function remove_404($id)
{
// find the user to delete
if ($error = Record::findByIdFrom('Redirector404s', $id)) {
if ($error->delete()) {
Flash::set('success', __('404 Error has been deleted!'));
} else {
Flash::set('error', __('There was a problem deleting this 404 error!'));
}
} else {
Flash::set('error', __('404 Error not found!'));
}
redirect(get_url('plugin/redirector/'));
}
function unapprove($id)
{
// find the user to unapprove
if ($comment = Record::findByIdFrom('Comment', $id)) {
$comment->is_approved = 0;
if ($comment->save()) {
Flash::set('success', __('Comment has been unapproved!'));
Observer::notify('comment_after_unapprove', $comment);
}
} else {
Flash::set('error', __('Comment not found!'));
}
redirect(get_url('plugin/comment'));
}
function delete()
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$homeimage = Record::findByIdFrom('HomeImage', $id);
//Remove folders and all images
$dir = FILES_DIR . '/homeimage/images/' . $homeimage->filename;
unlink($dir);
$dir2 = FILES_DIR . '/homeimage/images/' . $homeimage->filename_hover;
unlink($dir2);
// End remove folders and all images
if ($homeimage->delete()) {
Flash::set('success', __('This homeimage has been deleted.'));
} else {
Flash::set('error', __('This homeimage could not be deleted!'));
}
redirect(get_url('homeimage'));
}
function delete_album()
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
//Remove folders and all images
$dir = FILES_DIR . '/gallery/images/' . $id . '/';
foreach (glob($dir . '*.*') as $v) {
unlink($v);
}
rmdir($dir);
// End remove folders and all images
$galleries = Record::findAllFrom('Gallery', 'album_id="' . $id . '"');
if (count($galleries) > 0) {
foreach ($galleries as $gallery) {
// find the image to delete
if ($delete_gallery = Record::findByIdFrom('Gallery', $gallery->id)) {
$delete_gallery->delete();
}
}
}
$album = Record::query('DELETE from ' . TABLE_PREFIX . 'album where id="' . $id . '"');
$album->execute();
Flash::set('success', __('This album has been deleted.'));
redirect(get_url('gallery'));
}
/**
* Checks if the cookie is still valid.
*
* @param string $cookie Cookie's content.
* @return boolean True if cookie is valid, otherwise false.
*/
private static final function challengeCookie($cookie)
{
$params = self::explodeCookie($cookie);
if (isset($params['exp'], $params['id'], $params['digest'])) {
if (!($user = Record::findByIdFrom('User', $params['id']))) {
return false;
}
if (self::bakeUserCookie($params['exp'], $user) == $cookie && $params['exp'] > $_SERVER['REQUEST_TIME']) {
return $user;
}
}
return false;
}
?>
</th>
<th class="size" width=50><?php
echo __('Order');
?>
</th>
<th class="modify" width=50><?php
echo __('Action');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($banners as $banner) {
$page = Record::findByIdFrom('Page', $banner->page_id);
$type_detail = $banner->type == 'home' ? $banner->location : '';
?>
<!--ws 2/10/2015 for non-object prroperty problem-->
<tr class="<?php
echo odd_even();
?>
">
<td><?php
echo $banner->name;
?>
</td>
<td><?php
echo $banner->filename != '' ? '<img src="' . BASE_FILES_DIR . '/banner/' . $banner->filename . '" width=100 />' : '';
?>
</td>
function delete_mainimage($id)
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$featureimage = Record::findByIdFrom('Facilities', $id);
if ($featureimage) {
$file = FILES_DIR . '/facilities/images/' . $featureimage->filename;
$filename = array_pop($paths);
$paths = join('/', $paths);
if (is_file($file)) {
if (!unlink($file)) {
Flash::set('error', __('Permission denied!'));
}
}
//$featureimage->filename="";
// delete record
if ($featureimage->update('Facilities', array('filename' => ''), 'id=' . $id)) {
Flash::set('success', __('This image has been deleted.'));
} else {
Flash::set('error', __('This image could not be deleted!'));
}
} else {
Flash::set('error', __('image could not be found!'));
}
redirect(get_url('facilities/edit/' . $featureimage->id));
}
?>
</th>
<th class="size" width=50><?php
echo __('Order');
?>
</th>
<th class="modify" width=50><?php
echo __('Action');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($abouts as $about) {
$page = Record::findByIdFrom('Page', $about->page_id);
$type_detail = $about->type == 'home' ? $about->location : '';
?>
<!--ws 2/10/2015 for non-object prroperty problem-->
<tr class="<?php
echo odd_even();
?>
">
<td><?php
echo $about->name;
?>
</td>
<td><?php
echo $about->filename != '' ? '<img src="' . BASE_FILES_DIR . '/about/' . $about->filename . '" width=100 />' : '';
?>
</td>
/**
* Runs checks and stores a page.
