/** * Loops through the blocks and displays them nicely using the theme template * * @version 1.0 * @since 1.0 * @author Daniel Noel-Davies * * @param array $blocks Collection of blocks * */ private function displayPortlets($blocks) { $objTPL = Core_Classes_coreObj::getTPL(); $objTPL->set_filenames(array('block_notices' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl')); $rowCount = 12; foreach ($blocks as $title => $block) { $block['COL'] = (int) doArgs('COL', 12, $block); $objTPL->assign_block_vars('block', array('TITLE' => $title, 'CONTENT' => dump($rowCount, 'RowCount') . dump($block, 'block'), 'ICON' => 'icon-' . doArgs('ICON', null, $block))); // If there are no blocks in the row, Start new row if ($rowCount === 12) { $objTPL->assign_block_vars('block.start_row', array()); // If there is no space for the current block, end the current div above everything, and start a new one } else { if ($rowCount - $block['COL'] < 0) { $objTPL->assign_block_vars('block.start_row', array()); $objTPL->assign_block_vars('block.pre_end_row', array()); } } // If, after everything, we are at 0, end the current block, and reset the row count $rowCount -= $block['COL']; if ($rowCount <= 0) { $objTPL->assign_block_vars('block.end_row', array()); $rowCount = 12; } $objTPL->assign_block_vars('block.' . doArgs('COL', '12', $block) / 4 . 'col', array()); $objTPL->assign_vars(array('BLOCKS' => $objTPL->get_html('block_notices'))); } }
function menu_affiliates($args) { if (defined('NO_DB')) { return; } global $objTPL, $objSQL; $settings = array('limit' => doArgs('limit', 6, $args), 'perRow' => doArgs('limit', 2, $args)); //grab the table $table = $objSQL->getTable('SELECT * FROM `$Paffiliates` WHERE active = 1 AND showOnMenu = 1 ORDER BY rand() LIMIT %d;', array($settings['limit'])); if ($table === NULL) { return 'Error: Could not query Affiliates.'; } if (is_empty($table)) { return 'Error: No Affiliates in the database active.'; } $return = NULL; $counter = 1; foreach ($table as $a) { $title = secureMe($a['title']) . ' In: ' . $a['in'] . ' | Out: ' . $a['out']; $return .= '<a href="/' . root() . 'affiliates.php?out&id=' . $a['id'] . '" title="' . $title . '" target="_blank" rel="nofollow"><img src="' . $a['img'] . '" alt="' . $title . '" /></a>'; if ($counter % $settings['perRow'] == 0) { $return .= '<br />'; } $counter++; } return '<center>' . $return . '</center>'; }
function menu_forum_users($args) { global $objCore; $limit = doArgs('limit', 5, $args); $objCore->objTPL->set_filenames(array($args['uniqueId'] => 'modules/forum/template/block_forum.tpl')); $users = $objCore->objSQL->getTable('SELECT u.id, COUNT(DISTINCT p.id) AS count FROM `$Pusers` u, `$Pforum_posts` p, `$Pforum_threads` t, `$Pforum_cats` c WHERE p.author = u.id AND p.thread_id = t.id AND t.cat_id = c.id AND c.postcounts = 1 GROUP BY u.id ORDER BY count DESC LIMIT %d', array($limit)); if (!$users) { $objCore->objTPL->assign_block_vars('error', array('MESSAGE' => langVar('L_ERROR'))); return $objCore->objTPL->get_html($args['uniqueId']); } $opened = round((time() - $objCore->config('statistics', 'site_opened')) / 86400); $j = 0; foreach ($users as $user) { $objCore->objTPL->assign_block_vars('userRow', array('ID' => $objCore->objUser->getUserInfo($user['id'], 'id'), 'USERNAME' => $objCore->objUser->profile($user['id']), 'COUNT' => $user['count'], 'PER_DAY' => langVar('L_PER_DAY', round(sprintf('%.2f', $user['count'] / $opened), 0)), 'CLASS' => $j % 2 == 0 ? 'row_color2' : 'row_color1')); $j++; } //reset the block var so the data dosent creep into the other templates $return = $objCore->objTPL->get_html($args['uniqueId']); $objCore->objTPL->reset_block_vars('userRow'); return $return; }
/** * Sets up a new MySQL Class * * @version 1.0 * @since 1.0.0 * @author xLink * * @param array $config * * @return bool */ public function __construct($config = array()) { if (is_empty($config)) { return false; } $this->db = array('host' => doArgs('host', '', $config), 'username' => doArgs('username', '', $config), 'password' => doArgs('password', '', $config), 'database' => doArgs('database', '', $config), 'prefix' => doArgs('prefix', '', $config)); return true; }
/** * Add a new user to the system * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public function add() { $objSQL = Core_Classes_coreObj::getDBO(); $objTPL = Core_Classes_coreObj::getTPL(); $objTime = Core_Classes_coreObj::getTime(); Core_Classes_coreObj::getPage()->addBreadcrumbs(array(array('url' => doArgs('REQUEST_URI', '', $_SERVER), 'name' => 'Add User'))); $objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/users/add.tpl')); $objTPL->parse('panel', false); Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Add User', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'faicon-user'))); }
