My second engine project built from the ground up in just 2 weeks! Features an PHP5 complient code and an HTML skin parser.
Example of an installed distro:
http://cura.ath.cx/codefx
Please note this code is designed for PHP5 enabled servers. I am aware of the fact that PHP5 is not in wide distro as of yet but I just wanted to work in PHP5 because its fun, new and has cool OO features.
By : tdas
On first run open index.php to set it up to your database. The install file will automaticaly make its own database so dont worry about fiddling around with phpmyadmin.
main file common.php
---------------------------------------------------
<?
session_start();
/*
PMA_splitSqlFile() function borrowed from the phpMyAdmin project.
It takes SQL dumps generated by phpMyAdmin then splits it up
into smaller querys that can then be processed into tables and
data. I found documentation made by the orignal programer quite
lacking so I will attempt to redefine the use of this function.
&$ret - Variable you expect to be returned.
$sql - Database Dump.
$release - Version of mysql server
*/
function PMA_splitSqlFile(&$ret, $sql, $release)
{
$sql = trim($sql);
$sql_len = strlen($sql);
$char = '';
$string_start = '';
$in_string = FALSE;
$time0 = time();
for ($i = 0; $i < $sql_len; ++$i) {
$char = $sql[$i];
// We are in a string, check for not escaped end of strings except for
// backquotes that can't be escaped
if ($in_string) {
for (;;) {
$i = strpos($sql, $string_start, $i);
// No end of string found -> add the current substring to the
// returned array
if (!$i) {
$ret[] = $sql;
return TRUE;
}
// Backquotes or no backslashes before quotes: it's indeed the
// end of the string -> exit the loop
else if ($string_start == '`' || $sql[$i-1] != '\\') {
$string_start = '';
$in_string = FALSE;
break;
}
// one or more Backslashes before the presumed end of string...
else {
// ... first checks for escaped backslashes
$j = 2;
$escaped_backslash = FALSE;
while ($i-$j > 0 && $sql[$i-$j] == '\\') {
$escaped_backslash = !$escaped_backslash;
$j++;
}
// ... if escaped backslashes: it's really the end of the
// string -> exit the loop
if ($escaped_backslash) {
$string_start = '';
$in_string = FALSE;
break;
}
// ... else loop
else {
$i++;
}
} // end if...elseif...else
} // end for
} // end if (in string)
// We are not in a string, first check for delimiter...
else if ($char == ';') {
// if delimiter found, add the parsed part to the returned array
$ret[] = substr($sql, 0, $i);
$sql = ltrim(substr($sql, min($i + 1, $sql_len)));
$sql_len = strlen($sql);
if ($sql_len) {
$i = -1;
} else {
// The submited statement(s) end(s) here
return TRUE;
}
} // end else if (is delimiter)
// ... then check for start of a string,...
else if (($char == '"') || ($char == '\'') || ($char == '`')) {
$in_string = TRUE;
$string_start = $char;
} // end else if (is start of string)
// ... for start of a comment (and remove this comment if found)...
else if ($char == '#'
|| ($char == ' ' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '--')) {
// starting position of the comment depends on the comment type
$start_of_comment = (($sql[$i] == '#') ? $i : $i-2);
// if no "\n" exits in the remaining string, checks for "\r"
// (Mac eol style)
$end_of_comment = (strpos(' ' . $sql, "\012", $i+2))
? strpos(' ' . $sql, "\012", $i+2)
: strpos(' ' . $sql, "\015", $i+2);
if (!$end_of_comment) {
// no eol found after '#', add the parsed part to the returned
// array if required and exit
if ($start_of_comment > 0) {
$ret[] = trim(substr($sql, 0, $start_of_comment));
}
return TRUE;
} else {
$sql = substr($sql, 0, $start_of_comment)
. ltrim(substr($sql, $end_of_comment));
$sql_len = strlen($sql);
$i--;
} // end if...else
} // end else if (is comment)
// ... and finally disactivate the "/*!...*/" syntax if MySQL < 3.22.07
else if ($release < 32270
&& ($char == '!' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '/*')) {
$sql[$i] = ' ';
} // end else if
// loic1: send a fake header each 30 sec. to bypass browser timeout
$time1 = time();
if ($time1 >= $time0 + 30) {
$time0 = $time1;
header('X-pmaPing: Pong');
} // end if
} // end for
// add any rest to the returned array
if (!empty($sql) && preg_match('@[^[:space:]]+@', $sql)) {
$ret[] = $sql;
}
return TRUE;
} // end of the 'PMA_splitSqlFile()' function
include('install.php');
$dbh=mysql_connect ($setting[0], $setting[1], $setting[2]) or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ($setting[3]);
/*
This is common.php This files purpose is to provide all the classes for the engine
*/
class bridge{
function __construct(){
//empty
}
}
class logscript {
function __construct(){
if($_GET['page']){
