public function actionSend($name = null) { if (defined('DISABLE_MESSAGING') && DISABLE_MESSAGING) { throw new Lvc_Exception('Messaging disabled', 404); } $active_user = User::require_active_user(); $this->setLayoutVar('active_user', $active_user); if (is_null($name)) { throw new Lvc_Exception('Null username on send action'); } if ($user = User::find(array('name' => $name))) { if (!empty($this->post['submit'])) { $subject = $this->post['subject']; $body = $this->post['body']; $result = Message::send($user, $subject, $body, $active_user); if ($result['status']) { Flash::set('success', $result['message']); $this->redirect('/message/inbox'); die; } else { Flash::set('failure', $result['message']); } $this->setVar('subject', $subject); $this->setVar('body', $body); } $this->setVar('to_user', $user); } else { throw new Lvc_Exception('User Not Found: ' . $name); } }
private function _add($template) { $data = $this->request->post(); $this->auto_render = FALSE; if (empty($data['status'])) { $data['status'] = Model_Email_Template::INACTIVE; } Flash::set('post_data', $data); $template->values($data); try { if ($template->create()) { Kohana::$log->add(Log::INFO, 'Template :template has been added by :user', array(':template' => HTML::anchor(Route::get('email_controllers')->uri(array('controller' => 'templates', 'action' => 'edit', 'id' => $template->id)), $template->subject)))->write(); Messages::success(__('Email template has been saved!')); Observer::notify('email_templates_add', $template); } } catch (ORM_Validation_Exception $e) { Messages::errors($e->errors('validation')); $this->go_back(); } // save and quit or save and continue editing? if ($this->request->post('commit') !== NULL) { $this->go(Route::get('email_controllers')->uri(array('controller' => 'templates'))); } else { $this->go(Route::get('email_controllers')->uri(array('controller' => 'templates', 'action' => 'edit', 'id' => $template->id))); } }
private function _add(ORM $page) { $page_data = $this->request->post('page'); // Сохраняем полученые данные в сесиию Flash::set('page::add::data', $page_data); // Создаем новую страницу try { $page = $page->values($page_data)->create(); // Если есть права на управление ролями if (ACL::check('page.permissions')) { $page->save_permissions($this->request->post('page_permissions')); } Messages::success(__('Page has been saved!')); Flash::clear('page::add::data'); } catch (ORM_Validation_Exception $e) { Messages::errors($e->errors('validation')); $this->go_back(); } catch (Kohana_Exception $e) { Messages::errors(__('Something went wrong!')); $this->go_back(); } // save and quit or save and continue editing ? if ($this->request->post('commit') !== NULL) { $this->go(); } else { $this->go(array('action' => 'edit', 'id' => $page->id)); } }
public function update_event() { if (!isset($_POST['save'])) { Flash::set('error', __('Could not update this event!')); } else { use_helper('Kses'); /* Prepare the data */ $data = $_POST['event']; if (isset($data['id'])) { $data['id'] = kses(trim($data['id']), array()); } $event = new CalendarEvent(); if (isset($data['id'])) { $event->id = $data['id']; $event->created_by_id = $data['created_by_id']; } $event->title = $data['title']; $event->date_from = $data['date_from']; $event->date_to = $data['date_to']; $event->description = $data['description']; /* Check data and, if correct, save to DB */ if ($event->checkData() && $event->save()) { if (isset($data['id'])) { Flash::set('success', __('The event has been updated.')); } else { Flash::set('success', __('A new event has been created.')); } redirect(get_url('plugin/calendar/events')); } else { Flash::setNow('error', __('There are errors in the form.')); $this->display(CALENDAR_VIEWS . '/update', array('event' => $event)); } } }
/** * Saves the settings. */ private final function _save() { $data = $_POST['setting']; // CSRF checks if (isset($_POST['csrf_token'])) { $csrf_token = $_POST['csrf_token']; if (!SecureToken::validateToken($csrf_token, BASE_URL . 'setting')) { Flash::set('error', __('Invalid CSRF token found!')); Observer::notify('csrf_token_invalid', AuthUser::getUserName()); redirect(get_url('setting')); } } else { Flash::set('error', __('No CSRF token found!')); Observer::notify('csrf_token_not_found', AuthUser::getUserName()); redirect(get_url('setting')); } if (!isset($data['allow_html_title'])) { $data['allow_html_title'] = 'off'; } use_helper('Kses'); $allowed = array('img' => array('src' => array()), 'abbr' => array('title' => array()), 'acronym' => array('title' => array()), 'b' => array(), 'blockquote' => array('cite' => array()), 'br' => array(), 'code' => array(), 'em' => array(), 'i' => array(), 'p' => array(), 'strike' => array(), 'strong' => array()); $data['admin_title'] = kses(trim($data['admin_title']), $allowed); Setting::saveFromData($data); Flash::set('success', __('Settings have been saved!')); redirect(get_url('setting')); }
