/**
  * This function determines whether an there is a currently logged in
  * Author for Symphony by using the `$Cookie`'s username
  * and password. If an Author is found, they will be logged in, otherwise
  * the `$Cookie` will be destroyed.
  *
  * @see core.Cookie#expire()
  */
 public function isLoggedIn()
 {
     // Ensures that we're in the real world.. Also reduces three queries from database
     // We must return true otherwise exceptions are not shown
     if (is_null(self::$_instance)) {
         return true;
     }
     if ($this->Author) {
         return true;
     } else {
         $username = self::$Database->cleanValue($this->Cookie->get('username'));
         $password = self::$Database->cleanValue($this->Cookie->get('pass'));
         if (strlen(trim($username)) > 0 && strlen(trim($password)) > 0) {
             $id = self::$Database->fetchVar('id', 0, "SELECT `id` FROM `tbl_authors` WHERE `username` = '{$username}' AND `password` = '{$password}' LIMIT 1");
             if ($id) {
                 self::$Database->update(array('last_seen' => DateTimeObj::get('Y-m-d H:i:s')), 'tbl_authors', " `id` = '{$id}'");
                 $this->Author = AuthorManager::fetchByID($id);
                 Lang::set($this->Author->get('language'));
                 return true;
             }
         }
         $this->Cookie->expire();
         return false;
     }
 }
예제 #2
0
 public function view()
 {
     $database = Symphony::Configuration()->get('db', 'database');
     $field_ids = array_map(array('General', 'intval'), explode(',', General::sanitize($_GET['field_id'])));
     $search = MySQL::cleanValue(General::sanitize($_GET['query']));
     $types = array_map(array('MySQL', 'cleanValue'), explode(',', General::sanitize($_GET['types'])));
     $limit = General::intval(General::sanitize($_GET['limit']));
     // Set limit
     if ($limit === 0) {
         $max = '';
     } elseif ($limit < 0) {
         $max = ' LIMIT 100';
     } else {
         $max = sprintf(' LIMIT %d', $limit);
     }
     // Entries
     if (in_array('entry', $types)) {
         foreach ($field_ids as $field_id) {
             $this->get($database, intval($field_id), $search, $max);
         }
     }
     // Associations
     if (in_array('association', $types)) {
         foreach ($field_ids as $field_id) {
             $association_id = $this->getAssociationId($field_id);
             if ($association_id) {
                 $this->get($database, $association_id, $search, $max);
             }
         }
     }
     // Static values
     if (in_array('static', $types)) {
         foreach ($field_ids as $field_id) {
             $this->getStatic($field_id, $search);
         }
     }
     // Return results
     return $this->_Result;
 }
 /**
  * Given a resource type, a handle and a page, this function detaches
  * the given handle (which represents either a datasource or event) to that page.
  *
  * @param integer $type
  *  The resource type, either `RESOURCE_TYPE_EVENT` or `RESOURCE_TYPE_DS`
  * @param string $r_handle
  *  The handle of the resource.
  * @param integer $page_id
  *  The ID of the page.
  */
 public static function detach($type, $r_handle, $page_id)
 {
     $col = self::getColumnFromType($type);
     $pages = PageManager::fetch(false, array($col), array(sprintf('`id` = %d', $page_id)));
     if (is_array($pages) && count($pages) == 1) {
         $result = $pages[0][$col];
         $values = explode(',', $result);
         $idx = array_search($r_handle, $values, false);
         if ($idx !== false) {
             array_splice($values, $idx, 1);
             $result = implode(',', $values);
             return PageManager::edit($page_id, array($col => MySQL::cleanValue($result)));
         }
     }
     return false;
 }
예제 #4
0
 private function __unregisterToList($tbl, $ip = '')
 {
     $filter = MySQL::cleanValue($this->getIP($ip));
     return Symphony::Database()->delete($tbl, "IP = '{$filter}'");
 }
예제 #5
0
 private function __sendEmail()
 {
     $emailUnban = ABF::instance()->getConfigVal(ABF::SETTING_AUTO_UNBAN);
     if ($emailUnban != 'on') {
         // do nothing
         $this->_email_sent = null;
         return;
     }
     $author = Symphony::Database()->fetchRow(0, "SELECT `id`, `email`, `first_name` FROM `tbl_authors` WHERE `email` = '" . MySQL::cleanValue($_POST['email']) . "'");
     $failure = ABF::instance()->getFailureByIp();
     $emailSettings = ABF::instance()->getEmailSettings();
     if (is_array($author) && isset($author['email']) && is_array($failure) && isset($failure[0]) && isset($failure[0]->Hash)) {
         // safe run
         try {
             // use default values
             $email = Email::create();
             // if no default values are set
             if (!is_array($emailSettings) || empty($emailSettings['from_address'])) {
                 $email->setFrom($author['email'], Symphony::Configuration()->get('sitename', 'general'));
             } else {
                 $email->setFrom($emailSettings['from_address'], $emailSettings['from_name']);
             }
             $email->recipients = $author['email'];
             $email->subject = __('Unban IP link');
             $email->text_plain = __('Please follow this link to unban your IP: ') . SYMPHONY_URL . ABF::UNBAND_LINK . $failure[0]->Hash . '/' . PHP_EOL . __('If you do not remember your password, follow the "forgot password" link on the login page.') . PHP_EOL . __('The Symphony Team');
             // set error flag
             $this->_email_sent = $email->validate() && $email->send();
         } catch (Exception $e) {
             //var_dump($e);
             // do nothing
             $this->_email_sent = false;
         }
     }
 }
예제 #6
0
 /**
  * Process the URL and translate the localised page handles to Symphony handles.
