function _slug($field)
{
if ($this->edit_slug()) {
return true;
}
if (!empty($this->slug) && $this->slug !== '__generate__') {
return true;
}
$this->load->helper(array('url', 'text', 'string'));
$slug = reduce_multiples(strtolower(url_title(convert_accented_characters($this->title), 'dash')), '-', true);
if (empty($slug)) {
$t = new Album();
$max = $t->select_max('id')->get();
$slug = $max->id + 1;
}
if (is_numeric($slug)) {
$slug = "{$slug}-1";
}
$s = new Slug();
while ($s->where('id', "album.{$slug}")->count() > 0) {
$slug = increment_string($slug, '-');
}
$this->db->query("INSERT INTO {$s->table}(id) VALUES ('album.{$slug}')");
$this->slug = $slug;
}
/**
* Send admin notification
*
* Sends an admin notification email
*
* @access public
* @param string
* @param int
* @param int
*/
function send_admin_notification($notify_address, $channel_id, $entry_id)
{
ee()->api->instantiate('channel_structure');
ee()->load->model('channel_entries_model');
$e = ee()->channel_entries_model->get_entry($entry_id, $channel_id);
$c = ee()->api_channel_structure->get_channel_info($channel_id);
$swap = array('name' => ee()->session->userdata('screen_name'), 'email' => ee()->session->userdata('email'), 'channel_name' => $c->row('channel_title'), 'entry_title' => $e->row('title'), 'entry_url' => reduce_double_slashes($c->row('channel_url') . '/' . $e->row('url_title')), 'comment_url' => reduce_double_slashes($c->row('comment_url') . '/' . $e->row('url_title')), 'cp_edit_entry_url' => cp_url('content_publish/entry_form', array('site_id' => $e->row('site_id'), 'channel_id' => $e->row('channel_id'), 'entry_id' => $e->row('entry_id')), TRUE));
$template = ee()->functions->fetch_email_template('admin_notify_entry');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// We don't want to send a notification to the user
// triggering the event
if (strpos($notify_address, ee()->session->userdata('email')) !== FALSE) {
$notify_address = str_replace(ee()->session->userdata('email'), "", $notify_address);
}
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
// Send email
ee()->load->library('email');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
}
}
}
public function clearLogs()
{
$directory = reduce_multiples(DOCROOT . SITEPATH . BASEPATH . 'logs/', '/');
if (!@is_dir($directory)) {
show_error('Directory not found.<br/><em>Path: ' . $directory . '</em>');
}
return shell_exec('rm -fv ' . $directory . 'log-*.php');
}
function zonepath($file = null, $zone = null)
{
$zone = is_null($zone) ? CI()->zone : $zone;
$path = SITEPATH . 'cms/' . $zone . '/';
if (!is_null($file)) {
$path .= '/' . $file;
}
return reduce_multiples($path, '/');
}
function _slug($field)
{
if ($this->edit_slug()) {
return true;
}
if (!empty($this->old_slug)) {
return true;
}
$this->load->helper(array('url', 'text', 'string'));
if (empty($this->title)) {
$info = pathinfo($this->filename);
$base = $info['filename'];
} else {
$base = $this->title;
}
$slug = reduce_multiples(strtolower(url_title(convert_accented_characters($base), 'dash')), '-', true);
if ($slug === $this->slug) {
return true;
}
if (empty($slug)) {
$t = new Content();
$max = $t->select_max('id')->get();
$slug = $max->id + 1;
}
if (is_numeric($slug)) {
$slug = "{$slug}-1";
}
$s = new Slug();
// Need to lock the table here to ensure that requests arriving at the same time
// still get unique slugs
if ($this->has_db_permission('lock tables')) {
$this->db->query("LOCK TABLE {$s->table} WRITE");
$locked = true;
} else {
$locked = false;
}
while ($s->where('id', "content.{$slug}")->count() > 0) {
$slug = increment_string($slug, '-');
}
$this->db->query("INSERT INTO {$s->table}(id) VALUES ('content.{$slug}')");
if ($locked) {
$this->db->query('UNLOCK TABLES');
}
if (empty($this->old_slug)) {
if (!empty($this->slug) && $this->slug !== '__generate__') {
$this->old_slug = ',' . $this->slug . ',';
} else {
if (!empty($this->title)) {
$this->old_slug = ',' . $slug . ',';
}
}
}
$this->slug = $slug;
}
public function test_reduce_multiples()
{
$strs = array('Fred, Bill,, Joe, Jimmy' => 'Fred, Bill, Joe, Jimmy', 'Ringo, John, Paul,,' => 'Ringo, John, Paul,');
foreach ($strs as $str => $expect) {
$this->assertEquals($expect, reduce_multiples($str));
}
$strs = array('Fred, Bill,, Joe, Jimmy' => 'Fred, Bill, Joe, Jimmy', 'Ringo, John, Paul,,' => 'Ringo, John, Paul');
foreach ($strs as $str => $expect) {
$this->assertEquals($expect, reduce_multiples($str, ',', TRUE));
}
}
public function __construct()
{
parent::__construct();
$lang = new MY_Lang();
$lang->load('install');
$lang->load('main');
// $this->host = 'http://' . str_replace('index.php', '', $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']) . 'index.php/';
$this->load->helper('string');
$this->load->helper('form_csrf');
$this->host = reduce_multiples($this->host);
$this->loadedExt = get_loaded_extensions();
}
function index()
{
// Make sure the user is not already logged in.
if ($this->authentication->isLoggedIn()) {
// Already logged in
redirect('/');
}
$form_action = $this->session->flashdata('redirect_uri') ? reduce_multiples(SITEPATH . $this->session->flashdata('redirect_uri'), '/') : $this->config->item('base_url');
$this->layout->appendTitle('Please Login');
$this->layout->setLayout('plain');
$this->layout->setBodyClass('popup plain');
$this->load->view('login/index', array('form_action' => $form_action));
}
public function get($fields = array(), $return = false)
{
$item = parent::get($fields);
$item_updated = array();
if (count($item)) {
// Make model specific updates to result array
for ($i = 0; $i < count($item); $i++) {
$row = $item[$i];
if (empty($params['SELECT_SET']) || $params['SELECT_SET'] != 'basic') {
$row['sort_name'] = strtolower($row['title']);
$row['date'] = date('m-d-Y H:i', strtotime($row[$this->date_field['update']]));
$row['timestamp'] = date('U', strtotime($row[$this->date_field['update']]));
// Only perform the following if this is a file
if (!empty($row['type']) && $row['type'] == 'file') {
$var_length = (int) $this->FILE_CONF['file_dir_depth'] * 3;
$path_array = str_split(str_pad($row[$this->id_field], $var_length, '0', STR_PAD_LEFT), 3);
$upload_path = implode('/', $path_array);
/*
// To get the file's directory path. Don't need but lets keep around.
unset($path_array[count($path_array)-1]);
$dir_path = implode('/', $path_array);
$row['server_dir'] = DOCROOT . $this->FILE_CONF['file_location'] . $dir_path;
*/
$base_view_path = $row[$this->id_field] . ($this->FILE_CONF['force_name_in_uri'] ? '/' . $row['file_name'] : '') . $row['ext'];
// Add file paths
// $row['real_path'] = DOCROOT . zonepath($this->FILE_CONF['file_directory'] . '/' . $upload_path . $row['ext'], 'local');
$row['base_path'] = DOCROOT . zonepath($this->FILE_CONF['file_directory'] . '/' . $upload_path, 'local');
$row['server_path'] = $row['base_path'] . $row['ext'];
$row['view_path'] = reduce_multiples($this->FILE_CONF['file_website_location'] . $base_view_path, '/');
$row['manage_path'] = reduce_multiples(SITEPATH . $this->zone . CI()->SITE_CONF['file_uri_trigger'] . '/' . $base_view_path, '/');
// Add file size
$row['file_size'] = file_exists($row['server_path']) ? filesize($row['server_path']) : 0;
$row['file_size_display'] = file_exists($row['server_path']) ? $this->formatFileSize(filesize($row['server_path'])) : 0;
}
}
$item_updated[] = $row;
}
if (count($item_updated) > 1 && !empty($item_updated[0]['sort_name'])) {
// Sort array
$sort_array = array();
foreach ($item_updated as $row) {
$sort_array[] = $row['sort_name'];
}
array_multisort($sort_array, SORT_ASC, $item_updated);
}
}
return $item_updated;
}
/**
* @Description: description
* @Params: assetid
*
* @returns: array (sectionid, entryid)
*/
public function del_asset($assetid)
{
$this->db->select('*');
$this->db->from('assetfields');
$this->db->where('id', $assetid);
$this->db->limit(1);
$query = $this->db->get();
$entryid = "";
$fieldname = "";
foreach ($query->result() as $row) {
$entryid = $row->entryid;
$fieldname = $row->fieldname;
}
//now get the sectionid
$this->db->select('sectionid');
$this->db->from('entry');
$this->db->where('id', $entryid);
$this->db->limit(1);
$query2 = $this->db->get();
$sectionid = "";
foreach ($query2->result() as $row) {
$sectionid = $row->sectionid;
}
//now do the delete
$this->db->where('id', $assetid);
$this->db->delete('assetfields');
//now remove from contents table
$this->db->select($fieldname);
$this->db->from('content');
$this->db->where('entryid', $entryid);
$query = $this->db->get();
$orig = "";
foreach ($query->result() as $row) {
$orig = $row->{$fieldname};
}
//remove id rebuild comma delimited string
$orig = str_replace($assetid, "", $orig);
//utlitise string helper to tidy comma output
$orig = reduce_multiples($orig, ",", TRUE);
$object = array($fieldname => $orig);
$this->db->where('entryid', $entryid);
$this->db->update('content', $object);
$tmp = array('entryid' => $entryid, 'sectionid' => $sectionid);
return $tmp;
}
/**
* Show the folders contents
*/
public function contents($id = '', $filter = '')
{
if (!$this->file_folders_m->exists($id)) {
show_error(lang('files.folders.not_exists'));
}
$this->load->library('table');
// Make a breadcrumb trail
$crumbs = $this->file_folders_m->breadcrumb($id);
$breadcrumb = '';
foreach ($crumbs as $item) {
$breadcrumb .= $item['name'] . ' » ';
}
$this->data->crumbs = trim(reduce_multiples($breadcrumb, "» "));
// Get a list of all child folders
$this->file_folders_m->clear_folders();
if (isset($crumbs[0]['id']) && $crumbs[0]['id'] != '') {
$this->file_folders_m->folder_tree($crumbs[0]['id']);
} else {
$this->file_folders_m->folder_tree($id);
}
$sub_folders = $this->file_folders_m->get_folders();
// Get the selected information.
$this->data->folder = $this->file_folders_m->get($id);
$this->data->selected_folder = 0;
$this->data->id = $id;
$this->data->selected_filter = $filter;
$this->data->types = array('a' => lang('files.a'), 'v' => lang('files.v'), 'd' => lang('files.d'), 'i' => lang('files.i'), 'o' => lang('files.o'));
$this->file_m->order_by('date_added', 'DESC');
// Get all files
if ($filter != '') {
$this->data->files = $this->file_m->get_many_by(array('folder_id' => $id, 'type' => $filter));
} else {
$this->data->files = $this->file_m->get_many_by('folder_id', $id);
}
// Set a default label
if (empty($sub_folders)) {
$sub_folders = array(0 => lang('files.dropdown.no_subfolders'));
} else {
$sub_folders = array(0 => lang('files.dropdown.root')) + $sub_folders;
}
$this->data->sub_folders = $sub_folders;
$this->load->view('admin/folders/contents', $this->data);
}
function __construct()
{
parent::__construct();
$this->checkPHPVersion();
$this->load->helper(array('form', 'url', 'date', 'html_entities', 'string', 'encryption'));
$this->load->library(array('session', 'xsl_transform'));
$this->load->model('config_model');
$this->SITE_CONF = $this->loadConfig('website');
// Show output profiler?
if ($this->input->get('show_profiler')) {
$this->output->enable_profiler(TRUE);
}
$this->current_uri = reduce_multiples(SITEPATH . $this->uri->uri_string(), '/');
// Set timezone
if (!empty($this->SITE_CONF['timezone'])) {
date_default_timezone_set($this->SITE_CONF['timezone']);
}
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
$this->is_ajax = TRUE;
}
}
function _slug($field)
{
if ($this->edit_slug()) {
return true;
}
$this->load->helper(array('url', 'text', 'string'));
$slug = reduce_multiples(strtolower(url_title(convert_accented_characters($this->title), 'dash')), '-', true);
if (empty($slug)) {
$t = new Text();
$max = $t->select_max('id')->get();
$slug = $max->id + 1;
}
if (is_numeric($slug)) {
$slug = "{$slug}-1";
}
if ($this->slug === $slug || !empty($this->slug) && $this->slug !== '__generate__') {
return;
}
$s = new Slug();
// Need to lock the table here to ensure that requests arriving at the same time
// still get unique slugs
if ($this->has_db_permission('lock tables')) {
$this->db->query("LOCK TABLE {$s->table} WRITE");
$locked = true;
} else {
$locked = false;
}
$page_type = is_numeric($this->page_type) ? $this->page_type : 0;
$prefix = $page_type === 1 ? 'page' : 'essay';
while ($s->where('id', "{$prefix}.{$slug}")->count() > 0) {
$slug = increment_string($slug, '-');
}
$this->db->query("INSERT INTO {$s->table}(id) VALUES ('{$prefix}.{$slug}')");
if ($locked) {
$this->db->query('UNLOCK TABLES');
}
$this->slug = $slug;
}
/**
* Send email notifications to email addresses for the respective member
* group of the users being deleted
*
* @param Array $member_ids Array of member_ids being deleted
* @return void
*/
private function _member_delete_notifications($member_ids)
{
// Email notification recipients
$group_query = ee()->db->distinct('member_id')->select('screen_name, email, mbr_delete_notify_emails')->join('member_groups', 'members.group_id = member_groups.group_id', 'left')->where('mbr_delete_notify_emails !=', '')->where_in('member_id', $member_ids)->get('members');
foreach ($group_query->result() as $member) {
$notify_address = $member->mbr_delete_notify_emails;
$swap = array('name' => $member->screen_name, 'email' => $member->email, 'site_name' => stripslashes(ee()->config->item('site_name')));
ee()->lang->loadfile('member');
$email_title = ee()->functions->var_swap(lang('mbr_delete_notify_title'), $swap);
$email_message = ee()->functions->var_swap(lang('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (strpos($notify_address, $member->email) !== FALSE) {
$notify_address = str_replace($member->email, "", $notify_address);
}
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
ee()->load->library('email');
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = FALSE;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_title);
ee()->email->message(entities_to_ascii($email_message));
ee()->email->send();
}
}
}
}
/**
* Get Category By Article.
