function _getLevelsCreateForm($iLevelId, $bActive = false)
{
$sSubmitUrl = BX_DOL_URL_ADMIN . 'memb_levels.php';
$aLevel = array();
if (($bEdit = $iLevelId != 0) === true) {
$aLevel = $GLOBALS['MySQL']->getRow("SELECT `Name` AS `Name`, `Description` AS `Description`, `Order` AS `Order` FROM `sys_acl_levels` WHERE `ID`='" . $iLevelId . "' LIMIT 1");
}
$aForm = array('form_attrs' => array('id' => 'adm-mlevels-create', 'action' => $sSubmitUrl . '?tab=levels_add', 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => 'sys_acl_levels', 'key' => 'ID', 'uri' => '', 'uri_title' => '', 'submit_name' => 'Submit')), 'inputs' => array('Active' => array('type' => 'hidden', 'name' => 'Active', 'value' => 'no', 'db' => array('pass' => 'Xss')), 'Purchasable' => array('type' => 'hidden', 'name' => 'Purchasable', 'value' => 'yes', 'db' => array('pass' => 'Xss')), 'Removable' => array('type' => 'hidden', 'name' => 'Removable', 'value' => 'yes', 'db' => array('pass' => 'Xss')), 'Name' => array('type' => 'text', 'name' => 'Name', 'caption' => _t('_adm_txt_mlevels_name'), 'value' => isset($aLevel['Name']) ? $aLevel['Name'] : '', 'required' => true, 'db' => array('pass' => 'Xss'), 'checker' => array('func' => 'length', 'params' => array(3, 100), 'error' => _t('_adm_txt_mlevels_name_err'))), 'Icon' => array('type' => 'file', 'name' => 'Icon', 'caption' => _t('_adm_txt_mlevels_icon'), 'required' => true, 'checker' => array('func' => '', 'params' => '', 'error' => _t('_adm_txt_mlevels_icon_err'))), 'Description' => array('type' => 'textarea', 'name' => 'Description', 'caption' => _t('_adm_txt_mlevels_description'), 'value' => isset($aLevel['Description']) ? $aLevel['Description'] : '', 'db' => array('pass' => 'XssHtml')), 'Order' => array('type' => 'text', 'name' => 'Order', 'caption' => _t('_adm_txt_mlevels_order'), 'value' => isset($aLevel['Order']) ? $aLevel['Order'] : 0, 'required' => true, 'db' => array('pass' => 'Int'), 'checker' => array('func' => 'preg', 'params' => array('/^[1-9][0-9]*$/'), 'error' => _t('_adm_txt_mlevels_order_err'))), 'Submit' => array('type' => 'submit', 'name' => 'Submit', 'value' => _t('_adm_btn_mlevels_add'))));
//--- Convert Add to Edit
if ($bEdit) {
unset($aForm['inputs']['Active']);
unset($aForm['inputs']['Purchasable']);
unset($aForm['inputs']['Removable']);
unset($aForm['inputs']['Icon']);
$aForm['form_attrs']['action'] = $sSubmitUrl . '?action=edit&level=' . $iLevelId;
$aForm['inputs']['Submit']['value'] = _t('_adm_btn_mlevels_save');
$aForm['inputs']['ID'] = array('type' => 'hidden', 'name' => 'ID', 'value' => $iLevelId, 'db' => array('pass' => 'Int'));
}
$oForm = new BxTemplFormView($aForm);
$oForm->initChecker();
if ($oForm->isSubmittedAndValid()) {
//--- Add new level
if (!$bEdit) {
$sFilePath = BX_DIRECTORY_PATH_ROOT . 'media/images/membership/';
$sFileName = time();
$sFileExt = '';
if ($GLOBALS['MySQL']->getOne("SELECT `Name` FROM `sys_acl_levels` WHERE `Name`='" . $oForm->getCleanValue('Name') . "' LIMIT 1")) {
$oForm->aInputs['Name']['error'] = _t('_adm_txt_mlevels_name_err_non_uniq');
} elseif (isImage($_FILES['Icon']['type'], $sFileExt) && !empty($_FILES['Icon']['tmp_name']) && move_uploaded_file($_FILES['Icon']['tmp_name'], $sFilePath . $sFileName . '.' . $sFileExt)) {
$sPath = $sFilePath . $sFileName . '.' . $sFileExt;
imageResize($sPath, $sPath, 110, 110);
