function __construct() { // checks for the alias table $result = mysql_query("SHOW TABLES LIKE 'alias'", MyActiveRecord::Connection()); if (mysql_num_rows($result) < 1) { $query = "CREATE TABLE `alias` (`id` int(11) NOT NULL auto_increment,`alias` varchar(255) NOT NULL,`path` varchar(255) NOT NULL, PRIMARY KEY (`id`)) ENGINE=MyISAM AUTO_INCREMENT=1 DEFAULT CHARSET=utf8;"; mysql_query($query, MyActiveRecord::Connection()); } }
function setLink($id, $table) { $paypal_accnt = Paypal_Config::FindFirst("Paypal_Config", "email='{$this->email}'"); if (!$paypal_accnt) { echo "Too bad\n"; return false; } $query = "INSERT INTO paypal_items (item_table, item_id, paypal_id) VALUES ('{$table}', '{$id}', '{$this->id}');"; mysql_query($query, MyActiveRecord::Connection()); }
function display_page_content() { $hash = requestIdParam(); $email = getRequestVarAtIndex(3); $query = "SELECT * FROM mailblast WHERE hash = '{$hash}';"; if ($result = mysql_query($query, MyActiveRecord::Connection())) { echo str_replace("{{-email-}}", $email, mysql_result($result, 0, 'content')); } else { redirect("/"); } }
function display_page_content() { $item_id = requestIdParam(); $query = "SELECT thumbnail FROM items \n\t WHERE id = {$item_id}"; $result = mysql_Query($query, MyActiveRecord::Connection()); $data = @mysql_fetch_array($result); if (!empty($data["thumbnail"])) { // Output the MIME header header("Content-Type: image/jpeg"); // Output the image echo $data["thumbnail"]; } }
function display_page_content() { $imageId = requestIdParam(); $query = "SELECT * FROM images WHERE id = {$imageId}"; $result = mysql_Query($query, MyActiveRecord::Connection()); $data = @mysql_fetch_array($result); if (!empty($data["thumbnail"])) { // Output the MIME header header("Content-Type: {$data['mime_type']}"); set_image_cache_headers("imgthumb_" . $imageId); // Output the image echo $data["thumbnail"]; } }
function display_page_content() { $connection = MyActiveRecord::Connection(); $imageId = mysql_real_escape_string(requestIdParam()); // TODO: use a parameterized query instead of an escaped string $query = "SELECT * FROM images WHERE id = {$imageId}"; $result = mysql_Query($query, $connection); $data = @mysql_fetch_array($result); if (!empty($data["original"])) { // Output the MIME header header("Content-Type: {$data['mime_type']}"); set_image_cache_headers("img_" . $imageId); // Output the image echo $data["original"]; } }
function initialize_page() { $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; } if ($post_action == "Manage This Email") { redirect("users/manage/" . $_POST["email"]); } if ($post_action == "Save Subscription Settings") { $currentemail = $_POST["email"]; $oldemail = $_POST["oldemail"]; if ($currentemail != $oldemail) { $thisemail = NLEmails::FindByEmail($oldemail); } else { $thisemail = NLEmails::FindByEmail($currentemail); } $lists = NLLists::FindAll(); // Remove all links first... $query = "DELETE FROM nlemails_nllists WHERE nlemails_id = {$thisemail->id}"; mysql_query($query, MyActiveRecord::Connection()); if (isset($_POST['delete'])) { $thisemail->delete(true); redirect("/mail/subscribe/deleted"); } // Then add the ones selected back in... foreach ($lists as $list) { if (array_key_exists($list->name, $_POST)) { $list->attach($thisemail); } } // Set the optional info fields and allow them to change the email they subscribed with... $thisemail->email = $_POST["email"]; $thisemail->first_name = $_POST["first_name"]; $thisemail->last_name = $_POST["last_name"]; $thisemail->address1 = $_POST["address1"]; $thisemail->address2 = $_POST["address2"]; $thisemail->city = $_POST["city"]; $thisemail->state = $_POST["state"]; $thisemail->zip = $_POST["zip"]; $thisemail->phone = $_POST["phone"]; $thisemail->save(); setFlash("<h3>Subscription Settings Saved</h3>"); // If they changed their email, redirect them to that page redirect("users/manage/" . $thisemail->email); } }
