public static function isScriptInstalled() { if (!file_exists(IA_HOME . 'includes' . IA_DS . self::CONFIGURATION_FILE)) { return false; } self::loadCoreClass('users', 'core'); return iaCore::instance()->iaDb->one_bind(iaDb::STMT_COUNT_ROWS, '`usergroup_id` = :group AND `date_logged` IS NOT NULL', array('group' => iaUsers::MEMBERSHIP_ADMINISTRATOR), iaUsers::getTable()) > 0; }
public function create($planId) { $entry = array('plan_id' => (int) $planId, 'member_id' => iaUsers::hasIdentity() ? iaUsers::getIdentity()->id : 0, 'status' => self::PENDING); if ($id = $this->iaDb->insert($entry, array('date_created' => iaDb::FUNCTION_NOW), self::getTable())) { $entry['id'] = $id; return $entry; } return false; }
protected function _gridQuery($columns, $where, $order, $start, $limit) { $sql = 'SELECT u.*, IF(u.`id` = 1, 0, u.`id`) `permissions`, u.`id` `config`, IF(u.`system` = 1, 0, 1) `delete` ' . ', IF(u.`id` = 1, 1, p.`access`) `admin` ' . ',(SELECT GROUP_CONCAT(m.`fullname` SEPARATOR \', \') FROM `' . iaUsers::getTable(true) . '` m WHERE m.`usergroup_id` = u.`id` GROUP BY m.`usergroup_id` LIMIT 10) `members` ' . ',(SELECT COUNT(m.`id`) FROM `' . iaUsers::getTable(true) . '` m WHERE m.`usergroup_id` = u.`id` GROUP BY m.`usergroup_id`) `count`' . 'FROM `' . $this->_iaDb->prefix . $this->getTable() . '` u ' . 'LEFT JOIN `' . $this->_iaDb->prefix . 'acl_privileges` p ' . "ON (p.`type` = 'group' " . 'AND p.`type_id` = u.`id` ' . "AND `object` = 'admin_access' " . "AND `action` = 'read' " . ')' . $order . ' ' . 'LIMIT ' . $start . ', ' . $limit; $usergroups = $this->_iaDb->getAll($sql); foreach ($usergroups as &$usergroup) { $usergroup['title'] = iaLanguage::get('usergroup_' . $usergroup['name']); } return $usergroups; }
private function _deleteFile($params) { $result = array('error' => true, 'message' => iaLanguage::get('invalid_parameters')); $item = isset($params['item']) ? iaSanitize::sql($params['item']) : null; $field = isset($params['field']) ? iaSanitize::sql($params['field']) : null; $path = isset($params['path']) ? iaSanitize::sql($params['path']) : null; $itemId = isset($params['itemid']) ? (int) $params['itemid'] : null; if ($itemId && $item && $field && $path) { $tableName = $this->_iaCore->factory('item')->getItemTable($item); $itemValue = $this->_iaDb->one($field, iaDb::convertIds($itemId), $tableName); $iaAcl = $this->_iaCore->factory('acl'); if ($iaAcl->isAdmin() && $itemValue) { $pictures = $itemValue[1] == ':' ? unserialize($itemValue) : $itemValue; $key = null; if (is_array($pictures)) { if ($primitive = !is_array($pictures[key($pictures)])) { $pictures = array($pictures); } foreach ($pictures as $k => $v) { if ($path == $v['path']) { $key = $k; break; } } if (!is_null($key)) { unset($pictures[$key]); } $newItemValue = $primitive ? '' : serialize($pictures); } else { // single image $newItemValue = ''; if ($pictures == $path) { $key = true; } } if (!is_null($key)) { if ($this->_iaCore->factory('picture')->delete($path)) { if ($this->_iaDb->update(array($field => $newItemValue), iaDb::convertIds($itemId), null, $tableName)) { if (iaUsers::getItemName() == $item) { // update current profile data if ($itemId == iaUsers::getIdentity()->id) { iaUsers::reloadIdentity(); } } } $result['error'] = false; $result['message'] = iaLanguage::get('deleted'); } else { $result['message'] = iaLanguage::get('error'); } } } } return $result; }
protected function _gridQuery($columns, $where, $order, $start, $limit) { foreach (array('amount', 'gateway', 'status') as $joinedColumnName) { if (false !== stripos($order, $joinedColumnName)) { $order = str_replace(' i.`', ' t.`', $order); break; } } $sql = 'SELECT SQL_CALC_FOUND_ROWS ' . 'i.`id`, i.`date_created`, i.`fullname`, ' . 't.`plan_id`, t.`operation`, ' . 't.`status`, CONCAT(t.`amount`, " ", t.`currency`) `amount`, t.`currency`, t.`gateway`, ' . "1 `pdf`, 1 `update`, IF(t.`status` != 'passed', 1, 0) `delete` " . 'FROM `:prefix:table_invoices` i ' . 'LEFT JOIN `:prefix:table_transactions` t ON (t.`id` = i.`transaction_id`) ' . 'LEFT JOIN `:prefix:table_members` m ON (m.`id` = t.`member_id`) ' . ($where ? 'WHERE ' . $where . ' ' : '') . $order . ' ' . 'LIMIT :start, :limit'; $sql = iaDb::printf($sql, array('prefix' => $this->_iaDb->prefix, 'table_invoices' => self::getTable(), 'table_members' => iaUsers::getTable(), 'table_transactions' => 'payment_transactions', 'start' => $start, 'limit' => $limit)); return $this->_iaDb->getAll($sql); }
public function getAddress($transactionId) { $invoice = $this->getBy('transaction_id', $transactionId); if ($invoice && $invoice['address1']) { return $invoice; } // else return an address of the latest populated transaction $iaTransaction = $this->iaCore->factory('transaction'); $sql = 'SELECT SQL_CALC_FOUND_ROWS i.`address1`, i.`address2`, i.`zip`, i.`country` ' . 'FROM `:prefix:table_transactions` t ' . 'LEFT JOIN `:prefix:table_invoices` i ON (i.`transaction_id` = t.`id`) ' . 'WHERE t.`member_id` = :member AND i.`address1` != "" ' . 'ORDER BY t.`date` DESC ' . 'LIMIT 1'; $sql = iaDb::printf($sql, array('prefix' => $this->iaDb->prefix, 'table_transactions' => $iaTransaction::getTable(), 'table_invoices' => self::getTable(), 'member' => iaUsers::getIdentity()->id)); $row = $this->iaDb->getRow($sql); return $row ? $row : array('address1' => '', 'address2' => '', 'zip' => '', 'country' => ''); }
public function validate() { if (iaUsers::hasIdentity()) { return true; } $sc1 = isset($_POST['security_code']) ? $_POST['security_code'] : (isset($_GET['security_code']) ? $_GET['security_code'] : ''); $sc2 = $_SESSION['pass']; $functionName = $this->iaCore->get('captcha_case_sensitive') ? 'strcmp' : 'strcasecmp'; if (empty($_SESSION['pass']) || $functionName($sc1, $sc2) !== 0) { return false; } $_SESSION['pass'] = ''; return true; }
protected function _debugInfo() { $iaCore = iaCore::instance(); $iaCore->factory('users'); self::dump(iaCore::ACCESS_FRONT == $iaCore->getAccessType() ? iaCore::FRONT : iaCore::ADMIN, 'Access Type'); self::dump($iaCore->iaView->getParams(), 'Page', 'info'); self::dump($iaCore->iaView->get('action'), 'Action', 'info'); self::dump($iaCore->iaView->get('filename'), 'Module'); self::dump($iaCore->iaView->language, 'Language'); self::dump(iaUsers::hasIdentity() ? iaUsers::getIdentity(true) : null, 'Identity'); self::dump(); // process blocks $blocks = array(); if ($blocksData = $iaCore->iaView->blocks) { foreach ($blocksData as $position => $blocksList) { $blocks[$position] = array(); foreach ($blocksList as $block) { $blocks[$position][] = $block['name']; } } } // process constants $constantsList = get_defined_constants(true); foreach ($constantsList['user'] as $key => $value) { if (strpos($key, 'IA_') === 0 && 'IA_SALT' != $key) { $constants[$key] = $value; } } self::dump($iaCore->requestPath, 'URL Params'); self::dump($blocks, 'Blocks List'); self::dump($iaCore->packagesData, 'Installed Packages'); self::dump($iaCore->getConfig(), 'Configuration Params'); self::dump($constants, 'Constants List'); if (!empty(self::$_data['info'])) { foreach (self::$_data['info'] as $key => $val) { self::dump($val, !is_int($key) ? $key : ''); } } self::dump(); self::dump($_POST, '$_POST'); self::dump($_FILES, '$_FILES'); self::dump($_GET, '$_GET'); self::dump(); self::dump(PHP_VERSION, 'PHP version'); self::dump($_SERVER, '$_SERVER'); self::dump($_SESSION, '$_SESSION'); self::dump($_COOKIE, '$_COOKIE'); return '[' . $iaCore->iaView->name() . ']'; }
