function display()
{
$order = 'desc';
if (isset($_GET['order'])) {
$order = $_GET['order'];
$this->tpl->assign('sort', 'ts');
}
// Extra params for pager
$params = array();
if ($order) {
$params = array('order' => $order);
}
// Pager
$this->pager->limit = $this->per_page;
$this->pager->setStart();
$this->pager->setPages($this->log->count($this->users_id));
$this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/admin/log/{$this->nickname}", $params));
$this->log->setOrder('ts', $order);
$this->r->arr['ulog'] = $this->log->get($this->pager->limit, $this->pager->start, $this->users_id);
foreach ($this->r->arr['ulog'] as $key => $val) {
$tmp = $this->user->getByID($val['users_id']);
$this->r->arr['ulog'][$key]['nickname'] = $tmp['nickname'];
}
// Template
$inverse = $order != 'desc' ? 'desc' : 'asc';
$this->tpl->assign('ts_sort_url', suxFunct::makeUrl("/admin/log/{$this->nickname}", array('order' => $inverse)));
$this->tpl->assign('nickname', $this->nickname);
$this->r->title .= " | {$this->r->gtext['activity_log']}";
$this->tpl->display('log.tpl');
}
/**
* menu
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function bookmarks_menu()
{
if (!isset($_SESSION['users_id'])) {
return null;
}
// Check access
$user = new suxUser();
if (!$user->isRoot()) {
$access = $user->getAccess('bookmarks');
if ($access < $GLOBALS['CONFIG']['ACCESS']['bookmarks']['admin']) {
return null;
}
}
$query = 'SELECT COUNT(*) FROM bookmarks WHERE draft = true ';
$db = suxDB::get();
$st = $db->query($query);
$menu = array();
$count = $st->fetchColumn();
$text = suxFunct::gtext('bookmarks');
$menu[$text['admin']] = suxFunct::makeUrl('/bookmarks/admin/');
$tmp = "{$text['approve_2']} ({$count})";
$menu[$tmp] = suxFunct::makeUrl('/bookmarks/approve/');
$menu[$text['new']] = suxFunct::makeUrl('/bookmarks/edit/');
return $menu;
}
/**
* Login
*/
function login()
{
if ($this->user->loginCheck() || !$this->user->loginCheck() && $this->user->authenticate()) {
$this->log->write($_SESSION['users_id'], "sux0r::userAuthenticate() login [IP: {$_SERVER['REMOTE_ADDR']}]", 1);
// Log, private
// Redirect to previous page
if (isset($_SESSION['breadcrumbs'])) {
foreach ($_SESSION['breadcrumbs'] as $val) {
if (!preg_match('#^user/[login|logout|register|edit]#i', $val)) {
suxFunct::redirect(suxFunct::makeUrl($val));
break;
}
}
}
// Nothing of value was found, redirect to user page
suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname']));
} else {
// Too many password failures?
if ($this->user->maxPasswordFailures()) {
$this->r->title .= " | {$this->r->gtext['pw_failure']}";
$this->tpl->display('pw_failure.tpl');
die;
}
// Note:
// Threre's a conflift with the authenticate procedure and header('Location:')
// The workaround is to echo some spaces and force javascript redirect
echo str_repeat(' ', 40000);
suxFunct::redirect(suxFunct::makeUrl('/home'));
}
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('bookmarks', 'bookmarks', 'isInt', true);
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/bookmarks/approve');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
// bookmarks
$this->r->arr['bookmarks'] = $this->bm->get();
// Adjust variables
foreach ($this->r->arr['bookmarks'] as $key => $val) {
if (!$val['draft']) {
// This bookmark is not a draft, it's just in the future, ignore it.