/** * Generates a form for the site configuration * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public function siteConfig() { Core_Classes_coreObj::getPage()->addBreadcrumbs(array(array('url' => doArgs('REQUEST_URI', '', $_SERVER), 'name' => 'Site Config'))); $objForm = Core_Classes_coreObj::getForm(); $objTPL = Core_Classes_coreObj::getTPL(); $yn = array(1 => langVar('L_YES'), 0 => langVar('L_NO')); $fields = array(langVar('L_SITE_CONFIG') => '_header_', langVar('L_SITE_TITLE') => $objForm->inputbox('title', 'text', $this->config('site', 'title')), langVar('L_SITE_SLOGAN') => $objForm->inputbox('slogan', 'text', $this->config('site', 'slogan')), langVar('L_ADMIN_EMAIL') => $objForm->inputbox('admin_email', 'text', $this->config('site', 'admin_email')), langVar('L_GANALYTICS') => $objForm->inputbox('google_analytics', 'input', $this->config('site', 'google_analytics')), langVar('L_CUSTOMIZE') => '_header_', langVar('L_THEME_OVERRIDE') => $objForm->radio('theme_override', $yn, $this->config('site', 'theme_override')), langVar('L_SITE_TZ') => $timezone, langVar('L_DST') => $objForm->radio('dst', $yn, $this->config('time', 'dst')), langVar('L_DEF_DATE_FORMAT') => $objForm->inputbox('default_format', 'input', $this->config('time', 'default_format'))); $form = $objForm->outputForm(array('FORM_START' => $objForm->start('panel', array('method' => 'POST', 'action' => $saveUrl, 'class' => 'form-horizontal')), 'FORM_END' => $objForm->finish(), 'FORM_TITLE' => $mod_name, 'FORM_SUBMIT' => $objForm->button('submit', 'Submit', array('class' => 'btn-primary')), 'FORM_RESET' => $objForm->button('reset', 'Reset'), 'HIDDEN' => $objForm->inputbox('sessid', 'hidden', $sessid) . $objForm->inputbox('id', 'hidden', $uid)), array('field' => $fields, 'desc' => array(langVar('L_INDEX_MODULE') => langVar('L_DESC_IMODULE'), langVar('L_SITE_TZ') => langVar('L_DESC_SITE_TZ'), langVar('L_DEF_DATE_FORMAT') => langVar('L_DESC_DEF_DATE'), langVar('L_DEF_THEME') => langVar('L_DESC_DEF_THEME'), langVar('L_THEME_OVERRIDE') => langVar('L_DESC_THEME_OVERRIDE'), langVar('L_ALLOW_REGISTER') => langVar('L_DESC_ALLOW_REGISTER'), langVar('L_EMAIL_ACTIVATE') => langVar('L_DESC_EMAIL_ACTIVATE'), langVar('L_MAX_LOGIN_TRIES') => langVar('L_DESC_MAX_LOGIN'), langVar('L_REMME') => langVar('L_DESC_REMME'), langVar('L_GANALYTICS') => langVar('L_DESC_GANALYTICS')), 'errors' => $_SESSION['site']['panel']['error']), array('header' => '<h4>%s</h4>', 'dedicatedHeader' => true, 'parseDesc' => true)); Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Site Configuration', 'CONTENT' => $form, 'ICON' => 'fa-icon-user'))); }
public function login_process() { $objUser = Core_Classes_coreObj::getUser(); $objLogin = Core_Classes_coreObj::getLogin(); $objPage = Core_Classes_coreObj::getPage(); if ($objLogin->process() !== true) { $this->login_form(); return; } $objPage->redirect(doArgs('referer', '/' . root(), $_SESSION['login']), 0); }
function __construct($name = '', $args = array()) { $args = array('useCache' => doArgs('useCache', false, $args), 'cacheDir' => doArgs('cacheDir', '', $args), 'root' => doArgs('root', '.', $args)); if (!$this->set_rootdir($args['root'])) { trigger_error('Error: Unable to find template root directory', E_USER_ERROR); } $this->use_cache = $args['useCache']; if ($this->use_cache) { if (is_dir($args['cacheDir']) && is_writeable($args['cacheDir'])) { $this->cache_directory = $args['cacheDir']; } else { $this->cache_directory = $args['root'] . '/cache/template/'; } } }
/** * Sets up a new SQL Class * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param array $config * * @return bool */ public function __construct($name = null, $options = array()) { $this->driver = @end(explode('_', $this->getClassName())); $this->dbSettings = array('driver' => doArgs('driver', '', $options), 'host' => doArgs('host', '', $options), 'port' => doArgs('port', '', $options), 'username' => doArgs('username', '', $options), 'password' => doArgs('password', '', $options), 'database' => doArgs('database', '', $options), 'prefix' => doArgs('prefix', '', $options), 'persistent' => doArgs('persistent', false, $options), 'debug' => doArgs('debug', false, $options), 'logging' => doArgs('logging', false, $options)); if ($this->dbSettings['driver'] == 'pdo' && !class_exists('PDO', false)) { trigger_error('Error: You have selected to use PDO, the interface for this Driver dosen\'t exist.', E_USER_ERROR); } if ($this->dbSettings['driver'] == 'mysqli' && (!class_exists('Core_Drivers_mysqli', false) || !class_exists('mysqli', false))) { trigger_error('Error: You have selected to use MySQLi, the interface for this Driver dosen\'t exist.', E_USER_ERROR); } if ($this->dbSettings['driver'] == 'mysql' && (!class_exists('Core_Drivers_mysql', false) || !function_exists('mysql_connect'))) { trigger_error('Error: You have selected to use MySQL, the interface for this Driver dosen\'t exist.', E_USER_ERROR); } return false; }
