public static function GenerateFromCustom($type)
{
$DB = GetDB();
$schema = GetDBSchema();
$xtable = $schema->el('//table[naming/type="' . $type . '"]');
$primary_key = $xtable->columns->primaryKey->val();
$custom_schema_table = $xtable->custom->val() . '_schema';
$html = '';
$result = $DB->Query('SELECT * FROM # ORDER BY `field_id`', array($custom_schema_table));
while ($field = $DB->NextRow($result)) {
switch ($field['type']) {
case self::TEXT:
$html .= '<div class="field">' . ' <label>' . $field['label'] . ':</label>' . ' <span class="field-container">' . ' <input type="text" size="60" name="' . $field['name'] . '" value="' . Request::Get($field['name']) . '" />' . ' </span>' . '</div>';
break;
case self::TEXTAREA:
$html .= '<div class="field">' . ' <label>' . $field['label'] . ':</label>' . ' <span class="field-container">' . ' <textarea name="' . $field['name'] . '" rows="5" cols="80">' . Request::Get($field['name']) . '</textarea>' . ' </span>' . '</div>';
break;
case self::SELECT:
$html .= '<div class="field">' . ' <label>' . $field['label'] . ':</label>' . ' <span class="field-container">' . ' <select name="' . $field['name'] . '">' . self::OptionsSimple($field['options'], Request::Get($field['name'])) . ' </select>' . ' </span>' . '</div>';
break;
case self::CHECKBOX:
$html .= '<div class="field">' . ' <label></label>' . ' <span class="field-container">' . ' <div class="checkbox">' . ' <input type="hidden" name="' . $field['name'] . '" value="' . Request::Get($field['name']) . '" />' . ' ' . $field['label'] . ' </div>' . ' </span>' . '</div>';
break;
}
}
$DB->Free($result);
if (empty($html)) {
$html = '<div class="message-warning text-center">No Custom Fields Have Been Defined</div>';
}
return $html;
}
function tbxUploadStepOne()
{
global $t;
$v = Validator::Create();
$_REQUEST['tags'] = Tags::Format($_REQUEST['tags']);
$v->Register($_REQUEST['title'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Title'), Config::Get('title_min_length'), Config::Get('title_max_length')), Config::Get('title_min_length') . ',' . Config::Get('title_max_length'));
$v->Register($_REQUEST['description'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Description'), Config::Get('description_min_length'), Config::Get('description_max_length')), Config::Get('description_min_length') . ',' . Config::Get('description_max_length'));
$v->Register(Tags::Count($_REQUEST['tags']), Validator_Type::IS_BETWEEN, _T('Validation:Invalid Num Tags', Config::Get('tags_min'), Config::Get('tags_max')), Config::Get('tags_min') . ',' . Config::Get('tags_max'));
// Register user-defined field validators
$schema = GetDBSchema();
$v->RegisterFromXml($schema->el('//table[name="tbx_video_custom"]'), 'user', 'create');
// Check blacklist
$_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR'];
if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_VIDEO)) !== false) {
$v->SetError(_T('Validation:Blacklisted', $match['match']));
}
// Validate CAPTCHA
if (Config::Get('flag_captcha_on_upload')) {
Captcha::Verify();
}
if (!$v->Validate()) {
$t->Assign('g_errors', $v->GetErrors());
$t->AssignByRef('g_form', $_REQUEST);
return tbxDisplayUpload();
}
$_REQUEST['step_one_data'] = base64_encode(serialize($_REQUEST));
$_REQUEST['step_one_sig'] = sha1($_REQUEST['step_one_data'] . Config::Get('random_value'));
$t->Assign('g_file_types', '*.' . str_replace(',', ';*.', Config::Get('upload_extensions')));
$t->Assign('g_cookie', $_COOKIE[LOGIN_COOKIE]);
$t->AssignByRef('g_form', $_REQUEST);
$t->Display('upload-step-two.tpl');
}
public static function FromType($type)
{
$schema = GetDBSchema();
$xtable = $schema->el('//table[naming/type="' . $type . '"]');
$privilege = $xtable->privilege;
$reflect = new ReflectionClass('Privileges');
return $reflect->getConstant($privilege);
}
public static function Standard($table, $location = 'create')
{
$schema = GetDBSchema();
$xtable = $schema->el('//table[name="' . $table . '"]');
foreach ($xtable->xpath('./columns/column') as $xcolumn) {
