aboutsummaryrefslogtreecommitdiff
path: root/h-source/admin/Library
diff options
context:
space:
mode:
Diffstat (limited to 'h-source/admin/Library')
-rw-r--r--h-source/admin/Library/Array/Validate/Base.php241
-rw-r--r--h-source/admin/Library/Array/Validate/Soft.php85
-rw-r--r--h-source/admin/Library/Array/Validate/Strong.php180
-rw-r--r--h-source/admin/Library/Array/Validate/index.html1
-rw-r--r--h-source/admin/Library/Array/index.html1
-rwxr-xr-xh-source/admin/Library/ArrayExt.php63
-rwxr-xr-xh-source/admin/Library/Bootstrap.php14
-rw-r--r--h-source/admin/Library/BoxParser.php69
-rwxr-xr-xh-source/admin/Library/Call.php321
-rwxr-xr-xh-source/admin/Library/Controller.php291
-rwxr-xr-xh-source/admin/Library/Db/Mysql.php394
-rw-r--r--h-source/admin/Library/Db/Mysqli.php400
-rw-r--r--h-source/admin/Library/Db/index.html1
-rw-r--r--h-source/admin/Library/Email.php229
-rw-r--r--h-source/admin/Library/ErrorReporting.php45
-rwxr-xr-xh-source/admin/Library/Factory/Db.php52
-rw-r--r--h-source/admin/Library/Factory/index.html1
-rw-r--r--h-source/admin/Library/Files/Log.php97
-rwxr-xr-xh-source/admin/Library/Files/Upload.php451
-rw-r--r--h-source/admin/Library/Files/index.html1
-rwxr-xr-xh-source/admin/Library/Form/Checkbox.php41
-rwxr-xr-xh-source/admin/Library/Form/Entry.php45
-rwxr-xr-xh-source/admin/Library/Form/Form.php116
-rwxr-xr-xh-source/admin/Library/Form/Hidden.php23
-rw-r--r--h-source/admin/Library/Form/Html.php23
-rwxr-xr-xh-source/admin/Library/Form/InputText.php30
-rw-r--r--h-source/admin/Library/Form/Password.php30
-rwxr-xr-xh-source/admin/Library/Form/Radio.php30
-rwxr-xr-xh-source/admin/Library/Form/Select.php30
-rwxr-xr-xh-source/admin/Library/Form/Textarea.php30
-rw-r--r--h-source/admin/Library/Form/index.html1
-rwxr-xr-xh-source/admin/Library/Functions.php279
-rw-r--r--h-source/admin/Library/HeaderObj.php28
-rwxr-xr-xh-source/admin/Library/Helper/Array.php11
-rwxr-xr-xh-source/admin/Library/Helper/Html.php14
-rwxr-xr-xh-source/admin/Library/Helper/List.php278
-rwxr-xr-xh-source/admin/Library/Helper/Menu.php75
-rwxr-xr-xh-source/admin/Library/Helper/Pages.php108
-rwxr-xr-xh-source/admin/Library/Helper/Popup.php87
-rw-r--r--h-source/admin/Library/Helper/index.html1
-rw-r--r--h-source/admin/Library/Hooks.php21
-rw-r--r--h-source/admin/Library/Html/Form.php168
-rw-r--r--h-source/admin/Library/Html/index.html1
-rw-r--r--h-source/admin/Library/Image/Gd/Captcha.php85
-rw-r--r--h-source/admin/Library/Image/Gd/Thumbnail.php151
-rw-r--r--h-source/admin/Library/Image/Gd/index.html1
-rw-r--r--h-source/admin/Library/Image/index.html1
-rw-r--r--h-source/admin/Library/Lang/Eng/DbCondStrings.php17
-rw-r--r--h-source/admin/Library/Lang/Eng/ModelStrings.php19
-rw-r--r--h-source/admin/Library/Lang/Eng/UploadStrings.php27
-rw-r--r--h-source/admin/Library/Lang/Eng/ValCondStrings.php76
-rw-r--r--h-source/admin/Library/Lang/Eng/index.html1
-rw-r--r--h-source/admin/Library/Lang/ResultStrings.php25
-rw-r--r--h-source/admin/Library/Lang/index.html1
-rw-r--r--h-source/admin/Library/ModAbstract.php25
-rwxr-xr-xh-source/admin/Library/Model/Base.php1140
-rwxr-xr-xh-source/admin/Library/Model/Map.php439
-rwxr-xr-xh-source/admin/Library/Model/Tree.php287
-rw-r--r--h-source/admin/Library/Model/index.html1
-rw-r--r--h-source/admin/Library/Params.php37
-rwxr-xr-xh-source/admin/Library/Popup.php15
-rw-r--r--h-source/admin/Library/Request.php39
-rwxr-xr-xh-source/admin/Library/Scaffold.php272
-rw-r--r--h-source/admin/Library/Strings/Functions.php30
-rwxr-xr-xh-source/admin/Library/Theme.php79
-rwxr-xr-xh-source/admin/Library/Url.php36
-rwxr-xr-xh-source/admin/Library/Users/CheckAdmin.php369
-rw-r--r--h-source/admin/Library/Users/index.html1
-rw-r--r--h-source/admin/Library/index.html1
69 files changed, 7582 insertions, 0 deletions
diff --git a/h-source/admin/Library/Array/Validate/Base.php b/h-source/admin/Library/Array/Validate/Base.php
new file mode 100644
index 0000000..3366097
--- /dev/null
+++ b/h-source/admin/Library/Array/Validate/Base.php
@@ -0,0 +1,241 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to validate associative arrays
+class Array_Validate_Base
+{
+
+ public $errorString = null; //string containing the list fields not found
+ public $errorsNumb = null; //numbers of errors
+
+ protected $_lang; //language of notices
+ protected $_resultString; //reference to the class arraycheckStrings containing all the result strings
+
+
+ public function __construct($lang = 'Eng')
+ {
+ $this->_lang = $lang;
+ $stringClass = 'Lang_'.$this->_lang.'_ValCondStrings';
+ if (!class_exists($stringClass))
+ {
+ $stringClass = 'Lang_Eng_ValCondStrings';
+ }
+ $this->_resultString = new $stringClass();
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are not '' and are equal (===) to each other
+ public function checkEqual($associativeArray,$keyString)
+ {
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+
+ //set the first value to null
+ $firstValue = null;
+
+ foreach ($keyArray as $key)
+ {
+ if (array_key_exists($key,$associativeArray))
+ {
+ $firstValue = $associativeArray[$key];
+ break;
+ }
+ }
+
+ if (isset($firstValue))
+ {
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ if (strcmp($associativeArray[$keyArray[$i]],$firstValue) !== 0)
+ {
+ $numb++;
+ $errorString = $this->_resultString->getNotEqualResultString($keyString);
+ }
+ }
+ }
+ }
+
+ $this->errorString = $errorString;
+ return $numb === 0 ? true : false;
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are alphabetic values
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ public function checkAlpha($associativeArray,$keyString,$strength = 'strong')
+ {
+ return $this->checkGeneric($associativeArray,$keyString,$strength,'ctype_alpha','getNotAlphabeticResultString');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are alphanumeric values
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ public function checkAlphaNum($associativeArray,$keyString,$strength = 'strong')
+ {
+ return $this->checkGeneric($associativeArray,$keyString,$strength,'ctype_alnum','getNotAlphanumericResultString');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are decimal digits
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ public function checkDigit($associativeArray,$keyString,$strength = 'strong')
+ {
+ return $this->checkGeneric($associativeArray,$keyString,$strength,'ctype_digit','getNotDecimalDigitResultString');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) have mail format
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ public function checkMail($associativeArray,$keyString,$strength = 'strong')
+ {
+ return $this->checkGeneric($associativeArray,$keyString,$strength,'checkMail','getNotMailFormatResultString');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) is a number (integer or number). It makes use of the is_numeric PHP built-in function
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ public function checkNumeric($associativeArray,$keyString,$strength = 'strong')
+ {
+ return $this->checkGeneric($associativeArray,$keyString,$strength,'is_numeric','getNotNumericResultString');
+ }
+
+
+ //apply a generic check function
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ //$func: the function to apply
+ //$strFunc: the method of the object $this->_resultString to apply
+ private function checkGeneric($associativeArray,$keyString,$strength,$func,$strFunc)
+ {
+
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ if (strcmp($associativeArray[$keyArray[$i]],'') !== 0 or $strength === 'strong')
+ {
+ if (!call_user_func($func,$associativeArray[$keyArray[$i]]))
+ {
+ $numb++;
+ $errorString .= call_user_func(array($this->_resultString,$strFunc),$keyArray[$i]);
+ }
+ }
+ }
+ }
+
+ $this->errorString = $errorString;
+ return $numb === 0 ? true : false;
+
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) have a number of chars smaller than $maxLenght
+ public function checkLength($associativeArray,$keyString,$maxLength = 10)
+ {
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ if (eg_strlen($associativeArray[$keyArray[$i]]) > $maxLength)
+ {
+ $numb++;
+ $errorString .= $this->_resultString->getLengthExceedsResultString($keyArray[$i],$maxLength);
+ }
+ }
+ }
+ $this->errorString = $errorString;
+ return $numb === 0 ? true : false;
+
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are different from the values indicated in the argument $strings (a comma-separated list of words)
+ public function checkIsNotStrings($associativeArray,$keyString,$strings = '')
+ {
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+ //get the array from the comma-separated list of strings
+ $stringsArray = explode(',',$strings);
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ foreach ($stringsArray as $string)
+ {
+ if (strcmp($associativeArray[$keyArray[$i]],$string) === 0)
+ {
+ $numb++;
+ $errorString .= $this->_resultString->getIsForbiddenStringResultString($keyArray[$i],$strings);
+ }
+ }
+ }
+ }
+ $this->errorString = $errorString;
+ return $numb === 0 ? true : false;
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are one of the values indicated in the argument $strings (a comma-separated list of words)
+ //$strength: hard or soft. If $strength is set equal to soft than non check is made upon array values equalt to '' or null
+ public function checkIsStrings($associativeArray,$keyString,$strings = '',$strength = 'strong')
+ {
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+ //get the array from the comma-separated list of strings
+ $stringsArray = explode(',',$strings);
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ if (strcmp($associativeArray[$keyArray[$i]],'') !== 0 or $strength === 'strong')
+ {
+ if (!in_array($associativeArray[$keyArray[$i]],$stringsArray))
+ {
+ $numb++;
+ $errorString .= $this->_resultString->getIsNotStringResultString($keyArray[$i],$strings);
+ }
+ }
+ }
+ }
+ $this->errorString = $errorString;
+ return $numb === 0 ? true : false;
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) match the regular expression $regExp
+ public function checkMatch($associativeArray,$keyString,$regExp = '/./',$strength = 'strong')
+ {
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ if (strcmp($associativeArray[$keyArray[$i]],'') !== 0 or $strength === 'strong')
+ {
+ if (!preg_match($regExp,$associativeArray[$keyArray[$i]]))
+ {
+ $numb++;
+ $errorString .= $this->_resultString->getDoesntMatchResultString($keyArray[$i],$regExp);
+ }
+ }
+ }
+ }
+ $this->errorString = $errorString;
+ return $numb === 0 ? true : false;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Array/Validate/Soft.php b/h-source/admin/Library/Array/Validate/Soft.php
new file mode 100644
index 0000000..95e208d
--- /dev/null
+++ b/h-source/admin/Library/Array/Validate/Soft.php
@@ -0,0 +1,85 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to validate associative arrays
+class Array_Validate_Soft extends Array_Validate_Base
+{
+
+ public function __construct($lang = 'Eng')
+ {
+ parent::__construct($lang);
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are not '' and are equal (===) to each other
+ public function checkEqual($associativeArray,$keyString)
+ {
+ return parent::checkEqual($associativeArray,$keyString);
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are alphabetic values
+ public function checkAlpha($associativeArray,$keyString)
+ {
+ return parent::checkAlpha($associativeArray,$keyString,'soft');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are alphanumeric values
+ public function checkAlphaNum($associativeArray,$keyString)
+ {
+ return parent::checkAlphaNum($associativeArray,$keyString,'soft');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are decimal digits
+ public function checkDigit($associativeArray,$keyString)
+ {
+ return parent::checkDigit($associativeArray,$keyString,'soft');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) have mail format
+ public function checkMail($associativeArray,$keyString)
+ {
+ return parent::checkMail($associativeArray,$keyString,'soft');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) is a number (integer or number). It makes use of the is_numeric PHP built-in function
+ public function checkNumeric($associativeArray,$keyString)
+ {
+ return parent::checkNumeric($associativeArray,$keyString,'soft');
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) have a number of chars smaller than $maxLenght
+ public function checkLength($associativeArray,$keyString,$maxLength = 10)
+ {
+ return parent::checkLength($associativeArray,$keyString,$maxLength);
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are different from the values indicated in the argument $strings (a comma-separated list of words)
+ public function checkIsNotStrings($associativeArray,$keyString,$strings = '')
+ {
+ return parent::checkIsNotStrings($associativeArray,$keyString,$strings);
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are one of the values indicated in the argument $strings (a comma-separated list of words)
+ public function checkIsStrings($associativeArray,$keyString,$strings = '')
+ {
+ return parent::checkIsStrings($associativeArray,$keyString,$strings,'soft');
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) match the regular expression $regExp
+ public function checkMatch($associativeArray,$keyString,$regExp = '/./')
+ {
+ return parent::checkMatch($associativeArray,$keyString,$regExp,'soft');
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Array/Validate/Strong.php b/h-source/admin/Library/Array/Validate/Strong.php
new file mode 100644
index 0000000..6494483
--- /dev/null
+++ b/h-source/admin/Library/Array/Validate/Strong.php
@@ -0,0 +1,180 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage arrays
+class Array_Validate_Strong extends Array_Validate_Base
+{
+
+ public function __construct($lang = 'Eng')
+ {
+ parent::__construct($lang);
+ }
+
+
+ public function checkNotEmpty($associativeArray,$keyString)
+ {
+ $errorString = null;
+ $keyArray = explode(',',$keyString);
+ $numb = 0;
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ if (array_key_exists($keyArray[$i],$associativeArray))
+ {
+ if (strcmp(trim($associativeArray[$keyArray[$i]]),'') === 0)
+ {
+ $errorString .= $this->_resultString->getNotDefinedResultString($keyArray[$i]);
+ $numb++;
+ }
+ }
+ else
+ {
+ $errorString .= $this->_resultString->getNotDefinedResultString($keyArray[$i]);
+ $numb++;
+ }
+ }
+ $this->errorString = $errorString;
+ $this->errorNumb = $numb;
+ return $numb === 0 ? true : false;
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are not '' and are equal (===) to each other
+ public function checkEqual($associativeArray,$keyString)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkEqual($associativeArray,$keyString);
+
+ } else {
+ return false;
+ }
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are alphabetic values
+ public function checkAlpha($associativeArray,$keyString)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkAlpha($associativeArray,$keyString,'strong');
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are alphanumeric values
+ public function checkAlphaNum($associativeArray,$keyString)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkAlphaNum($associativeArray,$keyString,'strong');
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are decimal digits
+ public function checkDigit($associativeArray,$keyString)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkDigit($associativeArray,$keyString,'strong');
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) have mail format
+ public function checkMail($associativeArray,$keyString)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkMail($associativeArray,$keyString,'strong');
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) is a number (integer or number). It makes use of the is_numeric PHP built-in function
+ public function checkNumeric($associativeArray,$keyString)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkNumeric($associativeArray,$keyString,'strong');
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) have a number of chars smaller than $maxLenght
+ public function checkLength($associativeArray,$keyString,$maxLength = 10)
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkLength($associativeArray,$keyString,$maxLength);
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are different from the values indicated in the argument $strings (a comma-separated list of words)
+ public function checkIsNotStrings($associativeArray,$keyString,$strings = '')
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkIsNotStrings($associativeArray,$keyString,$strings);
+
+ } else {
+ return false;
+ }
+ }
+
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) are one of the values indicated in the argument $strings (a comma-separated list of words)
+ public function checkIsStrings($associativeArray,$keyString,$strings = '')
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkIsStrings($associativeArray,$keyString,$strings,'strong');
+
+ } else {
+ return false;
+ }
+ }
+
+ //verify that the values of the associative array ($associativeArray) indicated by the key string ($keyString) match the regular expression $regExp
+ public function checkMatch($associativeArray,$keyString,$regExp = '/./')
+ {
+ if ($this->checkNotEmpty($associativeArray,$keyString))
+ {
+
+ return parent::checkMatch($associativeArray,$keyString,$regExp,'strong');
+
+ } else {
+ return false;
+ }
+ }
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Array/Validate/index.html b/h-source/admin/Library/Array/Validate/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Array/Validate/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Array/index.html b/h-source/admin/Library/Array/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Array/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/ArrayExt.php b/h-source/admin/Library/ArrayExt.php
new file mode 100755
index 0000000..93eca91
--- /dev/null
+++ b/h-source/admin/Library/ArrayExt.php
@@ -0,0 +1,63 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage arrays
+class ArrayExt {
+
+ public $errorString = null; //string containing the list fields not found
+ public $errorsNumb = null; //numbers of errors
+
+ //get the subset of the associative array $associativeArray defined by the keys in the string $keyString (keys separated by comma)
+ public function subset($associativeArray,$keyString,$func = 'none') {
+ if (!in_array($func,explode(',',Params::$allowedSanitizeFunc))) {
+ throw new Exception('"'.$func. '" argument not allowed in '.__METHOD__.' method');
+ }
+ $tempArray = array();
+ if (strcmp($keyString,'') !== 0) {
+ $keyArray=explode(',',$keyString);
+ for ($i = 0; $i < count($keyArray); $i++)
+ {
+ $temp = array();
+ //extract the function after the colon
+ if (strstr($keyArray[$i],':')) {
+ $temp = explode(':',$keyArray[$i]);
+ } else {
+ $temp[0] = $keyArray[$i];
+ $temp[1] = 'none';
+ }
+ //exception
+ if (!in_array($temp[1],explode(',',Params::$allowedSanitizeFunc))) {
+ throw new Exception('"'.$temp[1]. '" function not allowed');
+ }
+ if (array_key_exists($temp[0],$associativeArray)) {
+ $tempArray[$temp[0]] = call_user_func($temp[1],$associativeArray[$temp[0]]);
+ } else {
+ $tempArray[$temp[0]] = '';
+ }
+ }
+ }
+ return call_user_func($func.'Deep',$tempArray); //clean the array values
+ }
+
+ //exctract the complementary subset from an associative array ($associativeArray) of the subset identified by the keys $keyString
+ public function subsetComplementary($associativeArray,$keyString,$func = 'none') {
+ if (!in_array($func,explode(',',Params::$allowedSanitizeFunc))) {
+ throw new Exception('"'.$func. '" argument not allowed in '.__METHOD__.' method');
+ }
+ $keyArray=explode(',',$keyString);
+ $complementaryKeyArray = array();
+ $keys = array_keys($associativeArray);
+ foreach ($keys as $key) {
+ if (!in_array($key,$keyArray)) {
+ $complementaryKeyArray[] = $key;
+ }
+ }
+ $complementaryKeyString = implode(',',$complementaryKeyArray);
+ return $this->subset($associativeArray,$complementaryKeyString,$func);
+ }
+
+}
diff --git a/h-source/admin/Library/Bootstrap.php b/h-source/admin/Library/Bootstrap.php
new file mode 100755
index 0000000..796b22f
--- /dev/null
+++ b/h-source/admin/Library/Bootstrap.php
@@ -0,0 +1,14 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+require_once (ROOT . DS . 'Config' . DS . 'Reporting.php');
+require_once (ROOT . DS . 'Config' . DS . 'Restricted.php');
+require_once (ROOT . DS . 'Config' . DS . 'Autoload.php');
+require_once (ROOT . DS . 'Library' . DS . 'Functions.php');
+require_once (ROOT . DS . 'Library' . DS . 'Strings' . DS . 'Functions.php');
+require_once (ROOT . DS . 'Library' . DS . 'ErrorReporting.php');
+require_once (ROOT . DS . 'Library' . DS . 'Call.php');
diff --git a/h-source/admin/Library/BoxParser.php b/h-source/admin/Library/BoxParser.php
new file mode 100644
index 0000000..90d2426
--- /dev/null
+++ b/h-source/admin/Library/BoxParser.php
@@ -0,0 +1,69 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to parse an XML text in order to create the modules corresponding to the elements of the XML text.
+//the <type>module name</type> tag defines the name of the object that has to be instantiate and saved in the
+//$modules property (that is an array referencing different module objects) array(moduleObj1,moduleObj2, ...)
+//if the module class corresponding ot the <type>module name</type> tag does not exists, than no module is created and the next <type>module name</type> is checked
+class BoxParser {
+
+ public $modules = array(); //array referencing different module classes --> array(moduleObj1,moduleObj2, ...) See files inside the Application/Modules folder
+
+ //$simpleXMLText: it has to be an XML text
+ //$type; it can be string or file.
+ public function __construct($simpleXMLText, $type = 'string')
+ {
+ if ($type === 'string')
+ {
+ if (@simplexml_load_string($simpleXMLText))
+ {
+ $simpleXmlObj = simplexml_load_string($simpleXMLText);
+ $this->populate($simpleXmlObj);
+ }
+ }
+ else if ($type === 'file')
+ {
+ if (@simplexml_load_file($simpleXMLText))
+ {
+ $simpleXmlObj = simplexml_load_file($simpleXMLText);
+ $this->populate($simpleXmlObj);
+ }
+ }
+ }
+
+ //inistantiate the module objects and save them in the $this->modules property array
+ private function populate($simpleXmlObj)
+ {
+ foreach ($simpleXmlObj as $mod)
+ {
+ $className = 'Mod'.ucwords((string)$mod->type);
+ if (class_exists($className))
+ {
+ if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Modules' . DS . $className . '.php'))
+ {
+ $newModule = new $className($mod);
+ if ($newModule instanceof ModAbstract)
+ {
+ $this->modules[] = $newModule;
+ }
+ }
+ }
+ }
+ }
+
+ //create the HTML of the modules
+ public function render()
+ {
+ $HTML = null;
+ foreach ($this->modules as $module)
+ {
+ $HTML .= $module->render();
+ }
+ return $HTML;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Call.php b/h-source/admin/Library/Call.php
new file mode 100755
index 0000000..d80f1d4
--- /dev/null
+++ b/h-source/admin/Library/Call.php
@@ -0,0 +1,321 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+
+/* SANITIZE SUPERGLOBAL ARRAYS */
+function sanitizeSuperGlobal()
+{
+ $_GET = stripslashesDeep($_GET);
+
+ $_POST = stripslashesDeep($_POST);
+
+ $_COOKIE = stripslashesDeep($_COOKIE);
+
+ $_SERVER = stripslashesDeep($_SERVER);
+}
+
+
+
+function checkPostLength()
+{
+ if (MAX_POST_LENGTH !== 0)
+ {
+ foreach ($_POST as $key => $value)
+ {
+ if (strlen($value) > MAX_POST_LENGTH) die('the length of some of the $_POST values is too large');
+ }
+ }
+}
+
+function checkRequestUriLength()
+{
+ if (MAX_REQUEST_URI_LENGTH !== 0)
+ {
+ if (strlen($_SERVER['REQUEST_URI']) > MAX_REQUEST_URI_LENGTH) die('the length of the REQUEST_URI is too large');
+ }
+}
+
+function checkRegisterGlobals()
+{
+ if (ini_get('register_globals')) die('register globals is on: easyGiant works only with register globals off');
+}
+
+function callHook()
+{
+
+ if (MOD_REWRITE_MODULE === true)
+ {
+ $url = isset($_GET['url']) ? $_GET['url'] : DEFAULT_CONTROLLER . '/' . DEFAULT_ACTION;
+ }
+ else
+ {
+ $url = (strcmp(getQueryString(),"") !== 0) ? getQueryString() : DEFAULT_CONTROLLER . '/' . DEFAULT_ACTION;
+ }
+
+ //rewrite the URL
+// if (Route::$rewrite === 'yes')
+// {
+// $url = rewrite($url);
+// }
+
+// echo $url;
+
+ $urlArray = array();
+ $urlArray = explode("/",$url);
+
+ $controller = DEFAULT_CONTROLLER;
+ $action = DEFAULT_ACTION;
+
+ if (isset($urlArray[0]))
+ {
+ $controller = (strcmp($urlArray[0],'') !== 0) ? strtolower(trim($urlArray[0])) : DEFAULT_CONTROLLER;
+ }
+
+ array_shift($urlArray);
+
+ if (isset($urlArray[0]))
+ {
+ $action = (strcmp($urlArray[0],'') !== 0) ? strtolower(trim($urlArray[0])) : DEFAULT_ACTION;
+ }
+
+ //set ERROR_CONTROLLER and ERROR_ACTION
+ $errorController = ERROR_CONTROLLER !== false ? ERROR_CONTROLLER : DEFAULT_CONTROLLER;
+ $errorAction = ERROR_ACTION !== false ? ERROR_ACTION : DEFAULT_ACTION;
+
+ /*
+ VERIFY THE ACTION NAME
+ */
+ if (method_exists('Controller', $action) or !ctype_alnum($action) or (strcmp($action,'') === 0))
+ {
+ $controller = $errorController;
+ $action = $errorAction;
+ $urlArray = array();
+ }
+
+ /*
+ VERIFY THE CONTROLLER NAME
+ */
+ if (!ctype_alnum($controller) or (strcmp($controller,'') === 0))
+ {
+ $controller = $errorController;
+ $action = $errorAction;
+ $urlArray = array();
+ }
+
+ //check that the controller class belongs to the application/controllers folder
+ //otherwise set the controller to the default controller
+ if (!file_exists(ROOT.DS.APPLICATION_PATH.DS.'Controllers'.DS.ucwords($controller).'Controller.php'))
+ {
+ $controller = $errorController;
+ $action = $errorAction;
+ $urlArray = array();
+ }
+
+ //set the controller class to DEFAULT_CONTROLLER if it doesn't exists
+ if (!class_exists(ucwords($controller).'Controller'))
+ {
+ $controller = $errorController;
+ $action = $errorAction;
+ $urlArray = array();
+ }
+
+ //set the action to DEFAULT_ACTION if it doesn't exists
+ if (!method_exists(ucwords($controller).'Controller', $action))
+ {
+ $controller = $errorController;
+ $action = $errorAction;
+ $urlArray = array();
+ }
+
+ /*
+ CHECK COUPLES CONTROLLER,ACTION
+ */
+ if (!in_array('all',Route::$allowed))
+ {
+ $couple = "$controller,$action";
+ if (!in_array($couple,Route::$allowed))
+ {
+ $controller = $errorController;
+ $action = $errorAction;
+ $urlArray = array();
+ }
+ }
+
+ array_shift($urlArray);
+ $queryString = $urlArray;
+ //set the name of the application
+ $application = $controller;
+ $controller = ucwords($controller);
+ $model = $controller;
+ $controller .= 'Controller';
+ $model .= 'Model';
+
+ //include the file containing the set of actions to carry out before the initialization of the controller class
+ Hooks::load(ROOT . DS . APPLICATION_PATH . DS . 'Hooks' . DS . 'BeforeInitialization.php');
+
+ if (class_exists($controller))
+ {
+ $dispatch = new $controller($model,$application,$queryString);
+
+ //pass the action to the controller object
+ $dispatch->action = $action;
+ $dispatch->currPage = $dispatch->baseUrl.'/'.$dispatch->controller.'/'.$dispatch->action;
+
+ //require the file containing the set of actions to carry out after the initialization of the controller class
+ Hooks::load(ROOT . DS . APPLICATION_PATH . DS . 'Hooks' . DS . 'AfterInitialization.php');
+
+ $templateFlag= true;
+
+ if (method_exists($controller, $action))
+ {
+ //pass the action to the theme object
+ $dispatch->theme->action = $action;
+ $dispatch->theme->currPage = $dispatch->baseUrl.'/'.$dispatch->controller.'/'.$dispatch->action;
+
+ call_user_func_array(array($dispatch,$action),$queryString);
+ }
+ else
+ {
+ $templateFlag= false;
+ }
+
+ if ($templateFlag)
+ {
+ $dispatch->theme->render();
+ }
+
+ }
+ else
+ {
+ echo "<h2>the '$controller' controller is not present!</h2>";
+ }
+
+}
+
+
+// //rewrite the URL
+// function rewrite($url)
+// {
+// foreach (Route::$map as $key => $address)
+// {
+// if (preg_match('/^'.$key.'/',$url))
+// {
+// return preg_replace('/^'.$key.'/',$address,$url);
+// }
+// }
+// return ERROR_CONTROLLER.'/'.ERROR_ACTION;
+// }
+
+function getQueryString()
+{
+
+ if (strstr($_SERVER['REQUEST_URI'],'index.php/'))
+ {
+ return Params::$mbStringLoaded === true ? mb_substr(mb_strstr($_SERVER['REQUEST_URI'],'index.php/'),10) : substr(strstr($_SERVER['REQUEST_URI'],'index.php/'),10);
+ }
+
+ return '';
+}
+
+function __autoload($className)
+{
+
+ $backupName = $className;
+
+ if (strstr($className,'_'))
+ {
+ $parts = explode('_',$className);
+ $className = implode(DS,$parts);
+ }
+
+ if (file_exists(ROOT . DS . 'Library' . DS . $className . '.php'))
+ {
+ require_once(ROOT . DS . 'Library' . DS . $className . '.php');
+ }
+ else if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Controllers' . DS . $backupName . '.php'))
+ {
+ require_once(ROOT . DS . APPLICATION_PATH . DS . 'Controllers' . DS . $backupName . '.php');
