/**
* Return criteria of fulltext search
* @param string $text search keyword
* @param string $mode search mode
*/
public function return_fulltext_criteria($text, $mode = null)
{
$text = $this->DB->escape($text);
$fields = $this->settings['fulltext_field'];
$mode = $mode ? " IN " . $mode : "";
$return = array('where_sql' => array("MATCH (search_field) AGAINST (" . $text . $mode . ")"));
return $return;
}
/**
* Return escaped string
*
* @param string $var string to be escaped
* @return string
*/
public function escape($var)
{
if (!is_null($this->_provider)) {
return $this->_provider->escape($var);
} else {
return $var;
}
}
/**
* Checks to see if $username and $password are valid credentials.
*
* @return integer 0 = false; X > 1 = Userid
*/
function is_valid_login($username, $password)
{
$result = $this->db->query("\n\t\t\tSELECT userid\n\t\t\tFROM {$this->dbprefix}user\n\t\t\tWHERE \n\t\t\t\tusername = "******" and\n\t\t\t\tpassword = md5(concat(md5(" . $this->db->escape($password) . "), salt))\n\t\t");
$user = $result->result_array();
if (empty($user)) {
return false;
}
return intval($user[0]['userid']);
}
/**
* Returns db-rows of images matching the search string
* E.g. useful for a search mambot
*
* @param string $searchstring The string to use for the search
* @param array $access Access levels to filter for, null to use the ones of the current user
* @param string $sorting Sorting string
* @param int $numPics Limit number of images, leave away to return all
* @param int $limitStart Where to start returning $numPics images
* @return array An array of image objects from the database
* @since 1.0.0
*/
public function getPicsBySearch($searchstring, $access = null, $sorting = null, $numPics = null, $limitStart = 0)
{
$query = $this->getImagesQuery($access);
$this->addSearchTerms($query, $searchstring);
if ($sorting) {
$query->order($this->_db->escape($sorting));
}
$this->_db->setQuery($query, $limitStart, $numPics);
return $this->_db->loadObjectList();
}
/**
* Invoke controller targeted action method.
* If not found the default action will be invoked instead.
*
* @throws \InvalidArgumentException
*/
protected function invokeAction()
{
if (is_object($this->instance)) {
$action = $this->app->escape($this->getParams('@action'));
$action .= static::ACTION_SUFFIX;
if (!method_exists($this->instance, $action)) {
$this->app->response->setStatus(404);
throw new \BadMethodCallException('Controller action method [' . $action . '] not found.');
}
call_user_func([$this->instance, $action]);
}
return $this;
}
public function instr($where, $type = "AND")
{
foreach ($where as $k => $v) {
$prefix = count($this->_instr) == 0 ? '' : $type . ' ';
$arr = array();
$v = str_replace("+", " ", $v);
$values = explode(' ', $v);
foreach ($values as $value) {
$arr[] = 'INSTR(' . $k . ', ' . self::$db->escape($value) . ')';
}
$this->_instr[] = $prefix . '(' . implode(" OR ", $arr) . ') ';
}
return $this;
}
/**
* Checks if specified field exists in table
*
* true = exists
* false = doesnt exist
*
* @access public
* @param mixed $fieldname
* @return bool
*/
public function field_exists($tablename, $fieldname)
{
# escape
$tableName = $this->Database->escape($tablename);
# check
$query = "DESCRIBE `{$tablename}` `{$fieldname}`;";
try {
$count = $this->Database->getObjectQuery($query);
} catch (Exception $e) {
$this->Result->show("danger", $e->getMessage(), true);
return false;
}
# return true if it exists
return sizeof($count) > 0 ? true : false;
}
/**
* Field attribute DEFAULT
*
* @param
* array &$attributes
* @param
* array &$field
* @return void
*/
protected function _attr_default(&$attributes, &$field)
{
if ($this->_default === FALSE) {
return;
}
