Compare commits
No commits in common. "master" and "master" have entirely different histories.
@ -41,13 +41,13 @@ class EditAlbum extends HTMLController
|
||||
exit;
|
||||
}
|
||||
else
|
||||
throw new Exception('Cannot delete album: an error occured while processing the request.');
|
||||
trigger_error('Cannot delete album: an error occured while processing the request.', E_USER_ERROR);
|
||||
}
|
||||
// Editing one, then, surely.
|
||||
else
|
||||
{
|
||||
if ($album->kind !== 'Album')
|
||||
throw new Exception('Cannot edit album: not an album.');
|
||||
trigger_error('Cannot edit album: not an album.', E_USER_ERROR);
|
||||
|
||||
parent::__construct('Edit album \'' . $album->tag . '\'');
|
||||
$form_title = 'Edit album \'' . $album->tag . '\'';
|
||||
@ -67,7 +67,7 @@ class EditAlbum extends HTMLController
|
||||
|
||||
// Gather possible parents for this album to be filed into
|
||||
$parentChoices = [0 => '-root-'];
|
||||
foreach (Tag::getOffset(0, 9999, 'tag', 'up', true) as $parent)
|
||||
foreach (PhotoAlbum::getHierarchy('tag', 'up') as $parent)
|
||||
{
|
||||
if (!empty($id_tag) && $parent['id_tag'] == $id_tag)
|
||||
continue;
|
||||
@ -139,10 +139,6 @@ class EditAlbum extends HTMLController
|
||||
];
|
||||
}
|
||||
}
|
||||
elseif (empty($_POST) && isset($album))
|
||||
{
|
||||
$formDefaults = get_object_vars($album);
|
||||
}
|
||||
elseif (empty($_POST) && count($parentChoices) > 1)
|
||||
{
|
||||
// Choose the first non-root album as the default parent
|
||||
@ -150,8 +146,9 @@ class EditAlbum extends HTMLController
|
||||
next($parentChoices);
|
||||
$formDefaults = ['id_parent' => key($parentChoices)];
|
||||
}
|
||||
else
|
||||
$formDefaults = $_POST;
|
||||
|
||||
if (!isset($formDefaults))
|
||||
$formDefaults = isset($album) ? get_object_vars($album) : $_POST;
|
||||
|
||||
// Create the form, add in default values.
|
||||
$this->form->setData($formDefaults);
|
||||
|
@ -67,7 +67,7 @@ class EditAsset extends HTMLController
|
||||
|
||||
// Get a list of available photo albums
|
||||
$allAlbums = [];
|
||||
foreach (Tag::getOffset(0, 9999, 'tag', 'up', true) as $album)
|
||||
foreach (PhotoAlbum::getHierarchy('tag', 'up') as $album)
|
||||
$allAlbums[$album['id_tag']] = $album['tag'];
|
||||
|
||||
// Figure out the current album id
|
||||
|
@ -39,13 +39,13 @@ class EditTag extends HTMLController
|
||||
exit;
|
||||
}
|
||||
else
|
||||
throw new Exception('Cannot delete tag: an error occured while processing the request.');
|
||||
trigger_error('Cannot delete tag: an error occured while processing the request.', E_USER_ERROR);
|
||||
}
|
||||
// Editing one, then, surely.
|
||||
else
|
||||
{
|
||||
if ($tag->kind === 'Album')
|
||||
throw new Exception('Cannot edit tag: is actually an album.');
|
||||
trigger_error('Cannot edit tag: is actually an album.', E_USER_ERROR);
|
||||
|
||||
parent::__construct('Edit tag \'' . $tag->tag . '\'');
|
||||
$form_title = 'Edit tag \'' . $tag->tag . '\'';
|
||||
|
@ -33,7 +33,7 @@ class EditUser extends HTMLController
|
||||
{
|
||||
// Don't be stupid.
|
||||
if ($current_user->getUserId() == $id_user)
|
||||
throw new Exception('Sorry, I cannot allow you to delete yourself.');
|
||||
trigger_error('Sorry, I cannot allow you to delete yourself.', E_USER_ERROR);
|
||||
|
||||
// So far so good?
|
||||
$user = Member::fromId($id_user);
|
||||
@ -43,7 +43,7 @@ class EditUser extends HTMLController
|
||||
exit;
|
||||
}
|
||||
else
|
||||
throw new Exception('Cannot delete user: an error occured while processing the request.');
|
||||
trigger_error('Cannot delete user: an error occured while processing the request.', E_USER_ERROR);
|
||||
}
|
||||
// Editing one, then, surely.
|
||||
else
|
||||
|
@ -24,9 +24,7 @@ class Login extends HTMLController
|
||||
if (Authentication::checkPassword($_POST['emailaddress'], $_POST['password']))
|
||||
{
|
||||
parent::__construct('Login');
|
||||
|
||||
$user = Member::fromEmailAddress($_POST['emailaddress']);
|
||||
$_SESSION['user_id'] = $user->getUserId();
|
||||
$_SESSION['user_id'] = Authentication::getUserId($_POST['emailaddress']);
|
||||
|
||||
if (isset($_POST['redirect_url']))
|
||||
header('Location: ' . base64_decode($_POST['redirect_url']));
|
||||
|
@ -35,14 +35,18 @@ class ManageAlbums extends HTMLController
|
||||
'tag' => [
|
||||
'header' => 'Album',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/editalbum/?id={ID_TAG}',
|
||||
'value' => 'tag',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/editalbum/?id={ID_TAG}',
|
||||
'data' => 'tag',
|
||||
],
|
||||
],
|
||||
'slug' => [
|
||||
'header' => 'Slug',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/editalbum/?id={ID_TAG}',
|
||||
'value' => 'slug',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/editalbum/?id={ID_TAG}',
|
||||
'data' => 'slug',
|
||||
],
|
||||
],
|
||||
'count' => [
|
||||
'header' => '# Photos',
|
||||
@ -50,21 +54,30 @@ class ManageAlbums extends HTMLController
|
||||
'value' => 'count',
|
||||
],
|
||||
],
|
||||
'default_sort_order' => 'tag',
|
||||
'default_sort_direction' => 'up',
|
||||
'start' => $_GET['start'] ?? 0,
|
||||
'sort_order' => $_GET['order'] ?? '',
|
||||
'sort_direction' => $_GET['dir'] ?? '',
|
||||
'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
|
||||
'sort_order' => !empty($_GET['order']) ? $_GET['order'] : null,
|
||||
'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : null,
|
||||
'title' => 'Manage albums',
|
||||
'no_items_label' => 'No albums meet the requirements of the current filter.',
|
||||
'items_per_page' => 9999,
|
||||
'index_class' => 'col-md-6',
|
||||
'base_url' => BASEURL . '/managealbums/',
|
||||
'get_data' => function($offset, $limit, $order, $direction) {
|
||||
return Tag::getOffset($offset, $limit, $order, $direction, true);
|
||||
'get_data' => function($offset = 0, $limit = 9999, $order = '', $direction = 'up') {
|
||||
if (!in_array($order, ['id_tag', 'tag', 'slug', 'count']))
|
||||
$order = 'tag';
|
||||
if (!in_array($direction, ['up', 'down']))
|
||||
$direction = 'up';
|
||||
|
||||
$rows = PhotoAlbum::getHierarchy($order, $direction);
|
||||
|
||||
return [
|
||||
'rows' => $rows,
|
||||
'order' => $order,
|
||||
'direction' => ($direction == 'up' ? 'up' : 'down'),
|
||||
];
|
||||
},
|
||||
'get_count' => function() {
|
||||
return Tag::getCount(false, 'Album', true);
|
||||
return 9999;
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -38,33 +38,12 @@ class ManageAssets extends HTMLController
|
||||
'checkbox' => [
|
||||
'header' => '<input type="checkbox" id="selectall">',
|
||||
'is_sortable' => false,
|
||||
'format' => fn($row) =>
|
||||
'<input type="checkbox" class="asset_select" name="delete[]" value="' . $row['id_asset'] . '">',
|
||||
],
|
||||
'thumbnail' => [
|
||||
'header' => ' ',
|
||||
'is_sortable' => false,
|
||||
'cell_class' => 'text-center',
|
||||
'format' => function($row) {
|
||||
$asset = Image::byRow($row);
|
||||
$width = $height = 65;
|
||||
if ($asset->isImage())
|
||||
{
|
||||
if ($asset->isPortrait())
|
||||
$width = null;
|
||||
else
|
||||
$height = null;
|
||||
|
||||
$thumb = $asset->getThumbnailUrl($width, $height);
|
||||
}
|
||||
else
|
||||
$thumb = BASEURL . '/images/nothumb.svg';
|
||||
|
||||
$width = isset($width) ? $width . 'px' : 'auto';
|
||||
$height = isset($height) ? $height . 'px' : 'auto';
|
||||
|
||||
return sprintf('<img src="%s" style="width: %s; height: %s;">', $thumb, $width, $height);
|
||||
},
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
return '<input type="checkbox" class="asset_select" name="delete[]" value="' . $row['id_asset'] . '">';
|
||||
},
|
||||
],
|
||||
],
|
||||
'id_asset' => [
|
||||
'value' => 'id_asset',
|
||||
@ -80,42 +59,72 @@ class ManageAssets extends HTMLController
|
||||
'value' => 'filename',
|
||||
'header' => 'Filename',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/editasset/?id={ID_ASSET}',
|
||||
'value' => 'filename',
|
||||
'parse' => [
|
||||
'type' => 'value',
|
||||
'link' => BASEURL . '/editasset/?id={ID_ASSET}',
|
||||
'data' => 'filename',
|
||||
],
|
||||
],
|
||||
'id_user_uploaded' => [
|
||||
'header' => 'User uploaded',
|
||||
'is_sortable' => true,
|
||||
'format' => function($row) {
|
||||
if (!empty($row['id_user']))
|
||||
return sprintf('<a href="%s/edituser/?id=%d">%s</a>', BASEURL, $row['id_user'],
|
||||
$row['first_name'] . ' ' . $row['surname']);
|
||||
else
|
||||
return 'n/a';
|
||||
},
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
if (!empty($row['id_user']))
|
||||
return sprintf('<a href="%s/edituser/?id=%d">%s</a>', BASEURL, $row['id_user'],
|
||||
$row['first_name'] . ' ' . $row['surname']);
|
||||
else
|
||||
return 'n/a';
|
||||
},
|
||||
],
|
||||
],
|
||||
'dimensions' => [
|
||||
'header' => 'Dimensions',
|
||||
'is_sortable' => false,
|
||||
'format' => function($row) {
|
||||
if (!empty($row['image_width']))
|
||||
return $row['image_width'] . ' x ' . $row['image_height'];
|
||||
else
|
||||
return 'n/a';
|
||||
},
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
if (!empty($row['image_width']))
|
||||
return $row['image_width'] . ' x ' . $row['image_height'];
|
||||
else
|
||||
return 'n/a';
|
||||
},
|
||||
],
|
||||
],
|
||||
],
|
||||
'default_sort_order' => 'id_asset',
|
||||
'default_sort_direction' => 'down',
|
||||
'start' => $_GET['start'] ?? 0,
|
||||
'sort_order' => $_GET['order'] ?? '',
|
||||
'sort_direction' => $_GET['dir'] ?? '',
|
||||
'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
|
||||
'sort_order' => !empty($_GET['order']) ? $_GET['order'] : '',
|
||||
'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : '',
|
||||
'title' => 'Manage assets',
|
||||
'no_items_label' => 'No assets meet the requirements of the current filter.',
|
||||
'items_per_page' => 30,
|
||||
'index_class' => 'col-md-6',
|
||||
'base_url' => BASEURL . '/manageassets/',
|
||||
'get_data' => 'Asset::getOffset',
|
||||
'get_data' => function($offset = 0, $limit = 30, $order = '', $direction = 'down') {
|
||||
if (!in_array($order, ['id_asset', 'id_user_uploaded', 'title', 'subdir', 'filename']))
|
||||
$order = 'id_asset';
|
||||
|
||||
$data = Registry::get('db')->queryAssocs('
|
||||
SELECT a.id_asset, a.subdir, a.filename,
|
||||
a.image_width, a.image_height,
|
||||
u.id_user, u.first_name, u.surname
|
||||
FROM assets AS a
|
||||
LEFT JOIN users AS u ON a.id_user_uploaded = u.id_user
|
||||
ORDER BY {raw:order}
|
||||
LIMIT {int:offset}, {int:limit}',
|
||||
[
|
||||
'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
]);
|
||||
|
||||
return [
|
||||
'rows' => $data,
|
||||
'order' => $order,
|
||||
'direction' => $direction,
|
||||
];
|
||||
},
|
||||
'get_count' => 'Asset::getCount',
|
||||
];
|
||||
|
||||
|
@ -14,8 +14,8 @@ class ManageErrors extends HTMLController
|
||||
if (!Registry::get('user')->isAdmin())
|
||||
throw new NotAllowedException();
|
||||
|
||||
// Clearing, are we?
|
||||
if (isset($_POST['clear']) && Session::validateSession('get'))
|
||||
// Flushing, are we?
|
||||
if (isset($_POST['flush']) && Session::validateSession('get'))
|
||||
{
|
||||
ErrorLog::flush();
|
||||
header('Location: ' . BASEURL . '/manageerrors/');
|
||||
@ -31,7 +31,7 @@ class ManageErrors extends HTMLController
|
||||
'method' => 'post',
|
||||
'class' => 'col-md-6 text-end',
|
||||
'buttons' => [
|
||||
'clear' => [
|
||||
'flush' => [
|
||||
'type' => 'submit',
|
||||
'caption' => 'Delete all',
|
||||
'class' => 'btn-danger',
|
||||
@ -39,23 +39,26 @@ class ManageErrors extends HTMLController
|
||||
],
|
||||
],
|
||||
'columns' => [
|
||||
'id_entry' => [
|
||||
'id' => [
|
||||
'value' => 'id_entry',
|
||||
'header' => '#',
|
||||
'is_sortable' => true,
|
||||
],
|
||||
'message' => [
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
return $row['message'] . '<br>' .
|
||||
'<div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
|
||||
'<pre style="display: none">' . htmlspecialchars($row['debug_info']) .
|
||||
'</pre></div>' .
|
||||
'<small><a href="' . BASEURL .
|
||||
htmlspecialchars($row['request_uri']) . '">' .
|
||||
htmlspecialchars($row['request_uri']) . '</a></small>';
|
||||
}
|
||||
],
|
||||
'header' => 'Message / URL',
|
||||
'is_sortable' => false,
|
||||
'format' => function($row) {
|
||||
return $row['message'] . '<br>' .
|
||||
'<div><a onclick="this.parentNode.childNodes[1].style.display=\'block\';this.style.display=\'none\';">Show debug info</a>' .
|
||||
'<pre style="display: none">' . htmlspecialchars($row['debug_info']) .
|
||||
'</pre></div>' .
|
||||
'<small><a href="' . BASEURL .
|
||||
htmlspecialchars($row['request_uri']) . '">' .