+ }
+ else if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Models' . DS . $backupName . '.php'))
+ {
+ require_once(ROOT . DS . APPLICATION_PATH . DS . 'Models' . DS . $backupName . '.php');
+ }
+ else if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Modules' . DS . $backupName . '.php'))
+ {
+ require_once(ROOT . DS . APPLICATION_PATH . DS . 'Modules' . DS . $backupName . '.php');
+ }
+ else if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Strings' . DS . $className . '.php'))
+ {
+ require_once(ROOT . DS . APPLICATION_PATH . DS . 'Strings' . DS . $className . '.php');
+ }
+
+}
+
+try {
+
+ //check the length of the $_POST values
+ checkPostLength();
+
+ //check the length of the REQUEST_URI
+ checkRequestUriLength();
+
+ //connect to the database
+ Factory_Db::getInstance(DATABASE_TYPE,array(HOST,USER,PWD,DB));
+
+ //set htmlentities charset
+ switch (DEFAULT_CHARSET)
+ {
+ case 'SJIS':
+ Params::$htmlentititiesCharset = 'Shift_JIS';
+ break;
+ }
+
+ $allowedCharsets = array('UTF-8','ISO-8859-1','EUC-JP','SJIS');
+ if (!in_array(DEFAULT_CHARSET,$allowedCharsets)) die('charset not-allowed');
+
+ //check if the mbstring extension is loaded
+ if (extension_loaded('mbstring'))
+ {
+ //set the internal encoding
+ mb_internal_encoding(DEFAULT_CHARSET);
+ Params::$mbStringLoaded = true;
+ }
+
+ //load the files defined inside Config/Autoload.php
+ foreach (Autoload::$files as $file)
+ {
+ $ext = strtolower(end(explode('.', $file)));
+ $path = ROOT . DS . APPLICATION_PATH . DS . 'Include' . DS . $file;
+ if (file_exists($path) and $ext === 'php')
+ {
+ require_once($path);
+ }
+ }
+
+ //include the file containing the set of actions to carry out before the check of the super global array
+ Hooks::load(ROOT . DS . APPLICATION_PATH . DS . 'Hooks' . DS . 'BeforeChecks.php');
+
+ //sanitize super global arrays
+ sanitizeSuperGlobal();
+
+ //report errors
+ ErrorReporting();
+
+ //verify that register globals is not active
+ checkRegisterGlobals();
+
+ //call the main hook
+ callHook();
+
+ //disconnect to the database
+ Factory_Db::disconnect(DATABASE_TYPE);
+
+} catch (Exception $e) {
+
+ echo '<div class="alert">Message: '.$e->getMessage().'</div>';
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Controller.php b/h-source/admin/Library/Controller.php
new file mode 100755
index 0000000..9ceaa5f
--- /dev/null
+++ b/h-source/admin/Library/Controller.php
@@ -0,0 +1,291 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Controller {
+
+ protected $m = array(); //associative array referencing different models
+ protected $h = array(); //associative array referencing different helpers
+ protected $s = array(); //associative array referencing different sessions objects (users_checkAdmin objects: see library/users/checkAdmin.php)
+ protected $c = array(); //associative array referencing different controllers
+
+ protected $_queryString = array(); //the array of args coming from the url
+
+ public $controller;
+ public $action;
+ public $currPage; //the URL of the current page
+
+ public $request = null; //reference to a Request object
+
+ public $modelName;
+
+ public $argKeys = array(); //the array of keys representing the status args of the view action of the controller (validate function after colon)
+ public $argDefault = array(); //the array containing the default values of the $viewArgs array
+ public $viewArgs = array(); //the associative array representing the status args of the main action of the controller. It is the combination of $argKeys and $queryString
+ public $viewStatus = ''; //string containing the additional url string to get the status of the view action of the controller (derived from $this->viewArgs)
+
+ public $theme;
+ public $baseUrl = null; //the base url of the website: http://domainname
+ public $baseUrlSrc = null; //the base url of the website (http://domainname) if MOD_REWRITE_MODULE has been set to false
+
+ public $headerObj; //reference to headerObj class
+
+// protected $_users; //object to manage access
+
+ protected $scaffold = null; //the reference to the scaffold object
+
+ function __construct($model, $controller, $queryString = array()) {
+
+ $this->controller = $controller;
+ $this->modelName = $model;
+ $this->_queryString = $queryString;
+
+ $this->theme = new Theme($controller);
+ $this->baseUrl = $this->theme->baseUrl;
+ $this->baseUrlSrc = $this->theme->baseUrlSrc;
+
+ $this->headerObj = new HeaderObj(DOMAIN_NAME);
+ $this->request = new Request();
+ }
+
+ //redirect to $path after the time $time
+ final public function redirect($path,$time = 0,$string = null)
+ {
+ $this->headerObj->redirect($path,$time,$string);
+ }
+
+ //set the $_data structure of the theme
+ final public function set($value)
+ {
+ $this->theme->set($value);
+ }
+
+ //append values to the $_data structure of the theme
+ final public function append($value)
+ {
+ $this->theme->append($value);
+ }
+
+ //load a view file
+ final public function load($viewFile,$option = 'none') {
+ $this->theme->load($viewFile,$option);
+ }
+
+ //clean the array containing the view files to load
+ final public function clean() {
+ $this->theme->clean();
+ }
+
+ //load an helper class
+ final function helper($helperName) {
+ $args = func_get_args();
+ array_shift($args);
+ $name = 'Helper_'.$helperName;
+ if (class_exists($name))
+ {
+ $this->h[$helperName] = new $name();
+
+ if ($this->h[$helperName] instanceof Helper_Html) {
+ $this->h[$helperName]->viewArgs = $this->viewArgs;
+ $this->h[$helperName]->viewStatus = $this->viewStatus;
+ }
+
+ if (method_exists($this->h[$helperName], 'build')) {
+ call_user_func_array(array($this->h[$helperName],'build'),$args);
+ }
+ }
+
+ }
+
+ //load a model class
+ //$name: the name of the model class
+ final public function model($name = null) {
+ $modelName = isset($name) ? $name : $this->modelName;
+ if (class_exists($modelName)) {
+ $this->m[$modelName] = new $modelName();
+ } else {
+ throw new Exception('Error in '.__METHOD__.': class "'.$modelName.'" has not been defined');
+ }
+ }
+
+ //load a controller
+ //$controllerName: the name of the controller class to load
+ final public function controller($controller)
+ {
+ if (class_exists($controller)) {
+ $model = str_replace('Controller',null,$controller).'Model';
+ $application = strtolower(str_replace('Controller',null,$controller));
+ $this->c[$controller] = new $controller($model,$application,array());
+ $this->c[$controller]->theme = $this->theme;
+ }
+ }
+
+ //load a users_checkAdmin class
+ //$sessonType: the type of session. It can be 'admin' (in the case of the access of an admin user) or 'registered' (in the case of the access of a registerd user)
+ final public function session($sessionType = 'admin') {
+ $sessionTypeArray = array('admin','registered');
+ if (!in_array($sessionType,$sessionTypeArray)) {
+ throw new Exception('Error in '.__METHOD__.': the session type can be \'admin\' or \'registered\' only');
+ }
+ //admin session
+ if ($sessionType === 'admin') {
+ $params = array(
+ 'users_controller' => ADMIN_USERS_CONTROLLER,
+ 'users_login_action' => ADMIN_USERS_LOGIN_ACTION,
+ 'panel_controller' => ADMIN_PANEL_CONTROLLER,
+ 'panel_main_action' => ADMIN_PANEL_MAIN_ACTION,
+ 'cookie_name' => ADMIN_COOKIE_NAME,
+ 'sessionsTable' => ADMIN_SESSIONS_TABLE,
+ 'usersTable' => ADMIN_USERS_TABLE,
+ 'groupsTable' => ADMIN_GROUPS_TABLE,
+ 'manyToManyTable' => ADMIN_MANYTOMANY_TABLE,
+ 'accessesTable' => ADMIN_ACCESSES_TABLE,
+ 'session_expire' => ADMIN_SESSION_EXPIRE,
+ 'cookie_path' => ADMIN_COOKIE_PATH,
+ 'database_type' => DATABASE_TYPE,
+ 'hijacking_check' => ADMIN_HIJACKING_CHECK,
+ 'on_hijacking_event' => ADMIN_ON_HIJACKING_EVENT,
+ 'hijacking_action' => ADMIN_HIJACKING_ACTION,
+ 'time_after_failure' => ADMIN_TIME_AFTER_FAILURE,
+ 'password_hash' => PASSWORD_HASH,
+ 'cookie_domain' => ADMIN_COOKIE_DOMAIN,
+ 'cookie_secure' => ADMIN_COOKIE_SECURE
+ );
+ $this->s['admin'] = new Users_CheckAdmin($params);
+ }
+ //registered session
+ if ($sessionType === 'registered') {
+ $params = array(
+ 'users_controller' => REG_USERS_CONTROLLER,
+ 'users_login_action' => REG_USERS_LOGIN_ACTION,
+ 'panel_controller' => REG_PANEL_CONTROLLER,
+ 'panel_main_action' => REG_PANEL_MAIN_ACTION,
+ 'cookie_name' => REG_COOKIE_NAME,
+ 'sessionsTable' => REG_SESSIONS_TABLE,
+ 'usersTable' => REG_USERS_TABLE,
+ 'groupsTable' => REG_GROUPS_TABLE,
+ 'manyToManyTable' => REG_MANYTOMANY_TABLE,
+ 'accessesTable' => REG_ACCESSES_TABLE,
+ 'session_expire' => REG_SESSION_EXPIRE,
+ 'cookie_path' => REG_COOKIE_PATH,
+ 'database_type' => DATABASE_TYPE,
+ 'hijacking_check' => REG_HIJACKING_CHECK,
+ 'on_hijacking_event' => REG_ON_HIJACKING_EVENT,
+ 'hijacking_action' => REG_HIJACKING_ACTION,
+ 'time_after_failure' => REG_TIME_AFTER_FAILURE,
+ 'password_hash' => PASSWORD_HASH,
+ 'cookie_domain' => REG_COOKIE_DOMAIN,
+ 'cookie_secure' => REG_COOKIE_SECURE
+ );
+ $this->s['registered'] = new Users_CheckAdmin($params);
+ }
+ }
+
+ //method to set $this->argKeys. Chenge the string in the array!
+ final public function setArgKeys($argKeys) {
+// $this->argKeys = explode(',',$argKeys);
+ $this->argKeys = array_keys($argKeys);
+ $this->argDefault = array_values($argKeys);
+ }
+
+ //shift the $this->_queryString array a number of times equal to the number indicated by the $number variable and build the $this->viewArgs array and the $this->viewStatus string (additional url)
+ final public function shift($number = 0) {
+
+ //save the query string array
+ $oldQueryString = $this->_queryString;
+
+ for ($i = 0; $i < $number; $i++)
+ {
+ array_shift($this->_queryString);
+ }
+ $this->callInArgKeysFunc();
+ for ($i = 0; $i < count($this->argKeys); $i++)
+ {
+ if (!isset($this->_queryString[$i])) {
+ $this->viewArgs[$this->argKeys[$i]] = isset($this->argDefault[$i]) ? $this->argDefault[$i] : null;
+ continue;
+ }
+ $this->viewArgs[$this->argKeys[$i]] = $this->_queryString[$i];
+ }
+ $this->viewStatus = Url::createUrl(array_values($this->viewArgs));
+ $this->updateHelpers();
+
+ //update the theme
+ $this->theme->viewStatus = $this->viewStatus;
+ $this->theme->viewArgs = $this->viewArgs;
+
+ //restore the query string array
+ $this->_queryString = $oldQueryString;
+ }
+
+ //call the functions defined in $this->argKeys after the colon (ex- 'page:forceInt' => apply the forceInt() function upon the $page arg)
+ final public function callInArgKeysFunc() {
+ for ($i = 0; $i < count($this->argKeys); $i++) {
+ if (strstr($this->argKeys[$i],':')) {
+ $temp = explode(':',$this->argKeys[$i]);
+ //exception
+ if (!in_array($temp[1],explode(',',params::$allowedSanitizeFunc))) {
+ throw new Exception('"'.$temp[1]. '" function not allowed in $this->argKeys');
+ }
+ $this->argKeys[$i] = $temp[0];
+ if (!isset($this->_queryString[$i])) {
+ continue;
+ }
+ $this->_queryString[$i] = call_user_func($temp[1],$this->_queryString[$i]);
+ }
+ }
+ }
+
+ //function to update all the Helper that are instance of the HtmlHelper class. This function update the $viesArgs and $viewStatus properties. This function is called by the shift method.
+ final public function updateHelpers() {
+ foreach ($this->h as $Helper) {
+ if ($Helper instanceof Helper_Html) {
+ $Helper->viewArgs = $this->viewArgs;
+ $Helper->viewStatus = $this->viewStatus;
+ }
+ }
+ }
+
+ //create the viewStatus property
+ final public function buildStatus()
+ {
+ $this->viewStatus = Url::createUrl(array_values($this->viewArgs));
+ //update the theme
+ $this->theme->viewStatus = $this->viewStatus;
+ $this->theme->viewArgs = $this->viewArgs;
+ }
+
+ //method to instanciate the scaffold
+ final public function loadScaffold($type,$params = null) {
+
+ $typeArray = array('main','form');
+ if (!in_array($type,$typeArray)) {
+ throw new Exception("the type '$type' is not allowed in ".__METHOD__);
+ }
+ $this->scaffold = new Scaffold($type,$this->controller,$this->m[$this->modelName],$this->viewArgs,$params);
+
+ $this->helper('Menu',$this->controller,$this->scaffold->params['panelController']);
+ $this->scaffold->mainMenu = $this->h['Menu'];
+
+ $this->m[$this->modelName]->popupBuild();
+ $popupArray = $this->m[$this->modelName]->popupArray;
+
+ if ($type === 'main') {
+
+ $here = $this->controller.'/'.$this->scaffold->params['mainAction'];
+ $this->helper('Pages',$here,$this->scaffold->params['pageVariable']);
+ $this->helper('List',$this->m[$this->modelName]->identifierName);
+
+
+ $this->helper('Popup',$here,$popupArray,$this->scaffold->params['popupType'],$this->scaffold->params['pageVariable']);
+
+ $this->scaffold->pageList = $this->h['Pages'];
+ $this->scaffold->itemList = $this->h['List'];
+ $this->scaffold->popupMenu = $this->h['Popup'];
+ }
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Db/Mysql.php b/h-source/admin/Library/Db/Mysql.php
new file mode 100755
index 0000000..8b96f44
--- /dev/null
+++ b/h-source/admin/Library/Db/Mysql.php
@@ -0,0 +1,394 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage the database
+//singleton!
+class Db_Mysql {
+
+ public $query = null; //the last query executed
+ public $charsetError = true; //true: non eccor occurred during the modification of the connection charset, false: one error occurred
+ public $charset = null; //the charset of the client connection
+
+ private static $instance = null; //instance of this class
+
+ private $dblink;
+ private $fieldsType = array('tinyint','smallint','int','mediumint','bigint','float','double');
+ /**
+
+ *connect to the database
+ *'host','user','password','db_name'
+
+ */
+
+ //PHP-Mysql charset translation table
+ private $charsetTranslationTable = array(
+ 'UTF-8' => 'utf8',
+ 'ISO-8859-1' => 'latin1',
+ 'EUC-JP' => 'ujis',
+ 'SJIS' => 'sjis'
+ );
+
+ private function __construct($host,$user,$pwd,$db_name)
+ {
+
+ $this->dblink = mysql_connect($host,$user,$pwd);
+
+ if ($this->dblink === FALSE) {
+ die ("Connection error. Verify parameters in config.php");
+ }
+
+ $db2 = mysql_select_db($db_name, $this->dblink)
+ or die ("Database selection error. Verify parameters in config.php");
+
+ $charset = array_key_exists(DEFAULT_CHARSET,$this->charsetTranslationTable) ? $this->charsetTranslationTable[DEFAULT_CHARSET] : 'utf8';
+
+ if (!@mysql_set_charset($charset,$this->dblink)) $this->charsetError = false;
+
+ $this->charset = mysql_client_encoding();
+ }
+
+ public static function getInstance($host = null, $user = null, $pwd = null, $db_name = null)
+ {
+ if (!isset(self::$instance)) {
+ $className = __CLASS__;
+ self::$instance = new $className($host,$user,$pwd,$db_name);
+ }
+
+ return self::$instance;
+ }
+
+
+ //close the connection
+ public function disconnect()
+ {
+ mysql_close($this->dblink);
+ }
+
+ //the text of the error message from previous MySQL operation
+ public function getError()
+ {
+ return mysql_error($this->dblink);
+ }
+
+ //the numerical value of the error message from previous MySQL operation
+ public function getErrno()
+ {
+ return mysql_errno($this->dblink);
+ }
+
+ public function createSelectQuery($table,$fields='*',$where=null,$group_by=null,$order_by=null,$limit=null,$on=null,$using=null)
+ {
+ if (isset($where))
+ {
+ $where='WHERE '.$where;
+ }
+ if (isset($using))
+ {
+ $using ='USING ('.$using.')';
+ $on = null;
+ }
+ if (isset($on) and !isset($using))
+ {
+ $on='ON '.$on;
+ }
+ if (isset($order_by)) {
+ $order_by='ORDER BY '.$order_by;
+ }
+ if (isset($group_by)) {
+ $group_by='GROUP BY '.$group_by;
+ }
+ if (isset($limit)) {
+ $limit='LIMIT '.$limit;
+ }
+
+ $query="SELECT $fields FROM $table $on $using $where $group_by $order_by $limit;";
+ return $query;
+ }
+
+ public function get_num_rows($table,$where=null,$group_by=null,$on=null,$using=null) {
+
+ $query = $this->createSelectQuery($table,'*',$where,$group_by,null,null,$on,$using);
+
+ $this->query=$query;
+
+ $ris = mysql_query($query);
+ if ($ris) {
+ $num_rows = mysql_num_rows($ris);
+ return $num_rows;
+ } else {
+ return false;
+ }
+ }
+
+ //get the maximum value of the field $field of the table $table having the $where conditions
+ public function getMath($func,$table,$field,$where=null,$group_by = null, $on=null,$using=null)
+ {
+ $query = $this->createSelectQuery($table,"$func($field) AS m",$where,$group_by,null,null,$on,$using);
+
+ $this->query = $query;
+ $result = mysql_query($query);
+ if ($result)
+ {
+ $row = mysql_fetch_array($result);
+ return $row['m'];
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ //get the maximum value of the field $field of the table $table having the $where conditions
+ public function getMax($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('MAX',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ //get the minimum value of the field $field of the table $table having the $where conditions
+ public function getMin($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('MIN',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ //get the sum of the fields
+ public function getSum($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('SUM',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ //get the average of the fields
+ public function getAvg($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('AVG',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ public function select($table,$fields='*',$where=null,$group_by=null,$order_by=null,$limit=null,$on=null,$using=null)
+ {
+ $query = $this->createSelectQuery($table,$fields,$where,$group_by,$order_by,$limit,$on,$using);
+
+ $this->query = $query;
+ $result = mysql_query($query);
+ return $this->getData($result);
+ }
+
+
+// public function select($table,$fields='*',$where=null,$group_by=null,$order_by=null,$limit=null) {
+// $query = $this->selectQuery($table,$fields,$where,$group_by,$order_by,$limit);
+// return $this->getData($query);
+// }
+
+
+ //obtain an associative array containing the result values (keys:tableName_fieldsName)
+ //$par = 'single/multi' single table,multi table
+ public function getData($result)
+ {
+ $data = array(); //data from the query
+ $temp = array(); //temporary array (values of a single record)
+// $result = mysql_query($query);
+ if ($result)
+ {
+ $fieldsNumber = mysql_num_fields($result);
+ while ($row = mysql_fetch_array($result))
+ {
+ for ($i = 0;$i < $fieldsNumber;$i++)
+ {
+ $tableName = mysql_field_table($result, $i);
+ if (strcmp($tableName,'') === 0) $tableName = Params::$aggregateKey;
+ $fieldName = mysql_field_name($result, $i);
+ $temp[$tableName][$fieldName] = $row[$i];
+ }
+ array_push($data,$temp);
+ }
+ return $data;
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ //return an array containing all the types of the fields (indicated in $fields) of a table (indicated in $table)
+ public function getTypes($table, $fields)
+ {
+ $query = "DESCRIBE $table;";
+ $result = mysql_query($query);
+ $temp = array();
+ while ($row = mysql_fetch_assoc($result)) {
+ $temp[$row['Field']] = reset(explode('(',$row['Type']));
+ }
+
+ $types = array();
+ $fields = explode(',',$fields);
+ for ($i = 0; $i < count($fields); $i++)
+ {
+ if (!array_key_exists($fields[$i],$temp)) return false;
+ $types[] = $temp[$fields[$i]];
+ }
+
+ return $types;
+ }
+
+ public function insert($table,$fields,$values) {
+
+ #$table is a string
+ #$fields has to be a string with comma as separator: name1,name2,...
+ #$values has to be an array
+ $values = array_values($values);
+ if (strcmp($fields,'') !== 0)
+ {
+ //get the type of the fields
+ $types = $this->getTypes($table,$fields);
+ if (!$types) return false;
+
+ for($i = 0; $i < count($values); $i++)
+ {
+ if (!in_array($types[$i],$this->fieldsType))
+ {
+ $values[$i] = '"'.$values[$i].'"';
+ }
+ else
+ {
+ if (strcmp($values[$i],'') === 0) $values[$i] = '"'.$values[$i].'"';
+ }
+ }
+
+ $values = implode(',',$values);
+ $query="INSERT INTO $table ($fields) VALUES ($values);";
+ $this->query = $query;
+ $ris = mysql_query($query);
+
+ #check the result
+ if ($ris) {
+ return true;
+ } else {
+ return false;
+ }
+
+ } else {
+ return false;
+ }
+ }
+
+ // Retrieves the ID generated for an AUTO_INCREMENT column by the previous query (usually INSERT).
+ public function lastId()
+ {
+ return mysql_insert_id();
+ }
+
+ public function update($table,$fields,$values,$where) {
+
+ #$table and $where are two strings
+ #$fields has to be a string with comma as separator: name1,name2,...
+ #$values has to be an array
+ $values = array_values($values);
+// if (isset($where)) {
+ $where='WHERE '.$where;
+// }
+ #get the array from the $fields string
+ if (strcmp($fields,'') !== 0)
+ {
+ //get the type of the fields
+ $types = $this->getTypes($table,$fields);
+ if (!$types) return false;
+
+ $fields=explode(',',$fields);
+ $str=array();
+
+ for ($i=0;$i<count($fields);$i++) {
+ if (!in_array($types[$i],$this->fieldsType))
+ {
+ $values[$i] = '"'.$values[$i].'"';
+ }
+ else
+ {
+ if (strcmp($values[$i],'') === 0) $values[$i] = '"'.$values[$i].'"';
+ }
+ $str[$i]= $fields[$i].'='.$values[$i];
+ }
+
+ #set the string name1=value1,name2=...
+ $str=implode(',',$str);
+ $query="UPDATE $table SET $str $where;";
+ $this->query=$query;
+ $ris = mysql_query($query);
+
+ #check the result
+ if ($ris) {
+ return true;
+ } else {
+ return false;
+ }
+ } else {
+ return false;
+ }
+
+ }
+
+
+ public function del($table,$where) {
+
+ #$table and $where are two strings
+// if (isset($where)) {
+ $where='WHERE '.$where;
+// }
+ $query="DELETE FROM $table $where;";
+ $this->query=$query;
+ $ris = mysql_query($query);
+ #check the result
+
+ if ($ris) {
+ return true;
+ } else {
+ return false;
+ }
+
+ }
+
+ // function to check if exist the record having the field $id_name=$id_value
+ public function recordExists($table,$fieldName,$fieldValue,$where = null,$groupBy=null,$on=null,$using=null)
+ {
+ if (isset($where))
+ {
+ $where=' AND '.$where;
+ }
+
+ $fieldValue = '"'.$fieldValue.'"';
+
+ $num=$this->get_num_rows($table,$fieldName.'='.$fieldValue.$where,$groupBy,$on,$using);
+ $res=($num>0) ? true : false;
+ return $res;
+
+ }
+
+
+ //send a generic query to the database
+ //$query: the query to be sent
+ public function query($query)
+ {
+ $this->query = $query;
+ $result = mysql_query($query);
+ if ($result === false)
+ {
+ return false;
+ }
+ else if ($result === true)
+ {
+ return true;
+ }
+ else if (@get_resource_type($result))
+ {
+ return $this->getData($result);
+ }
+ }
+
+ // Prevent users to clone the instance
+ public function __clone()
+ {
+ throw new Exception('error in '. __METHOD__.': clone is not allowed');
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Db/Mysqli.php b/h-source/admin/Library/Db/Mysqli.php
new file mode 100644
index 0000000..4e4c528
--- /dev/null
+++ b/h-source/admin/Library/Db/Mysqli.php
@@ -0,0 +1,400 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage the database
+//singleton!
+class Db_Mysqli
+{
+
+ public $query = null; //the last query executed
+ public $charsetError = true; //true: non eccor occurred during the modification of the connection charset, false: one error occurred
+ public $charset = null; //the charset of the client connection
+
+ private static $instance = null; //instance of this class
+
+ private $db;
+ private $fieldsType = array('tinyint','smallint','int','mediumint','bigint','float','double');
+
+ //PHP-Mysql charset translation table
+ private $charsetTranslationTable = array(
+ 'UTF-8' => 'utf8',
+ 'ISO-8859-1' => 'latin1',
+ 'EUC-JP' => 'ujis',
+ 'SJIS' => 'sjis'
+ );
+
+ /**
+
+ *connect to the database
+ *'host','user','password','db_name'
+
+ */
+
+ private function __construct($host,$user,$pwd,$db_name)
+ {
+
+ $this->db = new mysqli($host,$user,$pwd,$db_name);
+
+ if (mysqli_connect_error())
+ {
+ die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error());
+ }
+
+ $charset = array_key_exists(DEFAULT_CHARSET,$this->charsetTranslationTable) ? $this->charsetTranslationTable[DEFAULT_CHARSET] : 'utf8';
+
+ if (!@$this->db->set_charset($charset)) $this->charsetError = false;
+
+ $this->charset = $this->db->character_set_name();
+
+ }
+
+ //return the $this->db property
+ public function getDb()
+ {
+ return $this->db;
+ }
+
+ public static function getInstance($host = null, $user = null, $pwd = null, $db_name = null)
+ {
+ if (!isset(self::$instance)) {
+ $className = __CLASS__;
+ self::$instance = new $className($host,$user,$pwd,$db_name);
+ }
+
+ return self::$instance;
+ }
+
+
+ //close the connection
+ public function disconnect()
+ {
+ $this->db->close();
+ }
+
+ //the text of the error message from previous MySQL operation
+ public function getError()
+ {
+ return $this->db->error;
+ }
+
+ //the numerical value of the error message from previous MySQL operation
+ public function getErrno()
+ {
+ return $this->db->errno;
+ }
+
+ public function createSelectQuery($table,$fields='*',$where=null,$group_by=null,$order_by=null,$limit=null,$on=null,$using=null)
+ {
+ if (isset($where))
+ {
+ $where='WHERE '.$where;
+ }
+ if (isset($using))
+ {
+ $using ='USING ('.$using.')';
+ $on = null;
+ }
+ if (isset($on) and !isset($using))
+ {
+ $on='ON '.$on;
+ }
+ if (isset($order_by)) {
+ $order_by='ORDER BY '.$order_by;
+ }
+ if (isset($group_by)) {
+ $group_by='GROUP BY '.$group_by;
+ }
+ if (isset($limit)) {
+ $limit='LIMIT '.$limit;
+ }
+
+ $query="SELECT $fields FROM $table $on $using $where $group_by $order_by $limit;";
+ return $query;
+ }
+
+ public function get_num_rows($table,$where=null,$group_by=null,$on=null,$using=null) {
+
+ $query = $this->createSelectQuery($table,'*',$where,$group_by,null,null,$on,$using);
+
+ $this->query = $query;
+ $ris = $this->db->query($query);
+ if ($ris) {
+ $num_rows = $ris->num_rows;
+ $ris->close();
+ return $num_rows;
+ } else {
+ return false;
+ }
+ }
+
+ public function getMath($func,$table,$field,$where=null,$group_by = null, $on=null,$using=null)
+ {
+ $query = $this->createSelectQuery($table,"$func($field) AS m",$where,$group_by,null,null,$on,$using);
+
+ $this->query = $query;
+ $result = $this->db->query($query);
+ if ($result)
+ {
+ $row = $result->fetch_array();
+ $result->close();
+ return $row['m'];
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ //get the maximum value of the field $field of the table $table having the $where conditions
+ public function getMax($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('MAX',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ //get the minimum value of the field $field of the table $table having the $where conditions
+ public function getMin($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('MIN',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ //get the sum of the fields
+ public function getSum($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('SUM',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ //get the average of the fields
+ public function getAvg($table,$field,$where=null,$group_by = null,$on=null,$using=null)
+ {
+ return $this->getMath('AVG',$table,$field,$where,$group_by,$on,$using);
+ }
+
+ public function select($table,$fields='*',$where=null,$group_by=null,$order_by=null,$limit=null,$on=null,$using=null)
+ {
+ $query = $this->createSelectQuery($table,$fields,$where,$group_by,$order_by,$limit,$on,$using);
+
+ $this->query = $query;
+ $result = $this->db->query($query);
+ return $this->getData($result);
+ }
+
+
+// public function select($table,$fields='*',$where=null,$group_by=null,$order_by=null,$limit=null) {
+// $query = $this->selectQuery($table,$fields,$where,$group_by,$order_by,$limit);
+// return $this->getData($query);
+// }
+
+
+ //obtain an associative array containing the result values (keys:tableName_fieldsName)
+ //$par = 'single/multi' single table,multi table
+ public function getData($result) {
+ $data = array(); //data from the query
+ $temp = array(); //temporary array (values of a single record)
+// $result = $this->db->query($query);
+ if ($result) {
+ $fieldsNumber = $result->field_count;
+ while ($row = $result->fetch_array()) {
+ for ($i = 0;$i < $fieldsNumber;$i++) {
+ $finfo = $result->fetch_field_direct($i);
+ $tableName = $finfo->table;
+ if (strcmp($tableName,'') === 0) $tableName = Params::$aggregateKey;
+ $fieldName = $finfo->name;
+ $temp[$tableName][$fieldName] = $row[$i];
+ }
+ array_push($data,$temp);
+ }
+ $result->close();
+ return $data;
+ } else {
+ return false;
+ }
+ }
+
+ //return an array containing all the types of the fields (indicated in $fields) of a table (indicated in $table)
+ public function getTypes($table, $fields)
+ {
+ $query = "DESCRIBE $table;";
+ $result = $this->db->query($query);
+ $temp = array();
+ while ($row = $result->fetch_assoc()) {
+ $temp[$row['Field']] = reset(explode('(',$row['Type']));
+ }
+ $result->close();
+
+ $types = array();
+ $fields = explode(',',$fields);
+ for ($i = 0; $i < count($fields); $i++)
+ {
+ if (!array_key_exists($fields[$i],$temp)) return false;
+ $types[] = $temp[$fields[$i]];
+ }
+
+ return $types;
+ }
+
+ public function insert($table,$fields,$values) {
+
+ #$table is a string
+ #$fields has to be a string with comma as separator: name1,name2,...
