public function getContent() { global $sql; //Lang::load('blocks/shoutbox/lang.*.php'); $err = new Error(); $note = new Notifier('note-shoutbox'); $form['author'] = LOGGED ? User::$nickname : ''; $form['message'] = ''; if (isset($_POST['reply-shoutbox'])) { $form['author'] = LOGGED ? User::$nickname : filter($_POST['author-shoutbox'], 100); $form['message'] = filter($_POST['message-shoutbox'], Kio::getConfig('message_max', 'shoutbox')); $err->setError('author_empty', t('Author field is required.'))->condition(!$form['author']); $err->setError('author_exists', t('Entered nickname is registered.'))->condition(!LOGGED && is_registered($form['author'])); $err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']); // No errors if ($err->noErrors()) { $sql->exec(' INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip) VALUES ( ' . TIMESTAMP . ', "' . $form['author'] . '", "' . cut($form['message'], Kio::getConfig('message_max', 'shoutbox')) . '", ' . UID . ', "' . IP . '")'); $sql->clearCache('shoutbox'); $note->success(t('Entry was added successfully.')); redirect(HREF . PATH . '#shoutbox'); } else { $note->error($err->toArray()); } } // If cache for shoutbox doesn't exists if (!($entries = $sql->getCache('shoutbox'))) { $query = $sql->query(' SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message FROM ' . DB_PREFIX . 'shoutbox s LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = s.author_id ORDER BY s.id DESC LIMIT ' . Kio::getConfig('limit', 'shoutbox')); while ($row = $query->fetch()) { if ($row['author_id']) { $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']); $row['message'] = parse($row['message'], Kio::getConfig('parser', 'shoutbox')); } $entries[] = $row; } $sql->putCacheContent('shoutbox', $entries); } try { $tpl = new PHPTAL('blocks/shoutbox/shoutbox.tpl.html'); $tpl->entries = $entries; $tpl->err = $err->toArray(); $tpl->form = $form; $tpl->note = $note; return $tpl->execute(); } catch (Exception $e) { return template_error($e->getMessage()); //echo Note::error($e->getMessage()); } }
public function getContent() { global $sql; $pager = new Pager('users', Kio::getStat('total', 'users'), Kio::getConfig('limit', 'users')); $pager->sort(array(t('Nickname') => 'nickname', t('Group') => 'g_name', t('Gender') => 'gender', t('Title') => 'title', t('Location') => 'locality', t('Country') => 'country', t('Registered') => 'registered'), 'registered', 'asc'); $query = $sql->query(' SELECT id, name, inline, members FROM ' . DB_PREFIX . 'groups ORDER BY display_order'); while ($row = $query->fetch()) { if ($row['inline']) { $row['name'] = sprintf($row['inline'], $row['name']); } $groups[] = $row; } $query = $sql->query(' SELECT u.id, u.nickname, u.email, u.registered, u.group_id, u.gender, u.locality, u.country, u.communicator, u.title, g.name g_name FROM ' . DB_PREFIX . 'users u LEFT JOIN ' . DB_PREFIX . 'groups g ON g.id = u.group_id ORDER BY ' . $pager->orderBy . ' LIMIT ' . $pager->limit . ' OFFSET ' . $pager->offset); while ($row = $query->fetch()) { $row['nickname'] = User::format($row['id'], $row['nickname'], $row['group_id']); switch ($row['gender']) { case 1: $row['gender'] = ' <img class="gender" src="' . LOCAL . 'themes/' . THEME . '/images/male.png" alt="' . t('Male') . '" title="' . t('Male') . '" />'; break; case 2: $row['gender'] = ' <img class="gender" src="' . LOCAL . 'themes/' . THEME . '/images/female.png" alt="' . t('Female') . '" title="' . t('Female') . '" />'; break; default: $row['gender'] = ''; } $users[] = $row; } try { $tpl = new PHPTAL('modules/users/users.tpl.html'); $tpl->sort = $pager->sorters; $tpl->users = $users; $tpl->groups = $groups; $tpl->pagination = $pager->getLinks(); return $tpl->execute(); } catch (Exception $e) { return template_error($e); } }
/** * Sdsasdasdadasdasd * @param $items * @param $parent * @param $level */ function generate($items = array(), $parent = 0, $level = 0) { global $cfg; if (!$items) { $items = $this->getItems(); } // Reset the flag each time the function is called $is_parent = false; // Building tree foreach ($items as $key => $value) { if ($value['parent_id'] == $parent) { $current = false; // Link to front page if ($value['url'] == '/') { $href = LOCAL; if (!PATH || Kio::getConfig('front_page') == u0) { $current = ' class="current"'; } } elseif (strpos($value['url'], '://') === false) { //PATH == $value['url'] && $current = ' class="current"'; $href = HREF . $value['url']; if (strpos(HREF . PATH . '/', $href . '/') !== false) { $current = ' class="current"'; } } else { $href = $value['url']; } if (!$is_parent) { $is_parent = true; $this->content .= '<ul class="level-' . $level . '">'; $level++; } $value['url'] ? $href = ' href="' . $href . '"' : ($current = $href = ''); $this->content .= '<li' . $current . '><a' . $href . '>' . $value['name'] . '</a>'; $this->generate($items, $key, $level); $this->content .= '</li>'; } } // Close list if the wrapper above is opened if ($is_parent) { $this->content .= '</ul>'; } }
