/** * quickbox::__construct() * * @param array $init Initialization configuration * * Constructor which basically creates quickbox * and readies it for doing things. */ public function __construct ($init) { # We need to include initialize the config class because it allows us to get and # set configuration variables without using a global require $init['quickbox/path'] . '/classes/core/config.class.php'; config::init($init); define(DEBUG, config::get('debug')); # Start a database connection $this->db = new database(); try { $this->db->init(); } catch (Exception $e) { trigger_error(text::get('system/fatalError',$e->getMessage()), E_USER_ERROR); } require $init['quickbox/path'] . '/classes/core/metaclass.class.php'; metaclass::init($this->db); # Put the post and get variables into a private for later use. $_POST = $_POST; $this->qbGet = $_GET; # Start the session, giving it the database connection. $this->qbSession = new session($this->db); if ($this->qbGet['page'] == 'logout') { $this->qbSession->logout(); } $this->qbSession->checkCookie(); if (strlen($_POST['user']) > 0 && $_POST['login'] == 1) { $this->qbErrors['login'] = $this->qbSession->login($_POST['user'], $_POST['password']); } $this->qbPage = ($_GET['page'] ? janitor::cleanData($_GET['page']) : 'home'); }
public function checkCookie ($cookie) { $user = janitor::cleanData($cookie['user'], 'sql'); $query = new query(); $query->select()->from('userUsers')->joinLeft('userGroups', 'userUsers.group', 'id')->where('username', $user)->limit( '1'); $result = $this->sDb->query($query); if ($this->sDb->numRows($result) > 0) { $data = $this->sDb->assoc($result); if ($cookie['hash'] == md5(md5($data['email']) . $data['email'])) { $query = new query(); $this->user = $user; $this->userData = $data; $this->setCookie($user, $_SESSION['userdata']['email']); $this->setSession(); } } }
function output () { # Make GET and POST safe for the template if there are no magicquotes $safePost = janitor::cleanData($_POST); $safeGet = janitor::cleanData($_GET); include $this->dInclude; # Standard page data include $this->dispatcherPath("standardPage"); $this->dOutput['debug'] = config::get('quickbox/debug'); $this->dOutput['pageName'] = $this->dPageName; $this->dOutput['path'] = $this->dPage['path']; $this->dOutput['hostpage'] = $this->dPage['hostpage']; $this->dOutput['title'] = $this->dPage['title']; $this->dOutput['sCssId'] = $this->dPage['sCssId']; $this->dOutput['sName'] = $this->dPage['sName']; $this->dOutput['sTitle'] = $this->dPage['sTitle']; $this->dOutput['pageTitle'] = ($this->dOutput['pageTitle'] ? $this->dOutput['pageTitle'] : $this->dPage['pageTitle']); $this->dOutput['pagePrefix'] = config::get('site/pagePrefix'); $this->dOutput['htmlRoot'] = config::get('site/htmlRoot'); $this->dOutput['pageVars'] = $this->dPage['pageVars']; $this->dOutput['isDefaultPage'] = ($this->dPage['sDefaultPage'] == $this->dPageName ? true : false); return $this->dOutput; }
</h3> <?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['existant']['invalid'])): ?> <?php foreach($this->tData['form']['validation']['existant']['invalid'] as $k): ?> <p class="warningtext"><?php echo $k?> is invalid.</p> <?php endforeach; ?> <?php endif; ?> <?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['untaken']['invalid'])): ?> <?php foreach($this->tData['form']['validation']['untaken']['invalid'] as $k => $v): ?> <p class="warningtext"><?php echo $k?> ‘<?php echo $v?>’ already exists.</p> <?php endforeach; ?> <?php endif; ?> <?php if($this->tData['form']['validation']['passed']): ?> <p class="infotext">Database Updated.</p> <?php endif; ?> <form action="<?php echo $tData['pagePrefix']?>admin/content<?php echo janitor::getUrlString(($_GET['id'] ? "id=".$_GET['id'] : null)."&commit=true")?>" method="POST"> <p><label for="qbPageId"> Page: </label> <select name="qbPageId"> <option value="">Select a Page...</option> <?php foreach($this->tData['form']['pages'] as $a => $b): ?> <option value="<?php echo (strpos($a,'sect') !== false ? '' : $a)?>" <?php echo ($a == $form['qbPageId'] ? 'selected' : '')?>><?php echo $b?></option> <?php endforeach; ?> </select></p> <p><label for="name"> Name: </label> <input type="text" name="name" value="<?php echo $form['name']?>" /></p> <p><label for="title"> Identifiable Title: </label> <input type="text" name="title" value="<?php echo $form['title']?>" /></p> <p>Hints: To get a page URL relative to the site root, type {page}page_name - Instead of worrying about relative/absolute links etc.
