function database($params)
{
/*global $table_schema;
write_schema('dbtable', $table_schema);*/
$data = array();
$db = connect_database();
//
if (isset($params['sql']) && is_array($params['sql'])) {
foreach ($params['sql'] as $sql) {
if (trim($sql) != '') {
$db->query($sql);
}
}
}
//
$data['import'] = @unserialize(gzinflate(file_get_contents('data/schema.db')));
if (!$data['import']) {
$data['import'] = array();
}
//print_r($file);
//
$tables = $db->query('SHOW tables');
$data['tables'] = array();
while ($table = row_array($tables)) {
$columns = $db->query('DESCRIBE `' . $table[0] . '`');
$tmp = array();
$cname = '';
while ($column = row_assoc($columns)) {
$field = $column['Field'];
unset($column['Field']);
$size = explode('(', $column['Type']);
$column['Type'] = $size[0];
$column['Size'] = count($size) == 2 ? str_replace(')', '', $size[1]) : '';
$tmp[$field] = $column;
}
$data['tables'][$table[0]] = $tmp;
}
$data['schema'] = load_schema('dbtable');
//
if (isset($params[0]) && $params[0] == 'export') {
// CHECK IF THERE ARE CONFLICTS
$result = file_put_contents('data/schema.db', gzdeflate(serialize($data['tables'])));
if ($result) {
flash_message('Database schema is exported', 'success');
} else {
flash_message('No permission to write to data/schema.db', 'warning');
}
redirect('admin/developer', 'database');
}
//
$data['html_head'] = array('title' => 'Database');
return $data;
}
function index($params)
{
$db = connect_database();
$query = gzuncompress(base64_decode(file_get_contents('php://input')));
$data = $db->query($query);
$dat = array();
while ($row = row_assoc($data)) {
$dat[] = $row;
}
$data = base64_encode(gzcompress(json_encode($dat)));
die($data);
}
function edit($params)
{
global $content_schema, $method;
$method = 'index';
$content_schema['lang']['enum'] = list_languages();
$data = array('schema' => $content_schema);
$db = connect_database();
//
$data['article'] = row_assoc($db->query('SELECT id, slug, lang, published, title, content FROM content WHERE id = ' . $params[0]));
//
$data['html_head'] = array('title' => 'Edit Content');
return $data;
}
function _generic_page($params)
{
global $lex, $lang, $page;
$db = connect_database();
//
$content = $db->query('SELECT title, content FROM content WHERE lang = \'' . $lang . '\' AND slug = \'' . str_replace('_', '-', $page) . '\'');
if ($data = row_assoc($content)) {
} else {
$data = array('title' => $lex['not-found'], 'content' => '<p>' . $lex['translation-not-found'] . '</p>');
}
//
$data['page'] = $page;
$data['html_head'] = array('title' => $data['title'], 'description' => shorten_string($data['title'], 250));
return $data;
}
function app($params)
{
global $app_schema, $user, $module;
$data = array('schema' => $app_schema);
$db = connect_database();
//
if (isset($params['id'])) {
$db->update('app', $params);
redirect($module, 'developer');
}
//
if (!($data['app'] = row_assoc($db->select('*', 'app', 'id = ' . $params[0] . ' AND owner = ' . $user['id'])))) {
redirect($module, 'developer');
}
//
$data['html_head'] = array('title' => $data['app']['title']);
return $data;
}
<?php
echo $article['content'];
?>
<?php
} else {
?>
<h2><?php
echo $lex['content'];
?>
</h2>
<ul class="content">
<?php
while ($article = row_assoc($content)) {
?>
<li>
<a href="<?php
echo BASE_URL;
?>
news/<?php
echo $page;
?>
/<?php
echo $article['id'];
?>
/<?php
echo slugify($article['title']);
?>
">
function render_table($schema, $data, $classname = false)
{
global $acl;
if (!in_array('edit', $acl)) {
unset($schema['edit']);
}
if (!in_array('delete', $acl)) {
unset($schema['delete']);
}
$found = false;
?>
<table width="100%" class="table table-striped<?php
echo $classname != false ? ' ' . $classname : '';
?>
"><thead><tr>
<?php
$cmd_opened = false;