*
* @param string $action What kind of action this is: add or edit.
* @param mixed $id Page to edit if any.
*/
private function _store($action, $id = false)
{
// Sanity checks
if ($action == 'edit' && !$id) {
throw new Exception('Trying to edit page when $id is false.');
}
use_helper('Validate');
$data = $_POST['page'];
$data['is_protected'] = !empty($data['is_protected']) ? 1 : 0;
Flash::set('post_data', (object) $data);
$pagesetting = array();
//For homepage info & about page info okstmtcc
if ($id == 1 || $id == 4) {
$upload = $_POST['upload'];
$pagesetting = $_POST['pagesetting'];
//Flash::set('post_settingdata', (object) $pagesetting);
}
// Add pre-save checks here
$errors = false;
$error_fields = false;
// CSRF checks
if (isset($_POST['csrf_token'])) {
$csrf_token = $_POST['csrf_token'];
$csrf_id = '';
if ($action === 'edit') {
$csrf_id = '/' . $id;
}
if (!SecureToken::validateToken($csrf_token, BASE_URL . 'page/' . $action . $csrf_id)) {
$errors[] = __('Invalid CSRF token found!');
}
} else {
$errors[] = __('No CSRF token found!');
}
$data['title'] = trim($data['title']);
if (empty($data['title'])) {
$error_fields[] = __('Page Title');
}
/** homepage setting check okstmtcc **/
if ($id == 1) {
/** homepage page title **/
if (empty($pagesetting['homepage_discover_title'])) {
$error_fields[] = __('Homepage Title');
}
if (empty($pagesetting['homepage_discover_teaser'])) {
$error_fields[] = __('Homepage Teaser');
}
/** highlight 1 **/
// if (empty($pagesetting['highlight_title'])){
// $error_fields[] = __('Highlight 1´s Title');
// }
// if (empty($pagesetting['highlight_text1'])){
// $error_fields[] = __('Highlight 1´s Text 1');
// }
// if (empty($pagesetting['highlight_url'])){
// $error_fields[] = __('Highlight 1´s Read More URL');
// }
// $pagesetting_ori = PageSetting::init();
// if (isset($_FILES)) {
// if(empty($_FILES['upload_highlight_image']['name'])){
// $pagesetting['highlight_image'] = $pagesetting_ori->highlight_image;
// } else {
// $pagesetting['highlight_image'] = $_FILES['upload_highlight_image']['name'];
// }
// } else {
// $pagesetting['highlight_image'] = $pagesetting_ori->highlight_image;
// }
// if (empty($pagesetting['highlight_image'])){
// $error_fields[] = __('Highlight 1´s Image');
// }
// /** highlight 2 **/
// if (empty($pagesetting['highlight2_title'])){
// $error_fields[] = __('Highlight 2´s Title');
// }
// if (empty($pagesetting['highlight2_text1'])){
// $error_fields[] = __('Highlight 2´s Text 1');
// }
// if (empty($pagesetting['highlight2_url'])){
// $error_fields[] = __('Highlight 2´s Read More URL');
// }
// if (isset($_FILES)) {
// if(empty($_FILES['upload_highlight2_image']['name'])){
// $pagesetting['highlight2_image'] = $pagesetting_ori->highlight2_image;
// } else {
// $pagesetting['highlight2_image'] = $_FILES['upload_highlight2_image']['name'];
// }
// } else {
// $pagesetting['highlight2_image'] = $pagesetting_ori->highlight2_image;
// }
// if (empty($pagesetting['highlight2_image'])){
// $error_fields[] = __('Highlight 2´s Image');
// }
// if (isset($_FILES)) {
// if(empty($_FILES['upload_newdev_image']['name'])){
// $pagesetting['newdev_image'] = $pagesetting_ori->newdev_image;
// } else {
// $pagesetting['newdev_image'] = $_FILES['upload_newdev_image']['name'];
// }
// } else {
// $pagesetting['newdev_image'] = $pagesetting_ori->newdev_image;
// }
// if (empty($pagesetting['newdev_image'])){
// $error_fields[] = __('New Development Image');
// }
}
/** homepage setting check okstmtcc **/
$data['slug'] = !empty($data['slug']) ? trim($data['slug']) : '';
if (empty($data['slug']) && $id != '1') {
$error_fields[] = __('Slug');
} else {
if ($data['slug'] == ADMIN_DIR) {
$errors[] = __('You cannot have a slug named :slug!', array(':slug' => ADMIN_DIR));
}
if (!Validate::slug($data['slug']) && (!empty($data['slug']) && $id == '1')) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'slug'));
