*
* @license http://nucleuscms.org/license.txt GNU General Public License
* @copyright Copyright (C) 2002-2009 The Nucleus Group
- * @version $Id: SKIN.php 1755 2012-04-14 10:05:49Z sakamocchi $
+<<<<<<< HEAD
+ * @version $Id: SKIN.php 1816 2012-05-03 01:40:10Z sakamocchi $
+=======
+ * @version $Id: SKIN.php 1886 2012-06-17 08:27:27Z sakamocchi $
+>>>>>>> skinnable-master
*/
-if ( !function_exists('requestVar') )
+if ( !function_exists('requestVar') )
{
exit;
}
$this->id = (integer) $id;
- // read skin name/description/content type
- $query = "SELECT * FROM %s WHERE sdnumber=%d";
- $query = sprintf($query, sql_table('skin_desc'), (integer) $this->id);
- $res = sql_query($query);
- $obj = sql_fetch_object($res);
- $this->valid = (sql_num_rows($res) > 0);
- if ( !$this->valid )
- {
- return;
- }
-
+<<<<<<< HEAD
/*
* NOTE: include needed action class
*/
+=======
+ /* NOTE: include needed action class */
+>>>>>>> skinnable-master
if ( $action_class != 'Actions' )
{
if ( !class_exists($action_class, FALSE)
$this->action_class = $action_class;
$this->event_identifier = $event_identifier;
- $this->name = $obj->sdname;
- $this->description = $obj->sddesc;
- $this->contentType = $obj->sdtype;
- $this->includeMode = $obj->sdincmode;
- $this->includePrefix = $obj->sdincpref;
+ // read skin name/description/content type
+ $query = "SELECT * FROM %s WHERE sdnumber=%d;";
+ $query = sprintf($query, sql_table('skin_desc'), $this->id);
+ $res = DB::getRow($query);
+
+ $this->valid = !empty($res);
+ if ( $this->valid )
+ {
+ $this->name = $res['sdname'];
+ $this->description = $res['sddesc'];
+ $this->contentType = $res['sdtype'];
+ $this->includeMode = $res['sdincmode'];
+ $this->includePrefix = $res['sdincpref'];
+ }
return;
}
*/
static public function exists($name)
{
- $query = "SELECT COUNT(*) AS result FROM %s WHERE sdname='%s';";
- $query = sprintf($query, sql_table('skin_desc'), sql_real_escape_string($name));
- return (quickQuery($query) > 0);
+ $query = "SELECT COUNT(*) AS result FROM %s WHERE sdname=%s;";
+ $query = sprintf($query, sql_table('skin_desc'), DB::quoteValue($name));
+ return (DB::getValue($query) > 0);
}
/**
{
$query = "SELECT COUNT(*) AS result FROM %s WHERE sdnumber=%d;";
$query = sprintf($query, sql_table('skin_desc'), (integer) $id);
- return (quickQuery($query) > 0);
+ return (DB::getValue($query) > 0);
}
/**
*/
static public function getIdFromName($name)
{
- $query = "SELECT sdnumber FROM %s WHERE sdname='%s';";
- $query = sprintf($query, sql_table('skin_desc'), sql_real_escape_string($name));
- $res = sql_query($query);
- $obj = sql_fetch_object($res);
- return $obj->sdnumber;
+ $query = "SELECT sdnumber FROM %s WHERE sdname=%s;";
+ $query = sprintf($query, sql_table('skin_desc'), DB::quoteValue($name));
+ return DB::getValue($query);
}
/**
{
$query = "SELECT sdname AS result FROM %s WHERE sdnumber=%d;";
$query = sprintf($query, sql_table('skin_desc'), (integer) $id);
- return quickQuery($query);
+ return DB::getValue($query);
}
/**
{
global $manager;
- $manager->notify(
- 'PreAddSkin',
- array(
- 'name' => &$name,
- 'description' => &$desc,
- 'type' => &$type,
- 'includeMode' => &$includeMode,
- 'includePrefix' => &$includePrefix
- )
+ $data = array(
+ 'name' => &$name,
+ 'description' => &$desc,
+ 'type' => &$type,
+ 'includeMode' => &$includeMode,
+ 'includePrefix' => &$includePrefix
);
-
- $query = "INSERT INTO %s (sdname, sddesc, sdtype, sdincmode, sdincpref) VALUES ('%s', '%s', '%s', '%s', '%s');";
- $sdname = sql_real_escape_string($name);
- $sddesc = sql_real_escape_string($desc);
- $sdtype = sql_real_escape_string($type);
- $sdincmode = sql_real_escape_string($includeMode);
- $sdincpref = sql_real_escape_string($includePrefix);
+ $manager->notify('PreAddSkin', $data);
+
+ $query = "INSERT INTO %s (sdname, sddesc, sdtype, sdincmode, sdincpref) VALUES (%s, %s, %s, %s, %s);";
+ $sdname = DB::quoteValue($name);
