public function getTrackerStats()
{
$data = array('datasets' => array());
$start = Request::get('start', 'int') ?: -30;
$end = Request::get('end', 'int') ?: 0;
$sub_id = -1;
$user_id = -1;
$tracker = NULL;
foreach ($_GET['sets'] as $set) {
$tracker = isset($set['tracker']) ? intval($set['tracker']) : $tracker;
$sub_id = isset($set['sub_id']) ? intval($set['sub_id']) : $sub_id;
$user_id = isset($set['user_id']) ? intval($set['user_id']) : $user_id;
if (empty($tracker)) {
throw new \Exception('Invalid tracker');
}
$data['datasets'][] = array('data' => array_values(Tracker::getHistory($tracker, $start, $end, $sub_id, $user_id)), 'label' => Tracker::getName($tracker));
}
$data['labels'] = array();
$start += Time::today();
$end += Time::today();
for ($i = $start; $i <= $end; $i++) {
$data['labels'][] = jdtogregorian($i);
}
Output::json($data);
}
/**
* Send a posted contact request to the site admin.
*/
public function postSendMessage()
{
// Make sure the sender's email address is valid.
if (!($sender_email = Request::post('email', 'email'))) {
Messenger::error('Please enter a valid email address.');
return $this->get();
}
if (!ReCaptcha::verify()) {
Messenger::error('You did not correctly enter the captcha code.');
return $this->get();
}
$subject = Configuration::get('contact.subject');
$body = "\nName: {$_POST['name']}\nEmail: {$sender_email}\nMessage:\n{$_POST['message']}";
$to_addresses = Configuration::get('contact.to');
$mailer = new Mailer();
foreach ($to_addresses as $to) {
$mailer->to($to);
}
$sent = $mailer->from($sender_email)->subject($subject)->message($body)->send();
if (!$sent) {
Messenger::error('Your message could not be sent. Please try again later');
return $this->get();
} else {
// Send an email to to have them test for spam.
if ($auto_responder = Configuration::get('contact.auto_responder')) {
$auto_responder_mailer = new Mailer();
$result = $auto_responder_mailer->sendOne($auto_responder, UserModel::loadByEmail($sender_email) ?: new UserModel(array('email' => $sender_email)));
if ($result && Configuration::get('contact.spam_test')) {
// Set the notice.
Navigation::redirect('/message', array('msg' => 'spam_test'));
}
}
Navigation::redirect('/message', array('msg' => 'contact_sent'));
}
}
public function getImpersonate()
{
$session = Session::getInstance();
$session->setSettings('impersonate', Request::get('id', 'int'));
$session->saveData();
// TODO: This should call the User::loginRedirect() function.
Navigation::redirect('/');
}
/**
* Send a test email.
*/
public function postSendTest()
{
Output::disableBuffering();
Messenger::setVerbose(true);
$mailer = new Mailer(true);
$mailer->sendBulk(Request::get('id', 'int'), true);
exit;
}
public function postReset()
{
if (!($email = Request::get('email', 'email'))) {
Output::error('Invalid email');
} elseif (!($user = UserModel::loadByEmail($email))) {
Output::error('User does not exist.');
}
$user->sendResetLink();
}
/**
* The main execute method called from index.php
*/
public function execute()
{
global $argv;
$func = Request::convertFunctionName('execute', $argv[2]);
if (method_exists($this, $func)) {
$this->{$func}();
} else {
$this->out('No handler found.');
}
}
/**
* Does not require encryption, uses token.
*/
public function post()
{
$user = ClientUser::getInstance()->id;
// TODO: These can be spoofed.
// A verification method is needed.
$tracker = Request::post('tracker');
$sub = Request::post('id', 'int');
// Track.
Tracker::trackEvent($tracker, $sub, $user);
Output::json(Output::SUCCESS);
}
public function postSave()
{
$user = ClientUser::getInstance();
// Update the user name.
$user->update(array('first' => Request::get('first'), 'last' => Request::get('last')));
// Update the password.
$password = Request::post('password');
$new_password = Request::post('new_password');
$new_password_confirm = Request::post('new_password_confirm');
if (!empty($password) && $user->checkPass($password)) {
if (false) {
Messenger::error('Your password did not meet the required criteria.');
} elseif ($new_password != $new_password_confirm) {
Messenger::error('You did not enter the same password twice.');
} else {
$user->setPass($new_password);
}
} elseif (!empty($new_password) || !empty($new_password)) {
Messenger::error('You did not enter your correct current password.');
}
// Update mailing list preferences.
