Beispiel #1
0
function joinGroup($group_id, $privacy)
{
    global $db, $current_user, $main_smarty, $the_template, $my_base_url, $my_pligg_base;
    if (!is_numeric($group_id)) {
        die;
    }
    $privacy = $db->get_var("SELECT group_privacy FROM " . table_groups . " WHERE group_id = {$group_id}");
    if ($privacy == '') {
        $member_status = 'active';
    } else {
        $member_status = 'inactive';
    }
    $sql = "INSERT INTO " . table_group_member . " ( `member_user_id` , `member_group_id`, `member_role`,`member_status` ) VALUES ('" . $current_user->user_id . "', '" . $group_id . "','normal','" . $member_status . "' ) ";
    $db->query($sql);
    //member count update increase
    if (isMemberActive($group_id) == 'active') {
        $member_count = get_group_members($group_id);
        $member_update = "update " . table_groups . " set group_members = '" . $member_count . "' where group_id = '" . $group_id . "'";
        $db->query($member_update);
    }
    if ($privacy == 'restricted') {
        $my_base_url = $my_base_url;
        $my_pligg_base = $my_pligg_base;
        if (phpnum() == 4) {
            require_once 'class.phpmailer4.php';
        } else {
            require_once 'class.phpmailer5.php';
        }
        //$site_mail = $main_smarty->get_config_vars('PLIGG_Comment_mail_from');
        $from = "*****@*****.**";
        $activate = my_base_url . my_pligg_base . "/join_group.php?activate=true&group_id=" . $group_id . "&user_id=" . $current_user->user_id . "";
        $inactivate = my_base_url . my_pligg_base . "/join_group.php?activate=false";
        $str .= "Hello Admin<br />A new member has requested to join your group.<br/>To activate click link below<br/><a href='" . my_base_url . my_pligg_base . "/join_group.php?activate=true&group_id=" . $group_id . "&user_id=" . $current_user->user_id . "'>Activate</a><br />";
        $str .= "To deactivate click link below<br/><a href='" . my_base_url . my_pligg_base . "/join_group.php?activate=false&group_id=" . $group_id . "&user_id=" . $current_user->user_id . "'>Deactivate</a><br />";
        $subject = "Request to join group";
        $creator_id = get_group_creator($group_id);
        $to = get_group_user_email($creator_id);
        //$to = $creator_id;
        $message = $str;
        echo $message . ":" . $to . ":" . $from . ":" . $subject;
        $mail = new PHPMailer();
        $mail->From = $from;
        $mail->FromName = "Administrator";
        $mail->AddAddress($to);
        $mail->AddReplyTo($from);
        $mail->IsHTML(true);
        $mail->Subject = $subject;
        $mail->Body = $message;
        $mail->Send();
    }
}
Beispiel #2
0
 function print_summary($type = 'full', $fetch = false, $link_summary_template = 'link_summary.tpl')
 {
     global $current_user, $globals, $the_template, $smarty, $ranklist;
     // DB 09/03/08
     if (!is_numeric($this->id)) {
         return false;
     }
     ///
     include_once './Smarty.class.php';
     $main_smarty = new Smarty();
     $main_smarty->compile_check = false;
     // enable caching at your own risk. this code is still experimental
     //$smarty->cache = true;
     $main_smarty->cache_lifetime = 120;
     $main_smarty->compile_dir = mnmpath . "cache/templates_c/";
     $main_smarty->template_dir = mnmpath . "templates/";
     $main_smarty->cache_dir = mnmpath . "cache/";
     $main_smarty->config_dir = "";
     $main_smarty->assign('pligg_language', pligg_language);
     $main_smarty->config_load(lang_loc . "/languages/lang_" . pligg_language . ".conf");
     if (phpnum() == 4) {
         $main_smarty->force_compile = true;
     }
     $main_smarty = $this->fill_smarty($main_smarty, $type);
     $main_smarty->assign('use_title_as_link', use_title_as_link);
     $main_smarty->assign('open_in_new_window', open_in_new_window);
     $main_smarty->assign('the_template', The_Template);
     include mnminclude . 'extra_fields_smarty.php';
     if ($fetch == false) {
         $main_smarty->display($the_template . '/' . $link_summary_template, 'story' . $this->id . "|" . $current_user->user_id . "|" . $type);
     } else {
         return $main_smarty->fetch($the_template . '/' . $link_summary_template, 'story' . $this->id . "|" . $current_user->user_id . "|" . $type);
     }
 }
Beispiel #3
0
function akismet_showpage()
{
    global $main_smarty, $the_template, $current_user, $db;
    force_authentication();
    $canIhaveAccess = 0;
    $canIhaveAccess = $canIhaveAccess + checklevel('god');
    if ($canIhaveAccess == 1) {
        if (phpnum() >= 5) {
            include_once akismet_lib_path . 'Akismet.class_5.php';
        } else {
            include_once akismet_lib_path . 'Akismet.class_4.php';
        }
        $navwhere['text1'] = 'Akismet';
        $navwhere['link1'] = URL_akismet;
        define('pagename', 'akismet');
        $main_smarty->assign('pagename', pagename);
        define('modulename', 'akismet');
        $main_smarty->assign('modulename', modulename);
        if (isset($_REQUEST['view'])) {
            $view = sanitize($_REQUEST['view'], 3);
        } else {
            $view = '';
        }
        if ($view == '') {
            $wordpress_key = get_misc_data('wordpress_key');
            if ($wordpress_key == '') {
                header('Location: ' . URL_akismet . '&view=manageKey');
            }
            $spam_links = get_misc_data('spam_links');
            if ($spam_links != '') {
                $spam_links = unserialize(get_misc_data('spam_links'));
            } else {
                $spam_links = array();
            }
            $main_smarty->assign('spam_links', $spam_links);
            $main_smarty->assign('spam_links_count', count($spam_links));
            $spam_comments = get_misc_data('spam_comments');
            if ($spam_comments != '') {
                $spam_comments = unserialize(get_misc_data('spam_comments'));
            } else {
                $spam_comments = array();
            }
            $main_smarty->assign('spam_comments', $spam_comments);
            $main_smarty->assign('spam_comments_count', count($spam_comments));
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'main');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'manageKey') {
            $wordpress_key = get_misc_data('wordpress_key');
            $main_smarty->assign('wordpress_key', $wordpress_key);
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageKey');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'updateKey') {
            if (isset($_REQUEST['key'])) {
                $wordpress_key = sanitize($_REQUEST['key'], 3);
            } else {
                $wordpress_key = '';
            }
            misc_data_update('wordpress_key', $wordpress_key);
            header('Location: ' . URL_akismet);
        }
        if ($view == 'manageSpam') {
            $spam_links = get_misc_data('spam_links');
            if ($spam_links != '') {
                $spam_links = unserialize(get_misc_data('spam_links'));
            } else {
                $spam_links = array();
            }
            if (count($spam_links) > 0) {
                $sql = "SELECT " . table_links . ".* FROM " . table_links . " WHERE ";
                $sql .= 'link_id IN (' . implode(',', $spam_links) . ')';
                $link_data = $db->get_results($sql);
                $main_smarty->assign('link_data', object_2_array($link_data));