$this->back = "?page=".$_SESSION['back'];
}else{
$this->back = "?";
}
if ($_GET['action'] == "logout") {
$this->logout();
}
$this->login();
}
function logout(){
$back = $this->back;
session_destroy();
header("location: $back");
exit;
}
function login(){
$back = $this->back;
$user = strtoupper($_POST['user']);
$pass = $_POST['pass'];
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
if(!isset($user)) {
header("location: $back");
exit;
}
$auth = 'SELECT * FROM `user` WHERE 1 AND `User` = \''. $_POST['user'] .'\' AND `Pass` = \''. md5($pass) . '\'';
$result = mysql_query($auth);
while ($row = mysql_fetch_assoc ($result)) {
$username = $row['username'];
$userID = $row['userID'];
$_SESSION['usrinfoID'] = $userID;
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['user']);
unset($_SESSION['pass']);
unset($_SESSION['usrinfoID']);
header("location: $back");
$_SESSION['error'] = 1;
exit;
}
header("location: $back");
}
}
class admin {
/*
Core components
These are the main controls that effect the way that the primary
admin infrastructure works.
admincheck
Primary User permission checking method it is responcible for
the entire cura security system.
admin_box
This is the core of the admin infrastructure all admin addon
methods are run through this function it links up admin
addon methods with their skin. It also provides security
with the assitance of the admincheck() function.
admin_gui
admin_gui({*string input and return variable name always global*, *string allows you to cal gui functions without an admintype set*})
*/
/*
AdminCheck
Primary security method
No parms
Returns $this->checkresult;
The purpose of this method is to check if the user is in the place his ment to be.
So if UserA didnt have permission to be in AreaB this would return a value of zero
Other scripts around the engine use this is their primary account checker.
*/
function admincheck(){
//select the field in the admin table where the type is set to the current area the user is in.
$query = mysql_query("SELECT * FROM `admin` WHERE `type` = '".$_SESSION['admintype']."'");
$result = mysql_fetch_assoc($query);
//select the row from the admin_list table where the ID of the user and the ID of the area are both set
$query = mysql_query("SELECT * FROM `admin_list` WHERE `userID` = '".$_SESSION['usrinfoID']."' AND `AID` = '".$result['AID']."'");
//if such a field does exit return 1 else return nothing.
if (mysql_num_rows($query) > 0){
$this->checkresult = 1;
}
}
/*
Primary Admin framework
All primary admin components are called through here these are the actual control panels
which are skined using the <admin> tags (see advanced user manual 3.1.2)
It uses standard admincheck for security which has proven to be very secure so far.
This works in a very simlar way too parse. But not the same way I will now go over the
many differnces between admin_box and parse.
Parse is a greedy little class because it will call every singlemethod that isnt part
of the parse class at startup. It leaves it up to the method to decide if it wants to be
called or not. Parse does have a little quality control as it wont call functions that
dont have parse tags. In the case of admin_box, it only calls methods which are requested
specificaly by user because thats all it needs. Skinning is also differnt Parse will look
all over the html file for skins that match its functions while admin_box will only look
in skins kept between <admin="main"></admin="main"> tags. This doesnt really help much
but it forces the end user to keep their code organised :)
How it all works
To create an admin function you need to name it just right. The naming syntax for functions
is specifide in the advanced usermanual 3.1.2 . Once you got your name sorted its time to
getting your data your Primary working variable for this particular script is
$this->submatch[0].
To help you understand working in this environment I will call in an example
function admin_links_add(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[address]",'address',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `links` (`LinkName`,`LinkAddress`) VALUES ('".$_POST['name']."','".$_POST['address']."')";
mysql_query($sql);
header('location: ?');
}
You will notice on lines 2 and 3 of this function I have placed 2 basic str_replaces using our
Primary working variable for this class. These form the variable syntax for the skin.
<admin="admin_links_add">
<br />
<form action="[post]" method="post" name="linkadd">
Name<input name="[name]" type="text" size="10" /> Address<input name="[address]" type="text" size="20" /><input name="[submit]" type="submit" value="go" />
</form>
</admin="admin_links_add">
Hang on a minute!?