<h3><?php echo ($this->tData['form']['editing'] ? 'Edit' : 'Add')?> Subpage</h3> <?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['existant']['invalid'])): ?> <?php foreach($this->tData['form']['validation']['existant']['invalid'] as $k): ?> <p class="warningtext"><?php echo $k?> is invalid.</p> <?php endforeach; ?> <?php endif; ?> <?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['untaken']['invalid'])): ?> <?php foreach($this->tData['form']['validation']['untaken']['invalid'] as $k => $v): ?> <p class="warningtext"><?php echo $k?> ‘<?php echo $v?>’ already exists.</p> <?php endforeach; ?> <?php endif; ?> <?php if($this->tData['form']['validation']['passed']): ?> <p class="infotext">Database Updated.</p> <?php endif; ?> <form action="<?php echo $this->tData['pagePrefix']?>admin/subPages<?php echo janitor::getUrlString("&id=".$_GET['id']."&commit=true")?>" method="POST"> <p><label for="title"> Group Title: </label> <input type="text" name="title" value="<?php echo $form['title']?>" /></p> <p><label for="qbPageNameLinked"> Linked to Page: </label> <select name="qbPageNameLinked"> <?php foreach($this->tData['form']['pages'] as $a => $b): ?> <option value="<?php echo (strpos($a,'sect') !== false ? '' : $a)?>" <?php echo ($a == $form['qbPageNameLinked'] ? 'selected' : '')?>><?php echo $b?></option> <?php endforeach; ?> </select></p> <p><label for="order"> Order: </label> <input type="text" name="order" style="width: 30px;" value="<?php echo $form['order']?>" /></p> <p style="text-align: center;"><input type="hidden" name="id" value="<?php echo $form['id']?>" /> <input type="submit"
$this->dOutput['form']['validation']['existant'] = $dValidator->arrayItems($this->dOutput['form']['data'], $necessaryItems); $this->dOutput['form']['validation']['untaken'] = $dValidator->isTaken($this->dOutput['form']['data'], $uniqueItems, 'qbUsers'); if (! isset($this->dOutput['form']['validation']['existant']['invalid']) && ! isset( $this->dOutput['form']['validation']['untaken']['invalid'])) { # Telling template all went okay $this->dOutput['form']['validation']['passed'] = true; # Sanitizing our input foreach ($this->dOutput['form']['data'] as $k => $v) { $cleanData[$k] = $this->db->escape($v); } $passwd = janitor::passwd($cleanData['password']); # Queries are here. if ($this->dOutput['form']['editing']) { $query = "UPDATE `qbUsers` SET `user` = '" . $cleanData['user'] . "', `email` = '" . $cleanData['email'] . "', `fullname` = '" . $cleanData['fullname'] . "', " . ($cleanData['password'] == "(no change)" ? '' : "`password` = '" . $passwd['passwd'] . "',") . " " . ($cleanData['password'] == "(no change)" ? '' : "`salt` = '" . $passwd['salt'] . "',") . " `accessLevel` = '" . $cleanData['accessLevel'] . "' WHERE `qbUsers`.`user` = '" . $cleanData['user'] . "' LIMIT 1 ;"; } else {
public static function get () { return (janitor::notNull($_SESSION['locale']) ? $_SESSION['locale'] : 'en'); }
/** * database::assoc() * * @param mixed $result * @return array Associative array of items. */ public function assoc ($result) { $result = mysql_fetch_assoc($result); if ($this->brokenEncoding == true) { $result = janitor::utfEncode($result); } return $result; }
