function menu_affiliates($args)
{
if (defined('NO_DB')) {
return;
}
global $objTPL, $objSQL;
$settings = array('limit' => doArgs('limit', 6, $args), 'perRow' => doArgs('limit', 2, $args));
//grab the table
$table = $objSQL->getTable('SELECT * FROM `$Paffiliates` WHERE active = 1 AND showOnMenu = 1 ORDER BY rand() LIMIT %d;', array($settings['limit']));
if ($table === NULL) {
return 'Error: Could not query Affiliates.';
}
if (is_empty($table)) {
return 'Error: No Affiliates in the database active.';
}
$return = NULL;
$counter = 1;
foreach ($table as $a) {
$title = secureMe($a['title']) . '
In: ' . $a['in'] . ' | Out: ' . $a['out'];
$return .= '<a href="/' . root() . 'affiliates.php?out&id=' . $a['id'] . '" title="' . $title . '" target="_blank" rel="nofollow"><img src="' . $a['img'] . '" alt="' . $title . '" /></a>';
if ($counter % $settings['perRow'] == 0) {
$return .= '<br />';
}
$counter++;
}
return '<center>' . $return . '</center>';
}
/**
* Inserts a comment into the database
*
* @version 1.0
* @since 1.0.0
* @autor xLink
*
* @param string $module The module name
* @param int $module_id The Unique ID of the content
* @param int $author The comment author's UID
* @param string $comment The comment's content
*
* @return int mysql_inserted_id()
*/
function insertComment($module, $module_id, $author, $comment)
{
unset($array);
$array['module'] = $module;
$array['module_id'] = $module_id;
$array['author'] = $author;
$array['comment'] = secureMe($comment);
$array['timestamp'] = time();
$log = 'Comments System: ' . $this->objUser->profile($this->objUser->grab('id'), RAW) . ' commented on <a href="' . $this->aURL[1] . '">this</a>.';
return $this->objSQL->insertRow('comments', $array, $log);
}
/**
* Inserts a comment into the database
*
* @version 2.0
* @since 1.0.0
* @author Richard Clifford, Dan Aldridge
*
* @param string $module The module name
* @param int $module_id The Unique ID of the content
* @param int $author The comment author's UID
* @param string $comment The comment's content
*
* @return bool
*/
function insertComment($module, $module_id, $author, $comment)
{
// Instanciate the Objects
$objUser = coreObj::getUser();
$objSQL = coreObj::getDBO();
unset($array);
$array['module'] = $module;
$array['module_id'] = $module_id;
$array['author'] = $author;
$array['comment'] = secureMe($comment);
$array['timestamp'] = time();
$insertQuery = $objSQL->queryBuilder()->insertInto('#__comments')->set($array)->build();
$insertResult = $objSQL->query($insertQuery);
// TODO: log the comments
$log = 'Comments System: ' . $objUser->profile($objUser->grab('id'), RAW) . ' commented on <a href="' . $this->aURL[1] . '">this</a>.';
if ($insertResult) {
return true;
}
return false;
}
/**
* Outputs a table with currently detected themes in
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function themes()
{
$objForm = Core_Classes_coreObj::getForm();
$objTPL = Core_Classes_coreObj::getTPL();
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'table' => cmsROOT . 'modules/core/views/admin/themes/manageTable.tpl'));
$dir = cmsROOT . 'themes';
$tpls = getFiles($dir);
//echo dump($tpls);
foreach ($tpls as $tpl) {
if ($tpl['type'] !== 'dir') {
continue;
}
$tplName = secureMe($tpl['name'], 'alphanum');
$details = $this->getDetails($tplName);
//echo dump($details, $tplName);
$objTPL->assign_block_vars('theme', array('NAME' => doArgs('name', 'N/A', $details), 'VERSION' => doArgs('version', '0.0', $details), 'ENABLED' => 'true', 'COUNT' => '9001', 'MODE' => doArgs('mode', 'N/A', $details), 'AUTHOR' => doArgs('author', 'N/A', $details)));
