public function install()
{
if (empty($_REQUEST['db_ip'])) {
$this->error('请求安装错误');
}
//创建config文件
$content = '<?php //数据库配置文件' . '
$db_conf' . " = array(\n 'DB_HOST' => '" . $_REQUEST['db_ip'] . "',\n 'DB_NAME' => '" . $_REQUEST['db_name'] . "',\n 'DB_USER' => '" . $_REQUEST['db_username'] . "',\n 'DB_PASSWORD' => '" . $_REQUEST['db_password'] . "',\n 'DB_PREFIX' => '" . $_REQUEST['db_ip'] . "',\n 'ADMIN_NAME' => '" . $_REQUEST['admin_name'] . "',\n 'ADMIN_PASSWORD'=> '" . $_REQUEST['admin_password'] . "',\n );";
$result = D('File')->createFile('Conf/config.db.php', $content);
if ($result) {
//创建数据库文件
$mysql = new Mysql();
if (!$mysql->selectDb(C('DB_NAME'))) {
$mysql->createDb(C('DB_NAME'));
//todo应该判断一下是否创建成功
$mysql->selectDb(C('DB_NAME'));
}
$mysql->query('CREATE TABLE tc_tmp(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,count int )');
$mysql->query('CREATE TABLE tc_user(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,username varchar(15),password varchar(50),cookie varchar(300))');
$mysql->query('CREATE TABLE tc_baiduinfo(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,tc_id varchar(15),baidu_id varchar(15),avastar varchar(200))');
$mysql->query('CREATE TABLE tc_tieba(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,username varchar(15),fid varchar(15),url varchar(190))');
$mysql->query('CREATE TABLE tc_conf(uid int NOT NULL AUTO_INCREMENT PRIMARY KEY,setting varchar(15))');
$mysql->query('set names utf8');
$mysql->query('INSERT INTO tc_user(uid,username,password) VALUES( 0 ,"' . $_POST['admin_name'] . '","' . md5($_POST['admin_password']) . '")');
$mysql->query('INSERT INTO tc_baiduinfo(tc_id) VALUES("' . $_POST['admin_name'] . '")');
$mysql->query('INSERT INTO tc_tmp(count) VALUES(0)');
$mysql->query('INSERT INTO tc_conf(setting) VALUES("1.5")');
$this->success('you have succeed to install TiebaCloud,enjoy!', U('User/login'));
} else {
$this->error('创建文件失败');
}
}
public function showstep()
{
if ($this->step == 0) {
//默认系统显示
include "templates/index.tpl";
}
if ($this->step == 1) {
//第一步安装,首先清空指定目录下的文件
$this->clearcontent('safe', true);
$this->clearcontent('caches', false);
$this->clearcontent('admin_safe_ims/logs', false);
$this->clearcontent('templates/templates_compile/', false);
include "templates/step1.tpl";
}
if ($this->step == 2) {
$host = trim($_POST["dhost"]);
$database = trim($_POST["dname"]);
$user = trim($_POST["duname"]);
$passwd = trim($_POST["dpasswd"]);
$prefix = trim($_POST["dprefix"]);
//往配置文件里写入数据库信息
$conffile = file_get_contents(MSGROOT . "config.simple.php");
$pattern = array("/(cfg\\[\"dbhost\"\\]=)([^;]+);/i", "/(cfg\\[\"dbuser\"\\]=)([^;]+);/i", "/(cfg\\[\"dbpassword\"\\]=)([^;]+);/i", "/(cfg\\[\"dbname\"\\]=)([^;]+);/i", "/(cfg\\[\"prefix\"\\]=)([^;]+);/i");
$replace = array("\$1 " . "\"" . $host . "\";", "\$1 " . "\"" . $user . "\";", "\$1 " . "\"" . $passwd . "\";", "\$1 " . "\"" . $database . "\";", "\$1 " . "\"" . $prefix . "\";");
$conffile = preg_replace($pattern, $replace, $conffile);
//创建数据库
$sql = trim(file_get_contents(MSGROOT . "install/install.sql"));
$sql_arr = explode("Create table ims_", $sql);
array_shift($sql_arr);
require MSGROOT . "include/db.class.php";
$mysql = new Mysql($host, $user, $passwd, $database, $prefix);
foreach ($sql_arr as $sql) {
$sql = "Create table ims_" . $sql;
$mysql->setQuery($sql);
$mysql->query();
}
$error1 = $mysql->get_error();
//获取要创建的用户名和密码
$admin = trim($_POST['uname']);
$name = trim($_POST['trname']);
$upasswd = sha1(trim($_POST['upasswd']));
$createuser = "******"{$admin}\",\"{$upasswd}\",1,\"{$name}\")";
$mysql->setQuery($createuser);
$mysql->query();
$error2 = $mysql->get_error();
if ($error1 > 0 || $error2 > 0) {
echo "安装过程中似乎哪里出错了,请检查或者手动编辑根目录下的config.simple.php并改名为config.php文件";
} else {
echo "系统安装成功,正在转向管理后台!";
//写入安装锁定文件
file_put_contents(MSGROOT . "install/install.lock", "If you want to reinstall the system,please remove this file!");
//写入新的配置文件
file_put_contents(MSGROOT . "config.php", $conffile);
echo "<script>setTimeout(function(){window.location.href=\"../admin_safe_ims/\";},1500);</script>";
}
}
}
/**
* Zeigt die Einträge an
