function display() { $order = 'desc'; if (isset($_GET['order'])) { $order = $_GET['order']; $this->tpl->assign('sort', 'ts'); } // Extra params for pager $params = array(); if ($order) { $params = array('order' => $order); } // Pager $this->pager->limit = $this->per_page; $this->pager->setStart(); $this->pager->setPages($this->log->count($this->users_id)); $this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/admin/log/{$this->nickname}", $params)); $this->log->setOrder('ts', $order); $this->r->arr['ulog'] = $this->log->get($this->pager->limit, $this->pager->start, $this->users_id); foreach ($this->r->arr['ulog'] as $key => $val) { $tmp = $this->user->getByID($val['users_id']); $this->r->arr['ulog'][$key]['nickname'] = $tmp['nickname']; } // Template $inverse = $order != 'desc' ? 'desc' : 'asc'; $this->tpl->assign('ts_sort_url', suxFunct::makeUrl("/admin/log/{$this->nickname}", array('order' => $inverse))); $this->tpl->assign('nickname', $this->nickname); $this->r->title .= " | {$this->r->gtext['activity_log']}"; $this->tpl->display('log.tpl'); }
/** * menu * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function bookmarks_menu() { if (!isset($_SESSION['users_id'])) { return null; } // Check access $user = new suxUser(); if (!$user->isRoot()) { $access = $user->getAccess('bookmarks'); if ($access < $GLOBALS['CONFIG']['ACCESS']['bookmarks']['admin']) { return null; } } $query = 'SELECT COUNT(*) FROM bookmarks WHERE draft = true '; $db = suxDB::get(); $st = $db->query($query); $menu = array(); $count = $st->fetchColumn(); $text = suxFunct::gtext('bookmarks'); $menu[$text['admin']] = suxFunct::makeUrl('/bookmarks/admin/'); $tmp = "{$text['approve_2']} ({$count})"; $menu[$tmp] = suxFunct::makeUrl('/bookmarks/approve/'); $menu[$text['new']] = suxFunct::makeUrl('/bookmarks/edit/'); return $menu; }
/** * Login */ function login() { if ($this->user->loginCheck() || !$this->user->loginCheck() && $this->user->authenticate()) { $this->log->write($_SESSION['users_id'], "sux0r::userAuthenticate() login [IP: {$_SERVER['REMOTE_ADDR']}]", 1); // Log, private // Redirect to previous page if (isset($_SESSION['breadcrumbs'])) { foreach ($_SESSION['breadcrumbs'] as $val) { if (!preg_match('#^user/[login|logout|register|edit]#i', $val)) { suxFunct::redirect(suxFunct::makeUrl($val)); break; } } } // Nothing of value was found, redirect to user page suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname'])); } else { // Too many password failures? if ($this->user->maxPasswordFailures()) { $this->r->title .= " | {$this->r->gtext['pw_failure']}"; $this->tpl->display('pw_failure.tpl'); die; } // Note: // Threre's a conflift with the authenticate procedure and header('Location:') // The workaround is to echo some spaces and force javascript redirect echo str_repeat(' ', 40000); suxFunct::redirect(suxFunct::makeUrl('/home')); } }
/** * Build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('bookmarks', 'bookmarks', 'isInt', true); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/bookmarks/approve'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); // bookmarks $this->r->arr['bookmarks'] = $this->bm->get(); // Adjust variables foreach ($this->r->arr['bookmarks'] as $key => $val) { if (!$val['draft']) { // This bookmark is not a draft, it's just in the future, ignore it. unset($this->r->arr['bookmarks'][$key]); continue; } // Append nickname $u = $this->user->getByID($val['users_id']); $this->r->arr['bookmarks'][$key]['nickname'] = $u['nickname']; } $this->r->title .= " | {$this->r->gtext['approve']}"; $this->tpl->display('approve.tpl'); }
/** * Build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('subscriptions', 'subscriptions', 'isInt', true); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/feeds/manage'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); // Feeds $feeds = array(); foreach ($this->rss->getFeeds() as $feed) { $feeds[$feed['id']] = $feed['title']; } $this->r->arr['feeds'] = $feeds; // Subscriptions if (!isset($_POST['subscriptions'])) { $this->r->arr['subscriptions'] = $this->link->getLinks('link__rss_feeds__users', 'users', $_SESSION['users_id']); } $this->r->title .= " | {$this->r->gtext['manage']}"; $this->tpl->display('manage.tpl'); }
/** * Return tags associated to this bookmark * * @param int $id bookmark id * @return string html */ function tags($id) { // ---------------------------------------------------------------- // SQL // ---------------------------------------------------------------- // Innerjoin query $innerjoin = ' INNER JOIN link__bookmarks__tags ON link__bookmarks__tags.tags_id = tags.id '; // Select $query = "\n SELECT tags.id, tags.tag FROM tags\n {$innerjoin}\n WHERE link__bookmarks__tags.bookmarks_id = ?\n "; $db = suxDB::get(); $st = $db->prepare($query); $st->execute(array($id)); $cat = $st->fetchAll(PDO::FETCH_ASSOC); // ---------------------------------------------------------------- // Html // ---------------------------------------------------------------- foreach ($cat as $val) { $url = suxFunct::makeUrl('/bookmarks/tag/' . $val['id']); $html .= "<a href='{$url}'>{$val['tag']}</a>, "; } if (!$html) { $html = $this->gtext['none']; } else { $html = rtrim($html, ', '); } $html = "<div class='tags'>{$this->gtext['tags']}: " . $html . '</div>'; return $html; }
