public function getContent()
{
global $sql;
//Lang::load('blocks/shoutbox/lang.*.php');
$err = new Error();
$note = new Notifier('note-shoutbox');
$form['author'] = LOGGED ? User::$nickname : '';
$form['message'] = '';
if (isset($_POST['reply-shoutbox'])) {
$form['author'] = LOGGED ? User::$nickname : filter($_POST['author-shoutbox'], 100);
$form['message'] = filter($_POST['message-shoutbox'], Kio::getConfig('message_max', 'shoutbox'));
$err->setError('author_empty', t('Author field is required.'))->condition(!$form['author']);
$err->setError('author_exists', t('Entered nickname is registered.'))->condition(!LOGGED && is_registered($form['author']));
$err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']);
// No errors
if ($err->noErrors()) {
$sql->exec('
INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip)
VALUES (
' . TIMESTAMP . ',
"' . $form['author'] . '",
"' . cut($form['message'], Kio::getConfig('message_max', 'shoutbox')) . '",
' . UID . ',
"' . IP . '")');
$sql->clearCache('shoutbox');
$note->success(t('Entry was added successfully.'));
redirect(HREF . PATH . '#shoutbox');
} else {
$note->error($err->toArray());
}
}
// If cache for shoutbox doesn't exists
if (!($entries = $sql->getCache('shoutbox'))) {
$query = $sql->query('
SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message
FROM ' . DB_PREFIX . 'shoutbox s
LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = s.author_id
ORDER BY s.id DESC
LIMIT ' . Kio::getConfig('limit', 'shoutbox'));
while ($row = $query->fetch()) {
if ($row['author_id']) {
$row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
$row['message'] = parse($row['message'], Kio::getConfig('parser', 'shoutbox'));
}
$entries[] = $row;
}
$sql->putCacheContent('shoutbox', $entries);
}
try {
$tpl = new PHPTAL('blocks/shoutbox/shoutbox.tpl.html');
$tpl->entries = $entries;
$tpl->err = $err->toArray();
$tpl->form = $form;
$tpl->note = $note;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e->getMessage());
//echo Note::error($e->getMessage());
}
}
/**
* Save/reset/load component values.
*/
private function update()
{
$errors = array();
switch (State::get('action')) {
case 'save':
$errors = $this->save();
Notifier::success('Settings saved.');
break;
case 'reset-section':
$section = $this->config->get_section_by_slug(State::get('active_section'));
$this->reset($section);
Notifier::success('<strong>' . $section->title . '</strong> section was reset to its default settings.');
break;
case 'reset-all':
$this->reset();
Notifier::success('All sections were reset to their default settings.');
break;
// No submission (simple request)
// No submission (simple request)
default:
$this->load();
}
$this->set_errors($errors);
}
public function getContent()
{
global $sql;
if (!LOGGED) {
return no_access('By mieć dostęp do edycji profilu musisz się zalogować.');
}
$note = new Notifier();
$err = new Error();
$edit = isset($_POST['edit']) ? true : false;
$countries = (include 'lang/countries.php');
asort($countries);
//Edit user by ID
if (ctype_digit(u1)) {
$profile = $sql->query('
SELECT u.*
FROM ' . DB_PREFIX . 'users u
WHERE u.id = ' . u1)->fetch(PDO::FETCH_ASSOC);
if ($profile) {
Kio::addTitle(t('Users'));
Kio::addBreadcrumb(t('Users'), 'users');
Kio::addTitle($profile['nickname'] . ' - ' . t('Edit profile'));
Kio::addBreadcrumb($profile['nickname'], 'profile/' . u1);
Kio::addBreadcrumb(t('Edit profile'), 'edit_profile/' . u1);
$form = $profile;
} else {
return not_found(t('Selected user doesn't exists.'), array(t('This person was deleted from database.'), t('Entered URL is invalid.')));
}
} else {
$profile = User::toArray();
Kio::addTitle(t('Edit profile'));
Kio::addBreadcrumb(t('Edit profile'), 'edit_profile');
}
$form = $profile;
$form['password'] = '';
