API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Feb 19th, 2016
177
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 53.68 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. /**
  4. * Referer information
  5. * @author SPEED Interactive Agency
  6. * @project web-cms
  7. * @year 2009-2013
  8. */
  9.  
  10. if(!$dprotect) die ('Access Denied!');
  11.  
  12. class Core {
  13.  
  14. public function Core() {
  15.  
  16. }
  17.  
  18. ############################################
  19. # DATABASE CONNECTION
  20. ############################################
  21.  
  22. public function dbConnect () {
  23. try {
  24. $this->db = new PDO('mysql:host='.DB_HOST.';dbname='.DB_NAME, DB_USER, DB_PASS);
  25. $this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  26. $this->db->setAttribute(PDO::ATTR_EMULATE_PREPARES, true);
  27. $this->db->setAttribute(PDO::MYSQL_ATTR_USE_BUFFERED_QUERY, true);
  28. $this->db->query("SET NAMES utf8");
  29. } catch(PDOException $e){
  30. DEBUG ? die('DATABASE CONNECTION ERROR: ' . $e->getMessage()) : die();
  31. }
  32. }
  33.  
  34. public function dbDisconnect () {
  35. unset($this->db);
  36. }
  37.  
  38. ############################################
  39. # CORE FUNCTIONS
  40. ############################################
  41.  
  42. public function postRequest($url, $data)
  43. {
  44. $data = http_build_query($data);
  45. $context_options = array (
  46. 'http' => array (
  47. 'method' => 'POST',
  48. 'header'=> "Content-type: application/x-www-form-urlencoded\r\n"
  49. . "Content-Length: " . strlen($data) . "\r\n",
  50. 'content' => $data
  51. )
  52. );
  53. $context = stream_context_create($context_options);
  54. $fp = @fopen($url, 'r', false, $context);
  55. if($fp) {
  56. $response = stream_get_contents($fp);
  57. fclose($fp);
  58. return $response;
  59. } else {
  60. return false;
  61. }
  62. }
  63.  
  64. public function generatePassword($length=16) {
  65. $chars = 'qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890';
  66. $password = '';
  67. for ($i = 0; $i < $length; $i++) {
  68. $password .= $chars[(rand() % strlen($chars))];
  69. }
  70. return $password;
  71. }
  72.  
  73. public function checkElementInString($list, $str) {
  74. $hit = false;
  75. foreach($list as $k => $v) {
  76. if(strstr($str, $v)) $hit = true;
  77. }
  78. return $hit;
  79. }
  80.  
  81. public static function check($str, $what='default') {
  82.  
  83. switch($what) {
  84. case 'email':
  85. if (preg_match('/^[_\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\.)+[a-z]{2,4}$/i', $str)) {
  86. return true;
  87. } else {
  88. return false;
  89. }
  90. break;
  91. case 'url':
  92. if (preg_match('/^(http:\/\/[\.0-9a-z-]+\.[a-z]{2,4}\/?.*)$/i', $str, $tmp)) {
  93. return $tmp[1];
  94. } else {
  95. if(preg_match('/^(http:\/\/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\/[_=\.,\/\?0-9a-z-]+\.jpe?g)$/i', $str, $tmp)) {
  96. return $tmp[1];
  97. } else {
  98. return false;
  99. }
  100. }
  101. break;
  102. case 'domain':
  103. if (preg_match('/^([\.0-9a-z-]+\.[a-z]{2,4})$/i', $str, $tmp)) {
  104. return $tmp[1];
  105. } else {
  106. if(preg_match('/^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})$/i', $str, $tmp)) {
  107. return $tmp[1];
  108. } else {
  109. return false;
  110. }
  111. }
  112. break;
  113. case 'ip':
  114. if(preg_match('/^([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})\.([0-9]{1,3})$/i', $str, $tmp)
  115. && $tmp[1] < 256 && $tmp[1] > 0 && $tmp[2] < 256 && $tmp[3] < 256 && $tmp[4] < 256) {
  116. return $tmp[1].'.'.$tmp[2].'.'.$tmp[3].'.'.$tmp[4];
  117. } else {
  118. return false;
  119. }
  120. break;
  121. case 'phone':
  122. $str = str_replace("-", "", str_replace(" ", "", $str));
  123. if (preg_match('/^\+[0-9]{11}$/i', $str)) {
  124. return $str;
  125. } else {
  126. return false;
  127. }
  128. break;
  129. case 'link':
  130. if (preg_match('/^[0-9a-z_\-]+$/i', $str)) {
  131. return $str;
  132. } else {
  133. return false;
  134. }
  135. break;
  136. case 'flink':
  137. $elements = Array('!', '#', '$', '%', '^', '&', '*', '(', ')', '=', '{', '}', '[', ']', ';', '"', "'", '|', '<', '>', chr(92), '+', '_', ':', ',', '.', '/', '?', '`', '~', '@');
  138. $pl = Array('ę', 'ó', 'ą', 'ś', 'ł', 'ż', 'ź', 'ć', 'ń', '�?', 'Ó', 'Ą', 'Ś', '�?', 'Ż', 'Ź', 'Ć', '�?');
  139. $no_pl = Array('e', 'o', 'a', 's', 'l', 'z', 'z', 'c', 'n', 'E', 'O', 'A', 'S', 'L', 'Z', 'Z', 'C', 'N');
  140. return str_replace($elements, '', strtolower(str_replace($pl, $no_pl, str_replace(' ', '-', preg_replace('/\s\s+/i', ' ', str_replace('-', ' ', trim(strip_tags($str))))))));
  141. break;
  142. case 'user':
  143. $reserved = Array("mail", "admin", "webmaster", "postmaster", "administrator");
  144. if (preg_match('/^[a-zA-Z0-9]+$/i', $str) && strlen($str)>2 && !in_array($str, $reserved)) {
  145. return true;
  146. } else {
  147. return false;
  148. }
  149. break;
  150. case 'password':
  151. if (strlen($str)>3) {
  152. return true;
  153. } else {
  154. return false;
  155. }
  156. break;
  157. case 'vulgarism':
  158. $vulgar = Array('zajeb', 'kurw', 'huj', 'pierd', 'fuck', 'whore', 'dick', 'suck', 'prick', 'cipa',
  159. 'cipy', 'cipo', 'cipe', 'cipę', 'cipą', 'zjeb', 'kutas', 'dupa', 'dupe', 'dupy', 'dziwka', 'dziwke', 'dziwki');
  160. if ($this->checkElementInString($vulgar, $str)) {
  161. return false;
  162. } else {
  163. return true;
  164. }
  165. case 'html':
  166. //return htmlspecialchars(str_replace(Array('"', "'"), "", $str));
  167. return htmlspecialchars($str);
  168. break;
  169. case 'htmldec':
  170. return htmlspecialchars_decode($str);
  171. break;
  172. case 'plain':
  173. if(!is_array($str)) {
  174. $elements = Array('!', '#', '$', '%', '^', '&', '*', '=', '{', '}', ';', '"', "'", '|', '<', '>', chr(92));
  175. return str_replace($elements, '', strip_tags($str));
  176. } else {
  177. return $str;
  178. }
  179. break;
  180. case 'hardplain':
  181. $elements = Array('!', '#', '$', '%', '^', '&', '*', '(', ')', '=', '{', '}', '[', ']', ';', '"', "'", '|', '<', '>', chr(92), '+', '_', ':', ',', '.', '/', '?', '`', '~', '@');
  182. $pl = Array('ę', 'ó', 'ą', 'ś', 'ł', 'ż', 'ź', 'ć', 'ń', '�?', 'Ó', 'Ą', 'Ś', '�?', 'Ż', 'Ź', 'Ć', '�?');
  183. $no_pl = Array('e', 'o', 'a', 's', 'l', 'z', 'z', 'c', 'n', 'E', 'O', 'A', 'S', 'L', 'Z', 'Z', 'C', 'N');
  184. return str_replace($pl, $no_pl, str_replace($elements, '', strip_tags($str)));
  185. break;
  186. case 'generatelink':
  187. $elements = Array('!', '#', '$', '%', '^', '&', '*', '(', ')', '=', '{', '}', '[', ']', ';', '"', "'", '|', '<', '>', chr(92), '+', '_', ':', ',', '.', '/', '?', '`', '~', '@', ' ');
  188. $pl = Array('ę', 'ó', 'ą', 'ś', 'ł', 'ż', 'ź', 'ć', 'ń', '�?', 'Ó', 'Ą', 'Ś', '�?', 'Ż', 'Ź', 'Ć', '�?');
  189. $no_pl = Array('e', 'o', 'a', 's', 'l', 'z', 'z', 'c', 'n', 'E', 'O', 'A', 'S', 'L', 'Z', 'Z', 'C', 'N');
  190. return strtolower(str_replace($pl, $no_pl, str_replace($elements, '_', strip_tags($str))));
  191. case 'default':
  192. if (preg_match('/^[ _,\.ęóąśłżźćń�?ÓĄŚ�?ŻŹĆ�?a-zA-Z0-9-]+$/i', $str)) {
  193. return true;
  194. } else {
  195. return false;
  196. }
  197. break;
  198. default:
  199. return false;
  200. }
  201. }
  202.  
