My second engine project built from the ground up in just 2 weeks! Features an PHP5 complient code and an HTML skin parser.
Example of an installed distro:
http://cura.ath.cx/codefx
Please note this code is designed for PHP5 enabled servers. I am aware of the fact that PHP5 is not in wide distro as of yet but I just wanted to work in PHP5 because its fun, new and has cool OO features.
By : tdas
On first run open index.php to set it up to your database. The install file will automaticaly make its own database so dont worry about fiddling around with phpmyadmin.
main file common.php
---------------------------------------------------
<?
session_start();
/*
PMA_splitSqlFile() function borrowed from the phpMyAdmin project.
It takes SQL dumps generated by phpMyAdmin then splits it up
into smaller querys that can then be processed into tables and
data. I found documentation made by the orignal programer quite
lacking so I will attempt to redefine the use of this function.
&$ret - Variable you expect to be returned.
$sql - Database Dump.
$release - Version of mysql server
*/
function PMA_splitSqlFile(&$ret, $sql, $release)
{
$sql = trim($sql);
$sql_len = strlen($sql);
$char = '';
$string_start = '';
$in_string = FALSE;
$time0 = time();
for ($i = 0; $i < $sql_len; ++$i) {
$char = $sql[$i];
// We are in a string, check for not escaped end of strings except for
// backquotes that can't be escaped
if ($in_string) {
for (;;) {
$i = strpos($sql, $string_start, $i);
// No end of string found -> add the current substring to the
// returned array
if (!$i) {
$ret[] = $sql;
return TRUE;
}
// Backquotes or no backslashes before quotes: it's indeed the
// end of the string -> exit the loop
else if ($string_start == '`' || $sql[$i-1] != '\\') {
$string_start = '';
$in_string = FALSE;
break;
}
// one or more Backslashes before the presumed end of string...
else {
// ... first checks for escaped backslashes
$j = 2;
$escaped_backslash = FALSE;
while ($i-$j > 0 && $sql[$i-$j] == '\\') {
$escaped_backslash = !$escaped_backslash;
$j++;
}
// ... if escaped backslashes: it's really the end of the
// string -> exit the loop
if ($escaped_backslash) {
$string_start = '';
$in_string = FALSE;
break;
}
// ... else loop
else {
$i++;
}
} // end if...elseif...else
} // end for
} // end if (in string)
// We are not in a string, first check for delimiter...
else if ($char == ';') {
// if delimiter found, add the parsed part to the returned array
$ret[] = substr($sql, 0, $i);
$sql = ltrim(substr($sql, min($i + 1, $sql_len)));
$sql_len = strlen($sql);
if ($sql_len) {
$i = -1;
} else {
// The submited statement(s) end(s) here
return TRUE;
}
} // end else if (is delimiter)
// ... then check for start of a string,...
else if (($char == '"') || ($char == '\'') || ($char == '`')) {
$in_string = TRUE;
$string_start = $char;
} // end else if (is start of string)
// ... for start of a comment (and remove this comment if found)...
else if ($char == '#'
|| ($char == ' ' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '--')) {
// starting position of the comment depends on the comment type
$start_of_comment = (($sql[$i] == '#') ? $i : $i-2);
// if no "\n" exits in the remaining string, checks for "\r"
// (Mac eol style)
$end_of_comment = (strpos(' ' . $sql, "\012", $i+2))
? strpos(' ' . $sql, "\012", $i+2)
: strpos(' ' . $sql, "\015", $i+2);
if (!$end_of_comment) {
// no eol found after '#', add the parsed part to the returned
// array if required and exit
if ($start_of_comment > 0) {
$ret[] = trim(substr($sql, 0, $start_of_comment));
}
return TRUE;
} else {
$sql = substr($sql, 0, $start_of_comment)
. ltrim(substr($sql, $end_of_comment));
$sql_len = strlen($sql);
$i--;
} // end if...else
} // end else if (is comment)
// ... and finally disactivate the "/*!...*/" syntax if MySQL < 3.22.07
else if ($release < 32270
&& ($char == '!' && $i > 1 && $sql[$i-2] . $sql[$i-1] == '/*')) {
$sql[$i] = ' ';
} // end else if
// loic1: send a fake header each 30 sec. to bypass browser timeout
$time1 = time();
if ($time1 >= $time0 + 30) {
$time0 = $time1;
header('X-pmaPing: Pong');
} // end if
} // end for
// add any rest to the returned array
if (!empty($sql) && preg_match('@[^[:space:]]+@', $sql)) {
$ret[] = $sql;
}
return TRUE;
} // end of the 'PMA_splitSqlFile()' function
include('install.php');
$dbh=mysql_connect ($setting[0], $setting[1], $setting[2]) or die ('I cannot connect to the database because: ' . mysql_error());
mysql_select_db ($setting[3]);
/*
This is common.php This files purpose is to provide all the classes for the engine
*/
class bridge{
function __construct(){
//empty
}
}
class logscript {
function __construct(){
if($_GET['page']){