}
$objTPL->parse('table', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Theme Management', 'CONTENT' => $objTPL->get_html('table', false), 'ICON' => 'fa-icon-user')));
}
public function contactInfoLinks($user, $filter = null)
{
if (is_empty($user['contact_info'])) {
return null;
}
$user['contact_info'] = json_decode($user['contact_info'], true);
if (!is_array($user['contact_info'])) {
return null;
}
$filter = !is_empty($filter) ? explode('|', $filter) : array();
//set the tpl and css up
$this->objPage->addCSSCode('.contactInfo{ padding: 0 20px 1px 0; } .ico{ margin: 0; padding: 0 0 1px 20px; }');
$icons = null;
foreach ($user['contact_info'] as $row) {
//continue(2)
$ico = array();
$ico['type'] = $row['type'];
$ico['val'] = secureMe($row['val']);
$ico['contact'] = 'Click to Visit <strong>' . $ico['val'] . '</strong>\'s Profile';
switch ($row['type']) {
//continue(1)
//we dont want it processing for anything past what we have so break out of the switch AND the foreach
default:
continue 2;
break;
case 'wlm':
$blank = false;
$ico['url'] = 'msnim:chat?contact=' . $ico['val'];
$ico['contact'] = 'Windows Live Messenger: ' . $ico['contact'];
break;
case 'aol':
$blank = false;
$ico['url'] = 'aim:goim?screenname=' . $ico['val'];
$ico['contact'] = 'AOL Instant Messenger: ' . $ico['contact'];
break;
case 'sky':
$blank = false;
$ico['url'] = 'skype:' . $ico['val'] . '?chat';
$ico['contact'] = 'Skype: ' . $ico['contact'];
break;
case 'yah':
$blank = false;
$ico['url'] = 'ymsgr:sendIM?' . $ico['val'];
$ico['contact'] = 'Yahoo Messenger: ' . $ico['contact'];
break;
case 'gt':
$blank = false;
$ico['url'] = 'gtalk:chat?' . $ico['val'];
$ico['contact'] = 'Google Talk: ' . $ico['contact'];
break;
case 'irc':
$blank = false;
$ico['url'] = $ico['val'];
$ico['contact'] = 'IRC: Click to connect to : ' . $ico['val'];
break;
case 'twi':
$blank = false;
$ico['url'] = $ico['val'];
$ico['contact'] = 'Twitter: ' . $ico['contact'];
break;
case 'fb':
$ico['url'] = 'http://facebook.com/' . $ico['val'];
$ico['contact'] = 'Facebook: ' . $ico['contact'];
break;
case 'gt':
$ico['url'] = 'http://twitter.com/' . $ico['val'];
$ico['contact'] = 'Twitter: ' . $ico['contact'];
break;
case 'gpl':
$allowed = array('plus.google.com', 'gplus.to');
if (preg_match('/(' . implode('|', $allowed) . ')/i', ${$ico}['val'])) {
$ico['url'] = $ico['val'];
$ico['contact'] = 'Facebook: ' . $ico['contact'];
}
break;
case 'git':
$ico['url'] = 'https://github.com/' . $ico['val'];
$ico['contact'] = 'GitHub: ' . $ico['contact'];
break;
case 'bbu':
$ico['url'] = 'https://bitbucket.org/' . $ico['val'];
$ico['contact'] = 'BitBucket: ' . $ico['contact'];
break;
case 'grv':
$ico['url'] = 'http://grooveshark.com/#/' . $ico['val'];
$ico['contact'] = 'Grooveshark: ' . $ico['contact'];
break;
case 'red':
$ico['url'] = 'http://www.reddit.com/user/' . $ico['val'];
$ico['contact'] = 'Reddit: ' . $ico['contact'];
break;
case 'stu':
$ico['url'] = 'http://www.stumbleupon.com/stumbler/' . $ico['val'];
$ico['contact'] = 'StumbleUpon: ' . $ico['contact'];
break;
case 'yam':
case 'gma':
case 'hom':
$blank = false;
$ico['url'] = 'mailto:' . $ico['val'];
$ico['contact'] = 'Email: ' . $ico['contact'];
break;
case 'ste':
$ico['url'] = 'http://steamcommunity.com/id/' . $ico['val'];
$ico['contact'] = 'Steam: ' . $ico['contact'];
break;
case 'spo':
