->action == "update" || $this->action == "insert") {
if ($singularity_exists) {
$this->action = "update";
} else {
$this->action = "insert";
}
}
}
$this->getKey();
switch ($this->action) {
case "pop_return":
break;
case "autocomplete":
$this->loadList();
$output = array("list" => $this->list, "search" => $_POST['st']);
echo json_encode($output);
exit;
break;
case "file":
$this->loadMainFields();
$field = $_GET['f'];
$this->get_row();
if ($this->fields[$field]['type'] == 'file' && count($this->list) > 0) {
$file = $this->get_full_file_location($this->fields[$field]['location'], $this->list[$field]);
if (!file_exists($file)) {
die("No File Uploaded");
}
switch ($this->list[$this->fields[$field]['extension']]) {
case '.pdf':
header("Content-Type: application/pdf");
break;
case '.jpg':
case '.jpeg':
header("Content-Type: image/jpeg");
break;
case '.png':
header("Content-Type: image/png");
break;
}
readfile($file);
} else {
die('config error');
}
exit;
case "delete":
if (!$this->deleteable) {
// FAILSAFE
break;
}
if ($this->delconf) {
break;
}
$_POST['delconf'] = "Yes";
case "delconf":
if (!$this->deleteable) {
// FAILSAFE
break;
}
if ($_POST['delconf'] == "Yes") {
}
case "list_action":
case "list":
case '':
default:
$this->action = "list";
break;
}
}
public function get()
{
$blog_id = Request::get('id', 'int') | Request::get('blog_id', 'int');
$path = explode('/', Request::getLocation());
$blog = BlogModel::getInstance();
if (preg_match('/.*\\.htm/', $path[0])) {
$blog->loadContentByURL($path[0]);
} elseif ($blog_id) {
$blog->loadContentById($blog_id);
} elseif (array_shift($path) == 'blog') {
if (!empty($path)) {
$blog->page = is_numeric($path[count($path) - 1]) ? $path[count($path) - 1] : 1;
if ($path[0] == 'category') {
// Load category roll
$blog->loadList($blog->page, 'category', $path[1]);
} elseif ($path[0] == 'author') {
// Load an author roll.
$blog->loadList($blog->page, 'author', $path[1]);
} elseif (!empty($blog->page)) {
$blog->loadList();
} else {
// Try to load a specific blog.
$blog->loadContentByURL($path[0]);
}
}
}
if (empty($blog->posts)) {
// Fall back, load blogroll
$blog->loadList(1);
}
$template = Template::getInstance();
if (count($blog->posts) == 1) {
$template->set('page_section', 'blog');
} else {
// If there is more than one, we show a list with short bodies.
$blog->shorten_body = true;
}
if (count($blog->posts) == 1) {
foreach (array('title', 'keywords', 'description', 'author') as $meta_data) {
switch ($meta_data) {
case 'title':
$value = $blog->posts[0]['title'] . ' | ' . Configuration::get('meta_data.title') . ' | ' . Scrub::toHTML($blog->body($blog->posts[0]['author_name'], true));
break;
case 'description':
$value = Scrub::toHTML($blog->body($blog->posts[0]['body'], true));
break;
case 'author':
$value = Scrub::toHTML($blog->body($blog->posts[0]['author_name'], true));
break;
default:
$value = Scrub::toHTML($blog->body($blog->posts[0][$meta_data], true));
}
$template->set('page_' . $meta_data, $value);
}
}
//meta facebook image
if (count($blog->posts) == 1 && !empty($blog->posts[0]['header_image'])) {
$template->set('og_image', Configuration::get('web_root') . $blog->posts[0]['header_image']);
} elseif ($default_image = Configuration::get('blog.default_image')) {
$template->set('og_image', Configuration::get('web_root') . $default_image);
}
}