$this->back = "?page=".$_SESSION['back'];
}else{
$this->back = "?";
}
if ($_GET['action'] == "logout") {
$this->logout();
}
$this->login();
}
function logout(){
$back = $this->back;
session_destroy();
header("location: $back");
exit;
}
function login(){
$back = $this->back;
$user = strtoupper($_POST['user']);
$pass = $_POST['pass'];
$_SESSION['user'] = $user;
$_SESSION['pass'] = $pass;
if(!isset($user)) {
header("location: $back");
exit;
}
$auth = 'SELECT * FROM `user` WHERE 1 AND `User` = \''. $_POST['user'] .'\' AND `Pass` = \''. md5($pass) . '\'';
$result = mysql_query($auth);
while ($row = mysql_fetch_assoc ($result)) {
$username = $row['username'];
$userID = $row['userID'];
$_SESSION['usrinfoID'] = $userID;
}
if (mysql_num_rows($result) == 0) {
unset($_SESSION['user']);
unset($_SESSION['pass']);
unset($_SESSION['usrinfoID']);
header("location: $back");
$_SESSION['error'] = 1;
exit;
}
header("location: $back");
}
}
class admin {
/*
Core components
These are the main controls that effect the way that the primary
admin infrastructure works.
admincheck
Primary User permission checking method it is responcible for
the entire cura security system.
admin_box
This is the core of the admin infrastructure all admin addon
methods are run through this function it links up admin
addon methods with their skin. It also provides security
with the assitance of the admincheck() function.
admin_gui
admin_gui({*string input and return variable name always global*, *string allows you to cal gui functions without an admintype set*})
*/
/*
AdminCheck
Primary security method
No parms
Returns $this->checkresult;
The purpose of this method is to check if the user is in the place his ment to be.
So if UserA didnt have permission to be in AreaB this would return a value of zero
Other scripts around the engine use this is their primary account checker.
*/
function admincheck(){
//select the field in the admin table where the type is set to the current area the user is in.
$query = mysql_query("SELECT * FROM `admin` WHERE `type` = '".$_SESSION['admintype']."'");
$result = mysql_fetch_assoc($query);
//select the row from the admin_list table where the ID of the user and the ID of the area are both set
$query = mysql_query("SELECT * FROM `admin_list` WHERE `userID` = '".$_SESSION['usrinfoID']."' AND `AID` = '".$result['AID']."'");
//if such a field does exit return 1 else return nothing.
if (mysql_num_rows($query) > 0){
$this->checkresult = 1;
}
}
/*
Primary Admin framework
All primary admin components are called through here these are the actual control panels
which are skined using the <admin> tags (see advanced user manual 3.1.2)
It uses standard admincheck for security which has proven to be very secure so far.
This works in a very simlar way too parse. But not the same way I will now go over the
many differnces between admin_box and parse.
Parse is a greedy little class because it will call every singlemethod that isnt part
of the parse class at startup. It leaves it up to the method to decide if it wants to be
called or not. Parse does have a little quality control as it wont call functions that
dont have parse tags. In the case of admin_box, it only calls methods which are requested
specificaly by user because thats all it needs. Skinning is also differnt Parse will look
all over the html file for skins that match its functions while admin_box will only look
in skins kept between <admin="main"></admin="main"> tags. This doesnt really help much
but it forces the end user to keep their code organised :)
How it all works
To create an admin function you need to name it just right. The naming syntax for functions
is specifide in the advanced usermanual 3.1.2 . Once you got your name sorted its time to
getting your data your Primary working variable for this particular script is
$this->submatch[0].
To help you understand working in this environment I will call in an example
function admin_links_add(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[address]",'address',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `links` (`LinkName`,`LinkAddress`) VALUES ('".$_POST['name']."','".$_POST['address']."')";
mysql_query($sql);
header('location: ?');
}
You will notice on lines 2 and 3 of this function I have placed 2 basic str_replaces using our
Primary working variable for this class. These form the variable syntax for the skin.
<admin="admin_links_add">
<br />
<form action="[post]" method="post" name="linkadd">
Name<input name="[name]" type="text" size="10" /> Address<input name="[address]" type="text" size="20" /><input name="[submit]" type="submit" value="go" />
</form>
</admin="admin_links_add">
Hang on a minute!?