*
* Get a list of categories an article is associated with.
*
* @access public
* @param int the unique id
* @return array
*/
function get_cats_by_article($id)
{
$this->db->from('article2cat');
$this->db->join('categories', 'category_id_rel = cat_id', 'left');
$this->db->where('article_id_rel', (int) $id);
$this->db->where('cat_display', 'yes');
$query = $this->db->get();
if ($query->num_rows() == 0) {
return FALSE;
}
$this->load->helper('string');
$output = '';
foreach ($query->result_array() as $row) {
$output .= ' ' . anchor('categories/' . $row['cat_uri'], $row['cat_name']) . ',';
}
return reduce_multiples($output, ',', TRUE);
}
/**
* Member self-delete
*/
public function member_delete()
{
// Make sure they got here via a form
if (!ee()->input->post('ACT')) {
// No output for you, Mr. URL Hax0r
return FALSE;
}
ee()->lang->loadfile('login');
// No sneakiness - we'll do this in case the site administrator
// has foolishly turned off secure forms and some monkey is
// trying to delete their account from an off-site form or
// after logging out.
if (ee()->session->userdata('member_id') == 0 or ee()->session->userdata('can_delete_self') !== 'y') {
return ee()->output->show_user_error('general', ee()->lang->line('not_authorized'));
}
// If the user is a SuperAdmin, then no deletion
if (ee()->session->userdata('group_id') == 1) {
return ee()->output->show_user_error('general', ee()->lang->line('cannot_delete_super_admin'));
}
// Is IP and User Agent required for login? Then, same here.
if (ee()->config->item('require_ip_for_login') == 'y') {
if (ee()->session->userdata('ip_address') == '' or ee()->session->userdata('user_agent') == '') {
return ee()->output->show_user_error('general', ee()->lang->line('unauthorized_request'));
}
}
// Check password lockout status
if (ee()->session->check_password_lockout(ee()->session->userdata('username')) === TRUE) {
ee()->lang->loadfile('login');
return ee()->output->show_user_error('general', sprintf(lang('password_lockout_in_effect'), ee()->config->item('password_lockout_interval')));
}
// Are you who you say you are, or someone sitting at someone
// else's computer being mean?!
ee()->load->library('auth');
if (!ee()->auth->authenticate_id(ee()->session->userdata('member_id'), ee()->input->post('password'))) {
ee()->session->save_password_lockout(ee()->session->userdata('username'));
return ee()->output->show_user_error('general', ee()->lang->line('invalid_pw'));
}
// No turning back, get to deletin'!
ee()->load->model('member_model');
ee()->member_model->delete_member(ee()->session->userdata('member_id'));
// Email notification recipients
if (ee()->session->userdata('mbr_delete_notify_emails') != '') {
$notify_address = ee()->session->userdata('mbr_delete_notify_emails');
$swap = array('name' => ee()->session->userdata('screen_name'), 'email' => ee()->session->userdata('email'), 'site_name' => stripslashes(ee()->config->item('site_name')));
$email_subject = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_title'), $swap);
$email_msg = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (strpos($notify_address, ee()->session->userdata('email')) !== FALSE) {
$notify_address = str_replace(ee()->session->userdata('email'), "", $notify_address);
}
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
// Send email
ee()->load->library('email');
// Load the text helper
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = FALSE;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_subject);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
}
}
}
ee()->db->where('session_id', ee()->session->userdata('session_id'))->delete('sessions');
ee()->functions->set_cookie(ee()->session->c_session);
ee()->functions->set_cookie(ee()->session->c_expire);
ee()->functions->set_cookie(ee()->session->c_anon);
ee()->functions->set_cookie('read_topics');
ee()->functions->set_cookie('tracker');
// Build Success Message
$url = ee()->config->item('site_url');
$name = stripslashes(ee()->config->item('site_name'));
$data = array('title' => ee()->lang->line('mbr_delete'), 'heading' => ee()->lang->line('thank_you'), 'content' => ee()->lang->line('mbr_account_deleted'), 'redirect' => '', 'link' => array($url, $name));
ee()->output->show_message($data);
}
</ul></div>
<div id='friends' class="reputation_content" style="display: none">
<div class="Box_Content" id='Box_Content'>
<!-- Status Bottom Blk -->
<div class="Sta_Bttm_Blk" >
<ul>
<?php
$CI =& get_instance();
$friends_id = $CI->fb_friends_id($room_id);
if ($friends_id) {
foreach ($friends_id as $fb_id) {
$this->load->helper('string');
$frnds_id = reduce_multiples($fb_id, ",", TRUE);
// echo $frnds_id;
?>
<li class="clearfix">
<div class="Sta_Rat_Prof clsFloatLeft apt_profile">
<a href="<?php
echo site_url('users/profile') . '/' . $frnds_id;
?>
">
<img height="82" width="76" src="<?php
echo $this->Gallery->profilepic($frnds_id, 2);
?>
" alt="Profile" />
</a>
<center><span class="apt_username"><?php
/**
* Insert New Comment
*
* @access public
* @return string
*/
function insert_new_comment()
{
$default = array('name', 'email', 'url', 'comment', 'location', 'entry_id');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
// No entry ID? What the heck are they doing?
if (!is_numeric($_POST['entry_id'])) {
return FALSE;
}
/** ----------------------------------------
/** Fetch the comment language pack
/** ----------------------------------------*/
ee()->lang->loadfile('comment');
// No comment- let's end it here
if (trim($_POST['comment']) == '') {
$error = ee()->lang->line('cmt_missing_comment');
return ee()->output->show_user_error('submission', $error);
}
/** ----------------------------------------
/** Is the user banned?
/** ----------------------------------------*/
if (ee()->session->userdata['is_banned'] == TRUE) {
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Is the IP address and User Agent required?
/** ----------------------------------------*/
if (ee()->config->item('require_ip_for_posting') == 'y') {
if (ee()->input->ip_address() == '0.0.0.0' or ee()->session->userdata['user_agent'] == "") {
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
}
/** ----------------------------------------
/** Is the nation of the user banend?
/** ----------------------------------------*/
ee()->session->nation_ban_check();
/** ----------------------------------------
/** Can the user post comments?
/** ----------------------------------------*/
if (ee()->session->userdata['can_post_comments'] == 'n') {
$error[] = ee()->lang->line('cmt_no_authorized_for_comments');
return ee()->output->show_user_error('general', $error);
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if (ee()->blacklist->blacklisted == 'y' && ee()->blacklist->whitelisted == 'n') {
return ee()->output->show_user_error('general', array(ee()->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Is this a preview request?
/** ----------------------------------------*/
if (isset($_POST['preview'])) {
return $this->preview_handler();
}
// -------------------------------------------
// 'insert_comment_start' hook.
// - Allows complete rewrite of comment submission routine.
// - Or could be used to modify the POST data before processing
//
ee()->extensions->call('insert_comment_start');
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** ----------------------------------------
/** Fetch channel preferences
/** ----------------------------------------*/
// Bummer, saw the hook after converting the query
/*
ee()->db->select('channel_titles.title, channel_titles.url_title, channel_titles.channel_id, channel_titles.author_id,
channel_titles.comment_total, channel_titles.allow_comments, channel_titles.entry_date, channel_titles.comment_expiration_date,
channels.channel_title, channels.comment_system_enabled, channels.comment_max_chars, channels.comment_use_captcha,
channels.comment_timelock, channels.comment_require_membership, channels.comment_moderate, channels.comment_require_email,
channels.comment_notify, channels.comment_notify_authors, channels.comment_notify_emails, channels.comment_expiration'
);
ee()->db->from(array('channel_titles', 'channels'));
ee()->db->where('channel_titles.channel_id = channels.channel_id');
ee()->db->where('channel_titles.entry_id', $_POST['entry_id']);
ee()->db->where('channel_titles.status', 'closed');
*/
$sql = "SELECT exp_channel_titles.title,\n\t\t\t\texp_channel_titles.url_title,\n\t\t\t\texp_channel_titles.entry_id,\n\t\t\t\texp_channel_titles.channel_id,\n\t\t\t\texp_channel_titles.author_id,\n\t\t\t\texp_channel_titles.allow_comments,\n\t\t\t\texp_channel_titles.entry_date,\n\t\t\t\texp_channel_titles.comment_expiration_date,\n\t\t\t\texp_channels.channel_title,\n\t\t\t\texp_channels.comment_system_enabled,\n\t\t\t\texp_channels.comment_max_chars,\n\t\t\t\texp_channels.comment_use_captcha,\n\t\t\t\texp_channels.comment_timelock,\n\t\t\t\texp_channels.comment_require_membership,\n\t\t\t\texp_channels.comment_moderate,\n\t\t\t\texp_channels.comment_require_email,\n\t\t\t\texp_channels.comment_notify,\n\t\t\t\texp_channels.comment_notify_authors,\n\t\t\t\texp_channels.comment_notify_emails,\n\t\t\t\texp_channels.comment_expiration,\n\t\t\t\texp_channels.channel_url,\n\t\t\t\texp_channels.comment_url,\n\t\t\t\texp_channels.site_id\n\t\t\tFROM\texp_channel_titles, exp_channels\n\t\t\tWHERE\texp_channel_titles.channel_id = exp_channels.channel_id\n\t\t\tAND\texp_channel_titles.entry_id = '" . ee()->db->escape_str($_POST['entry_id']) . "'";
// Added entry_status param, so it is possible to post to closed title
//AND exp_channel_titles.status != 'closed' ";
// -------------------------------------------
// 'insert_comment_preferences_sql' hook.
// - Rewrite or add to the comment preference sql query
// - Could be handy for comment/channel restrictions
//
if (ee()->extensions->active_hook('insert_comment_preferences_sql') === TRUE) {
$sql = ee()->extensions->call('insert_comment_preferences_sql', $sql);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
//
// -------------------------------------------
$query = ee()->db->query($sql);
unset($sql);
if ($query->num_rows() == 0) {
return FALSE;
}
/** ----------------------------------------
/** Are comments allowed?
/** ----------------------------------------*/
if ($query->row('allow_comments') == 'n' or $query->row('comment_system_enabled') == 'n') {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_comments_not_allowed'));
}
/** ----------------------------------------
/** Has commenting expired?
/** ----------------------------------------*/
$force_moderation = $query->row('comment_moderate');
if ($this->comment_expiration_mode == 0) {
if ($query->row('comment_expiration_date') > 0) {
if (ee()->localize->now > $query->row('comment_expiration_date')) {
if (ee()->config->item('comment_moderation_override') == 'y') {
$force_moderation = 'y';
} else {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_commenting_has_expired'));
}
}
}
} else {
if ($query->row('comment_expiration') > 0) {
$days = $query->row('entry_date') + $query->row('comment_expiration') * 86400;
if (ee()->localize->now > $days) {
if (ee()->config->item('comment_moderation_override') == 'y') {
$force_moderation = 'y';
} else {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_commenting_has_expired'));
}
}
}
}
/** ----------------------------------------
/** Is there a comment timelock?
/** ----------------------------------------*/
if ($query->row('comment_timelock') != '' and $query->row('comment_timelock') > 0) {
if (ee()->session->userdata['group_id'] != 1) {
$time = ee()->localize->now - $query->row('comment_timelock');
ee()->db->where('comment_date >', $time);
ee()->db->where('ip_address', ee()->input->ip_address());
$result = ee()->db->count_all_results('comments');
if ($result > 0) {
return ee()->output->show_user_error('submission', str_replace("%s", $query->row('comment_timelock'), ee()->lang->line('cmt_comments_timelock')));
}
}
}
/** ----------------------------------------
/** Do we allow duplicate data?
/** ----------------------------------------*/
if (ee()->config->item('deny_duplicate_data') == 'y') {
if (ee()->session->userdata['group_id'] != 1) {
ee()->db->where('comment', $_POST['comment']);
$result = ee()->db->count_all_results('comments');
if ($result > 0) {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_duplicate_comment_warning'));
}
}
}
/** ----------------------------------------
/** Assign data
/** ----------------------------------------*/
$author_id = $query->row('author_id');
$entry_title = $query->row('title');
$url_title = $query->row('url_title');
$channel_title = $query->row('channel_title');
$channel_id = $query->row('channel_id');
$require_membership = $query->row('comment_require_membership');
$comment_moderate = (ee()->session->userdata['group_id'] == 1 or ee()->session->userdata['exclude_from_moderation'] == 'y') ? 'n' : $force_moderation;
$author_notify = $query->row('comment_notify_authors');
$comment_url = $query->row('comment_url');
$channel_url = $query->row('channel_url');
$entry_id = $query->row('entry_id');
$comment_site_id = $query->row('site_id');
$notify_address = ($query->row('comment_notify') == 'y' and $query->row('comment_notify_emails') != '') ? $query->row('comment_notify_emails') : '';
/** ----------------------------------------
/** Start error trapping
/** ----------------------------------------*/
$error = array();
if (ee()->session->userdata('member_id') != 0) {
// If the user is logged in we'll reassign the POST variables with the user data
$_POST['name'] = ee()->session->userdata['screen_name'] != '' ? ee()->session->userdata['screen_name'] : ee()->session->userdata['username'];
$_POST['email'] = ee()->session->userdata['email'];
$_POST['url'] = is_null(ee()->session->userdata['url']) ? '' : ee()->session->userdata['url'];
$_POST['location'] = is_null(ee()->session->userdata['location']) ? '' : ee()->session->userdata['location'];
}
/** ----------------------------------------
/** Is membership is required to post...