$ico['url'] = 'http://open.spotify.com/user/' . $ico['val'];
$ico['contact'] = 'Spotify: ' . $ico['contact'];
break;
case 'utb':
$ico['url'] = 'http://www.youtube.com/user/' . $ico['val'];
$ico['contact'] = 'YouTube: ' . $ico['contact'];
break;
case 'dA':
$ico['url'] = 'http://' . $ico['val'] . '.deviantart.com/';
$ico['contact'] = 'DeviantArt: ' . $ico['contact'];
break;
case 'urb':
$ico['url'] = $ico['val'];
$ico['contact'] = 'Your Blog: ' . $ico['contact'];
break;
case 'urw':
$ico['url'] = $ico['val'];
$ico['contact'] = 'Your Website: ' . $ico['contact'];
break;
case 'url':
$location = $ico['val'];
continue 2;
break;
}
$ico['blank'] = $blank || true;
//if we have a filter, continue if this element isnt in the filter
if (count($filter) && !in_array($row['type'], $filter)) {
continue;
}
//add to the vars and return
$icon = '<a href="%s" class="%s contactInfo hoverWatch" title="%s" rel="nofollow" ico="%s"%s> </a>';
$icons .= sprintf($icon, $ico['url'], $ico['type'], $ico['contact'], $ico['type'], $ico['blank'] === true ? ' target="_blank"' : '');
}
return $icons;
}
/**
* Returns an fully parsed avatar
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param int $uid
* @param int $size
*
* @return string HTML of the parsed avatar.
*/
public function parseAvatar($uid, $size = 100)
{
$defaultAvatar = '/' . root() . 'images/no_avatar.png';
$avatar = $this->getUserInfo($uid, 'avatar');
if (is_empty($avatar)) {
$avatar = $defaultAvatar;
$_avatar = '<img src="%1$s" height="%2$s" width="%3$s" class="avatar corners" />';
return sprintf($_avatar, $avatar, $size, $size);
}
$avatar = secureMe(preg_replace('_^/images/_', '/' . root() . 'images/', $avatar));
$username = $this->getUserInfo($uid, 'username');
$username_avatar = $username . '_avatar';
$user = strtolower($username);
$_avatar = '<a href="%1$s" class="lightwindow" title="%4$s\'s Avatar" data-avatar="%5$s">' . '<img src="%1$s" height="%2$s" width="%2$s" name="%3$s" id="%3$s" title="%4$s\'s Avatar" class="avatar corners" data-avatar="%4$s" /></a>';
return sprintf($_avatar, $avatar, $size, $username_avatar, $username, $user);
}
/**
* Performs action based on $action
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param string $action
*/
public function doAjax($action)
{
if (is_empty($action)) {
$this->throwHTTP(500);
return false;
}
switch ($action) {
case 'sortForum':
parse_str($_POST['order'], $order);
if (!is_array($order) || !count($order)) {
$this->throwHTTP(401);
}
parse_str($_POST['state'], $state);
if (!is_array($state) || !count($state)) {
$this->throwHTTP(401);
}
if (!is_array($order['sortable_forums']) || !count($order['sortable_forums'])) {
$this->throwHTTP(401);
}
foreach ($order['sortable_forums'] as $k) {
$go[$k] = $state[$k] == 1 ? 1 : 0;
}
echo print_r($go, true);
$db = serialize($go);
$_SESSION['user']['forum_cat_order'] = $db;
$update['forum_cat_order'] = $db;
$this->objUser->updateUserSettings($this->objUser->grab('id'), $update);
break;
//edit in place stuff
//edit in place stuff
case 'eip':
$id = doArgs('id', 0, $_GET, 'is_number');
$uid = $this->objUser->grab('id');
if ($id == 0 || !User::$IS_ONLINE) {
die('Error: There was a problem with the form you submitted. Please try again.');
}
//grab the post were reffering to
$post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id));
if (!$post) {
die('Error: There was a problem obtaining the post data. Error 0x01;');
}
//grab the required thread so we got something to work with..
$thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id']));
if (!$thread) {
die('Error: There was a problem obtaining the post data. Error 0x02;');
}
//now grab the cat id..
$cat = $this->getForumInfo($thread['cat_id']);
if (!$cat) {
die('Error: There was a problem obtaining the post data. Error 0x03;');
}
$catAuth = $this->auth[$cat['id']];
if ($post['author'] != $uid && !$catAuth['auth_edit'] && !$catAuth['auth_mod'] && !IS_MOD) {
die('Error: This is not your post;');
}
//load or save?
$action = doArgs('action', false, $_GET);
if ($action == 'load') {
echo html_entity_decode($post['post']);
} else {
if ($action == 'save') {
//what we have dosent match whats its supposed to be
if (doArgs('editorId', false, $_POST) != 'post_id_' . $id) {
die('Error: There was a problem with the form you submitted.');
}
unset($update);
$update['post'] = secureMe($_POST['value']);
$update['edited'] = $post['edited'] + 1;
$update['edited_uid'] = $uid;
$post_update = $this->objSQL->updateRow('forum_posts', $update, array('id ="%d"', $id));
if ($post_update) {
contentParse($_POST['value'], true);
exit;
} else {
die('Error: This is not your post, or there was a problem with saving the post. Error 0x02;');
}
}
}
break;
case 'quote':
$id = doArgs('id', 0, $_GET, 'is_number');
$uid = $this->objUser->grab('id');
if ($id == 0 || !User::$IS_ONLINE) {
die('Error: There was a problem with the form you submitted. Please try again.');
}
//grab the post were reffering to
$post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id));
if (!$post) {
die('Error: There was a problem obtaining the post data. Error 0x01;');
}
//grab the required thread so we got something to work with..
$thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id']));
if (!$thread) {
die('Error: There was a problem obtaining the post data. Error 0x02;');
}
//now grab the cat id..
$cat = $this->getForumInfo($thread['cat_id']);
if (!$cat) {
die('Error: There was a problem obtaining the post data. Error 0x03;');
}
$catAuth = $this->auth[$cat['id']];
if (!$catAuth['auth_read'] && !$catAuth['auth_mod'] && !IS_MOD) {
die('Error: This is not your post;');
}
$quote = "\n[quote=%s]\n%s\n[/quote]\n";
echo sprintf($quote, $this->objUser->getUserInfo($post['author'], 'username'), $post['post']);
break;
}
//everything that happens here dosent need to be output back to the parent template
exit;
}
/**
* Output a specfic iteration for getExecInfo
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param array $file
* @param string $info
* @param string $nl
*
* @return string
*/
function outputDebug($file, $info = null, $nl = '<br />')
{
$filename = explode(stristr(PHP_OS, 'WIN') ? '\\' : '/', $file['file']);
$msg = ($info !== null ? '<strong>[' . $info . ']</strong> <br />' : null) . ' Called on line <strong>' . $file['line'] . '
</strong> of file <strong>' . $filename[count($filename) - 1] . '</strong> via function <strong>' . $file['function'] . '</strong> with arguments: (\'' . (is_array($file['args']) ? secureMe(implode('\', \'', $file['args'])) : null) . '\')' . $nl;
return $msg;
}
/**
* Tests the remember me cookie for valid details
*
* @version 1.0
* @since 1.0
* @author Daniel Noel-Davies
*
* @todo Test this func, new port from old sys :P
*/
public function rememberMe()
{
// site setting needs to be enabled for one
if ($this->config('login', 'remember_me', 'false')) {
return false;
}
// make sure we have the cookie to begin with
if (is_empty(doArgs('login', null, $_COOKIE))) {
return false;
}
// should be non-empty
$cookie = unserialize($_COOKIE['login']);
if (is_empty($cookie)) {
return false;
}
// check for the expected keys in the array
$values = array('uData', 'uIP', 'uAgent');
foreach ($values as $v) {
if (!isset($cookie[$v]) && !is_empty($cookie[$v])) {
return false;
}
}
// uData should be 5 chars in length
if (strlen($cookie['uData']) != 5) {
return false;
}
// IP lock active, does the IP match what we have on file?