/** * Build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('date', 'Date:Date_Year:Date_Month:Date_Day', 'isDate', false, false, 'makeDate'); } if (!$this->tpl->getTemplateVars('Date_Year')) { // Today's Date $this->tpl->assign('Date_Year', date('Y')); $this->tpl->assign('Date_Month', date('m')); $this->tpl->assign('Date_Day', date('j')); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/admin/purge'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); $this->r->title .= " | {$this->r->gtext['admin_purge']}"; // Template $this->tpl->display('purge.tpl'); }
/** * Build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('feeds', 'feeds', 'isInt', true); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/feeds/approve'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); // Feeds $this->r->arr['feeds'] = $this->rss->getFeeds(); // Additional variables foreach ($this->r->arr['feeds'] as $key => $val) { $u = $this->user->getByID($val['users_id']); $this->r->arr['feeds'][$key]['nickname'] = $u['nickname']; } $this->r->title .= " | {$this->r->gtext['approve']}"; $this->tpl->display('approve.tpl'); }
/** * Build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our additional criterias suxValidate::register_criteria('isDuplicateFeed', 'this->isDuplicateFeed'); suxValidate::register_criteria('isValidFeed', 'this->isValidFeed'); // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('url', 'url', 'notEmpty', false, false, 'trim'); suxValidate::register_validator('url2', 'url', 'isURL'); suxValidate::register_validator('url3', 'url', 'isDuplicateFeed'); suxValidate::register_validator('url4', 'url', 'isValidFeed'); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/feeds/suggest'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); $this->r->title .= " | {$this->r->gtext['suggest']}"; // Template $this->tpl->display('suggest.tpl'); }
/** * @return string html */ function feedLink($id) { $tmp = $this->rss->getFeedByID($id); if (!$tmp) { return null; } $url = suxFunct::makeUrl("/feeds/{$id}"); $html = "<a href='{$url}'>{$tmp['title']}</a>"; return $html; }
/** * controller * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function sux($action, $params = null) { switch ($action) { case 'access': // -------------------------------------------------------------------- // Access // -------------------------------------------------------------------- if (empty($params[0])) { suxFunct::redirect(suxFunct::makeUrl('/admin')); } $edit = new adminAccess($params[0]); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; case 'log': // -------------------------------------------------------------------- // Log // -------------------------------------------------------------------- $nickname = null; if (!empty($params[0])) { $nickname = $params[0]; } $admin = new adminLog($nickname); $admin->display(); break; case 'purge': // -------------------------------------------------------------------- // Purge logs // -------------------------------------------------------------------- $edit = new adminPurge(); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; default: // -------------------------------------------------------------------- // Default // -------------------------------------------------------------------- $admin = new admin(); if ($admin->formValidate($_POST)) { $admin->formProcess($_POST); $admin->formSuccess(); } else { $admin->formBuild($_POST); } break; } }
/** * controller * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function sux($action, $params = null) { switch ($action) { case 'relationship': // -------------------------------------------------------------------- // Set a relationship with a user // -------------------------------------------------------------------- if (empty($params[0])) { suxFunct::redirect(suxFunct::makeUrl('/society')); } $soc = new societyEdit($params[0]); if ($soc->formValidate($_POST)) { $soc->formProcess($_POST); $soc->formSuccess(); } else { $soc->formBuild($_POST); } break; } }
/** * Override: build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators // register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default') suxValidate::register_validator('url', 'url', 'notEmpty', false, false, 'trim'); suxValidate::register_validator('url2', 'url', 'isURL'); } // Urls $this->r->text['form_url'] = suxFunct::makeUrl('/user/login/openid'); $this->r->text['back_url'] = suxFunct::getPreviousURL(); $this->r->title .= " | {$this->r->gtext['openid_login']}"; // Template $this->tpl->display('login_openid.tpl'); }