*
* @param int $max_entries_pp Anzahl Einträge pro Seite
*/
private function _view($max_entries_pp)
{
//Daten definiere und initialisieren
$this->_tplfile = 'news.tpl';
$news_array = array();
//Seite herausfinden
if (isset($this->_gpc['GET']['page']) && is_numeric($this->_gpc['GET']['page']) && $this->_gpc['GET']['page'] > 0) {
$page = $this->_gpc['GET']['page'];
} else {
$page = 1;
}
//Daten holen
$news_array = $this->_msbox->getEntries($max_entries_pp, $page, 'DESC', 'ASC', $this->_timeformat);
$this->_mysql->query('SELECT COUNT(*) as many FROM `news` WHERE `news_ref_ID` = \'0\'');
$entries = $this->_mysql->fetcharray('num');
$pagesnav_array = Page::get_static_pagesnav_array($entries[0], $max_entries_pp, $this->_gpc['GET']);
$this->_smarty->assign('entrys', $entries[0]);
foreach ($news_array as $key => $value) {
//Nur news-Daten ohne $news_array['many'] abchecken
$news_array[$key]['news_content'] = $this->_smilie->show_smilie(nl2br(htmlentities($value['news_content'])), $this->_mysql);
foreach ($value['comments'] as $ckey => $cvalue) {
$news_array[$key]['comments'][$ckey]['news_content'] = $this->_smilie->show_smilie(nl2br(htmlentities($cvalue['news_content'])), $this->_mysql);
}
}
$this->_smarty->assign('newsarray', $news_array);
$this->_smarty->assign('pages', $pagesnav_array);
}
function login()
{
require 'Conn/Redirect.php';
$redirect = new Redirect();
if (isset($_POST["name"]) && isset($_POST["pwd"])) {
$name = $_POST["name"];
$pwd = md5($_POST["pwd"]);
require_once 'Conn/Mysql.php';
$mysql = new Mysql();
$mysql->query("select * from users where name ='{$name}';");
$row = $mysql->get_object();
if (isset($row)) {
if ($row->pwd == $pwd) {
session_start();
$_SESSION['user'] = $name;
$redirect->go('index.php');
} else {
$error = "密码错误!";
$redirect->go('index.php?page=login');
}
} else {
$error = "用户名不存在!";
$redirect->go('index.php?page=login');
}
} else {
$error = "用户名或密码不能为空!";
$redirect->go('index.php?page=login');
}
}
/**
* Zeigt die Einträge an
*
* @param int $max_entries_pp Anzahl Einträge pro Seite
*/
private function _view($max_entries_pp)
{
$this->_tplfile = 'gbook.tpl';
$gbook_array = array();
if (isset($this->_gpc['GET']['page']) && is_numeric($this->_gpc['GET']['page']) && $this->_gpc['GET']['page'] > 0) {
$page = $this->_gpc['GET']['page'];
} else {
$page = 1;
}
$gbook_array = $this->_msbox->getEntries($max_entries_pp, $page, 'DESC', 'ASC', $this->_timeformat);
$this->_mysql->query('SELECT COUNT(*) as many FROM `gbook` WHERE `gbook_ref_ID` = \'0\'');
$entries = $this->_mysql->fetcharray('num');
$this->_mysql->query('SELECT COUNT(*) as many FROM `gbook` WHERE `gbook_ref_ID` != \'0\'');
$comments = $this->_mysql->fetcharray('num');
$pagesnav_array = Page::get_static_pagesnav_array($entries[0], $max_entries_pp, $this->_gpc['GET']);
//Inhalt parsen (Smilies) und an Smarty-Array übergeben
foreach ($gbook_array as $key => $value) {
$gbook_array[$key] = array('ID' => $value['gbook_ID'], 'title' => htmlentities($value['gbook_title']), 'content' => $this->_smilie->show_smilie(htmlentities($value['gbook_content']), $this->_mysql), 'name' => htmlentities($value['gbook_name']), 'time' => $value['gbook_time'], 'email' => htmlentities($value['gbook_email']), 'hp' => htmlentities($value['gbook_hp']), 'number_of_comments' => $value['number_of_comments']);
$count = 0;
//Kommentare durchackern
foreach ($value['comments'] as $ckey => $cvalue) {
$gbook_array[$key]['comments'][$ckey] = array('ID' => $cvalue['gbook_ID'], 'title' => htmlentities($cvalue['gbook_title']), 'content' => $this->_smilie->show_smilie(htmlentities($cvalue['gbook_content']), $this->_mysql), 'name' => htmlentities($cvalue['gbook_name']), 'time' => $cvalue['gbook_time'], 'email' => htmlentities($cvalue['gbook_email']), 'hp' => htmlentities($cvalue['gbook_hp']));
$count++;
}
}
$this->_smarty->assign('gbook', $gbook_array);
$this->_smarty->assign('pages', $pagesnav_array);
$this->_smarty->assign('entries', $entries[0]);
$this->_smarty->assign('comments', $comments[0]);
}
/**
* Liefert der Path der Kategorien aus von der angegebenen Kategorie bis zur Hauptseite.