$form['password2'] = '';
$form['birthdate'] = explode('-', $profile['birthdate']);
$form['newsletter'] = $profile['newsletter'] ? 1 : 0;
$form['pm_notify'] = $profile['pm_notify'] ? 1 : 0;
$form['hide_email'] = $profile['hide_email'] ? 1 : 0;
if (!u1 || $profile) {
// Edit profile
if (!empty($edit)) {
$form = array('nickname' => Kio::getConfig('allow_change_nick', 'edit_profile') ? filter($_POST['nickname'], 100) : User::$nickname, 'password' => filter($_POST['password'], 100), 'password2' => filter($_POST['password2'], 100), 'email' => strtolower(filter($_POST['email'], 100)), 'forename' => $_POST['forename'], 'surname' => $_POST['surname'], 'gender' => $_POST['gender'], 'locality' => $_POST['locality'], 'country' => !empty($countries[$_POST['country']]) ? $_POST['country'] : '', 'communicator' => $_POST['communicator'], 'website' => $_POST['website'], 'birthdate' => array_map('intval', (array) $_POST['birthdate']), 'newsletter' => isset($_POST['newsletter']) ? 1 : 0, 'pm_notify' => isset($_POST['pm_notify']) ? 1 : 0, 'hide_email' => isset($_POST['hide_email']) ? 1 : 0, 'avatar' => $_FILES['avatar']['error'] == 0 && !$_POST['delete_avatar'] ? $_FILES['avatar'] : array(), 'delete_avatar' => isset($_POST['delete_avatar']) ? 1 : 0, 'photo' => isset($_FILES['photo']) ? $_FILES['photo'] : null, 'delete_photo' => isset($_POST['delete_photo']) ? 1 : 0, 'title' => $_POST['title'], 'interests' => $_POST['interests'], 'signature' => $_POST['signature']);
$allowed_types = array('image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif');
// Nickname
$err->setError('nickname_empty', t('ERROR_NICKNAME_EMPTY'))->condition(!$form['nickname']);
$err->setError('nickname_exists', t('ERROR_NICKNAME_EXISTS'))->condition(Kio::getConfig('allow_change_nick', 'edit_profile') && $form['nickname'] && strtolower($form['nickname']) != strtolower($profile['nickname']) && is_registered($form['nickname']));
// Password
$err->setError('password_differ', t('ERROR_PASSWORD_DIFFER'))->condition($form['password'] != $form['password2']);
// E-mail
$err->setError('email_empty', t('ERROR_EMAIL_EMPTY'))->condition(!$form['email']);
if ($form['email']) {
$err->setError('email_invalid', t('ERROR_EMAIL_INVALID'))->condition($form['email'] && !is_email($form['email']));
$err->setError('email_exists', t('ERROR_EMAIL_EXISTS'))->condition($form['email'] != $profile['email'] && is_email($form['email']) && is_registered($form['email'], 'email'));
}
// Birthdate
$err->setError('birthdate_invalid', t('ERROR_BIRTHDATE'))->condition(array_sum($form['birthdate']) > 0 && !is_date('Y-n-j', $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2]));
// Avatar
if ($form['avatar']) {
$err->avatar_invalid_type(t('ERROR_ava'))->condition(!in_array($form['avatar']['type'], array_keys($allowed_types)));
$err->avatar_exceeded_max_size(t('ERROR_ava'))->condition(Kio::getConfig('avatar_size_max', 'edit_profile') && !$err->isError('avatar_invalid_type') && $form['avatar']['size'] > Kio::getConfig('avatar_size_max', 'edit_profile'));
}
// No errors
if ($err->noErrors()) {
if ($form['delete_avatar']) {
unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar);
}
if ($form['avatar']) {
move_uploaded_file($_FILES['avatar']['tmp_name'], ROOT . 'images/avatars/' . $profile['id'] . '.' . $allowed_types[$form['avatar']['type']]);
if ($allowed_types[$form['avatar']['type']] != User::$avatar) {
unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar);
}
}
$form['birthdate'] = array_sum($form['birthdate']) > 0 ? $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2] : '';
$sql->exec('
UPDATE ' . DB_PREFIX . 'users
SET nickname = "' . (Kio::getConfig('allow_change_nick', 'edit_profile') ? $form['nickname'] : User::$nickname) . '",
' . ($form['password'] ? 'pass = "******",' : '') . '
