break; case "boolean": $sql = "SELECT DISTINCT t1.entry_id,\n\t\t\t\t MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE) AS score\n\t\t\t\t FROM tbl_entries2customfields AS t1\n\t LEFT JOIN `tbl_entries` AS t2 ON t1.entry_id = t2.id\n\t\t\t LEFT JOIN `tbl_entries2sections` AS t3 on t2.id = t3.entry_id\n\t WHERE 1 AND MATCH(t1.value) AGAINST ('{$searchstring}' IN BOOLEAN MODE)\n\t\t\t\t " . ($Author->get('superuser') != 1 ? " AND t3.section_id IN ({$can_access})" : '') . "\n\t\t\t\t ORDER BY score DESC LIMIT 5"; break; } $result = $db->fetchCol('entry_id', $sql); $result = array_flip($result); $result = array_flip($result); if (@count($result) >= 1) { $parent =& new ParentShell($db, $config); include_once LIBRARY . "/core/class.manager.php"; include_once LIBRARY . "/core/class.symphonylog.php"; include_once LIBRARY . "/core/class.textformattermanager.php"; include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($parent); foreach ($result as $entry_id) { $row = $entryManager->fetchEntriesByID($entry_id, false, true); $locked = 'content'; ##Generate the XML $entry = new XMLElement("item"); $entry->setAttribute("class", $locked); $entry->addChild(new XMLElement("title", strip_tags($row['fields'][$row['primary_field']]['value']))); $entry->addChild(new XMLElement("date", $cDate->get(true, true, strtotime($row['publish_date_gmt'])))); $entry->addChild(new XMLElement("link", "?page=/publish/section/edit/&_sid=" . $row['section_id'] . "&id=" . $row['id'])); $entry->addChild(new XMLElement("handle", $row['primary_field'])); if (isset($row['fields']['body']) && $row['fields']['body']['type'] == 'textarea') { $entry->addChild(new XMLElement("description", General::limitWords(strip_tags($row['fields']['body']['value']), 100, true, false))); } $xml->addChild($entry); } }
function grab($param = array()) { ## Decide if we return an emtpy set or not if ($this->__forceEmptySet()) { ##Create the XML container $xml = new XMLElement("archive-entry-list"); $xml->setAttribute("section", $this->getType()); $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } $obDate = $this->_parent->getDateObj(); extract($this->_env, EXTR_PREFIX_ALL, 'env'); $where = $sort = $joins = NULL; include_once TOOLKIT . '/class.entrymanager.php'; $entryManager = new EntryManager($this->_parent); $section_id = $entryManager->fetchSectionIDFromHandle($this->getType()); ##Prepare the Query if ($handle = $this->__resolveDefine("dsFilterHANDLE")) { $entries = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $handle); $where .= " AND t1.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entries) . "') "; } if ($date = $this->__resolveDefine("dsFilterDAY")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' "; } if ($month = $this->__resolveDefine("dsFilterMONTH")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' "; } if ($year = $this->__resolveDefine("dsFilterYEAR")) { $where .= " AND DATE_FORMAT(t1.publish_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' "; } if ($this->_dsFilterINCLUDEPOSTDATED != 'yes') { $where .= " AND UNIX_TIMESTAMP(t1.publish_date_gmt) <= '" . $obDate->get(false, false) . "' "; } if (is_array($this->_dsFilterCUSTOM) && !empty($this->_dsFilterCUSTOM)) { $table_id = 15; foreach ($this->_dsFilterCUSTOM as $handle => $value) { $field = $this->_db->fetchRow(0, "SELECT `id`, `type`, `foreign_select_multiple` FROM `tbl_customfields` WHERE `parent_section` = '{$section_id}' AND `handle` = '{$handle}' LIMIT 1"); $value_handle = Lang::createHandle($value, $this->_parent->getConfigVar('handle_length', 'admin')); if ($field['type'] == 'multiselect' || $field['type'] == 'foreign' && $field['foreign_select_multiple'] == 'yes') { $joins .