public static function loadBlocks($sectors = array()) { global $sql; if (true || Kio::getConfig('show_blocks')) { $query = $sql->setCache('blocks')->query(' SELECT * FROM ' . DB_PREFIX . 'blocks WHERE type != 0 ORDER BY display_order'); while ($row = $query->fetch(PDO::FETCH_ASSOC)) { if (!$sectors || !empty($sectors[$row['sector']])) { if (in_array($row['codename'], (array) $sectors[$row['sector']])) { if ($row['content']) { $block = new Block($row); $block->name = $row['name']; } else { require_once ROOT . 'blocks/' . $row['codename'] . '/' . $row['codename'] . '.block.php'; $block = new $row['codename']($row); } self::$sectors[$row['sector']][$row['codename']] = $block; } } } } }
private function getEntries() { global $sql; $pager_url = 'news'; $category_id = 0; if (u1 == 'category') { $category_id = (int) u2; } $total = Kio::getStat('entries', 'news'); if ($category_id) { $category = $sql->setCache('news_categories_' . $category_id)->query(' SELECT id, name, description, entries FROM ' . DB_PREFIX . 'news_categories WHERE id = ' . $category_id)->fetch(PDO::FETCH_ASSOC); if ($category) { $total = $category['entries']; if ($category['description']) { Kio::setDescription($category['name'] . ' - ' . $category['description']); } Kio::addTitle($category['name']); Kio::addBreadcrumb($category['name'], 'news/category/' . $category_id . '/' . clean_url($category['name'])); $pager_url = 'news/category/' . $category_id . '/' . clean_url($category['name']); } else { return not_found(t('Selected category does not exists.'), array(t('Category was moved or deleted.'), t('Entered URL is invalid.'))); } } if (!empty($category) || empty($category)) { $this->subcodename = 'entries'; $pager = new Pager($pager_url, $total, Kio::getConfig('limit', 'news')); $stmt = $sql->setCache('news_' . $category_id . '_' . $pager->current)->query(' SELECT u.nickname, u.group_id, c.id c_id, c.name c_name, c.description c_description, n.* FROM ' . DB_PREFIX . 'news n LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = n.author_id LEFT JOIN ' . DB_PREFIX . 'news_categories c ON c.id = n.category_id WHERE ' . ($category_id ? 'c.id = ' . $category_id . ' AND ' : '') . (LOGGED ? 'n.publication > 0' : 'n.publication = 1') . ' AND n.added < ' . TIMESTAMP . ' ORDER BY ' . Kio::getConfig('order_by', 'news') . ' LIMIT ' . $pager->limit . ' OFFSET ' . $pager->offset); while ($row = $stmt->fetch()) { if ($row['author_id']) { $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']); } $row['url_title'] = ($row['c_name'] ? clean_url($row['c_name']) . '/' : '') . clean_url($row['title']); $row['content'] = parse($row['content'], Kio::getConfig('parsers', 'news')); $entries[] = $row; } try { $tpl = new PHPTAL('modules/news/news.tpl.html'); $tpl->entries = $entries; $tpl->pagination = $pager->getLinks(); return $tpl->execute(); } catch (Exception $e) { return template_error($e); } } }
echo '</div></div>'; } echo "\n" . '</div><!-- /LEFT -->'; } ?> <?php // Right side blocks if (!Block::sectorEmpty('right')) { echo '<div id="right"><!-- RIGHT -->'; foreach (Block::getSector('right') as $block) { echo "\n"; echo '<div id="' . $block->codename . '" class="block' . ($block->subcodename ? ' ' . $block->codename . '-' . $block->subcodename : '') . '">'; if ($block->headerVisible && Kio::getConfig('blocks_headers')) { echo '<div class="block-header"><h4>' . $block->name . '</h4></div>'; } echo '<div class="block-content' . ($block->isLast() ? ' last' : '') . '">'; echo $block->content; echo '</div></div>'; } echo "\n" . '</div><!-- /RIGHT -->'; } ?> <div id="content"><!-- CONTENT --> <?php // Path bar if (Kio::breadcrumbsExists()) { echo ' <div id="path">
public function getContent() { global $sql; $this->note = new Notifier(); $err = new Error(); // Redirect logged users to front page // Activate account // registration/activate/234/sfs9fsefsef36dsdgesefe4td if (u1 == 'activate' && ctype_digit(u2)) { return $this->accountActivation(); } else { if (Kio::getConfig('type', 'registration') == 0) { return $this->note->error('Rejestracja została <strong>wstrzymana</strong>.'); } else { // Kio::addJsCode('$(\'#check_logname\').click(function(){alert();});'); // Registering if (isset($_POST['register'])) { // filter(string, limit) $form = array('logname' => $_POST['logname'] ? filter($_POST['logname'], 100) : '', 'nickname' => $_POST['nickname'] ? filter($_POST['nickname'], 100) : '', 'pass' => $_POST['pass'] ? filter($_POST['pass'], 100) : '', 'pass2' => $_POST['pass2'] ? filter($_POST['pass2'], 100) : '', 'email' => strtolower(filter($_POST['email'], 100)), 'rules' => $_POST['rules'] ? true : false, 'newsletter' => $_POST['newsletter'] ? 