/** * set contact information. * * @access public * @return void */ public function setContact() { if (!empty($_POST)) { if (!empty($_POST['email'])) { if (!validater::checkEmail($this->post->email)) { $this->send(array('result' => 'fail', 'message' => $this->lang->company->error->email)); } } $contact = array('contact' => helper::jsonEncode($_POST)); $result = $this->loadModel('setting')->setItems('system.common.company', $contact); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->setSuccess)); } $this->send(array('result' => 'fail', 'message' => $this->lang->fail)); } $this->view->title = $this->lang->company->setContact; $this->view->contact = json_decode($this->config->company->contact); $this->display(); }
public function update($assetID) { $skipFields = ''; $skipFields .= $this->loadModel('custom')->dealWithCustomArrayField(); $oldAsset = $this->getAssetById($assetID); $now = helper::now(); $address = fixer::input('post')->get('address'); $extendaddress = fixer::input('post')->get('extendaddress'); $devicenumber = fixer::input('post')->get('devicenumber'); $code = fixer::input('post')->get('code'); $module = $this->loadModel('info')->getAllChildId(fixer::input('post')->cleanInt('module')->setDefault('module', 0)->get('module'), 'asset'); $result1 = $this->dao->select('*')->from(TABLE_INFOASSET)->where('address')->eq($extendaddress)->andWhere('address')->ne('IP Format Error')->andWhere('address')->ne('Conflict!')->andWhere('address')->ne('')->beginIF($module)->andWhere('module')->in($module)->fi()->fetchAll(); $result2 = $this->dao->select('*')->from(TABLE_INFOASSET)->where('extendaddress')->eq($address)->andWhere('extendaddress')->ne('IP Format Error')->andWhere('extendaddress')->ne('Conflict!')->andWhere('extendaddress')->ne('')->beginIF($module)->andWhere('module')->in($module)->fi()->fetchAll(); $asset = fixer::input('post')->cleanInt('module')->setDefault('module', 0)->add('lastEditedBy', $this->app->user->account)->add('lastEditedDate', $now)->setDefault('lenddate', '0000-00-00')->setDefault('returndate', '0000-00-00')->setDefault('product', '0')->setDefault('project', '0')->setIF(!(strlen(trim($extendaddress)) == 0) && !validater::checkIP($extendaddress), 'extendaddress', 'IP Format Error')->setIF(!(strlen(trim($address)) == 0) && !validater::checkIP($address), 'address', 'IP Format Error')->removeIF(trim($address) == trim($extendaddress), 'extendaddress')->setIF($result1, 'extendaddress', 'Conflict!')->setIF($result2, 'address', 'Conflict!')->get(); $condition = "`lib` = '{$asset->lib}' AND module = '{$asset->module}' and id != '{$assetID}'"; $conditionaddress = $condition . " and address != 'IP Format Error' and address != 'Conflict!'"; $conditionextaddress = $condition . " and extendaddress != 'IP Format Error' and extendaddress != 'Conflict!'"; $this->dao->update(TABLE_INFOASSET)->data($asset)->autoCheck($skipFields)->batchCheck($this->config->asset->edit->requiredFields, 'notempty')->check('hostname', 'unique', $condition)->checkIF(!(strlen(trim($address)) == 0), 'address', 'unique', $conditionaddress)->checkIF(!(strlen(trim($extendaddress)) == 0), 'extendaddress', 'unique', $conditionextaddress)->checkIF(!(strlen(trim($devicenumber)) == 0), 'devicenumber', 'unique', $condition)->checkIF(!(strlen(trim($code)) == 0), 'code', 'unique', $condition)->where('id')->eq((int) $assetID)->exec(); $asset->editedCount = $asset->editedCount - 1; if (!dao::isError()) { return common::createChanges($oldAsset, $asset); } }