$itemData['password'] = ''; } } else { iaField::keepValues($itemData, $fields); $iaView->setMessages($messages); } if (!$error) { $memberId = $iaUsers->register($itemData); if ($memberId) { $iaCore->factory('log')->write(iaLog::ACTION_CREATE, array('item' => 'member', 'name' => $itemData['fullname'], 'id' => $memberId, 'type' => iaCore::FRONT)); } // process sponsored plan if ($memberId && isset($_POST['plan_id']) && is_numeric($_POST['plan_id'])) { $plan = $iaPlan->getById($_POST['plan_id']); $usergroup = $plan['usergroup'] ? $plan['usergroup'] : iaUsers::MEMBERSHIP_REGULAR; $iaDb->update(array('id' => $memberId, 'usergroup_id' => $usergroup), 0, 0, iaUsers::getTable()); if ($plan['cost'] > 0) { $itemData['id'] = $memberId; $itemData['member_id'] = $memberId; if ($url = $iaPlan->prePayment($iaUsers->getItemName(), $itemData, $plan['id'])) { iaUtil::redirect(iaLanguage::get('thanks'), iaLanguage::get('member_created'), $url); } } } } } elseif ('register_confirm' == $iaView->name()) { if (!isset($_GET['email']) || !isset($_GET['key'])) { return iaView::accessDenied(); } $error = true; if ($iaUsers->confirmation($_GET['email'], $_GET['key'])) {
public static function getAccountDir($userName = '') { if (empty($userName)) { $userName = iaUsers::hasIdentity() ? iaUsers::getIdentity()->username : false; } $serverDirectory = ''; umask(0); if (empty($userName)) { $serverDirectory .= '_notregistered' . IA_DS; if (!is_dir(IA_UPLOADS . $serverDirectory)) { mkdir(IA_UPLOADS . $serverDirectory); } } else { $subFolders = array(); $subFolders[] = strtolower(substr($userName, 0, 1)) . IA_DS; $subFolders[] = $userName . IA_DS; foreach ($subFolders as $folderName) { $serverDirectory .= $folderName; is_dir(IA_UPLOADS . $serverDirectory) || mkdir(IA_UPLOADS . $serverDirectory); } } return $serverDirectory; }
private function _resetPage(&$iaView) { if (isset($_POST['reset'])) { if ($options = iaUtil::checkPostParam('options', array())) { if (in_array(iaUsers::getItemName(), $options)) { $iaUsers = $this->_iaCore->factory('users'); $currentMember = $this->_iaDb->row(iaDb::ALL_COLUMNS_SELECTION, iaDb::convertIds(iaUsers::getIdentity()->id), iaUsers::getTable()); $this->getHelper()->truncate(iaUsers::getTable()); $this->_iaDb->insert($currentMember, null, iaUsers::getTable()); $options = array_diff($options, array($iaUsers->getItemName())); } foreach ($options as $option) { $this->_iaCore->startHook('phpDbControlBeforeReset', array('option' => $option)); } $this->addMessage('reset_success'); } else { $this->_error = true; $this->addMessage('reset_choose_table'); } } else { $iaView->setMessages(iaLanguage::get('reset_backup_alert'), iaView::ALERT); } $resetOptions = array('members' => iaLanguage::get('reset') . ' ' . iaLanguage::get('members')); $this->_iaCore->startHook('phpAdminDatabaseBeforeAll', array('reset_options' => &$resetOptions)); $iaView->assign('options', $resetOptions); }
private function _setActions() { $result = array(); if (self::REQUEST_HTML != $this->getRequestType()) { return $result; } $iaCore =& $this->iaCore; if (false !== strpos($iaCore->iaView->name(), 'view')) { $iaItem = $iaCore->factory('item'); $iaCore->startHook('smartyItemTools'); $iaItem->setItemTools(array('id' => 'action-print', 'title' => iaLanguage::get('print_preview'), 'attributes' => array('href' => '#', 'class' => 'js-print-page'))); $itemData = $iaCore->iaView->iaSmarty->getTemplateVars('item'); if (iaUsers::hasIdentity() && $itemData) { if (iaUsers::getItemName() != $itemData['item'] && isset($itemData['member_id']) && iaUsers::getIdentity()->id != $itemData['member_id'] || $itemData['item'] == iaUsers::getItemName() && iaUsers::getIdentity()->id != $itemData['id']) { $isAlreadyFavorited = isset($itemData['favorite']) && $itemData['favorite'] == 1; $iaItem->setItemTools(array('id' => 'action-favorites', 'title' => iaLanguage::get($isAlreadyFavorited ? 'favorites_action_delete' : 'favorites_action_add'), 'attributes' => array('href' => '#', 'class' => 'js-favorites', 'data-id' => $itemData['id'], 'data-item' => $itemData['item'], 'data-action' => $isAlreadyFavorited ? iaCore::ACTION_DELETE : iaCore::ACTION_ADD))); } } $result = $iaItem->setItemTools(); } return $result; }
private function _getItemsStatuses() { $result = array(); $iaItem = $this->_iaCore->factory('item'); foreach ($this->_items as $itemName) { $statuses = array(); $className = ucfirst(substr($itemName, 0, -1)); $itemClassInstance = iaUsers::getItemName() == $itemName ? $this->_iaCore->factory('users') : $this->_iaCore->factoryPackage($className, $iaItem->getPackageByItem($itemName)); if ($itemClassInstance && method_exists($itemClassInstance, 'getStatuses')) { $statuses = $itemClassInstance->getStatuses(); } $result[$itemName] = implode(',', $statuses); } return $result; }
* Subrion is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Subrion. If not, see <http://www.gnu.org/licenses/>. * * * @link http://www.subrion.org/ * ******************************************************************************/ define('IA_VER', '330'); $iaOutput->layout()->title = 'Installation Wizard'; $iaOutput->steps = array('check' => 'Pre-Installation Check', 'license' => 'Subrion License', 'configuration' => 'Configuration', 'finish' => 'Script Installation', 'plugins' => 'Plugins Installation'); if (iaHelper::isScriptInstalled() && (!iaUsers::hasIdentity() || iaUsers::MEMBERSHIP_ADMINISTRATOR != iaUsers::getIdentity()->usergroup_id)) { $iaOutput->errorCode = 'authorization'; return false; } $error = false; $message = ''; $builtinPlugins = array('kcaptcha', 'fancybox', 'personal_blog'); switch ($step) { case 'check': $checks = array('server' => array()); $sections = array('server' => array('title' => 'Server Configuration', 'desc' => 'If any of these items are highlighted in red then please take actions to correct them. Failure to do so could lead to your installation not functioning correctly.'), 'recommended' => array('title' => 'Recommended Settings', 'desc' => 'These settings are recommended for PHP in order to ensure full compatibility with Subrion CMS. However, Subrion CMS will still operate if your settings do not quite match the recommended.'), 'directory' => array('title' => 'Directory & File Permissions', 'desc' => 'In order for Subrion CMS to function correctly it needs to be able to access or write to certain files or directories. If you see "Unwritable" you need to change the permissions on the file or directory to allow Subrion CMS to write to it.')); $checks['server']['mysql_version'] = array('required' => function_exists('mysql_connect'), 'class' => true, 'name' => 'Mysql version', 'value' => function_exists('mysql_connect') ? '<td class="success">' . substr(mysql_get_client_info(), 0, false === ($pos = strpos(mysql_get_client_info(), '-')) ? 10 : $pos) . '</td>' : '<td class="danger">MySQL 5.x or upper required</td>'); $checks['server']['php_version'] = array('required' => version_compare('5.0', PHP_VERSION, '<'), 'class' => true, 'name' => 'PHP version', 'value' => version_compare('5.0', PHP_VERSION, '<') ? '<td class="success">' . PHP_VERSION . '</td>' : '<td class="danger">PHP version is not compatible. PHP 5.x needed. (Current version ' . PHP_VERSION . ')</td>'); $checks['server']['remote'] = array('name' => 'Remote files access support', 'value' => iaHelper::hasAccessToRemote() ? '<td class="success">Available</td>' : '<td class="danger">Unavailable (highly recommended to enable "CURL" extension or "allow_url_fopen")</td>'); $checks['server']['xml'] = array('name' => 'XML support', 'value' => extension_loaded('xml') ? '<td class="success">Available</td>' : '<td class="danger">Unavailable (recommended)</td>'); $checks['server']['mysql_support'] = array('name' => 'MySQL support', 'value' => function_exists('mysql_connect') ? '<td class="success">Available</td>' : '<td class="danger">Unavailable (required)</td>');
