function buildVariableEnv($uid, $gid, $tid, &$vardisp, &$bounds, &$privilege, &$tree, &$condensed, &$autoDisplay)
{
$result = sqlquery("SELECT view_row.name AS user_name, variable.name AS var_name, path, warning_bound, error_bound, alarm_order, view_row.filter as varfilter, view_table.filter as viewfilter, display, auto_display, view_row.vid AS vid " . "FROM variable, view_row, view_table " . "WHERE variable.command='variable' AND (view_table.uid='{$uid}' OR view_table.uid='{$gid}') AND view_table.tid='{$tid}' AND view_row.tid='{$tid}' AND variable.vid=view_row.vid ORDER BY view_row.ordering");
while ($result && ($arr = sqlfetch($result))) {
$vid = $arr["vid"];
if (!hasAccessToVariable($vid)) {
continue;
}
$path = $arr["path"];
if ($arr["varfilter"] != "" && ($path = filterPath($path, $arr["varfilter"])) == "") {
continue;
}
if ($arr["viewfilter"] != "" && ($path = filterPath($path, $arr["viewfilter"])) == "") {
continue;
}
$condensed = $arr["display"] == "condensed";
$autoDisplay = $arr["auto_display"] == "auto";
$varName = getVarName($path);
$vardisp[$varName] = $arr["user_name"];
$bounds[$varName] = array($arr["warning_bound"], $arr["error_bound"], $arr["alarm_order"]);
$privilege[$varName] = getVariableRight($vid);
$address = explode(".", $path);
//echo "add to tree address $path<br>\n";
if (!isset($numsteps)) {
$numsteps = count($address);
}
if ($numsteps != count($address)) {
echo "Invalid table <b>{$tid}</b>, contains different variable path length (typically, mixed shard/server/service variables with entity variables)\n";
return;
}
addToNode($tree, $address, 0);
}
}
function getShardLockState()
{
global $shardLockState, $uid, $REMOTE_ADDR, $enablelock, $shardList;
global $ASHost, $ASPort;
$shardLockState = array();
if (count($shardList) > 0) {
foreach ($shardList as $shard => $s) {
$shardLockState[$shard]['lock_state'] = $enablelock ? 0 : 1;
}
}
$result = sqlquery("SELECT * FROM shard_annotation");
while ($result && ($arr = sqlfetch($result))) {
if ($enablelock) {
if ($arr['lock_user'] == 0) {
$lockState = 0;
// unlocked
} else {
if ($arr['lock_user'] == $uid && $arr['lock_ip'] == $REMOTE_ADDR) {
$lockState = 1;
// locked by user
} else {
$lockState = 2;
// locked by another user
}
}
} else {
$lockState = 1;
}
$shardLockState[$arr['shard']] = array('user_annot' => $arr['user'], 'annot' => htmlentities($arr['annotation'], ENT_QUOTES), 'post_date' => $arr['post_date'], 'lock_user' => $arr['lock_user'], 'lock_ip' => $arr['lock_ip'], 'lock_date' => $arr['lock_date'], 'lock_state' => $lockState, 'ASAddr' => $arr['ASAddr'], 'alias' => $arr['alias']);
}
}
static function getForm($id)
{
$id = sqlescape($id);
$form = sqlfetch(sqlquery("SELECT * FROM btx_form_builder_forms WHERE id = '{$id}'"));
if (!$form) {
return false;
}
$fields = array();
$object_count = 0;
$field_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE form = '{$id}' AND `column` = '0' ORDER BY position DESC, id ASC");
while ($field = sqlfetch($field_query)) {
$object_count++;
if ($field["type"] == "column") {
// Get left column
$column_fields = array();
$column_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE `column` = '" . $field["id"] . "' AND `alignment` = 'left' ORDER BY position DESC, id ASC");
while ($sub_field = sqlfetch($column_query)) {
$column_fields[] = $sub_field;
$object_count++;
}
$field["fields"] = $column_fields;
$fields[] = $field;
// Get right column
$column_fields = array();
$column_query = sqlquery("SELECT * FROM btx_form_builder_fields WHERE `column` = '" . $field["id"] . "' AND `alignment` = 'right' ORDER BY position DESC, id ASC");
while ($sub_field = sqlfetch($column_query)) {
$column_fields[] = $sub_field;
$object_count++;
}
$field["fields"] = $column_fields;
$fields[] = $field;
// Column start/end count as objects so we add 3 since there's two columns
$object_count += 3;
} else {
$fields[] = $field;
}
}
$form["fields"] = $fields;
$form["object_count"] = $object_count - 1;
// We start at 0
return $form;
}
if (strpos($file, "site/extensions/{$id}/") === 0) {
BigTree::copyFile(SERVER_ROOT . $file, SERVER_ROOT . "extensions/{$id}/public/" . str_replace("site/extensions/{$id}/", "", $file));
// Move into the site/extensions/ folder and then copy into /public/
} else {
BigTree::moveFile(SERVER_ROOT . $file, SITE_ROOT . "extensions/{$id}/" . substr($file, 5));
BigTree::copyFile(SITE_ROOT . "extensions/{$id}/" . substr($file, 5), SERVER_ROOT . "extensions/{$id}/public/" . substr($file, 5));
}
}
// If we have a place to move it to, move it.
if ($d) {
BigTree::moveFile(SERVER_ROOT . $file, SERVER_ROOT . "extensions/{$id}/" . $d);
}
}
}
// If this package already exists, we need to do a diff of the tables, increment revision numbers, and add SQL statements.
