function assertNotValid($data, $errors) { $validator = new Validator(); $validator->check($data, $this->schema); $this->assertEquals($errors, $validator->getErrors(), print_r($validator->getErrors(), true)); $this->assertFalse($validator->isValid()); }
<?php require '_inc.php'; $errors = []; $spam = []; $validator = new Validator($_POST); $validator->check('nom', 'required'); $validator->check('prénom', 'required'); $validator->check('email', 'email'); $validator->check('email', 'required'); $validator->check('description', 'required'); $validator->specialcheck('arbitraryfield', 'empty'); $errors = $validator->errors(); $spam = $validator->spam(); if (!empty($spam)) { $_SESSION['spam'] = $spam; // redirection header('Location:success.php'); } else { if (!empty($errors)) { $_SESSION['errors'] = $errors; $_SESSION['inputs'] = $_POST; // redirection header('Location:index.php'); } else { $_SESSION['success'] = 1; $email_contact = "\r\nContact: " . $_POST['email'] . "\r\n"; $nom_prenom = "\r\nNom et prénom: " . $_POST['nom'] . " " . $_POST['prénom'] . "\r\n"; $message = "\r\nMessage: " . $_POST['description'] . "\r\n"; $message_compiled = $message . $nom_prenom . $email_contact; $headers = 'FROM: site@localdev';
/* Account */ Route::get('account', array('before' => 'check', 'main' => function () { // check we have a database if (!Session::get('install.metadata')) { Notify::error('Please enter your site details'); return Response::redirect('metadata'); } $vars['messages'] = Notify::read(); return Layout::create('account', $vars); })); Route::post('account', array('before' => 'check', 'main' => function () { $account = Input::get(array('username', 'email', 'password')); $validator = new Validator($account); $validator->check('username')->is_max(3, 'Please enter a username'); $validator->check('email')->is_email('Please enter a valid email address'); $validator->check('password')->is_max(6, 'Please enter a password, at least 6 characters long'); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('account'); } Session::put('install.account', $account); // run install process try { Installer::run(); } catch (Exception $e) { Input::flash(); Notify::error($e->getMessage()); return Response::redirect('account');
<?php require '../../classes/Database.php'; require '../../classes/Validator.php'; require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $media_types_records = $gui->select('media_types'); if (!empty($_POST)) { $db->table('media_types'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($_POST, ['media_type' => ['required' => true]]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($_POST)) { header('Location: create_media_types.php'); die; } } } ?> <!doctype html> <html> <head> <title>Create media types</title> <link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
}); Route::post('admin/posts/add', function () { $input = Input::get(array('title', 'slug', 'description', 'created', 'html', 'css', 'js', 'category', 'status', 'comments', 'company', 'department')); // if there is no slug try and create one from the title if (empty($input['slug'])) { $input['slug'] = $input['title']; } // convert to ascii $input['slug'] = slug($input['slug']); // encode title $input['title'] = e($input['title'], ENT_COMPAT); $validator = new Validator($input); $validator->add('duplicate', function ($str) { return Post::where('slug', '=', $str)->count() == 0; }); $validator->check('title')->is_max(3, __('posts.title_missing')); $validator->check('slug')->is_max(3, __('posts.slug_missing'))->is_duplicate(__('posts.slug_duplicate'))->not_regex('#^[0-9_-]+$#', __('posts.slug_invalid')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/posts/add'); } if (empty($input['created'])) { $input['created'] = Date::mysql('now'); } $user = Auth::user(); $input['author'] = $user->id; if (is_null($input['comments'])) { $input['comments'] = 0; } if (empty($input['html'])) {
$vars['dashboard_page_options'] = array('panel' => 'Welcome', 'posts' => 'Posts', 'pages' => 'Pages'); $vars['meta'] = Config::get('meta'); $vars['pages'] = Page::dropdown(); $vars['themes'] = Themes::all(); return View::create('extend/metadata/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); /* Update Metadata */ Route::post('admin/extend/metadata', function () { $input = Input::get(array('sitename', 'description', 'home_page', 'posts_page', 'posts_per_page', 'auto_published_comments', 'theme', 'comment_notifications', 'comment_moderation_keys', 'show_all_posts', 'dashboard_page')); foreach ($input as $key => $value) { $input[$key] = eq($value); } $validator = new Validator($input); $validator->check('sitename')->is_max(3, __('metadata.sitename_missing')); $validator->check('description')->is_max(3, __('metadata.sitedescription_missing')); $validator->check('posts_per_page')->is_regex('#^[0-9]+$#', __('metadata.missing_posts_per_page', 'Please enter a number for posts per page')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/extend/metadata'); } // convert double quotes so we dont break html $input['sitename'] = e($input['sitename'], ENT_COMPAT); $input['description'] = e($input['description'], ENT_COMPAT); foreach ($input as $key => $v) { $v = is_null($v) ? 0 : $v; Query::table(Base::table('meta'))->where('key', '=', $key)->update(array('value' => $v)); } Notify::success(__('metadata.updated'));