$messages = array(); iaCore::util(); if ($fields) { list($data, $error, $messages, $errorFields) = iaField::parsePost($fields, $item, true); } // validate account if (isset($_POST['account']) && !empty($_POST['account'])) { $member_id = $iaDb->one('id', "`username` = '{$_POST['account']}' ", iaUsers::getTable()); if (!$member_id) { $error = true; $messages[] = iaLanguage::get('album_incorrect_account'); } else { $data['member_id'] = $member_id; } } else { $data['member_id'] = iaUsers::getIdentity()->id; } if (!defined('IA_NOUTF')) { iaUtf8::loadUTF8Core(); iaUtf8::loadUTF8Util('ascii', 'validation', 'bad', 'utf8_to_ascii'); } // validate title_alias $data['title_alias'] = !empty($_POST['title_alias']) ? $_POST['title_alias'] : $_POST['title']; if (!utf8_is_ascii($data['title_alias'])) { $data['title_alias'] = utf8_to_ascii($data['title_alias']); } $data['title_alias'] = iaSanitize::convertStr($data['title_alias']); // check for duplicate title_alias in case a new album is added or title_alias has been updated if (!isset($item['title_alias']) || isset($item['title_alias']) && $data['title_alias'] != $item['title_alias']) { if ($iaAlbum->existsAlias($data['title_alias'])) { $error = true;
/** * Get the list of user/group specific configuration values * * @param null $user user id * @param null $group group id * * @return array */ public function getCustomConfig($user = null, $group = null) { $local = false; if (is_null($user) && is_null($group)) { $this->factory('users'); $local = true; if (iaUsers::hasIdentity()) { $user = iaUsers::getIdentity()->id; $group = iaUsers::getIdentity()->usergroup_id; } else { $user = 0; $group = iaUsers::MEMBERSHIP_GUEST; } } if ($local && !is_null($this->_customConfig)) { return $this->_customConfig; } $result = array(); $stmt = array(); if ($user) { $stmt[] = "(`type` = 'user' AND `type_id` = {$user}) "; } if ($group) { $stmt[] = "(`type` = 'group' AND `type_id` = {$group}) "; } $rows = $this->iaDb->all(array('type', 'name', 'value'), implode(' OR ', $stmt), null, null, self::getCustomConfigTable()); if (empty($rows)) { return $result; } $result = array('group' => array(), 'user' => array(), 'plan' => array()); foreach ($rows as $row) { $result[$row['type']][$row['name']] = $row['value']; } $result = array_merge($result['group'], $result['user'], $result['plan']); if ($local) { $this->_customConfig = $result; } return $result; }
public static function ia_print_js($params, Smarty_Internal_Template &$smarty) { $smarty->add_js($params); if (!isset($params['display'])) { return ''; } $iaCore = iaCore::instance(); $resources = self::_arrayCopyKeysSorted($iaCore->iaView->resources->js->toArray()); $output = ''; foreach ($resources as $resource) { switch (true) { case strpos($resource, 'code:') === 0: if ($code = trim(substr($resource, 5))) { $output .= PHP_EOL . "\t" . '<script type="text/javascript"><!-- ' . PHP_EOL . $code . PHP_EOL . ' --></script>'; } continue; case strpos($resource, 'text:') === 0: if (iaUsers::hasIdentity() && iaCore::ACCESS_ADMIN == iaCore::instance()->getAccessType()) { $text = trim(substr($resource, 5)); $output .= "<script type=\"text/javascript\">if(document.getElementById('js-ajax-loader-status'))document.getElementById('js-ajax-loader-status').innerHTML = '" . $text . "';</script>" . PHP_EOL; } continue; default: $output .= PHP_EOL . "\t" . sprintf(self::LINK_SCRIPT_PATTERN, $resource); } } return $output; }
protected function _gridUpdate($params) { if (isset($params['id']) && is_array($params['id']) && 2 == count($params) && isset($params['status'])) { $currentUserId = iaUsers::getIdentity()->id; if (in_array($currentUserId, $params['id'])) { $totalAdminsCount = (int) $this->_iaDb->one_bind(iaDb::STMT_COUNT_ROWS, '`usergroup_id` = :group AND `status` = :status AND `id` != :id', array('group' => iaUsers::MEMBERSHIP_ADMINISTRATOR, 'status' => iaCore::STATUS_ACTIVE, 'id' => $currentUserId)); if (0 == $totalAdminsCount && $params['status'] != iaCore::STATUS_ACTIVE) { return array('result' => false, 'message' => iaLanguage::get('action_not_allowed_since_you_only_admin')); } } } return parent::_gridUpdate($params); }
if (empty($member)) { $member = $iaUsers->getInfo((int) $iaCore->requestPath[0]); } if (empty($member)) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $iaCore->factory('util'); $iaPage = $iaCore->factory('page', iaCore::FRONT); $member['item'] = $iaUsers->getItemName(); $iaCore->startHook('phpViewListingBeforeStart', array('listing' => $member['id'], 'item' => $member['item'], 'title' => $member['fullname'], 'url' => $iaView->iaSmarty->ia_url(array('data' => $member, 'item' => $member['item'], 'type' => 'url')), 'desc' => $member['fullname'])); $iaItem = $iaCore->factory('item'); $iaCore->set('num_items_perpage', 20); $page = !empty($_GET['page']) ? (int) $_GET['page'] : 1; $page = $page < 1 ? 1 : $page; $start = ($page - 1) * $iaCore->get('num_items_perpage'); if (iaUsers::hasIdentity() && iaUsers::getIdentity()->id == $member['id']) { $iaItem->setItemTools(array('title' => iaLanguage::get('edit'), 'url' => $iaPage->getUrlByName('profile'))); } $member = array_shift($iaItem->updateItemsFavorites(array($member), $member['item'])); $member['items'] = array(); // get fieldgroups $iaField = $iaCore->factory('field'); list($sections, ) = $iaField->generateTabs($iaField->filterByGroup($member, $member['item'])); // get all items added by this account $itemsList = $iaItem->getPackageItems(); $itemsFlat = array(); if ($array = $iaItem->getItemsInfo(true)) { foreach ($array as $itemData) { if ($itemData['item'] != $member['item'] && $iaItem->isExtrasExist($itemsList[$itemData['item']])) { $itemsFlat[] = $itemData['item']; }
/** * Generates invoice for an item * * @param string $title plan title * @param double $cost plan cost * @param string $itemName item name * @param array $itemData item details * @param string $returnUrl return URL * @param int $planId plan id * @param bool $return true redirects to invoice payment URL * * @return string */ public function createInvoice($title, $cost, $itemName = 'members', $itemData = array(), $returnUrl = '', $planId = 0, $return = false) { if (!isset($itemData['id'])) { $itemData['id'] = 0; } $title = empty($title) ? iaLanguage::get('plan_title_' . $planId) : $title; $title .= $itemData['id'] ? ' - #' . $itemData['id'] : ''; $transactionId = uniqid('t'); $transaction = array('member_id' => (int) (isset($itemData['member_id']) && $itemData['member_id'] ? $itemData['member_id'] : iaUsers::getIdentity()->id), 'item' => $itemName, 'item_id' => $itemData['id'], 'amount' => $cost, 'currency' => $this->iaCore->get('currency'), 'sec_key' => $transactionId, 'status' => self::PENDING, 'plan_id' => $planId, 'return_url' => $returnUrl, 'operation' => $title, 'date' => date(iaDb::DATETIME_FORMAT)); $result = (bool) $this->iaDb->insert($transaction, null, $this->getTable()); $return || iaUtil::go_to(IA_URL . 'pay' . IA_URL_DELIMITER . $transactionId . IA_URL_DELIMITER); return $result ? $transactionId : false; }
