public static function set_by_name($strName, $strValue)
{
if (!preg_match("/^[a-zA-Z0-9_.]*\$/", $strName)) {
throw new Exception(ERRORMSG_INVALID);
}
$arrResults = clsDB::selectQueryObjects('setting', "\n\t\t\t\t\t\t\t\tSELECT *\n\t\t\t\t\t\t\t\tFROM `<<tbl><setting>>` \n\t\t\t\t\t\t\t\tWHERE `<<setting><name>>`='{$strName}'\n\t\t\t\t\t\t\t\t\tAND `<<isdel><setting>>`='0' ");
if (sizeof($arrResults) == 0) {
$objSetting = new clsDB('setting');
$objSetting->set('name', $strName);
$objSetting->set('valud', $strValue);
$objSetting->save();
} else {
$objSetting = $arrResults[0];
$objSetting->set('value', $strValue);
$objSetting->save();
}
}
public function update($intFrom, $intTo)
{
if ($intFrom <= 0) {
die("Invalid version, couldn't upgrade.");
}
if ($intTo <= 0) {
die("Invalid version, couldn't upgrade.");
}
if ($intFrom > $intTo) {
die("Database version newer than code version. Upgrade the code.");
}
for ($i = $intFrom; $i < $intTo; $i++) {
if (isset($this->arrChanges[$i])) {
foreach ($this->arrChanges[$i] as $strQuery) {
clsDB::insertQuery($strQuery);
}
}
clsSetting::set_by_name('DB_BUILD', $i + 1);
}
}
public static function getThumbnail($objUser, $picture_id, $intWidth, $intHeight, $objAlbum)
{
if (!is_numeric($picture_id)) {
throw new Exception(INVALID_VALUE);
}
if (!is_numeric($intWidth)) {
throw new Exception(INVALID_VALUE);
}
if (!is_numeric($intHeight)) {
throw new Exception(INVALID_VALUE);
}
/* This prevents the thumbnails from being bigger than the original. */
if (!$objAlbum->isNew()) {
$intWidth = min($intWidth, $objAlbum->get('max_width'));
$intHeight = min($intHeight, $objAlbum->get('max_height'));
}
$arrThumbnails = clsDB::getListStatic('thumbnail', "`<<foreign><thumbnail><picture>>`='{$picture_id}' AND `<<thumbnail><width>>`='{$intWidth}' AND `<<thumbnail><height>>`='{$intHeight}'");
if (sizeof($arrThumbnails) == 0) {
$objPicture = new clsPicture($picture_id);
list($img, $intActualWidth, $intActualHeight) = $objPicture->getResized($objUser, $intWidth, $intHeight);
if (is_string($img)) {
return $img;
}
$objThumbnail = new clsThumbnail();
$objThumbnail->set('picture_id', $picture_id);
$objThumbnail->set('width', $intWidth);
$objThumbnail->set('height', $intHeight);
$objThumbnail->set('actual_width', $intActualWidth);
$objThumbnail->set('actual_height', $intActualHeight);
$objThumbnail->set('date', date('Y-m-d H:i:s'));
$result = $objThumbnail->setImage($img);
if ($result) {
return $result;
}
$objThumbnail->save();
} else {
$objThumbnail = new clsThumbnail($arrThumbnails[0]->get('id'));
}
return $objThumbnail;
}
}
$objNewsUser = $objNews->getForeignObject('user');
$objAlbum = $objNews->getForeignObject('album');
$objNewsTemplate->setText('ID', $objNews->get('id'));
$objNewsTemplate->setText('USERID', $objNewsUser->get('id'));
$objNewsTemplate->setText('USERNAME', $objNewsUser->get('username'));
$objNewsTemplate->setText('DATE', date('Y-m-d', strtotime($objNews->get('date'))));
$objNewsTemplate->setText('TITLE', $objNews->get('title'));
$objNewsTemplate->setText('TEXT', bbcode_format($objNews->get('text')));