/** * menu * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function blog_menu() { if (!isset($_SESSION['users_id'])) { return null; } // Check that the user is allowed to admin $user = new suxUser(); $text = suxFunct::gtext('blog'); $menu = array(); $is_root = $user->isRoot(); $access = $user->getAccess('blog'); if (!$is_root) { if ($access < $GLOBALS['CONFIG']['ACCESS']['blog']['publisher']) { return null; } } if ($is_root || $access >= $GLOBALS['CONFIG']['ACCESS']['blog']['admin']) { $menu[$text['admin']] = suxFunct::makeUrl('/blog/admin'); } $menu[$text['new']] = suxFunct::makeUrl('/blog/edit'); return $menu; }
/** * Display RSS Feed */ function rss() { // Cache $cache_id = $this->profile['nickname'] . '|rss'; $this->tpl->caching = 1; if (!$this->tpl->isCached('rss.tpl', $cache_id)) { $fp = $this->log->get($this->minifeed_limit * 5, 0, $this->profile['users_id']); if ($fp) { $rss = new suxRSS(); $title = "{$this->r->title} | {$this->profile['nickname']}"; $url = suxFunct::makeUrl('/user/profile/' . $this->profile['nickname'], null, true); $rss->outputRSS($title, $url, null); foreach ($fp as $item) { $url2 = $url . '#' . strtotime($item['ts']); $rss->addOutputItem($item['ts'], $url2, $item['body_html']); } $this->tpl->assign('xml', $rss->saveXML()); } } // Template header('Content-type: text/xml; charset=utf-8'); $this->tpl->display('rss.tpl', $cache_id); }
/** * Build the form and show the template * * @global string $CONFIG['URL'] * @param string $module * @param int $id * @param array $dirty reference to unverified $_POST */ function formBuild($module, $id, &$dirty) { // Initialize width & height $width = 0; $height = 0; // Check $id if (!filter_var($id, FILTER_VALIDATE_INT) || $id < 1) { throw new Exception('Invalid $id'); } // Check $module, assign $table $table = $this->getTable($module); if (!$table) { throw new Exception('Unsuported $module'); } // -------------------------------------------------------------------- // Form logic // -------------------------------------------------------------------- if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection suxValidate::register_validator('integrity', 'integrity:module:id', 'hasIntegrity'); } // -------------------------------------------------------------------- // Get image from database // -------------------------------------------------------------------- $query = "SELECT users_id, image FROM {$table} WHERE id = ? "; $db = suxDB::get(); $st = $db->prepare($query); $st->execute(array($id)); $image = $st->fetch(PDO::FETCH_ASSOC); if (!$image['image']) { throw new Exception('$image not found'); } if ($image['users_id'] != $_SESSION['users_id']) { // Check that the user is allowed to be here if (!$this->user->isRoot()) { $access = $this->user->getAccess($module); if (!isset($GLOBALS['CONFIG']['ACCESS'][$module]['admin'])) { suxFunct::redirect(suxFunct::getPreviousURL('cropper')); } elseif ($access < $GLOBALS['CONFIG']['ACCESS'][$module]['admin']) { suxFunct::redirect(suxFunct::getPreviousURL('cropper')); } } } // Assign a url to the fullsize version of the image $image = $image['image']; $image = rawurlencode(suxPhoto::t2fImage($image)); $image = "{$GLOBALS['CONFIG']['URL']}/data/{$module}/{$image}"; $image = suxFunct::myHttpServer() . $image; // Double check if (!filter_var($image, FILTER_VALIDATE_URL)) { $image = null; } if (!preg_match('/\\.(jpe?g|gif|png)$/i', $image)) { $image = null; } if ($image) { list($width, $height) = @getimagesize($image); } // -------------------------------------------------------------------- // Template // -------------------------------------------------------------------- if ($image && $width && $height) { // Get config variables $this->tpl->configLoad('my.conf', $module); $this->tpl->assign('module', $module); $this->tpl->assign('id', $id); $this->tpl->assign('x2', $this->tpl->getConfigVars('thumbnailWidth')); // Pavatar $this->tpl->assign('y2', $this->tpl->getConfigVars('thumbnailHeight')); $this->tpl->assign('url_to_source', $image); $this->tpl->assign('width', $width); $this->tpl->assign('height', $height); $this->tpl->assign('form_url', suxFunct::makeUrl("/cropper/{$module}/{$id}")); $this->tpl->assign('prev_url', suxFunct::getPreviousURL('cropper')); $this->r->title .= " | {$this->r->gtext['crop_image']}"; $this->tpl->display('cropper.tpl'); } else { throw new Exception('$image not found'); } }