  203. public function extractLink($link)
  204. {
  205. if($link) {
  206. $link = explode('/', $link);
  207. foreach($link as $k => $v) {
  208. $link[$k] = $this->check($v, 'plain');
  209. }
  210. return $link;
  211. } else {
  212. return false;
  213. }
  214. }
  215.  
  216. public function xssFilter()
  217. {
  218. foreach($_POST as $k => $v) {
  219. !is_array($v) ? $_POST[$k] = $this->check($v, 'plain') : null;
  220. }
  221. }
  222.  
  223. public function extension($filename)
  224. {
  225. if(preg_match('/^(.*)\.(.*)$/i', $filename, $ext))
  226. {
  227. return strtolower($ext[2]);
  228. } else {
  229. return FALSE;
  230. }
  231. }
  232.  
  233. public function isValidDate($date)
  234. {
  235. if (preg_match("/^(\d{4})-(\d{2})-(\d{2})$/i", $date, $matches)) {
  236. if (checkdate($matches[2], $matches[3], $matches[1])) {
  237. return true;
  238. }
  239. }
  240. return false;
  241. }
  242.  
  243. public function isValidTime($time)
  244. {
  245. if (preg_match("/^([01][0-9]|2[0-3]):([0-5][0-9]):([0-5][0-9])$/i", $time)) {
  246. return true;
  247. }
  248. return false;
  249. }
  250.  
  251. ############################################
  252. # LOGIN FUNCTIONS
  253. ############################################
  254.  
  255. public function loginUser ($user, $password) {
  256.  
  257. global $config;
  258.  
  259. if($user == $config['user'] && md5($password) == $config['pass']) {
  260. $_SESSION['auth']['user'] = $user;
  261. $_SESSION['auth']['hash'] = md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $_SESSION['auth']['user']);
  262. return true;
  263. }
  264.  
  265. if(!$_SESSION['auth']['hash']) {
  266. $_SESSION['msg']['text'] = 'Błąd logowania.';
  267. $_SESSION['msg']['err'] = true;
  268. return false;
  269. }
  270.  
  271. }
  272.  
  273. public function logoutUser ()
  274. {
  275. if($_SESSION['auth']['hash'] == md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $_SESSION['auth']['user'])) {
  276. unset($_SESSION['auth']);
  277. return true;
  278. } else {
  279. return false;
  280. }
  281. }
  282.  
  283. public function checkLogedIn ()
  284. {
  285. if($_SESSION['auth']['hash'] == md5($_SERVER['REMOTE_ADDR'] . $_SERVER['HTTP_USER_AGENT'] . $_SESSION['auth']['user'])) {
  286. return true;
  287. } else {
  288. unset($_SESSION['auth']);
  289. return false;
  290. }
  291. }
  292.  
  293. ############################################
  294. # CONFIGURATION FUNCTIONS
  295. ############################################
  296.  
  297. public function readConfiguration()
  298. {
  299. try{
  300. $sql = "
  301. SELECT
  302. *
  303. FROM
  304. `config`
  305. LIMIT 1;
  306. ";
  307.  
  308. $stmt = $this->db->prepare($sql);
  309. $stmt->execute();
  310. $result = $stmt->fetch(PDO::FETCH_ASSOC);
  311. foreach($result as $k => $v) {
  312. $retval[$k] = $v;
  313.  
  314. if ($k == 'slogan') $retval[$k] = $this->check($v, 'htmldec');
  315. }
  316. $stmt->closeCursor();
  317. return $retval;
  318. } catch(PDOException $e){
  319. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  320. }
  321. }
  322.  
  323. public function updateConfig()
  324. {
  325.  
  326. if($_POST['pass']) $_POST['pass'] = md5($_POST['pass']); else unset($_POST['pass']);
  327. $_POST['slogan'] = $this->check($_POST['slogan'], 'html');
  328.  
  329. foreach($_POST as $k => $v) {
  330. if($k!='action') {
  331. $query .= "`$k` = :$k,\n";
  332. }
  333. }
  334.  
  335. try{
  336. $sql = "
  337. UPDATE
  338. `config`
  339. SET
  340. $query
  341. `control` = 1
  342. LIMIT 1;
  343. ";
  344.  
  345. $stmt = $this->db->prepare($sql);
  346. foreach($_POST as $k => $v) {
  347. if($k!='action') {
  348. $stmt->bindValue(":$k", $v, PDO::PARAM_STR);
  349. }
  350. }
  351.  
  352. $stmt->execute();
  353. $stmt->closeCursor();
  354. unset($stmt);
  355. } catch(PDOException $e){
  356. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  357. }
  358. return true;
  359. }
  360.  
  361. ############################################
  362. # PAGES FUNCTIONS
  363. ############################################
  364.  
  365. public function addPage($link, $title, $description, $keywords, $text)
  366. {
  367. if(!$title) {
  368. $_SESSION['msg']['text'] = 'You need to fill title.';
  369. $_SESSION['msg']['err'] = true;
  370. return false;
  371. }
  372.  
  373. if(!$this->check($link, 'link')) {
  374. $_SESSION['msg']['text'] = 'Incorrect characters in link. Allowed characters are: "a"-"z", "0"-"9" oraz "-" i "_".';
  375. $_SESSION['msg']['err'] = true;
  376. return false;
  377. }
  378.  
  379. if(!$text) {
  380. $_SESSION['msg']['text'] = 'You need to fill content.';
  381. $_SESSION['msg']['err'] = true;
  382. return false;
  383. }
  384.  
  385. try{
  386. $sql = "
  387. INSERT INTO
  388. `pages`
  389. SET
  390. `link` = :link,
  391. `title` = '".$this->check(stripslashes($title), 'html')."',
  392. `description` = :description,
  393. `keywords` = :keywords,
  394. `text` = '".$this->check(stripslashes($text), 'html')."'
  395. ";
  396.  
  397. $stmt = $this->db->prepare($sql);
  398. $stmt->bindValue(':link', $link, PDO::PARAM_STR);
  399. $stmt->bindValue(':description', $description, PDO::PARAM_STR);
  400. $stmt->bindValue(':keywords', $keywords, PDO::PARAM_STR);
  401. $stmt->execute();
  402. $stmt->closeCursor();
  403. $last = $this->db->lastInsertId();
  404. unset($stmt);
  405. } catch(PDOException $e){
  406. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  407. }
  408. $this->db->query("UPDATE `pages` SET `order`=".$last." WHERE `id`=".$last." LIMIT 1;");
  409. return true;
  410. }
  411.  
  412.  
  413. public function updatePage($id, $link, $title, $description, $keywords, $text)
  414. {
  415. if(!$title) {
  416. $_SESSION['msg']['text'] = 'You need to fill title.';
  417. $_SESSION['msg']['err'] = true;
  418. return false;
  419. }
  420.  
  421. if(!$this->check($link, 'link')) {
  422. $_SESSION['msg']['text'] = 'Incorrect characters in link. Allowed characters are: "a"-"z", "0"-"9" oraz "-" i "_".';
  423. $_SESSION['msg']['err'] = true;
  424. return false;
  425. }
  426.  
  427. if(!$text) {
  428. $_SESSION['msg']['text'] = 'You need to fill content.';
  429. $_SESSION['msg']['err'] = true;
  430. return false;
  431. }
  432.  
  433. try{
  434. $sql = "
  435. UPDATE
  436. `pages`
  437. SET
  438. `link` = :link,
  439. `title` = '".$this->check(stripslashes($title), 'html')."',
  440. `description` = :description,
  441. `keywords` = :keywords,
  442. `text` = '".$this->check(stripslashes($text), 'html')."'
  443. WHERE
  444. `id` = :id
  445. LIMIT 1;
  446. ";
  447.  
  448. $stmt = $this->db->prepare($sql);
  449. $stmt->bindValue(':link', $link, PDO::PARAM_STR);
  450. $stmt->bindValue(':description', $description, PDO::PARAM_STR);
  451. $stmt->bindValue(':keywords', $keywords, PDO::PARAM_STR);
  452. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  453. $stmt->execute();
  454. $stmt->closeCursor();
  455. unset($stmt);
  456. } catch(PDOException $e){
  457. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  458. }
  459. return true;
  460. }
  461.  