echo $objNewsTemplate->get();
}
} else {
if (!$objUser || $objUser->get('is_admin') != 1) {
throw new Exception("exception_accessdenied");
}
$objNews = new clsDB('news');
$objNews->getFromRequest(array('id', 'title', 'text'));
if ($strSubAction == 'edit') {
$objNews->load();
echo "<form action='index.php' method='post'>";
echo "<input type='hidden' name='subaction' value='save'>";
echo $objNews->getHiddenField('id');
echo "Title:<br>";
echo $objNews->getTextField('title', new clsParameters('size', 40)) . "<br><br>";
echo "Post:<br>";
echo $objNews->getTextArea('text', 4, 45) . "<br><br>";
echo $objNews->getSubmit('Post');
} else {
if ($strSubAction == 'save') {
if ($objNews->isNew()) {
$objNews->set('user_id', $objUser->get('id'));
public static function getVoteCount($objPicture)
{
return clsDB::getCountStatic('vote', "`<<foreign><vote><picture>>`='" . $objPicture->get('id') . "'");
}
public static function getPicturesByGroup($objUser, $objGroup)
{
$arrPictures = clsDB::selectQueryObjects('picture', "SELECT `<<tbl><picture>>`.*\n FROM `<<tbl><album>>`\n LEFT JOIN `<<tbl><picture>>` ON `<<foreign><picture><album>>`=`<<album><id>>`\n WHERE `<<foreign><album><group>>`='" . $objGroup->get('id') . "' \n AND `<<isdel><album>>`='0'\n AND `<<isdel><picture>>`='0'\n AND `<<picture><confirmed>>`='1'\n ORDER BY `<<picture><date>>` DESC\n ");
$arrRet = array();
/* TODO: Might be able to make this more efficient. Make sure that canView() isn't running a query every time. */
foreach ($arrPictures as $objPicture) {
$objAlbum = new clsAlbum($objPicture->get('album_id'));
if ($objAlbum->canView($objUser)) {
$arrRet[] = new clsPicture($objPicture->get('id'));
}
}
return $arrRet;
}
$objGroup->getFromRequest(array('id', 'name', 'is_private', 'is_hidden'));
if ($objGroup->isNew()) {
$objGroup->set('user_id', $objUser->get('id'));
}
$objGroup->save();
header("Location: index.php?action=groups&subaction=view&message=group_saved&" . $objGroup->getIDPair());
}
if ($strSubAction == 'invite') {
if (!$objGroup->isMember($objUser)) {
throw new Exception('exception_accessdenied');
}
if ($objMember->isNew()) {
$objTemplate->setText('PAGETITLE', "Inviting a user");
$objBreadcrumbs->add('Inviting', 'index.php?action=groups&subaction=invite&' . $objGroup->getIDPair());
$objMiniMenu->add('Back', 'index.php?action=groups&subaction=view&' . $objGroup->getIDPair());
$arrMembers = clsDB::getListStatic('user', '', 'username');
foreach ($arrMembers as $objMember) {
print "<ul>";
if (!$objGroup->isMemberOrPotential($objMember)) {
print "<li><a href='index.php?action=groups&subaction=invite&" . $objGroup->getIDPair() . "&" . $objMember->getIDPair() . "'>" . $objMember->get('username') . "</a></li>";
}
print "</ul>";
}
} else {
$strResult = $objGroup->inviteUser($objMember, $objUser);
header("Location: index.php?action=groups&subaction=invite&message={$strResult}&" . $objGroup->getIDPair());
}
}
if ($strSubAction == 'join') {
if ($objGroup->isMemberOrPotential($objUser)) {
throw new Exception('exception_accessdenied');
}
/* Make sure that users can only edit their own pictures. */
