function insert($aValsToAdd = array()) { $aValsToAdd['client_id'] = strtolower(genRndPwd(self::$LENGTH_ID, false)); $aValsToAdd['client_secret'] = strtolower(genRndPwd(self::$LENGTH_SECRET, false)); $aValsToAdd['scope'] = 'basic'; $aValsToAdd['user_id'] = getLoggedId(); return parent::insert($aValsToAdd); }
function generateUserNewPwd($ID) { $sPwd = genRndPwd(); $sSalt = genRndSalt(); $sQuery = "\n UPDATE `Profiles`\n SET\n `Password` = '" . encryptUserPwd($sPwd, $sSalt) . "',\n `Salt` = '{$sSalt}'\n WHERE\n `ID`='{$ID}'\n "; db_res($sQuery); createUserDataFile($ID); require_once BX_DIRECTORY_PATH_CLASSES . 'BxDolAlerts.php'; $oZ = new BxDolAlerts('profile', 'edit', $ID); $oZ->alert(); return $sPwd; }
function start() { if (defined('BX_DOL_CRON_EXECUTE')) { return true; } if ($this->exists($this->sId)) { return true; } $this->sId = genRndPwd(32, true); $aUrl = parse_url(BX_DOL_URL_ROOT); $sPath = isset($aUrl['path']) && !empty($aUrl['path']) ? $aUrl['path'] : '/'; setcookie(BX_DOL_SESSION_COOKIE, $this->sId, 0, $sPath, '', false, true); $this->save(); return true; }
protected function genRandName($isCheckForUniq = true) { $sRandName = genRndPwd(32, false); if ($isCheckForUniq) { $iTries = 10; do { $aFile = $this->_oDb->getFileByRemoteId($sRandName); $bExist = is_array($aFile) && $aFile; } while (--$iTries && $bExist); } return $sRandName; }
/** * Create new profile; * * @param : $aProfileInfo (array) - remote profile's information; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { $sCountry = ''; $sCity = ''; // join by invite only if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { return _t('_registration by invitation only'); } // convert fields $aProfileFields = $this->_convertRemoteFields($aProfileInfo, $sAlternativeName); if (empty($aProfileFields['Email'])) { return _t('_Incorrect Email'); } // antispam check bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join oauth') || $oBxDolStopForumSpam->isSpammer(array('email' => $aProfileFields['Email'], 'ip' => getVisitorIP(false)), 'join oauth')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } // add some system values $sNewPassword = genRndPwd(); $sPasswordSalt = genRndSalt(); $aProfileFields['Password'] = encryptUserPwd($sNewPassword, $sPasswordSalt); $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; // set default privacy bx_import('BxDolPrivacyQuery'); $oPrivacy = new BxDolPrivacyQuery(); $aProfileFields['allow_view_to'] = $oPrivacy->getDefaultValueModule('profile', 'view_block'); // check if user with the same email already exists $iExistingProfileId = $this->_oDb->isEmailExisting($aProfileFields['Email']); // check redirect page if ('join' == $this->_oConfig->sRedirectPage && !$iExistingProfileId) { return array('remote_profile_info' => $aProfileInfo, 'profile_fields' => $aProfileFields, 'join_page_redirect' => true); } // create new profile if ($iExistingProfileId) { $iProfileId = $iExistingProfileId; } else { $iProfileId = $this->_oDb->createProfile($aProfileFields); } $oProfileFields = new BxDolProfilesController(); // remember remote profile id for created member $this->_oDb->saveRemoteId($iProfileId, $aProfileInfo['id']); // check profile status; if (!$iExistingProfileId) { if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); // send email notification if (!empty($aProfileInfo['email'])) { $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate($this->_oConfig->sEmailTemplatePasswordGenerated, $iProfileId); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => getNickName($aNewProfileInfo['ID']), 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } // update location if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iProfileId)); } // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); } // store IP bx_member_ip_store($iProfileId); // auto-friend members if they are already friends on remote site if ($isAutoFriends && method_exists($this, '_makeFriends')) { $this->_makeFriends($iProfileId); } // set logged if ($isSetLoggedIn) { $aProfile = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfile['Password'], '', false); } return array('remote_profile_info' => $aProfileInfo, 'profile_id' => $iProfileId, 'existing_profile' => $iExistingProfileId ? true : false); }
