public function run()
{
$static_found = false;
foreach (Core::get_system('static_views') as $view) {
/** Verify a static template for the url does not exist */
$dir = opendir(Core::get_system('views') . '/' . $view);
while ($file = readdir($dir)) {
/** This is a template file that has a url specific extension */
$exploded = explode('.', $file);
if (strpos($file, '.tpl') && $exploded[1] === current(Core::get_args())) {
$static_found = true;
}
}
closedir($dir);
if ($static_found) {
break;
}
}
/** Handle 404 Errors */
if (current(Core::get_args()) !== 'default' && $static_found === false) {
Core::error('404');
} else {
/** Display the default page or 404*/
Core::display();
}
}
public function __construct()
{
// load the field templates
if (($this->field_template = Core::config('db_field_templates')) && count($this->field_template) > 0) {
// we have to make sure all the templates have string keys defined since we'll use them as names
foreach ($this->field_template as $key => $field) {
if (!is_string($key)) {
if (!isset($field['NAME'])) {
Core::error('DBFDTM', 'LIBTIT', array(__CLASS__, $key));
} else {
$this->field_template[$field['NAME']] =& $field;
// remove old keys
unset($this->field_template[$key], $this->field_template[$field['NAME']]['NAME']);
}
}
}
} else {
$this->field_template = false;
}
// propagate database connection info to public vars
if (is_array(DB::$INFO)) {
foreach (DB::$INFO as $param => $value) {
$this->{$param} = $value;
}
}
// initialize the connection if the auto flag is set to true.
if (DB::$AUTO === true) {
$this->init();
}
}
protected function _query($sql, $error = true)
{
$sql = $this->_query_set($sql);
echo '<h3>' . $sql . '::';
$qry = @mysql_query($sql, $this->DB);
echo var_dump($qry) . '</h3>';
if (!$qry && $error) {
Core::error('DBIQRY', 'LIBTIT', array('__METHOD-2__', mysql_error()));
} else {
return $qry;
}
}
/**
* This function is used to load views and files.
* Variables are prefixed with __ to avoid symbol collision with
* variables made available to view files
**/
private static function _loadfile($name, $vars, $__return, $ispath = false)
{
// we make sure that vars is an array even if it's empty.
if (!is_array($vars)) {
$vars = array();
}
// if $name refers to a file located in the views directory
// or to an absolute file path.
if (!$ispath) {
// Add the views directory path and the default
// file extension if $name of doesn't contain one
$__path = pathinfo($name, PATHINFO_EXTENSION) != '' ? VIEW . $name : VIEW . $name . EXT;
} else {
$__path = $name;
}
if (!file_exists($__path)) {
Core::error('404MSG', 'LIBTIT', array(__CLASS__, $name));
}
// Extract variables to file (if any).
// Note: We're merging the $vars array with the self::$_VAR array
// so we can use either of the two methods available for accessing these vars.
extract(self::$_VAR = array_merge(self::$_VAR, $vars));
// Unset variables so they don't interfere with files' vars.
unset($name, $vars, $ispath);
// Start buffering
ob_start();
// Forcing PHP Short Tags
// Note: I recommend not to use this feature, if your PHP installation
// doesn't support it natively and you plan to code a complex application.
// It's wasting processing time just for avoiding to write some chars. don't be lazy!
if ((bool) @ini_get('short_open_tag') === false && Core::config('force_short_tags') === true) {
echo eval('?>' . preg_replace("/;*\\s*\\?>/", "; ?>", str_replace('<?=', '<?php echo ', file_get_contents($__path))) . '<?php ');
} else {
require $__path;
}
// return the file data if requested
if ($__return) {
$b = ob_get_contents();
ob_end_clean();
return $b;
}
// Flushing the buffer
// In order to allow views to be nested within other views, we need to flush
// the content back out whenever we are beyond the first level of Output Buffering
// So it can be seen and included properly by the first included template and any subsequent ones. Oy!
