Ejemplo n.º 1
0
function menu_affiliates($args)
{
    if (defined('NO_DB')) {
        return;
    }
    global $objTPL, $objSQL;
    $settings = array('limit' => doArgs('limit', 6, $args), 'perRow' => doArgs('limit', 2, $args));
    //grab the table
    $table = $objSQL->getTable('SELECT * FROM `$Paffiliates` WHERE active = 1 AND showOnMenu = 1 ORDER BY rand() LIMIT %d;', array($settings['limit']));
    if ($table === NULL) {
        return 'Error: Could not query Affiliates.';
    }
    if (is_empty($table)) {
        return 'Error: No Affiliates in the database active.';
    }
    $return = NULL;
    $counter = 1;
    foreach ($table as $a) {
        $title = secureMe($a['title']) . '
            In: ' . $a['in'] . ' | Out: ' . $a['out'];
        $return .= '<a href="/' . root() . 'affiliates.php?out&id=' . $a['id'] . '" title="' . $title . '" target="_blank" rel="nofollow"><img src="' . $a['img'] . '" alt="' . $title . '" /></a>';
        if ($counter % $settings['perRow'] == 0) {
            $return .= '<br />';
        }
        $counter++;
    }
    return '<center>' . $return . '</center>';
}
Ejemplo n.º 2
0
 /**
  * Inserts a comment into the database
  *
  * @version     1.0
  * @since       1.0.0
  * @autor       xLink
  *
  * @param       string  $module         The module name
  * @param       int     $module_id      The Unique ID of the content
  * @param       int     $author         The comment author's UID
  * @param       string  $comment        The comment's content
  *
  * @return      int     mysql_inserted_id()
  */
 function insertComment($module, $module_id, $author, $comment)
 {
     unset($array);
     $array['module'] = $module;
     $array['module_id'] = $module_id;
     $array['author'] = $author;
     $array['comment'] = secureMe($comment);
     $array['timestamp'] = time();
     $log = 'Comments System: ' . $this->objUser->profile($this->objUser->grab('id'), RAW) . ' commented on <a href="' . $this->aURL[1] . '">this</a>.';
     return $this->objSQL->insertRow('comments', $array, $log);
 }
Ejemplo n.º 3
0
 /**
  * Inserts a comment into the database
  *
  * @version     2.0
  * @since       1.0.0
  * @author      Richard Clifford, Dan Aldridge
  *
  * @param       string  $module         The module name
  * @param       int     $module_id      The Unique ID of the content
  * @param       int     $author         The comment author's UID
  * @param       string  $comment        The comment's content
  *
  * @return      bool
  */
 function insertComment($module, $module_id, $author, $comment)
 {
     // Instanciate the Objects
     $objUser = coreObj::getUser();
     $objSQL = coreObj::getDBO();
     unset($array);
     $array['module'] = $module;
     $array['module_id'] = $module_id;
     $array['author'] = $author;
     $array['comment'] = secureMe($comment);
     $array['timestamp'] = time();
     $insertQuery = $objSQL->queryBuilder()->insertInto('#__comments')->set($array)->build();
     $insertResult = $objSQL->query($insertQuery);
     // TODO: log the comments
     $log = 'Comments System: ' . $objUser->profile($objUser->grab('id'), RAW) . ' commented on <a href="' . $this->aURL[1] . '">this</a>.';
     if ($insertResult) {
         return true;
     }
     return false;
 }
Ejemplo n.º 4
0
 /**
  * Outputs a table with currently detected themes in
  *
  * @version 1.0
  * @since   1.0.0
  * @author  Dan Aldridge
  * 
  * @return  void
  */
 public function themes()
 {
     $objForm = Core_Classes_coreObj::getForm();
     $objTPL = Core_Classes_coreObj::getTPL();
     $objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'table' => cmsROOT . 'modules/core/views/admin/themes/manageTable.tpl'));
     $dir = cmsROOT . 'themes';
     $tpls = getFiles($dir);
     //echo dump($tpls);
     foreach ($tpls as $tpl) {
         if ($tpl['type'] !== 'dir') {
             continue;
         }
         $tplName = secureMe($tpl['name'], 'alphanum');
         $details = $this->getDetails($tplName);
         //echo dump($details, $tplName);
         $objTPL->assign_block_vars('theme', array('NAME' => doArgs('name', 'N/A', $details), 'VERSION' => doArgs('version', '0.0', $details), 'ENABLED' => 'true', 'COUNT' => '9001', 'MODE' => doArgs('mode', 'N/A', $details), 'AUTHOR' => doArgs('author', 'N/A', $details)));
     }
     $objTPL->parse('table', false);
     Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Theme Management', 'CONTENT' => $objTPL->get_html('table', false), 'ICON' => 'fa-icon-user')));
 }
Ejemplo n.º 5
0
 public function contactInfoLinks($user, $filter = null)
 {