if (array_key_exists('DEFAULT', $attributes)) {
if ($attributes['DEFAULT'] === NULL) {
$field['default'] = empty($this->_null) ? '' : $this->_default . $this->_null;
// Override the NULL attribute if that's our default
$attributes['NULL'] = TRUE;
$field['null'] = empty($this->_null) ? '' : ' ' . $this->_null;
} else {
$field['default'] = $this->_default . $this->db->escape($attributes['DEFAULT']);
}
}
}
/**
* Restores the parameters saved of a given extension in the database
*
* @access public
* @param Array $manifestInformation the infomration identidying the extension
* @param String $savedParameters the previously saved parameters
*/
function restoreParameters($manifestInformation, $savedParameters)
{
// Load the new settings
switch ($manifestInformation["type"]) {
case "component":
$qry_load = "SELECT * FROM `#__components`" . " WHERE `name` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
break;
case "module":
$qry_load = "SELECT * FROM `#__modules`" . " WHERE `module` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
break;
case "plugin":
$qry_load = "SELECT * FROM `#__plugins`" . " WHERE `folder` = '" . $this->_db->escape($manifestInformation["group"]) . "' && " . "`element` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
break;
default:
return;
}
// Load new parameters from the DB
$this->_db->setQuery($qry_load);
$obj = $this->_db->loadObject();
// enabled: keep the old parameter
// access: keep the old parameter
// published: keep the old parameter
// params: merge (older is more important than defaut new)
// Converting to Object Format
$new_params = DSCParameterFormatINI::stringToObject($obj->params);
$old_params = DSCParameterFormatINI::stringToObject($savedParameters->params);
$old_params = (object) array_merge((array) $new_params, (array) $old_params);
// Converting back to INI format
$savedParameters->params = DSCParameterFormatINI::object__toString($old_params, '');
// Save the merged new / old settings
switch ($manifestInformation["type"]) {
case "component":
$qry_save = "UPDATE `#__components` SET " . "`enabled`=" . intval($savedParameters->enabled) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `name` = '" . $manifestInformation["element"] . "'";
break;
case "module":
$qry_save = "UPDATE `#__modules` SET " . "`access` = " . intval($savedParameters->access) . ", " . "`published` = " . intval($savedParameters->published) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `module` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
break;
case "plugin":
$qry_save = "UPDATE `#__plugins` SET " . "`access` = " . intval($savedParameters->access) . ", " . "`published` = " . intval($savedParameters->published) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `folder` = '" . $this->_db->escape($manifestInformation["group"]) . "' && " . "`element` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
break;
default:
return;
}
$this->_db->setQuery($qry_save);
$this->_db->query();
}
/**
* Field attribute DEFAULT
*
* @param array &$attributes
* @param array &$field
* @return void
*/
protected function _attr_default(&$attributes, &$field)
{
if ($this->_default === FALSE) {
return;
}
if (!array_key_exists('DEFAULT', $attributes)) {
return;
}
if ($attributes['DEFAULT'] === NULL) {
$field['default'] = empty($this->_null) ? '' : $this->_default . $this->_null;
// Override the NULL attribute if that's our default
$attributes['NULL'] = TRUE;
$field['null'] = empty($this->_null) ? '' : ' ' . $this->_null;
return;
}
// White-list CURRENT_TIMESTAMP & similar (e.g. Oracle has stuff like SYSTIMESTAMP) defaults for date/time fields
