function assertNotValid($data, $errors)
{
$validator = new Validator();
$validator->check($data, $this->schema);
$this->assertEquals($errors, $validator->getErrors(), print_r($validator->getErrors(), true));
$this->assertFalse($validator->isValid());
}
<?php
require '_inc.php';
$errors = [];
$spam = [];
$validator = new Validator($_POST);
$validator->check('nom', 'required');
$validator->check('prénom', 'required');
$validator->check('email', 'email');
$validator->check('email', 'required');
$validator->check('description', 'required');
$validator->specialcheck('arbitraryfield', 'empty');
$errors = $validator->errors();
$spam = $validator->spam();
if (!empty($spam)) {
$_SESSION['spam'] = $spam;
// redirection
header('Location:success.php');
} else {
if (!empty($errors)) {
$_SESSION['errors'] = $errors;
$_SESSION['inputs'] = $_POST;
// redirection
header('Location:index.php');
} else {
$_SESSION['success'] = 1;
$email_contact = "\r\nContact: " . $_POST['email'] . "\r\n";
$nom_prenom = "\r\nNom et prénom: " . $_POST['nom'] . " " . $_POST['prénom'] . "\r\n";
$message = "\r\nMessage: " . $_POST['description'] . "\r\n";
$message_compiled = $message . $nom_prenom . $email_contact;
$headers = 'FROM: site@localdev';
/*
Account
*/
Route::get('account', array('before' => 'check', 'main' => function () {
// check we have a database
if (!Session::get('install.metadata')) {
Notify::error('Please enter your site details');
return Response::redirect('metadata');
}
$vars['messages'] = Notify::read();
return Layout::create('account', $vars);
}));
Route::post('account', array('before' => 'check', 'main' => function () {
$account = Input::get(array('username', 'email', 'password'));
$validator = new Validator($account);
$validator->check('username')->is_max(3, 'Please enter a username');
$validator->check('email')->is_email('Please enter a valid email address');
$validator->check('password')->is_max(6, 'Please enter a password, at least 6 characters long');
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('account');
}
Session::put('install.account', $account);
// run install process
try {
Installer::run();
} catch (Exception $e) {
Input::flash();
Notify::error($e->getMessage());
return Response::redirect('account');
<?php
require '../../classes/Database.php';
require '../../classes/Validator.php';
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$media_types_records = $gui->select('media_types');
if (!empty($_POST)) {
$db->table('media_types');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($_POST, ['media_type' => ['required' => true]]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($_POST)) {
header('Location: create_media_types.php');
die;
}
}
}
?>
<!doctype html>
<html>
<head>
<title>Create media types</title>
<link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
});
Route::post('admin/posts/add', function () {
$input = Input::get(array('title', 'slug', 'description', 'created', 'html', 'css', 'js', 'category', 'status', 'comments', 'company', 'department'));
// if there is no slug try and create one from the title
if (empty($input['slug'])) {
$input['slug'] = $input['title'];
}
// convert to ascii
$input['slug'] = slug($input['slug']);
// encode title
$input['title'] = e($input['title'], ENT_COMPAT);
$validator = new Validator($input);
$validator->add('duplicate', function ($str) {
return Post::where('slug', '=', $str)->count() == 0;
});
$validator->check('title')->is_max(3, __('posts.title_missing'));
$validator->check('slug')->is_max(3, __('posts.slug_missing'))->is_duplicate(__('posts.slug_duplicate'))->not_regex('#^[0-9_-]+$#', __('posts.slug_invalid'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/posts/add');
}
if (empty($input['created'])) {
$input['created'] = Date::mysql('now');
}
$user = Auth::user();
$input['author'] = $user->id;
if (is_null($input['comments'])) {
$input['comments'] = 0;
}
if (empty($input['html'])) {
$vars['dashboard_page_options'] = array('panel' => 'Welcome', 'posts' => 'Posts', 'pages' => 'Pages');
$vars['meta'] = Config::get('meta');
$vars['pages'] = Page::dropdown();
$vars['themes'] = Themes::all();
return View::create('extend/metadata/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
});
/*
Update Metadata
*/
Route::post('admin/extend/metadata', function () {
$input = Input::get(array('sitename', 'description', 'home_page', 'posts_page', 'posts_per_page', 'auto_published_comments', 'theme', 'comment_notifications', 'comment_moderation_keys', 'show_all_posts', 'dashboard_page'));
foreach ($input as $key => $value) {
$input[$key] = eq($value);
}
$validator = new Validator($input);
$validator->check('sitename')->is_max(3, __('metadata.sitename_missing'));
$validator->check('description')->is_max(3, __('metadata.sitedescription_missing'));
$validator->check('posts_per_page')->is_regex('#^[0-9]+$#', __('metadata.missing_posts_per_page', 'Please enter a number for posts per page'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/extend/metadata');
}
// convert double quotes so we dont break html
$input['sitename'] = e($input['sitename'], ENT_COMPAT);