  462. public function pageDetailsForId($id)
  463. {
  464. try{
  465. $sql = "
  466. SELECT
  467. *
  468. FROM
  469. `pages`
  470. WHERE
  471. `id` = :id
  472. LIMIT 1;
  473. ";
  474.  
  475. $stmt = $this->db->prepare($sql);
  476. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  477. $stmt->execute();
  478. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  479. $stmt->closeCursor();
  480. $retval['title'] = $this->check($retval['title'], 'htmldec');
  481. $retval['text'] = $this->check($retval['text'], 'htmldec');
  482. return $retval ? $retval : array();
  483. } catch(PDOException $e){
  484. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  485. }
  486. }
  487.  
  488. public function pageDetailsForLink($link)
  489. {
  490. try{
  491. $sql = "
  492. SELECT
  493. *
  494. FROM
  495. `pages`
  496. WHERE
  497. `link` = :link
  498. LIMIT 1;
  499. ";
  500.  
  501. $stmt = $this->db->prepare($sql);
  502. $stmt->bindValue(':link', $link, PDO::PARAM_STR);
  503. $stmt->execute();
  504. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  505. $stmt->closeCursor();
  506. $retval['title'] = $this->check($retval['title'], 'htmldec');
  507. $retval['text'] = $this->check($retval['text'], 'htmldec');
  508. return $retval ? $retval : array();
  509. } catch(PDOException $e){
  510. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  511. }
  512. }
  513.  
  514. public function searchPages($text="", $page=1, $perpage=5)
  515. {
  516. if($text) $cond .= " AND (`title` LIKE :text OR `text` LIKE :text)";
  517.  
  518. $page < 1 ? $page = 1 : null;
  519. $perpage < 1 ? $perpage = 5 : null;
  520.  
  521. try{
  522.  
  523. $sql = "
  524. SELECT
  525. COUNT(`id`) AS `count`
  526. FROM
  527. `pages`
  528. WHERE
  529. 1 ".$cond."
  530. ORDER BY
  531. `order` ASC
  532. ";
  533.  
  534. $stmt = $this->db->prepare($sql);
  535. if($text) $stmt->bindValue(':text', '%'.$this->check($text, 'html').'%', PDO::PARAM_STR);
  536. $stmt->execute();
  537. $number = $stmt->fetch(PDO::FETCH_ASSOC);
  538. $stmt->closeCursor();
  539.  
  540. } catch(PDOException $e){
  541. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  542. }
  543.  
  544. $retval['pages'] = ceil($number['count'] / $perpage);
  545. $page > $retval['pages'] ? $page =$retval['pages'] : null;
  546.  
  547. if(!$number['count']) {
  548. return $retval;
  549. }
  550.  
  551. try{
  552. $sql = "
  553. SELECT
  554. *
  555. FROM
  556. `pages`
  557. WHERE
  558. 1 ".$cond."
  559. ORDER BY
  560. `order` ASC
  561. LIMIT
  562. :page, :perpage;
  563. ";
  564.  
  565. $stmt = $this->db->prepare($sql);
  566. if($text) $stmt->bindValue(':text', '%'.$this->check($text, 'html').'%', PDO::PARAM_STR);
  567. $stmt->bindValue(':page', ($page-1)*$perpage, PDO::PARAM_INT);
  568. $stmt->bindValue(':perpage', $perpage, PDO::PARAM_INT);
  569. $stmt->execute();
  570. $i=1;
  571. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  572. foreach($result as $k => $v) {
  573. $retval['data'][$result['id']][$k] = $v;
  574. }
  575. $retval['data'][$result['id']]['title'] = $this->check($retval['data'][$result['id']]['title'], 'htmldec');
  576. $retval['data'][$result['id']]['text'] = $this->check($retval['data'][$result['id']]['text'], 'htmldec');
  577. $order[$i]['id'] = $result['id'];
  578. $order[$i]['order'] = $result['order'];
  579. $i++;
  580. }
  581. $i = 1;
  582. if($order) foreach($order as $k => $v) {
  583. if($i == 1) {
  584. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  585. $i++;
  586. } elseif ($i == count($result)) {
  587. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  588. $i++;
  589. } else {
  590. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  591. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  592. $i++;
  593. }
  594. }
  595. $stmt->closeCursor();
  596. return $retval;
  597.  
  598. } catch(PDOException $e){
  599. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  600. }
  601.  
  602. }
  603.  
  604. public function listPages() {
  605. try{
  606. $sql = "
  607. SELECT
  608. *
  609. FROM
  610. `pages`
  611. ORDER BY
  612. `order` ASC
  613. ";
  614.  
  615. $stmt = $this->db->prepare($sql);
  616. $stmt->execute();
  617. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  618. foreach($result as $k => $v) {
  619. $retval[$result['id']][$k] = $v;
  620. }
  621. }
  622. $stmt->closeCursor();
  623. return $retval;
  624. } catch(PDOException $e){
  625. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  626. }
  627. }
  628.  
  629. public function delPage($id)
  630. {
  631. try{
  632. $sql = "
  633. DELETE FROM
  634. `pages`
  635. WHERE
  636. `id` = :id
  637. AND
  638. `static` = 0
  639. LIMIT 1;
  640. DELETE FROM
  641. `gal2pages`
  642. WHERE
  643. `page` = :id;
  644. ";
  645. $stmt = $this->db->prepare($sql);
  646. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  647. $stmt->execute();
  648. $stmt->closeCursor();
  649. unset($stmt);
  650. return true;
  651. } catch(PDOException $e){
  652. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  653. }
  654. }
  655.  
  656. public function swapPage($src, $dst) {
  657. if(is_numeric($src) && is_numeric($dst)) {
  658. $this->db->query("UPDATE `pages` SET `order`=1 WHERE `order`=".$src." LIMIT 1;");
  659. $this->db->query("UPDATE `pages` SET `order`=".$src." WHERE `order`=".$dst." LIMIT 1;");
  660. $this->db->query("UPDATE `pages` SET `order`=".$dst." WHERE `order`=1 LIMIT 1;");
  661. return true;
  662. } else {
  663. return false;
  664. }
  665. }
  666.  
  667. ############################################
  668. # ADVERTS FUNCTIONS
  669. ############################################
  670.  
  671. public function updateAdvert($id, $text, $active)
  672. {
  673. if(!$text) {
  674. $_SESSION['msg']['text'] = 'You need to fill content.';
  675. $_SESSION['msg']['err'] = true;
  676. return false;
  677. }
  678.  
  679. try{
  680. $sql = "
  681. UPDATE
  682. `adverts`
  683. SET
  684. `text` = '".$this->check(stripslashes($text), 'html')."',
  685. `active` = ".$active."
  686. WHERE
  687. `id` = :id
  688. LIMIT 1;
  689. ";
  690.  
  691. $stmt = $this->db->prepare($sql);
  692. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  693. $stmt->execute();
  694. $stmt->closeCursor();
  695. unset($stmt);
  696. } catch(PDOException $e){
  697. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  698. }
  699. return true;
  700. }
  701.  
  702. public function advertDetailsForId($id)
  703. {
  704. try{
  705. $sql = "
  706. SELECT
  707. *
  708. FROM
  709. `adverts`
  710. WHERE
  711. `id` = :id
  712. LIMIT 1;
  713. ";
  714.  
  715. $stmt = $this->db->prepare($sql);
  716. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  717. $stmt->execute();
  718. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  719. $stmt->closeCursor();
  720. $retval['title'] = $this->check($retval['title'], 'htmldec');
  721. $retval['text'] = $this->check($retval['text'], 'htmldec');
  722. return $retval ? $retval : array();
  723. } catch(PDOException $e){
  724. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  725. }
  726. }
  727.  
  728. public function searchAdverts($text="", $page=1, $perpage=5)
  729. {
  730. if($text) $cond .= " AND (`title` LIKE :text OR `text` LIKE :text)";
  731.  
  732. $page < 1 ? $page = 1 : null;
  733. $perpage < 1 ? $perpage = 5 : null;
  734.  
  735. try{
  736.  
  737. $sql = "
  738. SELECT
  739. COUNT(`id`) AS `count`
  740. FROM
  741. `adverts`
  742. WHERE
  743. 1 ".$cond."
  744. ORDER BY
  745. `id` ASC
  746. ";
  747.  