1 : 0, 'pm_notify' => $_POST['pm_notify'] ? 1 : 0, 'hide_email' => $_POST['hide_email'] ? 1 : 0); // Errors $err->setError('logname_empty', t('Logname field is required.'))->condition(!$form['logname']); $err->setError('logname_exists', t('The logname you used is already registered.'))->condition(is_registered($form['logname'], 'logname')); $err->setError('nickname_empty', t('Nickname field is required.'))->condition(!$form['nickname']); $err->setError('nickname_exists', t('The nickname you used is already registered.'))->condition(is_registered($form['nickname'], 'nickname')); $err->setError('pass_empty', t('Password field is required.'))->condition(!$form['pass']); $err->setError('pass_not_match', t('Passwords do not match.'))->condition($form['pass'] != $form['pass2'] && $form['pass']); $err->setError('email_empty', t('E-mail field is required.'))->condition(!$form['email']); $err->setError('email_invalid', t('E-mail address you entered is invalid.'))->condition($form['email'] && !is_email($form['email'])); $err->setError('email_exists', t('The e-mail you used is already registered.'))->condition(is_registered($form['email'], 'email')); $err->setError('rules_not_accepted', t('Accepting the rules is required.'))->condition(!$form['rules'] && Kio::getConfig('show_rules', 'registration')); // No errors if ($err->noErrors()) { $blocked = 1; switch (Kio::getConfig('type', 'registration')) { case 1: $blocked = 'NULL'; $message = 'Rejestracja przebiegła pomyślnie, możesz się teraz zalogować.'; break; case 2: $message = 'Rejestracja przebiegła pomyślnie.<br />Wymagana jest aktywacja konta poprzez kliknięcie w odnośnik wysłany na Twoją skrzynkę e-mail.'; break; default: $message = 'Rejestracja przebiegła pomyślnie.<br />Wymagana jest aktywacja konta przez administratora, wówczas zostaniesz powiadomiony e-mail'em.'; } // Detect country $form['country'] = end(explode('.', gethostbyaddr(IP))); $form['country'] = $lang_system['COUNTRIES'][$form['country']] ? $form['country'] : ''; $stmt = $sql->prepare(' INSERT INTO ' . DB_PREFIX . 'users SET logname = :logname, nickname = :nickname, email = :email, pass = :pass, registered = :registered, country = :country, newsletter = :newsletter, pm_notify = :pm_notify, hide_email = :hide_email, blocked = :blocked, time_zone = :time_zone, ip = :ip, auth_code = :auth_code, http_agent = :http_agent; UPDATE ' . DB_PREFIX . 'stats SET content = content + 1 WHERE name = "registered_users"'); $stmt->execute(array('logname' => $form['logname'], 'nickname' => $form['nickname'], 'email' => $form['email'], 'pass' => md5($form['pass']), 'registered' => TIMESTAMP, 'country' => $form['country'], 'newsletter' => $form['newsletter'], 'pm_notify' => $form['pm_notify'], 'hide_email' => $form['hide_email'], 'blocked' => 1, 'time_zone' => Kio::getConfig('time_zone'), 'ip' => IP, 'auth_code' => auth_code($form['logname']), 'http_agent' => filter($_SERVER['HTTP_USER_AGENT'], 250))); $this->note->success($message); redirect(HREF . 'registration'); } else { $this->note->error($err->toArray()); } } // // No action // else // { // $this->note->info(array(t('Register and enjoy additional services.'))); // } try { $tpl = new PHPTAL('modules/registration/registration.tpl.html'); $tpl->form = $form; $tpl->entries = $entries; $tpl->err = $err->toArray(); $tpl->note = $this->note; return $tpl->execute(); } catch (Exception $e) { return template_error($e); } } } }
function clock($time = TIMESTAMP, $date_format = null, $time_relative = true) { if (!$date_format) { $date_format = Kio::getConfig('date_format'); } if (Kio::getConfig('time_relative') && $time_relative) { switch (date('Y-m-d', $time)) { case TODAY: return date(sprintf(Kio::getConfig('relative_date_format'), Kio::$today), $time); case YESTERDAY: return date(sprintf(Kio::getConfig('relative_date_format'), Kio::$yesterday), $time); case TOMMOROW: return date(sprintf(Kio::getConfig('relative_date_format'), Kio::$tommorow), $time); } } if (TRANSLATE_DATE) { $month = date('n', $time); $day = date('N', $time); $date_format = str_replace(array('F', 'M', 'l', 'D'), array(Kio::$monthsFormated[$month], Kio::$monthsFormated[$month + 12], Kio::$daysFormated[$day], Kio::$daysFormated[$day + 7]), $date_format); } return date($date_format, $time); }