You didnt set [post] or [submit] in links add how come they show up?
These are special variables that are automaticaly set for you by admin_box as their commonly used.
I really suggest you use them as their quite useful particaly [post] which outputs the return address
of your adminsub.
*/
function admin_box(){
//if url variable adminsub is set
if ($_GET['adminsub']){
//if in correct admin area
if($this->checkresult){
//make method name
$func = "admin_".$_SESSION['admintype']."_".$_GET['adminsub'];
//set $this->result to primary parse working variable
$this->result = $this->match[0];
//find data in between <admin="main\"</admin="main"> set it to mainmatch[0]
preg_match("/<admin=\"main\">([^.]+)<\/admin=\"main\">/",$this->match[0],$mainmatch);
//find data in between <admin="$func\"</admin="$func"> in mainmatch[0] set it to submatch[0]
preg_match("/<admin=\"$func\">([^.]+)<\/admin=\"$func\">/",$mainmatch[0],$this->submatch);
//common variable setup
$this->submatch[0] = str_replace("[post]",'?adminsub='.$_GET['adminsub'],$this->submatch[0]);
$this->submatch[0] = str_replace("[submit]",'send',$this->submatch[0]);
//call method $func
$this->$func();
//place returned submatch[0] in parse main working variable
$this->result=preg_replace("/<admin=\"main\">([^.]+)<\/admin=\"main\">/",$this->submatch[0],$this->result);
}
}
}
/*
Feature not actualy called by many admin methods rather it is a link between the user class and the admin
class. It allows for intergration of admin features such as the icons in the links admin. They appear
right next to normal user data and appear only when an admin is logged in as their corresponding admin
type. Method is very simlar to its cousin user_gui the key differnce is:
admin_gui is coverd under the admin_check security umbrella while admin_user has and (if used correctly)
needs no security.
admin_gui( [ string , string ] )
¶m1 global variable to return result
*/
function admin_gui($return = "result",$current = NULL) {
$flag = 0;
if($this->checkresult && $_SESSION['admintype'] == $this->dynfunc){
$flag = 1;
$current = $this->dynfunc;
}
if($this->checkresult && $current){
$flag = 1;
}
if ($flag == 1){
$func = "admin_".$current."_gui";
preg_match("/<sub=\"admin\">([^.]+)<\/sub=\"admin\">/",$this->$return,$this->value);
$this->$func();
$this->$return = preg_replace("/<sub=\"admin\">([^.]+)<\/sub=\"admin\">/",$this->gui,$this->$return);
unset($this->gui);
unset($this->dbridge);
}else{
$this->$return=preg_replace("/<sub=\"admin\">([^.]+)<\/sub=\"admin\">/","",$this->$return);
}
}
//menus
function admin_menu(){
$query = mysql_query('SELECT * FROM `admin_list` WHERE `userID` = '.$_SESSION['usrinfoID']);
if (@mysql_num_rows($query) > 0){
$temp = $this->match[0];
while ($result = mysql_fetch_assoc($query)){
$option = mysql_query('SELECT * FROM `admin` WHERE `AID` = '.$result['AID']);
$option = mysql_fetch_assoc($option);
if($option['type'] == $_SESSION['admintype']){
$b[0] = '<b>';
$b[1] = '</b>';
}
$temp .= str_replace("[admin_option]", "<a href=\"?admin=".$option['type']."\">".$b[0].$option['type'].$b[1]."</a>",$this->match[0]);
unset($b);
}
$this->result = str_replace("[admin_option]", "",$temp);
}
}
function admin_sub_links() {
$this->result = $this->match[0];
$this->admin_gui("result","sub");
if(!$this->checkresult){
$this->result = "";
}
}
function admin_sub_gui() {
$front = "?adminsub=";
$adminqry = mysql_fetch_assoc(mysql_query("select * from `admin` WHERE `type` = '".$_SESSION['admintype']."'"));
$query = mysql_query("select * from `adminsub` WHERE `AID` = '".$adminqry['AID']."'");
while ($result = mysql_fetch_assoc($query)){
$this->temp = $this->value[0];
$this->render($query,$result,1);
$this->temp = str_replace("[adminsub_subtype_address]",$front.$result['subtype'],$this->temp);
$this->gui .= $this->temp;
}
}
/*
Addon functions
Here are functions which work within the admin_box framework.
