Ejemplo n.º 1
0
 public static function social_network_profile_update($network, $network_user_id, $extra = '', $data = array())
 {
     global $DB;
     global $webuser;
     global $website;
     if (is_array($extra)) {
         $extra = serialize($extra);
     }
     // the profile exists?
     $swuser = $DB->query_single('webuser', 'nv_webuser_profiles', ' network = ' . protect($network) . ' AND ' . ' network_user_id = ' . protect($network_user_id));
     // the webuser already exists/is logged in?
     $wuser = new webuser();
     if (!empty($webuser->id)) {
         // an existing webuser is already signed in, but we don't have his/her social profile
         if (empty($swuser)) {
             $DB->execute('
                 INSERT nv_webuser_profiles
                     (id, network, network_user_id, webuser, extra)
                 VALUES
                    (    0, :network, :network_user_id, :webuser, :extra     )', array('network' => $network, 'network_user_id' => $network_user_id, 'webuser' => $webuser->id, 'extra' => $extra));
         }
         $wuser->load($webuser->id);
     } else {
         // there is no webuser logged in
         if (empty($swuser)) {
             // and we don't have any social profile that matches the one used to sign in
             // Ex. Signed in with Facebook without having a previous webuser account in the current website
             $wuser->website = $website->id;
             $wuser->joindate = core_time();
             $wuser->lastseen = core_time();
             $wuser->access = 0;
             $wuser->insert();
             $DB->execute('
                 INSERT nv_webuser_profiles
                     (id, network, network_user_id, webuser, extra)
                 VALUES
                    (    0, :network, :network_user_id, :webuser, :extra     )', array('network' => $network, 'network_user_id' => $network_user_id, 'webuser' => $wuser->id, 'extra' => $extra));
         } else {
             // BUT we have a social profile matching a previous webuser in database
             // Ex. Signed in with Facebook having a webuser account previously
             $wuser->load($swuser);
         }
     }
     // either way, now we have a webuser account that we need to update
     foreach ($data as $field => $value) {
         $wuser->{$field} = $value;
     }
     $wuser->update();
     return $wuser->id;
 }
Ejemplo n.º 2
0
function nvweb_route_parse($route = "")
{
    global $website;
    global $DB;
    global $current;
    global $session;
    global $theme;
    global $events;
    global $dictionary;
    // node route types
    if (substr($route, 0, 5) == 'node/') {
        $node = substr($route, 5);
        $route = 'node';
    }
    switch ($route) {
        case 'object':
            nvweb_object();
            nvweb_clean_exit();
            break;
        case 'nvajax':
            nvweb_ajax();
            nvweb_clean_exit();
            break;
        case 'nvtags':
        case 'nvsearch':
            $current['template'] = 'search';
            break;
        case 'nv.webuser/verify':
            $hash = $_REQUEST['hash'];
            $email = filter_var($_REQUEST['email'], FILTER_VALIDATE_EMAIL);
            if (!empty($hash) && !empty($email)) {
                $ok = webuser::email_verification($email, $hash);
                if ($ok) {
                    $session['nv.webuser/verify:email_confirmed'] = time();
                }
            }
            nvweb_clean_exit(NVWEB_ABSOLUTE . $website->homepage());
            break;
        case 'node':
            if ($node > 0) {
                $current['id'] = $node;
                $DB->query('SELECT * FROM nv_items 
							 WHERE id = ' . protect($current['id']) . '
							   AND website = ' . $website->id);
                $current['object'] = $DB->first();
                // let's count a hit (except admin)
                if ($current['navigate_session'] != 1 && !nvweb_is_bot()) {
                    $DB->execute(' UPDATE nv_items SET views = views + 1 
								   WHERE id = ' . $current['id'] . ' 
									 AND website = ' . $website->id);
                }
                $current['type'] = 'item';
                $current['template'] = $current['object']->template;
                if ($current['navigate_session'] == 1 && !empty($_REQUEST['template'])) {
                    $current['template'] = $_REQUEST['template'];
                }
            }
            break;
        case 'sitemap.xml':
            nvweb_webget_load('sitemap');
            echo nvweb_sitemap(array('mode' => 'xml'));
            nvweb_clean_exit();
            break;
            // redirect to home page of the current website
        // redirect to home page of the current website
        case 'nvweb.home':
        case 'nv.home':
            header('location: ' . NVWEB_ABSOLUTE . $website->homepage());
            nvweb_clean_exit();
            break;
            // webservice endpoint via XML-RPC calls
        // webservice endpoint via XML-RPC calls
        case 'xmlrpc':
            $events->trigger('nvweb', 'xmlrpc', array('route' => '/' . $route));
            // if no extension processes the call, use the integrated XML-RPC parser
            nvweb_xmlrpc();
            nvweb_clean_exit();
            break;
            // empty path
        // empty path
        case '':
        case '/':
        case 'nv.empty':
            if ($website->empty_path_action == 'homepage_noredirect') {
                $route = $website->homepage();
                if (strpos($route, '/') === 0) {
                    $route = substr($route, 1);
                }
            } else {
                $route = "";
                $website->wrong_path_action = $website->empty_path_action;
            }
            // do NOT break this case, continue processing as wrong_path action
            // no special route (or already processed), look for the path on navigate routing table
        // do NOT break this case, continue processing as wrong_path action
        // no special route (or already processed), look for the path on navigate routing table
        default:
            $DB->query('SELECT * FROM nv_paths 
						 WHERE path = ' . protect('/' . $route) . ' 
						   AND website = ' . $website->id . '
						 ORDER BY id DESC');
            $rs = $DB->result();
            if (empty($rs)) {
                // no valid route found
                switch ($website->wrong_path_action) {
                    case 'homepage':
                    case 'homepage_redirect':
                        header('location: ' . NVWEB_ABSOLUTE . $website->homepage());
                        nvweb_clean_exit();
                        break;
                    case 'http_404':
                        header("HTTP/1.0 404 Not Found");
                        nvweb_clean_exit();
                        break;
                    case 'theme_404':
                        $current['template'] = 'not_found';
                        $current['type'] = 'structure';
                        $current['id'] = 0;
                        $current['object'] = new structure();
                        return;
                        break;
                    case 'website_path':
                        $redirect_url = nvweb_template_convert_nv_paths($website->wrong_path_redirect);
                        header('location: ' . $redirect_url);
                        nvweb_clean_exit();
                        break;
                    case 'blank':
                    default:
                        nvweb_clean_exit();
                        break;
                }
            } else {
                // route found!
