public static function search_query($keyword = '', $category = '')
{
if (isset($_GET)) {
$keyword_clean = mysqli_real_escape_string(db_connect(), $keyword);
$category_clean = mysqli_real_escape_string(db_connect(), $category);
if ($category_clean === 'post') {
$search_results = db_select("SELECT * FROM post WHERE title LIKE '%" . $keyword_clean . "%' OR body LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'category') {
$search_results = db_select("SELECT * FROM category WHERE title LIKE '%" . $keyword_clean . "%' OR description LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'page') {
$search_results = db_select("SELECT * FROM page WHERE title LIKE '%" . $keyword_clean . "%' OR body LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'upload') {
$search_results = db_select("SELECT * FROM upload WHERE filename LIKE '%" . $keyword_clean . "%' OR filetype LIKE '%" . $keyword_clean . "%' OR filepath LIKE '%" . $keyword_clean . "%'");
} elseif ($category_clean === 'user') {
$search_results = db_select("SELECT * FROM user WHERE username LIKE '%" . $keyword_clean . "%'");
} else {
// ALL
$search = new Search();
$search_results = $search->searchAllDB($keyword_clean);
//print_r($search_results);
}
} else {
$search_results = '';
$flash = new Flash();
$flash->flash('flash_message', 'No keyword entered!', 'danger');
}
return $search_results;
}
public static function contact($email_subject = '', $email_name = '', $email_address = '', $email_message = '')
{
if (isset($_POST['g-recaptcha-response'])) {
$captcha = $_POST['g-recaptcha-response'];
}
$response = json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret=" . CAPTCHA_SECRET . "&response=" . $captcha . "&remoteip=" . $_SERVER['REMOTE_ADDR']), true);
if ($response['success'] == false) {
$flash = new Flash();
$flash->flash('flash_message', 'Captcha field not filled out!', 'warning');
header("Location: " . BASE_URL . '/contact/');
} else {
$to = CONTACT_EMAIL;
$from = $email_address;
//$to = "".$email_address.", somebodyelse@example.com";
$message = "<html>\n <head>\n <title>" . $email_subject . "</title>\n </head>\n <body style='background:#000; font-family: 'Arial', sans-serif;'>\n<div style='width: 800px; margin: 0 auto; border: 2px solid #CCC; border-radius: 5px; background: #FFF;'>\n From: " . $email_name . "<br />\n Email: " . $email_address . "<br />\n Message: " . htmlspecialchars($email_message) . "\n </div>\n </body>\n </html>\n ";
// Always set content-type when sending HTML email
$headers = "MIME-Version: 1.0" . "\r\n";
$headers .= "Content-type:text/html;charset=UTF-8" . "\r\n";
// More headers
$headers .= 'From: ' . $from . '' . "\r\n";
//$headers .= 'Cc: myboss@example.com' . "\r\n";
mail($to, $email_subject, $message, $headers);
$flash = new Flash();
$flash->flash('flash_message', 'Form submitted! Someone will get back to you shortly.');
header("Location: " . BASE_URL . '/contact/');
}
}
public static function page_delete($id)
{
if (empty($id)) {
header("Location: " . BASE_URL . '/admin/pages');
} else {
db_query("DELETE FROM page WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Page deleted!');
header("Location: " . BASE_URL . '/admin/pages/');
}
}
public static function category_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'Category does not exist!', 'warning');
header("Location: " . BASE_URL . '/admin/categories/');
} else {
db_query("DELETE FROM category WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Category deleted!');
header("Location: " . BASE_URL . '/admin/categories/');
}
}
public static function navigation_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'Navigation item does not exist!', 'warning');
header("Location: " . BASE_URL . '/admin/navigation/');
} else {
db_query("DELETE FROM navigation WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Navigation item deleted!');
header("Location: " . BASE_URL . '/admin/navigation/');
}
}
public static function post_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'Post does not exist!', 'warning');
header("Location: " . BASE_URL . '/admin/posts/');
} else {
db_query("DELETE FROM post WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'Post deleted!');
header("Location: " . BASE_URL . '/admin/posts/');
}
}
public function display()
{
self::$flash = self::load();
foreach (self::$flash as $type => $message) {
?>
<div class="flash_<?php
echo $type;
?>
">
<?php
echo $message;
?>
</div>
<?php
}
}
<link href="<?php
echo ADMIN_THEME_URL;
?>
/css/signin.css" rel="stylesheet">
<!-- HTML5 shim and Respond.js for IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/html5shiv/3.7.2/html5shiv.min.js"></script>
<script src="https://oss.maxcdn.com/respond/1.4.2/respond.min.js"></script>
<![endif]-->
</head>
<body>
<?php