            } else {
                header('Location: ' . URL_akismet);
            }
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpam');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'manageSettings') {
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSettings');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        /*
        if($view == 'isSpam'){
        	if(isset($_REQUEST['link_id'])){$link_id = sanitize($_REQUEST['link_id'], 3);}else{$link_id='';}
        
        	$spam_links = get_misc_data('spam_links');
        	$spam_links = unserialize(get_misc_data('spam_links'));
        
        	unset($spam_links[$link_id]);
        	misc_data_update('spam_links', serialize($spam_links));
        
        	$link = new Link;
        	$link->id = $link_id;
        	$link->read(FALSE);
        	$link->status = 'discard';
        	$link->store();
        
        	header('Location: ' . URL_akismet . '&view=manageSpam');
        }
        
        if($view == 'isNotSpam'){
        	if(isset($_REQUEST['link_id'])){$link_id = sanitize($_REQUEST['link_id'], 3);}else{$link_id='';}
        
        	$spam_links = get_misc_data('spam_links');
        	$spam_links = unserialize(get_misc_data('spam_links'));
        
        	unset($spam_links[$link_id]);
        	misc_data_update('spam_links', serialize($spam_links));
        
        	$link = new Link;
        	$link->id = $link_id;
        	$link->read(FALSE);
        	$link->status = 'queued';
        	$link->store();
        
        	header('Location: ' . URL_akismet . '&view=manageSpam');
        }
        
        if($view == 'addSpam'){
        
        	$spam_links[1] = 1;
        	misc_data_update('spam_links', serialize($spam_links));
        	header('Location: ' . URL_akismet . '&view=manageSpam');
        
        }
        */
        if ($view == 'manageSpamcomments') {
            $spam_comments = get_misc_data('spam_comments');
            if ($spam_comments != '') {
                $spam_comments = unserialize(get_misc_data('spam_comments'));
            } else {
                $spam_comments = array();
            }
            if (count($spam_comments) > 0) {
                $sql = "SELECT * FROM " . table_prefix . "spam_comments WHERE ";
                $sql .= 'linkid IN (' . implode(',', $spam_comments) . ')';
                $link_data = $db->get_results($sql);
                $user_cmt = new User();
                $user_cmt_link = new Link();
                $spam_output .= ' <form name="bulk_moderate" action="' . URL_akismet_isSpamcomment . '&action=bulkmod" method="post">';
                $spam_output .= "<table>";
                $spam_output .= "<tr><th>Author</th><th>Body</th><th>this is spam</th><th>this is NOT spam</th></tr>";
                if ($link_data) {
                    foreach ($link_data as $spam_cmts) {
                        $user_cmt->id = $spam_cmts->userid;
                        $user_cmt->read();
                        $user_name = $user_cmt->username;
                        $user_cmt_link->id = $spam_cmts->linkid;
                        $user_cmt_link->read();
                        $spam_output .= "<tr>";
                        $spam_output .= "<td>" . $user_name . "</td>";
                        $spam_output .= "<td>" . save_text_to_html($spam_cmts->cmt_content) . "</td>";
                        $spam_output .= '<td><center><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="spamcomment"></center></td>';
                        $spam_output .= '<td><center><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="notspamcomment"></center></td>';
                        $spam_output .= "</tr>";
                    }
                }
                $spam_output .= "</table>";
                $spam_output .= '<p align="right"><input type="submit" name="submit" value="Change Status" class="log2" /></p>';
                $spam_output .= "</form>";
                $main_smarty->assign('spam_output', $spam_output);
                $main_smarty->assign('link_data', object_2_array($link_data));
            } else {
                header('Location: ' . URL_akismet);
            }
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpamcomments');
            $main_smarty->display($the_template . '/pligg.tpl');
        }
        if ($view == 'isSpam') {
            if ($_GET['action'] == "bulkmod") {
                if (isset($_POST['submit'])) {
                    $spam = array();
                    foreach ($_POST["spam"] as $k => $v) {
                        $spam[intval($k)] = $v;
                    }
                    foreach ($spam as $key => $value) {
                        if ($value == "spam") {
                            if (isset($key)) {
                                $link_id = sanitize($key, 3);
                            } else {
                                $link_id = '';
                            }
                            $spam_links = get_misc_data('spam_links');
                            $spam_links = unserialize(get_misc_data('spam_links'));
                            $key = array_search($link_id, $spam_links);
                            unset($spam_links[$key]);
                            misc_data_update('spam_links', serialize($spam_links));
                            $link = new Link();
                            $link->id = $link_id;
                            $link->read();
                            $link->status = 'discard';
                            $link->store();
                            $user = new User();
                            $user->id = $link->author;
                            $user->read();
                            $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
                            $akismet->setCommentAuthor($user->username);
                            $akismet->setCommentAuthorEmail($user->email);
                            $akismet->setCommentAuthorURL($link->url);
                            $akismet->setCommentContent($link->content);
                            $akismet->setPermalink(getmyurl('story', $link->id));
                            $akismet->submitSpam();
                        } elseif ($value == "notspam") {
                            if (isset($key)) {
                                $link_id = sanitize($key, 3);
                            } else {
                                $link_id = '';
                            }
                            $spam_links = get_misc_data('spam_links');
                            $spam_links = unserialize(get_misc_data('spam_links'));
                            $key = array_search($link_id, $spam_links);
                            unset($spam_links[$key]);
                            misc_data_update('spam_links', serialize($spam_links));
                            $link = new Link();
                            $link->id = $link_id;
                            $link->read(FALSE);
                            $link->status = 'queued';
                            $link->store();
                            $user = new User();
                            $user->id = $link->author;
                            $user->read();
                            $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
                            $akismet->setCommentAuthor($user->username);
                            $akismet->setCommentAuthorEmail($user->email);