|
||||
htmlspecialchars($row['request_uri']) . '</a></small>';
|
||||
},
|
||||
],
|
||||
'file' => [
|
||||
'value' => 'file',
|
||||
@ -68,10 +71,12 @@ class ManageErrors extends HTMLController
|
||||
'is_sortable' => true,
|
||||
],
|
||||
'time' => [
|
||||
'format' => [
|
||||
'parse' => [
|
||||
'type' => 'timestamp',
|
||||
'pattern' => 'long',
|
||||
'value' => 'time',
|
||||
'data' => [
|
||||
'timestamp' => 'time',
|
||||
'pattern' => 'long',
|
||||
],
|
||||
],
|
||||
'header' => 'Time',
|
||||
'is_sortable' => true,
|
||||
@ -84,21 +89,41 @@ class ManageErrors extends HTMLController
|
||||
'uid' => [
|
||||
'header' => 'UID',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'value' => 'id_user',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'data' => 'id_user',
|
||||
],
|
||||
],
|
||||
],
|
||||
'default_sort_order' => 'id_entry',
|
||||
'default_sort_direction' => 'down',
|
||||
'start' => $_GET['start'] ?? 0,
|
||||
'sort_order' => $_GET['order'] ?? '',
|
||||
'sort_direction' => $_GET['dir'] ?? '',
|
||||
'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
|
||||
'sort_order' => !empty($_GET['order']) ? $_GET['order'] : '',
|
||||
'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : '',
|
||||
'no_items_label' => "No errors to display -- we're all good!",
|
||||
'items_per_page' => 20,
|
||||
'index_class' => 'col-md-6',
|
||||
'base_url' => BASEURL . '/manageerrors/',
|
||||
'get_count' => 'ErrorLog::getCount',
|
||||
'get_data' => 'ErrorLog::getOffset',
|
||||
'get_data' => function($offset = 0, $limit = 20, $order = '', $direction = 'down') {
|
||||
if (!in_array($order, ['id_entry', 'file', 'line', 'time', 'ipaddress', 'id_user']))
|
||||
$order = 'id_entry';
|
||||
|
||||
$data = Registry::get('db')->queryAssocs('
|
||||
SELECT *
|
||||
FROM log_errors
|
||||
ORDER BY {raw:order}
|
||||
LIMIT {int:offset}, {int:limit}',
|
||||
[
|
||||
'order' => $order . ($direction === 'up' ? ' ASC' : ' DESC'),
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
]);
|
||||
|
||||
return [
|
||||
'rows' => $data,
|
||||
'order' => $order,
|
||||
'direction' => $direction,
|
||||
];
|
||||
},
|
||||
];
|
||||
|
||||
$error_log = new GenericTable($options);
|
||||
|
@ -37,25 +37,32 @@ class ManageTags extends HTMLController
|
||||
'tag' => [
|
||||
'header' => 'Tag',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/edittag/?id={ID_TAG}',
|
||||
'value' => 'tag',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/edittag/?id={ID_TAG}',
|
||||
'data' => 'tag',
|
||||
],
|
||||
],
|
||||
'slug' => [
|
||||
'header' => 'Slug',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/edittag/?id={ID_TAG}',
|
||||
'value' => 'slug',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/edittag/?id={ID_TAG}',
|
||||
'data' => 'slug',
|
||||
],
|
||||
],
|
||||
'id_user_owner' => [
|
||||
'header' => 'Owning user',
|
||||
'is_sortable' => true,
|
||||
'format' => function($row) {
|
||||
if (!empty($row['id_user']))
|
||||
return sprintf('<a href="%s/edituser/?id=%d">%s</a>', BASEURL, $row['id_user'],
|
||||
$row['first_name'] . ' ' . $row['surname']);
|
||||
else
|
||||
return 'n/a';
|
||||
},
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
if (!empty($row['id_user']))
|
||||
return sprintf('<a href="%s/edituser/?id=%d">%s</a>', BASEURL, $row['id_user'],
|
||||
$row['first_name'] . ' ' . $row['surname']);
|
||||
else
|
||||
return 'n/a';
|
||||
},
|
||||
],
|
||||
],
|
||||
'count' => [
|
||||
'header' => 'Cardinality',
|
||||
@ -63,21 +70,46 @@ class ManageTags extends HTMLController
|
||||
'value' => 'count',
|
||||
],
|
||||
],
|
||||
'default_sort_order' => 'tag',
|
||||
'default_sort_direction' => 'up',
|
||||
'start' => $_GET['start'] ?? 0,
|
||||
'sort_order' => $_GET['order'] ?? '',
|
||||
'sort_direction' => $_GET['dir'] ?? '',
|
||||
'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
|
||||
'sort_order' => !empty($_GET['order']) ? $_GET['order'] : null,
|
||||
'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : null,
|
||||
'title' => 'Manage tags',
|
||||
'no_items_label' => 'No tags meet the requirements of the current filter.',
|
||||
'items_per_page' => 30,
|
||||
'index_class' => 'col-md-6',
|
||||
'base_url' => BASEURL . '/managetags/',
|
||||
'get_data' => function($offset, $limit, $order, $direction) {
|
||||
return Tag::getOffset($offset, $limit, $order, $direction, false);
|
||||
'get_data' => function($offset = 0, $limit = 30, $order = '', $direction = 'up') {
|
||||
if (!in_array($order, ['id_tag', 'tag', 'slug', 'kind', 'count']))
|
||||
$order = 'tag';
|
||||
if (!in_array($direction, ['up', 'down']))
|
||||
$direction = 'up';
|
||||
|
||||
$data = Registry::get('db')->queryAssocs('
|
||||
SELECT t.*, u.id_user, u.first_name, u.surname
|
||||
FROM tags AS t
|
||||
LEFT JOIN users AS u ON t.id_user_owner = u.id_user
|
||||
WHERE kind != {string:album}
|
||||
ORDER BY {raw:order}
|
||||
LIMIT {int:offset}, {int:limit}',
|
||||
[
|
||||
'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
'album' => 'Album',
|
||||
]);
|
||||
|
||||
return [
|
||||
'rows' => $data,
|
||||
'order' => $order,
|
||||
'direction' => ($direction == 'up' ? 'up' : 'down'),
|
||||
];
|
||||
},
|
||||
'get_count' => function() {
|
||||
return Tag::getCount(false, null, false);
|
||||
return Registry::get('db')->queryValue('
|
||||
SELECT COUNT(*)
|
||||
FROM tags
|
||||
WHERE kind != {string:album}',
|
||||
['album' => 'Album']);
|
||||
}
|
||||
];
|
||||
|
||||
|
@ -37,20 +37,26 @@ class ManageUsers extends HTMLController
|
||||
'surname' => [
|
||||
'header' => 'Last name',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'value' => 'surname',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'data' => 'surname',
|
||||
],
|
||||
],
|
||||
'first_name' => [
|
||||
'header' => 'First name',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'value' => 'first_name',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'data' => 'first_name',
|
||||
],
|
||||
],
|
||||
'slug' => [
|
||||
'header' => 'Slug',
|
||||
'is_sortable' => true,
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'value' => 'slug',
|
||||
'parse' => [
|
||||
'link' => BASEURL . '/edituser/?id={ID_USER}',
|
||||
'data' => 'slug',
|
||||
],
|
||||
],
|
||||
'emailaddress' => [
|
||||
'value' => 'emailaddress',
|
||||
@ -58,11 +64,12 @@ class ManageUsers extends HTMLController
|
||||
'is_sortable' => true,
|
||||
],
|
||||
'last_action_time' => [
|
||||
'format' => [
|
||||
'parse' => [
|
||||
'type' => 'timestamp',
|
||||
'pattern' => 'long',
|
||||
'value' => 'last_action_time',
|
||||
'if_null' => 'n/a',
|
||||
'data' => [
|
||||
'timestamp' => 'last_action_time',
|
||||
'pattern' => 'long',
|
||||
],
|
||||
],
|
||||
'header' => 'Last activity',
|
||||
'is_sortable' => true,
|
||||
@ -75,21 +82,48 @@ class ManageUsers extends HTMLController
|
||||
'is_admin' => [
|
||||
'is_sortable' => true,
|
||||
'header' => 'Admin?',
|
||||
'format' => fn($row) => $row['is_admin'] ? 'yes' : 'no',
|
||||
'parse' => [
|
||||
'type' => 'function',
|
||||
'data' => function($row) {
|
||||
return $row['is_admin'] ? 'yes' : 'no';
|
||||
}
|
||||
],
|
||||
],
|
||||
],
|
||||
'default_sort_order' => 'id_user',
|
||||
'default_sort_direction' => 'down',
|
||||
'start' => $_GET['start'] ?? 0,
|
||||
'sort_order' => $_GET['order'] ?? '',
|
||||
'sort_direction' => $_GET['dir'] ?? '',
|
||||
'start' => !empty($_GET['start']) ? (int) $_GET['start'] : 0,
|
||||
'sort_order' => !empty($_GET['order']) ? $_GET['order'] : '',
|
||||
'sort_direction' => !empty($_GET['dir']) ? $_GET['dir'] : '',
|
||||
'title' => 'Manage users',
|
||||
'no_items_label' => 'No users meet the requirements of the current filter.',
|
||||
'items_per_page' => 30,
|
||||
'index_class' => 'col-md-6',
|
||||
'base_url' => BASEURL . '/manageusers/',
|
||||
'get_data' => 'Member::getOffset',
|
||||
'get_count' => 'Member::getCount',
|
||||
'get_data' => function($offset = 0, $limit = 30, $order = '', $direction = 'down') {
|
||||
if (!in_array($order, ['id_user', 'surname', 'first_name', 'slug', 'emailaddress', 'last_action_time', 'ip_address', 'is_admin']))
|
||||
$order = 'id_user';
|
||||
|
||||
$data = Registry::get('db')->queryAssocs('
|
||||
SELECT *
|
||||
FROM users
|
||||
ORDER BY {raw:order}
|
||||
LIMIT {int:offset}, {int:limit}',
|
||||
[
|
||||
'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
]);
|
||||
|
||||
return [
|
||||
'rows' => $data,
|
||||
'order' => $order,
|
||||
'direction' => $direction,
|
||||
];
|
||||
},
|
||||
'get_count' => function() {
|
||||
return Registry::get('db')->queryValue('
|
||||
SELECT COUNT(*)
|
||||
FROM users');
|
||||
}
|
||||
];
|
||||
|
||||
$table = new GenericTable($options);
|
||||
|
@ -16,94 +16,66 @@ class ResetPassword extends HTMLController
|
||||
|
||||
// Verifying an existing reset key?
|
||||
if (isset($_GET['step'], $_GET['email'], $_GET['key']) && $_GET['step'] == 2)
|
||||
$this->verifyResetKey();
|
||||
else
|
||||
$this->requestResetKey();
|
||||
}
|
||||
|
||||
private function requestResetKey()
|
||||
{
|
||||
parent::__construct('Reset password - ' . SITE_TITLE);
|
||||
$form = new ForgotPasswordForm();
|
||||
$this->page->adopt($form);
|
||||
|
||||
// Have they submitted an email address yet?
|
||||
if (isset($_POST['emailaddress']) && preg_match('~^.+@.+\.[a-z]+$~', trim($_POST['emailaddress'])))
|
||||
{
|
||||
$user = Member::fromEmailAddress($_POST['emailaddress']);
|
||||
if (!$user)
|
||||
{
|
||||
$form->adopt(new Alert('Invalid email address', 'The email address you provided could not be found in our system. Please try again.', 'danger'));
|
||||
return;
|
||||
}
|
||||
$email = rawurldecode($_GET['email']);
|
||||
$id_user = Authentication::getUserid($email);
|
||||
if ($id_user === false)
|
||||
throw new UserFacingException('Invalid email address. Please make sure you copied the full link in the email you received.');
|
||||
|
||||
if (Authentication::getResetTimeOut($user->getUserId()) > 0)
|
||||
{
|
||||
// Update the reset time-out to prevent hammering
|
||||
$resetTimeOut = Authentication::updateResetTimeOut($user->getUserId());
|
||||
$key = $_GET['key'];
|
||||
if (!Authentication::checkResetKey($id_user, $key))
|
||||
throw new UserFacingException('Invalid reset token. Please make sure you copied the full link in the email you received. Note: you cannot use the same token twice.');
|
||||
|
||||
// Present it to the user in a readable way
|
||||
if ($resetTimeOut > 3600)
|
||||
$timeOut = sprintf('%d hours', ceil($resetTimeOut / 3600));
|
||||
elseif ($resetTimeOut > 60)
|
||||
$timeOut = sprintf('%d minutes', ceil($resetTimeOut / 60));
|
||||
parent::__construct('Reset password - ' . SITE_TITLE);
|
||||
$form = new PasswordResetForm($email, $key);
|
||||
$this->page->adopt($form);
|
||||
|
||||
// Are they trying to set something already?
|
||||
if (isset($_POST['password1'], $_POST['password2']))
|
||||
{
|
||||
$missing = [];
|
||||
if (strlen($_POST['password1']) < 6 || !preg_match('~[^A-z]~', $_POST['password1']))
|
||||
$missing[] = 'Please fill in a password that is at least six characters long and contains at least one non-alphabetic character (e.g. a number or symbol).';
|
||||
if ($_POST['password1'] != $_POST['password2'])
|
||||
$missing[] = 'The passwords you entered do not match.';
|
||||
|
||||
// So, are we good to go?
|
||||
if (empty($missing))
|
||||
{
|
||||
Authentication::updatePassword($id_user, Authentication::computeHash($_POST['password1']));
|
||||
$_SESSION['login_msg'] = ['Your password has been reset', 'You can now use the form below to log in to your account.', 'success'];
|
||||
header('Location: ' . BASEURL . '/login/');
|
||||
exit;
|
||||
}
|
||||
else
|
||||
$timeOut = sprintf('%d seconds', $resetTimeOut);
|
||||
|
||||
$form->adopt(new Alert('Password reset token already sent', 'We already sent a password reset token to this email address recently. ' .
|
||||
'If no email was received, please wait ' . $timeOut . ' to try again.', 'error'));
|
||||
return;
|
||||
}
|
||||
|
||||
Authentication::setResetKey($user->getUserId());
|
||||
Email::resetMail($user->getUserId());
|
||||
|
||||
// Show the success message
|
||||
$this->page->clear();
|
||||
$box = new DummyBox('An email has been sent');
|
||||
$box->adopt(new Alert('', 'We have sent an email to ' . $_POST['emailaddress'] . ' containing details on how to reset your password.', 'success'));
|
||||
$this->page->adopt($box);
|
||||
$form->adopt(new Alert('Some fields require your attention', '<ul><li>' . implode('</li><li>', $missing) . '</li></ul>', 'danger'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private function verifyResetKey()
|
||||
{
|
||||
$email = rawurldecode($_GET['email']);
|
||||
$user = Member::fromEmailAddress($email);
|
||||
if (!$user)
|
||||
throw new UserFacingException('Invalid email address. Please make sure you copied the full link in the email you received.');
|
||||
|
||||
$key = $_GET['key'];
|
||||
if (!Authentication::checkResetKey($user->getUserId(), $key))
|
||||
throw new UserFacingException('Invalid reset token. Please make sure you copied the full link in the email you received. Note: you cannot use the same token twice.');
|
||||
|
||||
parent::__construct('Reset password - ' . SITE_TITLE);
|
||||
$form = new PasswordResetForm($email, $key);
|
||||
$this->page->adopt($form);
|
||||
|
||||
// Are they trying to set something already?
|
||||
if (isset($_POST['password1'], $_POST['password2']))
|
||||
else
|
||||
{
|
||||
$missing = [];
|
||||
if (strlen($_POST['password1']) < 6 || !preg_match('~[^A-z]~', $_POST['password1']))
|
||||
$missing[] = 'Please fill in a password that is at least six characters long and contains at least one non-alphabetic character (e.g. a number or symbol).';
|
||||
if ($_POST['password1'] != $_POST['password2'])
|
||||
$missing[] = 'The passwords you entered do not match.';
|
||||
parent::__construct('Reset password - ' . SITE_TITLE);
|
||||
$form = new ForgotPasswordForm();
|
||||
$this->page->adopt($form);
|
||||
|
||||
// So, are we good to go?
|
||||
if (empty($missing))
|
||||
// Have they submitted an email address yet?
|
||||
if (isset($_POST['emailaddress']) && preg_match('~^.+@.+\.[a-z]+$~', trim($_POST['emailaddress'])))
|
||||
{
|
||||
Authentication::updatePassword($user->getUserId(), Authentication::computeHash($_POST['password1']));
|
||||
$id_user = Authentication::getUserid(trim($_POST['emailaddress']));
|
||||
if ($id_user === false)
|
||||
{
|
||||
$form->adopt(new Alert('Invalid email address', 'The email address you provided could not be found in our system. Please try again.', 'danger'));
|
||||
return;
|
||||
}
|
||||
|
||||
// Consume token, ensuring it isn't used again
|
||||
Authentication::consumeResetKey($user->getUserId());
|
||||
Authentication::setResetKey($id_user);
|
||||
Email::resetMail($id_user);
|
||||
|
||||
$_SESSION['login_msg'] = ['Your password has been reset', 'You can now use the form below to log in to your account.', 'success'];
|
||||
header('Location: ' . BASEURL . '/login/');
|
||||
exit;
|
||||
// Show the success message
|
||||
$this->page->clear();
|
||||
$box = new DummyBox('An email has been sent');
|
||||
$box->adopt(new Alert('', 'We have sent an email to ' . $_POST['emailaddress'] . ' containing details on how to reset your password.', 'success'));
|
||||
$this->page->adopt($box);
|
||||
}
|
||||
else
|
||||
$form->adopt(new Alert('Some fields require your attention', '<ul><li>' . implode('</li><li>', $missing) . '</li></ul>', 'danger'));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -289,4 +289,10 @@ class ViewPhotoAlbum extends HTMLController
|
||||
$description = !empty($tag->description) ? $tag->description : '';
|
||||
return new AlbumHeaderBox($tag->tag, $description, $back_link, $back_link_title);
|
||||
}
|
||||
|
||||
public function __destruct()
|
||||
{
|
||||
if (isset($this->iterator))
|
||||
$this->iterator->clean();
|
||||
}
|
||||
}
|
||||
|
@ -54,4 +54,10 @@ class ViewTimeline extends HTMLController
|
||||
// Set the canonical url.
|
||||
$this->page->setCanonicalUrl(BASEURL . '/timeline/');
|
||||
}
|
||||
|
||||
public function __destruct()
|
||||
{
|
||||
if (isset($this->iterator))
|
||||
$this->iterator->clean();
|
||||
}
|
||||
}
|
||||
|
@ -1,2 +0,0 @@
|
||||
/* Add time-out to password reset keys, and prevent repeated mails */
|
||||
ALTER TABLE `users` ADD `reset_blocked_until` INT UNSIGNED NULL AFTER `reset_key`;
|
211
models/Asset.php
211
models/Asset.php
@ -24,7 +24,7 @@ class Asset
|
||||
protected $tags;
|
||||
protected $thumbnails;
|
||||
|
||||
public function __construct(array $data)
|
||||
protected function __construct(array $data)
|
||||
{
|
||||
foreach ($data as $attribute => $value)
|
||||
{
|
||||
@ -32,7 +32,7 @@ class Asset
|
||||
$this->$attribute = $value;
|
||||
}
|
||||
|
||||
if (isset($data['date_captured']) && $data['date_captured'] !== null && !is_object($data['date_captured']))
|
||||
if (!empty($data['date_captured']) && $data['date_captured'] !== 'NULL')
|
||||
$this->date_captured = new DateTime($data['date_captured']);
|
||||
}
|
||||
|
||||
@ -56,7 +56,7 @@ class Asset
|
||||
$row = Registry::get('db')->queryAssoc('
|
||||
SELECT *
|
||||
FROM assets
|
||||
WHERE id_asset = :id_asset',
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $id_asset,
|
||||
]);
|
||||
@ -69,7 +69,7 @@ class Asset
|
||||
$row = Registry::get('db')->queryAssoc('
|
||||
SELECT *
|
||||
FROM assets
|
||||
WHERE slug = :slug',
|
||||
WHERE slug = {string:slug}',
|
||||
[
|
||||
'slug' => $slug,
|
||||
]);
|
||||
@ -85,7 +85,7 @@ class Asset
|
||||
$row['meta'] = $db->queryPair('
|
||||
SELECT variable, value
|
||||
FROM assets_meta
|
||||
WHERE id_asset = :id_asset',
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $row['id_asset'],
|
||||
]);
|
||||
@ -94,20 +94,21 @@ class Asset
|
||||
$row['thumbnails'] = $db->queryPair('
|
||||
SELECT
|
||||
CONCAT(
|
||||
width, :x, height,
|
||||
IF(mode != :empty1, CONCAT(:_, mode), :empty2)
|
||||
width,
|
||||
{string:x},
|
||||
height,
|
||||
IF(mode != {string:empty}, CONCAT({string:_}, mode), {string:empty})
|
||||
) AS selector, filename
|
||||
FROM assets_thumbs
|
||||
WHERE id_asset = :id_asset',
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $row['id_asset'],
|
||||
'empty1' => '',
|
||||
'empty2' => '',
|
||||
'empty' => '',
|
||||
'x' => 'x',
|
||||
'_' => '_',
|
||||
]);
|
||||
|
||||
return $return_format === 'object' ? new static($row) : $row;
|
||||
return $return_format == 'object' ? new Asset($row) : $row;
|
||||
}
|
||||
|
||||
public static function fromIds(array $id_assets, $return_format = 'array')
|
||||
@ -120,14 +121,14 @@ class Asset
|
||||
$res = $db->query('
|
||||
SELECT *
|
||||
FROM assets
|
||||
WHERE id_asset IN (@id_assets)
|
||||
WHERE id_asset IN ({array_int:id_assets})
|
||||
ORDER BY id_asset',
|
||||
[
|
||||
'id_assets' => $id_assets,
|
||||
]);
|
||||
|
||||
$assets = [];
|
||||
while ($asset = $db->fetchAssoc($res))
|
||||
while ($asset = $db->fetch_assoc($res))
|
||||
{
|
||||
$assets[$asset['id_asset']] = $asset;
|
||||
$assets[$asset['id_asset']]['meta'] = [];
|
||||
@ -137,7 +138,7 @@ class Asset
|
||||
$metas = $db->queryRows('
|
||||
SELECT id_asset, variable, value
|
||||
FROM assets_meta
|
||||
WHERE id_asset IN (@id_assets)
|
||||
WHERE id_asset IN ({array_int:id_assets})
|
||||
ORDER BY id_asset',
|
||||
[
|
||||
'id_assets' => $id_assets,
|
||||
@ -149,16 +150,17 @@ class Asset
|
||||
$thumbnails = $db->queryRows('
|
||||
SELECT id_asset,
|
||||
CONCAT(
|
||||
width, :x, height,
|
||||
IF(mode != :empty1, CONCAT(:_, mode), :empty2)
|
||||
width,
|
||||
{string:x},
|
||||
height,
|
||||
IF(mode != {string:empty}, CONCAT({string:_}, mode), {string:empty})
|
||||
) AS selector, filename
|
||||
FROM assets_thumbs
|
||||
WHERE id_asset IN (@id_assets)
|
||||
WHERE id_asset IN ({array_int:id_assets})
|
||||
ORDER BY id_asset',
|
||||
[
|
||||
'id_assets' => $id_assets,
|
||||
'empty1' => '',
|
||||
'empty2' => '',
|
||||
'empty' => '',
|
||||
'x' => 'x',
|
||||
'_' => '_',
|
||||
]);
|
||||
@ -166,10 +168,8 @@ class Asset
|
||||
foreach ($thumbnails as $thumb)
|
||||
$assets[$thumb[0]]['thumbnails'][$thumb[1]] = $thumb[2];
|
||||
|
||||
if ($return_format === 'array')
|
||||
{
|
||||
if ($return_format == 'array')
|
||||
return $assets;
|
||||
}
|
||||
else
|
||||
{
|
||||
$objects = [];
|
||||
@ -262,10 +262,10 @@ class Asset
|
||||
INSERT INTO assets
|
||||
(id_user_uploaded, subdir, filename, title, slug, mimetype, image_width, image_height, date_captured, priority)
|
||||
VALUES
|
||||
(:id_user_uploaded, :subdir, :filename, :title, :slug, :mimetype,
|
||||
:image_width, :image_height,
|
||||
IF(:date_captured > 0, FROM_UNIXTIME(:date_captured), NULL),
|
||||
:priority)',
|
||||
({int:id_user_uploaded}, {string:subdir}, {string:filename}, {string:title}, {string:slug}, {string:mimetype},
|
||||
{int:image_width}, {int:image_height},
|
||||
IF({int:date_captured} > 0, FROM_UNIXTIME({int:date_captured}), NULL),
|
||||
{int:priority})',
|
||||
[
|
||||
'id_user_uploaded' => isset($id_user) ? $id_user : Registry::get('user')->getUserId(),
|
||||
'subdir' => $preferred_subdir,
|
||||
@ -273,9 +273,9 @@ class Asset
|
||||
'title' => $title,
|
||||
'slug' => $slug,
|
||||
'mimetype' => $mimetype,
|
||||
'image_width' => isset($image_width) ? $image_width : null,
|
||||
'image_height' => isset($image_height) ? $image_height : null,
|
||||
'date_captured' => isset($date_captured) ? $date_captured : null,
|
||||
'image_width' => isset($image_width) ? $image_width : 'NULL',
|
||||
'image_height' => isset($image_height) ? $image_height : 'NULL',
|
||||
'date_captured' => isset($date_captured) ? $date_captured : 'NULL',
|
||||
'priority' => isset($priority) ? (int) $priority : 0,
|
||||
]);
|
||||
|
||||
@ -285,7 +285,7 @@ class Asset
|
||||
return false;
|
||||
}
|
||||
|
||||
$data['id_asset'] = $db->insertId();
|
||||
$data['id_asset'] = $db->insert_id();
|
||||
return $return_format === 'object' ? new self($data) : $data;
|
||||
}
|
||||
|
||||
@ -324,7 +324,7 @@ class Asset
|
||||
$posts = Registry::get('db')->queryValues('
|
||||
SELECT id_post
|
||||
FROM posts_assets
|
||||
WHERE id_asset = :id_asset',
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
['id_asset' => $this->id_asset]);
|
||||
|
||||
// TODO: fix empty post iterator.
