public function __construct()
 {
     parent::__construct();
     $iGroupId = $this->httpRequest->get('group_id', 'int');
     $oPayModel = new PaymentModel();
     $oMembership = $oPayModel->getMemberships($iGroupId);
     if (!$this->str->equals($this->httpRequest->post('name'), $oMembership->name)) {
         $oPayModel->updateMembershipGroup('name', $this->httpRequest->post('name'), $iGroupId);
     }
     if (!$this->str->equals($this->httpRequest->post('description'), $oMembership->description)) {
         $oPayModel->updateMembershipGroup('description', $this->httpRequest->post('description'), $iGroupId);
     }
     $aPerms = serialize($this->httpRequest->post('perms'));
     $oPayModel->updateMembershipGroup('permissions', $aPerms, $iGroupId);
     if (!$this->str->equals($this->httpRequest->post('price'), $oMembership->price)) {
         $oPayModel->updateMembershipGroup('price', $this->httpRequest->post('price'), $iGroupId);
     }
     if (!$this->str->equals($this->httpRequest->post('expiration_days'), $oMembership->expirationDays)) {
         $oPayModel->updateMembershipGroup('expirationDays', $this->httpRequest->post('expiration_days'), $iGroupId);
     }
     if (!$this->str->equals($this->httpRequest->post('enable'), $oMembership->enable)) {
         $oPayModel->updateMembershipGroup('enable', $this->httpRequest->post('enable'), $iGroupId);
     }
     unset($oPayModel);
     /* Clean UserCoreModel Cache */
     (new Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear();
     Header::redirect(Uri::get('payment', 'admin', 'membershiplist'), t('The Membership has been saved successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $oCommentModel = new CommentModel();
     $sComment = $this->httpRequest->post('comment');
     $sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
     $iTimeDelay = (int) DbConfig::getSetting('timeDelaySendComment');
     $sTable = $this->httpRequest->get('table');
     $iRecipientId = $this->httpRequest->get('recipient', 'int');
     $iSenderId = (int) $this->session->get('member_id');
     if (!$oCommentModel->idExists($iRecipientId, $sTable)) {
         \PFBC\Form::setError('form_comment', t('The comment recipient does not exists.'));
     } elseif (!$oCommentModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime, $sTable)) {
         \PFBC\Form::setError('form_comment', Form::waitWriteMsg($iTimeDelay));
     } elseif ($oCommentModel->isDuplicateContent($iSenderId, $sComment, $sTable)) {
         \PFBC\Form::setError('form_comment', Form::duplicateContentMsg());
     } else {
         if (!$oCommentModel->add($sComment, $iRecipientId, $iSenderId, 1, $sCurrentTime, $sTable)) {
             \PFBC\Form::setError('form_comment', t('Oops! Error when adding comment.'));
         } else {
             /* Clean All Data of CommentModel Cache */
             (new Framework\Cache\Cache())->start(CommentCoreModel::CACHE_GROUP, null, null)->clear();
             HeaderUrl::redirect(Uri::get('comment', 'comment', 'read', $sTable . ',' . $iRecipientId), t('The comment has been sent successfully!'));
         }
     }
     unset($oCommentModel);
 }
 public function __construct()
 {
     parent::__construct();
     $iCategoryId = $this->httpRequest->get('category_id', 'int');
     (new ForumModel())->updateCategory($iCategoryId, $this->httpRequest->post('title'));
     Header::redirect(Uri::get('forum', 'forum', 'index'), t('The Category has been updated successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $iForumId = $this->httpRequest->get('forum_id', 'int');
     (new ForumModel())->updateForum($iForumId, $this->httpRequest->post('category_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
     HeaderUrl::redirect(Uri::get('forum', 'forum', 'index'), t('Your message has been updated successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     /**
      * This can cause minor errors (eg if a user sent a file that is not a video).
      * So we hide the errors if we are not in development mode.