$existing = sqlfetch(sqlquery("SELECT * FROM bigtree_extensions WHERE id = '" . sqlescape($id) . "' AND type = 'extension'"));
if ($existing) {
$existing_json = json_decode($existing["manifest"], true);
// Increment revision numbers
$revision = $package["revision"] = intval($existing_json["revision"]) + 1;
$package["sql_revisions"] = (array) $existing_json["sql_revisions"];
$package["sql_revisions"][$revision] = array();
// Diff the old tables
foreach ($existing_json["components"]["tables"] as $table => $create_statement) {
// If the table exists in the new manifest, we're going to see if they're identical
if (isset($package["components"]["tables"][$table])) {
// We're going to create a temporary table of the old structure to compare to the current table
$create_statement = preg_replace("/CREATE TABLE `([^`]*)`/i", "CREATE TABLE `bigtree_extension_temp`", $create_statement);
$create_statement = preg_replace("/CONSTRAINT `([^`]*)`/i", "", $create_statement);
sqlquery("DROP TABLE IF EXISTS `bigtree_extension_temp`");
sqlquery($create_statement);
function updatePageParent($page, $parent)
{
$page = sqlescape($page);
$parent = sqlescape($parent);
if ($this->Level < 1) {
$this->stop("You are not allowed to move pages.");
}
// Get the existing path so we can create a route history
$current = sqlfetch(sqlquery("SELECT path FROM bigtree_pages WHERE id = '{$page}'"));
$old_path = sqlescape($current["path"]);
sqlquery("UPDATE bigtree_pages SET parent = '{$parent}' WHERE id = '{$page}'");
$path = sqlescape($this->getFullNavigationPath($page));
// Set the route history
sqlquery("DELETE FROM bigtree_route_history WHERE old_route = '{$path}' OR old_route = '{$old_path}'");
sqlquery("INSERT INTO bigtree_route_history (`old_route`,`new_route`) VALUES ('{$old_path}','{$path}')");
// Update the page with its new path.
sqlquery("UPDATE bigtree_pages SET path = '{$path}' WHERE id = '{$page}'");
// Update the paths of any child pages.
$this->updateChildPagePaths($page);
}
echo "{\n";
echo "\treturn true;\n";
echo "}\n";
echo "\n";
echo "//--></script>\n";
// input variables :
// - $preselServ : preselected service address
// - $execCommand : executed command on preselected service, like a normal service
//
echo "<br><br>\n";
echo "<table border=0><tr valign=top>\n";
echo "<form method=post action='" . $_SERVER['PHP_SELF'] . "' name='cmdform'>\n";
echo "<td>\n";
$result = sqlquery("SELECT DISTINCT shard FROM service ORDER BY shard");
echo "<select multiple size=" . sqlnumrows($result) . " name='selshards[]'>";
while ($result && ($arr = sqlfetch($result))) {
$selected = isset($selshards) && in_array($arr["shard"], $selshards) || (isset($admfilter_shard) && $admfilter_shard != "" && strstr($arr["shard"], $admfilter_shard) || $admfilter_shard == "" && !isset($selshards));
if ($selected) {
$selected_shards[] = $arr["shard"];
}
echo "<option value='" . $arr["shard"] . "'" . ($selected ? " selected" : "") . ">" . $arr["shard"];
}
echo "</select>\n";
echo "</td>\n";
echo "<td width=30> </td>\n";
echo "<td>\n";
echo "<table border=0>\n";
echo "<tr><th align=left>Player/Character name</th></tr>\n";
echo "<tr><td><input name=char_name value='" . stripslashes($char_name) . "' size=50 maxlength=20480></td>\n";
echo "<td><input type=submit value='Locate'></td></tr>\n";
echo "</form></table>\n";
<?php
require_once '../lib-core.php';
require_once '../lib-auth.php';
$polrauth = new polrauth();
$baseval = $mysqli->real_escape_string($_POST['baseval']);
$userinfo = $polrauth->islogged();
if (!is_array($userinfo)) {
//not logged in
die('401 Unauthorized (not logged in)');
}
$role = $userinfo['role'];
$user = $mysqli->real_escape_string($userinfo['username']);
