function _send_email($id) { if (!empty($id) and !has_errors() and isset($_POST['send_email']) and (!empty($_POST['password']) or !empty($_POST['new_password']))) { $password = !empty($_POST['password']) ? $this->input->post('password') : $this->input->post('new_password'); // send email to user $this->load->library('email'); $config['wordwrap'] = TRUE; $this->email->initialize($config); $this->email->from($this->config->item('from_email', 'fuel'), $this->config->item('site_name', 'fuel')); $this->email->to($this->input->post('email')); $this->email->subject(lang('new_user_email_subject')); $msg = lang('new_user_email', $this->input->post('user_name'), $password); $this->email->message($msg); if ($this->email->send()) { $this->session->set_flashdata('success', lang('new_user_created_notification', $this->input->post('email'))); redirect(fuel_uri($this->module_uri . '/edit/' . $id)); } else { add_error(lang('error_sending_email')); } } }
function upload() { $this->load->helper('file'); $this->load->helper('security'); $this->load->library('form_builder'); $this->js_controller_params['method'] = 'upload'; if (!empty($_POST)) { if (!empty($_FILES['file']['name'])) { $error = FALSE; $file_info = $_FILES['file']; // read in the file so we can filter it $file = read_file($file_info['tmp_name']); // sanitize the file before saving $id = $this->input->post('id', TRUE); $field = $this->js_controller_params['import_view_key']; $where['page_id'] = $id; $where['name'] = $field; $page_var = $this->pagevariables_model->find_one_array($where); if (empty($page_var)) { add_error(lang('error_upload')); } else { $file = $this->_sanitize($file); $save['id'] = $page_var['id']; $save['name'] = $this->js_controller_params['import_view_key']; $save['page_id'] = $id; $save['value'] = $file; if (!$this->pagevariables_model->save($save)) { add_error(lang('error_upload')); } } if (!has_errors()) { // change list view page state to show the selected group id $this->session->set_flashdata('success', lang('pages_success_upload')); redirect(fuel_url('pages/edit/' . $id)); } } else { if (!empty($_FILES['file']['error'])) { add_error(lang('error_upload')); } } } $fields = array(); $pages = $this->model->options_list('id', 'location', array('published' => 'yes'), 'location'); $fields['id'] = array('label' => lang('form_label_name'), 'type' => 'select', 'options' => $pages, 'class' => 'add_edit pages'); $fields['file'] = array('type' => 'file', 'accept' => ''); $this->form_builder->hidden = array(); $this->form_builder->set_fields($fields); $this->form_builder->set_field_values($_POST); $this->form_builder->submit_value = ''; $this->form_builder->use_form_tag = FALSE; $vars['instructions'] = lang('pages_upload_instructions'); $vars['form'] = $this->form_builder->render(); $this->_render('upload', $vars); }
<link rel="stylesheet" type="text/css" href="css/main.css"> </head> <body> <header> <div class="wrapper"> <a href="#" class="user">Вход не выполнен</a> </div> </header> <div class="wrapper form-container"> <div class="form"> <div class="row header"> <h1>Регистрация</h1> </div> <?php if (has_errors($errors)) { ?> <div class="error-msg"> При заполнении формы возникли ошибки, пожалуйста проверьте правильность заполнения полей и нажмите "Зарегистрироваться"! </div> <?php } ?> <form action="register.php" method="POST"> <div class="row <?php echo is_error($errors, 'nickname') ? 'error' : ''; ?> "> <label for="nickname">Имя пользователя<span class="required">*</span>:</label> <input type="text" name="nickname" id="nickname" value="<?php