$xlocation = $xcolumn->el('./user/' . $location);
if (empty($xlocation) || !$xlocation->val()) {
if (isset($_REQUEST[$xcolumn->name->val()])) {
unset($_REQUEST[$xcolumn->name->val()]);
}
}
}
}
if (strpos($database_xml, 'tbx_search_term_new') === false) {
$database_xml = str_replace('<!-- END tbx_search_term -->', "<!-- END tbx_search_term -->\n\n\n\n" . "<!-- START tbx_search_term_new -->\n" . " <table>\n" . " <name>tbx_search_term_new</name>\n" . " <naming>\n" . " <type>search-term-new</type>\n" . " </naming>\n" . " <columns>\n" . " <column>\n" . " <name>term_id</name>\n" . " <definition>INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT</definition>\n" . " </column>\n" . " <column>\n" . " <name>term</name>\n" . " <definition>VARCHAR(255)</definition>\n" . " </column>\n" . " <column>\n" . " <name>frequency</name>\n" . " <definition>INT UNSIGNED NOT NULL</definition>\n" . " </column>\n" . " <primaryKey>term_id</primaryKey>\n" . " <unique>\n" . " <column>term</column>\n" . " </unique>\n" . " </columns>\n" . " </table>\n" . "<!-- END tbx_search_term_new -->", $database_xml);
}
// Add join on the tbx_video_clip table
// Add tbx_search_term_new table definition
if (strpos($database_xml, "<join>\n <table>tbx_video_clip</table>") === false) {
$database_xml = str_replace("<join>\n" . " <table>tbx_video_custom</table>\n" . " <foreign>video_id</foreign>\n" . " <local>video_id</local>\n" . " </join>", "<join>\n" . " <table>tbx_video_custom</table>\n" . " <foreign>video_id</foreign>\n" . " <local>video_id</local>\n" . " </join>\n" . " <join>\n" . " <table>tbx_video_clip</table>\n" . " <foreign>video_id</foreign>\n" . " <local>video_id</local>\n" . " </join>", $database_xml);
}
if (strpos($database_xml, 'Clip URL/Embed Code') === false) {
$database_xml = preg_replace('~<!-- START tbx_video_clip -->.*?<!-- END tbx_video_clip -->~msi', "<!-- START tbx_video_clip -->\n" . " <table>\n" . " <name>tbx_video_clip</name>\n" . " <naming>\n" . " <type>video-clip</type>\n" . " <textLower>video clip</textLower>\n" . " <textLowerPlural>video clips</textLowerPlural>\n" . " <textUpper>Video Clip</textUpper>\n" . " <textUpperPlural>Video Clips</textUpperPlural>\n" . " <function>VideoClip</function>\n" . " </naming>\n" . " <columns>\n" . " <column>\n" . " <name>clip_id</name>\n" . " <definition>INT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT</definition>\n" . " <default>null</default>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>video_id</name>\n" . " <definition>INT UNSIGNED NOT NULL</definition>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>type</name>\n" . " <definition>ENUM('URL','Embed')</definition>\n" . " <default>URL</default>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>clip</name>\n" . " <definition>TEXT</definition>\n" . " <label>Clip URL/Embed Code</label>\n" . " <admin>\n" . " <search>true</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <column>\n" . " <name>filesize</name>\n" . " <definition>INT UNSIGNED NOT NULL</definition>\n" . " <default>0</default>\n" . " <admin>\n" . " <search>false</search>\n" . " <sort>false</sort>\n" . " </admin>\n" . " </column>\n" . " <index>\n" . " <column>video_id</column>\n" . " </index>\n" . " <primaryKey>clip_id</primaryKey>\n" . " </columns>\n" . " </table>\n" . " <!-- END tbx_video_clip -->", $database_xml);
}
$database_xml = str_replace("<definition>ENUM('Pending','Active','Disabled') NOT NULL</definition>", "<definition>ENUM('Pending','Scheduled','Active','Disabled') NOT NULL</definition>", $database_xml);
$database_xml = str_replace('<autocomplete>#Pending,Active,Disabled</autocomplete>', '<autocomplete>#Pending,Scheduled,Active,Disabled</autocomplete>', $database_xml);
file_put_contents(INCLUDES_DIR . '/database.xml', $database_xml);
// Force a reload of the schema
$schema = GetDBSchema(true);
#### Update database.xml ==========================================================================================================
#### Create database tables =======================================================================================================
// Create tbx_imported if doesn't already exist