unset($this->r->arr['bookmarks'][$key]);
continue;
}
// Append nickname
$u = $this->user->getByID($val['users_id']);
$this->r->arr['bookmarks'][$key]['nickname'] = $u['nickname'];
}
$this->r->title .= " | {$this->r->gtext['approve']}";
$this->tpl->display('approve.tpl');
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('subscriptions', 'subscriptions', 'isInt', true);
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/feeds/manage');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
// Feeds
$feeds = array();
foreach ($this->rss->getFeeds() as $feed) {
$feeds[$feed['id']] = $feed['title'];
}
$this->r->arr['feeds'] = $feeds;
// Subscriptions
if (!isset($_POST['subscriptions'])) {
$this->r->arr['subscriptions'] = $this->link->getLinks('link__rss_feeds__users', 'users', $_SESSION['users_id']);
}
$this->r->title .= " | {$this->r->gtext['manage']}";
$this->tpl->display('manage.tpl');
}
/**
* Return tags associated to this bookmark
*
* @param int $id bookmark id
* @return string html
*/
function tags($id)
{
// ----------------------------------------------------------------
// SQL
// ----------------------------------------------------------------
// Innerjoin query
$innerjoin = '
INNER JOIN link__bookmarks__tags ON link__bookmarks__tags.tags_id = tags.id
';
// Select
$query = "\n SELECT tags.id, tags.tag FROM tags\n {$innerjoin}\n WHERE link__bookmarks__tags.bookmarks_id = ?\n ";
$db = suxDB::get();
$st = $db->prepare($query);
$st->execute(array($id));
$cat = $st->fetchAll(PDO::FETCH_ASSOC);
// ----------------------------------------------------------------
// Html
// ----------------------------------------------------------------
foreach ($cat as $val) {
$url = suxFunct::makeUrl('/bookmarks/tag/' . $val['id']);
$html .= "<a href='{$url}'>{$val['tag']}</a>, ";
}
if (!$html) {
$html = $this->gtext['none'];
} else {
$html = rtrim($html, ', ');
}
$html = "<div class='tags'>{$this->gtext['tags']}: " . $html . '</div>';
return $html;
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('date', 'Date:Date_Year:Date_Month:Date_Day', 'isDate', false, false, 'makeDate');
}
if (!$this->tpl->getTemplateVars('Date_Year')) {
// Today's Date
$this->tpl->assign('Date_Year', date('Y'));
$this->tpl->assign('Date_Month', date('m'));
$this->tpl->assign('Date_Day', date('j'));
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/admin/purge');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['admin_purge']}";
// Template
$this->tpl->display('purge.tpl');
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('feeds', 'feeds', 'isInt', true);
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/feeds/approve');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
// Feeds
$this->r->arr['feeds'] = $this->rss->getFeeds();
// Additional variables
foreach ($this->r->arr['feeds'] as $key => $val) {
$u = $this->user->getByID($val['users_id']);
$this->r->arr['feeds'][$key]['nickname'] = $u['nickname'];
}
$this->r->title .= " | {$this->r->gtext['approve']}";
$this->tpl->display('approve.tpl');
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our additional criterias
suxValidate::register_criteria('isDuplicateFeed', 'this->isDuplicateFeed');
suxValidate::register_criteria('isValidFeed', 'this->isValidFeed');
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('url', 'url', 'notEmpty', false, false, 'trim');
suxValidate::register_validator('url2', 'url', 'isURL');
suxValidate::register_validator('url3', 'url', 'isDuplicateFeed');
suxValidate::register_validator('url4', 'url', 'isValidFeed');
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/feeds/suggest');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['suggest']}";
// Template
$this->tpl->display('suggest.tpl');
}
/**
* @return string html
*/
function feedLink($id)
{
$tmp = $this->rss->getFeedByID($id);
if (!$tmp) {
return null;
}
$url = suxFunct::makeUrl("/feeds/{$id}");
$html = "<a href='{$url}'>{$tmp['title']}</a>";
return $html;
}
/**
* controller
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function sux($action, $params = null)
{
switch ($action) {
case 'access':
// --------------------------------------------------------------------
// Access
// --------------------------------------------------------------------
if (empty($params[0])) {
suxFunct::redirect(suxFunct::makeUrl('/admin'));
}
$edit = new adminAccess($params[0]);
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
case 'log':
// --------------------------------------------------------------------
// Log
// --------------------------------------------------------------------
$nickname = null;
if (!empty($params[0])) {
$nickname = $params[0];
}
$admin = new adminLog($nickname);
$admin->display();
break;
case 'purge':
// --------------------------------------------------------------------
// Purge logs
// --------------------------------------------------------------------
$edit = new adminPurge();
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
default:
// --------------------------------------------------------------------
// Default
// --------------------------------------------------------------------
$admin = new admin();
if ($admin->formValidate($_POST)) {
$admin->formProcess($_POST);
$admin->formSuccess();
} else {
$admin->formBuild($_POST);
}
break;
}
}
/**
* controller
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function sux($action, $params = null)
{
switch ($action) {
case 'relationship':
// --------------------------------------------------------------------
// Set a relationship with a user
// --------------------------------------------------------------------
if (empty($params[0])) {
suxFunct::redirect(suxFunct::makeUrl('/society'));
}
$soc = new societyEdit($params[0]);
if ($soc->formValidate($_POST)) {
$soc->formProcess($_POST);
$soc->formSuccess();
} else {
$soc->formBuild($_POST);
}
break;
}
}
/**
* Override: build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
// register_validator($id, $field, $criteria, $empty = false, $halt = false, $transform = null, $form = 'default')
suxValidate::register_validator('url', 'url', 'notEmpty', false, false, 'trim');
suxValidate::register_validator('url2', 'url', 'isURL');
}
// Urls
$this->r->text['form_url'] = suxFunct::makeUrl('/user/login/openid');
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['openid_login']}";
// Template
$this->tpl->display('login_openid.tpl');
}
/**
* menu
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function blog_menu()
{
if (!isset($_SESSION['users_id'])) {
return null;
}
// Check that the user is allowed to admin
$user = new suxUser();
$text = suxFunct::gtext('blog');
$menu = array();
$is_root = $user->isRoot();
$access = $user->getAccess('blog');
if (!$is_root) {
if ($access < $GLOBALS['CONFIG']['ACCESS']['blog']['publisher']) {
return null;
}
}
if ($is_root || $access >= $GLOBALS['CONFIG']['ACCESS']['blog']['admin']) {
$menu[$text['admin']] = suxFunct::makeUrl('/blog/admin');
}
$menu[$text['new']] = suxFunct::makeUrl('/blog/edit');
return $menu;
}
/**
* Display RSS Feed
*/
function rss()
{
// Cache
$cache_id = $this->profile['nickname'] . '|rss';
$this->tpl->caching = 1;
if (!$this->tpl->isCached('rss.tpl', $cache_id)) {
$fp = $this->log->get($this->minifeed_limit * 5, 0, $this->profile['users_id']);
if ($fp) {
$rss = new suxRSS();
$title = "{$this->r->title} | {$this->profile['nickname']}";
$url = suxFunct::makeUrl('/user/profile/' . $this->profile['nickname'], null, true);
$rss->outputRSS($title, $url, null);
foreach ($fp as $item) {
$url2 = $url . '#' . strtotime($item['ts']);
$rss->addOutputItem($item['ts'], $url2, $item['body_html']);
}
$this->tpl->assign('xml', $rss->saveXML());
}
}
// Template
header('Content-type: text/xml; charset=utf-8');
$this->tpl->display('rss.tpl', $cache_id);
}
/**
* Build the form and show the template
*
* @global string $CONFIG['URL']
* @param string $module
* @param int $id
* @param array $dirty reference to unverified $_POST
*/
function formBuild($module, $id, &$dirty)
{
// Initialize width & height
$width = 0;
$height = 0;
// Check $id
if (!filter_var($id, FILTER_VALIDATE_INT) || $id < 1) {
throw new Exception('Invalid $id');
}
// Check $module, assign $table
$table = $this->getTable($module);
if (!$table) {
throw new Exception('Unsuported $module');
}
// --------------------------------------------------------------------
// Form logic
// --------------------------------------------------------------------
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
suxValidate::register_validator('integrity', 'integrity:module:id', 'hasIntegrity');
}
// --------------------------------------------------------------------
// Get image from database
// --------------------------------------------------------------------
$query = "SELECT users_id, image FROM {$table} WHERE id = ? ";
$db = suxDB::get();
$st = $db->prepare($query);
$st->execute(array($id));
$image = $st->fetch(PDO::FETCH_ASSOC);
if (!$image['image']) {
throw new Exception('$image not found');
}
if ($image['users_id'] != $_SESSION['users_id']) {
// Check that the user is allowed to be here
if (!$this->user->isRoot()) {
$access = $this->user->getAccess($module);
if (!isset($GLOBALS['CONFIG']['ACCESS'][$module]['admin'])) {
suxFunct::redirect(suxFunct::getPreviousURL('cropper'));
} elseif ($access < $GLOBALS['CONFIG']['ACCESS'][$module]['admin']) {
suxFunct::redirect(suxFunct::getPreviousURL('cropper'));
}
}
}
// Assign a url to the fullsize version of the image
$image = $image['image'];
$image = rawurlencode(suxPhoto::t2fImage($image));
$image = "{$GLOBALS['CONFIG']['URL']}/data/{$module}/{$image}";
$image = suxFunct::myHttpServer() . $image;
// Double check
if (!filter_var($image, FILTER_VALIDATE_URL)) {
$image = null;
}
if (!preg_match('/\\.(jpe?g|gif|png)$/i', $image)) {
$image = null;
}
if ($image) {
list($width, $height) = @getimagesize($image);
}
// --------------------------------------------------------------------
// Template
// --------------------------------------------------------------------