$flash = new Flash();
$flash->flash('flash_message');
?>
<div class="container">
<form class="form-signin" enctype="multipart/form-data" method="post" accept-charset="utf-8" action="<?php
echo BASE_URL;
?>
/admin/login">
<h2 class="form-signin-heading">Please sign in</h2>
<label for="inputEmail" class="sr-only">Email address</label>
<input type="email" id="inputEmail" name="inputEmail" class="form-control" placeholder="Email address" required autofocus>
<label for="inputPassword" class="sr-only">Password</label>
<input type="password" id="inputPassword" name="inputPassword" class="form-control" placeholder="Password" required>
<div class="checkbox">
<label>
<input type="checkbox" id="remember_me" name="remember_me" value="remember_me"> Remember me
</label>
<?php
if (defined(BASE_URL) or defined(UPLOAD_DIR) or defined(SITE_TITLE) or defined(SITE_THEME) or defined(ADMIN_THEME) or defined(MYSQL_SERVERNAME) or defined(MYSQL_USERNAME) or empty(MYSQL_DB)) {
$flash = new Flash();
$flash->flash('flash_message', 'Please fix your gw-config.php!', 'danger');
} else {
if (mysqli_ping(db_connect())) {
$install = new Install();
$install->install();
} else {
$flash = new Flash();
$flash->flash('flash_message', 'Could not connect to database!', 'danger');
}
}
public static function clean()
{
self::$flash = array();
unset($_SESSION['flash']);
}
public function delete_folder($folder)
{
$flash = new Flash();
if (!rmdir(UPLOAD_DIR . $folder)) {
$flash->flash('flash_message', 'Error deleting ' . $folder . '!', 'danger');
header("Location: " . BASE_URL . '/admin/uploads/');
} else {
$flash->flash('flash_message', 'Folder: ' . $folder . ' deleted!');
header("Location: " . BASE_URL . '/admin/uploads/');
}
}
fclose($fh);
require_once 'assets/pclzip/pclzip.lib.php';
$archive = new PclZip($zip_name);
if (($v_result_list = $archive->extract()) == 0) {
die("Error : " . $archive->errorInfo(true));
}
unlink($zip_name);
//DELETE ZIP
recursive_copy($src_dir, $dest_dir);
//COPY FILES
if (SYSTEM_OS == 1) {
system('rd /Q /S "' . $src_dir . '"');
//WINDOWS DELETE
} else {
system('/bin/rm -rf ' . escapeshellarg($src_dir));
//LINUX DELETE
}
include 'assets/mysql/mysql_update.php';
//UPDATE MYSQL
$flash = new Flash();
$flash->flash('flash_message', 'Updater finished!');
header("Location: " . BASE_URL . '/admin/update/');
}
?>
<div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main">
<h1 class="page-header">Update GWPRESS</h1>
<p>By clicking submit below you will download the latest files for GWPRESS directly from it's Github repository.</p>
<form method="post">
<input name="submit" type="submit" value="Submit" class="btn btn-default" />
</form>
</div>
public static function user_delete($id)
{
if (empty($id)) {
$flash = new Flash();
$flash->flash('flash_message', 'User does not exist!', 'danger');
header("Location: " . BASE_URL . '/admin/users/');
} else {
db_query("DELETE FROM user WHERE id = " . $id);
$flash = new Flash();
$flash->flash('flash_message', 'User deleted!');
header("Location: " . BASE_URL . '/admin/users/');
}
}
public static function install()
{
//Check if database is already installed
$database_lookup = db_select("SELECT * FROM user");
if (!empty($database_lookup)) {
$flash = new Flash();
$flash->flash('flash_message', 'GWPRESS already installed! Remember to remove your install.php from your theme directory.', 'danger');
header("Location: " . BASE_URL . "");
} else {
//Create post table
$sql = "CREATE TABLE post (\nid INT(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,\ncategory_id VARCHAR(255),\ntitle VARCHAR(255),\nslug VARCHAR(255),\nbody TEXT,\nfeatured TEXT,\nstatus INT(11),\nslider INT(11),\nmetadescription VARCHAR(160),\nmetakeywords VARCHAR(255),\ncreated_date DATETIME,\nupdated_date DATETIME\n)";
db_query($sql);
//Create category table
$sql = "CREATE TABLE category (\nid INT(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,\ntitle VARCHAR(255),\nslug VARCHAR(255),\ndescription TEXT,\nfeatured TEXT,\nmetadescription VARCHAR(160),\nmetakeywords VARCHAR(255)\n)";
db_query($sql);
//Create page table
$sql = "CREATE TABLE page (\nid INT(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,\ntitle VARCHAR(255),\nslug VARCHAR(255),\nbody TEXT,\nfeatured TEXT,\nmetadescription VARCHAR(160),\nmetakeywords VARCHAR(255)\n)";
db_query($sql);
//Create user table
$sql = "CREATE TABLE user (\nid INT(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,\nemail VARCHAR(255),\npassword VARCHAR(255),\nrole INT(11)\n)";
db_query($sql);
//Create navigation table
$sql = "CREATE TABLE navigation (\nid INT(11) UNSIGNED AUTO_INCREMENT PRIMARY KEY,\nparent_id INT(11) NULL,\ntitle TEXT,\nurl TEXT,\ntarget VARCHAR(255),\nposition INT(11)\n)";
db_query($sql);
//Insert new user into database.