  748. $stmt = $this->db->prepare($sql);
  749. if($text) $stmt->bindValue(':text', '%'.$this->check($text, 'html').'%', PDO::PARAM_STR);
  750. $stmt->execute();
  751. $number = $stmt->fetch(PDO::FETCH_ASSOC);
  752. $stmt->closeCursor();
  753.  
  754. } catch(PDOException $e){
  755. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  756. }
  757.  
  758. $retval['pages'] = ceil($number['count'] / $perpage);
  759. $page > $retval['pages'] ? $page =$retval['pages'] : null;
  760.  
  761. if(!$number['count']) {
  762. return $retval;
  763. }
  764.  
  765. try{
  766. $sql = "
  767. SELECT
  768. *
  769. FROM
  770. `adverts`
  771. WHERE
  772. 1 ".$cond."
  773. ORDER BY
  774. `id` ASC
  775. LIMIT
  776. :page, :perpage;
  777. ";
  778.  
  779. $stmt = $this->db->prepare($sql);
  780. if($text) $stmt->bindValue(':text', '%'.$this->check($text, 'html').'%', PDO::PARAM_STR);
  781. $stmt->bindValue(':page', ($page-1)*$perpage, PDO::PARAM_INT);
  782. $stmt->bindValue(':perpage', $perpage, PDO::PARAM_INT);
  783. $stmt->execute();
  784. $i=1;
  785. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  786. foreach($result as $k => $v) {
  787. $retval['data'][$result['id']][$k] = $v;
  788. }
  789. $retval['data'][$result['id']]['title'] = $this->check($retval['data'][$result['id']]['title'], 'htmldec');
  790. $retval['data'][$result['id']]['text'] = $this->check($retval['data'][$result['id']]['text'], 'htmldec');
  791. $order[$i]['id'] = $result['id'];
  792. $order[$i]['order'] = $result['order'];
  793. $i++;
  794. }
  795. $i = 1;
  796. if($order) foreach($order as $k => $v) {
  797. if($i == 1) {
  798. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  799. $i++;
  800. } elseif ($i == count($result)) {
  801. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  802. $i++;
  803. } else {
  804. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  805. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  806. $i++;
  807. }
  808. }
  809. $stmt->closeCursor();
  810. return $retval;
  811.  
  812. } catch(PDOException $e){
  813. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  814. }
  815.  
  816. }
  817.  
  818. public function listAdverts() {
  819. try{
  820. $sql = "
  821. SELECT
  822. *
  823. FROM
  824. `adverts`
  825. ORDER BY
  826. `id` ASC
  827. ";
  828.  
  829. $stmt = $this->db->prepare($sql);
  830. $stmt->execute();
  831. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  832. foreach($result as $k => $v) {
  833. $retval[$result['id']][$k] = $v;
  834. }
  835. }
  836. $stmt->closeCursor();
  837. return $retval;
  838. } catch(PDOException $e){
  839. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  840. }
  841. }
  842.  
  843. ############################################
  844. # Boxes FUNCTIONS
  845. ############################################
  846.  
  847. public function addBox($title, $text)
  848. {
  849. if(!$title) {
  850. $_SESSION['msg']['text'] = 'You need to fill title.';
  851. $_SESSION['msg']['err'] = true;
  852. return false;
  853. }
  854.  
  855. if(!$text) {
  856. $_SESSION['msg']['text'] = 'You need to fill content.';
  857. $_SESSION['msg']['err'] = true;
  858. return false;
  859. }
  860.  
  861. try{
  862. $sql = "
  863. INSERT INTO
  864. `boxes`
  865. SET
  866. `title` = '".$this->check(stripslashes($title), 'html')."',
  867. `text` = '".$this->check(stripslashes($text), 'html')."'
  868. ";
  869.  
  870. $stmt = $this->db->prepare($sql);
  871. $stmt->execute();
  872. $stmt->closeCursor();
  873. $last = $this->db->lastInsertId();
  874. unset($stmt);
  875. } catch(PDOException $e){
  876. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  877. }
  878. $this->db->query("UPDATE `pages` SET `order`=".$last." WHERE `id`=".$last." LIMIT 1;");
  879. return true;
  880. }
  881.  
  882.  
  883. public function updateBox($id, $title, $text)
  884. {
  885. if(!$title) {
  886. $_SESSION['msg']['text'] = 'You need to fill title.';
  887. $_SESSION['msg']['err'] = true;
  888. return false;
  889. }
  890.  
  891. if(!$text) {
  892. $_SESSION['msg']['text'] = 'You need to fill content.';
  893. $_SESSION['msg']['err'] = true;
  894. return false;
  895. }
  896.  
  897. try{
  898. $sql = "
  899. UPDATE
  900. `boxes`
  901. SET
  902. `title` = '".$this->check(stripslashes($title), 'html')."',
  903. `text` = '".$this->check(stripslashes($text), 'html')."'
  904. WHERE
  905. `id` = :id
  906. LIMIT 1;
  907. ";
  908.  
  909. $stmt = $this->db->prepare($sql);
  910. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  911. $stmt->execute();
  912. $stmt->closeCursor();
  913. unset($stmt);
  914. } catch(PDOException $e){
  915. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  916. }
  917. return true;
  918. }
  919.  
  920. public function boxDetailsForId($id)
  921. {
  922. try{
  923. $sql = "
  924. SELECT
  925. *
  926. FROM
  927. `boxes`
  928. WHERE
  929. `id` = :id
  930. LIMIT 1;
  931. ";
  932.  
  933. $stmt = $this->db->prepare($sql);
  934. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  935. $stmt->execute();
  936. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  937. $stmt->closeCursor();
  938. $retval['title'] = $this->check($retval['title'], 'htmldec');
  939. $retval['text'] = $this->check($retval['text'], 'htmldec');
  940. return $retval ? $retval : array();
  941. } catch(PDOException $e){
  942. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  943. }
  944. }
  945.  
  946. public function searchBoxes($text="", $page=1, $perpage=5)
  947. {
  948. if($text) $cond .= " AND (`title` LIKE :text OR `text` LIKE :text)";
  949.  
  950. $page < 1 ? $page = 1 : null;
  951. $perpage < 1 ? $perpage = 5 : null;
  952.  
  953. try{
  954.  
  955. $sql = "
  956. SELECT
  957. COUNT(`id`) AS `count`
  958. FROM
  959. `boxes`
  960. WHERE
  961. 1 ".$cond."
  962. ORDER BY
  963. `order` ASC
  964. ";
  965.  
  966. $stmt = $this->db->prepare($sql);
  967. if($text) $stmt->bindValue(':text', '%'.$this->check($text, 'html').'%', PDO::PARAM_STR);
  968. $stmt->execute();
  969. $number = $stmt->fetch(PDO::FETCH_ASSOC);
  970. $stmt->closeCursor();
  971.  
  972. } catch(PDOException $e){
  973. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  974. }
  975.  
  976. $retval['pages'] = ceil($number['count'] / $perpage);
  977. $page > $retval['pages'] ? $page =$retval['pages'] : null;
  978.  
  979. if(!$number['count']) {
  980. return $retval;
  981. }
  982.  
  983. try{
  984. $sql = "
  985. SELECT
  986. *
  987. FROM
  988. `boxes`
  989. WHERE
  990. 1 ".$cond."
  991. ORDER BY
  992. `order` ASC
  993. LIMIT
  994. :page, :perpage;
  995. ";
  996.  
  997. $stmt = $this->db->prepare($sql);
  998. if($text) $stmt->bindValue(':text', '%'.$this->check($text, 'html').'%', PDO::PARAM_STR);
  999. $stmt->bindValue(':page', ($page-1)*$perpage, PDO::PARAM_INT);
  1000. $stmt->bindValue(':perpage', $perpage, PDO::PARAM_INT);
  1001. $stmt->execute();
  1002. $i=1;
  1003. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1004. foreach($result as $k => $v) {
  1005. $retval['data'][$result['id']][$k] = $v;
  1006. }
  1007. $retval['data'][$result['id']]['title'] = $this->check($retval['data'][$result['id']]['title'], 'htmldec');
  1008. $retval['data'][$result['id']]['text'] = $this->check($retval['data'][$result['id']]['text'], 'htmldec');
  1009. $order[$i]['id'] = $result['id'];
  1010. $order[$i]['order'] = $result['order'];
  1011. $i++;
  1012. }
  1013. $i = 1;
  1014. if($order) foreach($order as $k => $v) {
  1015. if($i == 1) {
  1016. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  1017. $i++;
  1018. } elseif ($i == count($result)) {
  1019. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  1020. $i++;
  1021. } else {
  1022. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  1023. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  1024. $i++;
  1025. }
  1026. }
  1027. $stmt->closeCursor();
  1028. return $retval;
  1029.  