$vars['pagetype'] = Query::table(Base::table('pagetypes'))->where('key', '=', $key)->fetch(); return View::create('extend/pagetypes/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); Route::post('admin/extend/pagetypes/edit/(:any)', function ($key) { $input = Input::get(array('key', 'value')); $input['key'] = slug($input['key'], '_'); $validator = new Validator($input); $validator->add('valid_key', function ($str) use($key) { // no change if ($str == $key) { return true; } // check the new key $str is available return Query::table(Base::table('pagetypes'))->where('key', '=', $str)->count() == 0; }); $validator->check('key')->is_max(2, __('extend.key_missing'))->is_valid_key(__('extend.key_exists')); $validator->check('value')->is_max(1, __('extend.name_missing')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/extend/pagetypes/edit/' . $key); } Query::table(Base::table('pagetypes'))->where('key', '=', $key)->update($input); Notify::success(__('extend.pagetype_updated')); return Response::redirect('admin/extend/pagetypes'); }); /* Delete Var */ Route::get('admin/extend/pagetypes/delete/(:any)', function ($key) { Query::table(Base::table('pagetypes'))->where('key', '=', $key)->delete();
<?php require_once 'app/init.php'; if (!empty($_POST)) { $email = $_POST['email']; $username = $_POST['username']; $password = $_POST['password']; $validator = new Validator($database, $errorHandler); $validation = $validator->check($_POST, ['email' => ['required' => true, 'maxlength' => 255, 'unique' => 'tblTeamMembers', 'email' => true], 'username' => ['required' => true, 'minlength' => 3, 'unique' => 'tblTeamMembers'], 'password' => ['required' => true, 'minlength' => 5]]); if ($validation->fails()) { echo '<pre>', print_r($validator->errors()->all(), true), '</pre>'; } else { $created = $auth->create(['Email_Address' => $email, 'Login_Name' => $username, 'Web_Password' => $password]); if ($created) { header('Location:index.php'); } //echo $hash->make($password); //echo $hash->make($_POST['password']); } } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Sign In</title> </head> <body> <form action="signup.php" method="post">
$input['js'] = " "; } // if there is no slug try and create one from title if (empty($input['slug'])) { $input['slug'] = slug($input['title']); } // convert to ascii $input['slug'] = slug($input['slug']); do { //Check for duplication $isDuplicate = Post::where('slug', '=', $input['slug'])->count() > 0; if ($isDuplicate) { $input['slug'] = slug(noise(10)); } } while ($isDuplicate); $validator->check('slug')->not_regex('#^[0-9_-]+$#', __('posts.slug_invalid')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/posts/add'); } if (empty($input['created'])) { $input['created'] = Date::mysql('now'); } $user = Auth::user(); $input['author'] = $user->id; if (is_null($input['comments'])) { $input['comments'] = 0; } $post = Post::create($input); Extend::process('post', $post->id);
$vars['variable']->user_key = substr($vars['variable']->key, strlen('custom_')); return View::create('extend/variables/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); Route::post('admin/extend/variables/edit/(:any)', function ($key) { $input = Input::get(array('key', 'value')); $input['key'] = 'custom_' . slug($input['key'], '_'); $validator = new Validator($input); $validator->add('valid_key', function ($str) use($key) { // no change if ($str == $key) { return true; } // check the new key $str is available return Query::table(Base::table('meta'))->where('key', '=', $str)->count() == 0; }); $validator->check('key')->is_max(8, __('extend.name_missing'))->is_valid_key(__('extend.name_exists')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/extend/variables/edit/' . $key); } Query::table(Base::table('meta'))->where('key', '=', $key)->update($input); Notify::success(__('extend.variable_updated')); return Response::redirect('admin/extend/variables'); }); /* Delete Var */ Route::get('admin/extend/variables/delete/(:any)', function ($key) { Query::table(Base::table('meta'))->where('key', '=', $key)->delete(); Notify::success(__('extend.variable_deleted'));