}
}
// Check all numerical fields for a page
$fields = array('parent_id', 'layout_id', 'needs_login');
foreach ($fields as $field) {
if (!Validate::digit($data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
}
// Check all date fields for a page
$fields = array('created_on', 'published_on', 'valid_until');
foreach ($fields as $field) {
if (isset($data[$field])) {
$data[$field] = trim($data[$field]);
if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/D', (string) $data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
}
}
// Check all time fields for a page
$fields = array('created_on_time', 'published_on_time', 'valid_until_time');
foreach ($fields as $field) {
if (isset($data[$field])) {
$data[$field] = trim($data[$field]);
if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{2}:[0-9]{2}:[0-9]{2}$/D', (string) $data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
}
}
// Check alphanumerical fields
$fields = array('keywords', 'description');
foreach ($fields as $field) {
use_helper('Kses');
$data[$field] = kses(trim($data[$field]), array());
/*
if (!empty($data[$field]) && !Validate::alpha_comma($data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
*
*/
}
// Check behaviour_id field
if (!empty($data['behaviour_id']) && !Validate::slug($data['behaviour_id'])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'behaviour_id'));
}
// Make sure the title doesn't contain HTML
if (Setting::get('allow_html_title') == 'off') {
use_helper('Kses');
$data['title'] = kses(trim($data['title']), array());
}
// Create the page object to be manipulated and populate data
if ($action == 'add') {
$page = new Page($data);
} else {
$page = Record::findByIdFrom('Page', $id);
$page->setFromData($data);
}
// Upon errors, rebuild original page and return to screen with errors
if (false !== $errors || $error_fields !== false) {
$tags = $_POST['page_tag'];
// Rebuild time fields
if (isset($page->created_on) && isset($page->created_on_time)) {
$page->created_on = $page->created_on . ' ' . $page->created_on_time;
}
if (isset($page->published_on) && isset($page->published_on_time)) {
$page->published_on = $page->published_on . ' ' . $page->published_on_time;
}
if (isset($page->valid_until)) {
$page->valid_until = $page->valid_until . ' ' . $page->valid_until_time;
}
// Rebuild parts
$part = '';
if (!empty($_POST['part'])) {
$part = $_POST['part'];
$tmp = false;
foreach ($part as $key => $val) {
$tmp[$key] = (object) $val;
}
$part = $tmp;
}
// Set the errors to be displayed.
$err_msg = $errors != false ? implode('<br/>', $errors) : '';
$err_msg .= $error_fields != false ? '<br />Please specify these fields: ' . implode(', ', $error_fields) : '';
Flash::setNow('error', $err_msg);
//$settingdata = 'aaa';
// display things ...
$this->setLayout('backend');
$pagesettingobj = new stdClass();
foreach ($pagesetting as $name => $value) {
$pagesettingobj->{$name} = $value;
}
$this->display('page/edit', array('action' => $action, 'csrf_token' => SecureToken::generateToken(BASE_URL . 'page/' . $action), 'page' => (object) $page, 'pagesetting' => $pagesettingobj, 'tags' => $tags, 'filters' => Filter::findAll(), 'behaviors' => Behavior::findAll(), 'page_parts' => $part, 'layouts' => Record::findAllFrom('Layout')));
}
// Notify
if ($action == 'add') {
Observer::notify('page_add_before_save', $page);
} else {
Observer::notify('page_edit_before_save', $page);
}
// Time to actually save the page
// @todo rebuild this so parts are already set before save?
// @todo determine lazy init impact
$page->newwindow = !empty($data['newwindow']) ? '1' : '0';
if ($page->save()) {
// Get data for parts of this page
$data_parts = $_POST['part'];
Flash::set('post_parts_data', (object) $data_parts);
if ($action == 'edit') {
$old_parts = PagePart::findByPageId($id);
// check if all old page part are passed in POST
// if not ... we need to delete it!