function initialize_page() { $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; } if ($post_action == "Add New List") { $success = ''; $list = MyActiveRecord::Create('NLLists'); $list->display_name = $_POST['name']; $list->name = slug($_POST['name']); $list->template = $_POST['template']; $list->description = $_POST['description']; $list->public = $_POST['public']; $list->save(); $success .= "Mailing List Created"; $emails = explode(",", str_replace(" ", "", $_POST['emails'])); if (is_array($emails)) { $count = 0; foreach ($emails as $email) { if (!$list->emailLinked($email) && is_validemail($email)) { // Check for an existing match in the system $newAddy = NLEmails::FindByEmail($email); if (!isset($newAddy) and !is_object($newAddy)) { $newAddy = MyActiveRecord::Create('NLEmails'); $newAddy->email = $email; $newAddy->save(); $count++; } // Existing or not, attach that email to this List $query = "INSERT INTO nlemails_nllists VALUES ({$newAddy->id}, {$list->id});"; if (!mysql_query($query, MyActiveRecord::Connection())) { die($query); } } } if ($count > 0) { $success .= " / Emails Added to {$list->display_name}"; } else { $success .= " / All Emails Added or Invalid"; } } setFlash("<h3>" . $success . "</h3>"); } }
function initialize_page() { if ($_POST) { $post_value = $_POST['submit']; if ($post_value == "Save Subscription Settings") { $useremail = $_POST['email']; $email = NLEmails::FindByEmail($useremail); if (!$email) { $email = MyActiveRecord::Create('NLEmails'); $email->email = $useremail; $email->save(); } foreach ($_POST['selected_list'] as $key => $value) { $query = "INSERT INTO nlemails_nllists VALUES ({$email->id}, {$value});"; if (!mysql_query($query, MyActiveRecord::Connection())) { die($query); } } } } }
function Upload_and_Save_Image($image, $table_name, $file_field_name, $row_id, $thiswidth = null, $thisheight = null) { $mimeType = $image["type"]; switch ($mimeType) { case "image/gif": $mimeName = "GIF Image"; break; case "image/jpeg": $mimeName = "JPEG Image"; break; case "image/png": $mimeName = "PNG Image"; break; case "image/x-MS-bmp": $mimeName = "Windows Bitmap"; break; default: $mimeName = "Unknown image type"; } $filetype = getFileExtension($image["name"]); list($width) = getimagesize($image["tmp_name"]); $max_width = defined($thiswidth) ? $thiswidth : 0; $max_height = defined($thisheight) ? $thisheight : 0; resizeImageToMax($image["tmp_name"], $max_width, $max_height, $filetype); // Open the uploaded file $file = fopen($image["tmp_name"], "r"); // Read in the uploaded file $fileContents = fread($file, filesize($image["tmp_name"])); // Escape special characters in the file $fileContents = AddSlashes($fileContents); $updateQuery = 'UPDATE ' . $table_name . ' SET ' . $file_field_name . ' = "' . $fileContents . '", mime_type = "' . $mimeType . '" WHERE id = ' . $row_id . ';'; $result = mysql_Query($updateQuery, MyActiveRecord::Connection()); if (!$result) { echo 'Invalid query: ' . mysql_error(); } }
function getOrderInArea($area) { if (isset($area)) { $query = "SELECT display_order FROM areas_sections WHERE sections_id = " . $this->id . " AND areas_id = " . $area->id; $result = mysql_query($query, MyActiveRecord::Connection()); $data = @mysql_fetch_array($result); return $data["display_order"]; } }
