Location: PHPKode > projects > RAMUI WEBBLOG > fw_blog/include/clsdatabase.php
<?php
/*
Copyright (c) 2008 http://ramui.com. All right reserved.
This product is protected by copyright and distributed under licenses restricting copying, distribution. Permission is granted to the public to download and use this script provided that this Notice and any statement of authorship are reproduced in every page on all copies of the script.
*/
class database extends connection
{
private $root;
private $dynamic=array();
private $admin=false;
function __construct($root)
{
         parent::__construct($root);
//Check if database error.
         if(!(empty($this->error))){
                $loc=fw_abs_to_url($root)."error.php?type=1";
                @header("Location: $loc");
                exit;}
//check if site is blocked.
         $this->validate_user();
         $site=$this->siteinf();
                if(($site['blocksite']=='Y')&&(!$this->admin)){
                $loc=fw_abs_to_url($root)."error.php?type=3";
                @header("Location: $loc");
                exit;}
         $this->root=$root;
}

private function validate_user()
{
        $query  = "SELECT login, session FROM ".$this->prefix."admin";
        $result = @mysql_query($query);
        $row = @mysql_fetch_array($result, MYSQL_ASSOC);
        $this->admin=(isset($_SESSION['fw_admin'])&&($_SESSION['fw_admin']===$row['session']) && ($_SERVER['REMOTE_ADDR']==$row['login']));
}

public function get_page_array()
{
//Extract pagename request.
         if((substr($_SERVER['SCRIPT_NAME'], strlen(fw_get_docroot())))!=='fw_blog.php'){exit;}
         $pagename=htmlspecialchars(fw_strip_slashes(@$_GET['fw_postname']));
//Validate pagename.
         if((@substr($pagename,0,8)==='fw_blog/')||(!fw_validate_pagename($pagename))){
                $pagename=fw_add_slashes($pagename);
                $loc=fw_abs_to_url($this->root)."error.php?type=2&source=$pagename";
                @header("Location: $loc");
                exit;}
         if(!isset($_SESSION['fw_preview'])){$this->webstat();}
         $page_array=$this->postinf($pagename);
         if(empty($page_array)){$page_array=$this->pageinf($pagename);}
         if(empty($page_array)&&($pagename=='sitemap')){$sitemap=new sitemap($this->prefix); return $sitemap->page($this->siteinf('sitename'));}
         if(empty($page_array)&&(substr($pagename,-6)==='/index')){
                $page_dir=substr($pagename,0,-5);
                $map=new map($this->prefix);
                return $map->page($page_dir);}
         if(empty($page_array)){
                $loc=fw_abs_to_url($this->root)."error.php?type=2&source=".$pagename;
                @header("Location: $loc");
                exit;}
         return $page_array;
}

private function pageinf($page)
{
        $query  = sprintf("SELECT* FROM ".$this->prefix."pageinf WHERE pagename = '%s'",mysql_real_escape_string($page));
        if((isset($_SESSION['fw_preview']))&&($this->admin)){$query  = "SELECT* FROM ".$this->prefix."preview";}
        $result= @mysql_query($query);
        $row= @mysql_fetch_array($result, MYSQL_ASSOC);
        unset($_SESSION['fw_preview']);
        if(@array_key_exists('content',$row)){$this->format_content($row['content'],$page);}
        if(@array_key_exists('allowcomments',$row)){$row['allowcomments']=(($row['allowcomments']=='Y')? 'page'.$row['id'] : '');}
        return (($row['publish']=='Y')? $row : false);
}

private function postinf($post)
{
        $query  = sprintf("SELECT* FROM ".$this->prefix."postinf WHERE pagename = '%s'",mysql_real_escape_string($post));
        if(isset($_SESSION['fw_preview'])){return false;}
        $result= @mysql_query($query);
        $row= @mysql_fetch_array($result, MYSQL_ASSOC);
        if(@array_key_exists('content',$row)){
              $this->format_content($row['content'],$post);
              if((substr_count($row['content'],'<fw_pagebreak/>'))>0){
                      $totalpages=1+substr_count($row['content'],'<fw_pagebreak/>');
                      $current_page=fw_get_querydata('fw_pageno');
                      if((!(is_numeric($current_page)))||($current_page===false)){$current_page=1;}
                      if($current_page<$totalpages){$row['allowcomments']='';}
                      $row['content']=fw_get_currentpagecontent($row['content'],$current_page);
                      $row['content'].='<div id="fw_pageblock"><b>Total no. of pages: '.$totalpages.'</b>&nbsp;&nbsp;';
                      for($i=1; $i<=$totalpages; $i++){$row['content'].=(($i==$current_page)? '<span>'.$i.'</span>' : '<a href="http://'.getenv("HTTP_HOST").fw_get_docroot().$post.'.html?fw_pageno='.$i.'">'.$i.'</a>');}
                      $row['content'].='</div>';
              }
        }
        while($this->find_addon($row['heads'])){}
        fw_uploadpath($row['heads']);
        while($this->find_dynamic($row['content'])){}
        $this->recent_post($row['content']);
        $this->top_post($row['content']);
        if($this->admin){
              $adminpath='http://'.getenv("HTTP_HOST").fw_get_docroot().'fw_blog/admin/';
              $row['content']='<div style="padding:0 0 10px 0; text-align:right;"><a href="javascript:fw_editthispage('.$row['id'].',\''.$adminpath.'\')">Edit this page</a> || <a href="'.$adminpath.'index.php?qur=0M5">Log out</a></div>'.$row['content'];}
        if(@array_key_exists('allowcomments',$row)){$row['allowcomments']=(($row['allowcomments']=='Y')? 'post'.$row['id'] : '');}
        return (($row['publish']=='Y')? $row : false);
}

