public static function GenerateFromCustom($type) { $DB = GetDB(); $schema = GetDBSchema(); $xtable = $schema->el('//table[naming/type="' . $type . '"]'); $primary_key = $xtable->columns->primaryKey->val(); $custom_schema_table = $xtable->custom->val() . '_schema'; $html = ''; $result = $DB->Query('SELECT * FROM # ORDER BY `field_id`', array($custom_schema_table)); while ($field = $DB->NextRow($result)) { switch ($field['type']) { case self::TEXT: $html .= '<div class="field">' . ' <label>' . $field['label'] . ':</label>' . ' <span class="field-container">' . ' <input type="text" size="60" name="' . $field['name'] . '" value="' . Request::Get($field['name']) . '" />' . ' </span>' . '</div>'; break; case self::TEXTAREA: $html .= '<div class="field">' . ' <label>' . $field['label'] . ':</label>' . ' <span class="field-container">' . ' <textarea name="' . $field['name'] . '" rows="5" cols="80">' . Request::Get($field['name']) . '</textarea>' . ' </span>' . '</div>'; break; case self::SELECT: $html .= '<div class="field">' . ' <label>' . $field['label'] . ':</label>' . ' <span class="field-container">' . ' <select name="' . $field['name'] . '">' . self::OptionsSimple($field['options'], Request::Get($field['name'])) . ' </select>' . ' </span>' . '</div>'; break; case self::CHECKBOX: $html .= '<div class="field">' . ' <label></label>' . ' <span class="field-container">' . ' <div class="checkbox">' . ' <input type="hidden" name="' . $field['name'] . '" value="' . Request::Get($field['name']) . '" />' . ' ' . $field['label'] . ' </div>' . ' </span>' . '</div>'; break; } } $DB->Free($result); if (empty($html)) { $html = '<div class="message-warning text-center">No Custom Fields Have Been Defined</div>'; } return $html; }
function tbxUploadStepOne() { global $t; $v = Validator::Create(); $_REQUEST['tags'] = Tags::Format($_REQUEST['tags']); $v->Register($_REQUEST['title'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Title'), Config::Get('title_min_length'), Config::Get('title_max_length')), Config::Get('title_min_length') . ',' . Config::Get('title_max_length')); $v->Register($_REQUEST['description'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Description'), Config::Get('description_min_length'), Config::Get('description_max_length')), Config::Get('description_min_length') . ',' . Config::Get('description_max_length')); $v->Register(Tags::Count($_REQUEST['tags']), Validator_Type::IS_BETWEEN, _T('Validation:Invalid Num Tags', Config::Get('tags_min'), Config::Get('tags_max')), Config::Get('tags_min') . ',' . Config::Get('tags_max')); // Register user-defined field validators $schema = GetDBSchema(); $v->RegisterFromXml($schema->el('//table[name="tbx_video_custom"]'), 'user', 'create'); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_VIDEO)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } // Validate CAPTCHA if (Config::Get('flag_captcha_on_upload')) { Captcha::Verify(); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); $t->AssignByRef('g_form', $_REQUEST); return tbxDisplayUpload(); } $_REQUEST['step_one_data'] = base64_encode(serialize($_REQUEST)); $_REQUEST['step_one_sig'] = sha1($_REQUEST['step_one_data'] . Config::Get('random_value')); $t->Assign('g_file_types', '*.' . str_replace(',', ';*.', Config::Get('upload_extensions'))); $t->Assign('g_cookie', $_COOKIE[LOGIN_COOKIE]); $t->AssignByRef('g_form', $_REQUEST); $t->Display('upload-step-two.tpl'); }
public static function FromType($type) { $schema = GetDBSchema(); $xtable = $schema->el('//table[naming/type="' . $type . '"]'); $privilege = $xtable->privilege; $reflect = new ReflectionClass('Privileges'); return $reflect->getConstant($privilege); }
public static function Standard($table, $location = 'create') { $schema = GetDBSchema(); $xtable = $schema->el('//table[name="' . $table . '"]'); foreach ($xtable->xpath('./columns/column') as $xcolumn) { $xlocation = $xcolumn->el('./user/' . $location); if (empty($xlocation) || !$xlocation->val()) { if (isset($_REQUEST[$xcolumn->name->val()])) { unset($_REQUEST[$xcolumn->name->val()]); } } } }