+ #$values has to be an array
+ $values = array_values($values);
+ if (strcmp($fields,'') !== 0)
+ {
+ //get the type of the fields
+ $types = $this->getTypes($table,$fields);
+ if (!$types) return false;
+
+ for($i = 0; $i < count($values); $i++)
+ {
+ if (!in_array($types[$i],$this->fieldsType))
+ {
+ $values[$i] = '"'.$values[$i].'"';
+ }
+ else
+ {
+ if (strcmp($values[$i],'') === 0) $values[$i] = '"'.$values[$i].'"';
+ }
+ }
+
+ $values = implode(',',$values);
+ $query="INSERT INTO $table ($fields) VALUES ($values);";
+ $this->query=$query;
+
+ $ris = $this->db->query($query);
+
+ #check the result
+ if ($ris) {
+ return true;
+ } else {
+ return false;
+ }
+
+ } else {
+ return false;
+ }
+ }
+
+ // Retrieves the ID generated for an AUTO_INCREMENT column by the previous query (usually INSERT).
+ public function lastId()
+ {
+ return $this->db->insert_id;
+ }
+
+ public function update($table,$fields,$values,$where) {
+
+ #$table and $where are two strings
+ #$fields has to be a string with comma as separator: name1,name2,...
+ #$values has to be an array
+ $values = array_values($values);
+// if (isset($where)) {
+ $where='WHERE '.$where;
+// }
+ #get the array from the $fields string
+ if (strcmp($fields,'') !== 0)
+ {
+ //get the type of the fields
+ $types = $this->getTypes($table,$fields);
+ if (!$types) return false;
+
+ $fields = explode(',',$fields);
+ $str = array();
+
+ for ($i=0;$i<count($fields);$i++) {
+ if (!in_array($types[$i],$this->fieldsType))
+ {
+ $values[$i] = '"'.$values[$i].'"';
+ }
+ else
+ {
+ if (strcmp($values[$i],'') === 0) $values[$i] = '"'.$values[$i].'"';
+ }
+ $str[$i]= $fields[$i].'='.$values[$i];
+ }
+
+ #set the string name1=value1,name2=...
+ $str=implode(',',$str);
+ $query="UPDATE $table SET $str $where;";
+ $this->query=$query;
+ $ris = $this->db->query($query);
+
+ #check the result
+ if ($ris) {
+ return true;
+ } else {
+ return false;
+ }
+ } else {
+ return false;
+ }
+
+ }
+
+
+ public function del($table,$where) {
+
+ #$table and $where are two strings
+// if (isset($where)) {
+ $where='WHERE '.$where;
+// }
+ $query="DELETE FROM $table $where;";
+ $this->query=$query;
+ $ris = $this->db->query($query);
+ #check the result
+
+ if ($ris) {
+ return true;
+ } else {
+ return false;
+ }
+
+ }
+
+
+ //function to check if exist the record having the field $id_name=$id_value
+ public function recordExists($table,$fieldName,$fieldValue,$where = null,$groupBy=null,$on=null,$using=null)
+ {
+ if (isset($where))
+ {
+ $where=' AND '.$where;
+ }
+
+ $fieldValue = '"'.$fieldValue.'"';
+
+ $num = $this->get_num_rows($table,$fieldName.'='.$fieldValue.$where,$groupBy,$on,$using);
+ $res=($num>0) ? true : false;
+ return $res;
+
+ }
+
+
+ //send a generic query to the database
+ //$query: the query to be sent
+ public function query($query)
+ {
+ $this->query = $query;
+ $result = $this->db->query($query);
+ if ($result === true)
+ {
+ return true;
+ }
+ else if ($result === false)
+ {
+ return false;
+ }
+ else if ($result instanceof MySQLi_Result)
+ {
+ return $this->getData($result);
+ }
+ }
+
+ // Prevent users to clone the instance
+ public function __clone()
+ {
+ throw new Exception('error in '. __METHOD__.': clone is not allowed');
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Db/index.html b/h-source/admin/Library/Db/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Db/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Email.php b/h-source/admin/Library/Email.php
new file mode 100644
index 0000000..c948098
--- /dev/null
+++ b/h-source/admin/Library/Email.php
@@ -0,0 +1,229 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to send an e-mail
+class Email {
+
+ //sent to parameters (array)
+ private $_sendTo = array();
+
+ //cc parameters (array)
+ private $_cc = array();
+
+ //bcc parameters (array)
+ private $_bcc = array();
+
+ //the address of the sender
+ private $_from = null;
+
+ //subject (string)
+ private $_subject = null;
+
+ //charset
+ private $_charset = "iso-8859-1";
+
+ //Content-Transfer-Encoding
+ private $_ctencoding = "7bit";
+
+ //body
+ private $_body = '';
+
+ //headers
+ private $_headers = null;
+
+ //check flag. If _check = true than check the mail addresses
+ private $_check = null;
+
+ //regular expression to check each e-mail address
+ private $_addressRegExp = null;
+
+ //array containing all the errors encountered during the execution
+ public $errorsArray = array();
+
+ public function __construct($bool = true)
+ {
+ $this->_check = $bool;
+ }
+
+ //set the sentTo addresses array
+ //$addresses: array of e-mail addresses or a string
+ public function sendTo($addresses)
+ {
+ $this->_sendTo = explode(',',$addresses);
+ }
+
+ //set the subject
+ public function subject($subject)
+ {
+ $this->_subject = $subject;
+ }
+
+ //set the cc addresses array
+ //$addresses: array of e-mail addresses or a string
+ public function cc($addresses)
+ {
+ $this->_cc = explode(',',$addresses);
+ }
+
+ //set the bcc addresses array
+ //$addresses: array of e-mail addresses or a string
+ public function bcc($addresses)
+ {
+ $this->_bcc = explode(',',$addresses);
+ }
+
+ //set the address of the sender
+ public function from($address)
+ {
+ $this->_from = $address;
+ }
+
+ //set the charset
+ public function charset($charset)
+ {
+ $this->_charset = $charset;
+ }
+
+ //set the Content-Transfer-Encoding
+ public function ctencoding($ctencoding)
+ {
+ $this->_ctencoding = $ctencoding;
+ }
+
+ //set the text body
+ public function body($body)
+ {
+ $this->_body = $body;
+ }
+
+ //set the address regular expression
+ public function addressRegExp($regExp)
+ {
+ $this->_addressRegExp = $regExp;
+ }
+
+ //check if the mail address is valid
+ public function isValidAddress($address)
+ {
+
+ if( preg_match( '/^[^<>]*<(.+)>$/', $address, $matches ) )
+ {
+ $address = $matches[1];
+ }
+
+ if (isset($this->_addressRegExp))
+ {
+ if (preg_match($this->_addressRegExp,$address))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+ else
+ {
+ if (checkMail($address)) return true;
+ }
+
+ return false;
+
+ }
+
+ //check the addresses inside the $addresses array
+ public function checkAddresses($addresses)
+ {
+ foreach ($addresses as $address)
+ {
+ if(!$this->isValidAddress($address)) return false;
+ }
+ return true;
+ }
+
+ //build the mail
+ public function buildMail()
+ {
+
+ if (empty($this->_sendTo))
+ {
+ $this->errorsArray[] = 'no address specified';
+ return false;
+ }
+
+ if ($this->_check)
+ {
+ if (!$this->checkAddresses($this->_sendTo))
+ {
+ $this->errorsArray[] = 'errors in the sendTo address validation';
+ return false;
+ }
+
+ if (!empty($this->_cc))
+ {
+ if (!$this->checkAddresses($this->_cc))
+ {
+ $this->errorsArray[] = 'errors in the cc address validation';
+ return false;
+ }
+ }
+
+ if (!empty($this->_bcc))
+ {
+ if (!$this->checkAddresses($this->_bcc))
+ {
+ $this->errorsArray[] = 'errors in the bcc address validation';
+ return false;
+ }
+ }
+
+ if (isset($this->_from))
+ {
+ if (!$this->checkAddresses(array($this->_from)))
+ {
+ $this->errorsArray[] = 'errors in the from address validation';
+ return false;
+ }
+ }
+ }
+
+ if (strcmp($this->_subject,'') === 0)
+ {
+ $this->errorsArray[] = 'no subject specified';
+ return false;
+ }
+
+ $headers = null;
+ if (isset($this->_from)) $headers .= "From: ".$this->_from."\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: text/plain; charset=\"".$this->_charset."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: ".$this->_ctencoding."\r\n";
+ if (!empty($this->_cc)) $headers .= "CC: ".implode(',',$this->_cc)."\r\n";
+ if (!empty($this->_bcc)) $headers .= "Bcc: ".implode(',',$this->_bcc)."\r\n";
+
+ $this->_headers = $headers;
+
+ return true;
+
+ }
+
+ public function send()
+ {
+ if (!$this->buildMail()) return false;
+
+ $to = implode(',',$this->_sendTo);
+
+ if (!@mail($to,$this->_subject,$this->_body,$this->_headers))
+ {
+ $this->errorsArray[] = 'error in the send process';
+ return false;
+ }
+
+ return true;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/ErrorReporting.php b/h-source/admin/Library/ErrorReporting.php
new file mode 100644
index 0000000..18ba519
--- /dev/null
+++ b/h-source/admin/Library/ErrorReporting.php
@@ -0,0 +1,45 @@
+<?php
+
+// EasyGiant is a PHP framework for creating and managing dynamic content
+//
+// Copyright (C) 2009 - 2011 Antonio Gallo
+// See COPYRIGHT.txt and LICENSE.txt.
+//
+// This file is part of EasyGiant
+//
+// EasyGiant is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+//
+// EasyGiant is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License
+// along with EasyGiant. If not, see <http://www.gnu.org/licenses/>.
+
+//function to set the error reporting parameters
+
+function ErrorReporting() {
+ if (RUNTIME_CONFIGURATION === true)
+ {
+ error_reporting(ERROR_REPORTING_DIRECTIVE);
+ if (DISPLAY_ERRORS === 'On') {
+ ini_set('display_errors','On');
+ } else {
+ ini_set('display_errors','Off');
+ }
+
+ if (ERROR_REPORTING_FILE === true)
+ {
+ if (LOG_ERROR_FILE === 'default')
+ {
+ ini_set('error_log',ROOT.DS.'Logs/Errors.log');
+ } else {
+ ini_set('error_log',LOG_ERROR_FILE);
+ }
+ }
+ }
+}
diff --git a/h-source/admin/Library/Factory/Db.php b/h-source/admin/Library/Factory/Db.php
new file mode 100755
index 0000000..3a988dd
--- /dev/null
+++ b/h-source/admin/Library/Factory/Db.php
@@ -0,0 +1,52 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to create the database layer class
+class Factory_Db {
+
+ //start the database connection
+ //$dbType: mysql,mysqli,pg
+ //$dbArrayParams: array containing the HOST, the USER, the PWD, and the DB of the database (see config.php)
+ public static function getInstance($dbType,$dbArrayParams = array()) {
+ if (!in_array($dbType,Params::$allowedDb)) {
+ throw new Exception('error in ' . __METHOD__ . ' : the database type has to be '.implode(' or ',Params::$allowedDb));
+ }
+ switch ($dbType) {
+ case 'Mysql':
+ return call_user_func_array(array('Db_'.$dbType,'getInstance'),$dbArrayParams);
+ break;
+ case 'Mysqli':
+ return call_user_func_array(array('Db_'.$dbType,'getInstance'),$dbArrayParams);
+ break;
+ case 'None':
+ return null;
+ break;
+ }
+ }
+
+ //close the database connection
+ public static function disconnect($dbType)
+ {
+ if (!in_array($dbType,Params::$allowedDb)) {
+ throw new Exception('error in ' . __METHOD__ . ' : the database type has to be '.implode(' or ',Params::$allowedDb));
+ }
+ switch ($dbType) {
+ case 'Mysql':
+ $mysql = Db_Mysql::getInstance();
+ $mysql->disconnect();
+ break;
+ case 'Mysqli':
+ $mysqli = Db_Mysqli::getInstance();
+ $mysqli->disconnect();
+ break;
+ case 'None':
+ return null;
+ break;
+ }
+ }
+
+}
diff --git a/h-source/admin/Library/Factory/index.html b/h-source/admin/Library/Factory/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Factory/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Files/Log.php b/h-source/admin/Library/Files/Log.php
new file mode 100644
index 0000000..895c26d
--- /dev/null
+++ b/h-source/admin/Library/Files/Log.php
@@ -0,0 +1,97 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage a file di log
+//this is a singleton class
+class Files_Log
+{
+
+ const DS = DIRECTORY_SEPARATOR;
+
+ // array of instances of the class
+ //key: name of the instance, value:instance. The name of the instance is also the name of the log file to open
+ private static $instance = array();
+
+ public static $logFolder = './'; //the log folder
+ public static $logExtension = '.log'; //the extension of the log files
+ public static $logPermission = 0777;
+
+ private $splFile; //SplFileObject
+
+ //$fileName: the file to open
+ private function __construct($fileName)
+ {
+ $finalChar = self::$logFolder[strlen(self::$logFolder) - 1];
+ if (strcmp($finalChar,self::DS) !== 0) self::$logFolder .= self::DS;
+
+ $path = self::$logFolder . $fileName . self::$logExtension;
+ $this->splFile = new SplFileObject($path,'a+');
+ //change the permission of the file
+ @chmod($path,self::$logPermission);
+ }
+
+ // The singleton method
+ // $instanceName: name of the key of self::$instance. It is also the name of the log file to open
+ public static function getInstance($instanceName)
+ {
+ if (!isset(self::$instance[$instanceName])) {
+ $className = __CLASS__;
+ self::$instance[$instanceName] = new $className($instanceName);
+ }
+
+ return self::$instance[$instanceName];
+ }
+
+ //write the string $string at the end of the file
+ public function writeString($string,$format = 'Y-m-d H:i:s')
+ {
+ $date = date($format);
+ $this->splFile->fwrite("[$date]\t".$string."\n");
+ }
+
+ //get the date string of the line $line
+ public function getDateString($line)
+ {
+ if (preg_match('/^[\[]{1}([a-zA-Z0-9:\-\s])*[\]]{1}/',$line,$match))
+ {
+ $match[0] = str_replace('[',null,$match[0]);
+ $match[0] = str_replace(']',null,$match[0]);
+ return $match[0];
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ //delete all the lines older than a number of days equal to $days
+ public function clearBefore($days = 30)
+ {
+ $tempArray = array();
+ $newTime = time() - (int)$days * 24 * 3600;
+ foreach ($this->splFile as $line)
+ {
+ $lineTime = strtotime($this->getDateString($line));
+ if ($lineTime !== false and $lineTime > $newTime)
+ {
+ $tempArray[] = $line;
+ }
+ }
+ $this->splFile->ftruncate(0);
+ foreach ($tempArray as $row)
+ {
+ $this->splFile->fwrite($row);
+ }
+ }
+
+ // Prevent users to clone the instance
+ public function __clone()
+ {
+ throw new Exception('error in '. __METHOD__.': clone is not allowed');
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Files/Upload.php b/h-source/admin/Library/Files/Upload.php
new file mode 100755
index 0000000..47289fd
--- /dev/null
+++ b/h-source/admin/Library/Files/Upload.php
@@ -0,0 +1,451 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage upload files
+class Files_Upload
+{
+
+ const DS = DIRECTORY_SEPARATOR;
+
+ private $base = null; //root directory
+ private $directory = null; //current directory. Path relative to the base directory (Files_Upload::base)
+ private $parentDir = null; //parent folder
+ private $subDir = array(); //subdirectories of the current directory
+ private $relSubDir = array(); //subfolders of $this->directory. The path starts from the $base folder
+ private $files = array(); //files inside the current directory
+ private $relFiles = array(); //files inside $this->directory. The path starts from the $base directory
+ private $params; //class parameters
+ private $pattern = null; //the pattern for the preg_match function
+
+ protected $_resultString; //reference to the class uploadStrings containing all the result strings
+
+ public $fileName = null; //the name of the last file that has been uploaded
+ public $notice = null; //the result string of the operation
+
+ public function __construct($base,$params = null, $directory = null) {
+
+ $this->base = $this->addTrailingSlash($base);
+
+ //set the match pattern
+ $tmp = str_replace(self::DS,'\\'.self::DS,$this->base);
+ $this->pattern = "/^(".$tmp.")/";
+
+ $defaultParams = array(
+ 'filesPermission'=>0777,
+ 'delFolderAction'=>'delFolderAction',
+ 'delFileAction'=>'delFileAction',
+ 'createFolderAction'=>'createFolderAction',
+ 'uploadFileAction'=>'uploadFileAction',
+ 'maxFileSize' => 3000000,
+ 'language' => 'eng',
+ 'allowedExtensions'=>'jpg,jpeg,png,gif,txt',
+ 'fileUploadKey' => 'userfile'
+ );
+
+ //set the $this->scaffold->params array
+ if (is_array($params))
+ {
+ foreach ($params as $key => $value)
+ {
+ $defaultParams[$key] = $value;
+ }
+ }
+ $this->params = $defaultParams;
+
+ //instantiate the $_resultString object
+ $stringClass = 'Lang_'.$this->params['language'].'_UploadStrings';
+ if (!class_exists($stringClass))
+ {
+ $stringClass = 'Lang_Eng_UploadStrings';
+ }
+ $this->_resultString = new $stringClass();
+
+ $this->setDirectory($directory);
+
+ }
+
+ //obtain the current directory
+ public function setDirectory($directory = null)
+ {
+ $relDir = (strcmp($directory,"") !== 0) ? $this->addTrailingSlash($directory) : null;
+ $absDir = $this->addTrailingSlash($this->base.$directory);
+
+ if (is_dir($absDir))
+ {
+ if ($this->isValidFolder($absDir))
+ {
+ $this->directory = $relDir;
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->directory = null;
+ $this->notice = $this->_resultString->getString('not-dir');
+ }
+ return false;
+ }
+
+ //check if $folder is a folder and is subfolder of $this->base
+ protected function isValidFolder($folder)
+ {
+ if (is_dir($folder))
+ {
+ $folder = $this->addTrailingSlash(realpath($folder));
+ if ($this->isMatching($folder)) return true;
+ }
+ return false;
+ }
+
+ protected function isMatching($path)
+ {
+ if (preg_match($this->pattern,$path))
+ {
+ if (strstr($path,'..')) return false;
+ return true;
+ }
+ return false;
+ }
+
+ public function getDirectory() {
+ return $this->directory;
+ }
+
+ public function getBase()
+ {
+ return $this->base;
+ }
+
+ public function getSubDir() {
+ return $this->subDir;
+ }
+
+ public function getRelSubDir()
+ {
+ return $this->relSubDir;
+ }
+
+ public function getFiles() {
+ return $this->files;
+ }
+
+ public function getRelFiles()
+ {
+ return $this->relFiles;
+ }
+
+ public function getParentDir() {
+ return $this->parentDir;
+ }
+
+ //add the trailing slash to the string
+ protected function addTrailingSlash($string)
+ {
+ $finalChar = $string[strlen($string) - 1];
+ if (strcmp($finalChar,self::DS) !== 0)
+ {
+ return $string.self::DS;
+ }
+ return $string;
+ }
+
+ protected function urlDeep($dir) { #funzione per creare l'indirizzo completo della cartella all'interno della quale voglio entrare
+ #$dir:cartella all'interno della quale voglio entrare
+ return $this->base.$this->directory.$dir.self::DS;
+ }
+
+ public function listFiles() { #creo la lista di file e cartelle all'interno della directory corrente
+ $items = scandir($this->base.$this->directory);
+ foreach( $items as $this_file ) {
+ if( strcmp($this_file,".") !== 0 && strcmp($this_file,"..") !== 0 ) {
+ if (is_dir($this->urlDeep($this_file))) {
+ $this->subDir[] = $this_file;
+ $this->relSubDir[] = $this->directory.$this_file;
+ } else {
+ $this->files[] = $this_file;
+ $this->relFiles[] = $this->directory.$this_file;
+ }
+ }
+ }
+ //get the parent dir
+ $this->parentDir();
+ }
+
+ //get the extension of the file
+ protected function getFileExtension($file)
+ {
+ return strtolower(end(explode('.', $file)));
+ }
+
+ protected function parentDir() { #individuo la cartella madre
+
+ $folders = explode(self::DS,$this->directory);
+ array_pop($folders);
+ array_pop($folders);
+ $parent = implode(self::DS,$folders);
+ $parent = (strcmp($parent,"") !== 0) ? $this->addTrailingSlash($parent) : null;
+
+ if ($this->isValidFolder($this->base.$parent))
+ {
+ $this->parentDir = $parent;
+ }
+ else
+ {
+ $this->parentDir = null;
+ }
+ }
+
+ //create the $name subfolder of the $this->directory folder
+ public function createFolder($name) { #funzione per creare una cartella nella directory corrente
+ $name = basename($name);
+ if (strcmp(trim($name),'') !== 0)
+ {
+ if (is_writable($this->base.$this->directory))
+ {
+ $path = $this->base.$this->directory.$name;
+
+ if ($this->isMatching($path))
+ {
+ if (!file_exists($path))
+ {
+ if (@mkdir($path,$this->params['filesPermission']))
+ {
+ @chmod($path, $this->params['filesPermission']);
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('dir-exists');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-writable');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-folder-specified');
+ }
+ return false;
+ }
+
+ //check if the $name folder is empty or not
+ protected function isEmpty($name)
+ {
+ $items = scandir($name);
+ foreach( $items as $this_file ) {
+ if( strcmp($this_file,".") !== 0 && strcmp($this_file,"..") !== 0 ) {
+ return false;
+ }
+ }
+ return true;
+ }
+
+ public function removeFile($name)
+ {
+ $name = basename($name);
+ if (strcmp(trim($name),'') !== 0)
+ {
+ $path = $this->base.$this->directory.$name;
+ if ($this->isMatching($path))
+ {
+ if ($this->removeAbsFile($path)) return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-file-specified');
+ }
+ return false;
+ }
+
+ //remove the $name file
+ protected function removeAbsFile($name)
+ {
+ if (strcmp(trim($name),'') !== 0)
+ {
+ if (is_writable($name))
+ {
+ if (@unlink($name))
+ {
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-writable-file');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-file-specified');
+ }
+ return false;
+ }
+
+ public function removeFolder($name)
+ {
+ $name = basename($name);
+ if (strcmp(trim($name),'') !== 0)
+ {
+ $dir = $this->base.$this->directory.$name;
+ if ($this->isMatching($dir))
+ {
+ if ($this->removeAbsFolder($dir)) return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-child');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-folder-specified');
+ }
+ return false;
+ }
+
+ //remove the $name folder
+ protected function removeAbsFolder($name) {
+ if (strcmp(trim($name),'') !== 0) {
+ if (is_writable($name))
+ {
+ if ($this->isEmpty($name))
+ {
+ if (@rmdir($name))
+ {
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-empty');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-writable');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-folder-specified');
+ }
+ return false;
+ }
+
+ //upload a file in the current directory
+ //$fileName: name of the file
+ public function uploadFile($fileName = null) {
+ $userfile = $this->params['fileUploadKey'];
+ $ext = $this->getFileExtension($_FILES[$userfile]["name"]);
+ $fileName = isset($fileName) ? $fileName.".$ext" : basename($_FILES[$userfile]["name"]);
+
+ $this->fileName = $fileName;
+
+ if(strcmp(trim($_FILES[$userfile]["name"]),"") !== 0)
+ {
+ if(@is_uploaded_file($_FILES[$userfile]["tmp_name"])) {
+ if ($_FILES[$userfile]["size"] <= $this->params['maxFileSize'])
+ {
+ //check the extension of the file
+ $AllowedExtensionsArray = explode(',',$this->params['allowedExtensions']);
+
+ if (in_array($ext,$AllowedExtensionsArray))
+ {
+ //check if the file doesn't exists
+ if (!file_exists($this->base.$this->directory.$fileName))
+ {
+ if (@move_uploaded_file($_FILES[$userfile]["tmp_name"],$this->base.$this->directory.$fileName))
+ {
+ @chmod($this->base.$this->directory.$fileName, $this->params['filesPermission']);
+ $this->notice = $this->_resultString->getString('executed');
+ return true;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('error');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('file-exists');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('not-allowed-ext');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('size-over');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-upload-file');
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-upload-file');
+ }
+ return false;
+ }
+
+ //update the folder tree
+ public function updateTree() {
+
+ if (isset($_POST[$this->params['delFolderAction']])) {
+ $this->removeFolder($_POST[$this->params['delFolderAction']]);
+ }
+
+ if (isset($_POST[$this->params['delFileAction']])) {
+ $this->removeFile($_POST[$this->params['delFileAction']]);
+ }
+
+ if (isset($_POST[$this->params['createFolderAction']])) {
+ $this->createFolder($_POST['folderName']);
+ }
+
+ if (isset($_POST[$this->params['uploadFileAction']])) {
+ $this->uploadFile();
+ }
+
+ }
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Files/index.html b/h-source/admin/Library/Files/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Files/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Form/Checkbox.php b/h-source/admin/Library/Form/Checkbox.php
new file mode 100755
index 0000000..5df1917
--- /dev/null
+++ b/h-source/admin/Library/Form/Checkbox.php
@@ -0,0 +1,41 @@
+<?php
+
+/**
+ * EasyGiant
+ *
+ * LICENSE
+ *
+ * All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public
+ * License as published by the Free Software Foundation, either version 3 of the License, or (at your option)
+ * any later version.
+ * See COPYRIGHT.txt and LICENSE.txt.
+ *
+ * @package EasyGiant
+ * @license http://www.gnu.org/licenses/gpl.html GNU General Public License version 3 or any later version
+ */
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+/** create the HTML of an input text entry */
+class Form_Checkbox extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $wrap = $this->getWrapElements();
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t";
+ $returnString .= $wrap[0];
+ $returnString .= $this->getLabelTag();
+ $returnString .= $wrap[1];
+ $returnString .= Html_Form::checkbox($this->entryName, $value, $this->options, $this->className,$this->idName);
+ $returnString .= $wrap[2];
+ $returnString .="</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Entry.php b/h-source/admin/Library/Form/Entry.php
new file mode 100755
index 0000000..725235a
--- /dev/null
+++ b/h-source/admin/Library/Form/Entry.php
@@ -0,0 +1,45 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//base class of the form entries
+abstract class Form_Entry {
+
+ public $entryName = null; //the name of the entry
+ public $entryClass = null; //the class of the entry
+ public $idName = null; //the id of the input entry
+ public $className = null; //the class of the input entry
+ public $labelString = null; //label of the form
+ public $labelClass = null; //the class of the tag of the label
+ public $options = array(); //options (if the entry is a <select> entry or a radio button). Associative array or comma-divided list.
