function _fetchFields() { $this->_articleId = $this->_request->getValue("articleId"); $this->_blogId = $this->_request->getValue("blogId"); $this->_opId = $this->_request->getValue("op"); $this->_parentId = $this->_request->getValue("parentId"); if ($this->_parentId == null || $this->_parentId == "") { $this->_parentId = 0; } $this->_userEmail = Textfilter::filterAllHTML($this->_request->getValue("userEmail")); $this->_userUrl = Textfilter::filterAllHTML($this->_request->getValue("userUrl")); if (strlen($this->_userUrl) != 0 && substr($this->_userUrl, 0, 7) != "http://") { $this->_userUrl = "http://" . $this->_userUrl; } $this->_userName = Textfilter::filterAllHTML($this->_request->getValue("userName")); $this->_commentText = trim($this->_request->getValue("commentText")); $this->_commentTopic = trim(Textfilter::filterAllHTML($this->_request->getValue("commentTopic"))); // remove all weird stuff from the comment text $tf = new TextFilter(); $this->_commentText = $tf->xhtmlize($tf->filterHTML($this->_commentText)); // now, if the option is set, we 'beautify' the text typed by users if ($this->_config->getValue("beautify_comments_text")) { $this->_commentText = $tf->autop($this->_commentText); } }
/** * Returns filter's form element * * @return \Nette\Forms\Controls\BaseControl */ public function getFormControl() { parent::getFormControl(); $this->element->getControlPrototype()->addClass('datepicker'); $this->element->getControlPrototype()->maxlength = 10; return $this->element; }
/** * Manually adds the "show more" link in a post. * * @param post The post we are going to cut. * @param maxWords Amount of words we'd like to allow. * @param linkText Text we are going to show. * @return The modified link. */ function addShowMoreLink($post, $maxWords, $linkText) { $textFilter = new TextFilter(); $result = $textFilter->cutText($post->getText(), $maxWords); $config =& Config::getConfig(); if ($result != $post->getText()) { $rg =& RequestGenerator::getRequestGenerator(); $rg->addParameter("op", "ViewArticle"); $rg->addParameter("articleId", $post->getId()); $rg->addParameter("blogId", $this->_blogInfo->getId()); $indexPage = $config->getValue("script_name", "index.php"); $showMoreLink = " <a href=\"{$indexPage}" . $rg->getRequest() . "\">" . $linkText . "</a>"; $result .= $showMoreLink; } return $result; }
function _addJournal($data, $_debug) { // blog, $owner, $about, $settings, $id = -1 * <li>locale</li> if ($data["name"] == NULL) { $data["name"] = "Journal"; } if ($data["owner"] == NULL) { $data["owner"] = 1; } if ($data["about"] == NULL) { $data["about"] = "About..."; } // if ($data["blog_id"] == NULL) $data["blog_id"] = NULL; /* Individual Blog Settings have been disabled in favor of using the BlogSettings::_setDefaults() method to generate preferences based on admin settings. if ($data["locale"] == NULL) $data["locale"] = "EN_UK"; if ($data["template"] == NULL) $data["template"] = "blueish"; if ($data["show_more"] == NULL) $data["show_more"] = 0; if ($data["threshold"] == NULL) $data["threshold"] = 50; if ($data["recent"] == NULL) $data["recent"] = 10; if ($data["xmlrpc"] == NULL) $data["xmlrpc"] = 0; if ($data["htmlarea"] == NULL) $data["htmlarea"] = 1; if ($data["comments"] == NULL) $data["comments"] = 1; if ($data["order"] == NULL) $data["order"] = 1; */ $blogs = new Blogs(); if ($data["blog_id"]) { $blog = $blogs->getBlogInfoByName(TextFilter::urlize($data["name"])); if ($blog) { if ($blog->getId() == $data["blog_id"]) { if ($_debug) { print "--- --- blog " . $blog->getBlog() . " already exists at the proper id (" . $blog->getId() . "). next entry.<br />\n\r"; } return $blog->getId(); } else { if ($_debug) { print "--- --- blog " . $blog->getBlog() . " already exists, but at a new id (" . $blog->getId() . "). skip to remap.