/**
* Update User Messenger Settings
*
* @param int $userID
* @param array $new
*/
public function updateMessenerSettings($userID, $data)
{
global $db;
BuckysUser::updateUserFields($userID, array('messenger_privacy' => $_POST['messenger_privacy'] == 'all' ? 'all' : 'buddy'));
//Update Buddylist Status
if ($data['messenger_privacy'] == 'all') {
//Change buddy list relationship to 1(Online)
$query = $db->prepare("UPDATE " . TABLE_MESSENGER_BUDDYLIST . " SET `status` = 1 WHERE buddyID=%d", $userID);
$db->query($query);
} else {
if ($data['messenger_privacy'] == 'buddy') {
//Reset buddylist relationship
$query = $db->prepare("UPDATE " . TABLE_MESSENGER_BUDDYLIST . " SET `status` = 0 WHERE buddyID=%d", $userID);
$db->query($query);
//only set the status=1 for them on the user buddylist
$buddys = $db->getResultsArray($db->prepare("SELECT messengerBuddylistID FROM " . TABLE_MESSENGER_BUDDYLIST . " WHERE userID=%d", $userID));
$buddys = array_chunk($buddys, 100);
//Process 100 ids at a once
foreach ($buddys as $ids) {
if (buckys_not_null($ids)) {
$db->query("UPDATE " . TABLE_MESSENGER_BUDDYLIST . " SET `status` = 1 WHERE messengerBuddylistID in (" . implode(", ", $ids) . ")");
}
}
}
}
}
$users = BuckysPrivateMessenger::searchNonBlockedUsers($userID, $_POST['term']);
$result = array();
foreach ($users as $row) {
$result[] = array("id" => $row['userID'], 'label' => $row['fullName'], 'value' => $row['fullName'], 'hash' => buckys_encrypt_id($row['userID']));
}
echo json_encode($result);
buckys_exit();
}
if ($_POST['action'] == 'load-messenger') {
echo loadMessenger();
BuckysUser::updateUserFields($userID, array('show_messenger' => 1));
buckys_exit();
}
if ($_POST['action'] == 'close-messenger') {
BuckysPrivateMessenger::closeConversationBox();
BuckysUser::updateUserFields($userID, array('show_messenger' => 0));
buckys_exit();
}
if ($_POST['action'] == 'save-settings') {
BuckysPrivateMessenger::updateMessenerSettings($userID, $_POST);
//Getting New Messenger Lists
$newUserHTML = BuckysPrivateMessenger::getUserListHTML($userID);
header('Content-type: application/xml');
render_result_xml(array('status' => 'success', 'html' => $newUserHTML));
buckys_exit();
}
if ($_POST['action'] == 'block-user') {
header('Content-type: application/xml');
$uID = isset($_POST['blockedID']) ? $_POST['blockedID'] : null;
$uIDHash = isset($_POST['blockedIDHash']) ? $_POST['blockedIDHash'] : null;
if (!$uID || !$uIDHash || !buckys_check_id_encrypted($uID, $uIDHash)) {
public function changePasswordAction()
{
$data = $_POST;
$token = isset($data['TOKEN']) ? trim($data['TOKEN']) : null;
if (!$token) {
return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')];
}
if (!($userID = BuckysUsersToken::checkTokenValidity($token, "api"))) {
return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')];
}
$current = BuckysUser::getUserData($userID);
if (!buckys_validate_password($data['current_password'], $current['password'])) {
return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result('Current password is incorrect.')];
} else {
$pwd = buckys_encrypt_password($data['new_password']);
if (BuckysUser::updateUserFields($userID, ['password' => $pwd])) {
return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ['STATUS' => 'SUCCESS']];
} else {
return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('There was an error to saving your information.')];
}
}
exit;
}
if ($photo['poster'] != $userID) {
buckys_redirect('/photo_manage.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Update Photo Caption and Privacy
BuckysPost::updatePhoto($userID, $_POST);
//Change user profile image
if ($_POST['photo_visibility'] == 2) {
if (!$photo['is_profile']) {
BuckysPost::createProfileImage($photo, $_POST);
}
//Update profile image with old one