public function getContent() { global $sql; $this->err = new Error(); $this->pager = new Pager('guestbook', Kio::getStat('entries', 'guestbook'), Kio::getConfig('limit', 'guestbook')); $show_form = true; $entries = $this->getEntries(); // Editing entry if (ctype_digit(u2)) { // guestbook/edit/u2 $edited_id = u1 == 'edit' ? u2 : ''; if (!User::hasPermit('guestbook edit')) { $this->note->error(t('You don't have access to edit entries.')); $show_form = false; } else { if ($edited_id) { $row = $sql->query(' SELECT id, added, author, author_id, author_ip, email, website, message FROM ' . DB_PREFIX . 'guestbook WHERE id = ' . $edited_id)->fetch(); // Entry exists if ($row) { $form = $row; $this->edit_mode = true; if (!$row['author']) { $form['author'] = User::getNickname(BY_ID, $row['author_id']); } } else { $this->note->error(t('Selected entry doesn't exist.')); } } } } if (!$this->edit_mode) { $form['author'] = User::$nickname; } // Form action $add = isset($_POST['add']) ? true : false; $edit = isset($_POST['edit']) ? true : false; // On form submit if ($add || $edit) { $form = $this->formSumbit(); } else { if (isset($_POST['delete_id']) && ctype_digit($_POST['delete_id']) && $_POST['auth'] == AUTH && User::hasPermit('guestbook delete')) { $sql->exec(' UPDATE ' . DB_PREFIX . 'stats SET content = content - 1 WHERE name = "guestbook_entries"; DELETE FROM ' . DB_PREFIX . 'guestbook WHERE id = ' . $_POST['delete_id']); $sql->clearCacheGroup('guestbook_*'); } } try { $tpl = new PHPTAL('modules/guestbook/guestbook.tpl.html'); $tpl->message_limit = Kio::getConfig('message_max', 'guestbook'); $tpl->form = $form; $tpl->edit_mode = $this->edit_mode; $tpl->entries = $entries; $tpl->err = $this->err->toArray(); $tpl->show_form = $show_form; $tpl->note = $this->note; $tpl->pagination = $this->pager->getLinks(); return $tpl->execute(); } catch (Exception $e) { return template_error($e); } }
$codename = u0; $module = new $codename(); echo $module->getContent(); define('MODULE', u0); } catch (Exception $e) { define('MODULE', 'error_404-module'); echo $e->getMessage() . '<br/><br/>In file <strong>' . $e->getFile() . '</strong> ar line ' . $e->getLine() . ''; // not_found(t('Podstrona <strong>%page</strong> nie istnieje.', array('%page' => u0)), array( // 'Moduł obsługujący nie jest zainstalowany.', // 'FIRST_404_COUSE', // 'SECOND_404_COUSE')); } } } else { try { $codename = Kio::getConfig('front_page'); if (!Module::exists($codename)) { throw new Exception(t('Module dosn't exists')); } require_once ROOT . 'modules/' . $codename . '/' . $codename . '.module.php'; $module = new $codename(); echo $module->getContent(); define('MODULE', $codename); } catch (Exception $e) { define('MODULE', 'error_404-module'); echo $e->getMessage() . '<br/>' . $e->getFile() . ':' . $e->getLine(); } //if (!$module->name) $module->name = end($kio->path); } } if (!$module->name) {
private function getAlbumList() { global $sql; $this->subcodename = 'albums'; $pager = new Pager('pm/' . u1, Kio::getStat('images', 'gallery'), Kio::getConfig('limit', 'gallery')); // $albums = Cache::get('gallery_albums_'.$pager->current.'.txt'); $albums = $sql->setCache('gallery_' . $pager->current)->query(' SELECT id, name, description, added, thumbnail, images FROM ' . DB_PREFIX . 'gallery_albums LIMIT ' . $pager->limit . ' OFFSET ' . $pager->offset)->fetchAll(PDO::FETCH_ASSOC); try { $tpl = new PHPTAL('modules/gallery/gallery.tpl.html'); $tpl->albums = $albums; $tpl->pager = $pager; return $tpl->execute(); } catch (Exception $e) { return template_error($e); } }
private function getEntries() { global $sql; $start = array_search('edit_comment', Kio::$url); $edited_id = $start && ctype_digit(Kio::$url[$start + 1]) ? Kio::$url[$start + 1] : ''; if (Kio::getConfig('order_by', 'comments') == 'DESC') { $x = $this->total + 1; $ascending = false; } else { $x = 1; $ascending = true; } $query = $sql->query(' SELECT c.comment_id, c.comment_author, c.comment_author_id, c.comment_added, c.comment_message, c.comment_backlink, u.nickname, u.group_id, u.avatar FROM ' . DB_PREFIX . 'comments c LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = c.comment_author_id WHERE c.comment_owner_child_id = ' . $this->connector_id . ' AND c.comment_owner = "' . u0 . '" ORDER BY c.comment_added ' . Kio::getConfig('order_by', 'comments')); while ($row = $query->fetch()) { $row['x'] = $ascending ? $x++ : $x--; if ($edited_id == $row['comment_id']) { $this->edited = $row; $edited_x = $x; } if ($row['comment_author_id']) { $row['comment_author'] = User::format($row['comment_author_id'], $row['nickname'], $row['group_id']); } $entries[] = $row; } return $entries; }