$input['description'] = e($input['description'], ENT_COMPAT);
foreach ($input as $key => $v) {
$v = is_null($v) ? 0 : $v;
Query::table(Base::table('meta'))->where('key', '=', $key)->update(array('value' => $v));
}
Notify::success(__('metadata.updated'));
$vars['pagetype'] = Query::table(Base::table('pagetypes'))->where('key', '=', $key)->fetch();
return View::create('extend/pagetypes/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
});
Route::post('admin/extend/pagetypes/edit/(:any)', function ($key) {
$input = Input::get(array('key', 'value'));
$input['key'] = slug($input['key'], '_');
$validator = new Validator($input);
$validator->add('valid_key', function ($str) use($key) {
// no change
if ($str == $key) {
return true;
}
// check the new key $str is available
return Query::table(Base::table('pagetypes'))->where('key', '=', $str)->count() == 0;
});
$validator->check('key')->is_max(2, __('extend.key_missing'))->is_valid_key(__('extend.key_exists'));
$validator->check('value')->is_max(1, __('extend.name_missing'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/extend/pagetypes/edit/' . $key);
}
Query::table(Base::table('pagetypes'))->where('key', '=', $key)->update($input);
Notify::success(__('extend.pagetype_updated'));
return Response::redirect('admin/extend/pagetypes');
});
/*
Delete Var
*/
Route::get('admin/extend/pagetypes/delete/(:any)', function ($key) {
Query::table(Base::table('pagetypes'))->where('key', '=', $key)->delete();
<?php
require_once 'app/init.php';
if (!empty($_POST)) {
$email = $_POST['email'];
$username = $_POST['username'];
$password = $_POST['password'];
$validator = new Validator($database, $errorHandler);
$validation = $validator->check($_POST, ['email' => ['required' => true, 'maxlength' => 255, 'unique' => 'tblTeamMembers', 'email' => true], 'username' => ['required' => true, 'minlength' => 3, 'unique' => 'tblTeamMembers'], 'password' => ['required' => true, 'minlength' => 5]]);
if ($validation->fails()) {
echo '<pre>', print_r($validator->errors()->all(), true), '</pre>';
} else {
$created = $auth->create(['Email_Address' => $email, 'Login_Name' => $username, 'Web_Password' => $password]);
if ($created) {
header('Location:index.php');
}
//echo $hash->make($password);
//echo $hash->make($_POST['password']);
}
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<title>Sign In</title>
</head>
<body>
<form action="signup.php" method="post">
$input['js'] = " ";
}
// if there is no slug try and create one from title
if (empty($input['slug'])) {
$input['slug'] = slug($input['title']);
}
// convert to ascii
$input['slug'] = slug($input['slug']);
do {
//Check for duplication
$isDuplicate = Post::where('slug', '=', $input['slug'])->count() > 0;
if ($isDuplicate) {
$input['slug'] = slug(noise(10));
}
} while ($isDuplicate);
$validator->check('slug')->not_regex('#^[0-9_-]+$#', __('posts.slug_invalid'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/posts/add');
}
if (empty($input['created'])) {
$input['created'] = Date::mysql('now');
}
$user = Auth::user();
$input['author'] = $user->id;
if (is_null($input['comments'])) {
$input['comments'] = 0;
}
$post = Post::create($input);
Extend::process('post', $post->id);
$vars['variable']->user_key = substr($vars['variable']->key, strlen('custom_'));
return View::create('extend/variables/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
});
Route::post('admin/extend/variables/edit/(:any)', function ($key) {
$input = Input::get(array('key', 'value'));
$input['key'] = 'custom_' . slug($input['key'], '_');
$validator = new Validator($input);
$validator->add('valid_key', function ($str) use($key) {
// no change
if ($str == $key) {
return true;
}
// check the new key $str is available
return Query::table(Base::table('meta'))->where('key', '=', $str)->count() == 0;
});
$validator->check('key')->is_max(8, __('extend.name_missing'))->is_valid_key(__('extend.name_exists'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/extend/variables/edit/' . $key);
}
Query::table(Base::table('meta'))->where('key', '=', $key)->update($input);
Notify::success(__('extend.variable_updated'));
return Response::redirect('admin/extend/variables');
});
/*
Delete Var
*/
Route::get('admin/extend/variables/delete/(:any)', function ($key) {
Query::table(Base::table('meta'))->where('key', '=', $key)->delete();
Notify::success(__('extend.variable_deleted'));
if ($token != $key) {
Notify::error(__('users.recovery_expired'));
return Response::redirect('admin/login');
}
return View::create('users/reset', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
}));
Route::post('admin/reset/(:any)', array('before' => 'csrf', 'main' => function ($key) {
$password = Input::get('pass');
$token = Session::get('token');
$user = Session::get('user');
if ($token != $key) {
Notify::error(__('users.recovery_expired'));
return Response::redirect('admin/login');
}
$validator = new Validator(array('password' => $password));
$validator->check('password')->is_max(6, __('users.password_too_short', 6));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/reset/' . $key);
}