$iId = (int) $oForm->insert(array('Icon' => $sFileName . '.' . $sFileExt));
if ($iId != 0) {
$sName = $oForm->getCleanValue('Name');
addStringToLanguage('_adm_txt_mp_' . strtolower($sName), $sName);
}
header('Location: ' . $sSubmitUrl);
exit;
} else {
$oForm->aInputs['Icon']['error'] = $oForm->aInputs['Icon']['checker']['error'];
}
} else {
$bResult = $oForm->update($iLevelId);
if ($bResult !== false) {
deleteStringFromLanguage('_adm_txt_mp_' . strtolower($aLevel['Name']));
$sName = $oForm->getCleanValue('Name');
addStringToLanguage('_adm_txt_mp_' . strtolower($sName), $sName);
}
header('Location: ' . $sSubmitUrl);
exit;
}
}
return $GLOBALS['oAdmTemplate']->parseHtmlByName('mlevels_create.html', array('display' => $bActive ? 'block' : 'none', 'form' => $oForm->getCode()));
}
function PageCodeCreate()
{
$aForm = array('form_attrs' => array('id' => 'adm-mlevels-create', 'action' => $GLOBALS['site']['url_admin'] . 'memb_levels.php', 'method' => 'post', 'enctype' => 'multipart/form-data'), 'params' => array('db' => array('table' => 'sys_acl_levels', 'key' => 'ID', 'uri' => '', 'uri_title' => '', 'submit_name' => 'submit')), 'inputs' => array('Active' => array('type' => 'hidden', 'name' => 'Active', 'value' => 'no', 'db' => array('pass' => 'Xss')), 'Purchasable' => array('type' => 'hidden', 'name' => 'Purchasable', 'value' => 'yes', 'db' => array('pass' => 'Xss')), 'Removable' => array('type' => 'hidden', 'name' => 'Removable', 'value' => 'yes', 'db' => array('pass' => 'Xss')), 'Name' => array('type' => 'text', 'name' => 'name', 'caption' => _t('_adm_txt_mlevels_name'), 'value' => '', 'db' => array('pass' => 'Xss'), 'checker' => array('func' => 'length', 'params' => array(3, 100), 'error' => _t('_adm_txt_mlevels_name_err'))), 'Icon' => array('type' => 'file', 'name' => 'Icon', 'caption' => _t('_adm_txt_mlevels_icon'), 'value' => '', 'checker' => array('func' => '', 'params' => '', 'error' => _t('_adm_txt_mlevels_icon_err'))), 'Description' => array('type' => 'textarea', 'name' => 'description', 'caption' => _t('_adm_txt_mlevels_description'), 'value' => '', 'db' => array('pass' => 'XssHtml')), 'submit' => array('type' => 'submit', 'name' => 'submit', 'value' => _t('_adm_btn_mlevels_add'))));
$oForm = new BxTemplFormView($aForm);
$oForm->initChecker();
$bFile = true;
$sFilePath = BX_DIRECTORY_PATH_ROOT . 'media/images/membership/';
$sFileName = time();
$sFileExt = '';
if ($oForm->isSubmittedAndValid() && ($bFile = isImage($_FILES['Icon']['type'], $sFileExt) && !empty($_FILES['Icon']['tmp_name']) && move_uploaded_file($_FILES['Icon']['tmp_name'], $sFilePath . $sFileName . '.' . $sFileExt))) {
$sPath = $sFilePath . $sFileName . '.' . $sFileExt;
imageResize($sPath, $sPath, 110, 110);
$iId = (int) $oForm->insert(array('Icon' => $sFileName . '.' . $sFileExt));
if ($iId != 0) {
addStringToLanguage("_adm_txt_mp_" . strtolower(bx_get('name')), bx_get('name'));
}
header('Location: ' . $oForm->aFormAttrs['action']);
} else {
if (!$bFile) {
$oForm->aInputs['Icon']['error'] = $oForm->aInputs['Icon']['checker']['error'];
}
return DesignBoxAdmin(_t('_adm_box_cpt_mlevel_create'), $GLOBALS['oAdmTemplate']->parseHtmlByName('design_box_content.html', array('content' => $oForm->getCode())));
}
}
/**
* Perform edit ar add field database actions
* @param
*/
function edit_or_add_field()
{
// Get field type.