+ $sddesc = DB::quoteValue($desc);
+ $sdtype = DB::quoteValue($type);
+ $sdincmode = DB::quoteValue($includeMode);
+ $sdincpref = DB::quoteValue($includePrefix);
$query = sprintf($query, sql_table('skin_desc'), $sdname, $sddesc, $sdtype, $sdincmode, $sdincpref);
- sql_query($query);
- $newid = sql_insert_id();
-
- $manager->notify(
- 'PostAddSkin',
- array(
- 'skinid' => $newid,
- 'name' => $name,
- 'description' => $desc,
- 'type' => $type,
- 'includeMode' => $includeMode,
- 'includePrefix' => $includePrefix
- )
+ DB::execute($query);
+ $newid = DB::getInsertId();
+
+ $data = array(
+ 'skinid' => $newid,
+ 'name' => $name,
+ 'description' => $desc,
+ 'type' => $type,
+ 'includeMode' => $includeMode,
+ 'includePrefix' => $includePrefix
);
+ $manager->notify('PostAddSkin', $data);
+
return $newid;
}
* Parse a SKIN
*
* @param string $type
+ * @param string $path path to file if using fileparser
* @return void
*/
- public function parse($type)
+ public function parse($type, $path='')
{
- global $currentSkinName, $manager, $CONF;
+ global $currentSkinName, $manager, $CONF, $DIR_NUCLEUS;
+
+ $data = array(
+ 'skin' => &$this,
+ 'type' => $type
+ );
+ $manager->notify("Init{$this->event_identifier}Parse", $data);
- $manager->notify("Init{$this->event_identifier}Parse", array('skin' => &$this, 'type' => $type));
+ // include skin locale file for <%text%> tag if useable
+ $this->includeTranslation();
// set output type
sendContentType($this->getContentType(), 'skin');
- // set skin name as global var (so plugins can access it)
+ /* FIX: should be obsoleted */
$currentSkinName = $this->getName();
- $contents = $this->getContent($type);
- if ( !$contents )
+ // retrieve contents
+ $contents = FALSE;
+<<<<<<< HEAD
+ if ( $type != 'fileparse' )
+ {
+ $contents = $this->getContentFromDB($type);
+ }
+ else if ( $path !== '' && i18n::strpos(realpath($path), realpath("$DIR_NUCLEUS/../")) == 0 )
+ {
+ $contents = $this->getContentFromFile($path);
+=======
+ if ( $type == 'pluginadmin' )
+ {
+ $contents = $path;
+ }
+ else
+ {
+ if ( $type != 'fileparse' && $type != 'importAdmin')
+ {
+ $contents = $this->getContentFromDB($type);
+ }
+ else if ( $path !== '' && i18n::strpos(realpath($path), realpath("$DIR_NUCLEUS/../")) == 0 )
+ {
+ $contents = $this->getContentFromFile($path);
+ }
+>>>>>>> skinnable-master
+ }
+ // use base skin if this skin does not have contents
+ if ( $contents === FALSE )
{
- // use base skin if this skin does not have contents
$defskin = new SKIN($CONF['BaseSkin']);
- $contents = $defskin->getContent($type);
+ $contents = $defskin->getContentFromDB($type);
if ( !$contents )
{
echo _ERROR_SKIN;
}
}
- $actions = $this->getAllowedActionsForType($type);
-
- $manager->notify("Pre{$this->event_identifier}Parse", array('skin' => &$this, 'type' => $type, 'contents' => &$contents));
+ $data = array(
+ 'skin' => &$this,
+ 'type' => $type,
+ 'contents' => &$contents
+ );
+ $manager->notify("Pre{$this->event_identifier}Parse", $data);
// set IncludeMode properties of parser
Parser::setProperty('IncludeMode', $this->getIncludeMode());
Parser::setProperty('IncludePrefix', $this->getIncludePrefix());
+ // call action handler
$action_class = $this->action_class;
$handler = new $action_class($type);
- $parser = new Parser($actions, $handler);
- $handler->setParser($parser);
- $handler->setSkin($this);
+ // register action handler to parser
+ $parser = new Parser($handler);
+ $parser->setSkin($this);
$parser->parse($contents);
- $manager->notify("Post{$this->event_identifier}Parse", array('skin' => &$this, 'type' => $type));
+ $data = array(
+ 'skin' => &$this,
+ 'type' => $type
+ );
+ $manager->notify("Post{$this->event_identifier}Parse", $data);
+
return;
}
/**
- * Skin::getContent()
- * Get content of the skin part from the database
+ * Skin::getContentFromDB()
*
- * @param string $type type of the skin (e.g. index, item, search ...)