You didnt set [post] or [submit] in links add how come they show up?
These are special variables that are automaticaly set for you by admin_box as their commonly used.
I really suggest you use them as their quite useful particaly [post] which outputs the return address
of your adminsub.
*/
function admin_box(){
//if url variable adminsub is set
if ($_GET['adminsub']){
//if in correct admin area
if($this->checkresult){
//make method name
$func = "admin_".$_SESSION['admintype']."_".$_GET['adminsub'];
//set $this->result to primary parse working variable
$this->result = $this->match[0];
//find data in between <admin="main\"</admin="main"> set it to mainmatch[0]
preg_match("/<admin=\"main\">([^.]+)<\/admin=\"main\">/",$this->match[0],$mainmatch);
//find data in between <admin="$func\"</admin="$func"> in mainmatch[0] set it to submatch[0]
preg_match("/<admin=\"$func\">([^.]+)<\/admin=\"$func\">/",$mainmatch[0],$this->submatch);
//common variable setup
$this->submatch[0] = str_replace("[post]",'?adminsub='.$_GET['adminsub'],$this->submatch[0]);
$this->submatch[0] = str_replace("[submit]",'send',$this->submatch[0]);
//call method $func
$this->$func();
//place returned submatch[0] in parse main working variable
$this->result=preg_replace("/<admin=\"main\">([^.]+)<\/admin=\"main\">/",$this->submatch[0],$this->result);
}
}
}
/*
Feature not actualy called by many admin methods rather it is a link between the user class and the admin
class. It allows for intergration of admin features such as the icons in the links admin. They appear
right next to normal user data and appear only when an admin is logged in as their corresponding admin
type. Method is very simlar to its cousin user_gui the key differnce is:
admin_gui is coverd under the admin_check security umbrella while admin_user has and (if used correctly)
needs no security.
admin_gui( [ string , string ] )
¶m1 global variable to return result
*/
function admin_gui($return = "result",$current = NULL) {
$flag = 0;
if($this->checkresult && $_SESSION['admintype'] == $this->dynfunc){
$flag = 1;
$current = $this->dynfunc;
}
if($this->checkresult && $current){
$flag = 1;
}
if ($flag == 1){
$func = "admin_".$current."_gui";
preg_match("/<sub=\"admin\">([^.]+)<\/sub=\"admin\">/",$this->$return,$this->value);
$this->$func();
$this->$return = preg_replace("/<sub=\"admin\">([^.]+)<\/sub=\"admin\">/",$this->gui,$this->$return);
unset($this->gui);
unset($this->dbridge);
}else{
$this->$return=preg_replace("/<sub=\"admin\">([^.]+)<\/sub=\"admin\">/","",$this->$return);
}
}
//menus
function admin_menu(){
$query = mysql_query('SELECT * FROM `admin_list` WHERE `userID` = '.$_SESSION['usrinfoID']);
if (@mysql_num_rows($query) > 0){
$temp = $this->match[0];
while ($result = mysql_fetch_assoc($query)){
$option = mysql_query('SELECT * FROM `admin` WHERE `AID` = '.$result['AID']);
$option = mysql_fetch_assoc($option);
if($option['type'] == $_SESSION['admintype']){
$b[0] = '<b>';
$b[1] = '</b>';
}
$temp .= str_replace("[admin_option]", "<a href=\"?admin=".$option['type']."\">".$b[0].$option['type'].$b[1]."</a>",$this->match[0]);
unset($b);
}
$this->result = str_replace("[admin_option]", "",$temp);
}
}
function admin_sub_links() {
$this->result = $this->match[0];
$this->admin_gui("result","sub");
if(!$this->checkresult){
$this->result = "";
}
}
function admin_sub_gui() {
$front = "?adminsub=";
$adminqry = mysql_fetch_assoc(mysql_query("select * from `admin` WHERE `type` = '".$_SESSION['admintype']."'"));
$query = mysql_query("select * from `adminsub` WHERE `AID` = '".$adminqry['AID']."'");
while ($result = mysql_fetch_assoc($query)){
$this->temp = $this->value[0];
$this->render($query,$result,1);
$this->temp = str_replace("[adminsub_subtype_address]",$front.$result['subtype'],$this->temp);
$this->gui .= $this->temp;
}
}
/*
Addon functions
Here are functions which work within the admin_box framework.