function genCsrfToken($bReturn = false) { if ($GLOBALS['MySQL']->getParam('sys_security_form_token_enable') != 'on' || defined('BX_DOL_CRON_EXECUTE')) { return; } $oSession = BxDolSession::getInstance(); $iCsrfTokenLifetime = (int) $GLOBALS['MySQL']->getParam('sys_security_form_token_lifetime'); if ($oSession->getValue('csrf_token') === false || $iCsrfTokenLifetime != 0 && time() - (int) $oSession->getValue('csrf_token_time') > $iCsrfTokenLifetime) { $sToken = genRndPwd(20, true); $oSession->setValue('csrf_token', $sToken); $oSession->setValue('csrf_token_time', time()); } else { $sToken = $oSession->getValue('csrf_token'); } if ($bReturn) { return $sToken; } }
/** * Generate new password. */ protected function generateUserNewPwd($iAccountId) { $sPwd = genRndPwd(); $sSalt = genRndSalt(); $sPasswordHash = encryptUserPwd($sPwd, $sSalt); $this->_oAccountQuery->updatePassword($sPasswordHash, $sSalt, $iAccountId); bx_alert('account', 'edit', $iAccountId, $iAccountId, array('action' => 'forgot_password')); return $sPwd; }
function registerMember() { $oPC = new BxDolProfilesController(); $oZ = new BxDolAlerts('profile', 'before_join', 0, 0, $this->aValues[0]); $oZ->alert(); $aProfile1 = $this->oPF->getProfileFromValues($this->aValues[0]); if (empty($aProfile1['NickName'])) { $aProfile1['NickName'] = uriGenerate(empty($aProfile1['FirstName']) ? genRndPwd(10, false) : $aProfile1['FirstName'], 'Profiles', 'NickName'); } list($iId1, $sStatus1) = $oPC->createProfile($aProfile1); //--- check whether profile was created successfully or not if (!$iId1) { if (isset($aProfile1['ProfilePhoto']) && !empty($aProfile1['ProfilePhoto'])) { @unlink($GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto']); } return array(false, 'Fail'); } //--- check for couple profile if ($this->bCouple) { $aProfile2 = $this->oPF->getProfileFromValues($this->aValues[1]); list($iId2, $sStatus2) = $oPC->createProfile($aProfile2, false, $iId1); if (!$iId2) { $oPC->deleteProfile($iId1); return array(false, 'Fail'); } } //--- upload profile photo if (isset($aProfile1['ProfilePhoto']) && !empty($aProfile1['ProfilePhoto'])) { $sPass1 = getPassword($iId1); bx_login($iId1); check_logged(); BxDolService::call('avatar', 'set_image_for_cropping', array($iId1, $GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto'])); if (BxDolRequest::serviceExists('photos', 'perform_photo_upload', 'Uploader')) { $aFileInfo = array('medTitle' => _t('_sys_member_thumb_avatar'), 'medDesc' => _t('_sys_member_thumb_avatar'), 'medTags' => _t('_ProfilePhotos'), 'Categories' => array(_t('_ProfilePhotos')), 'album' => str_replace('{nickname}', getUsername($iId1), getParam('bx_photos_profile_album_name')), 'albumPrivacy' => BX_DOL_PG_ALL); BxDolService::call('photos', 'perform_photo_upload', array($GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto'], $aFileInfo, false), 'Uploader'); } } if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iId1)); } //--- create system event bx_import('BxDolAlerts'); $oZ = new BxDolAlerts('profile', 'join', $iId1, 0, array('status_text' => &$sStatus1)); $oZ->alert(); return array($iId1, $sStatus1); }