function _process_comment($post) { if (!is_true_val($this->fuel_blog->settings('allow_comments'))) { return; } $notified = FALSE; // check captcha if (!$this->_is_valid_captcha()) { add_error(lang('blog_error_captcha_mismatch')); } // check that the site is submitted via the websit if (!$this->_is_site_submitted()) { add_error(lang('blog_error_comment_site_submit')); } // check consecutive posts if (!$this->_is_not_consecutive_post()) { add_error(lang('blog_error_consecutive_comments')); } $this->load->module_model(FUEL_FOLDER, 'users_model'); $user = $this->users_model->find_one(array('email' => $this->input->post('author_email', TRUE))); // create comment $this->load->module_model(BLOG_FOLDER, 'blog_comments_model'); $comment = $this->blog_comments_model->create(); $comment->post_id = $post->id; $comment->author_id = !empty($user->id) ? $user->id : NULL; $comment->author_name = $this->input->post('author_name', TRUE); $comment->author_email = $this->input->post('author_email', TRUE); $comment->author_website = $this->input->post('author_website', TRUE); $comment->author_ip = $_SERVER['REMOTE_ADDR']; $comment->content = trim($this->input->post('new_comment', TRUE)); $comment->date_added = NULL; // will automatically be added //http://googleblog.blogspot.com/2005/01/preventing-comment-spam.html //http://en.wikipedia.org/wiki/Spam_in_blogs // check double posts by IP address if ($comment->is_duplicate()) { add_error(lang('blog_error_comment_already_submitted')); } // if no errors from above then proceed to submit if (!has_errors()) { // submit to akisment for validity $comment = $this->_process_akismet($comment); // process links and add no follow attribute $comment = $this->_filter_comment($comment); // set published status if (is_true_val($comment->is_spam) or $this->fuel_blog->settings('monitor_comments')) { $comment->published = 'no'; } // save comment if saveable and redirect if (!is_true_val($comment->is_spam) or is_true_val($comment->is_spam) and $this->fuel_blog->settings('save_spam')) { if ($comment->save()) { $notified = $this->_notify($comment, $post); $this->load->library('session'); $vars['post'] = $post; $vars['comment'] = $comment; $this->session->set_flashdata('thanks', TRUE); $this->session->set_userdata('last_comment_ip', $_SERVER['REMOTE_ADDR']); $this->session->set_userdata('last_comment_time', time()); redirect($post->url); } else { add_errors($comment->errors()); } } else { add_error(lang('blog_comment_is_spam')); } } return $notified; }
public function upload() { $this->load->helper('file'); $this->load->helper('security'); $this->load->library('form_builder'); $this->load->library('upload'); $this->js_controller_params['method'] = 'upload'; if (!empty($_POST) and !empty($_FILES)) { $params['upload_path'] = sys_get_temp_dir(); $params['allowed_types'] = 'php|html|txt'; // to ensure we check the proper mime types $this->upload->initialize($params); // Hackery to ensure that a proper php mimetype is set. // Would set in mimes.php config but that may be updated with the next version of CI which does not include the text/plain $this->upload->mimes['php'] = array('application/x-httpd-php', 'application/php', 'application/x-php', 'text/php', 'text/html', 'text/x-php', 'application/x-httpd-php-source', 'text/plain'); if ($this->upload->do_upload('file')) { $upload_data = $this->upload->data(); $error = FALSE; // read in the file so we can filter it $file = read_file($upload_data['full_path']); // sanitize the file before saving $id = $this->input->post('id', TRUE); $pagevars = $this->fuel->pages->import($id); if (!empty($pagevars)) { $layout = $this->fuel->layouts->get($pagevars['layout']); unset($pagevars['layout']); foreach ($pagevars as $key => $val) { $where['page_id'] = $id; $where['name'] = $key; $page_var = $this->fuel_pagevariables_model->find_one_array($where); $save['id'] = empty($page_var['id']) ? NULL : $page_var['id']; $save['name'] = $key; $save['page_id'] = $id; $save['value'] = $val; if (!