= " LEFT JOIN `tbl_entries2customfields_list` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " "; $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') "; } else { $joins .= " LEFT JOIN `tbl_entries2customfields` AS t{$table_id} ON t1.`id` = t{$table_id}.`entry_id` AND t{$table_id}.field_id = " . $field['id'] . " "; $where .= " AND (t{$table_id}.value_raw = '{$value}' OR t{$table_id}.handle = '{$value_handle}') "; } $table_id++; } } if ($this->_dsFilterSORT != '') { $sort = strtoupper($this->_dsFilterSORT); } if ($max_months = $this->__resolveDefine("dsFilterLIMIT_MONTHS")) { $sql = "SELECT UNIX_TIMESTAMP(t1.publish_date) AS publish_timestamp " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date` {$sort} " . "LIMIT 1"; $relative_start = $this->_db->fetchVar('publish_timestamp', 0, $sql); switch ($sort) { case "DESC": $end = mktime(0, 0, 0, date('m', $relative_start) - $max_months + 1, 1, date('Y', $relative_start)); $where .= " AND (UNIX_TIMESTAMP(t1.publish_date) <= '{$relative_start}' AND UNIX_TIMESTAMP(t1.publish_date) >= '{$end}')"; break; case "ASC": ## Since this is assending, we need to start from 0. The DS editor will give us 1+ $max_months--; $last_day = date('d', mktime(0, 0, 0, date('m', $relative_start) + 1, 0, date('Y', $relative_start))); $end = mktime(23, 59, 59, date('m', $relative_start) + $max_months, $last_day, date('Y', $relative_start)); $where .= " AND (UNIX_TIMESTAMP(t1.publish_date) >= '{$relative_start}' AND UNIX_TIMESTAMP(t1.publish_date) <= '{$end}')"; break; } } else { ##We are trying to preview if (isset($param['limit'])) { $limit = " LIMIT 0, " . $param['limit']; } elseif ($this->_dsFilterLIMIT != '') { $limit = " LIMIT 0, " . $this->_dsFilterLIMIT; } elseif ($where == NULL) { $limit = " LIMIT 0, 50"; } } $sql = "SELECT t1.id " . "FROM `tbl_entries` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` " . "AND t2.`class` = 'entry' " . "LEFT JOIN `tbl_authors` AS t4 ON t1.`author_id` = t4.`id` " . $joins . "LEFT JOIN `tbl_entries2sections` AS t8 ON t1.id = t8.entry_id " . "WHERE t8.section_id = '{$section_id}' " . $where . "GROUP BY t1.`id` " . "ORDER BY t1.`publish_date_gmt` " . $sort . $limit; ##Check the cache $hash_id = md5(get_class($this) . serialize($env_url)); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("archive-entry-list"); $xml->setAttribute("section", $this->getType()); $xml->setAttribute("section-id", $section_id); ##Grab the records $entries = $this->_db->fetchCol("id", $sql); ##Populate the XML if (empty($entries) || !is_array($entries)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { $bin = array(); foreach ($entries as $id) { $row = $entryManager->fetchEntriesByID($id, false, true); list($dYear, $dMonth, $dDay) = explode("-", date("Y-m-d", $obDate->get(true, false, strtotime($row['publish_date_gmt'])))); $bin[$dYear][$dMonth][$dDay][] = $row; } foreach ($bin as $year => $months) { $xYear = new XMLElement("year"); $xYear->setAttribute("value", $year); foreach ($months as $month => $days) { $xMonth = new XMLElement("month"); $xMonth->setAttribute("value", $month); foreach ($days as $day => $entries) { $xDay = new XMLElement("day"); $xDay->setAttribute("value", $day); foreach ($entries as $row) { $entry = new XMLElement("entry"); $entry->setAttribute("id", $row['id']); $entry->setAttribute("handle", trim($row['fields'][$row['primary_field']]['handle'])); $entry->setAttribute('linked-count', '' . count($row['linked_entries']) . ''); $date_local = $obDate->get(true, false, $row['timestamp_gmt']); $entry_fields = array("date" => General::createXMLDateObject($date_local), "time" => General::createXMLTimeObject($date_local), "rfc822-date" => date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, $row['timestamp_gmt']))); $this->__addChildFieldsToXML($entry_fields, $entry); ##Author Details $author_rec = $this->_db->fetchRow(0, "SELECT * FROM `tbl_authors` WHERE `id` = '" . $row['author_id'] . "' LIMIT 1"); $author = new XMLElement("author"); $author_fields = array("first-name" => $author_rec['firstname'], "last-name" => $author_rec['lastname'], "email" => $author_rec['email'], "username" => $author_rec['username']); $this->__addChildFieldsToXML($author_fields, $author, "author"); $entry->addChild($author); ##Custom Fields $fields = $row['fields']; if (is_array($fields) && !empty($fields)) { $customFields = new XMLElement("fields"); foreach ($fields as $f) { if (@in_array($f['field_handle'], $this->_dsFilterXMLFIELDS)) { $newField = new XMLElement($f['field_handle']); if ($f['type'] == 'list' || $f['type'] == 'multiselect') { foreach ($f['value_raw'] as $val) { $item = new XMLElement("item", $val); $item->setAttribute("handle", Lang::createHandle($val, $this->_parent->getConfigVar('handle_length', 'admin'))); $newField->addChild($item); } } elseif ($f['type'] == 'foreign') { $sid = $f['foreign_section']; $section_handle = $this->_db->fetchVar('handle', 0, "SELECT `handle` FROM `tbl_sections` WHERE `id` = '{$sid} ' LIMIT 1"); $newField->setAttribute("handle", $f['handle']); $newField->setAttribute("type", 'foreign'); $newField->setAttribute("section-id", $sid); $newField->setAttribute("section-handle", $sid); if (!is_array($f['value_raw'])) { $f['value_raw'] = array($f['value_raw']); } foreach ($f['value_raw'] as $h) { $entry_id = $entryManager->fetchEntryIDFromPrimaryFieldHandle($sid, $h); $e = $entryManager->fetchEntriesByID($entry_id, false, true); $item = new XMLElement("item", trim($e['fields'][$e['primary_field']]['value'])); $item->setAttribute("entry-id", $entry_id[0]); $item->setAttribute("entry-handle", $e['fields'][$e['primary_field']]['handle']); $newField->addChild($item); } } elseif ($f['type'] == 'upload') { foreach ($f['value_raw'] as $val) { $item = new XMLElement("item"); $item->addChild(new XMLElement("path", trim($val['path'], '/'))); $item->addChild(new XMLElement("type", $val['type'])); $item->addChild(new XMLElement("size", General::formatFilesize($val['size']))); $newField->addChild($item); } } elseif ($f['type'] == 'checkbox') { $newField->setValue($f['value_raw']); } elseif ($f['type'] == 'select') { $newField->setValue($f['value_raw']); $newField->setAttribute("handle", $f['handle']); } else { $key = 'value'; if ($f['format'] != 1) { $key = 'value_raw'; } $f[$key] = trim($f[$key]); $value = $f[$key]; if ($this->_dsFilterENCODE == "yes") { $value = trim(General::sanitize($f[$key])); } if ($f['type'] == 'textarea') { $newField->setValue($value); $newField->setAttribute("word-count", General::countWords(strip_tags($f['value']))); } elseif ($f['type'] == 'input' && $f['field_id'] != $row['primary_field']) { $newField->setAttribute("handle", $f['handle']); $newField->setValue($value); } } $customFields->addChild($newField); } } $entry->addChild($customFields); } ##Comments $commenting = $this->_db->fetchVar('commenting', 0, "SELECT `commenting` FROM `tbl_sections` WHERE `id` = '{$section_id}' LIMIT 1"); if ($commenting == 'on') { $comments = new XMLElement("comments"); $sql = "SELECT count(*) as `count` " . "FROM `tbl_comments` " . "WHERE `entry_id` = '" . $row['id'] . "'"; $comment_count = max(0, @intval($this->_db->fetchVar("count", 0, $sql . " AND `spam` = 'no'"))); $spam_count = max(0, @intval($this->_db->fetchVar("count", 0, $sql . " AND `spam` = 'yes'"))); $comments->setAttribute("count", "" . $comment_count . ""); $comments->setAttribute("spam", "" . $spam_count . ""); $entry->addChild($comments); } $xDay->addChild($entry); } $xMonth->addChild($xDay); } $xYear->addChild($xMonth); } $xml->addChild($xYear); } } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }
} $code .= CRLF; } } return $code; } include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($Admin); $section_id = intval($_REQUEST['_sid']); $entry_id = intval($_REQUEST['id']); if (!($section = $DB->fetchRow(0, "SELECT * FROM `tbl_sections` WHERE `id` = '{$section_id}' LIMIT 1"))) { $Admin->fatalError("Unknown Section", "<p>The Section you are looking for could not be found.</p>", true, true); } $date = $Admin->getDateObj(); if ($entry_id) { if ($fields = $entryManager->fetchEntriesByID($entry_id, false, true)) { $can_edit = true; $GLOBALS['pageTitle'] = $section['name'] . ' > ' . strip_tags($fields['fields'][$fields['primary_field']]['value']); foreach ($fields['fields'] as $key => $f) { $fields['custom'][$key] = $f['value_raw']; } if ($fields['type'] != "") { $fields['custom'][$fields['primary_field']] = "[" . $fields['type'] . "] " . $fields['custom'][$fields['primary_field']]; } } else { General::redirect(URL . "/symphony/?page=/publish/section/new/&_sid=" . $section_id); } } else { General::redirect(URL . "/symphony/?page=/publish/section/new/&_sid=" . $section_id); } if (isset($_GET['_f'])) {
function grab($param = array()) { ## Decide if we return an emtpy set or not if ($this->__forceEmptySet()) { ##Create the XML container $xml = new XMLElement("comments"); $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } $obDate = $this->_parent->getDateObj(); extract($this->_env, EXTR_PREFIX_ALL, 'env'); $where = NULL; include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($this->_parent); ##Prepare the Query if ($section_id = $entryManager->fetchSectionIDFromHandle($this->_dsFilterSECTION)) { $comment_where .= " AND t4.`section_id` = '{$section_id}' "; if ($entries = $this->__resolveDefine("dsFilterHANDLE", true)) { $entry_ids = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section_id, $entries); $comment_where .= " AND t3.`id`" . ($this->__isDefineNotClause("dsFilterHANDLE") ? ' NOT' : '') . " IN ('" . @implode("', '", $entry_ids) . "') "; } } if ($date = $this->__resolveDefine("dsFilterDAY")) { $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%d') " . ($this->__isDefineNotClause("dsFilterDAY") ? '!' : '') . "= '" . $date . "' "; } if ($month = $this->__resolveDefine("dsFilterMONTH")) { $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%m') " . ($this->__isDefineNotClause("dsFilterMONTH") ? '!' : '') . "= '" . $month . "' "; } if ($year = $this->__resolveDefine("dsFilterYEAR")) { $comment_where .= " AND DATE_FORMAT(t2.creation_date, '%Y') " . ($this->__isDefineNotClause("dsFilterYEAR") ? '!' : '') . "= '" . $year . "' "; } $sort = "DESC"; if ($this->_dsFilterSORT != '') { $sort = strtoupper($this->_dsFilterSORT); } if (!isset($this->_dsFilterSHOWSPAM) || $this->_dsFilterSHOWSPAM != 'yes') { $comment_where .= " AND `t1`.`spam` = 'no' "; } if ($max_months = $this->__resolveDefine("dsFilterLIMIT_MONTHS")) { $sql = "SELECT UNIX_TIMESTAMP(t2.creation_date_gmt) as `creation_timestamp_gmt` " . "FROM `tbl_comments` as t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where . "GROUP BY t1.