     if (is_empty($user['contact_info'])) {
         return null;
     }
     $user['contact_info'] = json_decode($user['contact_info'], true);
     if (!is_array($user['contact_info'])) {
         return null;
     }
     $filter = !is_empty($filter) ? explode('|', $filter) : array();
     //set the tpl and css up
     $this->objPage->addCSSCode('.contactInfo{ padding: 0 20px 1px 0; } .ico{ margin: 0; padding: 0 0 1px 20px; }');
     $icons = null;
     foreach ($user['contact_info'] as $row) {
         //continue(2)
         $ico = array();
         $ico['type'] = $row['type'];
         $ico['val'] = secureMe($row['val']);
         $ico['contact'] = 'Click to Visit <strong>' . $ico['val'] . '</strong>\'s Profile';
         switch ($row['type']) {
             //continue(1)
             //we dont want it processing for anything past what we have so break out of the switch AND the foreach
             default:
                 continue 2;
                 break;
             case 'wlm':
                 $blank = false;
                 $ico['url'] = 'msnim:chat?contact=' . $ico['val'];
                 $ico['contact'] = 'Windows Live Messenger: ' . $ico['contact'];
                 break;
             case 'aol':
                 $blank = false;
                 $ico['url'] = 'aim:goim?screenname=' . $ico['val'];
                 $ico['contact'] = 'AOL Instant Messenger: ' . $ico['contact'];
                 break;
             case 'sky':
                 $blank = false;
                 $ico['url'] = 'skype:' . $ico['val'] . '?chat';
                 $ico['contact'] = 'Skype: ' . $ico['contact'];
                 break;
             case 'yah':
                 $blank = false;
                 $ico['url'] = 'ymsgr:sendIM?' . $ico['val'];
                 $ico['contact'] = 'Yahoo Messenger: ' . $ico['contact'];
                 break;
             case 'gt':
                 $blank = false;
                 $ico['url'] = 'gtalk:chat?' . $ico['val'];
                 $ico['contact'] = 'Google Talk: ' . $ico['contact'];
                 break;
             case 'irc':
                 $blank = false;
                 $ico['url'] = $ico['val'];
                 $ico['contact'] = 'IRC: Click to connect to : ' . $ico['val'];
                 break;
             case 'twi':
                 $blank = false;
                 $ico['url'] = $ico['val'];
                 $ico['contact'] = 'Twitter: ' . $ico['contact'];
                 break;
             case 'fb':
                 $ico['url'] = 'http://facebook.com/' . $ico['val'];
                 $ico['contact'] = 'Facebook: ' . $ico['contact'];
                 break;
             case 'gt':
                 $ico['url'] = 'http://twitter.com/' . $ico['val'];
                 $ico['contact'] = 'Twitter: ' . $ico['contact'];
                 break;
             case 'gpl':
                 $allowed = array('plus.google.com', 'gplus.to');
                 if (preg_match('/(' . implode('|', $allowed) . ')/i', ${$ico}['val'])) {
                     $ico['url'] = $ico['val'];
                     $ico['contact'] = 'Facebook: ' . $ico['contact'];
                 }
                 break;
             case 'git':
                 $ico['url'] = 'https://github.com/' . $ico['val'];
                 $ico['contact'] = 'GitHub: ' . $ico['contact'];
                 break;
             case 'bbu':
                 $ico['url'] = 'https://bitbucket.org/' . $ico['val'];
                 $ico['contact'] = 'BitBucket: ' . $ico['contact'];
                 break;
             case 'grv':
                 $ico['url'] = 'http://grooveshark.com/#/' . $ico['val'];
                 $ico['contact'] = 'Grooveshark: ' . $ico['contact'];
                 break;
             case 'red':
                 $ico['url'] = 'http://www.reddit.com/user/' . $ico['val'];
                 $ico['contact'] = 'Reddit: ' . $ico['contact'];
                 break;
             case 'stu':
                 $ico['url'] = 'http://www.stumbleupon.com/stumbler/' . $ico['val'];
                 $ico['contact'] = 'StumbleUpon: ' . $ico['contact'];
                 break;
             case 'yam':
             case 'gma':
             case 'hom':
                 $blank = false;
                 $ico['url'] = 'mailto:' . $ico['val'];
                 $ico['contact'] = 'Email: ' . $ico['contact'];
                 break;
             case 'ste':
                 $ico['url'] = 'http://steamcommunity.com/id/' . $ico['val'];
                 $ico['contact'] = 'Steam: ' . $ico['contact'];
                 break;
             case 'spo':