User::update($user, array('password' => Hash::make($password)));
Session::erase('user');
Session::erase('token');
Notify::success(__('users.password_reset'));
return Response::redirect('admin/login');
}));
/*
Upgrade
*/
Route::get('admin/upgrade', function () {
<?php
require '../../classes/Database.php';
require '../../classes/Validator.php';
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$categories_records = array();
if (!empty($_POST)) {
$db->table('categories');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($_POST, ['category' => ['required' => true, 'unique' => 'categories']]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($_POST)) {
header('Location: create_categories.php');
die;
}
}
}
if ($results = $db->table('categories')->select()) {
foreach ($results as $row) {
$categories_records[] = $row;
}
}
?>
<?php
require '../../classes/Database.php';
require '../../classes/Validator.php';
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$technologies_records = $gui->select('technologies');
if (!empty($_POST)) {
$db->table('technologies');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($_POST, ['technology' => ['required' => true]]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($_POST)) {
header('Location: create_technologies.php');
die;
}
}
}
?>
<!doctype html>
<html>
<head>
<title>Create technologies</title>
<link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
public static function check($subject, $pattern)
{
// check require if set
if (isset($pattern['require']) && $pattern['require']) {
if (empty($subject) || !isset($subject)) {
return 'require';
}
}
$check_type = $pattern['type'];
// check pattern
if (!isset($check_type) || empty($check_type)) {
return 'wrong_pattern : unknown type';
}
if (isset($pattern['min']) && !empty($pattern['min'])) {
if (Validator::check($pattern['min'], array('type' => 'INT'))) {
return 'wrong_pattern : min must be INT';
}
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
if (Validator::check($pattern['max'], array('type' => 'INT'))) {
return 'wrong_pattern : max must be INT';
}
}
if (isset($pattern['M']) && !empty($pattern['M'])) {
if (Validator::check($pattern['M'], array('type' => 'INT'))) {
return 'wrong_pattern : M of DECIMAL must be INT';
}
}
if (isset($pattern['D']) && !empty($pattern['D'])) {
if (Validator::check($pattern['D'], array('type' => 'INT'))) {
return 'wrong_pattern : D of DECIMAL must be INT';
}
}
if (isset($pattern['limit']) && !empty($pattern['limit'])) {
if (Validator::check($pattern['limit'], array('type' => 'INT'))) {
return 'wrong_pattern : limit of NUMERIC must be INT';
}
}
// check subject
if (get_magic_quotes_gpc()) {
$val = stripslashes($subject);
} else {
$val = $subject;
}
if ($check_type == 'VARCHAR') {
$val = strip_tags($val);
if (isset($pattern['min']) && !empty($pattern['min'])) {
$min = $pattern['min'];
} else {
$min = 0;
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
$max = $pattern['max'];
} else {
$max = 2147483647;
}
if (strlen($val) < $min || strlen($val) > $max) {
return 'VARCHAR: min | max';
}
} elseif ($check_type == 'TEXT') {
$val = strip_tags($val);
if (isset($pattern['min']) && !empty($pattern['min'])) {
$min = $pattern['min'];
} else {
$min = 0;
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
$max = $pattern['max'];
} else {
$max = 65535;
}
if (strlen($val) < $min || strlen($val) > $max) {
return 'TEXT: min | max';
}
} elseif ($check_type == 'HTML') {
} elseif ($check_type == 'INT') {
if (isset($pattern['signed']) && $pattern['signed']) {
$min = -2147483648.0;
$max = 2147483647;
} else {
$min = 0;
$max = 4294967295.0;
}
if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) {
return '!INT';
}
if ($val < $min || $val > $max) {
return 'INT: min | max';
}
} elseif ($check_type == 'TINYINT') {
if (isset($pattern['signed']) && $pattern['signed']) {
$min = -128;
$max = 127;
} else {
$min = 0;
$max = 255;
}
if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) {
return '!TINYINT';
}
if ($val < $min || $val > $max) {
return 'TINYINT: min | max';
}
} elseif ($check_type == 'SMALLINT') {
if (isset($pattern['signed']) && $pattern['signed']) {
$min = -32768;
$max = 32767;
} else {
$min = 0;
$max = 65535;
}
if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) {
return '!SMALLINT';
}
if ($val < $min || $val > $max) {
return 'SMALLINT: min | max';
}
} elseif ($check_type == 'MEDIUMINT') {
if (isset($pattern['signed']) && $pattern['signed']) {
$min = -8388608;
$max = 8388607;
} else {
$min = 0;
$max = 16777215;
}
if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) {
return '!MEDIUMINT';
}
if ($val < $min || $val > $max) {
return 'MEDIUMINT: min | max';
}
} elseif ($check_type == 'NUMERIC') {
if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val) || $val < 0) {
return '!NUMERIC';
}
if (isset($pattern['limit']) && $val > $pattern['limit']) {
return 'NUMERIC: limit';
}
} elseif ($check_type == 'FLOAT') {
if (substr_count($val, ".") > 1 || preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-\\.]/", $val)) {
return '!FLOAT';
}
if (isset($pattern['min']) && !empty($pattern['min'])) {
