public function __construct()
 {
     $this->_display_html = false;
     if (VGet::loggedout()) {
         $this->_msg = ActionMessages::custom_good('You\'ve been logged out');
     }
     try {
         $this->_session = new Session();
         if (VPost::login(false)) {
             $this->_session->login();
         }
     } catch (Exception $e) {
         $this->_msg = ActionMessages::custom_wrong($e->getMessage());
     }
 }
 /**
  * Retrieve all categories from the database for a specific type
  *
  * @static
  * @access	public
  * @param	array [$array] Array to populate with categories (passed by reference)
  * @param	string [$msg] Attribute to return a message to if error raisen (passed by reference)
  * @param	string [$type] Category type that has to be retrieved
  */
 public static function get_categories(&$array, &$msg, $type)
 {
     try {
         $db =& Database::load();
         $to_read['table'] = 'category';
         $to_read['columns'] = array('CATEGORY_ID', 'category_name');
         $to_read['condition_columns'][':t'] = 'category_type';
         $to_read['condition_select_types'][':t'] = '=';
         $to_read['condition_values'][':t'] = $type;
         $to_read['value_types'][':t'] = 'str';
         $cats = $db->read($to_read);
         if (is_array($cats)) {
             foreach ($cats as $cat) {
                 $array[$cat['CATEGORY_ID']] = $cat['category_name'];
             }
         }
     } catch (Exception $e) {
         $msg = ActionMessages::custom_wrong($e->getMessage());
     }
 }
 /**
  * Retrieve all plugins installed
  *
  * @access	private
  */
 private function get_plugins()
 {
     try {
         $to_read['table'] = 'setting';
         $to_read['columns'] = array('SETTING_ID');
         $to_read['condition_columns'][':t'] = 'setting_type';
         $to_read['condition_select_types'][':t'] = '=';
         $to_read['condition_values'][':t'] = 'plugin';
         $to_read['value_types'][':t'] = 'str';
         $this->_plugins = $this->_db->read($to_read);
         if (!empty($this->_plugins)) {
             foreach ($this->_plugins as &$plg) {
                 $plg = new Setting($plg['SETTING_ID']);
                 $plg->_data = json_decode($plg->_data, true);
             }
         }
     } catch (Exception $e) {
         $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
     }
 }
 /**
  * Delete a plugin
  *
  * @access	private
  */
 private function delete()
 {
     if (VPost::delete(false) && VPost::plg_id() && $this->_user['delete_content']) {
         try {
             $plg = new Setting(VPost::plg_id());
             $plg->_data = json_decode($plg->_data, true);
             foreach ($plg->_data['admin'] as $file) {
                 File::delete('includes/' . $plg->_data['namespace'] . '/' . $file);
             }
             foreach ($plg->_data['site'] as $file) {
                 File::delete(PATH . 'includes/' . $file);
             }
             foreach ($plg->_data['library'] as $file) {
                 File::delete('library/' . $plg->_data['namespace'] . '/' . $file);
             }
             foreach ($plg->_data['uninstall'] as $query) {
                 $this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
             }
             File::delete(PATH . 'css/' . $plg->_data['namespace'] . '.css', false);
             $plg->delete();
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::deleted($result);
     } elseif (VPost::delete(false) && !$this->_user['delete_content']) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Retrieve the timeline of a website
  *
  * @access	private
  */
 private function get_timeline()
 {
     try {
         $site = VGet::website();
         if (!empty($site) || $site === 0) {
             $this->_key = VGet::website();
         } else {
             $data = $this->_prefs->_data['timeline'];
             reset($data);
             $this->_key = key($data);
         }
         if (empty($this->_prefs->_data['timeline'])) {
             throw new Exception('No website in your preferences!');
         }
         if (!isset($this->_prefs->_data['timeline'][$this->_key])) {
             throw new Exception('Requested website not found!');
         }
         $url = $this->_prefs->_data['timeline'][$this->_key]['url'] . 'admin/index.php?ns=rpc&ctl=timeline&since=' . $this->_since;
         $curl = new Curl($url);
         $this->_timeline = json_decode($curl->_content, true);
     } catch (Exception $e) {
         $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
     }
 }
 /**
  * Create a new user
  *
  * @access	private
  */
 private function create()
 {
     if ($this->check_post_data()) {
         try {
             $to_read['table'] = 'user';
             $to_read['columns'] = array('USER_ID');
             $to_read['condition_columns'][':u'] = 'user_username';
             $to_read['condition_select_types'][':u'] = 'LIKE';
             $to_read['condition_values'][':u'] = $this->_new_user->_username;
             $to_read['value_types'][':u'] = 'str';
             $user = $this->_db->read($to_read);
             if (!empty($user)) {
                 throw new Exception('Username already used!');
             }
             $this->_new_user->create();
             Session::monitor_activity('added a new member: ' . $this->_new_user->_username);
             if ($this->_new_user->_result_action === true && VPost::send_pwd(false)) {
                 $to = $this->_new_user->_email;
                 $subject = 'Your password for ' . WS_NAME;
                 $message = 'This is your password: '******'Location: index.php?ns=users&ctl=manage');
             } elseif ($this->_new_user->_result_action === true) {
                 header('Location: index.php?ns=users&ctl=manage');
             }
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     }
 }
 /**
  * Delete all registered activity
  *
  * @access	private
  */
 private function delete()
 {
     if (VPost::reset(false) && $this->_user['delete_content']) {
         try {
             $this->_db->query('TRUNCATE TABLE ' . DB_PREFIX . 'activity');
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::deleted($result);
     } elseif (VPost::reset(false) && !$this->_user['delete_content']) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Update link object
  *