if ($token != $key) { Notify::error(__('users.recovery_expired')); return Response::redirect('admin/login'); } return View::create('users/reset', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); })); Route::post('admin/reset/(:any)', array('before' => 'csrf', 'main' => function ($key) { $password = Input::get('pass'); $token = Session::get('token'); $user = Session::get('user'); if ($token != $key) { Notify::error(__('users.recovery_expired')); return Response::redirect('admin/login'); } $validator = new Validator(array('password' => $password)); $validator->check('password')->is_max(6, __('users.password_too_short', 6)); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/reset/' . $key); } User::update($user, array('password' => Hash::make($password))); Session::erase('user'); Session::erase('token'); Notify::success(__('users.password_reset')); return Response::redirect('admin/login'); })); /* Upgrade */ Route::get('admin/upgrade', function () {
<?php require '../../classes/Database.php'; require '../../classes/Validator.php'; require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $categories_records = array(); if (!empty($_POST)) { $db->table('categories'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($_POST, ['category' => ['required' => true, 'unique' => 'categories']]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($_POST)) { header('Location: create_categories.php'); die; } } } if ($results = $db->table('categories')->select()) { foreach ($results as $row) { $categories_records[] = $row; } } ?>
<?php require '../../classes/Database.php'; require '../../classes/Validator.php'; require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $technologies_records = $gui->select('technologies'); if (!empty($_POST)) { $db->table('technologies'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($_POST, ['technology' => ['required' => true]]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($_POST)) { header('Location: create_technologies.php'); die; } } } ?> <!doctype html> <html> <head> <title>Create technologies</title> <link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
public static function check($subject, $pattern) { // check require if set if (isset($pattern['require']) && $pattern['require']) { if (empty($subject) || !isset($subject)) { return 'require'; } } $check_type = $pattern['type']; // check pattern if (!isset($check_type) || empty($check_type)) { return 'wrong_pattern : unknown type'; } if (isset($pattern['min']) && !empty($pattern['min'])) { if (Validator::check($pattern['min'], array('type' => 'INT'))) { return 'wrong_pattern : min must be INT'; } } if (isset($pattern['max']) && !empty($pattern['max'])) { if (Validator::check($pattern['max'], array('type' => 'INT'))) { return 'wrong_pattern : max must be INT'; } } if (isset($pattern['M']) && !empty($pattern['M'])) { if (Validator::check($pattern['M'], array('type' => 'INT'))) { return 'wrong_pattern : M of DECIMAL must be INT'; } } if (isset($pattern['D']) && !empty($pattern['D'])) { if (Validator::check($pattern['D'], array('type' => 'INT'))) { return 'wrong_pattern : D of DECIMAL must be INT'; } } if (isset($pattern['limit']) && !empty($pattern['limit'])) { if (Validator::check($pattern['limit'], array('type' => 'INT'))) { return 'wrong_pattern : limit of NUMERIC must be INT'; } } // check subject if (get_magic_quotes_gpc()) { $val = stripslashes($subject); } else { $val = $subject; } if ($check_type == 'VARCHAR') { $val = strip_tags($val); if (isset($pattern['min']) && !empty($pattern['min'])) { $min = $pattern['min']; } else { $min = 0; } if (isset($pattern['max']) && !empty($pattern['max'])) { $max = $pattern['max']; } else { $max = 2147483647; } if (strlen($val) < $min || strlen($val) > $max) { return 'VARCHAR: min | max'; } } elseif ($check_type == 'TEXT') { $val = strip_tags($val); if (isset($pattern['min']) && !empty($pattern['min'])) { $min = $pattern['min']; } else { $min = 0; } if (isset($pattern['max']) && !empty($pattern['max'])) { $max = $pattern['max']; } else { $max = 65535; } if (strlen($val) < $min || strlen($val) > $max) { return 'TEXT: min | max'; } } elseif ($check_type == 'HTML') { } elseif ($check_type == 'INT') { if (isset($pattern['signed']) && $pattern['signed']) { $min = -2147483648.0; $max = 2147483647; } else { $min = 0; $max = 4294967295.0; } if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) { return '!INT'; } if ($val < $min || $val > $max) { return 'INT: min | max'; } } elseif ($check_type == 'TINYINT') { if (isset($pattern['signed']) && $pattern['signed']) { $min = -128; $max = 127; } else { $min = 0; $max = 255; } if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) { return '!TINYINT'; } if ($val < $min || $val > $max) { return 'TINYINT: min | max'; } } elseif ($check_type == 'SMALLINT') { if (isset($pattern['signed']) && $pattern['signed']) { $min = -32768; $max = 32767; } else { $min = 0; $max = 65535; } if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) { return '!SMALLINT'; } if ($val < $min || $val > $max) { return 'SMALLINT: min | max'; } } elseif ($check_type == 'MEDIUMINT') { if (isset($pattern['signed']) && $pattern['signed']) { $min = -8388608; $max = 8388607; } else { $min = 0; $max = 16777215; } if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val)) { return '!MEDIUMINT'; } if ($val < $min || $val > $max) { return 'MEDIUMINT: min | max'; } } elseif ($check_type == 'NUMERIC') { if (preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-]/", $val) || $val < 0) { return '!NUMERIC'; } if (isset($pattern['limit']) && $val > $pattern['limit']) { return 'NUMERIC: limit'; } } elseif ($check_type == 'FLOAT') { if (substr_count($val, ".") > 1 || preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-\\.]