$DB->Update(GetDBCreate('tbx_imported'));
// Create tbx_thumb_queue if doesn't already exist
$DB->Update(GetDBCreate('tbx_thumb_queue'));
// Create tbx_search_term_new if doesn't already exist
$DB->Update(GetDBCreate('tbx_search_term_new'));
#### Create database tables =======================================================================================================
#### Update database ==============================================================================================================
// Prepare for new QueueProcessor stats format
$stats = ThumbQueue::LoadStats();
if (!isset($stats[ThumbQueue::STAT_PROCESSED_ITEMS])) {
Cache_MySQL::Remove('thumb-queue-stats');
}
function tbxRegister()
{
global $t;
$DB = GetDB();
$v = Validator::Create();
$v->Register($_REQUEST['username'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Username')));
$v->Register($_REQUEST['username'], Validator_Type::IS_ALPHANUM, _T('Validation:Alphanumeric', _T('Label:Username')));
$v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `username`=?', array($_REQUEST['username'])), Validator_Type::IS_ZERO, _T('Validation:Username Taken'));
$v->Register($_REQUEST['password'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Password')));
$v->Register($_REQUEST['password'], Validator_Type::LENGTH_GREATER_EQ, _T('Validation:Length Greater Equal', _T('Label:Password'), 8), 8);
$v->Register($_REQUEST['password'], Validator_Type::EQUALS, _T('Validation:Passwords do not match'), $_REQUEST['confirm_password']);
$v->Register($_REQUEST['email'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:E-mail')));
$v->Register($_REQUEST['email'], Validator_Type::VALID_EMAIL, _T('Validation:E-mail', _T('Label:E-mail')));
$v->Register($DB->QueryCount('SELECT COUNT(*) FROM `tbx_user` WHERE `email`=?', array($_REQUEST['email'])), Validator_Type::IS_ZERO, _T('Validation:E-mail Taken'));
$v->Register($_REQUEST['name'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Name')));
$v->Register(empty($_REQUEST['birth_month']) || empty($_REQUEST['birth_day']) || empty($_REQUEST['birth_year']), Validator_Type::IS_FALSE, _T('Validation:Birthday Required'));
$v->Register($_REQUEST['gender'], Validator_Type::NOT_EMPTY, _T('Validation:Required', _T('Label:Gender')));
$v->Register($_REQUEST['terms'], Validator_Type::NOT_EMPTY, _T('Validation:Accept Terms'));
// Register user-defined field validators
$schema = GetDBSchema();
$v->RegisterFromXml($schema->el('//table[name="tbx_user_custom"]'), 'user', 'create');
// Check blacklist
$_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR'];
if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_USER)) !== false) {
$v->SetError(_T('Validation:Blacklisted', $match['match']));
}
// Check CAPTCHA
if (Config::Get('flag_captcha_on_signup')) {
Captcha::Verify();
}
if (!$v->Validate()) {
$t->Assign('g_errors', $v->GetErrors());
$t->Assign('g_form', $_REQUEST);
return tbxDisplayRegister();
}
// Format data
$_REQUEST['date_birth'] = $_REQUEST['birth_year'] . '-' . $_REQUEST['birth_month'] . '-' . $_REQUEST['birth_day'];
$_REQUEST['date_created'] = Database_MySQL::Now();
$_REQUEST['user_level_id'] = $DB->QuerySingleColumn('SELECT `user_level_id` FROM `tbx_user_level` WHERE `is_default`=1');
$_REQUEST['password'] = sha1($_REQUEST['password']);
// Strip HTML tags
if (Config::Get('flag_user_strip_tags')) {
$_REQUEST = String::StripTags($_REQUEST);
}
// Prepare fields for database
Form_Prepare::Standard('tbx_user');
Form_Prepare::Standard('tbx_user_stat');
Form_Prepare::Custom('tbx_user_custom_schema', 'on_submit');
// Setup account status
$_REQUEST['status'] = STATUS_ACTIVE;
$email_template = 'email-user-added.tpl';
if (Config::Get('flag_user_confirm_email')) {
$_REQUEST['status'] = STATUS_SUBMITTED;
$email_template = 'email-user-confirm.tpl';
} else {
if (Config::Get('flag_user_approve')) {
