function usersearch($lang) { $with_name = true; $with_website = true; $action = 'init'; if (isset($_POST['usersearch_search']) or isset($_GET['q'])) { $action = 'search'; } $pagesize = 20; $page = 1; $what = false; switch ($action) { case 'search': if (isset($_POST['usersearch_what'])) { $what = readarg($_POST['usersearch_what']); } else { if (isset($_GET['q'])) { $what = readarg($_GET['q']); if (isset($_GET['p'])) { $page = readarg($_GET['p']); if (!is_numeric($page)) { $page = 1; } } } } break; default: break; } $count = 0; $result = false; switch ($action) { case 'search': $r = user_search($what, $pagesize, $page); if (!$r) { break; } list($count, $result) = $r; $edit_url = url('adminuser', $lang); foreach ($result as &$r) { $r['edit'] = $edit_url . '/' . $r['user_id']; } break; default: break; } $output = view('usersearch', $lang, compact('what', 'page', 'pagesize', 'count', 'result', 'with_name', 'with_website')); return $output; }
/** * Intercept on after-process stage for incoming SMS and forward it to selected user's inbox * * @param $sms_datetime incoming * SMS date/time * @param $sms_sender incoming * SMS sender * @param $message incoming * SMS message before interepted * @param $sms_receiver receiver * number that is receiving incoming SMS * @param $feature feature * managed to hook current incoming SMS * @param $status recvsms() * status, 0 or FALSE for unhandled * @param $uid keyword * owner * @return array $ret */ function incoming_hook_recvsms_intercept_after($sms_datetime, $sms_sender, $message, $sms_receiver, $feature, $status, $uid, $smsc) { global $core_config; $ret = array(); $users = array(); $is_routed = FALSE; if (!$status) { // get settings $settings = incoming_settings_get(); // get post rules $post_rules = incoming_post_rules_get(); // sandbox match receiver number and sender ID if (!$is_routed) { // route sandbox if receiver number matched with default sender ID of users if ($post_rules['match_sender_id']) { $s = array(); if ($settings['match_all_sender_id']) { // get all approved sender ID $s = sender_id_getall(); } else { $data = user_search($sms_receiver, 'sender'); foreach ($data as $user) { // get default sender ID if ($user['sender']) { $s[] = $user['sender']; // in case an error occured where multiple users own the same sender ID break; } } } // start matching foreach ($s as $sender_id) { if ($sender_id && $sms_receiver && $sender_id == $sms_receiver) { unset($usernames); unset($username); if ($settings['match_all_sender_id']) { // get $username who owns $sender_id $uids = sender_id_owner($sender_id); foreach ($uids as $uid) { $usernames[] = user_uid2username($uid); } } else { $usernames[] = $user['username']; } array_unique($usernames); foreach ($usernames as $username) { if ($username) { _log("sandbox match sender start u:" . $username . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:[" . $message . "]", 3, 'incoming recvsms_intercept_after'); recvsms_inbox_add($sms_datetime, $sms_sender, $username, $message, $sms_receiver); _log("sandbox match sender end u:" . $username, 3, 'incoming recvsms_intercept_after'); $is_routed = TRUE; // single match only // break; } } } } } } // sandbox prefix if (!$is_routed) { // route sandbox by adding a prefix to message and re-enter it to recvsms() /** * if ($post_rules['insert_prefix'] && trim($message)) { * $message = $post_rules['insert_prefix'] . * * * ' ' . trim($message); * _log("sandbox add prefix start keyword:" . $post_rules['insert_prefix'] . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:" . $message, 3, 'incoming recvsms_intercept_after'); * recvsms($sms_datetime, $sms_sender, $message, $sms_receiver, $smsc); * _log("sandbox add prefix end keyword:" . $post_rules['insert_prefix'], 3, 'incoming recvsms_intercept_after'); * $is_routed = TRUE; * } */ } // sandbox forward to users if (!$is_routed) { foreach ($post_rules['forward_to'] as $uid) { $c_username = user_uid2username($uid); if ($c_username) { $users[] = $c_username; } } // route sandbox to users inbox foreach ($users as $username) { _log("sandbox to user start u:" . $username . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:[" . $message . "]", 3, 'incoming recvsms_intercept_after'); recvsms_inbox_add($sms_datetime, $sms_sender, $username, $message, $sms_receiver); _log("sandbox to user end u:" . $username, 3, 'incoming recvsms_intercept_after'); $is_routed = TRUE; } } // flag the hook if is_routed if ($is_routed) { $ret['param']['feature'] = 'incoming'; if ($settings['leave_copy_sandbox']) { $ret['param']['status'] = 0; } else { $ret['param']['status'] = 1; } $ret['param']['uid'] = 1; $ret['modified'] = TRUE; } } return $ret; }
} } // Array to hold any error messages $error_msg_array = array(); // Selection for page links if (is_array($selected_array) && sizeof($selected_array) > 0) { $selected = implode(';', $selected_array); } else { $selected = ""; } // Empty array for storing the results of our search $search_results_array = array(); // If everything is OK we can perform the search. if (isset($search_query) && strlen(trim($search_query)) > 0) { if ($type == SEARCH_LOGON) { $search_results_array = user_search($search_query, $selected_array); } else { if ($type == SEARCH_THREAD) { $search_results_array = thread_search($search_query, $selected_array); } } } html_draw_top(sprintf('title=%s', gettext("Search")), 'pm_popup_disabled', 'search_popup.js', 'class=window_title'); echo "<h1>", gettext("Search"), "</h1>\n"; if (isset($error_msg_array) && sizeof($error_msg_array) > 0) { html_display_error_array($error_msg_array, '450', 'center'); } else { if (isset($search_results_array['results_array']) && sizeof($search_results_array['results_array']) < 1 && sizeof($selected_array) < 1) { html_display_warning_msg(gettext("Search Returned No Results"), '450', 'center'); } else { echo "<br />\n";
