File: D:/HostingSpaces/SBogers45/smuldersinterieurprojecten.nl/wwwroot/admin/php/functions.php
<?php
function checkLogin(){
if(isset($_SESSION['adminStr'])){
$login = 0;
$result = mysql_query("SELECT id, user, email, pass, rank FROM _admin");
while($record = mysql_fetch_assoc($result)){
$str = $record['id'].'_'.md5($record['user'].$record['pass']); //id + country + md5( user + pass );
if($str == ( $_SESSION['adminStr'] )){
$login = 1; // 1 stands for correct login
}
}
return $login;
}
else{
return 0; // 1 stands for incorrect login
}
}
function inDatabase($input){
$input = trim($input);
$input = mysql_real_escape_string($input);
return $input;
}
function linkname($input){
$output = trim($input);
$output = str_replace(' ','-',$output);
//remove these characters
$forbidden = array("'", '"', '\\', '/', ';', ';', '|', '>', '<', '[', ']', '!','?', '@', '#', '$', '%', '^', '&', '*', '(', ')','+','=','{','}','`', '~');
foreach($forbidden as $key => $value){
$output = str_replace($value, '', $output);
}
$output = strtolower($output);
return $output;
}
function fromDatabase($input){
$input = stripslashes($input);
return $input;
}
function existInArray($val, $arr){
$exists = false;
for($i=0;$i<count($arr);$i++){
if($arr[$i] == $val){
$exists = true;
}
}
return $exists;
}
function getAdminRank(){
$temp = explode('_', $_SESSION['adminStr']);
$adminId = $temp[0];
$result = mysql_query('SELECT rank FROM _admin WHERE id = "'.$adminId.'" LIMIT 1');
$record = mysql_fetch_assoc($result);
$rank = $record['rank'];
return $rank;
}
function getLang(){
$result = mysql_query('SELECT lang FROM _client LIMIT 1');
$record = mysql_fetch_assoc($result);
return $record['lang'];
}
function createImage($value, $pad, $nr1, $nr2){
//set jpgquality
$jpeg_quality = 100;
//copy the original image to the server
copy($value, $pad);
//get the width and height
list($width, $height) = getimagesize($pad);
//resize the original image
if(($width / $height) > ($nr1 / $nr2)){
$th = $nr2;
$tw = ($th*$width)/$height;
$temp = $tw - $nr1;
if($temp != 0){
$posX = ($tw - $nr1) / 2;
}
else{
$posX = 0;
}
$posY = 0;
}
else{
$tw = $nr1;
$th = ($tw*$height)/$width;
$posX = 0;
$temp = ($th - $nr2);
if($temp != 0){
$posY = ($th - $nr2) / 2;
}
else{
$posY = 0;
}
}
//get the file extention and see from with type we need to create an image
$arr = explode('.', $pad);
$fileExt = strtolower($arr[(count($arr) - 1)]);
if($fileExt == 'jpg' || $fileExt == 'jpeg'){
$img_r = imagecreatefromjpeg($pad); //image_raw
}
else if($fileExt == 'png'){
$img_r = imagecreatefrompng($pad); //image_raw
}
else if($fileExt == 'gif'){
$img_r = imagecreatefromgif($pad); //image_ra
}
// imagecreatetruecolor() returns an image identifier representing a black image of the specified size.
$dst_r = imagecreatetruecolor($nr1, $nr2);
//bool imagecopyresampled(resource $dst_image, resource $src_image, int $dst_x, int $dst_y, int $src_x, int $src_y, int $dst_w, int $dst_h, int $src_w, int $src_h )
imagecopyresampled($dst_r, $img_r, 0, 0, $posX, $posY, $tw, $th, $width, $height );
//get rid of the original image
unlink($pad);
//create the new image
imagejpeg($dst_r, $pad, $jpeg_quality);
}
function createImageByWidth($value, $pad, $nr1){
//set jpgquality
$jpeg_quality = 100;
//copy the original image to the server
copy($value, $pad);
//get the width and height
list($width, $height) = getimagesize($pad);
if($width >= $height){
if($width > $nr1){
$tw = $nr1;
$th = ($tw*$height)/$width;
}
else{
$tw = $width;
$th = $height;
}
}
else{
if($height > $nr1){
$th = $nr1;
$tw = ($th*$width)/$height;
}
else{
$tw = $width;
$th = $height;
}
}
$posX = 0;
$posY = 0;
//get the file extention and see from with type we need to create an image
$arr = explode('.', $pad);
$fileExt = strtolower($arr[(count($arr) - 1)]);
if($fileExt == 'jpg' || $fileExt == 'jpeg'){
$img_r = imagecreatefromjpeg($pad); //image_raw
}
else if($fileExt == 'png'){
$img_r = imagecreatefrompng($pad); //image_raw
}
else if($fileExt == 'gif'){
$img_r = imagecreatefromgif($pad); //image_ra
}
// imagecreatetruecolor() returns an image identifier representing a black image of the specified size.