if ($val < $pattern['min']) {
return 'FLOAT: min';
}
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
if ($val > $pattern['max']) {
return 'FLOAT: max';
}
}
} elseif ($check_type == 'DECIMAL') {
list($tmpM, $tmpD) = explode('.', $val);
$digitM = strlen($tmpM);
$digitD = strlen($tmpD);
if (substr_count($val, ".") > 1 || preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-\\.]/", $val)) {
return '!DECIMAL';
}
if (isset($pattern['M']) && isset($pattern['D'])) {
if ($digitM > $pattern['M'] || $digitD > $pattern['D']) {
return 'DECIMAL: M | D';
}
}
} elseif ($check_type == 'DATETIME') {
$regs = array("/^\\d{4}[\\/-]\\d{1,2}[\\/-]\\d{1,2}\\s\\d{1,2}:\\d{1,2}:\\d{1,2}/");
$dt_valid = false;
foreach ($regs as $regex) {
if (preg_match($regex, $val)) {
$dt_valid = true;
break;
}
}
if (!$dt_valid) {
return '!DATETIME';
}
} elseif ($check_type == 'TIMEZONE') {
if (!preg_match("/^[+-](((0[0-9]|1[0-1]):[0-5][0-9])|12:00)\$/", $val)) {
return '!TIMEZONE';
}
} elseif ($check_type == 'DATE') {
} elseif ($check_type == 'URL') {
if (!preg_match("/^(http(?:s)?\\:\\/\\/[a-zA-Z0-9\\-]+(?:\\.[a-zA-Z0-9\\-]+)*\\.[a-zA-Z]{2,6}(?:\\/?|(?:\\/[\\w\\-]+)*)(?:\\/?|\\/\\w+\\.[a-zA-Z]{2,4}(?:\\?[\\w]+\\=[\\w\\-]+)?)?(?:\\&[\\w]+\\=[\\w\\-]+)*)(:[\\d]{1,4})?\$/", $val)) {
//must have http(s)
return '!URL';
}
if (isset($pattern['min']) && !empty($pattern['min'])) {
if (strlen($val) < $pattern['min']) {
return 'URL: min';
}
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
if (strlen($val) > $pattern['max']) {
return 'URL: max';
}
}
} elseif ($check_type == 'MAIL') {
if (!preg_match("/^\\w[\\w-.]*\\@[\\w-]+(.\\w+){1,2}\$/", $val) || !checkdnsrr(str_replace("@", "", strrchr($val, "@")), "MX")) {
return '!MAIL';
}
if (isset($pattern['min']) && !empty($pattern['min'])) {
if (strlen($val) < $pattern['min']) {
return 'MAIL: min';
}
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
if (strlen($val) > $pattern['max']) {
return 'MAIL: max';
}
}
} elseif ($check_type == 'MOBILE') {
if (!preg_match("/^[\\+]?\\d+(\\-\\d+)*\$/", $val)) {
return '!MOBILE';
}
if (isset($pattern['min']) && !empty($pattern['min'])) {
if (strlen($val) < $pattern['min']) {
return 'MOBILE: min';
}
}
if (isset($pattern['max']) && !empty($pattern['max'])) {
if (strlen($val) > $pattern['max']) {
return 'MOBILE: max';
}
}
}
return false;
}
/**
* update - update this ProjectTask in the database.
*
* @param string The summary of this task.
* @param string The detailed description of this task.
* @param int The Priority of this task.
* @param int The Hours estimated to complete this task.
* @param int The (unix) start date of this task.
* @param int The (unix) end date of this task.
* @param int The status_id of this task.
* @param int The category_id of this task.
* @param int The percentage of completion in integer format of this task.
* @param array An array of user_id's that are assigned this task.
* @param array An array of project_task_id's that this task depends on.
* @param int The GroupProjectID of a new subproject that you want to move this Task to.
* @param int The duration of the task in days.
* @param int The id of the parent task, if any.
* @return boolean success.
*/
function update($summary, $details, $priority, $hours, $start_date, $end_date, $status_id, $category_id, $percent_complete, &$assigned_arr, &$depend_arr, $new_group_project_id, $duration = 0, $parent_id = 0)
{
$has_changes = false;
// if any of the values passed is different from
$v = new Validator();
$v->check($summary, "summary");
$v->check($priority, "priority");
$v->check($hours, "hours");
$v->check($start_date, "start date");
$v->check($end_date, "end date");
$v->check($status_id, "status");
$v->check($category_id, "category");
if (!$v->isClean()) {
$this->setError($v->formErrorMsg("Must include "));
return false;
}
if (!$parent_id) {
$parent_id = 0;
}
if ($this->getParentID() != $parent_id) {
$has_changes = true;
}
if (!$duration) {
$duration = 0;
}
if ($this->getDuration() != $duration) {
$has_changes = true;
}
if (!$this->ProjectGroup->userIsAdmin()) {
$this->setPermissionDeniedError();
return false;
}
/*if ( ($this->getSummary() != $summary) || ($this->getDetails() != $details) ||
($this->getPriority() != $priority) || ($this->getHours() != $hours) ||
($this->getStartDate() != $start_date) || ($this->getEndDate() != $end_date) ||
($this->getStatusID() != $status_id) || ($this->getCategoryID() != $category_id) ||
($this->getPercentComplete() != $percent_complete) ) {
$has_changes = true;
}*/
db_begin();
//
// Attempt to move this Task to a new Subproject
// need to instantiate new ProjectGroup obj and test if it works
//
$group_project_id = $this->ProjectGroup->getID();
if ($new_group_project_id != $group_project_id) {
$newProjectGroup = new ProjectGroup($this->ProjectGroup->getGroup(), $new_group_project_id);
if (!is_object($newProjectGroup) || $newProjectGroup->isError()) {
$this->setError('ProjectTask: Could not move to new ProjectGroup' . $newProjectGroup->getErrorMessage());
db_rollback();
return false;
}
/* do they have perms for new ArtifactType?