$date = $mysqli->real_escape_string(time());
if ($role != 'adm') {
die('401 Unauthorized (not admin)');
}
//if all works out
$orig = $mysqli->real_escape_string(sqlfetch('redirinfo', 'rurl', 'baseval', $baseval));
$query = "UPDATE redirinfo SET rurl='disabled', etc2='Disabled by {$user} on UNIXDATE {$date}', etc='{$orig}' WHERE baseval='{$baseval}';";
$result = $mysqli->query($query) or die('error');
echo 'success';
die;
//all works out :)
function handle404($url)
{
$url = sqlescape(htmlspecialchars(strip_tags(rtrim($url, "/"))));
$f = sqlfetch(sqlquery("SELECT * FROM bigtree_404s WHERE broken_url = '{$url}'"));
if (!$url) {
return true;
}
if ($f["redirect_url"]) {
if ($f["redirect_url"] == "/") {
$f["redirect_url"] = "";
}
if (substr($f["redirect_url"], 0, 7) == "http://" || substr($f["redirect_url"], 0, 8) == "https://") {
$redirect = $f["redirect_url"];
} else {
$redirect = WWW_ROOT . str_replace(WWW_ROOT, "", $f["redirect_url"]);
}
sqlquery("UPDATE bigtree_404s SET requests = (requests + 1) WHERE id = '" . $f["id"] . "'");
BigTree::redirect($redirect, "301");
return false;
} else {
header($_SERVER["SERVER_PROTOCOL"] . " 404 Not Found");
if ($f) {
sqlquery("UPDATE bigtree_404s SET requests = (requests + 1) WHERE id = '" . $f["id"] . "'");
} else {
sqlquery("INSERT INTO bigtree_404s (`broken_url`,`requests`) VALUES ('{$url}','1')");
}
define("BIGTREE_DO_NOT_CACHE", true);
return true;
}
}
static function updatePendingItemField($id, $field, $value)
{
$id = sqlescape($id);
$item = sqlfetch(sqlquery("SELECT * FROM bigtree_pending_changes WHERE id = '{$id}'"));
$changes = json_decode($item["changes"], true);
if (is_array($value)) {
$value = BigTree::translateArray($value);
}
$changes[$field] = $value;
$changes = sqlescape(json_encode($changes));
sqlquery("UPDATE bigtree_pending_changes SET changes = '{$changes}' WHERE id = '{$id}'");
}
static function tableContents($table)
{
$inserts = array();
// Figure out which columns are binary and need to be pulled as hex
$description = BigTree::describeTable($table);
$column_query = array();
$binary_columns = array();
foreach ($description["columns"] as $key => $column) {
if ($column["type"] == "tinyblob" || $column["type"] == "blob" || $column["type"] == "mediumblob" || $column["type"] == "longblob" || $column["type"] == "binary" || $column["type"] == "varbinary") {
$column_query[] = "HEX(`{$key}`) AS `{$key}`";
$binary_columns[] = $key;
} else {
$column_query[] = "`{$key}`";
}
}
// Get the rows out of the table
$qq = sqlquery("SELECT " . implode(", ", $column_query) . " FROM `{$table}`");
while ($ff = sqlfetch($qq)) {
$keys = array();
$vals = array();
foreach ($ff as $key => $val) {
$keys[] = "`{$key}`";
if ($val === null) {
$vals[] = "NULL";
} else {
if (in_array($key, $binary_columns)) {
$vals[] = "X'" . str_replace("\n", "\\n", sqlescape($val)) . "'";
} else {
$vals[] = "'" . str_replace("\n", "\\n", sqlescape($val)) . "'";
}
}
}
$inserts[] = "INSERT INTO `{$table}` (" . implode(",", $keys) . ") VALUES (" . implode(",", $vals) . ")";
}
return $inserts;
}
foreach ($modules as $m) {
// Get all auto module view actions for this module.
$actions = $admin->getModuleActions($m);
foreach ($actions as $action) {
if ($action["view"]) {
$view = BigTreeAutoModule::getView($action["view"]);
$m_results = array();
$table_description = BigTree::describeTable($view["table"]);
$qparts = array();
foreach ($table_description["columns"] as $column => $data) {
$qparts[] = "`{$column}` LIKE {$w}";
}
// Get matching results
$qs = sqlquery("SELECT * FROM `" . $view["table"] . "` WHERE " . implode(" OR ", $qparts));
// Ignore SQL failures because we might have bad collation.
