public function update(Requests\Auth\UpdateUser $request)
{
// Update Password
if ($request->has('new_password')) {
// Check if user has an existing password - GitHub users will not
if (auth()->user()->getAuthPassword() && !$request->has('current_password')) {
session()->flash('error', 'You must supply your current password!');
return redirect()->back()->withInput();
}
// Check if existing password is correct
if (auth()->user()->getAuthPassword() && !Hash::check($request->input('current_password'), auth()->user()->getAuthPassword())) {
session()->flash('error', 'Your current password is incorrect!');
return redirect()->back()->withInput();
}
}
$website = $request->has('website') && trim($request->input('website')) != '' ? $request->input('website') : null;
$github_username = $request->has('github_username') && trim($request->input('github_username')) != '' ? $request->input('github_username') : null;
$twitter_username = $request->has('twitter_username') && trim($request->input('twitter_username')) != '' ? $request->input('twitter_username') : null;
$user = User::find(auth()->user()->getAuthIdentifier());
$user->name = $request->input('name');
$user->username = $request->input('username');
$user->email = $request->input('email');
if ($request->has('new_password')) {
$user->password = bcrypt($request->input('new_password'));
}
$user->save();
settings()->setMany(['website' => $website, 'github_username' => $github_username, 'twitter_username' => $twitter_username]);
session()->flash('success', 'Account updated successfully!');
return redirect()->back();
}
protected function showGeneralForm()
{
$model = new SettingGeneralForm();
settings()->deleteCache();
//Set Value for the Settings
$model->site_name = Yii::app()->settings->get('general', 'site_name');
$model->site_title = Yii::app()->settings->get('general', 'site_title');
$model->site_description = Yii::app()->settings->get('general', 'site_description');
$model->slogan = Yii::app()->settings->get('general', 'slogan');
$model->homepage = Yii::app()->settings->get('general', 'homepage');
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'settings-form') {
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['SettingGeneralForm'])) {
$model->attributes = $_POST['SettingGeneralForm'];
if ($model->validate()) {
settings()->deleteCache();
foreach ($model->attributes as $key => $value) {
Yii::app()->settings->set('general', $key, $value);
}
user()->setFlash('success', t('General Settings Updated Successfully!'));
}
}
$this->render('cmswidgets.views.settings.settings_general_widget', array('model' => $model));
}
protected function __init()
{
parent::__init();
// TODO: Change the autogenerated stub
$this->mainCurrencyCode = settings()->getCurrency();
$this->exchangeRates = defPr($this->getProperty('exchange_rates'), ['USD' => 1, 'VND' => 22270]);
}
/**
* Process the PaymentWall payment
*
* @param Request $request
*/
public function getPaymentWall(Request $request)
{
$pingback = new Paymentwall_Pingback($_GET, $_SERVER['REMOTE_ADDR']);
if ($pingback->validate()) {
$virtualCurrency = $pingback->getVirtualCurrencyAmount();
$user = User::find($request->uid);
if (settings('paymentwall_double')) {
$n_credits = $virtualCurrency * 2;
} else {
$n_credits = $virtualCurrency;
}
if ($pingback->isDeliverable()) {
// Give credits to user
$user->money = $user->money + $n_credits;
$user->save();
Payment::create(['user_id' => $user->ID, 'transaction_id' => $request->ref, 'amount' => $n_credits]);
} elseif ($pingback->isCancelable()) {
// Remove credits from user
$user->money = $user->money + $n_credits;
$user->save();
$payment = Payment::find($request->ref);
$payment->delete();
}
echo 'OK';
// Paymentwall expects response to be OK, otherwise the pingback will be resent
} else {
echo $pingback->getErrorSummary();
}
}
/**
* Bootstrap the application services.