/** * Detect email config auto. * * @access public * @return void */ public function detect() { if ($_POST) { if ($this->post->fromAddress == false) { $error = sprintf($this->lang->error->notempty, $this->lang->mail->fromAddress); $message = array('fromAddress' => $error); $this->send(array('result' => 'fail', 'message' => $message)); } if (!validater::checkEmail($this->post->fromAddress)) { $error = sprintf($this->lang->error->email, $this->lang->mail->fromAddress); $message = array('fromAddress' => $error); $this->send(array('result' => 'fail', 'message' => $message)); } $mailConfig = $this->mail->autoDetect($this->post->fromAddress); $mailConfig->fromAddress = $this->post->fromAddress; $this->session->set('mailConfig', $mailConfig); $this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => inlink('edit'))); } $this->view->title = $this->lang->mail->common . $this->lang->colon . $this->lang->mail->detect; $this->view->position[] = html::a(inlink('index'), $this->lang->mail->common); $this->view->position[] = $this->lang->mail->detect; $this->view->fromAddress = $this->session->mailConfig ? $this->session->mailConfig->fromAddress : ''; $this->display(); }
/** * Detect email config auto. * * @access public * @return void */ public function detect() { if ($_POST) { $error = ''; if ($this->post->fromAddress == false) { $error = sprintf($this->lang->error->notempty, $this->lang->mail->fromAddress); } if (!validater::checkEmail($this->post->fromAddress)) { $error .= '\\n' . sprintf($this->lang->error->email, $this->lang->mail->fromAddress); } if ($error) { die(js::alert($error)); } $mailConfig = $this->mail->autoDetect($this->post->fromAddress); $mailConfig->fromAddress = $this->post->fromAddress; $this->session->set('mailConfig', $mailConfig); die(js::locate(inlink('edit'), 'parent')); } $this->view->title = $this->lang->mail->common . $this->lang->colon . $this->lang->mail->detect; $this->view->position[] = html::a(inlink('index'), $this->lang->mail->common); $this->view->position[] = $this->lang->mail->detect; $this->view->fromAddress = $this->session->mailConfig ? $this->session->mailConfig->fromAddress : ''; $this->display(); }
/** * Edit for the source file. * * @param int $fileID * @access public * @return void */ public function sourceEdit($fileID) { $this->file->setSavePath('source'); $file = $this->file->getById($fileID); if (!empty($_POST)) { if (!$this->file->checkSavePath()) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->errorUnwritable)); } if ($this->post->filename == false or $this->post->filename == '') { $this->send(array('result' => 'fail', 'message' => $this->lang->file->nameEmpty)); } $filename = $this->post->filename; if (!validater::checkFileName($filename)) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->evilChar)); } if (!$this->post->continue) { $extension = $this->file->getExtension($_FILES['upFile']['name']); $sameUpFile = $this->file->checkSameFile(str_replace('.' . $extension, '', $_FILES['upFile']['name']), $fileID); $sameFilename = $this->file->checkSameFile($this->post->filename, $fileID); if (!empty($sameUpFile) or !empty($sameFilename)) { $this->send(array('result' => 'fail', 'error' => $this->lang->file->sameName)); } } $result = $this->file->sourceEdit($file, $filename); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => $this->createLink('file', 'browseSource'))); } $this->send(array('result' => 'fail', 'message' => dao::getError())); } $this->view->title = $this->lang->file->edit; $this->view->modalWidth = 500; $this->view->file = $file; $this->display(); }
/** * Update a public. * * @param int $publicID * @access public * @return void */ public function update($publicID) { if (!validater::checkReg($this->post->token, '|^[a-zA-Z0-9]{1}[a-zA-Z0-9]{1,30}[a-zA-Z0-9]{1}$|')) { dao::$errors['token'][] = $this->lang->error->token; } $public = fixer::input('post')->get(); $this->dao->update(TABLE_WX_PUBLIC)->data($public)->autoCheck()->batchCheck($this->config->wechat->require->edit, 'notempty')->where('id')->eq($publicID)->exec(); return !dao::isError(); }
/** * Check the passwds posted. * * @access public * @return bool */ public function checkPassword() { if ($this->post->password1 != false) { if ($this->post->password1 != $this->post->password2) { dao::$errors['password'][] = $this->lang->error->passwordsame; } if (!validater::checkReg($this->post->password1, '|(.){6,}|')) { dao::$errors['password'][] = $this->lang->error->passwordrule; } } return !dao::isError(); }