} else { define('LANG', Kio::getConfig('lang')); } //is_lang($kio->url[0]) && array_shift($m).redirect(local_dir.$cfg->system['url_prefix'].implode('/', $m)); //is_lang($kio->url[0]) && array_shift($m); //$lang_url = ''; for ($i = 0; $i <= 20; $i++) { define('u' . $i, isset(Kio::$url[$i]) ? Kio::$url[$i] : ''); } Kio::loadLangPhrases(); // Name of system theme (default is Kiofol) define('THEME', Kio::getConfig('template')); // Requested system path define('PATH', substr(implode('/', Kio::$url), 0, 255)); // URL prefix define('HREF', LOCAL . Kio::$urlPrefix . (Kio::getConfig('multilang') ? LANG . '/' : '')); // Local referer define('REFERER', strpos($_SERVER['HTTP_REFERER'], $_SERVER['SERVER_NAME']) !== false ? $_SERVER['HTTP_REFERER'] : LOCAL); // Current location define('CURRENT_URL', 'http://' . $_SERVER['SERVER_NAME'] . HREF . PATH); // Ustawienia takie same jak w E_ERROR define('BBCODE', 1); define('AUTOLINKS', 2); define('EMOTICONS', 3); define('CENSURE', 4); define('PRE', 5); define('TRIM', 1); define('NO_HTML', 2); define('ANTISPAM', 3); define('ANTIFLOOD_IP', 4); define('ANTIFLOOD_COOKIE', 5);
function sort($elements, $default, $tendency, $prefix = false) { global $kio, $cfg; $start = array_search('sort', Kio::$url); $js = Kio::getConfig('javascript_sort') ? '#' : ''; if (Kio::$url[$start] == 'sort' && in_array(Kio::$url[$start + 1], $elements) && (Kio::$url[$start + 2] == 'asc' || Kio::$url[$start + 2] == 'desc')) { $by = array(Kio::$url[$start + 1], Kio::$url[$start + 2], Kio::$url[$start + 2] == 'asc' ? 'desc' : 'asc'); $this->start = isset(Kio::$url[$start + 3]) ? Kio::$url[$start + 3] : 0; // Update cursor position $url = '/sort/' . $by[0] . '/' . $by[1]; $sorting = true; } else { $by = array($default, $tendency, $tendency == 'asc' ? 'desc' : 'asc'); $url = ''; $sorting = false; //$this->start = Kio::$url[substr_count($url, '/') + 1]; // Update cursor position } foreach ($elements as $key => $value) { $this->sorters[$value] = '<a href="' . $js . $this->url . '/sort/' . $value . '/' . ($by[0] == $value ? $by[2] . '" class="sort ' . $by[1] . '">' . $key : 'asc" class="sort">' . $key) . '</a>'; } $this->orderBy = $sorting ? $prefix . $by[0] . ' <> "" ' . $by[2] . ', ' . $prefix . $by[0] . ' ' . $by[1] : $prefix . $by[0] . ' ' . $by[1]; $this->url .= $url; $this->calculate(); return $this; }
private function formSumbit() { global $sql; $form['author'] = isset($_POST['add']) && LOGGED ? User::$nickname : filter($_POST['author'], 100); $form['email'] = strtolower(filter($_POST['email'], 100)); $form['website'] = filter($_POST['website'], 100); $form['message'] = filter($_POST['message'], Kio::getConfig('message_max', 'guestbook'), TRIM . NO_HTML . ANTISPAM . ANTIFLOOD_COOKIE, 'guestbook'); $this->err->setError('author_empty', t('Author field is required.'))->condition(!$form['author'])->setError('author_exists', t('The nickname you used belongs to a registered user.'))->condition(isset($_POST['add']) && !LOGGED && is_registered($form['author']))->setError('email_invalid', t('E-mail address you entered is invalid.'))->condition($form['email'] && !is_email($form['email']))->setError('message_empty', t('Message field is required.'))->condition(!trim($form['message']))->setError('message_spam', t('ERROR_MESSAGE_SPAM'))->condition()->setError('flood', t(defined('FLOOD') && FLOOD == 1 ? 'ERROR_FLOOD' : 'ERROR_FLOOD2'))->condition(!$form['edit_mode'] && defined('FLOOD'))->setError('incorrect_auth', t('ERROR_INCORRECT_AUTH'))->condition($_POST['auth'] != AUTH); // No errors if ($this->err->noErrors()) { // Add if (isset($_POST['add'])) { // Nie działa rollback //$sql->beginTransaction(); $sql->exec(' INSERT INTO ' . DB_PREFIX . 'guestbook (added, author, author_id, author_ip, email, website, message) VALUES( ' . TIMESTAMP . ', "' . (!LOGGED ? $form['author'] : '') . '", ' . UID . ', "' . IP . '", "' . $form['email'] . '", "' . ($form['website'] && !strpos($form['website'], '://') ? 'http://' : '') . $form['website'] . '", "' . $form['message'] . '")'); $sql->exec(' UPDATE ' . DB_PREFIX . 'stats SET stat_value = stat_value + 1 WHERE stat_name = "entries" AND stat_owner = "guestbook"'); $sql->clearCacheGroup('guestbook_*'); $sql->clearCache('stats'); setcookie(COOKIE . '-guestbook', true, TIMESTAMP + Kio::getConfig('flood_interval', 'guestbook'), '/'); $this->note->success(array(t('Entry was added successfully.'), t('<a href="#dd">Show me my enty</a>'))); redirect(HREF . 'guestbook'); //$sql->commit(); } else { $form['author_id'] = User::getId(BY_NICKNAME, $form['author']); if ($form['author_id']) { $form['author'] = ''; } // Dwukrotny limit treści dla moderatorów $sql->exec(' UPDATE ' . DB_PREFIX . 'guestbook SET author = "' . $form['author'] . '", author_id = ' . (int) $form['author_id'] . ', email = "' . $form['email'] . '", website = "' . $form['website'] . '", message = "' . filter($_POST['message'], Kio::getConfig('message_max', 'guestbook') * 1.5) . '" WHERE id = ' . $edited_id); $sql->clearCacheGroup('guestbook_*'); $this->note->success(t('Entry was modified successfully.')); redirect(HREF . 'guestbook'); } } else { return $this->note->restore()->error($this->err->toArray()); } }