*/
function admin_pages_Create(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[page]",'page',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `pages` (`PageName`,`Content`) VALUES ('".$_POST['name']."','".$_POST['page']."')";
mysql_query($sql);
header('location: ?admintype=pages');
$name = str_replace(" ","%20",$_POST['name']);
$sql = "INSERT INTO `links` (`LinkName`,`LinkAddress`) VALUES ('".$_POST['name']."','?page=".$name."')";
mysql_query($sql);
}
}
function admin_pages_delete(){
if($_POST['send'] == "yes"){
$result = mysql_fetch_assoc(mysql_query("SELECT * FROM `pages` WHERE `pageID` ='".$_GET['id']."'"));
mysql_query("delete from `pages` WHERE `pageID` = '".$_GET['id']."'") or die();
$name = str_replace(" ","%20",$result['PageName']);
mysql_query("delete from `links` WHERE `LinkName` = '".$result['PageName']."' AND `LinkAddress` = '?page=".$name."'") or die();
header("location: ?");
}
if($_POST['send'] == "no"){
header("location: ?page=".$_SESSION['back']);
}
}
function admin_pages_edit(){
$this->submatch[0] = str_replace("[content]",'content',$this->submatch[0]);
$query = mysql_query("select * from `pages` WHERE `pageID` = '".$_GET['id']."'");
$result = mysql_fetch_assoc($query) or die(mysql_error());
$this->submatch[0] = str_replace("[Pg_name]",'title',$this->submatch[0]);
$this->submatch[0] = str_replace("[Pg_content]",'body',$this->submatch[0]);
$this->submatch[0] = str_replace("[Page_name]",$result['PageName'],$this->submatch[0]);
$this->submatch[0] = str_replace("[Page_content]",$result['Content'],$this->submatch[0]);
if($_POST['send']){
$name = str_replace(" ","%20",$_POST['title']);
$oldname = str_replace(" ","%20",$result['PageName']);
$sql = "UPDATE `links` SET `LinkName` = '".$_POST['title']."', `LinkAddress` = '?page=".$name."' WHERE `LinkName` = '".$result['PageName']."' AND `LinkAddress` = '?page=".$oldname."' LIMIT 1";
mysql_query($sql) or die(mysql_error());
$sql = "UPDATE `pages` SET `PageName` = '".$_POST['title']."', `content` = '".$_POST['body']."' WHERE `PageID` = '".$_GET['id']."' LIMIT 1";
mysql_query($sql);
header('location: ?admintype=news');
}
}
function admin_pages_gui(){
$this->gui = str_replace("[delete]", "?admin=pages&adminsub=delete&id=".$this->dbridge->page['pageID'] ,$this->value[0]);
$this->gui = str_replace("[edit]", "?admin=pages&adminsub=edit&id=".$this->dbridge->page['pageID'] ,$this->gui);
}
function admin_news_post(){
$this->submatch[0] = str_replace("[title]",'title',$this->submatch[0]);
$this->submatch[0] = str_replace("[body]",'body',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `news` (`header`,`body`,`date`,`userID`) VALUES ('".$_POST['title']."','".$_POST['body']."',"."NOW()".",'".$_SESSION['usrinfoID']."')";
mysql_query($sql);
header('location: ?admintype=news');
}
}
function admin_news_delete(){
if($_POST['send'] == "yes"){
mysql_query("delete from `news` WHERE `NewsID` = '".$_GET['id']."'") or die();
header("location: ?");
}
if($_POST['send'] == "no"){
header("location: ?");
}
}
function admin_news_edit(){
$this->submatch[0] = str_replace("[title]",'title',$this->submatch[0]);
$this->submatch[0] = str_replace("[body]",'body',$this->submatch[0]);
$query = mysql_query("select *, DATE_FORMAT(date, '%d-%m-%y') as date from `news` WHERE `NewsID` = '".$_GET['id']."'");
$result = mysql_fetch_assoc($query) or die(mysql_error());
$this->submatch[0] = str_replace("[news_body]",$result['body'],$this->submatch[0]);
$this->submatch[0] = str_replace("[news_header]",$result['header'],$this->submatch[0]);
if($_POST['send']){
$sql = "UPDATE `news` SET `header` = '".$_POST['title']."', `body` = '".$_POST['body']."' WHERE `NewsID` = '".$_GET['id']."' LIMIT 1";
mysql_query($sql);
header('location: ?admintype=news');
}
}
function admin_news_gui(){
$this->gui = str_replace("[delete]", "?admin=news&adminsub=delete&id=".$this->dbridge->news['NewsID'] ,$this->value[0]);
$this->gui = str_replace("[edit]", "?admin=news&adminsub=edit&id=".$this->dbridge->news['NewsID'] ,$this->gui);
}
function admin_links_add(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[address]",'address',$this->submatch[0]);
