protected function callFunc($function, $permalink, $type, $author, $email, $url, $content, $info = array())
{
$ua = isset($info['HTTP_USER_AGENT']) ? $info['HTTP_USER_AGENT'] : '';
$referer = isset($info['HTTP_REFERER']) ? $info['HTTP_REFERER'] : '';
# Prepare comment data
$data = array('blog' => $this->blog_url, 'user_ip' => http::realIP(), 'user_agent' => $ua, 'referrer' => $referer, 'permalink' => $permalink, 'comment_type' => $type, 'comment_author' => $author, 'comment_author_email' => $email, 'comment_author_url' => $url, 'comment_content' => $content);
$data = array_merge($data, $info);
$this->host = $this->ak_host;
$path = sprintf($this->ak_path, $function);
if (!$this->post($path, $data, 'UTF-8')) {
throw new Exception('HTTP error: ' . $this->getError());
}
return $this->getContent() == 'true';
}
private function addBacklink($post_id, $url, $blog_name, $title, $excerpt, &$comment)
{
if (empty($blog_name)) {
$blog_name = 'Anonymous blog';
}
$comment = "<!-- TB -->\n" . '<p><strong>' . ($title ? $title : $blog_name) . "</strong></p>\n" . '<p>' . $excerpt . '</p>';
$cur = $this->core->con->openCursor($this->core->prefix . 'comment');
$cur->comment_author = (string) $blog_name;
$cur->comment_site = (string) $url;
$cur->comment_content = (string) $comment;
$cur->post_id = $post_id;
$cur->comment_trackback = 1;
$cur->comment_status = $this->core->blog->settings->system->trackbacks_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
# --BEHAVIOR-- publicBeforeTrackbackCreate
$this->core->callBehavior('publicBeforeTrackbackCreate', $cur);
if ($cur->post_id) {
$comment_id = $this->core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterTrackbackCreate
$this->core->callBehavior('publicAfterTrackbackCreate', $cur, $comment_id);
}
}
/**
Creates a new comment. Takes a cursor as input and returns the new comment
ID.
@param cur <b>cursor</b> Comment cursor
@return <b>integer</b> New comment ID
*/
public function addComment($cur)
{
$this->con->writeLock($this->prefix . 'comment');
try {
# Get ID
$rs = $this->con->select('SELECT MAX(comment_id) ' . 'FROM ' . $this->prefix . 'comment ');
$cur->comment_id = (int) $rs->f(0) + 1;
$cur->comment_upddt = date('Y-m-d H:i:s');
$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
$cur->comment_dt = date('Y-m-d H:i:s', time() + $offset);
$cur->comment_tz = $this->settings->system->blog_timezone;
$this->getCommentCursor($cur);
if ($cur->comment_ip === null) {
$cur->comment_ip = http::realIP();
}
# --BEHAVIOR-- coreBeforeCommentCreate
$this->core->callBehavior('coreBeforeCommentCreate', $this, $cur);
$cur->insert();
$this->con->unlock();
} catch (Exception $e) {
$this->con->unlock();
throw $e;
}
# --BEHAVIOR-- coreAfterCommentCreate
$this->core->callBehavior('coreAfterCommentCreate', $this, $cur);
$this->triggerComment($cur->comment_id);
if ($cur->comment_status != -2) {
$this->triggerBlog();
}
return $cur->comment_id;
}
public static function post($args)
{
if ($args == '') {
# No entry was specified.
self::p404();
} else {
$_ctx =& $GLOBALS['_ctx'];
$core =& $GLOBALS['core'];
$core->blog->withoutPassword(false);
$params = new ArrayObject();
$params['post_url'] = $args;
$_ctx->posts = $core->blog->getPosts($params);
$_ctx->comment_preview = new ArrayObject();
$_ctx->comment_preview['content'] = '';
$_ctx->comment_preview['rawcontent'] = '';
$_ctx->comment_preview['name'] = '';
$_ctx->comment_preview['mail'] = '';
$_ctx->comment_preview['site'] = '';
$_ctx->comment_preview['preview'] = false;
$_ctx->comment_preview['remember'] = false;
$core->blog->withoutPassword(true);