*
* @return void
*/
public function boot()
{
view()->composer(['front.header', 'admin.header'], function ($view) {
$languages = [];
$folders = File::directories(base_path('resources/lang/'));
foreach ($folders as $folder) {
$languages[] = str_replace('\\', '', last(explode('/', $folder)));
}
$view->with('languages', $languages);
});
view()->composer('front.header', function ($view) {
$apps = Application::all();
$view->with('apps', $apps);
});
view()->composer('admin.news.form', function ($view) {
$categories = ['update' => trans('news.category.update'), 'maintenance' => trans('news.category.maintenance'), 'event' => trans('news.category.event'), 'contest' => trans('news.category.contest'), 'other' => trans('news.category.other')];
$view->with('categories', $categories);
});
view()->composer('front.widgets', function ($view) {
$client_status = @fsockopen(settings('server_ip', '127.0.0.1'), 6543, $errCode, $errStr, 1) ? TRUE : FALSE;
$worlds = DB::connection('account')->table('worlds')->get();
$view->with('client_status', $client_status)->with('worlds', $worlds);
});
view()->composer('admin.donate.settings', function ($view) {
$view->with('currencies', trans('donate.currency'));
});
}
function theme_url($path = null)
{
if (null == $path) {
return url(settings('theme_folder'));
}
return url(settings('theme_folder') . $path);
}
/**
* Sending the actual email
*
* @param array $data
*/
public function sendMail(array $data)
{
SendMailService::send($data['view'], ['pass' => $data['mailData']['pass'], 'user' => $data['mailData']['user']], function ($m) use($data) {
$m->from('*****@*****.**', 'Amitav Roy');
$m->to($data['mailData']['user']->email)->subject('Welcome to ' . settings('site_name'));
});
}
public function __construct()
{
parent::__construct();
$db_config = settings('db_config');
$this->_table_prefix = $db_config['table_prefix'];
$this->load->database($db_config);
}
public function get($key)
{
if (!isset($settings[$key])) {
return null;
}
return settings($key);
}
function acp_run()
{
global $logged;
switch ($_GET['action']) {
case "test":
return "\n\t\t\t\t\t<table width='100%' cellspacing='3' cellpadding='0'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td width='80%'><strong>Category Name</strong></td>\n\t\t\t\t\t\t\t<td width='20%'><a href='#'>Edit</a> <a href='#'>Delete</a></td></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td colspan='2'><a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a>, <a href='#'>Forum 1</a></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td width='80%'><strong>Category Name</strong></td>\n\t\t\t\t\t\t\t<td width='20%'><a href='#'>Edit</a> <a href='#'>Delete</a></td></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td colspan='2'><a href='#'>Forum 1</a></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t";
break;
case "editusergroup":
return edit_groups();
break;
case "boards":
return manageboards();
break;
case "edituser":
return editusers();
break;
case "adduser":
return adduser();
break;
case "newcat":
return addcat();
break;
case "newforum":
return newforum();
break;
case "config":
return settings();
break;
default:
return acp_home();
break;
}
}
protected function renderContent()
{
$settings = GxcHelpers::getAvailableSettings();
$type = isset($_GET['type']) ? strtolower(plaintext($_GET['type'])) : 'general';
if (array_key_exists($type, $settings)) {
//Import the Setting Class
Yii::import('common.settings.' . $type . '.' . $settings[$type]['class']);
$model = new $settings[$type]['class']();
foreach ($model->attributes as $attr => $value) {
$model->{$attr} = Yii::app()->settings->get($type, $attr);
}
settings()->deleteCache();
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === $type . '-settings-form') {
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST[$settings[$type]['class']])) {
settings()->deleteCache();
$model->attributes = $_POST[$settings[$type]['class']];
if ($model->validate()) {
foreach ($model->attributes as $key => $value) {
Yii::app()->settings->set($type, $key, $value);
}
user()->setFlash('success', t('cms', 'Settings Updated Successfully!'));
}
}
$this->render('common.settings.' . $type . '.' . $settings[$type]['layout'], array('model' => $model));
} else {
throw new CHttpException(404, t('cms', 'The requested page does not exist.'));
}
}
public function postIndex()
{
//Get all the data and store it inside Store Variable
$data = Input::all();
//Validation rules
$rules = array('name' => 'required', 'email' => 'required|email', 'message' => 'required|min:5');
//Validate data
$validator = Validator::make($data, $rules);
//If everything is correct than run passes.
if ($validator->fails()) {
return Redirect::route('contact')->with('error', 'Feedback must contain more than 5 characters. Try Again.');
//return View::make('contact');
} else {
//return contact form with errors
$name = Input::get('name');
$email = Input::get('email');
$phone = Input::get('phone');
$subject = Input::get('subject');
$messages = Input::get('message');
$data = array('name' => $name, 'email' => $email, 'phone' => $phone, 'subject' => $subject, 'messages' => $messages);
Mail::send('frontend.contact.contact', $data, function ($message) use($data) {
$message->from('*****@*****.**', 'Spice Island Charter');
//$message->from('*****@*****.**', 'feedback contact form');
//email 'To' field: cahnge this to emails that you want to be notified.
$message->to(settings('email'), 'Spice Island Charter')->subject('Inquiry');
});
// Redirect to page
return Redirect::route('contact')->with('message', 'Your message has been sent. Thank You!');
}
}
/**
* Question management page.