      */
     if (!isDebug()) {
         error_reporting(0);
     }
     // Resizing and saving the video album thumbnail
     $oPicture = new Image($_FILES['album']['tmp_name']);
     if (!$oPicture->validate()) {
         \PFBC\Form::setError('form_video_album', Form::wrongImgFileTypeMsg());
     } else {
         $iApproved = DbConfig::getSetting('videoManualApproval') == 0 ? '1' : '0';
         $sFileName = Various::genRnd($oPicture->getFileName(), 1) . '-thumb.' . $oPicture->getExt();
         (new VideoModel())->addAlbum($this->session->get('member_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $sFileName, $this->dateTime->get()->dateTime('Y-m-d H:i:s'), $iApproved);
         $iLastAlbumId = (int) Db::getInstance()->lastInsertId();
         $oPicture->square(200);
         /* Set watermark text on thumbnail */
         $sWatermarkText = DbConfig::getSetting('watermarkTextImage');
         $iSizeWatermarkText = DbConfig::getSetting('sizeWatermarkTextImage');
         $oPicture->watermarkText($sWatermarkText, $iSizeWatermarkText);
         $sPath = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'video/file/' . $this->session->get('member_username') . PH7_DS . $iLastAlbumId . PH7_DS;
         $this->file->createDir($sPath);
         $oPicture->save($sPath . $sFileName);
         /* Clean VideoModel Cache */
         (new Framework\Cache\Cache())->start(VideoModel::CACHE_GROUP, null, null)->clear();
         HeaderUrl::redirect(Uri::get('video', 'main', 'addvideo', $iLastAlbumId));
     }
 }
 public function __construct()
 {
     parent::__construct();
     $oUser = new UserCore();
     $oUserModel = new UserCoreModel();
     $oExistsModel = new ExistsCoreModel();
     $oValidate = new Validate();
     $aUserData = json_decode($this->file->getFile('http://api.randomuser.me/?results=' . $this->httpRequest->post('num')), true);
     foreach ($aUserData['results'] as $aUser) {
         $aUser = $aUser['user'];
         $sEmail = trim($aUser['email']);
         $sUsername = trim($aUser['username']);
         if ($oValidate->email($sEmail) && !$oExistsModel->email($sEmail) && $oValidate->username($sUsername)) {
             $aData['username'] = $sUsername;
             $aData['email'] = $sEmail;
             $aData['first_name'] = $aUser['name']['first'];
             $aData['last_name'] = $aUser['name']['last'];
             $aData['password'] = $aUser['password'];
             $aData['sex'] = $aUser['gender'];
             $aData['match_sex'] = array($oUser->getMatchSex($aData['sex']));
             $aData['country'] = 'US';
             $aData['city'] = $aUser['location']['city'];
             $aData['state'] = $aUser['location']['state'];
             $aData['zip_code'] = $aUser['location']['zip'];
             $aData['birth_date'] = $this->dateTime->get($aUser['dob'])->date('Y-m-d');
             $aData['avatar'] = $aUser['picture']['large'];
             $aData['ip'] = Ip::get();
             $aData['profile_id'] = $oUserModel->add(escape($aData, true));
             $this->_addAvatar($aData, $oUser);
         }
     }
     unset($oUser, $oUserModel, $oExistsModel, $oValidate, $aUser, $aData, $aUserData);
     \PFBC\Form::setSuccess('form_add_fake_profiles', t('Users has been successfully added.'));
 }
 public function __construct()
 {
     parent::__construct();
     $oAffModel = new AffiliateModel();
     $oSecurityModel = new SecurityModel();
     $sEmail = $this->httpRequest->post('mail');
     $sPassword = $this->httpRequest->post('password');
     /** Check if the connection is not locked **/
     $bIsLoginAttempt = (bool) DbConfig::getSetting('isAffiliateLoginAttempt');
     $iMaxAttempts = (int) DbConfig::getSetting('maxAffiliateLoginAttempts');
     $iTimeDelay = (int) DbConfig::getSetting('loginAffiliateAttemptTime');
     if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Affiliates')) {
         \PFBC\Form::setError('form_login_aff', Form::loginAttemptsExceededMsg($iTimeDelay));
         return;
         // Stop execution of the method.
     }
     // Check Login
     $sLogin = $oAffModel->login($sEmail, $sPassword, 'Affiliates');
     if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
         sleep(1);
         // Security against brute-force attack to avoid drowning the server and the database
         if ($sLogin === 'email_does_not_exist') {
             $this->session->set('captcha_enabled', 1);
             // Enable Captcha
             \PFBC\Form::setError('form_login_aff', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
             $oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username', 'Affiliates');
         } elseif ($sLogin === 'password_does_not_exist') {
             $oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password', 'Affiliates');
             if ($bIsLoginAttempt) {
                 $oSecurityModel->addLoginAttempt('Affiliates');
             }
             $this->session->set('captcha_enabled', 1);
             // Enable Captcha
             $sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
             $sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
             $sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'affiliate'));
             \PFBC\Form::setError('form_login_aff', $sWrongPwdTxt);
         }
     } else {
         $oSecurityModel->clearLoginAttempts('Affiliates');
         $this->session->remove('captcha_enabled');
         $iId = $oAffModel->getId($sEmail, null, 'Affiliates');
         $oAffData = $oAffModel->readProfile($iId, 'Affiliates');
         if (true !== ($mStatus = (new AffiliateCore())->checkAccountStatus($oAffData))) {
             \PFBC\Form::setError('form_login_aff', $mStatus);
         } else {
             // Is disconnected if the user is logged on as "user" or "administrator".