$objPicture->delete();
$objPicture->save();
header("Location: index.php?action=upload&subaction=preview");
}
if ($strSubAction == 'preview') {
$objTemplate->setText('PAGETITLE', "Pending Pictures");
$objBreadcrumbs->add('Upload', 'index.php?action=upload');
$objBreadcrumbs->add('Pending', 'index.php?action=upload&subaction=preview');
$arrPictures = clsPicture::getPending($objUser);
print "You have <strong>" . sizeof($arrPictures) . "</strong> pictures waiting for attention" . ($objUser ? "" : " (note: unsaved images from all guests will appear here)") . ":<br><br>";
foreach ($arrPictures as $objPicture) {
$objPicture = new clsPicture($objPicture->get('id'));
$objAlbum = new clsAlbum($objPicture->get('album_id'));
$objTemplate = new clsTemplate('preview');
$objTemplate->setText('HIDDEN', $objPicture->getHiddenField('id'));
$objTemplate->setText('ALBUM', $objPicture->getCombo('album_id', clsDB::getOptionsFromList($objAlbum->getPostableAlbums($objUser), 'name', 'id', "Select an album")));
$objTemplate->setText('ID', $objPicture->get('id'));
$objTemplate->setText('IMAGE', $objPicture->getHtmlThumbnail(250, 250));
/* TODO: Customizable? */
$objTemplate->setText('NAME', $objPicture->get('original_name'));
$objTemplate->setText('WIDTH', $objPicture->get('width'));
$objTemplate->setText('HEIGHT', $objPicture->get('height'));
$objTemplate->setText('SAVEDELETE', $objPicture->getCombo('subaction', array('confirm' => 'Keep', 'delete' => 'Don\'t keep'), null, true));
$objTemplate->setText('TITLE', $objPicture->getTextField('title'));
$objTemplate->setText('CAPTION', $objPicture->getTextArea('caption'));
$objTemplate->setText('SUBMIT', $objPicture->getSubmit('Save'));
print $objTemplate->get();
}
}
public static function getNewPictures($objUser)
{
$arrPictures = clsDB::selectQueryObjects('picture', "\n\t\t\tSELECT `<<tbl><picture>>`.*\n\t\t\tFROM `<<tbl><picture>>` \n\t\t\t\t\tJOIN `<<tbl><album>>` ON `<<foreign><picture><album>>`=`<<album><id>>`\n\t\t\t\tWHERE `<<isdel><picture>>`='0'\n\t\t\t\t\tAND `<<picture><confirmed>>`='1'\n\t\t\t\t\tAND `<<isdel><album>>`='0'\n\t\t\t\t\tAND `<<picture><id>>` NOT IN \n\t\t\t\t\t(\n\t\t\t\t\t\tSELECT `<<foreign><userpictureview><picture>>`\n\t\t\t\t\t\t\tFROM `<<tbl><userpictureview>>`\n\t\t\t\t\t\t\tWHERE `<<foreign><userpictureview><user>>`='" . $objUser->get('id') . "'\n\t\t\t\t\t\t\t\tAND `<<isdel><userpictureview>>`='0'\n\t\t\t\t\t)\n\t\t\t\tORDER BY `<<picture><date>>` DESC\n\t\t\t\t\t");
$arrRet = array();
foreach ($arrPictures as $objPicture) {
$objAlbum = new clsAlbum($objPicture->get('album_id'));
/* TODO: Speed this up? */
if ($objAlbum->canView($objUser)) {
$arrRet[] = new clsPicture($objPicture->get('id'));
}
}
return $arrRet;
}
public static function getByName($strName)
{
/* By putting the username into an object, it is sanitized. */
$objUser = new clsUser();
$objUser->set('username', $strName);
$arrResults = clsDB::getListStatic('user', "`<<user><username>>`='" . $objUser->get('username') . "'");
if (sizeof($arrResults) == 0) {
return null;
}
// Username wasn't found
if (sizeof($arrResults) > 1) {