/** * Check phone number. * * @param string $var * @static * @access public * @return void */ public static function checkPhone($var) { return validater::checkTel($var) or validater::checkMobile($var); }
/** * Update project member. * * @access public * @return void */ public function upgradeProjectMember() { $projects = $this->loadModel('project', 'oa')->getList(); foreach ($projects as $project) { $member = new stdclass(); $member->type = 'project'; $member->id = $project->id; /* Move master to team table. */ if (!empty($project->master)) { $member->account = $project->master; $member->role = 'role'; $this->dao->replace(TABLE_TEAM)->data($member)->exec(); } /* Move members to team table. */ if (!empty($project->member)) { $members = explode(',', $project->member); $member->role = 'member'; foreach ($members as $account) { if ($account == $project->master) { continue; } if (!validater::checkAccount($account)) { continue; } $member->account = $account; $this->dao->replace(TABLE_TEAM)->data($member)->exec(); } } return true; } }
/** * Save settings. * * @access public * @return void */ public function saveSetting() { $errors = ''; if (!$this->post->payment) { $errors['payment'] = array($this->lang->order->paymentRequired); } if (!$this->post->confirmLimit) { $errors['confirmLimit'] = array($this->lang->order->confirmLimitRequired); } if (in_array('alipay', $this->post->payment) and strlen($this->post->pid) != 16) { $errors['pid'] = array($this->lang->order->placeholder->pid); } if (in_array('alipay', $this->post->payment) and strlen($this->post->key) != 32) { $errors['key'] = array($this->lang->order->placeholder->key); } if (in_array('alipay', $this->post->payment) and !validater::checkEmail($this->post->email)) { $errors['email'] = array(sprintf($this->lang->error->email, $this->lang->order->alipayEmail)); } if (!empty($errors)) { return array('result' => 'fail', 'message' => $errors); } $shopSetting = array(); $shopSetting['payment'] = join(',', $this->post->payment); $shopSetting['confirmLimit'] = $this->post->confirmLimit; $this->loadModel('setting')->setItems('system.common.shop', $shopSetting); $alipaySetting = array(); $alipaySetting['pid'] = $this->post->pid; $alipaySetting['key'] = $this->post->key; $alipaySetting['email'] = $this->post->email; $result = $this->loadModel('setting')->setItems('system.common.alipay', $alipaySetting); return array('result' => 'success', 'message' => $this->lang->saveSuccess); }
/** * Edit for the source file. * * @param int $fileID * @access public * @return void */ public function sourceEdit($fileID) { $this->file->setSavePath('source'); $file = $this->file->getById($fileID); if (!empty($_POST)) { if (!$this->file->checkSavePath()) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->errorUnwritable)); } if ($this->post->filename == false or $this->post->filename == '') { $this->send(array('result' => 'fail', 'message' => $this->lang->file->nameEmpty)); } $filename = $this->post->filename; if (!validater::checkFileName($filename)) { $this->send(array('result' => 'fail', 'message' => $this->lang->file->evilChar)); } $result = $this->file->sourceEdit($file, $filename); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->saveSuccess, 'locate' => $this->createLink('file', 'browseSource'))); } $this->send(array('result' => 'fail', 'message' => dao::getError())); } $this->view->title = $this->lang->file->edit; $this->view->modalWidth = 500; $this->view->file = $file; $this->display(); }