$new_lists = Request::get('subscribed', 'array', 'int', array());
$new_lists = array_combine($new_lists, $new_lists);
$all_lists = Subscription::getLists();
$user_id = ClientUser::getInstance()->id;
$user_lists = Subscription::getUserLists($user_id);
$remove_lists = array();
foreach ($user_lists as $list) {
if (empty($new_lists[$list['message_list_id']]) && !empty($list['visible'])) {
$remove_lists[$list['message_list_id']] = $list['message_list_id'];
}
}
$add_lists = $new_lists;
unset($add_lists[0]);
if (!isset($new_lists[0])) {
foreach ($all_lists as $list) {
if (empty($list['visible'])) {
$remove_lists[$list['message_list_id']] = $list['message_list_id'];
}
}
}
$db = Database::getInstance();
if (!empty($remove_lists)) {
$db->delete('message_list_user', array('message_list_id' => array('IN', $remove_lists), 'user_id' => $user_id));
}
if (!empty($add_lists)) {
$db->insertMultiple('message_list_user', array('message_list_id' => $add_lists, 'user_id' => $user_id), true);
}
if (count(Messenger::getErrors()) == 0) {
Navigation::redirect(null, array('msg' => 'saved'));
}
}
/**
* Perform request from client.
*/
public function execute()
{
// TODO Check for an authentication key if required.
// Perform requested actions.
if ($actions = Request::get('actions', 'array')) {
$this->executeActions($actions);
}
if ($load = Request::get('load', 'array')) {
$this->loadAddtionalData($load);
}
$this->finalize();
Output::jsonData($this->output, true);
}
public function getGetData()
{
$start = Request::get('start', 'int', null, -30);
$end = Request::get('end', 'int', null, 0);
$message_id = Request::get('message_id', 'int');
$tracker = new Tracker();
$email_sent = $tracker->getHistory(Tracker::getTrackerId('Email Sent'), $start, $end, $message_id);
$email_bounced = $tracker->getHistory(Tracker::getTrackerId('Email Bounced'), $start, $end, $message_id);
$email_opened = $tracker->getHistory(Tracker::getTrackerId('Email Opened'), $start, $end, $message_id);
$data = new ChartData(Time::today() + $start, Time::today() + $end);
$data->addDataSet($email_sent, 'Sent');
$data->addDataSet($email_bounced, 'Bounced');
$data->addDataSet($email_opened, 'Opened');
$data->setXLabels(array_map('jdtogregorian', range(Time::today() + $start, Time::today() + $end)));
$data->output();
}
public function __construct()
{
parent::__construct();
JS::add('/js/Chart.min.js', false);
JS::startup('lightning.stats.init()');
// Prepare the JS.
JS::set('chart.' . $this->id . '.renderer', $this->renderer);
JS::set('chart.' . $this->id . '.url', '/' . Request::getLocation());
JS::set('chart.' . $this->id . '.params.start', ['source' => 'start']);
JS::set('chart.' . $this->id . '.params.number_format', $this->numberFormat);
JS::set('chart.' . $this->id . '.params.diff', !empty($this->diff));
if (!empty($this->data)) {
JS::set('chart.' . $this->id . '.data', $this->data);
}
JS::set('chart.' . $this->id . '.ajax', $this->ajax);
}
public function getFields()
{
// TODO: REQUIRE ADMIN
$cl = Request::get('criteria_list', 'explode', 'int');
$output = array();
if (!empty($cl)) {
$fields = Database::getInstance()->select('message_criteria', array('message_criteria_id' => array('IN', $cl)));
foreach ($fields as $f) {
if (!empty($f['variables'])) {
$values = Database::getInstance()->selectRow('message_message_criteria', array('message_id' => Request::get('message_id', 'int'), 'message_criteria_id' => $f['message_criteria_id']));
$output[] = array('criteria_id' => $f['message_criteria_id'], 'variables' => explode(',', $f['variables']), 'values' => json_decode($values['field_values']));
}
}
}
Output::json(array('criteria' => $output));
}
protected function initSettings()
{
if (Request::get('return') == 'view') {
$this->post_actions['after_post'] = function ($row) {
Navigation::redirect('/' . $row['url'] . '.htm');
};
}
$this->preset['user_id']['default'] = ClientUser::getInstance()->id;
$this->preset['url']['submit_function'] = function (&$output) {
$output['url'] = Request::post('url', 'url') ?: Request::post('title', 'url');
};
$this->preset['header_image'] = array('type' => 'image', 'location' => BlogModel::IMAGE_PATH, 'weblocation' => '/' . BlogModel::IMAGE_PATH);
$this->action_fields = array('view' => array('display_name' => 'View', 'type' => 'html', 'html' => function ($row) {
return '<a href="/' . $row['url'] . '.htm"><img src="/images/lightning/resume.png" /></a>';
}));
}
public function __construct()
{
ClientUser::requireAdmin();
$list_id = Request::get('list', 'int');
if ($list_id === 0) {
Template::getInstance()->set('title', 'Users not on any mailing list.');
$this->accessTableCondition = array('message_list_id' => array('IS NULL'));
} elseif ($list_id > 0) {
$list = Database::getInstance()->selectField('name', 'message_list', array('message_list_id' => $list_id));
Template::getInstance()->set('title', "Users on list {$list}.");
$this->accessTableCondition = array('message_list_id' => $list_id);
} else {
Template::getInstance()->set('title', 'All users on all lists.');
}
parent::__construct();
}
public function get()
{
$page = Request::getLocation();
$template_page = Configuration::get('splash.pages.' . $page);
// No template found.
