public function _upload_image(Validate $array, $input)
{
if ($array->errors()) {
// Don't bother uploading
return;
}
// Get the image from the array
$image = $array[$input];
if (!Upload::valid($image) or !Upload::not_empty($image)) {
// No need to do anything right now
return;
}
if (Upload::valid($image) and Upload::type($image, $this->types)) {
$filename = strtolower(Text::random('alnum', 20)) . '.jpg';
if ($file = Upload::save($image, NULL, $this->directory)) {
Image::factory($file)->resize($this->width, $this->height, $this->resize)->save($this->directory . $filename);
// Update the image filename
$array[$input] = $filename;
// Delete the temporary file
unlink($file);
} else {
$array->error('image', 'failed');
}
} else {
$array->error('image', 'valid');
}
}
protected function create_token()
{
do {
$token = sha1(uniqid(Text::random('alnum', 32), TRUE));
} while (ORM::factory('user_token', array('token' => $token))->loaded());
return $token;
}
protected function create_token()
{
do {
$token = sha1(uniqid(Text::random('alnum', 32), true));
} while (ORM::factory('User_Token', ['token' => $token])->loaded());
return $token;
}
/**
* Generates a new Captcha challenge.
*
* @return string The challenge answer
*/
public function generate_challenge()
{
// Complexity setting is used as character count
$text = Text::random('distinct', max(1, Captcha::$config['complexity']));
// Complexity setting is used as character count
return $text;
}
/**
* Logs a user in.
*
* @param string $user : user email
* @param string password
* @param boolean enable autologin
* @return boolean
*/
protected function _login($user, $password, $remember)
{
if (!is_object($user)) {
$q = Doctrine_Query::create()->from('User u')->innerJoin('u.Roles r')->addWhere('u.email=?', $user)->addWhere('u.password=?', $password);
}
//die($q->getSqlQuery());
$user = $q->fetchOne();
//die(print_r($user->toArray()));
if ($user && $this->_is_in_db('login', $user->Roles, 'name')) {
if ($remember === TRUE) {
// Create a new autologin token
//$token = ORM::factory('user_token');
$token = new UserToken();
// Set token data
$token->user_id = $user->id;
$token->expires = time() + $this->_config['lifetime'];
$token->token = Text::random('alnum', 32);
$token->created = time();
$token->user_agent = sha1(Request::$user_agent);
$token->save();
$user->UserToken[] = $token;
// Set the autologin cookie
Cookie::set('authautologin', $token->token, $this->_config['lifetime']);
}
//update lastlogin
$user->logins++;
$user->last_login = time();
$user->save();
// Finish the login
$this->complete_login($user);
return TRUE;
}
// Login failed
return FALSE;
}
public function action_signup()
{
$this->template->menu_signup = TRUE;
// Если залогинен, то перекидываем на дерево
if (Auth::instance()->logged_in()) {
$this->redirect(Route::url('user/id', array('user_id' => Auth::instance()->get_user()->id)));
}
$post = Arr::extract($this->request->post(), array('name', 'surname', 'email'));
$data['errors'] = NULL;
if ($this->request->method() == 'POST') {
// Генерирую случайный пароль из цифр
$post['password'] = Text::random('numeric', 5);
try {
$user = ORM::factory('User')->values($post)->save();
$user->add('roles', ORM::factory('Role', array('name' => 'login')));
$message = '
Для входа на сайт ' . $_SERVER['HTTP_HOST'] . ' используйте следующие данные:<br><br>
Адрес электронной почты: ' . HTML::chars($user->email) . '<br>
Пароль: ' . HTML::chars($post['password']) . '<br><br>
<a href="' . URL::base(TRUE) . '">Перейти на сайт</a>';
Useful::mail($user->email, 'Регистрация LiveTex', $message, 'LiveTex');
// Авторизовываю
Auth::instance()->login($user->email, $post['password'], TRUE);
$this->redirect(Route::url('user/id', array('user_id' => $user->id)));
} catch (ORM_Validation_Exception $e) {
$data['errors'] = $e->errors('orm');
}
}
$data += $post;
$this->template->content = View::factory('auth/signup', $data);
}
/**
* This function returns a new token.