if (strpos($database_xml, 'tbx_search_term_new') === false) { $database_xml = str_replace('<!-- END tbx_search_term -->', "<!-- END tbx_search_term -->\n\n\n\n" . "<!-- START tbx_search_term_new -->\n" . " <table>\n" . " <name>tbx_search_term_new</name>\n" . " <naming>\n" . " <type>search-term-new</type>\n" . " </naming>\n" . " <columns>\n" . " <column>\n" . " <name>term_id</name>\n" . " <definition>INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT</definition>\n" . " </column>\n" . " <column>\n" . " <name>term</name>\n" . " <definition>VARCHAR(255)</definition>\n" . " </column>\n" . " <column>\n" . " <name>frequency</name>\n" . " <definition>INT UNSIGNED NOT NULL</definition>\n" . " </column>\n" . " <primaryKey>term_id</primaryKey>\n" . " <unique>\n" . " <column>term</column>\n" . " </unique>\n" . " </columns>\n" . " </table>\n" . "<!-- END tbx_search_term_new -->", $database_xml); } // Add join on the tbx_video_clip table // Add tbx_search_term_new table definition if (strpos($database_xml, "<join>\n <table>tbx_video_clip</table>") === false) { $database_xml = str_replace("<join>\n" . " <table>tbx_video_custom</table>\n" . " <foreign>video_id</foreign>\n" . " <local>video_id</local>\n" . " </join>", "<join>\n" . " <table>tbx_video_custom</table>\n" . " <foreign>video_id</foreign>\n" . " <local>video_id</local>\n" . " </join>\n" . " <join>\n" . " <table>tbx_video_clip</table>\n" . " <foreign>video_id</foreign>\n" . " <local>video_id</local>\n" . " </join>", $database_xml); } if (strpos($database_xml, 'Clip URL/Embed Code') === false) { $database_xml = preg_replace('~<!-- START tbx_video_clip -->.*?<!-- END tbx_video_clip -->~msi', "<!-- START tbx_video_clip -->\n" . " <table>\n" . " <name>tbx_video_clip</name>\n" . " <naming>\n" . " <type>video-clip</type>\n" . " <textLower>video clip</textLower>\n" . " <textLowerPlural>video clips</textLowerPlural>\n" . " <textUpper>Video Clip</textUpper>\n" . " <textUpperPlural>Video Clips</textUpperPlural>\n" . " <function>VideoClip</function>\n" . " </naming>\n" . " <columns>\n" . " <column>\n" . " <name>clip_id</name>\n" . " <definition>INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT</definition>\n" . " <default>null</default>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>video_id</name>\n" . " <definition>INT UNSIGNED NOT NULL</definition>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>type</name>\n" . " <definition>ENUM('URL','Embed')</definition>\n" . " <default>URL</default>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>clip</name>\n" . " <definition>TEXT</definition>\n" . " <label>Clip URL/Embed Code</label>\n" . " <admin>\n" . " <search>true</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>filesize</name>\n" . " <definition>INT UNSIGNED NOT NULL</definition>\n" . " <default>0</default>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <index>\n" . " <column>video_id</column>\n" . " </index>\n" . " <primaryKey>clip_id</primaryKey>\n" . " </columns>\n" . " </table>\n" . " <!-- END tbx_video_clip -->", $database_xml); } $database_xml = str_replace("<definition>ENUM('Pending','Active','Disabled') NOT NULL</definition>", "<definition>ENUM('Pending','Scheduled','Active','Disabled') NOT NULL</definition>", $database_xml); $database_xml = str_replace('<autocomplete>#Pending,Active,Disabled</autocomplete>', '<autocomplete>#Pending,Scheduled,Active,Disabled</autocomplete>', $database_xml); file_put_contents(INCLUDES_DIR . '/database.xml', $database_xml); // Force a reload of the schema $schema = GetDBSchema(true); #### Update database.xml ========================================================================================================== #### Create database tables ======================================================================================================= // Create