$entry['title'] = $_POST['title']; utf8_is_valid($entry['title']) || ($entry['title'] = utf8_bad_replace($entry['title'])); if (empty($entry['title'])) { $messages[] = iaLanguage::get('title_is_empty'); } $entry['body'] = $_POST['body']; utf8_is_valid($entry['body']) || ($entry['body'] = utf8_bad_replace($entry['body'])); if (empty($entry['body'])) { $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('body'))); } $entry['alias'] = $iaBlog->titleAlias(empty($_POST['alias']) ? $entry['title'] : $_POST['alias']); if (!$messages) { if (isset($_FILES['image']['tmp_name']) && $_FILES['image']['tmp_name']) { $iaPicture = $iaCore->factory('picture'); $info = array('image_width' => 1000, 'image_height' => 750, 'thumb_width' => 250, 'thumb_height' => 250, 'resize_mode' => iaPicture::CROP); if ($image = $iaPicture->processImage($_FILES['image'], iaUtil::getAccountDir(), iaUtil::generateToken(), $info)) { if ($entry['image']) { $iaPicture = $iaCore->factory('picture'); $iaPicture->delete($entry['image']); } $entry['image'] = $image; } } $result = iaCore::ACTION_ADD == $pageAction ? $iaBlog->insert($entry) : $iaBlog->update($entry, $id); if ($result) { $id = iaCore::ACTION_ADD == $pageAction ? $result : $id; $iaBlog->saveTags($id, $_POST['tags']); $iaView->setMessages(iaLanguage::get('saved'), iaView::SUCCESS); iaUtil::go_to($baseUrl . sprintf('%d-%s', $id, $entry['alias'])); } else { $messages[] = iaLanguage::get('db_error');
protected function _preSaveEntry(array &$entry, array $data, $action) { parent::_preSaveEntry($entry, $data, $action); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); if (!utf8_is_valid($entry['title'])) { $entry['title'] = utf8_bad_replace($entry['title']); } if (empty($entry['title'])) { $this->addMessage('title_is_empty'); } if (!utf8_is_valid($entry['body'])) { $entry['body'] = utf8_bad_replace($entry['body']); } if (empty($entry['body'])) { $this->addMessage(iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('body'))), false); } if (empty($entry['date_added'])) { $entry['date_added'] = date(iaDb::DATETIME_FORMAT); } $entry['alias'] = $this->getHelper()->titleAlias(empty($entry['alias']) ? $entry['title'] : $entry['alias']); if ($this->getMessages()) { return false; } unset($entry['owner'], $entry['tags']); if (isset($_FILES['image']['tmp_name']) && $_FILES['image']['tmp_name']) { $iaPicture = $this->_iaCore->factory('picture'); $info = array('image_width' => 1000, 'image_height' => 750, 'thumb_width' => 250, 'thumb_height' => 250, 'resize_mode' => iaPicture::CROP); if ($image = $iaPicture->processImage($_FILES['image'], iaUtil::getAccountDir(), iaUtil::generateToken(), $info)) { empty($entry['image']) || $iaPicture->delete($entry['image']); // already has an assigned image $entry['image'] = $image; } } return true; }
public function parsePost(array $fields, $previousValues = null) { $iaCore =& $this->iaCore; $error = false; $messages = array(); $invalidFields = array(); $item = array(); $data =& $_POST; // access to the data source by link if (iaCore::ACCESS_ADMIN == $this->iaCore->getAccessType()) { if (isset($data['sponsored'])) { $item['sponsored'] = (int) $data['sponsored']; $item['sponsored_plan_id'] = $item['sponsored'] ? (int) $data['plan_id'] : 0; $item['sponsored_start'] = $item['sponsored'] ? date(iaDb::DATETIME_SHORT_FORMAT) : null; $item['sponsored_end'] = $item['sponsored'] ? $data['sponsored_end'] : null; } if (isset($data['featured'])) { $item['featured'] = (int) $data['featured']; if ($item['featured']) { if (isset($data['featured_end']) && $data['featured_end']) { $item['featured_start'] = date(iaDb::DATETIME_SHORT_FORMAT); $item['featured_end'] = iaSanitize::html($data['featured_end']); } else { $error = true; $messages[] = iaLanguage::get('featured_status_finished_date_is_empty'); $invalidFields[] = 'featured_end'; } } else { $item['featured_start'] = null; $item['featured_end'] = null; } } if (isset($data['status'])) { $item['status'] = iaSanitize::html($data['status']); } if (isset($data['date_added'])) { $time = strtotime($data['date_added']); if (!$time) { $error = true; $messages[] = iaLanguage::get('added_date_is_incorrect'); } elseif ($time > time()) { $error = true; $messages[] = iaLanguage::get('future_date_specified_for_added_date'); } else { $item['date_added'] = date(iaDb::DATETIME_SHORT_FORMAT, $time); } } if (isset($data['owner'])) { if (empty($data['owner'])) { $error = true; $messages[] = iaLanguage::get('owner_is_not_specified'); } else { if ($memberId = $iaCore->iaDb->one_bind('id', '`username` = :name OR `fullname` = :name', array('name' => iaSanitize::sql($_POST['owner'])), iaUsers::getTable())) { $item['member_id'] = $memberId; } else { $error = true; $messages[] = iaLanguage::get('incorrect_owner_specified'); } } } if (isset($data['locked'])) { $item['locked'] = (int) $data['locked']; } } // the code block below filters fields based on parent/dependent structure $activeFields = array(); $parentFields = array(); foreach ($fields as $field) { $activeFields[$field['name']] = $field; if (iaField::RELATION_PARENT == $field['relation']) { $parentFields[$field['name']] = $field['children']; } } foreach ($parentFields as $fieldName => $dependencies) { if (isset($data[$fieldName])) { $value = $data[$fieldName]; foreach ($dependencies as $dependentFieldName => $values) { if (!in_array($value, $values)) { unset($activeFields[$dependentFieldName]); } } } } // $iaCore->factory('util'); iaUtil::loadUTF8Functions('validation', 'bad'); foreach ($activeFields as $fieldName => $field) { isset($data[$fieldName]) || ($data[$fieldName] = ''); // Check the UTF-8 is well formed if (!is_array($data[$fieldName]) && !utf8_is_valid($data[$fieldName])) { $data[$fieldName] = utf8_bad_replace($data[$fieldName]); } if ($field['extra_actions']) { if (false === eval($field['extra_actions'])) { continue; // make possible to stop further processing of this field by returning FALSE } } if (in_array($field['type'], array(self::TEXT, self::TEXTAREA, self::NUMBER, self::RADIO, self::CHECKBOX, self::COMBO))) { if ($field['required']) { if ($field['required_checks']) { eval($field['required_checks']); } if (empty($data[$fieldName])) { $error = true; $messages[] = in_array($field['type'], array(self::RADIO, self::CHECKBOX, self::COMBO)) ? iaLanguage::getf('field_is_not_selected', array('field' => iaLanguage::get('field_' . $fieldName))) : iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } } switch ($field['type']) { case self::NUMBER: $item[$fieldName] = (double) str_replace(' ', '', $data[$fieldName]); break; case self::TEXT: $item[$fieldName] = iaSanitize::tags($data[$fieldName]); break; case self::TEXTAREA: $item[$fieldName] = $field['use_editor'] ? iaUtil::safeHTML($data[$fieldName]) : iaSanitize::tags($data[$fieldName]); break; default: $item[$fieldName] = is_array($data[$fieldName]) ? implode(',', $data[$fieldName]) : $data[$fieldName]; } } elseif (self::DATE == $field['type']) { if ($field['required'] && $field['required_checks']) { eval($field['required_checks']); } elseif ($field['required'] && empty($data[$fieldName])) { $error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } $data[$fieldName] = trim($data[$fieldName]); if (empty($data[$fieldName])) { $item[$fieldName] = $field['allow_null'] ? null : ''; } else { if (strpos($data[$fieldName], ' ') === false) { $date = $data[$fieldName]; $time = false; } else { list($date, $time) = explode(' ', $data[$fieldName]); } // FIXME: f*****g shit $array = explode('-', $date); $year = (int) $array[0]; $month = max(1, (int) $array[1]); $day = max(1, (int) $array[2]); $year = strlen($year) == 4 ? $year : 2000; $month = strlen($month) < 2 ? '0' . $month : $month; $day = strlen($day) < 2 ? '0' . $day : $day; $item[$fieldName] = $year . '-' . $month . '-' . $day; if ($field['timepicker'] && $time) { $time = explode(':', $time); $hour = max(1, (int) $time[0]); $minute = max(1, (int) $time[1]); $seconds = max(1, (int) $time[2]); $hour = strlen($hour) < 2 ? '0' . $hour : $hour; $minute = strlen($minute) < 2 ? '0' . $minute : $minute; $seconds = strlen($seconds) < 2 ? '0' . $seconds : $seconds; $item[$fieldName] .= ' ' . $hour . ':' . $minute . ':' . $seconds; } } } elseif (self::URL == $field['type']) { $validProtocols = array('http://', 'https://'); $item[$fieldName] = ''; $req_error = false; if ($field['required']) { if ($field['required_checks']) { eval($field['required_checks']); } elseif (empty($data[$fieldName]['url']) || in_array($data[$fieldName]['url'], $validProtocols)) { $error = $req_error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } } if (!$req_error && !empty($data[$fieldName]['url']) && !in_array($data[$fieldName]['url'], $validProtocols)) { if (false === stripos($data[$fieldName]['url'], 'http://') && false === stripos($data[$fieldName]['url'], 'https://')) { $data[$fieldName]['url'] = 'http://' . $data[$fieldName]['url']; } if (iaValidate::isUrl($data[$fieldName]['url'])) { $item[$fieldName] = array(); $item[$fieldName]['url'] = iaSanitize::tags($data[$fieldName]['url']); $item[$fieldName]['title'] = empty($data[$fieldName]['title']) ? str_replace($validProtocols, '', $data[$fieldName]['url']) : $data[$fieldName]['title']; $item[$fieldName] = implode('|', $item[$fieldName]); } else { $error = true; $messages[] = iaLanguage::get('field_' . $fieldName) . ': ' . iaLanguage::get('error_url'); $invalidFields[] = $fieldName; } } } elseif (in_array($field['type'], array(self::IMAGE, self::STORAGE, self::PICTURES)) && is_array($_FILES[$fieldName]['tmp_name']) && !empty($_FILES[$fieldName]['tmp_name'])) { if (!is_writable(IA_UPLOADS)) { $error = true; $messages[] = iaLanguage::get('error_directory_readonly'); } else { // run required field checks if ($field['required'] && $field['required_checks']) { eval($field['required_checks']); } elseif ($field['required'] && empty($_FILES[$fieldName]['tmp_name'])) { $error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } // custom folder for uploaded images if (!empty($field['folder_name'])) { if (!is_dir(IA_UPLOADS . $field['folder_name'])) { mkdir(IA_UPLOADS . $field['folder_name']); } $path = $field['folder_name'] . IA_DS; } else { $path = iaUtil::getAccountDir(); } $item[$fieldName] = isset($data[$fieldName]) && $data[$fieldName] ? $data[$fieldName] : array(); // initialize class to work with images $methodName = self::STORAGE == $field['type'] ? '_processFileField' : '_processImageField'; // process uploaded files foreach ($_FILES[$fieldName]['tmp_name'] as $id => $tmp_name) { if ($_FILES[$fieldName]['error'][$id]) { continue; } // files limit exceeded or rewrite image value if (self::IMAGE != $field['type'] && count($item[$fieldName]) >= $field['length']) { break; } $file = array(); foreach ($_FILES[$fieldName] as $key => $value) { $file[$key] = $_FILES[$fieldName][$key][$id]; } $processing = self::$methodName($field, $file, $path); // 0 - filename, 1 - error, 2 - textual error description if (!