/** * Identify a user. * * @param string $account the account * @param string $password the password the plain password or the md5 hash * @access public * @return object if is valid user, return the user object. */ public function identify($account, $password) { if (!$account or !$password) { return false; } /* First get the user from database by account or email. */ $user = $this->dao->setAutolang(false)->select('*')->from(TABLE_USER)->beginIF(validater::checkEmail($account))->where('email')->eq($account)->fi()->beginIF(!validater::checkEmail($account))->where('account')->eq($account)->fi()->fetch(); /* Then check the password hash. */ if (!$user) { return false; } /* Can not login before ten minutes when user is locked. */ if ($user->locked != '0000-00-00 00:00:00') { $dateDiff = (strtotime($user->locked) - time()) / 60; /* Check the type of lock and show it. */ if ($dateDiff > 0 && $dateDiff <= 3) { $this->lang->user->loginFailed = sprintf($this->lang->user->locked, '3' . $this->lang->date->minute); return false; } elseif ($dateDiff > 3) { $dateDiff = ceil($dateDiff / 60 / 24); $this->lang->user->loginFailed = $dateDiff <= 30 ? sprintf($this->lang->user->locked, $dateDiff . $this->lang->date->day) : $this->lang->user->lockedForEver; return false; } else { $user->fails = 0; $user->locked = '0000-00-00 00:00:00'; } } /* The password can be the plain or the password after md5. */ if (!$this->compareHashPassword($password, $user) and $user->password != $this->createPassword($password, $user->account)) { /* Save login log if user is admin. */ if ($user->admin == 'super' or $user->admin == 'common') { $this->saveLog($user->account, 'fail'); } $user->fails++; if ($user->fails > 2 * 4) { $user->locked = date('Y-m-d H:i:s', time() + 3 * 60); } $this->dao->setAutolang(false)->update(TABLE_USER)->data($user)->where('id')->eq($user->id)->exec(); return false; } /* Update user data. */ $user->ip = $this->server->remote_addr; $user->last = helper::now(); $user->fails = 0; $user->visits++; /* Save login log if user is admin. */ if ($user->admin == 'super' or $user->admin == 'common') { $this->saveLog($user->account, 'success'); } $this->dao->setAutolang(false)->update(TABLE_USER)->data($user)->where('account')->eq($account)->exec(); $user->realname = $this->computeRealname($user); $user->shortLast = substr($user->last, 5, -3); $user->shortJoin = substr($user->join, 5, -3); unset($_SESSION['random']); if (commonModel::isAvailable('score')) { $viewType = $this->app->getViewType(); if ($user) { $this->app->user->account = $account; if ($user->maxLogin > 0) { $this->app->loadConfig('score'); $login = $this->config->score->counts->login; $this->dao->update(TABLE_USER)->set('maxLogin = maxLogin - ' . $login)->where('account')->eq($account)->exec(); $this->loadModel('score')->earn('login', '', '', 'LOGIN'); } } } return $user; }
if (validater::checkCode(substr($name, 0, 1)) and validater::checkCode(substr($name, 1, 1))) { $rightName .= strtoupper(substr($name, 1, 1)); } ?> <?php if (validater::checkCode(substr($name, 0, 1)) and !validater::checkCode(substr($name, 1, 1))) { $rightName .= strtoupper(substr($name, 1, 3)); } ?> <?php if (!validater::checkCode(substr($name, 0, 1)) and validater::checkCode(substr($name, 3, 1))) { $rightName .= strtoupper(substr($name, 3, 1)); } ?> <?php if (!validater::checkCode(substr($name, 0, 1)) and !validater::checkCode(substr($name, 3, 1))) { $rightName .= substr($name, 3, 3); } ?> <i class='icon icon-default' style="background-color: hsl(<?php echo $right['id'] * 47 % 360; ?> , 100%, 40%)"> <span><?php echo $rightName; ?> </span></i> <?php } ?> <?php echo html::checkbox('apps', array($code => $right['name']), $right['right'] == '1' ? $code : '');
/** * Edit file. * * @param int $fileID * @access public * @return void */ public function edit($fileID) { $this->replaceFile($fileID); $fileInfo = fixer::input('post')->remove('upFile')->get(); if (!validater::checkFileName($fileInfo->title)) { return false; } $fileInfo->lang = 'all'; $this->dao->update(TABLE_FILE)->data($fileInfo)->autoCheck()->batchCheck($this->config->file->require->edit, 'notempty')->where('id')->eq($fileID)->exec(); $this->dao->setAutoLang(false)->update(TABLE_FILE)->data($fileInfo)->autoCheck()->batchCheck($this->config->file->require->edit, 'notempty')->where('id')->eq($fileID)->exec(); }