  1030. } catch(PDOException $e){
  1031. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1032. }
  1033.  
  1034. }
  1035.  
  1036. public function listBoxes() {
  1037. try{
  1038. $sql = "
  1039. SELECT
  1040. *
  1041. FROM
  1042. `boxes`
  1043. ORDER BY
  1044. `order` ASC
  1045. ";
  1046.  
  1047. $stmt = $this->db->prepare($sql);
  1048. $stmt->execute();
  1049. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1050. foreach($result as $k => $v) {
  1051. $retval[$result['id']][$k] = $v;
  1052. }
  1053. }
  1054. $stmt->closeCursor();
  1055. return $retval;
  1056. } catch(PDOException $e){
  1057. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1058. }
  1059. }
  1060.  
  1061. public function delBox($id)
  1062. {
  1063. try{
  1064. $sql = "
  1065. DELETE FROM
  1066. `boxes`
  1067. WHERE
  1068. `id` = :id
  1069. LIMIT 1;
  1070. ";
  1071. $stmt = $this->db->prepare($sql);
  1072. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1073. $stmt->execute();
  1074. $stmt->closeCursor();
  1075. unset($stmt);
  1076. return true;
  1077. } catch(PDOException $e){
  1078. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1079. }
  1080. }
  1081.  
  1082. public function swapBox($src, $dst) {
  1083. if(is_numeric($src) && is_numeric($dst)) {
  1084. $this->db->query("UPDATE `boxes` SET `order`=1 WHERE `order`=".$src." LIMIT 1;");
  1085. $this->db->query("UPDATE `boxes` SET `order`=".$src." WHERE `order`=".$dst." LIMIT 1;");
  1086. $this->db->query("UPDATE `boxes` SET `order`=".$dst." WHERE `order`=1 LIMIT 1;");
  1087. return true;
  1088. } else {
  1089. return false;
  1090. }
  1091. }
  1092.  
  1093. ############################################
  1094. # GALLERIES FUNCTIONS
  1095. ############################################
  1096.  
  1097. public function addGallery($name) {
  1098.  
  1099. if(!$name) {
  1100. $_SESSION['msg']['text'] = 'Podaj nazwę galerii.';
  1101. $_SESSION['msg']['err'] = true;
  1102. return false;
  1103. }
  1104.  
  1105. try{
  1106. $sql = "
  1107. INSERT INTO
  1108. `galleries`
  1109. SET
  1110. `name` = :name
  1111. ";
  1112.  
  1113. $stmt = $this->db->prepare($sql);
  1114. $stmt->bindValue(':name', $name, PDO::PARAM_STR);
  1115. $stmt->execute();
  1116. $stmt->closeCursor();
  1117. $last = $this->db->lastInsertId();
  1118. unset($stmt);
  1119. } catch(PDOException $e){
  1120. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1121. }
  1122. $this->db->query("UPDATE `galleries` SET `order`=".$last." WHERE `id`=".$last." LIMIT 1;");
  1123. return true;
  1124. }
  1125.  
  1126. public function updateGallery($id, $name) {
  1127.  
  1128. if(!$name) {
  1129. $_SESSION['msg']['text'] = 'Podaj nazwę galerii.';
  1130. $_SESSION['msg']['err'] = true;
  1131. return false;
  1132. }
  1133.  
  1134. try{
  1135. $sql = "
  1136. UPDATE
  1137. `galleries`
  1138. SET
  1139. `name` = :name
  1140. WHERE
  1141. `id` = :id
  1142. LIMIT 1;
  1143. ";
  1144.  
  1145. $stmt = $this->db->prepare($sql);
  1146. $stmt->bindValue(':name', $name, PDO::PARAM_STR);
  1147. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1148. $stmt->execute();
  1149. $stmt->closeCursor();
  1150. unset($stmt);
  1151. } catch(PDOException $e){
  1152. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1153. }
  1154. return true;
  1155. }
  1156.  
  1157. public function galleryDetailsForId($id) {
  1158. try{
  1159. $sql = "
  1160. SELECT
  1161. *
  1162. FROM
  1163. `galleries`
  1164. WHERE
  1165. `id` = :id
  1166. LIMIT 1;
  1167. ";
  1168.  
  1169. $stmt = $this->db->prepare($sql);
  1170. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1171. $stmt->execute();
  1172. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  1173. $stmt->closeCursor();
  1174. return $retval ? $retval : array();
  1175.  
  1176. } catch(PDOException $e){
  1177. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1178. }
  1179. }
  1180.  
  1181. public function searchGalleries($text="", $page=1, $perpage=5)
  1182. {
  1183. if($text) $cond .= " AND (`name` LIKE :text)";
  1184.  
  1185. $page < 1 ? $page = 1 : null;
  1186. $perpage < 1 ? $perpage = 5 : null;
  1187.  
  1188. try{
  1189.  
  1190. $sql = "
  1191. SELECT
  1192. COUNT(`id`) AS `count`
  1193. FROM
  1194. `galleries`
  1195. WHERE
  1196. 1 ".$cond."
  1197. ORDER BY
  1198. `order` ASC;
  1199. ";
  1200.  
  1201. $stmt = $this->db->prepare($sql);
  1202. if($text) $stmt->bindValue(':text', '%'.$text.'%', PDO::PARAM_STR);;
  1203. $stmt->execute();
  1204. $number = $stmt->fetch(PDO::FETCH_ASSOC);
  1205. $stmt->closeCursor();
  1206.  
  1207. } catch(PDOException $e){
  1208. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1209. }
  1210.  
  1211. $retval['pages'] = ceil($number['count'] / $perpage);
  1212. $page > $retval['pages'] ? $page =$retval['pages'] : null;
  1213.  
  1214. if(!$number['count']) {
  1215. return $retval;
  1216. }
  1217.  
  1218. try{
  1219. $sql = "
  1220. SELECT
  1221. *
  1222. FROM
  1223. `galleries`
  1224. WHERE
  1225. 1 ".$cond."
  1226. ORDER BY
  1227. `order` ASC
  1228. LIMIT
  1229. :page, :perpage;
  1230. ";
  1231.  
  1232. $stmt = $this->db->prepare($sql);
  1233. if($text) $stmt->bindValue(':text', '%'.$text.'%', PDO::PARAM_STR);;
  1234. $stmt->bindValue(':page', ($page-1)*$perpage, PDO::PARAM_INT);
  1235. $stmt->bindValue(':perpage', $perpage, PDO::PARAM_INT);
  1236. $stmt->execute();
  1237. $i = 1;
  1238. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1239. foreach($result as $k => $v) {
  1240. $retval['data'][$result['id']][$k] = $v;
  1241. }
  1242. $order[$i]['id'] = $result['id'];
  1243. $order[$i]['order'] = $result['order'];
  1244. $i++;
  1245. }
  1246. $i = 1;
  1247. foreach($order as $k => $v) {
  1248. if($i == 1) {
  1249. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  1250. $i++;
  1251. } elseif ($i == count($result)) {
  1252. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  1253. $i++;
  1254. } else {
  1255. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  1256. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  1257. $i++;
  1258. }
  1259. }
  1260.  
  1261. $stmt->closeCursor();
  1262. return $retval;
  1263.  
  1264. } catch(PDOException $e){
  1265. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1266. }
  1267.  
  1268. }
  1269.  
  1270. public function delGallery($id)
  1271. {
  1272. try{
  1273. $sql = "
  1274. DELETE FROM
  1275. `galleries`
  1276. WHERE
  1277. `id` = :id AND `static` = 0;
  1278. LIMIT 1;
  1279. ";
  1280. $stmt = $this->db->prepare($sql);
  1281. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1282. $stmt->execute();
  1283. $stmt->closeCursor();
  1284. unset($stmt);
  1285. return true;
  1286. } catch(PDOException $e){
  1287. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1288. }
  1289. }
  1290.  
  1291. public function listGalleries() {
  1292. try{
  1293. $sql = "
  1294. SELECT
  1295. *
  1296. FROM
  1297. `galleries`
  1298. WHERE
  1299. `id` > 9
  1300. ORDER BY
  1301. `order` ASC
  1302. ";
  1303.  
  1304. $stmt = $this->db->prepare($sql);
  1305. $stmt->execute();
  1306. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1307. foreach($result as $k => $v) {
  1308. $retval[$result['id']][$k] = $v;
  1309. }
  1310. }
  1311. $stmt->closeCursor();
  1312. return $retval;
  1313. } catch(PDOException $e){
  1314. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1315. }
  1316. }
  1317.  