$processing[1]) { $fieldValue = array('title' => isset($data[$fieldName . '_title'][$id]) ? substr(trim($data[$fieldName . '_title'][$id]), 0, 100) : '', 'path' => $processing[0]); if (self::IMAGE == $field['type']) { $item[$fieldName] = $fieldValue; } else { $item[$fieldName][] = $fieldValue; } } else { $error = true; $messages[] = $processing[2]; } } } // If already has images, append them. $item[$fieldName] = empty($item[$fieldName]) ? '' : serialize(array_merge($item[$fieldName])); // array_merge is used to reset numeric keys } if (isset($item[$fieldName])) { // process hook if field value exists $iaCore->startHook('phpParsePostAfterCheckField', array('field_name' => $fieldName, 'item' => &$item[$fieldName], 'value' => $field, 'error' => &$error, 'error_fields' => &$invalidFields, 'msg' => &$messages)); } } return array($item, $error, $messages, implode(',', $invalidFields)); }
protected function _preSaveEntry(array &$entry, array $data, $action) { parent::_preSaveEntry($entry, $data, $action); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); if (!utf8_is_valid($entry['title'])) { $entry['title'] = utf8_bad_replace($entry['title']); } if (empty($entry['title'])) { $this->addMessage('title_is_empty'); } if (!utf8_is_valid($entry['body'])) { $entry['body'] = utf8_bad_replace($entry['body']); } if (empty($entry['body'])) { $this->addMessage('body_is_empty'); } if (empty($entry['date_added'])) { $entry['date_added'] = date(iaDb::DATETIME_FORMAT); } $entry['alias'] = $this->getHelper()->titleAlias(empty($entry['alias']) ? $entry['title'] : $entry['alias']); if (isset($_FILES['image']['tmp_name']) && $_FILES['image']['tmp_name']) { $this->_iaCore->loadClass(iaCore::CORE, 'picture'); $iaImage = $this->_iaCore->factoryPlugin($this->getPluginName(), iaCore::ADMIN, 'image'); $imageData = json_decode($entry['image-data'], true); $path = iaUtil::getAccountDir(); $file = $_FILES['image']; $token = iaUtil::generateToken(); $info = array('image_width' => $this->_iaCore->get('portfolio_image_width'), 'image_height' => $this->_iaCore->get('portfolio_image_height'), 'crop_width' => $imageData['width'], 'crop_height' => $imageData['height'], 'thumb_width' => $this->_iaCore->get('portfolio_thumbnail_width'), 'thumb_height' => $this->_iaCore->get('portfolio_thumbnail_height'), 'positionX' => $imageData['x'], 'positionY' => $imageData['y'], 'position' => 'LT', 'resize' => 'after_crop', 'resize_mode' => iaImage::CROP); if ($image = $iaImage->processFolioImage($file, $path, $token, $info)) { if ($entry['image']) { $iaImage = $this->_iaCore->factory('picture'); $iaImage->delete($entry['image']); } $entry['image'] = $image; } } if (empty($entry['image'])) { $this->addMessage('invalid_image_file'); } if ($this->getMessages()) { return false; } unset($entry['image-src']); unset($entry['image-data']); return true; }