while ($r = sqlfetch($qs, true)) {
foreach ($r as &$piece) {
$piece = $cms->replaceInternalPageLinks($piece);
}
unset($piece);
$m_results[] = $r;
$total_results++;
}
if (count($m_results)) {
$results[$m["name"]][] = array("view" => $view, "results" => $m_results, "module" => $m);
}
}
}
}
?>
<form class="adv_search" method="get" action="<?php
function logUser($uid, $act, $prefix = "")
{
global $HTTP_USER_AGENT, $REMOTE_ADDR, $userlogpath;
$result = sqlquery("SELECT login FROM user WHERE uid='{$uid}'");
if ($result && ($result = sqlfetch($result))) {
$login = $result["login"];
$filename = $userlogpath . "/" . $login . ".log";
$file = fopen($filename, "a");
if ($file) {
fwrite($file, ($prefix != "" ? $prefix . " " : "") . date("Y/m/d H:i:s") . " {$uid}:{$login}:{$HTTP_USER_AGENT}:{$REMOTE_ADDR} {$act}\n");
fclose($file);
}
} else {
$filename = $userlogpath . "/unreferenced_user.log";
$file = fopen($filename, "a");
if ($file) {
fwrite($file, date("Y/m/d H:i:s") . " {$uid}:<unknown login>:{$HTTP_USER_AGENT}:{$REMOTE_ADDR} {$act}\n");
fclose($file);
}
}
/*
$result = sqlquery("SELECT http_agent, remote_address, act FROM user_log WHERE uid='$uid' ORDER BY log_date DESC LIMIT 1");
if (!$result || !($arr=mysql_fetch_array($result)) || $arr["http_agent"]!=$HTTP_USER_AGENT || $arr["remote_address"]!=$REMOTE_ADDR || $arr["act"]!=$act)
{
sqlquery("INSERT INTO user_log SET uid='$uid', http_agent='$HTTP_USER_AGENT', remote_address='$REMOTE_ADDR', log_date=NOW(), act='$act'");
}
*/
}
function _local_bigtree_update_102()
{
sqlquery("ALTER TABLE bigtree_field_types ADD COLUMN `use_cases` TEXT NOT NULL AFTER `name`");
sqlquery("ALTER TABLE bigtree_field_types ADD COLUMN `self_draw` CHAR(2) NULL AFTER `use_cases`");
$q = sqlquery("SELECT * FROM bigtree_field_types");
while ($f = sqlfetch($q)) {
$use_cases = sqlescape(json_encode(array("templates" => $f["pages"], "modules" => $f["modules"], "callouts" => $f["callouts"], "settings" => $f["settings"])));
sqlquery("UPDATE bigtree_field_types SET use_cases = '{$use_cases}' WHERE id = '" . sqlescape($f["id"]) . "'");
}
sqlquery("ALTER TABLE bigtree_field_types DROP `pages`, DROP `modules`, DROP `callouts`, DROP `settings`");
}
$numLines = ($numRes - $numRows - 2) / $numRows;
next($arr);
for ($i = 0; $i < $numRows; ++$i) {
$vars[] = current($arr);
next($arr);
}
unset($shards);
for ($i = 0; $i < $numLines; ++$i) {
unset($l);
foreach ($vars as $var) {
$l[$var] = current($arr);
next($arr);
}
$sql_query = "SELECT * FROM server WHERE name='" . $l['server'] . "'";
$sql_res = sqlquery($sql_query);
if ($sql_res && ($sql_arr = sqlfetch($sql_res))) {
$l['address'] = $sql_arr['address'];
}
$availableLAS[] = $l;
}
}
/*
echo "<pre>";
print_r($availableLAS);
echo "</pre>";
*/
importParam('exec_query');
importParam('refresh_result');
importParam('query');
importParam('query_id');
importParam('page');
static function getTableSelectOptions($default = false)
{
global $bigtree;
$q = sqlquery("SHOW TABLES");
while ($f = sqlfetch($q)) {
$tname = $f["Tables_in_" . $bigtree["config"]["db"]["name"]];
if (isset($bigtree["config"]["show_all_tables_in_dropdowns"]) || substr($tname, 0, 8) !== "bigtree_" || $tname == $default) {
if ($default == $f["Tables_in_" . $bigtree["config"]["db"]["name"]]) {
echo '<option selected="selected">' . $f["Tables_in_" . $bigtree["config"]["db"]["name"]] . '</option>';
} else {
echo '<option>' . $f["Tables_in_" . $bigtree["config"]["db"]["name"]] . '</option>';
}
}
}
}
function updatePageParent($page, $parent)
{
$page = sqlescape($page);
$parent = sqlescape($parent);
if ($this->Level < 1) {
$this->stop("You are not allowed to move pages.");
}
// Get the existing path so we can create a route history
$current = sqlfetch(sqlquery("SELECT in_nav,path FROM bigtree_pages WHERE id = '{$page}'"));
$old_path = sqlescape($current["path"]);
// If the current user isn't a developer and is moving the page to top level, set it to not be visible
$in_nav = $current["in_nav"] ? "on" : "";
if ($this->Level < 2 && $parent == 0) {
$in_nav = "";
}
sqlquery("UPDATE bigtree_pages SET in_nav = '{$in_nav}', parent = '{$parent}' WHERE id = '{$page}'");
$path = sqlescape($this->getFullNavigationPath($page));
// Set the route history
sqlquery("DELETE FROM bigtree_route_history WHERE old_route = '{$path}' OR old_route = '{$old_path}'");
sqlquery("INSERT INTO bigtree_route_history (`old_route`,`new_route`) VALUES ('{$old_path}','{$path}')");
// Update the page with its new path.
sqlquery("UPDATE bigtree_pages SET path = '{$path}' WHERE id = '{$page}'");
// Update the paths of any child pages.