if (empty($template_page) || is_array($template_page) && empty($template_page['template'])) {
Output::error('Page not found.');
} else {
$this->page = is_array($template_page) ? $template_page['template'] : $template_page;
}
// Add any CSS or JS files.
if (is_array($template_page)) {
if (!empty($template_page['css'])) {
CSS::add($template_page['css']);
}
if (!empty($template_page['js'])) {
JS::add($template_page['js']);
}
}
}
public function post()
{
if ($name = Request::post('name', '', '', '')) {
$name_parts = explode(' ', $name, 2);
$name = array('first' => $name_parts[0]);
if (!empty($name_parts[1])) {
$name['last'] = $name_parts[1];
}
} else {
// Add the user to the system.
$name = array('first' => Request::post('first', '', '', ''), 'last' => Request::post('last', '', '', ''));
}
$email = Request::post('email', 'email');
$user = User::addUser($email, $name);
// Add the user to the mailing list.
$default_list = Configuration::get('mailer.default_list');
$mailing_list = Request::post('list_id', 'int', null, $default_list);
if (!empty($mailing_list)) {
$user->subscribe($mailing_list);
}
Navigation::redirect(Request::post('redirect') ?: '/message?msg=optin');
}
/**
* Execute the callback.
*/
public function execute()
{
$action = ucfirst(Request::get('action'));
$request_type = strtolower(Request::type());
if ($action) {
if (in_array($request_type . $action, get_class_methods($this))) {
$this->{$request_type . $action}();
$this->output();
} else {
Messenger::error('There was an error processing your submission.');
}
} else {
if (in_array($request_type, get_class_methods($this))) {
$this->{$request_type}();
$this->output();
} else {
$this->output = array();
// TODO: show 302
echo 'Method not available';
exit;
}
}
}
public function postUpdateDate()
{
if (ClientUser::getInstance()->isAdmin()) {
$id = Request::post('id');
$key = Request::post('key');
$column = Request::post('column');
$table = Request::post('table');
$m = Request::post("date_m");
$d = Request::post("date_d");
$y = Request::post("date_y");
if ($m > 0 && $d > 0) {
if ($y == 0) {
$y = date("Y");
}
$value = gregoriantojd($m, $d, $y);
} else {
$value = 0;
}
Database::getInstance()->update($table, array($column => $value), array($key => $id));
Output::json(Output::SUCCESS);
} else {
Output::json(Output::ACCESS_DENIED);
}
}
public function loginRedirect($page = null, $params = array())
{
$redirect = Request::post('redirect', 'urlencoded') ?: Request::query('redirect');
if ($redirect && !preg_match('|^[/?]user|', $redirect)) {
Navigation::redirect($redirect, $params);
} elseif (!empty($page)) {
Navigation::redirect($page, $params);
} else {
Navigation::redirect(Configuration::get('user.login_url'), $params);
}
}
/**
* Create a new session.
*
* @param int $user_id
* Optional user ID if the user is already known.
* @param bool $remember
* Optional remember flag to remember the user after they have logged out.