  * @access	private
  */
 private function update()
 {
     if ($this->_user['settings']) {
         if ($this->check_post_data()) {
             try {
                 $this->_link->update('_name', 'str');
                 $this->_link->update('_link', 'str');
                 $this->_link->update('_rss_link', 'str');
                 $this->_link->update('_notes', 'str');
                 $this->_link->update('_priority', 'int');
                 header('Location: index.php?ns=links&ctl=manage');
             } catch (Exception $e) {
                 $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
             }
         }
     } else {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Install a template from github
  *
  * @access	private
  */
 private function create()
 {
     if (VGet::action() == 'install' && VGet::user() && VGet::repo() && VGet::download()) {
         try {
             $curl = new Curl('https://api.github.com/repos/' . VGet::user() . '/' . VGet::repo() . '/downloads');
             $downloads = json_decode($curl->_content, true);
             if (empty($downloads)) {
                 throw new Exception('Archive doesn\'t exist on Github');
             }
             if (isset($downloads['message'])) {
                 throw new Exception($downloads['message']);
             }
             $url = null;
             foreach ($downloads as $download) {
                 if ($download['name'] == VGet::download()) {
                     if ($download['content_type'] != 'application/zip') {
                         throw new Exception('Invalid archive type! (.zip only)');
                     } else {
                         $url = $download['html_url'];
                     }
                 }
             }
             unset($curl);
             $curl = new Curl($url);
             $zip = new File();
             $zip->_content = $curl->_content;
             $zip->save('tmp/template.zip');
             $tmp = 'tmp/tpl_' . md5_file('tmp/template.zip') . '/';
             File::unzip('tmp/template.zip', $tmp);
             File::delete('tmp/template.zip');
             $json = File::read($tmp . 'manifest.json');
             $conf = json_decode($json->_content, true);
             //check if the manifest is complete
             if (!isset($conf['name']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['namespace']) || !isset($conf['files'])) {
                 throw new Exception('Invalid manifest!');
             }
             if (is_dir(PATH . 'includes/templates/' . $conf['namespace'] . '/')) {
                 throw new Exception('Template already exist');
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['files'] as $file) {
                 File::read($tmp . $file);
             }
             foreach ($conf['files'] as $file) {
                 File::move($tmp . $file, PATH . 'includes/templates/' . $conf['namespace'] . '/' . $file);
                 File::delete($tmp . $file);
             }
             File::delete($tmp . 'manifest.json');
             $setting = new Setting();
             $setting->_name = $conf['name'];
             $setting->_type = 'template';
             $setting->_data = json_encode($conf);
             $setting->create();
             $this->_action_msg = ActionMessages::custom_good('Template "' . $setting->_name . '" installed');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     }
 }
 /**
  * Move uploaded files to the right place and insert metadata in the database
  *
  * @access	private
  */
 private function create()
 {
     if (VPost::upload(false)) {
         try {
             $path = 'content/' . date('Y/m/');
             $img = new HandleMedia();
             $img->load_upload('file');
             $name = Helper::remove_accent($img->_name);
             $mime = $img->_mime;
             if (file_exists(PATH . $path . $name)) {
                 throw new Exception('The file "' . $name . '" already exists');
             }
             $img->save(PATH . $path . $name);
             if (substr($mime, 0, 5) == 'image') {
                 $img->thumb(150, 0);
                 $img->thumb(300, 0);
                 $img->thumb(1000, 0);
                 $this->_media->_status = 'draft';
             } elseif (substr($mime, 0, 5) == 'video') {
                 $this->_media->_status = 'publish';
             }
             $this->_media->_name = $name;
             $this->_media->_type = $mime;
             $this->_media->_author = $this->_user['user_id'];
             $this->_media->_allow_comment = 'closed';
             $this->_media->_permalink = $path . $name;
             $this->_media->_album = 0;
             $this->_media->create();
             Session::monitor_activity('has uploaded a file named: ' . $this->_media->_name);
             if (substr($mime, 0, 5) == 'video') {
                 header('Location: index.php?ns=media&ctl=manage&type=video');
             } else {
                 header('Location: index.php?ns=media&ctl=manage');
             }
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     } elseif (VPost::create_album(false) && $this->_user['album_photo']) {
         if (!VPost::name()) {
             $this->_action_msg = ActionMessages::custom_wrong('Album name missing');
         } else {
             try {
                 $name = VPost::name();
                 $path = 'content/albums/' . Helper::slug($name) . '/';
                 if (file_exists(PATH . $path)) {
                     throw new Exception('The album "' . $name . '" already exists');
                 }
                 $this->_media->_name = $name;
                 $this->_media->_type = 'album';
                 $this->_media->_author = $this->_user['user_id'];
                 $this->_media->_status = 'draft';
                 $this->_media->_permalink = $path;
                 $this->_media->_description = stripslashes(VPost::description());
                 $this->_media->_category = implode(',', VPost::cat(array()));
                 $this->_media->_allow_comment = VPost::allow_comment('closed');
                 $this->_media->_album = 0;
                 $img = new HandleMedia();
                 $img->load_upload('cover');
                 $img->save(PATH . $path . 'cover.png');
                 $img->thumb(150, 0);