$dst_r = imagecreatetruecolor($tw, $th);
//bool imagecopyresampled(resource $dst_image, resource $src_image, int $dst_x, int $dst_y, int $src_x, int $src_y, int $dst_w, int $dst_h, int $src_w, int $src_h )
imagecopyresampled($dst_r, $img_r, 0, 0, $posX, $posY, $tw, $th, $width, $height );
//get rid of the original image
unlink($pad);
//create the new image
imagejpeg($dst_r, $pad, $jpeg_quality);
}
// REPLACE SHORTCODES FUNCTION
// How to use: $output .= replaceShortcodes($textFromDatabase, $colorForVimeo);
function replaceShortcodes($input, $width=560, $dirPad = './images/uploads/', $color='#292b5d') {
// Patern to look for the shortcode
$pattern = "/\[(\d){11}\]/";
// Find matches
preg_match_all($pattern, $input, $matches);
// Enter the loop
foreach($matches[0] as $key) {
// Get the raw code
$key = str_replace('[', '', $key);
$key = str_replace(']', '', $key);
$key = mysql_real_escape_string($key);
// Make new information array
$fileArray = array();
// Query to backtrace the shortcode
$query = 'SELECT m.title, m.type, m.path
FROM media AS m, status AS s
WHERE m.shortcode = '.$key.'
AND s.itemId = m.id
AND s.active = 1 LIMIT 1';
$result = mysql_query($query);
$numItems = mysql_num_rows($result);
if($numItems == 0){
//if nothing found in media... check documents
$doc_query = 'SELECT d.title, d.type, d.url
FROM documents AS d, status AS s
WHERE d.shortcode = '.$key.'
AND s.itemId = d.id
AND s.active = 1 LIMIT 1';
$doc_result = mysql_query($doc_query);
$numItems = mysql_num_rows($doc_result);
$record = mysql_fetch_assoc($doc_result);
$fileArray[$key]['title'] = $record['title'];
$fileArray[$key]['path'] = substr($record['url'],1);
$fileArray[$key]['type'] = $record['type'];
}
else{
$record = mysql_fetch_assoc($result);
// Store the information
$fileArray[$key]['title'] = $record['title'];
$fileArray[$key]['path'] = $record['path'];
$fileArray[$key]['type'] = $record['type'];
}
$tempOutput = '';
// See if shortcode is found
if ($numItems == 1) {
$extractedTitle = htmlentities($fileArray[$key]['title']);
$extractedType = htmlentities($fileArray[$key]['type']);
$extractedPath = htmlentities($fileArray[$key]['path']);
switch($extractedType) {
case 0:
if(is_file($dirPad.$extractedPath)){
$size = getimagesize($dirPad.$extractedPath);
$extractedWidth = $size[0];
// Add to output
$tempOutput .= '<img src="'.$dirPad.$extractedPath.'" alt="'.$extractedTitle.'"';
if($extractedWidth > $width) $tempOutput.= ' width="'.$width.'"' ;
$tempOutput .= '/>';
}
break;
case 1:
// Extract the vimeo video ID
$extractedPathArray = explode('/', $extractedPath);
$vimeoPath = $extractedPathArray[(count($extractedPathArray) - 1)];
//calculate height based on a resolution 16x9
$height = ($width*9)/16;
// Add to output
$tempOutput .= '<iframe src="http://player.vimeo.com/video/'.$vimeoPath.'?title=0&byline=0&portrait=0&color='.$color.'" width="'.$width.'" height="'.$height.'" frameborder="0"></iframe>';
break;
case 2:
$objArr = explode('</object>', $fileArray[$key]['path']);
$objPath = $objArr[0].'</object>';
$tempOutput .= '<div class="soundCloudCon">';
$tempOutput .= $objPath;
$tempOutput .= '</div>';
break;
case 3:
// Extract the youtube video ID
$extractedPathArray = explode('/', $extractedPath);
$youtubePath = $extractedPathArray[(count($extractedPathArray) - 1)];
$tempArr = explode('watch?v=', $youtubePath);
if(count($tempArr)>1){$youtubePath = $tempArr[1];}
//make sure there are no parameters but the key
$paramArr = explode('&', $youtubePath);
if(count($paramArr)>0) {$youtubePath = $paramArr[0]; }
//calculate height based on a resolution 16x9
$height = ($width*9)/16;
// Add to output
/* $tempOutput .= '<object width="'.$width.'" height="'.$height.'">
<param name="movie" value="http://www.youtube.com/v/'.$youtubePath.'?version=3&hl=en_US"></param>