             if (UserCore::auth() || AdminCore::auth()) {
                 $this->session->destroy();
             }
             // Regenerate the session ID to prevent the session fixation
             $this->session->regenerateId();
             $aSessionData = ['affiliate_id' => $oAffData->profileId, 'affiliate_email' => $oAffData->email, 'affiliate_username' => $oAffData->username, 'affiliate_first_name' => $oAffData->firstName, 'affiliate_sex' => $oAffData->sex, 'affiliate_ip' => Ip::get(), 'affiliate_http_user_agent' => $this->browser->getUserAgent(), 'affiliate_token' => Various::genRnd($oAffData->email)];
             $this->session->set($aSessionData);
             $oSecurityModel->addLoginLog($oAffData->email, $oAffData->username, '*****', 'Logged in!', 'Affiliates');
             $oAffModel->setLastActivity($oAffData->profileId, 'Affiliates');
             Header::redirect(Uri::get('affiliate', 'account', 'index'), t('You are successfully logged!'));
         }
     }
 }
 public function __construct()
 {
     parent::__construct();
     // PH7\UserCoreModel::login() method of the UserCoreModel Class works only for "user" and "affiliate" module.
     $oPasswordModel = $this->registry->module == PH7_ADMIN_MOD ? new AdminModel() : new UserCoreModel();
     $sEmail = $this->registry->module == PH7_ADMIN_MOD ? $this->session->get('admin_email') : ($this->registry->module == 'user' ? $this->session->get('member_email') : $this->session->get('affiliate_email'));
     $sTable = $this->registry->module == PH7_ADMIN_MOD ? 'Admins' : ($this->registry->module == 'user' ? 'Members' : 'Affiliates');
     $sMod = $this->registry->module == PH7_ADMIN_MOD ? PH7_ADMIN_MOD : ($this->registry->module == 'user' ? 'user' : 'affiliate');
     $sAction = $this->registry->module == 'affiliate' ? 'home' : 'main';
     // Login
     if ($this->registry->module == PH7_ADMIN_MOD) {
         $mLogin = $oPasswordModel->adminLogin($sEmail, $this->session->get('admin_username'), $this->httpRequest->post('old_password'));
     } else {
         $mLogin = $oPasswordModel->login($sEmail, $this->httpRequest->post('old_password'), $sTable);
     }
     // Check
     if ($this->httpRequest->post('new_password') !== $this->httpRequest->post('new_password2')) {
         \PFBC\Form::setError('form_change_password', t('The passwords do not match.'));
     } elseif ($this->httpRequest->post('old_password') === $this->httpRequest->post('new_password')) {
         \PFBC\Form::setError('form_change_password', t('The old and new passwords are identical. So why do you change your password?'));
     } elseif ($mLogin !== true) {
         \PFBC\Form::setError('form_change_password', t('The old password is not correct.'));
     } else {
         // Update
         $oPasswordModel->changePassword($sEmail, $this->httpRequest->post('new_password'), Various::genRnd(), Various::genRnd(), $sTable);
         \PFBC\Form::setSuccess('form_change_password', t('Your password has been correctly updated.'));
     }
 }
 public function __construct($sTable)
 {
     parent::__construct();
     $oUserModel = new UserCoreModel();
     $sMail = $this->httpRequest->post('mail');
     if (!($iProfileId = $oUserModel->getId($sMail, null, $sTable))) {
         sleep(1);
         // Security against brute-force attack to avoid drowning the server and the database
         \PFBC\Form::setError('form_forgot_password', t('Oops, this "%0%" is not associated with any %site_name% account. Please, make sure that you entered the e-mail address used in creating your account.', escape(substr($sMail, 0, PH7_MAX_EMAIL_LENGTH))));
     } else {
         $oUserModel->setNewHashValidation($iProfileId, Various::genRnd(), $sTable);
         (new UserCore())->clearReadProfileCache($iProfileId, $sTable);
         // Clean the profile data (for the new hash)
         $oData = $oUserModel->readProfile($iProfileId, $sTable);
         /** We place the text outside of Uri::get() otherwise special characters will be deleted and the parameters passed in the url will be unusable thereafter. **/
         $sResetUrl = Uri::get('lost-password', 'main', 'reset', $this->httpRequest->get('mod')) . PH7_SH . $oData->email . PH7_SH . $oData->hashValidation;
         $this->view->content = t('Hello %0%!<br />Somebody (from the IP address %1%) has requested a new password for their account.', $oData->username, Ip::get()) . '<br />' . t('If you requested for this, click on the link below, otherwise ignore this email and your password will remain unchanged.') . '<br /><a href="' . $sResetUrl . '">' . $sResetUrl . '</a>';
         $sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/lost-password/confirm-lost-password.tpl', $oData->email);
         $aInfo = ['to' => $oData->email, 'subject' => t('Request for new password - %site_name%')];
         unset($oData);
         if (!(new Mail())->send($aInfo, $sMessageHtml)) {
             \PFBC\Form::setError('form_forgot_password', Form::errorSendingEmail());
         } else {
             \PFBC\Form::setSuccess('form_forgot_password', t('Successfully requested a new password, email sent!'));
         }
     }
     unset($oUserModel);
 }
 /**
  * @param string $sConfigVar Specify the variable in the INI file where module options. Default module.setting
  * @param string $sIniFile The path of INI config file.