*
* @return session
*/
public static function create($user_id = 0, $remember = false)
{
$session_details = array();
$new_sess_key = static::getNewSessionId();
$new_token = Random::getInstance()->get(64, Random::HEX);
if (empty($new_sess_key) || empty($new_token)) {
Messenger::error('Session error.');
}
$session_details['session_key'] = $new_sess_key;
$session_details['last_ping'] = time();
$session_details['session_ip'] = LightningRequest::server('ip_int');
$session_details['user_id'] = $user_id;
$session_details['state'] = 0 | ($remember ? static::STATE_REMEMBER : 0);
$session_details['form_token'] = $new_token;
$session_details['session_id'] = Database::getInstance()->insert('session', $session_details);
$session = new static($session_details);
$session->setCookie();
return $session;
}
/**
* Create a new user.
*
* @param string $email
* The user's email address.
* @param string $pass
* The new password.
*
* @return Array
* When creation is successful:
* [Status of creation, user id]
* When not:
* [Status of creation, Error short code]
*/
public static function create($email, $pass)
{
if (Database::getInstance()->check('user', array('email' => strtolower($email), 'password' => array('!=', '')))) {
// An account already exists with that email.
return ['success' => false, 'error' => 'A user with that email already exists.'];
} elseif ($user_info = Database::getInstance()->selectRow('user', array('email' => strtolower($email), 'password' => ''))) {
// EMAIL EXISTS IN MAILING LIST ONLY
$updates = array();
// Set the referrer.
if ($ref = Request::cookie('ref', 'int')) {
$updates['referrer'] = $ref;
}
$user = new self($user_info);
$user->setPass($pass, '', $user_info['user_id']);
$updates['registered'] = Time::today();
Database::getInstance()->update('user', $updates, array('user_id' => $user_info['user_id']));
$user->sendConfirmationEmail();
return ['success' => true, 'data' => $user_info['user_id']];
} else {
// EMAIL IS NOT IN MAILING LIST AT ALL
$user_id = static::insertUser($email, $pass);
$updates = array();
if ($ref = Request::cookie('ref', 'int')) {
$updates['referrer'] = $ref;
}
$updates['type'] = 1;
Database::getInstance()->update('user', $updates, array('user_id' => $user_id));
$user = static::loadById($user_id);
$user->sendConfirmationEmail();
return ['success' => true, 'data' => $user_id];
}
}
/**
* Render the edit field component.
*
* @param array $field
* The field settings.
* @param array $row
* The data row.
*
* @return string
* The rendered HTML.
*/
protected function renderEditField($field, &$row = array())
{
// Make sure the form_field is set.
if (!isset($field['form_field'])) {
$field['form_field'] = $field['field'];
}
// Get the default field value.
if (!empty($_POST)) {
$v = Request::post($field['form_field']);
} elseif (empty($row)) {
$v = isset($field['default']) ? $field['default'] : '';
} elseif (isset($field['edit_value'])) {
if (is_callable($field['edit_value'])) {
$v = $row[] = $field['edit_value']($row);
} else {
$v = $row[] = $field['edit_value'];
}
} elseif (!empty($row[$field['field']])) {
$v = $row[$field['field']];
}
if (isset($this->preset[$field['field']]['render_' . $this->action . '_field'])) {
$this->get_row(false);
return $this->preset[$field['field']]['render_' . $this->action . '_field']($this->list);
}
// Prepare value.
if (!isset($field['Value'])) {
$field['Value'] = isset($v) ? $v : null;
}
if (!empty($field['encrypted'])) {
$field['Value'] = $this->decrypt($field['Value']);
}
// Set the default value if new.
if ($this->action == "new" && isset($field['default'])) {
$field['Value'] = $field['default'];
}
// Print form input.