if ($this->config('login', 'ip_lock', false) && $cookie['uIP'] !== Core_Classes_User::getIP()) {
return false;
}
// make sure the useragent matches too
if ($cookie['uAgent'] != md5($_SERVER['HTTP_USER_AGENT'] . $this->config('db', 'ckeauth'))) {
return false;
}
// query for the userkey
$objSQL = Core_Classes_coreObj::getDBO();
$query = $objSQL->queryBuilder()->select('uData')->from('#__userkeys')->where(sprintf('uData LIKE "%s"', '%' . secureMe($cookie['uData'], 'sql') . '%'))->andWhere('uAgent', '=', $objSQL->quote(secureMe($cookie['uAgent'], 'sql')));
if ($this->config('login', 'ip_lock', false)) {
$query = $query->andWhere('uIP', '=', $objSQL->quote(secureMe($cookie['uIP'], 'sql')));
}
$query = $query->limit(1);
// check to see if we have anything
$query = $objSQL->fetchRow($query->build());
if ($query === fales) {
return false;
}
// untangle the ID & check for it
$query['uData'] = explode(':', $query['uData']);
if (!isset($query['uData'][1]) || is_empty($query['uData'][1])) {
return false;
}
// grab the user data if we can
$this->userData = $objUser->get('*', $query['uData'][1]);
if (!is_array($this->userData) || is_empty($query['uData'][1])) {
return false;
}
// now run some checks make sure they are able to login etc
if (!doArgs('autologin', false, $this->userData)) {
return false;
}
if (!$this->activeCheck()) {
return false;
}
if (!$this->banCheck()) {
return false;
}
if (!$this->whitelistCheck()) {
return false;
}
// everything seems fine, gogogo!
$objSessions = Core_Classes_coreObj::getSession();
$objSessions->setSessions($this->userData['uid'], true);
$objSessions->newSession();
return true;
}
/**
* Editor for the menu system
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function edit($args = array())
{
$objTPL = Core_Classes_coreObj::getTPL();
$objSQL = Core_Classes_coreObj::getDBO();
$objPage = Core_Classes_coreObj::getPage();
// Check we have the menu name
if (!is_array($args) || !is_string($args[1]) || strlen($args[1]) == 0) {
// error
trigger_error('Error: Could not get menu name.');
$this->menus();
return;
}
/** Menu JS **/
$objPage->addCSSFile(array('href' => '/' . root() . 'modules/core/assets/styles/admin/menus/Tree.css', 'type' => 'text/css'));
$objPage->addCSSFile(array('href' => '/' . root() . 'modules/core/assets/styles/admin/menus/Collapse.css', 'type' => 'text/css'));
$objPage->addJSFile(array('src' => '/' . root() . 'modules/core/assets/javascript/admin/menus/Tree.js'), 'footer');
$objPage->addJSFile(array('src' => '/' . root() . 'modules/core/assets/javascript/admin/menus/custom.js'), 'footer');
$menuName = $args[1];
$objTPL->set_filenames(array('panel' => cmsROOT . 'modules/core/views/admin/menus/menu_link_list.tpl'));
$queryList = $objSQL->queryBuilder()->select('*')->from('#__menus')->where('menu_name', '=', $menuName)->orderBy('`parent_id`, `order`', 'ASC');
$links = $objSQL->fetchAll($queryList->build());
if (!is_array($links)) {
trigger_error('Error: Menu does not exist.');
$this->menus();
return false;
}
$args = array('title' => 'link_title', 'id' => 'id', 'parent' => 'parent_id');
$tree = $this->generateTree($links, $args);
$objTPL->assign_var('tree_menu', $tree);
$objTPL->parse('panel', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Edit Menu - <strong>' . secureMe($menuName) . '</strong>', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'icon-th-list'), 'custom' => array('ICON' => 'icon-save', 'URL' => '#', 'TITLE' => 'Save', 'LINK' => '', 'CLASS' => '', 'EXTRA' => 'data-toggle="tooltip" data-placement="top"')));
}
/**
* Outputs the pagecrumbs
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @return string