function initialize_page() { $event_id = getRequestVarAtIndex(4); $event = Events::FindById($event_id); $event_types = EventTypes::FindAll(); $event_periods = EventPeriods::FindAll(); $year = getRequestVarAtIndex(2); $month = getRequestVarAtIndex(3); $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; } if ($post_action == "Edit Event" || $post_action == "Edit and Return to List") { if (isset($_POST['delete'])) { $event->delete(true); setFlash("<h3>Event Deleted</h3>"); redirect("/admin/list_events"); } $event->title = $_POST['title']; $event->description = $_POST['description']; if (!getPostValue('time_start')) { $event->setDateStart(getPostValue('date_start'), "04:00:00"); } else { $event->setDateStart(getPostValue('date_start'), getPostValue('time_start')); } if (!getPostValue('date_end') && !getPostValue('time_end')) { $event->setDateEnd(getPostValue('date_start'), "04:00:00"); } else { if (!getPostValue('date_end') && getPostValue('time_end')) { $event->setDateEnd(getPostValue('date_start'), getPostValue('time_end')); } else { $event->setDateEnd(getPostValue('date_end'), getPostValue('time_end')); } } $notdates = getPostValue('notdates'); $del_query = "DELETE FROM events_notdate WHERE event_id = {$event->id};"; mysql_query($del_query, MyActiveRecord::Connection()); if (is_array($notdates)) { foreach ($notdates as $date) { if (strlen($date) > 4) { $query = "INSERT INTO events_notdate VALUES('{$event->id}','" . formatDateView($date, "Y-m-d") . "')"; mysql_query($query, MyActiveRecord::Connection()) or die($query); } } } $event->eventtype_id = isset($_POST['eventtype_id']) ? $_POST['eventtype_id'] : 1; $event->eventperiod_id = $_POST['eventperiod_id']; $event->save(); edit_eventUpdateRecurrences(); setFlash("<h3>Event changes saved</h3>"); if ($post_action == "Edit and Return to List") { redirect("/admin/list_events/{$year}/{$month}"); } else { redirect("/admin/edit_event/{$year}/{$month}/{$event_id}"); } } }
function initialize_page() { $image_id = requestIdParam(); $image = Images::FindById($image_id); $post_action = isset($_POST['submit']) ? $_POST['submit'] : ""; if ($post_action == "Save Image" || $post_action == "Save and Return to List") { $success = ''; if (isset($_POST['delete'])) { $image->delete(true); setFlash("<h3>Image deleted</h3>"); redirect("/admin/list_images"); } else { $old_name = $image->name; $image->title = cleanupSpecialChars($_POST['title']); $image->description = cleanupSpecialChars($_POST['description']); if (ALLOW_SHORT_PAGE_NAMES) { $image->name = $_POST['name'] == "" ? slug($_POST['title']) : slug($_POST['name']); } else { $image->name = slug($_POST['title']); } //$image->save(); $updateQuery = "UPDATE images SET title='{$image->title}', name='{$image->name}', description='{$image->description}' WHERE id='{$image->id}';"; if (mysql_Query($updateQuery, MyActiveRecord::Connection())) { if ($old_name != $image->name) { Pages::UpdateImageReferences($old_name, $image->name); } $success .= "Image changes saved / "; } else { die($updateQuery); setFlash("<h3>FAILURE – Please notify HCd of this error: " . mysql_error() . "</h3>"); } // Replace an existing image with a new one if (is_uploaded_file($_FILES["new_image"]["tmp_name"])) { $mimeType = $_FILES["new_image"]["type"]; $filetype = getFileExtension($_FILES["new_image"]["name"]); //list($width) = getimagesize($_FILES["new_image"]["tmp_name"]); $max_width = 0; $max_height = 0; if (defined("MAX_IMAGE_WIDTH")) { $max_width = MAX_IMAGE_WIDTH; } if (defined("MAX_IMAGE_HEIGHT")) { $max_height = MAX_IMAGE_HEIGHT; } resizeToMultipleMaxDimensions($_FILES["new_image"]["tmp_name"], $max_width, $max_height, $filetype); // Open the uploaded file $file = fopen($_FILES["new_image"]["tmp_name"], "r"); // Read in the uploaded file $fileContents = fread($file, filesize($_FILES["new_image"]["tmp_name"])); // Escape special characters in the file $fileContents = AddSlashes($fileContents); $updateQuery2 = "UPDATE images SET original='{$fileContents}', mime_type='{$mimeType}' WHERE id='{$image->id}';"; if (mysql_Query($updateQuery2, MyActiveRecord::Connection())) { $success .= "Image replaced / "; } else { setFlash("FAILURE – Please notify HCd of this error: " . mysql_error() . "</h3>"); //die( $updateQuery2 ); } } } if ($post_action == "Save and Return to List") { redirect("/admin/list_images"); } setFlash("<h3>" . substr($success, 0, -3) . "</h3>"); } }