private function _add(ORM $user) { $data = $this->request->post('user'); $profile = $this->request->post('profile'); $user_roles = $this->request->post('user_roles'); $this->auto_render = FALSE; if (empty($data['notice'])) { $data['notice'] = 0; } Flash::set('users::add::data', $data); try { $user = $user->create_user($data, array('password', 'username', 'email')); if (!empty($user_roles)) { $user->update_related_ids('roles', explode(',', $user_roles)); } $profile['user_id'] = $user->id; $user->profile->values($profile)->create(); Messages::success(__('User has been added!')); } catch (ORM_Validation_Exception $e) { Messages::errors($e->errors('validation')); $this->go_back(); } if ($this->request->post('commit') !== NULL) { $this->go(); } else { $this->go(array('action' => 'edit', 'id' => $user->id)); } }
public function create_user() { // If there are no users then let's create one. $db = Database::get_instance(); $db->query('SELECT * FROM `users` LIMIT 1'); if ($db->has_rows() && !Auth::get_instance()->logged_in()) { Flash::set('<p class="flash validation">Sorry but to create new users, you must be logged in.</p>'); Core_Helpers::redirect(WEB_ROOT . 'login/'); } $validator = Error::instance(); if (isset($_POST['email'])) { $validator->email($_POST['email'], 'email'); $validator->blank($_POST['username'], 'username'); $validator->blank($_POST['password'], 'password'); $validator->passwords($_POST['password'], $_POST['confirm_password'], 'confirm_password'); $user = new Users(); if ($user->select(array('username' => $_POST['username']))) { $validator->add('username', 'The username <strong>' . htmlspecialchars($_POST['username']) . '</strong> is already taken.'); } if ($validator->ok()) { $user = new Users(); $user->load($_POST); $user->level = 'admin'; $user->insert(); Flash::set('<p class="flash success">User created successfully.</p>'); Core_Helpers::redirect(WEB_ROOT . 'login/'); } } $this->data['error'] = $validator; $this->load_template('create_user'); }
public function submit() { if ($_SERVER['REQUEST_METHOD'] === 'POST') { // TODO validate data if ($_POST['password'] !== $_POST['passwordrepeat']) { Flash::set('error_message', 'Your passwords did not match!'); } elseif (!preg_match("#[0-9]+#", $_POST['password'])) { // should contain at least 1 number Flash::set('error_message', 'Your password should contain at least 1 number'); } elseif (!preg_match("#[A-Z]+#", $_POST['password'])) { // should contain at least 1 capital letter Flash::set('error_message', 'Your password should contain at least an uppercase letter'); } elseif (!preg_match("#[a-z]+#", $_POST['password'])) { // should contain at least 1 lowercase letter Flash::set('error_message', 'Your password should contain at least a lowercase letter'); } else { // TODO submit data Real_Estate::create(['name' => $_POST['name'], 'password' => create_hash($_POST['password']), 'address' => $_POST['address'], 'email' => $_POST['email'], 'phone' => $_POST['phone'], 'photo' => null]); Flash::set('success_message', 'Your company account has been created!'); $this->redirect('/'); return; } $this->redirect('/realest/signup'); } else { $this->send404(); } }
public static function require_active_user() { if ($user = self::get_active_user()) { if (defined('ADMIN_ONLY') && ADMIN_ONLY) { if ($user->admin) { return $user; } else { buffer_end_clean(); Flash::set('failure', SITE_NAME . ' is currently locked, you must be an admin to login.'); //throw new Lvc_Exception('Non admin ('.$user->name.') tried to login during lock.'); //$_SESSION['flash']['referrer'] = $_SERVER['REQUEST_URI']; header('Location: /locked'); die; } } else { return $user; } } else { buffer_end_clean(); Flash::set('failure', 'You must first login.'); $_SESSION['flash']['referrer'] = $_SERVER['REQUEST_URI']; header('Location: /user/login'); die; } }
function deactivate_plugin($plugin) { if (!AuthUser::hasPermission('administrator')) { Flash::set('error', __('You do not have permission to access the requested page!')); redirect(get_url()); } Plugin::deactivate($plugin); }