  1318. public function listGalleriesForRedactor() {
  1319. try{
  1320. $sql = "
  1321. SELECT
  1322. *
  1323. FROM
  1324. `galleries`
  1325. ORDER BY
  1326. `order` ASC
  1327. ";
  1328.  
  1329. $stmt = $this->db->prepare($sql);
  1330. $stmt->execute();
  1331. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1332. foreach($result as $k => $v) {
  1333. $retval[$result['id']][$k] = $v;
  1334. }
  1335. $retval[$result['id']]['images'] = $this->imagesForGallery($result['id']);
  1336. }
  1337. $stmt->closeCursor();
  1338. return $retval;
  1339. } catch(PDOException $e){
  1340. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1341. }
  1342. }
  1343.  
  1344.  
  1345. public function swapGallery($src, $dst) {
  1346. if(is_numeric($src) && is_numeric($dst)) {
  1347. $this->db->query("UPDATE `galleries` SET `order`=1 WHERE `order`=".$src." LIMIT 1;");
  1348. $this->db->query("UPDATE `galleries` SET `order`=".$src." WHERE `order`=".$dst." LIMIT 1;");
  1349. $this->db->query("UPDATE `galleries` SET `order`=".$dst." WHERE `order`=1 LIMIT 1;");
  1350. return true;
  1351. } else {
  1352. return false;
  1353. }
  1354. }
  1355.  
  1356. ############################################
  1357. # IMAGES FUNCTIONS
  1358. ############################################
  1359.  
  1360. public function convertUploadedImage($handler)
  1361. {
  1362. global $config;
  1363. list($width, $height) = getimagesize($handler['tmp_name']);
  1364.  
  1365. if($width > $height) {
  1366. if($width > $config['maxw']) {
  1367. $scale = $config['maxw'] / $width;
  1368. $newwidth = $config['maxw'];
  1369. $newheight = floor($height * $scale);
  1370. }
  1371. } else {
  1372. if($height > $config['maxh']) {
  1373. $scale = $config['maxh'] / $height;
  1374. $newheight = $config['maxh'];
  1375. $newwidth = floor($width * $scale);
  1376. }
  1377. }
  1378.  
  1379. if($newwidth && $newheight) {
  1380. $destination = imagecreatetruecolor($newwidth, $newheight);
  1381. $ext = $this->extension($handler['name']);
  1382. switch($ext) {
  1383. case 'jpeg':
  1384. case 'jpg':
  1385. $source = imagecreatefromjpeg($handler['tmp_name']);
  1386. imagecopyresampled($destination, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
  1387. imagejpeg($destination, $handler['tmp_name'], $config['quality']);
  1388. break;
  1389. case 'gif':
  1390. $source = imagecreatefromgif($handler['tmp_name']);
  1391. imagecopyresampled($destination, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
  1392. imagegif($destination, $handler['tmp_name']);
  1393. break;
  1394. case 'png':
  1395. $source = imagecreatefrompng($handler['tmp_name']);
  1396. imagecopyresampled($destination, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
  1397. imagepng($destination, $handler['tmp_name']);
  1398. break;
  1399. }
  1400. }
  1401. }
  1402.  
  1403. public function createThumbnail($source_file, $destination_file)
  1404. {
  1405. global $config;
  1406. list($width, $height) = getimagesize($source_file);
  1407.  
  1408. $scale = $config['maxhm'] / $height;
  1409. $newheight = $config['maxhm'];
  1410. $newwidth = floor($width * $scale);
  1411.  
  1412. $ext = $this->extension($source_file);
  1413. $destination = imagecreatetruecolor($newwidth, $newheight);
  1414. switch($ext) {
  1415. case 'jpeg':
  1416. case 'jpg':
  1417. $source = imagecreatefromjpeg($source_file);
  1418. imagecopyresampled($destination, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
  1419. imagejpeg($destination, $destination_file, $config['qualitym']);
  1420. break;
  1421. case 'gif':
  1422. $source = imagecreatefromgif($source_file);
  1423. imagecopyresampled($destination, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
  1424. imagegif($destination, $destination_file);
  1425. break;
  1426. case 'png':
  1427. $source = imagecreatefrompng($source_file);
  1428. imagecopyresampled($destination, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
  1429. imagepng($destination, $destination_file);
  1430. break;
  1431. }
  1432. }
  1433.  
  1434. public function addImage($gallery, $filename)
  1435. {
  1436. try{
  1437. $sql = "
  1438. INSERT INTO
  1439. `images`
  1440. SET
  1441. `gallery` = :gallery,
  1442. `filename` = :filename
  1443. ";
  1444.  
  1445. $stmt = $this->db->prepare($sql);
  1446. $stmt->bindValue(':gallery', $gallery, PDO::PARAM_INT);
  1447. $stmt->bindValue(':filename', $filename, PDO::PARAM_STR);
  1448. $stmt->execute();
  1449. $stmt->closeCursor();
  1450. $last = $this->db->lastInsertId();
  1451. unset($stmt);
  1452. } catch(PDOException $e){
  1453. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1454. }
  1455. $this->db->query("UPDATE `images` SET `order`=".$last." WHERE `id`=".$last." LIMIT 1;");
  1456. return true;
  1457.  
  1458. }
  1459.  
  1460. public function imagesForGallery($gallery)
  1461. {
  1462. try{
  1463. $sql = "
  1464. SELECT
  1465. *
  1466. FROM
  1467. `images`
  1468. WHERE
  1469. `gallery` = :gallery
  1470. ORDER BY
  1471. `order` ASC
  1472. ";
  1473.  
  1474. $stmt = $this->db->prepare($sql);
  1475. $stmt->bindValue(':gallery', $gallery, PDO::PARAM_INT);
  1476. $stmt->execute();
  1477. $i = 1;
  1478. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1479. foreach($result as $k => $v) {
  1480. $retval[$result['id']][$k] = $v;
  1481. }
  1482. $order[$i]['id'] = $result['id'];
  1483. $order[$i]['order'] = $result['order'];
  1484. $i++;
  1485. }
  1486. if($order) {
  1487. $i = 1;
  1488. foreach($order as $k => $v) {
  1489. if($i == 1) {
  1490. $retval[$v['id']]['next'] = $order[$i+1]['order'];
  1491. $i++;
  1492. } elseif ($i == count($result)) {
  1493. $retval[$v['id']]['prev'] = $order[$i-1]['order'];
  1494. $i++;
  1495. } else {
  1496. $retval[$v['id']]['next'] = $order[$i+1]['order'];
  1497. $retval[$v['id']]['prev'] = $order[$i-1]['order'];
  1498. $i++;
  1499. }
  1500. }
  1501. }
  1502. $stmt->closeCursor();
  1503. return $retval;
  1504. } catch(PDOException $e){
  1505. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1506. }
  1507. }
  1508.  
  1509. public function delImage ($id)
  1510. {
  1511. global $config;
  1512. try{
  1513. $sql = "
  1514. SELECT
  1515. `filename`
  1516. FROM
  1517. `images`
  1518. WHERE
  1519. `id` = :id
  1520. LIMIT 1
  1521. ;";
  1522.  
  1523. $stmt = $this->db->prepare($sql);
  1524. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1525. $stmt->execute();
  1526. $image = $stmt->fetch(PDO::FETCH_ASSOC);
  1527. $stmt->closeCursor();
  1528. } catch(PDOException $e){
  1529. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1530. }
  1531.  
  1532. if($image['filename']) {
  1533. try{
  1534. $sql = "
  1535. DELETE FROM
  1536. `images`
  1537. WHERE
  1538. `id` = :id
  1539. LIMIT 1
  1540. ;";
  1541.  
  1542. $stmt = $this->db->prepare($sql);
  1543. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1544. $stmt->execute();
  1545. if($stmt->rowCount()) {
  1546. $stmt->closeCursor();
  1547. unset($stmt);
  1548. unlink($config['imagedir'].'/'.$image['filename']);
  1549. unlink($config['thumbdir'].'/'.$image['filename']);
  1550. return true;
  1551. }
  1552. } catch(PDOException $e){
  1553. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1554. }
  1555. }
  1556. return false;
  1557. }
  1558.  
  1559. public function swapImage($gallery, $src, $dst) {
  1560. if(is_numeric($src) && is_numeric($dst) && is_numeric($gallery)) {
  1561. $this->db->query("UPDATE `images` SET `order`=1 WHERE `gallery`=".$gallery." AND `order`=".$src." LIMIT 1;");
  1562. $this->db->query("UPDATE `images` SET `order`=".$src." WHERE `gallery`=".$gallery." AND `order`=".$dst." LIMIT 1;");
  1563. $this->db->query("UPDATE `images` SET `order`=".$dst." WHERE `gallery`=".$gallery." AND `order`=1 LIMIT 1;");
  1564. return true;
  1565. } else {
  1566. return false;
  1567. }
  1568. }
  1569.  