                // let's count a hit (except admin)
                if ($current['navigate_session'] != 1 && !nvweb_is_bot()) {
                    $DB->execute(' UPDATE nv_paths SET views = views + 1 
								   WHERE id = ' . $rs[0]->id . ' 
								     AND website = ' . $website->id);
                }
                // set the properties found
                // set the default language for this route
                if (!isset($_REQUEST['lang'])) {
                    $current['lang'] = $rs[0]->lang;
                    $session['lang'] = $rs[0]->lang;
                    // force reloading the dictionary
                    $dictionary = nvweb_dictionary_load();
                }
                $current['type'] = $rs[0]->type;
                $current['id'] = $rs[0]->object_id;
                // look for the template associated with this item
                if ($current['type'] == 'structure') {
                    $obj = new structure();
                    $obj->load($current['id']);
                    // check if it is a direct access to a "jump to another branch" path
                    if ($obj->dictionary[$current['lang']]['action-type'] == 'jump-branch') {
                        $current['id'] = $obj->dictionary[$current['lang']]['action-jump-branch'];
                        $obj = new structure();
                        $obj->load($current['id']);
                        header('location: ' . NVWEB_ABSOLUTE . $obj->paths[$current['lang']]);
                        nvweb_clean_exit();
                    } else {
                        if ($obj->dictionary[$current['lang']]['action-type'] == 'jump-item') {
                            $current['id'] = $obj->dictionary[$current['lang']]['action-jump-item'];
                            $obj = new item();
                            $obj->load($current['id']);
                            header('location: ' . NVWEB_ABSOLUTE . $obj->paths[$current['lang']]);
                            nvweb_clean_exit();
                        }
                    }
                    $current['object'] = $obj;
                    $current['category'] = $current['id'];
                    if ($current['navigate_session'] != 1 && !nvweb_is_bot()) {
                        $DB->execute(' UPDATE nv_structure SET views = views + 1 
									    WHERE id = ' . protect($current['id']) . ' 
										  AND website = ' . $website->id);
                    }
                } else {
                    if ($current['type'] == 'item') {
                        $DB->query('SELECT * FROM nv_items 
								 WHERE id = ' . protect($current['id']) . '
								   AND website = ' . $website->id);
                        $current['object'] = $DB->first();
                        // let's count a hit (except admin)
                        if ($current['navigate_session'] != 1 && !nvweb_is_bot()) {
                            $DB->execute(' UPDATE nv_items SET views = views + 1 
									   WHERE id = ' . $current['id'] . ' 
									     AND website = ' . $website->id);
                        }
                    } else {
                        if ($current['type'] == 'feed') {
                            $out = feed::generate_feed($current['id']);
                            if ($current['navigate_session'] != 1 && !nvweb_is_bot()) {
                                $DB->execute(' UPDATE nv_feeds SET views = views + 1
                                           WHERE id = ' . $current['id'] . '
                                             AND website = ' . $website->id);
                            }
                            echo $out;
                            nvweb_clean_exit();
                        } else {
                            // path exists, but the object type is unknown
                            // maybe the path belongs to an extension?
                            $events->trigger('nvweb', 'routes', array('path' => $rs[0]));
                        }
                    }
                }
                $current['template'] = $current['object']->template;
            }
            break;
    }
}
Ejemplo n.º 3
0
function nvweb_webuser($vars = array())
{
    global $website;
    global $theme;
    global $current;
    global $webgets;
    global $webuser;
    global $DB;
    $webget = "webuser";
    if (!isset($webgets[$webget])) {
        $webgets[$webget] = array();
        global $lang;
        if (empty($lang)) {
            $lang = new language();
            $lang->load($current['lang']);
        }
        // default translations
        $webgets[$webget]['translations'] = array('login_incorrect' => t(4, 'Login incorrect.'), 'subscribed_ok' => t(541, 'Your email has been successfully subscribed to the newsletter.'), 'subscribe_error' => t(542, 'There was a problem subscribing your email to the newsletter.'), 'email_confirmation' => t(454, "An e-mail with a confirmation link has been sent to your e-mail account."), 'click_to_confirm_account' => t(607, "Click on the link below to confirm your account"), 'email_confirmation_notice' => t(608, "This is an automated e-mail sent as a result of a newsletter subscription request. If you received this e-mail by error just ignore it."), 'forgot_password_success' => t(648, "An e-mail with a temporary password has been sent to your e-mail account."), 'forgot_password_error' => t(446, "We're sorry. Your contact request could not be sent. Please try again or find another way to contact us."));
        // theme translations
        // if the web theme has custom translations for this string subtypes, use it (for the user selected language)
        /* just add the following translations to your json theme dictionary:
               "login_incorrect": "Login incorrect.",
               "subscribed_ok": "Your email has been successfully subscribed to the newsletter.",
               "subscribe_error": "There was a problem subscribing your email to the newsletter.",
               "email_confirmation": "An e-mail with a confirmation link has been sent to your e-mail account.",
               "click_to_confirm_account": "Click on the link below to confirm your account",
               "email_confirmation_notice": "This is an automated e-mail sent as a result of a newsletter subscription request. If you received this e-mail by error just ignore it."
               "forgot_password_success": "An e-mail with a temporary password has been sent to your e-mail account.",
               "forgot_password_error": "We're sorry. Your contact request could not be sent. Please try again or find another way to contact us."
           */
        if (!empty($website->theme) && method_exists($theme, 't')) {
            foreach ($webgets[$webget]['translations'] as $code => $text) {
                $theme_translation = $theme->t($code);
                if (!empty($theme_translation) && $code != $theme_translation) {
                    $webgets[$webget]['translations'][$code] = $theme_translation;
                }
            }
        }
    }
    $out = '';
    switch ($vars['mode']) {
        case 'id':
            if (!empty($webuser->id)) {
                $out = $webuser->id;
            }
            break;
        case 'username':
            if (!empty($webuser->username)) {
                $out = $webuser->username;
            }
            break;
        case 'fullname':
            if (!empty($webuser->fullname)) {
                $out = $webuser->fullname;
            }
            break;
        case 'gender':
            if (!empty($webuser->gender)) {
                $out = $webuser->gender;
            }
            break;
        case 'newsletter':
            $out = $webuser->newsletter;
            break;
        case 'email':
            if (!empty($webuser->email)) {
                $out = $webuser->email;
            }
            break;
        case 'authenticate':
            $webuser_website = $vars['website'];
            if (empty($webuser_website)) {
                $webuser_website = $website->id;
            }
            $signin_username = $_REQUEST[empty($vars['username_field']) ? 'signin_username' : $vars['username_field']];
            $signin_password = $_REQUEST[empty($vars['password_field']) ? 'signin_password' : $vars['password_field']];
            // a page may have several forms, which one do we have to check?
            if (!empty($vars['form'])) {
                list($field_name, $field_value) = explode('=', $vars['form']);
                if ($_POST[$field_name] != $field_value) {
                    return;
                }
            }
            // ignore empty (or partial empty) forms
            if (!empty($signin_username) && !empty($signin_password)) {
                $signed_in = $webuser->authenticate($webuser_website, $signin_username, $signin_password);
                if (!$signed_in) {
                    $message = $webgets[$webget]['translations']['login_incorrect'];
                    if (empty($vars['notify'])) {
                        $vars['notify'] = 'inline';
                    }
                    switch ($vars['notify']) {
                        case 'alert':
                            nvweb_after_body('js', 'alert("' . $message . '");');
                            break;
                        case 'inline':
                            $out = '<div class="nvweb-signin-form-error">' . $message . '</div>';
                            break;
                            // javascript callback
                        // javascript callback
                        default:
                            nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");');
                            break;
                    }
                } else {
                    $webuser->set_cookie();
                    if (!empty($vars['notify'])) {
                        if ($vars['notify'] == 'callback') {
                            nvweb_after_body('js', $vars['callback'] . '(true);');
                        }
                    }
                }
            }
            break;
        case 'signout_link':
            $out = NVWEB_ABSOLUTE . $website->homepage() . '?webuser_signout';
            break;
        case 'forgot_password':
            // pre checks: correct form, not spambot, email not empty and valid
            // load the associated user account
            // create temporary password and send email
            // TODO: don't change the password, just generate a link and let the user enter their preferred new password
            // a page may have several forms, which one do we have to check?