if (isset($attributes['TYPE']) && (stripos($attributes['TYPE'], 'time') !== FALSE or stripos($attributes['TYPE'], 'date') !== FALSE) && (stripos($attributes['DEFAULT'], 'time') !== FALSE or stripos($attributes['DEFAULT'], 'date') !== FALSE)) {
$field['default'] = $this->_default . $attributes['DEFAULT'];
return;
}
$field['default'] = $this->_default . $this->db->escape($attributes['DEFAULT']);
}
/**
* FTP Upload
* Several images uploaded via FTP before are moved to a category
*
* @return void
* @since 1.0.0
*/
protected function uploadFTP()
{
// FTP upload is only available in backend at the moment
if ($this->_site) {
return false;
}
// Access check
$category = $this->getCategory($this->catid);
if (!$category || !$this->_user->authorise('joom.upload', _JOOM_OPTION . '.category.' . $this->catid) && (!$this->_user->authorise('joom.upload.inown', _JOOM_OPTION . '.category.' . $this->catid) || !$category->owner || $category->owner != $this->_user->get('id'))) {
$this->setError(JText::_('COM_JOOMGALLERY_COMMON_MSG_YOU_ARE_NOT_ALLOWED_TO_UPLOAD_INTO_THIS_CATEGORY'));
return false;
}
$subdirectory = $this->_db->escape($this->_mainframe->getUserStateFromRequest('joom.upload.ftp.subdirectory', 'subdirectory', '/', 'post', 'string'));
$ftpfiles = $this->_mainframe->getUserStateFromRequest('joom.upload.ftp.files', 'ftpfiles', array(), 'array');
if (!$ftpfiles && JRequest::getBool('ftpfiles')) {
$this->setError(JText::_('COM_JOOMGALLERY_COMMON_MSG_NO_IMAGES_SELECTED'));
return false;
}
// Load the refresher
require_once JPATH_COMPONENT . '/helpers/refresher.php';
$refresher = new JoomRefresher(array('remaining' => count($ftpfiles), 'start' => JRequest::getBool('ftpfiles')));
$this->_debugoutput .= '<p></p>';
foreach ($ftpfiles as $key => $origfilename) {
// Check remaining time
if (!$refresher->check()) {
$this->_mainframe->setUserState('joom.upload.ftp.files', $ftpfiles);
//$this->_mainframe->setUserState('joom.upload.debugoutput', $this->_debugoutput);
$this->_mainframe->setUserState('joom.upload.debug', $this->debug);
$refresher->refresh(count($ftpfiles));
}
// Get extension
$tag = strtolower(JFile::getExt($origfilename));
$this->_debugoutput .= '<hr />';
$this->_debugoutput .= JText::sprintf('COM_JOOMGALLERY_UPLOAD_FILENAME', $origfilename) . '<br />';
/*// Image size must not exceed the setting in backend if we are in frontend
if($this->_site && $screenshot_filesize > $this->_config->get('jg_maxfilesize'))
{
$this->_debugoutput .= JText::sprintf('COM_JOOMGALLERY_UPLOAD_OUTPUT_MAX_ALLOWED_FILESIZE', $this->_config->get('jg_maxfilesize')).'<br />';
$this->debug = true;
unset($ftpfiles[$key]);
continue;
}*/
// Check for right format
if ($tag != 'jpeg' && $tag != 'jpg' && $tag != 'jpe' && $tag != 'gif' && $tag != 'png' || strlen($origfilename) == 0) {
$this->_debugoutput .= JText::_('COM_JOOMGALLERY_UPLOAD_OUTPUT_INVALID_IMAGE_TYPE') . '<br />';
$this->debug = true;
unset($ftpfiles[$key]);
continue;
}
// Check filename for special characters if not allowed
if ($this->_config->get('jg_filenamewithjs') == 0) {
if ($this->_site && $this->_config->get('jg_useruseorigfilename') || !$this->_site && $this->_config->get('jg_useorigfilename')) {
$filename = $origfilename;
} else {
$filename = $this->imgtitle;
}
if (JoomFile::checkValidFilename($filename, '', true) == false) {
$this->_debugoutput .= strip_tags(JText::_('COM_JOOMGALLERY_UPLOAD_ERROR_INVALIDSC_FILENAME'));
$this->debug = true;
unset($ftpfiles[$key]);
continue;
}
}
$filecounter = null;
if ($this->_site && $this->_config->get('jg_useruploadnumber') || !$this->_site && $this->_config->get('jg_filenamenumber')) {
$filecounter = $this->_getSerial();
}
// Create new filename
// If generic filename set in backend use them