function user_create($scope, $usermail, $password) { if (user_search($scope, $usermail) == false) { $nomefile = xmd5($scope); $session = time() . "-" . rand(1000, 9999); $fp = fopen($nomefile, "a"); fwrite($fp, "{$usermail},{$password},{$session}"); fclose($fp); } return $session; }
} // Check the code $the_email = false; $fa = file(SERVDIR . '/cdata/confirmations.php'); foreach ($fa as $id => $vs) { list($email, $md5) = explode('|', trim($vs)); if ($md5 == $s) { $the_email = $email; unset($fa[$id]); } } // save new file rewritefile('/cdata/confirmations.php', join('', $fa)); // Check validation if ($the_email) { $user_arr = user_search($the_email, 'email'); $user = $user_arr[UDB_NAME]; } else { add_to_log(':anonym:', 'Validate "s" parameter: invalid request'); msg("error", lang('Error!'), lang("Validation is broken"), '#GOBACK'); } // Generate srand(time()); $salt = "abcdefghjkmnpqrstuvwxyz0123456789-ABCDEFGHIJKLMNOPQRSTUVWXYZ"; for ($i = 0; $i < 9; $i++) { $new_pass .= $salt[rand(0, strlen($salt) - 1)]; } // Save new password $hmet = hash_generate($new_pass); $user_arr[UDB_PASS] = $hmet[count($hmet) - 1]; print_r($new_pass);
// define access level $access_level = array(ACL_LEVEL_ADMIN => 'administrator', ACL_LEVEL_EDITOR => 'editor', ACL_LEVEL_JOURNALIST => 'journalist', ACL_LEVEL_COMMENTER => 'commenter'); echo proc_tpl('options/personal', array('member_db[2]' => $member_db[UDB_NAME], 'member_db[4]' => $member_db[UDB_NICK], 'member_db[5]' => $member_db[UDB_EMAIL], 'member_db[6]' => $member_db[UDB_COUNT], 'member_db[8]' => $member_db[UDB_AVATAR], 'ifchecked' => $member_db[UDB_CBYEMAIL] == 1 ? "checked" : false, 'access_level' => $access_level[$member_db[UDB_ACL]], 'registrationdate' => date("D, d F Y", $member_db[0]), 'bg' => $member_db[UDB_ACL] < ACL_LEVEL_COMMENTER ? "bgcolor=#F7F6F4" : false), array('NOTCOMMENTER' => $member_db[UDB_ACL] < ACL_LEVEL_COMMENTER)); echofooter(); } elseif ($action == "dosavepersonal") { CSRFCheck(); $username = $member_db[UDB_NAME]; $editnickname = replace_comment("add", $editnickname); $editmail = replace_comment("add", $editmail); $edithidemail = replace_comment("add", $edithidemail); $change_avatar = replace_comment("add", $change_avatar); if ($editpassword and !preg_match("/^[\\.A-z0-9_\\-]{1,31}\$/i", $editpassword)) { msg("error", lang('Error!'), lang("Your password must contain only valid characters and numbers"), '#GOBACK'); } $edithidemail = $edithidemail ? 1 : 0; $pack = user_search($username); // editing password (with confirm) if ($editpassword) { if ($confirmpassword == $editpassword) { $hashs = hash_generate($editpassword); $pack[UDB_PASS] = $hashs[count($hashs) - 1]; } else { msg('error', lang('Error!'), lang('Confirm password not match'), "#GOBACK"); } } $pack[UDB_NICK] = $editnickname; $pack[UDB_EMAIL] = $editmail; $pack[UDB_CBYEMAIL] = $edithidemail; $pack[UDB_AVATAR] = $change_avatar; user_update($username, $pack); msg("info", lang("Changes Saved"), lang("Your personal information was saved"), "#GOBACK");
/** * Intercept on after-process stage for incoming SMS and forward it to selected user's inbox * * @param $sms_datetime incoming * SMS date/time * @param $sms_sender incoming * SMS sender * @param $message incoming * SMS message before interepted * @param $sms_receiver receiver * number that is receiving incoming SMS * @param $feature feature * managed to hook current incoming SMS * @param $status recvsms() * status, 0 or FALSE for unhandled * @param $uid keyword * owner * @return array $ret */ function incoming_hook_recvsms_intercept_after($sms_datetime, $sms_sender, $message, $sms_receiver, $feature, $status, $uid, $smsc) { global $core_config; $ret = array(); $users = array(); $is_routed = FALSE; // continue only if its sandbox if ($status) { return $ret; } // get settings $settings = incoming_settings_get(); // get post rules $post_rules = incoming_post_rules_get(); // sandbox match receiver number and sender ID if (!$is_routed) { // route sandbox if receiver number matched with default sender ID of users if ($post_rules['match_sender_id']) { $s = array(); if ($settings['match_all_sender_id']) { // get all approved sender ID $s = sender_id_getall(); } else { $data = user_search($sms_receiver, 'sender'); foreach ($data as $user) { // get default sender ID if ($user['sender']) { $s[] = $user['sender']; // in case an error occured where multiple users own the same sender ID break; } } } // start matching foreach ($s as $sender_id) { if ($sender_id && $sms_receiver && $sender_id == $sms_receiver) { unset($usernames); unset($username); if ($settings['match_all_sender_id']) { // get $username who owns $sender_id $uids = sender_id_owner($sender_id); foreach ($uids as $uid) { $usernames[] = user_uid2username($uid); } } else { $usernames[] = $user['username']; } $usernames = array_unique($usernames); foreach ($usernames as $username) { if ($username) { _log("sandbox match sender start u:" . $username . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:[" . $message . "]", 3, 'incoming recvsms_intercept_after'); recvsms_inbox_add($sms_datetime, $sms_sender, $username, $message, $sms_receiver); _log("sandbox match sender end u:" . $username, 3, 'incoming recvsms_intercept_after'); $is_routed = TRUE; // single match only // break; } } } } } // sandbox prefix if (!$is_routed) { // route sandbox by adding a prefix to message and re-enter it to recvsms() //if ($post_rules['insert_prefix'] && trim($message)) { // $message = $post_rules['insert_prefix'] . ' ' . trim($message); // _log("sandbox add prefix start keyword:" . $post_rules['insert_prefix'] . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:" . $message, 3, 'incoming recvsms_intercept_after'); // recvsms($sms_datetime, $sms_sender, $message, $sms_receiver, $smsc); // _log("sandbox add prefix end keyword:" . $post_rules['insert_prefix'], 3, 'incoming recvsms_intercept_after'); // $is_routed = TRUE; //} } // sandbox forward to users if (!