public function get_comments($page)
{
        if(!fw_validate_pagename($page)){exit;}
        $query=sprintf("SELECT ".$this->prefix."comments.*, ".$this->prefix."user.website FROM ".$this->prefix."comments, ".$this->prefix."user WHERE ".$this->prefix."comments.user = ".$this->prefix."user.user AND ".$this->prefix."comments.pagename = '%s' AND ".$this->prefix."comments.publish = 'Y' ORDER BY ".$this->prefix."comments.date",mysql_real_escape_string($page));
        $result= @mysql_query($query);
        $str='';
        while($row = @mysql_fetch_array($result, MYSQL_ASSOC)){
                $str.='<h2>'.$row['title'].'</h2><div><span class="fw_commentby">COMMENT BY:</span> ';
                if($row['website']==''){$str.=$row['user'];}
                else{$str.='<a href="'.((strpos($row['website'],'http://')===false)? 'http://'.$row['website'] : $row['website']).'" target="_blank">'.$row["user"].'</a>';}
                $str.=' <span class="fw_commentby">DATE:</span> '.date("M d, H:i", $row['date']).'</div>';
                $comment= html_entity_decode($row['comment'],ENT_QUOTES);
                $this->format_content($comment,'');
                $str.='<div class="fw_commentbody">'.$comment.'</div>';}
        return $str;
}

private function webstat()
{
        $browser=addslashes($_SERVER['HTTP_USER_AGENT']);
        $ip=$_SERVER['REMOTE_ADDR'];
        $frompage = 'continue';
        $pos=strpos($_SERVER['REQUEST_URI'],'.');
        $pos=strpos($_SERVER['REQUEST_URI'],'.');
        $length=strlen(fw_get_docroot());
        $pagename=addslashes(substr($_SERVER['REQUEST_URI'],$length,$pos-$length));
        if($pagename==''){$pagename='index';}
        $dt=time();
        if(empty($_SESSION['fw_identifier'])){
                  if($this->get_session()==false){return;}
                  $frompage=$_SERVER['HTTP_REFERER'];
                  if(empty($frompage)){$frompage='direct';}
                  $this->store_keywords($frompage,$pagename,$dt);
                  $frompage=addslashes($frompage);}
        $user=$_SESSION['fw_identifier'];
        $query="INSERT INTO ".$this->prefix."webstat(pagename, frompage, user, ip, browser, minutes, date) VALUES ('$pagename', '$frompage', '$user', '$ip', '$browser', 0, $dt)";
        @mysql_query($query);
}

private function get_session()
{
        $domain='.'.str_replace('www.','',getenv('HTTP_HOST'));
        if(!isset($_COOKIE['fw_identifier'])){
                if(!(setcookie('fw_identifier',str_replace('.','',$_SERVER['REMOTE_ADDR']).time(),time()+3600*24*365,'/',$domain,false,true))){return false;}
                $_SESSION['fw_identifier']=str_replace('.','',$_SERVER['REMOTE_ADDR']).time();}
        else{
                $_SESSION['fw_identifier']=$_COOKIE['fw_identifier'];
                setcookie('fw_identifier',$_SESSION['fw_identifier'],time()+3600*24*365,'/',$domain,false,true);}
        return true;
}