/", $val)) { return '!FLOAT'; } if (isset($pattern['min']) && !empty($pattern['min'])) { if ($val < $pattern['min']) { return 'FLOAT: min'; } } if (isset($pattern['max']) && !empty($pattern['max'])) { if ($val > $pattern['max']) { return 'FLOAT: max'; } } } elseif ($check_type == 'DECIMAL') { list($tmpM, $tmpD) = explode('.', $val); $digitM = strlen($tmpM); $digitD = strlen($tmpD); if (substr_count($val, ".") > 1 || preg_match("/-/", substr($val, 1)) || preg_match("/[^0-9\\-\\.]/", $val)) { return '!DECIMAL'; } if (isset($pattern['M']) && isset($pattern['D'])) { if ($digitM > $pattern['M'] || $digitD > $pattern['D']) { return 'DECIMAL: M | D'; } } } elseif ($check_type == 'DATETIME') { $regs = array("/^\\d{4}[\\/-]\\d{1,2}[\\/-]\\d{1,2}\\s\\d{1,2}:\\d{1,2}:\\d{1,2}/"); $dt_valid = false; foreach ($regs as $regex) { if (preg_match($regex, $val)) { $dt_valid = true; break; } } if (!$dt_valid) { return '!DATETIME'; } } elseif ($check_type == 'TIMEZONE') { if (!preg_match("/^[+-](((0[0-9]|1[0-1]):[0-5][0-9])|12:00)\$/", $val)) { return '!TIMEZONE'; } } elseif ($check_type == 'DATE') { } elseif ($check_type == 'URL') { if (!preg_match("/^(http(?:s)?\\:\\/\\/[a-zA-Z0-9\\-]+(?:\\.[a-zA-Z0-9\\-]+)*\\.[a-zA-Z]{2,6}(?:\\/?|(?:\\/[\\w\\-]+)*)(?:\\/?|\\/\\w+\\.[a-zA-Z]{2,4}(?:\\?[\\w]+\\=[\\w\\-]+)?)?(?:\\&[\\w]+\\=[\\w\\-]+)*)(:[\\d]{1,4})?\$/", $val)) { //must have http(s) return '!URL'; } if (isset($pattern['min']) && !empty($pattern['min'])) { if (strlen($val) < $pattern['min']) { return 'URL: min'; } } if (isset($pattern['max']) && !empty($pattern['max'])) { if (strlen($val) > $pattern['max']) { return 'URL: max'; } } } elseif ($check_type == 'MAIL') { if (!preg_match("/^\\w[\\w-.]*\\@[\\w-]+(.\\w+){1,2}\$/", $val) || !checkdnsrr(str_replace("@", "", strrchr($val, "@")), "MX")) { return '!MAIL'; } if (isset($pattern['min']) && !empty($pattern['min'])) { if (strlen($val) < $pattern['min']) { return 'MAIL: min'; } } if (isset($pattern['max']) && !empty($pattern['max'])) { if (strlen($val) > $pattern['max']) { return 'MAIL: max'; } } } elseif ($check_type == 'MOBILE') { if (!preg_match("/^[\\+]?\\d+(\\-\\d+)*\$/", $val)) { return '!MOBILE'; } if (isset($pattern['min']) && !empty($pattern['min'])) { if (strlen($val) < $pattern['min']) { return 'MOBILE: min'; } } if (isset($pattern['max']) && !empty($pattern['max'])) { if (strlen($val) > $pattern['max']) { return 'MOBILE: max'; } } } return false; }
/** * update - update this ProjectTask in the database. * * @param string The summary of this task. * @param string The detailed description of this task. * @param int The Priority of this task. * @param int The Hours estimated to complete this task. * @param int The (unix) start date of this task. * @param int The (unix) end date of this task. * @param int The status_id of this task. * @param int The category_id of this task. * @param int The percentage of completion in integer format of this task. * @param array An array of user_id's that are assigned this task. * @param array An array of project_task_id's that this task depends on. * @param int The GroupProjectID of a new subproject that you want to move this Task to. * @param int The duration of the task in days. * @param int The id of the parent task, if any. * @return boolean success. */ function update($summary, $details, $priority, $hours, $start_date, $end_date, $status_id, $category_id, $percent_complete, &$assigned_arr, &$depend_arr, $new_group_project_id, $duration = 0, $parent_id = 0) { $has_changes = false; // if any of the values passed is different from $v = new Validator(); $v->check($summary, "summary"); $v->check($priority, "priority"); $v->check($hours, "hours"); $v->check($start_date, "start date"); $v->check($end_date, "end date"); $v->check($status_id, "status"); $v->check($category_id, "category"); if (!$v->isClean()) { $this->setError($v->formErrorMsg("Must include ")); return false; } if (!$parent_id) { $parent_id = 0; } if ($this->getParentID() != $parent_id) { $has_changes = true; } if (!$duration) { $duration = 0; } if ($this->getDuration() != $duration) { $has_changes = true; } if (!