/** * Build the form and show the template * * @param array $dirty reference to unverified $_POST */ function formBuild(&$dirty) { $photoalbum = array(); // Editing a photoalbum $tmp = $this->photo->getAlbumByID($this->id); if (!$tmp) { suxFunct::redirect(suxFunct::makeURL('/photos')); } // Invalid id $photoalbum['id'] = $tmp['id']; $photoalbum['cover'] = $tmp['thumbnail']; // Don't allow spoofing unset($dirty['id']); $this->tpl->assign($photoalbum); // -------------------------------------------------------------------- // Form logic // -------------------------------------------------------------------- if (!empty($dirty)) { $this->tpl->assign($dirty); } else { suxValidate::disconnect(); } if (!suxValidate::is_registered_form()) { suxValidate::connect($this->tpl, true); // Reset connection // Register our validators suxValidate::register_validator('integrity', 'integrity:id', 'hasIntegrity'); } // -------------------------------------------------------------------- // Templating // -------------------------------------------------------------------- // Start pager $this->pager->limit = $this->per_page; $this->pager->setStart(); $this->pager->setPages($this->photo->countPhotos($this->id)); $this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/photos/album/annotate/{$this->id}")); $this->r->arr['photos'] = $this->photo->getPhotos($this->pager->limit, $this->pager->start, $this->id); $this->r->text['form_url'] = suxFunct::makeUrl('/photos/album/annotate/' . $this->id, array('page' => $_GET['page'])); $this->r->text['back_url'] = suxFunct::getPreviousURL(); $this->r->title .= " | {$this->r->gtext['annotate_2']}"; $this->tpl->display('annotate.tpl'); }
/** * The form was successfuly processed */ function formSuccess() { suxFunct::redirect(suxFunct::makeUrl("/{$this->module}/admin/")); }
/** * Process the form * * @param array $clean reference to validated $_POST */ function formProcess(&$clean) { // -------------------------------------------------------------------- // Clear user caches // -------------------------------------------------------------------- foreach ($this->caches as $module) { // clear all caches with "nickname" as the first cache_id group $tpl = new suxTemplate($module); $tpl->clearCache(null, "{$_SESSION['nickname']}"); } // -------------------------------------------------------------------- // Action // -------------------------------------------------------------------- switch ($clean['action']) { case 'addvec': $this->nb->addVectorWithUser($clean['vector'], $_SESSION['users_id']); unset($clean['vector']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addvec", 1); // Private break; case 'remvec': // Security check if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) { // Remove vector $this->nb->removeVector($clean['vector_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remvec id: {$clean['vector_id']}", 1); // Private } unset($clean['vector_id']); break; case 'addcat': // Security check if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) { $this->nb->addCategory($clean['category'], $clean['vector_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addcat", 1); // Private } unset($clean['category']); break; case 'remcat': // Security check if ($this->nb->isCategoryOwner($clean['category_id'], $_SESSION['users_id'])) { // Remove category $this->nb->removeCategory($clean['category_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remcat id: {$clean['category_id']}", 1); // Private } unset($clean['category_id']); break; case 'adddoc': // Security check if ($this->nb->isCategoryTrainer($clean['category_id'], $_SESSION['users_id'])) { $this->nb->trainDocument($clean['document'], $clean['category_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() adddoc", 1); // Private } unset($clean['document']); break; case 'remdoc': // Security check if ($this->nb->isDocumentOwner($clean['document_id'], $_SESSION['users_id'])) { // Remove document $this->nb->untrainDocument($clean['document_id']); $this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remdoc id: {$clean['document_id']}", 1); // Private } unset($clean['document_id']); break; case 'sharevec': // Security check if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) { $clean['trainer'] = isset($clean['trainer']) && $clean['trainer'] ? true : false; $clean['owner'] = isset($clean['owner']) && $clean['owner'] ? true : false; $this->nb->shareVector($clean['users_id'], $clean['vector_id'], $clean['trainer'], $clean['owner']); $u = $this->user->getByID($clean['users_id']); // clear caches foreach ($this->caches as $module) { $tpl = new suxTemplate($module); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } // Log message $log = ''; $url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true); $log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> "; $log .= mb_strtolower($this->r->gtext['share_category']); $url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true); $log .