                 $img->thumb(300, 0);
                 $img->thumb(1000, 0);
                 $this->_media->create();
                 Session::monitor_activity('created an album named: ' . $this->_media->_name);
                 header('Location: index.php?ns=media&ctl=albums&action=edit&id=' . $this->_media->_id);
             } catch (Exception $e) {
                 $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
             }
         }
     } elseif (VPost::link_alien(false)) {
         if (!VPost::name() || !VPost::embed_code()) {
             $this->_action_msg = ActionMessages::custom_wrong('There\'s missing informations');
         } else {
             try {
                 $this->_media->_name = VPost::name();
                 $this->_media->_type = 'alien';
                 $this->_media->_author = $this->_user['user_id'];
                 $this->_media->_status = 'draft';
                 $this->_media->_allow_comment = 'closed';
                 $this->_media->_permalink = Helper::slug(VPost::name());
                 $this->_media->_embed_code = VPost::embed_code();
                 $this->_media->_album = 0;
                 $this->_media->create();
                 Session::monitor_activity('linked a new video named: ' . $this->_media->_name);
                 header('Location: index.php?ns=media&ctl=manage&type=video');
             } catch (Exception $e) {
                 $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
             }
         }
     } elseif (VPost::register_video(false)) {
         try {
             if (!file_exists(PATH . VPost::url())) {
                 throw new Exception('Video not found');
             }
             if (!VPost::mime()) {
                 throw new Exception('Video mime type missing');
             }
             $this->_media->_name = VPost::name();
             $this->_media->_type = VPost::mime();
             $this->_media->_author = $this->_user['user_id'];
             $this->_media->_status = 'publish';
             $this->_media->_allow_comment = 'closed';
             $this->_media->_permalink = VPost::url();
             $this->_media->_album = 0;
             $this->_media->create();
             Session::monitor_activity('registered a new video named: ' . $this->_media->_name);
             header('Location: index.php?ns=media&ctl=manage&action=edit&type=video&id=' . $this->_media->_id);
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     }
 }
 /**
  * Delete links
  *
  * @access	private
  */
 private function delete()
 {
     if (VPost::delete(false) && VPost::link_id() && $this->_user['delete_content']) {
         try {
             foreach (VPost::link_id() as $id) {
                 $link = new Link();
                 $link->_id = $id;
                 $link->delete();
                 $this->_action_msg = ActionMessages::deleted($link->_result_action);
             }
             Session::monitor_activity('deleted ' . count(VPost::link_id()) . ' link(s)');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     } elseif (VGet::action() == 'delete' && VGet::id() && $this->_user['delete_content']) {
         try {
             $link = new Link();
             $link->_id = Vget::id();
             $link->delete();
             Session::monitor_activity('deleted a link');
             $this->_action_msg = ActionMessages::deleted($link->_result_action);
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     } elseif ((VPost::delete(false) || VGet::action() == 'delete') && $this->_user['delete_content'] === false) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Delete medias from database and on hard drive
  *
  * @access	private
  */
 private function delete()
 {
     if ($this->_user['delete_content'] && VPost::delete(false) && VPost::media_id()) {
         $results = array();
         $global_result = true;
         foreach (VPost::media_id() as $id) {
             try {
                 $media = new Media();
                 $media->_id = $id;
                 $media->read('_permalink');
                 $path = $media->_permalink;
                 $media->delete();
                 unset($media);
                 HandleMedia::delete(PATH . $path);
                 $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "media"');
                 if (VPost::type() == 'alien') {
                     $to_update['table'] = 'media';
                     $to_update['columns'] = array(':attach' => 'media_attachment');
                     $to_update['condition_columns'] = array(':ca' => 'media_attachment');
                     $to_update['column_values'] = array(':attach' => null, ':ca' => $id);
                     $to_update['value_types'] = array(':attach' => 'null', ':ca' => 'int');
                     $this->_db->update($to_update);
                 }
                 array_push($results, true);
             } catch (Exception $e) {
                 array_push($results, false);
             }
         }
         foreach ($results as $result) {
             if ($result !== true) {
                 $global_result = false;
             }
         }
         Session::monitor_activity('deleted ' . count(VPost::media_id()) . ' file(s)');
         $this->_action_msg = ActionMessages::deleted($global_result);
     } elseif ($this->_user['delete_content'] && VGet::action() == 'delete' && VGet::id()) {
         try {
             $media = new Media();
             $media->_id = VGet::id();
             $media->read('_permalink');
             $path = $media->_permalink;
             $media->delete();
             unset($media);
             HandleMedia::delete(PATH . $path);
             $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "media"');
             if (VGet::type() == 'alien') {
                 $to_update['table'] = 'media';
                 $to_update['columns'] = array(':attach' => 'media_attachment');
                 $to_update['condition_columns'] = array(':ca' => 'media_attachment');
                 $to_update['column_values'] = array(':attach' => null, ':ca' => VGet::id());
                 $to_update['value_types'] = array(':attach' => 'null', ':ca' => 'int');
                 $this->_db->update($to_update);
             }
             Session::monitor_activity('deleted a file');
             $result = true;