$this->fuel_pagevariables_model->save($save)) { add_error(lang('error_upload')); } } // resave to prevent import popup on next page $page = $this->fuel_pages_model->find_by_key($id, 'array'); $page['last_modified'] = date('Y-m-d H:i:s', time() + 1); // to prevent window from popping up after upload $this->model->save($page); if (!has_errors()) { // change list view page state to show the selected group id $this->fuel->admin->set_notification(lang('pages_success_upload'), Fuel_admin::NOTIFICATION_SUCCESS); redirect(fuel_url('pages/edit/' . $id)); } } else { add_error(lang('error_upload')); } } else { $error_msg = $this->upload->display_errors('', ''); add_error($error_msg); } } $fields = array(); $pages = $this->model->options_list('id', 'location', array('published' => 'yes'), 'location'); $fields['id'] = array('label' => lang('form_label_name'), 'type' => 'select', 'options' => $pages, 'class' => 'add_edit pages'); $fields['file'] = array('type' => 'file', 'accept' => ''); $this->form_builder->hidden = array(); $this->form_builder->set_fields($fields); $this->form_builder->set_field_values($_POST); $this->form_builder->submit_value = ''; $this->form_builder->use_form_tag = FALSE; $vars['instructions'] = lang('pages_upload_instructions'); $vars['form'] = $this->form_builder->render(); $vars['back_action'] = ($this->fuel->admin->last_page() and $this->fuel->admin->is_inline()) ? $this->fuel->admin->last_page() : fuel_uri($this->module_uri); //$vars['back_action'] = fuel_uri($this->module_uri); $crumbs = array($this->module_uri => $this->module_name, '' => lang('action_upload')); $this->fuel->admin->set_titlebar($crumbs); $this->fuel->admin->render('upload', $vars, '', FUEL_FOLDER); }
function add_product($dbh, &$product, &$errors) { $product = array(); $errors = empty_errors(); // считываем строки из запроса read_string($_POST, 'title', $product, $errors, 2, 60, false); read_integer($_POST, 'category_id', $product, $errors, 1, null, true); read_decimal($_POST, 'price', $product, $errors, '0.0', null, true); read_integer($_POST, 'stock', $product, $errors, 1, null, true); read_string($_POST, 'description', $product, $errors, 1, 10000, false, null, false); read_img($_FILES, 'img', $product, $errors, 0, 204800, true); if (has_errors($errors)) { return false; } // форма передана правильно, сохраняем пользователя в базу данных $db_product = db_product_insert($dbh, $product); return true; }
function register_user($dbh, &$user, &$errors) { $user = array(); $errors = empty_errors(); // считываем строки из запроса read_string($_POST, 'nickname', $user, $errors, 2, 64, true); read_email($_POST, 'email', $user, $errors, 2, 64, true); read_string($_POST, 'password', $user, $errors, 6, 24, true); read_string($_POST, 'password_confirmation', $user, $errors, 6, 24, true); read_string($_POST, 'fullname', $user, $errors, 1, 80, true); read_list($_POST, 'gender', $user, $errors, array('M', 'F'), false); read_bool($_POST, 'newsletter', $user, $errors, '1', false, false); // пароль и подтверждение пароля должны совпадать if (!is_error($errors, 'password') && !is_error($errors, 'password_confirmation') && $user['password'] != $user['password_confirmation']) { $errors['fields'][] = 'password'; add_error($errors, 'password_confirmation', 'dont-match'); } if (has_errors($errors)) { return false; } // защищаем пароль пользователя $user['password'] = crypt($user['password']); unset($user['password_confirmation']); // форма передана правильно, сохраняем пользователя в базу данных $db_user = db_user_insert($dbh, $user); // автоматически логиним пользователя после регистрации, запоминая его в сессии store_current_user_id($db_user['id']); return true; }
/** * Displays the fields to edit a record (form view) * * @access public * @param int The ID value of the record to edit * @param string The name of a field, or fields spearated by colon to display in the form (optional) * @param string Determines whether to redirect the page after save or not * @return void */ function edit($id = NULL, $field = NULL, $redirect = TRUE) { // check that the action even exists and if not, show a 404 if (!$this->fuel->auth->module_has_action('save') and $this->displayonly === FALSE) { show_404(); } // check permissions if (!$this->fuel->auth->has_permission($this->module_obj->permission, 'edit') and !$this->fuel->auth->has_permission($this->module_obj->permission, 'create')) { show_error(lang('error_no_permissions')); } $inline = $this->fuel->admin->is_inline(); if ($this->input->post($this->model->key_field())) { if ($this->_process_edit($id) and !has_errors()) { if ($inline === TRUE) { $url = fuel_uri($this->module_uri . '/inline_edit/' . $id . '/' . $field, TRUE); } else { $url = fuel_uri($this->module_uri . '/edit/' . $id . '/' . $field, TRUE); } if ($redirect) { if (!