if($_POST['send']){
$sql = "INSERT INTO `links` (`LinkName`,`LinkAddress`) VALUES ('".$_POST['name']."','".$_POST['address']."')";
mysql_query($sql);
header('location: ?');
}
}
function admin_links_delete(){
if($_POST['send'] == "yes"){
mysql_query("delete from `links` WHERE `LinkID` = '".$_GET['id']."'") or die();
header("location: ?");
}
if($_POST['send'] == "no"){
header("location: ?");
}
}
function admin_links_edit(){
$this->submatch[0] = str_replace("[name]",'name',$this->submatch[0]);
$this->submatch[0] = str_replace("[address]",'address',$this->submatch[0]);
$sql = "select * from `links` where `LinkID`='".$_GET['id']."'";
$sql = mysql_query($sql);
$result = mysql_fetch_assoc($sql);
$this->submatch[0] = str_replace("[links_LinkName]",$result['LinkName'],$this->submatch[0]);
$this->submatch[0] = str_replace("[links_LinkAddress]",$result['LinkAddress'],$this->submatch[0]);
if($_POST['send']){
$sql = "UPDATE `links` SET `LinkName` = '".$_POST['name']."', `LinkAddress` = '".$_POST['address']."' WHERE `LinkID` = '".$_GET['id']."' LIMIT 1";
mysql_query($sql) or die(mysql_error());
header('location: ?');
}
}
function admin_links_gui(){
$this->gui = str_replace("[address]", "?admin=".$this->dbridge->linktype['type']."&adminsub=delete&id=".$this->dbridge->linktype['id'] ,$this->value[0]);
$this->gui = str_replace("[editaddress]", "?admin=".$this->dbridge->linktype['type']."&adminsub=edit&id=".$this->dbridge->linktype['id'] ,$this->gui);
}
function admin_users_Create(){
if ($_POST['send']){
mysql_query("INSERT INTO `user` ( `User` , `Pass` , `email` ) VALUES ('".$_POST['usrname']."', '".md5($_POST['passwrd'])."', '".$_POST['usremail']."')");
$usrID = mysql_insert_id();
$query = mysql_query("select * from `admin`");
while($result = mysql_fetch_assoc($query)){
if($_POST['users_'.$result['AID']]){
mysql_query("INSERT INTO `admin_list` ( `AID` , `userID` ) VALUES ( '".$result['AID']."', '".$usrID."')");
}
}
header("location: ?");
}
$this->temp = str_replace("[usrname]",'usrname',$this->submatch[0]);
$this->temp = str_replace("[passwrd]",'passwrd',$this->temp);
$this->temp = str_replace("[usremail]",'usremail',$this->temp);
$this->admin_gui("temp","users");
$this->submatch[0] = $this->temp;
}
function admin_users_gui(){
$query = mysql_query("select * from `admin`");
while($result = mysql_fetch_assoc($query)){
$temp = str_replace("[admin_type]", $result['type'] ,$this->value[0]);
$temp = str_replace("[admintypeID]", "users_".$result['AID'] ,$temp);
$this->gui .= $temp;
}
}
}
class user extends admin {
function links() {
$query = mysql_query("select * from `links` ORDER BY `LinkID` ASC");
while ($result = mysql_fetch_assoc($query)){
$pagetype = strripos($result['LinkAddress'], "?page=");
if($pagetype === false){
$type['type'] = "links";
$type['id'] = $result['LinkID'];
}else{
$pageinfo = mysql_fetch_assoc(mysql_query("select * from `pages` where `PageName` = '".$result['LinkName']."'"));
$type['type'] = "pages";
$type['id'] = $pageinfo['pageID'];
}
$this->databridge("linktype", $type);
$result['LinkAddress'] = str_replace(".","%2e",$result['LinkAddress']);
$this->databridge("links",$result);
$this->render($query,$result);
$this->admin_gui();
}
}
function news(){
if (!$_GET['page'] Xor $_GET['adminsub']){
if($_GET['newspage']){
$page = $_GET['newspage'];
}else{
$page = 1;
}
$query = mysql_query("select *, DATE_FORMAT(date, '%d-%m-%y') as date from `news` ORDER BY NewsID DESC limit ".(($page*5)-5).",5");
$this->temp = $this->match[0];
while ($result = mysql_fetch_assoc($query)){
$usrqry = mysql_query("Select * from `user` where `userID` = '".$result['userID']."'");
$usrez = mysql_fetch_assoc($usrqry);
$this->render($query,$result,1);
$this->render($usrqry,$usrez,1);
$this->databridge("news",$result);
$this->admin_gui("temp");
$this->result .= $this->temp;
$this->temp = $this->match[0];
}
}
unset($this->temp);
}
function news_pages(){
if (!$_GET['page'] Xor $_GET['adminsub']){
$query = mysql_query("select * from `news`");
$data['count'] = mysql_num_rows($query);