         } catch (Exception $e) {
             error_log($e->getMessage(), 0);
             $result = false;
         }
         $this->_action_msg = ActionMessages::deleted($result);
     } elseif (!$this->_user['delete_content'] && (VPost::delete(false) || VGet::action() == 'delete')) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Delete files on hard drive and metadata in database
  *
  * @access	private
  */
 private function delete()
 {
     if (VPost::apply_action(false) && VPost::action() == 'delete' && $this->_user['delete_content']) {
         if (VPost::album_id()) {
             try {
                 foreach (VPost::album_id() as $id) {
                     $album = new Media();
                     $album->_id = $id;
                     $album->read('_permalink');
                     $to_read['table'] = 'media';
                     $to_read['columns'] = array('MEDIA_ID');
                     $to_read['condition_columns'][':id'] = 'media_album';
                     $to_read['condition_select_types'][':id'] = '=';
                     $to_read['condition_values'][':id'] = $id;
                     $to_read['value_types'][':id'] = 'int';
                     $ids = $this->_db->read($to_read);
                     if (!empty($ids)) {
                         foreach ($ids as $pid) {
                             $pic = new Media();
                             $pic->_id = $pid['MEDIA_ID'];
                             $pic->read('_permalink');
                             $permalink = $pic->_permalink;
                             HandleMedia::delete(PATH . $permalink);
                             $pic->delete();
                         }
                     }
                     $permalink = $album->_permalink;
                     HandleMedia::delete(PATH . $permalink . 'cover.png');
                     @rmdir(PATH . $permalink);
                     $album->delete();
                     $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "media"');
                 }
                 Session::monitor_activity('deleted ' . count(VPost::album_id()) . ' album(s)');
                 $result = true;
             } catch (Exception $e) {
                 $result = $e->getMessage();
             }
             $this->_action_msg = ActionMessages::deleted($result);
         }
     } elseif (VGet::action() == 'delete' && VGet::id() && $this->_user['delete_content']) {
         try {
             $pic = new Media();
             $pic->_id = VGet::id();
             $pic->read('_permalink');
             $permalink = $pic->_permalink;
             HandleMedia::delete(PATH . $permalink);
             $pic->delete();
             $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "media"');
             Session::monitor_activity('deleted a picture of an album');
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::deleted($result);
     } elseif (VPost::delete_pics(false)) {
         if (VPost::picture_id()) {
             try {
                 foreach (VPost::picture_id() as $id) {
                     $pic = new Media();
                     $pic->_id = $id;
                     $pic->read('_permalink');
                     $permalink = $pic->_permalink;
                     HandleMedia::delete(PATH . $permalink);
                     $pic->delete();
                 }
                 Session::monitor_activity('deleted ' . count(VPost::picture_id(array())) . ' picture(s) of an album');
                 $result = true;
             } catch (Exception $e) {
                 $result = $e->getMessage();
             }
         }
     } elseif ((VPost::apply_action(false) && VPost::action() == 'delete' || VGet::action() == 'delete' || VPost::delete_pics(false)) && !$this->_user['delete_content']) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Add a new Plugin
  *
  * @access	private
  */
 private function create()
 {
     if (VPost::upload(false)) {
         try {
             $plg = VFiles::plg();
             if ($plg['error'] != 0) {
                 throw new Exception('No file uploaded');
             }
             $tmp = 'tmp/plg_' . md5_file($plg['tmp_name']) . '/';
             File::unzip($plg['tmp_name'], $tmp);
             $json = File::read($tmp . 'manifest.json');
             $conf = json_decode($json->_content, true);
             //check if manifest is complete
             if (!isset($conf['name']) || !isset($conf['namespace']) || !isset($conf['entry_point']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['admin']) || !isset($conf['site']) || !isset($conf['library']) || !isset($conf['queries']) || !isset($conf['uninstall'])) {
                 throw new Exception('Invalid manifest!');
             }
             if (is_dir('includes/' . $conf['namespace']) || is_dir('library/' . $conf['namespace'])) {
                 throw new Exception('The namespace "' . $conf['namespace'] . '" is already taken');
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['admin'] as $file) {
                 File::read($tmp . 'admin/' . $file);
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['site'] as $file) {
                 if (file_exists(PATH . 'includes/' . $file)) {
                     throw new Exception('The file "' . $file . '" already exists in site directory');
                 }
                 File::read($tmp . 'site/' . $file);
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['library'] as $file) {
                 File::read($tmp . 'library/' . $file);
             }
             foreach ($conf['admin'] as $file) {
                 File::move($tmp . 'admin/' . $file, 'includes/' . $conf['namespace'] . '/' . $file);
                 File::delete($tmp . 'admin/' . $file);
             }
             foreach ($conf['site'] as $file) {
                 File::move($tmp . 'site/' . $file, PATH . 'includes/' . $file);
                 File::delete($tmp . 'site/' . $file);
             }
             foreach ($conf['library'] as $file) {
                 File::move($tmp . 'library/' . $file, 'library/' . $conf['namespace'] . '/' . $file);
                 File::delete($tmp . 'library/' . $file);
             }
             if (isset($conf['css'])) {
                 foreach ($conf['css'] as $file) {
                     File::move($tmp . 'css/' . $file, PATH . 'css/' . $conf['namespace'] . '.css');