                            $akismet->setCommentAuthorURL($link->url);
                            $akismet->setCommentContent($link->content);
                            $akismet->setPermalink(getmyurl('story', $link->id));
                            $akismet->submitHam();
                        }
                    }
                }
            }
            header('Location: ' . URL_akismet . '&view=manageSpam');
        }
        if ($view == 'isSpamcomment') {
            if ($_GET['action'] == "bulkmod") {
                if (isset($_POST['submit'])) {
                    $spamcomment = array();
                    foreach ($_POST["spamcomment"] as $k => $v) {
                        $spamcomment[intval($k)] = $v;
                    }
                    foreach ($spamcomment as $key => $value) {
                        if ($value == "spamcomment") {
                            if (isset($key)) {
                                $link_id = sanitize($key, 3);
                            } else {
                                $link_id = '';
                            }
                            global $db;
                            $spam_comments = get_misc_data('spam_comments');
                            $spam_comments = unserialize(get_misc_data('spam_comments'));
                            $key = array_search($link_id, $spam_comments);
                            unset($spam_comments[$key]);
                            $sql_result = "Select * from " . table_prefix . "spam_comments where auto_id=" . $link_id;
                            $result_arr = $db->get_results($sql_result);
                            if ($result_arr) {
                                foreach ($result_arr as $result_arr_comments) {
                                    $link = new Link();
                                    $link->id = $result_arr_comments->linkid;
                                    $link->read();
                                    $user = new User();
                                    $user->id = $result_arr_comments->userid;
                                    $user->read();
                                    $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
                                    $akismet->setCommentAuthor($user->username);
                                    $akismet->setCommentAuthorEmail($user->email);
                                    $akismet->setCommentAuthorURL($link->url);
                                    $akismet->setCommentContent($result_arr_comments->cmt_content);
                                    $akismet->setPermalink(getmyurl('story', $link->id));
                                    $akismet->submitSpam();
                                }
                            }
                            misc_data_update('spam_comments', serialize($spam_comments));
                            $db->query(' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id);
                        } elseif ($value == "notspamcomment") {
                            if (isset($key)) {
                                $link_id = sanitize($key, 3);
                            } else {
                                $link_id = '';
                            }
                            global $db;
                            $spam_comments = get_misc_data('spam_comments');
                            $spam_comments = unserialize(get_misc_data('spam_comments'));
                            $key = array_search($link_id, $spam_comments);
                            unset($spam_comments[$key]);
                            $sql_result = " Select * from " . table_prefix . "spam_comments where auto_id={$link_id}";
                            $result_arr = $db->get_results($sql_result);
                            if ($result_arr) {
                                foreach ($result_arr as $result_arr_comments) {
                                    $link = new Link();
                                    $link->id = $result_arr_comments->linkid;
                                    $link->read();
                                    $user = new User();
                                    $user->id = $result_arr_comments->userid;
                                    $user->read();
                                    $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
                                    $akismet->setCommentAuthor($user->username);
                                    $akismet->setCommentAuthorEmail($user->email);
                                    $akismet->setCommentAuthorURL($link->url);
                                    $akismet->setCommentContent($result_arr_comments->cmt_content);
                                    $akismet->setPermalink(getmyurl('story', $link->id));
                                    $akismet->submitHam();
                                    $sql = "INSERT INTO " . table_comments . " (comment_parent, comment_user_id, comment_link_id , comment_date, comment_randkey, comment_content) VALUES ({$result_arr_comments->cmt_parent}, {$result_arr_comments->userid}, {$result_arr_comments->linkid}, now(), '{$result_arr_comments->cmt_rand}', '{$result_arr_comments->cmt_content}')";
                                    $db->query($sql);
                                }
                            }
                            misc_data_update('spam_comments', serialize($spam_comments));
                            $sql_delete = ' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id;
                            $db->query($sql_delete);
                            $link->adjust_comment(1);
                            $link->store();
                        }
                    }
                }
                header('Location: ' . URL_akismet . '&view=manageSpamcomments');
            }
        }
    }
}
function check_for_enabled_module($name, $version)
{
    global $db;
    if ($name == 'PHP') {
        if (phpnum() == $version) {
            return $version;
        }
    } else {
        $sql = 'SELECT `id` FROM ' . table_modules . ' where `folder` = "' . $name . '" and `version` >= ' . $version . ' and `enabled` = 1;';
        //echo $sql;
        $theId = $db->get_var($sql);
        return $theId;
    }
}
Beispiel #5
0
         }
     }
 }
 if ($_POST["processlogin"] == 5 && pligg_validate()) {
     // resend confirmation email
     $email = sanitize($db->escape(trim($_POST['email'])), 4);
     if (check_email($email)) {
         $user = $db->get_row("SELECT * FROM `" . table_users . "` where `user_email` = '" . $email . "' AND user_level!='Spammer'");
         if ($user) {
             $encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
             $domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
             $validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
             $str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
             eval('$str = "' . str_replace('"', '\\"', $str) . '";');
             $message = "{$str}";
             if (phpnum() >= 5) {
                 require "libs/class.phpmailer5.php";
             } else {
                 require "libs/class.phpmailer4.php";
             }
             $mail = new PHPMailer();
             $mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
             $mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
