protected function _view(&$iaView, $invoiceId)
{
iaBreadcrumb::add(iaLanguage::get('view'), IA_SELF);
$invoice = $this->getHelper()->getById($invoiceId);
if (!$invoice) {
return iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
$iaView->assign('invoice', $invoice);
$iaView->assign('items', $this->getHelper()->getItemsByInvoiceId($invoiceId));
$iaView->display('invoice-view');
}
private function _viewPage(&$iaView, $id)
{
$item = $this->getById($id);
if (!$item) {
return iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
$iaUsers = $this->_iaCore->factory('users');
$iaView->assign('item', $item);
$iaView->assign('initiator', $iaUsers->getInfo($item['member_id']));
iaBreadcrumb::toEnd(iaLanguage::get('claim_details'));
$iaView->title(iaLanguage::get('claim_details'));
$iaView->display('view');
}
protected function _gridRead($params)
{
if (1 == count($this->_iaCore->requestPath)) {
switch ($this->_iaCore->requestPath[0]) {
case 'documentation':
return $this->_getDocumentation($params['name']);
case 'install':
case 'reinstall':
case 'uninstall':
$action = $this->_iaCore->requestPath[0];
$iaAcl = $this->_iaCore->factory('acl');
if (!$iaAcl->isAccessible($this->getName(), $action)) {
return iaView::accessDenied();
}
$pluginName = $_POST['name'];
return 'uninstall' == $action ? $this->_uninstall($pluginName) : $this->_install($pluginName, $action);
}
}
$output = array();
$start = isset($params['start']) ? (int) $params['start'] : 0;
$limit = isset($params['limit']) ? (int) $params['limit'] : 15;
$sort = isset($params['sort']) ? $params['sort'] : '';
$dir = in_array($params['dir'], array(iaDb::ORDER_ASC, iaDb::ORDER_DESC)) ? $params['dir'] : iaDb::ORDER_ASC;
$filter = empty($params['filter']) ? '' : $params['filter'];
switch ($params['type']) {
case 'installed':
$output = $this->_getInstalledPlugins($start, $limit, $sort, $dir, $filter);
break;
case 'local':
$output = $this->_getLocalPlugins($start, $limit, $dir, $filter);
break;
case 'remote':
$output = $this->_getRemotePlugins($start, $limit, $dir, $filter);
}
return $output;
}
//##copyright##
$iaDb->setTable('blog_entries');
if (iaView::REQUEST_HTML == $iaView->getRequestType()) {
if (isset($iaCore->requestPath[0])) {
$id = (int) $iaCore->requestPath[0];
if (!$id) {
return iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
$sql = 'SELECT b.`id`, b.`title`, b.`date_added`, b.`body`, b.`alias`, b.`image`, m.`fullname` ' . 'FROM `:prefix:table_blog_entries` b ' . 'LEFT JOIN `:prefix:table_members` m ON (b.`member_id` = m.`id`) ' . 'WHERE b.`id` = :id AND b.`status` = \':status\' ';
$sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries' => 'blog_entries', 'table_members' => iaUsers::getTable(), 'id' => iaSanitize::sql($id), 'status' => iaCore::STATUS_ACTIVE));
$blogEntry = $iaDb->getRow($sql);
$sql = 'SELECT DISTINCT bt.`title`, bt.`alias` ' . 'FROM `:prefix:table_blog_tags` bt ' . 'LEFT JOIN `:prefix:table_blog_entries_tags` bet ON (bt.`id` = bet.`tag_id`) ' . 'WHERE bet.`blog_id` = :id';
$sql = iaDb::printf($sql, array('prefix' => $iaDb->prefix, 'table_blog_entries_tags' => 'blog_entries_tags', 'table_blog_tags' => 'blog_tags', 'id' => iaSanitize::sql($id)));
$blogTags = $iaDb->getAll($sql);
if (empty($blogEntry)) {
return iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
$title = iaSanitize::tags($blogEntry['title']);
iaBreadcrumb::toEnd($title);
$iaView->title($title);
// add open graph data
$openGraph = array('title' => $title, 'url' => IA_SELF, 'description' => $blogEntry['body']);
if ($blogEntry['image']) {
$openGraph['image'] = IA_CLEAR_URL . 'uploads/' . $blogEntry['image'];