+ public $defaultValue = '';
+ public $wrap = array();
+ public $type = null; //the type of the entry
+
+ //create the label of each entry of the form
+ public function getLabelTag()
+ {
+ $labelTagClass = isset($this->labelClass) ? $this->labelClass : 'entryLabel';
+ return isset($this->labelString) ? "<label class='$labelTagClass'>".$this->labelString."</label>\n\t" : null;
+ }
+
+ //get the class of the entry
+ public function getEntryClass()
+ {
+ return isset($this->entryClass) ? $this->entryClass : 'formEntry';
+ }
+
+ public function getWrapElements()
+ {
+ $wrap[0] = isset($this->wrap[0]) ? $this->wrap[0] : null;
+ $wrap[1] = isset($this->wrap[1]) ? $this->wrap[1] : null;
+ $wrap[2] = isset($this->wrap[2]) ? $this->wrap[2] : null;
+ return $wrap;
+ }
+
+ abstract public function render($value = null);
+
+}
diff --git a/h-source/admin/Library/Form/Form.php b/h-source/admin/Library/Form/Form.php
new file mode 100755
index 0000000..00e27d4
--- /dev/null
+++ b/h-source/admin/Library/Form/Form.php
@@ -0,0 +1,116 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of the whole form
+class Form_Form {
+
+ public $entry = array(); //associative array containing the entries of the form (objects that inherit the class form_entryModel). Each element of the array corresponds to one field of the table
+
+ public $action = null; //the action of the form
+ public $name = null; //the name of the form
+ public $className = 'formClass'; //the class of the form
+ public $id = null;
+ public $submit = array(); //the submit entries array('name'=>'value')
+ public $method = 'POST'; //the transmission method: POST/GET
+
+ public function __construct($action,$submit = array('generalAction'=>'save'),$method = 'POST')
+ {
+ $this->action = $action; //action of the form: controller/action
+ $this->submit = $submit;
+ $this->method = $method;
+ }
+
+ //method to manage the $this->entry associative array
+ //entryType: the type of the object to be initialized, $entryName: the name of the entry
+ //$options: the list of options (if the entry is a <select> entry)
+ public function setEntry($entryName,$entryType,$options = null)
+ {
+ $entryObjName = 'Form_'.$entryType;
+ if (!class_exists($entryObjName))
+ {
+ throw new Exception("class <b>$entryObjName</b> not defined: the entry <b>$entryName</b> can't be set");
+ }
+ $this->entry[$entryName] = new $entryObjName($entryName);
+ $this->entry[$entryName]->labelString = $entryName.':';
+ //set the type
+ $this->entry[$entryName]->type = $entryType;
+ if (isset($options))
+ {
+ $this->entry[$entryName]->options = $options;
+ }
+ }
+
+ //set all the entries
+ //$entryStruct : the struct of the entries
+ public function setEntries($entryStruct = array())
+ {
+ foreach ($entryStruct as $name => $entry)
+ {
+ $type = array_key_exists('type',$entry) ? $entry['type'] : 'InputText';
+ $options = array_key_exists('options',$entry) ? $entry['options'] : null;
+ $this->setEntry($name,$type,$options);
+
+ $entryClass = array_key_exists('entryClass',$entry) ? $entry['entryClass'] : null;
+ $labelString = array_key_exists('labelString',$entry) ? $entry['labelString'] : "$name:";
+ $idName = array_key_exists('idName',$entry) ? $entry['idName'] : null;
+ $className = array_key_exists('className',$entry) ? $entry['className'] : null;
+ $labelClass = array_key_exists('labelClass',$entry) ? $entry['labelClass'] : null;
+ $defaultValue = array_key_exists('defaultValue',$entry) ? $entry['defaultValue'] : null;
+ $wrap = array_key_exists('wrap',$entry) ? $entry['wrap'] : array();
+
+ $this->entry[$name]->entryClass = $entryClass;
+ $this->entry[$name]->labelString = $labelString;
+ $this->entry[$name]->idName = $idName;
+ $this->entry[$name]->className = $className;
+ $this->entry[$name]->labelClass = $labelClass;
+ $this->entry[$name]->defaultValue = $defaultValue;
+ $this->entry[$name]->wrap = $wrap;
+ }
+ }
+
+ //function to create the HTML of the form
+ //$values: an associative array ('entryName'=>'value')
+ //$subset: subset to print
+ public function render($values = null, $subset = null)
+ {
+
+ if ($values === null)
+ {
+ $values = array();
+ foreach ($this->entry as $key => $value)
+ {
+ $values[$key] = $value->defaultValue;
+ }
+ }
+
+ $fid = isset($this->id) ? "id='".$this->id."'" : null;
+ $fname = isset($this->name) ? "name='".$this->name."'" : null;
+ $fclass = isset($this->className) ? "class='".$this->className."'" : null;
+ $htmlForm = "<form $fname $fclass $fid action='".Url::getRoot($this->action)."' method='".$this->method."'>\n";
+
+ $subset = (isset($subset)) ? explode(',',$subset) : array_keys($values);
+
+ foreach ($subset as $entry)
+ {
+
+ if (array_key_exists($entry,$this->entry))
+ {
+ $value = array_key_exists($entry,$values) ? $values[$entry] : $this->entry[$entry]->defaultValue;
+ $htmlForm .= $this->entry[$entry]->render($value);
+ }
+
+ }
+
+ foreach ($this->submit as $name => $value)
+ {
+ $htmlForm .= "<div class='inputEntry'>\n<input id='".$name."' type='submit' name='$name' value='$value'>\n</div>\n";
+ }
+ $htmlForm .= "</form>\n";
+ return $htmlForm;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Hidden.php b/h-source/admin/Library/Form/Hidden.php
new file mode 100755
index 0000000..fb81b30
--- /dev/null
+++ b/h-source/admin/Library/Form/Hidden.php
@@ -0,0 +1,23 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of an input hidden entry
+class Form_Hidden extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $returnString = Html_Form::hidden($this->entryName, $value);
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Html.php b/h-source/admin/Library/Form/Html.php
new file mode 100644
index 0000000..dce91c6
--- /dev/null
+++ b/h-source/admin/Library/Form/Html.php
@@ -0,0 +1,23 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of an input text entry
+class Form_Html extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t$value\n</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/InputText.php b/h-source/admin/Library/Form/InputText.php
new file mode 100755
index 0000000..fb98336
--- /dev/null
+++ b/h-source/admin/Library/Form/InputText.php
@@ -0,0 +1,30 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of an input text entry
+class Form_InputText extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $wrap = $this->getWrapElements();
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t";
+ $returnString .= $wrap[0];
+ $returnString .= $this->getLabelTag();
+ $returnString .= $wrap[1];
+ $returnString .= Html_Form::input($this->entryName, $value, $this->className, $this->idName);
+ $returnString .= $wrap[2];
+ $returnString .="</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Password.php b/h-source/admin/Library/Form/Password.php
new file mode 100644
index 0000000..76bc735
--- /dev/null
+++ b/h-source/admin/Library/Form/Password.php
@@ -0,0 +1,30 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of an input text entry
+class Form_Password extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $wrap = $this->getWrapElements();
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t";
+ $returnString .= $wrap[0];
+ $returnString .= $this->getLabelTag();
+ $returnString .= $wrap[1];
+ $returnString .= Html_Form::password($this->entryName, null, $this->className);
+ $returnString .= $wrap[2];
+ $returnString .="</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Radio.php b/h-source/admin/Library/Form/Radio.php
new file mode 100755
index 0000000..fb20677
--- /dev/null
+++ b/h-source/admin/Library/Form/Radio.php
@@ -0,0 +1,30 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of a radio entry
+class Form_Radio extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $wrap = $this->getWrapElements();
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t";
+ $returnString .= $wrap[0];
+ $returnString .= $this->getLabelTag();
+ $returnString .= $wrap[1];
+ $returnString .= Html_Form::radio($this->entryName,$value,$this->options,$this->className, 'after', $this->idName);
+ $returnString .= $wrap[2];
+ $returnString .="</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Select.php b/h-source/admin/Library/Form/Select.php
new file mode 100755
index 0000000..558fd57
--- /dev/null
+++ b/h-source/admin/Library/Form/Select.php
@@ -0,0 +1,30 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of an select entry
+class Form_Select extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $wrap = $this->getWrapElements();
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t";
+ $returnString .= $wrap[0];
+ $returnString .= $this->getLabelTag();
+ $returnString .= $wrap[1];
+ $returnString .= Html_Form::select($this->entryName,$value,$this->options,$this->className, $this->idName);
+ $returnString .= $wrap[2];
+ $returnString .="</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/Textarea.php b/h-source/admin/Library/Form/Textarea.php
new file mode 100755
index 0000000..d81cc84
--- /dev/null
+++ b/h-source/admin/Library/Form/Textarea.php
@@ -0,0 +1,30 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of a textarea entry
+class Form_Textarea extends Form_Entry
+{
+
+ public function __construct($entryName = null)
+ {
+ $this->entryName = $entryName;
+ }
+
+ public function render($value = null)
+ {
+ $wrap = $this->getWrapElements();
+ $returnString = "<div class='".$this->getEntryClass()."'>\n\t";
+ $returnString .= $wrap[0];
+ $returnString .= $this->getLabelTag();
+ $returnString .= $wrap[1];
+ $returnString .= Html_Form::textarea($this->entryName, $value, $this->className, $this->idName);
+ $returnString .= $wrap[2];
+ $returnString .="</div>\n";
+ return $returnString;
+ }
+
+}
diff --git a/h-source/admin/Library/Form/index.html b/h-source/admin/Library/Form/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Form/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Functions.php b/h-source/admin/Library/Functions.php
new file mode 100755
index 0000000..414770f
--- /dev/null
+++ b/h-source/admin/Library/Functions.php
@@ -0,0 +1,279 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+
+/*
+ SANITIZE FUNCTIONS
+*/
+
+function none($string) {
+ return $string;
+}
+
+function forceInt($string) {
+ return (int)$string;
+}
+
+function forceNat($string)
+{
+ $string = (int)$string;
+ if ($string <= 0) return 1;
+ return $string;
+}
+
+function sanitizeDb($stringa) {
+
+ if (DATABASE_TYPE === 'Mysql')
+ {
+ $stringa = mysql_real_escape_string($stringa);
+ return $stringa;
+ }
+
+ if (DATABASE_TYPE === 'Mysqli')
+ {
+ $mysqli = Db_Mysqli::getInstance();
+ $db = $mysqli->getDb();
+ $stringa = $db->real_escape_string($stringa);
+ return $stringa;
+ }
+
+ return $stringa;
+}
+
+function sanitizeAll($stringa) {
+
+ $stringa=sanitizeHtml($stringa);
+ $stringa=sanitizeDb($stringa);
+ return $stringa;
+
+}
+
+function sanitizeHtml($stringa) {
+
+ $charset = Params::$htmlentititiesCharset;
+ $stringa=htmlentities($stringa,ENT_QUOTES,$charset);
+ return $stringa;
+
+}
+
+//check if only alphabetic + optional characters are present in the string $string. Set $string to $altString if other characters are found
+//$optChar: allowed characters divided by '|' Ex: '+|-|;'
+function sanitizeCustom($string,$optChar,$altString = 'EasyGiant')
+{
+
+ $optChar = html_entity_decode($optChar,ENT_QUOTES);
+ $optCharArray = explode('|',$optChar);
+ $temp = $string;
+ foreach($optCharArray as $char)
+ {
+ $temp = str_replace($char,null,$temp);
+ }
+ if (ctype_alnum($temp))
+ {
+ return $string;
+ }
+ else
+ {
+ return $altString;
+ }
+}
+
+
+
+
+/*
+SANITIZE DEEP
+*/
+
+function stripslashesDeep($value) {
+ if(get_magic_quotes_gpc()) {#if stripslashes
+ return array_map('stripslashes', $value);
+ }
+ return $value;
+}
+
+
+function sanitizeHtmlDeep($value) {
+ return array_map('sanitizeHtml', $value);
+}
+
+
+function sanitizeDbDeep($value) {
+ return array_map('sanitizeDb', $value);
+}
+
+
+function sanitizeCustomDeep($stringArray,$optChar,$altString = 'EasyGiant')
+{
+ $result = array();
+ foreach ($stringArray as $key => $value)
+ {
+ $result[$key] = sanitizeCustom($value,$optChar,$altString);
+ }
+ return $result;
+}
+
+
+function sanitizeAllDeep($value) {
+ return array_map('sanitizeAll', $value);
+}
+
+
+function forceIntDeep($value) {
+ return array_map('forceInt', $value);
+}
+
+function forceNatDeep($value) {
+ return array_map('forceNat', $value);
+}
+
+function noneDeep($value) {
+ return array_map('none', $value);
+}
+
+
+function md5Deep($value)
+{
+ return array_map('md5', $value);
+}
+
+function sha1Deep($value)
+{
+ return array_map('sha1', $value);
+}
+
+
+
+
+
+
+
+function sanitizeAlnum($string)
+{
+ return ctype_alnum($string) ? sanitizeAll($string) : '';
+}
+
+
+function sanitizeIp($ip)
+{
+ return preg_match('/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/',$ip) ? sanitizeAll($ip) : '';
+}
+
+
+/*
+ CHECK FUNCTIONS
+*/
+
+//check if a string has the mail format (abc.efg@hij.klm.on)
+//modification of the rule found at http://www.sastgroup.com/tutorials/8-espressioni-regolari-per-validare-un-po-di-tutto
+//original rule: /^[^0-9][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[@][a-zA-Z0-9_]+([.][a-zA-Z0-9_]+)*[.][a-zA-Z]{2,4}$/
+function checkMail($string)
+{
+ if (preg_match('/^[a-zA-Z0-9_\-]+([.][a-zA-Z0-9_\-]+){0,2}[@][a-zA-Z0-9_\-]+([.][a-zA-Z0-9_\-]+){0,2}[.][a-zA-Z]{2,4}$/',$string))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+
+
+function wrap($string,$tag_class) {#wrap the string with the tag and its class
+ #$tag_class has to be an associative array (tag1=>class1,$tag2=>class2,.. )!!
+ $str_front=null;
+ $str_rear=null;
+ if (is_array($tag_class)) {
+ foreach ($tag_class as $tag => $class) {
+ $tag = str_replace('+','',$tag);
+ $str_class=isset($class) ? " class=\"".$class."\"" : null;
+ $str_front.="<".$tag.$str_class.">\n";
+ $str_rear.="</".$tag.">\n";
+ }
+ }
+ return $str_front.$string.$str_rear;
+}
+
+//generate a random password
+//$start: start number of mt_rand
+//$end: end number of mt_rand
+function randString($length,$start = 33, $end = 126)
+{
+ $random = '';
+ for ($i = 0; $i < $length; $i++)
+ {
+ $random .= chr(mt_rand($start, $end));
+ }
+ return $random;
+}
+
+//generate a random string
+//$charNumb:number of characters of the final string
+//$allowedChars: allowed characters
+function generateString($charNumb = 8,$allowedChars = '0123456789abcdefghijklmnopqrstuvwxyz')
+{
+ $str = null;
+ for ($i = 0; $i < $charNumb; $i++)
+ {
+ $str .= substr($allowedChars, mt_rand(0, strlen($allowedChars)-1), 1);
+ }
+ return $str;
+}
+
+
+function getIp()
+{
+ $ip = "";
+
+ if (isset($_SERVER))
+ {
+ if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
+ {
+ $ip = sanitizeIp($_SERVER["HTTP_X_FORWARDED_FOR"]);
+ } else if (!empty($_SERVER["HTTP_CLIENT_IP"])) {
+ $ip = sanitizeIp($_SERVER["HTTP_CLIENT_IP"]);
+ } else {
+ $ip = sanitizeIp($_SERVER["REMOTE_ADDR"]);
+ }
+ } else {
+ if ( getenv( 'HTTP_X_FORWARDED_FOR' ) !== false ) {
+ $ip = sanitizeIp(getenv( 'HTTP_X_FORWARDED_FOR' ));
+ } else if ( getenv( 'HTTP_CLIENT_IP' ) !== false ) {
+ $ip = sanitizeIp(getenv( 'HTTP_CLIENT_IP' ));
+ } else {
+ $ip = sanitizeIp(getenv( 'REMOTE_ADDR' ));
+ }
+ }
+ return $ip;
+}
+
+
+
+function getUserAgent() {
+ if (isset($_SERVER['HTTP_USER_AGENT']))
+ {
+ return md5($_SERVER['HTTP_USER_AGENT']);
+ }
+ else
+ {
+ return md5('firefox');
+ }
+}
+
+
+function xml_encode($string)
+{
+ $trans = get_html_translation_table(HTML_ENTITIES, ENT_QUOTES);
+ foreach ($trans as $k=>$v)
+ {
+ $trans[$k]= "&#".ord($k).";";
+ }
+
+ return strtr($string, $trans);
+} \ No newline at end of file
diff --git a/h-source/admin/Library/HeaderObj.php b/h-source/admin/Library/HeaderObj.php
new file mode 100644
index 0000000..f4fe65b
--- /dev/null
+++ b/h-source/admin/Library/HeaderObj.php
@@ -0,0 +1,28 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//manage the header
+class HeaderObj {
+
+ private $domainName; //the base path of the website (domainname)
+
+ public function __construct($domainName)
+ {
+ $this->domainName = $domainName;
+ }
+
+ //redirect to $path after the time $time
+ //string that appears until the page is redirected
+ public function redirect($path,$time = 0,$string = null)
+ {
+ $completePath = Url::getRoot().$path;
+ header('Refresh: '.$time.';url='.$completePath);
+ if (isset($string)) echo $string;
+ exit;
+ }
+
+}
diff --git a/h-source/admin/Library/Helper/Array.php b/h-source/admin/Library/Helper/Array.php
new file mode 100755
index 0000000..32a4c27
--- /dev/null
+++ b/h-source/admin/Library/Helper/Array.php
@@ -0,0 +1,11 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//Helper class to manage arrays
+class Helper_Array extends ArrayExt {
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Helper/Html.php b/h-source/admin/Library/Helper/Html.php
new file mode 100755
index 0000000..b3648be
--- /dev/null
+++ b/h-source/admin/Library/Helper/Html.php
@@ -0,0 +1,14 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//base class of all the Helper classes that returns HTML
+class Helper_Html {
+
+ public $viewArgs = array(); //arguments of the view action (to mantain the status, ex: page,language,etc)
+ public $viewStatus = null; //additional string to the url to define the status of the view action (ex: page,language,etc)
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Helper/List.php b/h-source/admin/Library/Helper/List.php
new file mode 100755
index 0000000..660ac67
--- /dev/null
+++ b/h-source/admin/Library/Helper/List.php
@@ -0,0 +1,278 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to create the HTML for the view action
+class Helper_List extends Helper_Html {
+
+ protected $_itemsList = array(); //2-dimensional associative array containing the list items
+ //keys: type,table:field,controller/action,value
+ protected $_head = array(); //2-dimensional array containing the head of the table
+ protected $_identifierName;
+
+ protected $_recordNumber = null; //number of records from the table
+
+ protected $_allowedItems = array('simpleLink','simpleText','delForm','editForm','associateForm','moveupForm','movedownForm'); //type of items allowed
+
+ //set if the submit buttons have to be images or not (it can be yse or not)
+ public $submitImageType = 'no';
+
+ //set the files of the images
+ public $submitImages = array(
+ 'edit' => null,
+ 'del' => null,
+ 'up' => null,
+ 'down' => null,
+ 'link' => null
+ );
+
+ //set the titles of the input:submit
+ public $submitTitles = array(
+ 'edit' => 'edit the record',
+ 'del' => 'delete the record',
+ 'up' => 'move up the record',
+ 'down' => 'move down the record',
+ 'link' => 'associate the record'
+ );
+
+ //$position: array. First element: page number, second element: number of pages
+ public $position = array();
+
+ //it can be: both, top, bottom, none
+ protected $_boundaries = 'none';
+
+ public function build($identifierName = 'identifier')
+ {
+ $this->_identifierName = $identifierName;
+ }
+
+ public function setIdentifierName($identifierName)
+ {
+ $this->_identifierName = $identifierName;
+ }
+
+ //add a list Item. $type: the type of the item, $field: the table.field to exctract (use colon to separate the table and the field),$action: controller/action,$value=if type == link->the value of the link
+ public function addItem($type, $action = '', $field = '', $name = '') {
+ if (!in_array($type,$this->_allowedItems)) {
+ throw new Exception('"'.$type. '" argument not allowed in '.__METHOD__.' method');
+ }
+ $temp=array();
+ $temp['type'] = $type;
+ $temp['action'] = $action;
+ $temp['field'] = $field;
+ $temp['name'] = $name;
+ $this->_itemsList[] = $temp;
+
+ //set the $this->_head array
+ $head = array();
+ $head['type'] = $type;
+
+ if ($type === 'simpleText') {
+ $head['action'] = $this->extractFieldName($action);
+ } else {
+ $head['action'] = '&nbsp';
+ }
+ $this->_head[] = $head;
+ }
+
+
+ //set the head of the table
+ //$columnsName: name of the columns. It has to be a comma-separated list of strings
+ public function setHead($columnsName = '')
+ {
+ //get the array from the list
+ $columnsArray = explode(',',$columnsName);
+ for ($i = 0; $i < count($columnsArray); $i++)
+ {
+ if ($i < count($this->_itemsList)) $this->_head[$i]['action'] = $columnsArray[$i];
+ }
+ }
+
+
+ //$method to extract the field name from the $action string (;table:field;)
+ public function extractFieldName($string) {
+ $string = str_replace(';','',$string);
+ return $string;
+ }
+
+ //replace the strings wrapped by ; with their correspondent value taken by the $recordArray associative array (a row of the select query)
+ public function replaceFields($string,$rowArray) {
+ $stringArray = explode(';',$string);
+ for ($i = 0; $i < count($stringArray); $i++) {
+ if (strstr($stringArray[$i],':')) {
+ //check if a function has been indicated
+ if (strstr($stringArray[$i],'|'))
+ {
+ //get the function
+ $firstArray = explode('|',$stringArray[$i]);
+ $func = $firstArray[0];
+ //replace the fields
+ $temp = explode(':',$firstArray[1]);
+ $stringArray[$i] = $rowArray[$temp[0]][$temp[1]];
+
+ if (!function_exists($func)) {
+ throw new Exception('Error in <b>'.__METHOD__.'</b>: function <b>'.$func.'</b> does not exists..');
+ }
+ //apply the function
+ $stringArray[$i] = call_user_func($func,$stringArray[$i]);
+ }
+ else
+ {
+ $temp = explode(':',$stringArray[$i]);
+ $stringArray[$i] = $rowArray[$temp[0]][$temp[1]];
+ }
+ }
+ }
+ return implode('',$stringArray);
+ }
+
+ //call the method replaceFields upon the $items array using the associative array $rowArray
+ public function replaceAll($item,$rowArray) {
+ $item['action'] = $this->replaceFields($item['action'],$rowArray);
+ $item['field'] = $this->replaceFields($item['field'],$rowArray);
+ $item['name'] = $this->replaceFields($item['name'],$rowArray);
+ return $item;
+ }
+
+ //wrap the column with the tag td
+ public function wrapColumn($string, $className = null) {
+ return wrap($string,array('td'=>$className));
+ }
+
+ //wrap the row with the tag tr
+ public function wrapRow($string,$className = null) {
+ return wrap($string,array('tr'=>$className));
+ }
+
+ public function wrapList($string) {
+ return wrap($string,array('table'=>'listTable'));
+ }
+
+ //method to create the HTML of the head of the table
+ public function createHead() {
+ $htmlHead = null;
+ foreach ($this->_head as $item) {
+ $temp = $item['action'];
+ $htmlHead .= $this->wrapColumn($temp,$item['type']);
+ }
+ return $htmlHead;
+ }
+
+ //create the HTML of a single row (values taken from the associative array $rowArray)
+ public function getRowList($rowArray) {
+ $htmlList = null;
+ foreach ($this->_itemsList as $item) {
+ $item = $this->replaceAll($item,$rowArray);
+
+ if (($this->_boundaries === 'top' and $item['type'] === 'moveupForm') or ($this->_boundaries === 'bottom' and $item['type'] === 'movedownForm') or ($this->_boundaries === 'both' and ($item['type'] === 'moveupForm' or $item['type'] === 'movedownForm')))
+ {
+ $htmlList .= $this->wrapColumn('&nbsp',$item['type']);
+ }
+ else
+ {
+ $temp = call_user_func_array(array($this,$item['type']),array($item));
+ $htmlList .= $this->wrapColumn($temp,$item['type']);
+ }
+ }
+ return $htmlList;
+ }
+
+ //$index: record number
+ public function ifInBoundaries($index)
+ {
+ $this->_boundaries = 'none';
+
+ if (!empty($this->position))
+ {
+ if ($this->_recordNumber === 1 and strcmp($this->position[0],1) === 0)
+ {
+ $this->_boundaries = 'both';
+ }
+ else if ($index === 0 and strcmp($this->position[0],1) === 0)
+ {
+ $this->_boundaries = 'top';
+ }
+ else if ($index === ($this->_recordNumber-1) and strcmp($this->position[0],$this->position[1]) === 0)
+ {
+ $this->_boundaries = 'bottom';
+ }
+ }
+
+ }
+
+ //create the HTML of the entire list. $queryResult: the array coming from the select query
+ public function render($queryResult)
+ {
+ //set the number of records
+ $this->_recordNumber = count($queryResult);
+ $htmlList = null;
+ //create the HTML of the head of the record list
+ $htmlList .= $this->wrapRow($this->createHead(),'listHead');
+ for ($i = 0; $i < count($queryResult); $i++)
+ {
+ $this->ifInBoundaries($i);
+ $temp = $this->getRowList($queryResult[$i]);
+ $htmlList .= $this->wrapRow($temp,'listRow');
+ }
+ return $this->wrapList($htmlList);
+ }
+
+ public function generalForm($itemArray, $submitName, $submitValue)
+ {
+ $string = "<form class='listItemForm' action='".Url::getRoot(null).$itemArray['action'].$this->viewStatus."' method='POST'>\n";
+ $name = (strcmp($itemArray['name'],'') !== 0) ? $itemArray['name'] : $submitName;
+
+ if (strcmp($this->submitImageType,'yes') === 0)
+ {
+ $string .= "<input type='image' title='".$this->submitTitles[$submitValue]."' src='".$this->submitImages[$submitValue]."' value='$submitValue'>\n";
+ $string .= "<input type='hidden' name='".$name."' value='$submitValue'>\n";
+ }
+ else
+ {
+ $string .= "<input type='submit' title='".$this->submitTitles[$submitValue]."' name='".$name."' value='$submitValue'>\n";
+ }
+
+ $string .= "<input type='hidden' name='".$this->_identifierName."' value='".$itemArray['field']."'>\n";
+ $string .= "</form>\n";
+ return $string;
+ }
+
+ public function moveupForm($itemArray)
+ {
+ return $this->generalForm($itemArray, 'moveupAction', 'up');
+ }
+
+ public function movedownForm($itemArray)
+ {
+ return $this->generalForm($itemArray, 'movedownAction', 'down');
+ }
+
+ public function editForm($itemArray)
+ {
+ return $this->generalForm($itemArray, 'generalAction', 'edit');
+ }
+
+ public function delForm($itemArray)
+ {
+ return $this->generalForm($itemArray, 'delAction', 'del');
+ }
+
+ public function associateForm($itemArray)
+ {
+ return $this->generalForm($itemArray, 'generalAction', 'link');
+ }
+
+ public function simpleText($itemArray) {
+ $string = "<span class='textItem'>".$itemArray['action']."</span>\n";
+ return $string;
+ }
+
+ public function simpleLink($itemArray) {
+ $string = "<a class='linkItem' href='".Url::getRoot(null).$itemArray['action'].$this->viewStatus."'>".$itemArray['name']."</a>\n";
+ return $string;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Helper/Menu.php b/h-source/admin/Library/Helper/Menu.php
new file mode 100755
index 0000000..119ada8
--- /dev/null
+++ b/h-source/admin/Library/Helper/Menu.php
@@ -0,0 +1,75 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to write the top menù of the view files
+class Helper_Menu extends Helper_Html
+{
+
+ public $panelController; //panel controller
+ public $controller;
+
+ public $links = array(
+
+ 'back' => array(
+ 'title' => 'back',
+ 'class' => 'mainMenuItem',
+ 'text' => 'Back',
+ 'url' => 'main'
+ ),
+
+ 'add' => array(
+ 'title' => 'add a new record',
+ 'class' => 'mainMenuItem',
+ 'text' => 'Add',
+ 'url' => 'form/insert'
+ ),
+
+ 'panel' => array(
+ 'title' => 'back to the Panel',
+ 'class' => 'mainMenuItem',
+ 'text' => 'Panel',
+ 'url' => 'main'
+ )
+
+ );
+
+ public function build($controller = null, $panelController = null)
+ {
+ $this->controller = $controller;
+ $this->panelController = $panelController;
+ }
+
+ //$voices: comma-separated list of links you want to print
+ public function render($linksList)
+ {
+ $linksArray = explode(',',$linksList);
+ $menu = null;
+ foreach ($linksArray as $linkName)
+ {
+ //check that the voice exists
+ if (array_key_exists($linkName,$this->links))
+ {
+ //check that the text and the ure are defined
+ if (isset($this->links[$linkName]['text']) and isset($this->links[$linkName]['url']))
+ {
+ $title = isset($this->links[$linkName]['title']) ? "title='".$this->links[$linkName]['title']."'" : null;
+ $class = isset($this->links[$linkName]['class']) ? "class='".$this->links[$linkName]['class']."'" : null;
+
+ //choose the controller (current or panel)
+ $controller = (strcmp($linkName,'panel') === 0) ? $this->panelController.'/' : $this->controller.'/';
+ $viewStatus = (strcmp($linkName,'panel') === 0) ? null : $this->viewStatus;
+
+ $href = Url::getRoot($controller.$this->links[$linkName]['url'].$viewStatus);
+ $text = $this->links[$linkName]['text'];
+ $menu .= "<div $class><a $title href='$href'>$text</a></div>\n";
+ }
+ }
+ }
+ return $menu;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Helper/Pages.php b/h-source/admin/Library/Helper/Pages.php
new file mode 100755
index 0000000..eec58f6
--- /dev/null
+++ b/h-source/admin/Library/Helper/Pages.php
@@ -0,0 +1,108 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//Helper class to create the HTML of the page division list
+class Helper_Pages extends Helper_Html
+{
+
+ protected $_urlViewAction; //url of the current page
+ protected $_currentPage; //number of the page
+ protected $_numbOfPages; //number of pages
+ protected $_variableArg = ''; //value of the $viewArgs key that has to be modified
+
+ public $previousString; //string of the link to the previous page
+ public $nextString; //string of the link to the next page
+
+ public function build($urlViewAction = '' , $variableArg = 'page', $previousString = 'previous', $nextString = 'next')
+ {
+
+ $this->_variableArg = $variableArg;
+ $this->_urlViewAction =$urlViewAction; //url of the controller and (/) main action
+ $this->previousString = $previousString;
+ $this->nextString = $nextString;
+
+ }
+
+ //return the number of pages
+ public function getNumbOfPages()
+ {
+ return $this->_numbOfPages;
+ }
+
+ //get the limit of the select query clause
+ public function getLimit($currentPage,$recordNumber,$recordPerPage)
+ {
+ $this->_currentPage = $currentPage;
+ $this->_numbOfPages=(($recordNumber%$recordPerPage)===0) ? (int) ($recordNumber/$recordPerPage) : ((int) ($recordNumber/$recordPerPage))+1;
+ $start=(($currentPage-1)*$recordPerPage);
+ return "$start,$recordPerPage";
+ }
+
+ //return the page list string