foreach ($old_parts as $old_part) {
$not_in = true;
foreach ($data_parts as $part_id => $data) {
$data['name'] = trim($data['name']);
if ($old_part->name == $data['name']) {
$not_in = false;
// this will not really create a new page part because
// the id of the part is passed in $data
$part = new PagePart($data);
$part->page_id = $id;
Observer::notify('part_edit_before_save', $part);
$part->save();
Observer::notify('part_edit_after_save', $part);
unset($data_parts[$part_id]);
break;
}
}
if ($not_in) {
$old_part->delete();
}
}
}
// add the new parts
foreach ($data_parts as $data) {
$data['name'] = trim($data['name']);
$part = new PagePart($data);
$part->page_id = $page->id;
Observer::notify('part_add_before_save', $part);
$part->save();
Observer::notify('part_add_after_save', $part);
}
// save tags
$page->saveTags($_POST['page_tag']['tags']);
// save homepage banner info okstmtcc
if ($id == 1) {
// upload home banner image 1, 2
if (isset($_FILES) && !empty($_FILES['upload_banner_image1']['name'])) {
//okstmtcc 20150827 Replace image filename spaces
$_FILES['upload_banner_image1']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_banner_image1']['name']);
$file = $this->upload_file($_FILES['upload_banner_image1']['name'], FILES_DIR . '/pagesetting/images/', $_FILES['upload_banner_image1']['tmp_name'], $overwrite);
if ($file === false) {
Flash::set('error', __('Home banner could not be uploaded!'));
redirect(get_url('page/edit/1'));
} else {
$pagesetting['banner_image1'] = $file;
}
}
if (isset($_FILES) && !empty($_FILES['upload_banner_image2']['name'])) {
//okstmtcc 20150827 Replace image filename spaces
$_FILES['upload_banner_image2']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_banner_image2']['name']);
$file = $this->upload_file($_FILES['upload_banner_image2']['name'], FILES_DIR . '/pagesetting/images/', $_FILES['upload_banner_image2']['tmp_name'], $overwrite);
if ($file === false) {
Flash::set('error', __('Home banner could not be uploaded!'));
redirect(get_url('page/edit/1'));
} else {
$pagesetting['banner_image2'] = $file;
}
}
PageSetting::saveFromData($pagesetting);
}
// save homepage banner info okstmtcc
// save about banner info okstmtcc
if ($id == 4) {
// upload about page image 1
if (isset($_FILES) && !empty($_FILES['upload_about_image1']['name'])) {
//okstmtcc 20150827 Replace image filename spaces
$_FILES['upload_about_image1']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_about_image1']['name']);
$file = $this->upload_file($_FILES['upload_about_image1']['name'], FILES_DIR . '/pagesetting/images/', $_FILES['upload_about_image1']['tmp_name'], $overwrite);
if ($file === false) {
Flash::set('error', __('Home banner could not be uploaded!'));
redirect(get_url('page/edit/1'));
} else {
$pagesetting['about_image1'] = $file;
}
}
PageSetting::saveFromData($pagesetting);
}
// save about banner info okstmtcc
Flash::set('success', __('Page has been saved.'));
} else {
Flash::set('error', __('Page has not been saved!'));
$url = 'page/';
$url .= $action == 'edit' ? 'edit/' . $id : 'add/';
redirect(get_url($url));
}
if ($action == 'add') {
Observer::notify('page_add_after_save', $page);
} else {
Observer::notify('page_edit_after_save', $page);
}
// save and quit or save and continue editing ?
if (isset($_POST['commit'])) {
redirect(get_url('page'));
} else {
redirect(get_url('page/edit/' . $page->id));
}
}
/**
* Ajax action to copy a page or page tree
*
*/
function copy($parent_id)
{
parse_str($_POST['data']);
$page = Record::findByIdFrom('Page', $dragged_id);
$new_root_id = Page::cloneTree($page, $parent_id);
foreach ($pages as $position => $page_id) {
if ($page_id == $dragged_id) {
/* Move the cloned tree, not original. */
$page = Record::findByIdFrom('Page', $new_root_id);
} else {
$page = Record::findByIdFrom('Page', $page_id);
}
$page->position = (int) $position;
$page->parent_id = (int) $parent_id;
$page->save();
}
}
function delete_category()
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$category = Record::findByIdFrom('NewsCategory', $id);
//Remove all news folders and all images
$news_arr = News::findByCatId($id);
foreach ($news_arr as $news) {
$dir = FILES_DIR . '/news/images/' . $news->filename;
unlink($dir);
if ($news->delete()) {
}
}
// End remove all news folders and all images
if ($category->delete()) {
Flash::set('success', __('This category has been deleted.'));
} else {
Flash::set('error', __('This category could not be deleted!'));
}
redirect(get_url('news'));
}
?>
</th>
<th class="size" width=50><?php
echo __('Order');
?>
</th>
<th class="modify" width=50><?php
echo __('Action');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($latests as $latest) {
$page = Record::findByIdFrom('Page', $latest->page_id);
$type_detail = $latest->type == 'home' ? $latest->location : '';
?>
<!--ws 2/10/2015 for non-object prroperty problem-->
<tr class="<?php
echo odd_even();
?>
">
<td><?php
echo $latest->name;
?>
</td>
<td><?php
echo $latest->filename != '' ? '<img src="' . BASE_FILES_DIR . '/latest/' . $latest->filename . '" width=100 />' : '';
?>
</td>
function delete_location($id)
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$location = Record::findByIdFrom('Location', $id);
if ($location) {
$file = FILES_DIR . '/fnb/location/' . $location->filename;
$filename = array_pop($paths);
$paths = join('/', $paths);
if (is_file($file)) {
if (!unlink($file)) {
Flash::set('error', __('Permission denied!'));
}
}
// delete record
if ($location->delete()) {
Flash::set('success', __('This location has been deleted.'));
} else {
Flash::set('error', __('This Location could not be deleted!'));
}
} else {
Flash::set('error', __('Location could not be found!'));
}
redirect(get_url('fnb/edit/' . $location->fnbid));
}
/**
* View callback function. Adds the page_part_form to the admin page.