protected function _sendEmailNotification(array $transaction) { // first, do check if gateway has its own email submission if ($result = $this->_doGatewayCallback($transaction['gateway'], $transaction)) { return $result; } $result1 = true; $notification = 'transaction_paid'; if ($this->iaCore->get($notification)) { $iaUsers = $this->iaCore->factory('users'); $member = $iaUsers->getById($transaction['member_id']); if (!$member) { return false; } $iaMailer = $this->iaCore->factory('mailer'); $iaMailer->loadTemplate('transaction_paid'); $iaMailer->addAddress($member['email']); $iaMailer->setReplacements($transaction); $iaMailer->setReplacements(array('email' => $member['username'], 'username' => $member['username'], 'fullname' => $member['fullname'])); $result1 = $iaMailer->send(); } // notify admin $result2 = true; $notification .= '_admin'; if ($this->iaCore->get($notification)) { $iaMailer->loadTemplate($notification); $iaMailer->addAddress($this->iaCore->get('site_email')); $iaMailer->setReplacements(array('username' => iaUsers::getIdentity()->username, 'amount' => $transaction['amount'], 'operation' => $transaction['operation'])); $result2 = $iaMailer->send(); } return $result1 && $result2; }
/** * Checks access for user and groups * @param string $params * @param int $userId * @param int $groupId * @param bool $objectId * @param bool $custom * @return bool */ public function checkAccess($params = '', $objectId = null, $userId = 0, $groupId = 0, $custom = false) { $array = explode(self::SEPARATOR, $params); $object = $array[0]; $action = iaCore::ACTION_READ; if (isset($array[1])) { $action = $array[1]; } if (false === $custom) { $this->iaCore->factory('users'); $user = iaUsers::hasIdentity() ? iaUsers::getIdentity()->id : 0; $group = iaUsers::hasIdentity() ? iaUsers::getIdentity()->usergroup_id : 0; $perms = $this->_permissions; } else { $user = isset($custom['user']) ? $custom['user'] : 0; $group = isset($custom['group']) ? $custom['group'] : 0; if (isset($custom['perms'])) { $perms = $custom['perms']; } elseif ($custom) { $perms = array(); } else { $perms = $this->getPermissions($user, $group); } } // 1. Administrators if (iaUsers::MEMBERSHIP_ADMINISTRATOR == $group) { $this->_lastStep = 1; return true; } // 2. Owner (user) if ($userId != 0 && $userId == $user) { $this->_lastStep = 2; return true; } // 3. Owner (user) if ($groupId != 0 && $groupId == $group) { $this->_lastStep = 3; return true; } if ($objectId) { $name = $this->encodeAction($object, $action, $objectId); if (isset($perms[$name])) { $perms = $perms[$name]; ksort($perms); // 4. Object privileges check (user = 0) // 5. Object privileges check (group = 1) // 6. Object privileges check (plan = 2) foreach ($perms as $type => $values) { $this->_lastStep = 4 + $type; /* if ($type == 2) { if ($values['type_id'] == $this->_planId) { return (bool)$values['access']; } } else {*/ return (bool) $values['access']; // } } } } // 7. All privileges check (user = 0) // 8. All privileges check (group = 1) // 9. All privileges check (plan = 2) $name = $object . self::DELIMITER . $action . self::DELIMITER . '0'; if (isset($perms[$name])) { $perms = $perms[$name]; ksort($perms); foreach ($perms as $type => $values) { $this->_lastStep = 7 + $type; /* if ($type == 2) { if ($values['type_id'] == $this->_planId) { return (bool)$values['access']; } } else {*/ return (bool) $values['access']; // } } } // 10. Default object value $key = $object . ($objectId ? '-' . $objectId : '') . self::DELIMITER . $action; if (isset($this->_objects[$key])) { $this->_lastStep = 10; return (bool) $this->_objects[$key]; } $this->_lastStep = 11; // 11. Default value from core return $action == iaCore::ACTION_READ; }
if ($iaUsers->hasIdentity()) { $iaDb->delete('`id` = :item_id AND `member_id` = :user AND `item` = :item', $iaItem->getFavoritesTable(), array('item_id' => $itemId, 'user' => iaUsers::getIdentity()->id, 'item' => $itemName)); } else { unset($_SESSION[iaUsers::SESSION_FAVORITES_KEY][$itemName]['items'][$itemId]); } $output['error'] = false; $output['message'] = iaLanguage::get('favorites_action_deleted'); } } $iaView->assign($output); } if (iaView::REQUEST_HTML == $iaView->getRequestType()) { $itemInfo = $fields = array(); $iaField = $iaCore->factory('field'); if ($iaUsers->hasIdentity()) { if ($favorites = $iaItem->getFavoritesByMemberId(iaUsers::getIdentity()->id)) { foreach ($favorites as $itemName => $ids) { $fields = array('id'); $class = iaCore::CORE != $itemsList[$itemName] ? $iaCore->factoryPackage('item', $itemsList[$itemName], iaCore::FRONT, $itemName) : $iaCore->factory('members' == $itemName ? 'users' : $itemName); if ($class && method_exists($class, iaUsers::METHOD_NAME_GET_FAVORITES)) { $favorites[$itemName]['items'] = $class->{iaUsers::METHOD_NAME_GET_FAVORITES}($ids); } else { if ($itemName == $iaUsers->getItemName()) { $fields[] = 'username'; $fields[] = 'fullname'; $fields[] = 'avatar'; $fields[] = 'id` `member_id'; } else { $fields[] = 'member_id'; } $stmt = iaDb::printf("`id` IN (:ids) && `status` = ':status'", array('ids' => implode(',', $ids), 'status' => iaCore::STATUS_ACTIVE));
protected function _jsonAction() { $output = array('error' => false, 'message' => array()); $transaction = array('member_id' => (int) $_POST['member'], 'plan_id' => (int) $_POST['plan'], 'email' => $_POST['email'], 'item_id' => (int) $_POST['itemid'], 'gateway' => (string) $_POST['gateway'], 'sec_key' => uniqid('t'), 'reference_id' => empty($_POST['reference_id']) ? date('mdyHis') : $_POST['reference_id'], 'amount' => (double) $_POST['amount'], 'currency' => $this->_iaCore->get('currency'), 'date' => $_POST['date'] . ' ' . $_POST['time']); if ($transaction['plan_id']) { $this->_iaCore->factory('plan'); if ($plan = $this->_iaDb->row(iaDb::ALL_COLUMNS_SELECTION, iaDb::convertIds($transaction['plan_id']), iaPlan::getTable())) { $transaction['item'] = $plan['item']; $transaction['operation'] = iaLanguage::get('plan_title_' . $plan['id']); } else { $output['error'] = true; $output['message'][] = iaLanguage::get('error_plan_not_exists'); } } else { $transaction['item'] = iaTransaction::TRANSACTION_MEMBER_BALANCE; $transaction['operation'] = iaLanguage::get('funds'); } if (isset($_POST['username']) && $_POST['username']) { if ($memberId = $this->_iaDb->one_bind(iaDb::ID_COLUMN_SELECTION, '`username` = :user', array('user' => $_POST['username']), iaUsers::getTable())) { $transaction['member_id'] = $memberId; } else { $output['error'] = true; $output['message'][] = iaLanguage::get('incorrect_username'); } } if ($transaction['email'] && !iaValidate::isEmail($transaction['email'])) { $output['error'] = true; $output['message'][] = iaLanguage::get('error_email_incorrect'); } if (isset($transaction['item']) && in_array($transaction['item'], array(iaTransaction::TRANSACTION_MEMBER_BALANCE, 'members'))) { $transaction['item_id'] = $transaction['member_id']; } if (!$output['error']) { $output['success'] = (bool) $this->_iaDb->insert($transaction); $output['message'] = $output['success'] ? iaLanguage::get('transaction_added') : iaLanguage::get('invalid_parameters'); } return $output; }
