Beispiel #1
0
 /**
  * Validate the form
  */
 private function validateForm()
 {
     // get settings
     $commentsAllowed = isset($this->settings['allow_comments']) && $this->settings['allow_comments'];
     // comments aren't allowed so we don't have to validate
     if (!$commentsAllowed) {
         return false;
     }
     // is the form submitted
     if ($this->frm->isSubmitted()) {
         // cleanup the submitted fields, ignore fields that were added by hackers
         $this->frm->cleanupFields();
         // does the key exists?
         if (SpoonSession::exists('blog_comment_' . $this->record['id'])) {
             // calculate difference
             $diff = time() - (int) SpoonSession::get('blog_comment_' . $this->record['id']);
             // calculate difference, it it isn't 10 seconds the we tell the user to slow down
             if ($diff < 10 && $diff != 0) {
                 $this->frm->getField('message')->addError(FL::err('CommentTimeout'));
             }
         }
         // validate required fields
         $this->frm->getField('author')->isFilled(FL::err('AuthorIsRequired'));
         $this->frm->getField('email')->isEmail(FL::err('EmailIsRequired'));
         $this->frm->getField('message')->isFilled(FL::err('MessageIsRequired'));
         // validate optional fields
         if ($this->frm->getField('website')->isFilled() && $this->frm->getField('website')->getValue() != 'http://') {
             $this->frm->getField('website')->isURL(FL::err('InvalidURL'));
         }
         // no errors?
         if ($this->frm->isCorrect()) {
             // get module setting
             $spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter'];
             $moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation'];
             // reformat data
             $author = $this->frm->getField('author')->getValue();
             $email = $this->frm->getField('email')->getValue();
             $website = $this->frm->getField('website')->getValue();
             if (trim($website) == '' || $website == 'http://') {
                 $website = null;
             }
             $text = $this->frm->getField('message')->getValue();
             // build array
             $comment['post_id'] = $this->record['id'];
             $comment['language'] = FRONTEND_LANGUAGE;
             $comment['created_on'] = FrontendModel::getUTCDate();
             $comment['author'] = $author;
             $comment['email'] = $email;
             $comment['website'] = $website;
             $comment['text'] = $text;
             $comment['status'] = 'published';
             $comment['data'] = serialize(array('server' => $_SERVER));
             // get URL for article
             $permaLink = FrontendNavigation::getURLForBlock('blog', 'detail') . '/' . $this->record['url'];
             $redirectLink = $permaLink;
             // is moderation enabled
             if ($moderationEnabled) {
                 // if the commenter isn't moderated before alter the comment status so it will appear in the moderation queue
                 if (!FrontendBlogModel::isModerated($author, $email)) {
                     $comment['status'] = 'moderation';
                 }
             }
             // should we check if the item is spam
             if ($spamFilterEnabled) {
                 // check for spam
                 $result = FrontendModel::isSpam($text, SITE_URL . $permaLink, $author, $email, $website);
                 // if the comment is spam alter the comment status so it will appear in the spam queue
                 if ($result) {
                     $comment['status'] = 'spam';
                 } elseif ($result == 'unknown') {
                     $comment['status'] = 'moderation';
                 }
             }
             // insert comment
             $comment['id'] = FrontendBlogModel::insertComment($comment);
             // trigger event
             FrontendModel::triggerEvent('blog', 'after_add_comment', array('comment' => $comment));
             // append a parameter to the URL so we can show moderation
             if (strpos($redirectLink, '?') === false) {
                 if ($comment['status'] == 'moderation') {
                     $redirectLink .= '?comment=moderation#' . FL::act('Comment');
                 }
                 if ($comment['status'] == 'spam') {
                     $redirectLink .= '?comment=spam#' . FL::act('Comment');
                 }
                 if ($comment['status'] == 'published') {
                     $redirectLink .= '?comment=true#comment-' . $comment['id'];
                 }
             } else {
                 if ($comment['status'] == 'moderation') {
                     $redirectLink .= '&comment=moderation#' . FL::act('Comment');
                 }
                 if ($comment['status'] == 'spam') {
                     $redirectLink .= '&comment=spam#' . FL::act('Comment');
                 }
                 if ($comment['status'] == 'published') {
                     $redirectLink .= '&comment=true#comment-' . $comment['id'];
                 }
             }
             // set title
             $comment['post_title'] = $this->record['title'];
             $comment['post_url'] = $this->record['url'];
             // notify the admin
             FrontendBlogModel::notifyAdmin($comment);
             // store timestamp in session so we can block excesive usage
             SpoonSession::set('blog_comment_' . $this->record['id'], time());
             // store author-data in cookies
             try {
                 SpoonCookie::set('comment_author', $author, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
                 SpoonCookie::set('comment_email', $email, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
                 SpoonCookie::set('comment_website', $website, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
             } catch (Exception $e) {
                 // settings cookies isn't allowed, but because this isn't a real problem we ignore the exception
             }
             // redirect
             $this->redirect($redirectLink);
         }
     }
 }
Beispiel #2
0
 /**
  * Process the querystring
  *
  * @return	void
  */
 private function processQueryString()
 {
     // store the querystring local, so we don't alter it.