*
* @access public
* @return string a new token
*/
public function create_token()
{
do {
$token = sha1(uniqid(Text::random('alnum', 32), TRUE));
} while (DB_SQL::select($this->data_source(DB_DataSource::SLAVE_INSTANCE))->from($this->table())->where('token', DB_SQL_Operator::_EQUAL_TO_, $token)->query()->is_loaded());
return $token;
}
protected function executeCreate(InputInterface $input, OutputInterface $output)
{
$client = $input->getOption('client');
$name = $input->getOption('name');
$secret = $input->getOption('secret');
if (!$client) {
// We can't use the generic `get_client()` for **creation**,
// because we need to verify that the user does **not** exist.
$clients = Arr::pluck(self::db_list(), 'id');
$ask = function ($client) use($clients) {
if (in_array($client, $clients)) {
throw new RuntimeException('Client "' . $client . '" already exists, try another name');
}
return $client;
};
$client = $this->getHelperSet()->get('dialog')->askAndValidate($output, 'Enter id of new client: ', $ask, FALSE);
}
if (!$name) {
$name = $client;
}
if (!$secret) {
$secret = Text::random('distinct', 24);
}
static::db_create(['id' => $client, 'secret' => $secret, 'name' => $name]);
$input->setOption('client', $client);
return $this->executeList($input, $output);
}
public static function create_token()
{
do {
$token = sha1(uniqid(Text::random('alnum', 32), TRUE));
} while (ORM::factory('Mail', array('token' => $token))->loaded());
return $token;
}
/**
* creates a user from email if exists doesn't...
* @param string $email
* @param string $name
* @param string $password
* @return Model_User
*/
public static function create_email($email, $name = NULL, $password = NULL)
{
$user = new self();
$user->where('email', '=', $email)->limit(1)->find();
if (!$user->loaded()) {
if ($password === NULL) {
$password = Text::random('alnum', 8);
}
$user->email = $email;
$user->name = ($name === NULL or !isset($name)) ? substr($email, 0, strpos($email, '@')) : $name;
$user->status = self::STATUS_ACTIVE;
$user->id_role = Model_Role::ROLE_USER;
$user->seoname = $user->gen_seo_title($user->name);
$user->password = $password;
$user->subscriber = 1;
$user->last_ip = ip2long(Request::$client_ip);
$user->country = euvat::country_code();
//geo info EU
try {
$user->save();
//send welcome email
$url = $user->ql('oc-panel', array('controller' => 'profile', 'action' => 'edit'), TRUE);
$user->email('auth-register', array('[USER.PWD]' => $password, '[URL.QL]' => $url));
} catch (ORM_Validation_Exception $e) {
throw HTTP_Exception::factory(500, $e->getMessage());
}
}
return $user;
}
public function save()
{
$user_id = $this->getData('user_id', null);
if (!$user_id) {
$data = $this->getData(['email', 'phone', 'password', 'name']);
if (empty($data['password'])) {
$data['password'] = \Text::random(6);
}
$names = $this->preparename($data['name']);
unset($data['name']);
$data = array_merge($data, $names);
$user_id = $this->model('User')->registration($data);
if ($user_id) {
$data = ['user_id' => $user_id, 'salary_password' => $data['password'], 'phone' => $data['phone'], 'email' => $data['email']];
$this->model('EmployeeData')->recruit($data);
}
return $this->model('EmployeeData')->getById($user_id);
} else {
$data = $this->getData(['email', 'phone', 'password']);
$user = $this->model('User')->getById($user_id);
$data = ['user_id' => $user_id, 'salary_password' => \Arr::get($data, 'password', $user['password']), 'phone' => \Arr::get($data, 'phone', $user['phone']), 'email' => \Arr::get($data, 'email', $user['email'])];
$this->model('EmployeeData')->recruit($data);
return $this->model('EmployeeData')->getById($user_id);
}
