/**
* this function set custom operator for each custom module in cp
* @param [type] $_id [description]
* @return [type] [description]
*/
function cp_create_query($_id = null)
{
if (!$_id) {
$_id = $this->childparam('edit');
}
$cpModule = $this->cpModule();
$mymodule = $this->cpModule('raw');
$qry = $this->sql();
$datarow = array();
$datarow['slug'] = utility::post('slug', 'filter');
$datarow['parent'] = utility::post('parent');
if (!$datarow['slug']) {
$datarow['slug'] = utility\Filter::slug(utility::post('title'));
}
if ($datarow['parent']) {
$datarow['url'] = $this->sql()->table('terms')->where('id', $datarow['parent'])->select()->assoc('term_url') . '/' . $datarow['slug'];
} else {
$datarow['parent'] = '#NULL';
$datarow['url'] = $datarow['slug'];
}
if ($cpModule['raw'] === 'bookcategories') {
$datarow['url'] = 'book-index/' . preg_replace("#^(book-index\\/)+#", "", $datarow['url']);
}
// var_dump($datarow['slug']);exit();
if (utility::post('title')) {
$qry = $qry->table('terms')->set('term_type', $cpModule['type'])->set('term_language', utility::post('language'))->set('term_title', utility::post('title'))->set('term_slug', $datarow['slug'])->set('term_desc', utility::post('desc'))->set('term_parent', $datarow['parent'])->set('term_url', $datarow['url']);
} else {
debug::error(T_("Please enter title!"));
return false;
}
$post_new_id = null;
if ($_id) {
// on edit
$qry = $qry->where('id', $_id)->update();
$post_new_id = $_id;
} else {
// on add
$qry = $qry->insert();
$post_new_id = $qry->LAST_INSERT_ID();
}
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
// if query run without error means commit
$this->commit(function ($_module, $_postId, $_edit = null) {
if ($_edit) {
debug::true(T_("Update Successfully"));
// $this->redirector()->set_url($_module.'/edit='.$_postId);
} else {
debug::true(T_("Insert Successfully"));
$this->redirector()->set_url($_module . '/add');
// $this->redirector()->set_url($_module.'/edit='.$_postId);
}
}, $mymodule, $post_new_id, $_id);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}
/**
* Check for invalid upload process
* @param string self::$fieldName [description]
* @return [type] [description]
*/
public static function invalid($_name = 'upfile', $_maxSize = null)
{
self::$fieldName = $_name;
try {
// Undefined | Multiple Files | $_FILES Corruption Attack
// If this request falls under any of them, treat it invalid.
if (!isset($_FILES[self::$fieldName]['error']) || is_array($_FILES[self::$fieldName]['error'])) {
throw new \RuntimeException(T_('Invalid parameters'));
}
// Check $_FILES[self::$fieldName]['error'] value.
switch ($_FILES[self::$fieldName]['error']) {
case UPLOAD_ERR_OK:
break;
case UPLOAD_ERR_NO_FILE:
throw new \RuntimeException(T_('No file sent'));
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
throw new \RuntimeException(T_('Exceeded filesize limit'));
default:
throw new \RuntimeException(T_('Unknown errors'));
}
$fileInfo = pathinfo($_FILES[self::$fieldName]['name']);
self::$fileName = $fileInfo['filename'];
self::$fileExt = strtolower($fileInfo['extension']);
$extCheck = self::extCheck(self::$fileExt);
self::$fileType = $extCheck['type'];
self::$fileMime = $extCheck['mime'];
self::$fileDisallow = $extCheck['disallow'];
if (!$_maxSize) {
$_maxSize = self::max_file_upload_in_bytes(true);
}
// Check filesize here.
self::$fileSize = $_FILES[self::$fieldName]['size'];
if (self::$fileSize > $_maxSize) {
throw new \RuntimeException(T_('Exceeded filesize limit'));
}
//check file extention with allowed extention list
// set file data like name, ext, mime
// file with long name does not allowed in our system
if (strlen(self::$fileName) > 200 || strpos(self::$fileName, 'htaccess') !== false) {
throw new \RuntimeException(T_('Exceeded file name limit'));
}
// file with long extension does not allowed in our system
if (strlen(self::$fileExt) > 10 || self::$fileDisallow) {
throw new \RuntimeException(T_('Exceeded file extension limit'));
}
self::$fileFullName = \lib\utility\Filter::slug(self::$fileName) . '.' . self::$fileExt;
self::$fileMd5 = md5_file($_FILES[self::$fieldName]['tmp_name']);
if (is_array(self::$extentions) && !in_array(self::$fileExt, self::$extentions)) {
throw new \RuntimeException(T_("We don't support this type of file"));
}
// DO NOT TRUST $_FILES[self::$fieldName]['mime'] VALUE !!