- * @return string content of scontent
+ * @param string $skintype skin type
+ * @return string content for the skin type
*/
- public function getContent($type)
+ public function getContentFromDB($skintype)
{
- $query = "SELECT scontent FROM %s WHERE sdesc=%d and stype='%s';";
- $query = sprintf($query, sql_table('skin'), (integer) $this->id, sql_real_escape_string($type));
- $res = sql_query($query);
+ $query = "SELECT scontent FROM %s WHERE sdesc=%d and stype=%s;";
+ $query = sprintf($query, sql_table('skin'), (integer) $this->id, DB::quoteValue($skintype));
+ $res = DB::getValue($query);
- if ( sql_num_rows($res) == 0 )
+ return $res ? $res : '';
+ }
+
+ /**
+ * Skin::getContentFromFile()
+ *
+ * @param string $fullpath fullpath to the file to parse
+ * @return mixed file contents or FALSE
+ */
+ public function getContentFromFile($fullpath)
+ {
+ $fsize = filesize($fullpath);
+ if ( $fsize <= 0 )
{
- return '';
+ return;
}
- return sql_result($res, 0, 0);
+
+ $fd = fopen ($fullpath, 'r');
+ if ( $fd === FALSE )
+ {
+ return FALSE;
+ }
+
+ $contents = fread ($fd, $fsize);
+ if ( $contents === FALSE )
+ {
+ return FALSE;
+ }
+
+ fclose ($fd);
+ return $contents;
}
-
+
/**
* SKIN::update()
* Updates the contents for one part of the skin in the database
{
global $manager;
- $query = "SELECT sdesc FROM %s WHERE stype='%s' and sdesc=%d;";
- $query = sprintf($query, sql_table('skin'), sql_real_escape_string($type), (integer) $this->id);
- $res = sql_query($query);
+ $query = "SELECT sdesc FROM %s WHERE stype=%s and sdesc=%d;";
+ $query = sprintf($query, sql_table('skin'), DB::quoteValue($type), (integer) $this->id);
+ $res = DB::getValue($query);
- $skintypeexists = sql_fetch_object($res);
+ $skintypeexists = !empty($res);
+<<<<<<< HEAD
$skintypevalue = ($content == true);
+=======
+ $skintypevalue = !empty($content);
+>>>>>>> skinnable-master
if( $skintypevalue && $skintypeexists )
{
'type' => $type,
'content' => &$content
);
+<<<<<<< HEAD
// PreUpdateSkinPart event
$manager->notify("PreUpdate{{$this->event_identifier}}Part", $data);
else if( $skintypevalue && !$skintypeexists )
{
$data = array(
- 'skinid' => $this->id,
- 'type' => $type,
- 'content' => &$content
+ 'skinid' => $this->id,
+ 'type' => $type,
+ 'content' => &$content
);
$manager->notify("PreAdd{$this->event_identifier}Part", $data);
}
else if( !$skintypevalue && $skintypeexists )
+=======
+ $manager->notify("PreUpdate{$this->event_identifier}Part", $data);
+ }
+ else if( $skintypevalue )
+ {
+ $data = array(
+ 'skinid' => $this->id,
+ 'type' => $type,
+ 'content' => &$content
+ );
+ $manager->notify("PreAdd{$this->event_identifier}Part", $data);
+ }
+ else if( $skintypeexists )
+>>>>>>> skinnable-master
{
$data = array(
- 'skinid' => $this->id,
- 'type' => $type
+ 'skinid' => $this->id,
+ 'type' => $type
);
+<<<<<<< HEAD
+=======
+>>>>>>> skinnable-master
$manager->notify("PreDelete{$this->event_identifier}Part", $data);
}
// delete old thingie
- $query = "DELETE FROM %s WHERE stype='%s' and sdesc=%d";
- $query = sprintf($query, sql_table('skin'), sql_real_escape_string($type), (integer) $this->id);
- sql_query($query);
+<<<<<<< HEAD
+ $query = "DELETE FROM %s WHERE stype=%s and sdesc=%d";
+=======
+ $query = "DELETE FROM %s WHERE stype=%s and sdesc=%d;";