private function store_keywords($from,$pagename,$dt)
{
        $google='http://www.google.';
        $yahoo='yahoo.com/';
        $live='http://www.bing.com/search?';
        if((strpos($from,$google)===false)&&(strpos($from,$yahoo)===false)&&(strpos($from,$live)===false)){return;}
        if(strpos($from, '?')===false){return;}
        $referer=str_replace('http://','',$from);
        $referer=substr($referer,0,strpos($referer,'/'));
        $x=strpos($from,'q=');
        if($x===false){$x=strpos($from,'p=');}
        if($x!==false){
              $key=substr($from,$x+2);
              $key=((strpos($key,'&')===false)? $key : substr($key,0,strpos($key,'&')));
              $key=addslashes(htmlspecialchars(substr(urldecode($key),0,250)));
              $query="INSERT INTO ".$this->prefix."keywords(pagename, searchengine, searchkey, date) VALUES ('$pagename', '$referer', '$key', $dt)";
              @mysql_query($query);}
}

private function format_content(&$content,$page)
{
        while(fw_find_code($content,$page)){}
        while($this->find_addon($content)){}
        fw_uploadpath($content);
}

private function find_addon(&$content)
{
         $start=strpos($content,'<addon>');
         $end=strpos($content,'</addon>');
         if(($start===false)||($end===false)||($start > $end)){return $false;}
         $firstpart=substr($content,0,$start);
         $lastpart=substr($content,$end +8);
         $page=trim(substr($content,$start+7,($end-$start-7)));
         $addon=$this->get_addon($page);
         $code=(empty($addon['content'])? '' : $addon['content']);
         $content=$firstpart.$code.$lastpart;
         return true;
}

public function recent_post(&$content)
{
         $start=strpos($content,'<recentpost>');
         $end=strpos($content,'</recentpost>');
         if(($start===false)||($end===false)||($start > $end)){return $false;}
         $recent='';
         $firstpart=substr($content,0,$start);
         $lastpart=substr($content,$end +13);
         $count=trim(substr($content,$start+12,($end-$start-12)));
         $count=round($count);
         if(empty($count)){$count=5;}
         $query="SELECT pagename, title, description, allowcomments FROM ".$this->prefix."postinf WHERE publish = 'Y' AND addtomenu = 'Y' AND description <> '' ORDER BY id Desc LIMIT 0, $count";
         $result= @mysql_query($query);
         while($row= @mysql_fetch_array($result, MYSQL_ASSOC)){
                 $url='http://'.getenv('HTTP_HOST').fw_get_docroot().$row['pagename'].'.html';
                 $recent.='<div class="fw_listitem"><h2><a href="'.$url.'">'.$row['title'].'</a></h2>';
                 $recent.='<p>'.$row['description'].'</p>';
                 if($row['allowcomments']=='Y'){
                       $recent.='<p style="text-align:right;">';
                       $recent.='<a href="'.$url.'#comments">Read comments</a> | <a href="'.$url.'#addcomment">Add comment</a></p>';}
                 $recent.='</div>';
         }
         if($recent!=''){$recent='<div id="fw_recentpost"><div class="fw_caption">Recent Post:</div>'.$recent.'</div>';}
         $content=$firstpart.$recent.$lastpart;
         return true;
}

public function top_post(&$content)
{
         $start=strpos($content,'<toppost>');
         $end=strpos($content,'</toppost>');
         if(($start===false)||($end===false)||($start > $end)){return $false;}
         $recent='';
         $firstpart=substr($content,0,$start);
         $lastpart=substr($content,$end +10);
         $count=trim(substr($content,$start+9,($end-$start-9)));
         $count=round($count);
         if(empty($count)){$count=5;}
         $last7=time()-7*24*60*60;
         $query="SELECT ".$this->prefix."webstat.pagename, ".$this->prefix."postinf.title, ".$this->prefix."postinf.description, ".$this->prefix."postinf.allowcomments FROM ";
         $query.=$this->prefix."webstat, ".$this->prefix."postinf WHERE ";
         $query.=$this->prefix."postinf.publish = 'Y' AND ".$this->prefix."postinf.addtomenu = 'Y' AND ".$this->prefix."postinf.description <> '' AND ";
         $query.=$this->prefix."webstat.date > ".$last7." AND ".$this->prefix."postinf.pagename = ".$this->prefix."webstat.pagename GROUP BY ".$this->prefix."webstat.pagename ORDER BY SUM(".$this->prefix."webstat.minutes) DESC LIMIT 0, $count";
         $result = @mysql_query($query);
         $result= @mysql_query($query);
         while($row= @mysql_fetch_array($result, MYSQL_ASSOC)){
                 $url='http://'.getenv('HTTP_HOST').fw_get_docroot().$row['pagename'].'.html';
                 $recent.='<div class="fw_listitem"><h2><a href="'.$url.'">'.$row['title'].'</a></h2>';
                 $recent.='<p>'.$row['description'].'</p>';
                 if($row['allowcomments']=='Y'){
                       $recent.='<p style="text-align:right;">';
                       $recent.='<a href="'.$url.'#comments">Read comments</a> | <a href="'.$url.'#addcomment">Add comment</a></p>';}
                 $recent.='</div>';
         }
         if($recent!=''){$recent='<div id="fw_toppost"><div class="fw_caption">Top Story:</div>'.$recent.'</div>';}
         $content=$firstpart.$recent.$lastpart;
         return true;
}