$this->ProjectGroup->userIsAdmin()) { $this->setPermissionDeniedError(); return false; } /*if ( ($this->getSummary() != $summary) || ($this->getDetails() != $details) || ($this->getPriority() != $priority) || ($this->getHours() != $hours) || ($this->getStartDate() != $start_date) || ($this->getEndDate() != $end_date) || ($this->getStatusID() != $status_id) || ($this->getCategoryID() != $category_id) || ($this->getPercentComplete() != $percent_complete) ) { $has_changes = true; }*/ db_begin(); // // Attempt to move this Task to a new Subproject // need to instantiate new ProjectGroup obj and test if it works // $group_project_id = $this->ProjectGroup->getID(); if ($new_group_project_id != $group_project_id) { $newProjectGroup = new ProjectGroup($this->ProjectGroup->getGroup(), $new_group_project_id); if (!is_object($newProjectGroup) || $newProjectGroup->isError()) { $this->setError('ProjectTask: Could not move to new ProjectGroup' . $newProjectGroup->getErrorMessage()); db_rollback(); return false; } /* do they have perms for new ArtifactType? if (!$newArtifactType->userIsAdmin()) { $this->setPermissionDeniedError(); db_rollback(); return false; }*/ // // Now set ProjectGroup, Category, and Assigned to 100 in the new ProjectGroup // $status_id = 1; $category_id = '100'; unset($assigned_to); $assigned_to = array('100'); $this->ProjectGroup =& $newProjectGroup; $this->addHistory('group_project_id', $group_project_id); $has_changes = true; } if ($details) { $has_changes = true; if (!$this->addMessage($details)) { db_rollback(); return false; } } if ($this->getStatusID() != $status_id) { $this->addHistory('status_id', $this->getStatusID()); $has_changes = true; } if ($this->getCategoryID() != $category_id) { $this->addHistory('category_id', $this->getCategoryID()); $has_changes = true; } if ($this->getPriority() != $priority) { $this->addHistory('priority', $this->getPriority()); $has_changes = true; } if ($this->getSummary() != htmlspecialchars(stripslashes($summary))) { $this->addHistory('summary', addslashes($this->getSummary())); $has_changes = true; } if ($this->getPercentComplete() != $percent_complete) { $this->addHistory('percent_complete', $this->getPercentComplete()); $has_changes = true; } if ($this->getHours() != $hours) { $this->addHistory('hours', $this->getHours()); $has_changes = true; } if ($this->getStartDate() != $start_date) { $this->addHistory('start_date', $this->getStartDate()); $has_changes = true; } if ($this->getEndDate() != $end_date) { $this->addHistory('end_date', $this->getEndDate()); $has_changes = true; } $old_assigned =& $this->getAssignedTo(); $diff_assigned_array = array_diff($old_assigned, $assigned_arr); if (count($diff_assigned_array) > 0) { for ($tmp = 0; $tmp < count($old_assigned); $tmp++) { $this->addHistory('assigned_to_id', $old_assigned[$tmp]); } $has_changes = true; } $old_array =& array_keys($this->getDependentOn()); $diff_array = array_diff($old_array, array_keys($depend_arr)); if (count($diff_array) > 0) { for ($tmp = 0; $tmp < count($old_array); $tmp++) { $this->addHistory('dependent_on_id', $old_array[$tmp]); } $has_changes = true; } if (!$this->setDependentOn($depend_arr)) { db_rollback(); return false; } elseif (!$this->setAssignedTo($assigned_arr)) { db_rollback(); return false; } else { $sql = "UPDATE project_task SET\n\t\t\t\tsummary='" . htmlspecialchars($summary) . "',\n\t\t\t\tpriority='{$priority}',\n\t\t\t\thours='{$hours}',\n\t\t\t\tstart_date='{$start_date}',\n\t\t\t\tend_date='{$end_date}',\n\t\t\t\tstatus_id='{$status_id}',\n\t\t\t\tpercent_complete='{$percent_complete}',\n\t\t\t\tcategory_id='{$category_id}',\n\t\t\t\tgroup_project_id='{$new_group_project_id}',\n\t\t\t\tduration='{$duration}',\n\t\t\t\tparent_id='{$parent_id}'\n\t\t\t\tWHERE group_project_id='{$group_project_id}'\n\t\t\t\tAND project_task_id='" . $this->getID() . "'"; $res = db_query($sql); if (!$res) { $this->setError('Error On ProjectTask::update-5: ' . db_error() . $sql); db_rollback(); return false; } else { if (!$this->fetchData($this->getID())) { $this->setError('Error On ProjectTask::update-6: ' . db_error()); db_rollback(); return false; } else { if ($has_changes) { //only send email if there was any change $this->sendNotice(); } db_commit(); return true; } } } }
}); Route::post('admin/pages/add', function () { $input = Input::get(array('parent', 'name', 'title', 'slug', 'content', 'status', 'redirect', 'show_in_menu')); // if there is no slug try and create one from the title if (empty($input['slug'])) { $input['slug'] = $input['title']; } // convert to ascii $input['slug'] = slug($input['slug']); // encode title $input['title'] = e($input['title'], ENT_COMPAT); $validator = new Validator($input); $validator->add('duplicate', function ($str) { return Page::where('slug', '=', $str)->count() == 0; }); $validator->check('title')->is_max(3, __('pages.title_missing')); $validator->check('slug')->is_max(3, __('pages.slug_missing'))->is_duplicate(__('pages.slug_duplicate'))->not_regex('#^[0-9_-]+$#', __('pages.slug_invalid')); if ($input['redirect']) { $validator->check('redirect')->is_url(__('pages.redirect_missing')); } if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/pages/add'); } if (empty($input['name'])) { $input['name'] = $input['title']; } $input['show_in_menu'] = is_null($input['show_in_menu']) ? 0 : 1; $page = Page::create($input); Extend::process('page', $page->id);
