public static function social_network_profile_update($network, $network_user_id, $extra = '', $data = array()) { global $DB; global $webuser; global $website; if (is_array($extra)) { $extra = serialize($extra); } // the profile exists? $swuser = $DB->query_single('webuser', 'nv_webuser_profiles', ' network = ' . protect($network) . ' AND ' . ' network_user_id = ' . protect($network_user_id)); // the webuser already exists/is logged in? $wuser = new webuser(); if (!empty($webuser->id)) { // an existing webuser is already signed in, but we don't have his/her social profile if (empty($swuser)) { $DB->execute(' INSERT nv_webuser_profiles (id, network, network_user_id, webuser, extra) VALUES ( 0, :network, :network_user_id, :webuser, :extra )', array('network' => $network, 'network_user_id' => $network_user_id, 'webuser' => $webuser->id, 'extra' => $extra)); } $wuser->load($webuser->id); } else { // there is no webuser logged in if (empty($swuser)) { // and we don't have any social profile that matches the one used to sign in // Ex. Signed in with Facebook without having a previous webuser account in the current website $wuser->website = $website->id; $wuser->joindate = core_time(); $wuser->lastseen = core_time(); $wuser->access = 0; $wuser->insert(); $DB->execute(' INSERT nv_webuser_profiles (id, network, network_user_id, webuser, extra) VALUES ( 0, :network, :network_user_id, :webuser, :extra )', array('network' => $network, 'network_user_id' => $network_user_id, 'webuser' => $wuser->id, 'extra' => $extra)); } else { // BUT we have a social profile matching a previous webuser in database // Ex. Signed in with Facebook having a webuser account previously $wuser->load($swuser); } } // either way, now we have a webuser account that we need to update foreach ($data as $field => $value) { $wuser->{$field} = $value; } $wuser->update(); return $wuser->id; }
function nvweb_route_parse($route = "") { global $website; global $DB; global $current; global $session; global $theme; global $events; global $dictionary; // node route types if (substr($route, 0, 5) == 'node/') { $node = substr($route, 5); $route = 'node'; } switch ($route) { case 'object': nvweb_object(); nvweb_clean_exit(); break; case 'nvajax': nvweb_ajax(); nvweb_clean_exit(); break; case 'nvtags': case 'nvsearch': $current['template'] = 'search'; break; case 'nv.webuser/verify': $hash = $_REQUEST['hash']; $email = filter_var($_REQUEST['email'], FILTER_VALIDATE_EMAIL); if (!empty($hash) && !empty($email)) { $ok = webuser::email_verification($email, $hash); if ($ok) { $session['nv.webuser/verify:email_confirmed'] = time(); } } nvweb_clean_exit(NVWEB_ABSOLUTE . $website->homepage()); break; case 'node': if ($node > 0) { $current['id'] = $node; $DB->query('SELECT * FROM nv_items WHERE id = ' . protect($current['id']) . ' AND website = ' . $website->id); $current['object'] = $DB->first(); // let's count a hit (except admin) if ($current['navigate_session'] != 1 && !nvweb_is_bot()) { $DB->execute(' UPDATE nv_items SET views = views + 1 WHERE id = ' . $current['id'] . ' AND website = ' . $website->id); } $current['type'] = 'item'; $current['template'] = $current['object']->template; if ($current['navigate_session'] == 1 && !empty($_REQUEST['template'])) { $current['template'] = $_REQUEST['template']; } } break; case 'sitemap.xml': nvweb_webget_load('sitemap'); echo nvweb_sitemap(array('mode' => 'xml')); nvweb_clean_exit(); break; // redirect to home page of the current website // redirect to home page of the current website case 'nvweb.home': case 'nv.home': header('location: ' . NVWEB_ABSOLUTE . $website->homepage()); nvweb_clean_exit(); break; // webservice endpoint via XML-RPC calls // webservice endpoint via XML-RPC calls case 'xmlrpc': $events->trigger('nvweb', 'xmlrpc', array('route' => '/' . $route)); // if no extension processes the call, use the integrated XML-RPC parser nvweb_xmlrpc(); nvweb_clean_exit(); break; // empty path // empty path case '': case '/': case 'nv.empty': if ($website->empty_path_action == 'homepage_noredirect') { $route = $website->homepage(); if (strpos($route, '/') === 0) { $route = substr($route, 1); } } else { $route = ""; $website->wrong_path_action = $website->empty_path_action; } // do NOT break this case, continue processing as wrong_path action // no special route (or already processed), look for the path on navigate routing table // do NOT break this case, continue processing as wrong_path action // no special route (or already processed), look for the path on navigate routing table default: $DB->query('SELECT * FROM nv_paths WHERE path = ' . protect('/' . $route) . ' AND website = ' . $website->id . ' ORDER BY id DESC'); $rs = $DB->result(); if (empty($rs)) { // no valid route found switch ($website->wrong_path_action) { case 'homepage': case 'homepage_redirect': header('location: ' . NVWEB_ABSOLUTE . $website->homepage()); nvweb_clean_exit(); break; case 'http_404': header("HTTP/1.0 404 Not Found"); nvweb_clean_exit(); break; case 'theme_404': $current['template'] = 'not_found'; $current['type'] = 'structure'; $current['id'] = 0; $current['object'] = new structure(); return; break; case 'website_path': $redirect_url = nvweb_template_convert_nv_paths($website->wrong_path_redirect); header('location: ' . $redirect_url); nvweb_clean_exit(); break; case 'blank': default: nvweb_clean_exit(); break; } } else { // route found! // let's count a hit (except admin) if ($current['navigate_session'] != 1 && !nvweb_is_bot()) { $DB->execute(' UPDATE nv_paths SET views = views + 1 WHERE id = ' . $rs[0]->id . ' AND website = ' . $website->id); } // set the properties found // set the default language for this route if (!isset($_REQUEST['lang'])) { $current['lang'] = $rs[0]->lang; $session['lang'] = $rs[0]->lang; // force reloading the dictionary $dictionary = nvweb_dictionary_load(); } $current['type'] = $rs[0]->type; $current['id'] = $rs[0]->object_id; // look for the template associated with this item if ($current['type'] == 'structure') { $obj = new structure(); $obj->load($current['id']); // check if it is a direct access to a "jump to another branch" path if ($obj->dictionary[$current['lang']]['action-type'] == 'jump-branch') { $current['id'] = $obj->dictionary[$current['lang']]['action-jump-branch']; $obj = new structure(); $obj->load($current['id']); header('location: ' . NVWEB_ABSOLUTE . $obj->paths[$current['lang']]); nvweb_clean_exit(); } else { if ($obj->dictionary[$current['lang']]['action-type'] == 'jump-item') { $current['id'] = $obj->dictionary[$current['lang']]['action-jump-item']; $obj = new item(); $obj->load($current['id']); header('location: ' . NVWEB_ABSOLUTE . $obj->paths[$current['lang']]); nvweb_clean_exit(); } } $current['object'] = $obj; $current['category'] = $current['id']; if ($current['navigate_session'] != 1 && !nvweb_is_bot()) { $DB->execute(' UPDATE nv_structure SET views = views + 1 WHERE id = ' . protect($current['id']) . ' AND website = ' . $website->id); } } else { if ($current['type'] == 'item') { $DB->query('SELECT * FROM nv_items WHERE id = ' . protect($current['id']) . ' AND website = ' . $website->id); $current['object'] = $DB->first(); // let's count a hit (except admin) if ($current['navigate_session'] != 1 && !nvweb_is_bot()) { $DB->execute(' UPDATE nv_items SET views = views + 1 WHERE id = ' . $current['id'] . ' AND website = ' . $website->id); } } else { if ($current['type'] == 'feed') { $out = feed::generate_feed($current['id']); if ($current['navigate_session'] != 1 && !nvweb_is_bot()) { $DB->execute(' UPDATE nv_feeds SET views = views + 1 WHERE id = ' . $current['id'] . ' AND website = ' . $website->id); } echo $out; nvweb_clean_exit(); } else { // path exists, but the object type is unknown // maybe the path belongs to an extension? $events->trigger('nvweb', 'routes', array('path' => $rs[0])); } } } $current['template'] = $current['object']->template; } break; } }