  *
  * @param array $context - see delegate description
  */
 public function dFrontendPrePageResolve($context)
 {
     if ($this->first_pass === true && $this->_validateDependencies()) {
         $this->first_pass = false;
         $url = MySQL::cleanValue($context['page']);
         $context['page'] = PLHManagerURL::lang2sym($url, Flang::getLangCode());
     }
 }
예제 #7
0
    /**
     *
     * Builds the content view
     */
    public function view()
    {
        // _context[0] => entry values
        // _context[1] => fieldId
        if (!is_array($this->_context) || empty($this->_context)) {
            $this->_Result->appendChild(new XMLElement('error', __('Parameters not found')));
            return;
        } else {
            if (count($this->_context) < self::NUMBER_OF_URL_PARAMETERS) {
                $this->_Result->appendChild(new XMLElement('error', __('Not enough parameters')));
                return;
            } else {
                if (count($this->_context) > self::NUMBER_OF_URL_PARAMETERS) {
                    $this->_Result->appendChild(new XMLElement('error', __('Too many parameters')));
                    return;
                }
            }
        }
        $entriesId = explode(',', MySQL::cleanValue($this->_context[0]));
        $entriesId = array_map(array('General', 'intval'), $entriesId);
        if (!is_array($entriesId) || empty($entriesId)) {
            $this->_Result->appendChild(new XMLElement('error', __('No entry no found')));
            return;
        }
        $parentFieldId = General::intval($this->_context[1]);
        if ($parentFieldId < 1) {
            $this->_Result->appendChild(new XMLElement('error', __('Parent field id not valid')));
            return;
        }
        $parentField = $this->fieldManager->fetch($parentFieldId);
        if (!$parentField || empty($parentField)) {
            $this->_Result->appendChild(new XMLElement('error', __('Parent field not found')));
            return;
        }
        if ($parentField->get('type') != 'entry_relationship') {
            $this->_Result->appendChild(new XMLElement('error', __('Parent field is `%s`, not `entry_relationship`', array($parentField->get('type')))));
            return;
        }
        $includedElements = $this->parseIncludedElements($parentField);
        $xmlParams = self::getXmlParams();
        // Get entries one by one since they may belong to
        // different sections, which prevents us from
        // passing an array of entryId.