email = "' . $form['email'] . '",
forename = "' . $form['forename'] . '",
surname = "' . $form['surname'] . '",
gender = ' . ($form['gender'] == 1 || $form['gender'] == 2 ? (int) $form['gender'] : 0) . ',
locality = "' . $form['locality'] . '",
country = "' . $form['country'] . '",
communicator = "' . $form['communicator'] . '",
website = "' . $form['website'] . '",
birthdate = "' . $form['birthdate'] . '",
newsletter = ' . $form['newsletter'] . ',
pm_notify = ' . $form['pm_notify'] . ',
hide_email = ' . $form['hide_email'] . ',
' . ($form['avatar'] ? 'avatar = "' . $allowed_types[$form['avatar']['type']] . '",' : ($form['delete_avatar'] ? 'avatar = "",' : '')) . '
title = "' . $form['title'] . '",
interests = "' . $form['interests'] . '",
signature = "' . $form['signature'] . '"
WHERE id = ' . $profile['id']);
$note->success(t('Your profile was modified successfully.'));
redirect(HREF . 'edit_profile');
} else {
$note->error($err->toArray());
}
}
try {
$tpl = new PHPTAL('modules/edit_profile/edit_profile.tpl.html');
$tpl->profile = $profile;
$tpl->countries = $countries;
$tpl->allow_change_nick = Kio::getConfig('allow_change_nick', 'edit_profile');
$tpl->form = $form;
$tpl->err = $err->toArray();
$tpl->note = $note;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e);
}
}
}
<?php
// KioCMS - Kiofol Content Managment System
// modules/guestbook/admin/settings.php
$note = new Notifier();
$err = new Errors();
$save = $_POST['save'] ? true : false;
$form = $save ? $_POST['form'] : $guestbook;
$form['bbcode'] = $save ? $_POST['bbcode'] : $guestbook['bbcode'] ? 1 : 0;
$form['allow_signatures'] = $save ? $_POST['allow_signatures'] : $guestbook['allow_signatures'] ? 1 : 0;
$form['blocks'] = $save ? array_diff($blocks, $_POST['blocks']) : ($guestbook['blocks'] ? explode(',', trim($guestbook['blocks'])) : '');
if ($save) {
// Errors
$err->message_max_empty(t('ERROR_MESSAGE_MAX_EMPTY'), !$form['message_max'])->limit_empty(t('ERROR_ERROR_LIMIT_EMPTY'), !$form['limit'])->order_by_empty(t('ERROR_ORDER_BY_EMPTY'), $form['order_by']);
if (!$err->count()) {
Settings::update('guestbook');
Cache::clear('contact.txt');
$note->success(t('SAVED_SUCCESSFUL'));
redirect(HREF . 'admin/modules/guestbook/settings');
} else {
$note->error($err);
}
} else {
$note->error(array(t('MODULE_SETTINGS'), t('REQUIRED_FIELDS')));
}
$tpl = new PHPTAL('modules/guestbook/admin/settings.html');
$tpl->form = $form;
$tpl->note = $note;
$tpl->columns = Settings::formColumns();
$tpl->blocks = Settings::formBlocks();
echo $tpl->execute();
public function getContent()
{
global $sql, $user, $cfg;
//Lang::load('blocks/shoutbox/lang.*.php');
$err = new Error();
$note = new Notifier('note-shoutbox');
$form = array();
$form['author'] = $user->nickname;
if ($_POST['reply-shoutbox']) {
$form['author'] = LOGGED ? $user->nickname : filter($_POST['author-shoutbox'], 100);
$form['message'] = filter($_POST['message-shoutbox'], $cfg->shoutbox['message_max']);
$err->author_empty(t('Field <strong>author</strong> can not be empty.'), !$form['author']);
$err->author_exists(t('Entered <strong>nickname</strong> is registered.'), !LOGGED && is_registered($form['author']));
$err->message_empty(t('Field <strong>message</strong> can not be empty.'), !$form['message']);
// No errors
if (!$err->count()) {
$sql->exec('
INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip)
VALUES (
' . TIMESTAMP . ',
"' . $form['author'] . '",
"' . cut($form['message'], $cfg->shoutbox['message_max']) . '",
' . $user->id . ',
"' . IP . '")', 'shoutbox.txt');
$note->success(t('Entry was added successfully.'));
redirect(HREF . PATH . '#shoutbox');
} else {
$note->error($err);
}
}
// If cache for shoutbox doesn't exists
if (!($entries = $sql->getCache('shoutbox'))) {
