ahinz
/
cms
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
cms/includes/functions.php

244 lines
6.8 KiB
PHP
Raw Blame History

<?php
require_once __DIR__ . '/../config/database.php';
// Zabezpieczenie przed XSS
function escape($string) {
return htmlspecialchars($string, ENT_QUOTES, 'UTF-8');
}
// Generowanie slug z tytułu
function createSlug($text) {
$text = mb_strtolower($text, 'UTF-8');
// Polskie znaki
$replacements = [
'ą' => 'a', 'ć' => 'c', 'ę' => 'e', 'ł' => 'l',
'ń' => 'n', 'ó' => 'o', 'ś' => 's', 'ź' => 'z',
'ż' => 'z', 'Ą' => 'a', 'Ć' => 'c', 'Ę' => 'e',
'Ł' => 'l', 'Ń' => 'n', 'Ó' => 'o', 'Ś' => 's',
'Ź' => 'z', 'Ż' => 'z'
];
$text = strtr($text, $replacements);
$text = preg_replace('/[^a-z0-9-]/', '-', $text);
$text = preg_replace('/-+/', '-', $text);
$text = trim($text, '-');
return $text;
}
// Pobranie strony po slug
function getPageBySlug($slug) {
$db = getDB();
$stmt = $db->prepare("
SELECT p.*, u.username as author_name
FROM pages p
LEFT JOIN users u ON p.author_id = u.id
WHERE p.slug = ? AND p.status = 'published'
");
$stmt->execute([$slug]);
return $stmt->fetch();
}
// Pobranie wszystkich stron
function getAllPages($status = 'published', $limit = null) {
$db = getDB();
$sql = "SELECT p.*, u.username as author_name
FROM pages p
LEFT JOIN users u ON p.author_id = u.id
WHERE p.status = ?
ORDER BY p.created_at DESC";
if ($limit) {
$sql .= " LIMIT " . intval($limit);
}
$stmt = $db->prepare($sql);
$stmt->execute([$status]);
return $stmt->fetchAll();
}
// Pobranie ustawień
function getSetting($key, $default = '') {
$db = getDB();
$stmt = $db->prepare("SELECT setting_value FROM settings WHERE setting_key = ?");
$stmt->execute([$key]);
$result = $stmt->fetch();
return $result ? $result['setting_value'] : $default;
}
// Aktualizacja ustawienia
function updateSetting($key, $value) {
$db = getDB();
$stmt = $db->prepare("
INSERT INTO settings (setting_key, setting_value)
VALUES (?, ?)
ON DUPLICATE KEY UPDATE setting_value = ?
");
return $stmt->execute([$key, $value, $value]);
}
// Zapisywanie strony
function savePage($data) {
$db = getDB();
// Jeśli nie ma slug, generuj z tytułu
if (empty($data['slug'])) {
$data['slug'] = createSlug($data['title']);
}
if (isset($data['id']) && $data['id']) {
// Aktualizacja
$stmt = $db->prepare("
UPDATE pages SET
title = ?,
slug = ?,
content = ?,
meta_description = ?,
meta_keywords = ?,
template = ?,
status = ?,
featured_image = ?
WHERE id = ?
");
return $stmt->execute([
$data['title'],
$data['slug'],
$data['content'],
$data['meta_description'] ?? '',
$data['meta_keywords'] ?? '',
$data['template'] ?? 'default',
$data['status'] ?? 'draft',
$data['featured_image'] ?? null,
$data['id']
]);
} else {
// Nowa strona
$stmt = $db->prepare("
INSERT INTO pages (title, slug, content, meta_description, meta_keywords, template, author_id, status, featured_image)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
");
return $stmt->execute([
$data['title'],
$data['slug'],
$data['content'],
$data['meta_description'] ?? '',
$data['meta_keywords'] ?? '',
$data['template'] ?? 'default',
$data['author_id'],
$data['status'] ?? 'draft',
$data['featured_image'] ?? null
]);
}
}
// Usuwanie strony
function deletePage($id) {
$db = getDB();
$stmt = $db->prepare("DELETE FROM pages WHERE id = ?");
return $stmt->execute([$id]);
}
// Pobranie menu
function getMenu($location) {
$db = getDB();
$stmt = $db->prepare("
SELECT mi.*
FROM menu_items mi
JOIN menus m ON mi.menu_id = m.id
WHERE m.location = ?
ORDER BY mi.sort_order ASC
");
$stmt->execute([$location]);
return $stmt->fetchAll();
}
// Upload pliku
function uploadFile($file, $allowedTypes = ['image/jpeg', 'image/png', 'image/gif']) {
if (!isset($file['error']) || $file['error'] !== UPLOAD_ERR_OK) {
return ['success' => false, 'message' => 'Błąd podczas przesyłania pliku'];
}
if (!in_array($file['type'], $allowedTypes)) {
return ['success' => false, 'message' => 'Niedozwolony typ pliku'];
}
if ($file['size'] > MAX_UPLOAD_SIZE) {
return ['success' => false, 'message' => 'Plik jest za duży'];
}
$extension = pathinfo($file['name'], PATHINFO_EXTENSION);
$filename = uniqid() . '.' . $extension;
$filepath = UPLOAD_DIR . $filename;
if (!is_dir(UPLOAD_DIR)) {
mkdir(UPLOAD_DIR, 0755, true);
}
if (move_uploaded_file($file['tmp_name'], $filepath)) {
// Zapisz do bazy
$db = getDB();
$stmt = $db->prepare("
INSERT INTO media (filename, original_name, file_path, file_type, file_size, mime_type, uploaded_by)
VALUES (?, ?, ?, ?, ?, ?, ?)
");
$stmt->execute([
$filename,
$file['name'],
$filepath,
$extension,
$file['size'],
$file['type'],
$_SESSION['user_id'] ?? 1
]);
return [
'success' => true,
'filename' => $filename,
'url' => UPLOAD_URL . $filename,
'id' => $db->lastInsertId()
];
}
return ['success' => false, 'message' => 'Nie udało się zapisać pliku'];
}
// Logowanie aktywności
function logActivity($action, $entityType = null, $entityId = null) {
$db = getDB();
$stmt = $db->prepare("
INSERT INTO activity_logs (user_id, action, entity_type, entity_id, ip_address, user_agent)
VALUES (?, ?, ?, ?, ?, ?)
");
return $stmt->execute([
$_SESSION['user_id'] ?? null,
$action,
$entityType,
$entityId,
$_SERVER['REMOTE_ADDR'] ?? null,
$_SERVER['HTTP_USER_AGENT'] ?? null
]);
}
// Formatowanie daty
function formatDate($date, $format = 'd.m.Y H:i') {
return date($format, strtotime($date));
}
// Pobieranie kategorii strony
function getPageCategories($pageId) {
$db = getDB();
$stmt = $db->prepare("
SELECT c.*
FROM categories c
JOIN page_categories pc ON c.id = pc.category_id
WHERE pc.page_id = ?
");
$stmt->execute([$pageId]);
return $stmt->fetchAll();
}
?>
Reference in New Issue View Git Blame Copy Permalink