function FindByFiletype($filetype) { return MyActiveRecord::FindBySql('Documents', "SELECT d.* FROM documents d WHERE d.file_type like '" . mysql_real_escape_string($filetype, MyActiveRecord::Connection()) . "'"); }
function initialize_page() { $product_id = requestIdParam(); $product = Product::FindById($product_id); $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; } if ($post_action == "Edit Product" or $post_action == "Edit and Return to List") { if (isset($_POST['delete'])) { $product->delete(true); setFlash("<h3>Product deleted</h3>"); redirect("/admin/list_products"); } else { $product->display_name = $_POST['display_name']; $product->price = $_POST['price']; if (isset($_POST['product_description'])) { $product->description = $_POST['product_description']; } $updateQuery = "UPDATE product SET display_name = \"{$product->display_name}\", price = \"{$product->price}\", description = \"{$product->description}\" WHERE id = {$product->id}"; mysql_Query($updateQuery, MyActiveRecord::Connection()); // now check if a thumbnail was uploaded if (is_uploaded_file($_FILES["image"]["tmp_name"])) { $mimeType = $_FILES["image"]["type"]; $fileType = ""; switch ($mimeType) { case "image/gif": $mimeName = "GIF Image"; $fileType = "gif"; break; case "image/jpeg": $mimeName = "JPEG Image"; $fileType = "jpg"; break; case "image/png": $mimeName = "PNG Image"; $fileType = "png"; break; case "image/x-MS-bmp": $mimeName = "Windows Bitmap"; $fileType = "bmp"; break; default: $mimeName = "Unknown image type"; } // Open the uploaded file // MAIN IMAGE resizeToMaxDimension($_FILES["image"]["tmp_name"], PRODUCT_IMAGE_MAXWIDTH, "jpg"); // Open the uploaded file $file = fopen($_FILES["image"]["tmp_name"], "r"); $filesize = filesize($_FILES["image"]["tmp_name"]); // Read in the uploaded file $imageContents = fread($file, $filesize); // Escape special characters in the file $imageContents = AddSlashes($imageContents); // THUMBNAIL resizeToMaxDimension($_FILES["image"]["tmp_name"], PRODUCTTHUMB_IMAGE_MAXWIDTH, "jpg"); // Open the uploaded file $file = fopen($_FILES["image"]["tmp_name"], "r"); $filesize = filesize($_FILES["image"]["tmp_name"]); // Read in the uploaded file $thumbContents = fread($file, $filesize); // Escape special characters in the file $thumbContents = AddSlashes($thumbContents); $updateQuery = "UPDATE product SET thumbnail = \"{$thumbContents}\", image = \"{$imageContents}\", mime_type = \"{$mimeName}\" WHERE id = {$product->id}"; $result = mysql_Query($updateQuery, MyActiveRecord::Connection()); } setFlash("<h3>Product Saved</h3>"); if ($post_action == "Edit and Return to List") { redirect("admin/list_products"); } } } }
function getNotDates() { $query = "SELECT * FROM events_notdate WHERE event_id = {$this->id};"; $result = mysql_query($query, MyActiveRecord::Connection()); if (mysql_num_rows($result)) { $count = mysql_num_rows($result); $notdates = " "; for ($i = 0; $i < $count; $i++) { $notdates .= formatDateView(mysql_result($result, $i, 'date')) . ","; } return substr($notdates, 0, -1); } return false; }
function initialize_page() { // This file does both, so check the parameters first if (requestIdParam() == "add") { $area = MyActiveRecord::Create('Areas'); } else { $area_id = requestIdParam(); $area = Areas::FindById($area_id); } // Only allow specific post actions $post_action = isset($_POST['submit']) ? $_POST['submit'] : null; if ($post_action == "Save Area" || $post_action == "Save and Return to List") { if (isset($_POST['delete'])) { $pages = $area->findPages(); $selected_sections = array('1'); foreach ($pages as $page) { $page->updateSelectedAreas($selected_sections); } $area->delete(true); setFlash("<h3>Area Deleted</h3>"); redirect("/admin/list_pages"); } else { $area->display_name = $_POST['display_name']; $area->seo_title = $_POST['seo_title']; $area->template = $_POST['template']; if (!empty($_POST['name'])) { $oldname = $_POST['display_name']; // Protect the Global Area, the Default Portfolio Area and any placeholders from getting their names changed if ($area->id != 1 && $area->id != 3 && $area->name != "site_blog" && $area->name != "placeholder") { if (ALLOW_SHORT_PAGE_NAMES) { $area->name = $_POST['name'] == "" ? slug($_POST['display_name']) : slug($_POST['name']); } else { $area->name = slug($_POST['display_name']); } } } else { $area->name = slug($_POST['display_name']); } // Allow the possibility to use the word "portfolio" as the last word in the name if (substr($area->name, -10) == "-portfolio") { // Chop it off the slug so it doesn't turn into a Portfolio Area $area->name = substr($area->name, 0, -10); } // Set the public boolean if (requestIdParam() == "add") { $area->public = MAINTENANCE_MODE ? 1 : 0; } else { if ($area->id != 1) { $area->public = isset($_POST['public']) ? 1 : 0; } } // Save it or create it if (requestIdParam() == "add") { // Don't leave off any columns that we dont want to pass values to. And include an empty value for the ID $query = "INSERT INTO `areas` VALUES('','{$area->name}','{$area->display_name}','{$area->seo_title}', '', '1', '{$area->template}', '{$area->public}','')"; mysql_query($query, MyActiveRecord::Connection()) or die('Die: ' . $query); setFlash("<h3>New area “" . $area->display_name . "” added</h3>"); } else { $area->save(); setFlash("<h3>Area changes saved</h3>"); } if (ALIAS_INSTALL) { if (!empty($oldname)) { $area->checkAlias($oldname); } } if ($post_action == "Save and Return to List") { redirect("admin/list_pages"); } } } }
function setDisplayOrder() { $gallery = $this->get_gallery(); $display_order = count(Photos::FindByGalleryId($gallery->id)); $query = "UPDATE photos SET display_order = {$display_order} WHERE id = {$this->id} AND gallery_id = {$gallery->id};"; mysql_query($query, MyActiveRecord::Connection()); }
function killDraft() { $page_query = "SELECT * FROM pages WHERE content_file = '' AND name = '{$this->name}' LIMIT 1;"; $page = MyActiveRecord::FindBySql('Pages', $page_query); $query = "DELETE FROM pages WHERE id = {$this->id}"; mysql_query($query, MyActiveRecord::Connection()) or die($query); return array_shift($page); }
function initialize_page() { $event_types = EventTypes::FindAll(); $event_periods = EventPeriods::FindAll(); $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; if ($post_action == "Add Event and add another" || $post_action == "Add and Return to List") { $event = MyActiveRecord::Create('Events', $_POST); if (!getPostValue('time_start')) { $event->setDateStart(getPostValue('date_start'), "04:00:00"); } else { $event->time_start = date("H:i:s", strtotime(getPostValue('time_start'))); } if (!getPostValue('date_end') && !getPostValue('time_end')) { $event->setDateEnd(getPostValue('date_start'), "04:00:00"); } else { if (!getPostValue('date_end') && getPostValue('time_end')) { $event->setDateEnd(getPostValue('date_start'), date("H:i:s", strtotime(getPostValue('time_end')))); } else { $event->setDateEnd(getPostValue('date_end'), date("H:i:s", strtotime(getPostValue('time_end')))); } } $event->eventtype_id = isset($_POST['eventtype_id']) ? $_POST['eventtype_id'] : 1; $event->eventperiod_id = $_POST['eventperiod_id']; $event->save(); $notdates = getPostValue('notdates'); if (is_array($notdates)) { foreach ($notdates as $date) { if (strlen($date) > 4) { $query = "INSERT INTO events_notdate VALUES('{$event->id}','" . formatDateView($date, "Y-m-d") . "')"; mysql_query($query, MyActiveRecord::Connection()) or die($query); } } } add_eventUpdateRecurrences($event); $thisnewevent = Events::FindById($event->id); if ($thisnewevent->date_end < $thisnewevent->date_start) { setFlash("<h3>Whoops! Event Starts after it Ends! Please correct dates...</h3>"); $eventyear = parseDate($thisnewevent->date_start, "Y"); $eventmonth = parseDate($thisnewevent->date_start, "n"); redirect("/admin/edit_event/{$eventyear}/{$eventmonth}/{$thisnewevent->id}"); } else { setFlash("<h3>Event added</h3>"); if ($post_action == "Add and Return to List") { // Redirect user to the Main Event List $datestart = explode("/", getPostValue('date_start')); setFlash("<h3>Event added</h3>"); redirect("/admin/list_events/{$datestart['2']}/{$datestart['0']}"); } } } } }