if ($image && $width && $height) {
// Get config variables
$this->tpl->configLoad('my.conf', $module);
$this->tpl->assign('module', $module);
$this->tpl->assign('id', $id);
$this->tpl->assign('x2', $this->tpl->getConfigVars('thumbnailWidth'));
// Pavatar
$this->tpl->assign('y2', $this->tpl->getConfigVars('thumbnailHeight'));
$this->tpl->assign('url_to_source', $image);
$this->tpl->assign('width', $width);
$this->tpl->assign('height', $height);
$this->tpl->assign('form_url', suxFunct::makeUrl("/cropper/{$module}/{$id}"));
$this->tpl->assign('prev_url', suxFunct::getPreviousURL('cropper'));
$this->r->title .= " | {$this->r->gtext['crop_image']}";
$this->tpl->display('cropper.tpl');
} else {
throw new Exception('$image not found');
}
}
/**
* Build the form and show the template
*
* @param array $dirty reference to unverified $_POST
*/
function formBuild(&$dirty)
{
$photoalbum = array();
// Editing a photoalbum
$tmp = $this->photo->getAlbumByID($this->id);
if (!$tmp) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
}
// Invalid id
$photoalbum['id'] = $tmp['id'];
$photoalbum['cover'] = $tmp['thumbnail'];
// Don't allow spoofing
unset($dirty['id']);
$this->tpl->assign($photoalbum);
// --------------------------------------------------------------------
// Form logic
// --------------------------------------------------------------------
if (!empty($dirty)) {
$this->tpl->assign($dirty);
} else {
suxValidate::disconnect();
}
if (!suxValidate::is_registered_form()) {
suxValidate::connect($this->tpl, true);
// Reset connection
// Register our validators
suxValidate::register_validator('integrity', 'integrity:id', 'hasIntegrity');
}
// --------------------------------------------------------------------
// Templating
// --------------------------------------------------------------------
// Start pager
$this->pager->limit = $this->per_page;
$this->pager->setStart();
$this->pager->setPages($this->photo->countPhotos($this->id));
$this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/photos/album/annotate/{$this->id}"));
$this->r->arr['photos'] = $this->photo->getPhotos($this->pager->limit, $this->pager->start, $this->id);
$this->r->text['form_url'] = suxFunct::makeUrl('/photos/album/annotate/' . $this->id, array('page' => $_GET['page']));
$this->r->text['back_url'] = suxFunct::getPreviousURL();
$this->r->title .= " | {$this->r->gtext['annotate_2']}";
$this->tpl->display('annotate.tpl');
}
/**
* The form was successfuly processed
*/
function formSuccess()
{
suxFunct::redirect(suxFunct::makeUrl("/{$this->module}/admin/"));
}
/**
* Process the form
*
* @param array $clean reference to validated $_POST
*/
function formProcess(&$clean)
{
// --------------------------------------------------------------------
// Clear user caches
// --------------------------------------------------------------------
foreach ($this->caches as $module) {
// clear all caches with "nickname" as the first cache_id group
$tpl = new suxTemplate($module);
$tpl->clearCache(null, "{$_SESSION['nickname']}");
}
// --------------------------------------------------------------------
// Action
// --------------------------------------------------------------------
switch ($clean['action']) {
case 'addvec':
$this->nb->addVectorWithUser($clean['vector'], $_SESSION['users_id']);
unset($clean['vector']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addvec", 1);
// Private
break;
case 'remvec':
// Security check
if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) {
// Remove vector
$this->nb->removeVector($clean['vector_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remvec id: {$clean['vector_id']}", 1);
// Private
}
unset($clean['vector_id']);
break;
case 'addcat':
// Security check
if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) {
$this->nb->addCategory($clean['category'], $clean['vector_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() addcat", 1);
// Private
}
unset($clean['category']);
break;
case 'remcat':
// Security check
if ($this->nb->isCategoryOwner($clean['category_id'], $_SESSION['users_id'])) {
// Remove category
$this->nb->removeCategory($clean['category_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remcat id: {$clean['category_id']}", 1);
// Private
}
unset($clean['category_id']);
break;
case 'adddoc':
// Security check
if ($this->nb->isCategoryTrainer($clean['category_id'], $_SESSION['users_id'])) {
$this->nb->trainDocument($clean['document'], $clean['category_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() adddoc", 1);
// Private
}
unset($clean['document']);
break;
case 'remdoc':
// Security check
if ($this->nb->isDocumentOwner($clean['document_id'], $_SESSION['users_id'])) {
// Remove document
$this->nb->untrainDocument($clean['document_id']);
$this->log->write($_SESSION['users_id'], "sux0r::bayesEdit() remdoc id: {$clean['document_id']}", 1);
// Private
}
unset($clean['document_id']);
break;
case 'sharevec':
// Security check
if ($this->nb->isVectorOwner($clean['vector_id'], $_SESSION['users_id'])) {