$is_routed) { foreach ($post_rules['forward_to'] as $uid) { $c_username = user_uid2username($uid); if ($c_username) { $users[] = $c_username; } } // route sandbox to users inbox foreach ($users as $username) { _log("sandbox to user start u:" . $username . " dt:" . $sms_datetime . " s:" . $sms_sender . " r:" . $sms_receiver . " m:[" . $message . "]", 3, 'incoming recvsms_intercept_after'); recvsms_inbox_add($sms_datetime, $sms_sender, $username, $message, $sms_receiver); _log("sandbox to user end u:" . $username, 3, 'incoming recvsms_intercept_after'); $is_routed = TRUE; } } // sandbox forward to URL if ($url = trim($post_rules['forward_to_url'])) { $payload = array('datetime' => core_get_datetime(), 'sms_datetime' => $sms_datetime, 'sms_sender' => $sms_sender, 'message' => $message, 'sms_receiver' => $sms_receiver, 'smsc' => $smsc); $json = json_encode($payload); $url = str_replace('{SANDBOX_PAYLOAD}', urlencode($json), $url); $url = str_replace('{SANDBOX_DATETIME}', urlencode($sms_datetime), $url); $url = str_replace('{SANDBOX_SENDER}', urlencode($sms_sender), $url); $url = str_replace('{SANDBOX_MESSAGE}', urlencode($message), $url); $url = str_replace('{SANDBOX_RECEIVER}', urlencode($sms_receiver), $url); $url = str_replace('{SANDBOX_SMSC}', urlencode($smsc), $url); _log("sandbox forward to URL start url:[" . $url . "]", 3, 'incoming recvsms_intercept_after'); $response = @file_get_contents($url); _log("sandbox forward to URL end response:[" . $response . "]", 3, 'incoming recvsms_intercept_after'); } } // flag the hook if is_routed if ($is_routed) { $ret['param']['feature'] = 'incoming'; if ($settings['leave_copy_sandbox']) { $ret['param']['status'] = 0; } else { $ret['param']['status'] = 1; } $ret['param']['uid'] = 1; $ret['modified'] = TRUE; } return $ret; }
<?php require_once '../includes/dbConnection.php'; require_once '../includes/functions.php'; require_once '../includes/session.php'; // PRISIJUNGIMAS if (isset($_POST['name']) && isset($_POST['password'])) { $username = $_POST['name']; $password = $_POST['password']; if ($username == '' || $password == '') { $_SESSION['message'] = 'Neįvestas vardas arba slaptažodis'; redirect('pagrindinis.php'); exit; } $result = user_search($username); if (!$result) { $_SESSION['message'] = 'Vartotojas nerastas'; redirect('pagrindinis.php'); } while ($user = mysqli_fetch_assoc($result)) { if ($password != $user['password']) { $_SESSION['message'] = 'Netinkamas slaptažodis'; redirect('pagrindinis.php'); } } mysqli_free_result($result); } else { redirect('pagrindinis.php'); } // HEADER IKELIMAS require_once '../includes/Layouts/header.php';
} } } else { $is_member = false; } // --------------------------------- // Converting to UTF8 [Try] // --------------------------------- if ($config_useutf8 == "1" && function_exists('iconv')) { list($hac) = spsep($config_default_charset); $name = iconv($hac, 'utf-8', $name); $comments = iconv($hac, 'utf-8', $comments); } // User is authorized if (!empty($_SESS['user'])) { $member_db = user_search($_SESS['user']); if ($member_db[UDB_ACL] == ACL_LEVEL_ADMIN) { $captcha_enabled = false; } } // Captcha test (if not disabled force) if ($captcha != $_SESS['CSW'] && $config_use_captcha && $captcha_enabled) { echo '<div class="blocking_posting_comment">' . lang('Wrong captcha') . '! <a href="javascript:location.reload(true)">' . lang('Refresh') . '</a></div>'; add_to_log($ip, 'Attack to captcha'); return FALSE; } //---------------------------------- // Check if only members can comment //---------------------------------- if ($config_only_registered_comment == "yes" and !$is_member) { echo '<div class="blocking_posting_comment">' . lang('Sorry but only registered users can post comments, and') . ' "' . htmlspecialchars($name) . '" ' . lang('is not recognized as valid member') . '.</div>';
function phonebook_hook_phonebook_search_user($uid, $keyword = "", $count = 0, $exact = FALSE) { $ret = array(); $keywords = $keyword; $fields = 'username, name, mobile, email'; if ((int) $count) { $extras = 'LIMIT ' . (int) $count; } $users = user_search($keywords, $fields, $extras, $exact); foreach ($users as $user) { if ($name = phonebook_number2name($uid, $user['mobile'])) { $user['name'] = $name . '/' . $user['name']; } if (auth_isadmin()) { $ret[] = $user; } else { if ($name) { $ret[] = $user; } } } return $ret; }
/** * Import users in course. * * @author Dimitri Rambout <*****@*****.**> * @param $courseId id of the course * * @return boolean */ public function importUsersInCourse($userList, $courseId, $canCreateUser = true, $enrollUserInCourse = true, $class_id = 0, $sendEmail = 0) { if (empty($this->data)) { return false; } if (!(isset($userList) && count($userList))) { return false; } $logs = array(); $tbl_mdb_names = claro_sql_get_main_tbl(); $tbl_user = $tbl_mdb_names['user']; $tbl_course_user = $tbl_mdb_names['rel_course_user']; $tbl_cdb_names = claro_sql_get_course_tbl(); $tbl_group_rel_team_user = $tbl_cdb_names['group_rel_team_user']; $groupsImported = array(); $userInfo = array(); foreach ($userList as $user_id) { if (!isset($this->data[$user_id])) { $logs['errors'][] = get_lang('Unable to find the user in the csv'); } else { $userInfo['username'] = $this->data[$user_id]['username']; $userInfo['firstname'] = $this->data[$user_id]['firstname']; $userInfo['lastname'] = $this->data[$user_id]['lastname']; $userInfo['email'] = isset($this->data[$user_id]['email']) && !empty($this->data[$user_id]['email']) ? $this->data[$user_id]['email'] : ''; $userInfo['password'] = isset($this->data[$user_id]['password']) && !empty($this->data[$user_id]['password']) ? $this->data[$user_id]['password'] : mk_password(8); $userInfo['officialCode'] = isset($this->data[$user_id]['officialCode']) ? $this->data[$user_id]['officialCode'] : ''; if (isset($this->data[$user_id]['groupName'])) { $groupNames = $this->data[$user_id]['groupName']; } else { $groupNames = null; } //check user existe if not create is asked $resultSearch = user_search(array('username' => $userInfo['username']), null, true, true); if (empty($resultSearch)) { if (!