$query->select('id')->from('articles')->where('name', $name)->limit('1'); $result = $this->db->query($query); $row = $this->db->assoc($result); $article = metaclass::load('article', $row['id']); $this->dOutput['article']['header'] = $article->getProperty('title'); $this->dOutput['article']['date'] = janitor::formatMysqlDateTime($article->getProperty('date'), 'l jS F, Y'); $this->dOutput['article']['fulltext'] = $md->process($article->getProperty('fulltext')); $this->dOutput['pageTitle'] = $article->getProperty('title'); } else { $query = new query(); $query->select(array ( 'id' , 'name' , 'date' , 'title' , 'preview' ))->from('articles')->order('date', 'desc'); $result = $this->db->query($query); $i = 0; while ($row = $this->db->assoc($result)) { $this->dOutput['articles']['listing'] = true; $row['dateLink'] = $row['name']; $this->dOutput['articles']['articles'][$i] = $row; $this->dOutput['articles']['articles'][$i]['preview'] = $md->process($row['preview']); $this->dOutput['articles']['articles'][$i]['date'] = janitor::formatMysqlDateTime($row['date'], 'jS M, Y'); $i ++; } } ?>
<?php $form = $this->tData['form']['data']; ?> <?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['existant']['invalid'])): ?> <?php foreach($this->tData['form']['validation']['existant']['invalid'] as $k): ?> <p class="warningtext"><?php echo $k?> is invalid.</p> <?php endforeach; ?> <?php endif; ?> <?php if($form == $this->tData['form']['submitting'] && isset($this->tData['form']['validation']['untaken']['invalid'])): ?> <?php foreach($this->tData['form']['validation']['untaken']['invalid'] as $k => $v): ?> <p class="warningtext"><?php echo $k?> ‘<?php echo $v?>’ already exists.</p> <?php endforeach; ?> <?php endif; ?> <?php if($this->tData['form']['validation']['passed']): ?> <p class="infotext">Database Updated.</p> <?php endif; ?> <form action="<?php echo $this->tData['pagePrefix']?>admin/pages<?php echo janitor::getUrlString("&name=".$_GET['name']."&commit=true")?>" method="POST"> <p><label for="name"> Internal Name: </label> <input type="text" name="name" value="<?php echo $form['name']?>" /></p> <p><label for="title"> Title: </label> <input type="text" name="title" value="<?php echo $form['title']?>" /></p> <p><label for="pageTitle"> Page Title: </label> <input type="text" name="pageTitle" value="<?php echo $form['pageTitle']?>" /></p> <p><label for="qbDispatcher"> Dispatcher: </label> <input type="text" name="qbDispatcher" value="<?php echo $form['qbDispatcher']?>" /></p> <p><label for="path"> Template: </label> <input type="text" name="path" value="<?php echo $form['path']?>" /></p> <p><label for="order"> Order: </label> <input type="text" name="order" style="width: 30px;" value="<?php echo $form['order']?>" /></p> <p><label for="visible"> Visible on Menu: </label> <input type="checkbox" name="visible" style="width: 14px;"
public function save () { # Set a registration date if one doesn't exist (ie, a new user). if ($this->getProperty('registrationDate', true) == null) { $this->setProperty('registrationDate', date('Y-m-d')); } else { $this->setProperty('registrationDate', $this->getProperty('registrationDate', true)); } # Do not change password if password boxes are empty. if ($this->getProperty('password') == null) { $this->setProperty('password', $this->getProperty('password', true)); $this->setProperty('password_check', $this->getProperty('password', true)); $this->setProperty('salt', $this->getProperty('salt', true)); } # Only change password if different from old password. if ($this->originalProperties['password'] != $this->properties['password']) { $newPass = janitor::passwd($this->getProperty('password')); $newPassCheck = janitor::passwd($this->getProperty('password_check'), $newPass['salt']); $this->setProperty('password', $newPass['passwd']); $this->setProperty('password_check', $newPassCheck['passwd']); $this->setProperty('salt', $newPass['salt']); } $this->saveObject(); }