             $mail->AddAddress($_POST['email']);
             $mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
             $mail->IsHTML(false);
             $mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
             $mail->Body = $message;
             $mail->CharSet = 'utf-8';
             #print_r($mail);
             if (!$mail->Send()) {
Beispiel #6
0
     if ($exists) {
         $errors = $main_smarty->get_config_vars('PLIGG_Visual_Group_Title_Exists');
     }
 }
 if (!$errors) {
     //to insert a group
     $insert_group = "INSERT INTO " . table_groups . " (group_creator, group_status, group_members, group_date, group_safename, group_name, group_description, group_privacy, group_vote_to_publish) VALUES ({$group_author}, '{$group_status}', {$group_members},FROM_UNIXTIME({$group_date}),'{$group_safename}','{$group_name}', '{$group_description}', '{$group_privacy}', '{$group_vote_to_publish}')";
     $result = $db->query($insert_group);
     //get linkid inserted above
     $in_id = $db->get_var("select max(group_id) as group_id from " . table_groups . " ");
     //echo 'sdgfdsgds'.$in_id;
     //to make group creator a member
     $insert_member = "INSERT INTO " . table_group_member . " (`member_user_id` , `member_group_id`, `member_role`) VALUES (" . $group_author . ", " . $in_id . ",'admin' )";
     $db->query($insert_member);
     if (isset($_POST['group_mailer'])) {
         if (phpnum() == 4) {
             require_once mnminclude . 'class.phpmailer4.php';
         } else {
             require_once mnminclude . 'class.phpmailer5.php';
         }
         if (isset($_POST['group_mailer'])) {
             global $db, $current_user;
             $names = $_POST['group_mailer'];
             $v1 = explode(",", $names);
             $name = "";
             $user = new User();
             $user->id = $current_user->user_id;
             $user->read();
             $author_email = $user->email;
             $username = $user->username;
             foreach ($v1 as $t) {
Beispiel #7
0
function save_profile()
{
    global $user, $current_user, $db, $main_smarty, $CSRF, $canIhaveAccess, $language;
    if ($CSRF->check_valid(sanitize($_POST['token'], 3), 'profile_change')) {
        if (!isset($_POST['save_profile']) || !$_POST['process'] || !$canIhaveAccess && sanitize($_POST['user_id'], 3) != $current_user->user_id) {
            return;
        }
        if ($user->email != sanitize($_POST['email'], 3)) {
            if (!check_email(sanitize($_POST['email'], 3))) {
                $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadEmail");
                return $savemsg;
            } elseif (email_exists(trim(sanitize($_POST['email'], 3)))) {
                // if email already exists
                $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_EmailExists");
                return $savemsg;
            } else {
                if (pligg_validate()) {
                    $encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
                    $domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
                    $validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
                    $str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
                    eval('$str = "' . str_replace('"', '\\"', $str) . '";');
                    $message = "{$str}";
                    if (phpnum() >= 5) {
                        require "libs/class.phpmailer5.php";
                    } else {
                        require "libs/class.phpmailer4.php";
                    }
                    $mail = new PHPMailer();
                    $mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
                    $mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
                    $mail->AddAddress($_POST['email']);
                    $mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
                    $mail->IsHTML(false);
                    $mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
                    $mail->Body = $message;
                    $mail->CharSet = 'utf-8';
                    #print_r($mail);
                    if (!$mail->Send()) {
                        return false;
                    }
                    $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Noemail") . ' ' . sprintf($main_smarty->get_config_vars("PLIGG_Visual_Register_ToDo"), $main_smarty->get_config_vars('PLIGG_PassEmail_From'));
                } else {
                    $user->email = sanitize($_POST['email'], 2);
                }
            }
        }
        // User settings
        if (Allow_User_Change_Templates && file_exists("./templates/" . $_POST['template'] . "/header.tpl")) {
            $domain = $_SERVER['HTTP_HOST'] == 'localhost' ? '' : preg_replace('/^www/', '', $_SERVER['HTTP_HOST']);
            setcookie("template", $_POST['template'], time() + 60 * 60 * 24 * 30, '/', $domain);
        }
        $sqlGetiCategory = "SELECT category__auto_id from " . table_categories . " where category__auto_id!= 0;";
        $sqlGetiCategoryQ = mysql_query($sqlGetiCategory);
        $arr = array();
        while ($row = mysql_fetch_array($sqlGetiCategoryQ, MYSQL_NUM)) {
            $arr[] = $row[0];
        }
        $select_check = $_POST['chack'];
        if (!$select_check) {
            $select_check = array();
        }
        $diff = array_diff($arr, $select_check);
        $select_checked = $db->escape(implode(",", $diff));
        $sql = "UPDATE " . table_users . " set user_categories='{$select_checked}' WHERE user_id = '{$user->id}'";
        $query = mysql_query($sql);
        /////
        // Santizie user input
        $user->url = sanitize($_POST['url'], 2);
        $user->public_email = sanitize($_POST['public_email'], 2);
        $user->location = sanitize($_POST['location'], 2);
        $user->occupation = sanitize($_POST['occupation'], 2);
        $user->facebook = sanitize($_POST['facebook'], 2);
        $user->twitter = sanitize($_POST['twitter'], 2);
        $user->linkedin = sanitize($_POST['linkedin'], 2);
        $user->googleplus = sanitize($_POST['googleplus'], 2);
        $user->skype = sanitize($_POST['skype'], 2);
        $user->pinterest = sanitize($_POST['pinterest'], 2);
        $user->names = sanitize($_POST['names'], 2);
        if (user_language) {
            $user->language = sanitize($_POST['language'], 2);
        }
        // Convert user input social URLs to username values
        $facebookUrl = $user->facebook;
        preg_match("/https?:\\/\\/(www\\.)?facebook\\.com\\/([^\\/]*)/", $facebookUrl, $matches);
        if ($matches) {
            $user->facebook = $matches[2];
        }
        $twitterUrl = $user->twitter;
        preg_match("/https?:\\/\\/(www\\.)?twitter\\.com\\/(#!\\/)?@?([^\\/]*)/", $twitterUrl, $matches);
        if ($matches) {
            $user->twitter = $matches[3];
        }
        $linkedinUrl = $user->linkedin;
        preg_match("/https?:\\/\\/(www\\.)?linkedin\\.com\\/in\\/([^\\/]*)/", $linkedinUrl, $matches);
        if ($matches) {
            $user->linkedin = $matches[2];
        }
        $googleplusUrl = $user->googleplus;
        preg_match("/https?:\\/\\/plus\\.google\\.com\\/([^\\/]*)/", $googleplusUrl, $matches);
        if ($matches) {
            $user->googleplus = $matches[1];
        }
        $pinterestUrl = $user->pinterest;