                     File::delete($tmp . 'css/' . $file);
                 }
             }
             foreach ($conf['queries'] as $query) {
                 $this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
             }
             File::delete($tmp . 'manifest.json');
             $setting = new Setting();
             $setting->_name = $conf['name'];
             $setting->_type = 'plugin';
             $setting->_data = json_encode($conf);
             $setting->create();
             header('Location: index.php?ns=plugins&ctl=manage');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     }
 }
 /**
  * Upload and move into place a new template
  *
  * @access	private
  */
 private function create()
 {
     if (VPost::upload(false)) {
         try {
             $tpl = VFiles::tpl();
             if ($tpl['error'] != 0) {
                 throw new Exception('No file uploaded');
             }
             $tmp = 'tmp/tpl_' . md5_file($tpl['tmp_name']) . '/';
             File::unzip($tpl['tmp_name'], $tmp);
             $json = File::read($tmp . 'manifest.json');
             $conf = json_decode($json->_content, true);
             //check if the manifest is complete
             if (!isset($conf['name']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['namespace']) || !isset($conf['files'])) {
                 throw new Exception('Invalid manifest!');
             }
             if (is_dir(PATH . 'includes/templates/' . $conf['namespace'] . '/')) {
                 throw new Exception('Template already exist');
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['files'] as $file) {
                 File::read($tmp . $file);
             }
             foreach ($conf['files'] as $file) {
                 File::move($tmp . $file, PATH . 'includes/templates/' . $conf['namespace'] . '/' . $file);
                 File::delete($tmp . $file);
             }
             File::delete($tmp . 'manifest.json');
             $setting = new Setting();
             $setting->_name = $conf['name'];
             $setting->_type = 'template';
             $setting->_data = json_encode($conf);
             $setting->create();
             header('Location: index.php?ns=templates&ctl=manage');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     }
 }
 /**
  * Create a comment on a distant website
  *
  * @access	private
  */
 private function create()
 {
     if (VPost::submit(false) && VPost::content(false)) {
         try {
             $user = new User();
             $user->_id = $this->_user['user_id'];
             $user->read('_publicname');
             $user->read('_email');
             $data = array('name' => $user->_publicname, 'email' => $user->_email, 'content' => VPost::content(), 'id' => $this->_content['post']['POST_ID'], 'type' => 'post');
             $url = $this->_prefs->_data['timeline'][$this->_key]['url'] . 'admin/index.php?ns=rpc&ctl=comment';
             $curl = new Curl();
             $curl->_post = true;
             $curl->_data = $data;
             $curl->_url = $url;
             $curl->connect();
             $msg = json_decode($curl->_content, true);
             if ($msg['message'] !== true) {
                 throw new Exception('Error on distant website! ' . $this->_prefs->_data['timeline'][$this->_key]['title'] . ' says "' . $msg['message'] . '"');
             }
             $this->_action_msg = ActionMessages::custom_good('Comment submitted');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     }
 }
 /**
  * Update user data
  *
  * @access	private
  */
 private function update()
 {
     if ($this->check_post_data()) {
         try {
             $this->_profile->update('_firstname', 'str');
             $this->_profile->update('_lastname', 'str');
             $this->_profile->update('_nickname', 'str');
             $this->_profile->update('_publicname', 'str');
             $this->_profile->update('_email', 'str');
             $this->_profile->update('_website', 'str');
             $this->_profile->update('_msn', 'str');
             $this->_profile->update('_twitter', 'str');
             $this->_profile->update('_facebook', 'str');
             $this->_profile->update('_google', 'str');
             $this->_profile->update('_avatar', 'int');
             $this->_profile->update('_bio', 'str');
             if (VPost::role(false)) {
                 $this->_profile->update('_role', 'str');
             }
             $pwd = $this->_profile->_password;
             if (!empty($pwd)) {
                 $this->_profile->update('_password', 'str');
             }
             $this->build_avatar();
             $this->_action_msg = ActionMessages::profile_update(true);
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::profile_update(ucfirst($e->getMessage()));
         }
     }
 }
 /**
  * Update default page setting
  *
  * @access	private
  */
 private function update()
 {
     if (VPost::update(false)) {
         try {
             $array = array('type' => '', 'view' => '');
             if ($this->_setting->_data['type'] != VPost::type()) {
                 $array['view'] = 'all';
             } else {
                 $array['view'] = VPost::view();
             }
             $array['type'] = VPost::type();
             $this->_setting->_data = json_encode($array);
             $this->_setting->update('_data', 'str');
             $this->_setting->_data = json_decode($this->_setting->_data, true);
             Session::monitor_activity('changed default page setting');
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::updated($result);
     }
 }
 /**
  * Update setting
  *
  * @access	private
  */
 private function update()
 {
     if (VPost::update_setting(false)) {
         try {
             $array = VPost::settings(array('media' => false));
             $settings = array('media' => false);
             foreach ($settings as $key => &$value) {
                 if (in_array($key, $array)) {
                     $value = true;
                 }
             }
             $this->_setting->_data = json_encode($settings);
             $this->_setting->update('_data', 'str');
             $this->_setting->_data = json_decode($this->_setting->_data, true);
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::updated($result);