function initialize_page() { $success = $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; } if ($post_action == "Add Item" || $post_action == "Add and Return to List") { // ! create item $item = MyActiveRecord::Create('Items'); $item->content = $_POST['item_content']; $item->display_name = $_POST['display_name']; $item->name = slug($_POST['display_name']); $item->location = $_POST['location']; $item->public = checkboxValue($_POST, 'public'); $item->mime_type = 0; $item->taxonomy = $_POST['taxonomy']; $item->date_created = date('Y-m-d H:i:s'); // optional fields $item->sku = ITEM_SKU ? $_POST['item_sku'] : null; $item->taxonomy = ITEM_TAXONOMY ? $_POST['taxonomy'] : null; $item->price = ITEM_PRICE ? $_POST['item_price'] : null; // synchronize the users area selections $selected_sections = array(); if (isset($_POST['selected_sections'])) { $selected_sections = $_POST['selected_sections']; } $item->save(); $item->updateSelectedSections($selected_sections); $item->setDisplayOrder(); $success .= "Item Saved / "; // ! create gallery and associate it $gallery = MyActiveRecord::Create('Galleries'); $gallery->name = $_POST['display_name'] . " Gallery"; $gallery->slug = "portfolioGal_" . $item->id . "_" . slug($_POST['display_name']); $gallery->save(); $success .= "Gallery Created / "; if (PORTFOLIOTHUMB_IMAGE) { // now check if a thumbnail was uploaded if (is_uploaded_file($_FILES["thumbnail"]["tmp_name"])) { $mimeType = $_FILES["thumbnail"]["type"]; $fileType = ""; switch ($mimeType) { case "image/gif": $fileType = "gif"; break; case "image/jpg": case "image/jpeg": $fileType = "jpg"; break; case "image/png": $fileType = "png"; break; case "image/x-MS-bmp": $fileType = "bmp"; break; } resizeToMultipleMaxDimensions($_FILES["thumbnail"]["tmp_name"], PORTFOLIOTHUMB_IMAGE_MAXWIDTH, PORTFOLIOTHUMB_IMAGE_MAXHEIGHT, $fileType); // Open the uploaded file $file = fopen($_FILES["thumbnail"]["tmp_name"], "r"); // Read in the uploaded file $fileContents = fread($file, filesize($_FILES["thumbnail"]["tmp_name"])); // Escape special characters in the file $fileContents = AddSlashes($fileContents); $updateQuery = "UPDATE items SET thumbnail = \"{$fileContents}\", mime_type = \"{$mimeType}\" WHERE id = {$item->id};"; if (mysql_Query($updateQuery, MyActiveRecord::Connection())) { $success .= "Thumbnail Added / "; } else { die(mysql_error()); } } } setFlash("<h3>" . substr($success, 0, -3) . "</h3>"); // Remember to get a section for the redirect link... $itemsection = array_shift($item->getSections()); redirect("/admin/portfolio_edit/" . $itemsection->name . "/" . $item->id); } }
/** * Saves the object back to the database * eg: * <code> * $car = MyActiveRecord::Create('Car'); * print $car->id; // NULL * $car->save(); * print $car->id; // 1 * </code> * * NB: if the object has registered errors, save() will return false * without attempting to save the object to the database * * @return boolean true on success false on fail */ public function save() { // if this object has registered errors, we back off and return false. if ($this->get_errors()) { return false; } else { $table = MyActiveRecord::Class2Table(get_class($this)); // check for single-table-inheritance if (strtolower(get_class($this)) != $table) { $this->class = get_class($this); } $fields = MyActiveRecord::Columns($table); // sort out key and value pairs foreach ($fields as $key => $field) { if ($key != 'id') { $val = MyActiveRecord::Escape(isset($this->{$key}) ? $this->{$key} : null); $vals[] = $val; $keys[] = "`" . $key . "`"; $set[] = "`{$key}` = {$val}"; } } // insert or update as required if (isset($this->id)) { $sql = "UPDATE `{$table}` SET " . implode($set, ", ") . " WHERE `id`={$this->id}"; } else { $sql = "INSERT INTO `{$table}` (" . implode($keys, ", ") . ") VALUES (" . implode($vals, ", ") . ")"; } $success = MyActiveRecord::Query($sql); if (!isset($this->id)) { $this->id = mysql_insert_id(MyActiveRecord::Connection()); } return $success; } }