  * @return void
  */
 public function __construct($sConfigVar, $sIniFile)
 {
     parent::__construct();
     $aOldData = parse_ini_file($sIniFile, true);
     $sData = file_get_contents($sIniFile);
     foreach ($this->httpRequest->post('config') as $sKey => $sVal) {
         $sData = str_replace($sKey . ' = ' . $aOldData[$sConfigVar][$sKey], $sKey . ' = ' . $sVal, $sData);
         /**
          * ----- Replacement with quotes -----
          * For non-alphanumeric characters and especially for special  characters.
          * For example, it is very important to put quotes between the dollar sign "$", otherwise you'll get errors in the parsing of INI files.
          */
         $sData = str_replace($sKey . ' = "' . $aOldData[$sConfigVar][$sKey] . '"', $sKey . ' = "' . $sVal . '"', $sData);
     }
     // Check and correct the file permission if necessary.
     $this->file->chmod($sIniFile, 0644);
     $sRedirectUrl = $this->httpRequest->previousPage();
     if ($this->file->save($sIniFile, $sData)) {
         HeaderUrl::redirect($sRedirectUrl, 'The file content was saved successfully!');
     } else {
         HeaderUrl::redirect($sRedirectUrl, t('The file content could not be saved!'), 'error');
     }
     // Check and correct the file permission if necessary.
     $this->file->chmod($sIniFile, 0644);
 }
 public function __construct()
 {
     parent::__construct();
     $sTable = $this->registry->module == 'user' ? 'Members' : 'Affiliates';
     $sSessPrefix = $this->registry->module == 'user' ? 'member' : 'affiliate';
     if ((new UserCoreModel())->login($this->session->get($sSessPrefix . '_email'), $this->httpRequest->post('password'), $sTable) === 'password_does_not_exist') {
         \PFBC\Form::setError('form_delete_account', t('Oops! This password you entered is incorrect.'));
     } else {
         $sUsername = $this->session->get($sSessPrefix . '_username');
         $sMembershipType = $this->registry->module == 'affiliate' ? t('Affiliate') : t('Member');
         $this->view->membership = t('Type of Membership: %0%.', $sMembershipType);
         $this->view->message = nl2br($this->httpRequest->post('message'));
         $this->view->why_delete = t('Due to the deletion of the account: %0%', $this->httpRequest->post('why_delete'));
         $this->view->footer_title = t('Information of the user who has deleted their account');
         $this->view->email = t('Email: %0%', $this->session->get($sSessPrefix . '_email'));
         $this->view->username = t('Username: %0%', $sUsername);
         $this->view->first_name = t('First Name: %0%', $this->session->get($sSessPrefix . '_first_name'));
         $this->view->sex = t('Sex: %0%', $this->session->get($sSessPrefix . '_sex'));
         $this->view->ip = t('User IP: %0%', $this->session->get($sSessPrefix . '_ip'));
         $this->view->browser_info = t('Browser info: %0%', $this->session->get($sSessPrefix . '_http_user_agent'));
         $sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/core/delete_account.tpl', DbConfig::getSetting('adminEmail'));
         $sMembershipName = $this->registry->module == 'user' ? t('Member') : t('Affiliate');
         $aInfo = ['subject' => t('Unregister %0% - User: %1%', $sMembershipName, $sUsername)];
         (new Mail())->send($aInfo, $sMessageHtml);
         $oUserModel = $this->registry->module == 'user' ? new UserCore() : new AffiliateCore();
         $oUserModel->delete($this->session->get($sSessPrefix . '_id'), $sUsername);
         unset($oUserModel);
         $this->session->destroy();
         Header::redirect(Uri::get('user', 'main', 'soon'), t('You delete account is successfully!'));
     }
 }
Beispiel #12
0
 public function __construct()
 {
     parent::__construct();
     $this->oUserModel = new UserModel();
     $this->oRegistration = new Registration();
     $this->iActiveType = DbConfig::getSetting('userActivationType');
 }
 public function __construct()
 {
     parent::__construct();
     // Thumbnail
     $oImg = new Image($_FILES['thumb']['tmp_name']);
     if (!$oImg->validate()) {
         \PFBC\Form::setError('form_game', Form::wrongImgFileTypeMsg());
         return;
         // Stop execution of the method.