*
* @param page the current page to edit
*/
public static function callback_view_page($page)
{
// Because the metadata is not visible, we can't use $page->metadata[self::PLUGIN_ID]
if (isset($page->id) && ($form = PageMetadata::FindOneByPageAndKeyword($page->id, self::PLUGIN_ID)) || ($form = PageMetadata::FindOneByPageAndKeyword($page->parent_id, self::PLUGIN_ID . '_children'))) {
if ($definition = Record::findByIdFrom('PagePartForm', $form->value)) {
// Convert page_parts array to hash
$page_parts = array();
if (isset($page->id)) {
foreach (PagePart::findByPageId($page->id) as $page_part) {
$page_parts[$page_part->name] = $page_part;
}
}
// Add the page_part_form to the admin view
self::Get_instance()->create_view('observers/page_form', array('page' => $page, 'page_parts' => $page_parts, 'structure' => self::Get_structure($definition)))->display();
}
}
}
?>
</th>
<th class="size" width=50><?php
echo __('Order');
?>
</th>
<th class="modify" width=50><?php
echo __('Action');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($menus as $menu) {
$page = Record::findByIdFrom('Page', $menu->page_id);
$type_detail = $menu->type == 'home' ? $menu->location : '';
?>
<!--ws 2/10/2015 for non-object prroperty problem-->
<tr class="<?php
echo odd_even();
?>
">
<td><?php
echo $menu->name;
?>
</td>
<td><?php
echo $menu->filename != '' ? '<img src="' . BASE_FILES_DIR . '/menu/' . $menu->filename . '" width=100 />' : '';
?>
</td>
public function edit($id)
{
if ($_POST["action"] == "edit") {
$data = $_POST['sidebarlink'];
Flash::set('postdata', $data);
$sidebarlink = Record::findByIdFrom('SidebarLink', $id);
if (!$sidebarlink) {
Flash::set('error', __('Sidebar link is not found!'));
redirect(get_url('sidebarlink'));
}
$sidebarlink->setFromData($data);
$sidebarlink->updated_by_id = AuthUser::getId();
$sidebarlink->updated_on = date('Y-m-d H:i:s');
if (!$sidebarlink->save()) {
Flash::set('error', __('Sidebar link is not updated!'));
redirect(get_url('sidebarlink/view/' . $id));
} else {
$this->upload($id);
Flash::set('success', __('Sidebar link has been updated!'));
if (isset($_POST['commit'])) {
redirect(get_url('sidebarlink'));
} else {
redirect(get_url('sidebarlink/view/' . $id));
}
}
}
}
public static function cloneTree($page, $parent_id)
{
/* This will hold new id of root of cloned tree. */
static $new_root_id = false;
/* Clone passed in page. */
$clone = Record::findByIdFrom('Page', $page->id);
$clone->parent_id = (int) $parent_id;
$clone->id = null;
$clone->title .= " (copy)";
$clone->slug .= "-copy";
$clone->save();
/* Also clone the page parts. */
$page_part = PagePart::findByPageId($page->id);
if (count($page_part)) {
foreach ($page_part as $part) {
$part->page_id = $clone->id;
$part->id = null;
$part->save();
}
}
/* This gets set only once even when called recursively. */
if (!$new_root_id) {
$new_root_id = $clone->id;
}
/* Clone and update childrens parent_id to clones new id. */
if (Page::hasChildren($page->id)) {
foreach (Page::childrenOf($page->id) as $child) {
Page::cloneTree($child, $clone->id);
}
}
return $new_root_id;
}
?>
</th>
<th class="size" width=50><?php
echo __('Order');
?>
</th>
<th class="modify" width=50><?php
echo __('Action');
?>
</th>
</tr>
</thead>
<tbody>
<?php
foreach ($events as $event) {
$page = Record::findByIdFrom('Page', $event->page_id);
$type_detail = $event->type == 'home' ? $event->location : '';
?>
<!--ws 2/10/2015 for non-object prroperty problem-->
<tr class="<?php
echo odd_even();
?>
">
<td><?php
echo $event->name;
?>
</td>
<td><?php
echo $event->filename != '' ? '<img src="' . BASE_FILES_DIR . '/event/' . $event->filename . '" width=100 />' : '';
?>
</td>
function delete_featureimage($id)
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$featureimage = Record::findByIdFrom('FeatureImage', $id);
if ($featureimage) {
$file = FILES_DIR . '/attraction/feature/' . $featureimage->filename;
$filename = array_pop($paths);
$paths = join('/', $paths);
if (is_file($file)) {
if (!unlink($file)) {
Flash::set('error', __('Permission denied!'));
}
}
// delete record
if ($featureimage->delete()) {
Flash::set('success', __('This Feature image has been deleted.'));
} else {
Flash::set('error', __('This Feature image could not be deleted!'));
}
} else {
Flash::set('error', __('Feature image could not be found!'));
}
redirect(get_url('attraction/edit/' . $featureimage->attractionid));
}
/**
* Reorders a Snippet's position relative to other Snippets.