$query = $sql->query('
SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message
FROM ' . DB_PREFIX . 'shoutbox s, ' . DB_PREFIX . 'users u
WHERE u.id = s.author_id
ORDER BY s.id DESC
LIMIT ' . $cfg->shoutbox['limit']);
while ($row = $query->fetch()) {
if ($row['author_id']) {
$row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
$row['message'] = parse($row['message'], $cfg->shoutbox['parser']);
}
$entries[] = $row;
}
$sql->putCacheContent('shoutbox', $entries);
}
try {
$tpl = new PHPTAL('blocks/shoutbox/sbox_overall.html');
$tpl->cfg = $cfg;
$tpl->entries = $entries;
$tpl->err = $err->toArray();
$tpl->form = $form;
$tpl->note = $note;
$tpl->user = $user;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e->getMessage());
//echo Note::error($e->getMessage());
}
}
private function getComposeForm()
{
global $sql;
Kio::addTitle(t('Compose message'));
Kio::addBreadcrumb(t('Compose message'), 'pm/write');
$err = new Error();
$note = new Notifier();
if ((u2 == 'resend' || u2 == 'reply') && ctype_digit(u3)) {
if (u2 == 'reply') {
$message = $sql->query('
SELECT connector_id, subject
FROM ' . DB_PREFIX . 'pm
WHERE id = ' . u3 . ' AND folder != 1')->fetch(PDO::FETCH_ASSOC);
$form['subject'] = 'Re: ' . $message['subject'];
} else {
$message = $sql->query('
SELECT connector_id, subject, message
FROM ' . DB_PREFIX . 'pm
WHERE id = ' . (int) u3 . ' AND folder = 1')->fetch(PDO::FETCH_ASSOC);
$form['subject'] = $message['subject'];
$form['message'] = $message['message'];
}
$form['receiver'] = User::getNickname(BY_ID, $message['connector_id']);
} else {
if (ctype_digit(u2)) {
$form['receiver'] = User::getNickname(BY_ID, u2);
}
}
if (isset($_POST['send'])) {
// Form values
$form = array('receiver' => filter($_POST['receiver'], 100), 'subject' => filter($_POST['subject'], 100), 'save' => $_POST['save'], 'bbcode' => $_POST['bbcode'] ? BBCODE : 0, 'emoticons' => $_POST['emoticons'] ? EMOTICONS : 0, 'autolinks' => $_POST['autolinks'] ? AUTOLINKS : 0, 'message' => filter($_POST['message'], 250));
$err->setError('receiver_empty', t('ERROR_RECEIVER_EMPTY'))->condition(!$form['receiver']);
$err->setError('receiver_not_exists', t('ERROR_RECEIVER_NOT_EXISTS'))->condition($form['receiver'] && !User::getId(BY_NICKNAME, $form['receiver']));
$err->setError('subject_empty', t('ERROR_SUBJECT_EMPTY'))->condition(!$form['subject']);
$err->setError('message_empty', t('ERROR_MESSAGE_EMPTY'))->condition(!$form['message']);
// No errors
if ($err->noErrors()) {
$form['receiver'] = User::getId(BY_NICKNAME, $form['receiver']);
$form['message'] = cut($form['message'], Kio::getConfig('message_max', 'pm'));
$form['parsers'] = $form['bbcode'] . $form['autolinks'] . $form['emoticons'] . CENSURE . PRE;
$stmt = $sql->prepare('
INSERT INTO ' . DB_PREFIX . 'pm
(sent, owner_id, connector_id, subject, message, folder, is_read, parsers)
VALUES
(:sent, :owner_id, :connector_id, :subject, :message, :folder, :is_read, :parsers)' . ($form['save'] ? ', (:sent, :owner_id, :connector_id, :subject, :message, :folder, :is_read, :parsers)' : ''));
$stmt->execute(array('sent' => TIMESTAMP, 'owner_id' => $form['receiver'], 'connector_id' => UID, 'subject' => $form['subject'], 'message' => $form['message'], 'folder' => 0, 'is_read' => 0, 'parsers' => $form['parsers']));
setcookie(COOKIE . '-pm', 'true', TIMESTAMP + Kio::getConfig('flood_interval', 'pm') + 1, '/');
$note->success('Wiadomość została wysłana.');
redirect(HREF . 'pm/inbox');
} else {
$note->error($err->toArray());
}
} else {
$note->info(array(t('WELCOME_MESSAGE'), t('REQUIRED')));
}
try {
$tpl = new PHPTAL('modules/pm/write.tpl.html');
$tpl->err = $err->toArray();
$tpl->form = $form;
$tpl->note = $note;
return $tpl->execute();
} catch (Exception $e) {
return template_error($e);
}
}