*/
public function showPagecrumbs()
{
$breadcrumbs = $this->pageCrumbs;
if (is_empty($breadcrumbs)) {
return null;
}
//setup some vars
$counter = count($breadcrumbs);
$x = $counter;
$return = '';
$glue = ' >> ';
//loop through each breadcrumb
foreach ($breadcrumbs as $k => $link) {
//if its empty, minus one to $x, and continue
if (is_empty($link['name'])) {
$x--;
} else {
//set the string up
$string = '<a href="%s">%s</a>';
//secure the string up
$link['name'] = secureMe($link['name']);
//if its the last one, make it bold
if ($x - 1 == $k) {
$link['name'] = '<b>' . $link['name'] . '</b>';
}
//set the string up properly
$return .= sprintf($string, $link['url'], $link['name']);
//set the glue if its not the last one
if ($x - 1 != $k) {
$return .= $glue;
}
}
}
return $return;
}
/**
* Loads a module and its languagefile with the name from the parameter $module
*
* @version 2.0
* @since 0.8.0
* @author xLink
*
* @param string $module The name of the module to be loaded
* @param bool $languageFile Defines weather the language file accociated with the module should be loaded.
*
* @return bool
*/
function loadModule($module, $languageFile = false, $mode = 'class')
{
if ($mode === NULL) {
$mode = 'class';
}
if ($mode == 'class') {
//check weather we've already used this module
$module_enable = isset($_SESSION['site']['modules'][$module]) ? $_SESSION['site']['modules'][$module] == 1 ? 'enabled' : 'disabled' : 'first';
$module_enable = 'enabled';
switch ($module_enable) {
case 'disabled':
//false means the module is disabled so stop here.
$this->objPage->setTitle('Module Disabled');
hmsgDie('FAIL', 'Module: "' . $module . '" is disabled.');
exit;
break;
case 'first':
//null means we havent so continue
$enable_check = $this->objSQL->getValue('modules', 'enabled', array('name = "%s"', $module));
switch ($enable_check) {
case NULL:
$this->objPage->setTitle('Module Not Installed');
$msg = NULL;
if (!is_dir(cmsROOT . 'modules/' . $module . '/')) {
$this->throwHTTP(404);
}
if (file_exists(cmsROOT . 'modules/' . $module . '/install.php') && User::$IS_ADMIN) {
$msg = '<br />But it can be, <a href="/' . root() . 'modules/' . $module . '/install/">Click Here</a>';
}
if (User::$IS_ADMIN) {
hmsgDie('FAIL', 'Module "' . secureMe($module) . '" isnt installed.' . $msg);
} else {
$this->throwHTTP(404);
}
exit;
break;
case 0:
return false;
break;
default:
//cache it in session so we dont have to run the query everytime we use this module
$_SESSION['site']['modules'][$module] = $enable_check;
}
break;
}
}
//now with the rest of the checks
if (!is_file(cmsROOT . 'modules/' . $module . '/cfg.php')) {
hmsgDie('FAIL', 'Could not locate the configuration file for "' . $module . '". Load Failed');
}
if (!is_file(cmsROOT . 'modules/' . $module . '/' . $mode . '.' . $module . '.php')) {
hmsgDie('FAIL', 'Could not locate Module "' . $module . '". Load Failed');
}
include_once cmsROOT . 'modules/' . $module . '/' . $mode . '.' . $module . '.php';
if ($languageFile) {
translateFile(cmsROOT . 'modules/' . $module . '/language/lang.' . $this->config('global', 'language') . '.php');
}
return true;
}
/**
* Makes sure the cookie is valid
*
* @version 1.0
* @since 1.0.0
* @author Jesus
*
* @return bool
*/
public function runRememberMe()
{
if (!$this->config('login', 'remember_me')) {
$this->setError('Remember Me Failed. Remember Me is disabled site wide');
return false;
}
//make sure we have a cookie to begin with
if (is_empty(doArgs('login', null, $_COOKIE))) {
$this->setError('Remember Me Failed. Cookie not found.');
return false;
}
//this should return something not empty...