        preg_match("/https?:\\/\\/(www\\.)?pinterest\\.com\\/([^\\/]*)/", $pinterestUrl, $matches);
        if ($matches) {
            $user->pinterest = $matches[2];
        }
        // module system hook
        $vars = '';
        check_actions('profile_save', $vars);
        /*		$avatar_source = sanitize($_POST['avatarsource'], 2);
        		if($avatar_source != "" && $avatar_source != "useruploaded"){
        			loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . sanitize($_POST["email"], 3));
        			$avatar_source == "";
        		}
        		$user->avatar_source=$avatar_source;
        */
        if ($user->level == "admin" || $user->level == "moderator") {
            if ($user->username != sanitize($_POST['user_login'], 3)) {
                $user_login = sanitize($_POST['user_login'], 2);
                if (preg_match('/\\pL/u', 'a')) {
                    // Check if PCRE was compiled with UTF-8 support
                    if (!preg_match('/^[_\\-\\d\\p{L}\\p{M}]+$/iu', $user_login)) {
                        // if username contains invalid characters
                        $savemsg = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
                        return $savemsg;
                    }
                } else {
                    if (!preg_match('/^[^~`@%&=\\/;:\\.,<>!"\\\'\\^\\.\\[\\]\\$\\(\\)\\|\\*\\+\\-\\?\\{\\}\\\\]+$/', $user_login)) {
                        $savemsg = $main_smarty->get_config_vars('PLIGG_Visual_Register_Error_UserInvalid');
                        return $savemsg;
                    }
                }
                if (user_exists(trim($user_login))) {
                    $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_UserExists");
                    $user->username = $user_login;
                    return $savemsg;
                } else {
                    $user->username = $user_login;
                    $saved['username'] = 1;
                }
            }
        }
        if (!empty($_POST['newpassword']) || !empty($_POST['newpassword2'])) {
            $oldpass = sanitize($_POST['oldpassword'], 2);
            $userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
            $saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
            if ($userX->user_pass == $saltedpass) {
                if (sanitize($_POST['newpassword'], 3) !== sanitize($_POST['newpassword2'], 3)) {
                    $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadPass");
                    return $savemsg;
                } else {
                    $saltedpass = generateHash(sanitize($_POST['newpassword'], 3));
                    $user->pass = $saltedpass;
                    $saved['pass'] = 1;
                }
            } else {
                $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadOldPass");
                return $savemsg;
            }
        }
        $user->store();
        $user->read();
        if ($saved['pass'] == 1 || $saved['username'] == 1) {
            $current_user->Authenticate($user->username, $user->pass, false, $user->pass);
        } else {
            $current_user->Authenticate($user->username, $user->pass);
            $saved['profile'] = 1;
        }
        return $saved;
    } else {
        return 'There was a token error.';
    }
}
Beispiel #8
0
function akismet_save_comment($x)
{
    print_r($x);
    echo "this is php version" . phpnum();
}
Beispiel #9
0
function akismet_showpage()
{
    global $main_smarty, $the_template, $current_user, $db;
    force_authentication();
    $canIhaveAccess = 0;
    $canIhaveAccess = $canIhaveAccess + checklevel('admin');
    if ($canIhaveAccess == 1) {
        $navwhere['text1'] = 'Akismet';
        $navwhere['link1'] = URL_akismet;
        define('pagename', 'akismet');
        $main_smarty->assign('pagename', pagename);
        define('modulename', 'akismet');
        $main_smarty->assign('modulename', modulename);
        if (isset($_REQUEST['view'])) {
            $view = sanitize($_REQUEST['view'], 3);
        } else {
            $view = '';
        }
        if ($view == '') {
            $wordpress_key = get_misc_data('wordpress_key');
            if ($wordpress_key == '') {
                header('Location: ' . URL_akismet . '&view=manageKey');
                die;
            }
            $main_smarty->assign('spam_links_count', akismet_get_link_count());
            $main_smarty->assign('spam_comments_count', akismet_get_comment_count());
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'main');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'updateKey') {
            if ($_REQUEST['key']) {
                $wordpress_key = sanitize($_REQUEST['key'], 3);
                // Verify key before save
                if (phpnum() >= 5) {
                    include akismet_lib_path . 'Akismet.class_5.php';
                    $akismet = new Akismet(my_base_url . my_pligg_base, $wordpress_key);
                    if (!$akismet->isKeyValid()) {
                        $main_smarty->assign('error', 1);
                    } else {
                        misc_data_update('wordpress_key', $wordpress_key);
                    }
                } else {
                    include akismet_lib_path . 'Akismet.class_4.php';
                    $akismet = new Akismet(my_base_url . my_pligg_base, $wordpress_key);
                    if (!$akismet->_isValidApiKey($wordpress_key)) {
                        $main_smarty->assign('error', 1);
                    } else {
                        misc_data_update('wordpress_key', $wordpress_key);
                    }
                }
            } else {
                $wordpress_key = '';
                misc_data_update('wordpress_key', $wordpress_key);
            }
            $view = 'manageKey';
        }
        if ($view == 'manageKey') {
            $wordpress_key = get_misc_data('wordpress_key');
            $main_smarty->assign('wordpress_key', $wordpress_key);
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageKey');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'manageSpam') {
            $sql = "SELECT " . table_links . ".*, " . table_users . ".user_login FROM " . table_links . " \r\n\t\t\t\t\tLEFT JOIN " . table_users . " ON link_author=user_id \r\n\t\t\t\t\tLEFT JOIN " . table_prefix . "spam_links ON linkid=link_id\r\n\t\t\t\t\tWHERE !ISNULL(linkid)";
            $link_data = $db->get_results($sql);
            if (sizeof($link_data)) {
                $main_smarty->assign('link_data', object_2_array($link_data));
            } else {
                header("Location: " . my_pligg_base . "/admin/admin_index.php");
                //				header('Location: ' . URL_akismet);
                die;
            }
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpam');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'manageSettings') {
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSettings');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if ($view == 'manageSpamcomments') {
            $sql = "SELECT * FROM " . table_prefix . "spam_comments ";
            $link_data = $db->get_results($sql);
            if (sizeof($link_data)) {
                $user_cmt = new User();
                $user_cmt_link = new Link();
                $spam_output .= ' <form name="bulk_moderate" action="' . URL_akismet_isSpamcomment . '&action=bulkmod" method="post">';