function __construct($args = array()) { $args = array('useCache' => doArgs('useCache', false, $args), 'cacheDir' => doArgs('cacheDir', '', $args), 'root' => doArgs('root', '.', $args)); if (!$this->set_rootdir($args['root'])) { msgDie('FAIL', 'Unable to find template root directory: ' . $args['root'] . ' @ Line ' . __LINE__); } $this->use_cache = $args['useCache']; if ($this->use_cache) { if (is_dir($args['cacheDir']) && is_writeable($args['cacheDir'])) { $this->cache_directory = $args['cacheDir']; } else { $this->cache_directory = $args['root'] . '/cache/template/'; } } }
public function __construct($instance, $total_per_page, $total_items = 0) { $this->instance = $instance; $this->total_per_page = $total_per_page; $this->total_items = $total_items; //calculate some more basic vars $this->total_pages = ceil($total_items / $total_per_page); $this->current_page = doArgs($instance, 1, $_GET, 'is_number'); //check that the current page is not over the max pages if ($this->current_page > $this->total_pages) { $this->current_page = $this->total_pages; } //check that the current page is not below 0 if ($this->current_page < 1) { $this->current_page = 1; } }
function _geshiHighlight($content, $language = '') { $langauge = is_empty($language) ? 'text' : strtolower($language); $langInfo = grabLangInfo($language); $ext = doArgs('ext', null, $langInfo); $language = doArgs('lang', null, $langInfo); $geshiExt = doArgs('geshi', null, $langInfo); if (is_empty($content)) { return false; } $content = trim($content); $content = htmlspecialchars_decode($content, ENT_NOQUOTES); $geshi = Core_Classes_coreObj::getLib('GeSHi', array($content, $geshiExt)); $geshi->set_header_type(GESHI_HEADER_PRE); $geshi->enable_line_numbers(GESHI_FANCY_LINE_NUMBERS, 5); $content = $geshi->parse_code(); return "\n<div class=\"markdown_code\">\n<div class=\"markdown_code_body\">" . $content . "</div>\n</div>\n"; }
/** * Outputs a table with currently detected themes in * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public function themes() { $objForm = Core_Classes_coreObj::getForm(); $objTPL = Core_Classes_coreObj::getTPL(); $objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'table' => cmsROOT . 'modules/core/views/admin/themes/manageTable.tpl')); $dir = cmsROOT . 'themes'; $tpls = getFiles($dir); //echo dump($tpls); foreach ($tpls as $tpl) { if ($tpl['type'] !== 'dir') { continue; } $tplName = secureMe($tpl['name'], 'alphanum'); $details = $this->getDetails($tplName); //echo dump($details, $tplName); $objTPL->assign_block_vars('theme', array('NAME' => doArgs('name', 'N/A', $details), 'VERSION' => doArgs('version', '0.0', $details), 'ENABLED' => 'true', 'COUNT' => '9001', 'MODE' => doArgs('mode', 'N/A', $details), 'AUTHOR' => doArgs('author', 'N/A', $details))); } $objTPL->parse('table', false); Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Theme Management', 'CONTENT' => $objTPL->get_html('table', false), 'ICON' => 'fa-icon-user'))); }
/** * Grabs all avalible comments for the requested module and id * * @version 1.0 * @since 1.0.0 * @author Richard Clifford, Dan Aldridge * * @param string $tplVar */ function getComments($tplVar) { $objTPL = coreObj::getTPL(); $objUser = coreObj::getUser(); $objSQL = coreObj::getDBO(); //set the template for the comments $objTPL->set_filenames(array('comments' => 'modules/core/template/comments/viewComments.tpl')); if (User::$IS_ONLINE) { $dontShow = false; switch ($_GET['mode']) { case 'postComment': if (HTTP_POST) { if (doArgs('comment_' . $this->getVar('module_id'), false, $_SESSION[$this->module]) != $_POST['sessid']) { trigger_error('Error: Cant remember where you were posting to.'); } else { $comment = $this->insertComment($this->getVar('module'), $this->getVar('module_id'), $objUser->grab('id'), $_POST['comment']); if (!$comment) { trigger_error('Error: Your comment wasnt posted, please try again.'); } unset($_SESSION[$module]); } $dontShow = true; } break; case 'ajPostComment': if (HTTP_AJAX && HTTP_POST) { if (doArgs('comment_' . $this->getVar('module_id'), false, $_SESSION[$this->getVar('module')]) != $_POST['sessid']) { die('1 <script>console.log(' . json_encode(array('comment_' . $this->getVar('module_id'), $_SESSION[$this->getVar('module')], $_POST['sessid'], $_POST)) . ');</script>'); } else { $comment = $this->insertComment($this->getVar('module'), $this->getVar('module_id'), $objUser->grab('id'), $_POST['comment']); if (!$comment) { die('0'); } echo $this->getLastComment($comment); } exit; } break; case 'deleteComment': $id = doArgs('id', 0, $_GET, 'is_number'); $query = $objSQL->queryBuilder()->select('*')->from('#__comments')->where('id', '=', $id)->build(); $comment = $objSQL->query($query); if (!