function cleanString($data, $ishtml = false, $allowadv = false, $dbo = false) { if (!$ishtml) { $data = str_replace("<", "<", str_replace(">", ">", $data)); } else { $data = cleanHTML($data, $allowadv); } $data = addslashes_EX($data, $ishtml, $dbo); return $data; }
function generateBackup($echo = false) { $maxLine = 5000; // largest line size $bck = CONS_PATH_BACKUP . $_SESSION['CODE'] . "/" . $this->dbname . ".sql"; if (!is_dir(CONS_PATH_BACKUP . $_SESSION['CODE'] . "/")) { makeDirs(CONS_PATH_BACKUP . $_SESSION['CODE'] . "/"); } if (is_file($bck)) { @unlink($bck); } $fd = fopen($bck, "wb"); if ($fd) { $sql = "SELECT * FROM " . $this->dbname; $this->parent->dbo->query($sql, $r, $n); $baseLine = "INSERT INTO " . $this->dbname . " ("; foreach ($this->fields as $fn => &$f) { $baseLine .= $fn . ","; } $baseLine = substr($baseLine, 0, strlen($baseLine) - 1) . ") VALUES ("; $line = $baseLine; for ($c = 0; $c < $n; $c++) { $data = $this->parent->dbo->fetch_assoc($r); foreach ($this->fields as $fn => &$f) { if ($f[CONS_XML_TIPO] == CONS_TIPO_INT || $f[CONS_XML_TIPO] == CONS_TIPO_FLOAT) { // integer $line .= (is_numeric($data[$fn]) ? $data[$fn] : "NULL") . ","; } else { if ($f[CONS_XML_TIPO] == CONS_TIPO_DATE || $f[CONS_XML_TIPO] == CONS_TIPO_DATETIME) { // dates $line .= ($data[$fn] != '' ? $data[$fn] : "NULL") . ","; } else { if ($f[CONS_XML_TIPO] == CONS_TIPO_LINK) { // link, must get the link db type // TODO: format the output for null data as well? if ($this->parent->modules[$f[CONS_XML_MODULE]]->fields[$this->parent->modules[$f[CONS_XML_MODULE]]->keys[0]][CONS_XML_TIPO] == CONS_TIPO_INT) { $line .= (is_numeric($data[$fn]) ? $data[$fn] : "NULL") . ","; } else { $line .= "\"" . addslashes_EX($data[$fn], true) . "\","; } } else { // not integer $line .= "\"" . addslashes_EX($data[$fn], true) . "\","; } } } } $line = substr($line, 0, strlen($line) - 1) . ")"; // removes , if (strlen($line) > $maxLine) { $line .= ";\n"; fwrite($fd, $line); $line = $baseLine; } else { $line .= ",("; } } if ($line != $baseLine) { $line = substr($line, 0, strlen($line) - 2) . ";\n"; // removes ,( fwrite($fd, $line); } fclose($fd); if ($echo) { echo $line; } } }
function notifyEvent(&$module, $action, $data, $startedAt = "", $earlyNotify = false) { # notify followup for this field (happens before standard notify) if ($module === false || $module->options[CONS_MODULE_SYSTEM] || isset($module->options[CONS_MODULE_NOUNDO])) { return; } $ws = ""; $ka = array(); if ($action != CONS_ACTION_INCLUDE) { if ($earlyNotify) { // saves INTENTION of performing an action. If it FAILS, we don't need to store UNDO data. if (isset($this->internalMemory[$module->name])) { $this->internalMemory[$module->name] = array(); } $module->getKeys($ws, $ka, $data); $sql = "SELECT * FROM " . $module->dbname . " WHERE {$ws}"; $ok = $this->parent->dbo->query($sql, $r, $n); if ($ok && $n > 0) { $data = $this->parent->dbo->fetch_assoc($r); $files = array(); // saves files ... this will be saved even if a DELETE fails, but we can't wait as the data above since later it will be deleted // move files (only mains, no thumbs) foreach ($ka as $value) { $keys = $value . "_"; } // keys (searchable) $keys = substr($keys, 0, strlen($keys) - 1); // remove last _ foreach ($module->fields as $fname => $field) { if ($field[CONS_XML_TIPO] == CONS_TIPO_UPLOAD) { $arquivo = CONS_FMANAGER . $module->name . "/" . $fname . "_" . $keys . "_1"; if (locateanyfile($arquivo, $ext)) { $dest = CONS_FMANAGER . "_undodata/" . $module->name . $fname . "_" . $keys . "." . $ext; if (is_file($dest)) { @unlink($dest); } $ok = copy($arquivo, $dest); if ($ok) { $files[$module->name . $fname . "_" . $keys . "." . $ext] = true; } } } } $data['___FILES___'] = $files; $this->internalMemory[$module->name][] = array($action, $data); } } else { // checks for the stored data from BEFORE the action (not the case in INCLUDE), since it has been confirmed changed // note that FILES have already been backed up if (isset($this->internalMemory[$module->name])) { // so for each stored action on this module foreach ($this->internalMemory[$module->name] as $iMi) { if ($iMi[0] == $action) { // that is the same action // check if it's the same keys foreach ($module->keys as $key) { if ($data[$key] != $iMi[1][$key]) { continue 2; } // not this item, next item please ... } // if we got here, the keys were compared sucessfuly. Save $undoModule = $this->parent->loaded($this->moduleRelation); $module->getKeys($ws, $ka, $data); foreach ($ka as $value) { $keys = $value . "_"; } // keys (searchable) $keys = substr($keys, 0, strlen($keys) - 1); // remove last _ $files = $iMi[1]['___FILES___']; $sql = "INSERT INTO " . $undoModule->dbname . " SET\n\t\t\t\t\t\t\t\t\tmodulo='" . $module->name . "',\n\t\t\t\t\t\t\t\t\tevent='" . ($action == CONS_ACTION_DELETE ? 'delete' : 'update') . "',\n\t\t\t\t\t\t\t\t\tids='{$keys}',\n\t\t\t\t\t\t\t\t\thistory=\"" . addslashes_EX(serialize($iMi[1])) . "\",\n\t\t\t\t\t\t\t\t\tfiles=\"" . addslashes_EX(serialize($files)) . "\",\n\t\t\t\t\t\t\t\t\tdata=NOW(),\n\t\t\t\t\t\t\t\t\tid_author = '" . ($this->parent->logged() ? $_SESSION[CONS_SESSION_ACCESS_USER]['id'] : 0) . "'"; $ok = $this->parent->dbo->simpleQuery($sql); break; } } } } } }
function onCheckActions() { # replace auth object with new one if (!$this->authReplaced) { $this->parent->authControl = null; require_once CONS_PATH_SYSTEM . "plugins/" . $this->name . "/authControl.php"; $this->parent->authControl = new CauthControlEx($this->parent); } if ($this->registrationMode == 2 && $this->action == "authuser" && isset($_REQUEST['authcode']) && isset($_REQUEST['user']) && is_numeric($_REQUEST['user'])) { $data = array("id" => $_REQUEST['user'], "active" => "y", "authcode" => addslashes_EX($ao, false, $this->parent->dbo)); $this->parent->safety = false; $this->parent->runAction(CONS_AUTH_USERMODULE, CONS_ACTION_UPDATE, $data); $this->parent->safety = false; } }