$cookie = unserialize($_COOKIE['login']);
if (is_empty($cookie)) {
$this->setError('Remember Me Failed. Cookie contained unexpected information.');
return false;
}
//verify we have the data we need
$values = array('uData', 'uIP', 'uAgent');
foreach ($values as $e) {
if (!isset($cookie[$e]) && !is_empty($cookie[$e])) {
$this->setError('Remember Me Failed. Cookie contained unexpected information.');
return false;
}
}
//uData should be 5 chars in length
if (strlen($cookie['uData']) != 5) {
$this->setError('Remember Me Failed. Cookie contained unexpected information.');
return false;
}
//make sure the IP has the right IP of the client
if ($this->config('login', 'ip_lock', false) && $cookie['uIP'] !== User::getIP()) {
$this->setError('Remember Me Failed. Cookie contained unexpected information.');
return false;
}
//and make sure the useragent matches the client
if ($cookie['uAgent'] != md5($_SERVER['HTTP_USER_AGENT'] . $this->config('db', 'ckeauth'))) {
$this->setError('Remember Me Failed. Cookie contained unexpected information.');
return false;
}
//setup the query
unset($query);
$query[] = 'SELECT uData FROM `$Puserkeys` ';
$query[] = 'WHERE uData LIKE "%' . secureMe($cookie['uData'], 'MRES') . ':%" ';
$query[] = 'AND uAgent = "' . secureMe($cookie['uAgent'], 'MRES') . '" ';
if ($this->config('login', 'ip_lock')) {
$query[] = 'AND uIP = "' . secureMe($cookie['uIP'], 'MRES') . '" ';
}
$query[] = 'LIMIT 1;';
//prepare and exec
$query = $this->objSQL->getLine(implode(' ', $query));
if (!count($query)) {
$this->setError('Could not query for userkey');
return false;
}
//untangle the user id from the query
$query['uData'] = explode(':', $query['uData']);
if (!isset($query['uData'][1]) || is_empty($query['uData'][1])) {
$this->setError('No ID Exists');
return false;
}
//now try and grab the user's info
$this->userData = $this->objUser->getUserInfo($query['uData'][1]);
if (is_empty($this->userData)) {
$this->setError('No user exists with that ID');
return false;
}
//now check to make sure users info is valid before letting em login properly
if ($this->userData['autologin'] == 0) {
$this->setError('User isn\'t set to autologin.');
return false;
}
if (!$this->activeCheck()) {
$this->setError('User isn\'t active.');
return false;
}
if (!$this->banCheck()) {
$this->setError('User is banned.');
return false;
}
if (!$this->whiteListCheck()) {
$this->setError('You\'re IP dosent match the whitelist.');
return false;
}
//everything seems fine, log them in
$this->objUser->setSessions($this->userData['id'], true);
$this->objUser->newOnlineSession('Online System: AutoLogin Sequence Activated for ' . $this->userData['username']);
return true;
}
/**
* Sends a notification to the user
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param int $uid 0 for current user, or UID of user
* @param string $message Message to output in the notification
* @param int $module_id ID that corresponds with the content peice for that module
*
* @return bool
*/
public function notifyUser($uid, $message, $title = null, $module_id = 0)
{
global $objModule;
$user = $this->objUser->getUserInfo($uid);
if (is_empty($user)) {
$this->setError('Invalid User ID.');
return false;
}
$insert['uid'] = $user['id'];
$insert['type'] = 0;
