Beispiel #1
0
THE SOFTWARE.
*/
include '../models/config.php';
set_error_handler('logAllErrors');
// User must be logged in
if (!isUserLoggedIn()) {
    addAlert("danger", "You must be logged in to access this resource.");
    echo json_encode(array("errors" => 1, "successes" => 0));
    exit;
}
// GET Parameters: [user_id, group_id, limit]
// If a user_id is specified, attempt to load information for the specified user (self if set to 0).
// If a group_id is specified, attempt to load information for all users in the specified group.
// Otherwise, attempt to load all users.
$validator = new Validator();
$limit = $validator->optionalGetVar('limit');
$user_id = $validator->optionalGetVar('user_id');
$group_id = $validator->optionalGetVar('group_id');
// Add alerts for any failed input validation
foreach ($validator->errors as $error) {
    addAlert("danger", $error);
}
if ($user_id) {
    // Special case to load groups for the logged in user
    if ($user_id == "0") {
        $user_id = $loggedInUser->user_id;
    }
    if (!($results = loadUser($user_id))) {
        echo json_encode(array("errors" => 1, "successes" => 0));
        exit;
    }
                            $errors[] = lang("MAIL_ERROR");
                        } else {
                            //Update the DB to show this account has an outstanding request
                            if (!flagLostPasswordRequest($userdetails["user_name"], 1)) {
                                $errors[] = lang("SQL_ERROR");
                            } else {
                                $successes[] = lang("FORGOTPASS_REQUEST_SUCCESS");
                            }
                        }
                    }
                }
            }
        }
    }
}
$deny = $validate->optionalGetVar('deny');
// Code below should work on this page without any input and redirect the user back to login.php
// User has denied this request
if (!empty($deny)) {
    $token = trim($deny);
    if ($token == "" || !validateLostPasswordToken($token)) {
        $errors[] = lang("FORGOTPASS_INVALID_TOKEN");
    } else {
        $userdetails = fetchUserAuthByActivationToken($token);
        if (!flagLostPasswordRequest($userdetails["user_name"], 0)) {
            $errors[] = lang("SQL_ERROR");
        } else {
            $successes[] = lang("FORGOTPASS_REQUEST_CANNED");
        }
    }
}
 */
require_once "../../models/config.php";
require_once "../models/pm_functions.php";
if (!securePage(__FILE__)) {
    // Forward to index page
    addAlert("danger", "Whoops, looks like you don't have permission to view that page.");
    echo json_encode(array("errors" => 1, "successes" => 0));
    exit;
}
$validator = new Validator();
$box_id = $validator->requiredGetVar('box_id');
$render_mode = $validator->requiredGetVar('render_mode');
$button_send = $validator->optionalBooleanGetVar('button_send', false);
$button_reply = $validator->optionalBooleanGetVar('button_reply', false);
$button_delete = $validator->optionalBooleanGetVar('button_delete', false);
$msg_id = $validator->optionalGetVar('msg_id');
if ($msg_id) {
    $msg = loadPMById($msg_id, $loggedInUser->user_id);
    $replys = loadPMReplys($msg_id);
} else {
    $msg = ['message' => '', 'title' => '', 'sender_id' => $loggedInUser->user_id];
    $replys = NULL;
}
if ($msg_id) {
    $populate_fields = true;
    $msg_id = htmlentities($msg_id);
    $receiver_id = $msg['sender_id'];
    $button_submit_text = 'Reply';
    $target = "send_pm.php";
    $box_title = "Reply Message";
} else {
Beispiel #4
0
    // Forward to index page
    addAlert("danger", "Whoops, looks like you don't have permission to view that page.");
    header("Location: 404.php");
    exit;
}
$pvalue = $plugin_settings['$pmsystem']['value'];
if ($pvalue != 1) {
    // Forward to index page
    addAlert("danger", "Whoops, looks like the private message system is not enabled");
    header("Location: " . SITE_ROOT . "account/index.php");
    exit;
}
setReferralPage(getAbsoluteDocumentPath(__FILE__));
$validate = new Validator();
// This is used to get the right page view
$action_var = $validate->optionalGetVar('action');
$msg_id = $validate->optionalGetVar('id');
// This is for use when deleting messages
$table_name = $validate->optionalGetVar('a_id');
// Field not table xD
$table_delete = $validate->optionalGetVar('a_d');
//receiver_id or sender_id depending on inbox or outbox
?>