$this->fuel->admin->has_notification(Fuel_admin::NOTIFICATION_SUCCESS)) { $this->fuel->admin->set_notification(lang('data_saved'), Fuel_admin::NOTIFICATION_SUCCESS); } redirect($url); } } } //$vars = $this->_form($id); $data = $this->_saved_data($id); $action = !empty($data[$this->model->key_field()]) ? 'edit' : 'create'; // check model first for preview path method if (method_exists($this->model, 'preview_path')) { $this->preview_path = $this->model->preview_path($data, $this->preview_path); } else { // otherwise, substitute data values into preview path $this->preview_path = $this->module_obj->url($data); } $shell_vars = $this->_shell_vars($id, $action, $data); $form_vars = $this->_form_vars($id, $data, $field, $inline); $vars = array_merge($shell_vars, $form_vars); $vars['data'] = $data; $vars['action'] = $action; $vars['related_items'] = $this->model->related_items($data); // active or publish fields if (isset($data['published'])) { $vars['publish'] = (!empty($data['published']) and is_true_val($data['published'])) ? 'unpublish' : 'publish'; } if (isset($data['active'])) { $vars['activate'] = (!empty($data['active']) and is_true_val($data['active'])) ? 'deactivate' : 'activate'; } if (!empty($field)) { $this->fuel->admin->set_display_mode(Fuel_admin::DISPLAY_COMPACT_NO_ACTION); } else { if ($inline === TRUE) { $this->fuel->admin->set_display_mode(Fuel_admin::DISPLAY_COMPACT); } } $crumbs = array($this->module_uri => $this->module_name); if (!empty($data[$this->display_field])) { $crumbs[''] = character_limiter(strip_tags($data[$this->display_field]), 50); } $this->fuel->admin->set_titlebar($crumbs); $vars['actions'] = $this->load->module_view(FUEL_FOLDER, '_blocks/module_create_edit_actions', $vars, TRUE); $this->fuel->admin->render($this->views['create_edit'], $vars, '', FUEL_FOLDER); // do this after rendering so it doesn't render current page' if (!empty($data[$this->display_field]) and $inline !== TRUE) { $this->fuel->admin->add_recent_page($this->uri->uri_string(), $this->module_name . ': ' . $data[$this->display_field], $this->module); } }
/** * Protected method that will send out a passowrd change email to a user * * @access protected * @param int The user ID * @return void */ protected function _send_email($id) { $CI =& get_instance(); if (!empty($id) and !has_errors() and isset($_POST['send_email']) and (!empty($_POST['password']) or !empty($_POST['new_password']))) { $password = !empty($_POST['password']) ? $CI->input->post('password') : $CI->input->post('new_password'); $msg = lang('new_user_email', site_url('fuel/login'), $CI->input->post('user_name'), $password); $params['to'] = $CI->input->post('email'); $params['subject'] = lang('new_user_email_subject'); $params['message'] = $msg; $params['use_dev_mode'] = FALSE; if (!$CI->fuel->notification->send($params)) { $CI->fuel->logs->write($CI->fuel->notification->last_error(), 'debug'); add_error(lang('error_sending_email', $CI->input->post('email'))); } } }
function read_user_info(&$user, &$errors) { $user = array(); $errors = array('fields' => array(), 'messages' => array()); // читаем и проверяем имя пользователя if (!isset($_REQUEST['username'])) { $errors['fields'][] = 'username'; $errors['messages']['username'] = '******'; } else { $user['username'] = $value = $_REQUEST['username']; if (strlen($value) < 2) { $errors['fields'][] = 'username'; $errors['messages']['username'] = '******'; } else { if (strlen($value) > 64) { $errors['fields'][] = 'username'; $errors['messages']['username'] = '******'; } } } // читаем и проверяем пароль if (!isset($_REQUEST['password'])) { $errors['fields'][] = 'password'; $errors['messages']['password'] = '******'; } else { $user['password'] = $value = $_REQUEST['password']; if (strlen($value) < 6) { $errors['fields'][] = 'password'; $errors['messages']['password'] = '******'; } else { if (strlen($value) > 24) { $errors['fields'][] = 'password'; $errors['messages']['password'] = '******'; } } } // читаем