return;
}
/**
* CRUD controller: CREATE
*/
public function action_bulk()
{
$this->template->title = __('Bulk') . ' ' . __($this->_orm_model);
$this->template->styles = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/css/datepicker.css' => 'screen');
$this->template->scripts['footer'] = array('//cdn.jsdelivr.net/bootstrap.datepicker/0.1/js/bootstrap-datepicker.js', 'js/oc-panel/coupon.js');
if ($this->request->post()) {
$id_product = Core::post('id_product');
$discount_amount = Core::post('discount_amount');
$discount_percentage = Core::post('discount_percentage');
$valid_date = Core::post('valid_date');
$number_coupons = Core::post('number_coupons');
for ($i = 0; $i < $number_coupons; $i++) {
$c = new Model_Coupon();
//get unique coupon name
do {
$c->name = strtoupper(Text::random('alnum', 8));
} while (ORM::factory('coupon', array('name' => $c->name))->limit(1)->loaded());
$c->id_product = $id_product;
$c->discount_amount = $discount_amount;
$c->discount_percentage = $discount_percentage;
$c->valid_date = $valid_date;
$c->number_coupons = 1;
$c->status = 1;
$c->save();
}
$this->redirect(Route::get($this->_route_name)->uri(array('controller' => Request::current()->controller())));
}
return $this->render('oc-panel/pages/coupon/bulk', array('products' => $this->get_products()));
}
public function saveArchivo($files)
{
$dir = DOCROOT . 'files';
$ext = pathinfo($files['name'], PATHINFO_EXTENSION);
$slug = strtolower(Text::random('alnum', 10)) . '.' . $ext;
$file = Upload::save($files, $slug, $dir);
return $slug;
}
public function save(Validation $validation = NULL)
{
if (!$this->loaded()) {
$this->hash = Text::random('alnum', rand(24, 32));
$this->created = time();
}
return parent::save($validation);
}
/**
* This function will upgrade DB that didn't existed in versions prior to 2.5.0
*/
public function action_250()
{
//new configs
$configs = array(array('config_key' => 'api_key', 'group_name' => 'general', 'config_value' => Text::random('alnum', 32)), array('config_key' => 'twocheckout_sid', 'group_name' => 'payment', 'config_value' => ''), array('config_key' => 'twocheckout_secretword', 'group_name' => 'payment', 'config_value' => ''), array('config_key' => 'twocheckout_sandbox', 'group_name' => 'payment', 'config_value' => 0), array('config_key' => 'messaging', 'group_name' => 'general', 'config_value' => 0), array('config_key' => 'gcm_apikey', 'group_name' => 'general', 'config_value' => ''));
Model_Config::config_array($configs);
//api token
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `api_token` varchar(40) DEFAULT NULL")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD CONSTRAINT `oc2_users_UK_api_token` UNIQUE (`api_token`)")->execute();
} catch (exception $e) {
}
//notification date
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `notification_date` DATETIME NULL DEFAULT NULL ;")->execute();
} catch (exception $e) {
}
//device ID
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "users` ADD `device_id` varchar(255) DEFAULT NULL")->execute();
} catch (exception $e) {
}
//crontab ad to expire
try {
DB::query(Database::UPDATE, "INSERT INTO `" . self::$db_prefix . "crontab` (`name`, `period`, `callback`, `params`, `description`, `active`) VALUES\n ('About to Expire Ad', '05 9 * * *', 'Cron_Ad::to_expire', NULL, 'Notify by email your ad is about to expire', 1);")->execute();
} catch (exception $e) {
}
//new mails