            if (!empty($vars['form'])) {
                list($field_name, $field_value) = explode('=', $vars['form']);
                if ($_POST[$field_name] != $field_value) {
                    return;
                }
            }
            // check if this send request really comes from the website and not from a spambot
            if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->subdomain . '.' . $website->domain && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->domain) {
                return;
            }
            if (empty($vars['email_field'])) {
                $vars['email_field'] = 'newsletter_email';
            }
            $email = $_REQUEST[$vars['email_field']];
            $email = filter_var($email, FILTER_SANITIZE_EMAIL);
            if (!empty($vars['email_field']) && !empty($email)) {
                $ok = false;
                if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) {
                    $wu_id = $DB->query_single('id', 'nv_webusers', ' email = ' . protect($email) . '
                          AND website = ' . $website->id);
                    $wu = new webuser();
                    if (!empty($wu_id)) {
                        $wu->load($wu_id);
                        if ($wu->access == 0 || $wu->access == 2 && ($wu->access_begin == 0 || time() > $wu->access_begin) && ($wu->access_end == 0 || time() < $wu->access_end)) {
                            // generate new password
                            $password = generate_password(8, false, 'luds');
                            $wu->set_password($password);
                            $ok = $wu->save();
                            // send a message to communicate the new webuser's email
                            $message = navigate_compose_email(array(array('title' => $website->name, 'content' => t(451, "This is an automated e-mail sent as a result of a password request process. If you received this e-mail by error just ignore it.")), array('title' => t(1, "User"), 'content' => $wu->username), array('title' => t(2, "Password"), 'content' => $password), array('footer' => '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>')));
                            @nvweb_send_email($website->name, $message, $wu->email);
                        }
                    }
                }
                if ($ok) {
                    $message = $webgets[$webget]['translations']['forgot_password_success'];
                } else {
                    $message = $webgets[$webget]['translations']['forgot_password_error'];
                }
                if (empty($vars['notify'])) {
                    $vars['notify'] = 'inline';
                }
                switch ($vars['notify']) {
                    case 'alert':
                        nvweb_after_body('js', 'alert("' . $message . '");');
                        break;
                    case 'inline':
                        if ($ok) {
                            $out = '<div class="nvweb-forgot-password-form-success">' . $message . '</div>';
                        } else {
                            $out = '<div class="nvweb-forgot-password-form-error">' . $message . '</div>';
                        }
                        break;
                    case 'boolean':
                        $out = $ok;
                        break;
                    case 'false':
                        break;
                        // javascript callback
                    // javascript callback
                    case 'callback':
                    default:
                        if ($ok) {
                            nvweb_after_body('js', $vars['callback'] . '("' . $message . '");');
                        } else {
                            if (!empty($vars['error_callback'])) {
                                nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");');
                            } else {
                                nvweb_after_body('js', $vars['callback'] . '("' . $message . '");');
                            }
                        }
                        break;
                }
            }
            break;
        case 'signup':
            // TODO
            // pre checks: correct form, not spambot, email not empty and valid
            // get the profile data from the form
            // more checks: password strength & confirmation, etc.
            // save the new webuser account
            // prepare account confirmation (unless not required by webget attributes)
            //      leave the account blocked
            //      generate an activation key
            //      send confirmation email
            // if no account confirmation is required, auto login
            break;
        case 'avatar':
            $size = '48';
            $extra = '';
            if (!empty($vars['size'])) {
                $size = intval($vars['size']);
            }
            if (!empty($vars['border'])) {
                $extra .= '&border=' . $vars['border'];
            }
            if (!empty($webuser->avatar)) {
                $out = '<img class="' . $vars['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $webuser->avatar . '" width="' . $size . 'px" height="' . $size . 'px"/>';
            } else {
                if (!empty($vars['default'])) {
                    // the comment creator has not an avatar, but the template wants to show a default one
                    // 3 cases:
                    //  numerical   ->  ID of the avatar image file in Navigate CMS
                    //  absolute path (http://www...)
                    //  relative path (/img/avatar.png) -> path to the avatar file included in the THEME used
                    if (is_numeric($vars['default'])) {
                        $out = '<img class="' . $vars['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                    } else {
                        if (strpos($vars['default'], 'http://') === 0) {
                            $out = '<img class="' . $vars['class'] . '" src="' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                        } else {
                            if ($vars['default'] == 'none') {
                                $out = '';
                            } else {
                                $out = '<img class="' . $vars['class'] . '"src="' . NAVIGATE_URL . '/themes/' . $website->theme . '/' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                            }
                        }
                    }
                } else {
                    $gravatar_hash = "";
                    $gravatar_default = 'blank';
                    if (!empty($vars['gravatar_default'])) {
                        $gravatar_default = $vars['gravatar_default'];
                    }
                    if (!empty($webuser->email)) {
                        $gravatar_hash = md5(strtolower(trim($webuser->email)));
                    }
                    if (!empty($gravatar_hash) && $gravatar_default != 'none') {
                        // gravatar real url: https://www.gravatar.com/avatar/
                        // we use libravatar to get more userbase
                        $gravatar_url = 'https://seccdn.libravatar.org/avatar/' . $gravatar_hash . '?s=' . $size . '&d=' . $gravatar_default;
                        $out = '<img class="' . $vars['class'] . '" src="' . $gravatar_url . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                    } else {
                        $out = '<img class="' . $vars['class'] . '" src="data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" width="' . $size . 'px" height="' . $size . 'px"/>';
                    }
                }
            }
            break;
        case 'newsletter_subscribe':
            // a page may have several forms, which one do we have to check?
            if (!empty($vars['form'])) {
                list($field_name, $field_value) = explode('=', $vars['form']);
                if ($_POST[$field_name] != $field_value) {
                    return;
                }
            }
            // check if this send request really comes from the website and not from a spambot
            if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->subdomain . '.' . $website->domain && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->domain) {
                return;
            }
            if (empty($vars['email_field'])) {
                $vars['email_field'] = 'newsletter_email';
            }
            $email = $_REQUEST[$vars['email_field']];
            $email = filter_var($email, FILTER_SANITIZE_EMAIL);
            if (!empty($vars['email_field']) && !empty($email)) {
                $ok = false;
                if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) {
                    $wu_id = $DB->query_single('id', 'nv_webusers', ' email = ' . protect($email) . '
                          AND website = ' . $website->id);
                    $wu = new webuser();
                    if (!empty($wu_id)) {
                        $wu->load($wu_id);
                        if ($wu->access == 0 || $wu->access == 2 && ($wu->access_begin == 0 || time() > $wu->access_begin) && ($wu->access_end == 0 || time() < $wu->access_end)) {
                            $wu->newsletter = 1;
                            $ok = $wu->save();
                        }
                    }
                    if (empty($wu_id) || $wu->access == 1 && !empty($wu->activation_key)) {
                        // create a new webuser account with that email
                        $username = strtolower(substr($email, 0, strpos($email, '@')));
                        // left part of the email
                        if (!empty($username) && !in_array($username, array('info', 'admin', 'contact', 'demo', 'test'))) {
                            // check if the proposed username already exists,
                            // in that case use the full email as username
                            // ** if the email already exists, the subscribe process only updates the newsletter setting!