}
$iaView->set('og', $openGraph);
$iaView->assign('tags', $blogTags);
$iaView->assign('blog_entry', $blogEntry);
} else {
$page = empty($_GET['page']) ? 0 : (int) $_GET['page'];
$page = $page < 1 ? 1 : $page;
if ($memberId && isset($_POST['plan_id']) && is_numeric($_POST['plan_id'])) {
$plan = $iaPlan->getById($_POST['plan_id']);
$usergroup = $plan['usergroup'] ? $plan['usergroup'] : iaUsers::MEMBERSHIP_REGULAR;
$iaDb->update(array('id' => $memberId, 'usergroup_id' => $usergroup), 0, 0, iaUsers::getTable());
if ($plan['cost'] > 0) {
$itemData['id'] = $memberId;
$itemData['member_id'] = $memberId;
if ($url = $iaPlan->prePayment($iaUsers->getItemName(), $itemData, $plan['id'])) {
iaUtil::redirect(iaLanguage::get('thanks'), iaLanguage::get('member_created'), $url);
}
}
}
}
} elseif ('register_confirm' == $iaView->name()) {
if (!isset($_GET['email']) || !isset($_GET['key'])) {
return iaView::accessDenied();
}
$error = true;
if ($iaUsers->confirmation($_GET['email'], $_GET['key'])) {
$messages[] = $iaCore->get('members_autoapproval') ? iaLanguage::get('reg_confirmed') : iaLanguage::get('reg_confirm_adm_approve');
$error = false;
$url = $iaCore->get('members_autoapproval') ? IA_URL . 'login/' : IA_URL;
iaUtil::redirect(iaLanguage::get('reg_confirmation'), $messages, $url);
} else {
$messages[] = iaLanguage::get('confirmation_key_incorrect');
}
$iaView->assign('success', !$error);
}
}
switch ($iaView->name()) {
case 'member_password_forgot':
private function _checkActions($page, &$iaView)
{
$iaAcl = $this->_iaCore->factory('acl');
$adminActions = $iaView->getValues('admin_actions');
foreach ($this->_actions as $index => $action) {
if (!$iaAcl->checkAccess($this->getName() . $action)) {
unset($adminActions['db_' . $action], $this->_actions[$index]);
}
}
$iaView->assign('admin_actions', $adminActions);
if (!$iaAcl->checkAccess($this->getName() . $page)) {
return iaView::accessDenied();
}
}
private function _save(&$iaView)
{
$iaAcl = $this->_iaCore->factory('acl');
if (!$iaAcl->checkAccess($iaView->name() . iaAcl::SEPARATOR . iaCore::ACTION_EDIT)) {
return iaView::accessDenied();
}
$where = "`type` != 'hidden' " . ($this->_type ? 'AND `custom` = 1' : '');
$params = $this->_iaDb->keyvalue(array('name', 'type'), $where, iaCore::getConfigTable());
// correct admin dashboard URL generation
$adminPage = $this->_iaCore->get('admin_page');
iaUtil::loadUTF8Functions('ascii', 'validation', 'bad', 'utf8_to_ascii');
$messages = array();
$error = false;
if ($_POST['v'] && is_array($_POST['v'])) {
$values = $_POST['v'];
$this->_iaCore->startHook('phpConfigurationChange', array('configurationValues' => &$values));
$this->_iaDb->setTable(iaCore::getConfigTable());
foreach ($values as $key => $value) {
$s = strpos($key, '_items_enabled');
if ($s !== false) {
$p = $this->_iaCore->get($key, '', !is_null($this->_type));
$array = $p ? explode(',', $p) : array();
$data = array();
array_shift($value);
if ($diff = array_diff($value, $array)) {
foreach ($diff as $item) {
array_push($data, array('action' => '+', 'item' => $item));
}
}
if ($diff = array_diff($array, $value)) {
foreach ($diff as $item) {
array_push($data, array('action' => '-', 'item' => $item));
}
}
$extra = substr($key, 0, $s);
$this->_iaCore->startHook('phpPackageItemChangedForPlugin', array('data' => $data), $extra);
}
if (is_array($value)) {
$value = implode(',', $value);
}
if (!utf8_is_valid($value)) {
$value = utf8_bad_replace($value);
trigger_error('Bad UTF-8 detected (replacing with "?") in configuration', E_USER_NOTICE);
}
if (self::TYPE_IMAGE == $params[$key]) {
if (isset($_POST['delete'][$key])) {
$value = '';