                $spam_output .= '<table class="table table-bordered table-striped">';
                $spam_output .= "<thead>\r\n\t\t\t\t\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t\t\t\t\t<th>Author</th>\r\n\t\t\t\t\t\t\t\t\t\t<th>Content</th>\r\n\t\t\t\t\t\t\t\t\t\t<th style='width:65px;text-align:center;'><input type='checkbox' name='all1' onclick='mark_all_spam();' style='display:none;'><a onclick='mark_all_spam();' style='cursor:pointer;text-decoration:none;'>Spam</a></th>\r\n\t\t\t\t\t\t\t\t\t\t<th style='width:80px;text-align:center;'><input type='checkbox' name='all2' onclick='mark_all_notspam();' style='display:none;'><a onclick='mark_all_notspam();' style='cursor:pointer;text-decoration:none;'>Not Spam</a></th>\r\n\t\t\t\t\t\t\t\t\t</tr>\r\n\t\t\t\t\t\t\t\t<tbody>";
                foreach ($link_data as $spam_cmts) {
                    $user_cmt->id = $spam_cmts->userid;
                    $user_cmt->read();
                    $user_name = $user_cmt->username;
                    $user_cmt_link->id = $spam_cmts->linkid;
                    $user_cmt_link->read();
                    $spam_output .= "<tr>";
                    $spam_output .= "\t<td>" . $user_name . "</td>";
                    $spam_output .= "\t<td><a href='story.php?id=" . ($user_cmt_link->id = $spam_cmts->linkid . "'>" . save_text_to_html($spam_cmts->cmt_content) . "</a></td>");
                    $spam_output .= '	<td style="text-align:center;"><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="spamcomment"></td>';
                    $spam_output .= '	<td style="text-align:center;"><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="notspamcomment"></td>';
                    $spam_output .= "</tr>";
                }
                $spam_output .= "</tbody></table>";
                $spam_output .= '<p align="right" style="margin-top:10px;"><input type="submit" name="submit" value="Apply Changes" class="btn btn-default" /></p>';
                $spam_output .= "</form>";
                $main_smarty->assign('spam_output', $spam_output);
                $main_smarty->assign('link_data', object_2_array($link_data));
            } else {
                header("Location: " . my_pligg_base . "/admin/admin_index.php");
                //				header('Location: ' . URL_akismet);
                die;
            }
            $main_smarty = do_sidebar($main_smarty, $navwhere);
            $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel'));
            $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpamcomments');
            $main_smarty->display($template_dir . '/admin/admin.tpl');
        }
        if (phpnum() >= 5) {
            include_once akismet_lib_path . 'Akismet.class_5.php';
        } else {
            include_once akismet_lib_path . 'Akismet.class_4.php';
        }
        if ($view == 'isSpam') {
            if ($_GET['action'] == "bulkmod") {
                if (isset($_POST['submit'])) {
                    $spam = array();
                    foreach ($_POST["spam"] as $k => $v) {
                        $spam[intval($k)] = $v;
                    }
                    foreach ($spam as $key => $value) {
                        if (isset($key)) {
                            $link_id = sanitize($key, 3);
                        } else {
                            continue;
                        }
                        $link = new Link();
                        $link->id = $link_id;
                        $link->read();
                        $user = new User();
                        $user->id = $link->author;
                        $user->read();
                        if (phpnum() < 5) {
                            $comment = array('author' => $user->username, 'email' => $user->email, 'website' => $link->url, 'body' => $link->content, 'permalink' => my_base_url . getmyurl('story', $link->id));
                            $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'), $comment);
                        } else {
                            $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
                            $akismet->setCommentAuthor($user->username);
                            $akismet->setCommentAuthorEmail($user->email);
                            $akismet->setCommentAuthorURL($link->url);
                            $akismet->setCommentContent($link->content);
                            $akismet->setPermalink(my_base_url . getmyurl('story', $link->id));
                        }
                        if ($value == "spam") {
                            $link->status = 'spam';
                            $link->store();
                            killspam($user->id);
                            $akismet->submitSpam();
                        } elseif ($value == "notspam") {
                            $link->status = 'new';
                            $link->store();
                            $akismet->submitHam();
                        }
                        $db->query("DELETE FROM " . table_prefix . "spam_links WHERE linkid={$link_id}");
                    }
                }
            }
            header('Location: ' . URL_akismet . '&view=manageSpam');
            die;
        }
        if ($view == 'isSpamcomment') {
            if ($_GET['action'] == "bulkmod") {
                if (isset($_POST['submit'])) {
                    $spamcomment = array();
                    foreach ($_POST["spamcomment"] as $k => $v) {
                        $spamcomment[intval($k)] = $v;
                    }
                    foreach ($spamcomment as $key => $value) {
                        if (isset($key)) {
                            $link_id = sanitize($key, 3);
                        } else {
                            continue;
                        }
                        $sql_result = "Select * from " . table_prefix . "spam_comments where auto_id=" . $link_id;
                        $result = $db->get_row($sql_result);
                        #print_r($result);
                        $link = new Link();
                        $link->id = $result->linkid;
                        $link->read();
                        $user = new User();
                        $user->id = $result->userid;
                        $user->read();
                        #print_r($user);
                        if (phpnum() < 5) {
                            $comment = array('author' => $user->username, 'email' => $user->email, 'website' => $link->url, 'body' => $result->cmt_content, 'permalink' => my_base_url . getmyurl('story', $link->id));
                            $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'), $comment);
                        } else {
                            $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
                            $akismet->setCommentAuthor($user->username);
                            $akismet->setCommentAuthorEmail($user->email);
                            $akismet->setCommentAuthorURL($link->url);
                            $akismet->setCommentContent($result->cmt_content);
                            $akismet->setPermalink(my_base_url . getmyurl('story', $link->id));
                        }
                        if ($value == "spamcomment") {
                            $akismet->submitSpam();
                        } elseif ($value == "notspamcomment") {