/** ----------------------------------------*/
if ($require_membership == 'y') {
// Not logged in
if (ee()->session->userdata('member_id') == 0) {
return ee()->output->show_user_error('submission', ee()->lang->line('cmt_must_be_member'));
}
// Membership is pending
if (ee()->session->userdata['group_id'] == 4) {
return ee()->output->show_user_error('general', ee()->lang->line('cmt_account_not_active'));
}
} else {
/** ----------------------------------------
/** Missing name?
/** ----------------------------------------*/
if (trim($_POST['name']) == '') {
$error[] = ee()->lang->line('cmt_missing_name');
}
/** -------------------------------------
/** Is name banned?
/** -------------------------------------*/
if (ee()->session->ban_check('screen_name', $_POST['name'])) {
$error[] = ee()->lang->line('cmt_name_not_allowed');
}
// Let's make sure they aren't putting in funky html to bork our screens
$_POST['name'] = str_replace(array('<', '>'), array('<', '>'), $_POST['name']);
/** ----------------------------------------
/** Missing or invalid email address
/** ----------------------------------------*/
if ($query->row('comment_require_email') == 'y') {
ee()->load->helper('email');
if ($_POST['email'] == '') {
$error[] = ee()->lang->line('cmt_missing_email');
} elseif (!valid_email($_POST['email'])) {
$error[] = ee()->lang->line('cmt_invalid_email');
}
}
}
/** -------------------------------------
/** Is email banned?
/** -------------------------------------*/
if ($_POST['email'] != '') {
if (ee()->session->ban_check('email', $_POST['email'])) {
$error[] = ee()->lang->line('cmt_banned_email');
}
}
/** ----------------------------------------
/** Is comment too big?
/** ----------------------------------------*/
if ($query->row('comment_max_chars') != '' and $query->row('comment_max_chars') != 0) {
if (strlen($_POST['comment']) > $query->row('comment_max_chars')) {
$str = str_replace("%n", strlen($_POST['comment']), ee()->lang->line('cmt_too_large'));
$str = str_replace("%x", $query->row('comment_max_chars'), $str);
$error[] = $str;
}
}
/** ----------------------------------------
/** Do we have errors to display?
/** ----------------------------------------*/
if (count($error) > 0) {
return ee()->output->show_user_error('submission', $error);
}
/** ----------------------------------------
/** Do we require CAPTCHA?
/** ----------------------------------------*/
if ($query->row('comment_use_captcha') == 'y') {
if (ee()->config->item('captcha_require_members') == 'y' or ee()->config->item('captcha_require_members') == 'n' and ee()->session->userdata('member_id') == 0) {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
return ee()->output->show_user_error('submission', ee()->lang->line('captcha_required'));
} else {
ee()->db->where('word', $_POST['captcha']);
ee()->db->where('ip_address', ee()->input->ip_address());
ee()->db->where('date > UNIX_TIMESTAMP()-7200', NULL, FALSE);
$result = ee()->db->count_all_results('captcha');
if ($result == 0) {
return ee()->output->show_user_error('submission', ee()->lang->line('captcha_incorrect'));
}
// @TODO: AR
ee()->db->query("DELETE FROM exp_captcha WHERE (word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
}
}
/** ----------------------------------------
/** Build the data array
/** ----------------------------------------*/
ee()->load->helper('url');
$notify = ee()->input->post('notify_me') ? 'y' : 'n';
$cmtr_name = ee()->input->post('name', TRUE);
$cmtr_email = ee()->input->post('email');
$cmtr_loc = ee()->input->post('location', TRUE);
$cmtr_url = ee()->input->post('url', TRUE);
$cmtr_url = prep_url($cmtr_url);
$data = array('channel_id' => $channel_id, 'entry_id' => $_POST['entry_id'], 'author_id' => ee()->session->userdata('member_id'), 'name' => $cmtr_name, 'email' => $cmtr_email, 'url' => $cmtr_url, 'location' => $cmtr_loc, 'comment' => ee()->security->xss_clean($_POST['comment']), 'comment_date' => ee()->localize->now, 'ip_address' => ee()->input->ip_address(), 'status' => $comment_moderate == 'y' ? 'p' : 'o', 'site_id' => $comment_site_id);
// -------------------------------------------
// 'insert_comment_insert_array' hook.
// - Modify any of the soon to be inserted values
//
if (ee()->extensions->active_hook('insert_comment_insert_array') === TRUE) {
$data = ee()->extensions->call('insert_comment_insert_array', $data);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
//
// -------------------------------------------
$return_link = !stristr($_POST['RET'], 'http://') && !stristr($_POST['RET'], 'https://') ? ee()->functions->create_url($_POST['RET']) : $_POST['RET'];
// Secure Forms check
if (ee()->security->secure_forms_check(ee()->input->post('XID')) == FALSE) {
ee()->functions->redirect(stripslashes($return_link));
}
// Insert data
$sql = ee()->db->insert_string('exp_comments', $data);
ee()->db->query($sql);
$comment_id = ee()->db->insert_id();
if ($notify == 'y') {
ee()->load->library('subscription');
ee()->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
if ($cmtr_id = ee()->session->userdata('member_id')) {
ee()->subscription->subscribe($cmtr_id);
} else {
ee()->subscription->subscribe($cmtr_email);
}
}
if ($comment_moderate == 'n') {
/** ------------------------------------------------
/** Update comment total and "recent comment" date
/** ------------------------------------------------*/
ee()->db->set('recent_comment_date', ee()->localize->now);
ee()->db->where('entry_id', $_POST['entry_id']);
ee()->db->update('channel_titles');
/** ----------------------------------------
/** Update member comment total and date
/** ----------------------------------------*/
if (ee()->session->userdata('member_id') != 0) {
ee()->db->select('total_comments');
ee()->db->where('member_id', ee()->session->userdata('member_id'));
$query = ee()->db->get('members');
ee()->db->set('total_comments', $query->row('total_comments') + 1);
ee()->db->set('last_comment_date', ee()->localize->now);
ee()->db->where('member_id', ee()->session->userdata('member_id'));
ee()->db->update('members');
}
/** ----------------------------------------
/** Update comment stats
/** ----------------------------------------*/
ee()->stats->update_comment_stats($channel_id, ee()->localize->now);
/** ----------------------------------------
/** Fetch email notification addresses
/** ----------------------------------------*/
ee()->load->library('subscription');
ee()->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
// Remove the current user
$ignore = ee()->session->userdata('member_id') != 0 ? ee()->session->userdata('member_id') : ee()->input->post('email');
// Grab them all
$subscriptions = ee()->subscription->get_subscriptions($ignore);
ee()->load->model('comment_model');
ee()->comment_model->recount_entry_comments(array($entry_id));
$recipients = ee()->comment_model->fetch_email_recipients($_POST['entry_id'], $subscriptions);
}
/** ----------------------------------------
/** Fetch Author Notification
/** ----------------------------------------*/
if ($author_notify == 'y') {
ee()->db->select('email');
ee()->db->where('member_id', $author_id);
$result = ee()->db->get('members');
$notify_address .= ',' . $result->row('email');
}
/** ----------------------------------------
/** Instantiate Typography class
/** ----------------------------------------*/
ee()->load->library('typography');
ee()->typography->initialize(array('parse_images' => FALSE, 'allow_headings' => FALSE, 'smileys' => FALSE, 'word_censor' => ee()->config->item('comment_word_censoring') == 'y' ? TRUE : FALSE));
$comment = ee()->security->xss_clean($_POST['comment']);
$comment = ee()->typography->parse_type($comment, array('text_format' => 'none', 'html_format' => 'none', 'auto_links' => 'n', 'allow_img_url' => 'n'));
$path = $comment_url == '' ? $channel_url : $comment_url;
$comment_url_title_auto_path = reduce_double_slashes($path . '/' . $url_title);
/** ----------------------------
/** Send admin notification
/** ----------------------------*/
if ($notify_address != '') {
$cp_url = ee()->config->item('cp_url') . '?S=0&D=cp&C=addons_modules&M=show_module_cp&module=comment';
$swap = array('name' => $cmtr_name, 'name_of_commenter' => $cmtr_name, 'email' => $cmtr_email, 'url' => $cmtr_url, 'location' => $cmtr_loc, 'channel_name' => $channel_title, 'entry_title' => $entry_title, 'comment_id' => $comment_id, 'comment' => $comment, 'comment_url' => reduce_double_slashes(ee()->input->remove_session_id(ee()->functions->fetch_site_index() . '/' . $_POST['URI'])), 'delete_link' => $cp_url . '&method=delete_comment_confirm&comment_id=' . $comment_id, 'approve_link' => $cp_url . '&method=change_comment_status&comment_id=' . $comment_id . '&status=o', 'close_link' => $cp_url . '&method=change_comment_status&comment_id=' . $comment_id . '&status=c', 'channel_id' => $channel_id, 'entry_id' => $entry_id, 'url_title' => $url_title, 'comment_url_title_auto_path' => $comment_url_title_auto_path);
$template = ee()->functions->fetch_email_template('admin_notify_comment');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// We don't want to send an admin notification if the person
// leaving the comment is an admin in the notification list
// For added security, we only trust the post email if the
// commenter is logged in.
if (ee()->session->userdata('member_id') != 0 && $_POST['email'] != '') {
if (strpos($notify_address, $_POST['email']) !== FALSE) {
$notify_address = str_replace($_POST['email'], '', $notify_address);
}
}
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
ee()->load->library('email');
$replyto = $data['email'] == '' ? ee()->config->item('webmaster_email') : $data['email'];
$sent = array();
// Load the text helper
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
if (in_array($addy, $sent)) {
continue;
}
ee()->email->EE_initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to($replyto);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
$sent[] = $addy;
}
}
}
/** ----------------------------------------
/** Send user notifications
/** ----------------------------------------*/
if ($comment_moderate == 'n') {
$email_msg = '';
if (count($recipients) > 0) {
$action_id = ee()->functions->fetch_action_id('Comment_mcp', 'delete_comment_notification');
$swap = array('name_of_commenter' => $cmtr_name, 'channel_name' => $channel_title, 'entry_title' => $entry_title, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'), 'comment_url' => reduce_double_slashes(ee()->input->remove_session_id(ee()->functions->fetch_site_index() . '/' . $_POST['URI'])), 'comment_id' => $comment_id, 'comment' => $comment, 'channel_id' => $channel_id, 'entry_id' => $entry_id, 'url_title' => $url_title, 'comment_url_title_auto_path' => $comment_url_title_auto_path);
$template = ee()->functions->fetch_email_template('comment_notification');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
ee()->load->library('email');
ee()->email->wordwrap = true;
$cur_email = $_POST['email'] == '' ? FALSE : $_POST['email'];
if (!isset($sent)) {
$sent = array();
}
// Load the text helper
ee()->load->helper('text');
foreach ($recipients as $val) {
// We don't notify the person currently commenting. That would be silly.
if (!in_array($val['0'], $sent)) {
$title = $email_tit;
$message = $email_msg;
$sub = $subscriptions[$val['1']];
$sub_qs = 'id=' . $sub['subscription_id'] . '&hash=' . $sub['hash'];
// Deprecate the {name} variable at some point
$title = str_replace('{name}', $val['2'], $title);
$message = str_replace('{name}', $val['2'], $message);
$title = str_replace('{name_of_recipient}', $val['2'], $title);
$message = str_replace('{name_of_recipient}', $val['2'], $message);
$title = str_replace('{notification_removal_url}', ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&' . $sub_qs, $title);
$message = str_replace('{notification_removal_url}', ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&' . $sub_qs, $message);
ee()->email->EE_initialize();
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($val['0']);
ee()->email->subject($title);
ee()->email->message(entities_to_ascii($message));
ee()->email->send();
$sent[] = $val['0'];
}
}
}
/** ----------------------------------------
/** Clear cache files
/** ----------------------------------------*/
ee()->functions->clear_caching('all', ee()->functions->fetch_site_index() . $_POST['URI']);
// clear out the entry_id version if the url_title is in the URI, and vice versa
if (preg_match("#\\/" . preg_quote($url_title) . "\\/#", $_POST['URI'], $matches)) {
ee()->functions->clear_caching('all', ee()->functions->fetch_site_index() . preg_replace("#" . preg_quote($matches['0']) . "#", "/{$data['entry_id']}/", $_POST['URI']));
} else {
ee()->functions->clear_caching('all', ee()->functions->fetch_site_index() . preg_replace("#{$data['entry_id']}#", $url_title, $_POST['URI']));
}
}
/** ----------------------------------------
/** Set cookies
/** ----------------------------------------*/
if ($notify == 'y') {
ee()->functions->set_cookie('notify_me', 'yes', 60 * 60 * 24 * 365);
} else {
ee()->functions->set_cookie('notify_me', 'no', 60 * 60 * 24 * 365);
}
if (ee()->input->post('save_info')) {
ee()->functions->set_cookie('save_info', 'yes', 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_name', $_POST['name'], 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_email', $_POST['email'], 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_url', $_POST['url'], 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_location', $_POST['location'], 60 * 60 * 24 * 365);
} else {
ee()->functions->set_cookie('save_info', 'no', 60 * 60 * 24 * 365);
ee()->functions->set_cookie('my_name', '');
ee()->functions->set_cookie('my_email', '');
ee()->functions->set_cookie('my_url', '');
ee()->functions->set_cookie('my_location', '');
}
// -------------------------------------------
// 'insert_comment_end' hook.
// - More emails, more processing, different redirect
// - $comment_id added in 1.6.1
//
ee()->extensions->call('insert_comment_end', $data, $comment_moderate, $comment_id);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -------------------------------------------
/** Bounce user back to the comment page
/** -------------------------------------------*/
if ($comment_moderate == 'y') {
$data = array('title' => ee()->lang->line('cmt_comment_accepted'), 'heading' => ee()->lang->line('thank_you'), 'content' => ee()->lang->line('cmt_will_be_reviewed'), 'redirect' => $return_link, 'link' => array($return_link, ee()->lang->line('cmt_return_to_comments')), 'rate' => 3);
ee()->output->show_message($data);
} else {
ee()->functions->redirect($return_link);
}
}
/** -------------------------------------
/** Member self-delete
/** -------------------------------------*/
function member_delete()
{
/** -------------------------------------
/** Make sure they got here via a form
/** -------------------------------------*/
if ( ! $this->EE->input->post('ACT'))
{
// No output for you, Mr. URL Hax0r
return FALSE;
}
$this->EE->lang->loadfile('login');
/* -------------------------------------
/* No sneakiness - we'll do this in case the site administrator
/* has foolishly turned off secure forms and some monkey is
/* trying to delete their account from an off-site form or
/* after logging out.