function nvweb_webuser($vars = array()) { global $website; global $theme; global $current; global $webgets; global $webuser; global $DB; $webget = "webuser"; if (!isset($webgets[$webget])) { $webgets[$webget] = array(); global $lang; if (empty($lang)) { $lang = new language(); $lang->load($current['lang']); } // default translations $webgets[$webget]['translations'] = array('login_incorrect' => t(4, 'Login incorrect.'), 'subscribed_ok' => t(541, 'Your email has been successfully subscribed to the newsletter.'), 'subscribe_error' => t(542, 'There was a problem subscribing your email to the newsletter.'), 'email_confirmation' => t(454, "An e-mail with a confirmation link has been sent to your e-mail account."), 'click_to_confirm_account' => t(607, "Click on the link below to confirm your account"), 'email_confirmation_notice' => t(608, "This is an automated e-mail sent as a result of a newsletter subscription request. If you received this e-mail by error just ignore it."), 'forgot_password_success' => t(648, "An e-mail with a temporary password has been sent to your e-mail account."), 'forgot_password_error' => t(446, "We're sorry. Your contact request could not be sent. Please try again or find another way to contact us.")); // theme translations // if the web theme has custom translations for this string subtypes, use it (for the user selected language) /* just add the following translations to your json theme dictionary: "login_incorrect": "Login incorrect.", "subscribed_ok": "Your email has been successfully subscribed to the newsletter.", "subscribe_error": "There was a problem subscribing your email to the newsletter.", "email_confirmation": "An e-mail with a confirmation link has been sent to your e-mail account.", "click_to_confirm_account": "Click on the link below to confirm your account", "email_confirmation_notice": "This is an automated e-mail sent as a result of a newsletter subscription request. If you received this e-mail by error just ignore it." "forgot_password_success": "An e-mail with a temporary password has been sent to your e-mail account.", "forgot_password_error": "We're sorry. Your contact request could not be sent. Please try again or find another way to contact us." */ if (!empty($website->theme) && method_exists($theme, 't')) { foreach ($webgets[$webget]['translations'] as $code => $text) { $theme_translation = $theme->t($code); if (!empty($theme_translation) && $code != $theme_translation) { $webgets[$webget]['translations'][$code] = $theme_translation; } } } } $out = ''; switch ($vars['mode']) { case 'id': if (!empty($webuser->id)) { $out = $webuser->id; } break; case 'username': if (!empty($webuser->username)) { $out = $webuser->username; } break; case 'fullname': if (!empty($webuser->fullname)) { $out = $webuser->fullname; } break; case 'gender': if (!empty($webuser->gender)) { $out = $webuser->gender; } break; case 'newsletter': $out = $webuser->newsletter; break; case 'email': if (!empty($webuser->email)) { $out = $webuser->email; } break; case 'authenticate': $webuser_website = $vars['website']; if (empty($webuser_website)) { $webuser_website = $website->id; } $signin_username = $_REQUEST[empty($vars['username_field']) ? 'signin_username' : $vars['username_field']]; $signin_password = $_REQUEST[empty($vars['password_field']) ? 'signin_password' : $vars['password_field']]; // a page may have several forms, which one do we have to check? if (!empty($vars['form'])) { list($field_name, $field_value) = explode('=', $vars['form']); if ($_POST[$field_name] != $field_value) { return; } } // ignore empty (or partial empty) forms if (!empty($signin_username) && !empty($signin_password)) { $signed_in = $webuser->authenticate($webuser_website, $signin_username, $signin_password); if (!