$options = array();
$return = '';
switch (preg_replace('/\\([0-9]+\\)/', '', $field['type'])) {
case 'text':
case 'mediumtext':
case 'longtext':
case 'html':
$config = array();
$editor = !empty($field['editor']) ? strtolower($field['editor']) : 'default';
switch ($editor) {
case 'full':
$config['toolbar'] = "CKEDITOR.config.toolbar_Full";
break;
case 'print':
$config['toolbar'] = "CKEDITOR.config.toolbar_Print";
break;
case 'basic_image':
$config['toolbar'] = "CKEDITOR.config.toolbar_Basic_Image";
break;
case 'basic':
default:
$config['toolbar'] = "CKEDITOR.config.toolbar_Basic";
break;
}
if (!empty($field['full_page'])) {
$config['fullPage'] = true;
$config['allowedContent'] = true;
}
if (!empty($field['height'])) {
$config['height'] = $field['height'];
}
if (!empty($field['upload'])) {
$config['finder'] = true;
}
return CKEditor::iframe($field['form_field'], $field['Value'], $config);
break;
case 'div':
if ($field['Value'] == '') {
$field['Value'] = "<p></p>";
}
return "<input type='hidden' name='{$field['form_field']}' id='{$field['form_field']}' value='" . $this->convert_quotes($field['Value']) . "' />\n\t\t\t\t\t\t\t<div id='{$field['form_field']}_div' spellcheck='true'>{$field['Value']}</div>";
break;
case 'plaintext':
return "<textarea name='{$field['form_field']}' id='{$field['form_field']}' spellcheck='true' cols='90' rows='10'>{$field['Value']}</textarea>";
break;
case 'hidden':
return "<input type='hidden' name='{$field['form_field']}' id='{$field['form_field']}' value='" . $this->convert_quotes($field['Value']) . "' />";
break;
case 'image':
if (!empty($field['Value'])) {
$return .= '<img src="' . $this->getImageLocationWeb($field, $field['Value']) . '" class="table_edit_image" />';
}
// Fall through.
// Fall through.
case 'file':
if ($field['Value'] != '' && (!isset($field['replaceable']) || empty($field['replaceable'])) || $field['Value'] == '') {
$return .= "<input type='file' name='{$field['form_field']}' id='{$field['form_field']}' />";
}
return $return;
break;
case 'time':
return Time::timePop($field['form_field'], $field['Value'], !empty($field['allow_blank']));
break;
case 'date':
$return = Time::datePop($field['form_field'], !empty($field['Value']) ? $field['Value'] : 0, !empty($field['allow_blank']), !empty($field['start_year']) ? $field['start_year'] : 0);
return $return;
break;
case 'datetime':
return Time::dateTimePop($field['form_field'], $field['Value'], !empty($field['allow_blank']), isset($field['start_year']) ? $field['start_year'] : date('Y') - 10);
break;
case 'lookup':
case 'yesno':
case 'state':
case 'country':
case 'select':
if ($field['type'] == 'lookup') {
$options = Database::getInstance()->selectColumn($field['lookuptable'], $field['display_column'], !empty($field['filter']) ? $field['filter'] : array(), !empty($field['lookupkey']) ? $field['lookupkey'] : $field['field']);
} elseif ($field['type'] == "yesno") {
$options = array(1 => 'No', 2 => 'Yes');
} elseif ($field['type'] == "state") {
$options = Location::getStateOptions();
} elseif ($field['type'] == "country") {
$options = Location::getCountryOptions();
} else {
$options = $field['options'];
}
if (!is_array($options)) {
return false;
}
if (!empty($field['allow_blank'])) {
$options = array('' => '') + $options;
}
$output = BasicHTML::select($field['form_field'], $options, $field['Value']);
if (!empty($field['pop_add'])) {
if ($field['table_url']) {
$location = $field['table_url'];
} else {
$location = "table.php?table=" . $field['lookuptable'];
}
$output .= "<a onclick='lightning.table.newPop(\"{$location}\",\"{$field['form_field']}\",\"{$field['display_column']}\")'>Add New Item</a>";
}
return $output;
break;
case 'range':
$output = "<select name='{$field['form_field']}' id='{$field['form_field']}'>";
if ($field['allow_blank']) {
$output .= '<option value="0"></option>';
}
if ($field['start'] < $field['end']) {
for ($k = $field['start']; $k <= $field['end']; $k++) {
$output .= "<option value='{$k}'" . ($field['Value'] == $k ? 'selected="selected"' : '') . ">{$k}</option>";
}
}
$output .= '</select>';
return $output;
break;
case 'checkbox':
return "<input type='checkbox' name='{$field['form_field']}' id='{$field['form_field']}' value='1' " . ($field['Value'] == 1 ? "checked" : '') . " />";
break;
case 'note':
return $field['note'];
break;
case 'checklist':
$vals = $this->decode_bool_group($field['Value']);
$output = '';
foreach ($field['options'] as $i => $opt) {
if (is_array($opt)) {
$id = $opt[0];
$name = $opt[1];
} else {
$id = $i;
$name = $opt;
}
$output .= "<div class='checlist_item'><input type='checkbox' name='{$field['form_field']}_{$id}' value='1' " . ($vals[$id] == 1 ? "checked" : '') . " />{$name}</div>";
}
return $output;
break;
case 'varchar':
case 'char':
preg_match('/(.+)\\(([0-9]+)\\)/i', $field['type'], $array);
$options['size'] = $array[2];
default:
if (!empty($field['autocomplete'])) {
$options['classes'] = array('table_autocomplete');
$options['autocomplete'] = false;
}
return Text::textfield($field['form_field'], $field['Value'], $options);
break;
}
}
public function postSave()
{
$user = ClientUser::getInstance();
if (!$user->isAdmin()) {
return $this->get();
}
$page_id = Request::post('page_id', 'int');
$title = Request::post('title');
$url = Request::post('url', 'url');
// Create an array of the new values.