     }
 }
 /**
  * Install a plugin from github
  *
  * @access	private
  */
 private function create()
 {
     if (VGet::action() == 'install' && VGet::user() && VGet::repo() && VGet::download()) {
         try {
             $curl = new Curl('https://api.github.com/repos/' . VGet::user() . '/' . VGet::repo() . '/downloads');
             $downloads = json_decode($curl->_content, true);
             if (empty($downloads)) {
                 throw new Exception('Archive doesn\'t exist on Github');
             }
             if (isset($downloads['message'])) {
                 throw new Exception($downloads['message']);
             }
             $url = null;
             foreach ($downloads as $download) {
                 if ($download['name'] == VGet::download()) {
                     if ($download['content_type'] != 'application/zip') {
                         throw new Exception('Invalid archive type! (.zip only)');
                     } else {
                         $url = $download['html_url'];
                     }
                 }
             }
             unset($curl);
             $curl = new Curl($url);
             $zip = new File();
             $zip->_content = $curl->_content;
             $zip->save('tmp/plugin.zip');
             $tmp = 'tmp/plg_' . md5_file('tmp/plugin.zip') . '/';
             File::unzip('tmp/plugin.zip', $tmp);
             File::delete('tmp/plugin.zip');
             $json = File::read($tmp . 'manifest.json');
             $conf = json_decode($json->_content, true);
             //check if manifest is complete
             if (!isset($conf['name']) || !isset($conf['namespace']) || !isset($conf['entry_point']) || !isset($conf['author']) || !isset($conf['url']) || !isset($conf['admin']) || !isset($conf['site']) || !isset($conf['library']) || !isset($conf['queries']) || !isset($conf['uninstall'])) {
                 throw new Exception('Invalid manifest');
             }
             if (is_dir('includes/' . $conf['namespace']) || is_dir('library/' . $conf['namespace'])) {
                 throw new Exception('The namespace "' . $conf['namespace'] . '" is already taken');
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['admin'] as $file) {
                 File::read($tmp . 'admin/' . $file);
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['site'] as $file) {
                 if (file_exists(PATH . 'includes/' . $file)) {
                     throw new Exception('The file "' . $file . '" already exists in site directory');
                 }
                 File::read($tmp . 'site/' . $file);
             }
             //if one of files doesn't exists, an exception will be raised
             foreach ($conf['library'] as $file) {
                 File::read($tmp . 'library/' . $file);
             }
             foreach ($conf['admin'] as $file) {
                 File::move($tmp . 'admin/' . $file, 'includes/' . $conf['namespace'] . '/' . $file);
                 File::delete($tmp . 'admin/' . $file);
             }
             foreach ($conf['site'] as $file) {
                 File::move($tmp . 'site/' . $file, PATH . 'includes/' . $file);
                 File::delete($tmp . 'site/' . $file);
             }
             foreach ($conf['library'] as $file) {
                 File::move($tmp . 'library/' . $file, 'library/' . $conf['namespace'] . '/' . $file);
                 File::delete($tmp . 'library/' . $file);
             }
             if (isset($conf['css'])) {
                 foreach ($conf['css'] as $file) {
                     File::move($tmp . 'css/' . $file, PATH . 'css/' . $conf['namespace'] . '.css');
                     File::delete($tmp . 'css/' . $file);
                 }
             }
             foreach ($conf['queries'] as $query) {
                 $this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
             }
             File::delete($tmp . 'manifest.json');
             $setting = new Setting();
             $setting->_name = $conf['name'];
             $setting->_type = 'plugin';
             $setting->_data = json_encode($conf);
             $setting->create();
             $this->_action_msg = ActionMessages::custom_good('Plugin "' . $setting->_name . '" installed');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
             //remove files
             foreach ($conf['admin'] as $file) {
                 File::delete($tmp . 'admin/' . $file, false);
             }
             foreach ($conf['site'] as $file) {
                 File::delete($tmp . 'site/' . $file, false);
             }
             foreach ($conf['library'] as $file) {
                 File::delete($tmp . 'library/' . $file, false);
             }
         }
     }
 }
 /**
  * Display page content
  *
  * @access	public
  */
 public function display_content()
 {
     $this->display_menu();
     if ($this->_user['settings']) {
         $this->display_settings();
     } else {
         echo ActionMessages::part_no_perm();
     }
 }
 /**
  * Method that permits to delete one or more comments at a time
  *
  * @access	private
  */
 private function delete()
 {
     if ((isset($_POST['empty']) || VRequest::action() == 'delete') && $this->_user['delete_content']) {
         if (isset($_POST['empty']) && VPost::comment_status() && in_array(VPost::comment_status(), array('spam', 'trash'))) {
             $to_delete['table'] = 'comment';
             $to_delete['condition_columns'][':status'] = 'comment_status';
             $to_delete['condition_values'][':status'] = VPost::comment_status();
             $to_delete['value_types'][':status'] = 'str';
             $global_result = $this->_db->delete($to_delete);
         } elseif (VPost::action() == 'delete' && VPost::comment_id()) {
             $results = array();
             $global_result = true;
             foreach (VPost::comment_id() as $id) {
                 try {
                     $comment = new Comment();
                     $comment->_id = $id;
                     $comment->delete();
                     unset($comment);
                     array_push($results, true);
                 } catch (Exception $e) {
                     array_push($results, false);
                 }
             }
             foreach ($results as $result) {
                 if ($result !== true) {