                 $ico['url'] = 'http://open.spotify.com/user/' . $ico['val'];
                 $ico['contact'] = 'Spotify: ' . $ico['contact'];
                 break;
             case 'utb':
                 $ico['url'] = 'http://www.youtube.com/user/' . $ico['val'];
                 $ico['contact'] = 'YouTube: ' . $ico['contact'];
                 break;
             case 'dA':
                 $ico['url'] = 'http://' . $ico['val'] . '.deviantart.com/';
                 $ico['contact'] = 'DeviantArt: ' . $ico['contact'];
                 break;
             case 'urb':
                 $ico['url'] = $ico['val'];
                 $ico['contact'] = 'Your Blog: ' . $ico['contact'];
                 break;
             case 'urw':
                 $ico['url'] = $ico['val'];
                 $ico['contact'] = 'Your Website: ' . $ico['contact'];
                 break;
             case 'url':
                 $location = $ico['val'];
                 continue 2;
                 break;
         }
         $ico['blank'] = $blank || true;
         //if we have a filter, continue if this element isnt in the filter
         if (count($filter) && !in_array($row['type'], $filter)) {
             continue;
         }
         //add to the vars and return
         $icon = '<a href="%s" class="%s contactInfo hoverWatch" title="%s" rel="nofollow" ico="%s"%s>&nbsp;</a>';
         $icons .= sprintf($icon, $ico['url'], $ico['type'], $ico['contact'], $ico['type'], $ico['blank'] === true ? ' target="_blank"' : '');
     }
     return $icons;
 }
Ejemplo n.º 6
0
 /**
  * Returns an fully parsed avatar
  *
  * @version 1.0
  * @since   1.0.0
  * @author  xLink
  *
  * @param   int     $uid
  * @param   int     $size
  *
  * @return  string  HTML of the parsed avatar.
  */
 public function parseAvatar($uid, $size = 100)
 {
     $defaultAvatar = '/' . root() . 'images/no_avatar.png';
     $avatar = $this->getUserInfo($uid, 'avatar');
     if (is_empty($avatar)) {
         $avatar = $defaultAvatar;
         $_avatar = '<img src="%1$s" height="%2$s" width="%3$s" class="avatar corners" />';
         return sprintf($_avatar, $avatar, $size, $size);
     }
     $avatar = secureMe(preg_replace('_^/images/_', '/' . root() . 'images/', $avatar));
     $username = $this->getUserInfo($uid, 'username');
     $username_avatar = $username . '_avatar';
     $user = strtolower($username);
     $_avatar = '<a href="%1$s" class="lightwindow" title="%4$s\'s Avatar" data-avatar="%5$s">' . '<img src="%1$s" height="%2$s" width="%2$s" name="%3$s" id="%3$s" title="%4$s\'s Avatar" class="avatar corners" data-avatar="%4$s" /></a>';
     return sprintf($_avatar, $avatar, $size, $username_avatar, $username, $user);
 }
Ejemplo n.º 7
0
 /**
  * Performs action based on $action
  *
  * @version 1.0
  * @since   1.0.0
  * @author  xLink
  *
  * @param   string    $action
  */
 public function doAjax($action)
 {
     if (is_empty($action)) {
         $this->throwHTTP(500);
         return false;
     }
     switch ($action) {
         case 'sortForum':
             parse_str($_POST['order'], $order);
             if (!is_array($order) || !count($order)) {
                 $this->throwHTTP(401);
             }
             parse_str($_POST['state'], $state);
             if (!is_array($state) || !count($state)) {
                 $this->throwHTTP(401);
             }
             if (!is_array($order['sortable_forums']) || !count($order['sortable_forums'])) {
                 $this->throwHTTP(401);
             }
             foreach ($order['sortable_forums'] as $k) {
                 $go[$k] = $state[$k] == 1 ? 1 : 0;
             }
             echo print_r($go, true);
             $db = serialize($go);
             $_SESSION['user']['forum_cat_order'] = $db;
             $update['forum_cat_order'] = $db;
             $this->objUser->updateUserSettings($this->objUser->grab('id'), $update);
             break;
             //edit in place stuff
         //edit in place stuff
         case 'eip':
             $id = doArgs('id', 0, $_GET, 'is_number');
             $uid = $this->objUser->grab('id');
             if ($id == 0 || !User::$IS_ONLINE) {
                 die('Error: There was a problem with the form you submitted. Please try again.');
             }
             //grab the post were reffering to
             $post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id));
             if (!$post) {
                 die('Error: There was a problem obtaining the post data. Error 0x01;');
             }
             //grab the required thread so we got something to work with..