<param name="allowFullScreen" value="true"></param>
<param name="allowscriptaccess" value="always"></param>
<embed src="http://www.youtube.com/v/'.$youtubePath.'?version=3&hl=en_US" type="application/x-shockwave-flash" width="'.$width.'" height="'.$height.'" allowscriptaccess="always" allowfullscreen="true"></embed>
</object>'; */
$tempOutput .= '<iframe width="'.$width.'" height="'.$height.'" src="http://www.youtube.com/embed/'.$youtubePath.'?wmode=transparent" frameborder="0" allowfullscreen></iframe>';
break;
case 4:
$tempOutput .= '<a href="'.$extractedPath.'" target="_blank">'.$extractedTitle.'</a>';
break;
}
}
$input = str_replace('['.$key.']', $tempOutput, $input);
}
return $input;
}
function createLink($str){
$str = str_replace(' ','-', $str);
$str = str_replace("'",'', $str);
$str = mysql_real_escape_string($str);
$str = trim($str);
return $str;
}
function move($dir, $itemId, $table, $orderName = 'itemOrder', $pageName = ''){
//get country and current order
$result = mysql_query('SELECT '.$orderName.' FROM '.$table.' WHERE id="'.$itemId.'" LIMIT 1');
$record = mysql_fetch_assoc($result);
$currentOrder = $record[$orderName];
$tempOrder = 1234;
$dir == 'up' ? $newOrder = (int)$currentOrder+1 : $newOrder = (int)$currentOrder-1;
//move this itemId one up or down
//set current to temp
mysql_query('UPDATE '.$table.' SET '.$orderName.' = "'.$tempOrder.'" WHERE id="'.$itemId.'" LIMIT 1;');
//set newOrder to currentOrder
mysql_query('UPDATE '.$table.' SET '.$orderName.' = "'.$currentOrder.'" WHERE '.$orderName.'="'.$newOrder.'" LIMIT 1;');
//reset temp to newOrder
mysql_query('UPDATE '.$table.' SET '.$orderName.' = "'.$newOrder.'" WHERE '.$orderName.'="'.$tempOrder.'" LIMIT 1;');
if(empty($pageName)){
$pageName = $table;
}
header('location: ./');
}
function correctOrderAfterDelete($itemId, $table, $orderName = 'itemOrder'){
//get order of this item
$result = mysql_query('SELECT '.$orderName.' FROM '.$table.' WHERE id="'.$itemId.'" LIMIT 1');
$record = mysql_fetch_assoc($result);
$currentOrder = $record[''.$orderName.''];
//set order of this item to zero (because its sort of deleted)
mysql_query('UPDATE '.$table.' SET '.$orderName.' = "0" WHERE id="'.$itemId.'" LIMIT 1;');
//set everything with a larger ordernr to order--
$result = mysql_query('SELECT id, '.$orderName.' FROM '.$table.' WHERE '.$orderName.' > "'.$currentOrder.'"');
while($record = mysql_fetch_assoc($result)){
$thisId = $record['id'];
$thisOrder = $record[''.$orderName.''];
$thisOrder--;
$updateQuery = 'UPDATE '.$table.' SET '.$orderName.' = "'.$thisOrder.'" WHERE id="'.$thisId.'" LIMIT 1;';
mysql_query($updateQuery);
}
header('location: ../../');
}
function delete_directory($dirname){
if (is_dir($dirname))
$dir_handle = opendir($dirname); //open de map
if (!$dir_handle)
return false;
while($file = readdir($dir_handle)) { //ga alle bestanden na
if ($file != "." && $file != "..") {
if (!is_dir($dirname."/".$file)){
unlink($dirname."/".$file); // verwijder bestand
}
else{
delete_directory($dirname.'/'.$file); //doe hetzelfde voor deze submap
}
}
}
closedir($dir_handle);
rmdir($dirname);
}
function createArrayFormDB($pageName, $pageLabel = ''){
$arr = array();
//page info
$arr['form']['name'] = $pageName.'Form';
$arr['form']['page'] = $pageName;
$arr['form']['table'] = $pageName;
!empty($pageLabel) ? $arr['form']['label'] = $pageLabel : $arr['form']['label'] = $pageName;
$arr['form']['action'] = '';
//get pageId
$query = 'SELECT id FROM _pages WHERE name = "'.$pageName.'" LIMIT 1';
$result = mysql_query($query);
$record = mysql_fetch_assoc($result);
$pageId = $record['id'];
$key = 0;
//get fields for this array
$query = 'SELECT name, type, label, required, clear, val FROM _fields WHERE pageId = '.$pageId.' ORDER BY fieldOrder DESC';