     $queryString = $this->getQueryString();
     // fix GET-parameters
     $getChunks = explode('?', $queryString);
     // are there GET-parameters
     if (isset($getChunks[1])) {
         // get key-value pairs
         $get = explode('&', $getChunks[1]);
         // remove from querystring
         $queryString = str_replace('?' . $getChunks[1], '', $this->getQueryString());
         // loop pairs
         foreach ($get as $getItem) {
             // get key and value
             $getChunks = explode('=', $getItem, 2);
             // key available?
             if (isset($getChunks[0])) {
                 // reset in $_GET
                 $_GET[$getChunks[0]] = isset($getChunks[1]) ? (string) $getChunks[1] : '';
                 // add into parameters
                 if (isset($getChunks[1])) {
                     $this->parameters[(string) $getChunks[0]] = (string) $getChunks[1];
                 }
             }
         }
     }
     // split into chunks
     $chunks = (array) explode('/', $queryString);
     // single language
     if (!SITE_MULTILANGUAGE) {
         // set language id
         $language = FrontendModel::getModuleSetting('core', 'default_language', SITE_DEFAULT_LANGUAGE);
     } else {
         // default value
         $mustRedirect = false;
         // get possible languages
         $possibleLanguages = (array) FrontendLanguage::getActiveLanguages();
         $redirectLanguages = (array) FrontendLanguage::getRedirectLanguages();
         // the language is present in the URL
         if (isset($chunks[0]) && in_array($chunks[0], $possibleLanguages)) {
             // define language
             $language = (string) $chunks[0];
             // try to set a cookie with the language
             try {
                 // set cookie
                 SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain());
             } catch (SpoonCookieException $e) {
                 // settings cookies isn't allowed, because this isn't a real problem we ignore the exception
             }
             // set sessions
             SpoonSession::set('frontend_language', $language);
             // remove the language part
             array_shift($chunks);
         } elseif (SpoonCookie::exists('frontend_language') && in_array(SpoonCookie::get('frontend_language'), $redirectLanguages)) {
             // set languageId
             $language = (string) SpoonCookie::get('frontend_language');
             // redirect is needed
             $mustRedirect = true;
         } else {
             // set languageId & abbreviation
             $language = FrontendLanguage::getBrowserLanguage();
             // try to set a cookie with the language
             try {
                 // set cookie
                 SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain());
             } catch (SpoonCookieException $e) {
                 // settings cookies isn't allowed, because this isn't a real problem we ignore the exception
             }
             // redirect is needed
             $mustRedirect = true;
         }
         // redirect is required
         if ($mustRedirect) {
             // build URL
             $URL = rtrim('/' . $language . '/' . $this->getQueryString(), '/');
             // set header & redirect
             SpoonHTTP::redirect($URL, 301);
         }
     }
     // define the language
     define('FRONTEND_LANGUAGE', $language);
     // sets the localefile
     FrontendLanguage::setLocale($language);
     // list of pageIds & their full URL
     $keys = FrontendNavigation::getKeys();
     // full URL
     $URL = implode('/', $chunks);
     $startURL = $URL;
     // loop until we find the URL in the list of pages
     while (!in_array($URL, $keys)) {
         // remove the last chunk
         array_pop($chunks);
         // redefine the URL
         $URL = implode('/', $chunks);
     }
     // remove language from querystring
     if (SITE_MULTILANGUAGE) {
         $queryString = trim(substr($queryString, strlen($language)), '/');
     }
     // if it's the homepage AND parameters were given (not allowed!)