$field_type = $_POST['field_type'];
// Select old field values
if ('add' != $_GET['action']) {
$q_str = "SELECT * FROM `ProfilesDesc` WHERE `ID` = {$_GET['ID']}";
$field = db_arr($q_str);
}
// Get new field order.
if ('add' == $_GET['action']) {
$order = get_field_order($_POST['insert_after']);
}
// Get field name.
$name = process_pass_data($_POST['field_name']);
$name = str_replace(' ', '_', $name);
$name = str_replace("'", '_', $name);
// Get caption and determ if it was changed
if ('add' == $_GET['action']) {
$namedisp = '_' . $name . '_caption';
$namedisp_changed = true;
} else {
if ($_POST['caption'] == _t($field['namedisp'])) {
$namedisp = $field['namedisp'];
$namedisp_changed = false;
} else {
$namedisp = '_' . $name . '_caption';
$namedisp_changed = true;
}
}
// Get field description.
if ('add' == $_GET['action']) {
$namenote = $_POST['desc'] ? '_' . $name . '_desc' : '';
$namenote_changed = true;
} else {
if ($_POST['desc'] == _t($field['namenote'])) {
$namenote = $field['namedisp'];
$namenote_changed = false;
} else {
$namenote = $_POST['desc'] ? '_' . $name . '_desc' : '';
$namenote_changed = true;
}
}
// Get user visibility.
$visible = '';
if ('on' == $_POST['visible_to_visitor']) {
$visible .= 'user';
}
if ('on' == $_POST['visible_to_member']) {
$visible = cat_string($visible, 'memb');
}
if ('on' == $_POST['visible_to_admin']) {
$visible = cat_string($visible, 'adm');
}
// Get user edit possibility.
$editable = '';
if ('on' == $_POST['editable_for_member']) {
$editable .= 'memb';
}
if ('on' == $_POST['editable_for_admin']) {
$editable = cat_string($editable, 'adm');
}
// Get page visibility.
$show_on_page = '';
if ('on' == $_POST['show_on_all']) {
$show_on_page = '0';
}
if ('on' == $_POST['show_on_join']) {
$show_on_page = cat_string($show_on_page, '3');
}
if ('on' == $_POST['show_on_view_profile']) {
$show_on_page = cat_string($show_on_page, '7');
}
if ('on' == $_POST['show_on_edit_profile']) {
$show_on_page = cat_string($show_on_page, '25');
}
// Generate extra field content.
$extra = '';
switch ($field_type) {
case 'p':
case 'c':
$extra = (int) $_POST['edit_box_length'];
break;
case 'date':
$extra = process_db_input($_POST['edit_box_length']);
break;
case 'e':
case 'rb':
case 'set':
$temp = explode("\r\n", $_POST['choices']);
$extra = '';
foreach ($temp as $value) {
$value = process_pass_data($value);
$value = str_replace("'", '`', $value);
$replace_arr = array(' ', '.', ',', "\\");
$value = str_replace($replace_arr, '_', $value);
$extra = cat_string($extra, "\\'{$value}\\'");
}
$result = db_arr("SHOW COLUMNS FROM `Profiles` LIKE '{$name}'");
$extratmp = str_replace("\\", "", $extra);
// Alter existing field
if ($result['Default']) {
$alter_field_type = $field_type == 'set' ? "SET({$extratmp})" : "ENUM({$extratmp})";
if (strstr($extratmp, "'" . $result['Default'] . "'")) {
db_res("ALTER TABLE `Profiles` MODIFY `{$name}` {$alter_field_type} NOT NULL DEFAULT '{$result['Default']}'");
} else {
$defval = substr($extratmp, 0, strpos($extratmp, ","));
db_res("ALTER TABLE `Profiles` MODIFY `{$name}` {$alter_field_type} NOT NULL DEFAULT {$defval}");
}
}
break;
case 'a':
$extra = (int) $_POST['memo_rows'] . "x" . (int) $_POST['memo_cols'];
break;
}
// Generate check script.