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta name="description" content="">
    <meta name="author" content="">
<?php

// Activate the specified user account by activation token or user id.  If a user id is specified, permissions database will be checked to ensure that the user can do this.
// Login not required for this function.
require_once "../models/config.php";
set_error_handler('logAllErrors');
// Request method: GET
// Parameters: [token or user_id]
$validator = new Validator();
$token = $validator->optionalGetVar('token');
$user_id = $validator->optionalGetVar('user_id');
// Call appropriate function based on type of input
if ($user_id) {
    if (!userIdExists($user_id)) {
        addAlert("danger", lang("ACCOUNT_INVALID_USER_ID"));
        echo json_encode(array("errors" => 1, "successes" => 0));
        exit;
    }
    //Activate account
    if (activateUser($user_id)) {
        $details = fetchUserAuthById($user_id);
        $display_name = $details['display_name'];
        addAlert("success", lang("ACCOUNT_MANUALLY_ACTIVATED", array($display_name)));
    } else {
        echo json_encode(array("errors" => 1, "successes" => 0));
        exit;
    }
} else {
    if ($token) {
        if (!validateActivationToken($token)) {
            //Check for a valid token. Must exist and active must be = 0
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
// Request method: GET
require_once '../models/config.php';
set_error_handler('logAllErrors');
// Request method: GET
$ajax = checkRequestMode("get");
// User must be logged in
checkLoggedInUser($ajax);
// GET Parameters: [user_id, group_id]
// If a user_id is specified, attempt to load action permits explicitly defined for the specified user.
// If a group_id is specified, attempt to load action permits for the specified group.
// Otherwise, attempt to load all action permits for either groups or users.
$validator = new Validator();
$user_id = $validator->optionalGetVar('user_id');
$group_id = $validator->optionalGetVar('group_id');
$all = $validator->optionalGetVar('all');
$pretty = $validator->optionalGetVar('pretty');
// Add alerts for any failed input validation
foreach ($validator->errors as $error) {
    addAlert("danger", $error);
}
if (count($validator->errors) > 0) {
    apiReturnError($ajax, getReferralPage());
}
if ($user_id) {
    // Special case to load groups for the logged in user
    if ($user_id == "0") {
        $user_id = $loggedInUser->user_id;
    }
 * @version    0.1
 * @link       http://www.userfrosting.com/
 * @link       http://www.github.com/lilfade/UF-PMSystem/
 */
include '../../models/config.php';
require_once "../models/pm_functions.php";
set_error_handler('logAllErrors');
// User must be logged in
if (!isUserLoggedIn()) {
    addAlert("danger", "You must be logged in to access this resource.");
    echo json_encode(array("errors" => 1, "successes" => 0));
    exit;
}
// Load all pm's for this user based on the user_id
$validator = new Validator();
$limit = $validator->optionalGetVar('limit');
$user_id = $loggedInUser->user_id;
$send_rec_id = $validator->requiredGetVar('send_rec_id');
$deleted = $validator->requiredGetVar('deleted');
// Add alerts for any failed input validation
foreach ($validator->errors as $error) {
    addAlert("danger", $error);
}
if ($user_id != $loggedInUser->user_id) {
    // Special case where something funky is going on ...
    addAlert("danger", "Something when wrong. Wrong user id specified.");
} else {
    $results = loadPMS($limit, $user_id, $send_rec_id, $deleted);
}
restore_error_handler();
echo json_encode($results);
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
*/
require_once "models/config.php";
setReferralPage(getAbsoluteDocumentPath(__FILE__));
$validate = new Validator();
$token = $validate->optionalGetVar('confirm');
$confirmAjax = 0;
if (!empty($token)) {
    $confirmAjax = 1;
} else {
    $confirmAjax = 0;
}
global $token_timeout;
?>

<!DOCTYPE html>
<html lang="en">
  <?php 
echo renderTemplate("head.html", array("#SITE_ROOT#" => SITE_ROOT, "#SITE_TITLE#" => SITE_TITLE, "#PAGE_TITLE#" => "Reset Password"));
?>