/* -------------------------------------*/
if ($this->EE->session->userdata['member_id'] == 0 OR $this->EE->session->userdata['can_delete_self'] !== 'y')
{
return $this->EE->output->show_user_error('general', $this->EE->lang->line('not_authorized'));
}
/** -------------------------------------
/** If the user is a SuperAdmin, then no deletion
/** -------------------------------------*/
if ($this->EE->session->userdata['group_id'] == 1)
{
return $this->EE->output->show_user_error('general', $this->EE->lang->line('cannot_delete_super_admin'));
}
/** ----------------------------------------
/** Is IP and User Agent required for login? Then, same here.
/** ----------------------------------------*/
if ($this->EE->config->item('require_ip_for_login') == 'y')
{
if ($this->EE->session->userdata['ip_address'] == '' OR $this->EE->session->userdata['user_agent'] == '')
{
return $this->EE->output->show_user_error('general', $this->EE->lang->line('unauthorized_request'));
}
}
/** ----------------------------------------
/** Check password lockout status
/** ----------------------------------------*/
if ($this->EE->session->check_password_lockout($this->EE->session->userdata['username']) === TRUE)
{
return $this->EE->output->show_user_error('general', str_replace("%x", $this->EE->config->item('password_lockout_interval'), $this->EE->lang->line('password_lockout_in_effect')));
}
/* -------------------------------------
/* Are you who you say you are, or someone sitting at someone
/* else's computer being mean?!
/* -------------------------------------*/
$query = $this->EE->db->query("SELECT password FROM exp_members WHERE member_id = '".$this->EE->session->userdata['member_id']."'");
$password = $this->EE->functions->hash(stripslashes($this->EE->input->post('password')));
if ($query->row('password') != $password)
{
$this->EE->session->save_password_lockout($this->EE->session->userdata['username']);
return $this->EE->output->show_user_error('general', $this->EE->lang->line('invalid_pw'));
}
/** -------------------------------------
/** No turning back, get to deletin'!
/** -------------------------------------*/
$id = $this->EE->session->userdata['member_id'];
$this->EE->db->query("DELETE FROM exp_members WHERE member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_member_data WHERE member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_member_homepage WHERE member_id = '{$id}'");
$message_query = $this->EE->db->query("SELECT DISTINCT recipient_id FROM exp_message_copies WHERE sender_id = '{$id}' AND message_read = 'n'");
$this->EE->db->query("DELETE FROM exp_message_copies WHERE sender_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_message_data WHERE sender_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_message_folders WHERE member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_message_listed WHERE member_id = '{$id}'");
if ($message_query->num_rows() > 0)
{
foreach($message_query->result_array() as $row)
{
$count_query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_message_copies WHERE recipient_id = '".$row['recipient_id']."' AND message_read = 'n'");
$this->EE->db->query($this->EE->db->update_string('exp_members', array('private_messages' => $count_query->row('count') ), "member_id = '".$row['recipient_id']."'"));
}
}
/** -------------------------------------
/** Delete Forum Posts
/** -------------------------------------*/
if ($this->EE->config->item('forum_is_installed') == "y")
{
$this->EE->db->query("DELETE FROM exp_forum_subscriptions WHERE member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_forum_pollvotes WHERE member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_forum_topics WHERE author_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_forum_administrators WHERE admin_member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_forum_moderators WHERE mod_member_id = '{$id}'");
// Snag the affected topic id's before deleting the member for the update afterwards
$query = $this->EE->db->query("SELECT topic_id FROM exp_forum_posts WHERE author_id = '{$id}'");
if ($query->num_rows() > 0)
{
$topic_ids = array();
foreach ($query->result_array() as $row)
{
$topic_ids[] = $row['topic_id'];
}
$topic_ids = array_unique($topic_ids);
}
$this->EE->db->query("DELETE FROM exp_forum_posts WHERE author_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_forum_polls WHERE author_id = '{$id}'");
// Kill any attachments
$query = $this->EE->db->query("SELECT attachment_id, filehash, extension, board_id FROM exp_forum_attachments WHERE member_id = '{$id}'");
if ($query->num_rows() > 0)
{
// Grab the upload path
$res = $this->EE->db->query('SELECT board_id, board_upload_path FROM exp_forum_boards');
$paths = array();
foreach ($res->result_array() as $row)
{
$paths[$row['board_id']] = $row['board_upload_path'];
}
foreach ($query->result_array() as $row)
{
if ( ! isset($paths[$row['board_id']]))
{
continue;
}
$file = $paths[$row['board_id']].$row['filehash'].$row['extension'];
$thumb = $paths[$row['board_id']].$row['filehash'].'_t'.$row['extension'];
@unlink($file);
@unlink($thumb);
$this->EE->db->query("DELETE FROM exp_forum_attachments WHERE attachment_id = '{$row['attachment_id']}'");
}
}
// Update the forum stats
$query = $this->EE->db->query("SELECT forum_id FROM exp_forums WHERE forum_is_cat = 'n'");
if ( ! class_exists('Forum'))
{
require PATH_MOD.'forum/mod.forum'.EXT;
require PATH_MOD.'forum/mod.forum_core'.EXT;
}
$FRM = new Forum_Core;
foreach ($query->result_array() as $row)
{
$FRM->_update_post_stats($row['forum_id']);
}
if (isset($topic_ids))
{
foreach ($topic_ids as $topic_id)
{
$FRM->_update_topic_stats($topic_id);
}
}
}
/** -------------------------------------
/** Va-poo-rize Channel Entries and Comments
/** -------------------------------------*/
$entry_ids = array();
$channel_ids = array();
$recount_ids = array();
// Find Entry IDs and Channel IDs, then delete
$query = $this->EE->db->query("SELECT entry_id, channel_id FROM exp_channel_titles WHERE author_id = '{$id}'");
if ($query->num_rows() > 0)
{
foreach ($query->result_array() as $row)
{
$entry_ids[] = $row['entry_id'];
$channel_ids[] = $row['channel_id'];
}
$this->EE->db->query("DELETE FROM exp_channel_titles WHERE author_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_channel_data WHERE entry_id IN ('".implode("','", $entry_ids)."')");
$this->EE->db->query("DELETE FROM exp_comments WHERE entry_id IN ('".implode("','", $entry_ids)."')");
}
// Find the affected entries AND channel ids for author's comments
$query = $this->EE->db->query("SELECT DISTINCT(entry_id), channel_id FROM exp_comments WHERE author_id = '{$id}'");
if ($query->num_rows() > 0)
{
foreach ($query->result_array() as $row)
{
$recount_ids[] = $row['entry_id'];
$channel_ids[] = $row['channel_id'];
}
$recount_ids = array_diff($recount_ids, $entry_ids);
}
// Delete comments by member
$this->EE->db->query("DELETE FROM exp_comments WHERE author_id = '{$id}'");
// Update stats on channel entries that were NOT deleted AND had comments by author
if (count($recount_ids) > 0)
{
foreach (array_unique($recount_ids) as $entry_id)
{
$query = $this->EE->db->query("SELECT MAX(comment_date) AS max_date FROM exp_comments WHERE status = 'o' AND entry_id = '".$this->EE->db->escape_str($entry_id)."'");
$comment_date = ($query->num_rows() == 0 OR ! is_numeric($query->row('max_date') )) ? 0 : $query->row('max_date') ;
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '{$entry_id}' AND status = 'o'");
$this->EE->db->query("UPDATE exp_channel_titles SET comment_total = '".$this->EE->db->escape_str($query->row('count') )."', recent_comment_date = '$comment_date' WHERE entry_id = '{$entry_id}'");
}
}
if (count($channel_ids) > 0)
{
foreach (array_unique($channel_ids) as $channel_id)
{
$this->EE->stats->update_channel_stats($channel_id);
$this->EE->stats->update_comment_stats($channel_id);
}
}
/** -------------------------------------
/** Email notification recipients
/** -------------------------------------*/
if ($this->EE->session->userdata['mbr_delete_notify_emails'] != '')
{
$notify_address = $this->EE->session->userdata['mbr_delete_notify_emails'];
$swap = array(
'name' => $this->EE->session->userdata['screen_name'],
'email' => $this->EE->session->userdata['email'],
'site_name' => stripslashes($this->EE->config->item('site_name'))
);
$email_tit = $this->EE->functions->var_swap($this->EE->lang->line('mbr_delete_notify_title'), $swap);
$email_msg = $this->EE->functions->var_swap($this->EE->lang->line('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (strpos($notify_address, $this->EE->session->userdata('email')) !== FALSE)
{
$notify_address = str_replace($this->EE->session->userdata['email'], "", $notify_address);
}
$this->EE->load->helper('string');
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '')
{
/** ----------------------------
/** Send email
/** ----------------------------*/
$this->EE->load->library('email');
// Load the text helper
$this->EE->load->helper('text');
foreach (explode(',', $notify_address) as $addy)
{
$this->EE->email->EE_initialize();
$this->EE->email->wordwrap = FALSE;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($addy);
$this->EE->email->reply_to($this->EE->config->item('webmaster_email'));
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->send();
}
}
}
/** -------------------------------------
/** Trash the Session and cookies
/** -------------------------------------*/
$this->EE->db->query("DELETE FROM exp_online_users WHERE site_id = '".$this->EE->db->escape_str($this->EE->config->item('site_id'))."' AND ip_address = '".$this->EE->input->ip_address()."' AND member_id = '{$id}'");
$this->EE->db->query("DELETE FROM exp_sessions WHERE session_id = '".$this->EE->session->userdata['session_id']."'");
$this->EE->functions->set_cookie($this->EE->session->c_uniqueid);
$this->EE->functions->set_cookie($this->EE->session->c_password);
$this->EE->functions->set_cookie($this->EE->session->c_session);
$this->EE->functions->set_cookie($this->EE->session->c_expire);
$this->EE->functions->set_cookie($this->EE->session->c_anon);
$this->EE->functions->set_cookie('read_topics');
$this->EE->functions->set_cookie('tracker');
/** -------------------------------------
/** Update /** -------------------------------------*/
$this->EE->stats->update_member_stats();
/** -------------------------------------
/** Build Success Message
/** -------------------------------------*/
$url = $this->EE->config->item('site_url');
$name = stripslashes($this->EE->config->item('site_name'));
$data = array( 'title' => $this->EE->lang->line('mbr_delete'),
'heading' => $this->EE->lang->line('thank_you'),
'content' => $this->EE->lang->line('mbr_account_deleted'),
'redirect' => '',
'link' => array($url, $name)
);
$this->EE->output->show_message($data);
}
/**
* Member Delete
*
* Delete Members
*
* @return mixed
*/
public function member_delete()
{
if (!$this->cp->allowed_group('can_access_members') or !$this->cp->allowed_group('can_delete_members')) {
show_error(lang('unauthorized_access'));
}
if (!$this->input->post('delete') or !is_array($this->input->post('delete'))) {
$this->functions->redirect(BASE . AMP . 'C=members' . AMP . 'M=view_all_members');
}
$this->load->model('member_model');
// Fetch member ID numbers and build the query
$ids = array();
$member_ids = array();
foreach ($this->input->post('delete') as $key => $val) {
if ($val != '') {
$ids[] = "member_id = '" . $this->db->escape_str($val) . "'";
$member_ids[] = $this->db->escape_str($val);
}
}
$IDS = implode(" OR ", $ids);
// SAFETY CHECK
// Let's fetch the Member Group ID of each member being deleted
// If there is a Super Admin in the bunch we'll run a few more safeties
$super_admins = 0;
$query = $this->db->query("SELECT group_id FROM exp_members WHERE " . $IDS);
foreach ($query->result_array() as $row) {
if ($query->row('group_id') == 1) {
$super_admins++;
}
}
if ($super_admins > 0) {
// You must be a Super Admin to delete a Super Admin
if ($this->session->userdata['group_id'] != 1) {
show_error(lang('must_be_superadmin_to_delete_one'));
}
// You can't delete the only Super Admin
$query = $this->member_model->count_members(1);
if ($super_admins >= $query) {
show_error(lang('can_not_delete_super_admin'));
}
}
// If we got this far we're clear to delete the members
$this->load->model('member_model');
$this->member_model->delete_member($member_ids, $this->input->post('heir'));
/** ----------------------------------
/** Email notification recipients
/** ----------------------------------*/
$this->db->select('DISTINCT(member_id), screen_name, email, mbr_delete_notify_emails');
$this->db->join('member_groups', 'members.group_id = member_groups.group_id', 'left');
$this->db->where('mbr_delete_notify_emails !=', '');
$this->db->where_in('member_id', $member_ids);
$group_query = $this->db->get('members');
foreach ($group_query->result() as $member) {
$notify_address = $member->mbr_delete_notify_emails;
$swap = array('name' => $member->screen_name, 'email' => $member->email, 'site_name' => stripslashes($this->config->item('site_name')));
$this->lang->loadfile('member');
$email_tit = $this->functions->var_swap(lang('mbr_delete_notify_title'), $swap);
$email_msg = $this->functions->var_swap(lang('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (strpos($notify_address, $member->email) !== FALSE) {
$notify_address = str_replace($member->email, "", $notify_address);
}
$this->load->helper('string');
// Remove multiple commas
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
// Send email
$this->load->library('email');
// Load the text helper
$this->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
$this->email->EE_initialize();
$this->email->wordwrap = FALSE;
$this->email->from($this->config->item('webmaster_email'), $this->config->item('webmaster_name'));
$this->email->to($addy);
$this->email->reply_to($this->config->item('webmaster_email'));
$this->email->subject($email_tit);
$this->email->message(entities_to_ascii($email_msg));
$this->email->send();
}
}
}
/* -------------------------------------------
/* 'cp_members_member_delete_end' hook.