                            $wu_id = $DB->query_single('id', 'nv_webusers', ' username = '******'
                              AND website = ' . $website->id);
                        }
                        if (!empty($wu_id)) {
                            // oops, user already exists... try another username -- the full email address
                            $wu_id = $DB->query_single('id', 'nv_webusers', ' username = '******'
                                    AND website = ' . $website->id);
                            if (empty($wu_id)) {
                                // ok, email is a new username
                                $username = $email;
                            } else {
                                // nope, email is already used (this code should never execute **)
                                $username = uniqid($username . '-');
                            }
                        } else {
                            // new sign up
                            $wu->id = 0;
                            $wu->website = $website->id;
                            $wu->email = $email;
                            $wu->newsletter = 1;
                            $wu->language = $current['lang'];
                            // infer the webuser language by the active website language
                            $wu->username = $username;
                            $wu->access = 1;
                            // user is blocked until the server recieves an email confirmation
                        }
                        $wu->activation_key = md5($wu->email . rand(1, 9999999));
                        $ok = $wu->save();
                        // send a message to verify the new user's email
                        $email_confirmation_link = $website->absolute_path() . '/nv.webuser/verify?email=' . $wu->email . '&hash=' . $wu->activation_key;
                        $message = navigate_compose_email(array(array('title' => $website->name, 'content' => $webgets[$webget]['translations']['click_to_confirm_account'] . '<br />' . '<a href="' . $email_confirmation_link . '">' . $email_confirmation_link . '</a>'), array('footer' => $webgets[$webget]['translations']['email_confirmation_notice'] . '<br />' . '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>')));
                        @nvweb_send_email($website->name, $message, $wu->email);
                        $pending_confirmation = true;
                    }
                }
                $message = $webgets[$webget]['translations']['subscribe_error'];
                if ($pending_confirmation) {
                    $message = $webgets[$webget]['translations']['email_confirmation'];
                } else {
                    if ($ok) {
                        $message = $webgets[$webget]['translations']['subscribed_ok'];
                    }
                }
                if (empty($vars['notify'])) {
                    $vars['notify'] = 'inline';
                }
                switch ($vars['notify']) {
                    case 'alert':
                        nvweb_after_body('js', 'alert("' . $message . '");');
                        break;
                    case 'inline':
                        if ($ok) {
                            $out = '<div class="nvweb-newsletter-form-success">' . $message . '</div>';
                        } else {
                            $out = '<div class="nvweb-newsletter-form-error">' . $message . '</div>';
                        }
                        break;
                    case 'boolean':
                        $out = $ok;
                        break;
                    case 'false':
                        break;
                        // javascript callback
                    // javascript callback
                    case 'callback':
                    default:
                        if ($ok) {
                            nvweb_after_body('js', $vars['callback'] . '("' . $message . '");');
                        } else {
                            if (!empty($vars['error_callback'])) {
                                nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");');
                            } else {
                                nvweb_after_body('js', $vars['callback'] . '("' . $message . '");');
                            }
                        }
                        break;
                }
            }
            break;
    }
    return $out;
}
Ejemplo n.º 4
0
 public function load_from_webuser($property_id, $webuser_id = null)
 {
     global $website;
     global $theme;
     global $webuser;
     $wu = $webuser;
     if (!empty($webuser_id)) {
         $wu = new webuser();
         $wu->load($webuser_id);
     }
     $ws = $website;
     $ws_theme = $theme;
     if ($wu->website != $website->id) {
         $ws = new website();
         $ws->load($wu->website);
         $ws_theme = new theme();
         $ws_theme->load($ws->theme);
     }
     if (empty($ws_theme->webusers['properties'])) {
         $ws_theme->webusers['properties'] = array();
     }
     foreach ($ws_theme->webusers['properties'] as $to) {
         if ($to->id == $property_id || $to->name == $property_id) {
             $webuser_option = $to;
             $webuser_option->element = 'webuser';
             break;
         }
     }
     $this->id = $webuser_option->id;
     $this->website = $ws->id;
     $this->element = $webuser_option->element;
     $this->template = '';
     $this->name = $webuser_option->name;
     $this->type = $webuser_option->type;
     $this->options = (array) $webuser_option->options;
     $this->dvalue = $webuser_option->dvalue;
     // default value
     $this->width = $webuser_option->width;
     $this->multilanguage = $webuser_option->multilanguage;
     $this->helper = $webuser_option->helper;
     $this->function = $webuser_option->function;
     $this->conditional = $webuser_option->conditional;
     $this->position = 0;
     $this->enabled = 1;
     // decimal format extra fields
     $this->precision = $webuser_option->precision;
     $this->prefix = $webuser_option->prefix;
     $this->suffix = $webuser_option->suffix;
     if (substr($this->name, 0, 1) == '@') {
         // get translation from theme dictionary
         $this->name = $ws_theme->t(substr($this->name, 1));
     }
     if (substr($this->helper, 0, 1) == '@') {
         $this->helper = $ws_theme->t(substr($this->helper, 1));
     }
     $values = property::load_properties_associative('webuser', '', 'webuser', $wu->id);
     $this->value = $values[$this->id];
     if (is_null($this->value) && !empty($this->dvalue)) {
         $this->value = $this->dvalue;
     }
     if (is_object($this->value)) {
         $this->value = (array) $this->value;
     }
 }
Ejemplo n.º 5
0
function run()
{
    global $user;
    global $layout;
    global $DB;
    global $website;
    $out = '';
    $item = new webuser();
    switch ($_REQUEST['act']) {
        // json data retrieval & operations
        case 'json':
        case 1:
            switch ($_REQUEST['oper']) {
                case 'del':
                    // remove rows
                    $ids = $_REQUEST['ids'];
                    foreach ($ids as $id) {
                        $item->load($id);
                        $item->delete();
                    }
                    echo json_encode(true);
                    break;
                default:
                    // list or search
                    $page = intval($_REQUEST['page']);
                    $max = intval($_REQUEST['rows']);
                    $offset = ($page - 1) * $max;
                    $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord'];
                    $where = ' website = ' . $website->id;
                    if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) {
                        if (isset($_REQUEST['quicksearch'])) {
                            $where .= $item->quicksearch($_REQUEST['quicksearch']);
                        } else {
                            if (isset($_REQUEST['filters'])) {
                                $filters = $_REQUEST['filters'];
                                if (is_array($filters)) {
                                    $filters = json_encode($filters);
                                }
                                $where .= navitable::jqgridsearch($filters);
                            } else {
                                // single search
                                $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']);
                            }
                        }
                    }
                    $DB->queryLimit('id,avatar,username,email,fullname,groups,joindate,access,access_begin,access_end', 'nv_webusers', $where, $orderby, $offset, $max);
                    $dataset = $DB->result();
                    $total = $DB->foundRows();
                    $dataset = grid_notes::summary($dataset, 'webuser', 'id');
                    global $webusers_groups_all;
                    $webusers_groups_all = webuser_group::all_in_array();
                    //echo $DB->get_last_error();
                    $out = array();
                    for ($i = 0; $i < count($dataset); $i++) {