// Check MIME Type by yourself.
// Alternative check
if (function_exists('finfo')) {
$finfo = new finfo(FILEINFO_MIME_TYPE);
// var_dump($finfo);
// if (false === $ext = array_search( $finfo->file($_FILES[self::$fieldName]['tmp_name']), self::$extentions ), true ))
// {
// throw new \RuntimeException(T_('Invalid file format.'));
// }
self::$fileMime = mime_content_type($fileInfo['basename']);
}
// it is not invalid, that's mean it's a valid upload
return false;
} catch (\RuntimeException $e) {
return $e->getMessage();
}
}
/**
* this function set custom operator for each custom module in cp
* @param [type] $_id [description]
* @return [type] [description]
*/
function cp_create_query($_id = null)
{
if (!$_id) {
$_id = $this->childparam('edit');
}
// if don't set title return error
if (!utility::post('title')) {
debug::error(T_("Please enter title!"));
return false;
}
// remove this line!
$mymodule = $this->cpModule('raw');
// set useful variables
$datarow = array();
$cpModule = $this->cpModule();
$qry = $this->sql()->table('posts');
// set all variable get form all type of forms
$datarow['language'] = utility::post('language');
$datarow['title'] = utility::post('title');
$datarow['slug'] = utility::post('slug', 'filter');
$datarow['content'] = utility::post('desc');
$datarow['type'] = $cpModule['type'];
$datarow['url'] = null;
$datarow['status'] = utility::post('status');
$datarow['parent'] = utility::post('parent');
$datarow['user_id'] = $this->login('id');
$datarow['publishdate'] = date('Y-m-d H:i:s');
// read post meta and rewrite it
$datarow['meta'] = $this->sql()->table('posts')->where('id', $_id)->select()->assoc('post_meta');
$datarow['meta'] = json_decode($datarow['meta'], true);
// meta fields
$datarow['meta']['thumbid'] = utility::post('thumbid');
$datarow['meta']['slug'] = $datarow['slug'];
$datarow['meta'] = json_encode($datarow['meta']);
// set slug if is not set
if (!$datarow['slug']) {
$datarow['slug'] = utility\Filter::slug($datarow['title']);
}
switch ($cpModule['raw']) {
case 'pages':
case 'books':
// calc and set url
if ($datarow['parent']) {
$datarow['url'] = $this->sql()->table('posts')->where('post_type', $cpModule['type'])->and('id', $datarow['parent'])->select()->assoc('post_url') . '/' . $datarow['slug'];
} else {
$datarow['parent'] = '#NULL';
$datarow['url'] = $datarow['slug'];
}
if ($cpModule['raw'] === 'books') {
$datarow['url'] = 'book/' . preg_replace("#^(book\\/)+#", "", $datarow['url']);
}
break;
// only on edit
// only on edit
case 'attachments':
// remove unuse fields like slug, url, data, status, ...