+>>>>>>> skinnable-master
+ $query = sprintf($query, sql_table('skin'), DB::quoteValue($type), (integer) $this->id);
+ DB::execute($query);
// write new thingie
if ( $content )
{
- $query = "INSERT INTO %s (scontent, stype, sdesc) VALUE ('%s', '%s', %d)";
- $query = sprintf($query, sql_table('skin'), sql_real_escape_string($content), sql_real_escape_string($type), (integer) $this->id);
- sql_query($query);
+<<<<<<< HEAD
+ $query = "INSERT INTO %s (scontent, stype, sdesc) VALUE (%s, %s, %d)";
+=======
+ $query = "INSERT INTO %s (scontent, stype, sdesc) VALUES (%s, %s, %d);";
+>>>>>>> skinnable-master
+ $query = sprintf($query, sql_table('skin'), DB::quoteValue($content), DB::quoteValue($type), (integer) $this->id);
+ DB::execute($query);
}
if( $skintypevalue && $skintypeexists )
{
$data = array(
+<<<<<<< HEAD
'skinid' => $this->id,
'type' => $type,
'content' => &$content
$manager->notify("PostAdd{$this->event_identifier}Part", $data);
}
else if( (!$skintypevalue) && $skintypeexists )
+=======
+ 'skinid' => $this->id,
+ 'type' => $type,
+ 'content' => &$content
+ );
+ $manager->notify("PostUpdate{$this->event_identifier}Part", $data);
+ }
+ else if( $skintypevalue )
+ {
+ $data = array(
+ 'skinid' => $this->id,
+ 'type' => $type,
+ 'content' => &$content
+ );
+ $manager->notify("PostAdd{$this->event_identifier}Part", $data);
+ }
+ else if( $skintypeexists )
+>>>>>>> skinnable-master
{
$data = array(
'skinid' => $this->id,
'type' => $type
);
+<<<<<<< HEAD
+=======
+>>>>>>> skinnable-master
$manager->notify("PostDelete{$this->event_identifier}Part", $data);
}
return;
{
$query = "DELETE FROM %s WHERE sdesc=%d;";
$query = sprintf($query, sql_table('skin'), (integer) $this->id);
- sql_query($query);
+ DB::execute($query);
}
/**
*/
public function updateGeneralInfo($name, $desc, $type = 'text/html', $includeMode = 'normal', $includePrefix = '')
{
- $name = sql_real_escape_string($name);
- $desc = sql_real_escape_string($desc);
- $type = sql_real_escape_string($type);
- $includeMode = sql_real_escape_string($includeMode);
- $includePrefix = sql_real_escape_string($includePrefix);
+ $name = DB::quoteValue($name);
+ $desc = DB::quoteValue($desc);
+ $type = DB::quoteValue($type);
+ $includeMode = DB::quoteValue($includeMode);
+ $includePrefix = DB::quoteValue($includePrefix);
- $query ="UPDATE %s SET sdname='', sddesc='%s', sdtype='%s', sdincmode='%s', sdincpref='%s' WHERE sdnumber=%d:";
- $query = sprintf($query, $name, $desc, $type, $includeMode, $includePrefix, (integer) $this->id);
+ $query ="UPDATE %s SET sdname=%s, sddesc=%s, sdtype=%s, sdincmode=%s, sdincpref=%s WHERE sdnumber=%d";
+ $query = sprintf($query, sql_table('skin_desc'), $name, $desc, $type, $includeMode, $includePrefix, (integer) $this->id);
- sql_query($query);
+ DB::execute($query);
return;
}
/**
- * Skin::getAllowedActionsForType()
- * Get the allowed actions for a skin type
- * returns an array with the allowed actions
- *
- * @param string $type type of the skin (e.g. index, item, search ...)
- * @return array allowed action types
- */
- public function getAllowedActionsForType($type)
- {
- /**
- * NOTE: static method with variable class name is supported since PHP 5.3
- * So now we utilize eval function.