                        $wug = str_replace('g', '', $dataset[$i]['groups']);
                        $wug = explode(',', $wug);
                        $wug = array_map(function ($in) {
                            global $webusers_groups_all;
                            if (empty($in)) {
                                return;
                            }
                            return $webusers_groups_all[$in];
                        }, $wug);
                        $blocked = 1;
                        if ($dataset[$i]['access'] == 0 || $dataset[$i]['access'] == 2 && ($dataset[$i]['access_begin'] == 0 || $dataset[$i]['access_begin'] < time()) && ($dataset[$i]['access_end'] == 0 || $dataset[$i]['access_end'] > time())) {
                            $blocked = 0;
                        }
                        $out[$i] = array(0 => $dataset[$i]['id'], 1 => empty($dataset[$i]['avatar']) ? '' : '<img title="' . $dataset[$i]['username'] . '" src="' . NAVIGATE_DOWNLOAD . '?wid=' . $website->id . '&id=' . urlencode($dataset[$i]['avatar']) . '&amp;disposition=inline&amp;width=32&amp;height=32" />', 2 => '<div class="list-row" data-blocked="' . $blocked . '" title="' . $dataset[$i]['email'] . '">' . $dataset[$i]['username'] . '</div>', 3 => $dataset[$i]['fullname'], 4 => implode("<br />", $wug), 5 => core_ts2date($dataset[$i]['joindate'], true), 6 => $blocked == 0 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />', 7 => $dataset[$i]['_grid_notes_html']);
                    }
                    navitable::jqgridJson($out, $page, $offset, $max, $total);
                    break;
            }
            session_write_close();
            exit;
            break;
        case 2:
            // edit/new form
        // edit/new form
        case 'create':
        case 'edit':
            if (!empty($_REQUEST['id'])) {
                $item->load(intval($_REQUEST['id']));
            }
            if (isset($_REQUEST['form-sent'])) {
                $item->load_from_post();
                try {
                    $item->save();
                    property::save_properties_from_post('webuser', $item->id);
                    $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
                } catch (Exception $e) {
                    $layout->navigate_notification($e->getMessage(), true, true);
                }
                if (!empty($item->id)) {
                    users_log::action($_REQUEST['fid'], $item->id, 'save', $item->username, json_encode($_REQUEST));
                }
            } else {
                if (!empty($item->id)) {
                    users_log::action($_REQUEST['fid'], $item->id, 'load', $item->username);
                }
            }
            $out = webusers_form($item);
            break;
        case 4:
            // remove
        // remove
        case 'remove':
            if (!empty($_REQUEST['id'])) {
                $item->load(intval($_REQUEST['id']));
                if ($item->delete() > 0) {
                    $layout->navigate_notification(t(55, 'Item removed successfully.'), false);
                    $out = webusers_list();
                    users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->username, json_encode($_REQUEST));
                } else {
                    $layout->navigate_notification(t(56, 'Unexpected error.'), false);
                    $out = webusers_form($item);
                }
            }
            break;
        case 90:
            // json request: timezones by country
            $timezones = property::timezones($_REQUEST['country']);
            if (empty($timezones)) {
                $timezones = property::timezones();
            }
            echo json_encode($timezones);
            core_terminate();
            break;
        case 'export':
            // export web users list to a CSV file
            users_log::action($_REQUEST['fid'], 0, 'export', "all", json_encode($_REQUEST));
            webuser::export();
            break;
        case 'webuser_groups_list':
            $out = webuser_groups_list();
            break;
        case 'webuser_groups_json':
            $page = intval($_REQUEST['page']);
            $max = intval($_REQUEST['rows']);
            $offset = ($page - 1) * $max;
            $rs = webuser_group::all($_REQUEST['sidx'], $_REQUEST['sord']);
            $dataset = array();
            foreach ($rs as $row) {
                $dataset[] = array('id' => $row->id, 'code' => $row->code, 'name' => $row->name);
            }
            $total = count($dataset);
            navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id');
            session_write_close();
            exit;
            break;
        case 'webuser_group_edit':
            $webuser_group = new webuser_group();
            if (!empty($_REQUEST['id'])) {
                $webuser_group->load(intval($_REQUEST['id']));
            }
            if (isset($_REQUEST['form-sent'])) {
                $webuser_group->load_from_post();
                try {
                    $ok = $webuser_group->save();
                    $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
                    users_log::action($_REQUEST['fid'], $webuser_group->id, 'save_webuser_group', $webuser_group->name, json_encode($_REQUEST));
                } catch (Exception $e) {
                    $layout->navigate_notification($e->getMessage(), true, true);
                }
            } else {
                users_log::action($_REQUEST['fid'], $webuser_group->id, 'load_webuser_group', $webuser_group->name, json_encode($_REQUEST));
            }
            $out = webuser_groups_form($webuser_group);
            break;
        case 'webuser_group_delete':
            $webuser_group = new webuser_group();
            if (!empty($_REQUEST['id'])) {
                $webuser_group->load(intval($_REQUEST['id']));
            }
            try {
                $webuser_group->delete();
                $layout->navigate_notification(t(55, 'Item removed successfully.'), false);
                $out = webuser_groups_list();
                users_log::action($_REQUEST['fid'], $webuser_group->id, 'remove_webuser_group', $webuser_group->name, json_encode($_REQUEST));
            } catch (Exception $e) {
                $out = $layout->navigate_message("error", t(24, 'Web users') . ' / ' . t(506, 'Groups'), t(56, 'Unexpected error.'));
            }
            break;
        case 0:
            // list / search result
        // list / search result
        case 'list':
        default:
            $out = webusers_list();
            break;
    }
    return $out;
}
Ejemplo n.º 6
0
 public function author_name()
 {
     if (!empty($this->user)) {
         $w = new webuser();
         $w->load($this->user);
         return $w->username;
     } else {
         return $this->name;
     }
 }
Ejemplo n.º 7
0
 $current['plugins'] = $plugins;
 $events->extension_backend_bindings(null, true);
 if (!empty($session['webuser'])) {
     $webuser->load($session['webuser']);
 } else {
     if (!empty($_COOKIE["webuser"])) {
         $webuser->load_by_hash($_COOKIE['webuser']);
     }
 }
 // if the webuser was removed, it doesn't exist anymore,
 //  $session/$_COOKIE may have obsolete data, force a log out
 // also check date range access
 if (empty($webuser->id) && (!empty($session['webuser']) || !empty($_COOKIE['webuser'])) || !$webuser->access_allowed()) {
     $webuser->unset_cookie();
     unset($webuser);
     $webuser = new webuser();
 }
 if (!empty($webuser->id)) {
     $webuser->lastseen = core_time();
     $webuser->save(false);
     // don't trigger the webuser_modified event
 }
 // check if the webuser wants to sign out
 if (isset($_REQUEST['webuser_signout'])) {
     $webuser->unset_cookie();
     unset($webuser);
     $webuser = new webuser();
 }
 $current['webuser'] = $session['webuser'];
 setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']);
 date_default_timezone_set($webuser->timezone ? $webuser->timezone : $website->default_timezone);
Ejemplo n.º 8
0
function nvweb_list_parse_tag($tag, $item, $source = 'item', $item_relative_position, $item_absolute_position, $total)
{
    global $current;
    global $website;
    global $structure;
    global $DB;
    $out = '';
    switch ($tag['attributes']['source']) {
        // special condition, return direct query result values
        case 'query':
            $out = $item->_query->{$tag}['attributes']['value'];
            break;
            // special: return element position in list
        // special: return element position in list
        case 'position':
            $position = $item_relative_position;
            if ($tag['attributes']['absolute'] == 'true') {
                $position = $item_absolute_position;
            }
            switch ($tag['attributes']['type']) {
                case 'alphabetic':
                    $out = number2alphabet($position);
                    break;
                case 'numeric':
                default:
                    $out = $position + 1;
                    // first element is 1, but in list is zero
                    break;
            }
            break;
            // NOTE: the following refers to structure information of an ITEM, useless if the source are categories!