if (!Core::obflush()) {
$c = ob_get_contents();
ob_end_clean();
Output::append($c);
}
}
private static function _cachewrite($output)
{
// Build the file path and open the file
$path = self::_cachepath();
if (!($file = @fopen($path, 'wb'))) {
Core::error('403MSG', 'LIBTIT', array(__CLASS__, 'cache'));
}
// determine the cache expiration time
$exp = time() + self::$_CEX * 60;
// lock the file so it can only be written
flock($file, LOCK_EX);
// write the timestamp and the output
fwrite($file, $exp . 'TS--->' . $output);
// unlock and close the cache file
flock($file, LOCK_UN);
fclose($file);
// set write permissions to newly created cache file
@chmod($path, 0777);
}
/**
Loads the Template File and Compiles the Template if needed
**/
private function loadTemplate()
{
try {
if (file_exists('template/sites/tpl.' . $this->_page . '.php')) {
$content = $_GET['content'];
if ($this->_data != "") {
$tpl = (include 'template/sites/tpl.' . $this->_page . '.php?data=' . $this->_data);
} else {
$tpl = (include 'template/sites/tpl.' . $this->_page . '.php');
}
if ($tpl != "1") {
echo $tpl;
}
if ($this->_cache && self::$_cacheableData) {
$this->saveTemplate($tpl);
}
self::$_cacheableData = true;
} else {
throw new Exception(Core::error('<b> Seite konnte nicht gefunden werden. Name wahrscheinlich falsch.</b><br />template/sites/tpl.' . $this->_page . $this->c . '.php<br /><br /><a href="index.html" style="color: black">Zurück zur Startseite</a>'));
}
} catch (Exception $e) {
echo $e->getMessage();
//echo '<div style="border: 1 solid black; width: 500px; background: rgb(150,70,70); text-align: center; padding: 20px; margin: 15px auto;"><b> Fehler in Datei: tpl.' . $this->_page . '.php</b></div>';
}
}
public function route($app, $action)
{
if (!empty(Core::$user->id)) {
foreach (['edit', 'conf'] as $v) {
if (isset($_REQUEST[$v]) && Core::$user->has($v)) {
$_SESSION['pe_' . substr($v, 0, 1)] = !empty($_REQUEST[$v]);
Http::redirect();
}
}
}
if (Core::$core->app == 'login') {
if (Core::$user->id) {
Http::redirect('/');
}
$A = 'admin';
if (Core::isTry() && !empty($_REQUEST['id'])) {
if ($_REQUEST['id'] == $A && !empty(Core::$core->masterpasswd) && password_verify($_POST['pass'], Core::$core->masterpasswd)) {
$_SESSION['pe_u']->id = -1;
$_SESSION['pe_u']->name = $A;
} else {
Core::event("login", [$_REQUEST['id'], $_POST['pass']]);
}
if (!empty($_SESSION['pe_u']->id)) {
Core::log('A', 'Login ' . $_SESSION['pe_u']->name, 'users');
Http::redirect();
} else {
Core::error(L('Bad username or password'), 'id');
}
}
} elseif (Core::$core->app == 'logout') {
$i = Core::$user->id;
if ($i) {
Core::log('A', 'Logout ' . Core::$user->name, 'users');
if ($i != -1) {
Core::event("logout");
}
}
session_destroy();
Http::redirect('/');
}
}
/**
* Check that is a variable provided and that it is an array
**/
private static function _check(&$array = false, $_doublebacktrace = false)
{
// if this is a call from _types show the method from two traces back
$err = array('__METHOD' . (!$_doublebacktrace ? '-1' : '-2') . '__', '$array');
if (!$array) {
Core::error('VARREQ', 'LIBTIT', $err);
}
if (!is_array($array)) {
Core::error('ARRTYP', 'LIBTIT', $err);
}
}
/**
* Save page meta information
*
* @param parameters
* @param boolean new page
*/
static function savePageInfo($params, $new = false)
{
if (empty(Core::$user->id) || !Core::$user->has("siteadm|webadm")) {
throw new \Exception(L('No user id'));
}
$rename = false;
//! url checks
if ($new) {
if (!empty(DS::fetch("id", static::$_table, "id=? AND lang=?", "", "", [$params['id'], $params['lang']]))) {
Core::error(L("A page already exists with this url!"), "page.id");
return false;
}
} else {
//! if url changed
if (!$new && !empty($params['pageid']) && $params['pageid'] != $params['id']) {
$rename = true;
DS::exec("UPDATE " . static::$_table . " SET id=? WHERE id=?", [$params['id'], $params['pageid']]);
Core::log('A', sprintf("Page %s renamed to %s by %s", $params['pageid'], $params['id'], Core::$user->name), "cmsaudit");
}
}
//! create page object
$page = new self($params['id']);
$needsave = false;
foreach ($params as $k => $v) {