BuckysUser::updateUserFields($userID, array('thumbnail' => $photo['image']));
} else {
if ($userData['thumbnail'] == $photo['image']) {
//If it was a profile image and now it is not, remove it from the profile image
BuckysUser::updateUserFields($userID, array('thumbnail' => ''));
}
}
//Save Album
if (isset($_POST['album']) && $_POST['album'] != '' && isset($albums[$_POST['album']])) {
BuckysAlbum::addPhotoToAlbum($_POST['album'], $photo['postID']);
}
buckys_redirect('/photo_edit.php?photoID=' . $photo['postID'], MSG_PHOTO_UPDATED, MSG_TYPE_SUCCESS);
exit;
}
}
$set_profile = isset($_GET['set_profile']) ? $_GET['set_profile'] : null;
buckys_enqueue_stylesheet('account.css');
buckys_enqueue_stylesheet('posting.css');
buckys_enqueue_stylesheet('jquery.Jcrop.css');
buckys_enqueue_javascript('jquery.Jcrop.js');
/**
* Use credits to place an item on trade section
*
* @param mixed $userID
* @param mixed $amount
*/
public function useCreditsInTrade($userID, $amount)
{
global $db;
$userIns = new BuckysUser();
$userInfo = $userIns->getUserBasicInfo($userID);
if (!$userInfo) {
return;
}
$userInfo['credits'] = $userInfo['credits'] - $amount;
$userIns->updateUserFields($userID, array('credits' => $userInfo['credits']));
$data = array('receiverID' => BuckysTransaction::BUCKYSROOM_ACCOUNT_ID, 'payerID' => $userID, 'activityType' => BuckysTransaction::ACTIVITY_TYPE_TRADE_ITEM_ADD, 'amount' => $amount, 'transactionID' => BuckysTransaction::NO_TRANSACTION_ID, 'receiverBalance' => 0, 'payerBalance' => $userInfo['credits'], 'createdDate' => date('Y-m-d H:i:s'));
$nId = $db->insertFromArray(TABLE_CREDIT_ACTIVITY, $data);
return $nId;
}
/**
* Save Post
*
* @param $userID
* @param mixed $data
* @return bool|int|null|string
*/
public static function savePhoto($userID, $data)
{
global $db, $TNB_GLOBALS;
//Check the Photo File Name
if (!isset($data['file']) || strpos($data['file'], "../") !== false || !file_exists(DIR_FS_PHOTO_TMP . $data['file'])) {
buckys_add_message(MSG_FILE_UPLOAD_ERROR, MSG_TYPE_ERROR);
return false;
}
$data['pageID'] = isset($data['pageID']) && is_numeric($data['pageID']) ? $data['pageID'] : BuckysPost::INDEPENDENT_POST_PAGE_ID;
// Validate the file type
$fileParts = pathinfo($data['file']);
if (!in_array(strtolower($fileParts['extension']), $TNB_GLOBALS['imageTypes'])) {
buckys_add_message(MSG_INVALID_PHOTO_TYPE, MSG_TYPE_ERROR);
return false;
}
//Validate File Size
list($width, $height, $type, $attr) = getimagesize(DIR_FS_PHOTO_TMP . $data['file']);
if ($width * $height > MAX_IMAGE_WIDTH * MAX_IMAGE_HEIGHT) {
buckys_add_message(MSG_PHOTO_MAX_SIZE_ERROR, MSG_TYPE_ERROR);
return false;
}
//Checking File Size and move it from the tmp folder to the user photo folder and resize it.
if ($data['post_visibility'] == 2) {
//Calc Ratio using real image width
$ratio = floatval($width / $data['width']);
$sourceWidth = ($data['x2'] - $data['x1']) * $ratio;
BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], PROFILE_IMAGE_WIDTH, PROFILE_IMAGE_HEIGHT, $data['x1'] * $ratio, $data['y1'] * $ratio, $sourceWidth, $sourceWidth);
if ($data['pageID'] == BuckysPost::INDEPENDENT_POST_PAGE_ID) {
//Update User Profile Field
BuckysUser::updateUserFields($userID, ['thumbnail' => $data['file']]);
$is_profile = 1;
} else {
//Update Page Profile field
$pageIns = new BuckysPage();
$pageIns->updateData($data['pageID'], ['logo' => $data['file']]);
$is_profile = 1;
}
} else {
if ($width > MAX_POST_IMAGE_WIDTH) {
$height = $height * (MAX_POST_IMAGE_WIDTH / $width);
$width = MAX_POST_IMAGE_WIDTH;
}
if ($height > MAX_POST_IMAGE_HEIGHT) {
$width = $width * (MAX_POST_IMAGE_HEIGHT / $height);
$height = MAX_POST_IMAGE_HEIGHT;
}
//Create normal image
BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], $width, $height, 0, 0);
$is_profile = 0;
}
$now = date('Y-m-d H:i:s');
$newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => 'image', 'post_date' => $now, 'image' => $data['file'], 'visibility' => $data['post_visibility'] > 0 ? 1 : 0, 'is_profile' => $is_profile]);
if (!$newId) {
buckys_add_message($db->getLastError(), MSG_TYPE_ERROR);
return false;
}
//Assign Photo to Album
if (isset($data['album']) && $data['album'] != '') {
if (!BuckysAlbum::checkAlbumOwner($data['album'], $userID)) {
buckys_add_message(MSG_INVALID_ALBUM_ID, MSG_TYPE_ERROR);
} else {
BuckysAlbum::addPhotoToAlbum($data['album'], $newId);
}
}
buckys_add_message(MSG_PHOTO_UPLOADED_SUCCESSFULLY);
return $newId;
}
}
//Save Phone Numbers
if ($_POST['action'] == 'save_phone') {
//Update User Phone numbers
if (BuckysUser::updateUserFields($userID, ['cell_phone' => $_POST['cell_phone'], 'cell_phone_visibility' => $_POST['cell_phone_visibility'], 'home_phone' => $_POST['home_phone'], 'home_phone_visibility' => $_POST['home_phone_visibility'], 'work_phone' => $_POST['work_phone'], 'work_phone_visibility' => $_POST['work_phone_visibility']])) {
echo 'Success';
} else {
echo $db->getLastError();
}
exit;
}
//Save Address
if ($_POST['action'] == 'save_address') {
$data = ['address1' => $_POST['address1'], 'address2' => $_POST['address2'], 'city' => $_POST['city'], 'state' => $_POST['state'], 'zip' => $_POST['zip'], 'country' => $_POST['country'], 'address_visibility' => $_POST['address_visibility']];
//Update User Phone numbers
if (BuckysUser::updateUserFields($userID, $data)) {
echo 'Success';
} else {
echo $db->getLastError();
}
exit;
}
//Save Contact Info
if ($_POST['action'] == 'save_messenger') {
$data = [];
for ($i = 0; $i < count($_POST['username']); $i++) {
$data[] = ['name' => $_POST['username'][$i], 'type' => $_POST['type'][$i], 'visibility' => $_POST['visibility'][$i]];
}
//Update User Phone numbers
if (BuckysUser::updateUserMessengerInfo($userID, $data)) {
echo 'Success';
if ($photo['poster'] != $userID) {
buckys_redirect('/photo_manage.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
//Update Photo Caption and Privacy
BuckysPost::updatePhoto($userID, $_POST);
//Change user profile image
if ($_POST['photo_visibility'] == 2) {
if (!$photo['is_profile']) {
BuckysPost::createProfileImage($photo, $_POST);
}
//Update profile image with old one
BuckysUser::updateUserFields($userID, ['thumbnail' => $photo['image']]);
} else {
if ($userData['thumbnail'] == $photo['image']) {
//If it was a profile image and now it is not, remove it from the profile image
BuckysUser::updateUserFields($userID, ['thumbnail' => '']);
}
}
//Save Album
if (isset($_POST['album']) && $_POST['album'] != '' && isset($albums[$_POST['album']])) {
BuckysAlbum::addPhotoToAlbum($_POST['album'], $photo['postID']);
}
buckys_redirect('/photo_edit.php?photoID=' . $photo['postID'], MSG_PHOTO_UPDATED, MSG_TYPE_SUCCESS);
exit;
}
}
$set_profile = isset($_GET['set_profile']) ? $_GET['set_profile'] : null;
buckys_enqueue_stylesheet('account.css');
buckys_enqueue_stylesheet('posting.css');
buckys_enqueue_stylesheet('jquery.Jcrop.css');
buckys_enqueue_javascript('jquery.Jcrop.js');
$users = BuckysPrivateMessenger::searchNonBlockedUsers($userID, $_POST['term']);
$result = [];
foreach ($users as $row) {
$result[] = ["id" => $row['userID'], 'label' => $row['fullName'], 'value' => $row['fullName'], 'hash' => buckys_encrypt_id($row['userID'])];
}
echo json_encode($result);
buckys_exit();
}
if ($_POST['action'] == 'load-messenger') {
echo loadMessenger();
BuckysUser::updateUserFields($userID, ['show_messenger' => 1]);
buckys_exit();
}
if ($_POST['action'] == 'close-messenger') {
BuckysPrivateMessenger::closeConversationBox();
BuckysUser::updateUserFields($userID, ['show_messenger' => 0]);
buckys_exit();
}
if ($_POST['action'] == 'save-settings') {
BuckysPrivateMessenger::updateMessenerSettings($userID, $_POST);