        // NOTE: the following refers to structure information of an ITEM, useless if the source are categories!
        case 'structure':
        case 'category':
            nvweb_menu_load_dictionary();
            // load menu translations if not already done
            nvweb_menu_load_routes();
            // load menu paths if not already done
            switch ($tag['attributes']['value']) {
                case 'title':
                    if ($source == 'structure' || $source == 'category') {
                        $out = $structure['dictionary'][$item->id];
                    } else {
                        $out = $structure['dictionary'][$item->category];
                    }
                    if (!empty($tag['attributes']['length'])) {
                        $out = core_string_cut($out, $tag['attributes']['length'], '&hellip;');
                    }
                    break;
                case 'slug':
                    if ($source == 'structure' || $source == 'category') {
                        $out = $structure['dictionary'][$item->id];
                    } else {
                        $out = $structure['dictionary'][$item->category];
                    }
                    // remove spaces, special chars, etc.
                    $out = core_string_clean($out);
                    $out = slug($out);
                    break;
                case 'property':
                    $id = $item->id;
                    if ($source != 'structure' && $source != 'category') {
                        $id = $item->category;
                    }
                    $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => !isset($tag['attributes']['mode']) ? 'structure' : $tag['attributes']['mode'], 'id' => $id, 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name']));
                    $out = nvweb_properties($nvweb_properties_parameters);
                    break;
                case 'url':
                case 'path':
                    if ($source == 'structure' || $source == 'category') {
                        $out = $structure['routes'][$item->id];
                    } else {
                        $out = $structure['routes'][$item->category];
                    }
                    $out = nvweb_prepare_link($out);
                    break;
                case 'id':
                    if ($source == 'structure' || $source == 'category') {
                        $out = $item->id;
                    } else {
                        // source = 'item'?
                        $out = $item->category;
                    }
                    break;
                default:
                    break;
            }
            break;
            // ITEM comments
        // ITEM comments
        case 'comment':
        case 'comments':
            switch ($tag['attributes']['value']) {
                case 'id':
                    $out = $item->id;
                    break;
                case 'avatar':
                    $size = '48';
                    $extra = '';
                    if (!empty($tag['attributes']['size'])) {
                        $size = intval($tag['attributes']['size']);
                    }
                    if (!empty($tag['attributes']['border'])) {
                        $extra .= '&border=' . $tag['attributes']['border'];
                    }
                    if (!empty($item->avatar)) {
                        $out = '<img class="' . $tag['attributes']['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $item->avatar . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                    } else {
                        if (!empty($tag['attributes']['default'])) {
                            // the comment creator has not an avatar, but the template wants to show a default one
                            // 3 cases:
                            //  numerical   ->  ID of the avatar image file in Navigate CMS
                            //  absolute path (http://www...)
                            //  relative path (/img/avatar.png) -> path to the avatar file included in the THEME used
                            if (is_numeric($tag['attributes']['default'])) {
                                $out = '<img class="' . $tag['attributes']['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $tag['attributes']['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                            } else {
                                if (strpos($tag['attributes']['default'], 'http://') === 0) {
                                    $out = '<img class="' . $tag['attributes']['class'] . '" src="' . $tag['attributes']['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                                } else {
                                    if ($tag['attributes']['default'] == 'none') {
                                        $out = '';
                                    } else {
                                        $out = '<img class="' . $tag['attributes']['class'] . '"src="' . NAVIGATE_URL . '/themes/' . $website->theme . '/' . $tag['attributes']['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                                    }
                                }
                            }
                        } else {
                            $gravatar_hash = "";
                            $gravatar_default = 'blank';
                            if (!empty($tag['attributes']['gravatar_default'])) {
                                $gravatar_default = $tag['attributes']['gravatar_default'];
                            }
                            if (!empty($item->email)) {
                                $gravatar_hash = md5(strtolower(trim($item->email)));
                            } else {
                                if (!empty($item->user)) {
                                    $email = $DB->query_single('email', 'nv_webusers', 'id = ' . protect($item->user));
                                    if (!empty($email)) {
                                        $gravatar_hash = md5(strtolower(trim($item->email)));
                                    }
                                }
                            }
                            if (!empty($gravatar_hash) && $gravatar_default != 'none') {
                                // gravatar real url: https://www.gravatar.com/avatar/
                                // we use libravatar to get more userbase
                                $gravatar_url = 'https://seccdn.libravatar.org/avatar/' . $gravatar_hash . '?s=' . $size . '&d=' . $gravatar_default;
                                $out = '<img class="' . $tag['attributes']['class'] . '" src="' . $gravatar_url . '" width="' . $size . 'px" height="' . $size . 'px"/>';
                            } else {
                                $out = '<img class="' . $tag['attributes']['class'] . '" src="data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" width="' . $size . 'px" height="' . $size . 'px"/>';
                            }
                        }
                    }
                    if ($tag['attributes']['linked'] == 'true' && !empty($out)) {
                        if (!empty($item->url)) {
                            $comment_link = $item->url;
                        } else {
                            if (!empty($item->user)) {
                                $wu = new webuser();
                                $wu->load($item->user);
                                $comment_link = $wu->social_website;
                            }
                        }
                        if (!empty($comment_link)) {
                            $out = '<a href="' . $comment_link . '" target="_blank">' . $out . '</a>';
                        }
                    }
                    break;
                case 'username':
                    $out = !empty($item->username) ? $item->username : $item->name;
                    if ($tag['attributes']['linked'] == 'true' && !empty($out)) {
                        if (!empty($item->url)) {
                            $comment_link = $item->url;
                        } else {
                            if (!empty($item->user)) {
                                $wu = new webuser();
                                $wu->load($item->user);
                                $comment_link = $wu->social_website;
                            }
                        }
                        if (!empty($comment_link)) {
                            $out = '<a href="' . $comment_link . '" target="_blank">' . $out . '</a>';
                        }
                    }
                    break;
                case 'website':
                    if (!empty($item->url)) {
                        $out = $item->url;
                    } else {
                        if (!empty($item->user)) {
                            $wu = new webuser();
                            $wu->load($item->user);
                            $out = $wu->social_website;
                        }
                    }
                    if (empty($out)) {
                        $out = '#';
                    }
                    break;
                case 'message':
                    if (!empty($tag['attributes']['length'])) {
                        $out = core_string_cut($item->message, $tag['attributes']['length'], '&hellip;');
                    } else {
                        $out = nl2br($item->message);
                    }
                    break;
                case 'date':
                    // Navigate CMS 1.6.6 compatibility
                    if (empty($tag['attributes']['format']) && !empty($tag['attributes']['date_format'])) {
                        $tag['attributes']['format'] = $tag['attributes']['date_format'];
                    }
                    if (!empty($tag['attributes']['format'])) {
                        // custom date format
                        $out = nvweb_content_date_format($tag['attributes']['format'], $item->date_created);
                    } else {
                        $out = date($website->date_format . ' H:i', $item->date_created);
                    }
                    break;
                case 'item_url':
                    $out = nvweb_source_url('item', $item->item, $current['lang']);
                    break;
                case 'item_title':
                    $out = $item->item_title;
                    break;
                case 'reply_to':
                    $out = $item->reply_to;
                    break;
                case 'depth':
                    $c = new comment();
                    $c->load_from_resultset(array($item));
                    $out = $c->depth();
                    break;
                case 'property':
                    $c = new comment();
                    $c->load_from_resultset(array($item));
                    // pass all nvlist tag parameters to properties nvweb, but some attribute/values take preference
                    $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => 'comment', 'id' => $c->id, 'template' => $c->element_template(), 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name']));
                    $out = nvweb_properties($nvweb_properties_parameters);
                    break;
            }
            break;
        case 'block':
            switch ($tag['attributes']['value']) {
                case 'id':
                    $out = $item->id;
                    break;
                    // only for blocks in a block group!