*/
function admin_pages_Create(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[page]",'page',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `pages` (`PageName`,`Content`) VALUES ('".$_POST['name']."','".$_POST['page']."')";
mysql_query($sql);
header('location: ?admintype=pages');
$name = str_replace(" ","%20",$_POST['name']);
$sql = "INSERT INTO `links` (`LinkName`,`LinkAddress`) VALUES ('".$_POST['name']."','?page=".$name."')";
mysql_query($sql);
}
}
function admin_pages_delete(){
if($_POST['send'] == "yes"){
$result = mysql_fetch_assoc(mysql_query("SELECT * FROM `pages` WHERE `pageID` ='".$_GET['id']."'"));
mysql_query("delete from `pages` WHERE `pageID` = '".$_GET['id']."'") or die();
$name = str_replace(" ","%20",$result['PageName']);
mysql_query("delete from `links` WHERE `LinkName` = '".$result['PageName']."' AND `LinkAddress` = '?page=".$name."'") or die();
header("location: ?");
}
if($_POST['send'] == "no"){
header("location: ?page=".$_SESSION['back']);
}
}
function admin_pages_edit(){
$this->submatch[0] = str_replace("[content]",'content',$this->submatch[0]);
$query = mysql_query("select * from `pages` WHERE `pageID` = '".$_GET['id']."'");
$result = mysql_fetch_assoc($query) or die(mysql_error());
$this->submatch[0] = str_replace("[Pg_name]",'title',$this->submatch[0]);
$this->submatch[0] = str_replace("[Pg_content]",'body',$this->submatch[0]);
$this->submatch[0] = str_replace("[Page_name]",$result['PageName'],$this->submatch[0]);
$this->submatch[0] = str_replace("[Page_content]",$result['Content'],$this->submatch[0]);
if($_POST['send']){
$name = str_replace(" ","%20",$_POST['title']);
$oldname = str_replace(" ","%20",$result['PageName']);
$sql = "UPDATE `links` SET `LinkName` = '".$_POST['title']."', `LinkAddress` = '?page=".$name."' WHERE `LinkName` = '".$result['PageName']."' AND `LinkAddress` = '?page=".$oldname."' LIMIT 1";
mysql_query($sql) or die(mysql_error());
$sql = "UPDATE `pages` SET `PageName` = '".$_POST['title']."', `content` = '".$_POST['body']."' WHERE `PageID` = '".$_GET['id']."' LIMIT 1";
mysql_query($sql);
header('location: ?admintype=news');
}
}
function admin_pages_gui(){
$this->gui = str_replace("[delete]", "?admin=pages&adminsub=delete&id=".$this->dbridge->page['pageID'] ,$this->value[0]);
$this->gui = str_replace("[edit]", "?admin=pages&adminsub=edit&id=".$this->dbridge->page['pageID'] ,$this->gui);
}
function admin_news_post(){
$this->submatch[0] = str_replace("[title]",'title',$this->submatch[0]);
$this->submatch[0] = str_replace("[body]",'body',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `news` (`header`,`body`,`date`,`userID`) VALUES ('".$_POST['title']."','".$_POST['body']."',"."NOW()".",'".$_SESSION['usrinfoID']."')";
mysql_query($sql);
header('location: ?admintype=news');
}
}
function admin_news_delete(){
if($_POST['send'] == "yes"){
mysql_query("delete from `news` WHERE `NewsID` = '".$_GET['id']."'") or die();
header("location: ?");
}
if($_POST['send'] == "no"){
header("location: ?");
}
}
function admin_news_edit(){
$this->submatch[0] = str_replace("[title]",'title',$this->submatch[0]);
$this->submatch[0] = str_replace("[body]",'body',$this->submatch[0]);
$query = mysql_query("select *, DATE_FORMAT(date, '%d-%m-%y') as date from `news` WHERE `NewsID` = '".$_GET['id']."'");
$result = mysql_fetch_assoc($query) or die(mysql_error());
$this->submatch[0] = str_replace("[news_body]",$result['body'],$this->submatch[0]);
$this->submatch[0] = str_replace("[news_header]",$result['header'],$this->submatch[0]);
if($_POST['send']){
$sql = "UPDATE `news` SET `header` = '".$_POST['title']."', `body` = '".$_POST['body']."' WHERE `NewsID` = '".$_GET['id']."' LIMIT 1";
mysql_query($sql);
header('location: ?admintype=news');
}
}
function admin_news_gui(){
$this->gui = str_replace("[delete]", "?admin=news&adminsub=delete&id=".$this->dbridge->news['NewsID'] ,$this->value[0]);
$this->gui = str_replace("[edit]", "?admin=news&adminsub=edit&id=".$this->dbridge->news['NewsID'] ,$this->gui);