*
* @todo Add input cleaning.
*/
public function reorder()
{
parse_str($_POST['data']);
foreach ($snippets as $position => $snippet_id) {
$snippet = Record::findByIdFrom('Snippet', $snippet_id);
$snippet->position = (int) $position + 1;
$snippet->save();
}
}
function reorder()
{
parse_str($_POST['data']);
foreach ($layouts as $position => $layout_id) {
$layout = Record::findByIdFrom('Layout', $layout_id);
$layout->position = (int) $position + 1;
$layout->save();
}
}
/**
* Ends relationship between page and tag
*
* @since 1.1.0
*
* @param string $ids
*/
public function endrelationship($ids)
{
$id = explode('-', $ids);
$page_id = $id[0];
$tag_id = $id[1];
if ($page = Record::findByIdFrom('Page', $page_id)) {
if ($tag = Record::findByIdFrom('Tag', $tag_id)) {
if (TaggerTag::deletePageTagRelationship($page_id, $tag_id)) {
Flash::set('success', __('Page :page_name has been deleted from association with Tag :tag_name!', array(':page_name' => $page->title, ':tag_name' => $tag->name)));
} else {
Flash::set('error', __('Nothing was deleted!'));
}
}
} else {
Flash::set('error', __('Page not found!'));
}
redirect(get_url('plugin/tagger'));
}
function delete()
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$news = Record::findByIdFrom('News', $id);
//Remove folders and all images
$dir = FILES_DIR . '/promo/images/' . $news->filename;
unlink($dir);
// End remove folders and all images
if ($news->delete()) {
Flash::set('success', __('This promo has been deleted.'));
} else {
Flash::set('error', __('This promo could not be deleted!'));
}
redirect(get_url('news'));
}
function delete()
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$event = Record::findByIdFrom('Event', $id);
//Remove folders and all images
$dir = FILES_DIR . '/event/images/' . $event->image;
unlink($dir);
// End remove folders and all images
if ($event->delete()) {
Flash::set('success', __('This event has been deleted.'));
} else {
Flash::set('error', __('This event has not been deleted!'));
}
redirect(get_url('event'));
}
/**
* Runs checks and stores a page.
*
* @param string $action What kind of action this is: add or edit.
* @param mixed $id Page to edit if any.