                            $akismet->submitHam();
                            $sql = "INSERT INTO " . table_comments . " (comment_parent, comment_user_id, comment_link_id , comment_date, comment_randkey, comment_content) VALUES ('{$result->cmt_parent}', '{$result->userid}', '{$result->linkid}', now(), '{$result->cmt_rand}', '{$result->cmt_content}')";
                            $db->query($sql);
                            #print $sql;
                        }
                        $link->adjust_comment(1);
                        $link->store();
                        $db->query(' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id);
                    }
                }
                header('Location: ' . URL_akismet . '&view=manageSpamcomments');
                die;
            }
        }
    } else {
        header("Location: " . getmyurl('login', $_SERVER['REQUEST_URI']));
        die;
    }
}
Beispiel #10
0
function is_php4()
{
    if (phpnum() == 4) {
        return true;
    }
}
Beispiel #11
0
 function Create()
 {
     global $db, $main_smarty, $the_template, $my_base_url, $my_pligg_base;
     if ($this->username == '') {
         return false;
     }
     if ($this->pass == '') {
         return false;
     }
     if ($this->email == '') {
         return false;
     }
     if (!user_exists($this->username)) {
         $userip = $_SERVER['REMOTE_ADDR'];
         $saltedpass = generateHash($this->pass);
         $sqlGetiCategory = "SELECT category__auto_id from " . table_categories . " where category__auto_id!= 0;";
         $sqlGetiCategoryQ = mysql_query($sqlGetiCategory);
         $arr = array();
         $i = 0;
         while ($row = mysql_fetch_array($sqlGetiCategoryQ, MYSQL_NUM)) {
             $arr[$i] = $row['0'];
             $i++;
         }
         $CategoriesId = implode(",", $arr);
         if (pligg_validate() == 1) {
             if ($db->query("INSERT INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', '" . $CategoriesId . "')")) {
                 $result = $db->get_row("SELECT user_email, user_pass, user_karma, user_lastlogin FROM " . table_users . " WHERE user_login = '******'");
                 $encode = md5($this->email . $result->user_karma . $this->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
                 $username = $this->username;
                 $password = $this->pass;
                 $my_base_url = $my_base_url;
                 $my_pligg_base = $my_pligg_base;
                 $domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
                 $validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . $this->username;
                 $str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
                 eval("\$str = \"{$str}\";");
                 $message = "{$str}";
                 if (phpnum() >= 5) {
                     require "class.phpmailer5.php";
                 } else {
                     require "class.phpmailer4.php";
                 }
                 $mail = new PHPMailer();
                 $mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
                 $mail->FromName = "Administrator";
                 $mail->AddAddress($this->email);
                 $mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
                 $mail->IsHTML(false);
                 $mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
                 $mail->Body = $message;
                 if (!$mail->Send()) {
                     return false;
                     exit;
                 }
                 return true;
             } else {
                 return false;
             }
         } else {
             if ($db->query("INSERT INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip, user_lastlogin,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', now(),'" . $CategoriesId . "')")) {
                 return true;
             } else {
                 return false;
             }
         }
     } else {
         die('User already exists');
     }
 }
Beispiel #12
0
 function Create()
 {
     global $db, $main_smarty, $the_template, $my_base_url, $my_pligg_base;
     if ($this->username == '') {
         return false;
     }
     if ($this->pass == '') {
         return false;
     }
     if ($this->email == '') {
         return false;
     }
     if (!user_exists($this->username)) {
         require_once mnminclude . 'check_behind_proxy.php';
         $userip = check_ip_behind_proxy();
         $saltedpass = generateHash($this->pass);
         if (pligg_validate()) {
             if ($db->query("INSERT IGNORE INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', '')")) {
                 $result = $db->get_row("SELECT user_email, user_pass, user_karma, user_lastlogin FROM " . table_users . " WHERE user_login = '******'");
                 $encode = md5($this->email . $result->user_karma . $this->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
                 $username = $this->username;
                 $password = $this->pass;
                 $my_base_url = $my_base_url;
                 $my_pligg_base = $my_pligg_base;
                 $domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
                 $validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . $this->username;
                 $str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
                 eval('$str = "' . str_replace('"', '\\"', $str) . '";');
                 $message = "{$str}";
                 if (phpnum() >= 5) {
                     require "class.phpmailer5.php";
                 } else {
                     require "class.phpmailer4.php";
                 }
                 $mail = new PHPMailer();
                 $mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
                 $mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
                 $mail->AddAddress($this->email);
                 $mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
                 $mail->IsHTML(false);
                 $mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
                 $mail->CharSet = 'utf-8';
                 $mail->Body = $message;
                 if (!$mail->Send()) {
                     return false;
                     exit;
                 }
                 return true;
             } else {
                 return false;
             }
         } else {
             if ($db->query("INSERT IGNORE INTO " . table_users . " (user_login, user_email, user_pass, user_date, user_ip, user_lastlogin,user_categories) VALUES ('" . $this->username . "', '" . $this->email . "', '" . $saltedpass . "', now(), '" . $userip . "', now(),'')")) {
                 return true;
             } else {
                 return false;
             }
         }
     } else {
         die('User already exists');
     }
 }
Beispiel #13
0
//echo $sLang;
$sPath = './languages/' . $sLang . '.php';
if (file_exists($sPath)) {
    require $sPath;
} else {
    //defualt lang english
    require './languages/en.php';
}
//if
//Security check
session_start();
if (!isset($_SESSION['login'])) {
    redirect('index.php');
}
//security
if (phpnum() == 5) {
    date_default_timezone_set($config['TIME_ZONE']);
}
$sMessage = '';
$cantFiles = 0;
$sPath = '';
if (!isset($_SESSION["path"])) {
    $sRootPath = getcwd();
    //Obtiene el directorio actual de trabajo.