|
||||
@ -495,18 +495,18 @@ class Asset
|
||||
return Registry::get('db')->query('
|
||||
UPDATE assets
|
||||
SET
|
||||
mimetype = :mimetype,
|
||||
image_width = :image_width,
|
||||
image_height = :image_height,
|
||||
date_captured = :date_captured,
|
||||
priority = :priority
|
||||
WHERE id_asset = :id_asset',
|
||||
mimetype = {string:mimetype},
|
||||
image_width = {int:image_width},
|
||||
image_height = {int:image_height},
|
||||
date_captured = {datetime:date_captured},
|
||||
priority = {int:priority}
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
'mimetype' => $this->mimetype,
|
||||
'image_width' => isset($this->image_width) ? $this->image_width : null,
|
||||
'image_height' => isset($this->image_height) ? $this->image_height : null,
|
||||
'date_captured' => isset($this->date_captured) ? $this->date_captured : null,
|
||||
'image_width' => isset($this->image_width) ? $this->image_width : 'NULL',
|
||||
'image_height' => isset($this->image_height) ? $this->image_height : 'NULL',
|
||||
'date_captured' => isset($this->date_captured) ? $this->date_captured : 'NULL',
|
||||
'priority' => $this->priority,
|
||||
]);
|
||||
}
|
||||
@ -527,8 +527,8 @@ class Asset
|
||||
if (!empty($to_remove))
|
||||
$db->query('
|
||||
DELETE FROM assets_meta
|
||||
WHERE id_asset = :id_asset AND
|
||||
variable IN(@variables)',
|
||||
WHERE id_asset = {int:id_asset} AND
|
||||
variable IN({array_string:variables})',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
'variables' => array_keys($to_remove),
|
||||
@ -559,40 +559,63 @@ class Asset
|
||||
{
|
||||
$db = Registry::get('db');
|
||||
|
||||
// Delete any and all thumbnails, if this is an image.
|
||||
if ($this->isImage())
|
||||
{
|
||||
$image = $this->getImage();
|
||||
$image->removeAllThumbnails();
|
||||
}
|
||||
|
||||
// Delete all meta info for this asset.
|
||||
// First: delete associated metadata
|
||||
$db->query('
|
||||
DELETE FROM assets_meta
|
||||
WHERE id_asset = :id_asset',
|
||||
['id_asset' => $this->id_asset]);
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
// Figure out what tags to recount cardinality for
|
||||
// Second: figure out what tags to recount cardinality for
|
||||
$recount_tags = $db->queryValues('
|
||||
SELECT id_tag
|
||||
FROM assets_tags
|
||||
WHERE id_asset = :id_asset',
|
||||
['id_asset' => $this->id_asset]);
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
// Delete asset association for these tags
|
||||
$db->query('
|
||||
DELETE FROM assets_tags
|
||||
WHERE id_asset = :id_asset',
|
||||
['id_asset' => $this->id_asset]);
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
Tag::recount($recount_tags);
|
||||
|
||||
// Third: figure out what associated thumbs to delete
|
||||
$thumbs_to_delete = $db->queryValues('
|
||||
SELECT filename
|
||||
FROM assets_thumbs
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
foreach ($thumbs_to_delete as $filename)
|
||||
{
|
||||
$thumb_path = THUMBSDIR . '/' . $this->subdir . '/' . $filename;
|
||||
if (is_file($thumb_path))
|
||||
unlink($thumb_path);
|
||||
}
|
||||
|
||||
$db->query('
|
||||
DELETE FROM assets_thumbs
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
// Reset asset ID for tags that use this asset for their thumbnail
|
||||
$rows = $db->queryValues('
|
||||
$rows = $db->query('
|
||||
SELECT id_tag
|
||||
FROM tags
|
||||
WHERE id_asset_thumb = :id_asset',
|
||||
['id_asset' => $this->id_asset]);
|
||||
WHERE id_asset_thumb = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
if (!empty($rows))
|
||||
{
|
||||
@ -609,8 +632,10 @@ class Asset
|
||||
|
||||
$return = $db->query('
|
||||
DELETE FROM assets
|
||||
WHERE id_asset = :id_asset',
|
||||
['id_asset' => $this->id_asset]);
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
]);
|
||||
|
||||
return $return;
|
||||
}
|
||||
@ -639,7 +664,7 @@ class Asset
|
||||
|
||||
Registry::get('db')->query('
|
||||
DELETE FROM assets_tags
|
||||
WHERE id_asset = :id_asset AND id_tag IN (@id_tags)',
|
||||
WHERE id_asset = {int:id_asset} AND id_tag IN ({array_int:id_tags})',
|
||||
[
|
||||
'id_asset' => $this->id_asset,
|
||||
'id_tags' => $id_tags,
|
||||
@ -655,24 +680,6 @@ class Asset
|
||||
FROM assets');
|
||||
}
|
||||
|
||||
public static function getOffset($offset, $limit, $order, $direction)
|
||||
{
|
||||
$order = $order . ($direction == 'up' ? ' ASC' : ' DESC');
|
||||
|
||||
return Registry::get('db')->queryAssocs('
|
||||
SELECT a.id_asset, a.subdir, a.filename,
|
||||
a.image_width, a.image_height, a.mimetype,
|
||||
u.id_user, u.first_name, u.surname
|
||||
FROM assets AS a
|
||||
LEFT JOIN users AS u ON a.id_user_uploaded = u.id_user
|
||||
ORDER BY ' . $order . '
|
||||
LIMIT :offset, :limit',
|
||||
[
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
]);
|
||||
}
|
||||
|
||||
public function save()
|
||||
{
|
||||
if (empty($this->id_asset))
|
||||
@ -680,16 +687,18 @@ class Asset
|
||||
|
||||
return Registry::get('db')->query('
|
||||
UPDATE assets
|
||||
SET subdir = :subdir,
|
||||
filename = :filename,
|
||||
title = :title,
|
||||
slug = :slug,
|
||||
mimetype = :mimetype,
|
||||
image_width = :image_width,
|
||||
image_height = :image_height,
|
||||
date_captured = :date_captured,
|
||||
priority = :priority
|
||||
WHERE id_asset = :id_asset',
|
||||
SET id_asset = {int:id_asset},
|
||||
id_user_uploaded = {int:id_user_uploaded},
|
||||
subdir = {string:subdir},
|
||||
filename = {string:filename},
|
||||
title = {string:title},
|
||||
slug = {string:slug},
|
||||
mimetype = {string:mimetype},
|
||||
image_width = {int:image_width},
|
||||
image_height = {int:image_height},
|
||||
date_captured = {datetime:date_captured},
|
||||
priority = {int:priority}
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
get_object_vars($this));
|
||||
}
|
||||
|
||||
@ -707,27 +716,27 @@ class Asset
|
||||
// Direction depends on whether we're browsing a tag or timeline
|
||||
if (isset($tag))
|
||||
{
|
||||
$where[] = 't.id_tag = :id_tag';
|
||||
$where[] = 't.id_tag = {int:id_tag}';
|
||||
$params['id_tag'] = $tag->id_tag;
|
||||
$where_op = $previous ? '<' : '>';
|
||||
$order_dir = $previous ? 'DESC' : 'ASC';
|
||||
$params['where_op'] = $previous ? '<' : '>';
|
||||
$params['order_dir'] = $previous ? 'DESC' : 'ASC';
|
||||
}
|
||||
else
|
||||
{
|
||||
$where_op = $previous ? '>' : '<';
|
||||
$order_dir = $previous ? 'ASC' : 'DESC';
|
||||
$params['where_op'] = $previous ? '>' : '<';
|
||||
$params['order_dir'] = $previous ? 'ASC' : 'DESC';
|
||||
}
|
||||
|
||||
// Take active filter into account as well
|
||||
if (!empty($activeFilter) && ($user = Member::fromSlug($activeFilter)) !== false)
|
||||
{
|
||||
$where[] = 'id_user_uploaded = :id_user_uploaded';
|
||||
$where[] = 'id_user_uploaded = {int:id_user_uploaded}';
|
||||
$params['id_user_uploaded'] = $user->getUserId();
|
||||
}
|
||||
|
||||
// Use complete ordering when sorting the set
|
||||
$where[] = '(a.date_captured, a.id_asset) ' . $where_op .
|
||||
' (:date_captured, :id_asset)';
|
||||
$where[] = '(a.date_captured, a.id_asset) {raw:where_op} ' .
|
||||
'({datetime:date_captured}, {int:id_asset})';
|
||||
|
||||
// Stringify conditions together
|
||||
$where = '(' . implode(') AND (', $where) . ')';
|
||||
@ -739,7 +748,7 @@ class Asset
|
||||
' . (isset($tag) ? '
|
||||
INNER JOIN assets_tags AS t ON a.id_asset = t.id_asset' : '') . '
|
||||
WHERE ' . $where . '
|
||||
ORDER BY a.date_captured ' . $order_dir . ', a.id_asset ' . $order_dir . '
|
||||
ORDER BY a.date_captured {raw:order_dir}, a.id_asset {raw:order_dir}
|
||||
LIMIT 1',
|
||||
$params);
|
||||
|
||||
|
@ -1,50 +1,42 @@
|
||||
<?php
|
||||
/*****************************************************************************
|
||||
* AssetIterator.php
|
||||
* Contains model class AssetIterator.
|
||||
* Contains key class AssetIterator.
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2025, Aaron van Geffen
|
||||
* Kabuki CMS (C) 2013-2015, Aaron van Geffen
|
||||
*****************************************************************************/
|
||||
|
||||
class AssetIterator implements Iterator
|
||||
class AssetIterator extends Asset
|
||||
{
|
||||
private Database $db;
|
||||
private $direction;
|
||||
|
||||
private $return_format;
|
||||
private $rowCount;
|
||||
private $res_assets;
|
||||
private $res_meta;
|
||||
private $res_thumbs;
|
||||
|
||||
private $assets_iterator;
|
||||
private $meta_iterator;
|
||||
private $thumbs_iterator;
|
||||
|
||||
protected function __construct(PDOStatement $stmt_assets, PDOStatement $stmt_meta, PDOStatement $stmt_thumbs,
|
||||
$return_format, $direction)
|
||||
protected function __construct($res_assets, $res_meta, $res_thumbs, $return_format, $direction)
|
||||
{
|
||||
$this->db = Registry::get('db');
|
||||
$this->direction = $direction;
|
||||
$this->res_assets = $res_assets;
|
||||
$this->res_meta = $res_meta;
|
||||
$this->res_thumbs = $res_thumbs;
|
||||
$this->return_format = $return_format;
|
||||
$this->rowCount = $stmt_assets->rowCount();
|
||||
|
||||
$this->assets_iterator = new CachedPDOIterator($stmt_assets);
|
||||
$this->assets_iterator->rewind();
|
||||
|
||||
$this->meta_iterator = new CachedPDOIterator($stmt_meta);
|
||||
$this->thumbs_iterator = new CachedPDOIterator($stmt_thumbs);
|
||||
}
|
||||
|
||||
public static function all()
|
||||
public function next()
|
||||
{
|
||||
return self::getByOptions();
|
||||
}
|
||||
$row = $this->db->fetch_assoc($this->res_assets);
|
||||
|
||||
public function current(): mixed
|
||||
{
|
||||
$row = $this->assets_iterator->current();
|
||||
// No more rows?
|
||||
if (!$row)
|
||||
return $row;
|
||||
return false;
|
||||
|
||||
// Collect metadata
|
||||
// Looks up metadata.
|
||||
$row['meta'] = [];
|
||||
$this->meta_iterator->rewind();
|
||||
foreach ($this->meta_iterator as $meta)
|
||||
while ($meta = $this->db->fetch_assoc($this->res_meta))
|
||||
{
|
||||
if ($meta['id_asset'] != $row['id_asset'])
|
||||
continue;
|
||||
@ -52,23 +44,54 @@ class AssetIterator implements Iterator
|
||||
$row['meta'][$meta['variable']] = $meta['value'];
|
||||
}
|
||||
|
||||
// Collect thumbnails
|
||||
// Reset internal pointer for next asset.
|
||||
$this->db->data_seek($this->res_meta, 0);
|
||||
|
||||
// Looks up thumbnails.
|
||||
$row['thumbnails'] = [];
|
||||
$this->thumbs_iterator->rewind();
|
||||
foreach ($this->thumbs_iterator as $thumb)
|
||||
while ($thumbs = $this->db->fetch_assoc($this->res_thumbs))
|
||||
{
|
||||
if ($thumb['id_asset'] != $row['id_asset'])
|
||||
if ($thumbs['id_asset'] != $row['id_asset'])
|
||||
continue;
|
||||
|
||||
$row['thumbnails'][$thumb['selector']] = $thumb['filename'];
|
||||
$row['thumbnails'][$thumbs['selector']] = $thumbs['filename'];
|
||||
}
|
||||
|
||||
// Reset internal pointer for next asset.
|
||||
$this->db->data_seek($this->res_thumbs, 0);
|
||||
|
||||
if ($this->return_format === 'object')
|
||||
return new Asset($row);
|
||||
else
|
||||
return $row;
|
||||
}
|
||||
|
||||
public function reset()
|
||||
{
|
||||
$this->db->data_seek($this->res_assets, 0);
|
||||
$this->db->data_seek($this->res_meta, 0);
|
||||
$this->db->data_seek($this->res_thumbs, 0);
|
||||
}
|
||||
|
||||
public function clean()
|
||||
{
|
||||
if (!$this->res_assets)
|
||||
return;
|
||||
|
||||
$this->db->free_result($this->res_assets);
|
||||
$this->res_assets = null;
|
||||
}
|
||||
|
||||
public function num()
|
||||
{
|
||||
return $this->db->num_rows($this->res_assets);
|
||||
}
|
||||
|
||||
public static function all()
|
||||
{
|
||||
return self::getByOptions();
|
||||
}
|
||||
|
||||
public static function getByOptions(array $options = [], $return_count = false, $return_format = 'object')
|
||||
{
|
||||
$params = [
|
||||
@ -91,9 +114,9 @@ class AssetIterator implements Iterator
|
||||
{
|
||||
$params['mime_type'] = $options['mime_type'];
|
||||
if (is_array($options['mime_type']))
|
||||
$where[] = 'a.mimetype IN(@mime_type)';
|
||||
$where[] = 'a.mimetype IN({array_string:mime_type})';
|
||||
else
|
||||
$where[] = 'a.mimetype = :mime_type';
|
||||
$where[] = 'a.mimetype = {string:mime_type}';
|
||||
}
|
||||
if (isset($options['id_user_uploaded']))
|
||||
{
|
||||
@ -106,17 +129,7 @@ class AssetIterator implements Iterator
|
||||
$where[] = 'id_asset IN(
|
||||
SELECT l.id_asset
|
||||
FROM assets_tags AS l
|
||||
WHERE l.id_tag = :id_tag)';
|
||||
}
|
||||
elseif (isset($options['tag']))
|
||||
{
|
||||
$params['tag'] = $options['tag'];
|
||||
$where[] = 'id_asset IN(
|
||||
SELECT l.id_asset
|
||||
FROM assets_tags AS l
|
||||
INNER JOIN tags AS t
|
||||
ON l.id_tag = t.id_tag
|
||||
WHERE t.slug = :tag)';
|
||||
WHERE l.id_tag = {int:id_tag})';
|
||||
}
|
||||
|
||||
// Make it valid SQL.
|
||||
@ -132,7 +145,7 @@ class AssetIterator implements Iterator
|
||||
FROM assets AS a
|
||||
WHERE ' . $where . '
|
||||
ORDER BY ' . $order . (!empty($params['limit']) ? '
|
||||
LIMIT :offset, :limit' : ''),
|
||||
LIMIT {int:offset}, {int:limit}' : ''),
|
||||
$params);
|
||||
|
||||
// Get a resource object for the asset meta.