`id` " . "ORDER BY `creation_timestamp_gmt` {$sort} " . "LIMIT 1"; $relative_start = $this->_db->fetchVar('creation_timestamp_gmt', 0, $sql); switch ($sort) { case "DESC": $end = mktime(0, 0, 0, date('m', $relative_start) - $max_months + 1, 1, date('Y', $relative_start)); $comment_where .= " AND (UNIX_TIMESTAMP(t2.creation_date_gmt) <= '{$relative_start}' AND UNIX_TIMESTAMP(t2.creation_date_gmt) >= '{$end}')"; break; case "ASC": ## Since this is assending, we need to start from 0. The DS editor will give us 1+ $max_months--; $last_day = date('d', mktime(0, 0, 0, date('m', $relative_start) + 1, 0, date('Y', $relative_start))); $end = mktime(23, 59, 59, date('m', $relative_start) + $max_months, $last_day, date('Y', $relative_start)); $comment_where .= " AND (UNIX_TIMESTAMP(t2.creation_date_gmt) >= '{$relative_start}' AND UNIX_TIMESTAMP(t2.creation_date_gmt) <= '{$end}')"; break; } } else { ##We are trying to preview if (isset($param['limit'])) { $limit = $param['limit']; } elseif ($this->_dsFilterLIMIT != '') { $limit = intval($this->_dsFilterLIMIT); ##Prevent things from getting too big } else { $limit = 50; } } $start = 0; $sql = "SELECT count(t1.id) AS `total-comments` " . "FROM `tbl_comments` AS t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where; $kTotalCommentCount = $this->_db->fetchVar('total-comments', 0, $sql); if (isset($this->_dsFilterPAGENUMBER)) { $pagenumber = $this->__resolveDefine("dsFilterPAGENUMBER"); $kPageNumber = max(1, intval($pagenumber)); if (!$limit) { $limit = 50; } $kTotalPages = ceil($kTotalCommentCount * (1 / $limit)); $start = $limit * ($kPageNumber - 1); } $sql = "SELECT t1.*, UNIX_TIMESTAMP(t2.creation_date_gmt) as `creation_timestamp_gmt` " . "FROM `tbl_comments` as t1 " . "LEFT JOIN `tbl_metadata` AS t2 ON t1.`id` = t2.`relation_id` AND t2.`class` = 'comment' " . "INNER JOIN `tbl_entries` as t3 ON t1.`entry_id` = t3.`id` " . "LEFT JOIN `tbl_entries2sections` AS t4 ON t3.`id` = t4.`entry_id` " . "WHERE 1 " . $comment_where . "GROUP BY t1.`id` " . "ORDER BY `creation_timestamp_gmt` {$sort} " . ($limit ? " LIMIT {$start}, {$limit}" : ''); ##Check Cache $hash_id = md5(get_class($this) . $sql); if ($param['caching'] && ($cache = $this->check_cache($hash_id))) { return $cache; exit; } ##------------------------------ ##Create the XML container $xml = new XMLElement("comments"); ##Grab the records $comments = $this->_db->fetch($sql); ##Populate the XML if (empty($comments) || !is_array($comments)) { $xml->addChild(new XMLElement("error", "No Records Found.")); return $xml; } else { $entries = array(); foreach ($comments as $c) { $entries[$c['entry_id']]['commenting'] = $c['commenting']; $entries[$c['entry_id']]['comments'][] = $c; } if (in_array("pagination-info", $this->_dsFilterXMLFIELDS)) { $pageinfo = new XMLElement("pagination-info"); $pageinfo->setAttribute("total-comments", $kTotalCommentCount); $pageinfo->setAttribute("total-pages", $kTotalPages); $pageinfo->setAttribute("comment-per-page", $limit); $pageinfo->setAttribute("current-page", $kPageNumber); $xml->addChild($pageinfo); } foreach ($entries as $id => $row) { $entry_data = $entryManager->fetchEntriesByID($id, false, true); $entry = new XMLElement("entry"); $entry->setAttribute("id", $id); $entry->setAttribute('section-id', $entry_data['section_id']); $entry->setAttribute("handle", trim($entry_data['fields'][$entry_data['primary_field']]['handle'])); $entry->setAttribute("commenting", $row['commenting']); $entry->addChild(new XMLElement("entry-title", trim($entry_data['fields'][$entry_data['primary_field']]['value']))); $fields = $row['comments']; $entry->setAttribute("count", $kTotalCommentCount); if (is_array($fields) && !empty($fields)) { foreach ($fields as $c) { $comment = new XMLElement("comment"); $comment->setAttribute("id", $c['id']); if ($c['author_id'] != NULL) { $comment->setAttribute('authorised', 'yes'); $comment->setAttribute('author_id', $c['author_id']); } if (@in_array('spam', $this->_dsFilterXMLFIELDS)) { $comment->setAttribute("spam", $c['spam']); } $date_local = $obDate->get(true, false, $c['creation_timestamp_gmt']); $comment_fields = array("author" => $c['author_name'], "date" => General::createXMLDateObject($date_local), "time" => General::createXMLTimeObject($date_local), "rfc822-date" => date("D, d M Y H:i:s \\G\\M\\T", $obDate->get(false, false, $row['creation_timestamp_gmt'])), "message" => $this->_dsFilterENCODE != 'yes' ? $c['body'] : General::sanitize($c['body']), "url" => $c['author_url'], "email" => $c['author_email'], "email-hash" => md5($c['author_email'])); $this->__addChildFieldsToXML($comment_fields, $comment); $entry->addChild($comment); } } $xml->addChild($entry); } } ##------------------------------ ##Write To Cache if ($param['caching']) { $result = $xml->generate($param['indent'], $param['indent-depth']); $this->write_to_cache($hash_id, $result, $this->_cache_sections); return $result; } return $xml; }
} } $value = '<a title="' . $handle . '" class="' . $locked . '" href="' . $Admin->getCurrentPageURL() . 'edit/&_sid=' . $section_id . '&id=' . $row['id'] . '">' . $value . '</a>'; } if ($type == 'checkbox') { $tmp = array("value" => ucwords($value)); } elseif ($type == 'foreign' && $value != '') { $value = ''; $items = $row['fields'][$c['title']]['value']; if (!is_array($items)) { $items = array($items); } if (!empty($items)) { foreach ($items as $ii) { $id = $entryManager->fetchEntryIDFromPrimaryFieldHandle($row['fields'][$c['title']]['foreign_section'], $ii); if ($link = $entryManager->fetchEntriesByID($id, true)) { $value .= '<a href="' . $Admin->getCurrentPageURL() . 'edit/&_sid=' . $row['fields'][$c['title']]['foreign_section'] . '&id=' . $id[0] . '">' . General::limitWords($link['fields'][$link['primary_field']]['value'], 50, true) . '</a>, '; } } $value = rtrim($value, ', '); } $tmp = array("value" => $value ? $value : 'None'); } elseif ($type == 'upload') { $files = $row['fields'][$c['title']]['value']; if (is_array($files) && !empty($files)) { $links = array(); foreach ($files as $f) { $links[] = '<a href="' . URL . $f['path'] . '" title="' . $f['path'] . ' (' . $f['size'] . ' bytes)">' . basename($f['path']) . '</a>'; } $tmp = array("value" => implode(', ', $links)); } else {
function insertComment($comment, $isSpam = false) { $comment['author_id'] = NULL; $author_id = $this->_parent->isLoggedIn(); if ($author_id !== false) { $comment['author_id'] = $author_id; } $comment['author_ip'] = $_SERVER['REMOTE_ADDR']; #### # Delegate: CommentPreProcess # Description: Just before the comment is processed and saved. Good place to manipulate the data. $this->_parent->_CampfireManager->notifyMembers('CommentPreProcess', '/frontend/', array('isSpam' => &$isSpam, 'comment' => &$comment)); $this->isLastCommentSpam = $isSpam; unset($comment['remember']); $section = $this->_db->fetchRow(0, "SELECT * FROM tbl_sections WHERE `handle` = '" . $comment['section'] . "' LIMIT 1"); if (!is_array($section) || empty($section)) { $this->_notices[] = 'Invalid section specified.'; return false; } unset($comment['section']); if (isset($comment['entry_handle'])) { include_once TOOLKIT . "/class.entrymanager.php"; $entryManager = new EntryManager($this->_parent); $entry_id = $entryManager->fetchEntryIDFromPrimaryFieldHandle($section['id'], $comment['entry_handle']); $comment['entry_id'] = $entry_id[0]; unset($comment['entry_handle']); } if (!