/* - Additional processing when a member is deleted through the CP
*/
$edata = $this->extensions->call('cp_members_member_delete_end', $member_ids);
if ($this->extensions->end_script === TRUE) {
return;
}
/*
/* -------------------------------------------*/
// Update
$this->stats->update_member_stats();
$cp_message = count($ids) == 1 ? lang('member_deleted') : lang('members_deleted');
$this->session->set_flashdata('message_success', $cp_message);
$this->functions->redirect(BASE . AMP . 'C=members' . AMP . 'M=view_all_members');
}
function contentGenerateMeta()
{
ob_end_clean();
//var_dump($_POST);
$what = CI::model('core')->getParamFromURL('generate_what');
$what = trim($what);
if ($what == '') {
$what = $_POST['generate_what'];
}
ob_end_clean();
$data = $_POST['data'];
$data = trim($data);
$data = reduce_multiples($data);
$data = strip_quotes($data);
switch ($what) {
case 'content_meta_title':
$data = addslashes($data);
$data = mb_trim($data);
$data = trim($data);
print $data;
break;
case 'content_meta_description':
$data = strip_tags($data);
$data = addslashes($data);
$data = mb_trim($data);
$data = trim($data);
$data = word_limiter($data, 20, '...');
print $data;
break;
case 'content_meta_keywords':
$data = strip_tags($data);
$data = addslashes($data);
$data = mb_trim($data);
$data = trim($data);
$data = CI::model('taxonomy')->taxonomyGenerateTagsFromString($data);
$data = word_limiter($data, 30, ' ');
print $data;
break;
default:
break;
}
exit;
}
/**
* Create Slug
*
* Returns a string with all spaces converted to underscores (by default), accented
* characters converted to non-accented characters, and non word characters removed.
*
* @param string $string the string you want to slug
* @param string $replacement will replace keys in map
* @return string
*/
public function create_slug($string)
{
$CI =& get_instance();
$CI->load->helper(array('url', 'text', 'string'));
$string = strtolower(url_title(convert_accented_characters($string), $this->replacement));
return reduce_multiples($string, $this->_get_replacement(), TRUE);
}
/**
* Register Member
*/
public function register_member()
{
// Do we allow new member registrations?
if (ee()->config->item('allow_member_registration') == 'n') {
return FALSE;
}
// Is user banned?
if (ee()->session->userdata('is_banned') === TRUE) {
return ee()->output->show_user_error('general', array(lang('not_authorized')));
}
// Blacklist/Whitelist Check
if (ee()->blacklist->blacklisted == 'y' && ee()->blacklist->whitelisted == 'n') {
return ee()->output->show_user_error('general', array(lang('not_authorized')));
}
ee()->load->helper('url');
// -------------------------------------------
// 'member_member_register_start' hook.
// - Take control of member registration routine
// - Added EE 1.4.2
//
ee()->extensions->call('member_member_register_start');
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
// Set the default globals
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
if ($_POST['screen_name'] == '') {
$_POST['screen_name'] = $_POST['username'];
}
// Instantiate validation class
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate.php';
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => trim_nbs($_POST['username']), 'cur_username' => '', 'screen_name' => trim_nbs($_POST['screen_name']), 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => trim($_POST['email']), 'cur_email' => ''));
$VAL->validate_username();
$VAL->validate_screen_name();
$VAL->validate_password();
$VAL->validate_email();
// Do we have any custom fields?
$query = ee()->db->select('m_field_id, m_field_name, m_field_label, m_field_type, m_field_list_items, m_field_required')->where('m_field_reg', 'y')->get('member_fields');
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$field_name = 'm_field_id_' . $row['m_field_id'];
// Assume we're going to save this data, unless it's empty to begin with
$valid = isset($_POST[$field_name]) && $_POST[$field_name] != '';
// Basic validations
if ($row['m_field_required'] == 'y' && !$valid) {
$cust_errors[] = lang('mbr_field_required') . ' ' . $row['m_field_label'];
} elseif ($row['m_field_type'] == 'select' && $valid) {
// Ensure their selection is actually a valid choice
$options = explode("\n", $row['m_field_list_items']);
if (!in_array(htmlentities($_POST[$field_name]), $options)) {
$valid = FALSE;
$cust_errors[] = lang('mbr_field_invalid') . ' ' . $row['m_field_label'];
}
}
if ($valid) {
$cust_fields[$field_name] = ee()->security->xss_clean($_POST[$field_name]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm']) {
$cust_errors[] = lang('mbr_emails_not_match');
}
if (ee()->config->item('use_membership_captcha') == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
$cust_errors[] = lang('captcha_required');
}
}
if (ee()->config->item('require_terms_of_service') == 'y') {
if (!isset($_POST['accept_terms'])) {
$cust_errors[] = lang('mbr_terms_of_service_required');
}
}
// -------------------------------------------
// 'member_member_register_errors' hook.
// - Additional error checking prior to submission
// - Added EE 2.5.0
//
ee()->extensions->call('member_member_register_errors', $this);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
$errors = array_merge($VAL->errors, $cust_errors, $this->errors);
// Display error is there are any
if (count($errors) > 0) {
return ee()->output->show_user_error('submission', $errors);
}
// Do we require captcha?
if (ee()->config->item('use_membership_captcha') == 'y') {
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return ee()->output->show_user_error('submission', array(lang('captcha_incorrect')));
}
ee()->db->query("DELETE FROM exp_captcha WHERE (word='" . ee()->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . ee()->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
ee()->load->helper('security');
// Assign the base query data
$data = array('username' => trim_nbs(ee()->input->post('username')), 'password' => sha1($_POST['password']), 'ip_address' => ee()->input->ip_address(), 'unique_id' => ee()->functions->random('encrypt'), 'join_date' => ee()->localize->now, 'email' => trim_nbs(ee()->input->post('email')), 'screen_name' => trim_nbs(ee()->input->post('screen_name')), 'url' => prep_url(ee()->input->post('url')), 'location' => ee()->input->post('location'), 'language' => ee()->config->item('deft_lang') ? ee()->config->item('deft_lang') : 'english', 'date_format' => ee()->config->item('date_format') ? ee()->config->item('date_format') : '%n/%j/%y', 'time_format' => ee()->config->item('time_format') ? ee()->config->item('time_format') : '12', 'include_seconds' => ee()->config->item('include_seconds') ? ee()->config->item('include_seconds') : 'n', 'timezone' => ee()->config->item('default_site_timezone'));
// Set member group
if (ee()->config->item('req_mbr_activation') == 'manual' or ee()->config->item('req_mbr_activation') == 'email') {
$data['group_id'] = 4;
// Pending
} else {
if (ee()->config->item('default_member_group') == '') {
$data['group_id'] = 4;
// Pending
} else {
$data['group_id'] = ee()->config->item('default_member_group');
}
}
// Optional Fields
$optional = array('bio' => 'bio', 'language' => 'deft_lang', 'timezone' => 'server_timezone', 'date_format' => 'date_format', 'time_format' => 'time_format', 'include_seconds' => 'include_seconds');
foreach ($optional as $key => $value) {
if (isset($_POST[$value])) {
$data[$key] = $_POST[$value];
}
}
// We generate an authorization code if the member needs to self-activate
if (ee()->config->item('req_mbr_activation') == 'email') {
$data['authcode'] = ee()->functions->random('alnum', 10);
}
// Insert basic member data
ee()->db->query(ee()->db->insert_string('exp_members', $data));
$member_id = ee()->db->insert_id();
// Insert custom fields
$cust_fields['member_id'] = $member_id;
ee()->db->query(ee()->db->insert_string('exp_member_data', $cust_fields));
// Create a record in the member homepage table
// This is only necessary if the user gains CP access,
// but we'll add the record anyway.
ee()->db->query(ee()->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
// Mailinglist Subscribe
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe'])) {
// Kill duplicate emails from authorizatin queue.
ee()->db->where('email', $_POST['email'])->delete('mailing_list_queue');
// Validate Mailing List ID
$query = ee()->db->select('COUNT(*) as count')->where('list_id', $_POST['mailinglist_subscribe'])->get('mailing_lists');
// Email Not Already in Mailing List
$results = ee()->db->select('COUNT(*) as count')->where('email', $_POST['email'])->where('list_id', $_POST['mailinglist_subscribe'])->get('mailing_list');
// INSERT Email
if ($query->row('count') > 0 && $results->row('count') == 0) {
$mailinglist_subscribe = TRUE;
$code = ee()->functions->random('alnum', 10);
if (ee()->config->item('req_mbr_activation') == 'email') {
// Activated When Membership Activated
ee()->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\r\n\t\t\t\t\t\t\t\tVALUES ('" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
} elseif (ee()->config->item('req_mbr_activation') == 'manual') {
// Mailing List Subscribe Email
ee()->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\r\n\t\t\t\t\t\t\t\tVALUES ('" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
ee()->lang->loadfile('mailinglist');
$action_id = ee()->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array('activation_url' => ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $code, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'));
$template = ee()->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
// Send email
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->mailtype = 'plain';
ee()->email->priority = '3';
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($_POST['email']);
ee()->email->subject($email_tit);
ee()->email->message($email_msg);
ee()->email->send();
} else {
// Automatically Accepted
ee()->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\r\n\t\t\t\t\t\t\t\t\t\t VALUES ('" . ee()->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . ee()->db->escape_str($_POST['email']) . "', '" . ee()->db->escape_str(ee()->input->ip_address()) . "')");
}
}
}
// Update
if (ee()->config->item('req_mbr_activation') == 'none') {
ee()->stats->update_member_stats();
}
// Send admin notifications
if (ee()->config->item('new_member_notification') == 'y' && ee()->config->item('mbr_notification_emails') != '') {
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$swap = array('name' => $name, 'site_name' => stripslashes(ee()->config->item('site_name')), 'control_panel_url' => ee()->config->item('cp_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = ee()->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
// Remove multiple commas
$notify_address = reduce_multiples(ee()->config->item('mbr_notification_emails'), ',', TRUE);
// Send email
ee()->load->helper('text');
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($notify_address);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
ee()->extensions->call('member_member_register', $data, $member_id);
if (ee()->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
// Send user notifications
if (ee()->config->item('req_mbr_activation') == 'email') {
$action_id = ee()->functions->fetch_action_id('Member', 'activate_member');
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$board_id = ee()->input->get_post('board_id') !== FALSE && is_numeric(ee()->input->get_post('board_id')) ? ee()->input->get_post('board_id') : 1;
$forum_id = ee()->input->get_post('FROM') == 'forum' ? '&r=f&board_id=' . $board_id : '';
$add = $mailinglist_subscribe !== TRUE ? '' : '&mailinglist=' . $_POST['mailinglist_subscribe'];
$swap = array('name' => $name, 'activation_url' => ee()->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $data['authcode'] . $forum_id . $add, 'site_name' => stripslashes(ee()->config->item('site_name')), 'site_url' => ee()->config->item('site_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = ee()->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
// Send email
ee()->load->helper('text');
ee()->load->library('email');
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($data['email']);
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
$message = lang('mbr_membership_instructions_email');
} elseif (ee()->config->item('req_mbr_activation') == 'manual') {
$message = lang('mbr_admin_will_activate');
} else {
// Log user in (the extra query is a little annoying)
ee()->load->library('auth');
$member_data_q = ee()->db->get_where('members', array('member_id' => $member_id));
$incoming = new Auth_result($member_data_q->row());
$incoming->remember_me();
$incoming->start_session();
$message = lang('mbr_your_are_logged_in');
}
// Build the message
if (ee()->input->get_post('FROM') == 'forum') {
$query = $this->_do_form_query();
$site_name = $query->row('board_label');
$return = $query->row('board_forum_url');
} else {
$site_name = ee()->config->item('site_name') == '' ? lang('back') : stripslashes(ee()->config->item('site_name'));
$return = ee()->config->item('site_url');
}
$data = array('title' => lang('mbr_registration_complete'), 'heading' => lang('thank_you'), 'content' => lang('mbr_registration_completed') . "\n\n" . $message, 'redirect' => '', 'link' => array($return, $site_name));
ee()->output->show_message($data);
}
function register_member($ext, $doRegister = TRUE, $error_handling = '')
{
$this->EE->load->helper('security');
$inline_errors = array();
//$this->EE->load->language("member");
/** -------------------------------------
/** Do we allow new member registrations?
/** ------------------------------------*/
if ($this->EE->config->item('allow_member_registration') == 'n') {
return array('general', array($this->EE->lang->line('member_registrations_not_allowed')));
}
/** ----------------------------------------
/** Is user banned?
/** ----------------------------------------*/
if ($this->EE->session->userdata['is_banned'] == TRUE) {
return array('general', array($this->EE->lang->line('not_authorized')));
}
/** ----------------------------------------
/** Blacklist/Whitelist Check
/** ----------------------------------------*/
if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n') {
return array('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->load->helper('url');
/* -------------------------------------------
/* 'member_member_register_start' hook.
/* - Take control of member registration routine
/* - Added EE 1.4.2
*/
$edata = $this->EE->extensions->call('member_member_register_start');
if ($this->EE->extensions->end_script === TRUE) {
return;
}
/*
/* -------------------------------------------*/
/** ----------------------------------------
/** Set the default globals
/** ----------------------------------------*/
$default = array('username', 'password', 'password_confirm', 'email', 'screen_name', 'url', 'location');
foreach ($default as $val) {
if (!isset($_POST[$val])) {
$_POST[$val] = '';
}
}
if ($_POST['screen_name'] == '') {
$_POST['screen_name'] = $_POST['username'];
}
/** -------------------------------------
/** Instantiate validation class
/** -------------------------------------*/
if (!class_exists('EE_Validate')) {
require APPPATH . 'libraries/Validate' . EXT;
}
$VAL = new EE_Validate(array('member_id' => '', 'val_type' => 'new', 'fetch_lang' => TRUE, 'require_cpw' => FALSE, 'enable_log' => FALSE, 'username' => $_POST['username'], 'cur_username' => '', 'screen_name' => $_POST['screen_name'], 'cur_screen_name' => '', 'password' => $_POST['password'], 'password_confirm' => $_POST['password_confirm'], 'cur_password' => '', 'email' => $_POST['email'], 'cur_email' => ''));
// load the language file
$this->EE->lang->loadfile('zoo_visitor');
$VAL->validate_email();
$inline_errors["email"] = $VAL->errors;
$offset = count($VAL->errors);
/** -------------------------------------
/** Zoo Visitor conditional checking
/** -------------------------------------*/
if ($this->zoo_settings['email_is_username'] != 'yes') {
$VAL->validate_username();
$inline_errors["username"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
}
if ($this->zoo_settings['use_screen_name'] != "no") {
$VAL->validate_screen_name();
$inline_errors["screen_name"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
}
$VAL->validate_password();
$inline_errors["password"] = array_slice($VAL->errors, $offset);
$offset = count($VAL->errors);
/** -------------------------------------
/** Do we have any custom fields?