<br />\n\r"; } $blog_id = $blog->getId(); } } } if (!$blog_id) { $blog = new BlogInfo($data["name"], $data["owner"], $data["about"], "", $data["blog_id"]); $blog_id = $blogs->addBlog($blog); if ($_debug) { print "--- blog " . $blog->getBlog() . " created at a new id (" . $blog_id . "). proceed to remap.<br />\n\r"; } $this->_stats["blogs"]["write"]++; } // remap categories foreach ($this->_t_container["categories"] as $category => $val) { if ($val["blog_id"] == $data["blog_id"] || $val["blog_id"] == NULL) { if ($_debug) { print "--- --- --- remapping category #" . $category . " to the proper blog id.<br />\n\r"; } $this->_container["categories"][$category]["blog_id"] = $blog_id; } } // remap articles foreach ($this->_t_container["posts"] as $post => $val) { if ($val["blog_id"] == $data["blog_id"] || $val["blog_id"] == NULL) { if ($_debug) { print "--- --- --- remapping post #" . $post . " to the proper blog id.<br />\n\r"; } $this->_container["posts"][$post]["blog_id"] = $blog_id; } } return $blog_id; }
die; } if ($params->getValue("url") == "") { $result = errorResponse("The url parameter must be present."); print $result; trackbackLog("Sending error response: {$result}"); trackbackLog("** End"); die; } if (!$config->getValue("trackback_server_enabled")) { trackbackLog("Trackback server disabled by administrator"); $result = errorResponse("Trackback feature has been disabled by the administrator."); die($result); } // for security, we will strip _ANY_ html tag from the tags $tf = new TextFilter(); $blogName = $tf->filterAllHTML($params->getValue("blog_name")); $excerpt = $tf->filterAllHTML($params->getValue("excerpt")); $title = $tf->filterAllHTML($params->getValue("title")); $articleId = $params->getValue("id"); $url = $tf->filterAllHTML($params->getValue("url")); // try to see if the article is correct $articles = new Articles(); $article = $articles->getBlogArticle($articleId); if (!$article) { trackbackLog("ERROR: Incorrect error identifier"); $result = errorResponse("Incorrect article identifier"); die($result); } // try to load the blog info too, as we are going to need it $blogs = new Blogs();
function perform() { // get a connection to the db $db = connectDb(); $dbPrefix = getDbPrefix(); $db->debug = false; // no errors here $errors = false; // see how many records we have $queryCount = "SELECT COUNT(*) AS total FROM {$dbPrefix}articles"; $result = $db->Execute($queryCount); $row = $result->FetchRow(); $numRecords = $row["total"]; $this->_totalPosts = $numRecords; // check whether we should use multiple steps $multipleSteps = $numRecords > WIZARD_MAX_RECORDS_THRESHOLD; if ($multipleSteps) { // how many steps do we need? $numSteps = ceil($numRecords / WIZARD_MAX_RECORDS_PER_STEP); $this->_numSteps = $numSteps; //print("using different steps! numSteps = $numSteps<br/>"); } // run the query and loop through the results $query = "SELECT * FROM {$dbPrefix}articles"; if ($multipleSteps) { // generate the LIMIT condition for this page $query .= " LIMIT " . $this->_curStep * WIZARD_MAX_RECORDS_PER_STEP . ", " . WIZARD_MAX_RECORDS_PER_STEP; } //print("query = $query<br/>"); $result = $db->Execute($query); $tf = new TextFilter(); $numPosts = $result->RowCount(); while ($row = $result->FetchRow()) { // for each one of the articles, fill in the mangled_topic, normalized_text and normalized_value $normalizedTopic = Db::qstr($tf->normalizeText($row["topic"])); $postTopic = Db::qstr($row["topic"]); $normalizedText = Db::qstr($tf->normalizeText($row["text"])); $postText = Db::qstr($row["text"]); $mangledTopic = Db::qstr($tf->urlize($row["topic"])); $status = $this->getStatusId($row["old_status"]); $artId = $row["id"]; $catId = $row["category_id"]; $query = "UPDATE {$dbPrefix}articles SET slug = '{$mangledTopic}', date = date, status = {$status}\n WHERE id = {$artId}"; $query2 = "INSERT INTO {$dbPrefix}article_categories_link(article_id, category_id)\n VALUES ( {$artId}, {$catId} )"; $query3 = "INSERT INTO {$dbPrefix}articles_text (article_id,text,topic,normalized_text,normalized_topic,mangled_topic)\n VALUES('{$artId}','{$postText}','{$postTopic}','{$normalizedTopic}','{$normalizedText}','{$mangledTopic}')"; // execute the two queries $res = $db->Execute($query); $res2 = $db->Execute($query2); $res3 = $db->Execute($query3); /*if( !$res || !$res2 || !$res3 ) $errors = true;*/ } // check whether we've already done the last step or not $lastStepDone = $this->_curStep >= $this->_numSteps; // if error if ($errors) { $this->_view = new WizardView("update2"); $this->_view->setErrorMessage("There was an error updating the articles table."); $this->setCommonData(); return false; } //$query1 = "ALTER TABLE {$dbPrefix}articles DROP COLUMN old_status, DROP COLUMN category_id"; //$db->Execute( $query1 ); // if everyhting's fine, say so... if (!$multipleSteps || $lastStepDone) { $this->_view = new WizardView("update3"); $this->_view->setValue("totalPosts", $this->_totalPosts); } else { // if we're using multiple steps, show the same page $this->_view = new WizardView("update2"); $this->_view->setValue("numPosts", $numPosts); $this->_view->setValue("curStep", $this->_curStep + 1); $this->_view->setValue("totalPosts", $this->_totalPosts); $this->_view->setValue("numSteps", $this->_numSteps); $this->_view->setValue("multipleSteps", true); } return true; }
/** * Returns the link but given a category. Does the same as postCategoryLink but this time we don't need * a post but an ArticleCategory object. * * @see postCategoryLink * @see ArticleCategory * @param An ArticleCategory object containing the information regarding the category. * @return A string with the correct url pointing to the page that will show only the posts that belong * to the given category. */ function categoryLink($category) { $categoryFormat = $this->_config->getValue("category_link_format"); $ownerInfo = $this->_blogInfo->getOwnerInfo(); $params = array("{catid}" => $category->getId(), "{catname}" => TextFilter::urlize($category->getName()), "{blogid}" => $this->_blogInfo->getId(), "{blogowner}" => $ownerInfo->getUsername(), "{blogname}" => $this->_blogInfo->getMangledBlog()); $result = $this->_replaceTags($categoryFormat, $params); $categoryLink = $this->getBaseUrl() . $result; return $categoryLink; }
$link = $rg->resourceDownloadLink($resource); } else { $link = $rg->resourcePreviewLink($resource); } $markup .= "<img src=\"{$link}\" alt=\"" . $resource->getDescription() . "\" />"; } else { $markup .= $resource->getDescription(); } $markup .= "</a>"; $curItem++; if ($curItem < $numItems) { $markup .= "<br/><br/>"; } MoblogLogger::log("Adding markup {$markup}"); $postBody .= $markup; $postBody = TextFilter::autoP(trim($postBody)); $resNames .= $resource->getDescription(); } // add the article $articles = new Articles(); $article = new Article($request->getTopic(), $postBody, array($category->getId()), $userInfo->getId(), $blogInfo->getId(), POST_STATUS_PUBLISHED, 0); $article->setDateObject(new Timestamp()); // enable or disable comments by default depending on the current config $commentsEnabled = $blogSettings->getValue("comments_enabled"); $article->setCommentsEnabled($commentsEnabled); $result = $articles->addArticle($article); // add an article notification $notifications = new ArticleNotifications(); $notifications->addNotification($result, $blogInfo->getId(), $userInfo->getId()); // reset the cache in case it is enabled CacheControl::resetBlogCache($blogInfo->getId());