if ('Email' != $name && 'Email,Email1' != $name && 'NickName' != $name && 'Password,Password1' != $name) {
if ($_POST['min_value'] && $_POST['max_value']) {
$check = 'return (strlen($arg0) >= ' . $_POST['min_value'] . ' && strlen($arg0) <= ' . $_POST['max_value'] . ' ) ? true : false;';
} else {
if ($_POST['min_value']) {
$check = 'return (strlen($arg0) >= ' . $_POST['min_value'] . ') ? true : false;';
} else {
if ($_POST['max_value']) {
$check = 'return (strlen($arg0) <= ' . $_POST['max_value'] . ') ? true : false;';
} else {
if ('on' == $_POST['mandatory']) {
$check = 'return strlen($arg0) > 0 ? true : false;';
}
}
}
}
} else {
$length_check = $_POST['min_value'] ? 'strlen($arg0) >= ' . $_POST['min_value'] . ' && ' : "";
$length_check .= $_POST['max_value'] ? ' strlen($arg0) <= ' . $_POST['max_value'] . ' && ' : "";
if ('Email' == $name) {
$check = 'return (' . $length_check . 'strstr($arg0,"@") && strstr($arg0,".") && conf_email($arg0,$_COOKIE[memberID])) ? true : false;';
} else {
if ('NickName' == $name) {
$check = 'return (' . $length_check . 'conf_nick($arg0,$_COOKIE[memberID]) && preg_match("/^[0-9A-Za-z]+$/",$arg0)) ? true : false;';
} else {
if ('Password,Password1' == $name) {
$check = 'return (' . $length_check . '!strcmp($arg0,$_POST[Password2])) ? true : false;';
} else {
if ('Email,Email1' == $name) {
$check = 'return (eregi("^[_\\.0-9a-z-]+@([0-9a-z][0-9a-z-]+\\.)+[a-z]{2,4}$", $arg0) && !strcmp($arg0,$_POST[Email2]) && conf_email($arg0,$_COOKIE[memberID])) ? true : false;';
} else {
$check = '';
}
}
}
}
}
// Generate error message.
if ('add' == $_GET['action']) {
$err_msg = '_' . $name . '_err_msg';
$err_msg_changed = true;
} else {
if ($_POST['err_msg'] == _t($field['because'])) {
$err_msg = $field['because'];
$err_msg_changed = false;
} else {
$err_msg = '_' . $name . '_err_msg';
$err_msg_changed = true;
}
}
// Generate search type.
$search_type = $_POST['search_t'] ? $_POST['search_t'] : 'none';
// Generate 'search_hide' value.
$search_hide = 0;
if ('on' == $_POST['search_hidden']) {
$search_hide = 1;
}
// Generate 'search_cols' value.
$search_cols = $_POST['search_cols'] ? (int) $_POST['search_cols'] : 0;
// Generate 'search_order' value.
$q_str = 'SELECT `search_order` FROM `ProfilesDesc` ORDER BY `search_order` DESC LIMIT 1';
$row = db_arr($q_str);
$search_order = $row['search_order'] + 1;
// Generate match type
$match_type = $_POST['match_t'] ? $_POST['match_t'] : 'none';
// Generate match field
$match_field = $_POST['match_f'] && $_POST['match_f'] != 'none' ? $_POST['match_f'] : '';
// Generate match extra
$match_extra = $_POST['match_perc'] ? $_POST['match_perc'] : '';
$min_length = process_db_input($_POST['min_value']);
$max_length = process_db_input($_POST['max_value']);
if ('add' == $_GET['action']) {
// Generate query to add record to ProfilesDesc.