/** * Generate a Response for the 401 Exception. * * The user should be redirect to a login page. * * @return Response */ public function get_response() { Flash::set('protected_page', Context::instance()->get_page()); if (($page = Model_Page_Front::findByField('behavior_id', 'protected_page')) !== FALSE) { return Request::factory($page->url)->execute(); } throw new HTTP_Exception_401($this->message); }
function _checkVersion() { if (CHECK_UPDATES) { $v = file_get_contents('http://www.madebyfrog.com/version/'); if ($v > FROG_VERSION) { Flash::set('error', __('<b>Information!</b> New Frog version available (v. <b>:version</b>)! Visit <a href="http://www.madebyfrog.com/">http://www.madebyfrog.com/</a> to upgrade your version!', array(':version' => $v))); } } }
function dashboard_events_widget_uninstall() { $conn = Record::getConnection(); if ($conn->exec("DROP TABLE IF EXISTS " . TABLE_PREFIX . "dashboard_log") === false) { Flash::set("error", __("Unable to drop table dashboard_log")); redirect(get_url("setting")); die; } }
/** * Save the settings * * @todo Add a sanity check for input. */ function save() { $settings = $_POST['settings']; $ret = Plugin::setAllSettings($settings, 'multi_lang'); if ($ret) { Flash::set('success', __('The settings have been updated.')); } else { Flash::set('error', 'An error has occurred while trying to save the settings.'); } redirect(get_url('plugin/multi_lang/settings')); }
function save() { $options = $_POST['options']; $ret = Plugin::setAllSettings($options, 'easysnippet'); if ($ret) { Flash::set('success', __('The settings have been updated.')); } else { Flash::set('error', 'An error has occurred while trying to save the settings.'); } redirect(get_url('plugin/easysnippet/settings')); }
function save() { if (isset($_POST['settings'])) { if (Plugin::setAllSettings($_POST['settings'], 'archive')) { Flash::set('success', __('The settings have been saved.')); } else { Flash::set('error', __('An error occured trying to save the settings.')); } } else { Flash::set('error', __('Could not save settings, no settings found.')); } redirect(get_url('plugin/archive/settings')); }
/** * * @param type Model_Page_Front */ private function _render(Model_Page_Front $page) { View::set_global('page_object', $page); View::set_global('page', $page); $this->_ctx->set_page($page); // If page needs login, redirect to login if ($page->needs_login() == Model_Page::LOGIN_REQUIRED) { Observer::notify('frontpage_login_required', $page); if (!Auth::is_logged_in()) { Flash::set('redirect', $page->url()); $this->redirect(Route::get('user')->uri(array('action' => 'login'))); } } Observer::notify('frontpage_found', $page); $this->_ctx->set_crumbs($page); $this->_ctx->build_crumbs(); // Если установлен статус 404, то выводим страницу 404 // Страницу 404 могут выкидывать также Виджеты if (Request::current()->is_initial() and $this->response->status() == 404) { $message = $this->_ctx->get('throw_message'); $this->_ctx = NULL; if (!$message) { $message = 'Page not found'; } Model_Page_Front::not_found($message); } $html = (string) $page->render_layout(); // Если пользователь Администраторо или девелопер, в конец шаблона // добавляем View 'system/blocks/toolbar', в котором можно добавлять // собственный HTML, например панель администратора if (Auth::is_logged_in() and Auth::has_permissions(array('administrator', 'developer'))) { $inject_html = (string) View::factory('system/blocks/toolbar'); // Insert system HTML before closed tag body $matches = preg_split('/(<\\/body>)/i', $html, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE); if (count($matches) > 1) { /* assemble the HTML output back with the iframe code in it */ $html = $matches[0] . $inject_html . $matches[1] . $matches[2]; } } // Если в наcтройках выключен режим отладки, то выключить etag кеширование if (Config::get('site', 'debug') == Config::NO) { $this->check_cache(sha1($html)); $this->response->headers('last-modified', date('r', strtotime($page->updated_on))); } $this->response->headers('Content-Type', $page->mime()); if (Config::get('global', 'x_powered_header') == Config::YES) { $this->response->headers('X-Powered-CMS', CMS_NAME . '/' . CMS_VERSION); } $this->response->body($html); }
function remove_404($id) { // find the user to delete if ($error = Record::findByIdFrom('Redirector404s', $id)) { if ($error->delete()) { Flash::set('success', __('404 Error has been deleted!')); } else { Flash::set('error', __('There was a problem deleting this 404 error!')); } } else { Flash::set('error', __('404 Error not found!')); } redirect(get_url('plugin/redirector/')); }