$data['pagecount'] = ceil(($data['count'] / 5));
$this->result = $this->match[0];
$this->databridge("newspage",$data);
if($_GET['newspage'] == 1 xor !$_GET['newspage']){
$back = 1;
}
if($this->dbridge->newspage['pagecount'] == 1){
$pl = 1;
}
if($this->dbridge->newspage['pagecount'] <= $_GET['newspage']){
$next = 1;
}
$this->user_gui("backpage",$back);
$this->user_gui("pagelist",$pl);
$this->user_gui("nextpage",$next);
}else{
$this->result = "";
}
}
function news_pages_backpage(){
$this->gui = str_replace("[backpage]", "?newspage=".($_GET['newspage']-1) ,$this->value[0]);
}
function news_pages_pagelist(){
$current = 1;
while ($current <= $this->dbridge->newspage['pagecount']){
$temp = str_replace("[pagenum]", $current ,$this->value[0]);
$this->gui .= str_replace("[pageaddy]", "?newspage=".$current ,$temp);
$current++;
}
}
function news_pages_nextpage(){
if($_GET['newspage']){
$page = $_GET['newspage'];
}else{
$page = 1;
}
$this->gui = str_replace("[nextpage]", "?newspage=".($page+1) ,$this->value[0]);
}
function pages(){
if ($_GET['page']){
$query = mysql_query("SELECT * FROM `pages` WHERE `PageName` = '".$_GET['page']."'");
while ($result = mysql_fetch_assoc($query)){
$this->render($query,$result);
$this->databridge("page",$result);
$this->admin_gui();
}
}
}
function logbox(){
$this->result = $this->match[0];
if (!$_SESSION['usrinfoID']){
$flag = 1;
}else{
$flag = 0;
}
$this->user_gui("success",$flag);
$this->user_gui("start",!$flag);
}
function logbox_start(){
$this->gui = $this->value[0];
}
function logbox_success(){
$sql = "SELECT * FROM `user` WHERE `userID` = '".$_SESSION['usrinfoID']."'";
$query = mysql_query($sql);
$result = mysql_fetch_assoc($query);
$this->gui = str_replace("[username]",$result['User'],$this->value[0]);
$this->gui = str_replace("[logout]",'<a href="?action=logout">LogOut</a>',$this->gui);
}
}
class parse extends user{
protected $data;
protected $match;
protected $rematch;
protected $dynarray;
function __construct(){
//define dbridge as object bridge
$this->dbridge = new bridge();
/*if on a dynamic page element then set the session
variable 'back' to the url variable 'page' so that
when people login to their account they will be
returned to the page they start from.*/
if($_GET['page']){
$_SESSION['back'] = $_GET['page'];
/*else if url variable page is not set or url
variable admin is set then send the user to
the news page. This is useful for when an
pesron in an admin panel logs out they will
be returned to the main page rather than an
error.*/
}else if (!$_GET['page'] Xor $_GET['admin']){
$_SESSION['back'] = "";
}
/*
This checks to see if the main admin menu has set the
admin type if so it has then the url will be passed on
to a session so that it can be used in other parts of the
script.
The next if checks to see if any selection has been made
from the admin sub menu if it has then a admin control
box will pop up else the user will be sent back to the
page he selected the admintype from.
*/
//checks if url variable admin is set
if ($_GET['admin']){
//sets session variable admintype to url variable admin
$_SESSION['admintype'] = $_GET['admin'];
//checks if url variable adminsub is set
if(!$_GET['adminsub']){
//sends admin back to page they came from.
header("location: ?page=".$_SESSION['back']);
}
}
//check if admin return $this->checkresult = 1 if user is admin
//please check admincheck() function in the admin class for more
//information.
$this->admincheck();
/*
Open template file
This file holds all the html used by the parse,user and admin
classes.
*/
$fd = fopen('template/index.html', 'r');
$this->data = fread($fd, filesize('template/index.html'));
fclose($fd);
/*
The regular expression I created for this project does not like
'.' so to combat this I wrote this next line to replace every
'.' with its html equivlent.
*/
$this->data = str_replace(".", ".", $this->data);
/*
Simple set of if statements. Their job isnt all that important
all they do is set the heading of the page which gets printed
out ontop of the main area. Created to ease confusion for the
user as to where they are in the site.