if (!$newArtifactType->userIsAdmin()) {
$this->setPermissionDeniedError();
db_rollback();
return false;
}*/
//
// Now set ProjectGroup, Category, and Assigned to 100 in the new ProjectGroup
//
$status_id = 1;
$category_id = '100';
unset($assigned_to);
$assigned_to = array('100');
$this->ProjectGroup =& $newProjectGroup;
$this->addHistory('group_project_id', $group_project_id);
$has_changes = true;
}
if ($details) {
$has_changes = true;
if (!$this->addMessage($details)) {
db_rollback();
return false;
}
}
if ($this->getStatusID() != $status_id) {
$this->addHistory('status_id', $this->getStatusID());
$has_changes = true;
}
if ($this->getCategoryID() != $category_id) {
$this->addHistory('category_id', $this->getCategoryID());
$has_changes = true;
}
if ($this->getPriority() != $priority) {
$this->addHistory('priority', $this->getPriority());
$has_changes = true;
}
if ($this->getSummary() != htmlspecialchars(stripslashes($summary))) {
$this->addHistory('summary', addslashes($this->getSummary()));
$has_changes = true;
}
if ($this->getPercentComplete() != $percent_complete) {
$this->addHistory('percent_complete', $this->getPercentComplete());
$has_changes = true;
}
if ($this->getHours() != $hours) {
$this->addHistory('hours', $this->getHours());
$has_changes = true;
}
if ($this->getStartDate() != $start_date) {
$this->addHistory('start_date', $this->getStartDate());
$has_changes = true;
}
if ($this->getEndDate() != $end_date) {
$this->addHistory('end_date', $this->getEndDate());
$has_changes = true;
}
$old_assigned =& $this->getAssignedTo();
$diff_assigned_array = array_diff($old_assigned, $assigned_arr);
if (count($diff_assigned_array) > 0) {
for ($tmp = 0; $tmp < count($old_assigned); $tmp++) {
$this->addHistory('assigned_to_id', $old_assigned[$tmp]);
}
$has_changes = true;
}
$old_array =& array_keys($this->getDependentOn());
$diff_array = array_diff($old_array, array_keys($depend_arr));
if (count($diff_array) > 0) {
for ($tmp = 0; $tmp < count($old_array); $tmp++) {
$this->addHistory('dependent_on_id', $old_array[$tmp]);
}
$has_changes = true;
}
if (!$this->setDependentOn($depend_arr)) {
db_rollback();
return false;
} elseif (!$this->setAssignedTo($assigned_arr)) {
db_rollback();
return false;
} else {
$sql = "UPDATE project_task SET\n\t\t\t\tsummary='" . htmlspecialchars($summary) . "',\n\t\t\t\tpriority='{$priority}',\n\t\t\t\thours='{$hours}',\n\t\t\t\tstart_date='{$start_date}',\n\t\t\t\tend_date='{$end_date}',\n\t\t\t\tstatus_id='{$status_id}',\n\t\t\t\tpercent_complete='{$percent_complete}',\n\t\t\t\tcategory_id='{$category_id}',\n\t\t\t\tgroup_project_id='{$new_group_project_id}',\n\t\t\t\tduration='{$duration}',\n\t\t\t\tparent_id='{$parent_id}'\n\t\t\t\tWHERE group_project_id='{$group_project_id}'\n\t\t\t\tAND project_task_id='" . $this->getID() . "'";
$res = db_query($sql);
if (!$res) {
$this->setError('Error On ProjectTask::update-5: ' . db_error() . $sql);
db_rollback();
return false;
} else {
if (!$this->fetchData($this->getID())) {
$this->setError('Error On ProjectTask::update-6: ' . db_error());
db_rollback();
return false;
} else {
if ($has_changes) {
//only send email if there was any change
$this->sendNotice();
}
db_commit();
return true;
}
}
}
}
});
Route::post('admin/pages/add', function () {
$input = Input::get(array('parent', 'name', 'title', 'slug', 'content', 'status', 'redirect', 'show_in_menu'));
// if there is no slug try and create one from the title
if (empty($input['slug'])) {
$input['slug'] = $input['title'];
}
// convert to ascii
$input['slug'] = slug($input['slug']);
// encode title
$input['title'] = e($input['title'], ENT_COMPAT);
$validator = new Validator($input);
$validator->add('duplicate', function ($str) {
return Page::where('slug', '=', $str)->count() == 0;
});
$validator->check('title')->is_max(3, __('pages.title_missing'));
$validator->check('slug')->is_max(3, __('pages.slug_missing'))->is_duplicate(__('pages.slug_duplicate'))->not_regex('#^[0-9_-]+$#', __('pages.slug_invalid'));
if ($input['redirect']) {
$validator->check('redirect')->is_url(__('pages.redirect_missing'));
}
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/pages/add');
}
if (empty($input['name'])) {
$input['name'] = $input['title'];
}
$input['show_in_menu'] = is_null($input['show_in_menu']) ? 0 : 1;
$page = Page::create($input);
Extend::process('page', $page->id);
<?php
require '../../classes/Database.php';
require '../../classes/Validator.php';
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$functions_records = $gui->select('functions');
if (!empty($_POST)) {