if ($_ctx->posts->isEmpty()) {
# The specified entry does not exist.
self::p404();
} else {
$post_id = $_ctx->posts->post_id;
$post_password = $_ctx->posts->post_password;
# Password protected entry
if ($post_password != '' && !$_ctx->preview) {
# Get passwords cookie
if (isset($_COOKIE['dc_passwd'])) {
$pwd_cookie = unserialize($_COOKIE['dc_passwd']);
} else {
$pwd_cookie = array();
}
# Check for match
if (!empty($_POST['password']) && $_POST['password'] == $post_password || isset($pwd_cookie[$post_id]) && $pwd_cookie[$post_id] == $post_password) {
$pwd_cookie[$post_id] = $post_password;
setcookie('dc_passwd', serialize($pwd_cookie), 0, '/');
} else {
self::serveDocument('password-form.html', 'text/html', false);
return;
}
}
$post_comment = isset($_POST['c_name']) && isset($_POST['c_mail']) && isset($_POST['c_site']) && isset($_POST['c_content']) && $_ctx->posts->commentsActive();
# Posting a comment
if ($post_comment) {
# Spam trap
if (!empty($_POST['f_mail'])) {
http::head(412, 'Precondition Failed');
header('Content-Type: text/plain');
echo "So Long, and Thanks For All the Fish";
# Exits immediately the application to preserve the server.
exit;
}
$name = $_POST['c_name'];
$mail = $_POST['c_mail'];
$site = $_POST['c_site'];
$content = $_POST['c_content'];
$preview = !empty($_POST['preview']);
if ($content != '') {
if ($core->blog->settings->wiki_comments) {
$core->initWikiComment();
} else {
$core->initWikiSimpleComment();
}
$content = $core->wikiTransform($content);
$content = $core->HTMLfilter($content);
}
$_ctx->comment_preview['content'] = $content;
$_ctx->comment_preview['rawcontent'] = $_POST['c_content'];
$_ctx->comment_preview['name'] = $name;
$_ctx->comment_preview['mail'] = $mail;
$_ctx->comment_preview['site'] = $site;
if ($preview) {
# --BEHAVIOR-- publicBeforeCommentPreview
$core->callBehavior('publicBeforeCommentPreview', $_ctx->comment_preview);
$_ctx->comment_preview['preview'] = true;
} else {
# Post the comment
$cur = $core->con->openCursor($core->prefix . 'comment');
$cur->comment_author = $name;
$cur->comment_site = html::clean($site);
$cur->comment_email = html::clean($mail);
$cur->comment_content = $content;
$cur->post_id = $_ctx->posts->post_id;
$cur->comment_status = $core->blog->settings->comments_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
$redir = $_ctx->posts->getURL();
$redir .= strpos($redir, '?') !== false ? '&' : '?';
try {
if (!text::isEmail($cur->comment_email)) {
throw new Exception(__('You must provide a valid email address.'));
}
# --BEHAVIOR-- publicBeforeCommentCreate
$core->callBehavior('publicBeforeCommentCreate', $cur);
if ($cur->post_id) {
$comment_id = $core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterCommentCreate
$core->callBehavior('publicAfterCommentCreate', $cur, $comment_id);
}
if ($cur->comment_status == 1) {
$redir_arg = 'pub=1';
} else {
$redir_arg = 'pub=0';
}
header('Location: ' . $redir . $redir_arg);
} catch (Exception $e) {
$_ctx->form_error = $e->getMessage();
$_ctx->form_error;
}
}
}
# The entry
self::serveDocument('post.html');
}
}
}
private function getLogCursor($cur, $log_id = null)
{
if ($cur->log_msg === '') {
throw new Exception(__('No log message'));
}
if ($cur->log_table === null) {
$cur->log_table = 'none';
}
if ($cur->user_id === null) {
$cur->user_id = 'unknown';
}
if ($cur->log_dt === '' || $cur->log_dt === null) {
$cur->log_dt = date('Y-m-d H:i:s');
}
if ($cur->log_ip === null) {
$cur->log_ip = http::realIP();
}
$log_id = is_int($log_id) ? $log_id : $cur->log_id;
}
/**
Receives a trackback and insert it as a comment of given post.