*/
if ($_GET['page']){
$header = $_GET['page'];
}
if (!$_GET['page']){
$header = "news";
}
if ($_GET['adminsub']){
$header = $_SESSION['admintype']."->".$_GET['adminsub'];
}
$this->data = str_replace("[header]", "$header", $this->data);
//Variable where entire ouput of parse is stored.
$this->final = $this->data;
//Make $user an instance of object user
$user = new user();
//get list of functions from object 'user' and the class it extends 'admin'
$dyn = get_class_methods(get_class($user));
/*
Main beef of parse construct
For each function listed in array $dyn it will find tags which match
the functions name, then call the function.
After the function has finished its buissness it will return
$this->result.
another function $this->output will be called which will take the
returned data and place it in the tags that match the function.
*/
foreach ($dyn as $method_name) {
unset($this->rematch);
unset($this->result);
unset($this->temp);
$this->dynfunc = $method_name;
$temp = $this->dynfunc;
preg_match("/<parse=\"$temp\">([^.]+)<\/parse=\"$temp\">/",$this->data,$this->match);
if ($this->match[0]){
$this->$temp();
$this->output();
}
}
}
/*
This method stores data in a object to make moving data around easier.
$this->databridge( string , mixed );
@param1 name of variable you want
@parma2 data you want it to store
Example:
$data = "test";
$this->databridge("data", $data);
print $this->dbridge->data;
Output
test
This saves you having to set heaps of global variables that can some times
be hard to keep track of.
*/
function databridge($name,$var) {
$this->dbridge->$name = $var;
}
/*
User gui method
The purpose of this function is to get the data from <sub> tags
placed in the body of your parse tags process them then dump
return back into the <sub> tags. For more information about
working with tags see the advanced user manual(3.1.0).
$this->user_gui( string , [ integer , string ] );
@param1 part gui function name you wish to call*
@param2 run actual function (0) or send back empty tags(1)**
@param3 setname of variable you want to hold the return***
*This follows a naming structure
current parse function_@param1_gui
So if you wanted to call this function from links you would
make a function called links_myparm_gui then run this function from links
Examplle
$this->user_gui("myparam");
**This is useful for conditional subtags when you only want them show if
a condition is met.
example
if( condition == true) {
$this->("myparam",0);
//places result in <sub="myparam">
}else{
$this->("myparam",1);
//return nothing
}
***Somtimes you dont want to slot the result of this function into the main
global variable just yet for instance if you were to have a subtag within a
subtag sending the result of the second subtag to the main global variable
would cause some problems. So instead you'd want to get the return in the form
of the working variable.
*/
function user_gui($current,$flag = 0,$return = "result") {
if($flag == 0){
//make function name
$func = $this->dynfunc."_".$current;
//find data between <sub> tags and place it into $this->value[0]
preg_match("/<sub=\"$current\">([^.]+)<\/sub=\"$current\">/",$this->$return,$this->value);
//call the function
$this->$func();
//place results of function(stored in $this->gui) into <sub> tags stored in $this->$return
$this->$return = preg_replace("/<sub=\"$current\">([^.]+)<\/sub=\"$current\">/",$this->gui,$this->$return);
//unset global variable $this->gui to help prevent errors
unset($this->gui);
//unset($this->dbridge);
}else{
//return nothing between the tags
$this->$return = preg_replace("/<sub=\"$current\">([^.]+)<\/sub=\"$current\">/","",$this->$return);
}
}
/*finish me
Render, strlist Methods
First of all I'd liket to start off by saying that strlist is for exclusive use of method
I'd recommend against using it for any other part of this project unless called through
the render method.
With that out of the way I can now tell you the purpose of this method. The purpose of
Render is to execute a mysql query and replace template variables in the selected peice
of html with their php cousins. Render has to get all its variables from sql query so
it isnt suited for all senarios. So you will have to do traditional str_replace function.
$this->render( string , [ string , integer ] );
@param1
@param2 run actual function (0) or send back empty tags(1)**
@param3 setname of variable you want to hold the return***
*/
function render ($query,$result = "",$sub = 0){
$table = mysql_field_table($query,0);
$fieldlist = mysql_list_fields($_SESSION['database'], $table);
$fieldnum = mysql_num_fields($fieldlist);
if (!$sub){
$this->temp = $this->match[0];
}
$this->strlist($table,$fieldlist,$result,$temp,$fieldnum);
if (!$sub){
$this->result .= $this->temp;
//unset($this->temp);
}
unset($x);
//unset($this->temp);
}
function strlist($table,$fieldlist,$result,$temp,$fieldnum){
while ($x < $fieldnum){
$field = mysql_field_name($fieldlist,$x);
$this->temp = str_replace('['.$table.'_'.$field.']', str_replace("\n", "<BR/>", $result[$field]),$this->temp);
$x++;
}
//$this->temp = $temp;
}
//This function is simple enough it takes the working variable $this->result and places its data
//and places it data in the parse tags of the current function.