$this->updateChildPagePaths($page);
$this->track("bigtree_pages", $page, "moved");
}
?>
/<?php
}
?>
</link>
<description><?php
echo $feed["description"];
?>
</description>
<language>en-us</language>
<generator>BigTree CMS (http://www.bigtreecms.org)</generator>
<?php
$sort = $feed["options"]["sort"] ? $feed["options"]["sort"] : "id DESC";
$limit = $feed["options"]["limit"] ? $feed["options"]["limit"] : "15";
$q = sqlquery("SELECT * FROM `" . $feed["table"] . "` ORDER BY {$sort} LIMIT {$limit}");
while ($item = sqlfetch($q)) {
foreach ($item as $key => $val) {
if (is_array(json_decode($val, true))) {
$item[$key] = BigTree::untranslateArray(json_decode($val, true));
} else {
$item[$key] = $cms->replaceInternalPageLinks($val);
}
}
if ($feed["options"]["link_gen"]) {
$link = $feed["options"]["link_gen"];
foreach ($item as $key => $val) {
$link = str_replace("{" . $key . "}", $val, $link);
}
} else {
$link = $item[$feed["options"]["link"]];
}
if ($_POST['tos']!='accept') {
require_once 'layout-headerlg.php';
echo "You must accept the <a href='tos.php'>Terms of Service</a> in order to register.<br><br><a href='register.php'>Go Back</a>";
require_once 'layout-footerlg.php';
die();
}
*/
$salt = mcrypt_create_iv(23, MCRYPT_DEV_URANDOM);
//create salt
$rstr = mcrypt_create_iv(23, MCRYPT_DEV_URANDOM);
$reg = array("username" => $mysqli->real_escape_string($_POST['username']), "email" => $mysqli->real_escape_string($_POST['email']), "password" => $mysqli->real_escape_string($_POST['password']), "rkey" => sha1($mysqli->real_escape_string($_POST['username']) . date('zjDygs') . $rstr));
//check if already exists
$ireg;
$ireg['1'] = sqlex('auth', 'email', 'username', $reg['username']);
$ireg['2'] = sqlex('auth', 'username', 'email', $reg['email']);
$ireg['3'] = sqlfetch('auth', 'valid', 'email', $reg['email']);
if (($ireg['1'] == true || $ireg['2'] == true) && $ireg['3'] == 1) {
require_once 'layout-headerlg.php';
echo "Username/email already in use. <br><br><a href='register.php'>Go Back</a>";
require_once 'layout-footerlg.php';
die;
//prevent user from registering
}
$opts = array('cost' => 10, 'salt' => $salt);
$hashed = password_hash($reg['password'], PASSWORD_BCRYPT, $opts);
$reg['password'] = $hashed;
if ($regtype == "free") {
$active = "1";
} else {
$active = "0";
}
echo "<br><b>Can't display table {$tid}</b><br>\n";
} else {
echo "<table cellpadding=0 cellspacing=0><tr valign=top><td>\n";
$result = mysql_fetch_array($result);
$viewName = $result["name"];
$viewFilter = $result["filter"];
$viewDisplay = $result["display"];
$viewAutoDisplay = $result["auto_display"];
$viewRefreshRate = $result["refresh_rate"];
$ownView = $result["uid"] == $uid;
echo "<table border=1>\n";
echo "<tr><form method=post action='" . $_SERVER['PHP_SELF'] . "?sel_vgid={$sel_vgid}&tid={$tid}'><td colspan=3><b>Content of " . ($ownView ? "<input name=chViewName value='{$viewName}' size=32 maxlength=32>" : $viewName) . "</b></td></form>";
if ($ownView && ($admlogin == "root" || $admlogin == $group || $IsNevrax)) {
echo "<form method=post action='" . $_SERVER['PHP_SEL'] . "?sel_vgid={$sel_vgid}&tid={$tid}'><td colspan=4>Give view to <select name='giveTo' onChange='submit()'>";
$gresult = sqlquery("SELECT uid, login FROM user ORDER BY login");
while ($gresult && ($garr = sqlfetch($gresult))) {
echo "<option value='" . $garr["uid"] . "'" . ($uid == $garr["uid"] ? " selected" : "") . ">" . $garr["login"];
}
echo "</select>";
} else {
echo "<td colspan=3>";
}
echo "</td></tr>";
$result = sqlquery("SELECT view_row.name AS name, view_row.vid AS vid, view_row.ordering AS ordering, path, view_row.filter AS filter, graph " . "FROM view_table, view_row, variable " . "WHERE variable.command='variable' AND view_table.uid='{$uid}' AND view_table.tid='{$tid}' AND view_table.tid=view_row.tid AND " . "view_row.vid=variable.vid ORDER BY ordering");
if (!$result) {
die("rows select failed !");
}
unset($rows);
echo "<tr><th>Index</th><th><b>Variable</b></th><th>Path</th><th>Privilege</th><th>Filter</th><th>Graph</th><th>Commands</th></tr>\n";
while ($arr = mysql_fetch_array($result)) {
$vid = $arr["vid"];
function _local_bigtree_update_200()
{
global $cms, $admin;
// Drop unused comments column
sqlquery("ALTER TABLE bigtree_pending_changes DROP COLUMN `comments`");
// Add extension columns
sqlquery("ALTER TABLE bigtree_callouts ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_callouts ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