$comment) { msg('FAIL', 'Error: Comment not found.', '_ERROR'); break; } //check if user has perms if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($objUser->grab('id') == $comments['author'] || $objUser->grab('id') == $this->getVar('author_id'))) { //do teh the delete $log = 'Comments System: ' . $objUser->profile($objUser->grab('id'), RAW) . ' deleted comment from <a href="' . $this->aURL[1] . '">this</a>.'; $deleteQuery = $objSQL->queryBuilder()->deleteFrom('#__comments')->where('id', '=', $id)->build(); $delete = $objSQL->query($deleteQuery); if (!$delete) { trigger_error('Error: The comment was not deleted.'); } else { msg('INFO', 'The comment was successfully deleted.'); } } break; case 'ajDelComment': if (HTTP_AJAX && HTTP_POST) { $id = doArgs('id', 0, $_GET, 'is_number'); $commentQuery = $objSQL->queryBuilder()->select('*')->from('#__comments')->where('id', '=', $id)->build(); $comment = $objSQL->fetchLine($commentQuery); if (!$comment) { die('-1'); } //check if user has perms if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($objUser->grab('id') == $comments['author'] || $objUser->grab('id') == $this->getVar('author_id'))) { //do teh the delete $log = 'Comments System: ' . $this->objUser->profile($this->objUser->grab('id'), RAW) . ' deleted comment from <a href="' . $this->aURL[1] . '">this</a>.'; $deleteQuery = $objSQL->queryBuilder()->deleteFrom('#__comments')->where('id', '=', $id)->build(); $delete = $objSQL->query($deleteQuery); die(!$delete ? '0' : '1'); } } else { die('-1'); } die('0'); break; } //make sure the submit form only shows when we want it to if (!$dontShow) { $this->makeSubmitForm(); } } //get a comments count for this module and id $commentsCount = $this->getCount(); // TODO: fix the pagination echo dump($this->getCount(), 'GetCount'); $comPagniation = coreObj::getPagination('commentsPage', $this->perPage, $commentsCount); //check to see if we have a positive number if ($commentsCount) { //now lets actually grab the comments $commentDataQuery = $objSQL->queryBuilder()->select('*')->from('#__comments')->where(sprintf('module = "%s" AND module_id = %d ', $this->getVar('module'), $this->getVar('module_id')))->limit($comPagination->getSqlLimit())->build(); $commentsData = $objSQL->fetchAll($commentDataQuery); if (!$commentsData) { //something went wrong trigger_error('Error loading comments.'); } else { $objTPL->assign_var('COM_PAGINATION', $comPagination->getPagination()); $i = 0; //assign the comments to the template foreach ($commentsData as $comments) { $objTPL->assign_block_vars('comment', array('ID' => $comments['id'], 'cID' => 'comment-' . $comments['id'], 'ROW' => $i % 2 ? 'row_color2' : 'row_color1', 'ALT_ROW' => $i % 2 ? 'row_color1' : 'row_color2', 'AUTHOR' => $this->objUser->profile($comments['author']), 'POSTED' => $this->objTime->mk_time($comments['timestamp']), 'POST' => contentParse($comments['comment']))); if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($objUser->grab('id') == $comments['author'] || $objUser->grab('id') == $this->getVar('author_id'))) { $this->objTPL->assign_block_vars('comment.functions', array('URL' => $this->aURL[0] . '?mode=deleteComment&id=' . $comments['id'])); } $i++; } } } else { //we have no comments so output a msg box saying so msg('INFO', 'No Comments.', '_ERROR'); } //and then output the comments to the parent template $this->objTPL->assign_var_from_handle($tplVar, 'comments'); }
/** * Returns permission state for given user and group * * @version 1.0 * @since 1.0.0 * @author xLink * * @param int $uid UserID * @param int $group GUEST, USER, MOD, or ADMIN * * @return bool True/False on successful check, -1 on unknown group */ public function checkPermissions($uid, $group = 0) { $group = (int) $group; //make sure we have a group to check against if (is_empty($group) || $group == 0 || $group == GUEST) { return true; } //check to see whether we have a user id to check against.. if (is_empty($uid)) { return false; } //grab the user level if possible $userlevel = GUEST; if (self::$IS_ONLINE) { $userlevel = $this->getUserInfo($uid, 'userlevel'); } //see which group we are checking for switch ($group) { case GUEST: if (!self::$IS_ONLINE) { return true; } break; case USER: if (self::$IS_ONLINE) { return true; } break; case MOD: if ($userlevel == MOD) { return true; } break; case ADMIN: if ($userlevel == ADMIN) { if (LOCALHOST) { return true; } if (doArgs('adminAuth', false, $_SESSION['acp'])) { return true; } } break; //no idea what they tried to check for, so we'll return something unexpected too //no idea what they tried to check for, so we'll return something unexpected too default: return -1; break; } //if we are an admin then give them mod powers regardless if (($group == MOD || $group == USER) && $userlevel == ADMIN) { return true; } //apparently the checks didnt return true, so we'll go for false return false; }
