Exemplo n.º 1
0
	public static function cleanData ($data, $type = 'standard')
	{
		$magicquotes = (get_magic_quotes_gpc() == 1 ? true : false);
		if (is_array($data))
		{
			foreach ($data as $k => $v)
			{
				$data[$k] = janitor::cleanData($v, $type);
			}
		} else
		{
			# Actual processing
			switch ($type)
			{
				case "standard":
					$data = ($magicquotes ? $data : addslashes($data));
					break;
				case "sql":
					$data = ($magicquotes ? database::escape(stripslashes($data)) : database::escape($data));
					break;
				case "html":
					$data = htmlentities(
					($magicquotes ? database::escape(stripslashes($data)) : database::escape($data)));
					break;
				case "integer":
					$data = intval($data);
					break;
			}
		}
		return $data;
	}
Exemplo n.º 2
0
	/**
	 * quickbox::__construct()
	 *
	 * @param array $init Initialization configuration
	 *
	 * Constructor which basically creates quickbox
	 * and readies it for doing things.
	 */
	public function __construct ($init)
	{
		# We need to include initialize the config class because it allows us to get and
		# set configuration variables without using a global
		require $init['quickbox/path'] . '/classes/core/config.class.php';
		config::init($init);
		define(DEBUG, config::get('debug'));
		# Start a database connection
		$this->db = new database();
		try
		{
			$this->db->init();
		} catch (Exception $e)
		{
			trigger_error(text::get('system/fatalError',$e->getMessage()), E_USER_ERROR);
		}
		require $init['quickbox/path'] . '/classes/core/metaclass.class.php';
		metaclass::init($this->db);
		# Put the post and get variables into a private for later use.
		$_POST = $_POST;
		$this->qbGet = $_GET;
		# Start the session, giving it the database connection.
		$this->qbSession = new session($this->db);
		if ($this->qbGet['page'] == 'logout')
		{
			$this->qbSession->logout();
		}
		$this->qbSession->checkCookie();
		if (strlen($_POST['user']) > 0 && $_POST['login'] == 1)
		{
			$this->qbErrors['login'] = $this->qbSession->login($_POST['user'], $_POST['password']);
		}
		$this->qbPage = ($_GET['page'] ? janitor::cleanData($_GET['page']) : 'home');
	}
Exemplo n.º 3
0
	public function checkCookie ($cookie)
	{
		$user = janitor::cleanData($cookie['user'], 'sql');
		$query = new query();
		$query->select()->from('userUsers')->joinLeft('userGroups', 'userUsers.group', 'id')->where('username', $user)->limit(
		'1');
		$result = $this->sDb->query($query);
		if ($this->sDb->numRows($result) > 0)
		{
			$data = $this->sDb->assoc($result);
			if ($cookie['hash'] == md5(md5($data['email']) . $data['email']))
			{
				$query = new query();
				$this->user = $user;
				$this->userData = $data;
				$this->setCookie($user, $_SESSION['userdata']['email']);
				$this->setSession();
			}
		}
	}
Exemplo n.º 4
0
	function output ()
	{
		# Make GET and POST safe for the template if there are no magicquotes
		$safePost = janitor::cleanData($_POST);
		$safeGet = janitor::cleanData($_GET);
		include $this->dInclude;
		# Standard page data
		include $this->dispatcherPath("standardPage");
		$this->dOutput['debug'] = config::get('quickbox/debug');
		$this->dOutput['pageName'] = $this->dPageName;
		$this->dOutput['path'] = $this->dPage['path'];
		$this->dOutput['hostpage'] = $this->dPage['hostpage'];
		$this->dOutput['title'] = $this->dPage['title'];
		$this->dOutput['sCssId'] = $this->dPage['sCssId'];
		$this->dOutput['sName'] = $this->dPage['sName'];
		$this->dOutput['sTitle'] = $this->dPage['sTitle'];
		$this->dOutput['pageTitle'] = ($this->dOutput['pageTitle'] ? $this->dOutput['pageTitle'] : $this->dPage['pageTitle']);
		$this->dOutput['pagePrefix'] = config::get('site/pagePrefix');
		$this->dOutput['htmlRoot'] = config::get('site/htmlRoot');
		$this->dOutput['pageVars'] = $this->dPage['pageVars'];
		$this->dOutput['isDefaultPage'] = ($this->dPage['sDefaultPage'] == $this->dPageName ? true : false);
		return $this->dOutput;
	}
Exemplo n.º 5
0
	public function makeTable ($fields = false)
	{
		if (! $fields)
		{
			$fields[] = 'id';
			foreach ($this->definitions as $k => $v)
			{
				if ($v['ontable'])
				{
					$fields[] = $k;
				}
				if ($v['linkfield'])
				{
					$linkfield = $k;
				}
			}
		}
		$fields2['id'] = "ID";
		foreach ($fields as $v)
		{
			$fields2[$v] = $this->definitions[$v]['title'];
		}
		$fields2['delete'] = "";
		$table = new table($fields2, array (
			'class' => 'span-16'
		));
		$fieldsList = metaclass::getItems($this->table, $fields, $this->keyField);
		foreach ($fieldsList as $k => $v)
		{
			$v['delete'] = text::get('form/delete');
			$table->addRow($v, 
					array (
						$linkfield => array (
							'type' => 'link' , 
							'href' => $this->urlbase . '?id=' . $v['id']
						) , 
						'delete' => array (
							'type' => 'link' , 
							'href' => 'javascript:deleteitem(\'' . $v['id'] . '\',\'' . janitor::cleanData(
									$v['title']) . '\',\'' . $this->urlbase . '\')'
						)
					));
		}
		return $table->output();
	}
Exemplo n.º 6
0
	/**
	 * Saves an instantiated object to its respective table as a record.
	 *
	 * @return boolean Whether or not object could be saved.
	 */
	public function saveObject ()
	{
		try
		{
			# Validation bit
			$validate = new validate(metaclass::$db);
			$validate->exec($this);
			if (! $validate->valid)
			{
				$this->invalid = $validate->invalid;
				return false;
			} else
			{
				if (! metaclass::checkTable($this))
				{
					metaclass::createTable($this->table, $this->definitions);
				}
				if (janitor::notNull($this->id))
				{
					# Updating existing row, editing object.
					foreach ($this->definitions as $k => $v)
					{
						$queryStatements[$k] = janitor::cleanData($this->properties[$k], 'sql');
					}
					$query = new query();
					$query->update($this->table)->set($queryStatements)->where('id', janitor::cleanData($this->id));
					if (! metaclass::$db->query($query))
					{
						return false;
					}
				} else
				{
					# Inserting new row, creating object.
					foreach ($this->properties as $k => $v)
					{
						$queryFields[] = $k;
						$queryData[] = janitor::cleanData($v, 'sql');
					}
					$query = new query();
					$query->insert($this->table, $queryFields)->values($queryData);
					if (! metaclass::$db->query($query))
					{
						return false;
					}
				}
				return true;
			}
		} catch (Exception $e)
		{
			trigger_error($e->getMessage(), E_USER_ERROR);
		}
	}