                     $global_result = false;
                 }
             }
         } elseif (VGet::action() == 'delete' && VGet::comment_id()) {
             try {
                 $comment = new Comment();
                 $comment->_id = VGet::comment_id();
                 $comment->delete();
                 $global_result = true;
             } catch (Exception $e) {
                 $global_result = false;
             }
         }
         if (isset($global_result)) {
             $this->_action_msg = ActionMessages::deleted($global_result);
         }
     } elseif ((isset($POST['empty']) || VRequest::action() == 'delete') && $this->_user['delete_content'] === false) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Method that display the page
  *
  * @access	public
  */
 public function display_content()
 {
     $this->display_menu();
     if ($this->_user['dashboard']) {
         echo $this->_action_msg;
         echo '<div id="dashbord_wrapper">' . '<div class="widget_wrapper widget_wrapper_left">';
         $this->display_activity();
         $this->display_recent_comments();
         echo '</div>' . '<div class="widget_wrapper">';
         $this->display_quickpress();
         $this->display_draft();
         echo '</div>';
     } else {
         echo ActionMessages::part_no_perm();
     }
 }
 /**
  * Remove one website from the timeline
  *
  * @access	private
  */
 private function delete()
 {
     if (VGet::action() == 'remove' && VGet::id(false) !== false) {
         try {
             $data = $this->_prefs->_data;
             unset($data['timeline'][VGet::id()]);
             $this->_prefs->_data = json_encode($data);
             $this->_prefs->update('_data', 'str');
             $this->_prefs->_data = json_decode($this->_prefs->_data, true);
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::pref_updated($result);
     }
 }
 /**
  * Update an existing post
  *
  * @access	private
  */
 private function update()
 {
     if ($this->check_post_data()) {
         try {
             $old = new Post();
             $old->_id = $this->_post->_id;
             $old->read('_status');
             //if post move from draft to published, creation date is updated
             if ($old->_status == 'draft' && $this->_post->_status == 'publish') {
                 $this->_post->_date = date('Y-m-d H:i:s');
                 $this->_post->update('_date', 'str');
             }
             $this->_post->update('_title', 'str');
             $this->_post->update('_content', 'str');
             $this->_post->update('_allow_comment', 'str');
             $this->_post->update('_date', 'str');
             $this->_post->update('_status', 'str');
             $this->_post->update('_tags', 'str');
             $this->_post->update('_category', 'str');
             if ($this->_post->_status == 'publish') {
                 $this->_post->_updated = 'yes';
                 $this->_post->_update_author = $this->_user['user_id'];
                 $this->_post->update('_updated', 'str');
                 $this->_post->update('_update_author', 'int');
             }
             $this->_action_msg = ActionMessages::post_update(true);
             Session::monitor_activity('updated the post "' . $this->_post->_title . '" (status: ' . $this->_post->_status . ')');
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::post_update(ucfirst($e->getMessage()));
         }
     }
     $this->_action = 'to_update';
 }
 /**
  * Delete a template
  *
  * Current and main template will raise an error
  *
  * @access	private
  */
 private function delete()
 {
     if (VPost::delete(false) && VPost::tpl_id() && $this->_user['delete_content']) {
         try {
             $tpl = new Setting(VPost::tpl_id());
             $tpl->_data = json_decode($tpl->_data, true);
             if ($tpl->_data['namespace'] == $this->_setting->_data) {
                 throw new Exception('Template currently used, action aborted');
             }
             if ($tpl->_data['namespace'] == 'main' || $tpl->_data['namespace'] == 'bobcat') {
                 throw new Exception('Default template can\'t be deleted, action aborted');
             }
             foreach ($tpl->_data['files'] as $file) {
                 File::delete(PATH . 'includes/templates/' . $tpl->_data['namespace'] . '/' . $file);
             }
             $tpl->delete();
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::template_deleted($result);
     } elseif (VPost::delete(false) && !$this->_user['delete_content']) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Delete selected posts
  *
  * @access	private
  */
 private function delete()
 {
     if ((VRequest::action() == 'delete' && VRequest::id() || VPost::delete(false) || VPost::empty_trash(false)) && $this->_user['delete_content']) {
         try {
             $post = new Post();
             if (VGet::action() == 'delete' && VGet::id()) {
                 $post->_id = VGet::id();
                 $post->delete();
                 $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . VGet::id() . ' AND comment_rel_type = "post"');
                 $result = $post->_result_action;
             } elseif (VPost::delete(false)) {
                 foreach (VPost::post_id() as $id) {
                     $post->_id = $id;
                     $post->delete();
                     $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $id . ' AND comment_rel_type = "post"');
                 }
                 $result = $post->_result_action;
             } elseif (VPost::empty_trash(false)) {
                 $to_read['table'] = 'post';
                 $to_read['columns'] = array('POST_ID');
                 $to_read['condition_columns'][':s'] = 'post_status';
                 $to_read['condition_select_types'][':s'] = '=';
                 $to_read['condition_values'][':s'] = 'trash';
                 $to_read['value_types'][':s'] = 'str';
                 $posts = $this->_db->read($to_read);
                 foreach ($posts as $post) {
                     $this->_db->query('DELETE FROM `' . DB_PREFIX . 'comment` WHERE comment_rel_id = ' . $post['POST_ID'] . ' AND comment_rel_type = "post"');
                 }
                 $to_delete['table'] = 'post';
                 $to_delete['condition_columns'][':status'] = 'post_status';