} elseif (!empty($_FILES[$key]['name'])) {
if (!(bool) $_FILES[$key]['error']) {
if (@is_uploaded_file($_FILES[$key]['tmp_name'])) {
$ext = strtolower(utf8_substr($_FILES[$key]['name'], -3));
// if jpeg
if ($ext == 'peg') {
$ext = 'jpg';
}
if (!array_key_exists(strtolower($_FILES[$key]['type']), $this->_imageTypes) || !in_array($ext, $this->_imageTypes, true) || !getimagesize($_FILES[$key]['tmp_name'])) {
$error = true;
$messages[] = iaLanguage::getf('file_type_error', array('extension' => implode(', ', array_unique($this->_imageTypes))));
} else {
if ($this->_iaCore->get($key) && file_exists(IA_UPLOADS . $this->_iaCore->get($key))) {
iaUtil::deleteFile(IA_UPLOADS . $this->_iaCore->get($key));
}
$value = $fileName = $key . '.' . $ext;
@move_uploaded_file($_FILES[$key]['tmp_name'], IA_UPLOADS . $fileName);
@chmod(IA_UPLOADS . $fileName, 0777);
}
}
}
} else {
$value = $this->_iaCore->get($key, '', !is_null($this->_type));
}
}
if ($this->_type) {
$where = sprintf("`name` = '%s' AND `type` = '%s' AND `type_id` = %d", $key, $this->_type, $this->_typeId);
$this->_iaDb->setTable(iaCore::getCustomConfigTable());
if ($_POST['c'][$key]) {
$values = array('name' => $key, 'value' => $value, 'type' => $this->_type, 'type_id' => $this->_typeId);
if ($this->_iaDb->exists($where)) {
unset($values['value']);
$this->_iaDb->bind($where, $values);
$this->_iaDb->update(array('value' => $value), $where);
} else {
$this->_iaDb->insert($values);
}
} else {
$this->_iaDb->delete($where);
}
$this->_iaDb->resetTable();
} else {
$this->_iaDb->update(array('value' => $value), iaDb::convertIds($key, 'name'));
}
}
$this->_iaDb->resetTable();
$this->_iaCore->iaCache->clearAll();
}
if (!$error) {
$iaView->setMessages(iaLanguage::get('saved'), iaView::SUCCESS);
if (isset($_POST['param']['admin_page']) && $_POST['param']['admin_page'] != $adminPage) {
iaUtil::go_to(IA_URL . $_POST['param']['admin_page'] . '/configuration/general/');
}
} elseif ($messages) {
$iaView->setMessages($messages);
}
}
protected function _executeModule()
{
$module = $this->iaView->get('filename');
if (empty($module)) {
return;
}
if (!file_exists($module)) {
return iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
// this set of variables should be defined since there is a PHP file inclusion below
$iaCore =& $this;
$iaView =& $this->iaView;
$iaDb =& $this->iaDb;
$iaAcl = $this->factory('acl');
//
$pageName = $this->iaView->name();
$permission = (self::ACCESS_ADMIN == $this->getAccessType() ? 'admin_' : '') . 'pages-' . $pageName . iaAcl::SEPARATOR;
$pageAction = $this->iaView->get('action');
$this->startHook('phpCoreCodeBeforeStart');
require $module;
// temporary stub
if (self::ACCESS_ADMIN == $this->getAccessType()) {
if (class_exists('iaBackendController')) {
$iaModule = new iaBackendController();
$iaModule->process();
}
}
//
$this->startHook('phpCoreCodeAfterAll');
}
private function _processAction(&$iaView)
{
$iaAcl = $this->_iaCore->factory('acl');
$iaLog = $this->_iaCore->factory('log');
$package = iaSanitize::sql($this->_iaCore->requestPath[0]);
$action = $this->_iaCore->requestPath[1];
$error = false;
switch ($action) {
case 'activate':
case 'deactivate':
if (!$iaAcl->isAccessible($this->getName(), 'activate')) {
return iaView::accessDenied();
}
if ($this->_activate($package, 'deactivate' == $action)) {
$type = 'deactivate' == $action ? iaLog::ACTION_DISABLE : iaLog::ACTION_ENABLE;
$iaLog->write($type, array('type' => iaExtra::TYPE_PACKAGE, 'name' => $package), $package);
} else {
$error = true;
}
break;
case 'set_default':
if (!$iaAcl->isAccessible($this->getName(), $action)) {