     }
     $sThumbFile = Various::genRnd($oImg->getFileName(), 30) . $oImg->getExt();
     $sThumbDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/img/thumb/';
     $oImg->square(60);
     $oImg->save($sThumbDir . $sThumbFile);
     unset($oImg);
     // Game
     $sGameFile = Various::genRnd($_FILES['file']['name'], 30) . PH7_DOT . $this->file->getFileExt($_FILES['file']['name']);
     $sGameDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/file/';
     // If the folders is not created (games not installed), yet we will create.
     $this->file->createDir(array($sThumbDir, $sGameDir));
     if (!@move_uploaded_file($_FILES['file']['tmp_name'], $sGameDir . $sGameFile)) {
         \PFBC\Form::setError('form_game', t('Impossible to upload the game. If you are the administrator, please check if the folder of games data has the write permission (CHMOD 755).'));
     } else {
         $aData = ['category_id' => $this->httpRequest->post('category_id', 'int'), 'name' => $this->httpRequest->post('name'), 'title' => $this->httpRequest->post('title'), 'description' => $this->httpRequest->post('description'), 'keywords' => $this->httpRequest->post('keywords'), 'thumb' => $sThumbFile, 'file' => $sGameFile];
         (new GameModel())->add($aData);
         /* Clean GameModel Cache */
         (new Framework\Cache\Cache())->start(GameModel::CACHE_GROUP, null, null)->clear();
         HeaderUrl::redirect(Uri::get('game', 'main', 'game', $aData['title'] . ',' . Db::getInstance()->lastInsertId()), t('The game was added successfully!'));
     }
 }
 public function __construct()
 {
     parent::__construct();
     $aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'sex' => $this->httpRequest->post('sex'), 'time_zone' => $this->httpRequest->post('time_zone'), 'ip' => Ip::get()];
     (new AdminModel())->add($aData);
     Header::redirect(Uri::get(PH7_ADMIN_MOD, 'admin', 'browse'), t('The administrator has been successfully added.'));
 }
 public function __construct()
 {
     parent::__construct();
     $oBlog = new Blog();
     $oBlogModel = new BlogModel();
     if (!$oBlog->checkPostId($this->httpRequest->post('post_id'))) {
         \PFBC\Form::setError('form_blog', t('The ID of the article is invalid or incorrect.'));
     } else {
         $aData = ['post_id' => $this->httpRequest->post('post_id'), 'lang_id' => $this->httpRequest->post('lang_id'), 'title' => $this->httpRequest->post('title'), 'content' => $this->httpRequest->post('content', Http::ONLY_XSS_CLEAN), 'slogan' => $this->httpRequest->post('$slogan'), 'tags' => $this->httpRequest->post('tags'), 'page_title' => $this->httpRequest->post('page_title'), 'meta_description' => $this->httpRequest->post('meta_description'), 'meta_keywords' => $this->httpRequest->post('meta_keywords'), 'meta_robots' => $this->httpRequest->post('meta_robots'), 'meta_author' => $this->httpRequest->post('meta_author'), 'meta_copyright' => $this->httpRequest->post('meta_copyright'), 'enable_comment' => $this->httpRequest->post('enable_comment'), 'created_date' => $this->dateTime->get()->dateTime('Y-m-d H:i:s')];
         if (!$oBlogModel->addPost($aData)) {
             $this->sMsg = t('An error occurred while adding the article.');
         } else {
             /*** Set the categorie(s) ***/
             /**
              * WARNING: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant, otherwise the Http::post() method
              * removes the special tags and damages the SQL queries for entry into the database.