= " <a href='{$url}'>{$u['nickname']}</a>"; // Log $this->log->write($_SESSION['users_id'], $log); $this->log->write($u['users_id'], $log); // Clear caches $tpl = new suxTemplate('user'); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } break; case 'unsharevec': foreach ($clean['unshare'] as $val) { foreach ($val as $vectors_id => $users_id) { $this->nb->unshareVector($users_id, $vectors_id); $u = $this->user->getByID($users_id); // Clear caches foreach ($this->caches as $module) { $tpl = new suxTemplate($module); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } // Log message $log = ''; $url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true); $log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> "; $log .= mb_strtolower($this->r->gtext['unshare_category']); $url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true); $log .= " <a href='{$url}'>{$u['nickname']}</a>"; // Log $this->log->write($_SESSION['users_id'], $log); $this->log->write($u['users_id'], $log); // Clear caches $tpl = new suxTemplate('user'); $tpl->clearCache(null, $_SESSION['nickname']); $tpl->clearCache(null, $u['nickname']); } } break; } }
/** * Render edit links * * @param array $params smarty {insert} parameters * @return string html */ function insert_editLinks($params) { if (!isset($_SESSION['users_id'])) { return null; } if (empty($params['album_id'])) { return null; } if (!filter_var($params['album_id'], FILTER_VALIDATE_INT) || $params['album_id'] < 1) { return null; } $br = null; if (isset($params['br'])) { $br = '<br />'; } // Check that the user is allowed to edit this album $u = new suxUser(); if (!$u->isRoot()) { $photo = new suxPhoto(); $access = $u->getAccess('photos'); if ($access < $GLOBALS['CONFIG']['ACCESS']['photos']['admin']) { if ($access < $GLOBALS['CONFIG']['ACCESS']['photos']['publisher']) { return null; } elseif (!$photo->isAlbumOwner($params['album_id'], $_SESSION['users_id'])) { return null; } } } $edit = suxFunct::makeUrl('/photos/album/edit/' . $params['album_id']); $annotate = suxFunct::makeUrl('/photos/album/annotate/' . $params['album_id']); $upload = suxFunct::makeUrl('/photos/upload/' . $params['album_id']); $text = suxFunct::gtext('photos'); $html = ''; $html .= "<a href='{$edit}'>{$text['edit_2']}</a>{$br}"; $html .= "<a href='{$upload}'>{$text['upload']}</a>{$br}"; $html .= "<a href='{$annotate}'>{$text['annotate_2']}</a>{$br}"; if (isset($params['div'])) { return '<div class="editLinks">' . $html . '</div>'; } else { return $html; } }
/** * Show a user if they are logged in or not */ function id_res_mode() { /* Assert truthiness of openid_identity and act accordingly */ if (!empty($_GET['openid_identity']) && $this->complete($_GET['openid_identity'])) { // Success // we have verified the identity // a maze of if/else follows... $this->destroyOpenIDSession(); $u = $this->user->getUserByOpenID($_GET['openid_identity']); if ($u) { if ($this->user->loginCheck() && $_SESSION['users_id'] != $u['users_id']) { // Wrong openid? $this->wrapHtml($this->r->gtext['error_id_conflict']); } else { // Log this user in $this->user->setSession($u['users_id']); suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $u['nickname'])); } } elseif ($this->user->loginCheck()) { if (!$this->urlDescends($_GET['openid_identity'], $this->profile['my_url'])) { // This must be this users id, attach it $this->user->attachOpenID($_GET['openid_identity']); } // Send this user to their own page suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname'])); } else { // Forward to registration $_SESSION['openid_url_registration'] = $_GET['openid_identity']; $_SESSION['openid_url_integrity'] = md5($_GET['openid_identity'] . @$GLOBALS['CONFIG']['SALT']); // Sreg $query = null; foreach ($_REQUEST as $key => $val) { if (preg_match('/^openid_sreg_/', $key)) { $tmp = str_replace('openid_sreg_', '', $key); $query[$tmp] = $val; } } suxFunct::redirect(suxFunct::makeUrl('/user/register', $query)); } } elseif (!empty($_GET['openid_identity'])) { // Failure $this->destroyOpenIDSession(); $this->wrapHtml($this->r->gtext['error_failed'] . ': ' . $_GET['openid_identity']); } else { // Otherwise, provide useless info $this->destroyOpenIDSession(); if ($this->user->loginCheck()) { $this->wrapHtml($this->r->gtext['logged_in'] . ' ' . $_SESSION['nickname']); } else { $this->wrapHtml($this->r->gtext['not_logged_in']); } } }