+ public function render($pageNumber,$numberOfPages)
+ {
+ $pageList = null;
+ $pageList .= $this->pageLink($this->_currentPage-1,$this->previousString);
+ $pageList .= $this->recursiveLink($pageNumber,$numberOfPages);
+ $pageList .= $this->pageLink($this->_currentPage+1,$this->nextString);
+ return $pageList;
+ }
+
+ //recorsive function in order to write the page list
+ public function recursiveLink($pageNumber,$numberOfPages)
+ {
+
+ if ($numberOfPages === 0) return null;
+
+ if ($numberOfPages === 1) {
+ return $this->pageLink($pageNumber);
+ } else {
+ return $this->pageLink($pageNumber) . $this->recursiveLink($pageNumber+1,$numberOfPages-1);
+ }
+ }
+
+ public function pageLink($pageNumber, $string = null) {
+ if ($pageNumber > 0 and $pageNumber <= $this->_numbOfPages) {
+ return $this->html($pageNumber,$string);
+ } else {
+ return null;
+ }
+ }
+
+ //return the html link
+ public function html($pageNumber,$string = null) {
+ if (isset($string)) {
+ $strNumber = $string;
+ $strClass = "class='itemListPage'";
+ } else {
+ if ($pageNumber === $this->_currentPage)
+ {
+ $strNumber = $pageNumber;
+ $strClass = "class='currentPage'";
+ }
+ else
+ {
+ $strNumber = $pageNumber;
+ $strClass = "class='itemListPage'";
+ }
+ }
+ $this->viewArgs[$this->_variableArg] = $pageNumber;
+ $viewStatus = Url::createUrl(array_values($this->viewArgs));
+ $href= Url::getRoot(null) . $this->_urlViewAction .$viewStatus;
+ return $this->getATag($href,$strNumber,$strClass);
+ }
+
+ //get the HTMl of the tag
+ //$href: href of the link
+ //$text: the text of the link
+ //$strClass: the class of the link
+ public function getATag($href,$text,$strClass)
+ {
+ return "<a $strClass href='$href'>$text</a>";
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Helper/Popup.php b/h-source/admin/Library/Helper/Popup.php
new file mode 100755
index 0000000..9ceac72
--- /dev/null
+++ b/h-source/admin/Library/Helper/Popup.php
@@ -0,0 +1,87 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to create the popup menu
+class Helper_Popup extends Helper_Html {
+
+ public $popupArray = array(); //array of popup objects (see popup.php)
+ public $url = null; //the url (controller/action) to link by means of the popup menù
+// public $fieldArg = null; //the key of the viewArgs array to set to the field in the where clause
+// public $valueArg = null; //the key of the viewArgs array to be set to the value in the where clause
+ public $pageArg = null; //the key of the viewArgs array representing the page number. $this->viewArgs[$this->pageArg] is set to 1 if $this->pageArg !== null
+
+ //the type of the popup. If type !=exclusive, than each voice selected is added to the where clause. If type=exclusive, the selection of a popup voice causes the unselection of the other voices
+ public $type = null;
+
+ //list of popup names
+ public $popupItems = array();
+
+ public function build($url, $popupArray = null, $type = 'exclusive', $pageArg = null) {
+ $this->url = $url;
+ $this->popupArray = $popupArray;
+ $this->pageArg = $pageArg;
+ $this->type = $type;
+
+ foreach ($this->popupArray as $field => $popup)
+ {
+ $this->popupItems[] = $field;
+ }
+ }
+
+ //check that the ViewArgs array is complete
+ public function checkViewArgs()
+ {
+ foreach ($this->popupArray as $field => $popup)
+ {
+ if (!array_key_exists($field,$this->viewArgs)) return false;
+ }
+ return true;
+ }
+
+ //unselect the voices different from the current one
+ public function unselect($currentVoice)
+ {
+ foreach ($this->popupItems as $item)
+ {
+ if (strcmp($item,$currentVoice) !== 0) $this->viewArgs[$item] = Params::$nullQueryValue;
+ }
+ }
+
+ public function render() {
+ $returnString = null;
+ if ($this->checkViewArgs())
+ {
+ if (isset($this->viewArgs[$this->pageArg]))
+ {
+ $this->viewArgs[$this->pageArg] = 1;
+ }
+ foreach ($this->popupArray as $field => $popup)
+ {
+ if ($this->type === 'exclusive') $this->unselect($field);
+ //save the value of the current ViewArg
+ $tempArg = $this->viewArgs[$field];
+ $returnString .= "<ul onMouseOver='DisplayTag(this,\"block\");' onMouseOut='DisplayTag(this,\"none\");' id='menuBlock'><li class='innerItem'>".$popup->name."<ul class='innerList'>\n";
+ for ($i = 0; $i < count($popup->itemsValue); $i++)
+ {
+ $this->viewArgs[$field] = $popup->itemsValue[$i];
+ $viewStatus = Url::createUrl(array_values($this->viewArgs));
+ $returnString .= "<li><a href='".Url::getRoot($this->url).$viewStatus."'>".$popup->itemsName[$i]."</a></li>\n";
+ }
+ $this->viewArgs[$field] = Params::$nullQueryValue;
+ $viewStatus = Url::createUrl(array_values($this->viewArgs));
+ $returnString .= "<li><a href='".Url::getRoot($this->url).$viewStatus."'>All</a></li>\n";
+ $returnString .= "</ul>\n</li>\n</ul>\n";
+ $this->viewArgs[$field] = $tempArg;
+ }
+ if (count($this->popupArray)>0) {
+ $returnString .= "<script type=\"text/javascript\" src=\"http://".DOMAIN_NAME."/Public/Js/DisplayTag.js\"></script>\n";
+ }
+ }
+ return $returnString;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Helper/index.html b/h-source/admin/Library/Helper/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Helper/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Hooks.php b/h-source/admin/Library/Hooks.php
new file mode 100644
index 0000000..fa005b9
--- /dev/null
+++ b/h-source/admin/Library/Hooks.php
@@ -0,0 +1,21 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to call the hooks
+class Hooks
+{
+
+ //include an hook file
+ public static function load($path)
+ {
+ if (file_exists($path))
+ {
+ include_once($path);
+ }
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Html/Form.php b/h-source/admin/Library/Html/Form.php
new file mode 100644
index 0000000..bddc13f
--- /dev/null
+++ b/h-source/admin/Library/Html/Form.php
@@ -0,0 +1,168 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//create the HTML of the inputs of a form
+class Html_Form {
+
+ //return the HTML of a select
+ //$name: name of the select
+ //$value: the selected value of the select (set $value equal to null if you don't want to select an option)
+ //$options: options of the select. This param can be a comma-separated list of options or an associative array ('name'=>'value')
+ //$className: the class name of the select
+ //$idName: name of the id
+ static public function select($name, $value, $options, $className = null, $idName = null)
+ {
+ $strClass = isset($className) ? "class='".$className."'" : null;
+ $idStr = isset($idName) ? "id='".$idName."'" : null;
+
+ $returnString = null;
+ $returnString .= "<select ".$idStr." $strClass name='".$name."'>\n";
+ if (is_string($options)) {
+ $tempArray = explode(',',$options);
+ foreach ($tempArray as $item)
+ {
+ if (strstr($item,'optgroupOpen:'))
+ {
+ $temp = explode(':',$item);
+ $optionsArray[$temp[1]] = "optgroupOpen";
+ }
+ else
+ {
+ $optionsArray[$item] = $item;
+ }
+ }
+ }
+ else
+ {
+ $optionsArray = $options;
+ }
+
+ $flag = 0;
+ foreach ($optionsArray as $optionName => $optionValue) {
+ if (strcmp($optionValue,'optgroupOpen') === 0)
+ {
+ if ($flag === 1) $returnString .= "</optgroup>\n";
+ $returnString .= "<optgroup label=" . $optionName . ">\n";
+ $flag = 1;
+ }
+ else
+ {
+ $str= (strcmp($value,$optionValue) === 0) ? "selected='$optionValue'" : null;
+ $returnString .= "<option value='".$optionValue."' $str>$optionName</option>\n";
+ }
+ }
+ if ($flag === 1) $returnString .= "</optgroup>\n";
+ $returnString .= "</select>\n";
+ return $returnString;
+ }
+
+ //return the HTML of an <input type='text' ...>
+ //$name: the name of the input
+ //$value: the value of the input
+ //$className: the class name of the input
+ //$idName: name of the id
+ static public function input($name, $value, $className = null, $idName = null)
+ {
+ $strClass = isset($className) ? "class='".$className."'" : null;
+ $idStr = isset($idName) ? "id='".$idName."'" : null;
+
+ $returnString ="<input ".$idStr." $strClass type='text' name='" .$name. "' value = '$value'>\n";
+ return $returnString;
+ }
+
+ //return the HTML of a checkBox
+ //$name: name of the checkBox (string)
+ //$value: the value of the checkBox (string or number)
+ //$option: option of the checkBox (string or number)
+ //$className: the class name of the checkBox (string)
+ //$idName: name of the id
+ static public function checkbox($name, $value, $option, $className = null, $idName = null)
+ {
+ $strClass = isset($className) ? "class='".$className."'" : null;
+ $idStr = isset($idName) ? "id='".$idName."'" : null;
+
+ $str = (strcmp($value,$option) === 0) ? "checked = 'checked'" : null;
+ return "<input ".$idStr." $strClass type='checkbox' name='".$name."' value='".$option."' $str>\n";
+ }
+
+ //return the HTML of a hidden entry
+ //$name: name of the hidden entry (string)
+ //$value: the value of the hidden entry (string or number)
+ static public function hidden($name, $value)
+ {
+ return "<input type='hidden' name='" .$name. "' value = '$value'>\n";
+ }
+
+ //return the HTML of a password entry
+ //$name: name of the password entry (string)
+ //$value: the value of the password entry (string or number)
+ //$idName: name of the id
+ static public function password($name, $value, $className = null, $idName = null)
+ {
+ $strClass = isset($className) ? "class='".$className."'" : null;
+ $idStr = isset($idName) ? "id='".$idName."'" : null;
+
+ return "<input ".$idStr." $strClass type='password' name='" .$name. "' value='$value'>\n";
+ }
+
+ //return the HTML of a textarea
+ //$name: name of the textarea (string)
+ //$value: the value of the textarea (string or number)
+ //$idName: name of the id
+ static public function textarea($name, $value, $className = null, $idName = null)
+ {
+ $strClass = isset($className) ? "class='".$className."'" : null;
+ $idStr = isset($idName) ? "id='".$idName."'" : null;
+
+ return "<textarea ".$idStr." $strClass name='" .$name. "'>$value</textarea>\n";
+ }
+
+ //return the HTML of a radio button
+ //$name: name of the radio button
+ //$value: the selected value of the radio button (set $value equal to null if you don't want to select an option)
+ //$options: options of the radio button. This param can be a comma-separated list of options or an associative array ('name'=>'value')
+ //$className: the class name of the radio button
+ //$position: position of the strings of the radio with respect to the "circles". It can be before or after
+ //$idName: name of the id
+ static public function radio($name, $value, $options, $className = null, $position = 'after', $idName = null)
+ {
+ $strClass = isset($className) ? "class='".$className."'" : null;
+ $idStr = isset($idName) ? "id='".$idName."'" : null;
+
+ $returnString = null;
+
+ if (is_string($options)) {
+ $tempArray = explode(',',$options);
+ foreach ($tempArray as $item)
+ {
+ $optionsArray[$item] = $item;
+ }
+ } else {
+ $optionsArray = $options;
+ }
+
+ foreach ($optionsArray as $optionName => $optionValue) {
+
+ if ($position === 'before')
+ {
+ $before = $optionName;
+ $after = null;
+ }
+ else
+ {
+ $before = null;
+ $after = $optionName;
+ }
+
+ $str= (strcmp($value,$optionValue) === 0) ? "checked='checked'" : null;
+ $returnString .= "$before<input ".$idStr." $strClass type='radio' name='".$name."' value='".$optionValue."' $str>$after\n";
+ }
+
+ return $returnString;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Html/index.html b/h-source/admin/Library/Html/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Html/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Image/Gd/Captcha.php b/h-source/admin/Library/Image/Gd/Captcha.php
new file mode 100644
index 0000000..ace4806
--- /dev/null
+++ b/h-source/admin/Library/Image/Gd/Captcha.php
@@ -0,0 +1,85 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to create a captcha
+//you have to call session_start() before to initialize a captcha object
+class Image_Gd_Captcha
+{
+
+ private $params = array(); //parameters of the object
+ private $string = null; //the text string of the captcha
+
+ public function __construct($params = null)
+ {
+ $here = realpath('.');
+
+ $defaultParams = array(
+ 'boxWidth' => 150,
+ 'boxHeight' => 100,
+ 'charNumber' => 6,
+ 'fontPath' => $here.'/External/Fonts/FreeFont/FreeMono.ttf',
+ 'undulation' => true,
+ 'align' => false,
+ 'charHeight' => 28
+ );
+
+ //set the $this->scaffold->params array
+ if (is_array($params))
+ {
+ foreach ($params as $key => $value)
+ {
+ $defaultParams[$key] = $value;
+ }
+ }
+ $this->params = $defaultParams;
+
+ $this->string = generateString($this->params['charNumber']);
+ }
+
+ public function render()
+ {
+ //space among characters
+ $space = $this->params['boxWidth'] / ($this->params['charNumber']+1);
+ //create the image box
+ $img = imagecreatetruecolor($this->params['boxWidth'],$this->params['boxHeight']);
+
+ $background = imagecolorallocate($img,255,255,255);
+ $border = imagecolorallocate($img,0,0,0);
+ $colors[] = imagecolorallocate($img,mt_rand(0,125),mt_rand(0,125),mt_rand(0,125));
+ $colors[] = imagecolorallocate($img,mt_rand(0,125),mt_rand(0,125),mt_rand(0,125));
+ $colors[] = imagecolorallocate($img,mt_rand(0,125),mt_rand(0,125),mt_rand(0,125));
+
+ //create the background
+ imagefilledrectangle($img,1,1,$this->params['boxWidth']-2,$this->params['boxHeight']-2,$background);
+ imagerectangle($img,0,0,$this->params['boxWidth']-1,$this->params['boxHeight']-2,$border);
+
+ //set the text
+ for ($i=0; $i< $this->params['charNumber']; $i++)
+ {
+ $color = $colors[$i % count($colors)];
+ $char = substr($this->string,$i,1);
+ $fontPath = $this->params['fontPath'];
+ $angle = $this->params['undulation'] === false ? 0 : -20+rand(0,40);
+ $yposFixed = (int)(($this->params['boxHeight'])/2);
+ $ypos = $this->params['align'] === true ? $yposFixed : $yposFixed + mt_rand(0,10);
+ $charHeight = $this->params['charHeight'];
+ imagettftext($img,$charHeight + rand(0,8),$angle,($i+0.3)*$space,$ypos,$color,$fontPath,$char);
+ }
+
+ $noiseColor = imagecolorallocate($img, mt_rand(125,255), mt_rand(125,255), mt_rand(125,255));
+ /* generate random dots in background */
+ for( $i=0; $i<($this->params['boxWidth'] * $this->params['boxHeight'])/7; $i++ ) {
+ imagefilledellipse($img, mt_rand(0,$this->params['boxWidth']), mt_rand(0,$this->params['boxHeight']), 1, 1, $noiseColor);
+ }
+
+ $_SESSION['captchaString'] = $this->string;
+ header('Content-Type: image/png');
+ imagepng($img);
+ imagedestroy($img);
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Image/Gd/Thumbnail.php b/h-source/admin/Library/Image/Gd/Thumbnail.php
new file mode 100644
index 0000000..5981175
--- /dev/null
+++ b/h-source/admin/Library/Image/Gd/Thumbnail.php
@@ -0,0 +1,151 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to create a thumbnail
+class Image_Gd_Thumbnail
+{
+ const DS = DIRECTORY_SEPARATOR;
+
+ private $params = array(); //parameters of the object
+ private $basePath = null; //the path of the folder inside which the images are saved
+
+ public function __construct($basePath,$params = null)
+ {
+ $finalChar = $basePath[strlen($basePath) - 1];
+ if (strcmp($finalChar,self::DS) !== 0) $basePath .= self::DS;
+
+ $this->basePath = $basePath;
+
+ $defaultParams = array(
+ 'imgWidth' => 100,
+ 'imgHeight' => 100,
+ 'defaultImage' => null,
+ 'cropImage' => 'no',
+ 'horizAlign' => 'left',
+ 'vertAlign' => 'top'
+ );
+
+ //set the $this->scaffold->params array
+ if (is_array($params))
+ {
+ foreach ($params as $key => $value)
+ {
+ $defaultParams[$key] = $value;
+ }
+ }
+ $this->params = $defaultParams;
+ }
+
+ //create the thumbnail
+ //$imageName: the name of the file inside $this->basePath
+ public function render($imageFile)
+ {
+ $imagePath = $this->basePath . basename($imageFile);
+
+ if (!file_exists($imagePath) and isset($this->params['defaultImage'])) $imagePath = $this->params['defaultImage'];
+
+ $img = null;
+ $ext = strtolower(end(explode('.', $imagePath)));
+
+ if (strcmp($ext,'jpg') === 0 or strcmp($ext,'jpeg') === 0) {
+ $img = @imagecreatefromjpeg($imagePath);
+ } else if (strcmp($ext,'png') === 0) {
+ $img = @imagecreatefrompng($imagePath);
+ } else if (strcmp($ext,'gif') === 0) {
+ $img = @imagecreatefromgif($imagePath);
+ }
+
+ //If an image was successfully loaded, test the image for size
+ if ($img) {
+ //image size
+ $width = imagesx($img);
+ $height = imagesy($img);
+
+ if ($this->params['cropImage'] === 'no')
+ {
+ $scale = min($this->params['imgWidth']/$width, $this->params['imgHeight']/$height);
+ }
+ else if ($this->params['cropImage'] === 'yes')
+ {
+ $scale = max($this->params['imgWidth']/$width, $this->params['imgHeight']/$height);
+ }
+
+ if ($scale < 1) {
+
+ $xSrc = 0;
+ $ySrc = 0;
+
+ if ($this->params['cropImage'] === 'no')
+ {
+ $newWidth = floor($scale*$width);
+ $newHeight = floor($scale*$height);
+ }
+ else if ($this->params['cropImage'] === 'yes')
+ {
+
+ $newWidth = $this->params['imgWidth'];
+ $newHeight = $this->params['imgHeight'];
+ $oldWidth = $width;
+ $oldHeight = $height;
+ $width = floor($newWidth/$scale);
+ $height = floor($newHeight/$scale);
+
+ switch ($this->params['horizAlign'])
+ {
+ case 'left':
+ $xSrc = 0;
+ break;
+ case 'right':
+ $xSrc = floor(($oldWidth-$width));
+ break;
+ case 'center':
+ $xSrc = floor(($oldWidth-$width)/2);
+ break;
+ default:
+ $xSrc = $this->params['horizAlign'];
+ }
+
+ switch ($this->params['vertAlign'])
+ {
+ case 'top':
+ $ySrc = 0;
+ break;
+ case 'bottom':
+ $ySrc = floor(($oldHeight-$height));
+ break;
+ case 'center':
+ $ySrc = floor(($oldHeight-$height)/2);
+ break;
+ default:
+ $ySrc = $this->params['vertAlign'];
+ }
+
+ }
+
+ //temp image
+ $tmpImg = imagecreatetruecolor($newWidth, $newHeight);
+
+ //copy and resize
+ imagecopyresized($tmpImg, $img, 0, 0, $xSrc, $ySrc,$newWidth, $newHeight, $width, $height);
+ imagedestroy($img);
+ $img = $tmpImg;
+ }
+
+ }
+
+ if (!$img) {
+ $img = imagecreate($this->params['imgWidth'], $this->params['imgHeight']);
+ imagecolorallocate($img,200,200,200);
+ }
+
+ //print the image
+ header("Content-type: image/jpeg");
+ imagejpeg($img);
+
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Image/Gd/index.html b/h-source/admin/Library/Image/Gd/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Image/Gd/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Image/index.html b/h-source/admin/Library/Image/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Image/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Lang/Eng/DbCondStrings.php b/h-source/admin/Library/Lang/Eng/DbCondStrings.php
new file mode 100644
index 0000000..1edae98
--- /dev/null
+++ b/h-source/admin/Library/Lang/Eng/DbCondStrings.php
@@ -0,0 +1,17 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//error strings in the case database conditions are not satisfied
+class Lang_Eng_DbCondStrings {
+
+ //get the error string in the case that the value of the field $field is already present in the table $table
+ public function getNotUniqueString($field)
+ {
+ return "<div class='alert'>The value of <i>". $field ."</i> is already present. Please choose a different value.</div>\n";
+ }
+
+}
diff --git a/h-source/admin/Library/Lang/Eng/ModelStrings.php b/h-source/admin/Library/Lang/Eng/ModelStrings.php
new file mode 100644
index 0000000..411d196
--- /dev/null
+++ b/h-source/admin/Library/Lang/Eng/ModelStrings.php
@@ -0,0 +1,19 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Lang_Eng_ModelStrings extends Lang_ResultStrings {
+
+ public $string = array(
+ "error" => "<div class='alert'>Query error: Contact the administrator!</div>\n",
+ "executed" => "<div class='executed'>Operation executed!</div>\n",
+ "associate" => "<div class='alert'>Referential integrity problem: record associated to some other record in a child table. Break the association before.</div>\n",
+ "no-id" => "<div class='alert'>Alert: record identifier not defined!</div>\n",
+ "not-linked" => "<div class='alert'>The Item is not associated : you can't dissociate it</div>",
+ "linked" => "<div class='alert'>The Item is already associated: you can't associate it another time</div>"
+ );
+
+}
diff --git a/h-source/admin/Library/Lang/Eng/UploadStrings.php b/h-source/admin/Library/Lang/Eng/UploadStrings.php
new file mode 100644
index 0000000..195fd5f
--- /dev/null
+++ b/h-source/admin/Library/Lang/Eng/UploadStrings.php
@@ -0,0 +1,27 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Lang_Eng_UploadStrings extends Lang_ResultStrings {
+
+ public $string = array(
+ "error" => "<div class='alert'>Error: verify the permissions of the file/directory</div>\n",
+ "executed" => "<div class='executed'>Operation executed!</div>\n",
+ "not-child" => "<div class='alert'>The selected directory is not a child of the base directory</div>\n",
+ "not-dir" => "<div class='alert'>The selected directory is not a directory</div>\n",
+ "not-empty" => "<div class='alert'>The selected directory is not empty</div>\n",
+ "no-folder-specified" => "<div class='alert'>No folder has been specified</div>\n",
+ "no-file-specified" => "<div class='alert'>No file has been specified</div>\n",
+ "not-writable" => "<div class='alert'>The folder is not writable</div>\n",
+ "not-writable-file" => "<div class='alert'>The file is not writable</div>\n",
+ "dir-exists" => "<div class='alert'>The directory is already present in the current folder</div>\n",
+ "no-upload-file" => "<div class='alert'>There is no file to upload</div>\n",
+ "size-over" => "<div class='alert'>The size of the file is too big</div>\n",
+ "not-allowed-ext" => "<div class='alert'>The extension of the file you want to upload is not allowed</div>\n",
+ "file-exists" => "<div class='alert'>The file is already present in the current folder</div>\n"
+ );
+
+}
diff --git a/h-source/admin/Library/Lang/Eng/ValCondStrings.php b/h-source/admin/Library/Lang/Eng/ValCondStrings.php
new file mode 100644
index 0000000..b9d132e
--- /dev/null
+++ b/h-source/admin/Library/Lang/Eng/ValCondStrings.php
@@ -0,0 +1,76 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Lang_Eng_ValCondStrings {
+
+ //if the element is not defined
+ public function getNotDefinedResultString($element)
+ {
+ return "<div class='alert'>". $element ." not defined!</div>\n";
+ }
+
+ //if the elements are not equal
+ public function getNotEqualResultString($element)
+ {
+ return "<div class='alert'>Different values: $element</div>\n";
+ }
+
+ //if the element is not alphabetic
+ public function getNotAlphabeticResultString($element)
+ {
+ return "<div class='alert'>".$element." has to be alphabetic</div>\n";
+ }
+
+ //if the element is not alphanumeric
+ public function getNotAlphanumericResultString($element)
+ {
+ return "<div class='alert'>".$element." has to be alphanumeric</div>\n";
+ }
+
+ //if the element is not a decimal digit
+ public function getNotDecimalDigitResultString($element)
+ {
+ return "<div class='alert'>".$element." has to be a decimal digit</div>\n";
+ }
+
+ //if the element has the mail format
+ public function getNotMailFormatResultString($element)
+ {
+ return "<div class='alert'>".$element." doesn't seem an e-mail address</div>\n";
+ }
+
+ //if the element is numeric
+ public function getNotNumericResultString($element)
+ {
+ return "<div class='alert'>".$element." has to be a numeric</div>\n";
+ }
+
+ //if the element (string) length exceeds the value of characters (defined by $maxLength)
+ public function getLengthExceedsResultString($element,$maxLength)
+ {
+ return "<div class='alert'>".$element." exceeds the value of $maxLength characters</div>\n";
+ }
+
+ //if the element is one of the strings indicated by $stringList (a comma-separated list of strings)
+ public function getIsForbiddenStringResultString($element,$stringList)
+ {
+ return "<div class='alert'>".$element." can't be one of the following strings: $stringList</div>\n";
+ }
+
+ //if the element is not one of the strings indicated by $stringList (a comma-separated list of strings)
+ public function getIsNotStringResultString($element,$stringList)
+ {
+ return "<div class='alert'>".$element." has to be one of the following strings: $stringList</div>\n";
+ }
+
+ //if the element is not one of the strings indicated by $stringList (a comma-separated list of strings)
+ public function getDoesntMatchResultString($element,$regExp)
+ {
+ return "<div class='alert'>".$element." has to match the following regular expression: $regExp</div>\n";
+ }
+
+}
diff --git a/h-source/admin/Library/Lang/Eng/index.html b/h-source/admin/Library/Lang/Eng/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Lang/Eng/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Lang/ResultStrings.php b/h-source/admin/Library/Lang/ResultStrings.php
new file mode 100644
index 0000000..db1095c
--- /dev/null
+++ b/h-source/admin/Library/Lang/ResultStrings.php
@@ -0,0 +1,25 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Lang_ResultStrings {
+
+ public $string = array();
+
+ //method to get the string $stringName
+ public function getString($stringName)
+ {
+ if (isset($this->string[$stringName]))
+ {
+ return $this->string[$stringName];
+ }
+ else
+ {
+ return 'result string not defined!';
+ }
+ }
+
+}
diff --git a/h-source/admin/Library/Lang/index.html b/h-source/admin/Library/Lang/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Lang/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/ModAbstract.php b/h-source/admin/Library/ModAbstract.php
new file mode 100644
index 0000000..885f64f
--- /dev/null
+++ b/h-source/admin/Library/ModAbstract.php
@@ -0,0 +1,25 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//aach module class has to inherits from this abstract class
+abstract class ModAbstract
+{
+
+ //reference to a simpleXML object
+ protected $simpleXmlObj = null;
+
+ //type hinting: simplexmlelement
+ public function __construct(SimpleXMLElement $simpleXmlObj)
+ {
+ $this->simpleXmlObj = $simpleXmlObj;
+ }
+
+ //define the abstract method to render (create the HTML) of the single module
+ //$xmlObject: simpleXML object
+ abstract public function render();
+
+}
diff --git a/h-source/admin/Library/Model/Base.php b/h-source/admin/Library/Model/Base.php
new file mode 100755
index 0000000..1aaadca
--- /dev/null
+++ b/h-source/admin/Library/Model/Base.php
@@ -0,0 +1,1140 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+abstract class Model_Base
+{
+
+ public $fields = ''; //the fields that have to be manipulated by the update and insert query
+ public $values = array(); //the values that corresponding to the $this->fields fields
+ public $form = null; //reference to a Form_Form object
+ public $formStruct = null; //the form structure
+
+ public $submitName = null; //the current submitName (from the form)
+ public $identifierName = 'identifier';
+
+ public $notice = null; //a string explaining the result of the query applied (or not if an error occured): executed, error, etc
+ public $result = true; //the result of validate conditions, database conditions and query. It can be 'true' or 'false'
+ public $queryResult = false; //the result of the query
+
+ //conditions that have to be satisfied before applying the query
+ //Ex: 'update'=>'checkEmpty:titolo,autore','submitName'=>'conditions'
+ public $strongConditions = array();
+
+ //conditions that have to be satisfied before applying the query
+ //Ex: 'update'=>'checkEmpty:titolo,autore','submitName'=>'conditions'
+ //do not return error if a value is equal to '' or null
+ public $softConditions = array();
+
+ //conditions that have to be satisfied before applying the query
+ //check that the new values inserted satisfy some conditions
+ //Ex: 'update'=>'checkUniqueCompl:titolo,autore;checkUnique:titolo','insert'=>'checkUnique:titolo'
+ public $databaseConditions = array();
+
+ public $popupArray = array(); //array of popup objects (see popup.php)
+
+ public $supplInsertValues = array(); //associative array defining supplementary values to be inserted on each insert query. It has to have the following form: array(field1 => value1,field2 => value2, ...)
+
+ public $supplUpdateValues = array(); //associative array defining supplementary values to be inserted on each update query. It has to have the following form: array(field1 => value1,field2 => value2, ...)
+
+ public $select = null; //fields that have to be selected in select queries
+ public $where = array(); //associative array containing all the where clauses ($field => $value)
+ //group by, order by and limit clauses
+ public $groupBy = null;
+ public $orderBy = null;
+ public $limit = null;
+
+ public $from = null; //from clause of the select queries
+ public $on = null; //join part of the where clause of the select queries
+ public $using = null; //using clause
+
+ public $toList = false; //if the result have to be given in a list format
+ public $listArray = array(); //array containing the $key and the $value to be used to extract a list from a resultSet
+
+ //logic operator between statements in the where clause of select queries
+ public $logicalOperators = array('AND');
+
+ protected $_tables='itemTable,boxTable,item_boxTable';
+ protected $_idFields='id_item,id_box';
+ protected $_tablesArray=array();
+ protected $_idFieldsArray=array();
+ protected $_where = array();
+
+ //the name of the field that has to be used to order the rows of the main table of the model
+ protected $_idOrder = null;
+
+ protected $_onDelete = 'check'; //can be 'nocheck' or 'check'. check: referential integrity check. nocheck: no referential integrity check
+ protected $_reference = null; //array containing the child table that have a reference to this table and the foreign key of the child table-> array($childTable,$foreignKey)
+
+ protected $_popupItemNames = array(); //the fields to be used as names in the popupArray elements. Associative array ($itemNameField1 => $itemNameValue1, ...)