//not implemented yet
$insert['body'] = secureMe($message);
$insert['timestamp'] = time();
$insert['title'] = !is_empty($title) ? $title : null;
$insert['module'] = $objModule->module;
$insert['module_id'] = is_number($module_id) ? $module_id : 0;
$insert = $this->objSQL->insertRow('notifications', $insert);
if (!mysql_affected_rows()) {
$this->setError('Inserting notification failed. SQL: ' . $this->objSQL->getError());
return false;
}
return true;
}
function bbcode_quote($bbcode, $action, $name, $default, $params, $content)
{
global $objUser;
if ($action == BBCODE_CHECK) {
return true;
}
if (doArgs('name', false, $params)) {
$title = $objUser->profile($params['name'], RETURN_USER) . ' wrote';
if (doArgs('date', false, $params)) {
$title .= ' on ' . secureMe(trim($params['date']));
}
$title .= ':';
if (doArgs('url', false, $params)) {
$url = trim($params['url']);
if ($bbcode->IsValidURL($url)) {
$title = '<a href="' . secureMe($params['url']) . '">' . $title . '</a>';
}
}
} else {
if (!is_string($default)) {
$title = 'Quote:';
} else {
$title = $objUser->profile($default, RETURN_USER) . ' wrote';
}
}
return "\n<div class=\"bbcode_quote\">\n<div class=\"bbcode_quote_head\">" . $title . "</div>\n<div class=\"bbcode_quote_body\">" . $content . "</div>\n</div>\n";
}
/**
* Sets the pages title.
*
* @version 1.0
* @since 1.0
* @author Dan Aldridge
*
* @param array $title
*/
public function setTitle($title)
{
$objTPL = self::getTPL();
$objTPL->assign_var('PAGE_TITLE', secureMe($title));
}
<?php
session_start();
//Check if a user is logged in
if (isset($_SESSION['username'])) {
header('Location: index.php');
}
include "dbConnect.php";
secureMe();
$dbconn = null;
$dbconn = connectDB($dbconn);
?>
<!DOCTYPE html>
<html lang="en" class="no-js demo5">
<head>
<meta charset="UTF-8" />
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Final Project</title>
<script type="text/javascript" src="js/jquery-1.11.3.min.js"></script>
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/musicHandlerRevamped.js"></script>
<script src="http://d3js.org/d3.v3.min.js" charset="utf-8"></script>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<!-- Latest compiled and minified CSS -->
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
<link rel="stylesheet" type="text/css" href="css/style.css" />
<link rel="stylesheet" type="text/css" href="css/styleLogin.css" />
<style></style>
/**
* Records a sql error in the database for review
*
* @version 1.0
* @since 1.0.0
* @author xLink
*
* @param string $message
* @param string $fileInfo
*
* @return bool
*/
public function recordError($message, $fileInfo)
{
if (is_empty($this->query)) {
return false;
}
$error = mysql_error();
if (is_empty($error) || $error == $this->lastError) {
return false;
}
$this->lastError = $error;
if (!is_file(cmsROOT . 'cache/ALLOW_LOGGING')) {
return false;
}
$info['uid'] = User::$IS_ONLINE ? $this->objUser->grab('id') : '0';
$info['date'] = time();
$info['query'] = $this->query;
$info['page'] = $this->config('global', 'fullPath');
$vars = array('get' => $_GET, 'post' => $_POST);
$info['vars'] = serialize($vars);
$info['error'] = secureMe($error);
$info['lineInfo'] = secureMe($fileInfo);
return $this->insertRow('sqlerrors', $info, false);
}