function FindBySlug($slug = "") { $slug = mysql_real_escape_string($slug, MyActiveRecord::Connection()); return MyActiveRecord::FindFirst('Chunks', "slug = '{$slug}'"); }
function FindByName($name = "") { $name = mysql_real_escape_string($name, MyActiveRecord::Connection()); return MyActiveRecord::FindFirst('Galleries', "name = '{$name}'"); }
function is_linked($list) { $result = mysql_query("SELECT * FROM nlemails_nllists WHERE nlemails_id = {$this->id} AND nllists_id = {$list->id}", MyActiveRecord::Connection()); return mysql_num_rows($result); }
function setDisplayOrder() { $sections = $this->getSections(); foreach ($sections as $section) { $display_order = count(Items::FindBySection($section)); $query = "UPDATE items_sections SET display_order = {$display_order} WHERE items_id = {$this->id} AND sections_id = {$section->id};"; mysql_query($query, MyActiveRecord::Connection()); } }
function initialize_page() { // This file does both, so check the parameters first if (requestIdParam() == "add") { $video = MyActiveRecord::Create('Videos'); } else { $video_id = requestIdParam(); $video = Videos::FindById($video_id); } $post_action = ""; if (isset($_POST['submit'])) { $post_action = $_POST['submit']; } if ($post_action == "Save Video" || $post_action == "Save and Return to List") { if (isset($_POST['delete'])) { $photo = Photos::FindVideoPoster($video->id); if (is_object($photo)) { $photo->delete(true); } $video->delete(); setFlash("<h3>Video deleted</h3>"); redirect("/admin/list_videos"); } else { /* * Columns: id, name, title, service (youtube, vimeo), embed (shortcode or unique ID), gallery_id, display_order */ $postedtitle = $_POST['title']; $video->name = slug($postedtitle); $video->display_name = $postedtitle; $video->service = $_POST['service']; $video->embed = $_POST['embed']; $video->width = $_POST['width']; $video->height = $_POST['height']; // Why does the save() method fail on new objects? Is it because Videos extend Modelbase and not MyActiveRecord? //$video->save(); if (requestIdParam() == "add") { // id, slug, display_name, service (youtube, vimeo), embed, width, height, gallery_id, display_order $query = "INSERT INTO `videos` VALUES('','{$video->name}','{$video->display_name}','{$video->service}', '{$video->embed}', '{$video->width}', '{$video->height}', '', '')"; if (mysql_query($query, MyActiveRecord::Connection())) { $success = 'New video added / '; } else { die('Die:<br>' . print_r($query)); } // This is a safer way to do it (we don't rely on the order of columns not to change: /*$newvideo = MyActiveRecord::Create( 'Videos', array( 'name' => $video->name, 'display_name' => $video->display_name, 'service' => $video->service, 'embed' => $video->embed, 'width' => $video->width, 'height' => $video->height, ) );*/ } else { $video->save(); $success = 'Video changes saved / '; } if (isset($_FILES['new_poster']) && $_FILES['new_poster']['error'] == 0) { // First, delete an old file if there is one $oldphoto = Photos::FindVideoPoster($video->id); if (is_object($oldphoto)) { $oldphoto->delete(true); } // New Photo needs to be created as a Photo object $newphoto = MyActiveRecord::Create('Photos', array('caption' => $video->display_name, 'video_id' => $video->id, 'display_order' => 1)); $newphoto->save(); // save_uploaded_file($tmp_name, $file_name, $isportimg = false, $isentryimg = false, $maxwidth=0, $maxheight=0) $newphoto->save_uploaded_file($_FILES['new_poster']['tmp_name'], $_FILES['new_poster']['name'], true); $success .