     if ($URL == '' && $queryString != '') {
         // get 404 URL
         $URL = FrontendNavigation::getURL(404);
         // remove language
         if (SITE_MULTILANGUAGE) {
             $URL = str_replace('/' . $language, '', $URL);
         }
     }
     // set pages
     $URL = trim($URL, '/');
     // currently not in the homepage
     if ($URL != '') {
         // explode in pages
         $pages = explode('/', $URL);
         // reset pages
         $this->setPages($pages);
         // reset parameters
         $this->setParameters(array());
     }
     // set parameters
     $parameters = trim(substr($startURL, strlen($URL)), '/');
     // has at least one parameter
     if ($parameters != '') {
         // parameters will be separated by /
         $parameters = explode('/', $parameters);
         // set parameters
         $this->setParameters($parameters);
     }
     // pageId, parentId & depth
     $pageId = FrontendNavigation::getPageId(implode('/', $this->getPages()));
     $pageInfo = FrontendNavigation::getPageInfo($pageId);
     // invalid page, or parameters but no extra
     if ($pageInfo === false || !empty($parameters) && !$pageInfo['has_extra']) {
         // get 404 URL
         $URL = FrontendNavigation::getURL(404);
         // remove language
         if (SITE_MULTILANGUAGE) {
             $URL = trim(str_replace('/' . $language, '', $URL), '/');
         }
         // currently not in the homepage
         if ($URL != '') {
             // explode in pages
             $pages = explode('/', $URL);
             // reset pages
             $this->setPages($pages);
             // reset parameters
             $this->setParameters(array());
         }
     }
     // is this an internal redirect?
     if (isset($pageInfo['redirect_page_id']) && $pageInfo['redirect_page_id'] != '') {
         // get url for item
         $newPageURL = FrontendNavigation::getURL((int) $pageInfo['redirect_page_id']);
         $errorURL = FrontendNavigation::getURL(404);
         // not an error?
         if ($newPageURL != $errorURL) {
             // redirect
             SpoonHTTP::redirect($newPageURL, $pageInfo['redirect_code']);
         }
     }
     // is this an external redirect?
     if (isset($pageInfo['redirect_url']) && $pageInfo['redirect_url'] != '') {
         // redirect
         SpoonHTTP::redirect($pageInfo['redirect_url'], $pageInfo['redirect_code']);
     }
 }
 /**
  * Login a profile.
  *
  * @return	bool
  * @param	int $profileId				Login the profile with this id in.
  * @param	bool[optional] $remember	Should we set a cookie for later?
  */
 public static function login($profileId, $remember = false)
 {
     // redefine vars
     $profileId = (int) $profileId;
     $remember = (bool) $remember;
     $secretKey = null;
     // cleanup old sessions
     self::cleanupOldSessions();
     // set profile_logged_in to true
     SpoonSession::set('frontend_profile_logged_in', true);
     // should we remember the user?
     if ($remember) {
         // generate secret key
         $secretKey = FrontendProfilesModel::getEncryptedString(SpoonSession::getSessionId(), FrontendProfilesModel::getRandomString());
         // set cookie
         SpoonCookie::set('frontend_profile_secret_key', $secretKey, 60 * 60 * 24 * 31);
     }
     // delete all records for this session to prevent duplicate keys (this should never happen)
     FrontendModel::getDB(true)->delete('profiles_sessions', 'session_id = ?', SpoonSession::getSessionId());
     // insert new session record
     FrontendModel::getDB(true)->insert('profiles_sessions', array('profile_id' => $profileId, 'session_id' => SpoonSession::getSessionId(), 'secret_key' => $secretKey, 'date' => FrontendModel::getUTCDate()));
     // update last login
     FrontendProfilesModel::update($profileId, array('last_login' => FrontendModel::getUTCDate()));
     // load the profile object
     self::$profile = new FrontendProfilesProfile($profileId);
 }
Beispiel #4
0
 /**
  * Set locale
  * It will require the correct file and init the needed vars
  *
  * @return	void
  * @param	string $language		The language to load.