// commented row not deleted and check
unset($datarow['language']);
// unset($datarow['title']);
// unset($datarow['slug']);
// unset($datarow['content']);
unset($datarow['type']);
unset($datarow['url']);
// unset($datarow['status']);
unset($datarow['parent']);
// unset($datarow['user_id']);
unset($datarow['publishdate']);
if (utility::post('cat')) {
$cat = utility::post('cat');
} else {
$cat = 'file';
}
$datarow['url'] = $cat . '/' . $datarow['slug'];
$datarow['url'] = trim($datarow['url'], '/');
// // read post meta and rewrite it
// $datarow['meta'] = $this->sql()->table('posts')
// ->where('post_type', 'attachment')->and('id', $_id)
// ->select()->assoc('post_meta');
// $datarow['meta'] = json_decode($datarow['meta'], true);
// $datarow['meta']['slug'] = $datarow['slug'];
// $datarow['meta'] = json_encode($datarow['meta']);
unset($datarow['slug']);
// var_dump(utility::post('cat'));
// var_dump($datarow['meta']);
// exit();
break;
case 'socialnetwork':
$datarow['slug'] = 'social' . md5(time());
$datarow['url'] = 'social/' . $datarow['slug'];
$datarow['status'] = 'draft';
// print_r($datarow);
// exit();
break;
// all other type of post
// all other type of post
default:
unset($datarow['parent']);
$datarow['url'] = utility::post('cat');
// create url with selected cat
if ($cpModule['raw'] === 'books') {
$datarow['url'] = 'books';
} elseif (!$datarow['url']) {
// calc and set url
$datarow['url'] = $this->sql()->table('terms')->where('id', 1)->select()->assoc('term_url');
}
if ($datarow['url']) {
$datarow['url'] = $datarow['url'] . '/';
}
$datarow['url'] = $datarow['url'] . $datarow['slug'];
break;
}
// if in edit get this record data
if ($_id) {
$record = $this->sql()->table('posts')->where('id', $_id)->select()->assoc();
$record_meta = $this->sql()->table('options')->where('post_id', $_id)->order('id', 'asc')->select()->allassoc();
// fill options value like posts field
foreach ($record_meta as $key => $value) {
$record[$record_meta[$key]['option_key']] = $record_meta[$key]['option_value'];
}
}
$changed = false;
// set values if exist
foreach ($datarow as $key => $value) {
$key = $key === 'user_id' ? 'user_id' : 'post_' . $key;
if ($_id) {
// check with old data and if change then set it
if ($record[$key] !== $value) {
$qry = $qry->set($key, $value);
$changed = true;
}
} elseif ($value) {
$qry = $qry->set($key, $value);
}
}
$post_new_id = $_id;
if ($_id) {
// on edit
if ($changed) {
$qry = $qry->where('id', $_id)->update();
}
} else {
// on add
$qry = $qry->insert();
$post_new_id = $qry->LAST_INSERT_ID();
}
if ($post_new_id === 0 || !$post_new_id) {
return;
}
// if publish post share it on twitter and save in options
// before share check db for share before
// if on add or in edit and staus exist and status !== 400
// then if status == publish and changed from old position
$post_status = isset($record['post_status']) ? $record['post_status'] : null;
$post_type = isset($record['post_type']) ? $record['post_type'] : null;
$post_type = $post_type ? $post_type : $cpModule['type'];
if ($datarow['status'] === 'publish' && $datarow['status'] !== $post_status && $post_type === 'post') {
$url_main = $this->url('MainProtocol') . '://' . $this->url('MainSite');
if (!(isset($record['twitter']['status']) && $record['twitter']['status'] === 400)) {
$mytwitte = $datarow['title'] . ' ' . $url_main . '/' . $datarow['url'];
$twitte_result = \lib\utility\SocialNetwork::twitter($mytwitte);
if (isset($twitte_result) && isset($twitte_result['status'])) {
$twitte_result = json_encode($twitte_result);
$qry_twitter = $this->sql()->table('options')->set('post_id', $post_new_id)->set('option_cat', 'post' . $post_new_id . '_SocialNetwork')->set('option_key', 'twitter')->set('option_value', $twitte_result);
// $qry_twitter = $qry_twitter->insertString();
// var_dump($qry_twitter);
$qry_twitter = $qry_twitter->insert();
}
}
$telegram = \lib\utility\SocialNetwork::telegram($datarow['title'] . "\n" . $url_main . '/' . $datarow['url']);
$facebook_content = html_entity_decode($datarow['content']);
$facebook_content = preg_replace("/<\\/p>/", "\n", $facebook_content);
$facebook_content = preg_replace("/<[^>]+>/", "", $facebook_content);
$facebook_content = preg_replace("/^[\\s\n\r\t]+/", "", $facebook_content);
$facebook_url = $url_main . '/' . $datarow['url'];
$result_fb = \lib\utility\SocialNetwork::facebook($facebook_url, $facebook_content);
if (isset($result_fb)) {
// $result_fb = json_encode($result_fb);