/** -------------------------------------*/
$query = $this->EE->db->query("SELECT m_field_id, m_field_name, m_field_label, m_field_required FROM exp_member_fields");
$cust_errors = array();
$cust_fields = array();
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
if ($row['m_field_required'] == 'y' && (!isset($_POST['m_field_id_' . $row['m_field_id']]) or $_POST['m_field_id_' . $row['m_field_id']] == '')) {
$cust_errors[] = $this->EE->lang->line('mbr_field_required') . ' ' . $row['m_field_label'];
$inline_errors[$row['m_field_name']] = array($this->EE->lang->line('mbr_field_required') . ' ' . $row['m_field_label']);
} elseif (isset($_POST['m_field_id_' . $row['m_field_id']])) {
$cust_fields['m_field_id_' . $row['m_field_id']] = $this->EE->security->xss_clean($_POST['m_field_id_' . $row['m_field_id']]);
}
}
}
if (isset($_POST['email_confirm']) && $_POST['email'] != $_POST['email_confirm']) {
$cust_errors[] = $this->EE->lang->line('mbr_emails_not_match');
$inline_errors["email_confirm"] = array($this->EE->lang->line('mbr_emails_not_match'));
}
if ($this->EE->config->item('use_membership_captcha') == 'y') {
if (!isset($_POST['captcha']) or $_POST['captcha'] == '') {
$cust_errors[] = $this->EE->lang->line('captcha_required');
$inline_errors["captcha"] = array($this->EE->lang->line('captcha_required'));
}
}
/** ----------------------------------------
/** Do we require captcha?
/** ----------------------------------------*/
if ($this->EE->config->item('use_membership_captcha') == 'y') {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_captcha WHERE word='" . $this->EE->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
$cust_errors[] = $this->EE->lang->line('captcha_incorrect');
$inline_errors["captcha"] = array($this->EE->lang->line('captcha_incorrect'));
}
//$this->EE->db->query("DELETE FROM exp_captcha WHERE (word='" . $this->EE->db->escape_str($_POST['captcha']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
if ($this->EE->config->item('require_terms_of_service') == 'y') {
if (!isset($_POST['accept_terms'])) {
$cust_errors[] = $this->EE->lang->line('mbr_terms_of_service_required');
$inline_errors["accept_terms"] = array($this->EE->lang->line('mbr_terms_of_service_required'));
}
}
$errors = array_merge($VAL->errors, $cust_errors);
// ===========================
// = Set default membergroup =
// ===========================
if ($this->EE->config->item('req_mbr_activation') == 'manual' or $this->EE->config->item('req_mbr_activation') == 'email') {
$data['group_id'] = 4;
// Pending
} else {
if ($this->EE->config->item('default_member_group') == '') {
$data['group_id'] = 4;
// Pending
} else {
$data['group_id'] = $this->EE->config->item('default_member_group');
}
}
// ============================================
// = Check if there is a membergroup selected =
// ============================================
$selected_group_id = $this->check_membergroup_change($data);
/** -------------------------------------
/** Display error is there are any
/** -------------------------------------*/
if (count($errors) > 0) {
return array('submission', $inline_errors);
//return array('submission', $errors);
}
if (!$doRegister) {
return TRUE;
}
/** ----------------------------------------
/** Secure Mode Forms?
/** ----------------------------------------*/
if ($this->EE->config->item('secure_forms') == 'y') {
if (version_compare(APP_VER, '2.5.4', '>=')) {
// Secure Mode Forms?
if ($this->EE->config->item('secure_forms') == 'y' and !$this->EE->security->secure_forms_check($this->EE->input->post('XID'))) {
return $this->EE->output->show_user_error('general', array(lang('not_authorized')));
}
} else {
$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND ip_address = '" . $this->EE->input->ip_address() . "' AND date > UNIX_TIMESTAMP()-7200");
if ($query->row('count') == 0) {
return array('general', array($this->EE->lang->line('not_authorized')));
}
$this->EE->db->query("DELETE FROM exp_security_hashes WHERE (hash='" . $this->EE->db->escape_str($_POST['XID']) . "' AND ip_address = '" . $this->EE->input->ip_address() . "') OR date < UNIX_TIMESTAMP()-7200");
}
}
/** -------------------------------------
/** Assign the base query data
/** -------------------------------------*/
$data['username'] = $_POST['username'];
$data['password'] = version_compare(APP_VER, '2.6.0', '<') ? $this->EE->functions->hash(stripslashes($_POST['password'])) : do_hash(stripslashes($_POST['password']));
$data['ip_address'] = $this->EE->input->ip_address();
$data['unique_id'] = $this->EE->functions->random('encrypt');
$data['join_date'] = $this->EE->localize->now;
$data['email'] = $_POST['email'];
$data['screen_name'] = $_POST['screen_name'];
$data['url'] = prep_url($_POST['url']);
$data['location'] = $_POST['location'];
// overridden below if used as optional fields
$data['language'] = $this->EE->config->item('deft_lang') ? $this->EE->config->item('deft_lang') : 'english';
$data['time_format'] = $this->EE->config->item('time_format') ? $this->EE->config->item('time_format') : 'us';
$data['timezone'] = $this->EE->config->item('default_site_timezone') && $this->EE->config->item('default_site_timezone') != '' ? $this->EE->config->item('default_site_timezone') : $this->EE->config->item('server_timezone');
if (APP_VER < '2.6.0') {
$data['daylight_savings'] = $this->EE->config->item('default_site_dst') && $this->EE->config->item('default_site_dst') != '' ? $this->EE->config->item('default_site_dst') : $this->EE->config->item('daylight_savings');
}
// ==========================
// = Standard member fields =
// ==========================
$fields = array('bday_y', 'bday_m', 'bday_d', 'url', 'location', 'occupation', 'interests', 'aol_im', 'icq', 'yahoo_im', 'msn_im', 'bio');
foreach ($fields as $val) {
if ($this->EE->input->post($val)) {
$data[$val] = isset($_POST[$val]) ? $this->EE->security->xss_clean($_POST[$val]) : '';
unset($_POST[$val]);
}
}
if (isset($data['bday_d']) && is_numeric($data['bday_d']) && is_numeric($data['bday_m'])) {
$year = $data['bday_y'] != '' ? $data['bday_y'] : date('Y');
$mdays = $this->EE->localize->fetch_days_in_month($data['bday_m'], $year);
if ($data['bday_d'] > $mdays) {
$data['bday_d'] = $mdays;
}
}
// Optional Fields
$optional = array('bio' => 'bio', 'language' => 'deft_lang', 'timezone' => 'server_timezone', 'time_format' => 'time_format');
foreach ($optional as $key => $value) {
if (isset($_POST[$value])) {
$data[$key] = $_POST[$value];
}
}
/*
if ($this->EE->input->post('daylight_savings') == 'y') {
$data['daylight_savings'] = 'y';
}
elseif ($this->EE->input->post('daylight_savings') == 'n') {
$data['daylight_savings'] = 'n';
}
*/
// We generate an authorization code if the member needs to self-activate
if ($this->EE->config->item('req_mbr_activation') == 'email') {
$data['authcode'] = $this->EE->functions->random('alnum', 10);
}
/** -------------------------------------
/** Insert basic member data
/** -------------------------------------*/
$this->EE->db->query($this->EE->db->insert_string('exp_members', $data));
$member_id = $this->EE->db->insert_id();
// =============================================
// = Override the screenname for use in emails =
// =============================================
$screen_name_overriden = $this->get_override_screen_name();
$data['screen_name'] = $screen_name_overriden !== FALSE ? $screen_name_overriden : $data['screen_name'];
// =========================================================================================
// = Store the selected membergroup if it is defined in the form AND activation is required =
// ==========================================================================================
if (isset($selected_group_id) and is_numeric($selected_group_id) and $selected_group_id != '1') {
if ($this->EE->config->item('req_mbr_activation') == 'email' || $this->EE->config->item('req_mbr_activation') == 'manual') {
$activation_data = array();
$activation_data['member_id'] = $member_id;
$activation_data['group_id'] = $selected_group_id;
$this->EE->db->insert('zoo_visitor_activation_membergroup', $activation_data);
}
}
// =====================
// = HASH THE PASSWORD =
// =====================
$this->EE->load->library('auth');
$hashed_pair = $this->EE->auth->hash_password($_POST['password']);
if ($hashed_pair === FALSE) {
} else {
$this->EE->db->where('member_id', (int) $member_id);
$this->EE->db->update('members', $hashed_pair);
}
/** -------------------------------------
/** Insert custom fields
/** -------------------------------------*/
$cust_fields['member_id'] = $member_id;
$this->EE->db->query($this->EE->db->insert_string('exp_member_data', $cust_fields));
/** -------------------------------------
/** Create a record in the member homepage table
/** -------------------------------------*/
// This is only necessary if the user gains CP access, but we'll add the record anyway.
$this->EE->db->query($this->EE->db->insert_string('exp_member_homepage', array('member_id' => $member_id)));
/** -------------------------------------
/** Mailinglist Subscribe
/** -------------------------------------*/
$mailinglist_subscribe = FALSE;
if (isset($_POST['mailinglist_subscribe']) && is_numeric($_POST['mailinglist_subscribe'])) {
// Kill duplicate emails from authorizatin queue.
$this->EE->db->query("DELETE FROM exp_mailing_list_queue WHERE email = '" . $this->EE->db->escape_str($_POST['email']) . "'");
// Validate Mailing List ID
$query = $this->EE->db->query("SELECT COUNT(*) AS count\n\t\t\t\t\t\t\t\t FROM exp_mailing_lists\n\t\t\t\t\t\t\t\t WHERE list_id = '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "'");
// Email Not Already in Mailing List
$results = $this->EE->db->query("SELECT count(*) AS count\n\t\t\t\t\t\t\t\t\tFROM exp_mailing_list\n\t\t\t\t\t\t\t\t\tWHERE email = '" . $this->EE->db->escape_str($_POST['email']) . "'\n\t\t\t\t\t\t\t\t\tAND list_id = '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "'");
/** -------------------------------------
/** INSERT Email
/** -------------------------------------*/
if ($query->row('count') > 0 && $results->row('count') == 0) {
$mailinglist_subscribe = TRUE;
$code = $this->EE->functions->random('alnum', 10);
if ($this->EE->config->item('req_mbr_activation') == 'email') {
// Activated When Membership Activated
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\n\t\t\t\t\t\t\t\tVALUES ('" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
} elseif ($this->EE->config->item('req_mbr_activation') == 'manual') {
// Mailing List Subscribe Email
$this->EE->db->query("INSERT INTO exp_mailing_list_queue (email, list_id, authcode, date)\n\t\t\t\t\t\t\t\tVALUES ('" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . time() . "')");
$this->EE->lang->loadfile('mailinglist');
$action_id = $this->EE->functions->fetch_action_id('Mailinglist', 'authorize_email');
$swap = array('activation_url' => $this->EE->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $code, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'site_url' => $this->EE->config->item('site_url'));
$template = $this->EE->functions->fetch_email_template('mailinglist_activation_instructions');
$email_tit = $this->EE->functions->var_swap($template['title'], $swap);
$email_msg = $this->EE->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->mailtype = 'plain';
$this->EE->email->priority = '3';
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($_POST['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message($email_msg);
$this->EE->email->send();
} else {
// Automatically Accepted
$this->EE->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\n\t\t\t\t\t\t\t\t\t\t VALUES ('" . $this->EE->db->escape_str($_POST['mailinglist_subscribe']) . "', '" . $code . "', '" . $this->EE->db->escape_str($_POST['email']) . "', '" . $this->EE->db->escape_str($this->EE->input->ip_address()) . "')");
}
}
}
/** -------------------------------------
/** Update
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'none') {
$this->EE->stats->update_member_stats();
}
/** -------------------------------------
/** Send admin notifications
/** -------------------------------------*/
if ($this->EE->config->item('new_member_notification') == 'y' and $this->EE->config->item('mbr_notification_emails') != '') {
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$swap = array('name' => $name, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'control_panel_url' => $this->EE->config->item('cp_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = $this->EE->functions->fetch_email_template('admin_notify_reg');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
$this->EE->load->helper('string');
// Remove multiple commas
$notify_address = reduce_multiples($this->EE->config->item('mbr_notification_emails'), ',', TRUE);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($notify_address);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
}
// -------------------------------------------
// 'member_member_register' hook.