  */
 public static function setLocale($language)
 {
     // redefine
     $language = (string) $language;
     // check if file exists
     if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/' . $language . '.php')) {
         // require the BackendLocaleModel
         require_once BACKEND_MODULES_PATH . '/locale/engine/model.php';
         // build locale file
         BackendLocaleModel::buildCache($language, APPLICATION);
     }
     // store
     self::$currentInterfaceLanguage = $language;
     // attempt to set a cookie
     try {
         // store in cookie
         SpoonCookie::set('interface_language', $language);
     } catch (SpoonCookieException $e) {
         // settings cookies isn't allowed, because this isn't a real problem we ignore the exception
     }
     // store in session for TinyMCE
     SpoonSession::set('tiny_mce_language', $language);
     SpoonSession::set('interface_language', $language);
     // init vars
     $err = array();
     $lbl = array();
     $msg = array();
     // require file
     require BACKEND_CACHE_PATH . '/locale/' . $language . '.php';
     // set language specific labels
     self::$err = (array) $err;
     self::$lbl = (array) $lbl;
     self::$msg = (array) $msg;
 }
Beispiel #5
0
 /**
  * Set locale
  * It will require the correct file and init the needed vars
  *
  * @param string $language The language to load.
  */
 public static function setLocale($language)
 {
     $language = (string) $language;
     // require the BackendLocaleModel
     require_once BACKEND_MODULES_PATH . '/locale/engine/model.php';
     // validate file, generate it if needed
     if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/en.php')) {
         BackendLocaleModel::buildCache('en', APPLICATION);
     }
     if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/' . $language . '.php')) {
         BackendLocaleModel::buildCache($language, APPLICATION);
     }
     // store
     self::$currentInterfaceLanguage = $language;
     // attempt to set a cookie
     try {
         // store in cookie
         SpoonCookie::set('interface_language', $language);
     } catch (SpoonCookieException $e) {
         // settings cookies isn't allowed, because this isn't a real problem we ignore the exception
     }
     // init vars
     $err = array();
     $lbl = array();
     $msg = array();
     // set English translations, they'll be the fallback
     require BACKEND_CACHE_PATH . '/locale/en.php';
     self::$err = (array) $err;
     self::$lbl = (array) $lbl;
     self::$msg = (array) $msg;
     // overwrite with the requested language's translations
     require BACKEND_CACHE_PATH . '/locale/' . $language . '.php';
     foreach ($err as $module => $translations) {
         if (!isset(self::$err[$module])) {
             self::$err[$module] = array();
         }
         self::$err[$module] = array_merge(self::$err[$module], $translations);
     }
     foreach ($lbl as $module => $translations) {
         if (!isset(self::$lbl[$module])) {
             self::$lbl[$module] = array();
         }
         self::$lbl[$module] = array_merge(self::$lbl[$module], $translations);
     }
     foreach ($msg as $module => $translations) {
         if (!isset(self::$msg[$module])) {
             self::$msg[$module] = array();
         }
         self::$msg[$module] = array_merge(self::$msg[$module], $translations);
     }
 }
Beispiel #6
0
 /**
  * Get the visitor's id (using a tracking cookie)
  *
  * @return string
  */
 public static function getVisitorId()
 {
     // check if tracking id is fetched already
     if (self::$visitorId !== null) {
         return self::$visitorId;
     }
     // get/init tracking identifier
     self::$visitorId = SpoonCookie::exists('track') ? (string) SpoonCookie::get('track') : md5(uniqid() . SpoonSession::getSessionId());
     // set/prolong tracking cookie
     SpoonCookie::set('track', self::$visitorId, 86400 * 365);
     return self::getVisitorId();
 }