tbx_imported if doesn't already exist $DB->Update(GetDBCreate('tbx_imported')); // Create tbx_thumb_queue if doesn't already exist $DB->Update(GetDBCreate('tbx_thumb_queue')); // Create tbx_search_term_new if doesn't already exist $DB->Update(GetDBCreate('tbx_search_term_new')); #### Create database tables ======================================================================================================= #### Update database ============================================================================================================== // Prepare for new QueueProcessor stats format $stats = ThumbQueue::LoadStats(); if (!isset($stats[ThumbQueue::STAT_PROCESSED_ITEMS])) { Cache_MySQL::Remove('thumb-queue-stats'); }
function tbxRegister() { global $t; $DB = GetDB(); $v = Validator::Create(); $v->Register($_REQUEST['username'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Username'))); $v->Register($_REQUEST['username'], Validator_Type::IS_ALPHANUM, _T('Validation:Alphanumeric', _T('Label:Username'))); $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `username`=?', array($_REQUEST['username'])), Validator_Type::IS_ZERO, _T('Validation:Username Taken')); $v->Register($_REQUEST['password'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Password'))); $v->Register($_REQUEST['password'], Validator_Type::LENGTH_GREATER_EQ, _T('Validation:Length Greater Equal', _T('Label:Password'), 8), 8); $v->Register($_REQUEST['password'], Validator_Type::EQUALS, _T('Validation:Passwords do not match'), $_REQUEST['confirm_password']); $v->Register($_REQUEST['email'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:E-mail'))); $v->Register($_REQUEST['email'], Validator_Type::VALID_EMAIL, _T('Validation:E-mail', _T('Label:E-mail'))); $v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `email`=?', array($_REQUEST['email'])), Validator_Type::IS_ZERO, _T('Validation:E-mail Taken')); $v->Register($_REQUEST['name'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Name'))); $v->Register(empty($_REQUEST['birth_month']) || empty($_REQUEST['birth_day']) || empty($_REQUEST['birth_year']), Validator_Type::IS_FALSE, _T('Validation:Birthday Required')); $v->Register($_REQUEST['gender'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Gender'))); $v->Register($_REQUEST['terms'], Validator_Type::NOT_EMPTY, _T('Validation:Accept Terms')); // Register user-defined field validators $schema = GetDBSchema(); $v->RegisterFromXml($schema->el('//table[name="tbx_user_custom"]'), 'user', 'create'); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_USER)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } // Check CAPTCHA if (Config::Get('flag_captcha_on_signup')) { Captcha::Verify(); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); $t->Assign('g_form', $_REQUEST); return tbxDisplayRegister(); } // Format data $_REQUEST['date_birth'] = $_REQUEST['birth_year'] . '-' . $_REQUEST['birth_month'] . '-' . $_REQUEST['birth_day']; $_REQUEST['date_created'] = Database_MySQL::Now(); $_REQUEST['user_level_id'] = $DB->QuerySingleColumn('SELECT `user_level_id` FROM `tbx_user_level` WHERE `is_default`=1'); $_REQUEST['password'] = sha1($_REQUEST['password']); // Strip HTML tags if (Config::Get('flag_user_strip_tags')) { $_REQUEST = String::StripTags($_REQUEST); } // Prepare fields for database Form_Prepare::Standard('tbx_user'); Form_Prepare::Standard('tbx_user_stat'); Form_Prepare::Custom('tbx_user_custom_schema', 'on_submit'); // Setup account status $_REQUEST['status'] = STATUS_ACTIVE; $email_template = 'email-user-added.tpl'; if (Config::Get('flag_user_confirm_email')) { $_REQUEST['status'] = STATUS_SUBMITTED; $email_template = 'email-user-confirm.tpl'; } else { if (Config::Get('flag_user_approve')) { $_REQUEST['status'] = STATUS_PENDING; $email_template = 'email-user-pending.tpl'; } } // Add data to the database DatabaseAdd('tbx_user', $_REQUEST); DatabaseAdd('tbx_user_custom', $_REQUEST); DatabaseAdd('tbx_user_stat', $_REQUEST); if ($_REQUEST['status'] == STATUS_SUBMITTED) { $_REQUEST['register_code'] = sha1(uniqid(mt_rand(), true)); $_REQUEST['timestamp'] = time(); DatabaseAdd('tbx_user_register_code', $_REQUEST); $t->Assign('g_code', $_REQUEST['register_code']); } $t->AssignByRef('g_user', $_REQUEST); $t->AssignByRef('g_form', $_REQUEST); // Send e-mail message $m = new Mailer(); $m->Mail($email_template, $t, $_REQUEST['email'], $_REQUEST['name']); // Display confirmation $t->Display('user-register-complete.tpl'); }