  1570. ############################################
  1571. # FILES FUNCTIONS
  1572. ############################################
  1573.  
  1574. function addDownload($name) {
  1575.  
  1576. if(!$name) {
  1577. $_SESSION['msg']['title'] = 'Podaj nazwę kategorii.';
  1578. $_SESSION['msg']['err'] = true;
  1579. return false;
  1580. }
  1581.  
  1582. try{
  1583. $sql = "
  1584. INSERT INTO
  1585. `download`
  1586. SET
  1587. `name` = :name
  1588. ";
  1589.  
  1590. $stmt = $this->db->prepare($sql);
  1591. $stmt->bindValue(':name', $name, PDO::PARAM_STR);
  1592. $stmt->execute();
  1593. $stmt->closeCursor();
  1594. $last = $this->db->lastInsertId();
  1595. unset($stmt);
  1596. } catch(PDOException $e){
  1597. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1598. }
  1599. $this->db->query("UPDATE `download` SET `order`=".$last." WHERE `id`=".$last." LIMIT 1;");
  1600. return true;
  1601. }
  1602.  
  1603. function listDownload() {
  1604. try{
  1605. $sql = "
  1606. SELECT
  1607. *
  1608. FROM
  1609. `download`
  1610. WHERE
  1611. `id` > 9
  1612. ORDER BY
  1613. `order` ASC
  1614. ";
  1615.  
  1616. $stmt = $this->db->prepare($sql);
  1617. $stmt->execute();
  1618. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1619. foreach($result as $k => $v) {
  1620. $retval[$result['id']][$k] = $v;
  1621. }
  1622. //$retval[$result['id']]['ext'] = $this->extension($retval[$result['id']]['filename']);
  1623. }
  1624. $stmt->closeCursor();
  1625. return $retval;
  1626. } catch(PDOException $e){
  1627. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1628. }
  1629. }
  1630.  
  1631. function updateDownload($id, $name) {
  1632.  
  1633. if(!$name) {
  1634. $_SESSION['msg']['title'] = 'Podaj nazwę kategorii.';
  1635. $_SESSION['msg']['err'] = true;
  1636. return false;
  1637. }
  1638.  
  1639. try{
  1640. $sql = "
  1641. UPDATE
  1642. `download`
  1643. SET
  1644. `name` = :name
  1645. WHERE
  1646. `id` = :id
  1647. LIMIT 1;
  1648. ";
  1649.  
  1650. $stmt = $this->db->prepare($sql);
  1651. $stmt->bindValue(':name', $name, PDO::PARAM_STR);
  1652. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1653. $stmt->execute();
  1654. $stmt->closeCursor();
  1655. unset($stmt);
  1656. } catch(PDOException $e){
  1657. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1658. }
  1659. return true;
  1660. }
  1661.  
  1662. function downloadDetailsForId($id) {
  1663. try{
  1664. $sql = "
  1665. SELECT
  1666. *
  1667. FROM
  1668. `download`
  1669. WHERE
  1670. `id` = :id
  1671. LIMIT 1;
  1672. ";
  1673.  
  1674. $stmt = $this->db->prepare($sql);
  1675. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1676. $stmt->execute();
  1677. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  1678. $stmt->closeCursor();
  1679. return $retval ? $retval : array();
  1680.  
  1681. } catch(PDOException $e){
  1682. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1683. }
  1684. }
  1685.  
  1686. function searchDownload($text="", $page=1, $perpage=5)
  1687. {
  1688. if($text) $cond .= " AND (`name` LIKE :text)";
  1689.  
  1690. $page < 1 ? $page = 1 : null;
  1691. $perpage < 1 ? $perpage = 5 : null;
  1692.  
  1693. try{
  1694.  
  1695. $sql = "
  1696. SELECT
  1697. COUNT(`id`) AS `count`
  1698. FROM
  1699. `download`
  1700. WHERE
  1701. 1 ".$cond."
  1702. ORDER BY
  1703. `order` ASC;
  1704. ";
  1705.  
  1706. $stmt = $this->db->prepare($sql);
  1707. if($text) $stmt->bindValue(':text', '%'.$text.'%', PDO::PARAM_STR);;
  1708. $stmt->execute();
  1709. $number = $stmt->fetch(PDO::FETCH_ASSOC);
  1710. $stmt->closeCursor();
  1711.  
  1712. } catch(PDOException $e){
  1713. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1714. }
  1715.  
  1716. $retval['pages'] = ceil($number['count'] / $perpage);
  1717. $page > $retval['pages'] ? $page =$retval['pages'] : null;
  1718.  
  1719. if(!$number['count']) {
  1720. return $retval;
  1721. }
  1722.  
  1723. try{
  1724. $sql = "
  1725. SELECT
  1726. *
  1727. FROM
  1728. `download`
  1729. WHERE
  1730. 1 ".$cond."
  1731. ORDER BY
  1732. `order` ASC
  1733. LIMIT
  1734. :page, :perpage;
  1735. ";
  1736.  
  1737. $stmt = $this->db->prepare($sql);
  1738. if($text) $stmt->bindValue(':text', '%'.$text.'%', PDO::PARAM_STR);;
  1739. $stmt->bindValue(':page', ($page-1)*$perpage, PDO::PARAM_INT);
  1740. $stmt->bindValue(':perpage', $perpage, PDO::PARAM_INT);
  1741. $stmt->execute();
  1742. $i = 1;
  1743. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1744. foreach($result as $k => $v) {
  1745. $retval['data'][$result['id']][$k] = $v;
  1746. }
  1747. $order[$i]['id'] = $result['id'];
  1748. $order[$i]['order'] = $result['order'];
  1749. $i++;
  1750. }
  1751. $i = 1;
  1752. foreach($order as $k => $v) {
  1753. if($i == 1) {
  1754. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  1755. $i++;
  1756. } elseif ($i == count($result)) {
  1757. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  1758. $i++;
  1759. } else {
  1760. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  1761. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  1762. $i++;
  1763. }
  1764. }
  1765.  
  1766. $stmt->closeCursor();
  1767. return $retval;
  1768.  
  1769. } catch(PDOException $e){
  1770. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1771. }
  1772.  
  1773. }
  1774.  
  1775. function delDownload($id)
  1776. {
  1777. try{
  1778. $sql = "
  1779. DELETE FROM
  1780. `download`
  1781. WHERE
  1782. `id` = :id AND `static` = 0
  1783. LIMIT 1;
  1784. ";
  1785. $stmt = $this->db->prepare($sql);
  1786. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1787. $stmt->execute();
  1788. $stmt->closeCursor();
  1789. unset($stmt);
  1790. return true;
  1791. } catch(PDOException $e){
  1792. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1793. }
  1794. }
  1795.  
  1796. function swapDownload($src, $dst) {
  1797. if(is_numeric($src) && is_numeric($dst)) {
  1798. $this->db->query("UPDATE `download` SET `order`=1 WHERE `order`=".$src." LIMIT 1;");
  1799. $this->db->query("UPDATE `download` SET `order`=".$src." WHERE `order`=".$dst." LIMIT 1;");
  1800. $this->db->query("UPDATE `download` SET `order`=".$dst." WHERE `order`=1 LIMIT 1;");
  1801. return true;
  1802. } else {
  1803. return false;
  1804. }
  1805. }
  1806.  
  1807. ############################################
  1808. # FILES FUNCTIONS
  1809. ############################################
  1810.  
  1811. function addFile($download, $filename, $filetitle)
  1812. {
  1813. try{
  1814. $sql = "
  1815. INSERT INTO
  1816. `files`
  1817. SET
  1818. `download` = :download,
  1819. `filename` = :filename,
  1820. `filetitle` = :filetitle
  1821. ";
  1822.  
  1823. $stmt = $this->db->prepare($sql);
  1824. $stmt->bindValue(':download', $download, PDO::PARAM_INT);
  1825. $stmt->bindValue(':filename', $filename, PDO::PARAM_STR);
  1826. $stmt->bindValue(':filetitle', $filetitle, PDO::PARAM_STR);
  1827. $stmt->execute();
  1828. $stmt->closeCursor();
  1829. $last = $this->db->lastInsertId();
  1830. unset($stmt);
  1831. } catch(PDOException $e){
  1832. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1833. }
  1834. $this->db->query("UPDATE `files` SET `order`=".$last." WHERE `id`=".$last." LIMIT 1;");
  1835. return true;
  1836.  
  1837. }
  1838.  