return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $entry = $iaBlog->getById($id); if (empty($entry)) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $title = iaSanitize::tags($entry['title']); iaBreadcrumb::toEnd($title); $iaView->title($title); // add open graph data $openGraph = array('title' => $title, 'url' => IA_SELF, 'description' => $entry['body']); empty($entry['image']) || ($openGraph['image'] = IA_CLEAR_URL . 'uploads/' . $entry['image']); $iaView->set('og', $openGraph); $iaView->assign('tags', $iaBlog->getTags($id)); $iaView->assign('blog_entry', $entry); if ($iaAcl->isAccessible(iaBlog::PAGE_NAME, iaCore::ACTION_EDIT) && iaUsers::hasIdentity() && iaUsers::getIdentity()->id == $entry['member_id']) { $pageActions[] = array('icon' => 'pencil', 'title' => iaLanguage::get('edit_blog_entry'), 'url' => $baseUrl . 'edit/' . $id . '/', 'classes' => 'btn-info'); $pageActions[] = array('icon' => 'remove', 'title' => iaLanguage::get('delete'), 'url' => $baseUrl . 'delete/' . $id . '/', 'classes' => 'btn-danger'); } } else { $page = empty($_GET['page']) ? 0 : (int) $_GET['page']; $page = $page < 1 ? 1 : $page; $pagination = array('start' => ($page - 1) * $iaCore->get('blog_number'), 'limit' => (int) $iaCore->get('blog_number'), 'template' => $baseUrl . '?page={page}'); $entries = $iaBlog->get($pagination['start'], $pagination['limit']); $pagination['total'] = $iaDb->foundRows(); $iaView->assign('tags', $iaBlog->getAllTags()); $iaView->assign('blog_entries', $entries); $iaView->assign('pagination', $pagination); } if ($iaAcl->isAccessible('blog', iaCore::ACTION_ADD)) { $pageActions[] = array('icon' => 'plus', 'title' => iaLanguage::get('add_blog_entry'), 'url' => $baseUrl . 'add/', 'classes' => 'btn-success');
public function install() { $iaDb =& $this->iaDb; $this->iaCore->startHook('phpExtrasInstallBefore', array('extra' => $this->itemData['name'])); $extrasList = array(); $array = $iaDb->all(array('id', 'name', 'version'), "`status` = 'active'", null, null, self::getTable()); foreach ($array as $item) { $extrasList[$item['name']] = $item; } // TODO: check for relations and deactivate all needed extras if ($this->itemData['requirements']) { $messages = array(); foreach ($this->itemData['requirements'] as $requirement) { if ($requirement['min'] || $requirement['max']) { $min = $max = false; if (isset($extrasList[$requirement['name']])) { $info = $extrasList[$requirement['name']]; $min = $requirement['min'] ? version_compare($requirement['min'], $info['version'], '<=') : true; $max = $requirement['max'] ? version_compare($requirement['max'], $info['version'], '>=') : true; } if (!$max || !$min) { $ver = ''; if ($requirement['min']) { $ver .= $requirement['min']; } if ($requirement['max']) { if ($requirement['min']) { $ver .= '-'; } $ver .= $requirement['max']; } $values = array(':extra' => $requirement['type'], ':name' => $requirement['name'], ':version' => $ver); $messages[] = iaLanguage::getf('required_extras_error', $values); $this->error = true; } else { // TODO: add relations in database to deactivate when parent is uninstalled } } } if ($this->error) { $this->setMessage(implode('<br />', $messages)); return false; } } $this->uninstall($this->itemData['name']); if (false !== stristr('update', $this->itemData['name'])) { $this->isUpdate = true; } if ($this->itemData['groups']) { $iaDb->setTable('admin_pages_groups'); $maxOrder = $iaDb->getMaxOrder(); foreach ($this->itemData['groups'] as $block) { $iaDb->insert($block, array('order' => ++$maxOrder)); } $iaDb->resetTable(); } if ($this->itemData['pages']['admin']) { $iaDb->setTable('admin_pages'); $order = (int) $iaDb->one('MAX(`order`)', "`menus` IN ('menu')"); $order = max($order, 1); foreach ($this->itemData['pages']['admin'] as $page) { if (is_null($page['order'])) { $order += 5; $page['order'] = $order; } if ($page['group']) { $this->_menuGroups[] = $page['group']; } $page['group'] = $this->_lookupGroupId($page['group']); $iaDb->insert($page); } $iaDb->resetTable(); } if ($this->itemData['actions']) { $iaDb->setTable('admin_actions'); foreach ($this->itemData['actions'] as $action) { $action['name'] = strtolower(str_replace(' ', '_', $action['name'])); if ($action['name'] && !$iaDb->exists('`name` = :name', array('name' => $action['name']))) { $action['order'] = empty($action['order']) || !is_numeric($action['order']) ? $iaDb->getMaxOrder() + 1 : $action['order']; $iaDb->insert($action); } } $iaDb->resetTable(); } if ($this->itemData['phrases']) { $this->_processPhrases($this->itemData['phrases']); } if ($this->itemData['config_groups']) { $iaDb->setTable(iaCore::getConfigGroupsTable()); $maxOrder = $iaDb->getMaxOrder(); foreach ($this->itemData['config_groups'] as $config) { $iaDb->insert($config, array('order' => ++$maxOrder)); } $iaDb->resetTable(); } if ($this->itemData['objects']) { $iaDb->setTable('acl_objects'); foreach ($this->itemData['objects'] as $obj) { if ($obj['title']) { $key = ($obj['object'] == $obj['pre_object'] ? '' : $obj['pre_object'] . '-') . $obj['object'] . '--' . $obj['action']; iaLanguage::addPhrase($key, $obj['title'], null, $this->itemData['name'], iaLanguage::CATEGORY_COMMON, false); unset($obj['title']); } $iaDb->insert($obj); } $iaDb->resetTable(); } if ($this->itemData['permissions']) { $iaDb->setTable('acl_privileges'); foreach ($this->itemData['permissions'] as $permission) { $iaDb->insert($permission); } $iaDb->resetTable(); } if ($this->itemData['config']) { $iaDb->setTable('config'); $maxOrder = $iaDb->getMaxOrder(); foreach ($this->itemData['config'] as $config) { $iaDb->insert($config, array('order' => ++$maxOrder)); } $iaDb->resetTable(); } if ($this->itemData['pages']['custom'] && $this->itemData['type'] == self::TYPE_PACKAGE) { $iaDb->setTable('items_pages'); foreach ($this->itemData['pages']['custom'] as $page) { $iaDb->insert(array('page_name' => $page['name'], 'item' => $page['item'])); } $iaDb->resetTable(); } $iaBlock = $this->iaCore->factory('block', iaCore::ADMIN); $extraPages = array(); if ($this->itemData['pages']['front']) { $pageGroups = $iaDb->keyvalue(array('name', 'id'), null, 'admin_pages_groups'); $iaDb->setTable('pages'); $maxOrder = $iaDb->getMaxOrder(); $existPages = $iaDb->keyvalue(array('name', 'id')); foreach ($this->itemData['pages']['front'] as $page) { if (!isset($existPages[$page['name']])) { if (self::TYPE_PACKAGE == $this->itemData['type'] && $page['fields_item']) { $iaDb->insert(array('page_name' => $page['name'], 'item' => $page['fields_item']), null, 'items_pages'); } $title = isset($page['title']) && $page['title'] ? $page['title'] : false; $blocks = isset($page['blocks']) && $page['blocks'] ? $page['blocks'] : false; $menus = isset($page['menus']) && $page['menus'] ? explode(',', $page['menus']) : array(); $contents = isset($page['contents']) && $page['contents'] ? $page['contents'] : false; unset($page['title'], $page['blocks'], $page['menus'], $page['contents']); $page['group'] = $pageGroups[$page['group']]; $pageId = $iaDb->insert($page, array('order' => ++$maxOrder, 'last_updated' => iaDb::FUNCTION_NOW)); empty($title) || $this->_addPhrase('page_title_' . $page['name'], $title, iaLanguage::CATEGORY_PAGE); // TODO: should be handled by iaBlock if ($blocks) { $blocks = $iaDb->keyvalue(array('name', 'id'), "`name` IN ('" . implode("','", $blocks) . "')", iaBlock::getTable(), 0, 1); foreach ($blocks as $blockId) { $iaDb->insert(array('object_type' => 'blocks', 'object' => $blockId, 'page_name' => $page['name']), null, 'objects_pages'); } } if (!is_int($page['group'])) { $page['group'] = $this->_lookupGroupId($page['group']); } if ($menus) { $iaDb->setTable(iaBlock::getTable()); $added = array(); $items = array(); $menusData = $iaDb->keyvalue(array('id', 'name'), "`type` = 'menu'"); $db = false; foreach ($menusData as $id => $name) { if (in_array($name, $menus)) { $added[] = $name; $items[] = array('parent_id' => 0, 'menu_id' => $id, 'el_id' => $pageId . '_' . iaUtil::generateToken(4), 'level' => 0, 'page_name' => $page['name']); $db = true; $this->iaCore->iaCache->remove('menu_' . $id . '.inc'); } } if ($db) { $iaDb->insert($items, null, iaBlock::getMenusTable()); } foreach ($menus as $val) { if (!in_array($val, $added)) { $menuItem = array('type' => iaBlock::TYPE_MENU, 'status' => iaCore::STATUS_ACTIVE, 'position' => 'left', 'collapsible' => true, 'title' => $this->itemData['info']['title'], 'extras' => $this->itemData['name'], 'name' => $this->itemData['name'], 'sticky' => true, 'removable' => false); $menuItem['id'] = $iaBlock->insert($menuItem); $contents = array('parent_id' => 0, 'menu_id' => $menuItem['id'], 'el_id' => $pageId . '_' . iaUtil::generateToken(5), 'level' => 0, 'page_name' => $page['name']); $iaDb->insert($contents, null, iaBlock::getMenusTable()); } } $iaDb->resetTable(); } empty($contents) || $this->_addPhrase('page_content_' . $page['name'], $contents, iaLanguage::CATEGORY_PAGE); $extraPages[] = $page['name']; } } $iaDb->resetTable(); } if ($this->itemData['blocks']) { $iaBlock = $this->iaCore->factory('block', iaCore::ADMIN); foreach ($this->itemData['blocks'] as $block) { $iaBlock->insert($block); } } if ($this->itemData['hooks']) { $iaDb->setTable('hooks'); $maxOrder = $iaDb->getMaxOrder(); foreach ($this->itemData['hooks'] as $hook) { $array = explode(',', $hook['name']); foreach ($array as $hookName) { if (trim($hookName)) { $hook['name'] = $hookName; if (isset($hook['code']) && $hook['code']) { $hook['code'] = str_replace('{extras}', $this->itemData['name'], $hook['code']); } $rawValues = array(); if (!isset($hook['order'])) { $rawValues['order'] = ++$maxOrder; } $iaDb->insert($hook, $rawValues); } } } $iaDb->resetTable(); } if ($this->itemData['usergroups']) { $this->iaCore->factory('acl'); $iaDb->setTable(iaUsers::getUsergroupsTable()); foreach ($this->itemData['usergroups'] as $item) { if (!$iaDb->exists('`name` = :name', array('name' => $item['name']))) { $configs = $item['configs']; $permissions = $item['permissions']; $groupId = $iaDb->insert(array('extras' => $item['extras'], 'name' => $item['name'], 'system' => true, 'assignable' => $item['assignable'], 'visible' => $item['visible'])); // update language records $this->_addPhrase('usergroup_' . $item['name'], $item['title']); $iaDb->setTable(iaCore::getCustomConfigTable()); $iaDb->delete('`type` = :type AND `type_id` = :id', null, array('type' => iaAcl::GROUP, 'id' => $groupId)); foreach ($configs as $config) { $data = array('name' => $config['name'], 'value' => $config['value'], 'type' => iaAcl::GROUP, 'type_id' => $groupId, 'extras' => $this->itemData['name']); $iaDb->insert($data); } $iaDb->resetTable(); $iaDb->setTable('acl_privileges'); $iaDb->delete('`type` = :type AND `type_id` = :id', null, array('type' => iaAcl::GROUP, 'id' => $groupId)); foreach ($permissions as $permission) { $data = array('object' => $permission['object'], 'object_id' => $permission['object_id'], 'action' => $permission['action'], 'access' => $permission['access'], 'type' => iaAcl::GROUP, 'type_id' => $groupId, 'extras' => $permission['extras']); $iaDb->insert($data); } $iaDb->resetTable(); } } $iaDb->resetTable(); } $extraEntry = array_merge($this->itemData['info'], array('name' => $this->itemData['name'], 'type' => $this->itemData['type'])); unset($extraEntry['date']); if ($this->itemData['sql']['uninstall']) { $extraEntry['uninstall_sql'] = serialize($this->itemData['sql']['uninstall']); } if ($this->itemData['code']['uninstall']) { $extraEntry['uninstall_code'] = $this->itemData['code']['uninstall']; } if ($this->itemData['sql']['install']) { $this->_processQueries($this->itemData['sql']['install']); } if (self::TYPE_PACKAGE == $this->itemData['type']) { $extraEntry['url'] = $this->_url; } if ($this->itemData['items']) { $extraEntry['items'] = serialize($this->itemData['items']); $iaDb->setTable('items'); foreach ($this->itemData['items'] as $item) { $iaDb->insert(array_merge($item, array('package' => $this->itemData['name']))); } $iaDb->resetTable(); } $this->iaCore->factory('field'); $fieldGroups = $iaDb->keyvalue('CONCAT(`item`, `name`) `key`, `id`', null, iaField::getTableGroups()); if ($this->itemData['item_field_groups']) { $maxOrder = $iaDb->getMaxOrder(iaField::getTableGroups()); foreach ($this->itemData['item_field_groups'] as $item) { $item['order'] || ($item['order'] = ++$maxOrder); if ($item['title'] && !$iaDb->exists("`key` = 'fieldgroup_{$item['name']}' AND `code`='" . $this->iaView->language . "'", null, iaLanguage::getTable())) { $this->_addPhrase('fieldgroup_' . $item['name'], $item['title']); } unset($item['title']); $description = 'fieldgroup_description_' . $item['item'] . '_' . $item['name']; if (!$iaDb->exists('`key` = :key AND `code` = :language', array('key' => $description, 'language' => $this->iaView->language), iaLanguage::getTable())) { // insert fieldgroup description iaLanguage::addPhrase($description, $item['description'], null, $this->itemData['name'], iaLanguage::CATEGORY_COMMON, false); } unset($item['description']); $fieldGroups[$item['item'] . $item['name']] = $iaDb->insert($item, null, iaField::getTableGroups()); } } if ($this->itemData['item_fields']) { $iaDb->setTable(iaField::getTable()); $maxOrder = $iaDb->getMaxOrder(iaField::getTable()); foreach ($this->itemData['item_fields'] as $item) { if (!$iaDb->exists('`item` = :item AND `name` = :name', array('item' => $item['item'], 'name' => $item['name']))) { $item['order'] || ($item['order'] = ++$maxOrder); $item['fieldgroup_id'] = isset($fieldGroups[$item['item'] . $item['group']]) ? $fieldGroups[$item['item'] . $item['group']] : 0; $this->_addPhrase('field_' . $item['name'], $item['title']); unset($item['group'], $item['title']); if (is_array($item['numberRangeForSearch'])) { foreach ($item['numberRangeForSearch'] as $num) { $this->_addPhrase('field_' . $item['name'] . '_range_' . $num, $num, iaLanguage::CATEGORY_FRONTEND); } } unset($item['numberRangeForSearch']); if ('dependent' == $item['relation']) { $iaDb->setTable(iaField::getTableRelations()); foreach (explode(';', $item['parent']) as $parent) { $list = explode(':', $parent); if (2 == count($list)) { list($fieldName, $fieldValues) = $list; foreach (explode(',', $fieldValues) as $fieldValue) { $entryData = array('field' => $fieldName, 'element' => $fieldValue, 'child' => $item['name'], 'item' => $item['item'], 'extras' => $this->itemData['name']); $iaDb->insert($entryData); } } } $iaDb->resetTable(); } unset($item['parent']); if (is_array($item['values'])) { foreach ($item['values'] as $key => $value) { $key = sprintf('field_%s_%s', $item['name'], $key); $this->_addPhrase($key, $value); } if ($item['default']) { // TODO: multiple default values for checkboxes should be implemented if (!in_array($item['default'], array_keys($item['values']))) { $item['default'] = array_search($item['default'], $item['values']); } } $item['values'] = implode(',', array_keys($item['values'])); } $fieldPages = $item['item_pages'] ? $item['item_pages'] : array(); $tableName = $item['table_name']; $className = $item['class_name']; unset($item['item_pages'], $item['table_name'], $item['class_name']); $fieldId = $iaDb->insert($item); $item['table_name'] = $tableName; $item['class_name'] = $className; if ($fieldPages) { foreach ($fieldPages as $pageName) { if (trim($pageName) != '') { $iaDb->insert(array('page_name' => $pageName, 'field_id' => $fieldId, 'extras' => $this->itemData['name']), null, iaField::getTablePages()); } } } $iaDb->setTable($tableName); $tableFields = $iaDb->describe(); $isExist = false; foreach ($tableFields as $f) { if ($f['Field'] == $item['name']) { $isExist = true; break; } } if (!