function PrepareSearchAndSortFields(&$search_fields, &$sort_fields, $xtable) { $schema = GetDBSchema(); $search_fields = array(array('column' => Form_Field::OPTGROUP, 'label' => $xtable->naming->textUpper)); $sort_fields = array(array('column' => Form_Field::OPTGROUP, 'label' => $xtable->naming->textUpper)); // Base table foreach ($xtable->xpath('./columns/column') as $xcolumn) { $col = $xtable->name . '.' . $xcolumn->name; $label = $xcolumn->label; if ($xcolumn->admin->search->val()) { $item = array('column' => $col, 'label' => $label); $autocomplete = $xcolumn->autocomplete; if (!empty($autocomplete)) { $item['attr'] = 'acomplete="' . $autocomplete->val() . '"'; } $search_fields[] = $item; } if ($xcolumn->admin->sort->val()) { $sort_fields[] = array('column' => $col, 'label' => $label); } } // Join tables foreach ($xtable->xpath('./join') as $join) { $xjoin_table = $schema->el('//table[name="' . $join->table . '"]'); if ($xjoin_table->el('./columns/column/admin[search="true"]')) { $search_fields[] = array('column' => Form_Field::OPTGROUP, 'label' => $xjoin_table->naming->textUpper); } if ($xjoin_table->el('./columns/column/admin[sort="true"]')) { $sort_fields[] = array('column' => Form_Field::OPTGROUP, 'label' => $xjoin_table->naming->textUpper); } foreach ($xjoin_table->xpath('./columns/column') as $xcolumn) { $col = $xjoin_table->name . '.' . $xcolumn->name; $label = $xcolumn->label->val(); if ($xcolumn->admin->search->val()) { $item = array('column' => $col, 'label' => $label); $autocomplete = $xcolumn->autocomplete; if (!empty($autocomplete)) { $item['attr'] = 'acomplete="' . $autocomplete->val() . '"'; } $search_fields[] = $item; } if ($xcolumn->admin->sort->val()) { $sort_fields[] = array('column' => $col, 'label' => $label); } } } }
// limitations under the License. if (!preg_match('~/admin$~', realpath(dirname(__FILE__)))) { echo "This file must be located in the admin directory of your TubeX installation"; exit; } define('TUBEX_CONTROL_PANEL', true); require_once 'includes/cp-global.php'; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $DB = GetDB(); $tables = GetDBTables(); $reset = true; $settings = array('cookie_path' => '/', 'dec_point' => '.', 'thousands_sep' => ',', 'timezone' => 'America/Chicago', 'template' => 'Default-Blue-Rewrite', 'language' => 'en_US', 'video_extensions' => 'avi,mpg,mpeg,flv,f4v,rm,asf,wmv,mov,mp4,ts,m2t', 'video_size' => '512x384', 'video_bitrate' => '26', 'audio_bitrate' => '128', 'thumb_size' => '120x90', 'thumb_quality' => '90', 'thumb_amount' => '15', 'max_upload_size' => '50MB', 'max_upload_duration' => '00:20:00', 'flag_mod_rewrite' => '1', 'mailer' => 'mail', 'flag_user_confirm_email' => '0', 'date_format' => 'm-d-Y', 'time_format' => 'h:i:s', 'avatar_dimensions' => '200x200', 'avatar_filesize' => '100KB', 'avatar_extensions' => 'jpg,gif,png', 'flag_user_strip_tags' => '1', 'video_format' => '0', 'flag_allow_uploads' => '1', 'flag_upload_reject_duplicates' => '1', 'flag_upload_allow_private' => '1', 'flag_upload_convert' => '', 'flag_upload_review' => '', 'upload_extensions' => 'avi,mpg,mpeg,flv,f4v,rm,asf,wmv,mov,mp4,ts,m2t', 'title_min_length' => '10', 'title_max_length' => '100', 'description_min_length' => '10', 'description_max_length' => '500', 'tags_min' => '1', 'tags_max' => '10', 'flag_video_strip_tags' => '1', 'comment_max_length' => '500', 