* this reverses that, so anything passed to the page via _GET is * usable as normal */ $url = explode('?', $_SERVER['REQUEST_URI']); if (isset($url[1])) { //backup the _GET array parse_str overwrites the $_GET array $GET = $_GET; //parse the _GET vars from the url parse_str($url[1], $_GET); //and merge away :D $_GET = array_merge($GET, $_GET); } $mode = doArgs('__mode', null, $_GET); $module = doArgs('__module', null, $_GET); $action = doArgs('__action', null, $_GET); $extra = doArgs('__extra', null, $_GET); if (!preg_match('#install($|/)#i', $action)) { if (!empty($module) && $objCore->loadModule($module, true)) { $objModule = new $module($objCore); $objModule->doAction($action); } else { $objCore->throwHTTP(404); } } else { $objCore->autoLoadModule('core', $objModule); $objModule->installModule($module); } $tplMode = $objPage->getVar('tplMode'); $objPage->showHeader(!$tplMode && !isset($_GET['ajax']) ? false : true); if ($__eval = $objTPL->output('body')) { msgDie('FAIL', 'No output received from module.');
public function __construct($args = array()) { $this->cacheToggle = doArgs('useCache', false, $args); $this->cacheDir = doArgs('cacheDir', '', $args); $this->fileTpl = cmsROOT . 'cache/cache_%s.php'; }
/** * Logs the user out * * @version 1.0 * @since 1.0.0 * @author Daniel Noel-Davies * * @param string $check The user code to verify */ public function logout($check) { $objSQL = Core_Classes_coreObj::getDBO(); $objUser = Core_Classes_coreObj::getUser(); $objTime = Core_Classes_coreObj::getTime(); $objPage = Core_Classes_coreObj::getPage(); if (!is_empty($check) && $check == $objUser->grab('usercode')) { $objUser->update($objUser->grab('id'), array('autologin' => '0')); $objSQL->deleteRow('online', array('userkey = "%s"', $_SESSION['user']['userkey'])); unset($_SESSION['user']); if (isset($_COOKIE['login'])) { setCookie('login', '', $objTime->mod_time(time(), 0, 0, 24 * 365 * 10 * 1000 * 1000, 'MINUS')); unset($_COOKIE['login']); } session_destroy(); if (isset($_COOKIE[session_name()])) { setCookie(session_name(), '', time() - 42000); } $objPage->redirect(doArgs('HTTP_REFERER', '/' . root(), $_SERVER), 0); } else { $objPage->redirect('/' . root(), 0); msgDie('FAIL', 'You\'ve Unsuccessfully attempted to logout.<br />Please use the correct procedures.'); } }
/** * The constructor of the cache class * * @version 1.0.0 * @since 1.0.0 * @author Dan Aldridge * * @param string $name * @param array $args */ public function __construct($name = '', $args = array()) { $this->setVars(array('cacheToggle' => doArgs('useCache', false, $args), 'cacheDir' => doArgs('cacheDir', '', $args), 'fileTpl' => cmsROOT . 'cache/cache_%s.php')); }
public function outputForm($vars, $elements, $options = array()) { //echo dump($elements); //make sure we have something to use before continuing if (is_empty($elements)) { $this->setError('Nothing to output'); return false; } if (!isset($elements['field']) || is_empty($elements['field'])) { $this->setError('Fields are blank or undetectable, make sure they are set using \'field\' key.'); return false; } //init the template, give it a rand id to stop it clashing with anything else $randID = inBetween('name="', '"', $vars['FORM_START']); $this->objTPL->set_filenames(array('form_body_' . $randID => 'modules/core/template/outputForm.tpl')); if (!doArgs('border', true, $options)) { $vars['EXTRA'] = ' class="noBorder"'; } if (doArgs('id', false, $options)) { $vars['SECTION_ID'] = doArgs('id', null, $options); } $dediHeader = doArgs('dedicatedHeader', false, $options); $this->objTPL->assign_vars($vars); $this->objTPL->reset_block_vars('form_error'); if (isset($elements['errors']) && !is_empty($elements['errors'])) { $this->objTPL->assign_block_vars('form_error', array('ERROR_MSG' => implode('<br />', $elements['errors']))); } $count = 0; $this->objTPL->reset_block_vars('field'); //loop thru each element foreach ($elements['field'] as $label => $field) { if (is_empty($field)) { continue; } $formVars = array(); //grab the description before we play with the $label $desc = $elements['desc'][$label]; //upper care the words $label = ucwords($label); //if its a header, set it as one with a hr under if ($field == '_header_') { $label = sprintf(doArgs('header', '<h3>%s</h3><hr />', $options), $label); } $header = $field == '_header_' ? true : false; $this->objTPL->assign_block_vars('_form_row', array()); if ($dediHeader && $header) { $this->objTPL->assign_block_vars('_form_row._header', array('TITLE' => $label)); } else { //assign some vars to the template $this->objTPL->assign_block_vars('_form_row._field', array('F_ELEMENT' => $header ? null : $field, 'F_INFO' => doArgs('parseDesc', false, $options) ? contentParse($desc) : $desc, 'CLASS' => $header ? ' title' : ($count++ % 2 ? ' row_color2' : ' row_color1'), 'L_LABEL' => $label, 'L_LABELFOR' => inBetween('name="', '"', $field))); //if this isnt a 'header' then output the label if (!$header) { $this->objTPL->assign_block_vars('_form_row._field._label', array()); } //if we have a description, lets output it with the label if (!is_empty($desc)) { $this->objTPL->assign_block_vars('_form_row._field._desc', array()); } } } //return the html all nicely parsed etc return $this->objTPL->get_html('form_body_' . $randID); }