|
||||
@ -152,9 +165,9 @@ class AssetIterator implements Iterator
|
||||
SELECT id_asset, filename,
|
||||
CONCAT(
|
||||
width,
|
||||
:x,
|
||||
{string:x},
|
||||
height,
|
||||
IF(mode != :empty1, CONCAT(:_, mode), :empty2)
|
||||
IF(mode != {string:empty}, CONCAT({string:_}, mode), {string:empty})
|
||||
) AS selector
|
||||
FROM assets_thumbs
|
||||
WHERE id_asset IN(
|
||||
@ -164,8 +177,7 @@ class AssetIterator implements Iterator
|
||||
)
|
||||
ORDER BY id_asset',
|
||||
$params + [
|
||||
'empty1' => '',
|
||||
'empty2' => '',
|
||||
'empty' => '',
|
||||
'x' => 'x',
|
||||
'_' => '_',
|
||||
]);
|
||||
@ -187,38 +199,13 @@ class AssetIterator implements Iterator
|
||||
return $iterator;
|
||||
}
|
||||
|
||||
public function key(): mixed
|
||||
{
|
||||
return $this->assets_iterator->key();
|
||||
}
|
||||
|
||||
public function isAscending(): bool
|
||||
public function isAscending()
|
||||
{
|
||||
return $this->direction === 'asc';
|
||||
}
|
||||
|
||||
public function isDescending(): bool
|
||||
public function isDescending()
|
||||
{
|
||||
return $this->direction === 'desc';
|
||||
}
|
||||
|
||||
public function next(): void
|
||||
{
|
||||
$this->assets_iterator->next();
|
||||
}
|
||||
|
||||
public function num(): int
|
||||
{
|
||||
return $this->rowCount;
|
||||
}
|
||||
|
||||
public function rewind(): void
|
||||
{
|
||||
$this->assets_iterator->rewind();
|
||||
}
|
||||
|
||||
public function valid(): bool
|
||||
{
|
||||
return $this->assets_iterator->valid();
|
||||
}
|
||||
}
|
||||
|
@ -12,27 +12,48 @@
|
||||
*/
|
||||
class Authentication
|
||||
{
|
||||
const DEFAULT_RESET_TIMEOUT = 30;
|
||||
/**
|
||||
* Checks whether a user still exists in the database.
|
||||
*/
|
||||
public static function checkExists($id_user)
|
||||
{
|
||||
$res = Registry::get('db')->queryValue('
|
||||
SELECT id_user
|
||||
FROM users
|
||||
WHERE id_user = {int:id}',
|
||||
[
|
||||
'id' => $id_user,
|
||||
]);
|
||||
|
||||
return $res !== null;
|
||||
}
|
||||
|
||||
/**
|
||||
* Checks a password for a given username against the database.
|
||||
* Finds the user id belonging to a certain emailaddress.
|
||||
*/
|
||||
public static function checkPassword($emailaddress, $password)
|
||||
public static function getUserId($emailaddress)
|
||||
{
|
||||
// Retrieve password hash for user matching the provided emailaddress.
|
||||
$password_hash = Registry::get('db')->queryValue('
|
||||
SELECT password_hash
|
||||
$res = Registry::get('db')->queryValue('
|
||||
SELECT id_user
|
||||
FROM users
|
||||
WHERE emailaddress = :emailaddress',
|
||||
WHERE emailaddress = {string:emailaddress}',
|
||||
[
|
||||
'emailaddress' => $emailaddress,
|
||||
]);
|
||||
|
||||
// If there's no hash, the user likely does not exist.
|
||||
if (!$password_hash)
|
||||
return false;
|
||||
return empty($res) ? false : $res;
|
||||
}
|
||||
|
||||
return password_verify($password, $password_hash);
|
||||
public static function setResetKey($id_user)
|
||||
{
|
||||
return Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET reset_key = {string:key}
|
||||
WHERE id_user = {int:id}',
|
||||
[
|
||||
'id' => $id_user,
|
||||
'key' => self::newActivationKey(),
|
||||
]);
|
||||
}
|
||||
|
||||
public static function checkResetKey($id_user, $reset_key)
|
||||
@ -48,55 +69,22 @@ class Authentication
|
||||
return $key == $reset_key;
|
||||
}
|
||||
|
||||
/**
|
||||
* Computes a password hash.
|
||||
*/
|
||||
public static function computeHash($password)
|
||||
{
|
||||
$hash = password_hash($password, PASSWORD_DEFAULT);
|
||||
if (!$hash)
|
||||
throw new Exception('Hash creation failed!');
|
||||
return $hash;
|
||||
}
|
||||
|
||||
public static function consumeResetKey($id_user)
|
||||
{
|
||||
return Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET reset_key = NULL,
|
||||
reset_blocked_until = NULL
|
||||
WHERE id_user = {int:id_user}',
|
||||
['id_user' => $id_user]);
|
||||
}
|
||||
|
||||
public static function getResetTimeOut($id_user)
|
||||
{
|
||||
$resetTime = Registry::get('db')->queryValue('
|
||||
SELECT reset_blocked_until
|
||||
FROM users
|
||||
WHERE id_user = {int:id_user}',
|
||||
['id_user' => $id_user]);
|
||||
|
||||
return max(0, $resetTime - time());
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies whether the user is currently logged in.
|
||||
*/
|
||||
public static function isLoggedIn()
|
||||
{
|
||||
if (!isset($_SESSION['user_id']))
|
||||
// Check whether the active session matches the current user's environment.
|
||||
if (isset($_SESSION['ip_address'], $_SESSION['user_agent']) && (
|
||||
(isset($_SERVER['REMOTE_ADDR']) && $_SESSION['ip_address'] != $_SERVER['REMOTE_ADDR']) ||
|
||||
(isset($_SERVER['HTTP_USER_AGENT']) && $_SESSION['user_agent'] != $_SERVER['HTTP_USER_AGENT'])))
|
||||
{
|
||||
session_destroy();
|
||||
return false;
|
||||
}
|
||||
|
||||
try
|
||||
{
|
||||
$exists = Member::fromId($_SESSION['user_id']);
|
||||
return true;
|
||||
}
|
||||
catch (NotFoundException $e)
|
||||
{
|
||||
return false;
|
||||
}
|
||||
// A user is logged in if a user id exists in the session and this id is (still) in the database.
|
||||
return isset($_SESSION['user_id']) && self::checkExists($_SESSION['user_id']);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -111,17 +99,36 @@ class Authentication
|
||||
return $string;
|
||||
}
|
||||
|
||||
public static function setResetKey($id_user)
|
||||
/**
|
||||
* Checks a password for a given username against the database.
|
||||
*/
|
||||
public static function checkPassword($emailaddress, $password)
|
||||
{
|
||||
return Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET reset_key = {string:key},
|
||||
reset_blocked_until = UNIX_TIMESTAMP() + ' . static::DEFAULT_RESET_TIMEOUT . '
|
||||
WHERE id_user = {int:id}',
|
||||
// Retrieve password hash for user matching the provided emailaddress.
|
||||
$password_hash = Registry::get('db')->queryValue('
|
||||
SELECT password_hash
|
||||
FROM users
|
||||
WHERE emailaddress = {string:emailaddress}',
|
||||
[
|
||||
'id' => $id_user,
|
||||
'key' => self::newActivationKey(),
|
||||
'emailaddress' => $emailaddress,
|
||||
]);
|
||||
|
||||
// If there's no hash, the user likely does not exist.
|
||||
if (!$password_hash)
|
||||
return false;
|
||||
|
||||
return password_verify($password, $password_hash);
|
||||
}
|
||||
|
||||
/**
|
||||
* Computes a password hash.
|
||||
*/
|
||||
public static function computeHash($password)
|
||||
{
|
||||
$hash = password_hash($password, PASSWORD_DEFAULT);
|
||||
if (!$hash)
|
||||
throw new Exception('Hash creation failed!');
|
||||
return $hash;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -132,35 +139,13 @@ class Authentication
|
||||
return Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET
|
||||
password_hash = :hash,
|
||||
reset_key = :blank
|
||||
WHERE id_user = :id_user',
|
||||
password_hash = {string:hash},
|
||||
reset_key = {string:blank}
|
||||
WHERE id_user = {int:id_user}',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
'hash' => $hash,
|
||||
'blank' => '',
|
||||
]);
|
||||
}
|
||||
|
||||
public static function updateResetTimeOut($id_user)
|
||||
{
|
||||
$currentResetTimeOut = static::getResetTimeOut($id_user);
|
||||
|
||||
// New timeout: between 30 seconds, double the current timeout, and a full day
|
||||
$newResetTimeOut = min(max(static::DEFAULT_RESET_TIMEOUT, $currentResetTimeOut * 2), 60 * 60 * 24);
|
||||
|
||||
$success = Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET reset_blocked_until = {int:new_time_out}
|
||||
WHERE id_user = {int:id_user}',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
'new_time_out' => time() + $newResetTimeOut,
|
||||
]);
|
||||
|
||||
if (!$success)
|
||||
throw new UnexpectedValueException('Could not set password reset timeout!');
|
||||
|
||||
return $newResetTimeOut;
|
||||
}
|
||||
}
|
||||
|
@ -1,56 +0,0 @@
|
||||
<?php
|
||||
/*****************************************************************************
|
||||
* CachedPDOIterator.php
|
||||
* Contains model class CachedPDOIterator.
|
||||
*
|
||||
* Based on https://gist.github.com/hakre/5152090
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2021, Aaron van Geffen
|
||||
*****************************************************************************/
|
||||
|
||||
class CachedPDOIterator extends CachingIterator
|
||||
{
|
||||
private $index;
|
||||
|
||||
public function __construct(PDOStatement $statement)
|
||||
{
|
||||
parent::__construct(new IteratorIterator($statement), self::FULL_CACHE);
|
||||
}
|
||||
|
||||
public function rewind(): void
|
||||
{
|
||||
if ($this->index === null)
|
||||
{
|
||||
parent::rewind();
|
||||
}
|
||||
$this->index = 0;
|
||||
}
|
||||
|
||||
public function current(): mixed
|
||||
{
|
||||
if ($this->offsetExists($this->index))
|
||||
{
|
||||
return $this->offsetGet($this->index);
|
||||
}
|
||||
return parent::current();
|
||||
}
|
||||
|
||||
public function key(): mixed
|
||||
{
|
||||
return $this->index;
|
||||
}
|
||||
|
||||
public function next(): void
|
||||
{
|
||||
$this->index++;
|
||||
if (!$this->offsetExists($this->index))
|
||||
{
|
||||
parent::next();
|
||||
}
|
||||
}
|
||||
|
||||
public function valid(): bool
|
||||
{
|
||||
return $this->offsetExists($this->index) || parent::valid();
|
||||
}
|
||||
}
|
@ -1,34 +1,44 @@
|
||||
<?php
|
||||
/*****************************************************************************
|
||||
* Database.php
|
||||
* Contains model class Database.
|
||||
* Contains key class Database.
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2025, Aaron van Geffen
|
||||
* Adapted from SMF 2.0's DBA (C) 2011 Simple Machines
|
||||
* Used under BSD 3-clause license.
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2015, Aaron van Geffen
|
||||
*****************************************************************************/
|
||||
|
||||
/**
|
||||
* The database model used to communicate with the MySQL server.
|
||||
*/
|
||||
class Database
|
||||
{
|
||||
private $connection;
|
||||
private $query_count = 0;
|
||||
private $logged_queries = [];
|
||||
private array $db_callback;
|
||||
|
||||
public function __construct($host, $user, $password, $name)
|
||||
/**
|
||||
* Initialises a new database connection.
|
||||
* @param server: server to connect to.
|
||||
* @param user: username to use for authentication.
|
||||
* @param password: password to use for authentication.
|
||||
* @param name: database to select.
|
||||
*/
|
||||
public function __construct($server, $user, $password, $name)
|
||||
{
|
||||
try
|
||||
{
|
||||
$this->connection = new PDO("mysql:host=$host;dbname=$name;charset=utf8mb4", $user, $password, [
|
||||
PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION,
|
||||
PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
|
||||
PDO::ATTR_EMULATE_PREPARES => false,
|
||||
]);
|
||||
}
|
||||
$this->connection = @mysqli_connect($server, $user, $password, $name);
|
||||
|
||||
// Give up if we have a connection error.
|
||||
catch (PDOException $e)
|
||||
if (mysqli_connect_error())
|
||||
{
|
||||
http_response_code(503);
|
||||
header('HTTP/1.1 503 Service Temporarily Unavailable');
|
||||
echo '<h2>Database Connection Problems</h2><p>Our software could not connect to the database. We apologise for any inconvenience and ask you to check back later.</p>';
|
||||
exit;
|
||||
}
|
||||
|
||||
$this->query('SET NAMES {string:utf8mb4}', ['utf8mb4' => 'utf8mb4']);
|
||||
}
|
||||
|
||||
public function getQueryCount()
|
||||
@ -42,227 +52,305 @@ class Database
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetches a row from a given statement/recordset, using field names as keys.
|
||||
* Fetches a row from a given recordset, using field names as keys.
|
||||
*/
|
||||
public function fetchAssoc($stmt)
|
||||
public function fetch_assoc($resource)
|
||||
{
|
||||
return $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
return mysqli_fetch_assoc($resource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetches a row from a given statement/recordset, encapsulating into an object.
|
||||
* Fetches a row from a given recordset, using numeric keys.
|
||||
*/
|
||||
public function fetchObject($stmt, $class)
|
||||
public function fetch_row($resource)
|
||||
{
|
||||
return $stmt->fetchObject($class);
|
||||
return mysqli_fetch_row($resource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Fetches a row from a given statement/recordset, using numeric keys.
|
||||
* Destroys a given recordset.
|
||||
*/
|
||||
public function fetchNum($stmt)
|
||||
public function free_result($resource)
|
||||
{
|
||||
return $stmt->fetch(PDO::FETCH_NUM);
|
||||
return mysqli_free_result($resource);
|
||||
}
|
||||
|
||||
public function data_seek($result, $row_num)
|
||||
{
|
||||
return mysqli_data_seek($result, $row_num);
|
||||
}
|
||||
|
||||
/**
|
||||
* Destroys a given statement/recordset.
|
||||
* Returns the amount of rows in a given recordset.
|
||||
*/
|
||||
public function free($stmt)
|
||||
public function num_rows($resource)
|
||||
{
|
||||
return $stmt->closeCursor();
|
||||
return mysqli_num_rows($resource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the amount of rows in a given statement/recordset.
|
||||
* Returns the amount of fields in a given recordset.
|
||||
*/
|
||||
public function rowCount($stmt)
|
||||
public function num_fields($resource)
|
||||
{
|
||||
return $stmt->rowCount();
|
||||
return mysqli_num_fields($resource);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the amount of fields in a given statement/recordset.
|
||||
* Escapes a string.
|
||||
*/
|
||||
public function columnCount($stmt)
|
||||
public function escape_string($string)
|
||||
{
|
||||
return $stmt->columnCount();
|
||||
return mysqli_real_escape_string($this->connection, $string);
|
||||
}
|
||||
|
||||
/**
|
||||
* Unescapes a string.
|
||||
*/
|
||||
public function unescape_string($string)
|
||||
{
|
||||
return stripslashes($string);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the last MySQL error.
|
||||
*/
|
||||
public function error()
|
||||
{
|
||||
return mysqli_error($this->connection);
|
||||
}
|
||||
|
||||
public function server_info()
|
||||
{
|
||||
return mysqli_get_server_info($this->connection);
|
||||
}
|
||||
|
||||
/**
|
||||
* Selects a database on a given connection.
|
||||
*/
|
||||
public function select_db($database)
|
||||
{
|
||||
return mysqli_select_db($database, $this->connection);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the amount of rows affected by the previous query.
|
||||
*/
|
||||
public function affected_rows()
|
||||
{
|
||||
return mysqli_affected_rows($this->connection);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns the id of the row created by a previous query.
|
||||
*/
|
||||
public function insertId($name = null)
|
||||
public function insert_id()
|
||||
{
|
||||
return $this->connection->lastInsertId($name);
|
||||
return mysqli_insert_id($this->connection);
|
||||
}
|
||||
|
||||
/**
|
||||
* Start a transaction.
|
||||
* Do a MySQL transaction.
|
||||
*/
|
||||
public function beginTransaction()
|
||||
public function transaction($operation = 'commit')
|
||||
{
|
||||
return $this->connection->beginTransaction();
|
||||
}
|
||||
|
||||
/**
|
||||
* Rollback changes in a transaction.
|
||||
*/
|
||||
public function rollback()
|
||||
{
|
||||
return $this->connection->rollBack();
|
||||
}
|
||||
|
||||
/**
|
||||
* Commit changes in a transaction.
|
||||
*/
|
||||
public function commit()
|
||||
{
|
||||
return $this->connection->commit();
|
||||
}
|
||||
|
||||
private function expandPlaceholders($db_string, array &$db_values)
|
||||
{
|
||||
foreach ($db_values as $key => &$value)
|
||||
switch ($operation)
|
||||
{
|
||||
if (str_contains($db_string, ':' . $key))
|
||||
{
|
||||
if (is_array($value))
|
||||
{
|
||||
throw new UnexpectedValueException('Array ' . $key .
|
||||
' is used as a scalar placeholder. Did you mean to use \'@\' instead?');
|
||||
}
|
||||
|
||||
// Prepare date/time values
|
||||
if (is_a($value, 'DateTime'))
|
||||
{
|
||||
$value = $value->format('Y-m-d H:i:s');
|
||||
}
|
||||
}
|
||||
elseif (str_contains($db_string, '@' . $key))
|
||||
{
|
||||
if (!is_array($value))
|
||||
{
|
||||
throw new UnexpectedValueException('Scalar value ' . $key .
|
||||
' is used as an array placeholder. Did you mean to use \':\' instead?');
|
||||
}
|
||||
|
||||
// Create placeholders for all array elements
|
||||
$placeholders = array_map(fn($num) => ':' . $key . $num, range(0, count($value) - 1));
|
||||
$db_string = str_replace('@' . $key, implode(', ', $placeholders), $db_string);
|
||||
}
|
||||
else
|
||||
{
|
||||
// throw new Exception('Warning: unused key in query: ' . $key);
|
||||
}
|
||||
case 'begin':
|
||||
case 'rollback':
|
||||
case 'commit':
|
||||
return @mysqli_query($this->connection, strtoupper($operation));
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
return $db_string;
|
||||
/**
|
||||
* Function used as a callback for the preg_match function that parses variables into database queries.