$canCreateUser) { $userId = 0; $logs['errors'][] = get_lang('Unable to create user %username, option is disabled in configuration', array('%username' => $userInfo['username'])); } else { $userId = user_create($userInfo); if ($userId != 0) { $logs['success'][] = get_lang('User profile %username created successfully', array('%username' => $userInfo['username'])); if ($sendEmail) { user_send_registration_mail($userId, $userInfo); } } else { $logs['errors'][] = get_lang('Unable to create user %username', array('%username' => $userInfo['username'])); } } } else { $userId = $resultSearch[0]['uid']; $logs['errors'][] = get_lang('User %username not created because it already exists in the database', array('%username' => $userInfo['username'])); } if ($userId == 0) { $logs['errors'][] = get_lang('Unable to add user %username in this course', array('%username' => $userInfo['username'])); } else { if (!$enrollUserInCourse) { $logs['errors'][] = get_lang('Unable to add user %username in this course, option is disabled in configuration', array('%username' => $userInfo['username'])); } else { if (!user_add_to_course($userId, $courseId, false, false, null)) { $logs['errors'][] = get_lang('Unable to add user %username in this course', array('%username' => $userInfo['username'])); } else { $logs['success'][] = get_lang('User %username added in course %courseId', array('%username' => $userInfo['username'], '%courseId' => $courseId)); //join class if needed if ($class_id) { if (!($return = user_add_to_class($userId, $class_id))) { $logs['errors'][] = get_lang('Unable to add %username in the selected class', array('%username' => $userInfo['username'])); } else { $logs['success'][] = get_lang('User %username added in the selected class', array('%username' => $userInfo['username'])); } } //join group $groups = explode(',', $groupNames); if (is_array($groups)) { foreach ($groups as $group) { $group = trim($group); if (!empty($group)) { $groupsImported[$group][] = $userId; } } } } } } } } foreach ($groupsImported as $group => $users) { $GLOBALS['currentCourseRepository'] = claro_get_course_path($courseId); $groupId = create_group($group, null); if ($groupId == 0) { $logs['errors'][] = get_lang('Unable to create group %groupname', array('%groupname' => $group)); } else { foreach ($users as $userId) { $sql = "INSERT INTO `" . $tbl_group_rel_team_user . "`\n SET user = "******",\n team = " . (int) $groupId; if (!claro_sql_query($sql)) { $logs['errors'][] = get_lang('Unable to add user in group %groupname', array('%groupname' => $group)); } } } } return $logs; }
<?php require_once '../includes/session.php'; require_once '../includes/Layouts/header.php'; require_once '../includes/functions.php'; require_once '../includes/dbConnection.php'; if (isset($_POST['name'])) { $name = htmlentities($_POST['name']); $pass1 = htmlentities($_POST['password1']); $pass2 = htmlentities($_POST['password2']); $result = user_search($_POST['name']); if (!$result) { if ($pass1 == '' || $pass2 == '') { $message = 'Neįvedėte slaptažodžio'; } else { if (strlen($name) < 5) { $message = 'Vartotojo vardas turi būti netrumpesnis nei 5 simboliai'; } else { if ($pass1 != $pass2) { $message = 'Nesutampa slaptažožiai, pakartokite'; } else { if ($pass1 == $pass2 && strlen($name) > 5) { $message = 'Vartotojas sėkmingai sukurtas'; prideti_vartotoja($name, $pass1); } else { $message = 'Klaida'; } } } } }
function template_replacer_news($news_arr, $output) { // Predefined Globals global $config_timestamp_active, $config_http_script_dir, $config_comments_popup, $config_comments_popup_string, $config_full_popup, $config_full_popup_string, $rss_news_include_url, $my_names, $my_start_from, $cat, $action, $cat_icon, $archive, $name_to_nick, $template, $user_query, $member_db, $_SESS, $PHP_SELF; // Short Story not exists if (empty($news_arr[NEW_FULL]) and strpos($output, '{short-story}') === false) { $news_arr[NEW_FULL] = $news_arr[NEW_SHORT]; } $output = more_fields($news_arr[NEW_MF], $output); // Date Formatting [year, month, day, hour, minute, date=$config_timestamp_active] list($output, $news_arr) = hook('template_replacer_news_before', array($output, $news_arr)); $output = embedateformat($news_arr[NEW_ID], $output); // Replace news content $output = str_replace("{title}", hesc($news_arr[NEW_TITLE]), $output); $output = str_replace("{author}", $my_names[$news_arr[NEW_USER]] ? $my_names[$news_arr[NEW_USER]] : $news_arr[NEW_USER], $output); $output = str_replace("{author-name}", hesc($name_to_nick[$news_arr[NEW_USER]]), $output); $output = str_replace("{short-story}", hesc($news_arr[NEW_SHORT]), $output); $output = str_replace("{full-story}", hesc($news_arr[NEW_FULL]), $output); // Replace system information $output = str_replace("{avatar-url}", $news_arr[NEW_AVATAR], $output); $output = str_replace("{category}", hesc(catid2name($news_arr[NEW_CAT])), $output); $output = str_replace("{category-url}", linkedcat($news_arr[NEW_CAT]), $output); $output = str_replace("{page-views}", false, $output); $output = str_replace("{phpself}", $PHP_SELF, $output); $output = str_replace("{index-link}", '<a href="' . $PHP_SELF . '">' . lang('Go back') . '</a>', $output); $output = str_replace("{back-previous}", '<a href="javascript:history.go(-1)">Go back</a>', $output); $output = str_replace("{cute-http-path}", $config_http_script_dir, $output); $output = str_replace("{news-id}", $news_arr[NEW_ID], $output); $output = str_replace("{category-id}", $news_arr[NEW_CAT], $output); $output = str_replace("{comments-num}", countComments($news_arr[NEW_ID], $archive), $output); $output = str_replace("{archive-id}", $archive, $output); $output = str_replace("{category-icon}", caticon($news_arr[NEW_CAT], $cat_icon, $cat), $output); $mf_for_avatar = options_extract($news_arr[NEW_MF]); if (array_key_exists('_avatar_width', $mf_for_avatar)) { $width_for_avatar = 'width:' . $mf_for_avatar['_avatar_width'] . ';'; } if (array_key_exists('_avatar_height', $mf_for_avatar)) { $height_for_avatar = 'height:' . $mf_for_avatar['_avatar_height'] . ';'; } $output = str_replace("{avatar}", $news_arr[NEW_AVATAR] ? '<img alt="" src="' . $news_arr[NEW_AVATAR] . '" style="border: none;' . $width_for_avatar . $height_for_avatar . '" />' : '', $output); $output = preg_replace('/\\[loggedin\\](.*?)\\[\\/loggedin\\]/is', empty($_SESS['user']) ? '' : '\\1', $output); // social plugins $output = str_replace('{fb-comments}', show_social_code('fb', $news_arr), $output); $output = str_replace('{fb-like}', show_social_code('fb-like', $news_arr), $output); $output = str_replace('{twitter}', show_social_code('twitter', $news_arr), $output); // in RSS we need the date in specific format if ($template == 'rss') { $output = str_replace("{date}", date("r", $news_arr[0]), $output); $output = str_replace("{rss-news-include-url}", $rss_news_include_url ? $rss_news_include_url : $config_http_script_dir . '/router.php', $output); } else { $output = str_replace("{date}", date($config_timestamp_active, $news_arr[NEW_ID]), $output); } // Star Rating if (empty($archive)) { $output = str_replace("{star-rate}", rating_bar($news_arr[NEW_ID], $news_arr[NEW_RATE]), $output); } else { $output = str_replace("{star-rate}", false, $output); } // Mail Exist in mailist ---------------------------------------------------- [mail]...[/mail] if (!empty($my_mails[$news_arr[NEW_USER]])) { $output = str_replace(array("[mail]", '[/mail]'), array('<a href="mailto:' . $my_mails[$news_arr[NEW_USER]] . '">', ''), $output); } else { $output = str_replace(array("[mail]", '[/mail]'), '', $output); } // By click to comments - popup window -------------------------------------- [com-link]...[/com-link] if ($config_comments_popup == "yes") { $URL = build_uri('subaction,id,ucat,start_from,template,archive', array('showcomments', $news_arr[NEW_ID], $news_arr[NEW_CAT], $my_start_from)); $output = str_replace(array('[com-link]', '[/com-link]'), array('<a href="#" onclick="window.open(\'' . $config_http_script_dir . '/router.php' . $URL . '\', \'News\', \'' . $config_comments_popup_string . '\'); return false;">', '</a>'), $output); } else { if ($archive) { $URL = RWU('archreadcomm', $PHP_SELF . build_uri('subaction,id,ucat,title,template,archive', array('showcomments', $news_arr[NEW_ID], $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE])))); } else { $URL = RWU('readcomm', $PHP_SELF . build_uri('subaction,id,ucat,title,template', array('showcomments', $news_arr[NEW_ID], $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE])))); } $output = str_replace(array("[com-link]", '[/com-link]'), array("<a href=\"{$URL}\">", '</a>'), $output); } // Open link --------------------------------------------------------------- [link]...[/link] $URL = build_uri('subaction,id,start_from,ucat,archive,template', array('showfull', $news_arr[NEW_ID], $my_start_from, $news_arr[NEW_CAT])); $URL .= "&#disqus_thread"; $output = preg_replace('/\\[link target\\=([a-z0-9_]+?)\\](.*?)\\[\\/link\\]/is', '<a href="' . $PHP_SELF . $URL . '" target="\\1">\\2</a>', $output); $output = str_replace(array("[link]", "[/link]"), array('<a href="' . $PHP_SELF . $URL . '">', "</a>"), $output); // With Action = showheadlines -------------------------------------------- [full-link]...[/full-link] if ($news_arr[NEW_FULL] or $action == "showheadlines") { if ($config_full_popup == "yes") { $URL = build_uri('subaction,id,archive,template', array('showfull', $news_arr[NEW_ID], $archive, $template)); // Popup string $attrlink = "href='#' onclick=\"window.open('{$config_http_script_dir}/router.php{$URL}', '_News', '{$config_full_popup_string}'); return false;\""; $output = preg_replace('/\\[full\\-link target\\=([a-z0-9_]+?)\\](.*?)\\[\\/full\\-link\\]/is', "<a {$attrlink} target='\\1'>\\2</a>", $output); $output = str_replace('[full-link]', "<a {$attrlink}>", $output); } else { $template = $template == 'Default' ? '' : $template; if ($archive) { $URL = RWU('archreadmore', $PHP_SELF . build_uri('subaction,id,archive,ucat,title,template', array('showfull', $news_arr[0], $archive, $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE]), $template)) . "&{$user_query}"); } else { $URL = RWU('readmore', $PHP_SELF . build_uri('subaction,id,ucat,title,template', array('showfull', $news_arr[0], $news_arr[NEW_CAT], titleToUrl($news_arr[NEW_TITLE]), $template)) . "&{$user_query}"); } // Target string $attrlink = "href='{$URL}'"; $output = preg_replace('/\\[full\\-link target\\=([a-z0-9_]+?)\\](.*?)\\[\\/full\\-link\\]/is', "<a {$attrlink} target='\\1'>\\2</a>", $output); $output = str_replace("[full-link]", "<a {$attrlink}>", $output); } $output = str_replace("[/full-link]", "</a>", $output); } else { $output = preg_replace('~\\[full-link.*?\\].*?\\[/full-link\\]~si', '<!-- no full story-->', $output); } // Admin can edit for news ------------------------------------------------ [edit]...[/edit] $DREdit = false; if (empty($_SESS['user']) == false) { $member_db = user_search($_SESS['user']); if (in_array($member_db[UDB_ACL], array(ACL_LEVEL_ADMIN, ACL_LEVEL_JOURNALIST))) { $url = '/index.php' . build_uri('mod,action,id,source', array('editnews', 'editnews', $news_arr[NEW_ID], $archive)); $output = preg_replace('/\\[edit\\]/i', '<a target="_blank" href="' . $config_http_script_dir . $url . '">', $output); $output = preg_replace('/\\[\\/edit\\]/i', '</a>', $output); $DREdit = true; } } // If not used, replace [edit]..[/edit] if ($DREdit == false) { $output = preg_replace('~\\[edit\\].*?\\[/edit\\]~si', '', $output); } list($output, $news_arr) = hook('template_replacer_news_middle', array($output, $news_arr)); $output = replace_news("show", $output); list($output) = hook('template_replacer_news_after', array($output, $news_arr)); return $output; }