/** * Identify a user. * * @param string $account the account * @param string $password the password the plain password or the md5 hash * @access public * @return object if is valid user, return the user object. */ public function identify($account, $password) { if (!$account or !$password) { return false; } /* First get the user from database by account or email. */ $user = $this->dao->select('*')->from(TABLE_USER)->where('deleted')->eq('0')->beginIF(validater::checkEmail($account))->andWhere('email')->eq($account)->fi()->beginIF(!validater::checkEmail($account))->andWhere('account')->eq($account)->fi()->fetch(); /* Then check the password hash. */ if (!$user) { return false; } /* Can not login before ten minutes when user is locked. */ if ($user->locked != '0000-00-00 00:00:00') { $dateDiff = (strtotime($user->locked) - time()) / 60; /* Check the type of lock and show it. */ if ($dateDiff > 0 && $dateDiff <= 10) { $this->lang->user->loginFailed = sprintf($this->lang->user->locked, '10' . $this->lang->date->minute); return false; } elseif ($dateDiff > 10) { $dateDiff = ceil($dateDiff / 60 / 24); $this->lang->user->loginFailed = $dateDiff <= 30 ? sprintf($this->lang->user->locked, $dateDiff . $this->lang->date->day) : $this->lang->user->lockedForEver; return false; } else { $user->fails = 0; $user->locked = '0000-00-00 00:00:00'; } } /* The password can be the plain or the password after md5. */ if (!$this->compareHashPassword($password, $user)) { $user->fails++; if ($user->fails > 2) { $user->locked = date('Y-m-d H:i:s', time() + 10 * 60); } $this->dao->update(TABLE_USER)->data($user)->where('id')->eq($user->id)->exec(); return false; } /* Update user data. */ $user->ip = $this->server->remote_addr; $user->last = helper::now(); $user->ping = helper::now(); $user->fails = 0; $user->visits++; /* Update password when create password by oldCreatePassword function. */ $this->dao->update(TABLE_USER)->data($user)->where('account')->eq($account)->exec(); $user->realname = empty($user->realname) ? $account : $user->realname; $user->shortLast = substr($user->last, 5, -3); $user->shortJoin = substr($user->join, 5, -3); unset($_SESSION['random']); /* Save sign in info. */ $this->loadModel('attend', 'oa')->signIn($user->account); /* Return him.*/ return $user; }
/** * Send mail code. * * @access public * @return void */ public function sendMailCode($account = '') { $account = ($account and $account != 'qq') ? $account : $this->app->user->account; $user = $this->loadModel('user')->getByAccount($account); $email = $this->post->email ? $this->post->email : $user->email; $lastSendVar = "lastSendTo{$account}"; $lastSendTime = $this->session->{$lastSendVar}; if (time() - $lastSendTime < 180) { $this->send(array('result' => 'fail', 'message' => $this->lang->mail->trySendlater)); } if (!$this->config->mail->turnon) { $this->send(array('result' => 'fail', 'message' => $this->lang->mail->noConfigure)); } if (empty($email)) { $this->send(array('result' => 'fail', 'message' => $this->lang->mail->noEmail)); } if (!validater::checkEmail($email)) { $this->send(array('result' => 'fail', 'message' => $this->lang->mail->error)); } if (!$lastSendTime or time() - $lastSendTime > 1800 or !$this->session->verifyCode) { $this->session->set('verifyCode', mt_rand()); } $content = sprintf($this->lang->mail->sendContent, $account, $this->config->site->name, $this->server->http_host, $this->session->verifyCode, $this->config->site->name); $this->loadModel('mail')->send($email, $this->lang->mail->captcha, $content, true); if (!$this->mail->isError()) { $this->session->set('lastSendTo' . $account, time()); $this->send(array('result' => 'success', 'message' => sprintf($this->lang->mail->sendSuccess, $email))); } $error = str_replace('\\n', "<br />", join('', $this->mail->getError())); $this->send(array('result' => 'fail', 'message' => $error)); }