|
||||
*/
|
||||
private function replacement_callback($matches)
|
||||
{
|
||||
list ($values, $connection) = $this->db_callback;
|
||||
|
||||
if (!isset($matches[2]))
|
||||
trigger_error('Invalid value inserted or no type specified.', E_USER_ERROR);
|
||||
|
||||
if (!isset($values[$matches[2]]))
|
||||
trigger_error('The database value you\'re trying to insert does not exist: ' . htmlspecialchars($matches[2]), E_USER_ERROR);
|
||||
|
||||
$replacement = $values[$matches[2]];
|
||||
|
||||
switch ($matches[1])
|
||||
{
|
||||
case 'int':
|
||||
if ((!is_numeric($replacement) || (string) $replacement !== (string) (int) $replacement) && $replacement !== 'NULL')
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Integer expected.', E_USER_ERROR);
|
||||
return $replacement !== 'NULL' ? (string) (int) $replacement : 'NULL';
|
||||
break;
|
||||
|
||||
case 'string':
|
||||
case 'text':
|
||||
return $replacement !== 'NULL' ? sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $replacement)) : 'NULL';
|
||||
break;
|
||||
|
||||
case 'array_int':
|
||||
if (is_array($replacement))
|
||||
{
|
||||
if (empty($replacement))
|
||||
trigger_error('Database error, given array of integer values is empty.', E_USER_ERROR);
|
||||
|
||||
foreach ($replacement as $key => $value)
|
||||
{
|
||||
if (!is_numeric($value) || (string) $value !== (string) (int) $value)
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Array of integers expected.', E_USER_ERROR);
|
||||
|
||||
$replacement[$key] = (string) (int) $value;
|
||||
}
|
||||
|
||||
return implode(', ', $replacement);
|
||||
}
|
||||
else
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Array of integers expected.', E_USER_ERROR);
|
||||
|
||||
break;
|
||||
|
||||
case 'array_string':
|
||||
if (is_array($replacement))
|
||||
{
|
||||
if (empty($replacement))
|
||||
trigger_error('Database error, given array of string values is empty.', E_USER_ERROR);
|
||||
|
||||
foreach ($replacement as $key => $value)
|
||||
$replacement[$key] = sprintf('\'%1$s\'', mysqli_real_escape_string($connection, $value));
|
||||
|
||||
return implode(', ', $replacement);
|
||||
}
|
||||
else
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Array of strings expected.', E_USER_ERROR);
|
||||
break;
|
||||
|
||||
case 'date':
|
||||
if (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d)$~', $replacement, $date_matches) === 1)
|
||||
return sprintf('\'%04d-%02d-%02d\'', $date_matches[1], $date_matches[2], $date_matches[3]);
|
||||
elseif ($replacement === 'NULL')
|
||||
return 'NULL';
|
||||
else
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Date expected.', E_USER_ERROR);
|
||||
break;
|
||||
|
||||
case 'datetime':
|
||||
if (is_a($replacement, 'DateTime'))
|
||||
return $replacement->format('\'Y-m-d H:i:s\'');
|
||||
elseif (preg_match('~^(\d{4})-([0-1]?\d)-([0-3]?\d) (\d{2}):(\d{2}):(\d{2})$~', $replacement, $date_matches) === 1)
|
||||
return sprintf('\'%04d-%02d-%02d %02d:%02d:%02d\'', $date_matches[1], $date_matches[2], $date_matches[3], $date_matches[4], $date_matches[5], $date_matches[6]);
|
||||
elseif ($replacement === 'NULL')
|
||||
return 'NULL';
|
||||
else
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. DateTime expected.', E_USER_ERROR);
|
||||
break;
|
||||
|
||||
case 'float':
|
||||
if (!is_numeric($replacement) && $replacement !== 'NULL')
|
||||
trigger_error('Wrong value type sent to the database for field: ' . $matches[2] . '. Floating point number expected.', E_USER_ERROR);
|
||||
return $replacement !== 'NULL' ? (string) (float) $replacement : 'NULL';
|
||||
break;
|
||||
|
||||
case 'identifier':
|
||||
// Backticks inside identifiers are supported as of MySQL 4.1. We don't need them here.
|
||||
return '`' . strtr($replacement, ['`' => '', '.' => '']) . '`';
|
||||
break;
|
||||
|
||||
case 'raw':
|
||||
return $replacement;
|
||||
break;
|
||||
|
||||
case 'bool':
|
||||
case 'boolean':
|
||||
// In mysql this is a synonym for tinyint(1)
|
||||
return (bool)$replacement ? 1 : 0;
|
||||
break;
|
||||
|
||||
default:
|
||||
trigger_error('Undefined type <b>' . $matches[1] . '</b> used in the database query', E_USER_ERROR);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Escapes and quotes a string using values passed, and executes the query.
|
||||
*/
|
||||
public function query($db_string, array $db_values = []): PDOStatement
|
||||
public function query($db_string, $db_values = [])
|
||||
{
|
||||
// One more query...
|
||||
$this->query_count++;
|
||||
// One more query....
|
||||
$this->query_count ++;
|
||||
|
||||
// Error out if hardcoded strings are detected
|
||||
if (strpos($db_string, '\'') !== false)
|
||||
throw new UnexpectedValueException('Hack attempt: illegal character (\') used in query.');
|
||||
// Overriding security? This is evil!
|
||||
$security_override = $db_values === 'security_override' || !empty($db_values['security_override']);
|
||||
|
||||
if (defined('DB_LOG_QUERIES') && DB_LOG_QUERIES)
|
||||
// Please, just use new style queries.
|
||||
if (strpos($db_string, '\'') !== false && !$security_override)
|
||||
trigger_error('Hack attempt!', 'Illegal character (\') used in query.', E_USER_ERROR);
|
||||
|
||||
if (!$security_override && !empty($db_values))
|
||||
{
|
||||
// Set some values for use in the callback function.
|
||||
$this->db_callback = [$db_values, $this->connection];
|
||||
|
||||
// Insert the values passed to this function.
|
||||
$db_string = preg_replace_callback('~{([a-z_]+)(?::([a-zA-Z0-9_-]+))?}~', [&$this, 'replacement_callback'], $db_string);
|
||||
|
||||
// Save some memory.
|
||||
$this->db_callback = [];
|
||||
}
|
||||
|
||||
if (defined("DB_LOG_QUERIES") && DB_LOG_QUERIES)
|
||||
$this->logged_queries[] = $db_string;
|
||||
|
||||
try
|
||||
$return = @mysqli_query($this->connection, $db_string, empty($this->unbuffered) ? MYSQLI_STORE_RESULT : MYSQLI_USE_RESULT);
|
||||
|
||||
if (!$return)
|
||||
{
|
||||
// Preprocessing/checks: prepare any arrays for binding
|
||||
$db_string = $this->expandPlaceholders($db_string, $db_values);
|
||||
|
||||
// Prepare query for execution
|
||||
$statement = $this->connection->prepare($db_string);
|
||||
|
||||
// Bind parameters... the hard way, due to a limit/offset hack.
|
||||
// NB: bindParam binds by reference, hence &$value here.
|
||||
foreach ($db_values as $key => &$value)
|
||||
{
|
||||
// Assumption: both scalar and array values are preprocessed to use named ':' placeholders
|
||||
if (!str_contains($db_string, ':' . $key))
|
||||
continue;
|
||||
|
||||
if (!is_array($value))
|
||||
{
|
||||
$statement->bindParam(':' . $key, $value);
|
||||
continue;
|
||||
}
|
||||
|
||||
foreach (array_values($value) as $num => &$element)
|
||||
{
|
||||
$statement->bindParam(':' . $key . $num, $element);
|
||||
}
|
||||
}
|
||||
|
||||
$statement->execute();
|
||||
return $statement;
|
||||
$clean_sql = implode("\n", array_map('trim', explode("\n", $db_string)));
|
||||
trigger_error($this->error() . '<br>' . $clean_sql, E_USER_ERROR);
|
||||
}
|
||||
catch (PDOException $e)
|
||||
{
|
||||
ob_start();
|
||||
|
||||
$debug = ob_get_clean();
|
||||
|
||||
throw new Exception($e->getMessage() . "\n" . var_export($e->errorInfo, true) . "\n" . var_export($db_values, true));
|
||||
}
|
||||
return $return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Executes a query, returning an object of the row it returns.
|
||||
* Escapes and quotes a string just like db_query, but does not execute the query.
|
||||
* Useful for debugging purposes.
|
||||
*/
|
||||
public function queryObject($class, $db_string, $db_values = [])
|
||||
public function quote($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
// Please, just use new style queries.
|
||||
if (strpos($db_string, '\'') !== false)
|
||||
trigger_error('Hack attempt!', 'Illegal character (\') used in query.', E_USER_ERROR);
|
||||
|
||||
if (!$res || $this->rowCount($res) === 0)
|
||||
return null;
|
||||
// Save some values for use in the callback function.
|
||||
$this->db_callback = [$db_values, $this->connection];
|
||||
|
||||
$object = $this->fetchObject($res, $class);
|
||||
$this->free($res);
|
||||
// Insert the values passed to this function.
|
||||
$db_string = preg_replace_callback('~{([a-z_]+)(?::([a-zA-Z0-9_-]+))?}~', [&$this, 'replacement_callback'], $db_string);
|
||||
|
||||
return $object;
|
||||
}
|
||||
// Save some memory.
|
||||
$this->db_callback = [];
|
||||
|
||||
/**
|
||||
* Executes a query, returning an array of objects of all the rows returns.
|
||||
*/
|
||||
public function queryObjects($class, $db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if (!$res || $this->rowCount($res) === 0)
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
while ($object = $this->fetchObject($res, $class))
|
||||
$rows[] = $object;
|
||||
|
||||
$this->free($res);
|
||||
|
||||
return $rows;
|
||||
return $db_string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Executes a query, returning an array of all the rows it returns.
|
||||
*/
|
||||
public function queryRow($db_string, array $db_values = [])
|
||||
public function queryRow($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$row = $this->fetchNum($res);
|
||||
$this->free($res);
|
||||
$row = $this->fetch_row($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $row;
|
||||
}
|
||||
@ -270,18 +358,18 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning an array of all the rows it returns.
|
||||
*/
|
||||
public function queryRows($db_string, array $db_values = [])
|
||||
public function queryRows($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
while ($row = $this->fetchNum($res))
|
||||
while ($row = $this->fetch_row($res))
|
||||
$rows[] = $row;
|
||||
|
||||
$this->free($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
@ -289,18 +377,18 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning an array of all the rows it returns.
|
||||
*/
|
||||
public function queryPair($db_string, array $db_values = [])
|
||||
public function queryPair($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
while ($row = $this->fetchNum($res))
|
||||
while ($row = $this->fetch_row($res))
|
||||
$rows[$row[0]] = $row[1];
|
||||
|
||||
$this->free($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
@ -308,21 +396,21 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning an array of all the rows it returns.
|
||||
*/
|
||||
public function queryPairs($db_string, $db_values = array())
|
||||
public function queryPairs($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if (!$res || $this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
while ($row = $this->fetchAssoc($res))
|
||||
while ($row = $this->fetch_assoc($res))
|
||||
{
|
||||
$key_value = reset($row);
|
||||
$rows[$key_value] = $row;
|
||||
}
|
||||
|
||||
$this->free($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
@ -330,15 +418,15 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning an associative array of all the rows it returns.
|
||||
*/
|
||||
public function queryAssoc($db_string, array $db_values = [])
|
||||
public function queryAssoc($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$row = $this->fetchAssoc($res);
|
||||
$this->free($res);
|
||||
$row = $this->fetch_assoc($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $row;
|
||||
}
|
||||
@ -346,18 +434,18 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning an associative array of all the rows it returns.
|
||||
*/
|
||||
public function queryAssocs($db_string, array $db_values = [])
|
||||
public function queryAssocs($db_string, $db_values = [], $connection = null)
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
while ($row = $this->fetchAssoc($res))
|
||||
while ($row = $this->fetch_assoc($res))
|
||||
$rows[] = $row;
|
||||
|
||||
$this->free($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
@ -365,16 +453,16 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning the first value of the first row.
|
||||
*/
|
||||
public function queryValue($db_string, array $db_values = [])
|
||||
public function queryValue($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
// If this happens, you're doing it wrong.
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return null;
|
||||
|
||||
list($value) = $this->fetchNum($res);
|
||||
$this->free($res);
|
||||
list($value) = $this->fetch_row($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $value;
|
||||
}
|
||||
@ -382,18 +470,18 @@ class Database
|
||||
/**
|
||||
* Executes a query, returning an array of the first value of each row.
|
||||
*/
|
||||
public function queryValues($db_string, array $db_values = [])
|
||||
public function queryValues($db_string, $db_values = [])
|
||||
{
|
||||
$res = $this->query($db_string, $db_values);
|
||||
|
||||
if ($this->rowCount($res) === 0)
|
||||
if (!$res || $this->num_rows($res) == 0)
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
while ($row = $this->fetchNum($res))
|
||||
while ($row = $this->fetch_row($res))
|
||||
$rows[] = $row[0];
|
||||
|
||||
$this->free($res);
|
||||
$this->free_result($res);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
@ -411,45 +499,35 @@ class Database
|
||||
if (!is_array($data[array_rand($data)]))
|
||||
$data = [$data];
|
||||
|
||||
// Determine the method of insertion.
|
||||
$method = $method == 'replace' ? 'REPLACE' : ($method == 'ignore' ? 'INSERT IGNORE' : 'INSERT');
|
||||
|
||||
// What columns are we inserting?
|
||||
$columns = array_keys($data[0]);
|
||||
|
||||
// Start building the query.
|
||||
$db_string = $method . ' INTO ' . $table . ' (' . implode(',', $columns) . ') VALUES ';
|
||||
|
||||
// Create the mold for a single row insert.
|
||||
$placeholders = '(' . substr(str_repeat('?, ', count($columns)), 0, -2) . '), ';
|
||||
|
||||
// Append it for every row we're to insert.
|
||||
$values = [];
|
||||
foreach ($data as $row)
|
||||
$insertData = '(';
|
||||
foreach ($columns as $columnName => $type)
|
||||
{
|
||||
$values = array_merge($values, array_values($row));
|
||||
$db_string .= $placeholders;
|
||||
// Are we restricting the length?
|
||||
if (strpos($type, 'string-') !== false)
|
||||
$insertData .= sprintf('SUBSTRING({string:%1$s}, 1, ' . substr($type, 7) . '), ', $columnName);
|
||||
else
|
||||
$insertData .= sprintf('{%1$s:%2$s}, ', $type, $columnName);
|
||||
}
|
||||
$insertData = substr($insertData, 0, -2) . ')';
|
||||
|
||||
// Get rid of the tailing comma.
|
||||
$db_string = substr($db_string, 0, -2);
|
||||
// Create an array consisting of only the columns.
|
||||
$indexed_columns = array_keys($columns);
|
||||
|
||||
// Prepare for your impending demise!
|
||||
$statement = $this->connection->prepare($db_string);
|
||||
// Here's where the variables are injected to the query.
|
||||
$insertRows = [];
|
||||
foreach ($data as $dataRow)
|
||||
$insertRows[] = $this->quote($insertData, array_combine($indexed_columns, $dataRow));
|
||||
|
||||
// Bind parameters... the hard way, due to a limit/offset hack.
|
||||
foreach ($values as $key => $value)
|
||||
$statement->bindValue($key + 1, $values[$key]);
|
||||
// Determine the method of insertion.
|
||||
$queryTitle = $method === 'replace' ? 'REPLACE' : ($method === 'ignore' ? 'INSERT IGNORE' : 'INSERT');
|
||||
|
||||
// Handle errors.
|
||||
try
|
||||
{
|
||||
$statement->execute();
|
||||
return $statement;
|
||||
}
|
||||
catch (PDOException $e)
|
||||
{
|
||||
throw new Exception($e->getMessage() . '<br><br>' . $db_string . '<br><br>' . print_r($values, true));
|
||||
}
|
||||
// Do the insert.
|
||||
return $this->query('
|
||||
' . $queryTitle . ' INTO ' . $table . ' (`' . implode('`, `', $indexed_columns) . '`)
|
||||
VALUES
|
||||
' . implode(',
|
||||
', $insertRows),
|
||||
['security_override' => true]);
|
||||
}
|
||||
}
|
||||
|
@ -44,19 +44,6 @@ class Dispatcher
|
||||
}
|
||||
}
|
||||
|
||||
public static function errorPage($title, $body)
|
||||
{
|
||||
$page = new MainTemplate($title);
|
||||
$page->adopt(new ErrorPage($title, $body));
|
||||
|
||||
if (Registry::get('user')->isAdmin())
|
||||
{
|
||||
$page->appendStylesheet(BASEURL . '/css/admin.css');
|
||||
}
|
||||
|
||||
$page->html_main();
|
||||
}
|
||||
|
||||
/**
|
||||
* Kicks a guest to a login form, redirecting them back to this page upon login.
|
||||
*/
|
||||
@ -73,24 +60,37 @@ class Dispatcher
|
||||
exit;
|
||||
}
|
||||
|
||||
private static function trigger400()
|
||||
public static function trigger400()
|
||||
{
|
||||
http_response_code(400);
|
||||
self::errorPage('Bad request', 'The server does not understand your request.');
|
||||
header('HTTP/1.1 400 Bad Request');
|
||||
$page = new MainTemplate('Bad request');
|
||||
$page->adopt(new DummyBox('Bad request', '<p>The server does not understand your request.</p>'));
|
||||
$page->html_main();
|
||||
exit;
|
||||
}
|
||||
|
||||
private static function trigger403()
|
||||
public static function trigger403()
|
||||
{
|
||||
http_response_code(403);
|
||||
self::errorPage('Forbidden', 'You do not have access to this page.');
|
||||
header('HTTP/1.1 403 Forbidden');
|
||||
$page = new MainTemplate('Access denied');
|
||||
$page->adopt(new DummyBox('Forbidden', '<p>You do not have access to the page you requested.</p>'));
|
||||
$page->html_main();
|
||||
exit;
|
||||
}
|
||||
|
||||
private static function trigger404()
|
||||
public static function trigger404()
|
||||
{
|
||||
http_response_code(404);
|
||||
$page = new ViewErrorPage('Page not found!');
|
||||
$page->showContent();
|
||||
header('HTTP/1.1 404 Not Found');
|
||||
$page = new MainTemplate('Page not found');
|
||||
|
||||
if (Registry::has('user') && Registry::get('user')->isAdmin())
|
||||
{
|
||||
$page->appendStylesheet(BASEURL . '/css/admin.css');
|
||||
}
|
||||
|
||||
$page->adopt(new DummyBox('Well, this is a bit embarrassing!', '<p>The page you requested could not be found. Don\'t worry, it\'s probably not your fault. You\'re welcome to browse the website, though!</p>', 'errormsg'));
|
||||
$page->addClass('errorpage');
|
||||
$page->html_main();
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
@ -3,7 +3,7 @@
|
||||
* ErrorHandler.php
|
||||
* Contains key class ErrorHandler.