                // only for blocks in a block group!
                case 'uid':
                    $out = $item->uid;
                    break;
                case 'block':
                    // generate the full block code
                    if ($item->type == "extension") {
                        if (function_exists('nvweb_' . $item->extension . '_' . $item->id)) {
                            // load extension block property values
                            $item->properties = property::load_properties(NULL, $item->id, "extension_block", NULL, $item->uid);
                            $out = call_user_func('nvweb_' . $item->extension . '_' . $item->id, $item);
                        }
                    } else {
                        $out = nvweb_blocks_render($item->type, $item->trigger, $item->action, NULL, NULL, $tag['attributes']);
                    }
                    break;
                    // not for extension_blocks
                // not for extension_blocks
                case 'title':
                    $out = $item->dictionary[$current['lang']]['title'];
                    if (!empty($tag['attributes']['length'])) {
                        $out = core_string_cut($out, $tag['attributes']['length'], '&hellip;');
                    }
                    break;
                case 'content':
                    if ($item->type == "extension") {
                        if (function_exists('nvweb_' . $item->extension . '_' . $item->id)) {
                            // load extension block property values
                            $item->properties = property::load_properties(NULL, $item->id, "extension_block", NULL, $item->uid);
                            $out = call_user_func('nvweb_' . $item->extension . '_' . $item->id, $item);
                        }
                    } else {
                        $out = nvweb_blocks_render($item->type, $item->trigger, $item->action, 'content', $item, $tag['attributes']);
                    }
                    break;
                    // not for extension_blocks
                // not for extension_blocks
                case 'url':
                case 'path':
                    $out = nvweb_blocks_render_action($item->action, '', $current['lang'], true);
                    if (empty($out)) {
                        $out = '#';
                    } else {
                        $out = nvweb_prepare_link($out);
                    }
                    break;
                    // not for extension_blocks
                // not for extension_blocks
                case 'target':
                    if ($item->action['action-type'][$current['lang']] == 'web-n') {
                        $out = '_blank';
                    } else {
                        $out = '_self';
                    }
                    break;
                    // not for extension_blocks (only for standard blocks and block group blocks)
                // not for extension_blocks (only for standard blocks and block group blocks)
                case 'property':
                    $properties_mode = 'block';
                    if (!is_numeric($item->id)) {
                        $properties_mode = 'block_group_block';
                    }
                    $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => !isset($tag['attributes']['mode']) ? $properties_mode : $tag['attributes']['mode'], 'id' => $item->id, 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name'], 'uid' => @$item->uid));
                    $out = nvweb_properties($nvweb_properties_parameters);
                    break;
                    // not for extension_blocks
                // not for extension_blocks
                case 'poll_answers':
                    $out = nvweb_blocks_render_poll($item);
                    break;
                default:
                    break;
            }
            break;
        case 'block_link':
            switch ($tag['attributes']['value']) {
                case 'id':
                    $out = $item->id;
                    break;
                case 'title':
                    $out = $item->title;
                    if (!empty($tag['attributes']['length'])) {
                        $out = core_string_cut($out, $tag['attributes']['length'], '&hellip;');
                    }
                    break;
                case 'url':
                case 'path':
                    $out = $item->link;
                    if (empty($out)) {
                        $out = '#';
                    } else {
                        $out = nvweb_prepare_link($out);
                    }
                    break;
                case 'target':
                    if ($item->new_window == 1) {
                        $out = '_blank';
                    } else {
                        $out = '_self';
                    }
                    break;
                case 'icon':
                    $out = @$item->icon;
                    break;
                default:
                    break;
            }
            break;
        case 'block_type':
            switch ($tag['attributes']['value']) {
                case 'title':
                    $title_obj = json_decode($item->title, true);
                    if (empty($title_obj)) {
                        // not json
                        $out = $item->title;
                    } else {
                        $out = $title_obj[$current['lang']];
                    }
                    break;
            }
            break;
        case 'gallery':
            switch ($tag['attributes']['value']) {
                case 'url':
                case 'path':
                    $out = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&amp;disposition=inline';
                    break;
                case 'thumbnail':
                case 'thumbnail_url':
                    $thumbnail_url = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&amp;disposition=inline&amp;width=' . $tag['attributes']['width'] . '&amp;height=' . $tag['attributes']['height'] . '&amp;border=' . $tag['attributes']['border'];
                    if ($tag['attributes']['value'] == 'thumbnail_url' || @$tag['attributes']['return'] == 'url') {
                        $out = $thumbnail_url;
                    } else {
                        $out = '<img src="' . $thumbnail_url . '" alt="' . $item[$current['lang']] . '" title="' . $item[$current['lang']] . '" />';
                    }
                    break;
                case 'title':
                    $f = new file();
                    $f->load($item['file']);
                    $out = $f->title[$current['lang']];
                    break;
                case 'alt':
                case 'description':
                    $f = new file();
                    $f->load($item['file']);
                    $out = $f->description[$current['lang']];
                    break;
                default:
                    $out = '<a href="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&amp;disposition=inline">
                                <img src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&amp;disposition=inline&amp;width=' . $tag['attributes']['width'] . '&amp;height=' . $tag['attributes']['height'] . '&amp;border=' . $tag['attributes']['border'] . '"
									 alt="' . $item[$current['lang']] . '" title="' . $item[$current['lang']] . '" />
                            </a>';
                    break;
            }
            break;
        case 'item':
            // useful also for source="structure" (but some are nonsense: title, comments, etc)
        // useful also for source="structure" (but some are nonsense: title, comments, etc)
        default:
            switch ($tag['attributes']['value']) {
                case 'id':
                    $out = $item->id;
                    break;
                case 'slug':
                    $lang = $current['lang'];
                    if (!empty($tag['attributes']['lang'])) {
                        $lang = $tag['attributes']['lang'];
                    }
                    $out = $item->dictionary[$lang]['title'];
                    // remove spaces, special chars, etc.