throw new Exception("exception_multiplenames");
}
/* should never happen, but who knows? */
return new clsUser($arrResults[0]->get('id'));
}
public static function getUserFilter($strZeroCaption)
{
$str = "<form method='get'>\n\t\t\t\t\t<input type='hidden' name='action' value='albums'>\n\t\t\t\t\t<input type='hidden' name='subaction' value='useralbums'>\n\t\t\t\t\t<select name='user_id'> \n\t\t\t\t\t\t<option value='0'>{$strZeroCaption}</option>\n\t\t\t\t\t";
$arrUsers = clsDB::getListStatic('user', '', 'username');
foreach ($arrUsers as $objUser) {
$str .= "<option value='" . $objUser->get('id') . "'>" . $objUser->get('username') . "</option>\n";
}
$str .= "\n\t\t\t\t\t</select>\n\t\t\t\t\t<input type='submit' value='Filter'>\n\t\t\t\t</form>";
return $str;
}
$objPicture->set('confirmed', 1);
$objPicture->save();
print "<img src='" . clsThumbnail::getUrl($objPicture, 70, 70) . "'> ";
if (++$i % 6 == 0) {
print "<br>";
}
}
print "<br><br>";
}
}
}
}
}
}
if ($strSubAction == 'settings_save') {
$objSetting = new clsDB('setting');
$objSetting->getFromRequest(array('id', 'value'));
$objSetting->save();
$strSubAction = 'settings';
}
if ($strSubAction == 'settings') {
$arrSettings = clsDB::getListStatic('setting');
print "<table>";
print "<tr>";
print "<td>Name</td><td>Value</td><td>Comments</td><td>Save</td>";
print "</tr>";
foreach ($arrSettings as $objSetting) {
print "<form action='index.php' method='get'>";
print $objSetting->getHiddenField('id');
print "<input type='hidden' name='action' value='admin'>";
print "<input type='hidden' name='subaction' value='settings_save'>";
/** Same as getOptionsFromList, except it uses an array of arrays (such as is returned by selectQuery()). */
public static function getOptionsFromArray($strTableName, $arrDB, $strValueElement = 'name', $strKeyElement = 'id', $strZeroCaption = 'Please make a selection')
{
return clsDB::getOptionsFromList(clsDB::arrayToObjects($strTableName, $arrDB), $strValueElement, $strKeyElement, $strZeroCaption);
}
$objAlbum->set('mime', DEFAULT_MIME);
}
/* The template that looks after the edit page. */
$objEditTemplate = new clsTemplate('editalbum');
$objEditTemplate->setText('HIDDEN', $objAlbum->getHiddenField('id'));
$objEditTemplate->setText('HIDDEN', $objAlbumGuest->getHiddenField('id'));
$objEditTemplate->setText('HIDDEN', $objAlbumMember->getHiddenField('id'));
$objEditTemplate->setText('HIDDEN', $objAlbumGroup->getHiddenField('id'));
$objEditTemplate->setText('HIDDEN', $objAlbum->getHiddenField('album_id'));
$objEditTemplate->setText('HIDDEN', "<input type='hidden' name='action' value='albums'>");
$objEditTemplate->setText('HIDDEN', "<input type='hidden' name='subaction' value='save'>");
$objEditTemplate->setText('MAXWIDTH', MAX_X);
$objEditTemplate->setText('MAXHEIGHT', MAX_Y);
$objEditTemplate->setText('NAME', $objAlbum->getTextField('name', new clsParameters('SIZE', 40)));
$objEditTemplate->setText('PARENT', $objParent->isNew() ? "n/a" : $objParent->get('name'));
$objEditTemplate->setText('GROUP', $objAlbum->getCombo('group_id', clsDB::getOptionsFromList(clsGroup::getGroups($objUser), 'name', 'id', "No group.")));