'comment_throttle_period' => '120', 'flag_comment_strip_tags' => '1', 'captcha_min_length' => '4', 'captcha_max_length' => '6', 'flag_captcha_words' => '1', 'flag_captcha_on_signup' => '1', 'flag_captcha_on_upload' => '0', 'flag_captcha_on_comment' => '1', 'cache_main' => '3600', 'cache_search' => '3600', 'cache_categories' => '3600', 'cache_browse' => '3600', 'cache_video' => '3600', 'cache_profile' => '3600', 'cache_comments' => '3600', 'cache_custom' => '3600'); // Reset Config.php file Config::Save($settings, true); // Reset database.xml file $schema = GetDBSchema(); $custom_tables = array(array('name' => 'tbx_user_custom', 'field' => 'username'), array('name' => 'tbx_video_custom', 'field' => 'video_id'), array('name' => 'tbx_category_custom', 'field' => 'category_id'), array('name' => 'tbx_sponsor_custom', 'field' => 'sponsor_id')); foreach ($custom_tables as $table) { $xtable = $schema->el('//table[name="' . $table['name'] . '"]'); foreach ($xtable->xpath('./columns/column') as $xcolumn) { if ($xcolumn->name->val() != $table['field']) { XML_Schema::DeleteColumn($table['name'], $xcolumn->name->val()); } } } // Remove all database tables foreach ($tables as $table) { $DB->Update('DROP TABLE IF EXISTS #', array($table)); } // Clear out directories $dirs = array('temp', 'uploads', 'videos', 'templates/_cache');
function tbxGenericShowSearch($type) { Privileges::Check(Privileges::FromType($type)); if ($type == 'search-term') { Blacklist::FilterSearchTerms(); } $schema = GetDBSchema(); $table = $schema->el('//database/table[naming/type="' . $type . '"]')->name->val(); include_once 'cp-global-search.php'; }
function SearchItemHtml($type, $original) { $DB = GetDB(); $schema = GetDBSchema(); $xtable = $schema->el('//table[naming/type="' . $type . '"]'); $primary_key = $xtable->columns->primaryKey->val(); $global_item_include_file = File::Sanitize('cp-' . $type . '-search-item-global.php', 'php'); $item_include_file = File::Sanitize('cp-' . $type . '-search-item.php', 'php'); // Get custom and merge tables $custom_table = $xtable->custom->val(); $merge_tables = empty($custom_table) ? array() : array($custom_table); foreach ($xtable->xpath('./merge') as $xmerge) { $merge_tables[] = $xmerge->val(); } foreach ($merge_tables as $merge_table) { $row = $DB->Row('SELECT * FROM # WHERE #=?', array($merge_table, $primary_key, $original[$primary_key])); if (is_array($row)) { $original = array_merge($row, $original); } } ob_start(); if (is_file("includes/{$global_item_include_file}")) { include $global_item_include_file; } $item = String::HtmlSpecialChars($original); include $item_include_file; return ob_get_clean(); }
public static function DeleteColumn($table, $column) { $schema = GetDBSchema(); $xcolumns = $schema->el('//table[name="' . $table . '"]/columns'); for ($i = 0; $i < count($xcolumns->column); $i++) { if ($xcolumns->column[$i]->name == $column) { unset($xcolumns->column[$i]); } } self::WriteXml($schema); }
function DatabaseUpdate($table, $data) { $DB = GetDB(); $schema = GetDBSchema(); $xtable = $schema->el('//table[name="' . $table . '"]'); $primary_key = $xtable->columns->primaryKey->val(); $xpkey_column = $xtable->el('./columns/column[name="' . $primary_key . '"]'); $binds = array($table); $placeholders = 0; foreach ($xtable->xpath('./columns/column') as $xcolumn) { $field = $xcolumn->name->val(); if (array_key_exists($field, $data)) { $binds[] = $field; $binds[] = $data[$field]; $placeholders++; } } $binds[] = $primary_key; $binds[] = $data[$primary_key]; if ($placeholders > 0) { $DB->Update('UPDATE # SET ' . join(',', array_fill(0, $placeholders, '#=?')) . ' WHERE #=?', $binds); } return $DB->Row('SELECT * FROM # WHERE #=?', array($table, $primary_key, $data[$primary_key])); }
public function __construct($table) { $this->schema = GetDBSchema(); $this->main_table = $table; $this->tables[$table] = $this->schema->el('//table[name="' . $table . '"]'); }