}
function admin_links_add(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[address]",'address',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `links` (`LinkName`,`LinkAddress`) VALUES ('".$_POST['name']."','".$_POST['address']."')";
mysql_query($sql);
header('location: ?');
}
}
function admin_links_delete(){
if($_POST['send'] == "yes"){
mysql_query("delete from `links` WHERE `LinkID` = '".$_GET['id']."'") or die();
header("location: ?");
}
if($_POST['send'] == "no"){
header("location: ?");
}
}
function admin_links_edit(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[address]",'address',$this->submatch[0]);
$sql = "select * from `links` where `LinkID`='".$_GET['id']."'";
$sql = mysql_query($sql);
$result = mysql_fetch_assoc($sql);
$this->submatch[0] = str_replace("[links_LinkName]",$result['LinkName'],$this->submatch[0]);
$this->submatch[0] = str_replace("[links_LinkAddress]",$result['LinkAddress'],$this->submatch[0]);
if($_POST['send']){
$sql = "UPDATE `links` SET `LinkName` = '".$_POST['name']."', `LinkAddress` = '".$_POST['address']."' WHERE `LinkID` = '".$_GET['id']."' LIMIT 1";
mysql_query($sql) or die(mysql_error());
header('location: ?');
}
}
function admin_links_gui(){
$this->gui = str_replace("[address]", "?admin=".$this->dbridge->linktype['type']."&adminsub=delete&id=".$this->dbridge->linktype['id'] ,$this->value[0]);
$this->gui = str_replace("[editaddress]", "?admin=".$this->dbridge->linktype['type']."&adminsub=edit&id=".$this->dbridge->linktype['id'] ,$this->gui);
}
function admin_users_Create(){
if ($_POST['send']){
mysql_query("INSERT INTO `user` ( `User` , `Pass` , `email` ) VALUES ('".$_POST['usrname']."', '".md5($_POST['passwrd'])."', '".$_POST['usremail']."')");
$usrID = mysql_insert_id();
$query = mysql_query("select * from `admin`");
while($result = mysql_fetch_assoc($query)){
if($_POST['users_'.$result['AID']]){
mysql_query("INSERT INTO `admin_list` ( `AID` , `userID` ) VALUES ( '".$result['AID']."', '".$usrID."')");
}
}
header("location: ?");
}
$this->temp = str_replace("[usrname]",'usrname',$this->submatch[0]);
$this->temp = str_replace("[passwrd]",'passwrd',$this->temp);
$this->temp = str_replace("[usremail]",'usremail',$this->temp);
$this->admin_gui("temp","users");
$this->submatch[0] = $this->temp;
}
function admin_users_gui(){
$query = mysql_query("select * from `admin`");
while($result = mysql_fetch_assoc($query)){
$temp = str_replace("[admin_type]", $result['type'] ,$this->value[0]);
$temp = str_replace("[admintypeID]", "users_".$result['AID'] ,$temp);
$this->gui .= $temp;
}
}
}
class user extends admin {
function links() {
$query = mysql_query("select * from `links` ORDER BY `LinkID` ASC");
while ($result = mysql_fetch_assoc($query)){
$pagetype = strripos($result['LinkAddress'], "?page=");
if($pagetype === false){
$type['type'] = "links";
$type['id'] = $result['LinkID'];
}else{
$pageinfo = mysql_fetch_assoc(mysql_query("select * from `pages` where `PageName` = '".$result['LinkName']."'"));
$type['type'] = "pages";
$type['id'] = $pageinfo['pageID'];
}
$this->databridge("linktype", $type);
$result['LinkAddress'] = str_replace(".","%2e",$result['LinkAddress']);
$this->databridge("links",$result);
$this->render($query,$result);
$this->admin_gui();
}
}
function news(){
if (!$_GET['page'] Xor $_GET['adminsub']){
if($_GET['newspage']){
$page = $_GET['newspage'];
}else{
$page = 1;
}
$query = mysql_query("select *, DATE_FORMAT(date, '%d-%m-%y') as date from `news` ORDER BY NewsID DESC limit ".(($page*5)-5).",5");
$this->temp = $this->match[0];
while ($result = mysql_fetch_assoc($query)){
$usrqry = mysql_query("Select * from `user` where `userID` = '".$result['userID']."'");
$usrez = mysql_fetch_assoc($usrqry);
$this->render($query,$result,1);
$this->render($usrqry,$usrez,1);
$this->databridge("news",$result);
$this->admin_gui("temp");
$this->result .= $this->temp;
$this->temp = $this->match[0];
}
}
unset($this->temp);
}