             $thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id']));
             if (!$thread) {
                 die('Error: There was a problem obtaining the post data. Error 0x02;');
             }
             //now grab the cat id..
             $cat = $this->getForumInfo($thread['cat_id']);
             if (!$cat) {
                 die('Error: There was a problem obtaining the post data. Error 0x03;');
             }
             $catAuth = $this->auth[$cat['id']];
             if ($post['author'] != $uid && !$catAuth['auth_edit'] && !$catAuth['auth_mod'] && !IS_MOD) {
                 die('Error: This is not your post;');
             }
             //load or save?
             $action = doArgs('action', false, $_GET);
             if ($action == 'load') {
                 echo html_entity_decode($post['post']);
             } else {
                 if ($action == 'save') {
                     //what we have dosent match whats its supposed to be
                     if (doArgs('editorId', false, $_POST) != 'post_id_' . $id) {
                         die('Error: There was a problem with the form you submitted.');
                     }
                     unset($update);
                     $update['post'] = secureMe($_POST['value']);
                     $update['edited'] = $post['edited'] + 1;
                     $update['edited_uid'] = $uid;
                     $post_update = $this->objSQL->updateRow('forum_posts', $update, array('id ="%d"', $id));
                     if ($post_update) {
                         contentParse($_POST['value'], true);
                         exit;
                     } else {
                         die('Error: This is not your post, or there was a problem with saving the post. Error 0x02;');
                     }
                 }
             }
             break;
         case 'quote':
             $id = doArgs('id', 0, $_GET, 'is_number');
             $uid = $this->objUser->grab('id');
             if ($id == 0 || !User::$IS_ONLINE) {
                 die('Error: There was a problem with the form you submitted. Please try again.');
             }
             //grab the post were reffering to
             $post = $this->objSQL->getLine('SELECT * FROM `$Pforum_posts` WHERE id ="%s" LIMIT 1;', array($id));
             if (!$post) {
                 die('Error: There was a problem obtaining the post data. Error 0x01;');
             }
             //grab the required thread so we got something to work with..
             $thread = $this->objSQL->getLine('SELECT id, cat_id FROM `$Pforum_threads` WHERE id ="%s" LIMIT 1;', array($post['thread_id']));
             if (!$thread) {
                 die('Error: There was a problem obtaining the post data. Error 0x02;');
             }
             //now grab the cat id..
             $cat = $this->getForumInfo($thread['cat_id']);
             if (!$cat) {
                 die('Error: There was a problem obtaining the post data. Error 0x03;');
             }
             $catAuth = $this->auth[$cat['id']];
             if (!$catAuth['auth_read'] && !$catAuth['auth_mod'] && !IS_MOD) {
                 die('Error: This is not your post;');
             }
             $quote = "\n[quote=%s]\n%s\n[/quote]\n";
             echo sprintf($quote, $this->objUser->getUserInfo($post['author'], 'username'), $post['post']);
             break;
     }
     //everything that happens here dosent need to be output back to the parent template
     exit;
 }
Ejemplo n.º 8
0
/**
 * Output a specfic iteration for getExecInfo
 *
 * @version    1.0
 * @since   1.0.0
 * @author  xLink
 *
 * @param   array     $file
 * @param   string     $info
 * @param   string  $nl
 *
 * @return  string
 */
function outputDebug($file, $info = null, $nl = '<br />')
{
    $filename = explode(stristr(PHP_OS, 'WIN') ? '\\' : '/', $file['file']);
    $msg = ($info !== null ? '<strong>[' . $info . ']</strong> <br />' : null) . ' Called on line <strong>' . $file['line'] . '
                        </strong> of file <strong>' . $filename[count($filename) - 1] . '</strong> via function <strong>' . $file['function'] . '</strong> with arguments: (\'' . (is_array($file['args']) ? secureMe(implode('\', \'', $file['args'])) : null) . '\')' . $nl;
    return $msg;
}
Ejemplo n.º 9
0
 /**
  * Tests the remember me cookie for valid details
  *
  * @version 1.0
  * @since   1.0
  * @author  Daniel Noel-Davies
  *
  * @todo Test this func, new port from old sys :P
  */
 public function rememberMe()
 {
     // site setting needs to be enabled for one
     if ($this->config('login', 'remember_me', 'false')) {
         return false;
     }
     // make sure we have the cookie to begin with
     if (is_empty(doArgs('login', null, $_COOKIE))) {
         return false;
     }
     // should be non-empty
     $cookie = unserialize($_COOKIE['login']);
     if (is_empty($cookie)) {
         return false;
     }
     // check for the expected keys in the array
     $values = array('uData', 'uIP', 'uAgent');
     foreach ($values as $v) {
         if (!isset($cookie[$v]) && !is_empty($cookie[$v])) {
             return false;
         }
     }
     // uData should be 5 chars in length
     if (strlen($cookie['uData']) != 5) {
         return false;
     }
     // IP lock active, does the IP match what we have on file?