* Das zurückgelieferte Array sieht etwa folgendermassen aus:
* array(0 => Hauptseite, 1 => Kategorie 1, 2 => Kategorie 1.1, 3 => ...)
*
* @param int $cat_ID KategorieID der untersten Kategorie
* @param bool[optional] $inc_catID Gibt an, ob die Kategorie mit ID = $cat_ID auch in der Wurzel vorkommen soll
* @param bool[optional] $inc_hs Gibt an, ob der Eintrag 'Hauptseite' auch in der Wurzel vorkommen soll
* @return array $root_array Path der Kategorien.
*/
private function _getRoot($cat_ID, $inc_catID = false, $inc_hs = true)
{
/* Wurzel auslesen */
$tmp_arr = array();
if ($inc_catID == false) {
$this->_mysql->query("SELECT `ref_ID` FROM `gallery_categories` WHERE `ID` = '{$cat_ID}' LIMIT 1");
$data = $this->_mysql->fetcharray('assoc');
$tmp_ID = $data['ref_ID'];
} else {
$tmp_ID = $cat_ID;
}
for ($i = 0; $tmp_ID != 0; $i++) {
$this->_mysql->query("SELECT `ID`,`ref_ID`,`name` FROM `gallery_categories` WHERE `ID` = '{$tmp_ID}' LIMIT 1");
$tmp_arr[$i] = $this->_mysql->fetcharray('assoc');
$tmp_ID = $tmp_arr[$i]['ref_ID'];
}
if ($inc_hs == true) {
/*Hauptseite noch einfügen*/
$this->_smarty->config_load('textes.de.conf', 'Gallery');
$gallery_textes = $this->_smarty->get_config_vars();
$tmp_arr[++$i] = array('ID' => '0', 'name' => $gallery_textes['mainsite']);
return array_reverse($tmp_arr);
} else {
return null;
}
}
/**
* Sendet das Formular zum Eintragen der Nachricht. Je nach Parameter werden Standartwerte oder POST-Daten an
* das Formular weitergegeben.