/** * Returns the html for the pagination * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param array $options * * @return int */ public function getPagination($options = array()) { $options = array('url' => doArgs('url', '', $options), 'controls' => doArgs('controls', false, $options), 'type' => doArgs('type', 'pagination-mini', $options), 'showOne' => doArgs('showOne', false, $options)); $objTPL = Core_Classes_coreObj::getTPL(); $objUser = Core_Classes_coreObj::getUser(); // if we have 1 or less pages, then unless we specifically want to see it, hide the pagination if ($this->getTotalPages() <= 1) { if ($options['showOne'] === false) { return ''; } } // generate the pagination handle - each one has to be diff, to support > 1 on a page $handle = 'pagination_' . randCode(6); $objTPL->set_filenames(array($handle => cmsROOT . 'modules/core/views/markup.tpl')); // figure out which one we want to use $switch = IS_ONLINE ? $objUser->get('paginationStyle') : '1'; if (!method_exists($this, 'paginationStyle' . $switch)) { $switch = '1'; } $pages = $this->{'paginationStyle' . $switch}($options['controls']); $pages = isset($pages) ? $pages : array(); // setup the output $objTPL->assign_block_vars('pagination', array('TYPE' => $options['type'])); foreach ($pages as $page) { $objTPL->assign_block_vars('pagination.page', array('NUM' => doArgs('label', doArgs('count', '0', $page), $page), 'STATE' => doArgs('state', '', $page))); if (doArgs('url', true, $page)) { $objTPL->assign_block_vars('pagination.page.url', array('URL' => doArgs('url', true, $page) ? $this->url . $this->instance . '=' . doArgs('count', '0', $page) : '')); } else { $objTPL->assign_block_vars('pagination.page.span', array()); } } // and output $objTPL->parse($handle, false); return $objTPL->get_html($handle); }
/** * Redirect using PHP Header function or JS redirect * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @param string $location * @param int $time * @param int $mode Definitions - 1=>GET['redirect'], 2=>HTTP_REFFERER, => 0=>$location */ public function redirect($location = null, $time = 0, $mode = 0) { switch ($mode) { case 1: $url = doArgs('redirect', $location, $_GET); break; case 2: $url = $this->config('global', 'referer'); break; case 0: default: $url = $location; break; } // check to see weather headers have already been sent, this prevents us from using the header() function if (!headers_sent() && $time === 0) { header('Location: ' . $url); return; } else { // headers have already been sent, so use a JS and even META equivalent $output = null; $output .= '<script type="text/javascript">'; if ($time != 0) { $output .= 'function redirect(){'; } $output .= ' window.location.href="' . $url . '";'; if ($time != 0) { $output .= '} setTimeout(\'redirect()\', ' . $time * 1000 . ');'; } $output .= '</script>'; $output .= '<noscript>'; $output .= ' <meta http-equiv="refresh" content="' . $time . ';url=' . $url . '" />'; $output .= '</noscript>'; echo $output; } }
hmsgDie('FAIL', 'Error: Cannot verify information.'); } //security check 1 if (doArgs('id', false, $_POST) != $_SESSION['site']['acp_edit']['id']) { hmsgDie('FAIL', 'Error: I cannot remember what you were saving...hmmmm'); } //security check 2 if (doArgs('sessid', false, $_POST) != $_SESSION['site']['acp_edit']['sessid']) { hmsgDie('FAIL', 'Error: I have conflicting information here, cannot continue.'); } //run through each of the defined settings and make sure they have a value and its not the same as the stored one $update = array(); $failed = array(); $settings = array('captcha_enable', 'captcha_priv', 'captcha_pub'); foreach ($settings as $setting) { if (doArgs($setting, false, $_POST) != $objCore->config('site', $setting, true)) { $update[$setting] = $_POST[$setting]; } } //if we have stuff to update if (count($update)) { foreach ($update as $setting => $value) { $update = $objSQL->updateRow('config', array('value' => $value), array('var = "%s"', $setting)); if (!$update) { $failed[$setting] = $objSQL->error(); } } } //if we have a setting that failed, let the user know if (!is_empty($failed)) { $msg = null;