/** * Process the form * * @param array $clean reference to validated $_POST */ function formProcess(&$clean) { if (!isset($_FILES['image']) || !is_uploaded_file($_FILES['image']['tmp_name'])) { throw new Exception('No file uploaded?'); } // Check that the user is allowed to upload photos / Security check #2 if (!$this->user->isRoot()) { $access = $this->user->getAccess($this->module); if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['admin']) { if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['publisher']) { suxFunct::redirect(suxFunct::makeURL('/photos')); } elseif (!$this->photo->isAlbumOwner($clean['album'], $_SESSION['users_id'])) { suxFunct::redirect(suxFunct::makeURL('/photos')); } } } // Commence collecting $photo array $photo['photoalbums_id'] = $clean['album']; // Get extension $format = explode('.', $_FILES['image']['name']); $format = strtolower(end($format)); // Set the data dir $data_dir = suxFunct::dataDir($this->module); if ($format != 'zip') { // ---------------------------------------------------------------- // Image file // ---------------------------------------------------------------- list($resize, $fullsize) = suxPhoto::renameImage($_FILES['image']['name']); $photo['image'] = $resize; // Add image to $photo array $resize = $data_dir . "/{$resize}"; $fullsize = $data_dir . "/{$fullsize}"; $md5 = md5_file($_FILES['image']['tmp_name']); if (!$this->photo->isDupe($md5, $_SESSION['users_id'], $photo['photoalbums_id'])) { suxPhoto::resizeImage($format, $_FILES['image']['tmp_name'], $resize, $this->tpl->getConfigVars('thumbnailWidth'), $this->tpl->getConfigVars('thumbnailHeight')); move_uploaded_file($_FILES['image']['tmp_name'], $fullsize); // Insert $photo into database $photo['md5'] = $md5; $this->photo->savePhoto($_SESSION['users_id'], $photo); } } else { // ---------------------------------------------------------------- // Zip file // ---------------------------------------------------------------- $tmp_dir = $GLOBALS['CONFIG']['PATH'] . '/temporary/' . md5(uniqid(mt_rand(), true)); if (!is_dir($tmp_dir) && !mkdir($tmp_dir, 0777, true)) { throw new Exception('Can\'t create temp dir ' . $tmp_dir); } if (suxFunct::unzip($_FILES['image']['tmp_name'], $tmp_dir)) { $valid_formats = array('jpg', 'jpeg', 'png', 'gif'); $files = array(); foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($tmp_dir)) as $file) { if (!$file->isFile()) { continue; } if (mb_strpos($file->getPathname(), '__MACOSX') !== false) { continue; } $files[$file->getPathname()] = $file->getFilename(); } foreach ($files as $filepath => $file) { $format = explode('.', $file); $format = strtolower(end($format)); if (!in_array($format, $valid_formats)) { continue; } // Skip list($resize, $fullsize) = suxPhoto::renameImage($file); $photo['image'] = $resize; // Add image to $photo array $resize = $data_dir . "/{$resize}"; $fullsize = $data_dir . "/{$fullsize}"; $md5 = md5_file($filepath); if (!$this->photo->isDupe($md5, $_SESSION['users_id'], $photo['photoalbums_id'])) { suxPhoto::resizeImage($format, $filepath, $resize, $this->tpl->getConfigVars('thumbnailWidth'), $this->tpl->getConfigVars('thumbnailHeight')); copy($filepath, $fullsize); // Insert $photo into database $photo['md5'] = $md5; $this->photo->savePhoto($_SESSION['users_id'], $photo); } } } suxFunct::obliterateDir($tmp_dir); } $this->log->write($_SESSION['users_id'], "sux0r::photosUpload() photoalbums_id: {$photo['photoalbums_id']}", 1); // Private $this->photo->setPublished(true); $tmp = $this->photo->getAlbumByID($photo['photoalbums_id']); // Is actually published? $this->photo->setPublished(null); // Revert if ($tmp) { // Clear all caches, cheap and easy $this->tpl->clearAllCache(); // Log message $log = ''; $url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true); $log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> "; $log .= mb_strtolower($this->r->gtext['uploaded_images']); $url = suxFunct::makeUrl("/photos/album/{$tmp['id']}", null, true); $log .= " <a href='{$url}'>{$tmp['title']}</a>"; // Log $this->log->write($_SESSION['users_id'], $log); // Clear caches, cheap and easy $tpl = new suxTemplate('user'); $tpl->clearCache(null, $_SESSION['nickname']); } }
/** * The form was successfuly processed */ function formSuccess() { $this->tpl->clearCache(null, $_SESSION['nickname']); // Clear cache suxFunct::redirect(suxFunct::makeUrl('/blog/bookmarks/' . $this->id)); // Pass this on to bookmarks for scanning }
/** * controller * * @author Dac Chartrand <*****@*****.