$isExist) { $this->_addAlter($item); } $iaDb->resetTable(); } else { $stmt = '`item` = :item AND `name` = :name'; $iaDb->bind($stmt, $item); $iaDb->update(null, $stmt, array('extras' => "CONCAT(`extras`, ',', '" . $this->itemData['name'] . "')")); } } $iaDb->resetTable(); } $rollbackData = array(); if ($this->itemData['changeset']) { $tablesMapping = array('block' => 'blocks', 'field' => 'fields', 'menu' => 'blocks'); foreach ($this->itemData['changeset'] as $entry) { if (!isset($tablesMapping[$entry['type']])) { continue; } switch ($entry['type']) { case 'field': list($fieldName, $itemName) = explode('-', $entry['name']); if (empty($fieldName) || empty($itemName)) { continue; } $stmt = iaDb::printf("`name` = ':name' AND `item` = ':item'", array('name' => $fieldName, 'item' => $itemName)); break; default: $stmt = iaDb::printf("`name` = ':name'", $entry); } $tableName = $tablesMapping[$entry['type']]; $name = $entry['name']; unset($entry['type'], $entry['name']); $entryData = $iaDb->row('`' . implode('`,`', array_keys($entry)) . '`', $stmt, $tableName); if ($iaDb->update($entry, $stmt, null, $tableName)) { $rollbackData[$tableName][$name] = $entryData; } } } $extraEntry['rollback_data'] = empty($rollbackData) ? '' : serialize($rollbackData); if (self::TYPE_PLUGIN == $this->itemData['type']) { $extraEntry['removable'] = !in_array($this->itemData['name'], $this->_builtinPlugins); } if (!$this->isUpdate) { $this->iaCore->startHook('phpExtrasInstallBeforeSql', array('extra' => $this->itemData['name'], 'data' => &$this->itemData['info'])); $iaDb->insert($extraEntry, array('date' => iaDb::FUNCTION_NOW), self::getTable()); } $this->_processCategory($extraEntry); if ($this->itemData['code']['install']) { $this->_runPhpCode($this->itemData['code']['install']); } if ($this->itemData['cron_jobs']) { $this->iaCore->factory('cron'); foreach ($this->itemData['cron_jobs'] as $job) { $job['extras'] = $this->itemData['name']; $iaDb->insert($job, null, iaCron::getTable()); } } $this->iaCore->startHook('phpExtrasInstallAfter', array('extra' => $this->itemData['name'])); $this->iaCore->factory('cache')->clearAll(); return true; }
protected function _assignValues(&$iaView, array &$entryData) { $iaUsers = $this->_iaCore->factory('users'); $owner = empty($entryData['member_id']) ? iaUsers::getIdentity(true) : $iaUsers->getInfo($entryData['member_id']); $entryData['owner'] = $owner['fullname'] . " ({$owner['email']})"; /* commented for cases when SET SESSION group_concat_max_len doesn't work $tagIds = $this->_iaDb->all('tag_id', "`blog_id` = {$this->getEntryId()}",0, null, $this->_tableBlogEntriesTags); $entryData['tags'] = ''; foreach ($tagIds as $tagId) { $tags = $this->_iaDb->all('title', "`id` = {$tagId['tag_id']}",0, null, $this->_tableBlogTags); $entryData['tags'] .= $tags[0]['title'] . ','; } $entryData['tags'] = rtrim($entryData['tags'], ','); */ $this->_iaDb->query("SET SESSION group_concat_max_len = 2000"); if ($this->getEntryId()) { $entryData['tags'] = $this->getHelper()->getTags($this->getEntryId()); } else { if (isset($_POST['tags'])) { $entryData['tags'] = iaSanitize::sql($_POST['tags']); } } }
public function parsePost(array $fields, $previousValues = null) { $iaCore =& $this->iaCore; $error = false; $messages = array(); $invalidFields = array(); $item = array(); $data =& $_POST; // access to the data source by link if (iaCore::ACCESS_ADMIN == $this->iaCore->getAccessType()) { if (isset($data['sponsored'])) { $item['sponsored'] = (int) $data['sponsored']; $item['sponsored_plan_id'] = $item['sponsored'] ? (int) $data['plan_id'] : 0; $item['sponsored_start'] = $item['sponsored'] ? date(iaDb::DATETIME_SHORT_FORMAT) : null; $item['sponsored_end'] = $item['sponsored'] ? $data['sponsored_end'] : null; } if (isset($data['featured'])) { $item['featured'] = (int) $data['featured']; if ($item['featured']) { if (isset($data['featured_end']) && $data['featured_end']) { $item['featured_start'] = date(iaDb::DATETIME_SHORT_FORMAT); $item['featured_end'] = iaSanitize::html($data['featured_end']); } else { $error = true; $messages[] = iaLanguage::get('featured_status_finished_date_is_empty'); $invalidFields[] = 'featured_end'; } } else { $item['featured_start'] = null; $item['featured_end'] = null; } } if (isset($data['status'])) { $item['status'] = iaSanitize::html($data['status']); } if (isset($data['date_added'])) { $time = strtotime($data['date_added']); if (!$time) { $error = true; $messages[] = iaLanguage::get('added_date_is_incorrect'); } elseif ($time > time()) { $error = true; $messages[] = iaLanguage::get('future_date_specified_for_added_date'); } else { $item['date_added'] = date(iaDb::DATETIME_SHORT_FORMAT, $time); } } if (isset($data['owner'])) { if (empty($data['owner'])) { $error = true; $messages[] = iaLanguage::get('owner_is_not_specified'); } else { if ($memberId = $iaCore->iaDb->one_bind('id', '`username` = :name OR `fullname` = :name', array('name' => iaSanitize::sql($_POST['owner'])), iaUsers::getTable())) { $item['member_id'] = $memberId; } else { $error = true; $messages[] = iaLanguage::get('incorrect_owner_specified'); } } } if (isset($data['locked'])) { $item['locked'] = (int) $data['locked']; } } // the code block below filters fields based on parent/dependent structure $activeFields = array(); $parentFields = array(); foreach ($fields as $field) { $activeFields[$field['name']] = $field; if (iaField::RELATION_PARENT == $field['relation']) { $parentFields[$field['name']] = $field['children']; } } foreach ($parentFields as $fieldName => $dependencies) { if (isset($data[$fieldName])) { $value = $data[$fieldName]; foreach ($dependencies as $dependentFieldName => $values) { if (!in_array($value, $values)) { unset($activeFields[$dependentFieldName]); } } } } // $iaCore->factory('util'); iaUtil::loadUTF8Functions('validation', 'bad'); foreach ($activeFields as $fieldName => $field) { isset($data[$fieldName]) || ($data[$fieldName] = ''); // Check the UTF-8 is well formed if (!is_array($data[$fieldName]) && !utf8_is_valid($data[$fieldName])) { $data[$fieldName] = utf8_bad_replace($data[$fieldName]); } if ($field['extra_actions']) { if (false === eval($field['extra_actions'])) { continue; // make possible to stop further processing of this field by returning FALSE } } if (in_array($field['type'], array(self::TEXT, self::TEXTAREA, self::NUMBER, self::RADIO, self::CHECKBOX, self::COMBO))) { if ($field['required']) { if ($field['required_checks']) { eval($field['required_checks']); } if (empty($data[$fieldName])) { $error = true; $messages[] = in_array($field['type'], array(self::RADIO, self::CHECKBOX, self::COMBO)) ? iaLanguage::getf('field_is_not_selected', array('field' => iaLanguage::get('field_' . $fieldName))) : iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } } switch ($field['type']) { case self::NUMBER: $item[$fieldName] = (double) str_replace(' ', '', $data[$fieldName]); break; case self::TEXT: $item[$fieldName] = iaSanitize::tags($data[$fieldName]); break; case self::TEXTAREA: $item[$fieldName] = $field['use_editor'] ? iaUtil::safeHTML($data[$fieldName]) : iaSanitize::tags($data[$fieldName]); break; default: $item[$fieldName] = is_array($data[$fieldName]) ? implode(',', $data[$fieldName]) : $data[$fieldName]; } } elseif (self::DATE == $field['type']) { if ($field['required'] && $field['required_checks']) { eval($field['required_checks']); } elseif ($field['required'] && empty($data[$fieldName])) { $error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } $data[$fieldName] = trim($data[$fieldName]); if (empty($data[$fieldName])) { $item[$fieldName] = $field['allow_null'] ? null : ''; } else { if (strpos($data[$fieldName], ' ') === false) { $date = $data[$fieldName]; $time = false; } else { list($date, $time) = explode(' ', $data[$fieldName]); } // FIXME: f*****g shit $array = explode('-', $date); $year = (int) $array[0]; $month = max(1, (int) $array[1]); $day = max(1, (int) $array[2]); $year = strlen($year) == 4 ? $year : 2000; $month = strlen($month) < 2 ? '0' . $month : $month; $day = strlen($day) < 2 ? '0' . $day : $day; $item[$fieldName] = $year . '-' . $month . '-' . $day; if ($field['timepicker'] && $time) { $time = explode(':', $time); $hour = max(1, (int) $time[0]); $minute = max(1, (int) $time[1]); $seconds = max(1, (int) $time[2]); $hour = strlen($hour) < 2 ? '0' . $hour : $hour; $minute = strlen($minute) < 2 ? '0' . $minute : $minute; $seconds = strlen($seconds) < 2 ? '0' . $seconds : $seconds; $item[$fieldName] .= ' ' . $hour . ':' . $minute . ':' . $seconds; } } } elseif (self::URL == $field['type']) { $validProtocols = array('http://', 'https://'); $item[$fieldName] = ''; $req_error = false; if ($field['required']) { if ($field['required_checks']) { eval($field['required_checks']); } elseif (empty($data[$fieldName]['url']) || in_array($data[$fieldName]['url'], $validProtocols)) { $error = $req_error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } } if (!$req_error && !empty($data[$fieldName]['url']) && !in_array($data[$fieldName]['url'], $validProtocols)) { if (false === stripos($data[$fieldName]['url'], 'http://') && false === stripos($data[$fieldName]['url'], 'https://')) { $data[$fieldName]['url'] = 'http://' . $data[$fieldName]['url']; } if (iaValidate::isUrl($data[$fieldName]['url'])) { $item[$fieldName] = array(); $item[$fieldName]['url'] = iaSanitize::tags($data[$fieldName]['url']); $item[$fieldName]['title'] = empty($data[$fieldName]['title']) ? str_replace($validProtocols, '', $data[$fieldName]['url']) : $data[$fieldName]['title']; $item[$fieldName] = implode('|', $item[$fieldName]); } else { $error = true; $messages[] = iaLanguage::get('field_' . $fieldName) . ': ' . iaLanguage::get('error_url'); $invalidFields[] = $fieldName; } } } elseif (in_array($field['type'], array(self::IMAGE, self::STORAGE, self::PICTURES)) && is_array($_FILES[$fieldName]['tmp_name']) && !empty($_FILES[$fieldName]['tmp_name'])) { if (!is_writable(IA_UPLOADS)) { $error = true; $messages[] = iaLanguage::get('error_directory_readonly'); } else { // run required field checks if ($field['required'] && $field['required_checks']) { eval($field['required_checks']); } elseif ($field['required'] && empty($_FILES[$fieldName]['tmp_name'])) { $error = true; $messages[] = iaLanguage::getf('field_is_empty', array('field' => iaLanguage::get('field_' . $fieldName))); $invalidFields[] = $fieldName; } // custom folder for uploaded images if (!empty($field['folder_name'])) { if (!is_dir(IA_UPLOADS . $field['folder_name'])) { mkdir(IA_UPLOADS . $field['folder_name']); } $path = $field['folder_name'] . IA_DS; } else { $path = iaUtil::getAccountDir(); } $item[$fieldName] = isset($data[$fieldName]) && $data[$fieldName] ? $data[$fieldName] : array(); // initialize class to work with images $methodName = self::STORAGE == $field['type'] ? '_processFileField' : '_processImageField'; // process uploaded files foreach ($_FILES[$fieldName]['tmp_name'] as $id => $tmp_name) { if ($_FILES[$fieldName]['error'][$id]) { continue; } // files limit exceeded or rewrite image value if (self::IMAGE != $field['type'] && count($item[$fieldName]) >= $field['length']) { break; } $file = array(); foreach ($_FILES[$fieldName] as $key => $value) { $file[$key] = $_FILES[$fieldName][$key][$id]; } $processing = self::$methodName($field, $file, $path); // 0 - filename, 1 - error, 2 - textual error description if (!$processing[1]) { $fieldValue = array('title' => isset($data[$fieldName . '_title'][$id]) ? substr(trim($data[$fieldName . '_title'][$id]), 0, 100) : '', 'path' => $processing[0]); if (self::IMAGE == $field['type']) { $item[$fieldName] = $fieldValue; } else { $item[$fieldName][] = $fieldValue; } } else { $error = true; $messages[] = $processing[2]; } } } // If already has images, append them. $item[$fieldName] = empty($item[$fieldName]) ? '' : serialize(array_merge($item[$fieldName])); // array_merge is used to reset numeric keys } if (isset($item[$fieldName])) { // process hook if field value exists $iaCore->startHook('phpParsePostAfterCheckField', array('field_name' => $fieldName, 'item' => &$item[$fieldName], 'value' => $field, 'error' => &$error, 'error_fields' => &$invalidFields, 'msg' => &$messages)); } } return array($item, $error, $messages, implode(',', $invalidFields)); }
<?php //##copyright## $iaDb->setTable('blog_entries'); if (iaView::REQUEST_HTML == $iaView->getRequestType()) { if (isset($iaCore->requestPath[0])) { $id = (int) $iaCore->requestPath[0]; if (!$id) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $sql = 'SELECT b.`id`, b.`title`, b.`date_added`, b.`body`, b.`alias`, b.`image`, m.`fullname` ' . 'FROM `:prefix:table_blog_entries` b ' . 'LEFT JOIN `:prefix:table_members` m ON (b.`member_id` = m.`id`) ' . 'WHERE b.`id` = :id AND b.`status` = \':status\' '; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries' => 'blog_entries', 'table_members' => iaUsers::getTable(), 'id' => iaSanitize::sql($id), 'status' => iaCore::STATUS_ACTIVE)); $blogEntry = $iaDb->getRow($sql); $sql = 'SELECT DISTINCT bt.`title`, bt.`alias` ' . 'FROM `:prefix:table_blog_tags` bt ' . 'LEFT JOIN `:prefix:table_blog_entries_tags` bet ON (bt.`id` = bet.`tag_id`) ' . 'WHERE bet.`blog_id` = :id'; $sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries_tags' => 'blog_entries_tags', 'table_blog_tags' => 'blog_tags', 'id' => iaSanitize::sql($id))); $blogTags = $iaDb->getAll($sql); if (empty($blogEntry)) { return iaView::errorPage(iaView::ERROR_NOT_FOUND); } $title = iaSanitize::tags($blogEntry['title']); iaBreadcrumb::toEnd($title); $iaView->title($title); // add open graph data $openGraph = array('title' => $title, 'url' => IA_SELF, 'description' => $blogEntry['body']); if ($blogEntry['image']) { $openGraph['image'] = IA_CLEAR_URL . 'uploads/' . $blogEntry['image']; } $iaView->set('og', $openGraph); $iaView->assign('tags', $blogTags); $iaView->assign('blog_entry', $blogEntry); } else {
private function _getUsersSpecificConfig() { $sql = 'SELECT c.`name`, c.`value` ' . 'FROM `:prefix:table_custom_config` c, `:prefix:table_members` m ' . "WHERE c.`type` = ':type' AND c.`type_id` = m.`usergroup_id` AND m.`id` = :id"; $sql = iaDb::printf($sql, array('prefix' => $this->_iaDb->prefix, 'table_custom_config' => iaCore::getCustomConfigTable(), 'table_members' => iaUsers::getTable(), 'id' => $this->_typeId)); return ($rows = $this->_iaDb->getKeyValue($sql)) ? $rows : array(); }