- */
- $page_action_names = array();
- eval("\$defined_actions = {$this->action_class}::getDefinedActions('{$type}');");
- return $defined_actions;
- }
-
- /**
- * Skin::getFriendlyNames()
- * Get an array with the names of possible skin parts
- * Used to show all possible parts of a skin in the administration backend
+ * Skin::includeTranslation()
*
- * @static
- * @param string $action_class name of action class (optional)
- * @param array type of the skin
+ * @param void
+ * @return void
*/
- static public function getFriendlyNames($action_class='Actions')
+ private function includeTranslation()
{
- global $DIR_LIBS;
+ global $DIR_SKINS;
- /*
- * NOTE: include needed action class
- */
- if ( $action_class != 'Actions' )
+ $locale = i18n::get_current_locale() . '.' . i18n::get_current_charset();
+
+ if( $this->includeMode == "normal" )
{
- if ( !class_exists($action_class, FALSE)
- && (!file_exists("{$DIR_LIBS}{$action_class}.php")
- || !include("{$DIR_LIBS}{$action_class}.php")) )
+ $filename = "./locales/{$locale}.php";
+ }
+ else if( $this->includeMode == "skindir" )
+ {
+ if ( $this->includePrefix == '' )
{
- return;
+ $filename = "{$DIR_SKINS}locales/{$locale}.php";
+ }
+ else
+ {
+ $filename = "{$DIR_SKINS}{$this->includePrefix}locales/{$locale}.php";
}
}
else
{
- if ( !class_exists('Actions', FALSE)
- && (!file_exists("{$DIR_LIBS}ACTIONS.php")
- || !include("{$DIR_LIBS}ACTIONS.php")) )
- {
- return;
- }
+ return;
}
- /**
- * NOTE: static method with variable class name is supported since PHP 5.3
- * So now we utilize eval function.
- */
- eval("\$friendly_names = {$action_class}::getSkinTypeFriendlyNames();");
-
- $action_names = array();
- foreach ( $friendly_names as $action_name => $friendly_name )
+ if ( !file_exists($filename) )
{
- $action_names[] = $action_name;
+ return;
}
- $query = "SELECT stype FROM %s WHERE stype NOT IN ('%s');";
- $query = sprintf($query, sql_table('skin'), implode("','", $action_names));
- $res = sql_query($query);
+ include_once($filename);
+
+ return;
+ }
+
+ /**
+<<<<<<< HEAD
+ * Skin::getDefaultTypes()
+=======
+ * Skin::getNormalTypes()
+>>>>>>> skinnable-master
+ *
+ * @param string void
+ * @return array default skin types
+ */
+<<<<<<< HEAD
+ public function getDefaultTypes()
+ {
+ return call_user_func(array($this->action_class, 'getAvailableSkinTypes'));
+=======
+ public function getNormalTypes()
+ {
+ return call_user_func(array($this->action_class, 'getNormalSkinTypes'));
+>>>>>>> skinnable-master
+ }
+
+ /**
+ * Skin::getAvailableTypes()
+ *
+ * @param string void
+ * @return array registered skin types
+ */
+ public function getAvailableTypes()
+ {
+<<<<<<< HEAD
+ $default_skintypes = $this->getDefaultTypes();
+=======
+ $default_skintypes = $this->getNormalTypes();
+>>>>>>> skinnable-master
+ $query = "SELECT stype FROM %s WHERE sdesc=%d;";
+ $query = sprintf($query, sql_table('skin'), (integer) $this->id);
+
+ /* NOTE: force to put default types in the beginning */
+ $in_default = array();
+ $no_default = array();
- while ( $row = sql_fetch_array($res) )
+ $res = DB::getResult($query);
+ foreach ( $res as $row )
{
- $friendly_names[strtolower($row['stype'])] = $row['stype'];
+ if ( !array_key_exists($row['stype'], $default_skintypes) )
+ {
+ $no_default[$row['stype']] = FALSE;
+ }
+ else
+ {
+ $in_default[$row['stype']] = $default_skintypes[$row['stype']];
+ }
}
- return $friendly_names;
+
+ return array_merge($in_default, $no_default);
+ }
+
+ /**
+ * Skin::getAllowedActionsForType()
+ * Get the allowed actions for a skin type
+ * returns an array with the allowed actions
+<<<<<<< HEAD
+ *
+=======
+ * @return array allowed action types
+>>>>>>> skinnable-master
+ * @param string $skintype type of the skin
+ * @return array allowed action types
+ */
+ public function getAllowedActionsForType($skintype)
+ {
+ $handler = new $this->action_class($skintype);
+ return $handler->getAvailableActions();
}
+
}