<?php require '../../classes/Database.php'; require '../../classes/Validator.php'; require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $functions_records = $gui->select('functions'); if (!empty($_POST)) { $db->table('functions'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($_POST, ['function' => ['required' => true, 'unique' => 'functions']]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($_POST)) { header('Location: create_functions.php'); die; } } } ?> <!doctype html> <html> <head> <title>Create functions</title> <link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
public function info_save() { $rules = array('name:required:昵称不能为空!', 'real_name:required:真实姓名不能为空!', 'sex:int:性别必需选择!', 'birthday:date:生日日期格式不正确!', 'mobile:mobi:手机格式不正确', 'province:[1-9]\\d*:选择地区必需完成', 'city:[1-9]\\d*:选择地区必需完成', 'county:[1-9]\\d*:选择地区必需完成'); $info = Validator::check($rules); if (is_array($info)) { $this->redirect("info", false, array('msg' => array("info", $info['msg']))); } else { $data = array('name' => Filter::txt(Req::args('name')), 'real_name' => Filter::text(Req::args('real_name')), 'sex' => Filter::int(Req::args('sex')), 'birthday' => Filter::sql(Req::args('birthday')), 'mobile' => Filter::int(Req::args('mobile')), 'phone' => Filter::sql(Req::args('phone')), 'province' => Filter::int(Req::args('province')), 'city' => Filter::int(Req::args('city')), 'county' => Filter::int(Req::args('county')), 'addr' => Filter::text(Req::args('addr'))); $name = Filter::sql(Req::args("name")); $id = $this->user['id']; $this->model->table("user")->data(array("name" => $name))->where("id={$id}")->update(); $this->model->table("customer")->data($data)->where("user_id={$id}")->update(); $obj = $this->model->table("user as us")->join("left join customer as cu on us.id = cu.user_id")->fields("us.*,cu.group_id,cu.login_time")->where("us.id={$id}")->find(); $this->safebox->set('user', $obj, $this->cookie_time); $this->redirect("info", false, array('msg' => array("success", "保存成功!"))); } }
function help_save() { $rules = array('title:required:标题不能为空!', 'content:required:内容不能为空!'); $info = Validator::check($rules); if ($info == true) { Filter::form(array('sql' => 'title', 'text' => 'content')); if (Req::args('id') == null) { Req::args('publish_time', date('Y-m-d H:i:s')); } $id = Req::args('id'); $model = new Model("help"); if ($id) { $model->where("id={$id}")->update(); Log::op($this->manager['id'], "修改帮助", "管理员[" . $this->manager['name'] . "]:修改了帮助 " . Req::args('title')); } else { $model->insert(); Log::op($this->manager['id'], "添加帮助", "管理员[" . $this->manager['name'] . "]:添加了帮助 " . Req::args('title')); } } else { if (is_array($info)) { $data = Req::args() + array('validator' => $info); $this->redirect('help_edit', false, $data); exit; } } $this->redirect("help_list"); }
require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $works_records = $gui->select('works'); $media_records = $gui->joinThree('works', 'media_for_works', 'media', 'media_title', 'work_id', 'media_id'); $categories_records = $gui->joinThree('works', 'categories_for_works', 'categories', 'category', 'work_id', 'category_id'); $techniques_records = $gui->joinThree('works', 'techniques_for_works', 'techniques', 'technique', 'work_id', 'technique_id'); $technologies_records = $gui->joinThree('works', 'technologies_for_works', 'technologies', 'technology', 'work_id', 'technology_id'); if (!empty($_POST)) { $post_works = array_slice($_POST, 0, 2); $db->table('works'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($post_works, ['work_title' => ['required' => true], 'work_description' => ['required' => false]]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($post_works)) { $last_id = $db->lastID(); if ($_POST['media']) { $post_media = $_POST['media']; for ($m = 0; $m < count($post_media); $m++) { $insert_media = ['media_id' => $post_media[$m], 'work_id' => $last_id]; $db->table('media_for_works')->insert($insert_media); } } if ($_POST['category']) { $post_category = $_POST['category']; for ($n = 0; $n < count($post_category); $n++) {