@param post_id <b>integer</b> Post ID
*/
public function receive($post_id)
{
header('Content-Type: text/xml; charset=UTF-8');
if (empty($_POST)) {
http::head(405, 'Method Not Allowed');
echo '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . " <error>1</error>\n" . " <message>POST request needed</message>\n" . "</response>";
return;
}
$post_id = (int) $post_id;
$title = !empty($_POST['title']) ? $_POST['title'] : '';
$excerpt = !empty($_POST['excerpt']) ? $_POST['excerpt'] : '';
$url = !empty($_POST['url']) ? $_POST['url'] : '';
$blog_name = !empty($_POST['blog_name']) ? $_POST['blog_name'] : '';
$charset = '';
$comment = '';
$err = false;
$msg = '';
if ($this->core->blog === null) {
$err = true;
$msg = 'No blog.';
} elseif ($url == '') {
$err = true;
$msg = 'URL parameter is required.';
} elseif ($blog_name == '') {
$err = true;
$msg = 'Blog name is required.';
}
if (!$err) {
$post = $this->core->blog->getPosts(array('post_id' => $post_id, 'post_type' => ''));
if ($post->isEmpty()) {
$err = true;
$msg = 'No such post.';
} elseif (!$post->trackbacksActive()) {
$err = true;
$msg = 'Trackbacks are not allowed for this post or weblog.';
}
}
if (!$err) {
$charset = self::getCharsetFromRequest();
if (!$charset) {
$charset = mb_detect_encoding($title . ' ' . $excerpt . ' ' . $blog_name, 'UTF-8,ISO-8859-1,ISO-8859-2,ISO-8859-3,' . 'ISO-8859-4,ISO-8859-5,ISO-8859-6,ISO-8859-7,ISO-8859-8,' . 'ISO-8859-9,ISO-8859-10,ISO-8859-13,ISO-8859-14,ISO-8859-15');
}
if (strtolower($charset) != 'utf-8') {
$title = iconv($charset, 'UTF-8', $title);
$excerpt = iconv($charset, 'UTF-8', $excerpt);
$blog_name = iconv($charset, 'UTF-8', $blog_name);
}
$title = trim(html::clean($title));
$title = html::decodeEntities($title);
$title = html::escapeHTML($title);
$title = text::cutString($title, 60);
$excerpt = trim(html::clean($excerpt));
$excerpt = html::decodeEntities($excerpt);
$excerpt = preg_replace('/\\s+/ms', ' ', $excerpt);
$excerpt = text::cutString($excerpt, 252);
$excerpt = html::escapeHTML($excerpt) . '...';
$blog_name = trim(html::clean($blog_name));
$blog_name = html::decodeEntities($blog_name);
$blog_name = html::escapeHTML($blog_name);
$blog_name = text::cutString($blog_name, 60);
$url = trim(html::clean($url));
if (!$blog_name) {
$blog_name = 'Anonymous blog';
}
$comment = "<!-- TB -->\n" . '<p><strong>' . ($title ? $title : $blog_name) . "</strong></p>\n" . '<p>' . $excerpt . '</p>';
$cur = $this->core->con->openCursor($this->core->prefix . 'comment');
$cur->comment_author = (string) $blog_name;
$cur->comment_site = (string) $url;
$cur->comment_content = (string) $comment;
$cur->post_id = $post_id;
$cur->comment_trackback = 1;
$cur->comment_status = $this->core->blog->settings->trackbacks_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
try {
# --BEHAVIOR-- publicBeforeTrackbackCreate
$this->core->callBehavior('publicBeforeTrackbackCreate', $cur);
if ($cur->post_id) {
$comment_id = $this->core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterTrackbackCreate
$this->core->callBehavior('publicAfterTrackbackCreate', $cur, $comment_id);
}
} catch (Exception $e) {
$err = 1;
$msg = 'Something went wrong : ' . $e->getMessage();
}
}
$debug_trace = " <debug>\n" . ' <title>' . $title . "</title>\n" . ' <excerpt>' . $excerpt . "</excerpt>\n" . ' <url>' . $url . "</url>\n" . ' <blog_name>' . $blog_name . "</blog_name>\n" . ' <charset>' . $charset . "</charset>\n" . ' <comment>' . $comment . "</comment>\n" . " </debug>\n";
$resp = '<?xml version="1.0" encoding="utf-8"?>' . "\n" . "<response>\n" . ' <error>' . (int) $err . "</error>\n";
if ($msg) {
$resp .= ' <message>' . $msg . "</message>\n";
}
if (!empty($_POST['__debug'])) {
$resp .= $debug_trace;
}
echo $resp . "</response>";
}
require_once __DIR__ . '/../../../../oktInc/public/prepend.php';
# est-ce qu'on demande une langue bien précise ?
$sUserLanguage = !empty($_GET['language']) ? $_GET['language'] : $okt->user->language;
if (empty($_GET['language']) || $sUserLanguage != $okt->user->language) {
$okt->user->setUserLang($sUserLanguage);
http::redirect($okt->page->getBaseUrl($sUserLanguage) . $okt->guestbook->config->public_url[$sUserLanguage]);
}
# module actuel
$okt->page->module = 'guestbook';
$okt->page->action = 'list';
# -- CORE TRIGGER : publicModuleGuestbookControllerStart
$okt->triggers->callTrigger('publicModuleGuestbookControllerStart', $okt, $okt->guestbook->config->captcha);
$aSigData = array('language' => $okt->user->language, 'message' => '', 'nom' => '', 'email' => '', 'url' => 'http://', 'note' => 'nc');
# formulaire envoyé
if (!empty($_POST['sign'])) {
$aSigData = array('language' => isset($_POST['language']) ? $_POST['language'] : $okt->user->language, 'message' => isset($_POST['msg']) ? $_POST['msg'] : null, 'nom' => isset($_POST['nom']) ? $_POST['nom'] : null, 'email' => isset($_POST['email']) ? $_POST['email'] : null, 'url' => isset($_POST['url']) ? $_POST['url'] : 'http://', 'note' => isset($_POST['note']) ? $_POST['note'] : null, 'ip' => http::realIP(), 'visible' => $okt->guestbook->config->validation ? 0 : 1);
$aSigData = $okt->guestbook->handleUserData($aSigData);
# -- CORE TRIGGER : publicModuleGuestbookControllerFormCheckValues
$okt->triggers->callTrigger('publicModuleGuestbookControllerFormCheckValues', $okt);
if (!$okt->error->hasError()) {
if ($okt->guestbook->addSig($aSigData)) {
if ($okt->guestbook->config->emails_list != '') {
$oMail = new oktMail($okt);
$oMail->setFrom();
$oMail->message->setSubject('Nouveau message sur le livre d’or de ' . util::getSiteTitle());
$mail_body = 'Bonjour,' . "\n\n" . 'Un utilisateur a laissé un nouveau message ' . 'sur le livre d’or de "' . util::getSiteTitle() . '".' . "\n\n";
if ($okt->guestbook->config->validation) {
$mail_body .= 'Ce nouveau message peut être validé ' . 'en vous rendant sur l’administration.' . "\n\n";
}
$mail_body .= 'Cordialement' . PHP_EOL . PHP_EOL . '--' . PHP_EOL . 'Email automatique,' . PHP_EOL . 'ne repondez pas à ce message';
$oMail->message->setBody($mail_body);
/**
* Vérifie qu'il n'y a pas de flood à l'inscription en vérifiant l'IP.