protected function _preSaveEntry(array &$entry, array $data, $action) { parent::_preSaveEntry($entry, $data, $action); iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii'); if (!utf8_is_valid($entry['title'])) { $entry['title'] = utf8_bad_replace($entry['title']); } if (empty($entry['title'])) { $this->addMessage('title_is_empty'); } if (!utf8_is_valid($entry['body'])) { $entry['body'] = utf8_bad_replace($entry['body']); } if (empty($entry['body'])) { $this->addMessage(iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('body')))); } if (empty($entry['date_added'])) { $entry['date_added'] = date(iaDb::DATETIME_FORMAT); } $entry['alias'] = $this->getHelper()->titleAlias(empty($entry['alias']) ? $entry['title'] : $entry['alias']); if (!empty($data['owner'])) { if ($memberId = $this->_iaCore->iaDb->one_bind('id', '`username` = :name OR `fullname` = :name', array('name' => iaSanitize::sql($_POST['owner'])), iaUsers::getTable())) { $entry['member_id'] = $memberId; } else { $this->addMessage('incorrect_owner_specified'); } } else { $entry['member_id'] = iaUsers::getIdentity()->id; } if ($this->getMessages()) { return false; } unset($entry['owner']); if (isset($_FILES['image']['tmp_name']) && $_FILES['image']['tmp_name']) { $iaPicture = $this->_iaCore->factory('picture'); $info = array('image_width' => 1000, 'image_height' => 750, 'thumb_width' => 250, 'thumb_height' => 250, 'resize_mode' => iaPicture::CROP); if ($image = $iaPicture->processImage($_FILES['image'], iaUtil::getAccountDir(), iaUtil::generateToken(), $info)) { empty($entry['image']) || $iaPicture->delete($entry['image']); // already has an assigned image $entry['image'] = $image; } } unset($entry['tags']); return true; }
$iaCore->startHook('phpActionsJsonHandle', array('action' => $_POST['action'], 'output' => &$output)); } $iaView->assign($output); } if (isset($_GET) && isset($_GET['action'])) { switch ($_GET['action']) { case 'ckeditor_upload': $iaView->disableLayout(); $iaView->set('nodebug', 1); $err = 0; if (isset($_GET['Type']) && 'Image' == $_GET['Type'] && isset($_FILES['upload'])) { $oFile = $_FILES['upload']; $sErrorNumber = '0'; $imgTypes = array('image/gif' => 'gif', 'image/jpeg' => 'jpg', 'image/pjpeg' => 'jpg', 'image/png' => 'png'); $_user = iaUsers::hasIdentity() ? iaUsers::getIdentity()->username : false; $sFileUrl = 'uploads/' . iaUtil::getAccountDir($_user); $ext = array_key_exists($oFile['type'], $imgTypes) ? $imgTypes[$oFile['type']] : false; if (!$ext) { $err = '202 error'; } $tok = iaUtil::generateToken(); $fname = $tok . '.' . $ext; if (!$err) { move_uploaded_file($oFile['tmp_name'], IA_HOME . $sFileUrl . $fname); chmod(IA_HOME . $sFileUrl . $fname, 0777); } // fix windows URLs $fileUrl = $sFileUrl . $fname; $fileUrl = str_replace('\\', '/', $fileUrl); $callback = (int) $_GET['CKEditorFuncNum']; $output = '<html><body><script type="text/javascript">';
public function delete($statement = null) { $rows = $this->iaDb->all(iaDb::ALL_COLUMNS_SELECTION, $statement, null, null, self::getTable()); $result = $this->iaDb->delete($statement, self::getTable()); if ($result) { $actionName = 'member_removal'; $emailNotificationEnabled = $this->iaCore->get($actionName); $iaMailer = $this->iaCore->factory('mailer'); $iaLog = $this->iaCore->factory('log'); foreach ($rows as $entry) { // delete member uploads folder $folder = IA_UPLOADS . iaUtil::getAccountDir($entry['username']); iaUtil::cascadeDeleteFiles($folder, true) && @rmdir($folder); $iaLog->write(iaLog::ACTION_DELETE, array('item' => 'member', 'name' => $entry['fullname'], 'id' => $entry['id'])); $this->iaCore->startHook('phpUserDelete', array('userInfo' => $entry)); if ($emailNotificationEnabled) { $iaMailer->loadTemplate($actionName); $iaMailer->addAddress($entry['email'], $entry['fullname']); $iaMailer->setReplacements('fullname', $entry['fullname']); $iaMailer->send(); } } } return $result; }