/** * Cmts Player */ function serviceResponseCmtsPlayer($oAlert) { if (!($iFileId = (int) $oAlert->iObject)) { return false; } if (!($aFile = $this->_oDb->getRow("SELECT * FROM `RayVideo_commentsFiles` WHERE `ID` = {$iFileId}"))) { return false; } global $sIncPath; global $sModulesPath; global $sFilesPath; global $sFilesUrl; global $oDb; require_once $sIncPath . 'db.inc.php'; $sModule = "video_comments"; $sModulePath = $sModulesPath . $sModule . '/inc/'; require_once $sModulesPath . $sModule . '/inc/header.inc.php'; require_once $sModulesPath . $sModule . '/inc/constants.inc.php'; require_once $sModulesPath . $sModule . '/inc/functions.inc.php'; require_once $sModulesPath . $sModule . '/inc/customFunctions.inc.php'; $sOverride = false; switch ($aFile['Status']) { case VC_STATUS_DISAPPROVED: $sOverride = $this->_oTemplate->addCss(array('default.css', 'common.css', 'general.css'), true) . MsgBox(_t('_sys_media_disapproved')); break; case VC_STATUS_PENDING: case VC_STATUS_PROCESSING: $sOverride = $this->_oTemplate->addCss(array('default.css', 'common.css', 'general.css'), true) . MsgBox(_t('_sys_media_processing')); break; case VC_STATUS_APPROVED: if (file_exists($sFilesPath . $iFileId . VC_M4V_EXTENSION)) { $sToken = _getToken($iFileId); if (file_exists($sFilesPath . $iFileId . '.webm')) { $sSourceWebm = '<source type=\'video/webm; codecs="vp8, vorbis"\' src="' . BX_DOL_URL_ROOT . "flash/modules/video_comments/get_file.php?id=" . $iFileId . "&ext=webm&token=" . $sToken . '" />'; } $sFlash = $oAlert->aExtras['data']; $sId = 'bx-media-' . genRndPwd(8, false); $sOverride = ' <video controls preload="auto" autobuffer id="' . $sId . '"> ' . $sSourceWebm . ' <source src="' . BX_DOL_URL_ROOT . "flash/modules/video_comments/get_file.php?id=" . $iFileId . "&ext=m4v&token=" . $sToken . '" /> ' . (BX_H5AV_FALLBACK ? $sFlash : '<b>Can not playback media - your browser doesn\'t support HTML5 audio/video tag.</b>') . ' </video>' . ($sSourceWebm ? '' : '<script> var eMedia = document.createElement("video"); if (eMedia.canPlayType && !eMedia.canPlayType("video/x-m4v")) { var sReplace = "' . bx_js_string(BX_H5AV_FALLBACK ? $sFlash : '<b>Your browser doesn\'t support this media playback.</b>', BX_ESCAPE_STR_QUOTE) . '"; $("#' . $sId . '").replaceWith(sReplace); } </script>'); break; } case VC_STATUS_FAILED: default: if (!BX_H5AV_FALLBACK || !file_exists($sFilesPath . $iFileId . FLV_EXTENSION)) { $sOverride = $this->_oTemplate->addCss(array('default.css', 'common.css', 'general.css'), true) . MsgBox(_t('_sys_media_not_found')); } break; } if ($sOverride) { $oAlert->aExtras['data'] = $sOverride; } return true; }
/** * Create new profile; * * @param : $aProfileInfo (array) - remote profile's information; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or request invite form or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { // join by invite only if (BxDolRequest::serviceExists('bx_invites', 'account_add_form_check') && ($sCode = BxDolService::call('bx_invites', 'account_add_form_check'))) { return $sCode; } // convert fields to unique format $aFieldsProfile = $aFieldsAccount = $this->_convertRemoteFields($aProfileInfo, $sAlternativeName); if (empty($aFieldsProfile['email'])) { return _t('_Incorrect Email'); } // prepare fields for particular module $aFieldsAccount = BxDolService::call('system', 'prepare_fields', array($aFieldsAccount)); $aFieldsProfile = BxDolService::call($this->_oConfig->sProfilesModule, 'prepare_fields', array($aFieldsProfile)); // check fields existence in Account $oFormHelperAccount = BxDolService::call('system', 'forms_helper'); $oFormAccount = $oFormHelperAccount->getObjectFormAdd(); foreach ($aFieldsAccount as $sKey => $mValue) { if (!$oFormAccount->isFieldExist($sKey)) { unset($aFieldsAccount[$sKey]); } } // check fields existence in Profile if ('system' != $this->_oConfig->sProfilesModule && ($oFormHelperProfile = BxDolService::call($this->_oConfig->sProfilesModule, 'forms_helper'))) { $oFormProfile = $oFormHelperProfile->getObjectFormAdd(); foreach ($aFieldsProfile as $sKey => $mValue) { if (!$oFormProfile->isFieldExist($sKey)) { unset($aFieldsProfile[$sKey]); } } } // antispam check $sErrorMsg = ''; $bSetPendingApproval = false; bx_alert('account', 'check_join', 0, false, array('error_msg' => &$sErrorMsg, 'email' => $aFieldsAccount['email'], 'approve' => &$bSetPendingApproval)); if ($sErrorMsg) { return $sErrorMsg; } // check if user with the same email already exists $oExistingAccount = BxDolAccount::getInstance($aFieldsAccount['email']); // check redirect page if ('join' == $this->_oConfig->sRedirectPage && !