**> * @license http://www.fsf.org/licensing/licenses/gpl-3.0.html */ function sux($action, $params = null) { switch ($action) { case 'admin': // -------------------------------------------------------------------- // Admin // -------------------------------------------------------------------- $admin = new photosAdmin(); if ($admin->formValidate($_POST)) { $admin->formProcess($_POST); $admin->formSuccess(); } else { $admin->formBuild($_POST); } break; case 'view': // -------------------------------------------------------------------- // View // -------------------------------------------------------------------- if (empty($params[0]) || !filter_var($params[0], FILTER_VALIDATE_INT) || $params[0] < 1) { suxFunct::redirect(suxFunct::makeUrl('/photos')); } $photos = new photos(); $photos->view($params[0]); break; case 'upload': // -------------------------------------------------------------------- // Upload // -------------------------------------------------------------------- $edit = new photosUpload(@$params[0]); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; case 'album': // -------------------------------------------------------------------- // Edit // -------------------------------------------------------------------- if ($params[0] == 'edit') { $id = !empty($params[1]) ? $params[1] : null; $edit = new photoalbumsEdit($id); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; } elseif ($params[0] == 'annotate') { if (empty($params[1]) || !filter_var($params[1], FILTER_VALIDATE_INT) || $params[1] < 1) { suxFunct::redirect(suxFunct::makeUrl('/photos')); } $edit = new photosEdit($params[1]); if ($edit->formValidate($_POST)) { $edit->formProcess($_POST); $edit->formSuccess(); } else { $edit->formBuild($_POST); } break; } else { if (empty($params[0]) || !filter_var($params[0], FILTER_VALIDATE_INT) || $params[0] < 1) { suxFunct::redirect(suxFunct::makeUrl('/photos')); } $photos = new photos(); $photos->album($params[0]); break; } case 'user': // -------------------------------------------------------------------- // User // -------------------------------------------------------------------- if (empty($params[0])) { suxFunct::redirect(suxFunct::makeUrl('/photos')); } $photos = new photos(); $photos->listing($params[0]); break; case 'rss': // -------------------------------------------------------------------- // RSS // -------------------------------------------------------------------- $photos = new photos(); $photos->rss(); break; default: $photos = new photos(); $photos->listing(); break; } }
/** * Listing * * @param int $feeds_id a feed id */ function listing($feeds_id = null) { // Check if the user has any subscriptions $subscriptions = array(); if (isset($_SESSION['users_id'])) { $subscriptions = $this->link->getLinks('link__rss_feeds__users', 'users', $_SESSION['users_id']); $this->tpl->assign('users_id', $_SESSION['users_id']); } // Assign stuff $this->r->text['form_url'] = suxFunct::makeUrl("/feeds/{$feeds_id}"); // Forum Url $cache_id = null; // Title if ($feeds_id) { $this->r->title .= " | {$this->r->gtext['feed']}"; $tmp = $this->rss->getFeedByID($feeds_id); if ($tmp) { $this->r->title .= " | {$tmp['title']}"; } } else { $this->r->title .= " | {$this->r->gtext['feeds']}"; } if (list($vec_id, $cat_id, $threshold, $start, $search) = $this->nb->isValidFilter()) { // --------------------------------------------------------------- // Filtered results // --------------------------------------------------------------- if ($feeds_id || !count($subscriptions)) { // Regular queries $max = $this->rss->countItems($feeds_id); $eval = '$this->rss->getItems($this->pager->limit, $start, ' . ($feeds_id ? $feeds_id : 'null') . ')'; } else { // User has subscriptions, we need special JOIN queries $max = $this->countUserItems($_SESSION['users_id']); $eval = '$this->getUserItems($_SESSION[\'users_id\'], $this->pager->limit, $start)'; } $this->r->arr['feeds'] = $this->filter($max, $vec_id, $cat_id, $threshold, $start, $eval, $search); // Important: $start is a reference if ($start < $max) { if ($threshold !== false) { $params = array('threshold' => $threshold, 'filter' => $cat_id); } else { $params = array('filter' => $cat_id); } $params['search'] = $search; $url = suxFunct::makeUrl("/feeds/{$feeds_id}", $params); $this->r->text['pager'] = $this->pager->continueURL($start, $url); } } else { // --------------------------------------------------------------- // Paged results, cached // --------------------------------------------------------------- // Get nickname if (isset($_SESSION['nickname'])) { $nn = $_SESSION['nickname']; } else { $nn = 'nobody'; } $this->pager->setStart(); // Start pager // "Cache Groups" using a vertical bar | $cache_id = "{$nn}|listing|{$feeds_id}|{$this->pager->start}"; $this->tpl->caching = 1; if (!$this->tpl->isCached('scroll.tpl', $cache_id)) { if ($feeds_id || !count($subscriptions)) { // Regular queries $this->pager->setPages($this->rss->countItems($feeds_id)); $this->r->arr['feeds'] = $this->rss->getItems($this->pager->limit, $this->pager->start, $feeds_id); } else { // User has subscriptions, we need special JOIN queries $this->pager->setPages($this->countUserItems($_SESSION['users_id'])); $this->r->arr['feeds'] = $this->getUserItems($_SESSION['users_id'], $this->pager->limit, $this->pager->start); } $this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/feeds/{$feeds_id}")); if (!count($this->r->arr['feeds'])) { $this->tpl->caching = 0; } // Nothing to cache, avoid writing to disk } } $this->tpl->display('scroll.tpl', $cache_id); }