public function action_index() { $page_id = $this->request->param('id'); $page = ORM::factory('page', (int) $page_id); if (!$page->loaded()) { Flash::set('error', __('Page not found!')); throw new HTTP_Exception_404('Page not found'); } $this->template->title = $page->title; $this->breadcrumbs->add(__('Pages'), Route::get('backend')->uri(array('controller' => 'page')))->add($this->template->title); $pages = ORM::factory('page')->where('parent_id', '=', (int) $page_id); $pager = Pagination::factory(array('total_items' => $pages->reset(FALSE)->count_all())); $this->template->content = View::factory('archive/index', array('items' => $pages->order_by('created_on', 'desc')->limit($pager->items_per_page)->offset($pager->offset)->find_all(), 'page' => $page, 'pager' => $pager)); }
function save() { if (isset($_POST['settings'])) { $settings = $_POST['settings']; foreach ($settings as $key => $value) { $settings[$key] = mysql_escape_string($value); } $ret = Plugin::setAllSettings($settings, 'archive'); if ($ret) { Flash::set('success', __('The settings have been saved.')); } else { Flash::set('error', 'An error occured trying to save the settings.'); } } else { Flash::set('error', 'Could not save settings, no settings found.'); } redirect(get_url('plugin/archive/settings')); }
private function _add(ORM $role) { $data = $this->request->post('role'); $this->auto_render = FALSE; Flash::set('roles::add::data', $data); try { $role = $role->values($data)->create(); if (Acl::check('roles.change_permissions')) { $role->set_permissions($data['permissions']); } Messages::success(__('Role has been added!')); } catch (ORM_Validation_Exception $e) { Messages::errors($e->errors('validation')); $this->go_back(); } // save and quit or save and continue editing? if ($this->request->post('commit') !== NULL) { $this->go(); } else { $this->go(array('action' => 'edit', 'id' => $role->id)); } }
public function on_page_load() { $this->_errors = array(); $this->_fetch_fields(); $next_url = $this->next_url; if (Request::current()->is_ajax()) { $json = array('status' => FALSE); if (!empty($this->_errors)) { $json['errors'] = $this->_errors; $json['values'] = $this->_values; } else { if ($this->handle_email_type($this->_values)) { $json = array('status' => TRUE); } } Request::current()->headers('Content-type', 'application/json'); $this->_ctx->response()->body(json_encode($json)); } else { $referrer = Request::current()->referrer(); if (!empty($this->_errors)) { Flash::set('form_errors', $this->_errors); Flash::set('form_values', $this->_values); $query = URL::query(array('status' => 'error'), FALSE); $next_url = $referrer; } else { if ($this->handle_email_type($this->_values)) { $query = URL::query(array('status' => 'ok'), FALSE); if (empty($next_url)) { $next_url = $referrer; } } else { $query = URL::query(array('status' => 'error'), FALSE); $next_url = $referrer; } } HTTP::redirect(preg_replace('/\\?.*/', '', $next_url) . $query, 302); } }
private function _add($job) { $data = $this->request->post(); $this->auto_render = FALSE; Flash::set('post_data', $data); $job->values($data); try { if ($job->create()) { Kohana::$log->add(Log::INFO, 'Job :job has been added by :user', array(':job' => HTML::anchor(Route::get('backend')->uri(array('controller' => 'scheduler', 'action' => 'edit', 'id' => $job->id)), $job->name)))->write(); Flash::clear('post_data'); Messages::success(__('Job has been saved!')); } } catch (ORM_Validation_Exception $e) { Messages::errors($e->errors('validation')); $this->go_back(); } // save and quit or save and continue editing? if ($this->request->post('commit') !== NULL) { $this->go(Route::get('backend')->uri(array('controller' => 'jobs'))); } else { $this->go(Route::get('backend')->uri(array('controller' => 'jobs', 'action' => 'edit', 'id' => $job->id))); } }
private function _add() { $data = $this->request->post(); $snippet = new Model_File_Snippet($data['name']); $snippet->content = $data['content']; Flash::set('post_data', $snippet); try { $status = $snippet->save(); } catch (Validation_Exception $e) { Messages::errors($e->errors('validation')); $this->go_back(); } Kohana::$log->add(Log::INFO, 'Snippet :name has been added by :user', array(':name' => $snippet->name))->write(); Messages::success(__('Snippet has been saved!')); Observer::notify('snippet_after_add', $snippet); Session::instance()->delete('post_data'); // save and quit or save and continue editing? if ($this->request->post('commit') !== NULL) { $this->go(); } else { $this->go(array('action' => 'edit', 'id' => $snippet->name)); } }