+
+ //the labels of the pop-up menus
+ protected $_popupLabels = array();
+
+ //functions that have to be applied upon the label fields of the popup menu
+ protected $_popupFunctions = array();
+
+ protected $_popupWhere = array(); //where clause for the pupup menu
+
+ protected $_resultString; //reference to the class containing all the result strings of the db queries
+ protected $_dbCondString; //reference to the class containing all the result strings of the database conditions
+
+ protected $_backupFields = ''; //field saved after the delFields method has been applied
+ protected $_backupValues = array(); //values saved after the delFields method has been applied
+ protected $_allowedDbMethods = array('update','insert','del','moveup','movedown'); //methods that can be called by the updateTable method
+
+ protected $submitNames = array(
+ 'update' => 'updateAction',
+ 'insert' => 'insertAction',
+ 'del' =>'delAction',
+ 'moveup' =>'moveupAction',
+ 'movedown' =>'movedownAction'
+ );
+
+ protected $identifierValue = null; //the value of the identifier ($_POST[$this->identifier])
+ protected $arrayExt; //arrayExt object (see library/arrayExt.php)
+
+ protected $_arrayStrongCheck; //Array_Validate_Strong object
+ protected $_arraySoftCheck; //Array_Validate_Soft object
+
+ public $db; //reference to the database layer class
+ protected $_lang = 'Eng'; //language of notices
+
+
+ public function __construct() {
+ $this->_tablesArray = explode(',',$this->_tables);
+ $this->_idFieldsArray = explode(',',$this->_idFields);
+ $this->_where[$this->_idFieldsArray[0]] = $this->_tablesArray[0];
+ $this->arrayExt = new ArrayExt();
+
+ //initialize the validate objects
+ $this->_arrayStrongCheck = new Array_Validate_Strong($this->_lang);
+ $this->_arraySoftCheck = new Array_Validate_Soft($this->_lang);
+
+ $this->identifierName = $this->_idFieldsArray[0];
+
+ //create the $_resultString object (result strings of the db queries)
+ $modelStringClass = 'Lang_'.$this->_lang.'_ModelStrings';
+ if (!class_exists($modelStringClass))
+ {
+ $modelStringClass = 'Lang_Eng_ModelStrings';
+ }
+ $this->_resultString = new $modelStringClass();
+
+ //create the $_dbCondString object (result strings of the database conditions)
+ $dbCondStringClass = 'Lang_'.$this->_lang.'_DbCondStrings';
+ if (!class_exists($dbCondStringClass))
+ {
+ $dbCondStringClass = 'Lang_Eng_DbCondStrings';
+ }
+ $this->_dbCondString = new $dbCondStringClass();
+
+ //instantiate the database class
+ $this->db = Factory_Db::getInstance(DATABASE_TYPE);
+ }
+
+ //set the submitNames property (array)
+ //$methodName : the method name, $submitName: the submit name of the submit action of the form
+ public function setSubmitNames($methodName,$submitName)
+ {
+ if (!in_array($methodName,$this->_allowedDbMethods))
+ {
+ throw new Exception('query type <b>"'.$methodName. '"</b> not allowed in '. __METHOD__);
+ }
+ $this->submitNames[$methodName] = $submitName;
+ }
+
+ //get the last query executed
+ public function getQuery()
+ {
+ return $this->db->query;
+ }
+
+ //get the where clause of the select query
+ public function getWhereQueryClause()
+ {
+ return $this->where;
+ }
+
+ //set the where clause of the select query
+ //whereArray = array ($table_field => $value)
+ public function setWhereQueryClause($whereArray)
+ {
+ $this->where = $whereArray;
+ }
+
+ //append the whereArray clause to $this_->whereClause
+ //whereArray = array ($table_field => $value)
+ public function appendWhereQueryClause($whereArray)
+ {
+ $this->where = array_merge($this->where,$whereArray);
+ }
+
+ //drop the char $char from the beginning of the string $string
+ public function dropStartChar($string,$char)
+ {
+ while(strcmp($string[0],$char) === 0)
+ {
+ $string = substr($string,1);
+ }
+ return $string;
+ }
+
+ //get the table name from $this->_where. If the table is not present then return $this->_tablesArray[0]
+ public function getTableName($field)
+ {
+ return isset($this->_where[$field]) ? $this->_where[$field] : $this->_tablesArray[0];
+ }
+
+ //method to create the where clause of the select query from the $this->where array
+ //$level: level of the ricorsion
+ //$whereClauseLevel: array containing the field=>value statements of the where clause. If $whereClause = null than $this->where is considered
+ public function createWhereClause($level = 0, $whereClauseLevel = null)
+ {
+ $whereClause = null;
+ $whereClauseArray = array();
+
+ $whereClause = isset($whereClauseLevel) ? $whereClauseLevel : $this->where;
+
+ foreach ($whereClause as $field => $value)
+ {
+ if (is_array($value))
+ {
+ $newValue = $this->createWhereClause($level+1, $value);
+ if (isset($newValue)) $whereClauseArray[] = $newValue;
+ }
+ else
+ {
+ $flag = 0; //equal where clause
+ if (isset($field))
+ {
+ //drop the 'n:' and '-' chars from $field
+ $fieldClean = str_replace('n!',null,$field);
+ $fieldClean = $this->dropStartChar($fieldClean,'-');
+ if (strcmp($value,Params::$nullQueryValue) !== 0 or (Params::$nullQueryValue === false))
+ {
+ foreach (params::$whereClauseSymbolArray as $symbol)
+ {
+ if (strstr($value,$symbol))
+ {
+ //check if write or not the table name
+ $tableName = strstr($field,'n!') ? null : $this->getTableName($field).'.';
+ $whereClauseArray[] = $tableName.$fieldClean.' '.$value;
+ $flag = 1; //not equal where clause
+ break;
+ }
+ }
+ if ($flag === 0)
+ {
+ $value = '"'.$value.'"';
+ //check if write or not the table name
+ $tableName = strstr($field,'n!') ? null : $this->getTableName($field).'.';
+ $whereClauseArray[] = $tableName.$fieldClean.'='.$value;
+ }
+ }
+ }
+ }
+ }
+ //get the logic operator at the current level
+ $logicOper = isset($this->logicalOperators[$level]) ? ' '.$this->logicalOperators[$level].' ' : ' AND ';
+ $whereClause = !empty($whereClauseArray) ? implode($logicOper,$whereClauseArray) : null;
+ $whereClause = (isset($whereClause) and $level>0) ? '('.$whereClause.')' : $whereClause;
+ return $whereClause;
+ }
+
+
+ //get the submitName having its key (the method name)
+ public function getSubmitName($key)
+ {
+ if (!array_key_exists($key,$this->submitNames))
+ {
+ return 'generalAction';
+// throw new Exception('query type <b>"'.$key. '"</b> not allowed in '.__METHOD__);
+ }
+ return $this->submitNames[$key];
+
+ }
+
+
+ //return the values, taken from the $_POST array, to be inserted inside the forms
+ //$queryType: insert or update
+ //$func: sanitize function to apply upon each value
+ //$id: if $queryType='update' that the values are taken from the record (of the main table of this model) having the primary key equal to $id
+ //$defaultValues = associative array of the form: array($entry=>$defaultValue)
+ //$functionsIfFromDb = associative array of the form: array($entry=>$function_to_be_applied)
+ public function getFormValues($queryType = 'insert', $func = 'sanitizeHtml',$id = null,$defaultValues = array(),$functionsIfFromDb = array())
+ {
+ $arrayType = array('update','insert');
+ $values = array();
+ $idName = $this->identifierName;
+ if (in_array($queryType,$arrayType))
+ {
+ $ident = null;
+ if (isset($id))
+ {
+ $ident = (int)$id;
+ }
+ else if (isset($_POST[$idName]))
+ {
+ $ident = (int)$_POST[$idName];
+ }
+ if ($this->result)
+ {
+ if ($queryType === 'update')
+ {
+ if (isset($ident))
+ {
+ $recordArray = $this->selectId($ident);
+
+ $fieldsArray = explode(',',$this->fields);
+
+ foreach ($fieldsArray as $field)
+ {
+ $values[$field] = array_key_exists($field,$recordArray) ? $recordArray[$field] : '';
+ }
+
+ $values[$idName] = $ident;
+
+ //apply the functions upon entries
+ foreach ($functionsIfFromDb as $entry => $funcUponEntry)
+ {
+ if (array_key_exists($entry,$values))
+ {
+ if (!function_exists($funcUponEntry)) {
+ throw new Exception('Error in <b>'.__METHOD__.'</b>: function <b>'.$funcUponEntry. '</b> does not exists');
+ }
+
+ $values[$entry] = call_user_func($funcUponEntry,$values[$entry]);
+ }
+ }
+
+ }
+ }
+ else if ($queryType === 'insert')
+ {
+
+ $tempArray = is_array($defaultValues) ? $defaultValues : array();
+
+ $values = $this->arrayExt->subset($tempArray,$this->fields,$func);
+
+ }
+ }
+ else
+ {
+ $values = $this->arrayExt->subset($_POST,$this->fields,$func);
+
+ if ($queryType === 'update')
+ {
+ $values[$idName] = $ident;
+ }
+ }
+ }
+ return $values;
+ }
+
+
+ //method to set the properties $this->fields and $this->values
+ public function setFields($fields,$func = 'sanitizeAll')
+ {
+ $this->values = $this->arrayExt->subset($_POST,$fields,$func);
+ $this->fields = $this->extractFields($fields);
+
+ //set the backup variables
+ $this->_backupFields = $this->fields;
+ $this->_backupValues = $this->values;
+ }
+
+
+ //clear the fields list
+ public function clearFields()
+ {
+ $this->_backupFields = $this->fields;
+ $this->_backupValues = $this->values;
+ $this->fields = '';
+ $this->values = array();
+ }
+
+ //del the fields written in the $list argument. The $list argument has to be of the type: field1,field2,...
+ public function delFields($list)
+ {
+ $this->_backupFields = $this->fields;
+ $this->_backupValues = $this->values;
+ $this->values = $this->arrayExt->subsetComplementary($this->values,$list);
+ $this->fields = implode(',',array_keys($this->values));
+ }
+
+ //restore the fields and values saved in $_backupFields and $_backupValues
+ public function restoreFields()
+ {
+ $this->fields = $this->_backupFields;
+ $this->values = $this->_backupValues;
+ }
+
+ //method to clean the $fields string deleting the colons (and the word after the colon)
+ public function extractFields($fields) {
+ $fieldsArray = explode(',',$fields);
+ $resultString = array();
+ foreach ($fieldsArray as $field) {
+ if (strstr($field,':')) {
+ $temp = explode(':',$field);
+ $resultString[] = $temp[0];
+ } else {
+ $resultString[] = $field;
+ }
+ }
+ return implode(',',$resultString);
+ }
+
+ //add the supplementary value on insert and update queries
+ //$queryType: insert or update
+ public function setSupplValues($queryType)
+ {
+ if ($queryType === 'insert')
+ {
+ $supplValues = $this->supplInsertValues;
+ }
+ else if ($queryType === 'update')
+ {
+ $supplValues = $this->supplUpdateValues;
+ }
+
+ $baseFields = implode(',',array_keys($this->values));
+
+ $supplFields = implode(',',array_keys($supplValues));
+ $supplFields = (strcmp($supplFields,'') === 0) ? $supplFields : ',' . $supplFields;
+
+ $fields = $baseFields . $supplFields;
+ $values = array_merge(array_values($this->values),array_values($supplValues));
+
+ return array($fields,$values);
+ }
+
+
+ //method to call the update query (overriding of the base_db del method)
+ //update the record with the primary key equal to $id (default)
+ //if $whereClause is set then use $whereClause as where clause of the update query
+ public function update($id = null, $whereClause = null)
+ {
+ if (!is_array($this->supplUpdateValues))
+ {
+ throw new Exception('error in <b>' . __METHOD__ . '</b>: the <b>supplUpdateValues</b> property has to be an array.');
+ }
+ $el = $this->setSupplValues('update');
+ $this->queryResult = false;
+
+ if (isset($whereClause))
+ {
+ $result = $this->db->update($this->_tablesArray[0],$el[0],$el[1],$whereClause);
+ $this->setNotice($result);
+ return $result;
+ }
+ else
+ {
+ if (isset($id))
+ {
+ $where = $this->_idFieldsArray[0].'='.(int)($id);
+ $result = $this->db->update($this->_tablesArray[0],$el[0],$el[1],$where);
+ $this->setNotice($result);
+ return $result;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-id');
+ $this->result = false;
+ $this->identifierValue = null;
+ return false;
+ }
+ }
+ }
+
+ //method to call the insert query (overriding of the base_db del method)
+ public function insert() {
+
+ $this->queryResult = false;
+ if (!is_array($this->supplInsertValues)) {
+ throw new Exception('error in <b>' . __METHOD__ . '</b>: the <b>supplInsertValues</b> property has to be an array.');
+ }
+
+ if (isset($this->_idOrder))
+ {
+ $maxValue = $this->db->getMax($this->_tablesArray[0],$this->_idOrder);
+ $this->supplInsertValues[$this->_idOrder] = (int)$maxValue + 1;
+ }
+
+ $el = $this->setSupplValues('insert');
+
+ $result = $this->db->insert($this->_tablesArray[0],$el[0],$el[1]);
+ $this->setNotice($result);
+ return $result;
+ }
+
+ //method to call the delete query (overriding of the base_db del method)
+ public function del($id = null, $whereClause = null) {
+
+ $this->queryResult = false;
+
+ if (isset($whereClause))
+ {
+ $result = $this->db->del($this->_tablesArray[0],$whereClause);
+ $this->setNotice($result);
+ return $result;
+ }
+ else
+ {
+ if (isset($id)) {
+ $where = $this->_idFieldsArray[0].'='.(int)$id;
+ $result = $this->db->del($this->_tablesArray[0],$where);
+ $this->setNotice($result);
+ return $result;
+ } else {
+ $this->notice = $this->_resultString->getString('no-id');
+ $this->result = false;
+ $this->identifierValue = null;
+ return false;
+ }
+ }
+ }
+
+ //move to the top the record having $this->_idOrder = $id
+ //where clause
+ public function moveup($id)
+ {
+ return $this->move($id,'up');
+ }
+
+ //move to the top the record having $this->_idOrder = $id
+ //where clause
+ public function movedown($id)
+ {
+ return $this->move($id,'down');
+ }
+
+ //move the record having $this->_tablesArray[0] = $id
+ //$par: 'up' or 'down'
+ //where clause
+ public function move($id,$par = 'up')
+ {
+ $this->queryResult = false;
+ if (isset($id))
+ {
+ $increm = ($par === 'up') ? 1 : -1;
+
+ $backupLimit = $this->limit;
+ $this->limit = null;
+
+ $data = $this->getFields($this->_tablesArray[0].'.'.$this->_idFieldsArray[0].','.$this->_tablesArray[0].'.'.$this->_idOrder);
+
+ for($i = 0; $i < count($data); $i++)
+ {
+ if (strcmp($data[$i][$this->_tablesArray[0]][$this->_idFieldsArray[0]],$id) === 0)
+ {
+ if (($par === 'up' and $i !== 0) or ($par === 'down' and $i !== (count($data)-1)))
+ {
+ $prevOrder = $data[$i-$increm][$this->_tablesArray[0]][$this->_idOrder];
+ $prevId = $data[$i-$increm][$this->_tablesArray[0]][$this->_idFieldsArray[0]];
+ $currentOrder = $data[$i][$this->_tablesArray[0]][$this->_idOrder];
+ $currentId = $data[$i][$this->_tablesArray[0]][$this->_idFieldsArray[0]];
+
+ //exchange the id_order of the two record
+ $res1 = $this->db->update($this->_tablesArray[0],$this->_idOrder,array($prevOrder),$this->_idFieldsArray[0]."='$currentId'");
+ $res2 = $this->db->update($this->_tablesArray[0],$this->_idOrder,array($currentOrder),$this->_idFieldsArray[0]."='$prevId'");
+ $result = ($res1 and $res2);
+ $this->setNotice($result);
+ return $result;
+ }
+ }
+ }
+
+ $this->limit = $backupLimit;
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-id');
+ $this->result = false;
+ $this->identifierValue = null;
+ return false;
+ }
+ return false;
+ }
+
+ public function setNotice($result) {
+ if ($result) {
+ $this->notice = $this->_resultString->getString('executed');
+ $this->result = true;
+ $this->queryResult = true;
+ } else {
+ $this->notice = $this->_resultString->getString('error');
+ $this->result = false;
+ $this->queryResult = false;
+ }
+ }
+
+ //method used to verify that the value of a field is not duplicated
+ //$fieldsList: list of fields to check. Ex: field1,field2,...
+ //$where: the where clause
+ public function checkUnique($fieldsList,$where = null)
+ {
+ $errorString = null;
+ $numb = 0;
+ $fieldsArray = explode(',',$fieldsList);
+ $queryFieldsArray = explode(',',$this->fields);
+ foreach ($fieldsArray as $field)
+ {
+ if (in_array($field,$queryFieldsArray))
+ {
+ if ($this->db->recordExists($this->_tablesArray[0],$field,$this->values[$field],$where))
+ {
+ $errorString .= $this->_dbCondString->getNotUniqueString($field);
+ $numb++;
+ }
+ }
+ }
+ $this->notice = $errorString;
+ return $numb === 0 ? true : false;
+ }
+
+ //like checkUnique: check all the records of the table apart from the record that has to be modified
+ public function checkUniqueCompl($fieldsList,$id = null)
+ {
+ if (isset($id))
+ {
+ $where = $this->_idFieldsArray[0].'!='.(int)($id);
+ return $this->checkUnique($fieldsList,$where);
+ } else {
+ $this->notice = $this->_resultString->getString('no-id');
+ return false;
+ }
+ }
+
+ //method to apply the database conditions listed in the $this->databaseConditions associative array
+ //$queryType: indicates what set of validate conditions has to be considered (it's the key of the associative array)
+ public function applyDatabaseConditions($queryType,$id = null)
+ {
+ if (array_key_exists($queryType,$this->databaseConditions))
+ {
+ if (!is_array($this->databaseConditions[$queryType]))
+ {
+ throw new Exception('error in method <b>'.__METHOD__.'</b> : <b>databaseConditions['.$queryType.']</b> has to be an associative array');
+ }
+
+ foreach ($this->databaseConditions[$queryType] as $key => $values)
+ {
+
+ //personalized error string
+ $altErrorString = null;
+
+ //delete all the '+' chars
+ $key = $this->dropStartChar($key,'+');
+
+ if (strcmp($values,'all') === 0 or strstr($values,'all|'))
+ {
+ if (strstr($values,'all|'))
+ {
+ $values = str_replace('all|',$this->fields.'|',$values);
+ }
+ else
+ {
+ $values = $this->fields;
+ }
+ }
+
+ if (strstr($values,'|'))
+ {
+ $temp = explode('|',$values);
+ $altErrorString = "<div class='".Params::$errorStringClassName."'>".$temp[1]."</div>\n";
+ $values = $temp[0];
+ }
+
+ $allowedMethod = array('checkUnique','checkUniqueCompl');
+ if (!in_array($key,$allowedMethod))
+ {
+ throw new Exception('error in method '.__METHOD__.' : method "'.$key. '" not allowed in the property named databaseConditions');
+ }
+ if (!call_user_func_array(array($this,$key),array($values,$id)))
+ {
+ if (isset($altErrorString)) $this->notice = $altErrorString;
+ $this->result = false;
+ $this->queryResult = false;
+ return false;
+ }
+ }
+ return true;
+ } else {
+ return true;
+ }
+ }
+
+
+ //method to apply the validate conditions listed in the $this->strongConditions associative array
+ //$queryType: indicates what set of validate conditions has to be considered (it's the key of the associative array)
+ //$strength: 'strong' or 'soft'
+ public function applyValidateConditions($queryType,$strength = 'strong')
+ {
+ if ($strength === 'strong')
+ {
+ $validateObj = $this->_arrayStrongCheck;
+ $conditions = $this->strongConditions;
+ $errString = 'strongConditions';
+ }
+ else
+ {
+ $validateObj = $this->_arraySoftCheck;
+ $conditions = $this->softConditions;
+ $errString = 'softConditions';
+
+ if (Params::$nullQueryValue !== false)
+ {
+ $conditions['insert']['+++++checkIsNotStrings|'.Params::$nullQueryValue] = 'all';
+ $conditions['update']['+++++checkIsNotStrings|'.Params::$nullQueryValue] = 'all';
+ }
+ }
+
+ if (array_key_exists($queryType,$conditions))
+ {
+ if (!is_array($conditions[$queryType]))
+ {
+ throw new Exception('error in method <b>'.__METHOD__.'</b> : <b>'.$errString.'['.$queryType.']</b> has to be an associative array');
+ }
+
+ foreach ($conditions[$queryType] as $key => $values)
+ {
+
+ //personalized error string
+ $altErrorString = null;
+
+ //delete all the '+' chars
+ $key = $this->dropStartChar($key,'+');
+
+ if (strcmp($values,'all') === 0 or strstr($values,'all|'))
+ {
+ if (strstr($values,'all|'))
+ {
+ $values = str_replace('all|',$this->fields.'|',$values);
+ }
+ else
+ {
+ $values = $this->fields;
+ }
+ }
+
+ if (strstr($values,'|'))
+ {
+ $temp = explode('|',$values);
+ $altErrorString = "<div class='".Params::$errorStringClassName."'>".$temp[1]."</div>\n";
+ $values = $temp[0];
+ }
+
+ $baseArgs = array($_POST,$values);
+
+ if (strstr($key,'|'))
+ {
+ $funcArray = explode('|',$key);
+ $funcName = $funcArray[0];
+ array_shift($funcArray);
+ $funcArgs = array_merge($baseArgs,$funcArray);
+ }
+ else
+ {
+ $funcName = $key;
+ $funcArgs = $baseArgs;
+ }
+
+ if (!method_exists($validateObj,$funcName) or $funcName === 'checkGeneric')
+ {
+ throw new Exception('error in method '.__METHOD__.' :method "'.$funcName. '" not allowed in '.$errString);
+ }
+ if (!call_user_func_array(array($validateObj,$funcName),$funcArgs))
+ {
+ $this->notice .= (isset($altErrorString)) ? $altErrorString : $validateObj->errorString;
+ $this->result = false;
+ $this->queryResult = false;
+ return false;
+ }
+ }
+ return true;
+ } else {
+ return true;
+ }
+ }
+
+
+ //apply, in sequence, the strong,soft and database conditions
+ //$methodName: insert,update
+ //$id: the id of the record. It is necessary for database conditions
+ public function checkConditions($methodName,$id = null)
+ {
+ if ($this->applyValidateConditions($methodName,'strong'))
+ {
+ if ($this->applyValidateConditions($methodName,'soft'))
+ {
+ if ($this->applyDatabaseConditions($methodName,$id))
+ {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ //method that calls the function indicated in $this->submitNames. Ex: if $_POST['delAction'] is found, then the "del" method is called.
+ public function updateTable($methodsList = '',$id = null) {
+
+ $allowedMethodsArray = explode(',',$methodsList);
+ $resultArray = array();
+ $this->identifierValue = null;
+ if (isset($id))
+ {
+ $this->identifierValue = (int)$id;
+ }
+ else if (isset($_POST[$this->identifierName]))
+ {
+ $this->identifierValue = (int)$_POST[$this->identifierName];
+ }
+ foreach ($this->submitNames as $methodName => $submitName)
+ {
+ if (array_key_exists($submitName,$_POST))
+ {
+ $this->submitName = $submitName;
+ if (method_exists($this,$methodName))
+ {
+ //if the method is allowed
+ if (in_array($methodName,$allowedMethodsArray))
+ {
+ if ($this->checkConditions($methodName,$this->identifierValue))
+ {
+ $this->notice = null;
+ call_user_func_array(array($this,$methodName),array($this->identifierValue));
+ }
+ }
+ }
+ else
+ {
+ throw new Exception('method <b>'.$methodName.'</b> not defined in class <b>'.__CLASS__.'</b>; error in method <b>'.__METHOD__.'</b>');
+ }
+ return; //only one cycle!
+ }
+ }
+ }
+
+ //method to build the array of popup objects
+ public function popupBuild()
+ {
+ foreach ($this->_popupItemNames as $field => $itemName)
+ {
+// if (array_key_exists($field,$this->_where))
+// {
+ $fieldClean = str_replace('n!',null,$field);
+ $itemNameClean = str_replace('n!',null,$itemName);
+ $fieldClean = $this->dropStartChar($fieldClean,'-');
+ $itemNameClean = $this->dropStartChar($itemNameClean,'-');
+
+ //fields that have to be extracted
+ $queryFields = ($fieldClean === $itemNameClean) ? $fieldClean : $fieldClean.','.$itemNameClean;
+
+ $table = $this->getTableName($field);
+ $this->popupArray[$field] = new Popup();
+
+ $popupWhereClause = array_key_exists($field,$this->_popupWhere) ? $this->_popupWhere[$field] : null;
+
+ $result = $this->db->select($table,$queryFields,$popupWhereClause,$fieldClean);
+
+ if ($result and $result !== false)
+ {
+ //get the label of the popup menu
+ $label = array_key_exists($field,$this->_popupLabels) ? $this->_popupLabels[$field] : $table.' : '.$itemNameClean;
+ $this->popupArray[$field]->name = $label;
+
+ //get the table name
+ $fieldTable = isset($result[0][$table][$fieldClean]) ? $table : Params::$aggregateKey;
+ $itemNameTable = isset($result[0][$table][$itemNameClean]) ? $table : Params::$aggregateKey;
+
+ foreach ($result as $row)
+ {
+ $this->popupArray[$field]->itemsValue[] = $row[$fieldTable][$fieldClean];
+
+ if (array_key_exists($field,$this->_popupFunctions))
+ {
+ if (!function_exists($this->_popupFunctions[$field]))
+ {
+ throw new Exception('Error in <b>'.__METHOD__.'</b>: function <b>'.$this->_popupFunctions[$field]. '</b> does not exists');
+ }
+
+ $tempName = call_user_func($this->_popupFunctions[$field],$row[$itemNameTable][$itemNameClean]);
+ }
+ else
+ {
+ $tempName = $row[$itemNameTable][$itemNameClean];
+ }
+
+ $this->popupArray[$field]->itemsName[] = $tempName;
+ }
+ }
+// }
+ }
+ }
+
+
+ //get the element before and after the current one
+ //$key: the key of the self::$where array that indicates the field to be used in order to find out the records before and after
+ //$fields: the fields that have to be extracted
+ public function getNeighbours($key,$fields = '')
+ {
+ //backup of the values
+ $tempWhere = $this->where;
+ $tempLimit = $this->limit;
+ $tempOrderBy = $this->orderBy;
+ $this->limit = 1;
+ //before
+ $this->where[$key] = '<'.$tempWhere[$key];
+ $this->orderBy = $this->getTableName($key).'.'.$key.' DESC';
+ $dataAfter = $this->getFields($fields);
+ //after
+ $this->where[$key] = '>'.$tempWhere[$key];
+ $this->orderBy = $this->getTableName($key).'.'.$key;
+ $dataBefore = $this->getFields($fields);
+ //restore the previous values
+ $this->where = $tempWhere;
+ $this->limit = $tempLimit;
+ $this->orderBy = $tempOrderBy;
+ $result[0] = isset($dataBefore[0]) ? $dataBefore[0] : null;
+ $result[1] = isset($dataAfter[0]) ? $dataAfter[0] : null;
+ return $result;
+ }
+
+ //set the $select property and return the current object
+ public function select($fields = null)
+ {
+ $this->select = $fields;
+ return $this;
+ }
+
+ //set the $from property and return the current object
+ public function from($tables = null)
+ {
+ $this->from = isset($tables) ? $tables : $this->_tables;
+ return $this;
+ }
+
+ //set the $on property and return the current object
+ public function on($joinClause = '-')
+ {
+ $this->on = $joinClause;
+ return $this;
+ }
+
+ //set the $using property and return the current object
+ public function using($using = null)
+ {
+ $this->using = $using;
+ return $this;
+ }
+
+ //set the $where property and return the current object
+ public function where($where = array())
+ {
+ $this->where = $where;
+ return $this;
+ }
+
+ //append the $where array to the ::where property and return the current object
+ public function aWhere($where = array())
+ {
+ $this->appendWhereQueryClause($where);
+ return $this;
+ }
+
+ //set the $groupBy property and return the current object
+ public function groupBy($groupBy = null)
+ {
+ $this->groupBy = $groupBy;
+ return $this;
+ }
+
+ //set the $orderBy property and return the current object
+ public function orderBy($orderBy = null)
+ {
+ $this->orderBy = $orderBy;
+ return $this;
+ }
+
+ //set the $limit property and return the current object
+ public function limit($limit = null)
+ {
+ $this->limit = $limit;
+ return $this;
+ }
+
+ //set the $listArray property
+ public function toList($key, $value = null)
+ {
+ $this->listArray = array($key,$value);
+ $this->toList = true;
+ return $this;
+ }
+
+ //reset all the clauses of the select query
+ public function clear()
+ {
+ $this->select = null;
+ $this->where = array();
+ $this->groupBy = null;
+ $this->orderBy = null;
+ $this->limit = null;
+ $this->from = null;
+ $this->on = null;
+ $this->using = null;
+ $this->toList = false;
+ return $this;
+ }
+
+ //initialize and populate the ::form property (reference to a Form_Form object)
+ public function setForm($defAction = null, $defSubmit = array(), $defMethod = 'POST')
+ {
+ if (isset($this->formStruct))
+ {
+ $action = array_key_exists('action',$this->formStruct) ? $this->formStruct['action'] : $defAction;
+ $submit = array_key_exists('submit',$this->formStruct) ? $this->formStruct['submit'] : $defSubmit;
+ $entries = array_key_exists('entries',$this->formStruct) ? $this->formStruct['entries'] : null;
+ $method = array_key_exists('post',$this->formStruct) ? $this->formStruct['post'] : $defMethod;
+
+ $this->form = new Form_Form($action,$submit,$method);
+
+ if (isset($entries))
+ {
+ $this->form->setEntries($entries);
+ }
+
+ $copy = $this->form->entry;
+
+ foreach ($copy as $name => $entry)
+ {
+ if (strcmp($entry->type,'Select') === 0 and isset($entry->options))
+ {
+ if (!is_array($entry->options))
+ {
+ if (strstr($entry->options,'foreign::'))
+ {
+ $elements = explode('::',$entry->options);
+
+ for ($i = 0; $i < count($elements); $i++)
+ {
+ if (strcmp($elements[$i],'--') === 0) $elements[$i] = null;
+ }
+ //send the query
+ array_shift($elements);
+ $resultSet = call_user_func_array(array($this->db,'select'),$elements);
+
+ $single = true;
+
+ if (strstr($elements[1],','))
+ {
+ $args = explode(',',$elements[1]);
+ //add the table name
+ $args[0] = $elements[0].'.'.$args[0];
+ $args[1] = $elements[0].'.'.$args[1];
+ //associative array
+ $single = false;
+ }
+ else
+ {
+ $args[0] = $elements[0].'.'.$elements[1];
+ $args[1] = null;
+ }
+
+ $list = $this->getList($resultSet,$args[0],$args[1]);
+
+ $this->form->entry[$name]->options = ($single) ? implode(',',array_values($list)) : $list;
+ }
+ }
+ }
+ }
+
+ }
+ else
+ {
+ $this->form = new Form_Form($defAction,$defSubmit,$defMethod);
+ }
+ }
+
+ //get a list from a result set
+ //$resultSet: the result set coming from a select query
+ public function getList($resultSet, $key, $value = null)
+ {
+ $list = array();
+
+ if (strstr($key,'.'))