$clean['trainer'] = isset($clean['trainer']) && $clean['trainer'] ? true : false;
$clean['owner'] = isset($clean['owner']) && $clean['owner'] ? true : false;
$this->nb->shareVector($clean['users_id'], $clean['vector_id'], $clean['trainer'], $clean['owner']);
$u = $this->user->getByID($clean['users_id']);
// clear caches
foreach ($this->caches as $module) {
$tpl = new suxTemplate($module);
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
// Log message
$log = '';
$url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true);
$log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> ";
$log .= mb_strtolower($this->r->gtext['share_category']);
$url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true);
$log .= " <a href='{$url}'>{$u['nickname']}</a>";
// Log
$this->log->write($_SESSION['users_id'], $log);
$this->log->write($u['users_id'], $log);
// Clear caches
$tpl = new suxTemplate('user');
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
break;
case 'unsharevec':
foreach ($clean['unshare'] as $val) {
foreach ($val as $vectors_id => $users_id) {
$this->nb->unshareVector($users_id, $vectors_id);
$u = $this->user->getByID($users_id);
// Clear caches
foreach ($this->caches as $module) {
$tpl = new suxTemplate($module);
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
// Log message
$log = '';
$url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true);
$log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> ";
$log .= mb_strtolower($this->r->gtext['unshare_category']);
$url = suxFunct::makeUrl("/user/profile/{$u['nickname']}", null, true);
$log .= " <a href='{$url}'>{$u['nickname']}</a>";
// Log
$this->log->write($_SESSION['users_id'], $log);
$this->log->write($u['users_id'], $log);
// Clear caches
$tpl = new suxTemplate('user');
$tpl->clearCache(null, $_SESSION['nickname']);
$tpl->clearCache(null, $u['nickname']);
}
}
break;
}
}
/**
* Render edit links
*
* @param array $params smarty {insert} parameters
* @return string html
*/
function insert_editLinks($params)
{
if (!isset($_SESSION['users_id'])) {
return null;
}
if (empty($params['album_id'])) {
return null;
}
if (!filter_var($params['album_id'], FILTER_VALIDATE_INT) || $params['album_id'] < 1) {
return null;
}
$br = null;
if (isset($params['br'])) {
$br = '<br />';
}
// Check that the user is allowed to edit this album
$u = new suxUser();
if (!$u->isRoot()) {
$photo = new suxPhoto();
$access = $u->getAccess('photos');
if ($access < $GLOBALS['CONFIG']['ACCESS']['photos']['admin']) {
if ($access < $GLOBALS['CONFIG']['ACCESS']['photos']['publisher']) {
return null;
} elseif (!$photo->isAlbumOwner($params['album_id'], $_SESSION['users_id'])) {
return null;
}
}
}
$edit = suxFunct::makeUrl('/photos/album/edit/' . $params['album_id']);
$annotate = suxFunct::makeUrl('/photos/album/annotate/' . $params['album_id']);
$upload = suxFunct::makeUrl('/photos/upload/' . $params['album_id']);
$text = suxFunct::gtext('photos');
$html = '';
$html .= "<a href='{$edit}'>{$text['edit_2']}</a>{$br}";
$html .= "<a href='{$upload}'>{$text['upload']}</a>{$br}";
$html .= "<a href='{$annotate}'>{$text['annotate_2']}</a>{$br}";
if (isset($params['div'])) {
return '<div class="editLinks">' . $html . '</div>';
} else {
return $html;
}
}
/**
* Show a user if they are logged in or not
*/
function id_res_mode()
{
/* Assert truthiness of openid_identity and act accordingly */
if (!empty($_GET['openid_identity']) && $this->complete($_GET['openid_identity'])) {
// Success
// we have verified the identity
// a maze of if/else follows...
$this->destroyOpenIDSession();
$u = $this->user->getUserByOpenID($_GET['openid_identity']);
if ($u) {
if ($this->user->loginCheck() && $_SESSION['users_id'] != $u['users_id']) {
// Wrong openid?
$this->wrapHtml($this->r->gtext['error_id_conflict']);
} else {
// Log this user in
$this->user->setSession($u['users_id']);
suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $u['nickname']));
}
} elseif ($this->user->loginCheck()) {
if (!$this->urlDescends($_GET['openid_identity'], $this->profile['my_url'])) {
// This must be this users id, attach it
$this->user->attachOpenID($_GET['openid_identity']);
}
// Send this user to their own page
suxFunct::redirect(suxFunct::makeUrl('/user/profile/' . $_SESSION['nickname']));
} else {
// Forward to registration
$_SESSION['openid_url_registration'] = $_GET['openid_identity'];
$_SESSION['openid_url_integrity'] = md5($_GET['openid_identity'] . @$GLOBALS['CONFIG']['SALT']);
// Sreg
$query = null;
foreach ($_REQUEST as $key => $val) {
if (preg_match('/^openid_sreg_/', $key)) {
$tmp = str_replace('openid_sreg_', '', $key);
$query[$tmp] = $val;
}
}
suxFunct::redirect(suxFunct::makeUrl('/user/register', $query));
}
} elseif (!empty($_GET['openid_identity'])) {
// Failure
$this->destroyOpenIDSession();
$this->wrapHtml($this->r->gtext['error_failed'] . ': ' . $_GET['openid_identity']);
} else {
// Otherwise, provide useless info
$this->destroyOpenIDSession();
if ($this->user->loginCheck()) {