$contents = array(array('order' => 0, 'title' => 'Your ad [AD.NAME] is going to expire', 'seotitle' => 'ad-to-expire', 'description' => "Hello [USER.NAME],Your ad [AD.NAME] will expire soon \n\nPlease check your ad here [URL.EDITAD]", 'from_email' => core::config('email.notify_email'), 'type' => 'email', 'status' => '1'), array('order' => 0, 'title' => 'Password Changed [SITE.NAME]', 'seotitle' => 'password-changed', 'description' => "Hello [USER.NAME],\n\nYour password has been changed.\n\nThese are now your user details:\nEmail: [USER.EMAIL]\nPassword: [USER.PWD]\n\nWe do not have your original password anymore.\n\nRegards!", 'from_email' => core::config('email.notify_email'), 'type' => 'email', 'status' => '1'), array('order' => 0, 'title' => 'New reply: [TITLE]', 'seotitle' => 'messaging-reply', 'description' => '[URL.QL]\\n\\n[DESCRIPTION]', 'from_email' => core::config('email.notify_email'), 'type' => 'email', 'status' => '1'), array('order' => 0, 'title' => '[FROM.NAME] sent you a direct message', 'seotitle' => 'messaging-user-contact', 'description' => 'Hello [TO.NAME],\\n\\n[FROM.NAME] have a message for you:\\n\\n[DESCRIPTION]\\n\\n[URL.QL]\\n\\nRegards!', 'from_email' => core::config('email.notify_email'), 'type' => 'email', 'status' => '1'), array('order' => 0, 'title' => 'Hello [TO.NAME]!', 'seotitle' => 'messaging-ad-contact', 'description' => 'You have been contacted regarding your advertisement:\\n\\n`[AD.NAME]`.\\n\\nUser [FROM.NAME], have a message for you:\\n\\n[DESCRIPTION]\\n\\n[URL.QL]\\n\\nRegards!', 'from_email' => core::config('email.notify_email'), 'type' => 'email', 'status' => '1'));
Model_Content::content_array($contents);
//messages
try {
DB::query(Database::UPDATE, "CREATE TABLE IF NOT EXISTS " . self::$db_prefix . "messages (\n `id_message` int(10) unsigned NOT NULL AUTO_INCREMENT,\n `id_ad` int(10) unsigned DEFAULT NULL,\n `id_message_parent` int(10) unsigned DEFAULT NULL,\n `id_user_from` int(10) unsigned NOT NULL,\n `id_user_to` int(10) unsigned NOT NULL,\n `message` text NOT NULL,\n `price` decimal(14,3) NOT NULL DEFAULT '0',\n `read_date` datetime DEFAULT NULL,\n `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `status` tinyint(1) NOT NULL DEFAULT 0,\n PRIMARY KEY (id_message) USING BTREE\n ) ENGINE=MyISAM ;")->execute();
} catch (exception $e) {
}
//coupons
try {
DB::query(Database::UPDATE, "CREATE TABLE IF NOT EXISTS `" . self::$db_prefix . "coupons` (\n `id_coupon` int(10) unsigned NOT NULL AUTO_INCREMENT,\n `id_product` int(10) unsigned NULL DEFAULT NULL,\n `name` varchar(145) NOT NULL,\n `notes` varchar(245) DEFAULT NULL,\n `discount_amount` decimal(14,3) NOT NULL DEFAULT '0',\n `discount_percentage` decimal(14,3) NOT NULL DEFAULT '0',\n `number_coupons` int(10) DEFAULT NULL,\n `valid_date` DATETIME NULL,\n `created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,\n `status` tinyint(1) NOT NULL DEFAULT '0',\n PRIMARY KEY (`id_coupon`),\n UNIQUE KEY `" . self::$db_prefix . "coupons_UK_name` (`name`)\n ) ENGINE=MyISAM")->execute();
} catch (exception $e) {
}
try {
DB::query(Database::UPDATE, "ALTER TABLE `" . self::$db_prefix . "orders` ADD `id_coupon` INT NULL DEFAULT NULL")->execute();
} catch (exception $e) {
}
//end coupons
//myads access
try {
DB::query(Database::UPDATE, "INSERT INTO `" . self::$db_prefix . "access` (`id_role`, `access`) VALUES \n (1, 'myads.*'),(5, 'myads.*'),(7, 'myads.*')")->execute();
} catch (exception $e) {
}
//messages access
try {
DB::query(Database::UPDATE, "INSERT INTO `" . self::$db_prefix . "access` (`id_role`, `access`) VALUES \n (1, 'messages.*'),(5, 'messages.*'),(7, 'messages.*')")->execute();
} catch (exception $e) {
}
}
/**
* Generate and return unique code for Game object
* @return string $code
*/
private function _checkCodeUnique()
{
$code = Text::random($type = 'distinct', $length = 7);