$qry_facebook = $this->sql()->table('options')->set('post_id', $post_new_id)->set('option_cat', 'post' . $post_new_id . '_SocialNetwork')->set('option_key', 'facebook')->set('option_value', $result_fb);
// $qry_facebook = $qry_facebook->insertString();
$qry_facebook = $qry_facebook->insert();
}
}
// add tags to terms table
$mycats = utility::post('categories');
// if(!$mycats)
// $mycats = [1];
$mytags = utility::post('tags');
$mytags = explode(',', $mytags);
foreach ($mytags as $key => $value) {
$value = trim($value, " ");
$value = trim($value, "'");
if ($value) {
$mytags[$key] = $value;
} else {
unset($mytags[$key]);
}
}
// --------------------------------------------------- check new tag and cats with old one on edit
if ($_id) {
$myterms_del = null;
// get old tags and diff of it with new one by title of tags
$old_tags = $this->sp_term_list('tag', false);
$tags_diff = array_diff($old_tags, $mytags);
if (count($tags_diff) > 0) {
// get the list of tags id
$tags_id = $this->cp_tag_id($tags_diff);
$myterms_del = $tags_id;
}
// get old cats and diff of it with new one by id
if ($cpModule['raw'] === 'attachments') {
$old_cats = $this->sp_term_list('filecat', false);
if (!is_array($mycats)) {
$mycats = null;
}
} elseif ($cpModule['raw'] === 'books') {
$old_cats = $this->sp_term_list('bookcat', false);
if (!is_array($mycats)) {
$mycats = null;
}
} else {
$old_cats = $this->sp_term_list('cat', false);
if (!is_array($mycats)) {
$mycats = [1];
}
}
if (is_array($old_cats) && count($old_cats) && is_array($mycats) && count($mycats)) {
$cats_diff = array_diff($old_cats, $mycats);
} elseif (is_array($mycats) && count($mycats)) {
$cats_diff = $mycats;
} else {
$cats_diff = $old_cats;
}
if (is_array($cats_diff) && count($cats_diff) > 0) {
$cats_diff = implode(",", $cats_diff);
if ($myterms_del) {
$myterms_del .= ',';
}
$myterms_del .= $cats_diff;
}
// var_dump($myterms_del);
// exit();
// delete deleted tags and cats together in one query
if ($myterms_del) {
$qry_term_del = $this->sql()->table('termusages')->where('termusage_id', $post_new_id);
if (count(explode(',', $myterms_del)) === 1) {
$qry_term_del = $qry_term_del->and('term_id', '=', $myterms_del)->delete();
} else {
$qry_term_del = $qry_term_del->and('term_id', 'in', "(" . $myterms_del . ")")->delete();
}
}
}
// ------------------------------------------------- if user enter new tag
$tags_id = array();
if (count($mytags) > 0) {
$qry_tag = $this->sql()->table('terms');
// add each tag to sql syntax
foreach ($mytags as $value) {
if ($value) {
$qry_tag = $qry_tag->set('term_type', 'tag')->set('term_title', $value)->set('term_slug', $value)->set('term_url', $value);
}
}
// var_dump($qry_tag->insertString('IGNORE'));exit();
$qry_tag->insert('IGNORE');
// get the list of tags id
$tags_id = $this->cp_tag_id($mytags, false);
// var_dump($tags_id);
if (!is_array($tags_id)) {
$tags_id = array();
}
}
// add selected tag to term usages table
// on pages dont need cats and only add tags
if ($mymodule === 'pages') {
$myterms = $tags_id;
} elseif (is_array($mycats) && count($mycats)) {
$myterms = array_merge($tags_id, $mycats);
} else {
$myterms = $tags_id;
}
// ---------------------------------------------- set termusage table
// if terms exist go to foreach
if (isset($myterms) && count($myterms) > 0) {
$qry_tagusages = $this->sql()->table('termusages');
foreach ($myterms as $value) {
$qry_tagusages = $qry_tagusages->set('term_id', $value)->set('termusage_id', $post_new_id)->set('termusage_foreign', 'posts');
}
// var_dump($qry_tagusages->insertString());exit();
$qry_tagusages->insert('IGNORE');
}
// update post url
// $post_url = utility::post('slug', 'filter');
// $this->sql()->table('posts')->set('post_url', $post_url)
// ->where('id', $post_new_id)->update();
// ======================================================
// you can manage next event with one of these variables,
// commit for successfull and rollback for failed
// if query run without error means commit
if ($cpModule['raw'] == 'socialnetwork') {
$twitte_result = \lib\utility\SocialNetwork::telegram($datarow['content']);
}
$this->commit(function ($_module, $_postId, $_edit = null) {
if ($_edit) {
debug::true(T_("Update Successfully"));
$this->redirector()->set_url($_module . '/edit=' . $_postId);
} else {
debug::true(T_("Insert Successfully"));
$this->redirector()->set_url($_module . '/edit=' . $_postId);
}
}, $mymodule, $post_new_id, $_id);
// if a query has error or any error occour in any part of codes, run roolback
$this->rollback(function () {
debug::title(T_("Transaction error") . ': ');
});
}