public static function login() { global $sql; if ($_POST['logname-session']) { self::$temp = $sql->query(' SELECT id, logname, pass, email, auth_code FROM ' . DB_PREFIX . 'users WHERE logname = "' . $_POST['logname-session'] . '"')->fetch(); } if (self::loginNameRegistered($_POST['password-session']) && self::loginPasswordCorrect($_POST['password-session'])) { $new_session = md5(uniqid()); $sql->exec(' UPDATE ' . DB_PREFIX . 'users SET visits = visits + 1, last_visit = ' . TIMESTAMP . ', last_path = "' . PATH . '", auth_code = "' . $new_session . '", ip = "' . IP . '", http_agent = "' . filter($_SERVER['HTTP_USER_AGENT'], 255) . '" WHERE id = ' . self::$temp['id']); setcookie(COOKIE . '-login', self::$temp['id'] . '.' . sha1($new_session), TIMESTAMP + (Kio::getConfig('session_time') ? Kio::getConfig('session_time') * 60 : 31536000), '/', '', false, true); //redirect(REFERER); } }
public static function setTimeLocales() { global $cfg; date_default_timezone_set(self::$timeZones[!empty(User::$timeZone) ? User::$timeZone : Kio::getConfig('time_zone')]); // Translate days and months in date() if (TRANSLATE_DATE && preg_match('#F|M|l|d#', self::getConfig('date_format') . self::getConfig('short_date_format'))) { self::$months = self::$monthsFormated = array(1 => 'January', 'February', 'March', 'April', 'May', 'June', 'July', 'August', 'September', 'October', 'November', 'December', 13 => 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec'); self::$days = self::$daysFormated = array(1 => 'Monday', 'Tu', 'We', 'Th', 'Fr', 'Saturday', 'Sunday', 8 => 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat', 'Sun'); for ($i = 1; $i < 25; $i++) { self::$monthsFormated[$i] = strtr(addcslashes(t(self::$months[$i]), 'A..z'), array('l' => 'l', 'D' => 'D')); } for ($i = 1; $i < 15; $i++) { self::$daysFormated[$i] = strtr(addcslashes(t(self::$days[$i]), 'A..z'), array('l' => 'l', 'D' => 'D')); } } if (Kio::getConfig('time_relative')) { self::$today = strtr(addcslashes(t('Today'), 'A..z'), array('l' => 'l', 'D' => 'D')); self::$yesterday = strtr(addcslashes(t('Yesterday'), 'A..z'), array('l' => 'l', 'D' => 'D')); self::$tommorow = strtr(addcslashes(t('Tommorow'), 'A..z'), array('l' => 'l', 'D' => 'D')); } }
public function getContent() { global $sql; if (!LOGGED) { return no_access('By mieć dostęp do edycji profilu musisz się zalogować.'); } $note = new Notifier(); $err = new Error(); $edit = isset($_POST['edit']) ? true : false; $countries = (include 'lang/countries.php'); asort($countries); //Edit user by ID if (ctype_digit(u1)) { $profile = $sql->query(' SELECT u.* FROM ' . DB_PREFIX . 'users u WHERE u.id = ' . u1)->fetch(PDO::FETCH_ASSOC); if ($profile) { Kio::addTitle(t('Users')); Kio::addBreadcrumb(t('Users'), 'users'); Kio::addTitle($profile['nickname'] . ' - ' . t('Edit profile')); Kio::addBreadcrumb($profile['nickname'], 'profile/' . u1); Kio::addBreadcrumb(t('Edit profile'), 'edit_profile/' . u1); $form = $profile; } else { return not_found(t('Selected user doesn't exists.'), array(t('This person was deleted from database.'), t('Entered URL is invalid.'))); } } else { $profile = User::toArray(); Kio::addTitle(t('Edit profile')); Kio::addBreadcrumb(t('Edit profile'), 'edit_profile'); } $form = $profile; $form['password'] = ''; $form['password2'] = ''; $form['birthdate'] = explode('-', $profile['birthdate']); $form['newsletter'] = $profile['newsletter'] ? 1 : 0; $form['pm_notify'] = $profile['pm_notify'] ? 1 : 0; $form['hide_email'] = $profile['hide_email'] ? 1 : 0; if (!u1 || $profile) { // Edit profile if (!empty($edit)) { $form = array('nickname' => Kio::getConfig('allow_change_nick', 'edit_profile') ? filter($_POST['nickname'], 100) : User::$nickname, 'password' => filter($_POST['password'], 100), 'password2' => filter($_POST['password2'], 100), 'email' => strtolower(filter($_POST['email'], 100)), 'forename' => $_POST['forename'], 'surname' => $_POST['surname'], 'gender' => $_POST['gender'], 'locality' => $_POST['locality'], 'country' => !empty($countries[$_POST['country']]) ? $_POST['country'] : '', 'communicator' => $_POST['communicator'], 'website' => $_POST['website'], 'birthdate' => array_map('intval', (array) $_POST['birthdate']), 'newsletter' => isset($_POST['newsletter']) ? 1 : 0, 'pm_notify' => isset($_POST['pm_notify']) ? 1 : 0, 'hide_email' => isset($_POST['hide_email']) ? 