sqlquery("ALTER TABLE bigtree_feeds ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_feeds ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
sqlquery("ALTER TABLE bigtree_field_types ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_field_types ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
sqlquery("ALTER TABLE bigtree_modules ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_modules ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
sqlquery("ALTER TABLE bigtree_module_groups ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_module_groups ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
sqlquery("ALTER TABLE bigtree_settings ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_settings ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
sqlquery("ALTER TABLE bigtree_templates ADD COLUMN `extension` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_templates ADD FOREIGN KEY (extension) REFERENCES `bigtree_extensions` (id) ON DELETE CASCADE");
// New publish_hook column, consolidate other hooks into one column
sqlquery("ALTER TABLE bigtree_pending_changes ADD COLUMN `publish_hook` VARCHAR(255)");
sqlquery("ALTER TABLE bigtree_module_forms ADD COLUMN `hooks` TEXT");
sqlquery("ALTER TABLE bigtree_module_embeds ADD COLUMN `hooks` TEXT");
$q = sqlquery("SELECT * FROM bigtree_module_forms");
while ($f = sqlfetch($q)) {
$hooks = array();
$hooks["pre"] = $f["preprocess"];
$hooks["post"] = $f["callback"];
$hooks["publish"] = "";
sqlquery("UPDATE bigtree_module_forms SET hooks = '" . BigTree::json($hooks, true) . "' WHERE id = '" . $f["id"] . "'");
}
$q = sqlquery("SELECT * FROM bigtree_module_embeds");
while ($f = sqlfetch($q)) {
$hooks = array();
$hooks["pre"] = $f["preprocess"];
$hooks["post"] = $f["callback"];
$hooks["publish"] = "";
sqlquery("UPDATE bigtree_module_embeds SET hooks = '" . BigTree::json($hooks, true) . "' WHERE id = '" . $f["id"] . "'");
}
sqlquery("ALTER TABLE bigtree_module_forms DROP COLUMN `preprocess`");
sqlquery("ALTER TABLE bigtree_module_forms DROP COLUMN `callback`");
sqlquery("ALTER TABLE bigtree_module_embeds DROP COLUMN `preprocess`");
sqlquery("ALTER TABLE bigtree_module_embeds DROP COLUMN `callback`");
// Adjust groups/callouts for multi-support -- first we drop the foreign key
$table_desc = BigTree::describeTable("bigtree_callouts");
foreach ($table_desc["foreign_keys"] as $name => $definition) {
if ($definition["local_columns"][0] === "group") {
sqlquery("ALTER TABLE bigtree_callouts DROP FOREIGN KEY `{$name}`");
}
}
// Add the field to the groups
sqlquery("ALTER TABLE bigtree_callout_groups ADD COLUMN `callouts` TEXT AFTER `name`");
// Find all the callouts in each group
$q = sqlquery("SELECT * FROM bigtree_callout_groups");
while ($f = sqlfetch($q)) {
$callouts = array();
$qq = sqlquery("SELECT * FROM bigtree_callouts WHERE `group` = '" . $f["id"] . "' ORDER BY position DESC, id ASC");
while ($ff = sqlfetch($qq)) {
$callouts[] = $ff["id"];
}
sqlquery("UPDATE bigtree_callout_groups SET `callouts` = '" . BigTree::json($callouts, true) . "' WHERE id = '" . $f["id"] . "'");
}
// Drop the group column
sqlquery("ALTER TABLE bigtree_callouts DROP COLUMN `group`");
// Security policy setting
sqlquery("INSERT INTO `bigtree_settings` (`id`,`value`,`system`) VALUES ('bigtree-internal-security-policy','{}','on')");
sqlquery("CREATE TABLE `bigtree_login_attempts` (`id` int(11) unsigned NOT NULL AUTO_INCREMENT, `ip` int(11) DEFAULT NULL, `user` int(11) DEFAULT NULL, `timestamp` timestamp NULL DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=utf8");
sqlquery("CREATE TABLE `bigtree_login_bans` (`id` int(11) unsigned NOT NULL AUTO_INCREMENT, `ip` int(11) DEFAULT NULL, `user` int(11) DEFAULT NULL, `created` timestamp NULL DEFAULT CURRENT_TIMESTAMP, `expires` datetime DEFAULT NULL, PRIMARY KEY (`id`)) ENGINE=InnoDB DEFAULT CHARSET=utf8");
// Media settings
sqlquery("INSERT INTO `bigtree_settings` (`id`,`value`,`system`) VALUES ('bigtree-internal-media-settings','{}','on')");
// New field types
@unlink(SERVER_ROOT . "cache/bigtree-form-field-types.json");
// Setup an anonymous function for converting a resource set
$resource_converter = function ($resources) {
$new_resources = array();
foreach ($resources as $item) {
// Array of Items no longer exists, switching to Matrix
if ($item["type"] == "array") {
$item["type"] = "matrix";
$item["columns"] = array();
$x = 0;
foreach ($item["fields"] as $field) {
$x++;
$item["columns"][] = array("id" => $field["key"], "type" => $field["type"], "title" => $field["title"], "display_title" => $x == 1 ? "on" : "");