+ {
+ $arr = explode('.',$key);
+ $keyTable = $arr[0];
+ $keyField = $arr[1];
+ }
+ else
+ {
+ $keyTable = $this->_tablesArray[0];
+ $keyField = $key;
+ }
+
+ if (!isset($value))
+ {
+ foreach ($resultSet as $row)
+ {
+ $list[] = $row[$keyTable][$keyField];
+ }
+ }
+ else
+ {
+ if (strstr($value,'.'))
+ {
+ $arr = explode('.',$value);
+ $valueTable = $arr[0];
+ $valueField = $arr[1];
+ }
+ else
+ {
+ $valueTable = $this->_tablesArray[0];
+ $valueField = $value;
+ }
+
+ foreach ($resultSet as $row)
+ {
+ $list[$row[$keyTable][$keyField]] = $row[$valueTable][$valueField];
+ }
+
+ }
+ return $list;
+ }
+
+ // Retrieves the ID generated for an AUTO_INCREMENT column by the previous query (usually INSERT).
+ public function lastId()
+ {
+ return $this->db->lastId();
+ }
+
+ //send a free query
+ public function query($query)
+ {
+ return $this->db->query($query);
+ }
+
+ //the text of the error message from previous MySQL operation
+ public function getError()
+ {
+ return $this->db->getError();
+ }
+
+ //the numerical value of the error message from previous MySQL operation
+ public function getErrno()
+ {
+ return $this->db->getErrno();
+ }
+
+ //define the abstract method to get the value of the record $id of the main table
+ abstract public function selectId($id);
+
+ //define the abstract method to get the fields from the tables
+ abstract public function getFields();
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Model/Map.php b/h-source/admin/Library/Model/Map.php
new file mode 100755
index 0000000..7a36c6f
--- /dev/null
+++ b/h-source/admin/Library/Model/Map.php
@@ -0,0 +1,439 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Model_Map extends Model_Base {
+
+// //many to many model
+
+ public $printAssError = 'yes'; //'yes': print association error if the association/dissociation is already present. 'no': doen't print association error
+ public $boxIdentifierName = 'boxIdentifier';//key of the value of the $_POST array that represent the id of the Box that we want to associate with the Item having the id $_POST[$this->identifierName]
+ protected $_boxIdentifierValue = null; //the id of the box that has to be associated with the item
+
+ public function __construct()
+ {
+ //add some submit names (method => form_submit_value)
+ $this->submitNames['associate'] = 'associateAction';
+ $this->submitNames['dissociate'] = 'dissociateAction';
+ //add the allowed methods
+ $this->_allowedDbMethods[] = 'associate';
+ $this->_allowedDbMethods[] = 'dissociate';
+ parent::__construct();
+ }
+
+ public function createMapWhere($choice)
+ { //create the where join clause
+ //$choice=(first,last,all)
+ if (isset($this->on))
+ {
+ return $this->on;
+ }
+ else
+ {
+ $first = $this->_tablesArray[0].'.'.$this->_idFieldsArray[0].'='.$this->_tablesArray[2].'.'.$this->_idFieldsArray[0];
+ $last = $this->_tablesArray[1].'.'.$this->_idFieldsArray[1].'='.$this->_tablesArray[2].'.'.$this->_idFieldsArray[1];
+ switch ($choice) {
+ case 'first':
+ return $first;
+ break;
+ case 'last':
+ return $last;
+ break;
+ case 'all':
+ return $first. ' and '.$last;
+ break;
+ }
+ }
+ }
+
+ //check if a join query is necessary or not
+ //$val: 0 or 1 (items or boxes)
+ //$whereClauseLevel: array containing the field=>value statements of the where clause. If $whereClause = null than $this->where is considered
+ public function checkIfJoinNeeded($val, $whereClauseLevel = null)
+ {
+ $whereClause = isset($whereClauseLevel) ? $whereClauseLevel : $this->where;
+
+ foreach ($whereClause as $field => $value)
+ {
+ if (is_array($value))
+ {
+ if ($this->checkIfJoinNeeded($val, $value) === true) return true;
+ }
+ else
+ {
+ if (strcmp($this->getTableName($field),$this->_tablesArray[$val]) !== 0)
+ {
+ if (strcmp($value,Params::$nullQueryValue) !== 0 or (Params::$nullQueryValue === false)) return true;
+ }
+ }
+ }
+ //return false if no where clause has been defined
+ return false;
+ }
+
+ //method to create the where clause and the list of tables of the select query
+ public function mapQueryElements($val)
+ {
+// $val = $element === 'Items' ? 0 : 1;
+ $tables = $this->_tablesArray[$val];
+ $where = null;
+ $fields = $this->_tablesArray[$val].'.*';
+
+ if ($this->checkIfJoinNeeded($val))
+ {
+ $tables = $this->_tables;
+ $fields = $this->_tablesArray[$val].'.*';
+ $wherePlus = $this->createWhereClause();
+ $wherePlus = isset($wherePlus) ? ' AND ' . $wherePlus : null;
+ $where = $this->createMapWhere('all') . $wherePlus;
+ }
+ else
+ {
+ $where = $this->createWhereClause();
+ }
+
+ return array('tables' => $tables,'where' => $where,'fields' => $fields);
+ }
+
+ //$element: Items or Boxes.
+ //get all Item or Boxes
+ public function getAll($element = 'Items')
+ {
+ return $this->getFields('',$element);
+ }
+
+ //method to get the values of the selected fields
+ //$fields: the fields that have to be excracted from the tableName
+ public function getFields($fields = '',$element = 'Items')
+ {
+ //get all Item or Boxes
+ if ((strcmp($element,'Items') !== 0) and (strcmp($element,'Boxes') !== 0))
+ {
+ throw new Exception('<b>"'.$element. '"</b> argument not allowed in <b>'.__METHOD__.'</b> method');
+ }
+ $val = $element === 'Items' ? 0 : 1;
+
+ $elements = $this->mapQueryElements($val);
+
+ $queryFields = (strcmp($fields,'') === 0) ? $elements['fields'] : $fields;
+
+ return $row = $this->db->select($elements['tables'],$queryFields,$elements['where'],$this->groupBy,$this->orderBy,$this->limit);
+
+ }
+
+ public function send($element = 'Items')
+ {
+ $table = $this->getFields($this->select, $element);
+
+ if ($this->toList)
+ {
+ $key = $this->listArray[0];
+ $value = isset($this->listArray[1]) ? $this->listArray[1] : null;
+ $this->toList = false;
+ return $this->getList($table, $key, $value);
+ }
+ else
+ {
+ return $table;
+ }
+ }
+
+ //the fields that have to be extracted from the table
+ public function getTable($fields = null)
+ {
+ return isset($fields) ? $this->getFields($fields) : $this->getAll();
+ }
+
+ //select the values of a specified record
+ //$id: the id (primary key) of the record
+ //$fields: the comma separated list of fields that have to be extracted
+ public function selectId($id,$fields = null)
+ {
+ $id = (int)$id;
+ $this->setWhereQueryClause(array($this->_idFieldsArray[0] => $id));
+
+ if (isset($fields))
+ {
+ $values = $this->getFields($fields,'Items');
+ }
+ else
+ {
+ $values = $this->getAll('Items');
+ }
+
+ return (count($values) > 0) ? $values[0][$this->_tablesArray[0]] : array();
+ }
+
+ //get the number of records (items or boxes)
+ public function recordNumber($element)
+ {
+ $val = $element === 'Items' ? 0 : 1;
+
+ $elements = $this->mapQueryElements($val);
+ return $this->db->get_num_rows($elements['tables'],$elements['where'],$this->groupBy);
+ }
+
+ //get the number of records (only items)
+ public function rowNumber()
+ {
+ return $this->recordNumber('Items');
+ }
+
+ public function getMax($field)
+ {
+ $elements = $this->mapQueryElements(0);
+ return $this->db->getMax($elements['tables'],$field,$elements['where'],$this->groupBy);
+ }
+
+ public function getMin($field)
+ {
+ $elements = $this->mapQueryElements(0);
+ return $this->db->getMin($elements['tables'],$field,$elements['where'],$this->groupBy);
+ }
+
+ public function getSum($field)
+ {
+ $elements = $this->mapQueryElements(0);
+ return $this->db->getSum($elements['tables'],$field,$elements['where'],$this->groupBy);
+ }
+
+ public function getAvg($field)
+ {
+ $elements = $this->mapQueryElements(0);
+ return $this->db->getAvg($elements['tables'],$field,$elements['where'],$this->groupBy);
+ }
+
+ //check if the table has the field $field equal to $value
+ public function has($field,$value)
+ {
+ $elements = $this->mapQueryElements(0);
+ return $this->db->recordExists($elements['tables'],$field,$value,$elements['where'],$this->groupBy);
+ }
+
+ //associate an item with a box
+ //$idItem : name of the field of the Items table, $idGroup : name of the field of the Boxes table
+ public function associate($idItem = null,$idGroup = null)
+ {
+ $this->queryResult = false;
+ if (isset($idItem) and isset($idGroup))
+ {
+ $idItem = (int)$idItem;
+ $idGroup = (int)$idGroup;
+ $values = array($idItem,$idGroup); //values relative to the fields $this->_idFields
+ $var = $this->checkAssociation($idItem,$idGroup);
+ if (!$var)
+ {
+ $result = $this->db->insert($this->_tablesArray[2],$this->_idFields,$values);
+ $this->setNotice($result);
+ return $result;
+ }
+ else
+ {
+ if (strcmp($this->printAssError,'yes') === 0) $this->notice = $this->_resultString->getString('linked');
+ $this->result = false;
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-id');
+ $this->result = false;
+ }
+ return false;
+ }
+
+ //associate an item with a box
+ //$idItem : name of the field of the Items table, $idGroup : name of the field of the Boxes table
+ public function dissociate($idItem = null,$idGroup = null)
+ {
+ $this->queryResult = false;
+ if (isset($idItem) and isset($idGroup))
+ {
+ $idItem = (int)$idItem;
+ $idGroup = (int)$idGroup;
+ $var = $this->checkAssociation($idItem,$idGroup);
+ if ($var)
+ {
+ $result = $this->db->del($this->_tablesArray[2],$this->_idFieldsArray[0].'='.$idItem.' and '.$this->_idFieldsArray[1].'='.$idGroup);
+ $this->setNotice($result);
+ return $result;
+ }
+ else
+ {
+ if (strcmp($this->printAssError,'yes') === 0) $this->notice = $this->_resultString->getString('not-linked');
+ $this->result = false;
+ }
+ }
+ else
+ {
+ $this->notice = $this->_resultString->getString('no-id');
+ $this->result = false;
+ }
+ return false;
+ }
+
+ public function checkAssociation($idItem,$idGroup)
+ {
+ $idItem = (int)$idItem;
+ $idGroup = (int)$idGroup;
+ $numRow = $this->db->get_num_rows($this->_tablesArray[2],$this->_idFieldsArray[0].'='.$idItem.' and '.$this->_idFieldsArray[1].'='.$idGroup);
+ if ($numRow === 1)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ //check what items are associate to a box
+ //itemsArray:array of items to check
+ public function checkAssociationDeep($itemsArray)
+ {
+ $associatedItems = array();
+ $itemsArray = is_array($itemsArray) ? array_values($itemsArray) : array($itemsArray);
+ foreach ($itemsArray as $item) {
+ if ($this->db->recordExists($this->_tablesArray[2],$this->_idFieldsArray[0],$item))
+ {
+ $associatedItems[] = $item;
+ }
+ }
+ return $associatedItems;
+ }
+
+ //method to call the delete query (overriding of the del method of Model.php)
+ //check the referential integrity
+ public function del($id = null, $whereClause = null)
+ {
+ $this->queryResult = false;
+
+ if (isset($whereClause))
+ {
+ return parent::del(null,$whereClause);
+ }
+ else
+ {
+ if ($this->_onDelete === 'check')
+ {
+ if ($this->db->recordExists($this->_tablesArray[2],$this->_idFieldsArray[0],(int)$id))
+ {
+ $this->notice = $this->_resultString->getString('associate');
+ $this->identifierValue = null;
+ $this->result = false;
+ }
+ else
+ {
+ return parent::del((int)$id);
+ }
+ }
+ else if ($this->_onDelete === 'nocheck')
+ {
+ return parent::del((int)$id);
+ }
+ }
+ return false;
+ }
+
+ //override of the updateTable method of the parent class
+ //method that calls the function indicated in $this->submitNames. Ex: if $_POST['delAction'] is found, then the "del" method is called.
+ public function updateTable($methodsList = '',$id = null)
+ {
+ $allowedMethodsArray = explode(',',$methodsList);
+ $resultArray = array();
+ $this->identifierValue = null;
+ if (isset($id))
+ {
+ $this->identifierValue = (int)$id;
+ }
+ else if (isset($_POST[$this->identifierName]))
+ {
+ $this->identifierValue = (int)$_POST[$this->identifierName];
+ }
+ foreach ($this->submitNames as $methodName => $submitName) {
+ if (array_key_exists($submitName,$_POST))
+ {
+ $this->submitName = $submitName;
+ if (method_exists($this,$methodName))
+ {
+ if (in_array($methodName,$allowedMethodsArray))
+ {
+ if ($this->checkConditions($methodName,$this->identifierValue))
+ {
+ $this->notice = null;
+ $methodArray = array('associate','dissociate');
+ if (in_array($methodName,$methodArray))
+ {
+ $this->_boxIdentifierValue = null;
+ if (isset($_POST[$this->boxIdentifierName]))
+ {
+ $this->_boxIdentifierValue = (int)$_POST[$this->boxIdentifierName];
+ }
+ call_user_func_array(array($this,$methodName),array($this->identifierValue,$this->_boxIdentifierValue));
+ }
+ else
+ {
+ call_user_func_array(array($this,$methodName),array($this->identifierValue));
+ }
+ }
+ }
+ }
+ else
+ {
+ throw new Exception('method "'.$methodName. '" not defined in class '.__CLASS__.'; error in method '.__METHOD__);
+ }
+ return; //only one cycle!
+ }
+ }
+ }
+
+ //method to obtain one columns from the tables $this->_tablesArray as an associative array
+ //$valueField: the column that have to be extracted (array_values of the resulting associative array), $keyField: the column that have to play the role of array_keys
+ //$valueField = field:table, $keyField = field:table
+ public function getFieldArray($valueField,$keyField = null, $groupBy = null, $orderBy = null, $limit = null)
+ {
+
+ $keyField = isset($keyField) ? $keyField : $valueField;
+ $valueFieldArray = explode(':',$valueField);
+ $keyFieldArray = explode(':',$keyField);
+
+ $keyFieldTable = $keyFieldArray[0];
+ $valueFieldTable = $valueFieldArray[0];
+
+ $keyFieldName = $keyFieldArray[1];
+ $valueFieldName = $valueFieldArray[1];
+
+ $fields = implode('.',$keyFieldArray) . ',' . implode('.',$valueFieldArray);
+
+ $temp = $this->where; //save the $this->where array
+ $this->where = array();
+
+ $val = array_search($keyFieldTable,$this->_tablesArray);
+
+ if (strcmp($keyFieldTable,$valueFieldTable) !== 0)
+ {
+ throw new Exception("the tables '$valueFieldTable' and '$keyFieldTable' do not match in ".__METHOD__);
+ }
+
+ if ($val === false or !in_array($val,array(0,1)))
+ {
+ throw new Exception("the table '$keyFieldTable' is not allowed in ".__METHOD__);
+ }
+
+ $elements = $this->mapQueryElements($val);
+
+ $table = $this->db->select($elements['tables'],$fields,$elements['where'],$groupBy,$orderBy,$limit);
+ $this->where = $temp;
+
+ $returnArray = array();
+ foreach ($table as $record) {
+ $returnArray[$record[$keyFieldTable][$keyFieldName]] = $record[$valueFieldTable][$valueFieldName];
+ }
+
+ return $returnArray;
+
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Model/Tree.php b/h-source/admin/Library/Model/Tree.php
new file mode 100755
index 0000000..d7b655d
--- /dev/null
+++ b/h-source/admin/Library/Model/Tree.php
@@ -0,0 +1,287 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Model_Tree extends Model_Base {
+
+ public function __construct() {
+ parent::__construct();
+ }
+
+ //method to create the first part of where clause
+ //$index: the index of $this->_tablesArray
+ public function createTreeWhere($index) {
+ if (isset($this->on))
+ {
+ return $this->on;
+ }
+ else
+ {
+ $whereArray = array();
+ for ($i = $index; $i < (count($this->_tablesArray)-1); $i++)
+ {
+ $whereArray[] = $this->_tablesArray[$i].'.'.$this->_idFieldsArray[$i+1].'='.$this->_tablesArray[$i+1].'.'.$this->_idFieldsArray[$i+1];
+ }
+ $whereString = !empty($whereArray) ? implode(' and ',$whereArray) : null;
+ return $whereString;
+ }
+ }
+
+ //create the list of tables of the select query
+ //$index: the index of $this->_tablesArray
+ public function createTablesList($index) {
+ if (isset($this->from))
+ {
+ return $this->from;
+ }
+ else
+ {
+ $tablesString = null;
+ for ($i = $index; $i < (count($this->_tablesArray)-1); $i++)
+ {
+ $tablesString .= $this->_tablesArray[$i] . ',';
+ }
+ $tablesString .= $this->_tablesArray[count($this->_tablesArray)-1];
+ return $tablesString;
+ }
+ }
+
+ //method to create the list of fields of the select query
+ public function createFieldsList($index) {
+ $fieldsString = null;
+ for ($i = $index; $i < (count($this->_tablesArray)-1); $i++)
+ {
+ $fieldsString .= $this->_tablesArray[$i] . '.*,';
+ }
+ $fieldsString .= $this->_tablesArray[count($this->_tablesArray)-1].'.*';
+ return $fieldsString;
+ }
+
+
+ //method to create the where clause and the list of tables and fields of the select query
+ //$tableName: the table name ($this->_tablesArray)
+ //$choice:all->all the tables in $this->_arrayTables, other value->only the table of $this->_arrayTables ad index $index
+ //return: $elements = array('tables'=>$tables,'where'=>$where,'fields'=>$fields)
+ public function treeQueryElements($tableName,$choice = 'all')
+ {
+ $index = array_search($tableName,$this->_tablesArray);
+ $subArray = ($choice === 'all') ? array_slice($this->_tablesArray,$index) : array($tableName); //this array is necessary to verify that the where clause makes sense
+ $tables = ($choice === 'all') ? $this->createTablesList($index) : $tableName;
+ $where = ($choice === 'all') ? $this->createTreeWhere($index) : null;
+ $fields = ($choice === 'all') ? $this->createFieldsList($index) : $tableName.'.*';
+
+ $wherePlus = $this->createWhereClause();
+
+ if (!isset($this->on))
+ {
+ $on = null;
+
+ if (isset($where) and isset($wherePlus))
+ {
+ $where .= ' AND ' . $wherePlus;
+ }
+ else if (!isset($where) and isset($wherePlus))
+ {
+ $where .= $wherePlus;
+ }
+ }
+ else
+ {
+ $on = (strcmp($where,'-') !== 0) ? $where : null;
+ $where = $wherePlus;
+ }
+
+ return array('tables' => $tables,'where' => $where,'fields'=>$fields,'on'=>$on);
+ }
+
+
+ //method to obtain the values of the whole tree
+ //$choice:all->all the tables in $this->_arrayTables, other value->only the table of $this->_arrayTables ad index $index
+ public function getAll($choice = 'all') {
+ return $this->getFields('',$choice);
+ }
+
+ //method to get the values of the selected fields
+ //it walks the tree by means of a join query
+ //$fields: the fields that have to be excracted from the tableName
+ public function getFields($fields = '',$choice = 'all')
+ {
+ $elements = $this->treeQueryElements($this->_tablesArray[0],$choice);
+
+ $queryFields = (strcmp($fields,'') === 0) ? $elements['fields'] : $fields;
+
+ return $row = $this->db->select($elements['tables'],$queryFields,$elements['where'],$this->groupBy,$this->orderBy,$this->limit,$elements['on'],$this->using);
+ }
+
+ public function send()
+ {
+ $table = $this->getFields($this->select);
+
+ if ($this->toList)
+ {
+ $key = $this->listArray[0];
+ $value = isset($this->listArray[1]) ? $this->listArray[1] : null;
+ $this->toList = false;
+ return $this->getList($table, $key, $value);
+ }
+ else
+ {
+ return $table;
+ }
+ }
+
+ //call the getAll method with $tableName = $this->_tablesArray[0]
+ //the fields that have to be extracted from the table
+ public function getTable($fields = null) {
+ return isset($fields) ? $this->getFields($fields) : $this->getAll();
+ }
+
+ //select the values of a specified record
+ //$id: the id (primary key) of the record
+ //$fields: the comma separated list of fields that have to be extracted
+ public function selectId($id,$fields = null) {
+ $this->setWhereQueryClause(array($this->_idFieldsArray[0] => (int)$id));
+
+ $this->using = null;
+
+ if (isset($fields))
+ {
+ $values = $this->getFields($fields,'other');
+ }
+ else
+ {
+ $values = $this->getAll('other');
+ }
+
+ return (count($values) > 0) ? $values[0][$this->_tablesArray[0]] : array();
+
+ }
+
+ //get the number of records ()
+ //the number of records of the table $tableName is returned
+ public function rowNumber() {
+ $elements = $this->treeQueryElements($this->_tablesArray[0]);
+ return $this->db->get_num_rows($elements['tables'],$elements['where'],$this->groupBy,$elements['on'],$this->using);
+ }
+
+ public function getMax($field)
+ {
+ $elements = $this->treeQueryElements($this->_tablesArray[0]);
+ return $this->db->getMax($elements['tables'],$field,$elements['where'],$this->groupBy,$elements['on'],$this->using);
+ }
+
+ public function getMin($field)
+ {
+ $elements = $this->treeQueryElements($this->_tablesArray[0]);
+ return $this->db->getMin($elements['tables'],$field,$elements['where'],$this->groupBy,$elements['on'],$this->using);
+ }
+
+ public function getSum($field)
+ {
+ $elements = $this->treeQueryElements($this->_tablesArray[0]);
+ return $this->db->getSum($elements['tables'],$field,$elements['where'],$this->groupBy,$elements['on'],$this->using);
+ }
+
+ public function getAvg($field)
+ {
+ $elements = $this->treeQueryElements($this->_tablesArray[0]);
+ return $this->db->getAvg($elements['tables'],$field,$elements['where'],$this->groupBy,$elements['on'],$this->using);
+ }
+
+ //check if the table has the field $field equal to $value
+ public function has($field,$value)
+ {
+ $elements = $this->treeQueryElements($this->_tablesArray[0]);
+ return $this->db->recordExists($elements['tables'],$field,$value,$elements['where'],$this->groupBy,$elements['on'],$this->using);
+ }
+
+// //get the number of records of the table $this->_tablesArray[0]
+// public function rowNumber() {
+// return $this->recordNumber($this->_tablesArray[0]);
+// }
+
+ //method to call the delete query (overriding of the del method of Model.php)
+ //check the referential integrity
+ public function del($id = null, $whereClause = null)
+ {
+ $this->queryResult = false;
+
+ if (isset($whereClause))
+ {
+ return parent::del(null,$whereClause);
+ }
+ else
+ {
+ if ($this->_onDelete === 'check' and isset($this->_reference))
+ {
+ if (isset($this->_reference[0]) and isset($this->_reference[1]))
+ {
+ if ($this->db->recordExists($this->_reference[0],$this->_reference[1],(int)$id))
+ {
+ $this->notice = $this->_resultString->getString('associate');
+ $this->identifierValue = null;
+ $this->result = false;
+ }
+ else
+ {
+ return parent::del((int)$id);
+ }
+ }
+ else
+ {
+ throw new Exception('you have forgotten to set \'$this->_reference\' or you have forgotten to set $this->_onDelete = \'nocheck\'');
+ }
+ }
+ else
+ {
+ return parent::del((int)$id);
+ }
+ }
+ return false;
+ }
+
+ //method to obtain one columns from the tables $this->_tablesArray as an associative array
+ //$valueField: the column that have to be extracted (array_values of the resulting associative array), $keyField: the column that have to play the role of array_keys
+ public function getFieldArray($valueField,$keyField = null, $groupBy = null, $orderBy = null, $limit = null) {
+
+ $keyField = isset($keyField) ? $keyField : $valueField;
+ $valueFieldArray = explode(':',$valueField);
+ $keyFieldArray = explode(':',$keyField);
+
+ $keyFieldTable = $keyFieldArray[0];
+ $valueFieldTable = $valueFieldArray[0];
+
+ $keyFieldName = $keyFieldArray[1];
+ $valueFieldName = $valueFieldArray[1];
+
+ $fields = implode('.',$keyFieldArray) . ',' . implode('.',$valueFieldArray);
+
+ $temp = $this->where; //save the $this->where array
+ $this->where = array();
+
+ if (strcmp($keyFieldTable,$valueFieldTable) !== 0) {
+ throw new Exception("the tables '$valueFieldTable' and '$keyFieldTable' do not match in ".__METHOD__);
+ }
+
+ if (!in_array($keyFieldTable,$this->_tablesArray)) {
+ throw new Exception("the table '$keyFieldTable' is not allowed in ".__METHOD__);
+ }
+
+ $elements = $this->treeQueryElements($keyFieldTable,'');
+
+ $table = $this->db->select($elements['tables'],$fields,$elements['where'],$groupBy,$orderBy,$limit,$elements['on'],$this->using);
+ $this->where = $temp;
+
+ $returnArray = array();
+ foreach ($table as $record) {
+ $returnArray[$record[$keyFieldTable][$keyFieldName]] = $record[$valueFieldTable][$valueFieldName];
+ }
+
+ return $returnArray;
+
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Model/index.html b/h-source/admin/Library/Model/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Model/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/Params.php b/h-source/admin/Library/Params.php
new file mode 100644
index 0000000..9ec0ba5
--- /dev/null
+++ b/h-source/admin/Library/Params.php
@@ -0,0 +1,37 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class containing all the parameters necessary to EasyGiant to work properly
+class Params
+{
+
+ public static $allowedDb = array('Mysql','Mysqli','None'); //allowed database type
+
+ public static $allowedSanitizeFunc = 'sanitizeAll,sanitizeDb,sanitizeHtml,forceInt,forceNat,none,md5,sha1'; //allowed sanitize functions
+
+ public static $allowedHashFunc = array('md5','sha1'); //allowed hash functions
+
+ //conventional null value for the value of the field in the createWhereClause method of the Model class
+ public static $nullQueryValue = false;
+
+ //class name of the div that contains the error strings
+ public static $errorStringClassName = 'alert';
+
+ //table name in the returning structure of the select queries in the case of an aggregate function. Ex count(*),sum(*)
+ public static $aggregateKey = 'aggregate';
+
+ //htmlentities function charset
+ //see http://php.net/manual/en/function.htmlentities.php for a complete list of the allowed values
+ public static $htmlentititiesCharset = DEFAULT_CHARSET;
+
+ //list of symbols used in the statements of the where clause of the select queries
+ public static $whereClauseSymbolArray = array('<','>','!=','<=','>=','in(','not in(');
+
+ //is the mbstring extension enabled?