// - Additional processing when a member is created through the User Side
// - $member_id added in 2.0.1
//
$edata = $this->EE->extensions->call('member_member_register', $data, $member_id);
if ($this->EE->extensions->end_script === TRUE) {
return;
}
//
// -------------------------------------------
/** -------------------------------------
/** Zoo Visitor assignment
/** -------------------------------------*/
$member_data = $data;
$member_data["member_id"] = $member_id;
/** -------------------------------------
/** Send user notifications
/** -------------------------------------*/
if ($this->EE->config->item('req_mbr_activation') == 'email') {
$action_id = $this->EE->functions->fetch_action_id('Member', 'activate_member');
$name = $data['screen_name'] != '' ? $data['screen_name'] : $data['username'];
$board_id = $this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id')) ? $this->EE->input->get_post('board_id') : 1;
$forum_id = $this->EE->input->get_post('FROM') == 'forum' ? '&r=f&board_id=' . $board_id : '';
$add = $mailinglist_subscribe !== TRUE ? '' : '&mailinglist=' . $_POST['mailinglist_subscribe'];
$swap = array('name' => $name, 'activation_url' => $this->EE->functions->fetch_site_index(0, 0) . QUERY_MARKER . 'ACT=' . $action_id . '&id=' . $data['authcode'] . $forum_id . $add, 'site_name' => stripslashes($this->EE->config->item('site_name')), 'site_url' => $this->EE->config->item('site_url'), 'username' => $data['username'], 'email' => $data['email']);
$template = $this->EE->functions->fetch_email_template('mbr_activation_instructions');
$email_tit = $this->_var_swap($template['title'], $swap);
$email_msg = $this->_var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Load the text helper
$this->EE->load->helper('text');
$this->EE->load->library('email');
$this->EE->email->wordwrap = true;
$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
$this->EE->email->to($data['email']);
$this->EE->email->subject($email_tit);
$this->EE->email->message(entities_to_ascii($email_msg));
$this->EE->email->Send();
$message = $this->EE->lang->line('mbr_membership_instructions_email');
} elseif ($this->EE->config->item('req_mbr_activation') == 'manual') {
$message = $this->EE->lang->line('mbr_admin_will_activate');
} else {
/** ----------------------------------------
/** Log user is handled at the end of the extension
/** ----------------------------------------*/
}
/** ----------------------------------------
/** Build the message
/** ----------------------------------------*/
if ($this->EE->input->get_post('FROM') == 'forum') {
if ($this->EE->input->get_post('board_id') !== FALSE && is_numeric($this->EE->input->get_post('board_id'))) {
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '" . $this->EE->db->escape_str($this->EE->input->get_post('board_id')) . "'");
} else {
$query = $this->EE->db->query("SELECT board_forum_url, board_id, board_label FROM exp_forum_boards WHERE board_id = '1'");
}
$site_name = $query->row('board_label');
$return = $query->row('board_forum_url');
} else {
$site_name = $this->EE->config->item('site_name') == '' ? $this->EE->lang->line('back') : stripslashes($this->EE->config->item('site_name'));
$return = $this->EE->config->item('site_url');
}
$data = array('title' => $this->EE->lang->line('mbr_registration_complete'), 'heading' => $this->EE->lang->line('thank_you'), 'content' => $this->EE->lang->line('mbr_registration_completed'), 'redirect' => '', 'link' => array($return, $site_name), 'result' => 'registration_complete', 'member_data' => $member_data);
//$this->EE->output->show_message($data);
return $data;
}
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<!-- This sitemap is being generated automatically -->
<!-- Generated <?php
echo date('Y-m-d H:i:s');
?>
-->
<?php
foreach ($pages as $page) {
if (!strlen($page['path']) || $page['type'] == 'root') {
continue;
}
if (!empty($page['options']['include_sitemap']) && $page['options']['include_sitemap'] == 'no') {
continue;
}
$url = 'http://' . reduce_multiples($_SERVER['HTTP_HOST'] . '/' . SITEPATH . $page['path'] . '/', '/');
$mod = strlen($page['publish_date']) && $page['publish_date'] != '0000-00-00 00:00:00' ? date('Y-m-d', strtotime($page['publish_date'])) : '';
echo '<url>' . '<loc>' . $url . '</loc>' . '<lastmod>' . $mod . '</lastmod>' . '</url>';
}
?>
</urlset>
/**
* Grid
*
* This is used by the data table js.
*
* @access public
* @return string
*/
public function grid()
{
$iTotal = $this->db->count_all('articles');
$this->db->start_cache();
//$this->db->select('user_id, user_ip, user_first_name, user_last_name, user_email, user_username, user_group, user_join_date, user_last_login');
$this->db->from('articles');
// User Level
if ($this->session->userdata('user_group') == 4) {
$this->db->where('article_author', $this->session->userdata['userid']);
}
/* Searching */
if ($this->input->post('sSearch') != '') {
$q = $this->input->post('sSearch', TRUE);
$this->db->orlike('article_title', $q);
$this->db->orlike('article_short_desc', $q);
$this->db->orlike('article_description', $q);
$this->db->orlike('article_uri', $q);
}
/* Sorting */
if ($this->input->post('iSortCol_0')) {
$sort_col = $this->input->post('iSortCol_0');
for ($i = 0; $i < $sort_col; $i++) {
$this->db->order_by($this->_column_to_field($this->input->post('iSortCol_' . $i)), $this->input->post('iSortDir_' . $i));
}
} else {
$this->db->order_by('article_modified', 'desc');
}
$this->db->stop_cache();
$iFilteredTotal = $this->db->count_all_results();
$this->db->start_cache();
/* Limit */
if ($this->input->post('iDisplayStart') && $this->input->post('iDisplayLength') != '-1') {
$this->db->limit($this->input->post('iDisplayLength'), $this->input->post('iDisplayStart'));
} elseif ($this->input->post('iDisplayLength')) {
$this->db->limit($this->input->post('iDisplayLength'));
}
$query = $this->db->get();
$output = '{';
$output .= '"sEcho": ' . $this->input->post('sEcho') . ', ';
$output .= '"iTotalRecords": ' . $iTotal . ', ';
$output .= '"iTotalDisplayRecords": ' . $iFilteredTotal . ', ';
$output .= '"aaData": [ ';
foreach ($query->result_array() as $row) {
$cat = '';
// Here we are flushing cache because of the "get_cats" query.
$this->db->flush_cache();
$cats = $this->articles_model->get_cats_by_article($row['article_id']);
foreach ($cats->result_array() as $item) {
$cat .= anchor('admin/categories/edit/' . $item['cat_id'], $item['cat_name']) . ', ';
}
$status = '<span class="not_active">' . lang('lang_not_active') . '</span>';
if ($row['article_display'] == 'y') {
$status = '<span class="active">' . lang('lang_active') . '</span>';
}
$title = anchor('admin/kb/articles/edit/' . $row['article_id'], $row['article_title']);
$output .= "[";
$output .= '"' . addslashes($title) . '",';
$output .= '"' . addslashes(reduce_multiples($cat, ", ", TRUE)) . '",';
$output .= '"' . addslashes(date($this->config->item('short_date_format'), $row['article_date'])) . '",';
$output .= '"' . addslashes(date($this->config->item('short_date_format'), $row['article_modified'])) . '",';
$output .= '"' . addslashes($status) . '",';
$output .= '"<input type=\\"checkbox\\" name=\\"article_id[]\\" value=\\"' . $row['article_id'] . '\\" />"';
$output .= "],";
}
$output = substr_replace($output, "", -1);
$output .= '] }';
echo $output;
}
/**
* Authorize email submission
*/
function authorize_email()
{
/** ----------------------------------------
/** Fetch the mailinglist language pack
/** ----------------------------------------*/
ee()->lang->loadfile('mailinglist');
// Is the mailing list turned on?
if (ee()->config->item('mailinglist_enabled') == 'n') {
return ee()->output->show_user_error('general', lang('mailinglist_disabled'));
}
/** ----------------------------------------
/** Fetch the name of the site
/** ----------------------------------------*/
$site_name = ee()->config->item('site_name') == '' ? lang('back') : stripslashes(ee()->config->item('site_name'));
/** ----------------------------------------
/** No ID? Tisk tisk...
/** ----------------------------------------*/
$id = ee()->input->get_post('id');
if ($id == FALSE) {
$data = array('title' => lang('ml_mailinglist'), 'heading' => lang('error'), 'content' => lang('invalid_url'), 'link' => array(ee()->functions->fetch_site_index(), $site_name));
ee()->output->show_message($data);
}
/** ----------------------------------------
/** Fetch email associated with auth-code
/** ----------------------------------------*/
$expire = time() - 60 * 60 * 48;
ee()->db->query("DELETE FROM exp_mailing_list_queue WHERE date < '{$expire}' ");
$query = ee()->db->query("SELECT email, list_id FROM exp_mailing_list_queue WHERE authcode = '" . ee()->db->escape_str($id) . "'");
if ($query->num_rows() == 0) {
$data = array('title' => lang('ml_mailinglist'), 'heading' => lang('error'), 'content' => lang('ml_expired_date'), 'link' => array(ee()->functions->fetch_site_index(), $site_name));
echo ee()->output->show_message($data);
exit;
}
/** ----------------------------------------
/** Transfer email to the mailing list
/** ----------------------------------------*/
$email = $query->row('email');
$list_id = $query->row('list_id');
if ($list_id == 0) {
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_mailing_lists WHERE list_id = 1");
if ($query->row('count') != 1) {
return ee()->output->show_user_error('general', lang('ml_no_list_id'));
} else {
$list_id = 1;
}
}
ee()->db->query("INSERT INTO exp_mailing_list (list_id, authcode, email, ip_address)\r\n\t\t\t\t\t\t\t VALUES ('" . ee()->db->escape_str($list_id) . "', '{$id}', '" . ee()->db->escape_str($email) . "', '" . ee()->db->escape_str(ee()->input->ip_address()) . "')");
ee()->db->query("DELETE FROM exp_mailing_list_queue WHERE authcode = '" . ee()->db->escape_str($id) . "'");
/** ----------------------------------------
/** Is there an admin notification to send?
/** ----------------------------------------*/
if (ee()->config->item('mailinglist_notify') == 'y' and ee()->config->item('mailinglist_notify_emails') != '') {
$query = ee()->db->select('list_title')->get_where('mailing_lists', array('list_id' => $list_id));
$swap = array('email' => $email, 'mailing_list' => $query->row('list_title'));
$template = ee()->functions->fetch_email_template('admin_notify_mailinglist');
$email_tit = ee()->functions->var_swap($template['title'], $swap);
$email_msg = ee()->functions->var_swap($template['data'], $swap);
/** ----------------------------
/** Send email
/** ----------------------------*/
// Remove multiple commas
$notify_address = reduce_multiples(ee()->config->item('mailinglist_notify_emails'), ',', TRUE);
if ($notify_address != '') {
// Send email
ee()->load->library('email');
// Load the text helper
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->EE_initialize();
ee()->email->wordwrap = true;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->send();
}
}
}
/** ------------------------------
/** Success Message
/** ------------------------------*/
$data = array('title' => lang('ml_mailinglist'), 'heading' => lang('thank_you'), 'content' => lang('ml_account_confirmed'), 'link' => array(ee()->functions->fetch_site_index(), $site_name));
ee()->output->show_message($data);
}
public function string_helper()
{
$this->load->helper('string');
$this->htmlp(random_string('alnum', 16));
$this->htmlp(increment_string('file', '_'));
// "file_1"
$this->htmlp(increment_string('file', '-', 2));
// "file-2"
$this->htmlp(increment_string('file_4'));
// "file_5"
for ($i = 0; $i < 10; $i++) {
$this->htmlp(alternator('one', 'two', 'three', 'four', 'five'));
}
$string = "|repeat";
$this->htmlp(repeater($string, 30));
// DEPRECATED
$string = "http://example.com//index.php";
$this->htmlp(reduce_double_slashes($string));
// results in "http://example.com/index.php"
$string = "/this/that/theother/";
$this->htmlp(trim_slashes($string));
// results in this/that/theother
$string = "Fred, Bill,, Joe, Jimmy";
$string = reduce_multiples($string, ",");
//results in "Fred, Bill, Joe, Jimmy"
$this->htmlp($string);
$string = ",Fred, Bill,, Joe, Jimmy,";
$string = reduce_multiples($string, ", ", TRUE);
//results in "Fred, Bill, Joe, Jimmy"
$this->htmlp($string);
$string = "Joe's \"dinner\"";
$string = quotes_to_entities($string);
//results in "Joe's "dinner""
$this->htmlp($string);
$string = "Joe's \"dinner\"";
$string = strip_quotes($string);
//results in "Joes dinner"
$this->htmlp($string);
}
/**
* Delete Member Account Processing
*
* @access public
* @return string
*/
public function delete_account()
{
/** ----------------------------------------
/** Authorization Check
/** ----------------------------------------*/
if ($this->_param('member_id') == FALSE or !ctype_digit($this->_param('member_id')) or !isset($_POST['ACT'])) {
return $this->_output_error('general', array(ee()->lang->line('not_authorized')));
}
if (ee()->session->userdata['member_id'] == 0) {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
// If not deleting yourself, you must be a SuperAdmin or have Delete Member permissions
// If deleting yourself, you must have permission to do so.
if ($this->_param('member_id') != ee()->session->userdata['member_id']) {
if (ee()->session->userdata['group_id'] != 1 and ee()->session->userdata['can_delete_members'] != 'y') {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
} elseif (ee()->session->userdata['can_delete_self'] !== 'y') {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
$admin = ee()->session->userdata['member_id'] != $this->_param('member_id') ? TRUE : FALSE;
/** --------------------------------------------
/** Member Data
/** --------------------------------------------*/
$query = ee()->db->query("SELECT m.*,\n\t\t\t\t\tmg.mbr_delete_notify_emails\n\t\t\t FROM \texp_members AS m, \n\t\t\t\t\texp_member_groups AS mg\n\t\t\t WHERE \tm.member_id = '" . ee()->db->escape_str($this->_param('member_id')) . "'\n\t\t\t AND \tm.group_id = mg.group_id");
if ($query->num_rows() == 0) {
return $this->_output_error('general', ee()->lang->line('not_authorized'));
}
/** -------------------------------------
/** One cannot delete a SuperAdmin from the User side. Sorry...
/** -------------------------------------*/
if ($query->row('group_id') == 1) {
return $this->_output_error('general', ee()->lang->line('cannot_delete_super_admin'));
}
/** --------------------------------------------
/** Variables!
/** --------------------------------------------*/
$id = $query->row('member_id');
$check_password = $query->row('password');
$mbr_delete_notify_emails = $query->row('mbr_delete_notify_emails');
$screen_name = $query->row('screen_name');
$email = $query->row('email');
/** ----------------------------------------
/** Is IP and User Agent required for login? Then, same here.