$objEditTemplate->setText('CAPTION', $objAlbum->getTextArea('caption', 4, 45));
$objEditTemplate->setText('EXPORTKEY', $objAlbum->getTextField('export_tag', new clsParameters('SIZE', 4)));
$objEditTemplate->setText('WIDTH', $objAlbum->getTextField('max_width', new clsParameters('SIZE', 3)));
$objEditTemplate->setText('HEIGHT', $objAlbum->getTextField('max_height', new clsParameters('SIZE', 3)));
$objEditTemplate->setText('MIME', $objAlbum->getTextField('mime'));
$strGroup = '';
$strGroup .= "View pictures? " . $objAlbumGroup->getCombo('allow_view', $arrOptions) . "<br>";
$strGroup .= "Rate pictures? " . $objAlbumGroup->getCombo('allow_rate', $arrOptions) . "<br>";
$strGroup .= "Post pictures? " . $objAlbumGroup->getCombo('allow_post_picture', $arrOptions) . "<br>";
$strGroup .= "Post comments? " . $objAlbumGroup->getCombo('allow_post_comment', $arrOptions) . "<br>";
$strGroup .= "Delete pictures? " . $objAlbumGroup->getCombo('allow_delete_picture', $arrOptions) . "<br>";
$strGroup .= "Create sub-albums?" . $objAlbumGroup->getCombo('allow_create_subalbum', $arrOptions) . "<br>";
$objEditTemplate->setText('GROUPPERMISSIONS', $strGroup);
$strMember = '';
$strMember .= "View pictures? " . $objAlbumMember->getCombo('allow_view', $arrOptions) . "<br>";
<title>Installation de la Base de donnée pour XI-PHP.</title>
</head>
<body>
<?php
/**
* Installation de la Base de donnée pour XI-PHP.
*/
require_once './inc/clsDB.php';
clsKernel::ShowInfoXIPHP();
echo " <h1>Installation de la requête SQL -> config.sql</h1> ";
echo ' <p>
Vérifier que vous avez bien configurer le fichier "connect.php" pour que
la requête SQL s\'exécute correctement.
</p><br />';
try {
$oDB = new clsDB();
if (!$oDB->RunQueryFromFile('./config/config.sql')) {
throw new Exception(clsKernel::Lng('ERR_9111'), 9111);
}
echo 'Installation terminé avec succes.';
} catch (Exception $e) {
clsKernel::ShowException($e);
}
$oDB = null;
?>
</body>
</html>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Test de la classe clsDB</title>
</head>
<body>
<h1>Test de la classe clsDB</h1>
<?php
require_once './inc/clsDB.php';
// Affichage des infos du projet
clsKernel::ShowInfoXIPHP();
$oDB = new clsDB();
$tData = array('txt' => 'Text Add 1', 'numb' => 455);
echo $oDB->Add('test', $tData);
$tData = array('txt' => 'Text Add 2', 'numb' => 456);
echo $oDB->Add('test', $tData);
$tData = array('txt' => 'Text Add 3', 'numb' => 457);
echo $oDB->Add('test', $tData);
$tData = array('txt' => 'Text Add 2b', 'numb' => 4561);
echo $oDB->Update('test', $tData, 'numb=456');
echo $oDB->Delete('test', 'id>2 and id<5');
$oDB = null;
?>
<p>Requête exécuté.</p>
</body>
public function getGenreRssUrls($genre = "")
{
$db = new clsDB();
//DBコネクション
if ($db->connect() == -1) {
$this->errormsg = $db->errormsg;
return -1;
}
//取得SQL
$sql = "select GENRE, SITE_NAME, SITE_URL from mst_rss ";
if ($genre != "") {
$sql .= " where GENRE = '" . $genre . "' ";
}
//SQL生成
$db->setSQL($sql);
//SQL実行
if ($db->execute() == -1) {
//dbクローズ
$db->close();