$q_str = "INSERT INTO `ProfilesDesc` (`name`, `namedisp`, `namenote`, `extra`, `type`, `order`, `visible`, `editable`, `show_on_page`, `check`, `because`, `min_length`, `max_length`, `search_type`, `search_hide`, `search_cols`, `search_order`, `match_type`, `match_field`, `match_extra`)";
$q_str .= "VALUES ('{$name}', '{$namedisp}', '{$namenote}', '{$extra}', '{$field_type}', '{$order}', '{$visible}', '{$editable}', '{$show_on_page}', '{$check}', '{$err_msg}', '{$min_length}', '{$max_length}', '{$search_type}', '{$search_hide}', '{$search_cols}', '{$search_order}', '{$match_type}', '{$match_field}', '{$match_extra}')";
} elseif ('edit' == $_GET['action']) {
$namedisp_sql = $namedisp_changed ? "`namedisp` = '{$namedisp}'," : "";
$namenote_sql = $namenote_changed ? "`namenote` = '{$namenote}'," : "";
$err_msg_sql = $err_msg_changed ? "`because` = '{$err_msg}'," : "";
$q_str = "UPDATE `ProfilesDesc` SET {$namedisp_sql} {$namenote_sql} `extra` = '{$extra}', `visible` = '{$visible}', `editable` = '{$editable}', `show_on_page` = '{$show_on_page}', `check` = '{$check}', {$err_msg_sql} `min_length` = '{$min_length}', `max_length` = '{$max_length}', `search_type` = '{$search_type}', `search_hide` = '{$search_hide}', `search_cols` = '{$search_cols}', `match_type` = '{$match_type}', `match_field` = '{$match_field}', `match_extra` = '{$match_extra}' WHERE ID = {$_GET['ID']}";
}
// Execute query.
db_res($q_str);
$type = '';
// Generate field type for Profiles table.
switch ($field_type) {
case 'c':
$type = 'VARCHAR(255)';
break;
case 'e':
case 'rb':
$arr = explode("\r\n", $_POST['choices']);
$type = '';
foreach ($arr as $value) {
$value = process_pass_data($value);
$value = str_replace("'", '`', $value);
$replace_arr = array(' ', '.', ',', "\\");
$value = str_replace($replace_arr, '_', $value);
$type = cat_string($type, "'{$value}'");
}
$type = "ENUM ({$type})";
break;
case 'a':
$type = 'MEDIUMTEXT';
break;
case 'set':
$arr = explode("\r\n", $_POST['choices']);
$type = '';
foreach ($arr as $value) {
$value = process_pass_data($value);
$value = str_replace("'", '`', $value);
$replace_arr = array(' ', '.', ',', "\\");
$value = str_replace($replace_arr, '_', $value);
$type = cat_string($type, "'{$value}'");
}
$type = "SET ({$type})";
break;
}
if ($field_type != '0' && 'add' == $_GET['action']) {
// Generate query to add new field to Profiles.
$vals = split(",", $name);
$db_name = $vals[0];
$q_str = "ALTER TABLE `Profiles` ADD `{$db_name}` {$type} NOT NULL";
db_res($q_str);
}
// Generate language file content.
$lang_file = '';
$langFailFields = '';
if ($namedisp_changed) {
$lang_file .= "'{$_POST['caption']}';<br />";
if (!addStringToLanguage($namedisp, $_POST['caption']) && !updateStringInLanguage($namedisp, $_POST['caption'])) {
$langFailFields .= "'{$namedisp}';<br />";
}
}
if ($namenote_changed && $namenote) {
$lang_file .= "'{$_POST['desc']}';<br />";
if (!addStringToLanguage($namenote, $_POST['desc']) && !updateStringInLanguage($namenote, $_POST['desc'])) {
$langFailFields .= "'{$namenote}';<br />";
}
}
// Error message.
if ($err_msg_changed) {
$lang_file .= "'{$_POST['err_msg']}';<br />";
if (!addStringToLanguage($err_msg, $_POST['err_msg']) && !updateStringInLanguage($err_msg, $_POST['err_msg'])) {
$langFailFields .= "'{$err_msg}';<br />";
}
}
// Drop-down box options.