} else { // @todo should throw an exception here Console::error("Cannot register user {$userId} in course {$courseCode} [" . $courseRegistration->getStatus() . ":" . $courseRegistration->getErrorMessage() . "]"); $courseRegSucceed = false; } Console::log("{$userId} enroled to course " . claro_get_current_course_id() . " by " . claro_get_current_user_id(), 'COURSE_SUBSCRIBE'); } else { $courseRegSucceed = false; } } // end if $cmd == 'registration' if ($cmd == 'applySearch') { // Search on username, official_code, ... $displayResultTable = true; if (!(empty($userData['lastname']) && empty($userData['firstname']) && empty($userData['email']) && empty($userData['username']) && empty($userData['officialCode']))) { $userList = user_search(array('lastname' => $userData['lastname'], 'firstname' => $userData['firstname'], 'email' => $userData['email'], 'officialCode' => $userData['officialCode'], 'username' => $userData['username']), claro_get_current_course_id(), true, false, !claro_is_platform_admin()); } else { $userList = array(); } } // if $cmd == 'applySearch' // Send mail notification if ($courseRegSucceed) { $userData = user_get_properties($userId); user_send_enroll_to_course_mail($userId, $userData, claro_get_current_course_id()); // display message $dialogBox->success(get_lang('%firstname %lastname has been registered to your course', array('%firstname' => $userData['firstname'], '%lastname' => $userData['lastname']))); } /*===================================================================== Display Section =====================================================================*/
} echo proc_tpl('editusers/user', array('CSRF' => $CSRF, 'user_arr[2]' => $user_arr[2], 'user_arr[4]' => $user_arr[4], 'user_arr[5]' => $user_arr[5], 'user_arr[6]' => $user_arr[6], 'user_date' => date("r", $user_arr[0]), 'edit_level' => $edit_level, 'last_login' => empty($user_arr[UDB_LAST]) ? lang('never') : date('r', $user_arr[UDB_LAST]), 'id' => $id)); } elseif ($action == "doedituser") { CSRFCheck(); list($id, $editemail, $editpassword, $editlevel) = GET('id,editemail,editpassword,editlevel'); if (empty($id)) { die(lang("This is not a valid user")); } if (false === ($the_user = user_search($id))) { die(lang("This is not a valid user")); } if (check_email($editemail) == false) { die(lang("Invalid email")); } // In case if email already exists, and email not eq. --> error $find_email = user_search($editemail, 'email'); if ($find_email && $find_email[UDB_EMAIL] != $the_user[UDB_EMAIL]) { die(lang("User with this email already exists")); } // Change password if present if (!empty($editpassword)) { $hmet = hash_generate($editpassword); $the_user[UDB_PASS] = $hmet[count($hmet) - 1]; send_cookie(); } // Change user level anywhere $the_user[UDB_EMAIL] = $editemail; $the_user[UDB_ACL] = $editlevel; user_update($id, $the_user); echo proc_tpl('editusers/doedituser/saved'); }
$role = array('writer', 'moderator'); $r = user_set_role($user_id, $role); dump($r); $r = user_get_role($user_id); dump($r); $login = $name; $r = user_login($login, $password); dump($r); $newpassword = '******'; $r = user_set_newpassword($user_id, $newpassword); dump($r); $login = $mail; $r = user_login($login, $newpassword); dump($r); $r = user_check_name($name); dump($r); $r = user_check_name($name, $user_id); dump($r); $r = user_check_mail($mail); dump($r); $r = user_check_mail($mail, $user_id); dump($r); $r = user_search('foo bar'); dump($r); $r = user_search('foo', 1); dump($r); $r = user_search(false, 1, 2); dump($r); $r = user_delete($user_id); dump($r); echo sprintf('%.4f', microtime(true) - $msecs), PHP_EOL;
/** * Selector for registered user * @param $input_name * @param string $label * @param bool $input_value - user id * @param array $options * @return string */ function form_user_select($input_name, $label = "", $input_value = FALSE, array $options = array()) { global $locale, $defender; $title = $label ? stripinput($label) : ucfirst(strtolower(str_replace("_", " ", $input_name))); $default_options = array('required' => FALSE, 'regex' => '', 'input_id' => $input_name, 'placeholder' => $locale['sel_user'], 'deactivate' => FALSE, 'safemode' => FALSE, 'allowclear' => FALSE, 'multiple' => FALSE, 'width' => '250px', 'keyflip' => FALSE, 'tags' => FALSE, 'jsonmode' => FALSE, 'chainable' => FALSE, 'maxselect' => 1, 'error_text' => '', 'class' => '', 'inline' => FALSE, 'tip' => '', 'delimiter' => ',', 'callback_check' => '', 'file' => ''); $options += $default_options; if (!$options['width']) { $options['width'] = $default_options['width']; } $allowclear = $options['placeholder'] && $options['multiple'] || $options['allowclear'] ? "allowClear:true" : ''; $length = "minimumInputLength: 1,"; $error_class = ""; if ($defender->inputHasError($input_name)) { $error_class = "has-error "; if (!empty($options['error_text'])) { $new_error_text = $defender->getErrorText($input_name); if (!empty($new_error_text)) { $options['error_text'] = $new_error_text; } addNotice("danger", "<strong>{$title}</strong> - " . $options['error_text']); } } $html = "<div id='" . $options['input_id'] . "-field' class='form-group " . $error_class . $options['class'] . "'>\n"; $html .