     if ($this->config('login', 'ip_lock', false) && $cookie['uIP'] !== Core_Classes_User::getIP()) {
         return false;
     }
     // make sure the useragent matches too
     if ($cookie['uAgent'] != md5($_SERVER['HTTP_USER_AGENT'] . $this->config('db', 'ckeauth'))) {
         return false;
     }
     // query for the userkey
     $objSQL = Core_Classes_coreObj::getDBO();
     $query = $objSQL->queryBuilder()->select('uData')->from('#__userkeys')->where(sprintf('uData LIKE "%s"', '%' . secureMe($cookie['uData'], 'sql') . '%'))->andWhere('uAgent', '=', $objSQL->quote(secureMe($cookie['uAgent'], 'sql')));
     if ($this->config('login', 'ip_lock', false)) {
         $query = $query->andWhere('uIP', '=', $objSQL->quote(secureMe($cookie['uIP'], 'sql')));
     }
     $query = $query->limit(1);
     // check to see if we have anything
     $query = $objSQL->fetchRow($query->build());
     if ($query === fales) {
         return false;
     }
     // untangle the ID & check for it
     $query['uData'] = explode(':', $query['uData']);
     if (!isset($query['uData'][1]) || is_empty($query['uData'][1])) {
         return false;
     }
     // grab the user data if we can
     $this->userData = $objUser->get('*', $query['uData'][1]);
     if (!is_array($this->userData) || is_empty($query['uData'][1])) {
         return false;
     }
     // now run some checks make sure they are able to login etc
     if (!doArgs('autologin', false, $this->userData)) {
         return false;
     }
     if (!$this->activeCheck()) {
         return false;
     }
     if (!$this->banCheck()) {
         return false;
     }
     if (!$this->whitelistCheck()) {
         return false;
     }
     // everything seems fine, gogogo!
     $objSessions = Core_Classes_coreObj::getSession();
     $objSessions->setSessions($this->userData['uid'], true);
     $objSessions->newSession();
     return true;
 }
Ejemplo n.º 10
0
 /**
  * Editor for the menu system
  *
  * @version 1.0
  * @since   1.0.0
  * @author  Dan Aldridge
  *  
  * @return  void
  */
 public function edit($args = array())
 {
     $objTPL = Core_Classes_coreObj::getTPL();
     $objSQL = Core_Classes_coreObj::getDBO();
     $objPage = Core_Classes_coreObj::getPage();
     // Check we have the menu name
     if (!is_array($args) || !is_string($args[1]) || strlen($args[1]) == 0) {
         // error
         trigger_error('Error: Could not get menu name.');
         $this->menus();
         return;
     }
     /** Menu JS **/
     $objPage->addCSSFile(array('href' => '/' . root() . 'modules/core/assets/styles/admin/menus/Tree.css', 'type' => 'text/css'));
     $objPage->addCSSFile(array('href' => '/' . root() . 'modules/core/assets/styles/admin/menus/Collapse.css', 'type' => 'text/css'));
     $objPage->addJSFile(array('src' => '/' . root() . 'modules/core/assets/javascript/admin/menus/Tree.js'), 'footer');
     $objPage->addJSFile(array('src' => '/' . root() . 'modules/core/assets/javascript/admin/menus/custom.js'), 'footer');
     $menuName = $args[1];
     $objTPL->set_filenames(array('panel' => cmsROOT . 'modules/core/views/admin/menus/menu_link_list.tpl'));
     $queryList = $objSQL->queryBuilder()->select('*')->from('#__menus')->where('menu_name', '=', $menuName)->orderBy('`parent_id`, `order`', 'ASC');
     $links = $objSQL->fetchAll($queryList->build());
     if (!is_array($links)) {
         trigger_error('Error: Menu does not exist.');
         $this->menus();
         return false;
     }
     $args = array('title' => 'link_title', 'id' => 'id', 'parent' => 'parent_id');
     $tree = $this->generateTree($links, $args);
     $objTPL->assign_var('tree_menu', $tree);
     $objTPL->parse('panel', false);
     Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'Edit Menu - <strong>' . secureMe($menuName) . '</strong>', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'icon-th-list'), 'custom' => array('ICON' => 'icon-save', 'URL' => '#', 'TITLE' => 'Save', 'LINK' => '', 'CLASS' => '', 'EXTRA' => 'data-toggle="tooltip" data-placement="top"')));
 }
Ejemplo n.º 11
0
 /**
  * Outputs the pagecrumbs
  *
  * @version 1.0
  * @since   1.0.0
  * @author  xLink
  *
  * @return  string
  */
 public function showPagecrumbs()
 {
     $breadcrumbs = $this->pageCrumbs;
     if (is_empty($breadcrumbs)) {
         return null;
     }
     //setup some vars
     $counter = count($breadcrumbs);
     $x = $counter;
     $return = '';
     $glue = ' >> ';
     //loop through each breadcrumb
     foreach ($breadcrumbs as $k => $link) {
         //if its empty, minus one to $x, and continue