* @return boolean
*/
public function checkRegistrationFlood()
{
$sQuery = 'SELECT 1 FROM ' . $this->t_users . ' AS u ' . 'WHERE u.registration_ip=\'' . $this->db->escapeStr(http::realIP()) . '\' ' . 'AND u.registered>' . (time() - 3600);
if (($rs = $this->db->select($sQuery)) === false) {
return false;
}
if (!$rs->isEmpty()) {
return false;
}
return true;
}
public static function pages($args)
{
if ($args == '') {
# No page was specified.
self::p404();
} else {
$_ctx =& $GLOBALS['_ctx'];
$core =& $GLOBALS['core'];
$core->blog->withoutPassword(false);
$params = new ArrayObject(array('post_type' => 'page', 'post_url' => $args));
$core->callBehavior('publicPagesBeforeGetPosts', $params, $args);
$_ctx->posts = $core->blog->getPosts($params);
$_ctx->comment_preview = new ArrayObject();
$_ctx->comment_preview['content'] = '';
$_ctx->comment_preview['rawcontent'] = '';
$_ctx->comment_preview['name'] = '';
$_ctx->comment_preview['mail'] = '';
$_ctx->comment_preview['site'] = '';
$_ctx->comment_preview['preview'] = false;
$_ctx->comment_preview['remember'] = false;
$core->blog->withoutPassword(true);
if ($_ctx->posts->isEmpty()) {
# The specified page does not exist.
self::p404();
} else {
$post_id = $_ctx->posts->post_id;
$post_password = $_ctx->posts->post_password;
# Password protected entry
if ($post_password != '' && !$_ctx->preview) {
# Get passwords cookie
if (isset($_COOKIE['dc_passwd'])) {
$pwd_cookie = json_decode($_COOKIE['dc_passwd']);
if ($pwd_cookie === NULL) {
$pwd_cookie = array();
} else {
$pwd_cookie = (array) $pwd_cookie;
}
} else {
$pwd_cookie = array();
}
# Check for match
# Note: We must prefix post_id key with '#'' in pwd_cookie array in order to avoid integer conversion
# because MyArray["12345"] is treated as MyArray[12345]
if (!empty($_POST['password']) && $_POST['password'] == $post_password || isset($pwd_cookie['#' . $post_id]) && $pwd_cookie['#' . $post_id] == $post_password) {
$pwd_cookie['#' . $post_id] = $post_password;
setcookie('dc_passwd', json_encode($pwd_cookie), 0, '/');
} else {
self::serveDocument('password-form.html', 'text/html', false);
return;
}
}
$post_comment = isset($_POST['c_name']) && isset($_POST['c_mail']) && isset($_POST['c_site']) && isset($_POST['c_content']) && $_ctx->posts->commentsActive();
# Posting a comment
if ($post_comment) {
# Spam trap
if (!empty($_POST['f_mail'])) {
http::head(412, 'Precondition Failed');
header('Content-Type: text/plain');
echo "So Long, and Thanks For All the Fish";