//Getting New Messenger Lists
$newUserHTML = BuckysPrivateMessenger::getUserListHTML($userID);
header('Content-type: application/xml');
render_result_xml(['status' => 'success', 'html' => $newUserHTML]);
buckys_exit();
}
if ($_POST['action'] == 'block-user') {
header('Content-type: application/xml');
$uID = isset($_POST['blockedID']) ? $_POST['blockedID'] : null;
$uIDHash = isset($_POST['blockedIDHash']) ? $_POST['blockedIDHash'] : null;
if (!$uID || !$uIDHash || !buckys_check_id_encrypted($uID, $uIDHash)) {
/**
* Use credits to list products in shop
*
* @param mixed $userID
* @param {mixed|mixed} $amount
* @return int|null|string|void {mixed|mixed}
*/
public function useCreditsInShop($userID, $amount)
{
global $db;
$userIns = new BuckysUser();
$userInfo = $userIns->getUserBasicInfo($userID);
if (!$userInfo) {
return;
}
$userInfo['credits'] = $userInfo['credits'] - $amount;
if ($userInfo['credits'] < 0) {
return;
}
//you can't use this amount
$userIns->updateUserFields($userID, ['credits' => $userInfo['credits']]);
$data = ['receiverID' => BuckysTransaction::TNB_ACCOUNT_ID, 'payerID' => $userID, 'activityType' => BuckysTransaction::ACTIVITY_TYPE_SHOP_PRODUCT_ADD, 'amount' => $amount, 'transactionID' => BuckysTransaction::NO_TRANSACTION_ID, 'receiverBalance' => 0, 'payerBalance' => $userInfo['credits'], 'createdDate' => date('Y-m-d H:i:s')];
$nId = $db->insertFromArray(TABLE_CREDIT_ACTIVITY, $data);
return $nId;
}
require dirname(__FILE__) . '/includes/bootstrap.php';
//Getting Current User ID
$userID = buckys_is_logged_in();
//If the parameter is null, goto homepage
if ($userID) {
buckys_redirect('/account.php');
}
$token = isset($_REQUEST['token']) ? $_REQUEST['token'] : '';
if (!$token) {
buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
}
if (!($userID = BuckysUsersToken::checkTokenValidity($token, 'password'))) {
buckys_redirect('/register.php?forgotpwd=1', MSG_USER_TOKEN_LINK_NOT_CORRECT, MSG_TYPE_ERROR);
}
if (isset($_POST['action']) && $_POST['action'] == 'reset-password') {
if (!$_POST['password'] || !$_POST['password']) {
buckys_add_message(MSG_EMPTY_PASSWORD, MSG_TYPE_ERROR);
} else {
if ($_POST['password'] != $_POST['password']) {
buckys_add_message(MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR);
} else {
$pwd = buckys_encrypt_password($_POST['password']);
BuckysUser::updateUserFields($userID, ['password' => $pwd]);
buckys_redirect('/index.php', MSG_PASSWORD_UPDATED);
}
}
}
buckys_enqueue_stylesheet('register.css');
buckys_enqueue_javascript('register.js');
$TNB_GLOBALS['content'] = 'reset_password';
require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
buckys_redirect("/index.php");
}
if (!$_POST['currentPassword'] || !$_POST['newPassword'] || !$_POST['newPassword2']) {
buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR);
$isValid = false;
} else {
if ($_POST['newPassword'] != $_POST['newPassword2']) {
buckys_redirect("/change_password.php", MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR);
$isValid = false;
}
}
//Check Current Password
$data = BuckysUser::getUserData($userID);
if (!$data) {
buckys_redirect("/index.php");
}
if (!buckys_validate_password($_POST['currentPassword'], $data['password'])) {
buckys_add_message(MSG_CURRENT_PASSWORD_NOT_CORRECT, MSG_TYPE_ERROR);
$isValid = false;
}
if ($isValid) {
$pwd = buckys_encrypt_password($_POST['newPassword']);
BuckysUser::updateUserFields($userID, array('password' => $pwd));
buckys_redirect('/change_password.php', MSG_PASSWORD_UPDATED);
}
}
buckys_enqueue_stylesheet('account.css');
buckys_enqueue_stylesheet('info.css');
$BUCKYS_GLOBALS['content'] = 'change_password';
$BUCKYS_GLOBALS['title'] = "Change Password - BuckysRoom";
require DIR_FS_TEMPLATE . $BUCKYS_GLOBALS['template'] . "/" . $BUCKYS_GLOBALS['layout'] . ".php";