<?php require '_inc.php'; $backgroundchoice = ['background1', 'background2', 'background3']; $pack = ['pack1', 'pack2', 'pack3']; $event = ['eventtype1', 'eventtype2', 'eventtype3']; $know_me = ['know_me1', 'know_me2', 'know_me3']; $errors = []; $spam = []; $validator = new Validator($_POST); $validator->check('nom', 'required'); $validator->check('prénom', 'required'); $validator->check('email', 'email'); $validator->check('email', 'required'); $validator->check('tel', 'tel'); $validator->check('description', 'required'); $validator->specialcheck('arbitraryfield', 'empty'); // for select $validator->check('pack', 'select', array_keys($pack)); $validator->check('event_type', 'select', array_keys($event)); $validator->check('background-your-choice', 'select', array_keys($backgroundchoice)); $validator->check('know_me', 'select', array_keys($know_me)); $errors = $validator->errors(); $spam = $validator->spam(); if (!empty($spam)) { $_SESSION['spam'] = $spam; // redirection header('Location:success.php'); } else { if (!empty($errors)) { $_SESSION['errors'] = $errors;
<?php require '../../classes/Database.php'; require '../../classes/Validator.php'; require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $people_records = $gui->select('people'); if (!empty($_POST)) { $db->table('people'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($_POST, ['name' => ['required' => true], 'website' => ['required' => false], 'description' => ['required' => false]]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($_POST)) { header('Location: create_people.php'); die; } } } ?> <!doctype html> <html> <head> <title>Create people</title> <link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
} Registry::set('page', $posts_page); Registry::set('article', $post); Registry::set('category', Category::find($post->category)); return new Template('article'); }); /** * Post a comment */ Route::post($posts_page->slug . '/(:any)', function ($slug) use($posts_page) { if (!($post = Post::slug($slug)) or !$post->comments) { return Response::create(new Template('404'), 404); } $input = filter_var_array(Input::get(array('name', 'email', 'text')), array('name' => FILTER_SANITIZE_STRING, 'email' => FILTER_SANITIZE_EMAIL, 'text' => FILTER_SANITIZE_SPECIAL_CHARS)); $validator = new Validator($input); $validator->check('email')->is_email(__('comments.email_missing')); $validator->check('text')->is_max(3, __('comments.text_missing')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect($posts_page->slug . '/' . $slug . '#comment'); } $input['post'] = Post::slug($slug)->id; $input['date'] = Date::mysql('now'); $input['status'] = Config::meta('auto_published_comments') ? 'approved' : 'pending'; // remove bad tags $input['text'] = strip_tags($input['text'], '<a>,<b>,<blockquote>,<code>,<em>,<i>,<p>,<pre>'); // check if the comment is possibly spam if ($spam = Comment::spam($input)) { $input['status'] = 'spam'; }
function ask_validator() { $manager = $this->safebox->get('manager'); $rules = array('content:required:内容不能为空!'); $info = Validator::check($rules); if ($info == true) { Filter::form(array('text' => 'content')); if (Req::args('id') != null) { Req::args('reply_time', date('Y-m-d H:i:s')); Req::args('status', 1); Req::args('admin_id', $manager['id']); } } return $info; }
return View::create('extend/fields/edit', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); Route::post('admin/extend/fields/edit/(:num)', function ($id) { $input = Input::get(array('type', 'field', 'key', 'label', 'attributes', 'pagetype')); if (empty($input['key'])) { $input['key'] = $input['label']; } $input['key'] = slug($input['key'], '_'); array_walk_recursive($input, function (&$value) { $value = eq($value); }); $validator = new Validator($input); $validator->add('valid_key', function ($str) use($id, $input) { return Extend::where('key', '=', $str)->where('type', '=', $input['type'])->where('id', '<>', $id)->count() == 0; }); $validator->check('key')->is_max(1, __('extend.key_missing'))->is_valid_key(__('extend.key_exists')); $validator->check('label')->is_max(1, __('extend.label_missing')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/extend/fields/edit/' . $id); } if ($input['field'] == 'image') { $attributes = Json::encode($input['attributes']); } elseif ($input['field'] == 'file') { $attributes = Json::encode(array('attributes' => array('type' => $input['attributes']['type']))); } else { $attributes = ''; } Extend::update($id, array('type' => $input['type'], 'pagetype' => $input['pagetype'], 'field' => $input['field'], 'key' => $input['key'], 'label' => $input['label'], 'attributes' => $attributes)); Notify::success(__('extend.field_updated'));
public function email_message_validator() { $rules = array('title:required:消息标题不能为空!', 'content:required:消息内容不能为空!'); $info = Validator::check($rules); if (Req::args('status') == null) { Req::args('status', "0"); } $status = Filter::int(Req::args('status')); $trigger = Filter::int(Req::args('trigger')); $id = Filter::int(Req::args('id')); if ($info == true) { $model = new Model('email_message'); $objs = $model->where('`trigger`=' . $trigger . ' and status=1')->findAll(); if (count($objs) > 1) { return array('name' => null, 'msg' => '同一触发条件只能存在一条激活的信息模板!'); } else { if (count($objs) == 1) { if ($id != $objs[0]['id'] && $status == 1) { return array('name' => null, 'msg' => '同一触发条件只能存在一条激活的信息模板!'); } } } } return $info; }