$db->table('functions');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($_POST, ['function' => ['required' => true, 'unique' => 'functions']]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($_POST)) {
header('Location: create_functions.php');
die;
}
}
}
?>
<!doctype html>
<html>
<head>
<title>Create functions</title>
<link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
public function info_save()
{
$rules = array('name:required:昵称不能为空!', 'real_name:required:真实姓名不能为空!', 'sex:int:性别必需选择!', 'birthday:date:生日日期格式不正确!', 'mobile:mobi:手机格式不正确', 'province:[1-9]\\d*:选择地区必需完成', 'city:[1-9]\\d*:选择地区必需完成', 'county:[1-9]\\d*:选择地区必需完成');
$info = Validator::check($rules);
if (is_array($info)) {
$this->redirect("info", false, array('msg' => array("info", $info['msg'])));
} else {
$data = array('name' => Filter::txt(Req::args('name')), 'real_name' => Filter::text(Req::args('real_name')), 'sex' => Filter::int(Req::args('sex')), 'birthday' => Filter::sql(Req::args('birthday')), 'mobile' => Filter::int(Req::args('mobile')), 'phone' => Filter::sql(Req::args('phone')), 'province' => Filter::int(Req::args('province')), 'city' => Filter::int(Req::args('city')), 'county' => Filter::int(Req::args('county')), 'addr' => Filter::text(Req::args('addr')));
$name = Filter::sql(Req::args("name"));
$id = $this->user['id'];
$this->model->table("user")->data(array("name" => $name))->where("id={$id}")->update();
$this->model->table("customer")->data($data)->where("user_id={$id}")->update();
$obj = $this->model->table("user as us")->join("left join customer as cu on us.id = cu.user_id")->fields("us.*,cu.group_id,cu.login_time")->where("us.id={$id}")->find();
$this->safebox->set('user', $obj, $this->cookie_time);
$this->redirect("info", false, array('msg' => array("success", "保存成功!")));
}
}
function help_save()
{
$rules = array('title:required:标题不能为空!', 'content:required:内容不能为空!');
$info = Validator::check($rules);
if ($info == true) {
Filter::form(array('sql' => 'title', 'text' => 'content'));
if (Req::args('id') == null) {
Req::args('publish_time', date('Y-m-d H:i:s'));
}
$id = Req::args('id');
$model = new Model("help");
if ($id) {
$model->where("id={$id}")->update();
Log::op($this->manager['id'], "修改帮助", "管理员[" . $this->manager['name'] . "]:修改了帮助 " . Req::args('title'));
} else {
$model->insert();
Log::op($this->manager['id'], "添加帮助", "管理员[" . $this->manager['name'] . "]:添加了帮助 " . Req::args('title'));
}
} else {
if (is_array($info)) {
$data = Req::args() + array('validator' => $info);
$this->redirect('help_edit', false, $data);
exit;
}
}
$this->redirect("help_list");
}
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$works_records = $gui->select('works');
$media_records = $gui->joinThree('works', 'media_for_works', 'media', 'media_title', 'work_id', 'media_id');
$categories_records = $gui->joinThree('works', 'categories_for_works', 'categories', 'category', 'work_id', 'category_id');
$techniques_records = $gui->joinThree('works', 'techniques_for_works', 'techniques', 'technique', 'work_id', 'technique_id');
$technologies_records = $gui->joinThree('works', 'technologies_for_works', 'technologies', 'technology', 'work_id', 'technology_id');
if (!empty($_POST)) {
$post_works = array_slice($_POST, 0, 2);
$db->table('works');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($post_works, ['work_title' => ['required' => true], 'work_description' => ['required' => false]]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($post_works)) {
$last_id = $db->lastID();
if ($_POST['media']) {
$post_media = $_POST['media'];
for ($m = 0; $m < count($post_media); $m++) {
$insert_media = ['media_id' => $post_media[$m], 'work_id' => $last_id];
$db->table('media_for_works')->insert($insert_media);
}
}
if ($_POST['category']) {
$post_category = $_POST['category'];
for ($n = 0; $n < count($post_category); $n++) {
<?php
require '_inc.php';
$backgroundchoice = ['background1', 'background2', 'background3'];
$pack = ['pack1', 'pack2', 'pack3'];
$event = ['eventtype1', 'eventtype2', 'eventtype3'];
$know_me = ['know_me1', 'know_me2', 'know_me3'];
$errors = [];
$spam = [];
$validator = new Validator($_POST);
$validator->check('nom', 'required');
$validator->check('prénom', 'required');
$validator->check('email', 'email');
$validator->check('email', 'required');
$validator->check('tel', 'tel');
$validator->check('description', 'required');
$validator->specialcheck('arbitraryfield', 'empty');
// for select
$validator->check('pack', 'select', array_keys($pack));
$validator->check('event_type', 'select', array_keys($event));
$validator->check('background-your-choice', 'select', array_keys($backgroundchoice));
$validator->check('know_me', 'select', array_keys($know_me));