$_REQUEST['status'] = STATUS_PENDING;
$email_template = 'email-user-pending.tpl';
}
}
// Add data to the database
DatabaseAdd('tbx_user', $_REQUEST);
DatabaseAdd('tbx_user_custom', $_REQUEST);
DatabaseAdd('tbx_user_stat', $_REQUEST);
if ($_REQUEST['status'] == STATUS_SUBMITTED) {
$_REQUEST['register_code'] = sha1(uniqid(mt_rand(), true));
$_REQUEST['timestamp'] = time();
DatabaseAdd('tbx_user_register_code', $_REQUEST);
$t->Assign('g_code', $_REQUEST['register_code']);
}
$t->AssignByRef('g_user', $_REQUEST);
$t->AssignByRef('g_form', $_REQUEST);
// Send e-mail message
$m = new Mailer();
$m->Mail($email_template, $t, $_REQUEST['email'], $_REQUEST['name']);
// Display confirmation
$t->Display('user-register-complete.tpl');
}
function PrepareSearchAndSortFields(&$search_fields, &$sort_fields, $xtable)
{
$schema = GetDBSchema();
$search_fields = array(array('column' => Form_Field::OPTGROUP, 'label' => $xtable->naming->textUpper));
$sort_fields = array(array('column' => Form_Field::OPTGROUP, 'label' => $xtable->naming->textUpper));
// Base table
foreach ($xtable->xpath('./columns/column') as $xcolumn) {
$col = $xtable->name . '.' . $xcolumn->name;
$label = $xcolumn->label;
if ($xcolumn->admin->search->val()) {
$item = array('column' => $col, 'label' => $label);
$autocomplete = $xcolumn->autocomplete;
if (!empty($autocomplete)) {
$item['attr'] = 'acomplete="' . $autocomplete->val() . '"';
}
$search_fields[] = $item;
}
if ($xcolumn->admin->sort->val()) {
$sort_fields[] = array('column' => $col, 'label' => $label);
}
}
// Join tables
foreach ($xtable->xpath('./join') as $join) {
$xjoin_table = $schema->el('//table[name="' . $join->table . '"]');
if ($xjoin_table->el('./columns/column/admin[search="true"]')) {
$search_fields[] = array('column' => Form_Field::OPTGROUP, 'label' => $xjoin_table->naming->textUpper);
}
if ($xjoin_table->el('./columns/column/admin[sort="true"]')) {
$sort_fields[] = array('column' => Form_Field::OPTGROUP, 'label' => $xjoin_table->naming->textUpper);
}
foreach ($xjoin_table->xpath('./columns/column') as $xcolumn) {
$col = $xjoin_table->name . '.' . $xcolumn->name;
$label = $xcolumn->label->val();
if ($xcolumn->admin->search->val()) {
$item = array('column' => $col, 'label' => $label);
$autocomplete = $xcolumn->autocomplete;
if (!empty($autocomplete)) {
$item['attr'] = 'acomplete="' . $autocomplete->val() . '"';
}
$search_fields[] = $item;
}
if ($xcolumn->admin->sort->val()) {
$sort_fields[] = array('column' => $col, 'label' => $label);
}
}
}
}
// limitations under the License.
if (!preg_match('~/admin$~', realpath(dirname(__FILE__)))) {
echo "This file must be located in the admin directory of your TubeX installation";
exit;
}
define('TUBEX_CONTROL_PANEL', true);
require_once 'includes/cp-global.php';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$DB = GetDB();
$tables = GetDBTables();
$reset = true;
$settings = array('cookie_path' => '/', 'dec_point' => '.', 'thousands_sep' => ',', 'timezone' => 'America/Chicago', 'template' => 'Default-Blue-Rewrite', 'language' => 'en_US', 'video_extensions' => 'avi,mpg,mpeg,flv,f4v,rm,asf,wmv,mov,mp4,ts,m2t', 'video_size' => '512x384', 'video_bitrate' => '26', 'audio_bitrate' => '128', 'thumb_size' => '120x90', 'thumb_quality' => '90', 'thumb_amount' => '15', 'max_upload_size' => '50MB', 'max_upload_duration' => '00:20:00', 'flag_mod_rewrite' => '1', 'mailer' => 'mail', 'flag_user_confirm_email' => '0', 'date_format' => 'm-d-Y', 'time_format' => 'h:i:s', 'avatar_dimensions' => '200x200', 'avatar_filesize' => '100KB', 'avatar_extensions' => 'jpg,gif,png', 'flag_user_strip_tags' => '1', 'video_format' => '0', 'flag_allow_uploads' => '1', 'flag_upload_reject_duplicates' => '1', 'flag_upload_allow_private' => '1', 'flag_upload_convert' => '', 'flag_upload_review' => '', 'upload_extensions' => 'avi,mpg,mpeg,flv,f4v,rm,asf,wmv,mov,mp4,ts,m2t', 'title_min_length' => '10', 'title_max_length' => '100', 'description_min_length' => '10', 'description_max_length' => '500', 'tags_min' => '1', 'tags_max' => '10', 'flag_video_strip_tags' => '1', 'comment_max_length' => '500', 'comment_throttle_period' => '120', 'flag_comment_strip_tags' => '1', 'captcha_min_length' => '4', 'captcha_max_length' => '6', 'flag_captcha_words' => '1', 'flag_captcha_on_signup' => '1', 'flag_captcha_on_upload' => '0', 'flag_captcha_on_comment' => '1', 'cache_main' => '3600', 'cache_search' => '3600', 'cache_categories' => '3600', 'cache_browse' => '3600', 'cache_video' => '3600', 'cache_profile' => '3600', 'cache_comments' => '3600', 'cache_custom' => '3600');
