// "$2a$" Means we're using the Blowfish algorithm. The following two digits are the cost parameter.
$salt = sprintf("\$2a\$%02d\$", $cost) . $salt;
// Hash the password with the salt
$hash = crypt($cleanedPost['create_user_password'], $salt);
$sql = "INSERT INTO admin (username, password, usertype) VALUES(?, ?, ?)";
$stmt = $db->prepare($sql);
$stmt->execute(array($cleanedPost['create_user_name'], $hash, $cleanedPost['create_user_usertype']));
$stmt->closeCursor();
header('Location:../admin.php');
exit;
} else {
if (isset($_GET['action']) && $_GET['action'] == 'project_delete') {
//check if logged in and logged in as admin or editor before deleting
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == 1) {
//instantiate the Project class
$blogpost = new Blogpost();
//Delete the post and return to the entry
if ($blogpost->deleteBlogpost($_GET['id'])) {
header('Location:../news.php');
exit;
} else {
exit('ERROR: Could not delete the project.');
}
exit;
} else {
exit('ERROR: You are not authorized to delete projects.');
}
} else {
if (isset($_GET['action']) && $_GET['action'] == 'event_delete') {
//check if logged in and logged in as admin or editor before deleting
if (isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == 1) {
public function insertpost()
{
$this->data['title'] = "Blog - Insert";
if (!$this->session->userdata('loggedin')) {
$messages = array();
$messages[] = 'Please <a href="' . base_url() . 'index.php/blog/login" title="Login">login</a> before attempting to create an entry.';
$this->session->set_userdata('errors', $messages);
redirect('/', 'view');
} else {
$post = new Blogpost();
$u = new Bloguser();
$u->get_by_username($this->session->userdata('username'));
if (!$u->exists()) {
$messages = array();
$messages[] = 'Something extremely wonky has happened. You appear to be logged in but your username could not be found. Please email me at Josh.Kehn@gmail.com to resolve this issue.';
$this->session->set_userdata('errors', $messages);
redirect('/', 'blog');
} else {
$post->user_id = $u->id;
$post->blog_id = $this->blog_id;
$post->title = htmlentities($this->input->post('title'));
$post->body = markdown($this->input->post('body'));
$post->markdown = $this->input->post('body');
//Process tags
$tmp = explode(' ', $this->input->post('tags'));
$tags = '';
foreach ($tmp as $tag) {
$tags .= str_replace(',', '', $tag) . ' ';
}
$post->tags = trim($tags);
$post->date = $this->input->post('date');
if ($post->save()) {
$messages = array();
$messages[] = 'Successfully inserted ' . $post->title . '.';
$this->session->set_userdata('success', $messages);
redirect('/blog/view/' . $post->id, 'blog');
} else {
$messages = array();
$messages[] = 'Error inserting post.';
$messages[] = $post->error->string;
$this->session->set_userdata('errors', $messages);
$this->data['post_title'] = $this->input->post('title');
$this->data['post_body'] = $this->input->post('body');
$this->load->view('insert_view', $this->data);
}
}
}
}
<?php
$this->benchmark->mark('start');
$p = new Blogpost();
$count = $p->count();
$p->get();
$taglist = array();
$tagcount = array();
$this->benchmark->mark('middle');
foreach ($p->all as $post) {
$tags = explode(' ', $post->tags);
foreach ($tags as $tag) {
if (!in_array($tag, $taglist)) {
$taglist[] = $tag;
}
if (isset($tagcount[$tag])) {
$tagcount[$tag]++;
} else {
$tagcount[$tag] = 1;
}
}
}
$this->benchmark->mark('end');
//echo $this->benchmark->elapsed_time('start', 'end') . ' ' . $this->benchmark->elapsed_time('start', 'middle') . ' ' . $this->benchmark->elapsed_time('middle', 'end');
echo '<div id="tagcloud">';
echo '<h4>Tag Cloud</h4>';
foreach ($taglist as $tag) {
echo '<a class="tag tag-' . $tagcount[$tag] . '" href="' . base_url() . 'index.php/blog/tagged/' . $tag . '/" title="View ' . $tagcount[$tag] . ' posts tagged ' . $tag . '">' . $tag . '</a> ';
}
echo '</div>';
function nation()
{
$this->pageTitle = 'BPONG Nation - Beer Pong Tournaments, Beer Pong Forums, Beer Pong Community | BPONG.COM.';
if (!class_exists("Pongtable")) {
App::import("Model", "Pongtable");
}
if (!class_exists("Image")) {
App::import("Model", "Image");
}
if (!class_exists("Forumtopic")) {
App::import("Model", "Forumtopic");
}
$objTable = new Pongtable();
$this->set("pongtable", $objTable->getRandomTable());
$objTopics = new Forumtopic();
/*
$objTopics->contain( array("User", "Lastpost" => array("User")) );
$lastTopics = $objTopics->find("all", array('conditions' => array(
'Forumtopic.deleted IS NULL'
)
, 'order' => 'Lastpost.id DESC'
, 'limit' => 10
, 'recursive' => 2));
*/
$this->set("forumtopics", $objTopics->getLastTopicsForNationPage());
/**
* getting blog content
*/
if (!class_exists("Blogpost")) {
App::import("Model", "Blogpost");
}
$bpObject = new Blogpost();
$post = $bpObject->find('first', array('recursive' => 0, 'order' => 'Blogpost.created DESC', 'conditions' => array("Blogpost.is_deleted ='0'")));
$this->set('blogPost', $post);
}
$eventVenue = "";
$eventVenueUrl = "";
$eventAddress = "";
$eventTicketLink = "";
$eventTicketsatdoor = "";
$eventFacebookUrl = "";
$eventCoverImage = "./img/default.jpg";
$eventPreview = "";
$eventBody = "";
$eventGalleryImages = NULL;
$editingEvent = false;
//check whether editing blogpost
if (isset($_GET['editingPost']) && isset($_GET['id'])) {
$editingPost = true;
$editedID = $_GET['id'];
$blogpost = new Blogpost(FALSE);
$blogpost->updateParameters($_GET['id']);
$postTitle = $blogpost->title;
$postTags = $blogpost->tagsOriginal;
$postSortdate = $blogpost->sortdateArray["day"] . "/" . $blogpost->sortdateArray["month"] . "/" . $blogpost->sortdateArray["year"];
$youtubeCover = $blogpost->youtubeCover;
$postCoverImage = $blogpost->coverimage != NULL ? "./img/medium/" . $blogpost->coverimage : $postCoverImage;
$postBody = $blogpost->body;
}
//check whether editing event
if (isset($_GET['editingEvent']) && isset($_GET['id'])) {
$editingEvent = true;
$editedID = $_GET['id'];
$event = new Event(FALSE);
$event->updateParameters($_GET['id']);
$eventTitle = $event->title;
//initialize session if none exists
if (session_id() == '' || !isset($_SESSION)) {
// session isn't started
session_start();
}
//how to render page?