$oExistingAccount) { return array('remote_profile_info' => $aProfileInfo, 'profile_fields' => $aFieldsAccount, 'join_page_redirect' => true); } // create new profile if ($oExistingAccount) { if (!($oExistingProfile = BxDolProfile::getInstanceByAccount($oExistingAccount->id()))) { return _t('_sys_txt_error_account_creation'); } $iProfileId = $oExistingProfile->id(); $this->setLogged($iProfileId); } else { // create account $aFieldsAccount['password'] = genRndPwd(); $aFieldsAccount['email_confirmed'] = $this->_oConfig->isAlwaysConfirmEmail; if (!($iAccountId = $oFormAccount->insert($aFieldsAccount))) { return _t('_sys_txt_error_account_creation'); } $isSetPendingApproval = $this->_oConfig->isAlwaysAutoApprove ? false : !(bool) getParam('sys_account_autoapproval'); $iAccountProfileId = $oFormHelperAccount->onAccountCreated($iAccountId, $isSetPendingApproval, BX_PROFILE_ACTION_EXTERNAL); // create profile if (isset($oFormProfile) && $oFormProfile) { $aFieldsProfile['picture'] = $this->_processImage($aFieldsProfile, $iAccountProfileId, $oFormHelperProfile); if (!($iContentId = $oFormProfile->insert($aFieldsProfile))) { return _t('_sys_txt_error_account_creation'); } $oFormHelperProfile->setAutoApproval($oFormHelperProfile->isAutoApproval() ? true : $this->_oConfig->isAlwaysAutoApprove); if ($sErrorMsg = $oFormHelperProfile->onDataAddAfter($iAccountId, $iContentId)) { return $sErrorMsg; } $oProfile = BxDolProfile::getInstanceByAccount($iAccountId); $iProfileId = $oProfile->id(); } else { $iProfileId = $iAccountProfileId; } // send email with password sendMailTemplate($this->_oConfig->sEmailTemplatePasswordGenerated, $iAccountId, $iProfileId, array('password' => $aFieldsAccount['password']), BX_EMAIL_SYSTEM); } // remember remote profile id for created member $this->_oDb->saveRemoteId($iProfileId, $aProfileInfo['id']); // auto-friend members if they are already friends on remote site if ($isAutoFriends && method_exists($this, '_makeFriends')) { $this->_makeFriends($iProfileId); } return array('remote_profile_info' => $aProfileInfo, 'profile_id' => $iProfileId, 'existing_profile' => $oExistingAccount ? true : false); }
/** * Create new profile; * * @param : $aProfileInfo (array) - some profile's information; * @see : $this -> aFacebookProfileFields; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { $sCountry = ''; $sCity = ''; //-- join by invite only --// if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { return _t('_registration by invitation only'); } //-- // process the date of birth; if (isset($aProfileInfo['birthday'])) { $aProfileInfo['birthday'] = isset($aProfileInfo['birthday']) ? date('Y-m-d', strtotime($aProfileInfo['birthday'])) : ''; } // generate new password for profile; $sNewPassword = genRndPwd(); $sPasswordSalt = genRndSalt(); $aProfileInfo['password'] = encryptUserPwd($sNewPassword, $sPasswordSalt); //-- define user's country and city --// $aLocation = array(); if (isset($aProfileInfo['location']['name'])) { $aLocation = $aProfileInfo['location']['name']; } else { if (isset($aProfileInfo['hometown']['name'])) { $aLocation = $aProfileInfo['hometown']['name']; } } if ($aLocation) { $aCountryInfo = explode(',', $aLocation); $sCountry = $this->_oDb->getCountryCode(trim($aCountryInfo[1])); $sCity = trim($aCountryInfo[0]); //set default country name, especially for American brothers if ($sCity && !