foreach ($schema as $col => $meta) {
if (!isset($meta['table']) || $meta['table']) {
if (isset($meta['cmd']) || isset($meta['onclick'])) {
if (!$cmd_opened) {
echo '<th width="120" class="action_btns">Actions';
$cmd_opened = true;
}
} else {
?>
<th><?php
echo $meta[0];
?>
</th><?php
}
}
}
if ($cmd_opened) {
echo '</th>';
}
?>
</tr></thead><tbody><?php
$key = false;
if (is_array($data)) {
foreach ($data as $row) {
render_row($row, $schema, $found);
}
} else {
while ($row = row_assoc($data)) {
render_row($row, $schema, $found);
}
}
if (!$found) {
?>
<tr class="no-records"><td colspan="99"><i>No records to display</i></td></tr><?php
}
?>
</tbody></table><?php
}
function oauth2($params)
{
global $user;
$data = array();
$db = connect_database();
if (isset($params['code']) && isset($params['redirect'])) {
header('location:' . $params['redirect'] . '?code=' . $params['code']);
} else {
if (isset($params[0])) {
if ($params[0] == 'token') {
global $template_file;
$template_file = 'json';
if (!isset($params['code'])) {
die(json_encode(array('error' => 'Authorization code not defined')));
} else {
if (!isset($params['client_secret'])) {
die(json_encode(array('error' => 'Client Secret not defined')));
} else {
if (!file_exists('data/oauthtokenstmp/' . $params['code'] . '.token')) {
die(json_encode(array('error' => 'Token expired or invalid')));
} else {
$clientid = explode('-', $params['code']);
$app = row_assoc($db->select('*', 'app', 'clientid = \'' . $clientid[0] . '\''));
if ($app['secret'] != $params['client_secret']) {
die(json_encode(array('error' => 'Client Secret is invalid')));
} else {
$token = file_get_contents('data/oauthtokenstmp/' . $params['code'] . '.token');
unlink('data/oauthtokenstmp/' . $params['code'] . '.token');
die(json_encode(array('access_token' => $token)));
}
}
}
}
} else {
if ($user['id'] < 0) {
$_SESSION['REDIRECT_AFTER_SIGNIN'] = $_SERVER['REQUEST_URI'];
redirect('user', 'log-in');
} else {
if ($params[0] == 'authorize') {
if (!isset($params['redirect_uri'])) {
flash_message('Redirect URI not defined', 'error');
} else {
if (!isset($params['client_id'])) {
flash_message('Client ID not defined', 'error');
} else {
if (!($data['app'] = row_assoc($db->select('*', 'app', 'clientid = \'' . $params['client_id'] . '\'')))) {
flash_message('Application with Client ID ' . $params['client_id'] . ' not found', 'error');
} else {
$data['app']['urls'] = explode("\n", $data['app']['urls']);
if (!in_array($params['redirect_uri'], $data['app']['urls'])) {
flash_message('Given redirect URI is not authorized', 'error');
unset($data['app']);
} else {
$data['app']['scopes'] = explode(' ', $params['scope']);
$data['app']['redirect'] = $params['redirect_uri'];
$auth = json_encode(array('clientid' => $params['client_id'], 'userid' => $user['id'], 'scopes' => $data['app']['scopes'], 'timestamp' => time()));
$data['app']['code'] = $params['client_id'] . '-' . str_replace(array('/', '+', '='), '', base64_encode(sha1($auth . ':' . COMMON_SALT)));
$result = file_put_contents('data/oauthtokenstmp/' . $data['app']['code'] . '.token', base64_encode(base64_encode(md5($auth . ':' . COMMON_SALT, true)) . $auth));
$data['html_head'] = array('title' => $data['app']['title']);
if (!$result) {
flash_message('No permission to write temp oauth token', 'error');
}
}
}
}
}
}
}
}
}
}
//
if (!isset($data['html_head'])) {
$data['html_head'] = array('title' => 'Authorize');
}
return $data;
}
function edit_group($params)
{
global $user;
$data = _add_edit_group($params);
$db = connect_database();
$data['a_user'] = row_assoc($db->query('SELECT * FROM `user` WHERE organization = ' . $user['organization'] . ' AND id = ' . $params[0]));
//
$data['html_head'] = array('title' => 'Edit User Group');
return $data;
}