              */
             $iBlogId = Db::getInstance()->lastInsertId();
             foreach ($this->httpRequest->post('category_id', Http::ONLY_XSS_CLEAN) as $iCategoryId) {
                 $oBlogModel->addCategory($iCategoryId, $iBlogId);
             }
             /*** Set the thumbnail if there's one ***/
             $oPost = $oBlogModel->readPost($aData['post_id']);
             $oBlog->setThumb($oPost, $this->file);
             /* Clean BlogModel Cache */
             (new Framework\Cache\Cache())->start(BlogModel::CACHE_GROUP, null, null)->clear();
             $this->sMsg = t('Post created successfully!');
         }
         Header::redirect(Uri::get('blog', 'main', 'read', $this->httpRequest->post('post_id')), $this->sMsg);
     }
 }
 public function __construct()
 {
     parent::__construct();
     $sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d');
     $aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'middle_name' => $this->httpRequest->post('middle_name'), 'sex' => $this->httpRequest->post('sex'), 'birth_date' => $sBirthDate, 'country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'phone' => $this->httpRequest->post('phone'), 'description' => $this->httpRequest->post('description'), 'website' => $this->httpRequest->post('website'), 'bank_account' => $this->httpRequest->post('bank_account'), 'ip' => Ip::get()];
     (new AffiliateModel())->add($aData);
     Header::redirect(Uri::get('affiliate', 'admin', 'browse'), t('The affiliate has been successfully added.'));
 }
 public function __construct()
 {
     parent::__construct();
     $bStatus = $this->file->save(PH7_PATH_PROTECTED . $this->httpRequest->get('file'), $this->httpRequest->post('content', Http::NO_CLEAN));
     $sMsg = $bStatus ? t('The file content was saved successfully!') : t('The file content could not be saved!');
     $sMsgType = $bStatus ? 'success' : 'error';
     Header::redirect($this->httpRequest->previousPage(), $sMsg, $sMsgType);
 }
 public function __construct()
 {
     parent::__construct();
     (new AdsCoreModel())->add($_POST['title'], $_POST['code'], 'AdsAffiliates');
     /* Clean Model\Design for STATIC data */
     (new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear();
     Header::redirect(Uri::get('affiliate', 'admin', 'ads'), t('The Advertisements was added successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $iForumId = $this->httpRequest->get('forum_id', 'int');
     $iTopicId = $this->httpRequest->get('topic_id', 'int');
     (new ForumModel())->updateTopic($this->session->get('member_id'), $iTopicId, $this->httpRequest->post('title'), $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
     Header::redirect(Uri::get('forum', 'forum', 'post', $this->httpRequest->get('forum_name') . ',' . $iForumId . ',' . $this->httpRequest->post('title') . ',' . $iTopicId), t('Your message has been updated successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $sIp = Ip::get();
     $oAdminModel = new AdminModel();
     $oSecurityModel = new SecurityModel();
     $sEmail = $this->httpRequest->post('mail');
     $sUsername = $this->httpRequest->post('username');
     $sPassword = $this->httpRequest->post('password');
     /*** Security IP Login ***/
     $sIpLogin = DbConfig::getSetting('ipLogin');
     /*** Check if the connection is not locked ***/
     $bIsLoginAttempt = (bool) DbConfig::getSetting('isAdminLoginAttempt');
     $iMaxAttempts = (int) DbConfig::getSetting('maxAdminLoginAttempts');
     $iTimeDelay = (int) DbConfig::getSetting('loginAdminAttemptTime');
     if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Admins')) {
         \PFBC\Form::setError('form_admin_login', Form::loginAttemptsExceededMsg($iTimeDelay));
         return;
         // Stop execution of the method.
     }
     /*** Check Login ***/
     $bIsLogged = $oAdminModel->adminLogin($sEmail, $sUsername, $sPassword);
     $bIsIpBanned = !empty($sIpLogin) && $sIpLogin !== $sIp;
     if (!$bIsLogged || $bIsIpBanned) {
         sleep(2);
         // Security against brute-force attack to avoid drowning the server and the database
         if (!$bIsLogged) {
             $oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Incorrect Email, Username or Password', 'Admins');
             if ($bIsLoginAttempt) {
                 $oSecurityModel->addLoginAttempt('Admins');
             }
             $this->session->set('captcha_admin_enabled', 1);
             // Enable Captcha
             \PFBC\Form::setError('form_admin_login', t('"Email", "Username" or "Password" is Incorrect'));
         } elseif ($bIsIpBanned) {
             $this->session->set('captcha_admin_enabled', 1);
             // Enable Captcha
             \PFBC\Form::setError('form_admin_login', t('Incorrect Login!'));
             $oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Bad Ip adress', 'Admins');
         }
     } else {
         $oSecurityModel->clearLoginAttempts('Admins');
         $this->session->remove('captcha_admin_enabled');
         // Is disconnected if the user is logged on as "user" or "affiliate".
