function create()
{
global $gorumuser, $gorumroll, $gorumrecognised;
if (!isset($this->cid)) {
$this->cid = $gorumroll->rollid;
}
hasAdminRights($isAdm);
if (!$gorumrecognised && !$this->email) {
return Roll::setFormInvalid("emailMandatory");
}
if (!$gorumrecognised && $this->email) {
if (!preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,6}$/i', $this->email)) {
return Roll::setFormInvalid("invalidEmail");
}
$this->unsub = FALSE;
$this->subscribeAction();
if (!$isAdm) {
return Roll::setInfoText("subscribed");
}
} elseif (!$isAdm) {
$this->uid = $gorumuser->id;
create($this);
$this->rollBackNum = 1;
return Roll::setInfoText("subscribed");
} else {
ini_set("max_execution_time", 0);
$this->unsub = FALSE;
$emails = array_unique(array_map(create_function('$v', 'return trim(strtolower($v));'), explode("\n", $this->email)));
foreach ($emails as $this->email) {
$this->subscribeAction();
}
}
}
function create()
{
global $gorumroll;
$class = strstr($gorumroll->list, "user") ? "user" : "item";
$this->valid();
if (Roll::isFormInvalid()) {
return;
}
if (!preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,6}$/i', $this->youremail) || !preg_match('/^[A-Z0-9._%+-]+@[A-Z0-9.-]+\\.[A-Z]{2,6}$/i', $this->friendsemail)) {
return Roll::setFormInvalid("invalidEmail");
}
G::load($n, Notification_adToAFriend, "notification");
if ($n->active) {
$obj = new $class();
$obj->id = $gorumroll->rollid;
$obj->getEmailParams($params);
$params["message"] = $this->mess;
$params["name"] = $this->yourname;
$sp = new SendingParameters();
$sp->to = $this->friendsemail;
$sp->from = $this->youremail;
$sp->replyTo = $this->youremail;
$sp->replyToName = $this->yourname;
$n->send($sp, $params);
}
//TODO: respnum increase
Roll::setInfoText("mail_fr_sent_{$class}");
}
function checkForPostMaxSizeError()
{
if (!isset($_SERVER['CONTENT_LENGTH'])) {
return;
}
$POST_MAX_SIZE = byteStr2num(ini_get('post_max_size'));
if ($POST_MAX_SIZE && $_SERVER['CONTENT_LENGTH'] > $POST_MAX_SIZE) {
Roll::setFormInvalid("postMaxSizeExceeded", $POST_MAX_SIZE);
LocationHistory::saveInfoText();
LocationHistory::rollBack(2);
}
}
function validateCaptcha()
{
if ($this->hasCaptcha()) {
include_once GORUM_DIR . '/captcha/php-captcha.inc.php';
if (!PhpCaptcha::Validate($_POST['captchaField'])) {
return Roll::setFormInvalid("invalidCaptcha");
}
}
return TRUE;
}
function validMedia($attr)
{
if (!isset($_FILES[$attr]["name"]) || $_FILES[$attr]["name"] == "") {
return;
}
if ($_FILES[$attr]["size"] == 0) {
return Roll::setFormInvalid("picFileSizeNull");
}
if ($_FILES[$attr]["tmp_name"] == "none") {
return Roll::setFormInvalid("picFileSizeToLarge1");
}
$_S =& new AppSettings();
if ($_S->maxMediaSize && $_FILES[$attr]["size"] > $_S->maxMediaSize) {
return Roll::setFormInvalid("picFileSizeToLarge2", $_S->maxMediaSize);
}
if (!is_uploaded_file($_FILES[$attr]["tmp_name"])) {
handleError("Possible attack");
}
}
function checkAndSetExpirationDays()
{
if (!$this->expirationAppearsInForm()) {
$this->expiration = $this->getDefaultExpiration();
} elseif ($defaultExpiration = $this->getDefaultExpiration()) {
// ha uresen hagytak az expirationt, a default lep ervenybe:
if (empty($this->expiration)) {
$this->expiration = $defaultExpiration;
} elseif ($this->expiration > $defaultExpiration) {
return Roll::setFormInvalid("item_expiration_expl_2", $defaultExpiration);
}
}
return TRUE;
}
function validLogin()
{
$user = new User();
$user->setUniqueValue($this->getUniqueValue());
if (load($user, array($this->getUniqueAttr())) || $user->id == $user->name) {
Roll::setFormInvalid();
} else {
if (getPassword($this->password) != $user->password && $user->newPassword) {
if (getPassword($this->password) == $user->newPassword) {
executeQuery(array("UPDATE @user SET password='******', newPassword='' WHERE id=#id#", $user->id));
} else {
Roll::setFormInvalid();
}
} elseif (getPassword($this->password) != $user->password) {
Roll::setFormInvalid();
}
$this->id = $user->id;
$this->lastClickTime = $user->lastClickTime;
}
if (Roll::isFormInvalid()) {
Roll::setInfoText("loginInvalid");
}
return !Roll::isFormInvalid();
}
function valid()
{
if (!isset($_FILES["picture"]["name"]) || $_FILES["picture"]["name"] == "") {
return Category::valid();
}
if (isset($_FILES["picture"]["name"]) && strstr($_FILES["picture"]["name"], " ")) {
return Roll::setFormInvalid("spacenoatt");
}
if ($_FILES["picture"]["size"] == 0) {
return Roll::setFormInvalid("picFileSizeNull");
}
if ($_FILES["picture"]["tmp_name"] == "none") {
return Roll::setFormInvalid("picFileSizeToLarge1");
}
if (!is_uploaded_file($_FILES["picture"]["tmp_name"])) {