         if (is_empty($link['name'])) {
             $x--;
         } else {
             //set the string up
             $string = '<a href="%s">%s</a>';
             //secure the string up
             $link['name'] = secureMe($link['name']);
             //if its the last one, make it bold
             if ($x - 1 == $k) {
                 $link['name'] = '<b>' . $link['name'] . '</b>';
             }
             //set the string up properly
             $return .= sprintf($string, $link['url'], $link['name']);
             //set the glue if its not the last one
             if ($x - 1 != $k) {
                 $return .= $glue;
             }
         }
     }
     return $return;
 }
Ejemplo n.º 12
0
 /**
  * Loads a module and its languagefile with the name from the parameter $module
  *
  * @version 2.0
  * @since   0.8.0
  * @author  xLink
  *
  * @param   string  $module         The name of the module to be loaded
  * @param   bool    $languageFile   Defines weather the language file accociated with the module should be loaded.
  *
  * @return  bool
  */
 function loadModule($module, $languageFile = false, $mode = 'class')
 {
     if ($mode === NULL) {
         $mode = 'class';
     }
     if ($mode == 'class') {
         //check weather we've already used this module
         $module_enable = isset($_SESSION['site']['modules'][$module]) ? $_SESSION['site']['modules'][$module] == 1 ? 'enabled' : 'disabled' : 'first';
         $module_enable = 'enabled';
         switch ($module_enable) {
             case 'disabled':
                 //false means the module is disabled so stop here.
                 $this->objPage->setTitle('Module Disabled');
                 hmsgDie('FAIL', 'Module: "' . $module . '" is disabled.');
                 exit;
                 break;
             case 'first':
                 //null means we havent so continue
                 $enable_check = $this->objSQL->getValue('modules', 'enabled', array('name = "%s"', $module));
                 switch ($enable_check) {
                     case NULL:
                         $this->objPage->setTitle('Module Not Installed');
                         $msg = NULL;
                         if (!is_dir(cmsROOT . 'modules/' . $module . '/')) {
                             $this->throwHTTP(404);
                         }
                         if (file_exists(cmsROOT . 'modules/' . $module . '/install.php') && User::$IS_ADMIN) {
                             $msg = '<br />But it can be, <a href="/' . root() . 'modules/' . $module . '/install/">Click Here</a>';
                         }
                         if (User::$IS_ADMIN) {
                             hmsgDie('FAIL', 'Module "' . secureMe($module) . '" isnt installed.' . $msg);
                         } else {
                             $this->throwHTTP(404);
                         }
                         exit;
                         break;
                     case 0:
                         return false;
                         break;
                     default:
                         //cache it in session so we dont have to run the query everytime we use this module
                         $_SESSION['site']['modules'][$module] = $enable_check;
                 }
                 break;
         }
     }
     //now with the rest of the checks
     if (!is_file(cmsROOT . 'modules/' . $module . '/cfg.php')) {
         hmsgDie('FAIL', 'Could not locate the configuration file for "' . $module . '". Load Failed');
     }
     if (!is_file(cmsROOT . 'modules/' . $module . '/' . $mode . '.' . $module . '.php')) {
         hmsgDie('FAIL', 'Could not locate Module "' . $module . '". Load Failed');
     }
     include_once cmsROOT . 'modules/' . $module . '/' . $mode . '.' . $module . '.php';
     if ($languageFile) {
         translateFile(cmsROOT . 'modules/' . $module . '/language/lang.' . $this->config('global', 'language') . '.php');
     }
     return true;
 }
Ejemplo n.º 13
0
 /**
  * Makes sure the cookie is valid
  *
  * @version 1.0
  * @since   1.0.0
  * @author  Jesus
  *
  * @return  bool
  */
 public function runRememberMe()
 {
     if (!$this->config('login', 'remember_me')) {
         $this->setError('Remember Me Failed. Remember Me is disabled site wide');
         return false;
     }
     //make sure we have a cookie to begin with
     if (is_empty(doArgs('login', null, $_COOKIE))) {
         $this->setError('Remember Me Failed. Cookie not found.');
         return false;
     }
     //this should return something not empty...