                 $to_delete['condition_values'][':status'] = 'trash';
                 $to_delete['value_types'][':status'] = 'str';
                 $result = $this->_db->delete($to_delete);
             }
             Session::monitor_activity('deleted post(s)');
             $this->_action_msg = ActionMessages::deleted($result);
         } catch (Exception $e) {
             $this->_action_msg = ActionMessages::custom_wrong($e->getMessage());
         }
     } elseif ((VRequest::action() == 'delete' && VRequest::id() || VPost::delete(false) || VPost::empty_trash(false)) && $this->_user['delete_content'] === false) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Update lynxpress
  *
  * @access	private
  */
 private function update()
 {
     if (VPost::update()) {
         try {
             if (Helper::check_update() === false) {
                 throw new Exception('No update available!');
             }
             //make a backup of the database first, with an email sent to webmaster with the whole dump
             $bk = new Backup();
             $bk->save('backup/dump-' . date('Y-m-d-H:i:s') . '.sql');
             $html = new File();
             $html->_content = '<!--The Lynx is not here!-->';
             $html->save('backup/index.html');
             $mail = new Mail(WS_EMAIL, 'Databse dump made before update at ' . date('Y-m-d H:i:s'), $bk->_sql);
             $mail->send();
             //end backup
             //retrieve json manifest from the server
             $manifest = new Curl('http://update.lynxpress.org/manifest.json');
             $manifest = json_decode($manifest->_content, true);
             //retrieve zip with all files inside
             $curl_zip = new Curl('http://versions.lynxpress.org/Lynxpress-' . $manifest['version'] . '.zip');
             if ($curl_zip->_content == '<!--The Lynx is not here!-->') {
                 throw new Exception('Can\'t retrieve lynxpress archive');
             }
             $zip = new File();
             $zip->_content = $curl_zip->_content;
             $zip->save('tmp/update.zip');
             unset($zip);
             unset($curl_zip);
             File::unzip('tmp/update.zip', 'tmp/update/');
             File::delete('tmp/update.zip');
             //check if all files are readable
             foreach ($manifest['src'] as $src) {
                 File::read('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src);
             }
             //replace all files registered in the manifest
             foreach ($manifest['src'] as $key => $src) {
                 File::read('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src)->save($manifest['dest'][$key]);
                 File::delete('tmp/update/Lynxpress-' . $manifest['version'] . '/' . $src);
             }
             //execute special queries
             foreach ($manifest['queries'] as $query) {
                 $this->_db->query(str_replace('{{prefix}}', DB_PREFIX, $query));
             }
             //remove files
             foreach ($manifest['remove'] as $file) {
                 File::delete($file, false);
             }
             $config = File::read(PATH . 'config.php');
             $config->_content = str_replace('(\'WS_VERSION\', \'' . WS_VERSION . '\')', '(\'WS_VERSION\', \'' . $manifest['version'] . '\')', $config->_content);
             $config->save();
             unset($config);
             $config = File::read(PATH . 'config.sample.php');
             $config->_content = str_replace('(\'WS_VERSION\', \'' . WS_VERSION . '\')', '(\'WS_VERSION\', \'' . $manifest['version'] . '\')', $config->_content);
             $config->save();
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::ws_update($result);
     }
 }
 /**
  * Method that permits to delete one or more categories
  *
  * @access	private
  */
 private function delete()
 {
     if (VPost::delete(false) && $this->_user['delete_content']) {
         if (VPost::category_id()) {
             try {
                 foreach (VPost::category_id() as $id) {
                     $cat = new Category();
                     $cat->_id = $id;
                     $cat->read('_name');
                     $cat->read('_type');
                     $type = $cat->_type;
                     if ($this->check_usage($id, $type)) {
                         throw new Exception('Can\'t delete ' . $cat->_name . ' because it\'s used!');
                     }
                     $cat->delete();
                     $this->check_empty($type);
                 }
                 Session::monitor_activity('deleted ' . count(VPost::category_id()) . ' category(ies)');
                 $result = true;
             } catch (Exception $e) {
                 $result = $e->getMessage();
             }
             $this->_action_msg = ActionMessages::deleted($result);
         }
     } elseif (VGet::action() == 'delete' && VGet::id()) {
         try {
             $cat = new Category();
             $cat->_id = VGet::id();
             $cat->read('_name');
             $cat->read('_type');
             $type = $cat->_type;
             if ($this->check_usage(VGet::id(), $type)) {
                 throw new Exception('Can\'t delete ' . ucwords($cat->_name) . ' because it\'s used!');
             }
             $cat->delete();
             $this->check_empty($type);
             Session::monitor_activity('deleted a category');
             $result = true;
         } catch (Exception $e) {
             $result = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::deleted($result);
     } elseif ((VPost::delete(false) || VGet::action() == 'delete' && VGet::id()) && !$this->_user['delete_content']) {
         $this->_action_msg = ActionMessages::action_no_perm();
     }
 }
 /**
  * Update setting
  *
  * @access	private
  */
 private function update()
 {
     if (VPost::update_setting(false)) {
         try {
             $this->_setting->_data = json_encode(VPost::networks(array()));
             $this->_setting->update('_data', 'str');
             $this->_setting->_data = json_decode($this->_setting->_data, true);
             $result = true;
         } catch (Exception $e) {
             $resut = $e->getMessage();
         }
         $this->_action_msg = ActionMessages::updated($result);
     }
 }