         if (UserCore::auth() || AffiliateCore::auth()) {
             $this->session->destroy();
         }
         $iId = $oAdminModel->getId($sEmail, null, 'Admins');
         $oAdminData = $oAdminModel->readProfile($iId, 'Admins');
         // Regenerate the session ID to prevent the session fixation
         $this->session->regenerateId();
         $aSessionData = array('admin_id' => $oAdminData->profileId, 'admin_email' => $oAdminData->email, 'admin_username' => $oAdminData->username, 'admin_first_name' => $oAdminData->firstName, 'admin_ip' => $sIp, 'admin_http_user_agent' => $this->browser->getUserAgent(), 'admin_token' => Various::genRnd($oAdminData->email));
         $this->session->set($aSessionData);
         $oSecurityModel->addLoginLog($sEmail, $sUsername, '*****', 'Logged in!', 'Admins');
         $oAdminModel->setLastActivity($oAdminData->profileId, 'Admins');
         HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'index'), t('You signup is successfully!'));
     }
 }
 public function __construct()
 {
     parent::__construct();
     $aData = ['name' => $this->httpRequest->post('name'), 'description' => $this->httpRequest->post('description'), 'permissions' => serialize($this->httpRequest->post('perms')), 'price' => $this->httpRequest->post('price'), 'expirationDays' => $this->httpRequest->post('expiration_days'), 'enable' => $this->httpRequest->post('enable')];
     (new PaymentModel())->addMembership($aData);
     /* Clean UserCoreModel Cache */
     (new Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear();
     Header::redirect(Uri::get('payment', 'admin', 'membershiplist'), t('The Membership has been added!'));
 }
 public function __construct()
 {
     parent::__construct();
     $sTable = AdsCore::getTable();
     (new AdsCoreModel())->update($this->httpRequest->post('id_ads'), $this->httpRequest->post('title'), $this->httpRequest->post('code', Http::NO_CLEAN), $sTable);
     /* Clean Model\Design for STATIC data */
     (new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear();
     \PFBC\Form::setSuccess('form_update_ads', t('The Advertisements was saved successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $aData = ['id' => $this->httpRequest->get('id', 'int'), 'category_id' => $this->httpRequest->post('category_id', 'int'), 'name' => $this->httpRequest->post('name'), 'title' => $this->httpRequest->post('title'), 'description' => $this->httpRequest->post('description'), 'keywords' => $this->httpRequest->post('keywords')];
     (new GameModel())->update($aData);
     /* Clean GameModel Cache */
     (new Framework\Cache\Cache())->start(GameModel::CACHE_GROUP, null, null)->clear();
     Header::redirect(Uri::get('game', 'main', 'index'), t('The game has been updated successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $iAlbumId = (int) $this->httpRequest->get('album_id');
     (new PictureModel())->updateAlbum($this->session->get('member_id'), $iAlbumId, $this->httpRequest->post('name'), $this->httpRequest->post('description'), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
     /* Clean PictureModel Cache */
     (new Framework\Cache\Cache())->start(PictureModel::CACHE_GROUP, null, null)->clear();
     HeaderUrl::redirect(Uri::get('picture', 'main', 'albums', $this->session->get('member_username'), $iAlbumId), t('Your album has been updated successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $oUserModel = new UserCoreModel();
     $oSecurityModel = new SecurityModel();
     $sEmail = $this->httpRequest->post('mail');
     $sPassword = $this->httpRequest->post('password');
     /** Check if the connection is not locked **/
     $bIsLoginAttempt = (bool) DbConfig::getSetting('isUserLoginAttempt');
     $iMaxAttempts = (int) DbConfig::getSetting('maxUserLoginAttempts');
     $iTimeDelay = (int) DbConfig::getSetting('loginUserAttemptTime');
     if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view)) {
         \PFBC\Form::setError('form_login_user', Form::loginAttemptsExceededMsg($iTimeDelay));
         return;
         // Stop execution of the method.