     $cookie = unserialize($_COOKIE['login']);
     if (is_empty($cookie)) {
         $this->setError('Remember Me Failed. Cookie contained unexpected information.');
         return false;
     }
     //verify we have the data we need
     $values = array('uData', 'uIP', 'uAgent');
     foreach ($values as $e) {
         if (!isset($cookie[$e]) && !is_empty($cookie[$e])) {
             $this->setError('Remember Me Failed. Cookie contained unexpected information.');
             return false;
         }
     }
     //uData should be 5 chars in length
     if (strlen($cookie['uData']) != 5) {
         $this->setError('Remember Me Failed. Cookie contained unexpected information.');
         return false;
     }
     //make sure the IP has the right IP of the client
     if ($this->config('login', 'ip_lock', false) && $cookie['uIP'] !== User::getIP()) {
         $this->setError('Remember Me Failed. Cookie contained unexpected information.');
         return false;
     }
     //and make sure the useragent matches the client
     if ($cookie['uAgent'] != md5($_SERVER['HTTP_USER_AGENT'] . $this->config('db', 'ckeauth'))) {
         $this->setError('Remember Me Failed. Cookie contained unexpected information.');
         return false;
     }
     //setup the query
     unset($query);
     $query[] = 'SELECT uData FROM `$Puserkeys` ';
     $query[] = 'WHERE uData LIKE "%' . secureMe($cookie['uData'], 'MRES') . ':%" ';
     $query[] = 'AND uAgent = "' . secureMe($cookie['uAgent'], 'MRES') . '" ';
     if ($this->config('login', 'ip_lock')) {
         $query[] = 'AND uIP = "' . secureMe($cookie['uIP'], 'MRES') . '" ';
     }
     $query[] = 'LIMIT 1;';
     //prepare and exec
     $query = $this->objSQL->getLine(implode(' ', $query));
     if (!count($query)) {
         $this->setError('Could not query for userkey');
         return false;
     }
     //untangle the user id from the query
     $query['uData'] = explode(':', $query['uData']);
     if (!isset($query['uData'][1]) || is_empty($query['uData'][1])) {
         $this->setError('No ID Exists');
         return false;
     }
     //now try and grab the user's info
     $this->userData = $this->objUser->getUserInfo($query['uData'][1]);
     if (is_empty($this->userData)) {
         $this->setError('No user exists with that ID');
         return false;
     }
     //now check to make sure users info is valid before letting em login properly
     if ($this->userData['autologin'] == 0) {
         $this->setError('User isn\'t set to autologin.');
         return false;
     }
     if (!$this->activeCheck()) {
         $this->setError('User isn\'t active.');
         return false;
     }
     if (!$this->banCheck()) {
         $this->setError('User is banned.');
         return false;
     }
     if (!$this->whiteListCheck()) {
         $this->setError('You\'re IP dosent match the whitelist.');
         return false;
     }
     //everything seems fine, log them in
     $this->objUser->setSessions($this->userData['id'], true);
     $this->objUser->newOnlineSession('Online System: AutoLogin Sequence Activated for ' . $this->userData['username']);
     return true;
 }
Ejemplo n.º 14
0
 /**
  * Sends a notification to the user
  *
  * @version 1.0
  * @since     1.0.0
  * @author     xLink
  *
  * @param    int        $uid        0 for current user, or UID of user
  * @param    string    $message    Message to output in the notification
  * @param    int        $module_id    ID that corresponds with the content peice for that module
  *
  * @return     bool
  */
 public function notifyUser($uid, $message, $title = null, $module_id = 0)
 {
     global $objModule;
     $user = $this->objUser->getUserInfo($uid);
     if (is_empty($user)) {
         $this->setError('Invalid User ID.');
         return false;
     }
     $insert['uid'] = $user['id'];
     $insert['type'] = 0;
     //not implemented yet
     $insert['body'] = secureMe($message);