function news_pages(){
if (!$_GET['page'] Xor $_GET['adminsub']){
$query = mysql_query("select * from `news`");
$data['count'] = mysql_num_rows($query);
$data['pagecount'] = ceil(($data['count'] / 5));
$this->result = $this->match[0];
$this->databridge("newspage",$data);
if($_GET['newspage'] == 1 xor !$_GET['newspage']){
$back = 1;
}
if($this->dbridge->newspage['pagecount'] == 1){
$pl = 1;
}
if($this->dbridge->newspage['pagecount'] <= $_GET['newspage']){
$next = 1;
}
$this->user_gui("backpage",$back);
$this->user_gui("pagelist",$pl);
$this->user_gui("nextpage",$next);
}else{
$this->result = "";
}
}
function news_pages_backpage(){
$this->gui = str_replace("[backpage]", "?newspage=".($_GET['newspage']-1) ,$this->value[0]);
}
function news_pages_pagelist(){
$current = 1;
while ($current <= $this->dbridge->newspage['pagecount']){
$temp = str_replace("[pagenum]", $current ,$this->value[0]);
$this->gui .= str_replace("[pageaddy]", "?newspage=".$current ,$temp);
$current++;
}
}
function news_pages_nextpage(){
if($_GET['newspage']){
$page = $_GET['newspage'];
}else{
$page = 1;
}
$this->gui = str_replace("[nextpage]", "?newspage=".($page+1) ,$this->value[0]);
}
function pages(){
if ($_GET['page']){
$query = mysql_query("SELECT * FROM `pages` WHERE `PageName` = '".$_GET['page']."'");
while ($result = mysql_fetch_assoc($query)){
$this->render($query,$result);
$this->databridge("page",$result);
$this->admin_gui();
}
}
}
function logbox(){
$this->result = $this->match[0];
if (!$_SESSION['usrinfoID']){
$flag = 1;
}else{
$flag = 0;
}
$this->user_gui("success",$flag);
$this->user_gui("start",!$flag);
}
function logbox_start(){
$this->gui = $this->value[0];
}
function logbox_success(){
$sql = "SELECT * FROM `user` WHERE `userID` = '".$_SESSION['usrinfoID']."'";
$query = mysql_query($sql);
$result = mysql_fetch_assoc($query);
$this->gui = str_replace("[username]",$result['User'],$this->value[0]);
$this->gui = str_replace("[logout]",'<a href="?action=logout">LogOut</a>',$this->gui);
}
}
class parse extends user{
protected $data;
protected $match;
protected $rematch;
protected $dynarray;
function __construct(){
//define dbridge as object bridge
$this->dbridge = new bridge();
/*if on a dynamic page element then set the session
variable 'back' to the url variable 'page' so that
when people login to their account they will be
returned to the page they start from.*/
if($_GET['page']){
$_SESSION['back'] = $_GET['page'];
/*else if url variable page is not set or url
variable admin is set then send the user to
the news page. This is useful for when an
pesron in an admin panel logs out they will
be returned to the main page rather than an
error.*/
}else if (!$_GET['page'] Xor $_GET['admin']){
$_SESSION['back'] = "";
}
/*
This checks to see if the main admin menu has set the
admin type if so it has then the url will be passed on
to a session so that it can be used in other parts of the
script.
The next if checks to see if any selection has been made
from the admin sub menu if it has then a admin control
box will pop up else the user will be sent back to the
page he selected the admintype from.
*/
//checks if url variable admin is set
if ($_GET['admin']){
//sets session variable admintype to url variable admin
$_SESSION['admintype'] = $_GET['admin'];
//checks if url variable adminsub is set
if(!$_GET['adminsub']){
//sends admin back to page they came from.
header("location: ?page=".$_SESSION['back']);
}
}
//check if admin return $this->checkresult = 1 if user is admin
//please check admincheck() function in the admin class for more
//information.
$this->admincheck();
/*
Open template file
This file holds all the html used by the parse,user and admin
classes.
*/
$fd = fopen('template/index.html', 'r');
$this->data = fread($fd, filesize('template/index.html'));
fclose($fd);
/*
The regular expression I created for this project does not like
'.' so to combat this I wrote this next line to replace every
'.' with its html equivlent.