*/
private function _store($action, $id = false)
{
// Sanity checks
if ($action == 'edit' && !$id) {
throw new Exception('Trying to edit page when $id is false.');
}
use_helper('Validate');
$data = $_POST['page'];
$data['is_protected'] = !empty($data['is_protected']) ? 1 : 0;
Flash::set('post_data', (object) $data);
// Add pre-save checks here
$errors = false;
// CSRF checks
if (isset($_POST['csrf_token'])) {
$csrf_token = $_POST['csrf_token'];
if (!SecureToken::validateToken($csrf_token, BASE_URL . 'page/' . $action)) {
$errors[] = __('Invalid CSRF token found!');
}
} else {
$errors[] = __('No CSRF token found!');
}
$data['title'] = trim($data['title']);
if (empty($data['title'])) {
$errors[] = __('You have to specify a title!');
}
$data['slug'] = trim($data['slug']);
if (empty($data['slug']) && $id != '1') {
$errors[] = __('You have to specify a slug!');
} else {
if ($data['slug'] == ADMIN_DIR) {
$errors[] = __('You cannot have a slug named :slug!', array(':slug' => ADMIN_DIR));
}
if (!Validate::slug($data['slug']) && (!empty($data['slug']) && $id == '1')) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'slug'));
}
}
// Check all numerical fields for a page
$fields = array('parent_id', 'layout_id', 'needs_login');
foreach ($fields as $field) {
if (!Validate::digit($data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
}
// Check all date fields for a page
$fields = array('created_on', 'published_on', 'valid_until');
foreach ($fields as $field) {
if (isset($data[$field])) {
$data[$field] = trim($data[$field]);
if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{4}-[0-9]{2}-[0-9]{2}$/D', (string) $data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
}
}
// Check all time fields for a page
$fields = array('created_on_time', 'published_on_time', 'valid_until_time');
foreach ($fields as $field) {
if (isset($data[$field])) {
$data[$field] = trim($data[$field]);
if (!empty($data[$field]) && !(bool) preg_match('/^[0-9]{2}:[0-9]{2}:[0-9]{2}$/D', (string) $data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
}
}
// Check alphanumerical fields
$fields = array('keywords', 'description');
foreach ($fields as $field) {
use_helper('Kses');
$data[$field] = kses(trim($data[$field]), array());
/*
if (!empty($data[$field]) && !Validate::alpha_comma($data[$field])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => $field));
}
*
*/
}
// Check behaviour_id field
if (!empty($data['behaviour_id']) && !Validate::slug($data['behaviour_id'])) {
$errors[] = __('Illegal value for :fieldname field!', array(':fieldname' => 'behaviour_id'));
}
// Make sure the title doesn't contain HTML
if (Setting::get('allow_html_title') == 'off') {
use_helper('Kses');
$data['title'] = kses(trim($data['title']), array());
}
// Create the page object to be manipulated and populate data
if ($action == 'add') {
$page = new Page($data);
} else {
$page = Record::findByIdFrom('Page', $id);
$page->setFromData($data);
}
// Upon errors, rebuild original page and return to screen with errors
if (false !== $errors) {
$tags = $_POST['page_tag'];
// Rebuild time fields
if (isset($page->created_on)) {
$page->created_on = $page->created_on . ' ' . $page->created_on_time;
}
if (isset($page->published_on)) {
$page->published_on = $page->published_on . ' ' . $page->published_on_time;
}
if (isset($page->valid_until)) {
$page->valid_until = $page->valid_until . ' ' . $page->valid_until_time;
}
// Rebuild parts
$part = $_POST['part'];
if (!empty($part)) {
$tmp = false;
foreach ($part as $key => $val) {
$tmp[$key] = (object) $val;
}
$part = $tmp;
}
// Set the errors to be displayed.
Flash::setNow('error', implode('<br/>', $errors));
// display things ...
$this->setLayout('backend');
$this->display('page/edit', array('action' => $action, 'csrf_token' => SecureToken::generateToken(BASE_URL . 'page/' . $action), 'page' => (object) $page, 'tags' => $tags, 'filters' => Filter::findAll(), 'behaviors' => Behavior::findAll(), 'page_parts' => (object) $part, 'layouts' => Record::findAllFrom('Layout')));
}
// Notify
if ($action == 'add') {
Observer::notify('page_add_before_save', $page);
} else {
Observer::notify('page_edit_before_save', $page);
}
// Time to actually save the page
// @todo rebuild this so parts are already set before save?
// @todo determine lazy init impact
if ($page->save()) {
// Get data for parts of this page
$data_parts = $_POST['part'];
Flash::set('post_parts_data', (object) $data_parts);
if ($action == 'edit') {
$old_parts = PagePart::findByPageId($id);
// check if all old page part are passed in POST
// if not ... we need to delete it!
foreach ($old_parts as $old_part) {
$not_in = true;
foreach ($data_parts as $part_id => $data) {
$data['name'] = trim($data['name']);
if ($old_part->name == $data['name']) {
$not_in = false;
// this will not really create a new page part because
// the id of the part is passed in $data
$part = new PagePart($data);
$part->page_id = $id;
Observer::notify('part_edit_before_save', $part);
$part->save();
Observer::notify('part_edit_after_save', $part);
unset($data_parts[$part_id]);
break;
}
}
if ($not_in) {
$old_part->delete();
}
}
}
// add the new parts
foreach ($data_parts as $data) {
$data['name'] = trim($data['name']);
$part = new PagePart($data);
$part->page_id = $page->id;
Observer::notify('part_add_before_save', $part);
$part->save();
Observer::notify('part_add_after_save', $part);
}
// save tags
$page->saveTags($_POST['page_tag']['tags']);
Flash::set('success', __('Page has been saved!'));
} else {
Flash::set('error', __('Page has not been saved!'));
$url = 'page/';
$url .= $action == 'edit' ? 'edit/' . $id : 'add/';
redirect(get_url($url));
}
if ($action == 'add') {
Observer::notify('page_add_after_save', $page);
} else {
Observer::notify('page_edit_after_save', $page);
}
// save and quit or save and continue editing ?