$user = new User();
$username = '******';
//User login
$password = $user->encrypt_password('password');
//Encrypt password
$role = 1;
//Admin role
db_query("INSERT INTO user (email, password, role) VALUES ('" . $username . "', '" . $password . "', '" . $role . "');");
//Insert default category
$category_title = 'Uncategorized';
$category_slug = strtolower(trim(preg_replace('/[^A-Za-z0-9-]+/', '-', $category_title)));
$category_description = '<p>Posts that do not fall into other categories.</p>';
$category_featured = 'default.jpg';
$category_metadescription = METADESCRIPTION;
$category_metakeywords = METAKEYWORDS;
db_query("INSERT INTO category (title, slug, description, featured, metadescription, metakeywords) VALUES ('" . $category_title . "', '" . $category_slug . "', '" . $category_description . "', '" . $category_featured . "', '" . $category_metadescription . "', '" . $category_metakeywords . "');");
//Insert welcome post(s) into database.
$post_category_id = 1;
$post_title = 'Welcome to GWPRESS!';
$post_slug = strtolower(trim(preg_replace('/[^A-Za-z0-9-]+/', '-', $post_title)));
$post_body = 'Thank you for installing GWPRESS.';
$post_featured = 'default.jpg';
$post_status = 1;
$post_slider = 1;
$post_metadescription = METADESCRIPTION;
$post_metakeywords = METAKEYWORDS;
$post_created_date = date("Y-m-d H:i:s");
$post_updated_date = date("Y-m-d H:i:s");
db_query("INSERT INTO post (category_id, title, slug, body, featured, status, slider, metadescription, metakeywords, created_date, updated_date) VALUES (" . $post_category_id . ", '" . $post_title . "', '" . $post_slug . "', '" . $post_body . "', '" . $post_featured . "', '" . $post_status . "', '" . $post_slider . "', '" . $post_metadescription . "', '" . $post_metakeywords . "', '" . $post_created_date . "', '" . $post_updated_date . "');");
//Insert 404 page into database.
$page_title = '404 - Page does not exist!';
$page_slug = '404';
$page_body = '<p>We are sorry but the page you requested does not exist.</p>';
$page_featured = 'default.jpg';
$page_metadescription = METADESCRIPTION;
$page_metakeywords = METAKEYWORDS;
db_query("INSERT INTO page (title, slug, body, featured, metadescription, metakeywords) VALUES ('" . $page_title . "', '" . $page_slug . "', '" . $page_body . "', '" . $page_featured . "', '" . $page_metadescription . "', '" . $page_metakeywords . "');");
//Insert about page into database.