$errors = $validator->errors();
$spam = $validator->spam();
if (!empty($spam)) {
$_SESSION['spam'] = $spam;
// redirection
header('Location:success.php');
} else {
if (!empty($errors)) {
$_SESSION['errors'] = $errors;
<?php
require '../../classes/Database.php';
require '../../classes/Validator.php';
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$people_records = $gui->select('people');
if (!empty($_POST)) {
$db->table('people');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($_POST, ['name' => ['required' => true], 'website' => ['required' => false], 'description' => ['required' => false]]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($_POST)) {
header('Location: create_people.php');
die;
}
}
}
?>
<!doctype html>
<html>
<head>
<title>Create people</title>
<link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
}
Registry::set('page', $posts_page);
Registry::set('article', $post);
Registry::set('category', Category::find($post->category));
return new Template('article');
});
/**
* Post a comment
*/
Route::post($posts_page->slug . '/(:any)', function ($slug) use($posts_page) {
if (!($post = Post::slug($slug)) or !$post->comments) {
return Response::create(new Template('404'), 404);
}
$input = filter_var_array(Input::get(array('name', 'email', 'text')), array('name' => FILTER_SANITIZE_STRING, 'email' => FILTER_SANITIZE_EMAIL, 'text' => FILTER_SANITIZE_SPECIAL_CHARS));
$validator = new Validator($input);
$validator->check('email')->is_email(__('comments.email_missing'));
$validator->check('text')->is_max(3, __('comments.text_missing'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect($posts_page->slug . '/' . $slug . '#comment');
}
$input['post'] = Post::slug($slug)->id;
$input['date'] = Date::mysql('now');
$input['status'] = Config::meta('auto_published_comments') ? 'approved' : 'pending';
// remove bad tags
$input['text'] = strip_tags($input['text'], '<a>,<b>,<blockquote>,<code>,<em>,<i>,<p>,<pre>');
// check if the comment is possibly spam
if ($spam = Comment::spam($input)) {
$input['status'] = 'spam';
}
function ask_validator()
{
$manager = $this->safebox->get('manager');
$rules = array('content:required:内容不能为空!');
$info = Validator::check($rules);
if ($info == true) {
Filter::form(array('text' => 'content'));
if (Req::args('id') != null) {
Req::args('reply_time', date('Y-m-d H:i:s'));
Req::args('status', 1);
Req::args('admin_id', $manager['id']);
}
}
return $info;
}
return View::create('extend/fields/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
});
Route::post('admin/extend/fields/edit/(:num)', function ($id) {
$input = Input::get(array('type', 'field', 'key', 'label', 'attributes', 'pagetype'));
if (empty($input['key'])) {
$input['key'] = $input['label'];
}
$input['key'] = slug($input['key'], '_');
array_walk_recursive($input, function (&$value) {
$value = eq($value);
});
$validator = new Validator($input);
$validator->add('valid_key', function ($str) use($id, $input) {
return Extend::where('key', '=', $str)->where('type', '=', $input['type'])->where('id', '<>', $id)->count() == 0;
});
$validator->check('key')->is_max(1, __('extend.key_missing'))->is_valid_key(__('extend.key_exists'));
$validator->check('label')->is_max(1, __('extend.label_missing'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/extend/fields/edit/' . $id);
}
if ($input['field'] == 'image') {
$attributes = Json::encode($input['attributes']);
} elseif ($input['field'] == 'file') {
$attributes = Json::encode(array('attributes' => array('type' => $input['attributes']['type'])));
} else {
$attributes = '';
}
Extend::update($id, array('type' => $input['type'], 'pagetype' => $input['pagetype'], 'field' => $input['field'], 'key' => $input['key'], 'label' => $input['label'], 'attributes' => $attributes));
Notify::success(__('extend.field_updated'));
public function email_message_validator()
{
$rules = array('title:required:消息标题不能为空!', 'content:required:消息内容不能为空!');
$info = Validator::check($rules);
if (Req::args('status') == null) {
Req::args('status', "0");
}
$status = Filter::int(Req::args('status'));
$trigger = Filter::int(Req::args('trigger'));
$id = Filter::int(Req::args('id'));
if ($info == true) {
$model = new Model('email_message');
$objs = $model->where('`trigger`=' . $trigger . ' and status=1')->findAll();
if (count($objs) > 1) {
return array('name' => null, 'msg' => '同一触发条件只能存在一条激活的信息模板!');
} else {
if (count($objs) == 1) {
if ($id != $objs[0]['id'] && $status == 1) {
return array('name' => null, 'msg' => '同一触发条件只能存在一条激活的信息模板!');
}
}
}
}
return $info;
}
/*
Add Category
*/
Route::get('admin/categories/add', function () {