# Exits immediately the application to preserve the server.
exit;
}
$name = $_POST['c_name'];
$mail = $_POST['c_mail'];
$site = $_POST['c_site'];
$content = $_POST['c_content'];
$preview = !empty($_POST['preview']);
if ($content != '') {
# --BEHAVIOR-- publicBeforeCommentTransform
$buffer = $core->callBehavior('publicBeforeCommentTransform', $content);
if ($buffer != '') {
$content = $buffer;
} else {
if ($core->blog->settings->system->wiki_comments) {
$core->initWikiComment();
} else {
$core->initWikiSimpleComment();
}
$content = $core->wikiTransform($content);
}
$content = $core->HTMLfilter($content);
}
$_ctx->comment_preview['content'] = $content;
$_ctx->comment_preview['rawcontent'] = $_POST['c_content'];
$_ctx->comment_preview['name'] = $name;
$_ctx->comment_preview['mail'] = $mail;
$_ctx->comment_preview['site'] = $site;
if ($preview) {
# --BEHAVIOR-- publicBeforeCommentPreview
$core->callBehavior('publicBeforeCommentPreview', $_ctx->comment_preview);
$_ctx->comment_preview['preview'] = true;
} else {
# Post the comment
$cur = $core->con->openCursor($core->prefix . 'comment');
$cur->comment_author = $name;
$cur->comment_site = html::clean($site);
$cur->comment_email = html::clean($mail);
$cur->comment_content = $content;
$cur->post_id = $_ctx->posts->post_id;
$cur->comment_status = $core->blog->settings->system->comments_pub ? 1 : -1;
$cur->comment_ip = http::realIP();
$redir = $_ctx->posts->getURL();
$redir .= $core->blog->settings->system->url_scan == 'query_string' ? '&' : '?';
try {
if (!text::isEmail($cur->comment_email)) {
throw new Exception(__('You must provide a valid email address.'));
}
# --BEHAVIOR-- publicBeforeCommentCreate
$core->callBehavior('publicBeforeCommentCreate', $cur);
if ($cur->post_id) {
$comment_id = $core->blog->addComment($cur);
# --BEHAVIOR-- publicAfterCommentCreate
$core->callBehavior('publicAfterCommentCreate', $cur, $comment_id);
}
if ($cur->comment_status == 1) {
$redir_arg = 'pub=1';
} else {
$redir_arg = 'pub=0';
}
header('Location: ' . $redir . $redir_arg);
} catch (Exception $e) {
$_ctx->form_error = $e->getMessage();
$_ctx->form_error;
}
}
}
# The entry
if ($_ctx->posts->trackbacksActive()) {
header('X-Pingback: ' . $core->blog->url . $core->url->getURLFor("xmlrpc", $core->blog->id));
}
$tplset = $core->themes->moduleInfo($core->blog->settings->system->theme, 'tplset');
if (!empty($tplset) && is_dir(dirname(__FILE__) . '/default-templates/' . $tplset)) {
$core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__) . '/default-templates/' . $tplset);
} else {
$core->tpl->setPath($core->tpl->getPath(), dirname(__FILE__) . '/default-templates/' . DC_DEFAULT_TPLSET);
}
self::serveDocument('page.html');
}
}
}
/**
* Ajout d'un log admin.
*
* @param array $aParams
* @return boolean
*/
public function add($aParams = array())
{
if (empty($aParams['user_id'])) {
$aParams['user_id'] = $this->okt->user->infos->f('id');
}
if (empty($aParams['username'])) {
$aParams['username'] = $this->okt->user->infos->f('username');
}
if (empty($aParams['component'])) {
$aParams['component'] = 'core';
}
if (empty($aParams['ip'])) {
$aParams['ip'] = http::realIP();
}
if (empty($aParams['type'])) {
$aParams['type'] = 0;
}
if (empty($aParams['code'])) {
$aParams['code'] = 0;
}
if (empty($aParams['message'])) {
$aParams['message'] = '';
}
$query = 'INSERT INTO ' . $this->t_log . ' ( ' . 'user_id, username, ip, date, type, component, code, message ' . ' ) VALUES ( ' . (int) $aParams['user_id'] . ', ' . '\'' . $this->db->escapeStr($aParams['username']) . '\', ' . '\'' . $this->db->escapeStr($aParams['ip']) . '\', ' . 'NOW(), ' . (int) $aParams['type'] . ', ' . '\'' . $this->db->escapeStr($aParams['component']) . '\', ' . (int) $aParams['code'] . ', ' . '\'' . $this->db->escapeStr($aParams['message']) . '\' ' . '); ';
if (!$this->db->execute($query)) {
return false;
}
return true;
}
/**
* Perform login.