/** * Outputs a block with content in for the ACP * * @version 1.0 * @since 1.0.0 * @author Dan Aldridge * * @return void */ public static function setupBlock($handle, $options = array()) { $options = array('cols' => doArgs('cols', 3, $options), 'vars' => isset($options['vars']) && is_array($options['vars']) ? $options['vars'] : array(), 'custom' => isset($options['custom']) && is_array($options['custom']) ? $options['custom'] : array(), 'custom_html' => isset($options['custom_html']) && is_array($options['custom_html']) ? $options['custom_html'] : array()); if (is_empty($options['vars'])) { trigger_error('No vars passed to setupBlock()'); return; } if (!in_array($options['cols'], array(1, 2, 3))) { trigger_error('Columns option needs to be 1 2 or 3'); return; } $objTPL = Core_Classes_coreObj::getTPL(); $objTPL->set_filenames(array($handle => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl')); $objTPL->assign_block_vars('block', $options['vars']); $objTPL->assign_block_vars('block.start_row', array()); $objTPL->assign_block_vars('block.' . $options['cols'] . 'col', array()); if (!is_empty($options['custom'])) { $objTPL->assign_block_vars('block.custom', $options['custom']); } if (!is_empty($options['custom_html'])) { $objTPL->assign_block_vars('block.custom_html', $options['custom_html']); } $objTPL->assign_block_vars('block.end_row', array()); $objTPL->parse($handle, false); }
/** * Performs action based on $action * * @version 1.0 * @since 1.0.0 * @author xLink * * @param string $action */ public function doAjax($action) { if (is_empty($action)) { $this->throwHTTP(500); return false; } switch ($action) { case 'sortForum': parse_str($_POST['order'], $order); if (!is_array($order) || !count($order)) { $this->throwHTTP(401); } parse_str($_POST['state'], $state); if (!is_array($state) || !count($state)) { $this->throwHTTP(401); } if (!is_array($order['sortable_forums']) || !count($order['sortable_forums'])) { $this->throwHTTP(401); } foreach ($order['sortable_forums'] as $k) { $go[$k] = $state[$k] == 1 ? 1 : 0; } echo print_r($go, true); $db = serialize($go); $_SESSION['user']['forum_cat_order'] = $db; $update['forum_cat_order'] = $db; $this->objUser->updateUserSettings($this->objUser->grab('id'), $update); break; //edit in place stuff //edit in place stuff case 'eip': $id = doArgs('id', 0, $_GET, 'is_number'); $uid = $this->objUser->grab('id'); if ($id == 0 || !User::$IS_ONLINE) { die('Error: There was a problem with the form you submitted. Please try again.'); } //grab the post were reffering to $post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id)); if (!$post) { die('Error: There was a problem obtaining the post data. Error 0x01;'); } //grab the required thread so we got something to work with.. $thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id'])); if (!$thread) { die('Error: There was a problem obtaining the post data. Error 0x02;'); } //now grab the cat id.. $cat = $this->getForumInfo($thread['cat_id']); if (!$cat) { die('Error: There was a problem obtaining the post data. Error 0x03;'); } $catAuth = $this->auth[$cat['id']]; if ($post['author'] != $uid && !$catAuth['auth_edit'] && !$catAuth['auth_mod'] && !IS_MOD) { die('Error: This is not your post;'); } //load or save? $action = doArgs('action', false, $_GET); if ($action == 'load') { echo html_entity_decode($post['post']); } else { if ($action == 'save') { //what we have dosent match whats its supposed to be if (doArgs('editorId', false, $_POST) != 'post_id_' . $id) { die('Error: There was a problem with the form you submitted.'); } unset($update); $update['post'] = secureMe($_POST['value']); $update['edited'] = $post['edited'] + 1; $update['edited_uid'] = $uid; $post_update = $this->objSQL->updateRow('forum_posts', $update, array('id ="%d"', $id)); if ($post_update) { contentParse($_POST['value'], true); exit; } else { die('Error: This is not your post, or there was a problem with saving the post. Error 0x02;'); } } } break; case 'quote': $id = doArgs('id', 0, $_GET, 'is_number'); $uid = $this->objUser->grab('id'); if ($id == 0 || !User::$IS_ONLINE) { die('Error: There was a problem with the form you submitted. Please try again.'); } //grab the post were reffering to $post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id)); if (!$post) { die('Error: There was a problem obtaining the post data. Error 0x01;'); } //grab the required thread so we got something to work with.. $thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id'])); if (!$thread) { die('Error: There was a problem obtaining the post data. Error 0x02;'); } //now grab the cat id.. $cat = $this->getForumInfo($thread['cat_id']); if (!$cat) { die('Error: There was a problem obtaining the post data. Error 0x03;'); } $catAuth = $this->auth[$cat['id']]; if (!$catAuth['auth_read'] && !$catAuth['auth_mod'] && !IS_MOD) { die('Error: This is not your post;'); } $quote = "\n[quote=%s]\n%s\n[/quote]\n"; echo sprintf($quote, $this->objUser->getUserInfo($post['author'], 'username'), $post['post']); break; } //everything that happens here dosent need to be output back to the parent template exit; }