                    $out = core_string_clean($out);
                    $out = slug($out);
                    break;
                case 'title':
                    $lang = $current['lang'];
                    if (!empty($tag['attributes']['lang'])) {
                        $lang = $tag['attributes']['lang'];
                    }
                    $out = $item->dictionary[$lang]['title'];
                    if (!empty($tag['attributes']['length'])) {
                        $out = core_string_cut($out, $tag['attributes']['length'], '&hellip;', $tag['attributes']['length']);
                    }
                    break;
                case 'author':
                    if (!empty($item->author)) {
                        $nu = new user();
                        $nu->load($item->author);
                        $out = $nu->username;
                        unset($nu);
                    }
                    if (empty($out)) {
                        $out = $website->name;
                    }
                    break;
                case 'date':
                case 'date_post':
                    if (!empty($tag['attributes']['format'])) {
                        // custom date format
                        $out = nvweb_content_date_format($tag['attributes']['format'], $item->date_to_display);
                    } else {
                        $out = date($website->date_format, $item->date_to_display);
                    }
                    break;
                case 'content':
                case 'section':
                    if ($source == 'structure' && $tag['attributes']['source'] == 'item') {
                        $items = nvweb_content_items($item->id, true, 1, false, 'priority');
                        // we force finding the first non-embedded item ordered by priority
                        if (empty($items)) {
                            $items = nvweb_content_items($item->id, true, 1, true, 'priority');
                        }
                        // find the first embedded item ordered by priority
                        $item = $items[0];
                    }
                    $section = $tag['attributes']['section'];
                    if (empty($section)) {
                        $section = 'main';
                    }
                    $out = $item->dictionary[$current['lang']]['section-' . $section];
                    if (!empty($tag['attributes']['length'])) {
                        $allowed_tags = '';
                        if (!empty($tag['attributes']['allowed_tags'])) {
                            $allowed_tags = explode(',', $tag['attributes']['allowed_tags']);
                        }
                        $out = core_string_cut($out, $tag['attributes']['length'], '&hellip;', $allowed_tags);
                    }
                    break;
                case 'comments':
                    $out = nvweb_content_comments_count($item->id);
                    break;
                case 'gallery':
                    $params = array('item' => $item->id);
                    $params = array_merge($params, $tag['attributes']);
                    $out = nvweb_gallery($params);
                    break;
                case 'image':
                case 'photo':
                    $photo = @array_shift(array_keys($item->galleries[0]));
                    if (empty($photo)) {
                        $out = NVWEB_OBJECT . '?type=transparent';
                    } else {
                        $out = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $photo . '&amp;disposition=inline&amp;width=' . $tag['attributes']['width'] . '&amp;height=' . $tag['attributes']['height'] . '&amp;border=' . $tag['attributes']['border'];
                    }
                    break;
                case 'url':
                case 'path':
                    // rss -> full url
                    // item -> relative url
                    // embedded item -> category url
                    if ($item->embedding == 1 && $item->association == 'category') {
                        nvweb_menu_load_routes();
                        // load menu paths if not already done
                        $out = nvweb_prepare_link($structure['routes'][$item->category]);
                    } else {
                        $path = $item->paths[$current['lang']];
                        if (empty($path)) {
                            $path = '/node/' . $item->id;
                        }
                        $out = nvweb_prepare_link($path);
                    }
                    break;
                case 'tags':
                    // pass all nvlist tag parameters to the content nvweb, but some attribute/values take preference
                    $nvweb_parameters = array_replace($tag['attributes'], array('mode' => 'tags', 'id' => $item->id));
                    $out = nvweb_content($nvweb_parameters);
                    break;
                case 'score':
                    $out = nvweb_votes_calc($item, $tag['attributes']['round'], $tag['attributes']['half'], $tag['attributes']['min'], $tag['attributes']['max']);
                    break;
                case 'votes':
                    $out = intval($item->votes);
                    break;
                case 'views':
                    $out = intval($item->views);
                    break;
                case 'property':
                    if ($source == 'structure' && $tag['attributes']['source'] == 'item') {
                        $items = nvweb_content_items($item->id, true, 1, false, 'priority');
                        // we force finding the first non-embedded item ordered by priority
                        if (empty($items)) {
                            $items = nvweb_content_items($item->id, true, 1, true, 'priority');
                        }
                        // find the first embedded item ordered by priority
                        $item = $items[0];
                        $source = "item";
                    }
                    // pass all nvlist tag parameters to properties nvweb, but some attribute/values take preference
                    $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => $source == 'structure' || $source == 'category' ? 'structure' : 'item', 'id' => $item->id, 'template' => $item->template, 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name']));
                    $out = nvweb_properties($nvweb_properties_parameters);
                    break;
                default:
                    // maybe a special tag not related to a source? (unimplemented)
            }
            break;
    }
    return $out;
}
Ejemplo n.º 9
0
function nv_plugin_init()
{
    global $DB;
    global $webuser;
    global $config;
    global $website;
    global $current;
    global $dictionary;
    global $session;
    global $events;
    global $idn;
    // create database connection
    $DB = new database();
    if (!$DB->connect()) {
        die(APP_NAME . ' # ERROR<br /> ' . $DB->get_last_error());
    }
    // global exception catcher
    try {
        $idn = new idna_convert();
        // which website do we have to load?
        $url = nvweb_self_url();
        if (!empty($_REQUEST['wid'])) {
            $website = new website();
            $website->load(intval($_REQUEST['wid']));
        } else {
            $website = nvweb_load_website_by_url($url);
        }
        if ($website->permission == 2 || $website->permission == 1 && empty($_SESSION['APP_USER#' . APP_UNIQUE])) {
            nvweb_clean_exit();
        }
        // global helper variables
        $session = array();
        // user session
        $webuser = new webuser();
        $nvweb_absolute = empty($website->protocol) ? 'http://' : $website->protocol;
        if (!empty($website->subdomain)) {
            $nvweb_absolute .= $website->subdomain . '.';
        }
        $nvweb_absolute .= $website->domain . $website->folder;
        define('NVWEB_ABSOLUTE', $nvweb_absolute);
        define('NVWEB_OBJECT', $nvweb_absolute . '/object');
        if (!defined('NAVIGATE_URL')) {
            define('NAVIGATE_URL', NAVIGATE_PARENT . NAVIGATE_FOLDER);
        }
        if (!isset($_SESSION['nvweb.' . $website->id])) {
            $_SESSION['nvweb.' . $website->id] = array();
            $session['lang'] = nvweb_country_language();
        } else {
            $session = $_SESSION['nvweb.' . $website->id];
            if (empty($session['lang'])) {
                $session['lang'] = nvweb_country_language();
            }
        }
        if (isset($_REQUEST['lang'])) {
            $session['lang'] = $_REQUEST['lang'];
        }
        if (!empty($session['webuser'])) {
            $webuser->load($session['webuser']);
        } else {
            if (!empty($_COOKIE["webuser"])) {
                $webuser->load_by_hash($_COOKIE['webuser']);
            }
        }
        @setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']);
        // remove the "folder" part of the route
        $route = '';
        if (!empty($_REQUEST['route'])) {
            $route = $_REQUEST['route'];
            // remove the "folder" part of the route (only if this url is really under a folder)
            if (!empty($website->folder) && strpos('/' . $route, $website->folder) === 0) {
                $route = substr('/' . $route, strlen($website->folder) + 1);
            }
        }
        // global data across webgets
        $current = array('lang' => $session['lang'], 'route' => $route, 'object' => '', 'template' => '', 'category' => '', 'webuser' => @$session['webuser'], 'navigate_session' => !empty($_SESSION['APP_USER#' . APP_UNIQUE]), 'html_after_body' => array(), 'js_after_body' => array());
        $dictionary = nvweb_dictionary_load();
        $_SESSION['nvweb.' . $website->id] = $session;
    } catch (Exception $e) {
        ?>
		<html>
			<body>
				ERROR
				<br /><br />
				<?php 
        echo $e->getMessage();
        ?>
			</body>
		</html>
		<?php 
    }
    $events = new events();
    nvweb_plugins_load();
    $events->extension_backend_bindings();
}