$obj = Doctrine::getTable('Product_Item')->findOneBy('product_sku', $code);
if (!$obj) {
$code = $this->_checkCodeUnique();
}
return $code;
}
/**
* Returns the token in the session or generates a new one
*
* @return string
*/
public static function token($new = FALSE)
{
$token = Session::instance()->get('csrf-token');
if (!$token or $new) {
$token = Text::random('alnum', 10);
Session::instance()->set('csrf-token', $token);
}
return $token;
}
/**
* Generates an returns a randon token for CSRF
* prevention
*
* @return string
*/
public static function token()
{
$token = Session::instance()->get(self::$_csrf_session_key);
if (!$token) {
// Generates a hash of variable length random alpha-numeric string
$token = hash('sha256', Text::random('alnum', rand(25, 32)));
Session::instance()->set(self::$_csrf_session_key, $token);
}
return $token;
}
/**
* Returns the token in the session or generates a new one
*
* @param string $namespace - semi-unique name for the token (support for multiple forms)
* @return string
*/
public static function token($namespace = 'default')
{
$token = Session::instance()->get('csrf-token-' . $namespace);
// Generate a new token if no token is found
if ($token === NULL) {
$token = Text::random('alnum', rand(20, 30));
Session::instance()->set('csrf-token-' . $namespace, $token);
}
return $token;
}
/**
* Returns the token in the session or generates a new one
*
* @param string $namespace - semi-unique name for the token (support for multiple forms)
* @return string
*/
public static function token()
{
$token = Session::instance()->get('csrf-token');
// Generate a new token if no token is found
if (!$token) {
$token = Text::random('alnum', rand(20, 30));
Session::instance()->set('csrf-token', $token);
}
return $token;
}
/**
* Find new unique token
*
* @return string
*/
public function create_token()
{
while (true) {
// Create random token
$token = Text::random('alnum', 32);
// Make sure it's unique
if (!$this->unique_key_exists($token, 'token')) {
return $token;
}
}
}
/**
* Find new unique token
*
* @return string
*/
public function create_token()
{
while (true) {
// Create random token
$token = Text::random('alnum', 32);
// Make sure it's unique
if (!Jelly::select('user_token')->where('token', '=', $token)->count()) {
return $token;
}
}
}
/**
* Overload saving to perform additional functions
*/
public function save(Validation $validation = NULL)
{
// Do this for first time items only
if ($this->loaded() === FALSE) {
// Generate an api token
$this->api_key = Text::random('alnum', 32);
$this->api_key = hash_hmac('sha256', Text::random('alnum', 32), $this->email);
}
$user = parent::save();
return $user;
}
public static function generate_unique_token()
{
// Set default token valid
$token_valid = FALSE;
while (!$token_valid) {
// Create token
$token = sha1(uniqid(Text::random('alnum', 32), TRUE));
// Check if token is unique
$token_valid = DB::select()->from('user_tokens')->where('token', '=', $token)->execute()->count() == 0;
}
return $token;
}
/**
* Generate a secret user token
*
* @param $email
* @param $type
* @return Model_Auth_Token
*/
public static function create_token($type, $data)
{
$auth_token = ORM::factory('auth_token');
$auth_token->type = $type;
$auth_token->data = json_encode($data);
$auth_token->token = md5(Text::random('alnum', 16) . serialize($data));
$auth_token->created_date = date("Y-m-d H:i:s", time());
//Expire in 24 hours
$auth_token->expire_date = date("Y-m-d H:i:s", time() + 86400);
$auth_token->save();
return $auth_token;
}
public function action_send()
{
$type = Arr::get($_GET, 'type', 'reg');
//默认为注册用
$type = in_array($type, array('reg', 'findpwd')) ? $type : 'reg';