/** * Redirect to openid module * * @param array $clean reference to validated $_POST */ function formHandoff(&$clean) { $q = array('openid.mode' => 'login', 'openid_url' => $clean['url']); $url = suxFunct::makeUrl('/openid/register/openid', $q); suxFunct::redirect($url); }
/** * Display RSS Feed */ function rss() { // Cache $cache_id = 'rss'; $this->tpl->caching = 1; if (!$this->tpl->isCached('rss.tpl', $cache_id)) { $fp = $this->bm->get($this->pager->limit); if ($fp) { $rss = new suxRSS(); $title = "{$this->r->title} | {$this->r->gtext['bookmarks']}"; $url = suxFunct::makeUrl('/bookmarks', null, true); $rss->outputRSS($title, $url, null); foreach ($fp as $item) { $rss->addOutputItem($item['title'], $item['url'], $item['body_html']); } $this->tpl->assign('xml', $rss->saveXML()); } } // Template header('Content-type: text/xml; charset=utf-8'); $this->tpl->display('rss.tpl', $cache_id); }
// Set utf-8 header('Content-Type: text/html;charset=utf-8'); mb_internal_encoding('UTF-8'); mb_regex_encoding('UTF-8'); mb_language('uni'); // Avoid problems with arg_separator.output ini_set('arg_separator.output', '&'); // Set the default timezone date_default_timezone_set($GLOBALS['CONFIG']['TIMEZONE']); // Get rid of magic quotes if (get_magic_quotes_gpc() && !ini_get('magic_quotes_sybase')) { $in = array(&$_GET, &$_POST, &$_REQUEST, &$_COOKIE, &$_FILES); while (list($k, $v) = each($in)) { foreach ($v as $key => $val) { if (!is_array($val)) { $in[$k][$key] = stripslashes($val); continue; } $in[] =& $in[$k][$key]; } } unset($in); } // Include suxUser require_once $GLOBALS['CONFIG']['PATH'] . '/includes/suxUser.php'; // Validate user $_SESSION if (isset($_SESSION['users_id']) || isset($_SESSION['nickname'])) { $u = new suxUser(); $u->loginCheck(suxFunct::makeUrl('/home')); } unset($u);
<?php /* Navigation menu */ $gtext['navcontainer'] = array('Home' => suxFunct::makeUrl('/home'), 'Blog' => array(suxFunct::makeUrl('/blog'), suxFunct::getModuleMenu('blog')), 'Feeds' => array(suxFunct::makeUrl('/feeds'), suxFunct::getModuleMenu('feeds')), 'Bookmarks' => array(suxFunct::makeUrl('/bookmarks'), suxFunct::getModuleMenu('bookmarks')), 'Photos' => array(suxFunct::makeUrl('/photos'), suxFunct::getModuleMenu('photos')), 'Source Code' => 'http://sourceforge.net/projects/sux0r/'); /* Copyright */ $gtext['copyright'] = '<a href="http://sux0r.trotch.com/">sux0r</a> is copyleft © <a href="http://www.trotch.com/">Trotch.com</a> ' . date('Y') . ' and is distributed under the <a href="http://www.fsf.org/licensing/licenses/gpl-3.0.html">GNU General Public License</a>. Hosting by <a href="http://www.networkredux.com/">Network Redux</a>.'; $gtext['data_license'] = 'Unless otherwise specified, contents of this site are copyright by the contributors and available under the <br /> <a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a>. Contributors should be attributed by full name or nickname.'; /* Now back our regular scheduled program */ $gtext['404_continue'] = 'Click here to continue'; $gtext['404_h1'] = 'Oops, Page Not Found (Error 404)'; $gtext['404_p1'] = 'For some reason (mis-typed URL, faulty referral from another site, out-of-date search engine listing or we simply deleted a file) the page you were after is not here.'; $gtext['admin'] = 'Administration'; $gtext['banned_continue'] = 'Click here to continue'; $gtext['banned_h1'] = 'Banned'; $gtext['banned_p1'] = 'You have been a bad person, a very very bad person.'; $gtext['continue'] = 'Continue'; $gtext['home'] = 'Home'; $gtext['login'] = '******'; $gtext['logout'] = 'Logout'; $gtext['register'] = 'Register'; $gtext['welcome'] = 'Welcome';
/** * Get the stalkers * * @param int $users_id * @return string html */ function stalkers($users_id) { if (!filter_var($users_id, FILTER_VALIDATE_INT) || $users_id < 1) { return null; } // Cache static $html = null; if ($html != null) { return $html; } $html = ''; $soc = new suxSocialNetwork(); $rel = $soc->getStalkers($users_id); if (!$rel) { return $html; } $tpl = new suxTemplate('user'); $tpl->configLoad('my.conf', 'user'); $tw = $tpl->getConfigVars('thumbnailWidth'); $th = $tpl->getConfigVars('thumbnailHeight'); foreach ($rel as $val) { $u = $this->user->getByID($val['users_id'], true); if (!$u) { continue; } // Skip $url = suxFunct::makeUrl('/user/profile/' . $u['nickname']); if (empty($u['image'])) { $img = suxFunct::makeUrl('/') . "/media/{$this->partition}/assets/proletariat.gif"; } else { $u['image'] = rawurlencode($u['image']); $img = suxFunct::makeUrl('/') . "/data/user/{$u['image']}"; } $html .= "<a href='{$url}' class='stalker'>"; $html .= "<img src='{$img}' class='stalker' width='{$tw}' height='{$th}' alt='{$u['nickname']}' title = '{$u['nickname']}' />"; $html .= "</a>"; } return $html; }