($entry = $entryManager->fetchEntriesByID($comment['entry_id'], false, true))) { $this->_notices[] = 'Invalid entry handle specified.'; return false; } if ($section['commenting'] == 'off') { return false; } $this->_notices = array(); $valid = $this->__validateComment($comment); if (!isset($this->_options['override-automatic-spam-detection']) || $this->_options['override-automatic-spam-detection'] == false) { $spam = $this->__isSpam($comment) || $this->__isBlackListed($comment['author_ip']); } else { $spam = $isSpam || $this->__isBlackListed($comment['author_ip']) ? true : false; } $comment = array_map(array($this, "__doBanWords"), $comment); $options = $this->_options; require_once LIBRARY . "/core/class.textformattermanager.php"; $TFM = new TextformatterManager(array('parent' => &$this->_parent)); if ($options['formatting-type'] != NULL && ($formatter = $TFM->create($options['formatting-type']))) { $comment['body'] = $formatter->run($comment['body']); } else { $comment['body'] = strip_tags($comment['body']); } $comment['author_url'] = General::validateUrl($comment['author_url']); $comment['spam'] = $spam ? "yes" : "no"; ##Check the comment body for well-formedness $xml_errors = array(); General::validateXML($comment['body'], $xml_errors, false); if (!empty($xml_errors)) { $xml_errors = array(); $comment['body'] = str_replace(array('<', '>', '&'), array('<', '>', '&'), $comment['body']); General::validateXML($comment['body'], $xml_errors, false, new XsltProcess()); if (!empty($xml_errors)) { $this->_notices[] = "Comment contains invalid text or markup."; return false; } } ## ##Check the comment name field for well-formedness $xml_errors = array(); General::validateXML($comment['author_name'], $xml_errors, false); if (!empty($xml_errors)) { $this->_notices[] = "Author name contains invalid text or markup."; } ## $dupe = $options['allow-duplicates'] == "on" ? false : $this->__isDuplicateComment($comment); $nuke_comment = !empty($xml_errors) || $spam && $options['nuke-spam'] == 'on'; #### # Delegate: CommentPreSave # Description: Just before the comment is inserted into the database. Also, final checks # of its validity have been performed. Good place to manipulate the data and check values $this->_parent->_CampfireManager->notifyMembers('CommentPreSave', '/frontend/', array('nuke' => &$nuke_comment, 'dupe' => &$dupe, 'comment' => &$comment)); if (!$nuke_comment && $valid && !$dupe) { if ($spam) { $this->isLastCommentSpam = true; } unset($comment['author_ip']); if ($this->_db->insert($comment, "tbl_comments")) { $comment_id = $this->_db->getInsertID(); $this->_parent->updateMetadata("comment", $comment_id); #### # Delegate: CommentPostSave # Description: After inserting comment into database. Comment ID is provided $this->_parent->_CampfireManager->notifyMembers('CommentPostSave', '/frontend/', array('id' => $comment_id)); if ($options['email-notify'] == 'on' && !$spam) { $this->__emailEntryAuthor($comment, $entry); } return true; } else { $this->_notices[] = 'Comment not successfully saved. An unknown error has occurred.'; } } else { if (!$valid || $nuke_comment) { $this->_notices[] = 'Comment flagged as spam and has not been saved.'; $this->isLastCommentSpam = true; } else { if ($dupe) { $this->_notices[] = 'Duplicate post detected.'; } } } #### # Delegate: CommentFailedInsert # Description: After a failed insert. Notices are provided $this->_parent->_CampfireManager->notifyMembers('CommentFailedInsert', '/frontend/', array('notices' => $this->_notices)); return false; }