$new_values = array('title' => $title, 'url' => !empty($url) ? $url : Scrub::url($title), 'keywords' => Request::post('keywords'), 'description' => Request::post('description'), 'site_map' => Request::post('sitemap', 'int'), 'body' => Request::post('page_body', 'html', '', '', true), 'last_update' => time(), 'layout' => Request::post('layout', 'int'));
// Save the page.
if ($page_id != 0) {
Database::getInstance()->update('page', $new_values, array('page_id' => $page_id));
} else {
$page_id = Database::getInstance()->insert('page', $new_values);
}
$output = array();
$output['url'] = $new_values['url'];
$output['page_id'] = $page_id;
$output['title'] = $title;
Output::json($output);
}
/**
* Redirect the page to the same current page with the current query string.
*
* @param array
* Additional query string parameters to add to the current url.
*/
public function redirect($params = array()) {
$output_params = array();
foreach ($this->params as $param) {
if (isset($params[$param])) {
$output_params[$param] = $params[$param];
} elseif (isset($this->$param)) {
$output_params[$param] = $this->$param;
}
}
Navigation::redirect('/' . Request::getLocation(), $output_params);
}
public static function getDateTime($id, $allow_blank = true)
{
$m = Request::get($id . '_m', 'int');
$d = Request::get($id . '_d', 'int');
$y = Request::get($id . '_y', 'int');
$h = Request::get($id . '_h', 'int');
if ($h == 12) {
$h = 0;
}
$i = str_pad(Request::get($id . '_i', 'int'), 2, 0, STR_PAD_LEFT);
$h += Request::get($id . '_a', '', '', 'AM') == 'AM' ? 0 : 12;
if ($allow_blank && (empty($m) || empty($d) || empty($y) || empty($h))) {
return 0;
}
return gmmktime($h, $i, 0, $m, $d, $y);
}
/**
* Get the encoded default value for a form element.
*
* @param string $var
* The name of the field.
* @param string $alt_default
* A default if nothing was submitted.
* @param string $type
* The type, usually html ot text.
*
* @return string
* The HTML encoded value.
*/
public static function defaultValue($var, $alt_default = null, $type = 'text') {
$default = Request::get($var, $type) !== null ? Request::get($var, $type) : $alt_default;
return Scrub::toHTML($default);
}
public function post()
{
$blog_id = Request::get('id', 'int') | Request::get('blog_id', 'int');
$action = Request::get('action');
// AUTHORIZE A BLOG COMMENT.
switch ($action) {
case 'post_comment_check':
echo md5($_POST['email'] . $_POST['name'] . $_POST['comment']);
exit;
case 'post_comment':
// FIRST CHECK FOR SPAM
if ($_POST['check_val'] == md5($_POST['email'] . $_POST['name'] . $_POST['comment'])) {
$values = array('blog_id' => $blog_id, 'ip_address' => Request::server('ip_int'), 'email_address' => Request::post('email', 'email'), 'name' => Request::post('name'), 'comment' => Request::post('comment'), 'time' => time());
Database::getInstance()->insert('blog_comment', $values);
echo "success";
} else {
echo "spam error";
}
exit;
case 'remove_blog_comment':
$user = ClientUser::getInstance();
if ($user->isAdmin() && $_POST['blog_comment_id'] > 0) {
Database::getInstance()->delete('blog_comment', array('blog_comment_id' => Request::post('blog_comment_id', 'int')));
echo "ok";
} else {
echo "access denied";
}
exit;
case 'approve_blog_comment':
$user = ClientUser::getInstance();
if ($user->isAdmin() && $_POST['blog_comment_id'] > 0) {
Database::getInstance()->update('blog_comment', array('approved' => 1), array('blog_comment_id' => Request::post('blog_comment_id', 'int')));
echo "ok";
exit;
}
}
}