$vars['token'] = Csrf::token();
// extended fields
$vars['fields'] = Extend::fields('category');
return View::create('categories/add', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
});
Route::post('admin/categories/add', function () {
$input = Input::get(array('title', 'slug', 'description'));
foreach ($input as $key => &$value) {
$value = eq($value);
}
$validator = new Validator($input);
$validator->check('title')->is_max(3, __('categories.title_missing'));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/categories/add');
}
if (empty($input['slug'])) {
$input['slug'] = $input['title'];
}
$input['slug'] = slug($input['slug']);
$category = Category::create($input);
Extend::process('category', $category->id);
Notify::success(__('categories.created'));
return Response::redirect('admin/categories');
});
/*
<?php
require '../../classes/Database.php';
require '../../classes/Validator.php';
require '../../classes/ErrorHandler.php';
require '../../classes/AdminGui.php';
require '../../functions/security.php';
$errorHandler = new ErrorHandler();
$db = new Database();
$gui = new AdminGui($db);
$exhibition_kinds_records = $gui->select('exhibition_kinds');
if (!empty($_POST)) {
$db->table('exhibition_kinds');
$validator = new Validator($db, $errorHandler);
$validation = $validator->check($_POST, ['exhibition_kind' => ['required' => true]]);
if ($validation->fails()) {
echo '<pre>', print_r($validation->errors()->all()), '</pre>';
} else {
if ($db->insert($_POST)) {
header('Location: create_exhibition_kinds.php');
die;
}
}
}
?>
<!doctype html>
<html>
<head>
<title>Create exhibition kinds</title>
<link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
return Response::redirect('admin/users/edit/' . $id);
});
/*
Add user
*/
Route::get('admin/users/add', function () {
$vars['messages'] = Notify::read();
$vars['token'] = Csrf::token();
$vars['statuses'] = array('inactive' => __('global.inactive'), 'active' => __('global.active'));
$vars['roles'] = array('administrator' => __('global.administrator'), 'editor' => __('global.editor'), 'user' => __('global.user'));
return View::create('users/add', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer');
});
Route::post('admin/users/add', function () {
$input = Input::get(array('username', 'email', 'real_name', 'password', 'bio', 'status', 'role'));
$validator = new Validator($input);
$validator->check('username')->is_max(3, __('users.username_missing', 2));
$validator->check('email')->is_email(__('users.email_missing'));
$validator->check('password')->is_max(6, __('users.password_too_short', 6));
if ($errors = $validator->errors()) {
Input::flash();
Notify::error($errors);
return Response::redirect('admin/users/add');
}
$input['password'] = Hash::make($input['password']);
User::create($input);
Notify::success(__('users.created'));
return Response::redirect('admin/users');
});
/*
Delete user
*/
public function address_save($redirect = null)
{
$rules = array('zip:zip:邮政编码格式不正确!', 'addr:required:内容不能为空!', 'accept_name:required:收货人姓名不能为空!,mobile:mobi:手机格式不正确!,phone:phone:电话格式不正确', 'province:[1-9]\\d*:选择地区必需完成', 'city:[1-9]\\d*:选择地区必需完成', 'county:[1-9]\\d*:选择地区必需完成');
$info = Validator::check($rules);
if (!is_array($info) && $info == true) {
Filter::form(array('sql' => 'accept_name|mobile|phone', 'txt' => 'addr', 'int' => 'province|city|county|zip|is_default|id'));
$is_default = Filter::int(Req::args("is_default"));
if ($is_default == 1) {
$this->model->table("address")->where("user_id=" . $this->user['id'])->data(array('is_default' => 0))->update();
} else {
Req::args("is_default", "0");
}
Req::args("user_id", $this->user['id']);
$id = Filter::int(Req::args('id'));
if ($id) {
$this->model->table("address")->where("id={$id} and user_id=" . $this->user['id'])->update();
} else {
$obj = $this->model->table("address")->where('user_id=' . $this->user['id'])->fields("count(*) as total")->find();
if ($obj && $obj['total'] >= 20) {
$this->assign("msg", array("error", '地址最大允许添加20个'));
$this->redirect("address_other", false, Req::args());
exit;
} else {
$address_id = $this->model->table("address")->insert();
$order_status = Session::get("order_status");
$order_status['address_id'] = $address_id;
Session::set("order_status", $order_status);
}
}
$this->assign("msg", array("success", "地址编辑成功!"));
Req::args("id", null);
//$this->redirect("address_other",false);
if ($redirect == null) {
echo "<script>parent.location.reload();</script>";
} else {
$this->redirect($redirect);
}
exit;
} else {
$this->assign("msg", array("error", $info['msg']));
$this->redirect("address_other", false, Req::args());
}
}