$showAll = true;
//show all blogposts or just one
$blogpost = null;
//if we're showing only one blogpost, save it's instance in this variable
$postsPerPage = 5;
//posts to load per page - ajax will load this n° of posts eachtime you reach the bottom of the page
if (isset($_GET['id'])) {
$showAll = false;
//formatSinglePost();
$blogpost = new Blogpost(FALSE);
$blogpost->updateParameters($_GET['id']);
}
//check logged in
$loggedin = isset($_SESSION['loggedin']) && $_SESSION['loggedin'] == 1 ? TRUE : FALSE;
$isAdmin = isset($_SESSION['usertype']) && $_SESSION['usertype'] == "admin" ? TRUE : FALSE;
$errorVisibility = "none";
?>
<!doctype html>
<!--[if lt IE 7]> <html class="no-js lt-ie9 lt-ie8 lt-ie7" lang=""> <![endif]-->
<!--[if IE 7]> <html class="no-js lt-ie9 lt-ie8" lang=""> <![endif]-->
<!--[if IE 8]> <html class="no-js lt-ie9" lang=""> <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang=""> <!--<![endif]-->
<head>
/**
* Returns the data model based on the primary key given in the GET variable.
* If the data model is not found, an HTTP exception will be raised.
*/
public function loadModel()
{
if ($this->_model === null) {
if (isset($_GET['id'])) {
if (Yii::app()->user->isGuest) {
$condition = 'status=' . Blogpost::STATUS_PUBLISHED . ' OR status=' . Blogpost::STATUS_ARCHIVED;
} else {
$condition = '';
}
$this->_model = Blogpost::model()->findByPk($_GET['id'], $condition);
}
if ($this->_model === null) {
throw new CHttpException(404, 'The requested page does not exist.');
}
}
return $this->_model;
}
/**
* Print Latest newsItems
*
* @param int $offset
* @param int $numberOfPosts
* @return
*/
function retrievePostsWithTag($tag, $offset, $numberOfPosts)
{
include_once 'blogpost.inc.php';
include_once 'event.inc.php';
include_once 'db.inc.php';
//Open a database connection and store it
$db = new PDO(DB_INFO, DB_USER, DB_PASS);
//initialize array to store retrieved ids
$results = array();
//search blogposts
$sql = "SELECT id, sortdate, created\n\t\t\tFROM blogposts \n\t\t\tWHERE tags LIKE '%" . $tag . "%'";
//LIMIT ".$numberOfPosts . " OFFSET " . $offset;
$stmt = $db->prepare($sql);
$stmt->execute();
//add results to results array
while ($row = $stmt->fetch()) {
array_push($results, array("id" => $row['id'], "created" => $row['created'], "sortdate" => $row['sortdate'], "posttype" => "blogpost"));
flush();
}
$stmt->closeCursor();
//search events
$sql = "SELECT id, sortdate, created\n\t\t\tFROM events \n\t\t\tWHERE tags LIKE '%" . $tag . "%'";
//LIMIT ".$numberOfPosts . " OFFSET " . $offset;
$stmt = $db->prepare($sql);
$stmt->execute();
//add results to results array
while ($row = $stmt->fetch()) {
array_push($results, array("id" => $row['id'], "created" => $row['created'], "sortdate" => $row['sortdate'], "posttype" => "event"));
flush();
}
$stmt->closeCursor();
//if we found results, print them
if (count($results) > 0) {
//sort the results array by sortdate and created
foreach ($results as $key => $row) {
// Obtain a list of columns
$sortdate[$key] = $row['sortdate'];
$created[$key] = $row['created'];
}
array_multisort($sortdate, SORT_DESC, $created, SORT_DESC, $results);
//echo posts
foreach ($results as $result) {
switch ($result['posttype']) {
case 'blogpost':
$blogpost = new Blogpost(FALSE);
$blogpost->updateParameters($result['id']);
echo $blogpost->formatNewspage();
flush();
break;
case 'event':
$event = new Event(FALSE);
$event->updateParameters($result['id']);
echo $event->formatEventpage();
flush();
break;
}
}
} else {
echo "<h4>Sorry, we found no news articles or events with this tag</h4><br>\n\t\t<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><!-- sorry, I was lazy -->";
}
}