        foreach ($entriesId as $key => $entryId) {
            $entry = $this->entryManager->fetch($entryId);
            if (empty($entry)) {
                $li = new XMLElement('li', null, array('data-entry-id' => $entryId));
                $header = new XMLElement('header', null, array('class' => 'frame-header'));
                $title = new XMLElement('h4');
                $title->appendChild(new XMLElement('strong', __('Entry %s not found', array($entryId))));
                $header->appendChild($title);
                $options = new XMLElement('div', null, array('class' => 'destructor'));
                if ($parentField->is('allow_link')) {
                    $options->appendChild(new XMLElement('a', __('Un-link'), array('class' => 'unlink', 'data-unlink' => $entryId)));
                }
                $header->appendChild($options);
                $li->appendChild($header);
                $this->_Result->appendChild($li);
            } else {
                $entry = $entry[0];
                $entryData = $entry->getData();
                $entrySection = $this->sectionManager->fetch($entry->get('section_id'));
                $entryVisibleFields = $entrySection->fetchVisibleColumns();
                $entryFields = $entrySection->fetchFields();
                $entrySectionHandle = $this->getSectionName($entry, 'handle');
                $li = new XMLElement('li', null, array('data-entry-id' => $entryId, 'data-section' => $entrySectionHandle, 'data-section-id' => $entrySection->get('id')));
                $header = new XMLElement('header', null, array('class' => 'frame-header'));
                $title = new XMLElement('h4');
                $title->appendChild(new XMLElement('strong', $this->getEntryTitle($entry, $entryVisibleFields, $entryFields)));
                $title->appendChild(new XMLElement('span', $this->getSectionName($entry)));
                $header->appendChild($title);
                $options = new XMLElement('div', null, array('class' => 'destructor'));
                if ($parentField->is('allow_edit')) {
                    $title->setAttribute('data-edit', $entryId);
                    $options->appendChild(new XMLElement('a', __('Edit'), array('class' => 'edit', 'data-edit' => $entryId)));
                }
                if ($parentField->is('allow_delete')) {
                    $options->appendChild(new XMLElement('a', __('Delete'), array('class' => 'delete', 'data-delete' => $entryId)));
                }
                if ($parentField->is('allow_link')) {
                    $options->appendChild(new XMLElement('a', __('Replace'), array('class' => 'unlink', 'data-replace' => $entryId)));
                }
                if ($parentField->is('allow_delete') || $parentField->is('allow_link')) {
                    $options->appendChild(new XMLElement('a', __('Un-link'), array('class' => 'unlink', 'data-unlink' => $entryId)));
                }
                $header->appendChild($options);
                $li->appendChild($header);
                $xslFilePath = WORKSPACE . '/er-templates/' . $entrySectionHandle . '.xsl';
                if (!empty($entryData) && !!@file_exists($xslFilePath)) {
                    $xmlData = new XMLElement('data');
                    $xmlData->setIncludeHeader(true);
                    $xml = new XMLElement('entry');
                    $xml->setAttribute('id', $entryId);
                    $xmlData->appendChild($xmlParams);
                    $xmlData->appendChild($xml);
                    foreach ($entryData as $fieldId => $data) {
                        $filteredData = array_filter($data, function ($value) {
                            return $value != null;
                        });
                        if (empty($filteredData)) {
                            continue;
                        }
                        $field = $entryFields[$fieldId];
                        $fieldName = $field->get('element_name');
                        $fieldIncludedElement = $includedElements[$entrySectionHandle];
                        if (FieldEntry_relationship::isFieldIncluded($fieldName, $fieldIncludedElement)) {
                            $fieldIncludableElements = $field->fetchIncludableElements();
                            if ($field instanceof FieldEntry_relationship) {
                                $fieldIncludableElements = null;
                            }
                            if (!empty($fieldIncludableElements) && count($fieldIncludableElements) > 1) {
                                foreach ($fieldIncludableElements as $fieldIncludableElement) {
                                    $submode = preg_replace('/^' . $fieldName . '\\s*\\:\\s*/i', '', $fieldIncludableElement, 1);
                                    $field->appendFormattedElement($xml, $data, false, $submode, $entryId);
                                }
                            } else {
                                $field->appendFormattedElement($xml, $data, false, null, $entryId);
                            }
                        }
                    }
                    $indent = false;