if (property_exists($page, $k) && $page->{$k} != $v) {
Core::log('A', sprintf("Set page %s for %s by %s", $k, $params['id'], Core::$user->name) . (Core::$core->runlevel > 2 ? " '" . addslashes(strtr($page->{$k}, ["\n" => ""])) . "' -> '" . addslashes(strtr($v, ["\n" => ""])) . "'" : ""), "cmsaudit");
$page->{$k} = $v;
$needsave = true;
}
}
//! save it
if ($needsave && !$page->save($new)) {
Core::error(L("Unable to save page!"));
return false;
} elseif ($new || $rename) {
//! on successful new add and renames, redirect user to the new page
die("<html><script>window.parent.document.location.href='" . url($params['id']) . "';</script></html>");
}
return true;
}
/**
* Handle image upload
*
* @param file array
*/
static function uploadImage($file)
{
if ($file['error'] == 4) {
return;
}
if ($file['error'] != 0 || $file['size'] < 1) {
Core::error(ucfirst(L('failed to upload file.')));
} elseif (substr($file['type'], 0, 5) != 'image') {
Core::error(L('Only images allowed.'));
} else {
if (!is_dir("data/gallery")) {
mkdir("data/gallery", 0750);
}
//! generate different image sizes
$l = count(self::$sizes) - 1;
foreach (self::$sizes as $k => $s) {
if (!is_dir("data/gallery/" . $k)) {
mkdir("data/gallery/" . $k, 0750);
}
View::picture($file['tmp_name'], "data/gallery/" . $k . "/" . preg_replace("/[^a-zA-Z0-9_\\.]/", "", basename($file['name'])), $s[0], $s[1], $k != $l, $s[0] < 256, self::$watermark, self::$maxSize, self::$minQuality);
}
}
}
/**
* INSTANTIATE DOMDocument
* create or set a new Domdocument based upon a string or an already declared object
**/
private static function _domxpath($path = false, $obj = false, $force = false, $create = false)
{
self::$_LDD = false;
// check that DomDocument and DomXPath are available
// we don't need to send an error since the Core::library will handle that.
if (!class_exists('DomDocument') || !class_exists('DOMXPath')) {
die;
}
// return if $_DOM is already declared and we're not forcing re-instantiation.
if (self::$_DOM instanceof DomDocument && !$force) {
return self::$_DOM;
}
// if no object is specified, instantiate a new one.
if (!$obj) {
self::$_DOM = new DomDocument(self::$_VER, self::$_CHR);
self::$_DOM->preserveWhiteSpace = self::$_PWS;
self::$_DOM->formatOutput = self::$_FOU;
// if object provided is a valid instance, use it instead.
} elseif ($obj instanceof DomDocument) {
self::$_DOM = $obj;
// we override force, so xpath will be reinstantiated again.
$force = true;
// if object isn't dom... show error.
} else {
Core::error('VARTYP', 'LIBTIT', array(__CLASS__, 'object', 'DomDocument'));
}
// if there's a path set it and load it.
if ($path) {
// we make sure the path is set correctly
$path = self::path($path, $create, 3);
// if the specified file doesn't exist, or the file exists
// but it doesn't have a root element defined AND the function
// needs a file to be created, do so.
if ($create && (!file_exists($path) || !self::$_DOM->documentElement)) {
self::$_DOM->appendChild(self::$_DOM->createElement('root'));
self::save(false, false);
self::$_LDD = true;
// if we're not creating but the file already exists and has content on it, load it.
} elseif (!$create && file_exists($path) && filesize($path) > 0) {
self::$_DOM->load($path);
self::$_LDD = true;
}
}
// instantiate the domxpath object
if (!self::$_XPT instanceof DOMXPath || $force) {
self::$_XPT = new DOMXPath(self::$_DOM);
}
return self::$_DOM;
}
public static function error($msg, $tit, $xtra = false)
{
// if debug is enabled show the error details
if (self::$DBUG === true) {
Core::error($msg, $tit, $xtra);
}
// or just send a plain error.
Core::error();
}
/**
* checks a database configuration array, and set its defaults.
**/
private static function _checkconfig($dbname, $isdef = false)
{
// if not database name specified use array's name.
if (!isset(self::$_DDB['name']) || !self::$_DDB['name']) {
self::$_DDB['name'] = Arrays::key_first(self::$_DBS);
}
// if not hostname specified use localhost
if (!isset(self::$_DDB['hostname']) || !self::$_DDB['hostname']) {
self::$_DDB['hostname'] = 'localhost';
}
// if not username or password is specified, send error.