}
unset($item["fields"]);
}
$r = array("id" => $item["id"], "type" => $item["type"], "title" => $item["title"], "subtitle" => $item["subtitle"], "options" => array());
foreach ($item as $key => $val) {
if ($key != "id" && $key != "title" && $key != "subtitle" && $key != "type") {
$r["options"][$key] = $val;
}
}
$new_resources[] = $r;
}
return BigTree::json($new_resources, true);
};
$field_converter = function ($fields) {
$new_fields = array();
foreach ($fields as $id => $field) {
// Array of Items no longer exists, switching to Matrix
if ($field["type"] == "array") {
$field["type"] = "matrix";
$field["columns"] = array();
$x = 0;
foreach ($field["fields"] as $subfield) {
$x++;
$field["columns"][] = array("id" => $subfield["key"], "type" => $subfield["type"], "title" => $subfield["title"], "display_title" => $x == 1 ? "on" : "");
}
unset($field["fields"]);
}
$r = array("column" => $id, "type" => $field["type"], "title" => $field["title"], "subtitle" => $field["subtitle"], "options" => array());
foreach ($field as $key => $val) {
if ($key != "id" && $key != "title" && $key != "subtitle" && $key != "type") {
$r["options"][$key] = $val;
}
}
$new_fields[] = $r;
}
return $new_fields;
};
// New resource format to be less restrictive on option names
$q = sqlquery("SELECT * FROM bigtree_callouts");
while ($f = sqlfetch($q)) {
$resources = $resource_converter(json_decode($f["resources"], true));
sqlquery("UPDATE bigtree_callouts SET resources = '{$resources}' WHERE id = '" . $f["id"] . "'");
}
$q = sqlquery("SELECT * FROM bigtree_templates");
while ($f = sqlfetch($q)) {
$resources = $resource_converter(json_decode($f["resources"], true));
sqlquery("UPDATE bigtree_templates SET resources = '{$resources}' WHERE id = '" . $f["id"] . "'");
}
// Forms and Embedded Forms
$q = sqlquery("SELECT * FROM bigtree_module_forms");
while ($f = sqlfetch($q)) {
$fields = $field_converter(json_decode($f["fields"], true));
sqlquery("UPDATE bigtree_module_forms SET fields = '" . BigTree::json($fields, true) . "' WHERE id = '" . $f["id"] . "'");
}
$q = sqlquery("SELECT * FROM bigtree_module_embeds");
while ($f = sqlfetch($q)) {
$fields = $field_converter(json_decode($f["fields"], true));
sqlquery("UPDATE bigtree_module_embeds SET fields = '" . BigTree::json($fields, true) . "' WHERE id = '" . $f["id"] . "'");
}
// Settings
$q = sqlquery("SELECT * FROM bigtree_settings WHERE type = 'array'");
while ($f = sqlfetch($q)) {
// Update settings options to turn array into matrix
$options = json_decode($f["options"], true);
$options["columns"] = array();
$x = 0;
foreach ($options["fields"] as $field) {
$x++;
$options["columns"][] = array("id" => $field["key"], "type" => $field["type"], "title" => $field["title"], "display_title" => $x == 1 ? "on" : "");
if ($x == 1) {
$display_key = $field["key"];
}
}
unset($options["fields"]);
// Update the value to set an internal title key
$value = BigTreeCMS::getSetting($f["id"]);
foreach ($value as &$entry) {
$entry["__internal-title"] = $entry[$display_key];
}
unset($entry);
// Update type/options
sqlquery("UPDATE bigtree_settings SET type = 'matrix', options = '" . BigTree::json($options, true) . "' WHERE id = '" . $f["id"] . "'");
// Update value separately
BigTreeAdmin::updateSettingValue($f["id"], $value);
}
}
if (BigTree::tableExists($gbp["other_table"])) {
$categories = array();
$ot = sqlescape($gbp["other_table"]);
$tf = sqlescape($gbp["title_field"]);
if ($tf && $ot) {
$q = sqlquery("SELECT id,`{$tf}` FROM `{$ot}` ORDER BY `{$tf}` ASC");
?>
<ul class="depth_2"<?php
if ($closed) {
?>
style="display: none;"<?php
}
?>
>
<?php
while ($c = sqlfetch($q)) {
?>
<li>
<span class="depth"></span>
<a class="permission_label permission_label_wider disabled" href="#"><?php
echo $gbp["name"];
?>
: <?php
echo $c[$tf];
?>
</a>
<span class="permission_level"><input type="radio" data-category="ModuleGBP" data-key="<?php
echo $m["id"];
?>
" data-sub-key="<?php
echo $c["id"];
$db_error = true;
} else {
$q = sqlquery("SELECT `id`,`{$list_title}` FROM `{$list_table}` ORDER BY {$list_sort}");
// Check if we're doing module based permissions on this table.
if ($bigtree["module"] && $bigtree["module"]["gbp"]["enabled"] && $form["table"] == $bigtree["module"]["gbp"]["table"] && $key == $bigtree["module"]["gbp"]["group_field"]) {
$is_group_based_perm = true;
while ($f = sqlfetch($q)) {
// Find out whether the logged in user can access a given group, and if so, specify the access level.