и проверяем подтверждение пароля if (!isset($_REQUEST['password_confirmation'])) { $errors['fields'][] = 'password_confirmation'; $errors['messages']['password_confirmation'] = '@password_confirmation-required'; } else { $user['password_confirmation'] = $value = $_REQUEST['password_confirmation']; if (strlen($value) < 6) { $errors['fields'][] = 'password_confirmation'; $errors['messages']['password_confirmation'] = '@password_confirmation-too-short'; } else { if (strlen($value) > 24) { $errors['fields'][] = 'password_confirmation'; $errors['messages']['password_confirmation'] = '@password_confirmation-too-long'; } } } // пароль и подтверждение пароля должны совпадать if (!is_error($errors, 'password') && !is_error($errors, 'password_confirmation') && $user['password'] != $user['password_confirmation']) { $errors['fields'][] = 'password'; $errors['fields'][] = 'password_confirmation'; $errors['messages']['password_confirmation'] = '@password_confirmation-dont-match'; } // читаем и проверяем полное имя пользователя if (!isset($_REQUEST['fullname'])) { $errors['fields'][] = 'fullname'; $errors['messages']['fullname'] = '@fullname-required'; } else { $user['fullname'] = $value = $_REQUEST['fullname']; if (strlen($value) < 1) { $errors['fields'][] = 'fullname'; $errors['messages']['fullname'] = '@fullname-too-short'; } else { if (strlen($value) > 80) { $errors['fields'][] = 'fullname'; $errors['messages']['fullname'] = '@fullname-too-long'; } } } // читаем и проверяем пол пользователя, его указание необязательно, // мы сохраним его только если было передано правильное значение if (isset($_REQUEST['gender']) && ($_REQUEST['gender'] == 'M' || $_REQUEST['gender'] == 'F')) { $user['gender'] = $_REQUEST['gender']; } else { $user['gender'] = null; } // читаем и проверяем флажок, хочет ли пользователь получать рассылку, // если передано значение '1', то да, в противном случае, считаем, что не хочет if (isset($_REQUEST['newsletter']) && $_REQUEST['newsletter'] == '1') { $user['newsletter'] = true; } else { $user['newsletter'] = false; } return !has_errors($errors); }
/** * Protected method that will send out a passowrd change email to a user * * @access protected * @param int The user ID * @return void */ protected function _send_email($id) { $CI =& get_instance(); if (!empty($id) and !has_errors() and isset($_POST['send_email']) and (!empty($_POST['password']) or !empty($_POST['new_password']))) { $password = !empty($_POST['password']) ? $CI->input->post('password') : $CI->input->post('new_password'); // send email to user $CI->load->library('email'); $config['wordwrap'] = TRUE; $CI->email->initialize($config); $CI->email->from($CI->config->item('from_email', 'fuel'), $CI->config->item('site_name', 'fuel')); $CI->email->to($CI->input->post('email')); $CI->email->subject(lang('new_user_email_subject')); $msg = lang('new_user_email', site_url('fuel/login'), $CI->input->post('user_name'), $password); $CI->email->message($msg); if (!$CI->email->send()) { add_error(lang('error_sending_email', $this->input->post('email'))); } } }
<a href="./genres.php">DVD Categories</a> | <a href="./view_dvd.php">Find a DVD</a> | <a href="./login.php">Login</a> <?php } ?> </div> </div> <!-- ##### Main Copy ##### --> <div id="main-copy"> <div class="rowOfBoxes"> <div class="twoThirds noBorderOnLeft"> <?php if (has_errors()) { // print them out echo "<div class='highlight'><ul>\n"; foreach ($_SESSION['errors'] as $message) { echo "<li class='error'>{$message}</li>\n"; } echo "</ul></div><br />\n"; unset($_SESSION['errors']); } if (has_messages()) { echo "<div class='highlight' <ul>\n"; foreach ($_SESSION['messages'] as $message) { echo "<li class='message'>{$message}</li>\n"; } echo "</ul></div><br />\n"; unset($_SESSION['messages']);
/** * Protected method that checks to see if the save request is an invite request * * @access protected * @return boolean */ protected function _is_invite() { return (!has_errors() and isset($_POST['is_invite']) and $_POST['is_invite'] == 1 and isset($_POST['email'])) ? TRUE : FALSE; }