$result = mysql_query($query);
while($record = mysql_fetch_assoc($result)){
//four required cells
$arr[$key]['db'] = $pageName.'.'.$record['name'];
$arr[$key]['name'] = $record['name'];
$arr[$key]['type'] = $record['type'];
$record['required'] == 1 ? $arr[$key]['required'] = true : $arr[$key]['required'] = false;
$record['clear'] == 1 ? $arr[$key]['clear'] = true : $arr[$key]['clear'] = false;
switch($record['type']){
case 'text':
case 'dateToTimest':
case 'wysiwyg':
$arr[$key]['label'] = $record['label'];
$record['required'] == 1 ? $arr[$key]['required'] = true : $arr[$key]['required'] = false;
break;
case 'fixedValue':
$arr[$key]['value'] = $record['val'];
break;
case 'submit':
$arr[$key]['label'] = $record['label'];
break;
}
$key++;
}
return $arr;
}
function addStandardBlogTable($pageId, $pageName, $thumb){
//auto create ADMIN database
$sql="SELECT * FROM ".$pageName;
$result=@mysql_query($sql);
if (!$result) {
//create database
$query='
CREATE TABLE `'.$pageName.'` (
`id` int(4) NOT NULL AUTO_INCREMENT,
`title` varchar(512) NOT NULL,
`description` TEXT NOT NULL,';
if($thumb == 1){
$query.='`thumb` varchar(512) NOT NULL,';
}
$query.='
`timest` int(16) NOT NULL,
`itemOrder` int(7) NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1';
mysql_query($query);
$order = 1;
//create fields
$fieldQuery="
INSERT INTO _fields(pageId, name, type, label, required, clear, val, fieldOrder) VALUES(".$pageId.", 'title', 'text', 'Title of this item', 1, 1, NULL, ".$order.")";
mysql_query($fieldQuery);
$order++;
if($thumb == 1){
$fieldQuery5="
INSERT INTO _fields(pageId, name, type, label, required, clear, val, fieldOrder) VALUES(".$pageId.", 'thumb', 'text', 'Thumbnail', 1, 1, NULL, ".$order.")";
mysql_query($fieldQuery5);
$order++;
}
$fieldQuery1="
INSERT INTO _fields(pageId, name, type, label, required, clear, val, fieldOrder) VALUES(".$pageId.", 'description', 'wysiwyg', 'Description of the item', 0, 1, NULL, ".$order.")";
mysql_query($fieldQuery1);
$order++;
$fieldQuery2="
INSERT INTO _fields(pageId, name, type, label, required, clear, val, fieldOrder) VALUES(".$pageId.", 'timest', 'timestamp', NULL, NULL, NULL, NULL, ".$order.")";
mysql_query($fieldQuery2);
$order++;
$order++;
$fieldQuery4="
INSERT INTO _fields(pageId, name, type, label, required, clear, val, fieldOrder) VALUES(".$pageId.", 'itemOrder', 'itemOrder', NULL, NULL, NULL, NULL, ".$order.")";
mysql_query($fieldQuery4);
$order++;
$fieldQuery3="
INSERT INTO _fields(pageId, name, type, label, required, clear, val, fieldOrder) VALUES(".$pageId.", 'sbm', 'submit', 'Submit form', NULL, NULL, NULL, ".$order.")";
mysql_query($fieldQuery3);
}
}
function getToolmanSource($linkname){
$output = '';
//source files javascript
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/core.js"></script>';
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/events.js"></script>';
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/css.js"></script>';
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/coordinates.js"></script>';
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/drag.js"></script>';
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/dragsort.js"></script>';
$output .= '<script language="JavaScript" type="text/javascript" src="./js/tool-man/cookies.js"></script>';
//javascript
$output .= '<script language="JavaScript" type="text/javascript">
var dragsort = ToolMan.dragsort()
var junkdrawer = ToolMan.junkdrawer()
window.onload = function() {
junkdrawer.restoreListOrder("'.$linkname.'_boxes")
dragsort.makeListSortable(document.getElementById("'.$linkname.'_boxes"), saveOrder)
}
function verticalOnly(item) {
item.toolManDragGroup.verticalOnly()
}
function saveOrder(item) {