$access_level = $admin->canAccessGroup($bigtree["module"], $f["id"]);
if ($access_level) {
$list[] = array("value" => $f["id"], "description" => $f[$list_title], "access_level" => $access_level);
}
}
// We're not doing module group based permissions, get a regular list.
} else {
while ($f = sqlfetch($q)) {
$list[] = array("value" => $f["id"], "description" => $f[$list_title]);
}
}
}
// State List
} elseif ($field["options"]["list_type"] == "state") {
foreach (BigTree::$StateList as $a => $s) {
$list[] = array("value" => $a, "description" => $s);
}
// Country List
} elseif ($field["options"]["list_type"] == "country") {
foreach (BigTree::$CountryList as $c) {
$list[] = array("value" => $c, "description" => $c);
}
// Static List
$query = "SELECT `rurl`,`lkey` FROM `redirinfo` WHERE baseval='{$val}'";
}
$result = $mysqli->query($query) or showerror();
$row = mysqli_fetch_assoc($result);
if (!isset($row['rurl']) || strlen($row['rurl']) < 1) {
header("Location: 404.php", true, 302);
die;
}
if (strtolower($row['rurl']) == "disabled") {
require_once 'layout-headerlg.php';
echo "<h2>The link you are trying to reach has been disabled.</h2><br>" . "Sorry for the inconvienience.";
require_once 'layout-footerlg.php';
die;
}
$lkey = @$row['lkey'];
if (strlen($lkey) > 1) {
// check for key
$sent_lkey = isset($_GET[$lkey]);
if ($sent_lkey) {
// correct key
} else {
require_once 'layout-headerlg.php';
echo "Incorrect Key. (http://{$wsa}/abc?keyhere)";
require_once 'layout-footerlg.php';
die;
}
}
header("Location: {$row['rurl']}", true, 301);
$oldclicks = sqlfetch("redirinfo", "clicks", "baseval", $val);
$newclicks = $oldclicks + 1;
sqlrun("UPDATE redirinfo SET clicks='{$newclicks}' WHERE baseval='{$val}'");
function getTagsForItem($item)
{
if (!is_numeric($item)) {
$item = $item["id"];
}
$item = sqlescape($item);
$q = sqlquery("SELECT bigtree_tags.tag FROM bigtree_tags JOIN bigtree_tags_rel ON bigtree_tags.id = bigtree_tags_rel.tag WHERE bigtree_tags_rel.`table` = '" . sqlescape($this->Table) . "' AND bigtree_tags_rel.entry = '{$item}' ORDER BY bigtree_tags.tag");
$tags = array();
while ($f = sqlfetch($q)) {
$tags[] = $f["tag"];
}
return $tags;
}
protected static function syncData($query, $service, $data)
{
if (is_array($data->Results)) {
// If we have results, let's find out what categories they need to be tagged to.
$categories = array();
$cq = sqlquery("SELECT * FROM btx_social_feed_query_categories WHERE `query` = '" . $query["id"] . "'");
while ($cf = sqlfetch($cq)) {
$categories[] = $cf["category"];
}
foreach ($data->Results as $r) {
$id = sqlescape($r->ID);
// Check for existing
$existing = sqlfetch(sqlquery("SELECT id FROM btx_social_feed_stream WHERE service = '{$service}' AND service_id = '{$id}'"));
if (!$existing) {
$data = sqlescape(json_encode($r));
if ($r->Timestamp) {
$date = sqlescape($r->Timestamp);
} elseif ($r->CreatedAt) {
$date = sqlescape($r->CreatedAt);
} elseif ($r->Dates->Posted) {
$date = sqlescape($r->Dates->Posted);
} else {
$date = date("Y-m-d H:i:s");
}
sqlquery("INSERT INTO btx_social_feed_stream (`date`,`service`,`service_id`,`data`,`approved`) VALUES ('{$date}','{$service}','{$id}','{$data}','" . self::$DefaultApprovedState . "')");
$existing["id"] = sqlid();
self::$ItemsToCache[] = array("id" => sqlid(), "date" => $date, "service" => $service, "service_id" => $id, "data" => json_encode($r), "approved" => self::$DefaultApprovedState);
}
// Tag to categories
foreach ($categories as $c) {
sqlquery("DELETE FROM btx_social_feed_stream_categories WHERE item = '" . $existing["id"] . "' AND category = '{$c}'");
sqlquery("INSERT INTO btx_social_feed_stream_categories (`item`,`category`) VALUES ('" . $existing["id"] . "','{$c}')");
}
// Tag to the query
sqlquery("DELETE FROM btx_social_feed_stream_queries WHERE `item` = '" . $existing["id"] . "' AND `query` = '" . $query["id"] . "'");
sqlquery("INSERT INTO btx_social_feed_stream_queries (`item`,`query`) VALUES ('" . $existing["id"] . "','" . $query["id"] . "')");
}
}
}