     $insert['timestamp'] = time();
     $insert['title'] = !is_empty($title) ? $title : null;
     $insert['module'] = $objModule->module;
     $insert['module_id'] = is_number($module_id) ? $module_id : 0;
     $insert = $this->objSQL->insertRow('notifications', $insert);
     if (!mysql_affected_rows()) {
         $this->setError('Inserting notification failed. SQL: ' . $this->objSQL->getError());
         return false;
     }
     return true;
 }
Ejemplo n.º 15
0
function bbcode_quote($bbcode, $action, $name, $default, $params, $content)
{
    global $objUser;
    if ($action == BBCODE_CHECK) {
        return true;
    }
    if (doArgs('name', false, $params)) {
        $title = $objUser->profile($params['name'], RETURN_USER) . ' wrote';
        if (doArgs('date', false, $params)) {
            $title .= ' on ' . secureMe(trim($params['date']));
        }
        $title .= ':';
        if (doArgs('url', false, $params)) {
            $url = trim($params['url']);
            if ($bbcode->IsValidURL($url)) {
                $title = '<a href="' . secureMe($params['url']) . '">' . $title . '</a>';
            }
        }
    } else {
        if (!is_string($default)) {
            $title = 'Quote:';
        } else {
            $title = $objUser->profile($default, RETURN_USER) . ' wrote';
        }
    }
    return "\n<div class=\"bbcode_quote\">\n<div class=\"bbcode_quote_head\">" . $title . "</div>\n<div class=\"bbcode_quote_body\">" . $content . "</div>\n</div>\n";
}
Ejemplo n.º 16
0
 /**
  * Sets the pages title.
  *
  * @version 1.0
  * @since   1.0
  * @author  Dan Aldridge
  *
  * @param array $title
  */
 public function setTitle($title)
 {
     $objTPL = self::getTPL();
     $objTPL->assign_var('PAGE_TITLE', secureMe($title));
 }
Ejemplo n.º 17
0
<?php

session_start();
//Check if a user is logged in
if (isset($_SESSION['username'])) {
    header('Location: index.php');
}
include "dbConnect.php";
secureMe();
$dbconn = null;
$dbconn = connectDB($dbconn);
?>

<!DOCTYPE html>
<html lang="en" class="no-js demo5">
	<head>
		<meta charset="UTF-8" />
		<meta name="viewport" content="width=device-width, initial-scale=1.0"> 
		<title>Final Project</title>
    	<script type="text/javascript" src="js/jquery-1.11.3.min.js"></script>
    	<script type="text/javascript" src="js/bootstrap.min.js"></script>
    	<script type="text/javascript" src="js/musicHandlerRevamped.js"></script>
        <script src="http://d3js.org/d3.v3.min.js" charset="utf-8"></script>
      <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" integrity="sha384-1q8mTJOASx8j1Au+a5WDVnPi2lkFfwwEAa8hDDdjZlpLegxhjVME1fgjWPGmkzs7" crossorigin="anonymous">
<!-- Latest compiled and minified CSS -->

        
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css">
		<link rel="stylesheet" type="text/css" href="css/style.css" />
		<link rel="stylesheet" type="text/css" href="css/styleLogin.css" />
        <style></style>
Ejemplo n.º 18
0
 /**
  * Records a sql error in the database for review
  *
  * @version    1.0
  * @since   1.0.0
  * @author  xLink
  *
  * @param     string     $message
  * @param     string     $fileInfo
  *
  * @return     bool
  */
 public function recordError($message, $fileInfo)
 {
     if (is_empty($this->query)) {
         return false;
     }
     $error = mysql_error();
     if (is_empty($error) || $error == $this->lastError) {
         return false;
     }
     $this->lastError = $error;
     if (!is_file(cmsROOT . 'cache/ALLOW_LOGGING')) {
         return false;
     }
     $info['uid'] = User::$IS_ONLINE ? $this->objUser->grab('id') : '0';
     $info['date'] = time();
     $info['query'] = $this->query;
     $info['page'] = $this->config('global', 'fullPath');
     $vars = array('get' => $_GET, 'post' => $_POST);
     $info['vars'] = serialize($vars);
     $info['error'] = secureMe($error);
     $info['lineInfo'] = secureMe($fileInfo);
     return $this->insertRow('sqlerrors', $info, false);
 }