if ($this->_site && $this->_config->get('jg_useruseorigfilename') || !$this->_site && $this->_config->get('jg_useorigfilename')) {
$oldfilename = $origfilename;
$newfilename = JoomFile::fixFilename($origfilename);
} else {
$oldfilename = $this->imgtitle;
$newfilename = JoomFile::fixFilename($this->imgtitle);
}
// Check the new filename
if (JoomFile::checkValidFilename($oldfilename, $newfilename) == false) {
$this->_debugoutput .= strip_tags(JText::sprintf('COM_JOOMGALLERY_UPLOAD_ERROR_INVALID_FILENAME', $newfilename, $oldfilename));
$this->debug = true;
unset($ftpfiles[$key]);
continue;
}
$newfilename = $this->_genFilename($newfilename, $tag, $filecounter);
// Resize image
$delete_file = $this->_mainframe->getUserStateFromRequest('joom.upload.file_delete', 'file_delete', false, 'bool');
if (!$this->resizeImage(JPath::clean($this->_ambit->get('ftp_path') . $subdirectory . $origfilename), $newfilename, false, $delete_file)) {
$this->rollback($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), $this->_ambit->getImg('img_path', $newfilename, null, $this->catid), $this->_ambit->getImg('thumb_path', $newfilename, null, $this->catid));
$this->debug = true;
unset($ftpfiles[$key]);
continue;
}
$row = JTable::getInstance('joomgalleryimages', 'Table');
if (!$this->registerImage($row, $origfilename, $newfilename, $tag, $filecounter)) {
$this->rollback($this->_ambit->getImg('orig_path', $newfilename, null, $this->catid), $this->_ambit->getImg('img_path', $newfilename, null, $this->catid), $this->_ambit->getImg('thumb_path', $newfilename, null, $this->catid));
$this->debug = true;
unset($ftpfiles[$key]);
continue;
}
$this->_debugoutput .= JText::_('COM_JOOMGALLERY_UPLOAD_OUTPUT_IMAGE_SUCCESSFULLY_ADDED') . '<br />';
$this->_debugoutput .= JText::sprintf('COM_JOOMGALLERY_UPLOAD_NEW_FILENAME', $newfilename) . '<br /><br />';
$this->_mainframe->triggerEvent('onJoomAfterUpload', array($row));
unset($ftpfiles[$key]);
}
$this->_debugoutput .= '<hr /><br />';
// Reset file counter, delete original delete source file and
// create special gif selection and debug information
$this->_mainframe->setUserState('joom.upload.filecounter', 0);
$this->_mainframe->setUserState('joom.upload.file_delete', false);
$this->_mainframe->setUserState('joom.upload.delete_original', false);
$this->_mainframe->setUserState('joom.upload.create_special_gif', false);
$this->_mainframe->setUserState('joom.upload.debug', false);
$this->_mainframe->setUserState('joom.upload.debugoutput', null);
if ($this->debug) {
echo $this->_debugoutput;
}
return !$this->debug;
}
/**
* SQL语句的转义
*
* 完成SQL语句中关于数据值字符串的转义
*
* @access protected
*
* @param string $sql SQL语句
* @param mixed $value 待转义的数值
*
* @return string
*/
protected function _prepare($sql, $value)
{
$sql = str_replace('?', '%s', $sql);
$value = $this->_dbLink->escape($value);
return vsprintf($sql, $value);
}
/**
* Insert(modify, drop) into Table (Message or Subdivision or Template or.. see SystemTable) field
* @param int FieldID
* @param int type operation: 1 - add, 2 - modify, 3 - drop
* @param object $db
*/
function ColumnInMessage($FieldID, $type, $db, $NewFieldName = false)
{
global $db;
$FieldID = intval($FieldID);
$SelectField = $db->get_row("SELECT `Class_ID`, `Widget_Class_ID`, `Field_Name`, `TypeOfData_ID`, `Extension`, `NotNull`, `DoSearch`, `DefaultState`, `System_Table_ID` FROM `Field` WHERE `Field_ID`= '" . $FieldID . "'");
if ($SelectField->Widget_Class_ID) {
return true;
}
if ($NewFieldName) {
$NewFieldName = $db->escape($NewFieldName);
$sql = "UPDATE `Field` SET `Field_Name` = '{$NewFieldName}' WHERE `Field_ID` = {$FieldID}";
$db->query($sql);
}
$isSys = $SelectField->System_Table_ID;
#for short, ==0 - if Component Field