$phone = Arr::get($_GET, 'phone');
if (empty($phone)) {
$this->response = array('status' => 'n', 'info' => '请输入手机号码!');
return;
}
if (!preg_match("/1[34578]{1}\\d{9}\$/", $phone)) {
$this->response = array('status' => 'n', 'info' => '手机号码不正确!');
return;
}
$m_sms = Model::factory('sms_queue');
$where = array('ORDER' => 'id DESC', 'phone' => $phone, 'type' => $type);
$lastsms = $m_sms->getRow($where);
if (!empty($lastsms)) {
$timeleft = 60 + $lastsms['add_time'] - strtotime('now');
//还剩几秒可以重发
if ($timeleft > 0) {
$this->response = array('status' => 'y', 'info' => '请' . $timeleft . '秒后重发', 'timeleft' => $timeleft);
return;
}
}
$start_time = strtotime('now') - 3600;
$end_time = strtotime('now');
$where = array('phone' => $phone, 'add_time|>' => $start_time, 'add_time|<=' => $end_time);
$sms_num = $m_sms->count($where);
if ($sms_num > 4) {
//每小时最多发5条
$this->response = array('status' => 'n', 'info' => '您发送短信频率太高!请稍后再发');
return;
}
$start_time = strtotime('now');
$end_time = strtotime('+1 day');
$where = array('phone' => $phone, 'add_time|>' => $start_time, 'add_time|<=' => $end_time);
$sms_num = $m_sms->count($where);
if ($sms_num > 9) {
//每天最多发10条
$this->response = array('status' => 'n', 'info' => '您今天已超过发送短信限制!请明天再发');
return;
}
$sms_verify = Text::random('numeric', 5);
$session = Session::instance();
$session->set('sms_verify', $sms_verify);
$content = Kohana::config('sms.' . $type);
$content = sprintf($content, $sms_verify);
$data = array('type' => $type, 'phone' => $phone, 'code' => $sms_verify, 'content' => $content, 'add_time' => time());
$m_sms->insert($data);
//Sms::send($phone, $content);
$this->response = array('status' => 'y', 'info' => '验证码已发送,请填写手机验证码!');
}
protected function _save_image($image, $project_id, $file_id, $filename = NULL)
{
if (!$filename) {
$filename = $file_id . "_" . $project_id . "_" . strtolower(Text::random('alnum', 32)) . '.' . pathinfo($image['name'], PATHINFO_EXTENSION);
}
$target_path = DOCROOT . 'images/projects/' . $project_id . '/' . $filename;
if (Model_Image::save_uploaded_image($image, $target_path)) {
return $filename;
} else {
return FALSE;
}
}
public function open($url = NULL, array $attr = array())
{
$expiration = Kohana::config('torn.token_expiration');
$seed = md5(md5(Request::current()->uri() . time()) . Text::random('alnum', 32));
if (is_string($expiration)) {
$expiration = strtotime($expiration);
} else {
$expiration = time() + (int) $expiration;
}
Session::instance()->set($seed, $expiration);
return Form::open($url, $attr) . Form::hidden('__SEED__', $seed);
}
/**
* Finds a new unique token, using a loop to make sure that the token does
* not already exist in the database. This could potentially become an
* infinite loop, but the chances of that happening are very unlikely.
*
* @return string
*/
protected function create_token()
{
while (TRUE) {
// Create a random token
$token = Text::random('alnum', 32);
// Make sure the token does not already exist
$count = DB::select('id')->where('token', '=', $token)->from($this->_table_name)->execute($this->_db)->count();
if ($count === 0) {
// A unique token has been found
return $token;
}
}
}
public function action_index()
{
// Load the user information
// $user = Auth::instance()->get_user();
$config = array('author' => 'Shanmugan', 'title' => 'Test', 'subject' => 'Pdf', 'name' => Text::random() . '.pdf');
$name = "Shan";
View_PDF::factory('welcome/info', $config)->set("name", $name)->render();
$this->template->content = View::factory('welcome/info')->bind('name', $name);
// if a user is not logged in, redirect to login page
// if (!$user) {
// $this->redirect('welcome/login');
// }
}