handleError("Possible attack");
}
$fname = $_FILES["picture"]["tmp_name"];
$size = getimagesize($fname);
if (!$size) {
return Roll::setFormInvalid("notValidImageFile");
}
return Category::valid();
}
function uploadImages()
{
global $siteDemo;
if (!class_exists('rss') || $siteDemo) {
return;
}
$err = "";
//$pattern = "{(\\<div id='header'\\>\\<img src='\\<\\?php echo \\\$this->imagesDir \\?\\>)(/[^']+)('\\>\\</div\\>)}ms";
$pattern = '{(/.+\\?logoImage)|(/headpic\\.gif)}';
$this->uploadImagesCore("logoImage", TEMPLATE_DIR . "/layout.tpl.php", $pattern, $err);
if ($err) {
return Roll::setFormInvalid($err);
}
$pattern = '{(/[^/]+\\?headerBackground)|(/top_shadow\\.jpg)}';
$this->uploadImagesCore("headerBackground", CSS_DIR . "/layout.css", $pattern, $err);
if ($err) {
return Roll::setFormInvalid($err);
}
}
function init($queryString)
{
global $allowedMethods;
$_S =& new AppSettings();
if (!count($queryPieces = AppController::getQueryPieces($queryString))) {
$_GS =& new GlobalStat();
if ($_GS->defPageConf) {
$this->Controller("checkconf", "show");
} elseif (!empty($_S->homeLocation) && $_S->homeLocation != "/") {
$this->Controller($_S->homeLocation);
} else {
$this->Controller("appcategory", "showhtmllist", 0);
}
// default application home
} elseif (is_numeric($queryPieces[0])) {
// Pl: /123 /123/attr1/val1/attr2/val2
$this->Controller("item", "showdetails", array_shift($queryPieces), $queryPieces);
} elseif ($queryPieces[0] == "list") {
array_shift($queryPieces);
if (is_numeric($queryPieces[0]) || $queryPieces[0] == '*') {
// Pl: /list/23 /list/23/attr1/val1/attr2/val2
// ha nincs ilyen category id, de van olyan user, aminek ez a neve:
if (G::load($obj, $queryPieces[0], "appcategory") && !loadSQL($obj = new User(), array("SELECT id FROM @user WHERE name=#name# LIMIT 1", $queryPieces[0]))) {
$this->Controller("item_my", "showhtmllist", array_shift($queryPieces), $queryPieces);
} else {
$this->Controller("appcategory", "showhtmllist", array_shift($queryPieces), $queryPieces);
}
} else {
// Egy user osszes iteme: Pl: /list/henry
$this->Controller("item_my", "showhtmllist", urldecode(array_shift($queryPieces)), $queryPieces);
}
} elseif ($queryPieces[0] == "rss") {
// Pl: /rss/category/10/latest/20/days/3
array_shift($queryPieces);
if ($queryPieces[0] == "modify_form") {
$this->Controller("rss", "modify_form", "1");
} else {
$this->Controller("rss", "get", "0", $queryPieces);
}
} elseif (count($queryPieces) == 1) {
if ($queryPieces[0] == "control_panel") {
$this->Controller("controlpanel", "showhtmllist");
} elseif ($queryPieces[0] == "purchaseitem" && class_exists("purchaseitem")) {
$this->Controller("purchaseitem", "showhtmllist");
} elseif (!$_S->permaLinksEnabled() || !$this->validPermaLink($queryPieces)) {
$this->Controller("staticpage", "show", $queryPieces[0]);
// Pl: /faqpage
$template = "{$queryPieces['0']}.tpl.php";
if (!file_exists(GORUM_TEMPLATE_DIR . "/{$template}") && !file_exists(TEMPLATE_DIR . "/{$template}") && !file_exists(COMMON_TEMPLATES . "/{$template}")) {
return Roll::setFormInvalid("nonExistentStaticPage", $queryPieces[0]);
}
}
} elseif (is_numeric($queryPieces[1]) || $queryPieces[1] == '*') {
// Pl: /item/123 /item/123/attr1/val1/attr2/val2
$this->Controller(array_shift($queryPieces), "showdetails", array_shift($queryPieces), $queryPieces);
} elseif ($_S->permaLinksEnabled() && !$this->isExistingMethod($queryPieces[1])) {
if (!$this->validPermaLink($queryPieces)) {
trigger_error("Invalid query string: {$queryString}", E_USER_ERROR);
return Roll::setFormInvalid("invalidInternalLink", $queryString);
}
} elseif (count($queryPieces) == 2) {
// Pl: /user/create_form/
$this->Controller(array_shift($queryPieces), array_shift($queryPieces), 0);
} elseif (count($queryPieces) >= 3) {
if ($queryPieces[2] == "off") {
$this->Controller(array_shift($queryPieces), array_shift($queryPieces), 0, $queryPieces);
} else {
$this->Controller(array_shift($queryPieces), array_shift($queryPieces), array_shift($queryPieces), $queryPieces);
}
} else {
trigger_error("Invalid query string: {$queryString}", E_USER_ERROR);
return Roll::setFormInvalid("invalidInternalLink", $queryString);
}
return TRUE;
}
function commonFieldAlreadyExists()
{
$id = isset($this->id) ? $this->id : 0;
$query = "SELECT COUNT(*) FROM @customfield WHERE isCommon=1 AND columnIndex LIKE 'col_%' AND id!=#id# AND\n ((name!='' AND name=#name# AND type=#type#) OR (name='' AND userField!=0 AND userField=#uf#))";
getDbCount($count, array($query, $id, $this->name, $this->type, $this->userField));
if ($count) {
Roll::setFormInvalid("commonFieldAlreadyExists");
}
return $count;
}