return iaView::accessDenied();
}
$error = !$this->_setDefault($package);
break;
case 'reset':
if (!$iaAcl->isAccessible($this->getName(), 'set_default')) {
return iaView::accessDenied();
}
$error = !$this->_reset($iaView->domain);
break;
case iaExtra::ACTION_INSTALL:
case iaExtra::ACTION_UPGRADE:
if (!$iaAcl->isAccessible($this->getName(), $action)) {
return iaView::accessDenied();
}
if ($this->_install($package, $action, $iaView->domain)) {
// log this event
$action = $this->getHelper()->isUpgrade ? iaLog::ACTION_UPGRADE : iaLog::ACTION_INSTALL;
$iaLog->write($action, array('type' => iaExtra::TYPE_PACKAGE, 'name' => $package, 'to' => $this->getHelper()->itemData['info']['version']), $package);
//
$iaSitemap = $this->_iaCore->factory('sitemap', iaCore::ADMIN);
$iaSitemap->generate();
} else {
$error = true;
}
break;
case iaExtra::ACTION_UNINSTALL:
if (!$iaAcl->isAccessible($this->getName(), $action)) {
return iaView::accessDenied();
}
if ($this->_uninstall($package)) {
$iaLog->write(iaLog::ACTION_UNINSTALL, array('type' => iaExtra::TYPE_PACKAGE, 'name' => $package), $package);
} else {
$error = true;
}
}
$this->_iaCore->iaCache->clearAll();
$iaView->setMessages($this->getMessages(), $error ? iaView::ERROR : iaView::SUCCESS);
iaUtil::go_to($this->getPath());
}
protected function _htmlAction(&$iaView)
{
iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
<?php
//##copyright##
if (iaView::REQUEST_HTML == $iaView->getRequestType()) {
if (!iaUsers::hasIdentity()) {
return iaView::errorPage(iaView::ERROR_UNAUTHORIZED);
}
$iaField = $iaCore->factory('field');
$iaUsers = $iaCore->factory('users');
$itemName = $tableName = iaUsers::getTable();
$messages = array();
$assignableGroups = $iaDb->keyvalue(array('id', 'name'), '`assignable` = 1', iaUsers::getUsergroupsTable());
$iaPlan = $iaCore->factory('plan');
$plans = $iaPlan->getPlans($iaUsers->getItemName());
$iaDb->setTable($tableName);
if (isset($_POST['change_pass'])) {
$error = false;
$newPassword = empty($_POST['new']) ? false : $_POST['new'];
// checks for current password
if (iaUsers::getIdentity()->password != $iaUsers->encodePassword($_POST['current'])) {
$error = true;
$messages[] = iaLanguage::get('password_incorrect');
}
if (!$newPassword) {
$error = true;
$messages[] = iaLanguage::get('password_empty');
}
if ($newPassword != $_POST['confirm']) {
$error = true;
$messages[] = iaLanguage::get('error_password_match');
}
protected function _indexPage(&$iaView)
{
return iaView::errorPage(iaView::ERROR_NOT_FOUND);
}
$artist = $iaArtist->getArtistByTitle($_GET['artist']);
// get artist albums
$out['data'] = $iaAlbum->getAlbumsByArtist($artist['id']);
$iaView->assign($out);
}
}
if (iaView::REQUEST_HTML == $iaView->getRequestType()) {
iaCore::fields();
$iaUtil = $iaCore->factory('util');
$errorFields = array();
$id = isset($iaCore->requestPath[0]) ? (int) $iaCore->requestPath[0] : false;
$lyric = $id ? $iaDb->row('*, \'lyrics\' as `item`', "`id`={$id}", 0, 1, iaLyric::getTable()) : array();
if (!empty($id) && empty($lyric)) {
iaView::errorPage(iaView::ERROR_NOT_FOUND);
} elseif (!empty($id) && $_SESSION['user']['id'] != $lyric['member_id']) {
iaView::errorPage(iaView::ERROR_FORBIDDEN);
}
if (!empty($lyric)) {
// get lyric artist
$lartist = $iaArtist->getArtist($lyric['id_artist']);
$lyric['artist'] = $lartist['title'];
// get lyric album
$lalbum = $iaAlbum->getAlbum($lyric['id_album']);
$lyric['album'] = $lalbum['title'];
// get artist albums
$albums = $iaAlbum->getAlbumsByArtist($lartist['id']);
$iaView->assign('albums', $albums);
if ($lyric['body']) {
$lyric['body'] = preg_replace('/<br>/i', "", $lyric['body']);
}
}