*
* @param boolean $first_form
* @param string $error
*/
private function _send_entryform($first_form = true, $error = null)
{
$this->_tpl_file = "mailform.tpl";
/* Daten ermitteln */
if ($first_form == false) {
/* Daten aus Post-Array */
$data = array('entry_id' => $this->_gpc['POST']['entry_id'], 'entry_title' => $this->_gpc['POST']['title'], 'entry_content' => $this->_gpc['POST']['content'], 'entry_name' => $this->_gpc['POST']['name'], 'entry_email' => $this->_gpc['POST']['email'], 'sessioncode' => $this->_sessioncode);
} else {
/* Standard-Einträge */
$mail_vars = $this->_configvars['Mail'];
$data = array('entry_id' => $this->_gpc['GET']['entry_id'], 'entry_title' => $mail_vars['entry_title'], 'entry_content' => $mail_vars['entry_content'], 'entry_name' => $mail_vars['entry_name'], 'entry_email' => $mail_vars['entry_email'], 'sessioncode' => $this->_sessioncode);
}
/* Error-Einträge */
if (isset($error)) {
$data['dump_errors'] = true;
$data['error_title'] = $this->_configvars['Form_Error']['error_in_form'];
$data['error_contents'] = $error;
}
$hash = $this->_captcha->get_pic(4);
$data['captcha_img'] = $hash;
$this->_mysql->query("SELECT `{$this->mail_tbl['column_name']}` FROM `{$this->mail_tbl['table']}` WHERE `{$this->mail_tbl['column_ID']}` = '{$data['entry_id']}' LIMIT 1");
$member_array = $this->_mysql->fetcharray();
$data['reciver_name'] = $member_array[$this->mail_tbl['column_name']];
$this->_smarty->assign($data);
}
/**
* Zeigt die Einträge an
*
* @param int $max_entries_pp Anzahl Einträge pro Seite
*/
private function _view($max_entries_pp)
{
//Datei definieren und initalisieren
$this->_tplfile = 'news.tpl';
$news_array = array();
//Seite herausfinden
if (isset($this->_gpc['GET']['page']) && is_numeric($this->_gpc['GET']['page']) && $this->_gpc['GET']['page'] > 0) {
$page = $this->_gpc['GET']['page'];
} else {
$page = 1;
}
//Daten hollen
$news_array = $this->_msbox->getEntries($max_entries_pp, $page, 'DESC', 'ASC', $this->_timeformat);
$this->_mysql->query('SELECT COUNT(*) as many FROM `news` WHERE `news_ref_ID` = \'0\'');
$entries = $this->_mysql->fetcharray('num');
$pagesnav_array = Page::get_static_pagesnav_array($entries[0], $max_entries_pp, $this->_gpc['GET']);
//Inhalt parsen (Smilies) und an Smarty-Array übergeben
foreach ($news_array as $key => $value) {
$news_array[$key] = array('ID' => $value['news_ID'], 'title' => htmlentities($value['news_title']), 'content' => $this->_smilie->show_smilie(nl2br(htmlentities($value['news_content'])), $this->_mysql), 'name' => htmlentities($value['news_name']), 'time' => $value['news_time'], 'email' => htmlentities($value['news_email']), 'hp' => htmlentities($value['news_hp']), 'number_of_comments' => $value['number_of_comments']);
$count = 0;
//Kommentare durchackern
foreach ($value['comments'] as $ckey => $cvalue) {
$news_array[$key]['comments'][$ckey] = array('ID' => $cvalue['news_ID'], 'title' => htmlentities($cvalue['news_title']), 'content' => $this->_smilie->show_smilie(nl2br(htmlentities($cvalue['news_content'])), $this->_mysql), 'name' => htmlentities($cvalue['news_name']), 'time' => $cvalue['news_time'], 'email' => htmlentities($cvalue['news_email']), 'hp' => htmlentities($cvalue['news_hp']));
$count++;
}
}
$this->_smarty->assign('news', $news_array);
$this->_smarty->assign('pages', $pagesnav_array);
$this->_smarty->assign('entries', $entries[0]);
}
function index()
{
session_start();
if (!isset($_SESSION['user'])) {
require 'Conn/Redirect.php';
$redirect = new Redirect();
$redirect->go('index.php?page=login');
} else {
$index = isset($_GET['index']) ? $_GET['index'] : 0;
$start = $index * 10;
require_once 'Conn/Mysql.php';
$mysql = new Mysql();
$mysql->query("select name from users;");
$count = $mysql->get_count();
$mysql->query("select name from users limit {$start},10;");
$user = $_SESSION['user'];
require "View/Home.php";
}
}
private function _view()
{
$this->_tpl_file = "members.tpl";
$members = array();
$this->_mysql->query('Select members_ID, members_name, members_spitzname,
DATE_FORMAT(`members_birthday`, \'%W, %e.%m.%Y\') as members_birthday, members_song, members_hobby,
members_job, members_motto, members_FIDimage FROM `members`
ORDER BY `members`.`members_birthday` ASC Limit 0,30');
$this->_mysql->saverecords('assoc');
$members = $this->_mysql->get_records();
$this->_smarty->assign('members', $members);
}
public static function getClient($email, $password)
{
$mysql = new Mysql();
$response = $mysql->query("select * from client where email='{$email}' and password=PASSWORD('{$password}')");
$mysql->closeConnection();
if ($response == false) {
return false;
}
$response = mysql_fetch_assoc($response);
$client = new Client($response['name'], $response['surname'], $response['email'], $response['password']);
return $client;
}
public static function getProduct($barcode, $expiration)
{
$mysql = new Mysql();