*/
public function action_index()
{
// Set page title
$this->title(l('security_questions'));
// Extract questions
$questions = json_decode(settings('security_questions'), true);
// Add an empty question
if (!count($questions)) {
$questions[] = array('question' => '', 'answers' => '');
}
// Check if the form has been submitted
$errors = array();
if (Request::method() == 'post') {
// Process questions
$updated_questions = array();
foreach (Request::$post['questions'] as $id => $question) {
// Check fields
foreach ($question as $field => $value) {
if (empty($value)) {
$errors[$id][$field] = true;
}
}
// Add if no errors
if (!isset($errors[$id])) {
$updated_questions[] = $question;
}
}
// Save and redirect
if (!count($errors)) {
$this->db->update('settings')->set(array('value' => json_encode($updated_questions)))->where('setting', 'security_questions')->exec();
Request::redirect(Request::requestUri());
}
}
View::set(compact('questions', 'errors'));
}
/**
* This function is beign used to change the users emailaddress info.
* It will first check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* The emailaddress will be validated first. If the checking was successful the email will be updated and the settings template will be reloaded. Errors made by invalid data will be shown
* also after reloading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function userRegistration()
{
try {
//if logged in
if (WebUsers::isLoggedIn()) {
$dbl = new DBLayer("lib");
$dbl->update("settings", array('Value' => $_POST['userRegistration']), "`Setting` = 'userRegistration'");
$result['target_id'] = $_GET['id'];
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$pageElements = settings();
$pageElements = array_merge(settings(), $result);
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
// pass error and reload template accordingly
helpers::loadtemplate('settings', $pageElements);
throw new SystemExit();
} else {
//ERROR: user is not logged in
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
private function __construct()
{
$settings = settings();
$this->type = $settings->getNumberFormat();
$this->currencyCode = $settings->getCurrency();
$this->modeNormal();
}
public function __construct()
{
parent::__construct();
$login_check_url = settings('anysdk_login_url');
if ($login_check_url) {
$this->_loginCheckUrl = $login_check_url;
}
}
public function postBalance(Request $request, User $user)
{
$this->validate($request, ['amount' => 'required|numeric']);
$user->money = $user->money + $request->amount;
$user->save();
flash()->success(trans('members.success', ['user' => $user->name, 'count' => $request->amount, 'currency' => strtolower(settings('currency_name'))]));
return redirect()->back();
}
/**
* Raising the event when a new user is created.
*
* @param Created $event
*/
public function onCreate(Created $event)
{
$this->logger->log('A new user was create');
if (settings('send_password_through_mail') == "true") {
$event->sendUserCreationEmail($this->mail);
$this->logger->log('User registration mail was sent.');
}
}
public function yearOptions($emptyText = null)
{
$years = collect(array_combine($range = range(date('Y'), settings('app.min_year', 2000)), $range));
if ($emptyText) {
$years->prepend($emptyText, 0);
}
return $years;
}
/**
* Show the application login form
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function getLogin()
{
if (Auth::user()) {
return redirect()->route('dashboard');
}
$validator = JsValidator::make($this->loginValidationRules);
return view(settings('theme_folder') . 'user/login', compact('validator'));
}
/**
* Checks the submitted answer.
*
* @param object $model
*/
public static function check_answer(&$model)
{
$questions = json_decode(settings('security_questions'), true);
$question = $questions[$_SESSION['question_id']];
$answers = explode('|', $question['answers']);
if (!in_array(Request::$post['answer'], $answers)) {
$model->_add_error('answer', l('errors.security_questions.answer_is_wrong'));
}
}
public function sendUserCreationEmail(MailRepository $mail)
{
// for social logins, no emails will be sent.
if ($this->user->accont_type != 'normal') {
return true;
}
$mailData = ['pass' => $this->password, 'user' => $this->user];
$mail->log(['from' => '*****@*****.**', 'to' => $this->user->email, 'message' => View::make(settings('theme_folder') . 'mails/user-created-mail')->with(['user' => $this->user, 'pass' => $this->password]), 'attachment' => '', 'status' => 1, 'type' => 'Registration mail', 'subject' => 'Welcome to ' . settings('site_name'), 'view' => settings('theme_folder') . 'mails/user-created-mail', 'mailData' => $mailData]);
}
/**
* Display a listing of the settings.