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2025, Aaron van Geffen
|
||||
* Kabuki CMS (C) 2013-2016, Aaron van Geffen
|
||||
*****************************************************************************/
|
||||
|
||||
class ErrorHandler
|
||||
@ -47,8 +47,10 @@ class ErrorHandler
|
||||
// Log the error in the database.
|
||||
self::logError($error_message, $debug_info, $file, $line);
|
||||
|
||||
// Display error and exit.
|
||||
self::display($error_message, $file, $line, $debug_info);
|
||||
// Are we considering this fatal? Then display and exit.
|
||||
// !!! TODO: should we consider warnings fatal?
|
||||
if (true) // DEBUG || (!DEBUG && $error_level === E_WARNING || $error_level === E_USER_WARNING))
|
||||
self::display($file . ' (' . $line . ')<br>' . $error_message, $debug_info);
|
||||
|
||||
// If it wasn't a fatal error, well...
|
||||
self::$handling_error = false;
|
||||
@ -116,7 +118,7 @@ class ErrorHandler
|
||||
}
|
||||
|
||||
// Logs an error into the database.
|
||||
public static function logError($error_message = '', $debug_info = '', $file = '', $line = 0)
|
||||
private static function logError($error_message = '', $debug_info = '', $file = '', $line = 0)
|
||||
{
|
||||
if (!ErrorLog::log([
|
||||
'message' => $error_message,
|
||||
@ -128,7 +130,7 @@ class ErrorHandler
|
||||
'request_uri' => isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '',
|
||||
]))
|
||||
{
|
||||
http_response_code(503);
|
||||
header('HTTP/1.1 503 Service Temporarily Unavailable');
|
||||
echo '<h2>An Error Occurred</h2><p>Our software could not connect to the database. We apologise for any inconvenience and ask you to check back later.</p>';
|
||||
exit;
|
||||
}
|
||||
@ -136,7 +138,7 @@ class ErrorHandler
|
||||
return $error_message;
|
||||
}
|
||||
|
||||
public static function display($message, $file, $line, $debug_info, $is_sensitive = true)
|
||||
public static function display($message, $debug_info, $is_sensitive = true)
|
||||
{
|
||||
$is_admin = Registry::has('user') && Registry::get('user')->isAdmin();
|
||||
|
||||
@ -165,8 +167,7 @@ class ErrorHandler
|
||||
$is_admin = Registry::has('user') && Registry::get('user')->isAdmin();
|
||||
if (DEBUG || $is_admin)
|
||||
{
|
||||
$debug_info = sprintf("Trigger point:\n%s (L%d)\n\n%s", $file, $line, $debug_info);
|
||||
$page->adopt(new ErrorPage('An error occurred!', $message, $debug_info));
|
||||
$page->adopt(new DummyBox('An error occurred!', '<p>' . $message . '</p><pre>' . $debug_info . '</pre>'));
|
||||
|
||||
// Let's provide the admin navigation despite it all!
|
||||
if ($is_admin)
|
||||
@ -175,9 +176,9 @@ class ErrorHandler
|
||||
}
|
||||
}
|
||||
elseif (!$is_sensitive)
|
||||
$page->adopt(new ErrorPage('An error occurred!', '<p>' . $message . '</p>'));
|
||||
$page->adopt(new DummyBox('An error occurred!', '<p>' . $message . '</p>'));
|
||||
else
|
||||
$page->adopt(new ErrorPage('An error occurred!', 'Our apologies, an error occurred while we were processing your request. Please try again later, or contact us if the problem persists.'));
|
||||
$page->adopt(new DummyBox('An error occurred!', '<p>Our apologies, an error occurred while we were processing your request. Please try again later, or contact us if the problem persists.</p>'));
|
||||
|
||||
// If we got this far, make sure we're not showing stuff twice.
|
||||
ob_end_clean();
|
||||
|
@ -17,14 +17,14 @@ class ErrorLog
|
||||
INSERT INTO log_errors
|
||||
(id_user, message, debug_info, file, line, request_uri, time, ip_address)
|
||||
VALUES
|
||||
(:id_user, :message, :debug_info, :file, :line,
|
||||
:request_uri, CURRENT_TIMESTAMP, :ip_address)',
|
||||
({int:id_user}, {string:message}, {string:debug_info}, {string:file}, {int:line},
|
||||
{string:request_uri}, CURRENT_TIMESTAMP, {string:ip_address})',
|
||||
$data);
|
||||
}
|
||||
|
||||
public static function flush()
|
||||
{
|
||||
return Registry::get('db')->query('DELETE FROM log_errors');
|
||||
return Registry::get('db')->query('TRUNCATE log_errors');
|
||||
}
|
||||
|
||||
public static function getCount()
|
||||
@ -33,20 +33,4 @@ class ErrorLog
|
||||
SELECT COUNT(*)
|
||||
FROM log_errors');
|
||||
}
|
||||
|
||||
public static function getOffset($offset, $limit, $order, $direction)
|
||||
{
|
||||
assert(in_array($order, ['id_entry', 'file', 'line', 'time', 'ipaddress', 'id_user']));
|
||||
$order = $order . ($direction === 'up' ? ' ASC' : ' DESC');
|
||||
|
||||
return Registry::get('db')->queryAssocs('
|
||||
SELECT *
|
||||
FROM log_errors
|
||||
ORDER BY ' . $order . '
|
||||
LIMIT :offset, :limit',
|
||||
[
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
]);
|
||||
}
|
||||
}
|
||||
|
@ -15,6 +15,7 @@ class GenericTable
|
||||
|
||||
private $title;
|
||||
private $title_class;
|
||||
private $tableIsSortable = false;
|
||||
|
||||
public $form_above;
|
||||
public $form_below;
|
||||
@ -28,22 +29,58 @@ class GenericTable
|
||||
|
||||
public function __construct($options)
|
||||
{
|
||||
$this->initOrder($options);
|
||||
$this->initPagination($options);
|
||||
// Make sure we're actually sorting on something sortable.
|
||||
if (!isset($options['sort_order']) || (!empty($options['sort_order']) && empty($options['columns'][$options['sort_order']]['is_sortable'])))
|
||||
$options['sort_order'] = '';
|
||||
|
||||
$data = $options['get_data']($this->start, $this->items_per_page,
|
||||
$this->sort_order, $this->sort_direction);
|
||||
// Order in which direction?
|
||||
if (!empty($options['sort_direction']) && !in_array($options['sort_direction'], ['up', 'down']))
|
||||
$options['sort_direction'] = 'up';
|
||||
|
||||
// Make sure we know whether we can actually sort on something.
|
||||
$this->tableIsSortable = !empty($options['base_url']);
|
||||
|
||||
// How much data do we have?
|
||||
$this->recordCount = $options['get_count'](...(!empty($options['get_count_params']) ? $options['get_count_params'] : []));
|
||||
|
||||
// How much data do we need to retrieve?
|
||||
$this->items_per_page = !empty($options['items_per_page']) ? $options['items_per_page'] : 30;
|
||||
|
||||
// Figure out where to start.
|
||||
$this->start = empty($options['start']) || !is_numeric($options['start']) || $options['start'] < 0 || $options['start'] > $this->recordCount ? 0 : $options['start'];
|
||||
|
||||
// Figure out where we are on the whole, too.
|
||||
$numPages = max(1, ceil($this->recordCount / $this->items_per_page));
|
||||
$this->currentPage = min(ceil($this->start / $this->items_per_page) + 1, $numPages);
|
||||
|
||||
// Let's bear a few things in mind...
|
||||
$this->base_url = $options['base_url'];
|
||||
|
||||
// Gather parameters for the data gather function first.
|
||||
$parameters = [$this->start, $this->items_per_page, $options['sort_order'], $options['sort_direction']];
|
||||
if (!empty($options['get_data_params']) && is_array($options['get_data_params']))
|
||||
$parameters = array_merge($parameters, $options['get_data_params']);
|
||||
|
||||
// Okay, let's fetch the data!
|
||||
$data = $options['get_data'](...$parameters);
|
||||
|
||||
// Extract data into local variables.
|
||||
$rawRowData = $data['rows'];
|
||||
$this->sort_order = $data['order'];
|
||||
$this->sort_direction = $data['direction'];
|
||||
unset($data);
|
||||
|
||||
// Okay, now for the column headers...
|
||||
$this->generateColumnHeaders($options);
|
||||
|
||||
// Should we create a page index?
|
||||
if ($this->recordCount > $this->items_per_page)
|
||||
$needsPageIndex = !empty($this->items_per_page) && $this->recordCount > $this->items_per_page;
|
||||
if ($needsPageIndex)
|
||||
$this->generatePageIndex($options);
|
||||
|
||||
// Process the data to be shown into rows.
|
||||
if (!empty($data))
|
||||
$this->processAllRows($data, $options);
|
||||
if (!empty($rawRowData))
|
||||
$this->processAllRows($rawRowData, $options);
|
||||
else
|
||||
$this->body = $options['no_items_label'] ?? '';
|
||||
|
||||
@ -58,38 +95,6 @@ class GenericTable
|
||||
$this->form_below = $options['form_below'] ?? $options['form'] ?? null;
|
||||
}
|
||||
|
||||
private function initOrder($options)
|
||||
{
|
||||
assert(isset($options['default_sort_order']));
|
||||
assert(isset($options['default_sort_direction']));
|
||||
|
||||
// Validate sort order (column)
|
||||
$this->sort_order = $options['sort_order'];
|
||||
if (empty($this->sort_order) || empty($options['columns'][$this->sort_order]['is_sortable']))
|
||||
$this->sort_order = $options['default_sort_order'];
|
||||
|
||||
// Validate sort direction
|
||||
$this->sort_direction = $options['sort_direction'];
|
||||
if (empty($this->sort_direction) || !in_array($this->sort_direction, ['up', 'down']))
|
||||
$this->sort_direction = $options['default_sort_direction'];
|
||||
}
|
||||
|
||||
private function initPagination(array $options)
|
||||
{
|
||||
assert(isset($options['base_url']));
|
||||
assert(isset($options['items_per_page']));
|
||||
|
||||
$this->base_url = $options['base_url'];
|
||||
|
||||
$this->recordCount = $options['get_count']();
|
||||
$this->items_per_page = !empty($options['items_per_page']) ? $options['items_per_page'] : 30;
|
||||
|
||||
$this->start = empty($options['start']) || !is_numeric($options['start']) || $options['start'] < 0 || $options['start'] > $this->recordCount ? 0 : $options['start'];
|
||||
|
||||
$numPages = max(1, ceil($this->recordCount / $this->items_per_page));
|
||||
$this->currentPage = min(ceil($this->start / $this->items_per_page) + 1, $numPages);
|
||||
}
|
||||
|
||||
private function generateColumnHeaders($options)
|
||||
{
|
||||
foreach ($options['columns'] as $key => $column)
|
||||
@ -97,14 +102,14 @@ class GenericTable
|
||||
if (empty($column['header']))
|
||||
continue;
|
||||
|
||||
$isSortable = !empty($column['is_sortable']);
|
||||
$isSortable = $this->tableIsSortable && !empty($column['is_sortable']);
|
||||
$sortDirection = $key == $this->sort_order && $this->sort_direction === 'up' ? 'down' : 'up';
|
||||
|
||||
$header = [
|
||||
'class' => isset($column['class']) ? $column['class'] : '',
|
||||
'cell_class' => isset($column['cell_class']) ? $column['cell_class'] : null,
|
||||
'colspan' => !empty($column['header_colspan']) ? $column['header_colspan'] : 1,
|
||||
'href' => $isSortable ? $this->getHeaderLink($this->start, $key, $sortDirection) : null,
|
||||
'href' => $isSortable ? $this->getLink($this->start, $key, $sortDirection) : null,
|
||||
'label' => $column['header'],
|
||||
'scope' => 'col',
|
||||
'sort_mode' => $key == $this->sort_order ? $this->sort_direction : null,
|
||||
@ -121,7 +126,7 @@ class GenericTable
|
||||
'base_url' => $this->base_url,
|
||||
'index_class' => $options['index_class'] ?? '',
|
||||
'items_per_page' => $this->items_per_page,
|
||||
'linkBuilder' => [$this, 'getHeaderLink'],
|
||||
'linkBuilder' => [$this, 'getLink'],
|
||||
'recordCount' => $this->recordCount,
|
||||
'sort_direction' => $this->sort_direction,
|
||||
'sort_order' => $this->sort_order,
|
||||
@ -129,7 +134,7 @@ class GenericTable
|
||||
]);
|
||||
}
|
||||
|
||||
public function getHeaderLink($start = null, $order = null, $dir = null)
|
||||
public function getLink($start = null, $order = null, $dir = null)
|
||||
{
|
||||
if ($start === null)
|
||||
$start = $this->start;
|
||||
@ -191,18 +196,12 @@ class GenericTable
|
||||
|
||||
foreach ($options['columns'] as $column)
|
||||
{
|
||||
// Process formatting
|
||||
if (isset($column['format']) && is_callable($column['format']))
|
||||
$value = $column['format']($row);
|
||||
elseif (isset($column['format']))
|
||||
$value = self::processFormatting($column['format'], $row);
|
||||
// Process data for this particular cell.
|
||||
if (isset($column['parse']))
|
||||
$value = self::processCell($column['parse'], $row);
|
||||
else
|
||||
$value = $row[$column['value']];
|
||||
|
||||
// Turn value into a link?
|
||||
if (!empty($column['link']))
|
||||
$value = $this->processLink($column['link'], $value, $row);
|
||||
|
||||
// Append the cell to the row.
|
||||
$newRow['cells'][] = [
|
||||
'class' => $column['cell_class'] ?? '',
|
||||
@ -215,47 +214,68 @@ class GenericTable
|
||||
}
|
||||
}
|
||||
|
||||
private function processFormatting($options, $rowData)
|
||||
private function processCell($options, $rowData)
|
||||
{
|
||||
if ($options['type'] === 'timestamp')
|
||||
if (!isset($options['type']))
|
||||
$options['type'] = 'value';
|
||||
|
||||
// Parse the basic value first.
|
||||
switch ($options['type'])
|
||||
{
|
||||
if (empty($options['pattern']) || $options['pattern'] === 'long')
|
||||
$pattern = 'Y-m-d H:i';
|
||||
elseif ($options['pattern'] === 'short')
|
||||
$pattern = 'Y-m-d';
|
||||
else
|
||||
$pattern = $options['pattern'];
|
||||
// Basic option: simply take a use a particular data property.
|
||||
case 'value':
|
||||
$value = htmlspecialchars($rowData[$options['data']]);
|
||||
break;
|
||||
|
||||
assert(array_key_exists($options['value'], $rowData));
|
||||
if (isset($rowData[$options['value']]) && !is_numeric($rowData[$options['value']]))
|
||||
$timestamp = strtotime($rowData[$options['value']]);
|
||||
else
|
||||
$timestamp = (int) $rowData[$options['value']];
|
||||
// Processing via a lambda function.
|
||||
case 'function':
|
||||
$value = $options['data']($rowData);
|
||||
break;
|
||||
|
||||
if (isset($options['if_null']) && $timestamp == 0)
|
||||
$value = $options['if_null'];
|
||||
else
|
||||
$value = date($pattern, $timestamp);
|
||||
// Using sprintf to fill out a particular pattern.
|
||||
case 'sprintf':
|
||||
$parameters = [$options['data']['pattern']];
|
||||
foreach ($options['data']['arguments'] as $identifier)
|
||||
$parameters[] = $rowData[$identifier];
|
||||
|
||||
return $value;
|
||||
$value = sprintf(...$parameters);
|
||||
break;
|
||||
|
||||
// Timestamps get custom treatment.
|
||||
case 'timestamp':
|
||||
if (empty($options['data']['pattern']) || $options['data']['pattern'] === 'long')
|
||||
$pattern = 'Y-m-d H:i';
|
||||
elseif ($options['data']['pattern'] === 'short')
|
||||
$pattern = 'Y-m-d';
|
||||
else
|
||||
$pattern = $options['data']['pattern'];
|
||||
|
||||
if (!isset($rowData[$options['data']['timestamp']]))
|
||||
$timestamp = 0;
|
||||
elseif (!is_numeric($rowData[$options['data']['timestamp']]))
|
||||
$timestamp = strtotime($rowData[$options['data']['timestamp']]);
|
||||
else
|
||||
$timestamp = (int) $rowData[$options['data']['timestamp']];
|
||||
|
||||
if (isset($options['data']['if_null']) && $timestamp == 0)
|
||||
$value = $options['data']['if_null'];
|
||||
else
|
||||
$value = date($pattern, $timestamp);
|
||||
break;
|
||||
}
|
||||
else
|
||||
throw ValueError('Unexpected formatter type: ' . $options['type']);
|
||||
}
|
||||
|
||||
private function processLink($template, $value, array $rowData)
|
||||
{
|
||||
$href = $this->rowReplacements($template, $rowData);
|
||||
return '<a href="' . $href . '">' . $value . '</a>';
|
||||
}
|
||||
// Generate a link, if requested.
|
||||
if (!empty($options['link']))
|
||||
{
|
||||
// First, generate the replacement variables.
|
||||
$keys = array_keys($rowData);
|
||||
$values = array_values($rowData);
|
||||
foreach ($keys as $keyKey => $keyValue)
|
||||
$keys[$keyKey] = '{' . strtoupper($keyValue) . '}';
|
||||
|
||||
private function rowReplacements($template, array $rowData)
|
||||
{
|
||||
$keys = array_keys($rowData);
|
||||
$values = array_values($rowData);
|
||||
foreach ($keys as $keyKey => $keyValue)
|
||||
$keys[$keyKey] = '{' . strtoupper($keyValue) . '}';
|
||||
$value = '<a href="' . str_replace($keys, $values, $options['link']) . '">' . $value . '</a>';
|
||||
}
|
||||
|
||||
return str_replace($keys, $values, $template);
|
||||
return $value;
|
||||
}
|
||||
}
|
||||
|
@ -12,6 +12,12 @@ class Image extends Asset
|
||||
const TYPE_LANDSCAPE = 2;
|
||||
const TYPE_PORTRAIT = 4;
|
||||
|
||||
protected function __construct(array $data)
|
||||
{
|
||||
foreach ($data as $attribute => $value)
|
||||
$this->$attribute = $value;
|
||||
}
|
||||
|
||||
public static function fromId($id_asset, $return_format = 'object')
|
||||
{
|
||||
$asset = parent::fromId($id_asset, 'array');
|
||||
@ -165,7 +171,7 @@ class Image extends Asset
|
||||
|
||||
return Registry::get('db')->query('
|
||||
DELETE FROM assets_thumbs
|
||||
WHERE id_asset = :id_asset',
|
||||
WHERE id_asset = {int:id_asset}',
|
||||
['id_asset' => $this->id_asset]);
|
||||
}
|
||||
|
||||
@ -183,9 +189,9 @@ class Image extends Asset
|
||||
|
||||
return Registry::get('db')->query('
|
||||
DELETE FROM assets_thumbs
|
||||
WHERE id_asset = :id_asset AND
|
||||
width = :width AND
|
||||
height = :height',
|
||||
WHERE id_asset = {int:id_asset} AND
|
||||
width = {int:width} AND
|
||||
height = {int:height}',
|
||||
[
|
||||
'height' => $height,
|
||||
'id_asset' => $this->id_asset,
|
||||
|
@ -8,7 +8,7 @@
|
||||
|
||||
class Member extends User
|
||||
{
|
||||
private function __construct($data = [])
|
||||
private function __construct($data)
|
||||
{
|
||||
foreach ($data as $key => $value)
|
||||
$this->$key = $value;
|
||||
@ -18,21 +18,12 @@ class Member extends User
|
||||
$this->is_admin = $this->is_admin == 1;
|
||||
}
|
||||
|
||||
public static function fromEmailAddress($email_address)
|
||||
{
|
||||
return Registry::get('db')->queryObject(static::class, '
|
||||
SELECT *
|
||||
FROM users
|
||||
WHERE emailaddress = :email_address',
|
||||
['email_address' => $email_address]);
|
||||
}
|
||||
|
||||
public static function fromId($id_user)
|
||||
{
|
||||
$row = Registry::get('db')->queryAssoc('
|
||||
SELECT *
|
||||
FROM users
|
||||
WHERE id_user = :id_user',
|
||||
WHERE id_user = {int:id_user}',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
]);
|
||||
@ -49,7 +40,7 @@ class Member extends User
|
||||
$row = Registry::get('db')->queryAssoc('
|
||||
SELECT *
|
||||
FROM users
|
||||
WHERE slug = :slug',
|
||||
WHERE slug = {string:slug}',
|
||||
[
|
||||
'slug' => $slug,
|
||||
]);
|
||||
@ -77,7 +68,6 @@ class Member extends User
|
||||
'creation_time' => time(),
|
||||
'ip_address' => isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '',
|
||||
'is_admin' => empty($data['is_admin']) ? 0 : 1,
|
||||
'reset_key' => '',
|
||||
];
|
||||
|
||||
if ($error)
|
||||
@ -93,13 +83,12 @@ class Member extends User
|
||||
'creation_time' => 'int',
|
||||
'ip_address' => 'string-45',
|
||||
'is_admin' => 'int',
|
||||
'reset_key' => 'string-16'
|
||||
], $new_user, ['id_user']);
|
||||
|
||||
if (!$bool)
|
||||
return false;
|
||||
|
||||
$new_user['id_user'] = $db->insertId();
|
||||
$new_user['id_user'] = $db->insert_id();
|
||||
$member = new Member($new_user);
|
||||
|
||||
return $member;
|
||||
@ -127,14 +116,14 @@ class Member extends User
|
||||
return Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET
|
||||
first_name = :first_name,
|
||||
surname = :surname,
|
||||
slug = :slug,
|
||||
emailaddress = :emailaddress,
|
||||
password_hash = :password_hash,
|
||||
is_admin = :is_admin
|
||||
WHERE id_user = :id_user',
|
||||
get_object_vars($this));
|
||||
first_name = {string:first_name},
|
||||
surname = {string:surname},
|
||||
slug = {string:slug},
|
||||
emailaddress = {string:emailaddress},
|
||||
password_hash = {string:password_hash},
|
||||
is_admin = {int:is_admin}
|
||||
WHERE id_user = {int:id_user}',
|
||||
$params);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -145,7 +134,7 @@ class Member extends User
|
||||
{
|
||||
return Registry::get('db')->query('
|
||||
DELETE FROM users
|
||||
WHERE id_user = :id_user',
|
||||
WHERE id_user = {int:id_user}',
|
||||
['id_user' => $this->id_user]);
|
||||
}
|
||||
|
||||
@ -160,7 +149,7 @@ class Member extends User
|
||||
$res = Registry::get('db')->queryValue('
|
||||
SELECT id_user
|
||||
FROM users
|
||||
WHERE emailaddress = :emailaddress',
|
||||
WHERE emailaddress = {string:emailaddress}',
|
||||
[
|
||||
'emailaddress' => $emailaddress,
|
||||
]);
|
||||
@ -176,9 +165,9 @@ class Member extends User
|
||||
return Registry::get('db')->query('
|
||||
UPDATE users
|
||||
SET
|
||||
last_action_time = :now,
|
||||
ip_address = :ip
|
||||
WHERE id_user = :id',
|
||||
last_action_time = {int:now},
|
||||
ip_address = {string:ip}
|
||||
WHERE id_user = {int:id}',
|
||||
[
|
||||
'now' => time(),
|
||||
'id' => $this->id_user,
|
||||
@ -198,22 +187,6 @@ class Member extends User
|
||||
FROM users');
|
||||
}
|
||||
|
||||
public static function getOffset($offset, $limit, $order, $direction)
|
||||
{
|
||||
assert(in_array($order, ['id_user', 'surname', 'first_name', 'slug', 'emailaddress', 'last_action_time', 'ip_address', 'is_admin']));
|
||||
$order = $order . ($direction === 'up' ? ' ASC' : ' DESC');
|
||||
|
||||
return Registry::get('db')->queryAssocs('
|
||||
SELECT *
|
||||
FROM users
|
||||
ORDER BY ' . $order . '
|
||||
LIMIT :offset, :limit',
|
||||
[
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
]);
|
||||
}
|
||||
|
||||
public function getProps()
|
||||
{
|
||||
// We should probably phase out the use of this function, or refactor the access levels of member properties...