$response = $mysql->query("select * from product where barcode='{$barcode}' and expiration='{$expiration}'");
if ($response == false) {
$mysql->closeConnection();
return false;
}
$response = mysql_fetch_assoc($response);
$product = new Product($response['barcode'], $response['saleType'], $response['name'], $response['buyPrice'], $response['salePrice'], $response['description'], $response['expiration'], $response['routeImage'], $response['stock']);
$mysql->closeConnection();
return $product;
}
function create()
{
require 'Conn/Redirect.php';
$redirect = new Redirect();
if (isset($_POST["name"]) && isset($_POST["pwd"]) && $_POST["pwd"] == $_POST["confirm"]) {
$name = $_POST["name"];
require_once 'Conn/Mysql.php';
$mysql = new Mysql();
$mysql->query("select * from users where name ='{$name}';");
$count = $mysql->get_count();
if (isset($count) && $count == 1) {
$error = "用户名已存在!";
require_once 'View/register.php';
} else {
$pwd = md5($_POST["pwd"]);
$mysql->query("insert into users (name,pwd,created) values ('{$name}','{$pwd}',NOW());");
session_start();
$_SESSION['user'] = $name;
$redirect->go('index.php');
}
} else {
$redirect->go('index.php?page=register');
}
}
public static function getArticlesByIssue($issue)
{
$mysql = new Mysql();
$mysql->connect(Config::$bd_servidor, Config::$bd_esquema, Config::$bd_usuario, Config::$bd_contrasena);
$query = "select pa.article_id article_id, fojsbus_articlesetting(pa.article_id,'title','es_ES') title\n from published_articles pa\n where pa.issue_id=" . $issue->getId() . ";";
$resultSet = $mysql->query($query);
$myArticles = array();
foreach ($mysql->fetchAll($resultSet) as $articleData) {
$article = new Article($issue, $articleData['article_id'], $articleData['title']);
$myArticles[] = $article;
}
if (empty($myArticles)) {
return null;
}
return $myArticles;
}
function setMessage()
{
$usered = $_POST["user"];
if ($usered != "") {
session_start();
$user = $_SESSION['user'];
$message = $_POST["message"];
require_once 'Conn/Mysql.php';
$mysql = new Mysql();
$mysql->query("INSERT INTO `message`(`message`, `user_id`, `usered_id`, `created`) VALUES ('{$message}',(select id from users where name='{$user}'),(select id from users where name='{$usered}'),NOW());");
require 'Conn/Redirect.php';
$redirect = new Redirect();
$redirect->go("index.php?page=chat&user={$usered}");
} else {
echo "不能为空";
}
}
public static function getJournalById($journal)
{
$myJournal = $journal;
$mysql = new Mysql();
$mysql->connect(Config::$bd_servidor, Config::$bd_esquema, Config::$bd_usuario, Config::$bd_contrasena);
$query = "select j.journal_id journal_id, j.path path, fojsbus_journalsetting(j.journal_id,'title','es_ES') title\n from journals j\n where j.journal_id=" . $myJournal->getId() . ";";
$resultSet = $mysql->query($query);
if ($resultSet != false) {
$journalData = $mysql->fetchAll($resultSet);
if ($journalData[0]['journal_id'] != null && $journalData[0]['journal_id'] != '') {
$myJournal->setTitle($journalData[0]['title']);
$myJournal->setUrl(Config::$ojs . "/" . $journalData[0]['path']);
$myJournal->setIssues(IssueDAO::getIssuesByJournal($myJournal));
return $myJournal;
}
}
return null;
}
/**
* Gibt die Navigation in Form eines Arrays zurück
*
* @return array Navigation
*/
private function _getMenues()
{
static $nav_arr = null;
/* Navigation nur Aufrufen, falls dies noch nicht getan wurde */
if (!is_array($nav_arr)) {
$nav_arr = array();
$topid_arr = array();
$page = new Page($this->_smarty, $this->_mysql);
$this->_mysql->query("SELECT `menu_topid`, COUNT(*) as 'count' FROM `menu` GROUP BY `menu_topid`");
$i = 0;
while (($data = $this->_mysql->fetcharray('assoc')) !== false) {
$topid_arr[$i] = (int) $data['menu_topid'];
$i++;
}
$page->let_build_menu_array($topid_arr, $nav_arr, false, true);
}
return $nav_arr;
}
public static function getIssuesByJournal($journal)
{
$mysql = new Mysql();
$mysql->connect(Config::$bd_servidor, Config::$bd_esquema, Config::$bd_usuario, Config::$bd_contrasena);
$query = "select i.issue_id issue_id, i.volume volume, i.number number, i.year year, fojsbus_issuesetting(i.issue_id,'title','es_ES') title\n from issues i LEFT JOIN custom_issue_orders o ON (o.issue_id = i.issue_id) \n where i.journal_id=" . $journal->getId() . "\n and i.published = 1 \n order by o.seq ASC, i.current DESC, i.date_published DESC;";
$resultSet = $mysql->query($query);
$myIssues = array();
if ($resultSet != false) {
foreach ($mysql->fetchAll($resultSet) as $issueData) {
$issue = new Issue($journal, $issueData['issue_id'], $issueData['volume'], $issueData['number'], $issueData['year'], $issueData['title']);
$issue->setArticles(ArticleDAO::getArticlesByIssue($issue));
$myIssues[] = $issue;
}
}
if (empty($myIssues)) {
return null;
}
return $myIssues;
}
/**
* Ueberprueft ob sich jemand einloggt
*
* @param array $post_array $_POST-Daten
* @return boolean Antwort, ob sich jemand einloggt.