/** * Print block. * * @param int $index * @access public * @return void */ public function printBlock($index) { $block = $this->block->getBlock($index); if (empty($block)) { return false; } $html = ''; if ($block->block == 'html') { $html = "<div class='article-content'>" . htmlspecialchars_decode($block->params->html) . '</div>'; } elseif ($block->block == 'rss') { $html = $this->block->getRss($block); } elseif ($block->source != '') { $html = $this->block->getEntry($block); } elseif ($block->block == 'allEntries') { $entries = $this->loadModel('entry')->getEntries(); $html = "<div id='allEntriesBlock' class='all-entries'><table class='table'><tr>"; foreach ($entries as $entry) { $class = !$entry->buildin ? "class='iframe'" : ''; $size = $entry->size != 'max' ? json_decode($entry->size) : ''; $width = isset($size->width) ? "width={$size->width}" : ''; $height = isset($size->height) ? "height={$size->height}" : ''; $image = html::image($entry->logo, "width=18"); if (!$entry->logo) { $hue = $entry->id * 47 % 360; $name = $entry->abbr ? $entry->abbr : $entry->name; $entryName = validater::checkCode(substr($name, 0, 1)) ? strtoupper(substr($name, 0, 1)) : substr($name, 0, 3); if (validater::checkCode(substr($name, 0, 1)) and validater::checkCode(substr($name, 1, 1))) { $entryName .= strtoupper(substr($name, 1, 1)); } if (validater::checkCode(substr($name, 0, 1)) and !validater::checkCode(substr($name, 1, 1))) { $entryName .= strtoupper(substr($name, 1, 3)); } if (!validater::checkCode(substr($name, 0, 1)) and validater::checkCode(substr($name, 3, 1))) { $entryName .= strtoupper(substr($name, 3, 1)); } if (!validater::checkCode(substr($name, 0, 1)) and !validater::checkCode(substr($name, 3, 1))) { $entryName .= substr($name, 3, 3); } $image = "<i class='icon icon-default' style='background-color: hsl({$hue}, 100%, 40%)'> <span>" . $entryName . "</span></i> "; } $html .= "<td class='pull-left' width='33%'>" . html::a($entry->login, $image . $entry->name, "{$class} {$width} {$height}") . "</td>"; } $html .= "</tr></table></div>"; } elseif ($block->block == 'dynamic') { $html = $this->fetch('block', 'dynamic'); } die($html); }
/** * Check the passwds posted. * * @access public * @return bool */ public function checkPassword($canNoPassword = false) { if (!$canNoPassword and empty($_POST['password1'])) { dao::$errors['password'][] = sprintf($this->lang->error->notempty, $this->lang->user->password); } if ($this->post->password1 != false) { if ($this->post->password1 != $this->post->password2) { dao::$errors['password'][] = $this->lang->error->passwordsame; } if (!validater::checkReg($this->post->password1, '|(.){6,}|')) { dao::$errors['password'][] = $this->lang->error->passwordrule; } } return !dao::isError(); }
/** * Get info of uploaded files. * * @param string $htmlTagName * @access public * @return array */ public function getUpload($htmlTagName = 'files') { $files = array(); if (!isset($_FILES[$htmlTagName])) { return $files; } $this->app->loadClass('purifier', true); $config = HTMLPurifier_Config::createDefault(); $config->set('Cache.DefinitionImpl', null); $purifier = new HTMLPurifier($config); /* If the file var name is an array. */ if (is_array($_FILES[$htmlTagName]['name'])) { extract($_FILES[$htmlTagName]); foreach ($name as $id => $filename) { if (empty($filename)) { continue; } if (!validater::checkFileName($filename)) { continue; } $file['extension'] = $this->getExtension($filename); $file['pathname'] = $this->setPathName($id, $file['extension']); $file['title'] = !empty($_POST['labels'][$id]) ? htmlspecialchars($_POST['labels'][$id]) : str_replace('.' . $file['extension'], '', $filename); $file['title'] = $purifier->purify($file['title']); $file['size'] = $size[$id]; $file['tmpname'] = $tmp_name[$id]; $files[] = $file; } } else { if (empty($_FILES[$htmlTagName]['name'])) { return $files; } extract($_FILES[$htmlTagName]); if (!validater::checkFileName($name)) { return array(); } $file['extension'] = $this->getExtension($name); $file['pathname'] = $this->setPathName(0, $file['extension']); $file['title'] = !empty($_POST['labels'][0]) ? htmlspecialchars($_POST['labels'][0]) : substr($name, 0, strpos($name, $file['extension']) - 1); $file['title'] = $purifier->purify($file['title']); $file['size'] = $size; $file['tmpname'] = $tmp_name; return array($file); } return $files; }