|
||||
@ -223,7 +196,7 @@ class Member extends User
|
||||
public static function getMemberMap()
|
||||
{
|
||||
return Registry::get('db')->queryPair('
|
||||
SELECT id_user, CONCAT(first_name, :blank, surname) AS full_name
|
||||
SELECT id_user, CONCAT(first_name, {string:blank}, surname) AS full_name
|
||||
FROM users
|
||||
ORDER BY first_name, surname',
|
||||
[
|
||||
|
76
models/PhotoAlbum.php
Normal file
76
models/PhotoAlbum.php
Normal file
@ -0,0 +1,76 @@
|
||||
<?php
|
||||
/*****************************************************************************
|
||||
* PhotoAlbum.php
|
||||
* Contains key class PhotoAlbum.
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2015, Aaron van Geffen
|
||||
*****************************************************************************/
|
||||
|
||||
class PhotoAlbum extends Tag
|
||||
{
|
||||
public static function getHierarchy($order, $direction)
|
||||
{
|
||||
$db = Registry::get('db');
|
||||
$res = $db->query('
|
||||
SELECT *
|
||||
FROM tags
|
||||
WHERE kind = {string:album}
|
||||
ORDER BY id_parent, {raw:order}',
|
||||
[
|
||||
'order' => $order . ($direction == 'up' ? ' ASC' : ' DESC'),
|
||||
'album' => 'Album',
|
||||
]);
|
||||
|
||||
$albums_by_parent = [];
|
||||
while ($row = $db->fetch_assoc($res))
|
||||
{
|
||||
if (!isset($albums_by_parent[$row['id_parent']]))
|
||||
$albums_by_parent[$row['id_parent']] = [];
|
||||
|
||||
$albums_by_parent[$row['id_parent']][] = $row + ['children' => []];
|
||||
}
|
||||
|
||||
$albums = self::getChildrenRecursively(0, 0, $albums_by_parent);
|
||||
$rows = self::flattenChildrenRecursively($albums);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
|
||||
private static function getChildrenRecursively($id_parent, $level, &$albums_by_parent)
|
||||
{
|
||||
$children = [];
|
||||
if (!isset($albums_by_parent[$id_parent]))
|
||||
return $children;
|
||||
|
||||
foreach ($albums_by_parent[$id_parent] as $child)
|
||||
{
|
||||
if (isset($albums_by_parent[$child['id_tag']]))
|
||||
$child['children'] = self::getChildrenRecursively($child['id_tag'], $level + 1, $albums_by_parent);
|
||||
|
||||
$child['tag'] = ($level ? str_repeat('—', $level * 2) . ' ' : '') . $child['tag'];
|
||||
$children[] = $child;
|
||||
}
|
||||
|
||||
return $children;
|
||||
}
|
||||
|
||||
private static function flattenChildrenRecursively($albums)
|
||||
{
|
||||
if (empty($albums))
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
foreach ($albums as $album)
|
||||
{
|
||||
$rows[] = array_intersect_key($album, array_flip(['id_tag', 'tag', 'slug', 'count']));
|
||||
if (!empty($album['children']))
|
||||
{
|
||||
$children = self::flattenChildrenRecursively($album['children']);
|
||||
foreach ($children as $child)
|
||||
$rows[] = array_intersect_key($child, array_flip(['id_tag', 'tag', 'slug', 'count']));
|
||||
}
|
||||
}
|
||||
|
||||
return $rows;
|
||||
}
|
||||
}
|
@ -8,11 +8,11 @@
|
||||
|
||||
class PhotoMosaic
|
||||
{
|
||||
private bool $descending;
|
||||
private $descending;
|
||||
private AssetIterator $iterator;
|
||||
private array $layouts;
|
||||
private int $processedImages = 0;
|
||||
private array $queue = [];
|
||||
private $layouts;
|
||||
private $processedImages = 0;
|
||||
private $queue = [];
|
||||
|
||||
const IMAGE_MASK_ALL = Image::TYPE_PORTRAIT | Image::TYPE_LANDSCAPE | Image::TYPE_PANORAMA;
|
||||
const NUM_DAYS_CUTOFF = 7;
|
||||
@ -25,6 +25,11 @@ class PhotoMosaic
|
||||
$this->descending = $iterator->isDescending();
|
||||
}
|
||||
|
||||
public function __destruct()
|
||||
{
|
||||
$this->iterator->clean();
|
||||
}
|
||||
|
||||
private function availableLayouts()
|
||||
{
|
||||
static $layouts = [
|
||||
@ -81,14 +86,9 @@ class PhotoMosaic
|
||||
}
|
||||
}
|
||||
|
||||
// Check whatever's up next!
|
||||
// NB: not is not a `foreach` so as to not reset the iterator implicitly
|
||||
while ($this->iterator->valid())
|
||||
// Check whatever's next up!
|
||||
while (($asset = $this->iterator->next()) && ($image = $asset->getImage()))
|
||||
{
|
||||
$asset = $this->iterator->current();
|
||||
$image = $asset->getImage();
|
||||
$this->iterator->next();
|
||||
|
||||
// Give up on the recordset once dates are too far apart
|
||||
if (isset($refDate) && abs(self::daysApart($image->getDateCaptured(), $refDate)) > self::NUM_DAYS_CUTOFF)
|
||||
{
|
||||
|
@ -24,7 +24,7 @@ class Registry
|
||||
public static function get($key)
|
||||
{
|
||||
if (!isset(self::$storage[$key]))
|
||||
throw new Exception('Key does not exist in Registry: ' . $key);
|
||||
trigger_error('Key does not exist in Registry: ' . $key, E_USER_ERROR);
|
||||
|
||||
return self::$storage[$key];
|
||||
}
|
||||
@ -32,7 +32,7 @@ class Registry
|
||||
public static function remove($key)
|
||||
{
|
||||
if (!isset(self::$storage[$key]))
|
||||
throw new Exception('Key does not exist in Registry: ' . $key);
|
||||
trigger_error('Key does not exist in Registry: ' . $key, E_USER_ERROR);
|
||||
|
||||
unset(self::$storage[$key]);
|
||||
}
|
||||
|
@ -33,7 +33,7 @@ class Session
|
||||
public static function getSessionToken()
|
||||
{
|
||||
if (empty($_SESSION['session_token']))
|
||||
throw new Exception('Call to getSessionToken without a session token being set!');
|
||||
trigger_error('Call to getSessionToken without a session token being set!', E_USER_ERROR);
|
||||
|
||||
return $_SESSION['session_token'];
|
||||
}
|
||||
@ -41,7 +41,7 @@ class Session
|
||||
public static function getSessionTokenKey()
|
||||
{
|
||||
if (empty($_SESSION['session_token_key']))
|
||||
throw new Exception('Call to getSessionTokenKey without a session token key being set!');
|
||||
trigger_error('Call to getSessionTokenKey without a session token key being set!', E_USER_ERROR);
|
||||
|
||||
return $_SESSION['session_token_key'];
|
||||
}
|
||||
|
@ -21,7 +21,7 @@ class Setting
|
||||
REPLACE INTO settings
|
||||
(id_user, variable, value, time_set)
|
||||
VALUES
|
||||
(:id_user, :key, :value, CURRENT_TIMESTAMP())',
|
||||
({int:id_user}, {string:key}, {string:value}, CURRENT_TIMESTAMP())',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
'key' => $key,
|
||||
@ -45,7 +45,7 @@ class Setting
|
||||
$value = Registry::get('db')->queryValue('
|
||||
SELECT value
|
||||
FROM settings
|
||||
WHERE id_user = :id_user AND variable = :key',
|
||||
WHERE id_user = {int:id_user} AND variable = {string:key}',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
'key' => $key,
|
||||
@ -63,30 +63,11 @@ class Setting
|
||||
|
||||
public static function remove($key, $id_user = null)
|
||||
{
|
||||
// User setting or global setting?
|
||||
if ($id_user === null)
|
||||
$id_user = Registry::get('user')->getUserId();
|
||||
|
||||
$pairs = Registry::get('db')->queryPair('
|
||||
SELECT variable, value
|
||||
FROM settings
|
||||
WHERE id_user = :id_user',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
]);
|
||||
|
||||
return $pairs;
|
||||
}
|
||||
|
||||
public static function remove($key, $id_user = 0)
|
||||
{
|
||||
// User setting or global setting?
|
||||
if ($id_user === null)
|
||||
$id_user = Registry::get('user')->getUserId();
|
||||
$id_user = Registry::get('user')->getUserId();
|
||||
|
||||
if (Registry::get('db')->query('
|
||||
DELETE FROM settings
|
||||
WHERE id_user = :id_user AND variable = :key',
|
||||
WHERE id_user = {int:id_user} AND variable = {string:key}',
|
||||
[
|
||||
'id_user' => $id_user,
|
||||
'key' => $key,
|
||||
|
170
models/Tag.php
170
models/Tag.php
@ -24,11 +24,6 @@ class Tag
|
||||
$this->$attribute = $value;
|
||||
}
|
||||
|
||||
public function __toString()
|
||||
{
|
||||
return $this->tag;
|
||||
}
|
||||
|
||||
public static function fromId($id_tag, $return_format = 'object')
|
||||
{
|
||||
$db = Registry::get('db');
|
||||
@ -36,7 +31,7 @@ class Tag
|
||||
$row = $db->queryAssoc('
|
||||
SELECT *
|
||||
FROM tags
|
||||
WHERE id_tag = :id_tag',
|
||||
WHERE id_tag = {int:id_tag}',
|
||||
[
|
||||
'id_tag' => $id_tag,
|
||||
]);
|
||||
@ -55,7 +50,7 @@ class Tag
|
||||
$row = $db->queryAssoc('
|
||||
SELECT *
|
||||
FROM tags
|
||||
WHERE slug = :slug',
|
||||
WHERE slug = {string:slug}',
|
||||
[
|
||||
'slug' => $slug,
|
||||
]);
|
||||
@ -73,7 +68,7 @@ class Tag
|
||||
SELECT *
|
||||
FROM tags
|
||||
ORDER BY ' . ($limit > 0 ? 'count
|
||||
LIMIT :limit' : 'tag'),
|
||||
LIMIT {int:limit}' : 'tag'),
|
||||
[
|
||||
'limit' => $limit,
|
||||
]);
|
||||
@ -107,14 +102,14 @@ class Tag
|
||||
$res = $db->query('
|
||||
SELECT *
|
||||
FROM tags
|
||||
WHERE id_user_owner = :id_user_owner
|
||||
WHERE id_user_owner = {int:id_user_owner}
|
||||
ORDER BY tag',
|
||||
[
|
||||
'id_user_owner' => $id_user_owner,
|
||||
]);
|
||||
|
||||
$objects = [];
|
||||
while ($row = $db->fetchAssoc($res))
|
||||
while ($row = $db->fetch_assoc($res))
|
||||
$objects[$row['id_tag']] = new Tag($row);
|
||||
|
||||
return $objects;
|
||||
@ -125,9 +120,9 @@ class Tag
|
||||
$rows = Registry::get('db')->queryAssocs('
|
||||
SELECT *
|
||||
FROM tags
|
||||
WHERE id_parent = :id_parent AND kind = :kind
|
||||
WHERE id_parent = {int:id_parent} AND kind = {string:kind}
|
||||
ORDER BY tag ASC
|
||||
LIMIT :offset, :limit',
|
||||
LIMIT {int:offset}, {int:limit}',
|
||||
[
|
||||
'id_parent' => $id_parent,
|
||||
'kind' => 'Album',
|
||||
@ -153,7 +148,7 @@ class Tag
|
||||
FROM assets_tags AS at
|
||||
LEFT JOIN assets AS a ON at.id_asset = a.id_asset
|
||||
LEFT JOIN users AS u ON a.id_user_uploaded = u.id_user
|
||||
WHERE at.id_tag = :id_tag
|
||||
WHERE at.id_tag = {int:id_tag}
|
||||
GROUP BY a.id_user_uploaded
|
||||
ORDER BY u.first_name, u.surname',
|
||||
[
|
||||
@ -166,9 +161,9 @@ class Tag
|
||||
$rows = Registry::get('db')->queryAssocs('
|
||||
SELECT *
|
||||
FROM tags
|
||||
WHERE id_parent = :id_parent AND kind = :kind
|
||||
WHERE id_parent = {int:id_parent} AND kind = {string:kind}
|
||||
ORDER BY tag ASC
|
||||
LIMIT :offset, :limit',
|
||||
LIMIT {int:offset}, {int:limit}',
|
||||
[
|
||||
'id_parent' => $id_parent,
|
||||
'kind' => 'Person',
|
||||
@ -195,7 +190,7 @@ class Tag
|
||||
WHERE id_tag IN(
|
||||
SELECT id_tag
|
||||
FROM assets_tags
|
||||
WHERE id_asset = :id_asset
|
||||
WHERE id_asset = {int:id_asset}
|
||||
)
|
||||
ORDER BY count DESC',
|
||||
[
|
||||
@ -225,7 +220,7 @@ class Tag
|
||||
WHERE id_tag IN(
|
||||
SELECT id_tag
|
||||
FROM posts_tags
|
||||
WHERE id_post = :id_post
|
||||
WHERE id_post = {int:id_post}
|
||||
)
|
||||
ORDER BY count DESC',
|
||||
[
|
||||
@ -255,7 +250,7 @@ class Tag
|
||||
FROM `assets_tags` AS at
|
||||
WHERE at.id_tag = t.id_tag
|
||||
)' . (!empty($id_tags) ? '
|
||||
WHERE t.id_tag IN(@id_tags)' : ''),
|
||||
WHERE t.id_tag IN({array_int:id_tags})' : ''),
|
||||
['id_tags' => $id_tags]);
|
||||
}
|
||||
|
||||
@ -276,14 +271,14 @@ class Tag
|
||||
INSERT IGNORE INTO tags
|
||||
(id_parent, tag, slug, kind, description, count)
|
||||
VALUES
|
||||
(:id_parent, :tag, :slug, :kind, :description, :count)
|
||||
({int:id_parent}, {string:tag}, {string:slug}, {string:kind}, {string:description}, {int:count})
|
||||
ON DUPLICATE KEY UPDATE count = count + 1',
|
||||
$data);
|
||||
|
||||
if (!$res)
|
||||
throw new Exception('Could not create the requested tag.');
|
||||
trigger_error('Could not create the requested tag.', E_USER_ERROR);
|
||||
|
||||
$data['id_tag'] = $db->insertId();
|
||||
$data['id_tag'] = $db->insert_id();
|
||||
return $return_format === 'object' ? new Tag($data) : $data;
|
||||
}
|
||||
|
||||
@ -297,15 +292,14 @@ class Tag
|
||||
return Registry::get('db')->query('
|
||||
UPDATE tags
|
||||
SET
|
||||
id_parent = :id_parent,
|
||||
id_asset_thumb = :id_asset_thumb,' . (isset($this->id_user_owner) ? '
|
||||
id_user_owner = :id_user_owner,' : '') . '
|
||||
tag = :tag,
|
||||
slug = :slug,
|
||||
kind = :kind,
|
||||
description = :description,
|
||||
count = :count
|
||||
WHERE id_tag = :id_tag',
|
||||
id_parent = {int:id_parent},
|
||||
id_asset_thumb = {int:id_asset_thumb},' . (isset($this->id_user_owner) ? '
|
||||
id_user_owner = {int:id_user_owner},' : '') . '
|
||||
tag = {string:tag},
|
||||
slug = {string:slug},
|
||||
description = {string:description},
|
||||
count = {int:count}
|
||||
WHERE id_tag = {int:id_tag}',
|
||||
get_object_vars($this));
|
||||
}
|
||||
|
||||
@ -313,10 +307,9 @@ class Tag
|
||||
{
|
||||
$db = Registry::get('db');
|
||||
|
||||
// Unlink any tagged assets
|
||||
$res = $db->query('
|
||||
DELETE FROM assets_tags
|
||||
WHERE id_tag = :id_tag',
|
||||
WHERE id_tag = {int:id_tag}',
|
||||
[
|
||||
'id_tag' => $this->id_tag,
|
||||
]);
|
||||
@ -324,10 +317,9 @@ class Tag
|
||||
if (!$res)
|
||||
return false;
|
||||
|
||||
// Delete the actual tag
|
||||
return $db->query('
|
||||
DELETE FROM tags
|
||||
WHERE id_tag = :id_tag',
|
||||
WHERE id_tag = {int:id_tag}',
|
||||
[
|
||||
'id_tag' => $this->id_tag,
|
||||
]);
|
||||
@ -339,15 +331,15 @@ class Tag
|
||||
$new_id = $db->queryValue('
|
||||
SELECT MAX(id_asset) as new_id
|
||||
FROM assets_tags
|
||||
WHERE id_tag = :id_tag',
|
||||
WHERE id_tag = {int:id_tag}',
|
||||
[
|
||||
'id_tag' => $this->id_tag,
|
||||
]);
|
||||
|
||||
return $db->query('
|
||||
UPDATE tags
|
||||
SET id_asset_thumb = :new_id
|
||||
WHERE id_tag = :id_tag',
|
||||
SET id_asset_thumb = {int:new_id}
|
||||
WHERE id_tag = {int:id_tag}',
|
||||
[
|
||||
'new_id' => $new_id ?? 0,
|
||||
'id_tag' => $this->id_tag,
|
||||
@ -362,7 +354,7 @@ class Tag
|
||||
return Registry::get('db')->queryPair('
|
||||
SELECT id_tag, tag
|
||||
FROM tags
|
||||
WHERE LOWER(tag) LIKE :tokens
|
||||
WHERE LOWER(tag) LIKE {string:tokens}
|
||||
ORDER BY tag ASC',
|
||||
['tokens' => '%' . strtolower(implode('%', $tokens)) . '%']);
|
||||
}
|
||||
@ -392,7 +384,7 @@ class Tag
|
||||
return Registry::get('db')->queryPair('
|
||||
SELECT id_tag, tag
|
||||
FROM tags
|
||||
WHERE tag = :tag',
|
||||
WHERE tag = {string:tag}',
|
||||
['tag' => $tag]);
|
||||
}
|
||||
|
||||
@ -404,7 +396,7 @@ class Tag