1 : 0, 'avatar' => $_FILES['avatar']['error'] == 0 && !$_POST['delete_avatar'] ? $_FILES['avatar'] : array(), 'delete_avatar' => isset($_POST['delete_avatar']) ? 1 : 0, 'photo' => isset($_FILES['photo']) ? $_FILES['photo'] : null, 'delete_photo' => isset($_POST['delete_photo']) ? 1 : 0, 'title' => $_POST['title'], 'interests' => $_POST['interests'], 'signature' => $_POST['signature']); $allowed_types = array('image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif'); // Nickname $err->setError('nickname_empty', t('ERROR_NICKNAME_EMPTY'))->condition(!$form['nickname']); $err->setError('nickname_exists', t('ERROR_NICKNAME_EXISTS'))->condition(Kio::getConfig('allow_change_nick', 'edit_profile') && $form['nickname'] && strtolower($form['nickname']) != strtolower($profile['nickname']) && is_registered($form['nickname'])); // Password $err->setError('password_differ', t('ERROR_PASSWORD_DIFFER'))->condition($form['password'] != $form['password2']); // E-mail $err->setError('email_empty', t('ERROR_EMAIL_EMPTY'))->condition(!$form['email']); if ($form['email']) { $err->setError('email_invalid', t('ERROR_EMAIL_INVALID'))->condition($form['email'] && !is_email($form['email'])); $err->setError('email_exists', t('ERROR_EMAIL_EXISTS'))->condition($form['email'] != $profile['email'] && is_email($form['email']) && is_registered($form['email'], 'email')); } // Birthdate $err->setError('birthdate_invalid', t('ERROR_BIRTHDATE'))->condition(array_sum($form['birthdate']) > 0 && !is_date('Y-n-j', $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2])); // Avatar if ($form['avatar']) { $err->avatar_invalid_type(t('ERROR_ava'))->condition(!in_array($form['avatar']['type'], array_keys($allowed_types))); $err->avatar_exceeded_max_size(t('ERROR_ava'))->condition(Kio::getConfig('avatar_size_max', 'edit_profile') && !$err->isError('avatar_invalid_type') && $form['avatar']['size'] > Kio::getConfig('avatar_size_max', 'edit_profile')); } // No errors if ($err->noErrors()) { if ($form['delete_avatar']) { unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar); } if ($form['avatar']) { move_uploaded_file($_FILES['avatar']['tmp_name'], ROOT . 'images/avatars/' . $profile['id'] . '.' . $allowed_types[$form['avatar']['type']]); if ($allowed_types[$form['avatar']['type']] != User::$avatar) { unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar); } } $form['birthdate'] = array_sum($form['birthdate']) > 0 ? $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2] : ''; $sql->exec(' UPDATE ' . DB_PREFIX . 'users SET nickname = "' . (Kio::getConfig('allow_change_nick', 'edit_profile') ? $form['nickname'] : User::$nickname) . '", ' . ($form['password'] ? 'pass = "******",' : '') . ' email = "' . $form['email'] . '", forename = "' . $form['forename'] . '", surname = "' . $form['surname'] . '", gender = ' . ($form['gender'] == 1 || $form['gender'] == 2 ? (int) $form['gender'] : 0) . ', locality = "' . $form['locality'] . '", country = "' . $form['country'] . '", communicator = "' . $form['communicator'] . '", website = "' . $form['website'] . '", birthdate = "' . $form['birthdate'] . '", newsletter = ' . $form['newsletter'] . ', pm_notify = ' . $form['pm_notify'] . ', hide_email = ' . $form['hide_email'] . ', ' . ($form['avatar'] ? 'avatar = "' . $allowed_types[$form['avatar']['type']] . '",' : ($form['delete_avatar'] ? 'avatar = "",' : '')) . ' title = "' . $form['title'] . '", interests = "' . $form['interests'] . '", signature = "' . $form['signature'] . '" WHERE id = ' . $profile['id']); $note->success(t('Your profile was modified successfully.')); redirect(HREF . 'edit_profile'); } else { $note->error($err->toArray()); } } try { $tpl = new PHPTAL('modules/edit_profile/edit_profile.tpl.html'); $tpl->profile = $profile; $tpl->countries = $countries; $tpl->allow_change_nick = Kio::getConfig('allow_change_nick', 'edit_profile'); $tpl->form = $form; $tpl->err = $err->toArray(); $tpl->note = $note; return $tpl->execute(); } catch (Exception $e) { return template_error($e); } } }