*
* @param string $sUsername
* @param string $sPassword
* @param bollean $save_pass
* @return boolean
*/
public function login($sUsername, $sPassword, $save_pass = false)
{
$sQuery = 'SELECT id, group_id, password, salt ' . 'FROM ' . $this->t_users . ' ' . 'WHERE username=\'' . $this->oDb->escapeStr($sUsername) . '\' ';
if (($rs = $this->oDb->select($sQuery)) === false) {
return false;
}
if ($rs->isEmpty()) {
$this->oError->set(__('c_c_auth_unknown_user'));
return false;
}
$sPasswordHash = $rs->password;
if (!password::verify($sPassword, $sPasswordHash)) {
$this->oError->set(__('c_c_auth_wrong_password'));
return false;
} elseif (password::needs_rehash($sPasswordHash, PASSWORD_DEFAULT)) {
$sPasswordHash = password::hash($sPassword, PASSWORD_DEFAULT);
$sQuery = 'UPDATE ' . $this->t_users . ' SET ' . 'password=\'' . $this->oDb->escapeStr($sPasswordHash) . '\' ' . 'WHERE id=' . $rs->id;
if (!$this->oDb->execute($sQuery)) {
return false;
}
}
if ($rs->group_id == self::unverified_group_id) {
$this->oError->set(__('c_c_auth_account_awaiting_validation'));
return false;
}
# Remove this user's guest entry from the online list
$sQuery = 'DELETE FROM ' . $this->t_online . ' ' . 'WHERE ident=\'' . $this->oDb->escapeStr(http::realIP()) . '\'';
if (!$this->oDb->execute($sQuery)) {
return false;
}
$iTsExpire = $save_pass ? time() + $this->iVisitRememberTime : time() + $this->iVisitTimeout;
$this->setAuthCookie(base64_encode($rs->id . '|' . $sPasswordHash . '|' . $iTsExpire . '|' . sha1($rs->salt . $sPasswordHash . util::hash($iTsExpire, $rs->salt))), $iTsExpire);
# log admin
if (isset($this->okt->logAdmin)) {
$this->okt->logAdmin->add(array('user_id' => $rs->id, 'username' => $sUsername, 'code' => 10, 'message' => __('c_c_log_admin_message_by_form')));
}
# -- CORE TRIGGER : userLogin
$this->okt->triggers->callTrigger('userLogin', $this->okt, $rs);
return true;
}
/**
* Affichage de la page guestbook.
*
*/
public function guestbookPage()
{
# module actuel
$this->okt->page->module = 'guestbook';
$this->okt->page->action = 'list';
# -- CORE TRIGGER : publicModuleGuestbookControllerStart
$this->okt->triggers->callTrigger('publicModuleGuestbookControllerStart', $this->okt, $this->okt->guestbook->config->captcha);
$aSigData = array('language' => $this->okt->user->language, 'message' => '', 'nom' => '', 'email' => '', 'url' => 'http://', 'note' => 'nc');
# formulaire envoyé
if (!empty($_POST['sign'])) {
$aSigData = array('language' => isset($_POST['language']) ? $_POST['language'] : $this->okt->user->language, 'message' => isset($_POST['msg']) ? $_POST['msg'] : null, 'nom' => isset($_POST['nom']) ? $_POST['nom'] : null, 'email' => isset($_POST['email']) ? $_POST['email'] : null, 'url' => isset($_POST['url']) ? $_POST['url'] : 'http://', 'note' => isset($_POST['note']) ? $_POST['note'] : null, 'ip' => http::realIP(), 'visible' => $this->okt->guestbook->config->validation ? 0 : 1);
$aSigData = $this->okt->guestbook->handleUserData($aSigData);
# -- CORE TRIGGER : publicModuleGuestbookControllerFormCheckValues
$this->okt->triggers->callTrigger('publicModuleGuestbookControllerFormCheckValues', $this->okt, $this->okt->guestbook->config->captcha);
if (!$this->okt->error->hasError()) {
if ($this->okt->guestbook->addSig($aSigData)) {
if ($this->okt->guestbook->config->emails_list != '') {
$oMail = new oktMail($this->okt);
$oMail->setFrom();