|
||||
return Registry::get('db')->queryValue('
|
||||
SELECT id_tag
|
||||
FROM tags
|
||||
WHERE slug = :slug',
|
||||
WHERE slug = {string:slug}',
|
||||
['slug' => $slug]);
|
||||
}
|
||||
|
||||
@ -413,103 +405,31 @@ class Tag
|
||||
return Registry::get('db')->queryPair('
|
||||
SELECT tag, id_tag
|
||||
FROM tags
|
||||
WHERE tag IN (:tags)',
|
||||
WHERE tag IN ({array_string:tags})',
|
||||
['tags' => $tags]);
|
||||
}
|
||||
|
||||
public static function getCount($only_used = true, $kind = '', $isAlbum = false)
|
||||
public static function getCount($only_active = 1, $kind = '')
|
||||
{
|
||||
$where = [];
|
||||
if ($only_used)
|
||||
if ($only_active)
|
||||
$where[] = 'count > 0';
|
||||
if (empty($kind))
|
||||
$kind = 'Album';
|
||||
if (!empty($kind))
|
||||
$where[] = 'kind = {string:kind}';
|
||||
|
||||
$operator = $isAlbum ? '=' : '!=';
|
||||
$where[] = 'kind ' . $operator . ' :kind';
|
||||
$where = implode(' AND ', $where);
|
||||
if (!empty($where))
|
||||
$where = 'WHERE ' . implode(' AND ', $where);
|
||||
else
|
||||
$where = '';
|
||||
|
||||
return Registry::get('db')->queryValue('
|
||||
SELECT COUNT(*)
|
||||
FROM tags
|
||||
WHERE ' . $where,
|
||||
[
|
||||
'kind' => $kind,
|
||||
]);
|
||||
FROM tags ' . $where,
|
||||
['kind' => $kind]);
|
||||
}
|
||||
|
||||
public static function getOffset($offset, $limit, $order, $direction, $isAlbum = false)
|
||||
public function __toString()
|
||||
{
|
||||
assert(in_array($order, ['id_tag', 'tag', 'slug', 'count']));
|
||||
$order = $order . ($direction === 'up' ? ' ASC' : ' DESC');
|
||||
|
||||
$operator = $isAlbum ? '=' : '!=';
|
||||
|
||||
$db = Registry::get('db');
|
||||
$res = $db->query('
|
||||
SELECT t.*, u.id_user, u.first_name, u.surname
|
||||
FROM tags AS t
|
||||
LEFT JOIN users AS u ON t.id_user_owner = u.id_user
|
||||
WHERE kind ' . $operator . ' :album
|
||||
ORDER BY id_parent, ' . $order . '
|
||||
LIMIT :offset, :limit',
|
||||
[
|
||||
'offset' => $offset,
|
||||
'limit' => $limit,
|
||||
'album' => 'Album',
|
||||
]);
|
||||
|
||||
$albums_by_parent = [];
|
||||
while ($row = $db->fetchAssoc($res))
|
||||
{
|
||||
if (!isset($albums_by_parent[$row['id_parent']]))
|
||||
$albums_by_parent[$row['id_parent']] = [];
|
||||
|
||||
$albums_by_parent[$row['id_parent']][] = $row + ['children' => []];
|
||||
}
|
||||
|
||||
$albums = self::getChildrenRecursively(0, 0, $albums_by_parent);
|
||||
$rows = self::flattenChildrenRecursively($albums);
|
||||
|
||||
return $rows;
|
||||
}
|
||||
|
||||
private static function getChildrenRecursively($id_parent, $level, &$albums_by_parent)
|
||||
{
|
||||
$children = [];
|
||||
if (!isset($albums_by_parent[$id_parent]))
|
||||
return $children;
|
||||
|
||||
foreach ($albums_by_parent[$id_parent] as $child)
|
||||
{
|
||||
if (isset($albums_by_parent[$child['id_tag']]))
|
||||
$child['children'] = self::getChildrenRecursively($child['id_tag'], $level + 1, $albums_by_parent);
|
||||
|
||||
$child['tag'] = ($level ? str_repeat('—', $level * 2) . ' ' : '') . $child['tag'];
|
||||
$children[] = $child;
|
||||
}
|
||||
|
||||
return $children;
|
||||
}
|
||||
|
||||
private static function flattenChildrenRecursively($albums)
|
||||
{
|
||||
if (empty($albums))
|
||||
return [];
|
||||
|
||||
$rows = [];
|
||||
foreach ($albums as $album)
|
||||
{
|
||||
static $headers_to_keep = ['id_tag', 'tag', 'slug', 'count', 'id_user', 'first_name', 'surname'];
|
||||
$rows[] = array_intersect_key($album, array_flip($headers_to_keep));
|
||||
if (!empty($album['children']))
|
||||
{
|
||||
$children = self::flattenChildrenRecursively($album['children']);
|
||||
foreach ($children as $child)
|
||||
$rows[] = array_intersect_key($child, array_flip($headers_to_keep));
|
||||
}
|
||||
}
|
||||
|
||||
return $rows;
|
||||
return $this->tag;
|
||||
}
|
||||
}
|
||||
|
@ -335,7 +335,7 @@ class Thumbnail
|
||||
if ($success)
|
||||
{
|
||||
$thumb_selector = $this->width . 'x' . $this->height . $this->filename_suffix;
|
||||
$this->thumbnails[$thumb_selector] = $filename ?? null;
|
||||
$this->thumbnails[$thumb_selector] = $filename !== 'NULL' ? $filename : null;
|
||||
|
||||
// For consistency, write new thumbnail filename to parent Image object.
|
||||
// TODO: there could still be an inconsistency if multiple objects exists for the same image asset.
|
||||
@ -349,7 +349,7 @@ class Thumbnail
|
||||
|
||||
private function markAsQueued()
|
||||
{
|
||||
$this->updateDb(null);
|
||||
$this->updateDb('NULL');
|
||||
}
|
||||
|
||||
private function markAsGenerated($filename)
|
||||
|
@ -23,7 +23,6 @@ abstract class User
|
||||
protected $ip_address;
|
||||
protected $is_admin;
|
||||
protected $reset_key;
|
||||
protected $reset_blocked_until;
|
||||
|
||||
protected bool $is_logged;
|
||||
protected bool $is_guest;
|
||||
|
@ -366,8 +366,8 @@ div.polaroid a {
|
||||
/* Album button box
|
||||
---------------------*/
|
||||
.album_button_box {
|
||||
float: right;
|
||||
display: flex;
|
||||
justify-content: flex-end;
|
||||
margin-bottom: 3rem;
|
||||
}
|
||||
.album_button_box > a,
|
||||
|
@ -22,7 +22,7 @@ class AlbumButtonBox extends Template
|
||||
public function html_main()
|
||||
{
|
||||
echo '
|
||||
<div class="container album_button_box">';
|
||||
<div class="album_button_box">';
|
||||
|
||||
foreach ($this->buttons as $button)
|
||||
echo '
|
||||
|
@ -1,41 +0,0 @@
|
||||
<?php
|
||||
/*****************************************************************************
|
||||
* ErrorPage.php
|
||||
* Defines the template class ErrorPage.
|
||||
*
|
||||
* Kabuki CMS (C) 2013-2025, Aaron van Geffen
|
||||
*****************************************************************************/
|
||||
|
||||
class ErrorPage extends Template
|
||||
{
|
||||
private $debug_info;
|
||||
private $message;
|
||||
private $title;
|
||||
|
||||
public function __construct($title, $message, $debug_info = null)
|
||||
{
|
||||
$this->title = $title;
|
||||
$this->message = $message;
|
||||
$this->debug_info = $debug_info;
|
||||
}
|
||||
|
||||
public function html_main()
|
||||
{
|
||||
echo '
|
||||
<div class="content-box container">
|
||||
<h2>', $this->title, '</h2>
|
||||
<p>', nl2br(htmlspecialchars($this->message)), '</p>';
|
||||
|
||||
if (isset($this->debug_info))
|
||||
{
|
||||
echo '
|
||||
</div>
|
||||
<div class="content-box container">
|
||||
<h4>Debug Info</h4>
|
||||
<pre>', htmlspecialchars($this->debug_info), '</pre>';
|
||||
}
|
||||
|
||||
echo '
|
||||
</div>';
|
||||
}
|
||||
}
|
@ -8,12 +8,12 @@
|
||||
|
||||
class FeaturedThumbnailManager extends SubTemplate
|
||||
{
|
||||
private $iterator;
|
||||
private $assets;
|
||||
private $currentThumbnailId;
|
||||
|
||||
public function __construct(AssetIterator $iterator, $currentThumbnailId)
|
||||
public function __construct(AssetIterator $assets, $currentThumbnailId)
|
||||
{
|
||||
$this->iterator = $iterator;
|
||||
$this->assets = $assets;
|
||||
$this->currentThumbnailId = $currentThumbnailId;
|
||||
}
|
||||
|
||||
@ -25,7 +25,7 @@ class FeaturedThumbnailManager extends SubTemplate
|
||||
<h2>Select thumbnail</h2>
|
||||
<ul id="featuredThumbnail">';
|
||||
|
||||
foreach ($this->iterator as $asset)
|
||||
while ($asset = $this->assets->next())
|
||||
{
|
||||
$image = $asset->getImage();
|
||||
echo '
|
||||
@ -36,6 +36,8 @@ class FeaturedThumbnailManager extends SubTemplate
|
||||
</li>';
|
||||
}
|
||||
|
||||
$this->assets->clean();
|
||||
|
||||
echo '
|
||||
</ul>
|
||||
<input type="hidden" name="', Session::getSessionTokenKey(), '" value="', Session::getSessionToken(), '">
|
||||
|
@ -33,7 +33,7 @@ class MainNavBar extends NavBar
|
||||
<span class="navbar-toggler-icon"></span>
|
||||
</button>';
|
||||
|
||||
if (Registry::has('user') && Registry::get('user')->isLoggedIn())
|
||||
if (Registry::get('user')->isLoggedIn())
|
||||
{
|
||||
echo '
|
||||
<div class="collapse navbar-collapse justify-content-end" id="', $this->innerMenuId, '">
|
||||
|
@ -174,10 +174,7 @@ class PhotoPage extends Template
|
||||
echo '
|
||||
</ul>';
|
||||
|
||||
if ($allowLinkingNewTags)
|
||||
{
|
||||
$this->printNewTagScript($tagKind, $tagListId, $newTagId);
|
||||
}
|
||||
$this->printNewTagScript($tagKind, $tagListId, $newTagId);
|
||||
}
|
||||
|
||||
private function printNewTagScript($tagKind, $tagListId, $newTagId)
|
||||
|
@ -8,7 +8,7 @@
|
||||
|
||||
class TabularData extends SubTemplate
|
||||
{
|
||||
protected GenericTable $_t;
|
||||
private GenericTable $_t;
|
||||
|
||||
public function __construct(GenericTable $table)
|
||||
{
|
||||
@ -16,47 +16,6 @@ class TabularData extends SubTemplate
|
||||
}
|
||||
|
||||
protected function html_content()
|
||||
{
|
||||
$this->renderTitle();
|
||||
|
||||
foreach ($this->_subtemplates as $template)
|
||||
$template->html_main();
|
||||
|
||||
// Showing an inline form?
|
||||
$pager = $this->_t->getPageIndex();
|
||||
if (!empty($pager) || isset($this->_t->form_above))
|
||||
$this->renderPaginationForm($pager, $this->_t->form_above);
|
||||
|
||||
$tableClass = $this->_t->getTableClass();
|
||||
if ($tableClass)
|
||||
echo '
|
||||
<div class="', $tableClass, '">';
|
||||
|
||||
// Build the table!
|
||||
echo '
|
||||
<table class="table table-striped table-condensed">';
|
||||
|
||||
$this->renderTableHead($this->_t->getHeader());
|
||||
$this->renderTableBody($this->_t->getBody());
|
||||
|
||||
echo '
|
||||
</table>';
|
||||
|
||||
if ($tableClass)
|
||||
echo '
|
||||
</div>';
|
||||
|
||||
// Showing an inline form?
|
||||
if (!empty($pager) || isset($this->_t->form_below))
|
||||
$this->renderPaginationForm($pager, $this->_t->form_below);
|
||||
|
||||
$title = $this->_t->getTitle();
|
||||
if (!empty($title))
|
||||
echo '
|
||||
</div>';
|
||||
}
|
||||
|
||||
protected function renderTitle()
|
||||
{
|
||||
$title = $this->_t->getTitle();
|
||||
if (!empty($title))
|
||||
@ -66,32 +25,43 @@ class TabularData extends SubTemplate
|
||||
<div class="generic-table', !empty($titleclass) ? ' ' . $titleclass : '', '">
|
||||
<h1>', htmlspecialchars($title), '</h1>';
|
||||
}
|
||||
}
|
||||
|
||||
protected function renderPaginationForm($pager, $form, $class='row')
|
||||
{
|
||||
echo '
|
||||
<div class="', $class, ' clearfix justify-content-end">';
|
||||
|
||||
// Page index?
|
||||
if (!empty($pager))
|
||||
PageIndexWidget::paginate($pager);
|
||||
|
||||
// Form controls?
|
||||
if (isset($form))
|
||||
$this->renderInlineForm($form);
|
||||
|
||||
echo '
|
||||
</div>';
|
||||
}
|
||||
|
||||
protected function renderTableHead(array $headers)
|
||||
{
|
||||
foreach ($this->_subtemplates as $template)
|
||||
$template->html_main();
|
||||
|
||||
// Showing an inline form?
|
||||
$pager = $this->_t->getPageIndex();
|
||||
if (!empty($pager) || isset($this->_t->form_above))
|
||||
{
|
||||
echo '
|
||||
<div class="row clearfix justify-content-end">';
|
||||
|
||||
// Page index?
|
||||
if (!empty($pager))
|
||||
PageIndexWidget::paginate($pager);
|
||||
|
||||
// Form controls?
|
||||
if (isset($this->_t->form_above))
|
||||
$this->showForm($this->_t->form_above);
|
||||
|
||||
echo '
|
||||
</div>';
|
||||
}
|
||||
|
||||
$tableClass = $this->_t->getTableClass();
|
||||
if ($tableClass)
|
||||
echo '
|
||||
<div class="', $tableClass, '">';
|
||||
|
||||
// Build the table!
|
||||
echo '
|
||||
<table class="table table-striped table-condensed">
|
||||
<thead>
|
||||
<tr>';
|
||||
|
||||
foreach ($headers as $th)
|
||||
// Show all headers in their full glory!
|
||||
$header = $this->_t->getHeader();
|
||||
foreach ($header as $th)
|
||||
{
|
||||
echo '
|
||||
<th', (!empty($th['width']) ? ' width="' . $th['width'] . '"' : ''), (!empty($th['class']) ? ' class="' . $th['class'] . '"' : ''), ($th['colspan'] > 1 ? ' colspan="' . $th['colspan'] . '"' : ''), ' scope="', $th['scope'], '">',
|
||||
@ -105,14 +75,11 @@ class TabularData extends SubTemplate
|
||||
|
||||
echo '
|
||||
</tr>
|
||||
</thead>';
|
||||
}
|
||||
|
||||
protected function renderTableBody($body)
|
||||
{
|
||||
echo '
|
||||
</thead>
|
||||
<tbody>';
|
||||
|
||||
// The body is what we came to see!
|
||||
$body = $this->_t->getBody();
|
||||
if (is_array($body))
|
||||
{
|
||||
foreach ($body as $tr)
|
||||
@ -123,31 +90,59 @@ class TabularData extends SubTemplate
|
||||
foreach ($tr['cells'] as $td)
|
||||
{
|
||||
echo '
|
||||
<td',
|
||||
(!empty($td['class']) ? ' class="' . $td['class'] . '"' : ''),
|
||||
(!empty($td['width']) ? ' width="' . $td['width'] . '"' : ''), '>',
|
||||
$td['value'],
|
||||
'</td>';
|
||||
<td', (!empty($td['width']) ? ' width="' . $td['width'] . '"' : ''), '>';
|
||||
|
||||
if (!empty($td['class']))
|
||||
echo '<span class="', $td['class'], '">', $td['value'], '</span>';
|
||||
else
|
||||
echo $td['value'];
|
||||
|
||||
echo '</td>';
|
||||
}
|
||||
|
||||
echo '
|
||||
</tr>';
|
||||
}
|
||||
}
|
||||
// !!! Sum colspan!
|
||||
else
|
||||
{
|
||||
$header = $this->_t->getHeader();
|
||||
echo '
|
||||
<tr>
|
||||
<td colspan="', count($header), '" class="fullwidth">', $body, '</td>
|
||||
</tr>';
|
||||
}
|
||||
|
||||
echo '
|
||||
</tbody>';
|
||||
</tbody>
|
||||
</table>';
|
||||
|
||||
if ($tableClass)
|
||||
echo '
|
||||
</div>';
|
||||
|
||||
// Showing an inline form?
|
||||
if (!empty($pager) || isset($this->_t->form_below))
|
||||
{
|
||||
echo '
|
||||
<div class="row clearfix justify-content-end">';
|
||||
|
||||
// Page index?
|
||||
if (!empty($pager))
|
||||
PageIndexWidget::paginate($pager);
|
||||
|
||||
// Form controls?
|
||||
if (isset($this->_t->form_below))
|
||||
$this->showForm($this->_t->form_below);
|
||||
|
||||
echo '
|
||||
</div>';
|
||||
}
|
||||
|
||||
if (!empty($title))
|
||||
echo '
|
||||
</div>';
|
||||
}
|
||||
|
||||
protected function renderInlineForm($form)
|
||||
protected function showForm($form)
|
||||
{
|
||||
if (!isset($form['is_embed']))
|
||||
echo '
|
||||
|
Loading…
x
Reference in New Issue
Block a user