$this->wrapHtml($this->r->gtext['logged_in'] . ' ' . $_SESSION['nickname']);
} else {
$this->wrapHtml($this->r->gtext['not_logged_in']);
}
}
}
/**
* Process the form
*
* @param array $clean reference to validated $_POST
*/
function formProcess(&$clean)
{
if (!isset($_FILES['image']) || !is_uploaded_file($_FILES['image']['tmp_name'])) {
throw new Exception('No file uploaded?');
}
// Check that the user is allowed to upload photos / Security check #2
if (!$this->user->isRoot()) {
$access = $this->user->getAccess($this->module);
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['admin']) {
if ($access < $GLOBALS['CONFIG']['ACCESS'][$this->module]['publisher']) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
} elseif (!$this->photo->isAlbumOwner($clean['album'], $_SESSION['users_id'])) {
suxFunct::redirect(suxFunct::makeURL('/photos'));
}
}
}
// Commence collecting $photo array
$photo['photoalbums_id'] = $clean['album'];
// Get extension
$format = explode('.', $_FILES['image']['name']);
$format = strtolower(end($format));
// Set the data dir
$data_dir = suxFunct::dataDir($this->module);
if ($format != 'zip') {
// ----------------------------------------------------------------
// Image file
// ----------------------------------------------------------------
list($resize, $fullsize) = suxPhoto::renameImage($_FILES['image']['name']);
$photo['image'] = $resize;
// Add image to $photo array
$resize = $data_dir . "/{$resize}";
$fullsize = $data_dir . "/{$fullsize}";
$md5 = md5_file($_FILES['image']['tmp_name']);
if (!$this->photo->isDupe($md5, $_SESSION['users_id'], $photo['photoalbums_id'])) {
suxPhoto::resizeImage($format, $_FILES['image']['tmp_name'], $resize, $this->tpl->getConfigVars('thumbnailWidth'), $this->tpl->getConfigVars('thumbnailHeight'));
move_uploaded_file($_FILES['image']['tmp_name'], $fullsize);
// Insert $photo into database
$photo['md5'] = $md5;
$this->photo->savePhoto($_SESSION['users_id'], $photo);
}
} else {
// ----------------------------------------------------------------
// Zip file
// ----------------------------------------------------------------
$tmp_dir = $GLOBALS['CONFIG']['PATH'] . '/temporary/' . md5(uniqid(mt_rand(), true));
if (!is_dir($tmp_dir) && !mkdir($tmp_dir, 0777, true)) {
throw new Exception('Can\'t create temp dir ' . $tmp_dir);
}
if (suxFunct::unzip($_FILES['image']['tmp_name'], $tmp_dir)) {
$valid_formats = array('jpg', 'jpeg', 'png', 'gif');
$files = array();
foreach (new RecursiveIteratorIterator(new RecursiveDirectoryIterator($tmp_dir)) as $file) {
if (!$file->isFile()) {
continue;
}
if (mb_strpos($file->getPathname(), '__MACOSX') !== false) {
continue;
}
$files[$file->getPathname()] = $file->getFilename();
}
foreach ($files as $filepath => $file) {
$format = explode('.', $file);
$format = strtolower(end($format));
if (!in_array($format, $valid_formats)) {
continue;
}
// Skip
list($resize, $fullsize) = suxPhoto::renameImage($file);
$photo['image'] = $resize;
// Add image to $photo array
$resize = $data_dir . "/{$resize}";
$fullsize = $data_dir . "/{$fullsize}";
$md5 = md5_file($filepath);
if (!$this->photo->isDupe($md5, $_SESSION['users_id'], $photo['photoalbums_id'])) {
suxPhoto::resizeImage($format, $filepath, $resize, $this->tpl->getConfigVars('thumbnailWidth'), $this->tpl->getConfigVars('thumbnailHeight'));
copy($filepath, $fullsize);
// Insert $photo into database
$photo['md5'] = $md5;
$this->photo->savePhoto($_SESSION['users_id'], $photo);
}
}
}
suxFunct::obliterateDir($tmp_dir);
}
$this->log->write($_SESSION['users_id'], "sux0r::photosUpload() photoalbums_id: {$photo['photoalbums_id']}", 1);
// Private
$this->photo->setPublished(true);
$tmp = $this->photo->getAlbumByID($photo['photoalbums_id']);
// Is actually published?
$this->photo->setPublished(null);
// Revert
if ($tmp) {
// Clear all caches, cheap and easy
$this->tpl->clearAllCache();
// Log message
$log = '';
$url = suxFunct::makeUrl("/user/profile/{$_SESSION['nickname']}", null, true);
$log .= "<a href='{$url}'>{$_SESSION['nickname']}</a> ";
$log .= mb_strtolower($this->r->gtext['uploaded_images']);
$url = suxFunct::makeUrl("/photos/album/{$tmp['id']}", null, true);
$log .= " <a href='{$url}'>{$tmp['title']}</a>";
// Log
$this->log->write($_SESSION['users_id'], $log);
// Clear caches, cheap and easy
$tpl = new suxTemplate('user');
$tpl->clearCache(null, $_SESSION['nickname']);
}
}
/**
* The form was successfuly processed
*/
function formSuccess()
{
$this->tpl->clearCache(null, $_SESSION['nickname']);
// Clear cache
suxFunct::redirect(suxFunct::makeUrl('/blog/bookmarks/' . $this->id));
// Pass this on to bookmarks for scanning
}
/**
* controller
*
* @author Dac Chartrand <*****@*****.**>
* @license http://www.fsf.org/licensing/licenses/gpl-3.0.html
*/
function sux($action, $params = null)
{
switch ($action) {
case 'admin':
// --------------------------------------------------------------------
// Admin
// --------------------------------------------------------------------
$admin = new photosAdmin();
if ($admin->formValidate($_POST)) {