$sCountry) { $sCountry = $this->_oConfig->sDefaultCountryCode; } } //-- //try define the user's email $sEmail = !empty($aProfileInfo['email']) ? $aProfileInfo['email'] : $aProfileInfo['proxied_email']; //-- fill array with all needed values --// $aProfileFields = array('NickName' => $aProfileInfo['nick_name'] . $sAlternativeName, 'Email' => $sEmail, 'Sex' => isset($aProfileInfo['gender']) ? $aProfileInfo['gender'] : '', 'DateOfBirth' => $aProfileInfo['birthday'], 'Password' => $aProfileInfo['password'], 'FullName' => (isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '') . (isset($aProfileInfo['last_name']) ? ' ' . $aProfileInfo['last_name'] : ''), 'DescriptionMe' => clear_xss(isset($aProfileInfo['bio']) ? $aProfileInfo['bio'] : ''), 'Interests' => isset($aProfileInfo['interests']) ? $aProfileInfo['interests'] : '', 'Religion' => isset($aProfileInfo['religion']) ? $aProfileInfo['religion'] : '', 'Country' => $sCountry, 'City' => $sCity); //-- bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join facebook') || $oBxDolStopForumSpam->isSpammer(array('email' => $aProfileFields['Email'], 'ip' => getVisitorIP(false)), 'join facebook')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } //-- add some system values --// $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; //-- $iExistingProfileId = $this->_oDb->isEmailExisting($sEmail); //check redirect page if ('join' == $this->_oConfig->sRedirectPage && !$iExistingProfileId) { return array('profile_info_fb' => $aProfileInfo, 'profile_fields' => $aProfileFields, 'join_page_redirect' => true); } // create new profile; if ($iExistingProfileId) { $iProfileId = $iExistingProfileId; } else { $iProfileId = $this->_oDb->createProfile($aProfileFields); } $oProfileFields = new BxDolProfilesController(); //remember FB uid for created member $this->_oDb->saveFbUid($iProfileId, $aProfileInfo['id']); // check profile status; if (!$iExistingProfileId) { if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); if (!empty($aProfileInfo['email'])) { //-- send email notification --// $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate('t_fb_connect_password_generated', $iProfileId); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => getNickName($aNewProfileInfo['ID']), 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } //-- if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iProfileId)); } // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); } bx_member_ip_store($iProfileId); // auto-friend members if they are already friends on Facebook if ($isAutoFriends) { $this->_makeFriends($iProfileId); } // set logged if ($isSetLoggedIn) { $aProfile = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfile['Password'], '', false); } return array('profile_info_fb' => $aProfileInfo, 'profile_id' => $iProfileId, 'existing_profile' => $iExistingProfileId ? true : false); }
protected function _genCsrfToken($bReturn = false) { if (getParam('sys_security_form_token_enable') != 'on' || defined('BX_DOL_CRON_EXECUTE')) { return false; } $oSession = BxDolSession::getInstance(); $iCsrfTokenLifetime = (int) $this->_oDb->getParam('sys_security_form_token_lifetime'); if ($oSession->getValue('bx_tricon_csrf_token') === false || $iCsrfTokenLifetime != 0 && time() - (int) $oSession->getValue('csrf_token_time') > $iCsrfTokenLifetime) { $sToken = genRndPwd(20, false); $oSession->setValue('bx_tricon_csrf_token', $sToken); $oSession->setValue('bx_tricon_csrf_token_time', time()); } else { $sToken = $oSession->getValue('bx_tricon_csrf_token'); } return $sToken; }
public static function genCsrfToken($bReturn = false) { if (getParam('sys_security_form_token_enable') != 'on') { return false; } $oSession = BxDolSession::getInstance(); $iCsrfTokenLifetime = (int) getParam('sys_security_form_token_lifetime'); if ($oSession->getValue('csrf_token') === false || $iCsrfTokenLifetime != 0 && time() - (int) $oSession->getValue('csrf_token_time') > $iCsrfTokenLifetime) { $sToken = genRndPwd(20, true); $oSession->setValue('csrf_token', $sToken); $oSession->setValue('csrf_token_time', time()); } else { $sToken = $oSession->getValue('csrf_token'); } if ($bReturn) { return $sToken; } }