*
* @param \Illuminate\Http\Request $request
* @return \Dingo\Api\Http\Response
*/
public function index(Request $request)
{
$settings = settings()->all(true);
$data = [];
foreach ($settings as $name => $value) {
$data[] = ['name' => $name, 'value' => $value];
}
return response()->json(['data' => $data]);
}
/**
* Get the validation rules that apply to the request.
*
* @return array
*/
public function rules()
{
$rules = ['name' => 'required|min:3', 'email' => 'required|email|unique:users,email', 'first_name' => 'required', 'last_name' => 'required'];
if (settings('send_password_through_mail') == "false") {
$rules['password'] = '******';
$rules['cpassword'] = '******';
}
return $rules;
}
/**
* Show the dashboard
*
* @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
*/
public function getIndex()
{
pagetitle([trans('main.dashboard'), settings('server_name')]);
$online_players = 0;
foreach (DB::connection('account')->table('worlds')->get() as $world) {
$online_players += $world->online_user;
}
$releases = $this->github->api('repo')->releases()->all('huludini', 'aura-kingdom-web');
return view('admin.index', compact('online_players', 'releases'));
}
/** @test */
function it_sets_and_gets_setting_values()
{
settings('foo', 'bar');
$this->assertEquals(settings('foo'), 'bar');
$this->assertEquals(settings()->getComplete('foo'), ['value' => 'bar', 'label' => null, 'type' => 'text', 'group' => null]);
settings('bar', 42, 'Baz', 'number');
$this->assertEquals(settings()->getComplete('bar'), ['value' => 42, 'label' => 'Baz', 'type' => 'number', 'group' => null]);
settings()->setGroup('dummy', 'Dummy Test');
settings('baz', 100, 'Baz', 'number', 'dummy');
$this->assertEquals(settings()->getComplete('baz'), ['value' => 100, 'label' => 'Baz', 'type' => 'number', 'group' => 'dummy']);
}
public function UploadFile(&$resource, $model, &$process, &$message, $remote = false)
{
if ($model->upload->size > $this->max_file_size) {
$allow_size = $this->max_file_size / (1024 * 1024);
$model->addError('upload', t('cms', 'File size is larger than allowed size : ') . $allow_size . ' mb');
$process = false;
return false;
}
if ($model->upload->size < $this->min_file_size) {
$model->addError('upload', t('cms', 'File is too small!'));
$process = false;
return false;
}
if (count($this->allow_types) > 0) {
if (!in_array(strtolower(CFileHelper::getExtension($model->upload->name)), $this->allow_types)) {
$model->addError('upload', t('cms', 'File extension is not allowed!'));
$process = false;
return false;
}
}
$filename = $resource->resource_name = $model->upload->name;
if (settings()->get('system', 'keep_file_name_upload') == '0') {
$filename = gen_uuid();
} else {
$filename = str_replace(" ", "-", $filename);
}
// folder for uploaded files
$folder = date('Y') . DIRECTORY_SEPARATOR . date('m') . DIRECTORY_SEPARATOR;
if (!(file_exists(self::RESOURCES_FOLDER . DIRECTORY_SEPARATOR . $folder) && is_dir(self::RESOURCES_FOLDER . DIRECTORY_SEPARATOR . $folder))) {
mkdir(self::RESOURCES_FOLDER . DIRECTORY_SEPARATOR . $folder, 0777, true);
}
if (settings()->get('cms', 'system', 'keep_file_name_upload') == '1') {
//Check if File exists, so Rename the Filename again;
while (file_exists(self::RESOURCES_FOLDER . DIRECTORY_SEPARATOR . $folder . DIRECTORY_SEPARATOR . $filename . '.' . strtolower(CFileHelper::getExtension($model->upload->name)))) {
$filename .= rand(10, 99);
}
}
if (settings()->get('system', 'keep_file_name_upload') == '0') {
$filename = $filename . '.' . strtolower(CFileHelper::getExtension($model->upload->name));
}
$path = $folder . $filename;
if ($model->upload->saveAs(self::RESOURCES_FOLDER . DIRECTORY_SEPARATOR . $path)) {
$resource->resource_path = $path;
//Resource::generateThumb($model->upload->name,$folder,$filename);
$process = true;
return true;
} else {
$process = false;
$message = t('cms', 'Error while Uploading. Try again later.');
return false;
}
}
/**
* This function is beign used to add a new user to the www database.