  1839. function filesForDownload($download)
  1840. {
  1841. try{
  1842. $sql = "
  1843. SELECT
  1844. *
  1845. FROM
  1846. `files`
  1847. WHERE
  1848. `download` = :download
  1849. ORDER BY
  1850. `order` ASC
  1851. ";
  1852.  
  1853. $stmt = $this->db->prepare($sql);
  1854. $stmt->bindValue(':download', $download, PDO::PARAM_INT);
  1855. $stmt->execute();
  1856. $i = 1;
  1857. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  1858. foreach($result as $k => $v) {
  1859. $retval[$result['id']][$k] = $v;
  1860. }
  1861. $retval[$result['id']]['ext'] = $this->extension($retval[$result['id']]['filename']);
  1862. $order[$i]['id'] = $result['id'];
  1863. $order[$i]['order'] = $result['order'];
  1864. $i++;
  1865. }
  1866. if($order) {
  1867. $i = 1;
  1868. foreach($order as $k => $v) {
  1869. if($i == 1) {
  1870. $retval[$v['id']]['next'] = $order[$i+1]['order'];
  1871. $i++;
  1872. } elseif ($i == count($result)) {
  1873. $retval[$v['id']]['prev'] = $order[$i-1]['order'];
  1874. $i++;
  1875. } else {
  1876. $retval[$v['id']]['next'] = $order[$i+1]['order'];
  1877. $retval[$v['id']]['prev'] = $order[$i-1]['order'];
  1878. $i++;
  1879. }
  1880. }
  1881. }
  1882. $stmt->closeCursor();
  1883. return $retval;
  1884. } catch(PDOException $e){
  1885. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1886. }
  1887. }
  1888.  
  1889. function delFile ($id)
  1890. {
  1891. global $config;
  1892. try{
  1893. $sql = "
  1894. SELECT
  1895. `filename`
  1896. FROM
  1897. `files`
  1898. WHERE
  1899. `id` = :id
  1900. LIMIT 1
  1901. ;";
  1902.  
  1903. $stmt = $this->db->prepare($sql);
  1904. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1905. $stmt->execute();
  1906. $image = $stmt->fetch(PDO::FETCH_ASSOC);
  1907. $stmt->closeCursor();
  1908. } catch(PDOException $e){
  1909. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1910. }
  1911.  
  1912. if($image['filename']) {
  1913. try{
  1914. $sql = "
  1915. DELETE FROM
  1916. `files`
  1917. WHERE
  1918. `id` = :id
  1919. LIMIT 1
  1920. ;";
  1921.  
  1922. $stmt = $this->db->prepare($sql);
  1923. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1924. $stmt->execute();
  1925. if($stmt->rowCount()) {
  1926. $stmt->closeCursor();
  1927. unset($stmt);
  1928. unlink($config['filedir'].'/'.$image['filename']);
  1929. return true;
  1930. }
  1931. } catch(PDOException $e){
  1932. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1933. }
  1934. }
  1935. return false;
  1936. }
  1937.  
  1938. function fileDetailsForId($id) {
  1939. try{
  1940. $sql = "
  1941. SELECT
  1942. *
  1943. FROM
  1944. `files`
  1945. WHERE
  1946. `id` = :id
  1947. LIMIT 1;
  1948. ";
  1949.  
  1950. $stmt = $this->db->prepare($sql);
  1951. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1952. $stmt->execute();
  1953. $retval = $stmt->fetch(PDO::FETCH_ASSOC);
  1954. $stmt->closeCursor();
  1955. return $retval ? $retval : array();
  1956.  
  1957. } catch(PDOException $e){
  1958. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  1959. }
  1960. }
  1961.  
  1962. function swapFile($download, $src, $dst) {
  1963. if(is_numeric($src) && is_numeric($dst) && is_numeric($download)) {
  1964. $this->db->query("UPDATE `files` SET `order`=1 WHERE `download`=".$download." AND `order`=".$src." LIMIT 1;");
  1965. $this->db->query("UPDATE `files` SET `order`=".$src." WHERE `download`=".$download." AND `order`=".$dst." LIMIT 1;");
  1966. $this->db->query("UPDATE `files` SET `order`=".$dst." WHERE `download`=".$download." AND `order`=1 LIMIT 1;");
  1967. return true;
  1968. } else {
  1969. return false;
  1970. }
  1971. }
  1972.  
  1973. function updateFile($id, $filetitle) {
  1974.  
  1975.  
  1976. if(!$filetitle) {
  1977. $_SESSION['msg']['title'] = 'Podaj opis pliku.';
  1978. $_SESSION['msg']['err'] = true;
  1979. return false;
  1980. }
  1981.  
  1982. try{
  1983. $sql = "
  1984. UPDATE
  1985. `files`
  1986. SET
  1987. `filetitle` = :filetitle
  1988. WHERE
  1989. `id` = :id
  1990. LIMIT 1;
  1991. ";
  1992.  
  1993. $stmt = $this->db->prepare($sql);
  1994. $stmt->bindValue(':filetitle', $filetitle, PDO::PARAM_STR);
  1995. $stmt->bindValue(':id', $id, PDO::PARAM_INT);
  1996. $stmt->execute();
  1997. $stmt->closeCursor();
  1998. unset($stmt);
  1999. } catch(PDOException $e){
  2000. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  2001. }
  2002. return true;
  2003. }
  2004.  
  2005. function searchFiles($text="", $page=1, $perpage=5)
  2006. {
  2007. if($text) $cond .= " AND (`filetitle` LIKE :text)";
  2008.  
  2009. $page < 1 ? $page = 1 : null;
  2010. $perpage < 1 ? $perpage = 5 : null;
  2011.  
  2012. try{
  2013.  
  2014. $sql = "
  2015. SELECT
  2016. COUNT(`id`) AS `count`
  2017. FROM
  2018. `files`
  2019. WHERE
  2020. 1 ".$cond."
  2021. ORDER BY
  2022. `order` ASC;
  2023. ";
  2024.  
  2025. $stmt = $this->db->prepare($sql);
  2026. if($text) $stmt->bindValue(':text', '%'.$text.'%', PDO::PARAM_STR);;
  2027. $stmt->execute();
  2028. $number = $stmt->fetch(PDO::FETCH_ASSOC);
  2029. $stmt->closeCursor();
  2030.  
  2031. } catch(PDOException $e){
  2032. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  2033. }
  2034.  
  2035. $retval['pages'] = ceil($number['count'] / $perpage);
  2036. $page > $retval['pages'] ? $page =$retval['pages'] : null;
  2037.  
  2038. if(!$number['count']) {
  2039. return $retval;
  2040. }
  2041.  
  2042. try{
  2043. $sql = "
  2044. SELECT
  2045. *
  2046. FROM
  2047. `files`
  2048. WHERE
  2049. 1 ".$cond."
  2050. ORDER BY
  2051. `order` ASC
  2052. LIMIT
  2053. :page, :perpage;
  2054. ";
  2055.  
  2056. $stmt = $this->db->prepare($sql);
  2057. if($text) $stmt->bindValue(':text', '%'.$text.'%', PDO::PARAM_STR);;
  2058. $stmt->bindValue(':page', ($page-1)*$perpage, PDO::PARAM_INT);
  2059. $stmt->bindValue(':perpage', $perpage, PDO::PARAM_INT);
  2060. $stmt->execute();
  2061. $i = 1;
  2062. while($result = $stmt->fetch(PDO::FETCH_ASSOC)) {
  2063. foreach($result as $k => $v) {
  2064. $retval['data'][$result['id']][$k] = $v;
  2065. }
  2066. $retval['data'][$result['id']]['ext'] = $this->extension($retval['data'][$result['id']]['filename']);
  2067. $order[$i]['id'] = $result['id'];
  2068. $order[$i]['order'] = $result['order'];
  2069. $i++;
  2070. }
  2071. $i = 1;
  2072. foreach($order as $k => $v) {
  2073. if($i == 1) {
  2074. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  2075. $i++;
  2076. } elseif ($i == count($result)) {
  2077. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  2078. $i++;
  2079. } else {
  2080. $retval['data'][$v['id']]['next'] = $order[$i+1]['order'];
  2081. $retval['data'][$v['id']]['prev'] = $order[$i-1]['order'];
  2082. $i++;
  2083. }
  2084. }
  2085.  
  2086. $stmt->closeCursor();
  2087. return $retval;
  2088.  
  2089. } catch(PDOException $e){
  2090. DEBUG ? die('SQL Error: '.$e->getMessage()) : die();
  2091. }
  2092.  
  2093. }
  2094.  
  2095.  
  2096. }
  2097.  
  2098. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!