/** * Batch check trades. * * @param array $trades * @access public * @return void */ public function batchCheck($trades) { $this->app->loadClass('filter', true); $errors = array(); foreach ($trades as $key => $trade) { $item = $this->lang->trade->money; if (empty($trade->money) or !validater::checkFloat($trade->money)) { $errors["money" . $key] = sprintf($this->lang->error->notempty, $item) . sprintf($this->lang->error->float, $item); } $item = $this->lang->trade->handlers; if (empty($trade->handlers)) { $errors['handlers' . $key] = sprintf($this->lang->error->notempty, $item); } $item = $this->lang->trade->date; if (empty($trade->date) or !validater::checkDate($trade->date)) { $errors['date' . $key] = sprintf($this->lang->error->date, $item) . sprintf($this->lang->error->notempty, $item); } } return $errors; }
/** * Set log. * * @access public * @return void */ public function setStat() { if (!empty($_POST)) { $setting = fixer::input('post')->get(); if (!$setting->saveDays or !validater::checkInt($setting->saveDays)) { $this->send(array('result' => 'fail', 'message' => $this->lang->site->saveDaysTip)); } $result = $this->loadModel('setting')->setItems('system.common.site', $setting); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->setSuccess)); } $this->send(array('result' => 'fail', 'message' => $this->lang->fail)); } $this->view->title = $this->lang->site->setStat; $this->display(); }
/** * Add a blacklist item. * * @access public * @return void */ public function addBlacklist() { $typeList = $this->lang->guarder->blacklistModes; if ($_POST) { $item = $this->post->identity; $type = 'keywords'; if (validater::checkIP($item)) { $type = 'ip'; } if (validater::checkEmail($item)) { $type = 'email'; } if (validater::checkAccount($item)) { $user = $this->loadModel('user')->getByAccount($item); if (!empty($user)) { $type = 'account'; } } $result = $this->guarder->punish($type, $item, $this->post->reason, $this->post->expired); if ($result) { $this->send(array('result' => 'success', 'message' => $this->lang->setSuccess, 'locate' => inlink('blacklist', "mode={$type}"))); } $this->send(array('result' => 'fail', 'message' => dao::geterror())); } $this->view->title = $this->lang->guarder->addBlacklist; $this->display(); }
/** * Reply a message. * * @param int $messageID * @access public * @return void */ public function reply($messageID) { $account = $this->app->user->account; $admin = $this->app->user->admin; $message = $this->getByID($messageID); $reply = fixer::input('post')->add('objectType', $message->type == 'reply' ? $message->objectType : $message->type)->add('objectID', $message->id)->add('to', $message->account)->add('type', 'reply')->add('date', helper::now())->add('status', '0')->add('public', 1)->setIF($account != 'guest', 'account', $account)->setIF($admin == 'super', 'status', '1')->add('ip', $this->server->REMOTE_ADDR)->get(); $this->dao->insert(TABLE_MESSAGE)->data($reply, $skip = 'captcha')->autoCheck()->check('captcha', 'captcha')->check('type', 'in', $this->config->message->types)->batchCheck($this->config->message->require->reply, 'notempty')->exec(); $replyID = $this->dao->lastInsertId(); if (!dao::isError()) { if ($admin == 'super') { $this->dao->update(TABLE_MESSAGE)->set('status')->eq(1)->where('status')->eq(0)->andWhere('id')->eq($messageID)->exec(); if (dao::isError()) { return false; } } /* if message type is comment , check is user want to receive email reminder */ if (validater::checkEmail($message->email) && ($message->type != 'comment' || $message->receiveEmail)) { $mail = new stdclass(); $mail->to = $message->email; $mail->subject = sprintf($this->lang->message->replySubject, $this->config->site->name); $mail->body = $reply->content; $this->loadModel('mail')->send($mail->to, $mail->subject, $mail->body); } return $replyID; } return false; }