* @uses Mysql Für die Verbindung zur Mysql-DB
* @uses Smarty Als Template-System
*/
public function check4login(&$post_array)
{
//Login-Formular gesendet?
if (isset($post_array['login']) && $post_array['login'] == "Anmelden") {
$login_data = $this->_getlogindata($post_array);
if (is_array($login_data)) {
//Benutzername und Passwort ueberpruefen
$this->_mysql->query("SELECT `user_ID` FROM `admin_users` WHERE `user_name` = '{$login_data['name']}' LIMIT 1");
if (($data = $this->_mysql->fetcharray('assoc')) === false) {
$this->_smarty->assign('login_error', $this->_textes['failname']);
$this->_smarty->display('login.tpl');
} else {
$this->_mysql->query("SELECT `user_ID` FROM `admin_users` WHERE `user_name` = '{$login_data['name']}' AND `user_pw` = '{$login_data['password_encrypted']}' LIMIT 1");
$data = $this->_mysql->fetcharray();
if (is_numeric($data[0])) {
$this->_user_id = $data[0];
$this->_session->create_session($data[0]);
//Sektion der Sprachdatei weitergeben für die Texte im Template
$this->_smarty->assign('section', 'Login');
$this->_smarty->assign('forward_link', "?" . $this->_session->get_sessionstring());
$this->_smarty->display('forward.tpl');
$this->_smarty->display('forward.tpl');
} elseif ($data == false) {
$this->_smarty->assign('login_error', $this->_textes['failpw']);
$this->_smarty->display('login.tpl');
} else {
/* Query zwar richtig, aber user_ID ungültig */
$this->_smarty->assign('login_error', $this->_textes['userinvalid']);
$this->_smarty->display('login.tpl');
}
}
return true;
} else {
$this->_smarty->assign('login_error', $this->_textes['noentry']);
$this->_smarty->display('login.tpl');
return true;
}
} else {
return false;
}
}
/**
* Schaut nach veränderten Modulen und ändert den Status
*
* @param array $data Daten
*/
private function _updmods()
{
$post = $this->_gpc['POST'];
$status_arr = array();
if (key_exists('modules_check', $post)) {
foreach ($post['modules_check'] as $key => $value) {
$st_value = $post['modules_status'][$key];
if ($st_value != 'on' && $st_value != 'off') {
$this->setinfo("Erlaubte Werte für Status sind nur on und off, keine anderen.");
break;
} else {
$status_arr[] = array('ID' => $this->_mysql->escapeString($key), 'value' => $this->_mysql->escapeString($st_value));
}
}
}
if (!empty($status_arr)) {
foreach ($status_arr as $value) {
$this->_mysql->query("UPDATE `modules` SET `modules_status` = '{$value['value']}' WHERE `modules_ID` = '{$value['ID']}' LIMIT 1");
}
}
}
/**
* Prüft auf spezielle Aktionen durch
*
*/
private function _check_spec_action()
{
$modulname = '';
if ($this->_is_admin == true) {
$menu_tbl = 'admin_menu';
$mod_tbl = 'admin_modules';
} else {
$menu_tbl = 'menu';
$mod_tbl = 'modules';
}
if (key_exists('mail', $this->_gpc['GET'])) {
$modulname = 'mailmodule';
} elseif (key_exists('image', $this->_gpc['GET'])) {
$modulname = 'image_send';
}
if ($modulname != '') {
$query = "SELECT `{$menu_tbl}`.`menu_ID` FROM `{$menu_tbl}`,`{$mod_tbl}` " . "WHERE `{$mod_tbl}`.`modules_name` = '{$modulname}' AND `{$mod_tbl}`.`modules_ID` = `{$menu_tbl}`.`menu_page` " . "AND `{$menu_tbl}`.`menu_pagetyp` = 'mod' LIMIT 1";
$this->_mysql->query($query);
$data = $this->_mysql->fetcharray('num');
$this->_smarty_array['local_link'] = $this->_nav_id = (int) $data[0];
}
}
/**
* Initialisiert den Thumb
*
*/
private function _initThumb($thumb)
{
//Eintrag zur ID vorhanden?