/* Add Category */ Route::get('admin/categories/add', function () { $vars['token'] = Csrf::token(); // extended fields $vars['fields'] = Extend::fields('category'); return View::create('categories/add', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); Route::post('admin/categories/add', function () { $input = Input::get(array('title', 'slug', 'description')); foreach ($input as $key => &$value) { $value = eq($value); } $validator = new Validator($input); $validator->check('title')->is_max(3, __('categories.title_missing')); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/categories/add'); } if (empty($input['slug'])) { $input['slug'] = $input['title']; } $input['slug'] = slug($input['slug']); $category = Category::create($input); Extend::process('category', $category->id); Notify::success(__('categories.created')); return Response::redirect('admin/categories'); }); /*
<?php require '../../classes/Database.php'; require '../../classes/Validator.php'; require '../../classes/ErrorHandler.php'; require '../../classes/AdminGui.php'; require '../../functions/security.php'; $errorHandler = new ErrorHandler(); $db = new Database(); $gui = new AdminGui($db); $exhibition_kinds_records = $gui->select('exhibition_kinds'); if (!empty($_POST)) { $db->table('exhibition_kinds'); $validator = new Validator($db, $errorHandler); $validation = $validator->check($_POST, ['exhibition_kind' => ['required' => true]]); if ($validation->fails()) { echo '<pre>', print_r($validation->errors()->all()), '</pre>'; } else { if ($db->insert($_POST)) { header('Location: create_exhibition_kinds.php'); die; } } } ?> <!doctype html> <html> <head> <title>Create exhibition kinds</title> <link rel="stylesheet" type="text/css" href="../../public/front/css/admin.css">
return Response::redirect('admin/users/edit/' . $id); }); /* Add user */ Route::get('admin/users/add', function () { $vars['messages'] = Notify::read(); $vars['token'] = Csrf::token(); $vars['statuses'] = array('inactive' => __('global.inactive'), 'active' => __('global.active')); $vars['roles'] = array('administrator' => __('global.administrator'), 'editor' => __('global.editor'), 'user' => __('global.user')); return View::create('users/add', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); Route::post('admin/users/add', function () { $input = Input::get(array('username', 'email', 'real_name', 'password', 'bio', 'status', 'role')); $validator = new Validator($input); $validator->check('username')->is_max(3, __('users.username_missing', 2)); $validator->check('email')->is_email(__('users.email_missing')); $validator->check('password')->is_max(6, __('users.password_too_short', 6)); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/users/add'); } $input['password'] = Hash::make($input['password']); User::create($input); Notify::success(__('users.created')); return Response::redirect('admin/users'); }); /* Delete user */
public function address_save($redirect = null) { $rules = array('zip:zip:邮政编码格式不正确!', 'addr:required:内容不能为空!', 'accept_name:required:收货人姓名不能为空!,mobile:mobi:手机格式不正确!,phone:phone:电话格式不正确', 'province:[1-9]\\d*:选择地区必需完成', 'city:[1-9]\\d*:选择地区必需完成', 'county:[1-9]\\d*:选择地区必需完成'); $info = Validator::check($rules); if (!is_array($info) && $info == true) { Filter::form(array('sql' => 'accept_name|mobile|phone', 'txt' => 'addr', 'int' => 'province|city|county|zip|is_default|id')); $is_default = Filter::int(Req::args("is_default")); if ($is_default == 1) { $this->model->table("address")->where("user_id=" . $this->user['id'])->data(array('is_default' => 0))->update(); } else { Req::args("is_default", "0"); } Req::args("user_id", $this->user['id']); $id = Filter::int(Req::args('id')); if ($id) { $this->model->table("address")->where("id={$id} and user_id=" . $this->user['id'])->update(); } else { $obj = $this->model->table("address")->where('user_id=' . $this->user['id'])->fields("count(*) as total")->find(); if ($obj && $obj['total'] >= 20) { $this->assign("msg", array("error", '地址最大允许添加20个')); $this->redirect("address_other", false, Req::args()); exit; } else { $address_id = $this->model->table("address")->insert(); $order_status = Session::get("order_status"); $order_status['address_id'] = $address_id; Session::set("order_status", $order_status); } } $this->assign("msg", array("success", "地址编辑成功!")); Req::args("id", null); //$this->redirect("address_other",false); if ($redirect == null) { echo "<script>parent.location.reload();</script>"; } else { $this->redirect($redirect); } exit; } else { $this->assign("msg", array("error", $info['msg'])); $this->redirect("address_other", false, Req::args()); } }