private function find_dynamic(&$content)
{
         static $n=0;
         $n++;
         $path=fw_abs_to_url(str_replace('include/clsdatabase.php','admin/',__FILE__));
         $start=strpos($content,'<dynamic>');
         $end=strpos($content,'</dynamic>');
         if(($start===false)||($end===false)||($start > $end)){return $false;}
         $firstpart=substr($content,0,$start);
         $lastpart=substr($content,$end +10);
         $page=trim(substr($content,$start+9,($end-$start-9)));
         $this->dynamic[]='fw_getaddon("'.$path.'","'.$page.'","fw_dynamic'.$n.'")';
         $code='<div id="fw_dynamic'.$n.'"></div>';
         $content=$firstpart.$code.$lastpart;
         return true;
}

public function get_addon($page)
{
        if(!fw_validate_pagename($page)){return false;}
        $query  = sprintf("SELECT content FROM ".$this->prefix."addonpage WHERE pagename = '%s'",mysql_real_escape_string($page));
        $result= @mysql_query($query);
        $row= @mysql_fetch_array($result, MYSQL_ASSOC);
        if($row===false){return false;}
        fw_uploadpath($row);
        return $row;
}

public function download_code($page,$n)
{
        if(!fw_validate_pagename($page)){exit;}
        $query  = sprintf("SELECT content FROM ".$this->prefix."postinf WHERE pagename = '%s'",mysql_real_escape_string($page));
        $result= @mysql_query($query);
        $row= @mysql_fetch_array($result, MYSQL_ASSOC);
        if(empty($row)){exit;}
        $pos=0;
        $content=$row['content'];
        for($i=0; $i<$n; $i++){
              $content=substr($content,$pos);
              $start=strpos($content,'<codx>');
              $end=strpos($content,'</codx>');
              $pos=$end+7;
              if(($start===false)||($end===false)||($start > $end)){return;}}
        $raw_code=substr($content,$start+6,($end-$start-6));
        $raw_code=str_replace("\n","<br />",htmlspecialchars($raw_code,ENT_NOQUOTES));
        $raw_code='<html><head><title>_Code'.$n.'</title></head><body>'.str_replace('%&lt;%','<',str_replace('%&gt;%','>',$raw_code));
        $raw_code.='<hr/><p>Source: <a href="http://'.getenv('HTTP_HOST').fw_get_docroot().$page.'.html">http://'.getenv('HTTP_HOST').fw_get_docroot().$page.'.html</a></p></body></html>';
        $filename=$page.'_code'.$n.'.html';
        @header("Content-type: application/text");
        @header("Content-Disposition: attachment; filename=$filename");
        echo $raw_code;
}

public function menu($page)
{
        $m=$this->get_addon('menu_'.$page);
        if($m!==false){return $m['content'];}
        $d=$this->siteinf('defaultmenu');
        switch($d){
                case "4":
                    $m=$this->get_addon('menu');
                    return ($m['content']);
                break;
                case "3":
                    $clsmenu=new ajaxmenu($this->prefix);
                    return $clsmenu->menu();
                break;
                case "2":
                    $clsmenu=new javascriptmenu($this->prefix);
                    return $clsmenu->menu();
                break;
                case "1":
                    $clsmenu=new simplemenu($this->prefix);
                    return $clsmenu->menu();
                break;
                default:
                return false;
        }
}

public function footer()
{
       $pos=strpos($_SERVER['REQUEST_URI'],'.');
       $length=strlen(fw_get_docroot());
       $pagename=addslashes(substr($_SERVER['REQUEST_URI'],$length,$pos-$length));
       if($pagename==''){$pagename='index';}
       $submiturl='http://'.getenv('HTTP_HOST').fw_get_docroot().'fw_blog/admin/';
       $footer="<br />Powered by: <a href=\"".$this->siteinf('link')."\">ramui webblog</a>&reg;&nbsp;Version 1.2</div>\n";
       $footer.="<script type=\"text/javascript\">\n";
       $footer.="<!--\n";
       $footer.="fw_loadstat('$pagename','$submiturl');\n";
       foreach($this->dynamic as $script){$footer.= $script.";\n";}
       $footer.="-->\n";
       $footer.="</script>";
       return $footer;
}
}
?>
Return current item: RAMUI WEBBLOG