$admin->formProcess($_POST);
$admin->formSuccess();
} else {
$admin->formBuild($_POST);
}
break;
case 'view':
// --------------------------------------------------------------------
// View
// --------------------------------------------------------------------
if (empty($params[0]) || !filter_var($params[0], FILTER_VALIDATE_INT) || $params[0] < 1) {
suxFunct::redirect(suxFunct::makeUrl('/photos'));
}
$photos = new photos();
$photos->view($params[0]);
break;
case 'upload':
// --------------------------------------------------------------------
// Upload
// --------------------------------------------------------------------
$edit = new photosUpload(@$params[0]);
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
case 'album':
// --------------------------------------------------------------------
// Edit
// --------------------------------------------------------------------
if ($params[0] == 'edit') {
$id = !empty($params[1]) ? $params[1] : null;
$edit = new photoalbumsEdit($id);
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
} elseif ($params[0] == 'annotate') {
if (empty($params[1]) || !filter_var($params[1], FILTER_VALIDATE_INT) || $params[1] < 1) {
suxFunct::redirect(suxFunct::makeUrl('/photos'));
}
$edit = new photosEdit($params[1]);
if ($edit->formValidate($_POST)) {
$edit->formProcess($_POST);
$edit->formSuccess();
} else {
$edit->formBuild($_POST);
}
break;
} else {
if (empty($params[0]) || !filter_var($params[0], FILTER_VALIDATE_INT) || $params[0] < 1) {
suxFunct::redirect(suxFunct::makeUrl('/photos'));
}
$photos = new photos();
$photos->album($params[0]);
break;
}
case 'user':
// --------------------------------------------------------------------
// User
// --------------------------------------------------------------------
if (empty($params[0])) {
suxFunct::redirect(suxFunct::makeUrl('/photos'));
}
$photos = new photos();
$photos->listing($params[0]);
break;
case 'rss':
// --------------------------------------------------------------------
// RSS
// --------------------------------------------------------------------
$photos = new photos();
$photos->rss();
break;
default:
$photos = new photos();
$photos->listing();
break;
}
}
/**
* Listing
*
* @param int $feeds_id a feed id
*/
function listing($feeds_id = null)
{
// Check if the user has any subscriptions
$subscriptions = array();
if (isset($_SESSION['users_id'])) {
$subscriptions = $this->link->getLinks('link__rss_feeds__users', 'users', $_SESSION['users_id']);
$this->tpl->assign('users_id', $_SESSION['users_id']);
}
// Assign stuff
$this->r->text['form_url'] = suxFunct::makeUrl("/feeds/{$feeds_id}");
// Forum Url
$cache_id = null;
// Title
if ($feeds_id) {
$this->r->title .= " | {$this->r->gtext['feed']}";
$tmp = $this->rss->getFeedByID($feeds_id);
if ($tmp) {
$this->r->title .= " | {$tmp['title']}";
}
} else {
$this->r->title .= " | {$this->r->gtext['feeds']}";
}
if (list($vec_id, $cat_id, $threshold, $start, $search) = $this->nb->isValidFilter()) {
// ---------------------------------------------------------------
// Filtered results
// ---------------------------------------------------------------
if ($feeds_id || !count($subscriptions)) {
// Regular queries
$max = $this->rss->countItems($feeds_id);
$eval = '$this->rss->getItems($this->pager->limit, $start, ' . ($feeds_id ? $feeds_id : 'null') . ')';
} else {
// User has subscriptions, we need special JOIN queries
$max = $this->countUserItems($_SESSION['users_id']);
$eval = '$this->getUserItems($_SESSION[\'users_id\'], $this->pager->limit, $start)';
}
$this->r->arr['feeds'] = $this->filter($max, $vec_id, $cat_id, $threshold, $start, $eval, $search);
// Important: $start is a reference
if ($start < $max) {
if ($threshold !== false) {
$params = array('threshold' => $threshold, 'filter' => $cat_id);
} else {
$params = array('filter' => $cat_id);
}
$params['search'] = $search;
$url = suxFunct::makeUrl("/feeds/{$feeds_id}", $params);
$this->r->text['pager'] = $this->pager->continueURL($start, $url);
}
} else {
// ---------------------------------------------------------------
// Paged results, cached
// ---------------------------------------------------------------
// Get nickname
if (isset($_SESSION['nickname'])) {
$nn = $_SESSION['nickname'];
} else {
$nn = 'nobody';
}
$this->pager->setStart();
// Start pager
// "Cache Groups" using a vertical bar |
$cache_id = "{$nn}|listing|{$feeds_id}|{$this->pager->start}";
$this->tpl->caching = 1;
if (!$this->tpl->isCached('scroll.tpl', $cache_id)) {
if ($feeds_id || !count($subscriptions)) {
// Regular queries
$this->pager->setPages($this->rss->countItems($feeds_id));
$this->r->arr['feeds'] = $this->rss->getItems($this->pager->limit, $this->pager->start, $feeds_id);
} else {
// User has subscriptions, we need special JOIN queries
$this->pager->setPages($this->countUserItems($_SESSION['users_id']));
$this->r->arr['feeds'] = $this->getUserItems($_SESSION['users_id'], $this->pager->limit, $this->pager->start);
}