+ public static $mbStringLoaded = false;
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Popup.php b/h-source/admin/Library/Popup.php
new file mode 100755
index 0000000..55ea7f5
--- /dev/null
+++ b/h-source/admin/Library/Popup.php
@@ -0,0 +1,15 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to contain the values of the popup menù of the scaffold
+class Popup {
+
+ public $name; //the name of the popup
+ public $itemsName = array(); //array containing the names of the different items of the list (popup)
+ public $itemsValue = array(); //array containing the values of the different items of the list (popup)
+
+}
diff --git a/h-source/admin/Library/Request.php b/h-source/admin/Library/Request.php
new file mode 100644
index 0000000..12bf16c
--- /dev/null
+++ b/h-source/admin/Library/Request.php
@@ -0,0 +1,39 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//manage the associative arrays inside the request ($_GET,$_POST,$_COOKIE)
+class Request
+{
+
+ public function get($name, $default = null, $func = 'none')
+ {
+ if (!function_exists($func))
+ {
+ throw new Exception('Error in <b>'.__METHOD__.'</b>: function <b>'.$func. '</b> does not exists');
+ }
+ return isset($_GET[$name]) ? call_user_func($func,$_GET[$name]) : $default;
+ }
+
+ public function post($name, $default = null, $func = 'none')
+ {
+ if (!function_exists($func))
+ {
+ throw new Exception('Error in <b>'.__METHOD__.'</b>: function <b>'.$func. '</b> does not exists');
+ }
+ return isset($_POST[$name]) ? call_user_func($func,$_POST[$name]) : $default;
+ }
+
+ public function cookie($name, $default = null, $func = 'none')
+ {
+ if (!function_exists($func))
+ {
+ throw new Exception('Error in <b>'.__METHOD__.'</b>: function <b>'.$func. '</b> does not exists');
+ }
+ return isset($_COOKIE[$name]) ? call_user_func($func,$_COOKIE[$name]) : $default;
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Scaffold.php b/h-source/admin/Library/Scaffold.php
new file mode 100755
index 0000000..2ac3fa5
--- /dev/null
+++ b/h-source/admin/Library/Scaffold.php
@@ -0,0 +1,272 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+//class to manage the scaffold of the controller
+class Scaffold
+{
+
+ protected $_type = null; //the type of the scaffold. It can be 'main' or 'form'
+ protected $_queryType = null; //it can be insert or update
+
+ protected $_primaryKey = null; //the primary key of the table
+ protected $_controller = null; //the name of the controller
+
+ public $model = null; //the reference to the model associated with the controller
+
+ public $viewArgs = array(); //the associative array representing the status args of the main action of the controller.
+
+ public $params = array(); //associative array containing the parameters of the scaffold
+ public $html = array(); //associative array containing the HTML of the scaffold ('pageList'=>HTML,..)
+
+ public $mainMenu = null; //the reference to the MenuHelper object
+ public $pageList = null; //the reference to the PageDivisionHelper object
+ public $itemList = null; //the reference to the ListHelper object
+ public $popupMenu = null; //the reference to the PopupHelper object
+
+ public $form = null; //the reference to the form object
+ public $entries = null; //the entries of the form (string having entries separated by comma)
+ public $values = array(); //the values inserted in the form (taken from the table if $this->queryType === 'update' or if an error occured during the databse query, otherwise taken from the $_POST array)
+
+ //the list of fields of the select query
+ public $fields = null;
+
+ public function __construct($type,$controller,$model,$viewArgs,$params = null) {
+
+ $this->_type = $type;
+ $this->_controller = $controller;
+ $this->model = $model;
+ $this->viewArgs = $viewArgs;
+
+ $autoParams = array(
+ 'mainAction' => 'main',
+ 'modifyAction' => 'form/update',
+ 'associateAction' => 'associate',
+ 'panelController' => 'panel',
+ 'pageList' => true,
+ 'pageVariable' => 'page',
+ 'recordPerPage' => 10,
+ 'mainMenu' => 'panel,add',
+ 'formMenu' => 'panel,back',
+ 'postSubmitValue' => 'Save',
+ 'popup' => false,
+ 'popupType' => 'exclusive'
+ );
+
+ //set the $this->scaffold->params array
+ if (is_array($params)) {
+ foreach ($params as $key => $value) {
+ $autoParams[$key] = $value;
+ }
+ }
+ $this->params = $autoParams;
+
+ }
+
+ //ad some clauses to the select query
+ //whereArray = array ($table_field => $value)
+ public function appendWhereQueryClause($whereArray)
+ {
+ $this->model->appendWhereQueryClause($whereArray);
+ }
+
+ //set clauses to the select query
+ //whereArray = array ($table_field => $value)
+ public function setWhereQueryClause($whereArray)
+ {
+ $this->model->setWhereQueryClause($whereArray);
+ }
+
+ //initialize the main scaffold (ListHelper)
+ //$recordList: field of the table to show, $primaryKey: the key of the table
+ public function loadMain($recordList,$primaryKey,$theme = 'edit,del')
+ {
+ $this->_primaryKey = $primaryKey;
+
+ $recordListArray = explode(',',$recordList);
+ foreach ($recordListArray as $record) {
+ $this->itemList->addItem("simpleText",";$record;");
+ }
+
+ $themeArray = explode(',',$theme);
+
+ foreach ($themeArray as $el)
+ {
+ switch ($el)
+ {
+ case 'moveup':
+ $this->itemList->addItem('moveupForm',$this->_controller.'/'.$this->params['mainAction'],$primaryKey);
+ break;
+ case 'movedown':
+ $this->itemList->addItem('movedownForm',$this->_controller.'/'.$this->params['mainAction'],$primaryKey);
+ break;
+ case 'link':
+ $this->itemList->addItem('associateForm',$this->_controller.'/'.$this->params['associateAction'],$primaryKey);
+ break;
+ case 'edit':
+ $this->itemList->addItem('editForm',$this->_controller.'/'.$this->params['modifyAction'],$primaryKey);
+ break;
+ case 'del':
+ $this->itemList->addItem('delForm',$this->_controller.'/'.$this->params['mainAction'],$primaryKey);
+ break;
+ }
+ }
+
+ }
+
+ //initialize the form
+ //$queryType = insert/update
+ //$action: the action of the form (controller/action/queryString)
+ public function loadForm($queryType,$action)
+ {
+ $this->queryType = $queryType;
+ $submitName = $this->model->getSubmitName($queryType);
+ $value = $this->params['postSubmitValue'];
+ $viewStatus = Url::createUrl(array_values($this->viewArgs));
+ $this->model->setForm($action.$viewStatus,array($submitName => $value),'POST');
+ $this->form = $this->model->form;
+ }
+
+ //function to obtain the values to use in the form
+ //$func = function to validate the values
+ //$id = the id of the record (used if $_POST[$this->m[$this->model]->identifierName] is not present)
+ public function getFormValues($func = 'sanitizeHtml',$id = null,$defaultValues = array(),$functionsIfFromDb = array())
+ {
+ if ($this->_type === 'form')
+ {
+ $this->values = $this->model->getFormValues($this->queryType,$func,$id,$defaultValues,$functionsIfFromDb);
+ }
+ }
+
+ //set the head of the table
+ //$columnsName: name of the columns. It has to be a comma-separated list of strings
+ public function setHead($columnsName)
+ {
+ $this->itemList->setHead($columnsName);
+ }
+
+ //method to set the type of the entries of the form
+ //$entries: string containing the list of the entries where each entry is separated by comma: entry1,entry2,entry3
+ //$entryType: associative array that describes the entries of the form. The key is the entry name while the value is the entry type (textarea,inputText,etc)
+ public function setFormEntries($entries = 'model',$entryType = array(),$optionsArray = array())
+ {
+ if ($this->_type === 'form')
+ {
+ if ($entries === 'model')
+ {
+ $this->entries = $this->model->fields;
+ if ($this->queryType === 'update')
+ {
+ $this->entries .= ','. $this->model->identifierName;
+ }
+ }
+ else
+ {
+ $this->entries = null;
+ }
+ $entriesArray = explode(',',$this->entries);
+ if (isset($this->form))
+ {
+ foreach ($entriesArray as $entry)
+ {
+ $type = isset($entryType[$entry]) ? $entryType[$entry] : 'InputText';
+ $options = isset($optionsArray[$entry]) ? $optionsArray[$entry] : null;
+ $this->form->setEntry($entry,$type,$options);
+ }
+ if ($this->queryType === 'update')
+ {
+ $this->form->setEntry($this->model->identifierName,'Hidden');
+ }
+ }
+ else
+ {
+ throw new Exception('form object has not been initialized. Call the <b>scaffold->loadForm</b> method before');
+ }
+ }
+ }
+
+ //add an item to the list of items
+ public function addItem($type, $action = '', $field = '', $name = '') {
+ if ($this->_type === 'main') {
+ $this->itemList->addItem($type, $action, $field, $name);
+ }
+ }
+
+ //update the table
+ public function update($methodsList = '',$id = null) {
+ $this->model->updateTable($methodsList,$id);
+ }
+
+ //method to create the HTML of the scaffold
+ //$values: the values to insert in the from entries
+ public function render($values = null,$subset = null)
+ {
+
+ if ($this->_type === 'main')
+ {
+
+ $recordNumber = $this->model->rowNumber();
+
+ if (isset($this->viewArgs[$this->params['pageVariable']]))
+ {
+ $page = $this->viewArgs[$this->params['pageVariable']];
+ }
+ else
+ {
+ $this->params['pageList'] = false;
+ }
+
+ $recordPerPage = $this->params['recordPerPage'];
+
+ if ($this->params['pageList'] === true)
+ {
+ $this->model->limit = $this->pageList->getLimit($page,$recordNumber,$recordPerPage);
+ $this->html['pageList'] = $this->pageList->render((int)($page-2),5);
+ $position = array($page,$this->pageList->getNumbOfPages());
+ }
+ else
+ {
+ $this->model->limit = null;
+ $this->html['pageList'] = null;
+ $position = array(1,1);
+ }
+
+ $values = $this->model->getTable($this->fields);
+
+ $primaryKey = $this->_primaryKey;
+
+ //pass the variable position
+ $this->itemList->position = $position;
+ $this->html['main'] = $this->itemList->render($values);
+
+ $this->html['menu'] = $this->mainMenu->render($this->params['mainMenu']);
+
+ $popupHtml = null;
+ if ($this->params['popup'] === true)
+ {
+ $this->html['popup'] = $this->popupMenu->render();
+ $popupHtml = "<div class='verticalMenu'>\n".$this->html['popup']."\n</div>\n";
+ }
+
+ $this->html['all'] = "<div class='mainMenu'>".$this->html['menu']."</div>\n".$this->model->notice."\n $popupHtml \n<div class='recordsBox'>\n".$this->html['main']."\n</div>\n"."<div class='viewFooter'>\n<div class='pageList'>\n".$this->html['pageList']."</div>\n</div>\n\n";
+
+ }
+ else if ($this->_type === 'form')
+ {
+
+ $subset = (!isset($subset)) ? $this->entries : $subset;
+ $values = (!isset($values)) ? $this->values : $values;
+ $this->html['menu'] = $this->mainMenu->render($this->params['formMenu']);
+ $this->html['main'] = $this->form->render($values,$subset);
+ $this->html['all'] = "<div class='mainMenu'>\n".$this->html['menu']."\n</div>\n".$this->model->notice."\n<div class='scaffold_form'>\n".$this->html['main']."</div>\n";
+
+ }
+
+ return $this->html['all'];
+
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Strings/Functions.php b/h-source/admin/Library/Strings/Functions.php
new file mode 100644
index 0000000..eabc0d8
--- /dev/null
+++ b/h-source/admin/Library/Strings/Functions.php
@@ -0,0 +1,30 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+
+function eg_strlen($string)
+{
+ return Params::$mbStringLoaded === true ? mb_strlen($string,DEFAULT_CHARSET) : strlen($string);
+}
+
+
+function eg_strtoupper($string)
+{
+ return Params::$mbStringLoaded === true ? mb_strtoupper($string,DEFAULT_CHARSET) : strtoupper($string);
+}
+
+
+function eg_strtolower($string)
+{
+ return Params::$mbStringLoaded === true ? mb_strtolower($string,DEFAULT_CHARSET) : strtolower($string);
+}
+
+
+// function eg_substr($string, $start, $length)
+// {
+// return Params::$mbStringLoaded === true ? mb_strtolower($string,DEFAULT_CHARSET) : strtolower($string);
+// } \ No newline at end of file
diff --git a/h-source/admin/Library/Theme.php b/h-source/admin/Library/Theme.php
new file mode 100755
index 0000000..692697e
--- /dev/null
+++ b/h-source/admin/Library/Theme.php
@@ -0,0 +1,79 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Theme {
+
+ protected $_data = array();
+ protected $_viewFiles = array(); //view files to require
+ protected $_lastView = null;
+
+ public $baseUrl = null; //the base url of the website: http://domainname
+ public $baseUrlSrc = null; //the base url of the website (http://domainname) in the case MOD_REWRITE_MODULE has been set to false
+
+ public $viewArgs = array();
+ public $viewStatus = '';
+ public $controller = 'controller';
+ public $action = '';
+ public $currPage; //the URL of the current page
+
+ function __construct($controller) {
+ $this->controller = $controller;
+ $this->baseUrl = MOD_REWRITE_MODULE === true ? 'http://' . DOMAIN_NAME : 'http://' . DOMAIN_NAME . '/index.php';
+ $this->baseUrlSrc = 'http://' . DOMAIN_NAME;
+ }
+
+
+ public function set($values)
+ {
+ $this->_data = $values;
+ }
+
+ public function append($values)
+ {
+ $this->_data = array_merge($this->_data,$values);
+ }
+
+ //clean the $this->viewFiles array
+ public function clean() {
+ $this->_viewFiles = array();
+ $this->_lastView = null;
+ }
+
+ public function load($fileName,$option = 'none') {
+ if ((strcmp($option,'last') !== 0) and (strcmp($option,'none') !== 0)) {
+ throw new Exception('"'.$option. '" argument not allowed in '.__METHOD__.' method');
+ }
+ if ($option === 'last') {
+ $this->_lastView = $fileName;
+ } else {
+ $this->_viewFiles[] = $fileName;
+ }
+ }
+
+
+ public function render() {
+ extract($this->_data);
+
+ foreach ($this->_viewFiles as $file) {
+ if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Views' . DS . ucwords($this->controller) . DS . $file . '.php')) {
+ include (ROOT . DS . APPLICATION_PATH . DS . 'Views' . DS . ucwords($this->controller) . DS . $file . '.php');
+ } else {
+ include (ROOT . DS . APPLICATION_PATH . DS . 'Views' . DS . $file . '.php');
+ }
+ }
+
+ if (isset($this->_lastView)) {
+ if (file_exists(ROOT . DS . APPLICATION_PATH . DS . 'Views' . DS . ucwords($this->controller) . DS . $this->_lastView . '.php')) {
+ include (ROOT . DS . APPLICATION_PATH . DS . 'Views' . DS . ucwords($this->controller) . DS . $this->_lastView . '.php');
+ } else {
+ include (ROOT . DS . APPLICATION_PATH . DS . 'Views' . DS . $this->_lastView . '.php');
+ }
+ }
+
+ }
+
+}
diff --git a/h-source/admin/Library/Url.php b/h-source/admin/Library/Url.php
new file mode 100755
index 0000000..4e2ca5e
--- /dev/null
+++ b/h-source/admin/Library/Url.php
@@ -0,0 +1,36 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Url {
+
+ //get the url starting from the root folder
+ public static function getRoot($pathFromRootFolder = null) {
+ $url = MOD_REWRITE_MODULE === true ? 'http://' . DOMAIN_NAME . '/' . $pathFromRootFolder : 'http://' . DOMAIN_NAME . '/index.php/' . $pathFromRootFolder;
+ return $url;
+ }
+
+ //create an url string (element1/element2/element4) from the values of the array $valuesArray considering only the elements indicated in the numeric string $numericString (in this case '1,2,4')
+ public function createUrl($valuesArray,$numericString = null) {
+ $elementsArray = explode(',',$numericString);
+ $valuesArray = array_values($valuesArray);
+ $urlString = null;
+ for ($i = 0; $i < count($valuesArray); $i++)
+ {
+ if (isset($numericString)) {
+ if (isset($valuesArray[$i]) and in_array($i,$elementsArray)) {
+ $urlString .= "/".$valuesArray[$i];
+ }
+ } else {
+ if (isset($valuesArray[$i])) {
+ $urlString .= "/".$valuesArray[$i];
+ }
+ }
+ }
+ return $urlString;
+ }
+
+}
diff --git a/h-source/admin/Library/Users/CheckAdmin.php b/h-source/admin/Library/Users/CheckAdmin.php
new file mode 100755
index 0000000..9a47b16
--- /dev/null
+++ b/h-source/admin/Library/Users/CheckAdmin.php
@@ -0,0 +1,369 @@
+<?php
+
+// All EasyGiant code is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
+// See COPYRIGHT.txt and LICENSE.txt.
+
+if (!defined('EG')) die('Direct access not allowed!');
+
+class Users_CheckAdmin {
+
+ public $status = array();
+
+ protected $_sessionsTable; //table containing all the sessions
+ protected $_usersTable; //table containing all the users
+ protected $_groupsTable; //table containing all the groups
+ protected $_manyToManyTable; //table for many to many relationships
+ protected $_accessesTable; //table containing all the accesses to admin side
+ protected $uid = null;
+ protected $_token = null; //token used in order to defense against CSRF (cross sire request forgeries)
+ protected $_login; //login action
+ protected $_main; //main action
+ protected $_retype; //retype (the password) action
+ protected $_db; //reference to the database layer class
+ protected $_params = array(); //the parameters of the object
+
+ public function __construct($params = null) {
+ $this->_params = $params;
+
+ $this->_sessionsTable = $params['sessionsTable'];
+ $this->_usersTable = $params['usersTable'];
+ $this->_groupsTable = $params['groupsTable'];
+ $this->_manyToManyTable = $params['manyToManyTable'];
+ $this->_accessesTable = $params['accessesTable'];
+ $this->_login = Url::getRoot(null) . $params['users_controller'] . '/' . $params['users_login_action'] ;
+ $this->_main = Url::getRoot(null) . $params['panel_controller'] . '/' . $params['panel_main_action'] ;
+ $this->_retype = Url::getRoot(null) . $params['users_controller'] . '/' . $params['hijacking_action'] ;
+ $this->_db = Factory_Db::getInstance($params['database_type']);
+ }
+
+ private function acquireCookie() { #obtain cookie
+ #cookie
+ $this->uid = NULL;
+ global $_COOKIE;
+ $this->uid = isset($_COOKIE[$this->_params['cookie_name']]) ? sanitizeAlnum($_COOKIE[$this->_params['cookie_name']]) : null;
+ }
+
+ private function cleanSessions()
+ {
+ #cancello le sessioni scadute
+ $row = $this->_db->select($this->_sessionsTable,'creation_date',"uid='".$this->uid."'");
+ if ($row)
+ {
+ if ($row[0][$this->_sessionsTable]['creation_date'])
+ {
+ if($row[0][$this->_sessionsTable]['creation_date'] + $this->_params['session_expire'] <= time())
+ {
+ setcookie($this->_params['cookie_name'],'',time()-3600,$this->_params['cookie_path']);
+ }
+ }
+ }
+ $this->_db->del($this->_sessionsTable,"creation_date + " . $this->_params['session_expire'] . " <= ".time());
+ }
+
+ public function checkStatus()
+ { #controlla se l'utente è già loggato
+ $this->acquireCookie(); #ottengo il cookie
+ $this->cleanSessions(); #elimino le sessioni vecchie
+ $row=$this->_db->select($this->_usersTable.','.$this->_sessionsTable,$this->_usersTable.'.id_user,username,token,user_agent',$this->_usersTable.".id_user=".$this->_sessionsTable.".id_user and uid='".$this->uid."'");
+ if (count($row) === 1 and $row !== false)
+ {
+ $this->status['user']=$row[0][$this->_usersTable]['username'];
+ $this->status['status']='logged';
+ $this->status['id_user']=$row[0][$this->_usersTable]['id_user'];
+ $this->status['user_agent'] = $row[0][$this->_sessionsTable]['user_agent'];
+ $this->status['token'] = $row[0][$this->_sessionsTable]['token'];
+ $this->obtainGroups();
+ } else {
+ $this->status['user']='sconosciuto';
+ $this->status['status']='not-logged';
+ $this->status['id_user']='';
+ $this->status['user_agent']='';
+ $this->status['token'] = '';
+ $this->status['groups'] = array();
+ }
+ }
+
+ public function redirect($val,$time = 3) { #fa il redirect dell'utente
+ if ($val === 'logged') {
+ header('Refresh: '.$time.';url='.$this->_main);
+ if ($time !== 0) echo "You are already logged, ".$this->status['user']."..";
+ } else if ($val === 'accepted') {
+ header('Refresh: '.$time.';url='.$this->_main);
+ if ($time !== 0) echo "Hi ".$this->status['user']."..";
+ } else if ($val === 'login-error') {
+ header('Refresh: '.$time.';url='.$this->_login);
+ if ($time !== 0) echo "Wrong username or password...";
+ } else if ($val === 'not-logged') {
+ header('Refresh: '.$time.';url='.$this->_login);
+ if ($time !== 0) echo "Limited access... sorry";
+ } else if ($val === 'not-authorized') {
+ header('Refresh: '.$time.';url='.$this->_main);
+ if ($time !== 0) echo "Your account doesn't allow you to manage this page.. sorry!";
+ } else if ($val === 'stolen') {
+ header('Refresh: '.$time.';url='.$this->_login);
+ if ($time !== 0) echo "Your session have been probably intercepted! Please login another time.";
+ } else if ($val === 'retype') {
+ header('Refresh: '.$time.';url='.$this->_retype);
+ if ($time !== 0) echo "Your session have been probably intercepted. Please type your password another time.";
+ } else if ($val === 'wait') {
+ header('Refresh: '.$time.';url='.$this->_login);
+ if ($time !== 0) echo "You have to wait ".$this->_params['time_after_failure']." seconds before you can try to login another time";
+ }
+ exit;
+ }
+
+ //obtain the group of the user
+ private function obtainGroups()
+ {
+ $tables = $this->_usersTable.','.$this->_groupsTable.','.$this->_manyToManyTable;
+ $fields = $this->_groupsTable.'.name';
+ $where = $this->_usersTable.'.id_user='.$this->_manyToManyTable.'.id_user and '.$this->_groupsTable.'.id_group='.$this->_manyToManyTable.'.id_group and '.$this->_usersTable.'.id_user='.$this->status['id_user'];
+ $groups = $this->_db->select($tables,$fields,$where);
+ $this->status['groups'] = array();
+ foreach ($groups as $group)
+ {
+ $this->status['groups'][] = $group[$this->_groupsTable]['name'];
+ }
+ }
+
+ //$groups: string with name of groups separated by comma; ex: base,root,users
+ public function checkAccess($groups)
+ {
+ $groupsArray = explode (',',$groups);
+ foreach ($this->status['groups'] as $group)
+ {
+ if (in_array($group,$groupsArray)) return true;
+ }
+ return false;
+ }
+
+ //check that the user is logged and, if present, check the group of the user (if loggeg)
+ //$groups: comma-separated list of groups whose users can access the page
+ //$time: time before the redirect is carried out
+ public function check($groups = null, $time = 3)
+ {
+ $this->checkStatus();
+ if (strcmp($this->status['status'],'not-logged') === 0)
+ {
+ $this->redirect('not-logged',$time);
+ }
+ else if (strcmp($this->status['status'],'logged') === 0)
+ {
+ if ($this->_params['hijacking_check'])
+ {
+ if (!$this->checkHijacking())
+ {
+ if ($this->_params['on_hijacking_event'] === 'forceout')
+ {
+ $this->logout();
+ $this->redirect('stolen',$time);
+ }
+ else if ($this->_params['on_hijacking_event'] === 'redirect')
+ {
+ $this->redirect('retype',$time);
+ }
+ }
+ }
+// $this->obtainGroups();
+ if (isset($groups))
+ {
+ $permission = $this->checkAccess($groups);
+ if (!$permission) $this->redirect('not-authorized',$time);
+ }
+ }
+ }
+
+ //check if someone have stolen your uid
+ private function checkHijacking()
+ {
+ if (array_key_exists('user_agent',$this->status))
+ {
+ if (strcmp($this->status['user_agent'],'') !== 0)
+ {
+ if (strcmp($this->status['user_agent'],getUserAgent()) === 0)
+ {
+ return true;
+ }
+ }
+ }
+ return false;
+ }
+
+ //check CSRF
+ //$token: token to check
+ public function checkCSRF($token)
+ {
+ if (strcmp($this->status['token'],'') !== 0)
+ {
+ if (strcmp($this->status['token'],$token) === 0)
+ {
+ return true;
+ }
+ }
+ return false;
+ }
+
+ //get an array containing all the users currently logged
+ public function getUsersLogged()
+ {
+ $usersLogged = array();
+ $data=$this->_db->select($this->_usersTable.','.$this->_sessionsTable,'DISTINCT '.$this->_usersTable.'.username',$this->_usersTable.".id_user=".$this->_sessionsTable.".id_user");
+ foreach ($data as $row)
+ {
+ $usersLogged[] = $row[$this->_usersTable]['username'];
+ }
+ return $usersLogged;
+ }
+
+ //get the password of the current user
+ public function getPassword()
+ {
+ $row=$this->_db->select($this->_usersTable,'password',"id_user=".$this->status['id_user']);
+ if ($row !== false)
+ {
+ return $row[0][$this->_usersTable]['password'];
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+ private function checkPassword($user,$pwd) { #check username and password
+
+ if (!in_array($this->_params['password_hash'],Params::$allowedHashFunc))
+ {
+ throw new Exception('Error in '.__METHOD__.' : the hash func has to be '.implode(' or ',Params::$allowedHashFunc));
+ }
+ //calculate the hash of the password
+ $pwd = call_user_func($this->_params['password_hash'],$pwd);
+
+ $row=$this->_db->select($this->_usersTable,$this->_usersTable.'.id_user,username,password',"username=\"".$user."\" and password=\"".$pwd."\" and has_confirmed=0");
+ if (count($row) === 1 and $row !== false)
+ {
+ $this->status['user'] = $row[0][$this->_usersTable]['username'];
+ $this->status['status'] = 'accepted';
+ $this->status['id_user'] = $row[0][$this->_usersTable]['id_user'];
+ }
+ else
+ {
+ $this->status['user'] = 'unknown';
+ $this->status['status'] = 'login-error';
+ $this->status['id_user'] = '';
+ if ($this->_db->recordExists($this->_usersTable,'username',$user))
+ {
+ $this->_db->update($this->_usersTable,'last_failure',array(time()),'username="'.$user.'"');
+ }
+ }
+ }
+
+ //check that enough time is passed since the last failure of the user
+ private function checkLastFailure($user)
+ {
+ //current time
+ $now = time();
+ //max time
+ $max = $now - $this->_params['time_after_failure'];
+ $data = $this->_db->select($this->_usersTable,'last_failure','username="'.$user.'"');
+ if (count($data) === 1 and $data !== false)
+ {
+ if ($data[0][$this->_usersTable]['last_failure'] < $max)
+ {
+ return true;
+ }
+ return false;
+ }
+ else
+ {
+ return true;
+ }
+ }
+
+ public function login($user,$pwd)
+ {
+ $user = sanitizeAll($user);
+ $this->checkStatus();
+ //check if already logged
+ if ($this->status['status'] === 'logged')
+ {
+// $this->redirect('logged');
+ return 'logged';
+ }
+ else
+ {
+ if ($this->checkLastFailure($user))
+ {
+ $this->checkPassword($user,$pwd);
+ if ($this->status['status']==='accepted')
+ {
+ $this->uid = md5(randString(10).uniqid(mt_rand(),true));
+ $this->_token = md5(randString(12));
+ $userAgent = getUserAgent();
+ $this->_db->insert($this->_sessionsTable,'id_user,uid,token,creation_date,user_agent',array($this->status['id_user'],$this->uid,$this->_token,time(),$userAgent));
+ setcookie($this->_params['cookie_name'],$this->uid,0,$this->_params['cookie_path']); #magic cookie
+ $this->updateAccesses();
+
+ $this->_db->del($this->_sessionsTable,'id_user='.$this->status['id_user'].' AND uid != "'.$this->uid.'"');
+
+// $this->redirect('accepted');
+ return 'accepted';
+ }
+ else if ($this->status['status']==='login-error')
+ {
+// $this->redirect('login-error');
+ return 'login-error';
+ }
+ }
+ else
+ {
+// $this->redirect('wait');
+ return 'wait';
+ }
+ }
+// $this->redirect('login-error');
+ return 'login-error';
+ }
+
+ private function updateAccesses()
+ {
+ $ip=getIp(); #ip
+ $date=date('d'). "-" . date('m') . "-" . date('Y'); #date
+ $ora=date('H') . ":" . date('i'); #time
+ $values=array($ip,$date,$ora,$this->status['user']);
+ $res=$this->_db->insert($this->_accessesTable,'ip,data,ora,username',$values);
+ }
+
+ //force out an user
+ //$id: the id of the user
+ public function forceOut($id)
+ {
+ $id = (int)$id;
+ if ($this->_db->del($this->_sessionsTable,'id_user='.$id))
+ {
+ return true;
+ }
+ return false;
+ }
+
+ public function logout()
+ {
+ $this->checkStatus();
+ if ($this->status['status'] === 'logged')
+ {
+ setcookie ($this->_params['cookie_name'], "", time() - 3600,$this->_params['cookie_path']);
+ if ($this->_db->del($this->_sessionsTable,'id_user='.$this->status['id_user']))
+ {
+ return 'was-logged';
+ }
+ else
+ {
+ return 'error';
+ }
+ }
+ else
+ {
+ return 'not-logged';
+ }
+ }
+
+} \ No newline at end of file
diff --git a/h-source/admin/Library/Users/index.html b/h-source/admin/Library/Users/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/Users/index.html
@@ -0,0 +1 @@
+
diff --git a/h-source/admin/Library/index.html b/h-source/admin/Library/index.html
new file mode 100644
index 0000000..8d1c8b6
--- /dev/null
+++ b/h-source/admin/Library/index.html
@@ -0,0 +1 @@
+