hmsgDie('FAIL', 'Error: Cannot verify information.'); } //security check 1 if (doArgs('id', false, $_POST) != $_SESSION['site']['acp_edit']['id']) { hmsgDie('FAIL', 'Error: I cannot remember what you were saving...hmmmm'); } //security check 2 if (doArgs('sessid', false, $_POST) != $_SESSION['site']['acp_edit']['sessid']) { hmsgDie('FAIL', 'Error: I have conflicting information here, cannot continue.'); } //run through each of the defined settings and make sure they have a value and its not the same as the stored one $update = array(); $failed = array(); $settings = array('site_closed', 'closed_msg'); foreach ($settings as $setting) { $postSetting = doArgs($setting, null, $_POST); if ($postSetting === null) { continue; } if (md5($postSetting) != md5($objCore->config('site', $setting, 'true'))) { $update[$setting] = $_POST[$setting]; } } //if we have stuff to update if (count($update)) { foreach ($update as $setting => $value) { $update = $objSQL->updateRow('config', array('value' => $value), array('var = "%s"', $setting)); if (!$update) { $failed[$setting] = $objSQL->error(); } }
function bbcode_quote($bbcode, $action, $name, $default, $params, $content) { global $objUser; if ($action == BBCODE_CHECK) { return true; } if (doArgs('name', false, $params)) { $title = $objUser->profile($params['name'], RETURN_USER) . ' wrote'; if (doArgs('date', false, $params)) { $title .= ' on ' . secureMe(trim($params['date'])); } $title .= ':'; if (doArgs('url', false, $params)) { $url = trim($params['url']); if ($bbcode->IsValidURL($url)) { $title = '<a href="' . secureMe($params['url']) . '">' . $title . '</a>'; } } } else { if (!is_string($default)) { $title = 'Quote:'; } else { $title = $objUser->profile($default, RETURN_USER) . ' wrote'; } } return "\n<div class=\"bbcode_quote\">\n<div class=\"bbcode_quote_head\">" . $title . "</div>\n<div class=\"bbcode_quote_body\">" . $content . "</div>\n</div>\n"; }
<?php /*======================================================================*\ || Cybershade CMS - Your CMS, Your Way || \*======================================================================*/ if (!defined('INDEX_CHECK')) { die('Error: Cannot access directly.'); } if (!defined('PANEL_CHECK')) { die('Error: Cannot include panel from current location.'); } $objPage->setTitle(langVar('B_ACP') . ' > ' . langVar('L_OVERVIEW')); $objPage->addPagecrumb(array(array('url' => $url, 'name' => langVar('L_OVERVIEW')))); $objTPL->set_filenames(array('body' => 'modules/core/template/panels/panel.admin_overview.tpl')); $mode = doArgs('mode', false, $_GET); $objTPL->assign_vars(array('ADMIN_MODE' => langVar('L_NOTIFICATIONS'))); $objTPL->parse('body', false);
/** * Gathers developer output for debug * * @version 1.1 * @since 1.0.0 * @author Daniel Noel-Davies * * @return array */ public function getDumpOutput() { $count = 0; $content = ''; //$this->dumpOutput ? implode('<br>', $this->dumpOutput) : null ; if (empty($this->dumpOutput)) { return array('count' => $count, 'content' => $content); } foreach ($this->dumpOutput as $log) { $type = $log['type'] ?: 'info'; $title = htmlentities($log['title']) ?: 'Debug'; $file = doArgs('file', 'Unknown', $log); $file = str_replace(array('\\', $_SERVER['DOCUMENT_ROOT']), array('/', ''), $file); $content .= sprintf('<table class="table"> <tr> <tr class="%s"> <td colspan="3" style="height:5px; padding:0;"></td> </tr> <tr> <td style="width: 10%%;">File Number</td> <td style="width: 5%%;">Title</td> <td style="width: 85%%;">Content</td> </tr> </tr> <tr> <td> %s<br /> on line: %s </td> <td>%s</td> <td>%s</td> </tr> </table>', $type, $file, doArgs('line', 0, $log), $title, dump($log['content'], $title)); } return array('count' => $count, 'content' => $content); }
/** * Retrieve the details from the details file of a module * * @version 1.1 * @since 1.0.0 * @author Daniel Noel-Davies * * @param string $moduleName * * @return array */ public static function getModuleDetails($moduleName) { // Check module exists if (self::moduleExists($moduleName) === false) { return false; } $detailsFile = sprintf('%1$smodules/%2$s/details.php', cmsROOT, $moduleName); $detailsClassName = sprintf('Details_%s', $moduleName); // Make sure the details file exists if (file_exists($detailsFile) === false) { trigger_error('Error getting Module Details :: Details file doesn\'t exist'); return false; } require_once $detailsFile; $details = reflectMethod($detailsClassName, 'details'); return array('version' => doArgs('version', 'N/A', $details), 'hash' => doArgs('hash', 'N/A', $details), 'name' => doArgs('name', 'N/A', $details), 'author' => doArgs('author', 'N/A', $details)); }