<script type="text/javascript"> <!-- function deleteitem(id,name,url){ var answer = confirm ("Are you sure you wish to delete \"" + name + "\"") if (answer){ window.location= url + "<?php echo janitor::getUrlString("&delete=")?>" + id } } // --> </script> <?php if($_GET['mode'] != 'single' && !$_GET['id']): ?> <h5><button type="button" onclick="window.location= '<?php echo $tData['baseurl']?>?mode=single'" class="button neutral"><img src="<?php echo config::get('site/htmlRoot')?>qbres/images/new.png"/> <?php echo text::get('scaffold/createnew') ?></button></h5> <hr /> <?php echo $tData['table']?> <?php else: ?> <h5><button type="button" onClick="window.location = '<?php echo $tData['baseurl']?>?mode='" class="button neutral"> <img src="<?php echo config::get('site/htmlRoot')?>qbres/images/back.png"/><?php echo text::get('scaffold/returntoitems') ?></button></h5> <hr />
</div> </form> <div> <h4><a href="<?php echo $this->tData['pagePrefix']?>admin/users">Create New...</a></h4> </div> <table style="width: 98%; margin: 10px;"> <th>Table of Users</th> <th>E-Mail</th> <th>Full Name</th> <th>Access Level</th> <th></th> <?php foreach($this->tData['form']['userlist'] as $k => $v): ?> <tr> <td><a href="<?php echo $this->tData['pagePrefix']?>admin/users<?php echo janitor::getUrlString("&user=$k")?>"><?php echo $k?></a> </td> <td> <?php echo $v['email'] ?> </td> <td> <?php echo $v['fullname'] ?> </td> <td style="width: 40px"> <?php echo $v['accessLevel'] ?> </td> <td style="width: 50px"><a href="javascript:deleteuser('<?php echo $k?>')">[x]</a></td> </tr> <?php endforeach; ?> </table>
public static function utfEncode ($data) # getting rid of some weird characters in the database. { if (is_array($data)) { foreach ($data as $k => $v) { $data[$k] = janitor::utfEncode($v); } } else { # Actual processing $data = utf8_encode($data); } return $data; }
public function makeTable ($fields = false) { if (! $fields) { $fields[] = 'id'; foreach ($this->definitions as $k => $v) { if ($v['ontable']) { $fields[] = $k; } if ($v['linkfield']) { $linkfield = $k; } } } $fields2['id'] = "ID"; foreach ($fields as $v) { $fields2[$v] = $this->definitions[$v]['title']; } $fields2['delete'] = ""; $table = new table($fields2, array ( 'class' => 'span-16' )); $fieldsList = metaclass::getItems($this->table, $fields, $this->keyField); foreach ($fieldsList as $k => $v) { $v['delete'] = text::get('form/delete'); $table->addRow($v, array ( $linkfield => array ( 'type' => 'link' , 'href' => $this->urlbase . '?id=' . $v['id'] ) , 'delete' => array ( 'type' => 'link' , 'href' => 'javascript:deleteitem(\'' . $v['id'] . '\',\'' . janitor::cleanData( $v['title']) . '\',\'' . $this->urlbase . '\')' ) )); } return $table->output(); }
/** * Creates a table in the image of the property definitions supplied to it. * * @param string $tableName What the table will be called. * @param array $propertyDefinitions The structure of the table. * * @todo Need to make this use the query class. */ private static function createTable ($tableName, $propertyDefinitions) { $query .= " CREATE TABLE `" . metaclass::$db->getProperty('database') . "`.`$tableName` (\n"; $query .= " `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,\n"; foreach ($propertyDefinitions as $k => $v) { $vars = metaclass::getClassVars($v['type'], 'datatypes'); $querylines[] .= "`$k` " . (janitor::notNull($vars['fieldtype']) ? $vars['fieldtype'] : 'VARCHAR( 255 )') . " NOT NULL "; } $query .= implode(",\n", $querylines); $query .= ")"; metaclass::$db->query($query); metaclass::$tablesLoaded[] = $tableName; }