*/
$this->data = str_replace(".", ".", $this->data);
/*
Simple set of if statements. Their job isnt all that important
all they do is set the heading of the page which gets printed
out ontop of the main area. Created to ease confusion for the
user as to where they are in the site.
*/
if ($_GET['page']){
$header = $_GET['page'];
}
if (!$_GET['page']){
$header = "news";
}
if ($_GET['adminsub']){
$header = $_SESSION['admintype']."->".$_GET['adminsub'];
}
$this->data = str_replace("[header]", "$header", $this->data);
//Variable where entire ouput of parse is stored.
$this->final = $this->data;
//Make $user an instance of object user
$user = new user();
//get list of functions from object 'user' and the class it extends 'admin'
$dyn = get_class_methods(get_class($user));
/*
Main beef of parse construct
For each function listed in array $dyn it will find tags which match
the functions name, then call the function.
After the function has finished its buissness it will return
$this->result.
another function $this->output will be called which will take the
returned data and place it in the tags that match the function.
*/
foreach ($dyn as $method_name) {
unset($this->rematch);
unset($this->result);
unset($this->temp);
$this->dynfunc = $method_name;
$temp = $this->dynfunc;
preg_match("/<parse=\"$temp\">([^.]+)<\/parse=\"$temp\">/",$this->data,$this->match);
if ($this->match[0]){
$this->$temp();
$this->output();
}
}
}
/*
This method stores data in a object to make moving data around easier.
$this->databridge( string , mixed );
@param1 name of variable you want
@parma2 data you want it to store
Example:
$data = "test";
$this->databridge("data", $data);
print $this->dbridge->data;
Output
test
This saves you having to set heaps of global variables that can some times
be hard to keep track of.
*/
function databridge($name,$var) {
$this->dbridge->$name = $var;
}
/*
User gui method
The purpose of this function is to get the data from <sub> tags
placed in the body of your parse tags process them then dump
return back into the <sub> tags. For more information about
working with tags see the advanced user manual(3.1.0).
$this->user_gui( string , [ integer , string ] );
@param1 part gui function name you wish to call*
@param2 run actual function (0) or send back empty tags(1)**
@param3 setname of variable you want to hold the return***
*This follows a naming structure
current parse function_@param1_gui
So if you wanted to call this function from links you would
make a function called links_myparm_gui then run this function from links
Examplle
$this->user_gui("myparam");
**This is useful for conditional subtags when you only want them show if
a condition is met.
example
if( condition == true) {
$this->("myparam",0);
//places result in <sub="myparam">
}else{
$this->("myparam",1);
//return nothing
}
***Somtimes you dont want to slot the result of this function into the main
global variable just yet for instance if you were to have a subtag within a
subtag sending the result of the second subtag to the main global variable
would cause some problems. So instead you'd want to get the return in the form
of the working variable.
*/
function user_gui($current,$flag = 0,$return = "result") {
if($flag == 0){
//make function name
$func = $this->dynfunc."_".$current;
//find data between <sub> tags and place it into $this->value[0]
preg_match("/<sub=\"$current\">([^.]+)<\/sub=\"$current\">/",$this->$return,$this->value);
//call the function
$this->$func();
//place results of function(stored in $this->gui) into <sub> tags stored in $this->$return
$this->$return = preg_replace("/<sub=\"$current\">([^.]+)<\/sub=\"$current\">/",$this->gui,$this->$return);
//unset global variable $this->gui to help prevent errors
unset($this->gui);
//unset($this->dbridge);
}else{
//return nothing between the tags
$this->$return = preg_replace("/<sub=\"$current\">([^.]+)<\/sub=\"$current\">/","",$this->$return);
}
}
/*finish me
Render, strlist Methods
First of all I'd liket to start off by saying that strlist is for exclusive use of method
I'd recommend against using it for any other part of this project unless called through
the render method.
With that out of the way I can now tell you the purpose of this method. The purpose of
Render is to execute a mysql query and replace template variables in the selected peice
of html with their php cousins. Render has to get all its variables from sql query so
it isnt suited for all senarios. So you will have to do traditional str_replace function.