$oMail->message->setSubject('Nouveau message sur le livre d’or de ' . util::getSiteTitle());
$mail_body = 'Bonjour,' . "\n\n" . 'Un utilisateur a laissé un nouveau message ' . 'sur le livre d’or de "' . util::getSiteTitle() . '".' . "\n\n";
if ($this->okt->guestbook->config->validation) {
$mail_body .= 'Ce nouveau message peut être validé ' . 'en vous rendant sur l’administration.' . "\n\n";
}
$mail_body .= 'Cordialement' . PHP_EOL . PHP_EOL . '--' . PHP_EOL . 'Email automatique,' . PHP_EOL . 'ne repondez pas à ce message';
$oMail->message->setBody($mail_body);
$dests = array_map('trim', explode(',', $this->okt->guestbook->config->emails_list));
$oMail->message->setTo($dests);
$oMail->send();
}
http::redirect($this->okt->guestbook->config->url . '?added=1');
}
}
}
# signatures à afficher
$aGuestbookParams = array('is_not_spam' => true, 'is_visible' => true, 'language' => $this->okt->user->language);
# initialisation de la pagination
$iPage = !empty($_GET['page']) ? intval($_GET['page']) : 1;
$oGuestbookPager = new publicPager($iPage, $this->okt->guestbook->getSig($aGuestbookParams, true), $this->okt->guestbook->config->nbparpage_public);
$iNumPages = $oGuestbookPager->getNbPages();
# récupération des signatures
$aGuestbookParams['limit'] = ($iPage - 1) * $this->okt->guestbook->config->nbparpage_public . ',' . $this->okt->guestbook->config->nbparpage_public;
$signaturesList = $this->okt->guestbook->getSig($aGuestbookParams);
$aLanguages = array();
foreach ($this->okt->languages->list as $aLanguage) {
if (isset($this->okt->guestbook->config->public_url[$aLanguage['code']])) {
$aLanguages[$aLanguage['title']] = $aLanguage['code'];
}
}
# formatage des données
$num_sig = 0;
while ($signaturesList->fetch()) {
$signaturesList->number = ++$num_sig;
# note
if ($this->okt->guestbook->config->chp_note) {
if (!is_numeric($signaturesList->note)) {
$signaturesList->note = 'nc';
} else {
$signaturesList->note = ceil($signaturesList->note) . '/20';
}
} else {
$signaturesList->note = null;
}
}
# meta description
if ($this->okt->guestbook->config->meta_description[$this->okt->user->language] != '') {
$this->okt->page->meta_description = $this->okt->guestbook->config->meta_description[$this->okt->user->language];
} else {
$this->okt->page->meta_description = util::getSiteMetaDesc();
}
# meta keywords
if ($this->okt->guestbook->config->meta_keywords[$this->okt->user->language] != '') {
$this->okt->page->meta_keywords = $this->okt->guestbook->config->meta_keywords[$this->okt->user->language];
} else {
$this->okt->page->meta_keywords = util::getSiteMetaKeywords();
}
# ajout du numéro de page au title
if ($iPage > 1) {
$this->okt->page->addTitleTag(sprintf(__('c_c_Page_%s'), $iPage));
}
# title tag
$this->okt->page->addTitleTag($this->okt->guestbook->getTitle());
# titre de la page
$this->okt->page->setTitle($this->okt->guestbook->getName());
# titre SEO de la page
$this->okt->page->setTitleSeo($this->okt->guestbook->getNameSeo());
# fil d'ariane de la page
if (!$this->isDefaultRoute(__CLASS__, __FUNCTION__)) {
$this->okt->page->breadcrumb->add($this->okt->guestbook->getName(), $this->okt->guestbook->config->url);
}
# raccourcis
$signaturesList->numPages = $iNumPages;
$signaturesList->pager = $oGuestbookPager;
# affichage du template
echo $this->okt->tpl->render('guestbook_tpl', array('aSigData' => $aSigData, 'signaturesList' => $signaturesList, 'aLanguages' => $aLanguages));
}