var group = item.toolManDragGroup
var list = group.element.parentNode
var id = list.getAttribute("id")
if (id == null) return
group.register(\'dragend\', function() {
ToolMan.cookies().set("list-" + id,
junkdrawer.serializeList(list), 365)
})
}
</script>';
return $output;
}
//backup
/*
function autoBackUpDB(){
$date = date('Ymd');
if(!is_dir('./bac/'.$date.'/')){
mkdir('./bac/'.$date.'/',0777);
$tables = array();
$result = mysql_query('SHOW TABLES');
while($row = mysql_fetch_row($result))
{
$table = $row[0];
$backupFile = '../../htdocs/mikeontwerpt/admin/bac/'.$date.'/'.$table.'_backup.sql';
$query = 'SELECT * INTO OUTFILE "'.$backupFile.'" FROM '.$table.';';
mysql_query($query);
// or die("A MySQL error has occurred.<br />Your Query: " . $query . "<br /> Error: (" . mysql_errno() . ") " . mysql_error().'<br /><br /><br />');
}
}
}*/
function autoBackUpDB($db_name){
$output = '';
$date = date('Ymd');
if(!is_dir('./bac/'.$date.'/')){
mkdir('./bac/'.$date.'/',0777);
// create header
$tab = "\t";
$br = "\n";
$txt = '';
$txt .= '-- phpMyAdmin SQL DUMP'.$br;
$txt .= '-- version 3.2.5'.$br;
$txt .= '-- http://www.phpmyadmin.net'.$br;
$txt .= '--'.$br;
$txt .= '-- Mike Ontwerpt'.$br;
$txt .= '-- http://www.mikeontwerpt.nl'.$br;
$txt .= '--'.$br;
$txt .= '-- Host: '.mysql_get_host_info().$br;
$txt .= '-- Genertion Time: '.date('M d, Y').' at '.date('G:i A').$br;
$txt .= '-- PHP version: '.phpversion().$br;
$txt .= $br;
$txt .= 'SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";';
$txt .= $br;
//get all the tables
$query = 'SHOW TABLES';
$result = mysql_query($query);
if(mysql_num_rows($result))
{
//database name
$txt .= '--'.$br;
$txt .= '-- Database: `'.$db_name.'`'.$br;
$txt .= '--'.$br;
$txt .= $br;
$txt .= '-- --------------------------------------------------------'.$br;
$txt .= $br;
//for every table
while($table = mysql_fetch_row($result))
{
//header create table
$txt .= '--'.$br;
$txt .= '-- Table structure for table: `'.$table[0].'`'.$br;
$txt .= '--'.$br;
//get the rows
$query3 = 'SELECT * FROM '.$table[0];
$records = mysql_query($query3);
//table attributes
$attributes = array('name','blob','max_length','multiple_key','not_null','numeric','primary_key','table','type','unique_key','unsigned','zerofill');
//create table
$txt.= 'CREATE TABLE `'.$table[0].'` ('.$br;
$x = 0;
while($x < mysql_num_fields($records))
{
//get column attributes
$meta = mysql_fetch_field($records,$x);
$auto_increment = '';
//is this a primary_key?
if($meta->primary_key == 1) {
$primary_key = $meta->name;
$auto_increment = 'AUTO_INCREMENT';
}
//null or not null
$meta->not_null == 1 ? $null_display = 'NOT NULL' : $null_display = 'DEFAULT NULL';
//get type display
switch($meta->type){
case 'int':
$type_display = 'int(64)';
break;
case 'string':
$type_display = 'varchar(256)';
break;
case 'blob':
$type_display = 'text';
break;
}
$txt.= $tab.'`'.$meta->name.'` '.$type_display.' '.$null_display.' '.$auto_increment.','.$br;
$x++;
}
$txt .= $tab.'PRIMARY KEY (`'.$primary_key.'`)'.$br;
$txt.= ') ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1;'.$br;
$txt.= $br;
//header dump data
$txt .= '--'.$br;
$txt .= '-- Dumping data for table: `'.$table[0].'`'.$br;
$txt .= '--'.$br;
$txt.= $br;
//stick the records
while($record = mysql_fetch_assoc($records))
{
$txt.= 'INSERT INTO `'.$table[0].'` VALUES(';
$count = 0;
foreach($record as $key=>$value)
{
if($count != 0) $txt .= ', ';
$txt.= '"'.htmlspecialchars(stripslashes($value)).'"';
$count++;
}
$txt.= ');'.$br;
}
$txt .= $br;
$txt .= $br;
$txt .= '-- --------------------------------------------------------'.$br;
$txt .= $br;
}
//save file
$handle = fopen('./bac/'.$date.'/'.$db_name.'-backup-'.time().'.txt','w+');
fwrite($handle,$txt);
fclose($handle);
}
}
}
?>