function save() { $settings = array(); $settings['funky_cache_by_default'] = $_POST['funky_cache_by_default']; $settings['funky_cache_suffix'] = $_POST['funky_cache_suffix']; $settings['funky_cache_folder'] = $_POST['funky_cache_folder']; if (Plugin::setAllSettings($settings, 'funky_cache')) { Flash::set('success', __('The cache settings have been updated.')); $message = sprintf('The cache settings were updated by :username.'); Observer::notify('log_event', $message, 'funky_cache', 5); } else { Flash::set('error', 'The cache settings could not be updated due to an error.'); $message = sprintf('An attempt by :username to update the cache settings failed.'); Observer::notify('log_event', $message, 'funky_cache', 2); } redirect(get_url('plugin/funky_cache/settings')); }
* This file is part of Wolf CMS. Wolf CMS is licensed under the GNU GPLv3 license. * Please see license.txt for the full license text. */ /* Security measure */ if (!defined('IN_CMS')) { exit; } /** * The FileManager allows users to upload and manipulate files. * * Note - Mostly rewritten since Wolf CMS 0.6.0 * * @package Plugins * @subpackage file_manager * * @author Martijn van der Kleijn <*****@*****.**> * @copyright Martijn van der Kleijn, 2008-2010 * @license http://www.gnu.org/licenses/gpl.html GPLv3 license * * @todo Starting from PHP 5.3, use FileInfo */ // check for settings $settings = Plugin::getAllSettings('file_manager'); // merge settings $settings = array('umask' => isset($settings['umask']) ? $settings['umask'] : '0022', 'dirmode' => isset($settings['dirmode']) ? $settings['dirmode'] : '0755', 'filemode' => isset($settings['filemode']) ? $settings['filemode'] : '0644', 'show_hidden' => isset($settings['show_hidden']) ? $settings['show_hidden'] : '0', 'show_backups' => isset($settings['show_backups']) ? $settings['show_backups'] : '1'); // flash message if (Plugin::setAllSettings($settings, 'file_manager')) { Flash::set('success', 'File Manager - ' . __('plugin settings initialized.')); } else { Flash::set('error', 'File Manager - ' . __('unable to store plugin settings!')); }
<?php defined('IN_CMS') || exit; Flash::set('info', __('CKEditor plugin settings are stored in database.<br/>Click uninstall if you wish to delete them.'));
public function rename() { $data = $_POST['file']; $data['current_name'] = str_replace('..', '', $data['current_name']); $data['new_name'] = str_replace('..', '', $data['new_name']); $path = substr($data['current_name'], 0, strrpos($data['current_name'], '/')); $file = FILES_DIR . '/' . $data['current_name']; if (file_exists($file)) { if (!rename($file, FILES_DIR . '/' . $path . '/' . $data['new_name'])) { Flash::set('error', __('Permission denied!')); } } else { Flash::set('error', __('File or directory not found! ' . $file)); } redirect(get_url('plugin/file_manager/browse/' . $path)); }
function delete_image($id) { $this->_checkPermission(); $paths = func_get_args(); $id = urldecode(join('/', $paths)); $about = Record::findByIdFrom('About', $id); $file = FILES_DIR . '/about/' . $about->filename; $filename = array_pop($paths); $paths = join('/', $paths); if (is_file($file)) { if (!unlink($file)) { Flash::set('error', __('Permission denied!')); } } // find the about to delete if ($about = Record::findByIdFrom('About', $id)) { if ($about->update('About', array('filename' => '', 'source' => ''), 'id=' . $id)) { Flash::set('success', __('This image has been deleted.')); } else { Flash::set('error', __('This image has not been deleted!')); } } else { Flash::set('error', __('Image not found!')); } redirect(get_url('about/view/' . $id)); }
function save() { $approve = mysql_escape_string($_POST['autoapprove']); $captcha = mysql_escape_string($_POST['captcha']); $rowspage = mysql_escape_string($_POST['rowspage']); $numlabel = mysql_escape_string($_POST['numlabel']); $settings = array('auto_approve_comment' => $approve, 'use_captcha' => $captcha, 'rowspage' => $rowspage, 'numlabel' => $numlabel); $ret = Plugin::setAllSettings($settings, 'comment'); if ($ret) { Flash::set('success', __('The settings have been updated.')); } else { Flash::set('error', 'An error has occured.'); } redirect(get_url('plugin/comment/settings')); }