protected function getMarkers($a) { $aMarkers = array(); foreach ($this->_aConfig as $sKey => $r) { $aMarkers[$sKey] = isset($a[$sKey]) ? $a[$sKey] : ''; } $aMarkers['admin_pwd_salt'] = genRndPwd(); $aMarkers['admin_pwd_hash'] = encryptUserPwd($a['admin_password'], $aMarkers['admin_pwd_salt']); $aMarkers['current_timestamp'] = time(); $aMarkers['version'] = BX_DOL_VER; $aMarkers['time'] = time(); $aMarkers['secret'] = genRndPwd(11); $aMarkers['ffmpeg_path'] = $aMarkers['root_dir'] . 'plugins/ffmpeg/ffmpeg.exe'; return $aMarkers; }
/** * Generate Select Box Element * * @param array $aInput * @return string */ function genInputFiles(&$aInput, $sInfo = '', $sError = '') { bx_import('BxDolUploader'); $sUniqId = genRndPwd(8, false); $sUploaders = ''; $oUploader = null; foreach ($aInput['uploaders'] as $sUploaderObject) { $oUploader = BxDolUploader::getObjectInstance($sUploaderObject, $aInput['storage_object'], $sUniqId); if (!$oUploader) { continue; } $sGhostTemplate = false; if (isset($aInput['ghost_template']) && is_object($aInput['ghost_template'])) { // form is not submitted and ghost template is BxDolFormNested object $oFormNested = $aInput['ghost_template']; if ($oFormNested instanceof BxDolFormNested) { $sGhostTemplate = $oFormNested->getCode(); } } elseif (isset($aInput['ghost_template']) && is_array($aInput['ghost_template']) && isset($aInput['ghost_template']['inputs'])) { // form is not submitted and ghost template is form array bx_import('BxDolFormNested'); $oFormNested = new BxDolFormNested($aInput['name'], $aInput['ghost_template'], $this->aParams['db']['submit_name'], $this->oTemplate); $sGhostTemplate = $oFormNested->getCode(); } elseif (isset($aInput['ghost_template']) && is_array($aInput['ghost_template']) && $aInput['ghost_template']) { // form is submitted and ghost template is array of BxDolFormNested objects bx_import('BxDolFormNested'); $sGhostTemplate = array(); foreach ($aInput['ghost_template'] as $iFileId => $oFormNested) { if (is_object($oFormNested) && $oFormNested instanceof BxDolFormNested) { $sGhostTemplate[$iFileId] = $oFormNested->getCode(); } } } elseif (isset($aInput['ghost_template']) && is_string($aInput['ghost_template'])) { // ghost template is just string template, without nested form $sGhostTemplate = $aInput['ghost_template']; } $aParams = array('button_title' => bx_js_string($oUploader->getUploaderButtonTitle(isset($aInput['upload_buttons_titles']) ? $aInput['upload_buttons_titles'] : false)), 'content_id' => isset($aInput['content_id']) ? $aInput['content_id'] : ''); if (isset($aInput['images_transcoder']) && $aInput['images_transcoder']) { $aParams['images_transcoder'] = bx_js_string($aInput['images_transcoder']); } $sUploaders .= $oUploader->getUploaderButton($sGhostTemplate, isset($aInput['multiple']) ? $aInput['multiple'] : true, $aParams); } return $this->oTemplate->parseHtmlByName('form_field_uploader.html', array('uploaders_buttons' => $sUploaders, 'info' => $sInfo, 'error' => $sError, 'id_container_errors' => $oUploader ? $oUploader->getIdContainerErrors() : '', 'id_container_result' => $oUploader ? $oUploader->getIdContainerResult() : '', 'uploader_instance_name' => $oUploader ? $oUploader->getNameJsInstanceUploader() : '', 'is_init_ghosts' => isset($aInput['init_ghosts']) && !$aInput['init_ghosts'] ? 0 : 1)); }
function genRndSalt() { return genRndPwd(8, true); }
/** * Create new profile; * * @param : $aProfileInfo (array) - some profile's information; * @see : $this -> aFacebookProfileFields; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : (integer) profile's id; */ function _createProfile($aProfileInfo, $sAlternativeName = '') { $sCountry = ''; $sCity = ''; $bAvatarRedirect = false; $sMemberAvatar = !empty($aProfileInfo['picture']) ? $aProfileInfo['picture'] : ''; //-- join by invite only --// if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { $this->_oTemplate->getPage(_t('_bx_facebook'), MsgBox(_t('_registration by invitation only'))); exit; } //-- // process the date of birth; if (isset($aProfileInfo['birthday'])) { $aProfileInfo['birthday'] = isset($aProfileInfo['birthday']) ? date('Y-m-d', strtotime($aProfileInfo['birthday'])) : ''; } // generate new password for profile; $sNewPassword = genRndPwd(); $sPasswordSalt = genRndSalt(); $aProfileInfo['password'] = encryptUserPwd($sNewPassword, $sPasswordSalt); //-- define user's country and city --// $aLocation = array(); if (isset($aProfileInfo['location']['name'])) { $aLocation = $aProfileInfo['location']['name']; } else { if (isset($aProfileInfo['hometown']['name'])) { $aLocation = $aProfileInfo['hometown']['name']; } } if ($aLocation) { $aCountryInfo = explode(',', $aLocation); $sCountry = $this->_oDb->getCountryCode(trim($aCountryInfo[1])); $sCity = trim($aCountryInfo[0]); //set default country name, especially for American brothers if ($sCity && !$sCountry) { $sCountry = $this->_oConfig->sDefaultCountryCode; } } //-- //try define the user's email $sEmail = !empty($aProfileInfo['email']) ? $aProfileInfo['email'] : $aProfileInfo['proxied_email']; //check email if ($this->_oDb->isEmailExisting($sEmail)) { $this->_oTemplate->getPage(_t('_bx_facebook'), MsgBox(_t('_bx_facebook_error_email'))); exit; } //-- fill array with all needed values --// $aProfileFields = array('NickName' => $aProfileInfo['nick_name'] . $sAlternativeName, 'Email' => $sEmail, 'Sex' => isset($aProfileInfo['gender']) ? $aProfileInfo['gender'] : '', 'DateOfBirth' => $aProfileInfo['birthday'], 'Password' => $aProfileInfo['password'], 'FirstName' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'LastName' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'DescriptionMe' => isset($aProfileInfo['bio']) ? $aProfileInfo['bio'] : '', 'Interests' => isset($aProfileInfo['interests']) ? $aProfileInfo['interests'] : '', 'Religion' => isset($aProfileInfo['religion']) ? $aProfileInfo['religion'] : '', 'Country' => $sCountry, 'City' => $sCity); //-- // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } //-- add some system values --// $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; //-- //check redirect page switch ($this->_oConfig->sRedirectPage) { case 'join': return $this->_getJoinPage($aProfileFields, $aProfileInfo['id']); case 'pedit': $sRedirectUrl = BX_DOL_URL_ROOT . 'pedit.php'; break; case 'avatar': $bAvatarRedirect = true; break; case 'index': $sRedirectUrl = BX_DOL_URL_ROOT; break; case 'member': default: $sRedirectUrl = BX_DOL_URL_ROOT . 'member.php'; break; } // create new profile; $iProfileId = $this->_oDb->createProfile($aProfileFields); $oProfileFields = new BxDolProfilesController(); //remember FB uid for created member $this->_oDb->saveFbUid($iProfileId, $aProfileInfo['id']); // check profile status; if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); if (!empty($aProfileInfo['email'])) { //-- send email notification --// $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate('t_fb_connect_password_generated'); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => $aNewProfileInfo['NickName'], 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } //-- // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); //Auto-friend members if they are already friends on Facebook $this->_makeFriends($iProfileId); // set logged $aProfileInfo = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfileInfo['Password'], '', false); //redirect to avatar page if ($bAvatarRedirect) { if (BxDolInstallerUtils::isModuleInstalled('avatar')) { // check profile's logo; if ($sMemberAvatar) { BxDolService::call('avatar', 'set_image_for_cropping', array($iProfileId, $sMemberAvatar)); } if (BxDolService::call('avatar', 'join', array($iProfileId, '_Join complete'))) { exit; } } else { header('location:' . $this->_oConfig->sDefaultRedirectUrl); exit; } } else { //assign avatar if ($sMemberAvatar) { $this->_assignAvatar($sMemberAvatar); } //redirect to other page header('location:' . $sRedirectUrl); exit; } }