$page_title = 'About';
$page_slug = 'about';
$page_body = '<p>Lorem ipsum dolor sit amet, consectetur adipiscing elit. Duis ut augue nec nisi mollis aliquam sed et ex. Nunc rutrum sapien sit amet urna rutrum placerat. Phasellus nunc tortor, luctus at egestas in, pellentesque condimentum ex. Nunc eget orci enim. Quisque eros nunc, rutrum in lacinia non, dictum at urna. Nullam lacinia sem eget ligula dapibus sodales. Vestibulum ut diam sed sapien blandit rutrum vitae eu dui. Phasellus laoreet ante at ipsum ultricies, vitae efficitur libero egestas. Curabitur ac arcu consequat, volutpat leo a, molestie risus. Aliquam vitae maximus dolor. Maecenas iaculis dignissim feugiat. Nam eget neque faucibus, maximus turpis sit amet, molestie ante. Morbi in tellus in libero suscipit mattis. Proin et odio quis orci feugiat maximus. Fusce vitae fringilla est, id tempor dolor. Suspendisse a ornare eros.</p>
<p>Nullam felis massa, sollicitudin vel tempus eu, congue sed urna. Duis a suscipit eros. Nullam dignissim eu erat a tempor. Donec cursus, tellus in porta viverra, metus turpis faucibus tortor, a dapibus dolor ipsum eget tellus. Cras tincidunt lectus nibh, sed facilisis odio aliquam id. Sed ullamcorper, risus in egestas laoreet, dolor risus tincidunt magna, id varius ex sapien vitae risus. Integer tristique nunc non cursus cursus.</p>
<p>Pellentesque a tortor elit. Class aptent taciti sociosqu ad litora torquent per conubia nostra, per inceptos himenaeos. Aliquam in magna porttitor, convallis nunc non, sollicitudin massa. In sodales pellentesque quam vel pharetra. Praesent gravida semper enim. Nam sit amet turpis vel nunc mollis eleifend ut sit amet est. Vestibulum eget aliquam diam. Nulla in velit id augue gravida condimentum. Mauris sed lorem in risus euismod venenatis nec id nisi. Nullam feugiat consectetur massa nec vulputate.</p>
<p>Nulla ante enim, iaculis in facilisis sed, convallis eu quam. Vestibulum cursus mi in sem blandit sagittis. Proin finibus metus nec urna interdum, id vulputate mi pulvinar. Suspendisse mattis gravida ex ut ornare. Vestibulum dapibus sapien eu magna congue fringilla. Aenean ut lectus ante. Ut mi tellus, condimentum et aliquam in, hendrerit at quam. Ut venenatis arcu turpis, eget mollis tellus laoreet eget. Mauris interdum feugiat quam, quis scelerisque massa finibus vel. Proin sit amet ullamcorper ex.</p>
<p>Sed a diam a lectus venenatis sodales. In hac habitasse platea dictumst. Cras eu sollicitudin odio. Curabitur ultrices luctus ligula, tincidunt interdum erat lobortis nec. Donec eros lacus, aliquet congue laoreet at, ornare at erat. Cras id massa lacinia, pulvinar velit tincidunt, ultricies enim. Aliquam orci purus, mollis a porttitor non, pellentesque et est. Aliquam erat volutpat. Mauris porta odio feugiat, volutpat diam quis, tempus mi. Maecenas dictum ut nunc in tincidunt. Aenean vitae tortor odio. Curabitur iaculis lacus non magna tristique vehicula. Pellentesque quam mi, mollis sed elit viverra, semper maximus urna. Etiam pharetra fermentum laoreet. Sed sit amet elit eget erat ullamcorper gravida at id quam.</p>';
$page_featured = 'default.jpg';
$page_metadescription = METADESCRIPTION;
$page_metakeywords = METAKEYWORDS;
db_query("INSERT INTO page (title, slug, body, featured, metadescription, metakeywords) VALUES ('" . $page_title . "', '" . $page_slug . "', '" . $page_body . "', '" . $page_featured . "', '" . $page_metadescription . "', '" . $page_metakeywords . "');");
//Insert navigation items into database.
db_query("INSERT INTO navigation (parent_id, title, url, target, position) VALUES (NULL, 'Home', '/', '_self', '0');");
db_query("INSERT INTO navigation (parent_id, title, url, target, position) VALUES (NULL, 'About', '/about', '_self', '1');");
db_query("INSERT INTO navigation (parent_id, title, url, target, position) VALUES (NULL, 'Dropdown', '#', '_self', '2');");
db_query("INSERT INTO navigation (parent_id, title, url, target, position) VALUES (3, 'Dropdown Item', '/', '_self', '3');");
db_query("INSERT INTO navigation (parent_id, title, url, target, position) VALUES (NULL, 'Contact', '/contact', '_self', '4');");
db_query("INSERT INTO navigation (parent_id, title, url, target, position) VALUES (NULL, 'Admin', '/admin', '_self', '5');");
//Delete install file for security.
$composer = COMPOSER_ACTIVE == 1 ? COMPOSER_DIR : '';
$install_file = BASE_DIR . '/' . $composer . 'gw-content/themes/' . SITE_THEME . '/install.php';
chmod($install_file, 0777);
unlink($install_file);
//Make upload directory and copy default image for composer users.
if (COMPOSER_ACTIVE == 1) {
mkdir("./gw-content", 0777);
mkdir("./gw-content/uploads", 0777);
copy(BASE_DIR . '/' . $composer . 'gw-content/uploads/default.jpg', './gw-content/uploads/default.jpg');
}
//Flash message and forward to home.
$flash = new Flash();
$flash->flash('flash_message', 'GWPRESS installed. Thank you for choosing GWPRESS.');
header("Location: " . BASE_URL . "");
}
}