$this->r->text['pager'] = $this->pager->pageList(suxFunct::makeUrl("/feeds/{$feeds_id}"));
if (!count($this->r->arr['feeds'])) {
$this->tpl->caching = 0;
}
// Nothing to cache, avoid writing to disk
}
}
$this->tpl->display('scroll.tpl', $cache_id);
}
/**
* Redirect to openid module
*
* @param array $clean reference to validated $_POST
*/
function formHandoff(&$clean)
{
$q = array('openid.mode' => 'login', 'openid_url' => $clean['url']);
$url = suxFunct::makeUrl('/openid/register/openid', $q);
suxFunct::redirect($url);
}
/**
* Display RSS Feed
*/
function rss()
{
// Cache
$cache_id = 'rss';
$this->tpl->caching = 1;
if (!$this->tpl->isCached('rss.tpl', $cache_id)) {
$fp = $this->bm->get($this->pager->limit);
if ($fp) {
$rss = new suxRSS();
$title = "{$this->r->title} | {$this->r->gtext['bookmarks']}";
$url = suxFunct::makeUrl('/bookmarks', null, true);
$rss->outputRSS($title, $url, null);
foreach ($fp as $item) {
$rss->addOutputItem($item['title'], $item['url'], $item['body_html']);
}
$this->tpl->assign('xml', $rss->saveXML());
}
}
// Template
header('Content-type: text/xml; charset=utf-8');
$this->tpl->display('rss.tpl', $cache_id);
}
// Set utf-8
header('Content-Type: text/html;charset=utf-8');
mb_internal_encoding('UTF-8');
mb_regex_encoding('UTF-8');
mb_language('uni');
// Avoid problems with arg_separator.output
ini_set('arg_separator.output', '&');
// Set the default timezone
date_default_timezone_set($GLOBALS['CONFIG']['TIMEZONE']);
// Get rid of magic quotes
if (get_magic_quotes_gpc() && !ini_get('magic_quotes_sybase')) {
$in = array(&$_GET, &$_POST, &$_REQUEST, &$_COOKIE, &$_FILES);
while (list($k, $v) = each($in)) {
foreach ($v as $key => $val) {
if (!is_array($val)) {
$in[$k][$key] = stripslashes($val);
continue;
}
$in[] =& $in[$k][$key];
}
}
unset($in);
}
// Include suxUser
require_once $GLOBALS['CONFIG']['PATH'] . '/includes/suxUser.php';
// Validate user $_SESSION
if (isset($_SESSION['users_id']) || isset($_SESSION['nickname'])) {
$u = new suxUser();
$u->loginCheck(suxFunct::makeUrl('/home'));
}
unset($u);
<?php
/* Navigation menu */
$gtext['navcontainer'] = array('Home' => suxFunct::makeUrl('/home'), 'Blog' => array(suxFunct::makeUrl('/blog'), suxFunct::getModuleMenu('blog')), 'Feeds' => array(suxFunct::makeUrl('/feeds'), suxFunct::getModuleMenu('feeds')), 'Bookmarks' => array(suxFunct::makeUrl('/bookmarks'), suxFunct::getModuleMenu('bookmarks')), 'Photos' => array(suxFunct::makeUrl('/photos'), suxFunct::getModuleMenu('photos')), 'Source Code' => 'http://sourceforge.net/projects/sux0r/');
/* Copyright */
$gtext['copyright'] = '<a href="http://sux0r.trotch.com/">sux0r</a> is copyleft ©
<a href="http://www.trotch.com/">Trotch.com</a> ' . date('Y') . ' and is distributed under
the <a href="http://www.fsf.org/licensing/licenses/gpl-3.0.html">GNU General Public License</a>.
Hosting by <a href="http://www.networkredux.com/">Network Redux</a>.';
$gtext['data_license'] = 'Unless otherwise specified, contents of this site are copyright by the contributors and available under the <br />
<a href="http://creativecommons.org/licenses/by/3.0/">Creative Commons Attribution 3.0</a>.
Contributors should be attributed by full name or nickname.';
/* Now back our regular scheduled program */
$gtext['404_continue'] = 'Click here to continue';
$gtext['404_h1'] = 'Oops, Page Not Found (Error 404)';
$gtext['404_p1'] = 'For some reason (mis-typed URL, faulty referral from another site, out-of-date search engine listing or we simply deleted a file) the page you were after is not here.';
$gtext['admin'] = 'Administration';
$gtext['banned_continue'] = 'Click here to continue';
$gtext['banned_h1'] = 'Banned';
$gtext['banned_p1'] = 'You have been a bad person, a very very bad person.';
$gtext['continue'] = 'Continue';
$gtext['home'] = 'Home';
$gtext['login'] = '******';
$gtext['logout'] = 'Logout';
$gtext['register'] = 'Register';
$gtext['welcome'] = 'Welcome';
/**
* Get the stalkers
*
* @param int $users_id
* @return string html
*/
function stalkers($users_id)
{
if (!filter_var($users_id, FILTER_VALIDATE_INT) || $users_id < 1) {
return null;
}
// Cache
static $html = null;
if ($html != null) {
return $html;
}
$html = '';
$soc = new suxSocialNetwork();
$rel = $soc->getStalkers($users_id);
if (!$rel) {
return $html;
}
$tpl = new suxTemplate('user');
$tpl->configLoad('my.conf', 'user');
$tw = $tpl->getConfigVars('thumbnailWidth');
$th = $tpl->getConfigVars('thumbnailHeight');
foreach ($rel as $val) {
$u = $this->user->getByID($val['users_id'], true);
if (!$u) {
continue;
}
// Skip
$url = suxFunct::makeUrl('/user/profile/' . $u['nickname']);
if (empty($u['image'])) {
$img = suxFunct::makeUrl('/') . "/media/{$this->partition}/assets/proletariat.gif";
} else {
$u['image'] = rawurlencode($u['image']);
$img = suxFunct::makeUrl('/') . "/data/user/{$u['image']}";
}
$html .= "<a href='{$url}' class='stalker'>";
$html .= "<img src='{$img}' class='stalker' width='{$tw}' height='{$th}' alt='{$u['nickname']}' title = '{$u['nickname']}' />";
$html .= "</a>";
}
return $html;
}