$this->errormsg = $db->errormsg;
return -1;
}
//結果取得
while ($db->fetch()) {
//追加インデックスを取得
if (!isset($this->rss_urls)) {
$idx = 0;
} else {
$idx = count($this->rss_urls);
}
//リクエストURLの追加
$this->rss_urls[$idx] = new urlRssapi();
$this->rss_urls[$idx]->genre = $db->row('GENRE');
$this->rss_urls[$idx]->site_name = $db->row('SITE_NAME');
$this->rss_urls[$idx]->rss_url = $db->row('SITE_URL');
}
//dbクローズ
$db->close();
return 0;
}
$objUser = clsUser::getCookie();
} else {
$objUser = $_SESSION['objUser'];
}
/* This re-loads the user object in case it's changed. */
if ($objUser) {
$objUser = new clsUser($objUser->get('id'));
}
if ($objUser && $objUser->isNew()) {
$objUser = null;
}
if (!preg_match('/^[a-zA-Z2-9_-]*$/', $strAction)) {
throw new Exception(ERRORMSG_INVALID);
}
$objTemplate = new clsTemplate('default');
$objTemplate->setText('SCRIPT', clsDB::initializeJS());
$objTemplate->setText('TITLE', "OSPAP2");
/* Inline CSS for advanced. */
$objTemplate->setText('HEAD', clsUser::getAdvancedStyle($objUser));
if (isset($_REQUEST['error']) && isset($arrMessages[$_REQUEST['error']])) {
$objTemplate->setText('ERROR', $arrMessages[$_REQUEST['error']]);
} else {
if (isset($_REQUEST['message']) && isset($arrMessages[$_REQUEST['message']])) {
$objTemplate->setText('MESSAGE', $arrMessages[$_REQUEST['message']]);
}
}
$objTemplate->setScript('MENU', 'menu');
$objTemplate->setScript('LOGO', 'logo');
$objTemplate->setText('COPYRIGHT', "Written by <a href='mailto:ronospap@skullsecurity.org'>Ron</a>. This page and code are public domain. Code is available upon request. No warranty or promises of any kind.");
switch ($strAction) {
case '':
public static function getNewComments($objUser)
{
$arrPictures = clsDB::selectQueryObjects('comment', "\n\t\t\t\t\tSELECT * \n\t\t\t\t\t\t\t, `<<comment><id>>` AS COMMENTFILTER \n\t\t\t\t\t\tFROM `<<tbl><comment>>`\n\t\t\t\t\t\t\tJOIN `<<tbl><picture>>` ON `<<foreign><comment><picture>>`=`<<picture><id>>`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`<<isdel><comment>>`='0'\n\t\t\t\t\t\t\tAND `<<isdel><picture>>`='0'\n\t\t\t\t\t\t\tAND `<<picture><confirmed>>`='1'\n\t\t\t\t\t\t\tAND `<<foreign><picture><user>>`='" . $objUser->get('id') . "' \n\t\t\t\t\t\t\tAND `<<comment><id>>` NOT IN\n\t\t\t\t\t\t\t(\n\t\t\t\t\t\t\t\tSELECT `<<comment><id>>`\n\t\t\t\t\t\t\t\t\tFROM `<<tbl><usercommentview>>` \n\t\t\t\t\t\t\t\t\t\tJOIN `<<tbl><comment>>` ON `<<foreign><usercommentview><comment>>`=`<<comment><id>>`\n\t\t\t\t\t\t\t\t\t\tJOIN `<<tbl><picture>>` ON `<<foreign><comment><picture>>`=`<<picture><id>>`\n\t\t\t\t\t\t\t\t\tWHERE `<<isdel><comment>>`='0'\n\t\t\t\t\t\t\t\t\t\tAND `<<isdel><usercommentview>>`='0'\n\t\t\t\t\t\t\t\t\t\tAND `<<isdel><picture>>`='0'\n\t\t\t\t\t\t\t\t\t\tAND `<<picture><confirmed>>`='1'\n\t\t\t\t\t\t\t\t\t\tAND `<<foreign><usercommentview><user>>`='" . $objUser->get('id') . "'\n\t\t\t\t\t\t\t\t\t\t" . ($blnAllPictures ? "" : " AND `<<foreign><picture><user>>`='" . $objUser->get('id') . "' ") . "\n\t\t\t\t\t\t\t\t\t\tAND `<<comment><id>>`=`COMMENTFILTER`\n\t\t\t\t\t\t\t)\n\t\t\t\t\t\t");
return $arrPictures;
}