// Reset Config.php file
Config::Save($settings, true);
// Reset database.xml file
$schema = GetDBSchema();
$custom_tables = array(array('name' => 'tbx_user_custom', 'field' => 'username'), array('name' => 'tbx_video_custom', 'field' => 'video_id'), array('name' => 'tbx_category_custom', 'field' => 'category_id'), array('name' => 'tbx_sponsor_custom', 'field' => 'sponsor_id'));
foreach ($custom_tables as $table) {
$xtable = $schema->el('//table[name="' . $table['name'] . '"]');
foreach ($xtable->xpath('./columns/column') as $xcolumn) {
if ($xcolumn->name->val() != $table['field']) {
XML_Schema::DeleteColumn($table['name'], $xcolumn->name->val());
}
}
}
// Remove all database tables
foreach ($tables as $table) {
$DB->Update('DROP TABLE IF EXISTS #', array($table));
}
// Clear out directories
$dirs = array('temp', 'uploads', 'videos', 'templates/_cache');
function tbxGenericShowSearch($type)
{
Privileges::Check(Privileges::FromType($type));
if ($type == 'search-term') {
Blacklist::FilterSearchTerms();
}
$schema = GetDBSchema();
$table = $schema->el('//database/table[naming/type="' . $type . '"]')->name->val();
include_once 'cp-global-search.php';
}
function SearchItemHtml($type, $original)
{
$DB = GetDB();
$schema = GetDBSchema();
$xtable = $schema->el('//table[naming/type="' . $type . '"]');
$primary_key = $xtable->columns->primaryKey->val();
$global_item_include_file = File::Sanitize('cp-' . $type . '-search-item-global.php', 'php');
$item_include_file = File::Sanitize('cp-' . $type . '-search-item.php', 'php');
// Get custom and merge tables
$custom_table = $xtable->custom->val();
$merge_tables = empty($custom_table) ? array() : array($custom_table);
foreach ($xtable->xpath('./merge') as $xmerge) {
$merge_tables[] = $xmerge->val();
}
foreach ($merge_tables as $merge_table) {
$row = $DB->Row('SELECT * FROM # WHERE #=?', array($merge_table, $primary_key, $original[$primary_key]));
if (is_array($row)) {
$original = array_merge($row, $original);
}
}
ob_start();
if (is_file("includes/{$global_item_include_file}")) {
include $global_item_include_file;
}
$item = String::HtmlSpecialChars($original);
include $item_include_file;
return ob_get_clean();
}
public static function DeleteColumn($table, $column)
{
$schema = GetDBSchema();
$xcolumns = $schema->el('//table[name="' . $table . '"]/columns');
for ($i = 0; $i < count($xcolumns->column); $i++) {
if ($xcolumns->column[$i]->name == $column) {
unset($xcolumns->column[$i]);
}
}
self::WriteXml($schema);
}
function DatabaseUpdate($table, $data)
{
$DB = GetDB();
$schema = GetDBSchema();
$xtable = $schema->el('//table[name="' . $table . '"]');
$primary_key = $xtable->columns->primaryKey->val();
$xpkey_column = $xtable->el('./columns/column[name="' . $primary_key . '"]');
$binds = array($table);
$placeholders = 0;
foreach ($xtable->xpath('./columns/column') as $xcolumn) {
$field = $xcolumn->name->val();
if (array_key_exists($field, $data)) {
$binds[] = $field;
$binds[] = $data[$field];
$placeholders++;
}
}
$binds[] = $primary_key;
$binds[] = $data[$primary_key];
if ($placeholders > 0) {
$DB->Update('UPDATE # SET ' . join(',', array_fill(0, $placeholders, '#=?')) . ' WHERE #=?', $binds);
}
return $DB->Row('SELECT * FROM # WHERE #=?', array($table, $primary_key, $data[$primary_key]));
}
public function __construct($table)
{
$this->schema = GetDBSchema();
$this->main_table = $table;
$this->tables[$table] = $this->schema->el('//table[name="' . $table . '"]');
}