$this->render( string , [ string , integer ] );
@param1
@param2 run actual function (0) or send back empty tags(1)**
@param3 setname of variable you want to hold the return***
*/
function render ($query,$result = "",$sub = 0){
$table = mysql_field_table($query,0);
$fieldlist = mysql_list_fields($_SESSION['database'], $table);
$fieldnum = mysql_num_fields($fieldlist);
if (!$sub){
$this->temp = $this->match[0];
}
$this->strlist($table,$fieldlist,$result,$temp,$fieldnum);
if (!$sub){
$this->result .= $this->temp;
//unset($this->temp);
}
unset($x);
//unset($this->temp);
}
function strlist($table,$fieldlist,$result,$temp,$fieldnum){
while ($x < $fieldnum){
$field = mysql_field_name($fieldlist,$x);
$this->temp = str_replace('['.$table.'_'.$field.']', str_replace("\n", "<BR/>", $result[$field]),$this->temp);
$x++;
}
//$this->temp = $temp;
}
//This function is simple enough it takes the working variable $this->result and places its data
//and places it data in the parse tags of the current function.
function output(){
$this->final = preg_replace("/<parse=\"".$this->dynfunc."\">([^.]+)<\/parse=\"".$this->dynfunc."\">/",$this->result,$this->final);
}
}
?>
Click to
Download File| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More Content Management Code Articles
More By Codewalkers
 developerWorks - FREE Tools!
|
Learn to enable users to both rate existing animations and to combine existing animations into new snippets. This is the third in a series of three tutorials that chronicle the building of a site that enables collaborative discussion and animation building using Domino and OpenLaszlo.
FREE! Go There Now!
|
|
|
|
Join us for this on demand webcast to learn about developing complex systems more quickly and efficiently. We'll cover market drivers for developing, governing and reusing systems software assets and how you can develop system software assets with Rational Asset Manager.
FREE! Go There Now!
|
|
|
|
Learn how you can extend modern application lifecycle management to IBM System z through the IBM Rational Software Delivery Platform (SDP). The Did you say mainframe? e-kit includes podcasts, webcasts, tutorials, white and red papers, demos, and articles designed to help ease the challenges of modernizing your enterprise. This complimentary kit for mainframe developers is a practical, how-to guide for making the most of an existing development environment, including the skills and infrastructure already in place at an established enterprise.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of IBM Rational Business Developer V7.1. Rational Business Developer offers rapid and simplified development of business applications and services through Enterprise Generation Language (EGL) tools, generating Java or mainframe solutions while shielding developers from technical complexities.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of WebSphere Extended Deployment Compute Grid, which lets you schedule, execute, and monitor batch jobs. Because online transaction processing and batch jobs execute simultaneously on the same server resources, you can avoid costly duplication of resources. Compute Grid supports job types of Java transactional batch, compute-intensive and a new type called "native execution", which enables non-Java workloads to run on distributed end points.
FREE! Go There Now!
|
|
|
|
This tutorial shows new users of IBM WebSphere Business Monitor Version 6.0.2 how to perform the "Hello World" equivalent for monitoring business process applications. It is intended to help you get familiar with the capabilities of the product.
FREE! Go There Now!
|
|
|
|
Learn how Rational Build Forge can extend a simple compile and package build process by adding customization and deployment capability. Go from a manual method to automating: checking for code changes; getting the latest source; compiling and packaging; customizing; copying to and restarting a deployment server; and sending e-mail notification that a new version is available.
FREE! Go There Now!
|
|
|
|
Asset Reuse is a key strategy for companies looking to create innovative solutions to solve complex software development problems. Searching for, identifying, updating, using and deploying software assets can be a difficult challenge. Listen to this webcast, to learn about strategies and tools that you can leverage for a successful project, including Rational Asset Manager, Rational Software Architect and WebSphere Service Registry and Repository.
FREE! Go There Now!
|
|
|
|
Informix Dynamic Server (IDS) Express Edition offers outstanding online transaction processing (OLTP) database performance, while helping to simplify and automate many of the tasks associated with deploying databases for small business applications. IDS 11 further extends the ease of management and applications integration with the Admin API and Scheduler, high availability with Continuous Log Restore for backup server recovery in case of a primary server failure, and column level encryption to protect personal and company private data.
FREE! Go There Now!
|
|
|
|
You can now evaluate IBM Rational Asset Manager V7.0 online without installing or configuring it on your own system! Rational Asset Manager helps create, modify, govern, find, and reuse any type of development assets, including SOA and systems development assets. Rational Asset Manager helps you reduce software development costs and improve quality by facilitating the reuse of all types of software development-related assets. Visit developerWorks to learn more about this product and register to explore its capabilities online.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