     }
     // Check Login
     $sLogin = $oUserModel->login($sEmail, $sPassword);
     if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
         sleep(1);
         // Security against brute-force attack to avoid drowning the server and the database
         if ($sLogin === 'email_does_not_exist') {
             $this->session->set('captcha_enabled', 1);
             // Enable Captcha
             \PFBC\Form::setError('form_login_user', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
             $oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username');
         } elseif ($sLogin === 'password_does_not_exist') {
             $oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password');
             if ($bIsLoginAttempt) {
                 $oSecurityModel->addLoginAttempt();
             }
             $this->session->set('captcha_enabled', 1);
             // Enable Captcha
             $sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
             $sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
             $sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'user'));
             \PFBC\Form::setError('form_login_user', $sWrongPwdTxt);
         }
     } else {
         $oSecurityModel->clearLoginAttempts();
         $this->session->remove('captcha_enabled');
         $iId = $oUserModel->getId($sEmail);
         $oUserData = $oUserModel->readProfile($iId);
         if ($this->httpRequest->postExists('remember')) {
             // We hash again the password
             (new Framework\Cookie\Cookie())->set(array('member_remember' => Security::hashCookie($oUserData->password), 'member_id' => $oUserData->profileId));
         }
         $oUser = new UserCore();
         if (true !== ($mStatus = $oUser->checkAccountStatus($oUserData))) {
             \PFBC\Form::setError('form_login_user', $mStatus);
         } else {
             $oUser->setAuth($oUserData, $oUserModel, $this->session);
             Header::redirect(Uri::get('user', 'account', 'index'), t('You are successfully logged!'));
         }
     }
 }
 public function __construct()
 {
     parent::__construct();
     if (!$this->str->equals($this->httpRequest->post('code', Http::NO_CLEAN), (new Design())->customCode('js'))) {
         (new AdminModel())->updateCustomCode($this->httpRequest->post('code', Http::NO_CLEAN), 'js');
         /* Clean Model\Design for STATIC / customCodejs data */
         (new Framework\Cache\Cache())->start(Design::CACHE_STATIC_GROUP, 'customCodejs', null)->clear();
     }
     \PFBC\Form::setSuccess('form_script', t('Your JS code was saved successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     if (!$this->str->equals($this->httpRequest->post('code', Http::NO_CLEAN), (new Design())->analyticsApi(false, false))) {
         (new Framework\Mvc\Model\Analytics())->updateApi($this->httpRequest->post('code', Http::NO_CLEAN));
         /* Clean Model\Design for STATIC / analyticsApi data */
         (new Framework\Cache\Cache())->start(Design::CACHE_STATIC_GROUP, 'analyticsApi', null)->clear();
     }
     \PFBC\Form::setSuccess('form_analytics', t('The code Analytics Api was saved successfully!'));
 }
Beispiel #28
0
 public function __construct()
 {
     parent::__construct();
     $sTable = AdsCore::getTable();
     (new AdsCoreModel())->add($this->httpRequest->post('title'), $this->httpRequest->post('code', Http::NO_CLEAN), $sTable);
     /* Clean AdminCoreModel Ads and Model\Design for STATIC data */
     (new Framework\Cache\Cache())->start(Framework\Mvc\Model\Design::CACHE_STATIC_GROUP, null, null)->clear()->start(AdsCoreModel::CACHE_GROUP, 'totalAds', null)->clear()->start(AdsCoreModel::CACHE_GROUP, 'totalAdsAffiliates', null)->clear();
     $sSlug = AdsCore::getTable() == 'AdsAffiliates' ? 'affiliate' : '';
     HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'setting', 'ads', $sSlug), t('The Advertisement was added successfully!'));
 }
 public function __construct()
 {
     parent::__construct();
     $sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d');
     $aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'middle_name' => $this->httpRequest->post('middle_name'), 'sex' => $this->httpRequest->post('sex'), 'match_sex' => $this->httpRequest->post('match_sex'), 'birth_date' => $sBirthDate, 'country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'description' => $this->httpRequest->post('description'), 'website' => $this->httpRequest->post('website'), 'social_network_site' => $this->httpRequest->post('social_network_site'), 'ip' => Ip::get()];
     $iProfileId = (new UserCoreModel())->add($aData);
     if (!empty($_FILES['avatar']['tmp_name'])) {
         (new UserCore())->setAvatar($iProfileId, $aData['username'], $_FILES['avatar']['tmp_name'], 1);
     }
     Header::redirect(Uri::get(PH7_ADMIN_MOD, 'user', 'browse'), t('The user has been successfully added.'));
 }
 public function __construct()
 {
     parent::__construct();
     $iAlbumId = (int) $this->httpRequest->get('album_id');
     $sVideoTitle = $this->httpRequest->post('title');
     $iVideoId = (int) $this->httpRequest->get('video_id');
     (new VideoModel())->updateVideo($this->session->get('member_id'), $iAlbumId, $iVideoId, $sVideoTitle, $this->httpRequest->post('description'), $this->dateTime->get()->dateTime('Y-m-d H:i:s'));
     /* Clean VideoModel Cache */
     (new Framework\Cache\Cache())->start(VideoModel::CACHE_GROUP, null, null)->clear();
     HeaderUrl::redirect(Uri::get('video', 'main', 'video', $this->session->get('member_username') . ',' . $iAlbumId . ',' . $sVideoTitle . ',' . $iVideoId), t('Your video has been updated successfully!'));
 }