$this->_mysql->query("SELECT `filename` FROM `bilder` WHERE `bilder_ID` = '{$thumb}' LIMIT 1");
$mysql_data = $this->_mysql->fetcharray();
//Ueberpruefung, ob ein Eintrag vorhanden ist
if (empty($mysql_data)) {
//Fehlerbild ausgeben, weil kein Eintrag vorhanden ist
$this->_initErrImg(100, 80, $this->_img_textes['no_id']);
return;
}
//Existiert kein Thumb, wird eins erstellt
if (!is_file(THUMB_DIR . $mysql_data['filename'])) {
$orgImg = new Image(IMAGE_DIR_ORIGN . $mysql_data['filename']);
$bild_data = $orgImg->send_infos();
$newSize = $this->_calcSize($bild_data['width'], $bild_data['height'], THUMB_MAXWIDTH, THUMB_MAXHEIGHT);
$orgImg->copy($newSize['width'], $newSize['height'], THUMB_DIR . $mysql_data['filename'], "jpeg");
unset($orgImg);
}
//Bild ausgeben
$this->_img = new Image(THUMB_DIR . $mysql_data['filename']);
$this->_img->send_image();
}
public function verifyUser($user, $password)
{
// $query = "SELECT * FROM users WHERE login='******' AND password='******' AND status=1";
$query = "SELECT u.idUser as idUser, u.name as name, u.lastName as lastName, u.login as login, u.mail as mail, u.password as password, p.name as permissions\r\n FROM users as u, permissions as p, rols as r \r\n WHERE u.login='******' AND u.password='******' AND (p.name='Administration' OR p.name='Partner' OR p.name='Marketing') AND p.idUser = u.idUser AND p.idRol= r.idRol \r\n AND (r.typeRol='All' OR r.typeRol='Partner' OR r.typeRol='Marketing')";
$this->iniSession($user, $password);
$mysql = new Mysql();
$users = $mysql->query($query);
if ($users[0]['u']['idUser'] != 0) {
$json_data = array('login' => $users[0]['u']['login'], 'password' => $users[0]['u']['password'], 'msg' => 'ok');
$_SESSION['idUser'] = $users[0]['u']['idUser'];
$_SESSION['name'] = $users[0]['u']['name'];
$_SESSION['lastName'] = $users[0]['u']['lastName'];
$_SESSION['login'] = $users[0]['u']['login'];
$_SESSION['mail'] = $users[0]['u']['mail'];
$_SESSION['password'] = $users[0]['u']['password'];
$_SESSION['permissions'] = $users[0]['p']['permissions'];
} else {
$json_data = array('msg' => 'not exist');
// header('Location: ?action=');
}
//$mysql->__destruct();
return json_encode($json_data);
}
function destroy()
{
Mysql::query("DELETE FROM " . $this->session_table . " WHERE id='" . $this->getSessionID() . "'");
Mysql::query("DELETE FROM " . $this->session_vars_table . " WHERE session='" . $this->getSessionID() . "'");
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', 1, '/');
}
// $_SESSION = array();
// $session_name = session_name();
// if(isset($_COOKIE[$session_name])) {
// unset($_COOKIE[$session_name]);
// }
return true;
}
$KeyList = array('userId', 'footprintId');
foreach ($KeyList as $k => $v) {
if (!isset($_GET[$v])) {
$res = ['ok' => 0, 'error' => "param invalid "];
echo json_encode($res);
die;
}
}
$mysql = new Mysql();
$result = $mysql->select("*", "footprint", "`footId`", "'{$_GET['footprintId']}'");
if ($result) {
if ($result['userId'] == $_GET['userId']) {
$myMemcache = new MyMemcache();
$footprintId = $result['id'];
$removeFootprint = "delete from footprint where id={$footprintId}";
//echo $removeFootprint;
$mysql->query($removeFootprint);
$myMemcache->delete($_GET['userId'] . "foot" . $result['footId']);
if ($myMemcache->get("like" . $result['footId']) && $myMemcache->get("like" . $result['footId']) == 1) {
//$removeFoot="delete from foot where id={$result['footId']}";
//$mysql->query($removeFoot);
}
echo json_encode(['ok' => 1]);
} else {
echo json_encode(['ok' => 0, 'error' => "no permission"]);
die;
}
} else {
echo json_encode([ok => 0, error => "footId not exsit"]);
}
$mysql->close();
/**
* Erstellt via RegEx die Smilies im Text und gibt sie retour.