                    $mode = $parentField->get('mode');
                    if (isset($_REQUEST['debug'])) {
                        $mode = 'debug';
                    }
                    if ($mode == 'debug') {
                        $indent = true;
                    }
                    $xmlMode = empty($mode) ? '' : 'mode="' . $mode . '"';
                    $xmlString = $xmlData->generate($indent, 0);
                    $xsl = '<?xml version="1.0" encoding="UTF-8"?>
						<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
							<xsl:import href="' . str_replace('\\', '/', $xslFilePath) . '"/>
							<xsl:output method="xml" omit-xml-declaration="yes" encoding="UTF-8" indent="no" />
							<xsl:template match="/">
								<xsl:apply-templates select="/data" ' . $xmlMode . ' />
							</xsl:template>
							<xsl:template match="/data" ' . $xmlMode . '>
								<xsl:apply-templates select="entry" ' . $xmlMode . ' />
							</xsl:template>
							<xsl:template match="/data" mode="debug">
								<xsl:copy-of select="/" />
							</xsl:template>
						</xsl:stylesheet>';
                    $xslt = new XsltProcess();
                    $result = $xslt->process($xmlString, $xsl, $this->params);
                    if ($mode == 'debug') {
                        $result = '<pre><code>' . str_replace('<', '&lt;', str_replace('>', '&gt;', $xmlString)) . '</code></pre>';
                    }
                    if ($xslt->isErrors()) {
                        $error = $xslt->getError();
                        $result = $error[1]['message'];
                    }
                    if (!!$xslt && strlen($result) > 0) {
                        $content = new XMLElement('div', $result, array('class' => 'content'));
                        $li->appendChild($content);
                    }
                }
                $this->_Result->appendChild($li);
            }
        }
    }
예제 #8
0
 /**
  *
  * Builds the content view
  */
 public function view()
 {
     if ($_SERVER['REQUEST_METHOD'] != 'POST') {
         $this->_Result['status'] = Page::HTTP_STATUS_BAD_REQUEST;
         $this->_Result['error'] = __('This page accepts posts only');
         $this->setHttpStatus($this->_Result['status']);
         return;
     }
     // _context[0] => entry id to delete
     // _context[1] => fieldId
     // _context[2] => current entry id (parent of entry id to delete)
     if (!is_array($this->_context) || empty($this->_context)) {
         $this->_Result['error'] = __('Parameters not found');
         return;
     } else {
         if (count($this->_context) < self::NUMBER_OF_URL_PARAMETERS) {
             $this->_Result['error'] = __('Not enough parameters');
             return;
         } else {
             if (count($this->_context) > self::NUMBER_OF_URL_PARAMETERS) {
                 $this->_Result['error'] = __('Too many parameters');
                 return;
             }
         }
     }
     // Validate to delete entry ID
     $rawToDeleteEntryId = MySQL::cleanValue($this->_context[0]);
     $toDeleteEntryId = General::intval($rawToDeleteEntryId);
     if ($toDeleteEntryId < 1) {
         $this->_Result['error'] = __('No entry no found');
         return;
     }
     // Validate parent field exists
     $parentFieldId = General::intval(MySQL::cleanValue($this->_context[1]));
     if ($parentFieldId < 1) {
         $this->_Result['error'] = __('Parent id not valid');
         return;
     }
     $parentField = FieldManager::fetch($parentFieldId);
     if (!$parentField || empty($parentField)) {
         $this->_Result['error'] = __('Parent field not found');
         return;
     }
     // Validate parent entry ID
     $rawEntryId = MySQL::cleanValue($this->_context[2]);
     $entryId = General::intval($rawEntryId);
     if ($entryId < 1) {
         $this->_Result['error'] = sprintf(__('Parent entry id `%s` not valid'), $rawEntryId);
         return;
     }
     // Validate parent entry exists
     $entry = EntryManager::fetch($entryId);
     if ($entry == null || count($entry) != 1) {
         $this->_Result['error'] = __('Parent entry not found');
         return;
     }
     if (is_array($entry)) {
         $entry = $entry[0];
     }
     if ($entry->get('section_id') != $parentField->get('parent_section')) {
         $this->_Result['error'] = __('Field and entry do not belong together');
         return;
     }
     // Validate to delete entry exists
     $toDeleteEntry = EntryManager::fetch($toDeleteEntryId);
     if ($toDeleteEntry == null || count($toDeleteEntry) != 1) {
         $this->_Result['error'] = __('Entry not found');
         return;
     }
     if (is_array($toDeleteEntry)) {
         $toDeleteEntry = $toDeleteEntry[0];
     }
     // Validate entry is not linked anywhere else
     if (!isset($_REQUEST['no-assoc'])) {
         //$toDeleteSection = SectionManager::fetch($toDeleteEntry->get('section_id'));
         //$toDeleteAssoc = $toDeleteSection->fetchChildAssociations(false);
         $toDeleteAssoc = SectionManager::fetchChildAssociations($toDeleteEntry->get('section_id'), false);
         //var_dump($toDeleteAssoc);die;
         // TODO: find if the toDeleteEntry is linked or not.