if (isset($_POST['commit'])) {
redirect(get_url('page'));
} else {
redirect(get_url('page/edit/' . $page->id));
}
}
public function delete($id)
{
if (!AuthUser::hasPermission('user_delete')) {
Flash::set('error', __('You do not have permission to access the requested page!'));
redirect(get_url());
}
// Sanity checks
use_helper('Validate');
if (!Validate::numeric($id)) {
Flash::set('error', __('Invalid input found!'));
redirect(get_url());
}
// CSRF checks
if (isset($_GET['csrf_token'])) {
$csrf_token = $_GET['csrf_token'];
if (!SecureToken::validateToken($csrf_token, BASE_URL . 'user/delete/' . $id)) {
Flash::set('error', __('Invalid CSRF token found!'));
redirect(get_url('user'));
}
} else {
Flash::set('error', __('No CSRF token found!'));
redirect(get_url('user'));
}
// security (dont delete the first admin)
if ($id > 1) {
// find the user to delete
if ($user = Record::findByIdFrom('User', $id)) {
if ($user->delete()) {
Flash::set('success', __('User <strong>:name</strong> has been deleted!', array(':name' => $user->name)));
Observer::notify('user_after_delete', $user->name);
} else {
Flash::set('error', __('User <strong>:name</strong> has not been deleted!', array(':name' => $user->name)));
}
} else {
Flash::set('error', __('User not found!'));
}
} else {
Flash::set('error', __('Action disabled!'));
}
redirect(get_url('user'));
}
function delete($id)
{
$testimonial = Record::findByIdFrom('Testimonial', $id);
// find the testimonial to delete
if ($testimonial) {
if ($testimonial->delete()) {
Flash::set('success', __('This testimonial has been deleted.'));
} else {
Flash::set('error', __('This testimonial has not been deleted!'));
}
} else {
Flash::set('error', __('Testimonial not found!'));
}
redirect(get_url('testimonial'));
}
public function delete($id)
{
if (!AuthUser::hasPermission('user_delete')) {
Flash::set('error', __('You do not have permission to access the requested page!'));
redirect(get_url());
}
// security (dont delete the first admin)
if ($id > 1) {
// find the user to delete
if ($user = Record::findByIdFrom('User', $id)) {
if ($user->delete()) {
Flash::set('success', __('User <strong>:name</strong> has been deleted!', array(':name' => $user->name)));
Observer::notify('user_after_delete', $user->name);
} else {
Flash::set('error', __('User <strong>:name</strong> has not been deleted!', array(':name' => $user->name)));
}
} else {
Flash::set('error', __('User not found!'));
}
} else {
Flash::set('error', __('Action disabled!'));
}
redirect(get_url('user'));
}
function delete_image($id)
{
$this->_checkPermission();
$paths = func_get_args();
$id = urldecode(join('/', $paths));
$about = Record::findByIdFrom('About', $id);
$file = FILES_DIR . '/about/' . $about->filename;
$filename = array_pop($paths);
$paths = join('/', $paths);
if (is_file($file)) {
if (!unlink($file)) {
Flash::set('error', __('Permission denied!'));
}
}
// find the about to delete
if ($about = Record::findByIdFrom('About', $id)) {
if ($about->update('About', array('filename' => '', 'source' => ''), 'id=' . $id)) {
Flash::set('success', __('This image has been deleted.'));
} else {
Flash::set('error', __('This image has not been deleted!'));
}
} else {
Flash::set('error', __('Image not found!'));
}
redirect(get_url('about/view/' . $id));
}
function delete($id)
{
$pdf = Record::findByIdFrom('Pdf', $id);
// find the pdf to delete
if ($pdf) {
$file = FILES_DIR . '/pdf/' . $pdf->filename;
//$file2 = FILES_DIR.'/pdf/bg/'.$pdf->left_bg;
//$file3 = FILES_DIR.'/pdf/bg/'.$pdf->right_bg;
$filename = array_pop($paths);
$paths = join('/', $paths);
if (is_file($file)) {
if (!unlink($file)) {
Flash::set('error', __('Permission denied!'));
}
}
if ($pdf->delete()) {
Flash::set('success', __('This pdf has been deleted.'));
} else {
Flash::set('error', __('This pdf has not been deleted!'));
}
} else {
Flash::set('error', __('Menu not found!'));
}
redirect(get_url('pdf'));
}