*
* Grober Ablauf (zur Nachkontrolle):
* 1. Auslesen der Smilies aus der Tabelle
* 2. Ueberpruefen ob das Smilie ueberhaupt noch existiert (is_file), wenn nicht, auslassen
* 3. RegEx der Texte
* 4. Rueckgabe des Textes.
*
* @param string $text Der zu parsende Text
* @param Mysql $mysql_link Verbindung zur DB
* @return string
* @uses Mysql
*/
public function show_smilie($text, $mysql_link)
{
$query = "SELECT * FROM smilies ORDER BY smilies_sign";
$mysql_link->query($query);
$return_text = $text;
while ($smilies_data = $mysql_link->fetcharray()) {
if (is_file($this->dir_smilies . $smilies_data["smilies_file"])) {
$return_text = str_replace($smilies_data["smilies_sign"], '<img src="' . $this->dir_smilies . $smilies_data["smilies_file"] . '" alt="' . $smilies_data["smilies_file"] . '"></img>', $return_text);
}
}
return $return_text;
}
/**
* Gibt die Navigation in Form eines Arrays zurück
*
* @param int $start Start
* @param int $number Anzahl
* @param boolean $unit_topid untergeordnete Menus eines Topid-Menus (topid = 0) nicht trennen
* @return array Navigation
*/
private function _getMenues($start = null, $number = null, $unit_topid = true)
{
static $nav_arr = null;
static $count_nav = null;
/* Navigation nur Aufrufen, falls dies noch nicht getan wurde */
if (!is_array($nav_arr)) {
$nav_arr = array();
$topid_arr = array();
$page = new Page($this->_smarty, $this->_mysql);
$this->_mysql->query("SELECT `menu_topid`, COUNT(*) as 'count' FROM `menu` GROUP BY `menu_topid`");
$i = 0;
while (($data = $this->_mysql->fetcharray('assoc')) !== false) {
$topid_arr[$i] = (int) $data['menu_topid'];
$i++;
}
$page->let_build_menu_array($topid_arr, $nav_arr, false, true, true, array('menu_position', 'menu_pagetyp', 'menu_display'));
$count_nav['all'] = count($nav_arr);
$count_nav['top'] = array();
$i = 0;
$count_nav['top'][0] = 0;
foreach ($nav_arr as $value) {
if ($value['menu_topid'] == 0) {
//$i = $value['menu_ID'];
$i++;
$count_nav['top'][$i] = 1;
} else {
$count_nav['top'][$i]++;
}
}
}
/* Hier wird nun der Bereich ausgewertet, welcher Teil des Menus zurückgegeben werden soll */
if (isset($start)) {
/* ist $unit_tropid true, wird eine topid = 0 und die darunterliegenden Menupunkte NICHT
* getrennt, auch wenn die Anzahl der Menupunkte grösser ist als $number
* Hat z.B. news (topid = 0) 10 darunterliegende Menupunkte, aber $number ist 7, wird news nicht
* aufgeteilt, sondern als Einheit bewahrt. */
if ($unit_topid == true) {
$start = (int) $start;
$count_start = 0;
/*$i ist das Startelement von $nav_arr*/
/* Die Anzahl Menupunkte für ein Topid (topid-menupunkt und darunterliegende)
* sind in $count_nav['top'] aufgelistet. In dieser Schleife werden nun die
* Anzahl Menupunkte zusammengezählt (speichern in $count_start), bis $start
* erreicht wird. Ist $count_start nun grösser als $start, spielt das insofern
* keine Rolle, weil die Topids zusammengehalten werden. */
for ($i = 0; $count_start < $start && $i < count($count_nav['top']); $i++) {
$count_start += $count_nav['top'][$i];
}
if (isset($number)) {
$number = (int) $number;
$count_number = 0;
/* Selbes Vorgehen wie bei der vorherigen For-Schleife */
for ($j = $i; $count_number < $count_start + $number && $j < count($count_nav['top']); $j++) {
$count_number += $count_nav['top'][$j];
}
return array_slice($nav_arr, $count_start, $count_number);
} else {
return array_slice($nav_arr, $count_start);
}
} else {
/* Topids werde nicht zusammengehalten => einfaches Aufsplitten der Menues */
if (isset($number)) {
return array_slice($nav_arr, $start, $number);
} else {
return array_slice($nav_arr, $start);
}
}
}
/* Ohne Angabe von $start wird die gesammte Navigation zurückgegeben */
return $nav_arr;
}
function SupprimerLaRencontre($id_rencontre)
{
return Mysql::query("\n DELETE FROM rencontre\n WHERE id = '%dS'", $id_rencontre);
}
function sql($query, $limit = 1003)
{
return Mysql::query($query, $limit);
}
public function execute($param)
{
return parent::query($param);
}