$TableName = $isSys ? GetSystemTableName($SelectField->System_Table_ID) : "Message" . $SelectField->Class_ID;
switch ($type) {
case 1:
$oper = "ADD";
break;
case 2:
$oper = $NewFieldName ? "CHANGE" : "MODIFY";
break;
case 3:
$oper = "DROP";
break;
}
if ($type == 2 && !$isSys) {
$arr_indexes = $db->get_results("SHOW INDEX FROM `Message{$SelectField->Class_ID}`", ARRAY_A);
if (!empty($arr_indexes)) {
foreach ($arr_indexes as $arr_indexes_row) {
if ($arr_indexes_row['Key_name'] == $SelectField->Field_Name) {
$db->query("ALTER TABLE `Message" . $SelectField->Class_ID . "` DROP INDEX `" . $SelectField->Field_Name . "`");
}
}
}
}
$alter = "ALTER TABLE `" . $TableName . "` " . $oper . " `" . $SelectField->Field_Name . "`";
if ($type == 3) {
$db->query($alter);
return true;
}
if ($NewFieldName && $type == 2) {
$alter .= " `{$NewFieldName}`";
}
$alter .= " ";
switch ($SelectField->TypeOfData_ID) {
case 1:
$alter .= "CHAR(255)";
break;
case 2:
$alter .= "INT";
break;
case 3:
$alter .= "LONGTEXT";
break;
case 4:
$alter .= "INT";
break;
case 5:
$alter .= "TINYINT";
break;
case 6:
$alter .= "CHAR(255)";
break;
case 7:
$alter .= "DOUBLE";
break;
case 8:
$alter .= "DATETIME";
break;
case 9:
$alter .= "INT";
break;
case 10:
$alter .= "TEXT";
break;
case 11:
$alter .= "CHAR(255)";
break;
}
switch (true) {
case $SelectField->DefaultState != NULL && !in_array($SelectField->TypeOfData_ID, array(3, 6, 8)):
$alter .= " NOT NULL DEFAULT '" . $db->escape($SelectField->DefaultState) . "'";
break;
case $SelectField->NotNull:
$alter .= " NOT NULL";
break;
default:
$alter .= " NULL";
}
$db->query($alter);
if ($isSys) {
return true;
}
if ($SelectField->DoSearch && $SelectField->TypeOfData_ID != 3) {
$FieldName = $NewFieldName && $type == 2 ? $NewFieldName : $SelectField->Field_Name;
$db->query("ALTER TABLE `" . $TableName . "` ADD INDEX (`" . $FieldName . "`)");
}
return true;
}
/**
* Callback utilisé pour l'extension <<fichier>> dans le wiki-texte
* @param array $args Arguments passés à l'extension
* @param string $content Contenu éventuel (en mode bloc)
* @param object $skriv Objet SkrivLite
*/
public static function SkrivFichier($args, $content, $skriv)
{
$_args = [];
foreach ($args as $value) {
if (preg_match('/^\\d+$/', $value)) {
$_args['id'] = (int) $value;
}
}
if (empty($_args['id'])) {
return $skriv->parseError('/!\\ Tag fichier : aucun numéro de fichier indiqué.');
}
try {
$file = new Fichiers($_args['id']);
} catch (\InvalidArgumentException $e) {
return $skriv->parseError('/!\\ Tag fichier : ' . $e->getMessage());
}
$out = '<aside class="fichier" data-type="' . $skriv->escape($file->type) . '">';
$out .= '<a href="' . $file->getURL() . '" class="internal-file">' . $skriv->escape($file->nom) . '</a> ';
$out .= '<small>(' . $skriv->escape(($file->type ? $file->type . ', ' : '') . Utils::format_bytes($file->taille)) . ')</small>';
$out .= '</aside>';
return $out;
}
/**
* initializer if you have all image data and a thumb name
*
* @return void
* @param int $thumbName
* @param int $imageID
* @param string $imageFileName
* @param string $imagePath
* @param string $imageExtension
* @param int $imageWidth
* @param int $imageHeight
* @param string $imageData
* @public
*/
public function initByThumbName($thumbName, $imageID, $imageFileName, $imagePath, $imageExtension, $imageWidth, $imageHeight, $imageData = '')
{
$_foo = getHash('SELECT * FROM ' . THUMBNAILS_TABLE . ' WHERE Name="' . $this->db->escape($thumbName) . '"', $this->db);
$_foo = $_foo ?: array('ID' => 0, 'Width' => 0, 'Height' => 0, 'Ratio' => 0, 'Maxsize' => 0, 'Interlace' => false, 'Fitinside' => false, 'Format' => '', 'Name' => '', 'Date' => '', 'Quality' => '');