/** * Update thread. * * @param int $threadID * @access public * @return void */ public function update($threadID) { $thread = $this->getByID($threadID); $isAdmin = $this->app->user->admin == 'super'; $canManage = $this->canManage($thread->board); $allowedTags = $this->app->user->admin == 'super' ? $this->config->allowedTags->admin : $this->config->allowedTags->front; $thread = fixer::input('post')->setIF(!$canManage, 'readonly', 0)->setIF(!$this->post->isLink, 'link', '')->stripTags('content,link', $allowedTags)->setForce('editor', $this->session->user->account)->setForce('editedDate', helper::now())->setDefault('readonly', 0)->remove('files,labels, views, replies, stick, hidden')->get(); if (isset($this->config->site->filterSensitive) and $this->config->site->filterSensitive == 'open') { $dicts = !empty($this->config->site->sensitive) ? $this->config->site->sensitive : $this->config->sensitive; $dicts = explode(',', $dicts); if (!validater::checkSensitive($thread, $dicts)) { return array('result' => 'fail', 'message' => $this->lang->error->sensitive); } } $this->dao->update(TABLE_THREAD)->data($thread, $skip = "{$this->session->captchaInput}, uid, isLink")->autoCheck()->batchCheckIF(!$this->post->isLink, $this->config->thread->require->edit, 'notempty')->batchCheckIF($this->post->isLink, $this->config->thread->require->link, 'notempty')->check($this->session->captchaInput, 'captcha')->where('id')->eq($threadID)->exec(); $this->loadModel('file')->updateObjectID($this->post->uid, $threadID, 'thread'); if (dao::isError()) { return false; } /* Upload file.*/ $this->loadModel('file')->saveUpload('thread', $threadID); $thread = $this->getByID($threadID); if (empty($thread)) { return false; } return $this->loadModel('search')->save('thread', $thread); }
/** * Get upload files. * * @access public * @return array */ public function getUpload() { $files = array(); if (!isset($_FILES['files'])) { return $files; } if (!$this->loadModel('file')->canUpload()) { return $files; } extract($_FILES['files']); foreach ($name as $id => $filename) { if (empty($filename)) { continue; } if (!validater::checkFileName($filename)) { continue; } $file['extension'] = $this->file->getExtension($filename); $file['size'] = $size[$id]; $file['tmpname'] = $tmp_name[$id]; $files[] = $file; } return $files; }
/** * Update a reply. * * @param int $replyID * @access public * @return void */ public function update($replyID) { $allowedTags = $this->app->user->admin == 'super' ? $this->config->allowedTags->admin : $this->config->allowedTags->front; $reply = fixer::input('post')->setForce('editor', $this->session->user->account)->setForce('editedDate', helper::now())->stripTags('content', $allowedTags)->remove('files,labels,hidden')->get(); if (isset($this->config->site->filterSensitive) and $this->config->site->filterSensitive == 'open') { $dicts = !empty($this->config->site->sensitive) ? $this->config->site->sensitive : $this->config->sensitive; $dicts = explode(',', $dicts); if (!validater::checkSensitive($reply, $dicts)) { return array('result' => 'fail', 'message' => $this->lang->error->sensitive); } } $this->dao->update(TABLE_REPLY)->data($reply, $skip = 'captcha, uid')->autoCheck()->batchCheck($this->config->reply->require->post, 'notempty')->check('captcha', 'captcha')->where('id')->eq($replyID)->exec(); $this->loadModel('file')->updateObjectID($this->post->uid, $replyID, 'reply'); if (!dao::isError()) { $this->loadModel('file')->saveUpload('reply', $replyID); return true; } return false; }