function output(){
$this->final = preg_replace("/<parse=\"".$this->dynfunc."\">([^.]+)<\/parse=\"".$this->dynfunc."\">/",$this->result,$this->final);
}
}
?>
Click to
Download File| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
More Content Management Code Articles
More By Codewalkers
 developerWorks - FREE Tools!
|
You'll get answers to many questions and more from David Barnes, Lead Evangelist for IBM Emerging Internet Technologies. David will discuss aspects of Web 2.0 that bring value to corporations, academia, and government. He'll also discuss IBM's vision around Web 2.0, including the importance of remixability and consumability. The discussion will culminate with examples of various IBM Software Group solutions you can use to get ahead of the Web 2.0 adoption curve.
FREE! Go There Now!
|
|
|
|
Download the Rational Application Developer (RAD) v7.5 open beta code and start developing applications for the JEE5 standard which features EJB3.0, JPA, JSF 1.2, JSP 2.1 and Servlet 2.5 standards. When you use this beta you will see how you can increase developer productivity for already existing applications with improved support for refactoring, as well as adding new features to existing applications. In addition, the beta provides tooling for JD Edwards, Oracle, SAP, Siebel and PeopleSoft to improve the developer productivity with these enterprise systems.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial version of IBM Rational Business Developer V7.1. Rational Business Developer offers rapid and simplified development of business applications and services through Enterprise Generation Language (EGL) tools, generating Java or mainframe solutions while shielding developers from technical complexities.
FREE! Go There Now!
|
|
|
|
Visit IBM developerWorks to download a free trial of the Rational Host Access Transformation Services (HATS) Toolkit. The HATS toolkit provides a set of plug-ins for the IBM Rational Software Delivery Platform to help you easily extend your legacy applications. HATS makes your 3270 and 5250 applications available as HTML through the most popular Web browsers, while converting your host screens to a Web look and feel and it also enables you to develop new Web, portal, and rich-client applications.
FREE! Go There Now!
|
|
|
|
Listen to this webcast to get an overview of Info 2.0 and a technical demo of how to quickly build an enterprise mashup. IBM's Info 2.0 technology leverages emerging Web 2.0 technologies such as mashups, feeds, AJAX, and JSON in order to simplify assembly of information using feeds and services. Come learn about the technical elements of Info 2.0 including the Feed Generation framework, Mashup Engine, and mashup assembly components. Learn how to pull information from databases, departmental information, and the Web to create mashups critical to your company’s success. We will also discuss best practices to help you get started.
FREE! Go There Now!
|
|
|
|
Discover how Rational tools and best practices for testing can make your job easier. The new Rational Testing eKits provide you with valuable resources – including demos, webcasts, tutorials, and articles – that help you address your specific testing needs across the software lifecycle. Five new eKits are available covering the topics of Requirements and Test Management, Functional Testing, Performance Testing, Code Quality and Embedded Systems, and SOA and Web Services Testing.
FREE! Go There Now!
|
|
|
|
This whitepaper provides areas to consider when evaluating any software configuration management solution. It addresses how the IBM solutions (Rational ClearCase and Rational ClearQuest) meet the needs and requirements of both project leaders and developers to provide successful Software Change and Configuration Management.
FREE! Go There Now!
|
|
|
|
This paper is about the critical role that a discipline called integrated requirements management can play in helping to ensure that your business goals and IT investments are continuously aligned—whether you are sourcing, integrating, building or maintaining software. It also looks at ways that automated IBM Rational® products can work together to help you use requirements in the very best way.
FREE! Go There Now!
|
|
|
|
In this webcast, IBM Rational will discuss the importance of Web application security and will share techniques and best practices to introduce application security testing into current QA processes including: understanding common security vulnerabilities and techniques to integrate security testing with defect tracking and remediation systems in an effort to safeguard sensitive online information.
FREE! Go There Now!
|
|
|
|
User communities play an important role in communication and collaboration around products, solutions and other areas of special interest to members. Successful communities are able to provide the right mix of content and services to deliver a value proposition that resonates with each audience. Join Tom Inman, VP of Marketing for Information and Platform Solutions as he introduces the new LeverageINFORMATION community. During this webcast, learn about the value provided by the community and how customers and partners derive value from the community in addressing their own technical and business challenges.
FREE! Go There Now!
|
|
|
|
All FREE IBM® developerWorks Tools!
|