/** ----------------------------------------*/
if (ee()->config->item('require_ip_for_login') == 'y') {
if (ee()->session->userdata['ip_address'] == '' or ee()->session->userdata['user_agent'] == '') {
return $this->_output_error('general', ee()->lang->line('unauthorized_request'));
}
}
/** ----------------------------------------
/** Check password lockout status
/** ----------------------------------------*/
if (ee()->session->check_password_lockout() === TRUE) {
return $this->_output_error('general', str_replace("%x", ee()->config->item('password_lockout_interval'), ee()->lang->line('password_lockout_in_effect')));
}
/* -------------------------------------
/* If deleting self, you must submit your password.
/* If SuperAdmin deleting another, must submit your password
/* -------------------------------------*/
if (APP_VER >= '2.2.0') {
$check_salt = $query->row('salt');
}
// Fetch the SAs password instead as they are the one doing the deleting
if (ee()->session->userdata['member_id'] != $this->_param('member_id')) {
$squery = ee()->db->query("SELECT password" . (APP_VER < '2.2.0' ? '' : ', salt') . " \n\t\t\t\t FROM \texp_members \n\t\t\t\t WHERE \tmember_id = '" . ee()->db->escape_str(ee()->session->userdata['member_id']) . "'");
$check_password = $squery->row('password');
if (APP_VER >= '2.2.0') {
$check_salt = $squery->row('salt');
}
unset($squery);
}
if (APP_VER < '2.2.0') {
$password = ee()->functions->hash(stripslashes(ee()->input->post('password')));
if ($check_password != $password) {
ee()->session->save_password_lockout();
return $this->_output_error('general', ee()->lang->line('invalid_pw'));
}
} else {
ee()->load->library('auth');
$passwd = ee()->auth->hash_password(stripslashes(ee()->input->post('password')), $check_salt);
if (!isset($passwd['salt']) or $passwd['password'] != $check_password) {
ee()->session->save_password_lockout();
return $this->_output_error('general', ee()->lang->line('invalid_pw'));
}
}
// --------------------------------------------
// EE 2.4 Added a Member Model for Deleting That Works Rather Well
// --------------------------------------------
if (APP_VER >= '2.4.0') {
ee()->load->model('member_model');
ee()->member_model->delete_member($id);
} else {
/** -------------------------------------
/** No turning back, get to deletin'!
/** -------------------------------------*/
ee()->db->query("DELETE FROM exp_members WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_member_data WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_member_homepage WHERE member_id = '{$id}'");
$message_query = ee()->db->query("SELECT DISTINCT \trecipient_id \n\t\t\t\t FROM \t\t\t\texp_message_copies \n\t\t\t\t WHERE \t\t\t\tsender_id = '{$id}' \n\t\t\t\t AND \t\t\t\tmessage_read = 'n'");
ee()->db->query("DELETE FROM exp_message_copies WHERE sender_id = '{$id}'");
ee()->db->query("DELETE FROM exp_message_data WHERE sender_id = '{$id}'");
ee()->db->query("DELETE FROM exp_message_folders WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_message_listed WHERE member_id = '{$id}'");
if ($message_query->num_rows() > 0) {
foreach ($message_query->result_array() as $row) {
$count_query = ee()->db->query("SELECT COUNT(*) AS count \n\t\t\t\t\t\t FROM \texp_message_copies \n\t\t\t\t\t\t WHERE \trecipient_id = '" . $row['recipient_id'] . "' AND message_read = 'n'");
ee()->db->query(ee()->db->update_string('exp_members', array('private_messages' => $count_query->row('count')), array('member_id' => $row['recipient_id'])));
}
}
/** -------------------------------------
/** Delete Forum Posts
/** -------------------------------------*/
if (ee()->config->item('forum_is_installed') == "y") {
ee()->db->query("DELETE FROM exp_forum_subscriptions WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_forum_pollvotes WHERE member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_forum_topics WHERE author_id = '{$id}'");
// Snag the affected topic id's before deleting the member for the update afterwards
$query = ee()->db->query("SELECT topic_id FROM exp_forum_posts WHERE author_id = '{$id}'");
if ($query->num_rows() > 0) {
$topic_ids = array();
foreach ($query->result_array() as $row) {
$topic_ids[] = $row['topic_id'];
}
$topic_ids = array_unique($topic_ids);
}
ee()->db->query("DELETE FROM exp_forum_posts WHERE author_id = '{$id}'");
ee()->db->query("DELETE FROM exp_forum_polls WHERE author_id = '{$id}'");
// Update the forum stats
$query = ee()->db->query("SELECT forum_id FROM exp_forums WHERE forum_is_cat = 'n'");
if (!class_exists('Forum')) {
require PATH_MOD . 'forum/mod.forum' . EXT;
require PATH_MOD . 'forum/mod.forum_core' . EXT;
}
$FRM = new Forum_Core();
foreach ($query->result_array() as $row) {
$FRM->_update_post_stats($row['forum_id']);
}
if (isset($topic_ids)) {
foreach ($topic_ids as $topic_id) {
$FRM->_update_topic_stats($topic_id);
}
}
}
/** -------------------------------------
/** Va-poo-rize Weblog Entries and Comments
/** -------------------------------------*/
$entry_ids = array();
$channel_ids = array();
$recount_ids = array();
// Find Entry IDs and Channel IDs, then DELETE! DELETE, WHA HA HA HA!!
if (APP_VER < 2.0) {
$query = ee()->db->query("SELECT entry_id, weblog_id AS channel_id FROM exp_weblog_titles WHERE author_id = '{$id}'");
} else {
$query = ee()->db->query("SELECT entry_id, channel_id FROM exp_channel_titles WHERE author_id = '{$id}'");
}
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$entry_ids[] = $row['entry_id'];
$channel_ids[] = $row['channel_id'];
}
if (APP_VER < 2.0) {
ee()->db->query("DELETE FROM exp_weblog_titles WHERE author_id = '{$id}'");
ee()->db->query("DELETE FROM exp_weblog_data WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
} else {
ee()->db->query("DELETE FROM exp_channel_titles WHERE author_id = '{$id}'");
ee()->db->query("DELETE FROM exp_channel_data WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
}
ee()->db->query("DELETE FROM exp_comments WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
ee()->db->query("DELETE FROM exp_trackbacks WHERE entry_id IN ('" . implode("','", $entry_ids) . "')");
}
// Find the affected entries AND channel ids for author's comments
if (APP_VER < 2.0) {
$query = ee()->db->query("SELECT DISTINCT(entry_id), weblog_id AS channel_id FROM exp_comments WHERE author_id = '{$id}'");
} else {
$query = ee()->db->query("SELECT DISTINCT(entry_id), channel_id FROM exp_comments WHERE author_id = '{$id}'");
}
if ($query->num_rows() > 0) {
foreach ($query->result_array() as $row) {
$recount_ids[] = $row['entry_id'];
$channel_ids[] = $row['channel_id'];
}
$recount_ids = array_diff($recount_ids, $entry_ids);
}
// Delete comments by member
ee()->db->query("DELETE FROM exp_comments WHERE author_id = '{$id}'");
$this->EE->stats->update_member_stats();
// Update stats on channel entries that were NOT deleted AND had comments by author
if (count($recount_ids) > 0) {
foreach (array_unique($recount_ids) as $entry_id) {
$query = ee()->db->query("SELECT MAX(comment_date) AS max_date FROM exp_comments WHERE status = 'o' AND entry_id = '" . ee()->db->escape_str($entry_id) . "'");
$comment_date = ($query->num_rows() == 0 or !is_numeric($query->row('max_date'))) ? 0 : $query->row('max_date');
$query = ee()->db->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '{$entry_id}' AND status = 'o'");
if (APP_VER < 2.0) {
ee()->db->query("UPDATE exp_weblog_titles SET\tcomment_total = '" . ee()->db->escape_str($query->row('count')) . "', \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\trecent_comment_date = '{$comment_date}' WHERE entry_id = '{$entry_id}'");
} else {
ee()->db->query("UPDATE exp_channel_titles SET comment_total = '" . ee()->db->escape_str($query->row('count')) . "',\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\trecent_comment_date = '{$comment_date}' WHERE entry_id = '{$entry_id}'");
}
}
}
foreach (array_unique($channel_ids) as $channel_id) {
if (APP_VER < 2.0) {
ee()->stats->update_weblog_stats($channel_id);
} else {
ee()->stats->update_channel_stats($channel_id);
}
ee()->stats->update_comment_stats($channel_id);
}
}
// END conditional for EE versions below EE 2.4.0
/** -------------------------------------
/** Email notification recipients
/** -------------------------------------*/
if ($mbr_delete_notify_emails != '') {
$notify_address = $mbr_delete_notify_emails;
$swap = array('name' => $screen_name, 'email' => $email, 'site_name' => stripslashes(ee()->config->item('site_name')));
$email_tit = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_title'), $swap);
$email_msg = ee()->functions->var_swap(ee()->lang->line('mbr_delete_notify_message'), $swap);
// No notification for the user themselves, if they're in the list
if (stristr($notify_address, $email)) {
$notify_address = str_replace($email, "", $notify_address);
}
ee()->load->helper('string');
$notify_address = reduce_multiples($notify_address, ',', TRUE);
if ($notify_address != '') {
/** ----------------------------
/** Send email
/** ----------------------------*/
ee()->load->library('email');
ee()->load->helper('text');
foreach (explode(',', $notify_address) as $addy) {
ee()->email->initialize();
ee()->email->wordwrap = false;
ee()->email->from(ee()->config->item('webmaster_email'), ee()->config->item('webmaster_name'));
ee()->email->to($addy);
ee()->email->reply_to(ee()->config->item('webmaster_email'));
ee()->email->subject($email_tit);
ee()->email->message(entities_to_ascii($email_msg));
ee()->email->Send();
}
}
}
/** -------------------------------------
/** Trash the Session and cookies
/** -------------------------------------*/
ee()->db->query("DELETE FROM exp_online_users \n\t\t\t\t\t\t WHERE site_id = '" . ee()->db->escape_str(ee()->config->item('site_id')) . "' \n\t\t\t\t\t\t AND ip_address = '{ee()->input->ip_address()}' \n\t\t\t\t\t\t AND member_id = '{$id}'");
ee()->db->query("DELETE FROM exp_sessions WHERE member_id = '" . $id . "'");
if ($admin === FALSE) {
if (APP_VER < '2.2.0') {
ee()->functions->set_cookie(ee()->session->c_password);
}
ee()->functions->set_cookie(ee()->session->c_session);
ee()->functions->set_cookie(ee()->session->c_expire);
ee()->functions->set_cookie(ee()->session->c_anon);
ee()->functions->set_cookie('read_topics');
ee()->functions->set_cookie('tracker');
}
if (ee()->extensions->active_hook('user_delete_account_end') === TRUE) {
$edata = ee()->extensions->universal_call('user_delete_account_end', $this);
if (ee()->extensions->end_script === TRUE) {
return;
}
}
/** ----------------------------------------
/** Override Return
/** ----------------------------------------*/
if ($this->_param('override_return') !== FALSE and $this->_param('override_return') != '' && $this->is_ajax_request() === FALSE) {
ee()->functions->redirect($this->_param('override_return'));
exit;
}
/** ----------------------------------------
/** Set return
/** ----------------------------------------*/
if (ee()->input->get_post('return') !== FALSE and ee()->input->get_post('return') != '') {
$return = ee()->input->get_post('return');
} elseif (ee()->input->get_post('RET') !== FALSE and ee()->input->get_post('RET') != '') {
$return = ee()->input->get_post('RET');
} else {
$return = ee()->config->item('site_url');
}
if (preg_match("/" . LD . "\\s*path=(.*?)" . RD . "/", $return, $match)) {
$return = ee()->functions->create_url($match['1']);
}
/** ----------------------------------------
/** Return
/** ----------------------------------------*/
$return = $this->_chars_decode($return);
// --------------------------------------------
// AJAX Response
// --------------------------------------------
if ($this->is_ajax_request()) {
$this->send_ajax_response(array('success' => TRUE, 'heading' => lang('user_successful_submission'), 'message' => lang('mbr_account_deleted'), 'content' => lang('mbr_account_deleted')));
}
/** -------------------------------------
/** Build Success Message
/** -------------------------------------*/
$name = stripslashes(ee()->config->item('site_name'));
$data = array('title' => ee()->lang->line('mbr_delete'), 'heading' => ee()->lang->line('thank_you'), 'content' => ee()->lang->line('mbr_account_deleted'), 'redirect' => $return);
ee()->output->show_message($data);
}
}
*/
function _Head_String($ID_Fields = '')
{
if (!$this->Tabel == '') {
$Flag = FALSE;
if ($ID_Fields == '') {
$this->db->select('Data_Template_Fields');
$this->db->from('template_fields');
$this->db->join('table', 'table.ID_Table = template_fields.ID_Table');
$this->db->where('ID_Users', $this->session->ID_Users);
$this->db->where('Name_Table', $this->Tabel);
$query = $this->db->get();
$Flag = $query->num_rows() > 0 ? TRUE : FALSE;
}
if ($Flag or !$ID_Fields == '') {
if ($ID_Fields == '') {
$row = $query->row_array();
$ColumnArray = explode(', ', $row['Data_Template_Fields']);
} else {
$ColumnArray = $ID_Fields;
}
$this->db->select('ID_Fields_Table, Name_Fields_Table, Description_Fields_Table, Sc_Description_Fields_Table');
$this->db->from('Fields_Table');
$this->db->where_in('ID_Fields_Table', $ColumnArray);
$query = $this->db->get();
$Out = '';
foreach ($query->result_array() as $row) {
$this->ColTabel[$row['ID_Fields_Table']] = $row['Name_Fields_Table'];
$this->Description_Fields[$row['Name_Fields_Table']] = $row['Description_Fields_Table'];
$this->Sc_Description_Fields[$row['Name_Fields_Table']] = $row['Sc_Description_Fields_Table'];
}
if ($ID_Fields == '') {
foreach ($ColumnArray as $value) {
$Out .= $this->ColTabel[$value] . ', ';
}
} else {
$Out .= $this->ColTabel[$ColumnArray] . ', ';
}
$this->db->reset_query();
return reduce_multiples($Out, ", ", TRUE);
}