if ($_POST['choices']) {
$arr = explode("\r\n", $_POST['choices']);
foreach ($arr as $value) {
$value = process_pass_data($value);
$entered_value = $value;
$value = str_replace("'", '`', $value);
$replace_arr = array(' ', '.', ',', "\\");
$value = str_replace($replace_arr, '_', $value);
$lang_file .= "'{$entered_value}';<br />";
if (!addStringToLanguage("_{$value}", $entered_value) && !updateStringInLanguage("_{$value}", $entered_value)) {
$langFailFields .= "'{$entered_value}';<br />";
}
}
}
// Compile language files if needed
if (strlen($lang_file)) {
compileLanguage();
}
if ('add' == $_GET['action']) {
echo "<p><span style=\"color:#ff6666;font-weight:bold\">New field has been added.</span></p>";
} else {
if ('edit' == $_GET['action']) {
echo "<p><span style=\"color:#ff6666;font-weight:bold\">Field has been updated.</span></p>";
}
}
if (strlen($lang_file)) {
echo "Following strings were added or updated in your language files:<br />";
echo "<pre>{$lang_file}</pre>";
if (strlen($langFailFields)) {
echo "Fail to insert or update following strings:<br />";
echo "<pre>{$langFailFields}</pre>";
}
}
echo "<p><a href=\"profile_fields.php\">Continue</a></p>";
}
function install($aParams)
{
$oModuleDb = new BxDolModuleDb();
$sTitle = _t('_adm_txt_modules_operation_install', $this->_aConfig['title']);
//--- Check whether the module was already installed ---//
if ($oModuleDb->isModule($this->_aConfig['home_uri'])) {
return array('operation_title' => $sTitle, 'message' => _t('_adm_txt_modules_already_installed'), 'result' => false);
}
//--- Check version compatibility ---//
$bCompatible = false;
if (isset($this->_aConfig['compatible_with']) && is_array($this->_aConfig['compatible_with'])) {
foreach ($this->_aConfig['compatible_with'] as $iKey => $sVersion) {
$sVersion = '/^' . str_replace(array('.', 'x'), array('\\.', '[0-9]+'), $sVersion) . '$/is';
$bCompatible = $bCompatible || preg_match($sVersion, $GLOBALS['site']['ver'] . '.' . $GLOBALS['site']['build']) > 0;
}
}
if (!$bCompatible) {
return array('operation_title' => $sTitle, 'message' => $this->_displayResult('check_script_version', false, '_adm_txt_modules_wrong_version_script'), 'result' => false);
}
//--- Check actions ---//
$aResult = $this->_perform('install', 'Installation');
if ($aResult['result']) {
$sDependencies = "";
if (isset($this->_aConfig['install']['check_dependencies']) && (int) $this->_aConfig['install']['check_dependencies'] == 1 && isset($this->_aConfig['dependencies']) && is_array($this->_aConfig['dependencies'])) {
$sDependencies = implode(',', array_keys($this->_aConfig['dependencies']));
}
db_res("INSERT IGNORE INTO `sys_modules`(`title`, `vendor`, `version`, `update_url`, `path`, `uri`, `class_prefix`, `db_prefix`, `dependencies`, `date`) VALUES ('" . $this->_aConfig['title'] . "', '" . $this->_aConfig['vendor'] . "', '" . $this->_aConfig['version'] . "', '" . $this->_aConfig['update_url'] . "', '" . $this->_aConfig['home_dir'] . "', '" . $this->_aConfig['home_uri'] . "', '" . $this->_aConfig['class_prefix'] . "', '" . $this->_aConfig['db_prefix'] . "', '" . $sDependencies . "', UNIX_TIMESTAMP())");
$iModuleId = (int) db_last_id();
addStringToLanguage(BxDolModule::getTitleKey($this->_aConfig['home_uri']), $this->_aConfig['title']);
compileLanguage();
$aFiles = array();
$this->_hash($this->_sModulePath, $aFiles);
foreach ($aFiles as $aFile) {
db_res("INSERT IGNORE INTO `sys_modules_file_tracks`(`module_id`, `file`, `hash`) VALUES('" . $iModuleId . "', '" . $aFile['file'] . "', '" . $aFile['hash'] . "')");
}
$GLOBALS['MySQL']->cleanMemory('sys_modules_' . $this->_aConfig['home_uri']);
$GLOBALS['MySQL']->cleanMemory('sys_modules_' . $iModuleId);
$GLOBALS['MySQL']->cleanMemory('sys_modules');
}
$aResult['operation_title'] = $sTitle;
return $aResult;
}