= "New poster image uploaded / "; } else { // from http://php.net/manual/en/features.file-upload.errors.php $upload_errors = array("0. UPLOAD_ERR_OK: No errors.", "1. UPLOAD_ERR_INI_SIZE: Larger than upload_max_filesize.", "2. UPLOAD_ERR_FORM_SIZE: Larger than form MAX_FILE_SIZE.", "3. UPLOAD_ERR_PARTIAL: Partial upload.", "4. UPLOAD_ERR_NO_FILE: No file.", "6. UPLOAD_ERR_NO_TMP_DIR: No temporary directory.", "7. UPLOAD_ERR_CANT_WRITE: Can't write to disk.", "8. UPLOAD_ERR_EXTENSION: File upload stopped by extension.", "UPLOAD_ERR_EMPTY: File is empty."); $err_num = $_FILES['new_poster']['error']; if ($err_num != 4) { echo "Upload Error! " . $upload_errors[$err_num]; } } if (requestIdParam() == "add") { setFlash('<h3>' . $success . '<a href="' . get_link('admin/edit_entry/' . $video->id) . '">Edit it Now</a></h3>'); } else { setFlash("<h3>" . substr($success, 0, -3) . "</h3>"); } /*if ( requestIdParam() == "add" ) { redirect( "admin/edit_video/".$video->id ); }*/ if ($post_action == "Save and Return to List") { redirect("admin/list_videos"); } } } }
function initialize_page() { $post_action = isset($_POST['submit']) ? $_POST['submit'] : ""; if ($post_action == "Add Image" || $post_action == "Add and Return to List") { $title = cleanupSpecialChars($_POST['title']); $description = cleanupSpecialChars($_POST['description']); if (ALLOW_SHORT_PAGE_NAMES) { $name = $_POST['name'] == "" ? slug($_POST['title']) : slug($_POST['name']); } else { $name = slug($_POST['title']); } // Was a file uploaded? if (is_uploaded_file($_FILES["image"]["tmp_name"])) { $mimeType = $_FILES["image"]["type"]; $filetype = getFileExtension($_FILES["image"]["name"]); list($width) = getimagesize($_FILES["image"]["tmp_name"]); $max_width = 0; $max_height = 0; if (defined("MAX_IMAGE_HEIGHT")) { $max_height = MAX_IMAGE_HEIGHT; } if (defined("MAX_IMAGE_WIDTH")) { $max_width = MAX_IMAGE_WIDTH; } resizeToMultipleMaxDimensions($_FILES["image"]["tmp_name"], $max_width, $max_height, $filetype); // Open the uploaded file $file = fopen($_FILES["image"]["tmp_name"], "r"); // Read in the uploaded file $fileContents = fread($file, filesize($_FILES["image"]["tmp_name"])); // Escape special characters in the file $fileContents = AddSlashes($fileContents); /*if( copy($_FILES["image"]["tmp_name"], $_FILES["image"]["tmp_name"] . "_thumb") ) { resizeToMultipleMaxDimensions($_FILES["image"]["tmp_name"] . "_thumb", 200, 0); $image = open_image($_FILES["image"]["tmp_name"] . "_thumb"); if ( $image === false ) { die ('Unable to open image for resizing'); } $width = imagesx($image); // Open the thumbnail file $thumb_file = fopen($_FILES["image"]["tmp_name"] . "_thumb", "r"); // Read in the thumbnail file $thumb_fileContents = fread($thumb_file, filesize($_FILES["image"]["tmp_name"] . "_thumb")); // Escape special characters in the file $thumb_fileContents = AddSlashes($thumb_fileContents); }*/ $thumb_fileContents = NULL; } else { $fileContents = $thumb_fileContents = NULL; } $insertQuery = "INSERT INTO images VALUES (NULL, \"{$title}\", \"{$description}\", \"{$fileContents}\", \"{$thumb_fileContents}\", \"{$mimeType}\", \"{$name}\")"; $result = mysql_Query($insertQuery, MyActiveRecord::Connection()); if (empty($result)) { //die( $updateQuery ); setFlash("<h3>FAILURE – Please notify HCd of this error: " . mysql_error() . "</h3>"); } setFlash("<h3>Image uploaded</h3>"); if ($post_action == "Add and Return to List") { redirect("/admin/list_images"); } } }
function FindByGalleryId($galid = "") { $id = mysql_real_escape_string($galid, MyActiveRecord::Connection()); return MyActiveRecord::FindBySql('Videos', "SELECT v.* FROM videos v WHERE v.gallery_id like '" . $galid . "'"); }