= $label ? "<label class='control-label " . ($options['inline'] ? "col-xs-12 col-sm-3 p-l-0" : '') . "' for='" . $options['input_id'] . "'>{$label} " . ($options['required'] == TRUE ? "<span class='required'>*</span>" : '') . "</label>\n" : ''; $html .= $options['inline'] ? "<div class='col-xs-12 " . ($label ? "col-sm-9" : "col-sm-12") . "'>\n" : ""; $html .= "<input " . ($options['required'] ? "class='req'" : '') . " type='hidden' name='{$input_name}' id='" . $options['input_id'] . "' data-placeholder='" . $options['placeholder'] . "' style='width:100%;' " . ($options['deactivate'] ? 'disabled' : '') . " />"; if ($options['deactivate']) { $html .= form_hidden($input_name, "", $input_value, array("input_id" => $options['input_id'])); } $html .= $options['required'] == 1 && $defender->inputHasError($input_name) || $defender->inputHasError($input_name) ? "<div id='" . $options['input_id'] . "-help' class='label label-danger p-5 display-inline-block'>" . $options['error_text'] . "</div>" : ""; $html .= $options['inline'] ? "</div>\n" : ''; $html .= "</div>\n"; $root_prefix = fusion_get_settings("site_seo") == 1 ? FUSION_ROOT : ""; $path = $options['file'] ? $options['file'] : $root_prefix . INCLUDES . "search/users.json.php"; if (!empty($input_value)) { // json mode. $encoded = $options['file'] ? $options['file'] : user_search($input_value); } else { $encoded = json_encode(array()); } $defender->add_field_session(array('input_name' => $input_name, 'title' => $title, 'id' => $options['input_id'], 'type' => 'dropdown', 'required' => $options['required'], 'safemode' => $options['safemode'], 'error_text' => $options['error_text'])); add_to_jquery("\n\t\tfunction avatar(item) {\n\t\t\tif(!item.id) {return item.text;}\n\t\t\tvar avatar = item.avatar;\n\t\t\tvar level = item.level;\n\t\t\treturn '<table><tr><td style=\"\"><img style=\"height:25px;\" class=\"img-rounded\" src=\"" . $root_prefix . IMAGES . "avatars/' + avatar + '\"/></td><td style=\"padding-left:10px; padding-right:10px;\"><div><strong>' + item.text + '</strong></div>' + level + '</div></td></tr></table>';\n\t\t}\n\t\t\$('#" . $options['input_id'] . "').select2({\n\t\t{$length}\n\t\tmultiple: true,\n\t\tmaximumSelectionSize: " . $options['maxselect'] . ",\n\t\tplaceholder: '" . $options['placeholder'] . "',\n\t\tajax: {\n\t\turl: '{$path}',\n\t\tdataType: 'json',\n\t\tdata: function (term, page) {\n\t\t\t\treturn {q: term};\n\t\t\t },\n\t\t\t results: function (data, page) {\n\t\t\t\t//console.log(page);\n\t\t\t\treturn {results: data};\n\t\t\t }\n\t\t},\n\t\tformatSelection: avatar,\n\t\tescapeMarkup: function(m) { return m; },\n\t\tformatResult: avatar,\n\t\t" . $allowclear . "\n\t\t})" . (!empty($encoded) ? ".select2('data', {$encoded} );" : '') . "\n\t"); if (!defined("SELECT2")) { define("SELECT2", TRUE); add_to_head("<link href='" . DYNAMICS . "assets/select2/select2.css' rel='stylesheet' />"); add_to_footer("<script src='" . DYNAMICS . "assets/select2/select2.min.js'></script>"); } return $html; }
} } // Array to hold any error messages $error_msg_array = array(); // Selection for page links if (is_array($selected_array) && sizeof($selected_array) > 0) { $selected = implode(', ', $selected_array); } else { $selected = ""; } // Empty array for storing the results of our search $search_results_array = array(); // If everything is OK we can perform the search. if (isset($search_query) && strlen(trim($search_query)) > 0) { if ($type == SEARCH_LOGON) { $search_results_array = user_search($search_query); } else { if ($type == SEARCH_THREAD) { $search_results_array = thread_search($search_query, $selected_array); } } } html_draw_top(array('title' => gettext('Search'), 'pm_popup_disabled' => true, 'js' => array('js/search_popup.js'), 'class' => 'window_title')); echo "<h1>", gettext("Search"), "</h1>\n"; if (isset($error_msg_array) && sizeof($error_msg_array) > 0) { html_display_error_array($error_msg_array, '450', 'center'); } else { if (isset($search_results_array['results_array']) && sizeof($search_results_array['results_array']) < 1 && sizeof($selected_array) < 1) { html_display_warning_msg(gettext("Search Returned No Results"), '450', 'center'); } else { echo "<br />\n";
?> <div class="row" style='border-bottom: 1px solid #ccc;'> <form action='find_users.php' method='GET'> <div class="row" style='padding-left: 30px; padding-right: 30px; padding-top: 5px;'> <div class="col-md-10"> <input style='height: 45px; padding:10px; font-size: 21px' type="text" class="form-control" name='username' placeholder="Username" required autofocus> </div> <div class="col-md-2"> <button class="btn btn-lg btn-primary btn-block" type="submit">Search</button> </div> </div> </form> </div> <?php $num_results = 0; if (isset($_GET['username'])) { $resp = user_search($dbh, $_GET['username']); if ($resp['status'] == 1) { $users = $resp['users']; for ($i = 0; $i < count($users); $i++) { html_user($dbh, $users[$i], $_SESSION['user']); $num_results++; } } else { echo "There was an error with your search"; } } if ($num_results == 0 && isset($_SESSION['auth']) && $_SESSION['auth'] == 1) { $resp = recommend_followees($dbh, $_SESSION['user']); if ($resp['status'] == 1) { $users = $resp['users']; for ($i = 0; $i < count($users); $i++) {
header_status(500, 'Internal Server Error'); exit; } $content = ''; switch ($_GET['action']) { case 'user_autocomplete': if (!session::logged_in()) { break; } cache_disable(); if (!isset($_GET['term']) || strlen(trim($_GET['term'])) == 0) { header_status(500, 'Internal Server Error'); exit; } $term = trim($_GET['term']); if (!($search_results_array = user_search($term))) { $content = ''; break; } header('Content-Type: application/json'); $content = json_encode($search_results_array); break; case 'sig_toggle': if (!session::logged_in()) { break; } cache_disable(); $page_prefs = session::get_post_page_prefs(); if (!isset($_GET['display']) || !in_array($_GET['display'], array('true', 'false'))) { header_status(500, 'Internal Server Error'); exit;