* it will first check if the sent $_POST variables are valid for registering, if one or more rules are broken (eg the username is too short) the template will be reloaded
* but this time with the appropriate error messages. If the checking was successful it will call the write_user() function (located in this same file). That function will create
* a new www user and matching ticket_user. It will also push the newly created user to the shard. In case the shard is offline, the new user will be temporary stored in the ams_querycache,
* waiting for the sync cron job to update it.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_user()
{
global $INGAME_WEBPATH;
$params = array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]);
$webUser = new WebUsers();
//check if the POST variables are valid, before actual registering
$result = $webUser->check_Register($params);
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
// if all are good then create user
if ($result == "success") {
$edit = array('name' => $_POST["Username"], 'pass' => $_POST["Password"], 'mail' => $_POST["Email"], 'init' => $_POST["Email"], 'unhashpass' => $_POST["Password"], 'status' => 1, 'access' => $_SERVER['REQUEST_TIME']);
$status = write_user($edit);
if (Helpers::check_if_game_client()) {
//if registering ingame then we have to set the header and dont need to reload the template.
header('Location: email_sent.php');
throw new SystemExit();
}
$pageElements = settings();
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$pageElements['SUCCESS_ADD'] = $status;
if (isset($_GET['page']) && $_GET['page'] == "settings") {
helpers::loadtemplate('settings', $pageElements);
} else {
$pageElements['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('register_feedback', $pageElements);
}
throw new SystemExit();
} elseif (isset($_GET['page']) && $_GET['page'] == "settings") {
$pageElements = array_merge(settings(), $result);
// pass error and reload template accordingly
$pageElements['prevUsername'] = $_POST["Username"];
$pageElements['prevPassword'] = $_POST["Password"];
$pageElements['prevConfirmPass'] = $_POST["ConfirmPass"];
$pageElements['prevEmail'] = $_POST["Email"];
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$pageElements['do'] = "add_user";
helpers::loadtemplate('settings', $pageElements);
throw new SystemExit();
} else {
// pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"];
$result['prevPassword'] = $_POST["Password"];
$result['prevConfirmPass'] = $_POST["ConfirmPass"];
$result['prevEmail'] = $_POST["Email"];
$result['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers::loadtemplate('register', $result);
throw new SystemExit();
}
}
/**
* 查询订单状态,单机游戏调用
* 接口地址:api/payment/check_order
*
*/
public function check_order()
{
// 验证 app_key 和 app_secret
$app_key = settings('app_key');
$app_secret = settings('app_secret');
$order_id = trim($this->input->post('order_id'));
$time = trim($this->input->post('time'));
$sign = trim($this->input->post('sign'));
$ver = trim($this->input->post('ver'));
if (empty($ver)) {
$ver = 0;
}
$submit_app_key = trim($this->input->post('app_key'));
if (empty($order_id)) {
echo json_encode(array('errno' => '101', 'errmsg' => 'order_id不能为空'));
return;
}
/**
* 若有填写app_key则需要验证签名
*/
if ($app_key) {
if (empty($sign)) {
echo json_encode(array('errno' => '103', 'errmsg' => '缺少签名sign'));
return;
}
if ($submit_app_key != $app_key) {
echo json_encode(array('errno' => '104', 'errmsg' => 'app_key无效'));
return;
}
// 验证签名
$sign_local = md5($app_key . $order_id . $time);
if ($sign_local != $sign) {
echo json_encode(array('errno' => '105', 'errmsg' => '签名sign无效'));
return;
}
}
$order = $this->pay_notify_mdl->getSuccessfulNotifyByOrderId($order_id);
if (empty($order)) {
echo json_encode(array('errno' => '100', 'errmsg' => ' 订单不存在'));
} else {
unset($order['id']);
unset($order['sign']);
unset($order['time']);
// 生成订单信息签名
if ($ver >= 1) {
$order_sign = $this->order_sign($order, $app_secret);
echo json_encode(array('errno' => '0', 'errmsg' => '查询成功', 'sign' => strtolower($order_sign), 'data' => $order));
} else {
echo json_encode(array('errno' => '0', 'errmsg' => '查询成功', 'data' => $order));
}
}
}
function prepare($caller)
{
global $settings;
foreach (file_scan_directory(__DIR__ . '/include/', '/.*\\.inc$/') as $include) {
include_once $include->uri;
}
$settings = settings($caller);
$install_file = $settings['script_path']['dirname'] . '/' . $settings['script_path']['filename'] . '.install';
$info_file = $settings['script_path']['dirname'] . '/' . $settings['script_path']['filename'] . '.info';
$includes = file_scan_directory($settings['script_path']['dirname'], '/.*\\.inc$/');
foreach ($includes as $include) {
include_once $include->uri;
}
}