public function getContent() { global $sql; $err = new Error(); $form = array(); if (Kio::getConfig('informations', 'contact')) { $info = Notifier::factory('note-contact_info')->info(parse(Kio::getConfig('informations', 'contact'), BBCODE . AUTOLINKS . EMOTICONS . CENSURE . PRE)); } if (isset($_POST['send'])) { // Form values $form = array('receiver' => filter($_POST['receiver'], 100), 'sender' => LOGGED ? User::$nickname : filter($_POST['sender'], 100), 'email' => LOGGED ? User::$email : filter($_POST['email'], 100), 'subject' => filter($_POST['subject'], 100), 'message' => filter($_POST['message'], 250)); if (!empty($_COOKIE[COOKIE . '-flood-contact']) && Kio::getConfig('flood_interval')) { $err->setError('flood', t('ERROR_FLOOD')); } else { // Errors if (!LOGGED) { $err->setError('sender_empty', t('Sender field is required.'))->condition(!$form['sender']); $err->setError('sender_exists', t('ERROR_SENDER_EXISTS'))->condition(is_registered($form['sender'], 'nickname')); $err->setError('email_empty', t('E-mail address field is required.'))->condition(!$form['email']); $err->setError('email_invalid', t('ERROR_EMAIL_INVALID'))->condition($form['email'] && !is_email($form['email'])); } // $err->setError('phone_invalid', t('ERROR_PHONE_INVALID')) // ->condition($form['phone'] && !preg_match('#^[0-9 ()+-]+$#', $form['phone'])); $err->setError('subject_empty', t('Subject field is required.'))->condition(!$form['subject']); $err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']); } if ($err->noErrors()) { $from = "From: {$form['email']}2"; $msg = "Imię: {$imie}\nE-Mail: {$form['email']}2\nTelefon: {$telefon}\n\nTreść wiadomości:\n{$form['message']}\n\n\n----\nWiadomość została wysłana ze strony {$adres}\nIP: {$ip}"; echo mail($form['email'], $temat, $msg, $from) ? $note->success(t('SUCCESS')) . redirect() : $note->error(t('Wystąpił błąd, spróbuj wysłać później')); if (Kio::getConfig('flood_interval')) { setcookie(COOKIE . '-contact', 'true', TIMESTAMP + Kio::getConfig('flood_interval') + 1, '/'); } $to = "*****@*****.**"; $subject = "Test mail"; $message = "Hello! This is a simple email message."; $from = "*****@*****.**"; $headers = "From: {$from}"; mail($to, $subject, $message, $headers); } else { $this->note->error($err->toArray()); } } $stmt = $sql->setCache('contact')->prepare(' SELECT id, nickname, group_id FROM ' . DB_PREFIX . 'users WHERE id IN (:receivers)'); $stmt->bindParam(':receivers', Kio::getConfig('receivers', 'contact')); $stmt->execute(); while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) { $row['g_name'] = Kio::getGroup($row['group_id'], 'name'); $receivers[] = $row; } try { $tpl = new PHPTAL('modules/contact/contact.tpl.html'); $tpl->message_limit = Kio::getConfig('message_max', 'contact'); $tpl->form = $form; $tpl->user = User::toArray(); $tpl->receivers = $receivers; $tpl->err = $err->toArray(); $tpl->note = $this->note; $tpl->info = isset($info) ? $info : ''; return $tpl->execute(); } catch (Exception $e) { return template_error($e); } }
private function getFolder($folder_id) { global $sql; Kio::addTitle(t(ucfirst(u1))); Kio::addBreadcrumb(t(ucfirst(u1)), 'pm/' . u1); $note = new Notifier(); $this->subcodename = 'box'; $pager = new Pager('pm/' . u1, User::${'pm' . ucfirst(u1)}, Kio::getConfig('limit', 'pm')); $pager->sort(array(t('Subject') => 'subject', t('Message') => 'message', u1 == 'outbox' ? t('To') : t('From') => 'nickname', t('Sent') => 'sent'), 'sent', 'asc'); // Reset new messages counter if (User::$pmNew) { $sql->exec('UPDATE ' . DB_PREFIX . 'users SET pm_new = 0 WHERE id = ' . UID); } if (isset($_POST['action']) && !empty($_POST['messages'])) { $action_messages = implode(', ', array_map('intval', $_POST['messages'])); switch ($_POST['action']) { // Mark messages as read case 'read': $sql->exec(' UPDATE ' . DB_PREFIX . 'pm SET is_read = 1 WHERE id IN(' . $action_messages . ') AND folder = ' . $folder_id . ' AND owner_id = ' . UID); break; // Mark messages as unread // Mark messages as unread case 'unread': $sql->exec(' UPDATE ' . DB_PREFIX . 'pm SET is_read = 0 WHERE id IN(' . $action_messages . ') AND folder = ' . $folder_id . ' AND owner_id = ' . UID); break; // Delete messages // Delete messages case 'delete': $sql->exec(' DELETE FROM ' . DB_PREFIX . 'pm WHERE id IN(' . $action_messages . ') AND folder = ' . $folder_id . ' AND owner_id = ' . UID); } redirect(HREF . PATH); } $stmt = $sql->query(' SELECT pm.*, u.nickname, u.group_id FROM ' . DB_PREFIX . 'pm pm LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = pm.connector_id WHERE pm.owner_id = ' . UID . ' AND pm.folder = ' . $folder_id . ' ORDER BY ' . $pager->orderBy . ' LIMIT ' . $pager->limit . ' OFFSET ' . $pager->offset); if ($stmt->rowCount()) { $messages = array(); while ($row = $stmt->fetch()) { if ($row['connector_id']) { $row['nickname'] = User::format($row['connector_id'], $row['nickname'], $row['group_id']); } $messages[] = $row; } try { $tpl = new PHPTAL('modules/pm/pm.tpl.html'); $tpl->messages = $messages; $tpl->sort = $pager->sorters; $tpl->total = User::${'pm' . ucfirst(u1)}; $tpl->max = Kio::getConfig(u1 . '_max', 'pm'); $tpl->note = $note; $tpl->pager = $pager; $tpl->pagination = $pager->getLinks(); return $tpl->execute(); } catch (Exception $e) { return template_error($e); } } else { return $note->info(t('There is no messages in the box.')); } }