/** * Updates a category. * * @param category An ArticleCategory object with the information about the category we're * going to update. * @return True if successful or false otherwise. */ function updateCategory($category) { $query = "UPDATE " . $this->getPrefix() . "articles_categories\n SET name = '" . Db::qstr($category->getName()) . "',\n url = '" . Db::qstr($category->getUrl()) . "',\n in_main_page = " . $category->isInMainPage() . ",\n\t\t\t\t\t properties = '" . Db::qstr(serialize($category->getProperties())) . "',\n\t\t\t\t\t mangled_name = '" . Db::qstr(TextFilter::urlize($category->getName())) . "',\n\t\t\t\t\t description = '" . Db::qstr($category->getDescription()) . "' \n WHERE id = " . $category->getId() . ";"; $result = $this->Execute($query); if (!$result) { return false; } else { return true; } }
function Validate($trackback) { // Get the page $url = TextFilter::htmlDecode($trackback->_url); $page = $this->fetchPage($url); // Get the trackback client $tbClient = new TrackbackClient(); // get the trackback url $tbLinks = $tbClient->getTrackbackLinks($page, $url); if (empty($tbLinks)) { // there were no trackback links in the page // error_log( "Found no trackback urls" ); // Delete this trackback $trackbacks = new Trackbacks(); $trackbacks->deletePostTrackback($trackback->_id, $trackback->_articleId); //print("Error: trackback unavailable<br/>"); } }
/** * updates an album in the db * * @param album A GalleryAlbum object that already exists in the db. * @param Returns true if successful or false otherwise. */ function updateAlbum($album) { if ($album->getId() == $album->getParentId()) { return false; } $tf = new TextFilter(); $query = "UPDATE " . $this->getPrefix() . "gallery_albums SET\n description = '" . Db::qstr($album->getDescription()) . "',\n name = '" . Db::qstr($album->getName()) . "',\n parent_id = " . $album->getParentId() . ",\n properties = '" . serialize($album->getProperties()) . "',\n show_album = " . $album->getShowAlbum() . ",\n normalized_name = '" . Db::qstr($tf->normalizeText($album->getName())) . "',\n normalized_description = '" . Db::qstr($tf->normalizeText($album->getDescription())) . "',\n\t\t\t\t\t mangled_name = '" . $tf->urlize($album->getName()) . "'\n WHERE id = " . $album->getId() . ";"; return $this->Execute($query); }
/** * 过滤post或者get参数 * Enter description here ... */ public static function formatRequest($re = array()) { $data = empty($re)?$_REQUEST:$re; foreach ($data as $k=>$v) { if (!is_numeric($v) && !is_array($v)) { $v = TextFilter::get_str($v); $request[$k] = htmlspecialchars($v); } elseif (is_array($v)) { $request[$k] = TextFilter::formatRequest($v); } else { $request[$k] = $v; } } return $request; }
/** * updates a resource in the database. * * @param resource A GalleryResource object with the information of the * resource we'd like to update. * @return Returns true if successful or false otherwise */ function updateResource($resource) { $tf = new TextFilter(); $query = "UPDATE " . $this->getPrefix() . "gallery_resources\n SET album_id = " . $resource->getAlbumId() . ",\n description = '" . Db::qstr($resource->getDescription()) . "',\n flags = " . $resource->getFlags() . ",\n resource_type = " . $resource->getResourceType() . ",\n file_path = '" . $resource->getFilePath() . "',\n file_name = '" . $resource->getFileName() . "',\n metadata = '" . Db::qstr(serialize($resource->getMetadata())) . "',\n\t\t\t\t\t thumbnail_format ='" . $resource->getThumbnailFormat() . "',\n date = '" . $resource->getDate() . "',\n normalized_description = '" . Db::qstr($tf->normalizeText($resource->getDescription())) . "'\n WHERE id = " . $resource->getId(); $result = $this->Execute($query); if (!$result) { return false; } else { return true; } }