    $_SESSION["path"] = $sRootPath;
    $sPath = $sRootPath;
    //	echo "session path ".$_SESSION["path"];
} else {
    $sPath = $_SESSION["path"];
    //		echo "Path: ".$sPath; //debug
    if (isset($_REQUEST["dir"])) {
function save_profile()
{
    global $user, $current_user, $db, $main_smarty, $CSRF, $canIhaveAccess, $language;
    if ($CSRF->check_valid(sanitize($_POST['token'], 3), 'profile_change')) {
        if (!isset($_POST['save_profile']) || !$_POST['process'] || !$canIhaveAccess && sanitize($_POST['user_id'], 3) != $current_user->user_id) {
            return;
        }
        if ($user->email != sanitize($_POST['email'], 3)) {
            if (!check_email(sanitize($_POST['email'], 3))) {
                $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadEmail");
                return $savemsg;
            } elseif (email_exists(trim(sanitize($_POST['email'], 3)))) {
                // if email already exists
                $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Error_EmailExists");
                return $savemsg;
            } else {
                if (pligg_validate()) {
                    $encode = md5($_POST['email'] . $user->karma . $user->username . pligg_hash() . $main_smarty->get_config_vars('PLIGG_Visual_Name'));
                    $domain = $main_smarty->get_config_vars('PLIGG_Visual_Name');
                    $validation = my_base_url . my_pligg_base . "/validation.php?code={$encode}&uid=" . urlencode($user->username) . "&email=" . urlencode($_POST['email']);
                    $str = $main_smarty->get_config_vars('PLIGG_PassEmail_verification_message');
                    eval("\$str = \"{$str}\";");
                    $message = "{$str}";
                    if (phpnum() >= 5) {
                        require "libs/class.phpmailer5.php";
                    } else {
                        require "libs/class.phpmailer4.php";
                    }
                    $mail = new PHPMailer();
                    $mail->From = $main_smarty->get_config_vars('PLIGG_PassEmail_From');
                    $mail->FromName = $main_smarty->get_config_vars('PLIGG_PassEmail_Name');
                    $mail->AddAddress($_POST['email']);
                    $mail->AddReplyTo($main_smarty->get_config_vars('PLIGG_PassEmail_From'));
                    $mail->IsHTML(false);
                    $mail->Subject = $main_smarty->get_config_vars('PLIGG_PassEmail_Subject_verification');
                    $mail->Body = $message;
                    $mail->CharSet = 'utf-8';
                    #print_r($mail);
                    if (!$mail->Send()) {
                        return false;
                    }
                    $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Register_Noemail") . ' ' . sprintf($main_smarty->get_config_vars("PLIGG_Visual_Register_ToDo"), $main_smarty->get_config_vars('PLIGG_PassEmail_From'));
                } else {
                    $user->email = sanitize($_POST['email'], 3);
                }
            }
        }
        $user->url = sanitize($_POST['url'], 3);
        $user->public_email = sanitize($_POST['public_email'], 3);
        $user->location = sanitize($_POST['location'], 3);
        $user->occupation = sanitize($_POST['occupation'], 3);
        $user->aim = sanitize($_POST['aim'], 3);
        $user->msn = sanitize($_POST['msn'], 3);
        $user->yahoo = sanitize($_POST['yahoo'], 3);
        $user->gtalk = sanitize($_POST['gtalk'], 3);
        $user->skype = sanitize($_POST['skype'], 3);
        $user->irc = sanitize($_POST['irc'], 3);
        $user->names = sanitize($_POST['names'], 3);
        if (user_language) {
            $user->language = sanitize($_POST['language'], 3);
        }
        // module system hook
        $vars = '';
        check_actions('profile_save', $vars);
        $avatar_source = sanitize($_POST['avatarsource'], 3);
        if ($avatar_source != "" && $avatar_source != "useruploaded") {
            loghack('Updating profile, avatar source is not one of the list options.', 'username: '******'|email: ' . sanitize($_POST["email"], 3));
            $avatar_source == "";
        }
        $user->avatar_source = $avatar_source;
        if (!empty($_POST['newpassword']) || !empty($_POST['newpassword2'])) {
            $oldpass = sanitize($_POST['oldpassword'], 3);
            $userX = $db->get_row("SELECT user_id, user_pass, user_login FROM " . table_users . " WHERE user_login = '******'");
            $saltedpass = generateHash($oldpass, substr($userX->user_pass, 0, SALT_LENGTH));
            if ($userX->user_pass == $saltedpass) {
                if (sanitize($_POST['newpassword'], 3) !== sanitize($_POST['newpassword2'], 3)) {
                    $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadPass");
                    return $savemsg;
                } else {
                    $saltedpass = generateHash(sanitize($_POST['newpassword'], 3));
                    $user->pass = $saltedpass;
                    $user->store();
                    $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_PassUpdated");
                    return $savemsg;
                }
            } else {
                $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_BadOldPass");
                return $savemsg;
            }
        }
        $user->store();
        $user->read();
        if ($language != $user->language) {
            header("Location: " . getmyurl('profile'));
            exit;
        }
        $current_user->Authenticate($user->username, $user->pass);
        if (!isset($savemsg)) {
            $savemsg = $main_smarty->get_config_vars("PLIGG_Visual_Profile_DataUpdated");
        }
        return $savemsg;
    } else {
        return 'There was a token error.';
    }
}
Beispiel #15
0
 function print_summary($type = 'full')
 {
     global $current_user, $globals, $the_template, $smarty;
     include_once './Smarty.class.php';
     $smarty = new Smarty();
     $smarty->compile_check = false;
     // enable caching at your own risk. this code is still experimental
     //$smarty->cache = true;
     $smarty->cache_lifetime = 120;
     $smarty->cache_dir = "templates_c/";
     $smarty->compile_dir = "templates_c/";
     $smarty->template_dir = "templates/";
     $smarty->config_dir = "";
     if (!$smarty->is_cached($the_template . '/link_summary.tpl', 'story' . $this->id . "|" . $current_user->user_id . "|" . $type)) {
         if (phpnum() == 4) {
             $smarty->force_compile = true;
         }
         $smarty = $this->fill_smarty($smarty, $type);
         $smarty->assign('use_title_as_link', use_title_as_link);
         $smarty->assign('open_in_new_window', open_in_new_window);
         $smarty->assign('use_thumbnails', use_thumbnails);
         $smarty->assign('the_template', The_Template);
         // this is soooo ugly. we'll fix this for beta 9
         $main_smarty = $smarty;
         include mnminclude . 'extra_fields_smarty.php';
         $smarty = $main_smarty;
     }
     $smarty->display($the_template . '/link_summary.tpl', 'story' . $this->id . "|" . $current_user->user_id . "|" . $type);
 }