$this->init($_foo['ID'], $_foo['Width'], $_foo['Height'], $_foo['Ratio'], $_foo['Maxsize'], $_foo['Interlace'], $_foo['Fitinside'], $_foo['Format'], $_foo['Name'], $imageID, $imageFileName, $imagePath, $imageExtension, $imageWidth, $imageHeight, $imageData, $_foo['Date'], $_foo['Quality']);
return $this->thumbID && $this->thumbName;
}
/**
* Escape value
*
* @param mixed $value
* @return string
*/
public function escape($value)
{
return $this->object->escape($value);
}
/**
* Restores the parameters saved of a given extension in the database
*
* @access public
* @param Array $manifestInformation the infomration identidying the extension
* @param String $savedParameters the previously saved parameters
*/
function restoreParameters($manifestInformation, $savedParameters)
{
// Load the new settings
switch ($manifestInformation["type"]) {
case "component":
if (version_compare(JVERSION, '1.6.0', 'ge')) {
// Joomla! 1.6+ code here
$qry_load = "SELECT * FROM #__extensions WHERE `type` = 'component' AND `element` = '" . $manifestInformation["element"] . "'";
} else {
// Joomla! 1.5 code here
$qry_load = "SELECT * FROM `#__components`" . " WHERE `name` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
}
break;
case "module":
if (version_compare(JVERSION, '1.6.0', 'ge')) {
// Joomla! 1.6+ code here
$qry_load = "SELECT * FROM #__extensions WHERE `type` = 'module' AND `element` = '" . $manifestInformation["element"] . "'";
} else {
// Joomla! 1.5 code here
$qry_load = "SELECT * FROM `#__modules`" . " WHERE `module` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
}
break;
case "plugin":
if (version_compare(JVERSION, '1.6.0', 'ge')) {
// Joomla! 1.6+ code here
$qry_load = "SELECT * FROM #__extensions WHERE `type` = 'plugin' AND `folder` = '" . $manifestInformation["group"] . "' AND `element` = '" . $manifestInformation["element"] . "'";
} else {
// Joomla! 1.5 code here
$qry_load = "SELECT * FROM `#__plugins`" . " WHERE `folder` = '" . $this->_db->escape($manifestInformation["group"]) . "' && " . "`element` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
}
break;
default:
return;
}
// Load new parameters from the DB
$this->_db->setQuery($qry_load);
$obj = $this->_db->loadObject();
// enabled: keep the old parameter
// access: keep the old parameter
// published: keep the old parameter
// params: merge (older is more important than defaut new)
// Converting to Object Format
$jregistryformat = JRegistryFormat::getInstance('ini');
$new_params = $jregistryformat->stringToObject($obj->params);
$old_params = $jregistryformat->stringToObject($savedParameters->params);
$old_params = (object) array_merge((array) $new_params, (array) $old_params);
// Converting back to INI format
$savedParameters->params = $jregistryformat->object__toString($old_params, '');
// Save the merged new / old settings
switch ($manifestInformation["type"]) {
case "component":
if (version_compare(JVERSION, '1.6.0', 'ge')) {
// Joomla! 1.6+ code here
$qry_save = "UPDATE `#__extensions` SET " . "`enabled` = " . intval($savedParameters->enabled) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `element` = '" . $manifestInformation["element"] . "'" . " AND `type` = 'component'";
} else {
// Joomla! 1.5 code here
$qry_save = "UPDATE `#__components` SET " . "`enabled`=" . intval($savedParameters->enabled) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `option` = '" . $manifestInformation["element"] . "'";
}
break;
case "module":
if (version_compare(JVERSION, '1.6.0', 'ge')) {
// Joomla! 1.6+ code here
$qry_save = "UPDATE `#__extensions` SET " . "`access` = " . intval($savedParameters->access) . ", " . "`enabled` = " . intval($savedParameters->enabled) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `element` = '" . $manifestInformation["element"] . "'" . " AND `type` = 'module'";