if (!isset(self::$_DDB['username']) || !self::$_DDB['username']) {
Core::error('VARREQ', 'LIBTIT', array(__CLASS__, 'username'));
}
if (!isset(self::$_DDB['password']) || !self::$_DDB['password']) {
Core::error('VARREQ', 'LIBTIT', array(__CLASS__, 'password'));
}
// self explanatory
if (!isset(self::$_DDB['prefix'])) {
self::$_DDB['prefix'] = '';
}
if (!isset(self::$_DDB['driver']) || !self::$_DDB['driver']) {
self::$_DDB['driver'] = 'mysql';
}
if (!isset(self::$_DDB['pconnect']) || !is_bool(self::$_DDB['pconnect'])) {
self::$_DDB['pconnect'] = true;
}
if (!isset(self::$_DDB['debug']) || !is_bool(self::$_DDB['debug'])) {
self::$_DDB['debug'] = true;
}
if (!isset(self::$_DDB['cache']) || !is_bool(self::$_DDB['cache'])) {
self::$_DDB['cache'] = false;
}
if (!isset(self::$_DDB['cachedir']) || !self::$_DDB['cachedir']) {
self::$_DDB['cachedir'] = CACH;
}
if (!is_writable(self::$_DDB['cachedir'])) {
Core::error('403DIR', 'LIBTIT', array(__CLASS__, 'cachedir'));
}
// detect charset and collation if necessary
if (!isset(self::$_DDB['charset']) || !self::$_DDB['charset']) {
self::$_DDB['charset'] = array_key_exists($chset, self::$_CHS) ? self::$_CHS[$chset][0] : '';
}
if (!isset(self::$_DDB['collat']) || !self::$_DDB['collat']) {
self::$_DDB['collat'] = array_key_exists($chset, self::$_CHS) ? self::$_CHS[$chset][1] : '';
}
}
/**
* Handle document upload
*
* @param file array
*/
static function uploadDocument($file)
{
if ($file['error'] == 4) {
return;
}
if ($file['error'] != 0 || $file['size'] < 1) {
Core::error(ucfirst(L('failed to upload file.')));
} else {
move_uploaded_file($file['tmp_name'], "data/download/" . preg_replace("/[^a-zA-Z0-9_\\.]/", "", basename($file['name'])));
}
}
public function delete()
{
$id = Core::get_args(2) && is_int(intval(Core::get_args(2))) ? Core::get_args(2) : false;
if ($id !== false) {
$user_ctrl = Controller::load('user');
$auth = $user_ctrl->auth($this->name, 'delete');
/** Ensure the user is logged in */
if ($auth) {
/** Load the model */
$model = Model::load($this->model);
/** Retrieve the item the user wants to delete */
$item = $model->get(array('where' => array($model->getPrimaryKey() => $id)));
if (is_array($item)) {
$item = current($item);
/** Attempt the delete operation */
if (isset($_GET['confirm']) && $_GET['confirm'] === 'true' && is_array($item)) {
$result = $model->del(array('where' => array($model->getPrimaryKey() => $id)));
if ($result) {
Core::set_response($item);
} else {
Core::set_response(false);
}
} elseif (is_array($item)) {
Core::set_response($item);
}
/** Display the result */
Core::display();
} else {
/** Entry not found! */
Core::error('404');
}
/** The user does not have permission to delete this entry. */
} else {
Core::error('403');
}
} else {
Core::error('404');
}
}
private static function _error($code, $var)
{
Core::error($code, 'LIBTIT', array(__CLASS__, $var));
}
/**
* VALIDATE THE ROUTE
* Validates the supplied segments.
* Attempts to determine the path to the controller.
**/
private static function _validate($segments = false)
{
// if no segments are specified we use the current class and method.
if (!$segments) {
$segments = array(self::$_CLS, self::$_MTD);
}
if (!is_array($segments)) {
Core::error('ARRTYP', 'LIBTIT', array(__METHOD__, 'segments'));
}
// does the requested controller file exist?
if (file_exists(CTRL . $segments[0] . EXT)) {
return $segments;
}
// in a subfolder ?
if (is_dir(CTRL . $segments[0])) {
// Set the current dir and remove it from the array
self::$_DIR = $segments[0];
$segments = array_slice($segments, 1);
// does the requested controller file exists in subfolder?
if (count($segments) > 0) {
if (!file_exists(CTRL . self::$_DIR . '/' . $segments[0] . EXT)) {
Core::error404();
}
} else {
if (!file_exists(CTRL . self::$_DIR . '/' . self::$_CTR . EXT)) {
Core::error('RTRCTR', 'LIBTIT', __CLASS__);
}
// we set the default controller
self::$_CLS = self::$_CTR;
self::$_MTD = 'index';
}
return $segments;
}
// if default controller doesn't exists throw an error instead of the 404.
if (!file_exists(CTRL . self::$_CTR . EXT)) {
Core::error('RTRCTR', 'LIBTIT', __CLASS__);
}
Core::error404(Uri::string());
}