         if (count($toDeleteAssoc) > 1) {
             $this->_Result['assoc'] = true;
             $this->_Result['error'] = __('Entry might be link elsewhere. Do you want to continue?');
             return;
         }
     }
     // Delete the entry
     if (!EntryManager::delete($toDeleteEntryId)) {
         $this->_Result['error'] = __('Could not delete the entry');
         return;
     }
     $this->_Result['entry-id'] = $entryId;
     $this->_Result['ok'] = true;
 }
예제 #9
0
 public static function updateFieldData_Driver()
 {
     $tbl = self::FIELD_TBL_NAME;
     // allow all drivers for fields that already exists
     $drivers = MySQL::cleanValue(implode(',', ServiceDispatcher::getAllDriversNames()));
     return Symphony::Database()->query("\n\t\t\t\tUPDATE `{$tbl}`\n\t\t\t\t\tSET `driver` = '{$drivers}'\n\t\t\t");
 }
예제 #10
0
 /**
  *
  * Builds the content view
  */
 public function view()
 {
     if ($_SERVER['REQUEST_METHOD'] != 'POST') {
         $this->_Result['status'] = Page::HTTP_STATUS_BAD_REQUEST;
         $this->_Result['error'] = __('This page accepts posts only');
         $this->setHttpStatus($this->_Result['status']);
         return;
     }
     // _context[0] => entry values
     // _context[1] => fieldId
     // _context[2] => current entry id
     if (!is_array($this->_context) || empty($this->_context)) {
         $this->_Result['error'] = __('Parameters not found');
         return;
     } else {
         if (count($this->_context) < self::NUMBER_OF_URL_PARAMETERS) {
             $this->_Result['error'] = __('Not enough parameters');
             return;
         } else {
             if (count($this->_context) > self::NUMBER_OF_URL_PARAMETERS) {
                 $this->_Result['error'] = __('Too many parameters');
                 return;
             }
         }
     }
     // Validate ALL entries ID
     $rawEntriesId = explode(',', MySQL::cleanValue($this->_context[0]));
     $entriesId = array_map(array('General', 'intval'), $rawEntriesId);
     if (!is_array($entriesId) || empty($entriesId)) {
         $this->_Result['error'] = __('No entry no found');
         return;
     }
     if (in_array('null', $rawEntriesId)) {
         $entriesId = array();
     }
     foreach ($entriesId as $entryPos => $entryId) {
         if ($entryId < 1) {
             $this->_Result['error'] = sprintf(__('Entry id `%s` not valid'), $rawEntriesId[$entryPos]);
             return;
         }
     }
     // Validate parent field exists
     $parentFieldId = General::intval(MySQL::cleanValue($this->_context[1]));
     if ($parentFieldId < 1) {
         $this->_Result['error'] = __('Parent id not valid');
         return;
     }
     $parentField = FieldManager::fetch($parentFieldId);
     if (!$parentField || empty($parentField)) {
         $this->_Result['error'] = __('Parent field not found');
         return;
     }
     // Validate parent entry ID
     $rawEntryId = MySQL::cleanValue($this->_context[2]);
     $entryId = General::intval($rawEntryId);
     if ($entryId < 1) {
         $this->_Result['error'] = sprintf(__('Parent entry id `%s` not valid'), $rawEntryId);
         return;
     }
     // Validate parent entry exists
     $entry = EntryManager::fetch($entryId);
     if ($entry == null || count($entry) != 1) {
         $this->_Result['error'] = __('Parent entry not found');
         return;
     }
     if (is_array($entry)) {
         $entry = $entry[0];
     }
     if ($entry->get('section_id') != $parentField->get('parent_section')) {
         $this->_Result['error'] = __('Field and entry do not belong together');
         return;
     }
     $entryData = $entry->getData();
     // set new data
     $entryData[$parentFieldId]['entries'] = implode(',', $entriesId);
     // check if data are valid
     $resMessage = null;
     $res = $parentField->checkPostFieldData($entryData[$parentFieldId], $resMessage, $entryId);
     if ($res != Field::__OK__) {
         $this->_Result['error'] = $resMessage;
         return;
     }
     // save the new data
     $entry->setData($parentFieldId, $entryData[$parentFieldId]);
     if (!$entry->commit()) {
         $this->_Result['error'] = __('Could not save entry');
         return;
     }
     $this->_Result['entry-id'] = $entryId;
     $this->_Result['ok'] = true;
     $this->_Result['entries'] = $entryData[$parentFieldId]['entries'];
 }