} else {
// Joomla! 1.5 code here
$qry_save = "UPDATE `#__modules` SET " . "`access` = " . intval($savedParameters->access) . ", " . "`published` = " . intval($savedParameters->published) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `module` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
}
break;
case "plugin":
if (version_compare(JVERSION, '1.6.0', 'ge')) {
// Joomla! 1.6+ code here
$qry_save = "UPDATE `#__extensions` SET " . "`access` = " . intval($savedParameters->access) . ", " . "`enabled` = " . intval($savedParameters->enabled) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `element` = '" . $manifestInformation["element"] . "'" . " AND `folder` = '" . $this->_db->escape($manifestInformation["group"]) . "'" . " AND `type` = 'plugin'";
} else {
// Joomla! 1.5 code here
$qry_save = "UPDATE `#__plugins` SET " . "`access` = " . intval($savedParameters->access) . ", " . "`published` = " . intval($savedParameters->published) . ", " . "`params` = '" . $this->_db->escape($savedParameters->params) . "'" . " WHERE `folder` = '" . $this->_db->escape($manifestInformation["group"]) . "' && " . "`element` = '" . $this->_db->escape($manifestInformation["element"]) . "'";
}
break;
default:
return;
}
$this->_db->setQuery($qry_save);
$this->_db->query();
}
public function _getPaymentForOrderQuery($OrderID)
{
$sql = $this->_config['default_getpaymentfororder_query'];
if (empty($sql)) {
$sql = $this->_defaultGetPaymentForOrderQuery();
}
$OrderID = $this->_integrator->escape($OrderID);
return $this->_applyFormat($sql, array('ID' => $OrderID, 'OrderID' => $OrderID));
}
/**
* Import phpcs CSV results file
*
* @param string $csv CSV filename
* @param string $paths Paths of file just sniffed
* @return void
*/
protected function _importCsv($csv, $paths = null)
{
if (null === $paths) {
$paths = $this->_paths;
}
$sql = "DELETE FROM snif_results";
// FIXME: This only correctly works if you are re-running
// the sniff on a specific file, not a subdirectory
if ($paths != $this->_paths) {
// We ran the sniff for a specific file
foreach ($paths as $path) {
$sqlString = $sql . " WHERE file = '" . realpath($path) . "';";
$this->_db->executeQuery($sqlString);
}
} else {
// Yes, just delete everything.
$this->_db->executeQuery($sql);
}
$row = 0;
$handle = fopen($csv, 'r');
$cols = fgetcsv($handle, 1000, ',');
if (substr($cols[0], 0, 5) == 'ERROR') {
throw new Exception("Error importing csv: " . $cols[0]);
}
if ($this->_qis->isVerbose()) {
$this->_qis->log("Writing results to db");
} else {
echo "Writing results to db...";
}
$sqlPre = "INSERT INTO snif_results ('file', 'line', 'column', " . "'severity', 'message', 'sniffcode') VALUES ";
$this->_db->beginTransaction();
while (($data = fgetcsv($handle, 1000, ',')) !== false) {
// only add the row if there was a 1,
// otherwise there was probably an error in the csv file
if (!isset($data[1])) {
continue;
}
if ($data[0] == $cols[0]) {
// No data, we got the headers again.
if ($this->_qis->isVerbose()) {
$this->_qis->log('No sniff results found.');
}
break;
}
if ($this->_includeSniffCodes) {
$sniffCode = $this->_db->escape($data[5]);
} else {
$sniffCode = '';
}
$sqlRow = "('" . $this->_db->escape($data[0]) . "'," . $this->_db->escape($data[1]) . "," . $this->_db->escape($data[2]) . "," . "'" . $this->_db->escape($data[3]) . "'," . "'" . $this->_db->escape($data[4]) . "'," . "'" . $sniffCode . "')";
$sql = $sqlPre . $sqlRow;
$this->_db->executeQuery($sql);
if ($this->_qis->isVerbose()) {
echo '.';
}
$row++;
}
$this->_db->commit();
if ($this->_qis->isVerbose()) {
$this->_qis->log('Finished writing results to db.');
} else {
echo "done\n";
}
return true;
}