echo '<div class="blocking_posting_comment">' . lang('Sorry but you have been blocked from posting comments') . '</div>'; return FALSE; } //---------------------------------- // Flood Protection //---------------------------------- if ($config_flood_time != 0 and $config_flood_time != "") { if (flooder($ip, $id) == true) { echo '<div class="blocking_posting_comment">' . str_replace('%1', $config_flood_time, lang('Flood protection activated! You have to wait %1 seconds after your last comment before posting again at this article')) . '</div>'; return FALSE; } } //---------------------------------- // Check if the name is protected //---------------------------------- $user_member = user_search($name); // In case if enter another name if ($CNname && $CNpass && $CNname != $name or $name && $_SESS['user'] && $_SESS['user'] != $name) { echo proc_tpl('remember'); echo getpart('forget_me_script'); $refer = $_SERVER['HTTP_REFERER']; echo proc_tpl('wrong_user'); return FALSE; } if ($name && empty($user_member) == false) { $is_member = true; // Check stored password in cookies if ($CNpass and $user_member[UDB_PASS] == $CNpass) { $password = true; } if (!empty($_SESS['user']) && $_SESS['user'] == $name) {
function phonebook_hook_phonebook_search_user($keyword = "", $count = 0) { $keywords = $keyword; $fields = 'name, username'; if ((int) $count) { $extras = 'LIMIT ' . (int) $count; } $ret = user_search($keywords, $fields, $extras); return $ret; }
function form_user_select($title, $input_name, $input_id, $input_value = FALSE, $array = FALSE) { global $userdata; if (!defined("SELECT2")) { define("SELECT2", TRUE); add_to_footer("<script src='" . DYNAMICS . "assets/select2/select2.min.js'></script>"); add_to_head("<link href='" . DYNAMICS . "assets/select2/select2.css' rel='stylesheet' />"); } $title = isset($title) && !empty($title) ? $title : ""; $title2 = isset($title) && !empty($title) ? stripinput($title) : ucfirst(strtolower(str_replace("_", " ", $input_name))); $input_name = isset($input_name) && !empty($input_name) ? stripinput($input_name) : ""; $input_id = isset($input_id) && !empty($input_id) ? stripinput($input_id) : ""; $html = ""; if (!is_array($array)) { $placeholder = "Choose a User..."; $stacking = 0; $multiple = 1; $allowclear = "allowClear:true,"; $length = "minimumInputLength: 1,"; $helper_text = ""; $required = 0; $safemode = 0; $deactivate = 0; $maximum_selection = 1; $file = ''; $inline = ''; } else { $placeholder = array_key_exists("placeholder", $array) && !empty($array['placeholder']) ? $array['placeholder'] : "Choose a User..."; $stacking = array_key_exists("stacking", $array) && $array['stacking'] == 1 ? 1 : 0; $multiple = array_key_exists("multiple", $array) && $array['multiple'] == 1 ? 1 : 0; $allowclear = $multiple !== 1 ? "allowClear:true," : ""; $length = "minimumInputLength: 1,"; $helper_text = array_key_exists("helper", $array) ? $array['helper'] : ""; $required = array_key_exists('required', $array) ? $array['required'] : ""; $safemode = array_key_exists('safemode', $array) ? $array['safemode'] : ""; $deactivate = array_key_exists('deactivate', $array) ? $array['deactivate'] : ""; $maximum_selection = array_key_exists('maxselect', $array) && isnum($array['maxselect']) ? $array['maxselect'] : 1; $file = array_key_exists('file', $array) && $array['file'] ? $array['file'] : ''; $inline = array_key_exists("rowstart", $array) ? 1 : 0; } $html = ""; $html .= "<div id='{$input_id}-field' class='form-group m-b-0'>\n"; $html .= $title ? "<label class='control-label " . ($inline ? "col-sm-3 col-md-3 col-lg-3" : '') . "' for='{$input_id}'>{$title} " . ($required == 1 ? "<span class='required'>*</span>" : '') . "</label>\n" : ''; $html .= $inline ? "<div class='col-sm-9 col-md-9 col-lg-9'>\n" : ""; $html .= "<input " . ($required ? "class='req'" : '') . " type='hidden' name='{$input_name}' id='{$input_id}' data-placeholder='{$placeholder}' style='width:100%;' " . ($deactivate == 1 ? "disabled" : "") . ">"; if ($deactivate == 1) { $html .= form_hidden("", $input_name, $input_id, $input_value); } $html .= "<div id='{$input_id}-help' style='display:inline-block !important;'></div>"; $html .= $inline ? "</div>\n" : ""; $html .= "</div>\n"; $path = $file ? $array['file'] : INCLUDES . "search/users.json.php"; if (!empty($input_value)) { // json mode. $encoded = $file ? pfdn_search($input_value) : user_search($input_value); } else { $encoded = array(); } add_to_footer("\n <script type='text/javascript'>\n function avatar(item) {\n if(!item.id) {return item.text;}\n var avatar = item.avatar;\n var level = item.level;\n if (item.realname) { var dev_name = '('+item.realname +','; } else { var dev_name = ''; }\n if (item.co) { var co_name = item.co + ')'; } else { var co_name = ''; }\n if (item.realname) { var status = ' (PHP-Fusion Accredited Developer)'; } else { var status = ''; }\n return '<table><tr><td style=\"\"><img style=\"height:30px;\" class=\"img-rounded\" src=\"" . IMAGES . "avatars/' + avatar + '\"/></td><td style=\"padding-left:10px\"><div><strong>' + item.text + ' ' + dev_name + ' ' + co_name + '</strong></div>' + level + ' '+status+'</div></td></tr></table>';\n }\n\n \$('#" . $input_id . "').select2({\n {$length}\n multiple: true,\n maximumSelectionSize: {$maximum_selection},\n placeholder: '{$placeholder}',\n ajax: {\n url: '{$path}',\n dataType: 'json',\n data: function (term, page) {\n return {q: term};\n },\n results: function (data, page) {\n return {results: data};\n }\n },\n formatSelection: avatar,\n escapeMarkup: function(m) { return m; },\n formatResult: avatar,\n {$allowclear}\n })" . (!empty($encoded) ? ".select2('data', {$encoded} );" : '') . "\n </script>\n "); return $html; }