$signed_in) { $message = $webgets[$webget]['translations']['login_incorrect']; if (empty($vars['notify'])) { $vars['notify'] = 'inline'; } switch ($vars['notify']) { case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; case 'inline': $out = '<div class="nvweb-signin-form-error">' . $message . '</div>'; break; // javascript callback // javascript callback default: nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); break; } } else { $webuser->set_cookie(); if (!empty($vars['notify'])) { if ($vars['notify'] == 'callback') { nvweb_after_body('js', $vars['callback'] . '(true);'); } } } } break; case 'signout_link': $out = NVWEB_ABSOLUTE . $website->homepage() . '?webuser_signout'; break; case 'forgot_password': // pre checks: correct form, not spambot, email not empty and valid // load the associated user account // create temporary password and send email // TODO: don't change the password, just generate a link and let the user enter their preferred new password // a page may have several forms, which one do we have to check? if (!empty($vars['form'])) { list($field_name, $field_value) = explode('=', $vars['form']); if ($_POST[$field_name] != $field_value) { return; } } // check if this send request really comes from the website and not from a spambot if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->subdomain . '.' . $website->domain && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->domain) { return; } if (empty($vars['email_field'])) { $vars['email_field'] = 'newsletter_email'; } $email = $_REQUEST[$vars['email_field']]; $email = filter_var($email, FILTER_SANITIZE_EMAIL); if (!empty($vars['email_field']) && !empty($email)) { $ok = false; if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) { $wu_id = $DB->query_single('id', 'nv_webusers', ' email = ' . protect($email) . ' AND website = ' . $website->id); $wu = new webuser(); if (!empty($wu_id)) { $wu->load($wu_id); if ($wu->access == 0 || $wu->access == 2 && ($wu->access_begin == 0 || time() > $wu->access_begin) && ($wu->access_end == 0 || time() < $wu->access_end)) { // generate new password $password = generate_password(8, false, 'luds'); $wu->set_password($password); $ok = $wu->save(); // send a message to communicate the new webuser's email $message = navigate_compose_email(array(array('title' => $website->name, 'content' => t(451, "This is an automated e-mail sent as a result of a password request process. If you received this e-mail by error just ignore it.")), array('title' => t(1, "User"), 'content' => $wu->username), array('title' => t(2, "Password"), 'content' => $password), array('footer' => '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>'))); @nvweb_send_email($website->name, $message, $wu->email); } } } if ($ok) { $message = $webgets[$webget]['translations']['forgot_password_success']; } else { $message = $webgets[$webget]['translations']['forgot_password_error']; } if (empty($vars['notify'])) { $vars['notify'] = 'inline'; } switch ($vars['notify']) { case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; case 'inline': if ($ok) { $out = '<div class="nvweb-forgot-password-form-success">' . $message . '</div>'; } else { $out = '<div class="nvweb-forgot-password-form-error">' . $message . '</div>'; } break; case 'boolean': $out = $ok; break; case 'false': break; // javascript callback // javascript callback case 'callback': default: if ($ok) { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } else { if (!empty($vars['error_callback'])) { nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); } else { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } } break; } } break; case 'signup': // TODO // pre checks: correct form, not spambot, email not empty and valid // get the profile data from the form // more checks: password strength & confirmation, etc. // save the new webuser account // prepare account confirmation (unless not required by webget attributes) // leave the account blocked // generate an activation key // send confirmation email // if no account confirmation is required, auto login break; case 'avatar': $size = '48'; $extra = ''; if (!empty($vars['size'])) { $size = intval($vars['size']); } if (!empty($vars['border'])) { $extra .= '&border=' . $vars['border']; } if (!empty($webuser->avatar)) { $out = '<img class="' . $vars['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $webuser->avatar . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if (!empty($vars['default'])) { // the comment creator has not an avatar, but the template wants to show a default one // 3 cases: // numerical -> ID of the avatar image file in Navigate CMS // absolute path (http://www...) // relative path (/img/avatar.png) -> path to the avatar file included in the THEME used if (is_numeric($vars['default'])) { $out = '<img class="' . $vars['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if (strpos($vars['default'], 'http://') === 0) { $out = '<img class="' . $vars['class'] . '" src="' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if ($vars['default'] == 'none') { $out = ''; } else { $out = '<img class="' . $vars['class'] . '"src="' . NAVIGATE_URL . '/themes/' . $website->theme . '/' . $vars['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } } } } else { $gravatar_hash = ""; $gravatar_default = 'blank'; if (!empty($vars['gravatar_default'])) { $gravatar_default = $vars['gravatar_default']; } if (!empty($webuser->email)) { $gravatar_hash = md5(strtolower(trim($webuser->email))); } if (!empty($gravatar_hash) && $gravatar_default != 'none') { // gravatar real url: https://www.gravatar.com/avatar/ // we use libravatar to get more userbase $gravatar_url = 'https://seccdn.libravatar.org/avatar/' . $gravatar_hash . '?s=' . $size . '&d=' . $gravatar_default; $out = '<img class="' . $vars['class'] . '" src="' . $gravatar_url . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { $out = '<img class="' . $vars['class'] . '" src="data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" width="' . $size . 'px" height="' . $size . 'px"/>'; } } } break; case 'newsletter_subscribe': // a page may have several forms, which one do we have to check? if (!empty($vars['form'])) { list($field_name, $field_value) = explode('=', $vars['form']); if ($_POST[$field_name] != $field_value) { return; } } // check if this send request really comes from the website and not from a spambot if (parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->subdomain . '.' . $website->domain && parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST) != $website->domain) { return; } if (empty($vars['email_field'])) { $vars['email_field'] = 'newsletter_email'; } $email = $_REQUEST[$vars['email_field']]; $email = filter_var($email, FILTER_SANITIZE_EMAIL); if (!empty($vars['email_field']) && !empty($email)) { $ok = false; if (filter_var($email, FILTER_VALIDATE_EMAIL) !== FALSE) { $wu_id = $DB->query_single('id', 'nv_webusers', ' email = ' . protect($email) . ' AND website = ' . $website->id); $wu = new webuser(); if (!empty($wu_id)) { $wu->load($wu_id); if ($wu->access == 0 || $wu->access == 2 && ($wu->access_begin == 0 || time() > $wu->access_begin) && ($wu->access_end == 0 || time() < $wu->access_end)) { $wu->newsletter = 1; $ok = $wu->save(); } } if (empty($wu_id) || $wu->access == 1 && !empty($wu->activation_key)) { // create a new webuser account with that email $username = strtolower(substr($email, 0, strpos($email, '@'))); // left part of the email if (!empty($username) && !in_array($username, array('info', 'admin', 'contact', 'demo', 'test'))) { // check if the proposed username already exists, // in that case use the full email as username // ** if the email already exists, the subscribe process only updates the newsletter setting! $wu_id = $DB->query_single('id', 'nv_webusers', ' username = '******' AND website = ' . $website->id); } if (!empty($wu_id)) { // oops, user already exists... try another username -- the full email address $wu_id = $DB->query_single('id', 'nv_webusers', ' username = '******' AND website = ' . $website->id); if (empty($wu_id)) { // ok, email is a new username $username = $email; } else { // nope, email is already used (this code should never execute **) $username = uniqid($username . '-'); } } else { // new sign up $wu->id = 0; $wu->website = $website->id; $wu->email = $email; $wu->newsletter = 1; $wu->language = $current['lang']; // infer the webuser language by the active website language $wu->username = $username; $wu->access = 1; // user is blocked until the server recieves an email confirmation } $wu->activation_key = md5($wu->email . rand(1, 9999999)); $ok = $wu->save(); // send a message to verify the new user's email $email_confirmation_link = $website->absolute_path() . '/nv.webuser/verify?email=' . $wu->email . '&hash=' . $wu->activation_key; $message = navigate_compose_email(array(array('title' => $website->name, 'content' => $webgets[$webget]['translations']['click_to_confirm_account'] . '<br />' . '<a href="' . $email_confirmation_link . '">' . $email_confirmation_link . '</a>'), array('footer' => $webgets[$webget]['translations']['email_confirmation_notice'] . '<br />' . '<a href="' . $website->absolute_path() . $website->homepage() . '">' . $website->name . '</a>'))); @nvweb_send_email($website->name, $message, $wu->email); $pending_confirmation = true; } } $message = $webgets[$webget]['translations']['subscribe_error']; if ($pending_confirmation) { $message = $webgets[$webget]['translations']['email_confirmation']; } else { if ($ok) { $message = $webgets[$webget]['translations']['subscribed_ok']; } } if (empty($vars['notify'])) { $vars['notify'] = 'inline'; } switch ($vars['notify']) { case 'alert': nvweb_after_body('js', 'alert("' . $message . '");'); break; case 'inline': if ($ok) { $out = '<div class="nvweb-newsletter-form-success">' . $message . '</div>'; } else { $out = '<div class="nvweb-newsletter-form-error">' . $message . '</div>'; } break; case 'boolean': $out = $ok; break; case 'false': break; // javascript callback // javascript callback case 'callback': default: if ($ok) { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } else { if (!empty($vars['error_callback'])) { nvweb_after_body('js', $vars['error_callback'] . '("' . $message . '");'); } else { nvweb_after_body('js', $vars['callback'] . '("' . $message . '");'); } } break; } } break; } return $out; }
public function load_from_webuser($property_id, $webuser_id = null) { global $website; global $theme; global $webuser; $wu = $webuser; if (!empty($webuser_id)) { $wu = new webuser(); $wu->load($webuser_id); } $ws = $website; $ws_theme = $theme; if ($wu->website != $website->id) { $ws = new website(); $ws->load($wu->website); $ws_theme = new theme(); $ws_theme->load($ws->theme); } if (empty($ws_theme->webusers['properties'])) { $ws_theme->webusers['properties'] = array(); } foreach ($ws_theme->webusers['properties'] as $to) { if ($to->id == $property_id || $to->name == $property_id) { $webuser_option = $to; $webuser_option->element = 'webuser'; break; } } $this->id = $webuser_option->id; $this->website = $ws->id; $this->element = $webuser_option->element; $this->template = ''; $this->name = $webuser_option->name; $this->type = $webuser_option->type; $this->options = (array) $webuser_option->options; $this->dvalue = $webuser_option->dvalue; // default value $this->width = $webuser_option->width; $this->multilanguage = $webuser_option->multilanguage; $this->helper = $webuser_option->helper; $this->function = $webuser_option->function; $this->conditional = $webuser_option->conditional; $this->position = 0; $this->enabled = 1; // decimal format extra fields $this->precision = $webuser_option->precision; $this->prefix = $webuser_option->prefix; $this->suffix = $webuser_option->suffix; if (substr($this->name, 0, 1) == '@') { // get translation from theme dictionary $this->name = $ws_theme->t(substr($this->name, 1)); } if (substr($this->helper, 0, 1) == '@') { $this->helper = $ws_theme->t(substr($this->helper, 1)); } $values = property::load_properties_associative('webuser', '', 'webuser', $wu->id); $this->value = $values[$this->id]; if (is_null($this->value) && !empty($this->dvalue)) { $this->value = $this->dvalue; } if (is_object($this->value)) { $this->value = (array) $this->value; } }
function run() { global $user; global $layout; global $DB; global $website; $out = ''; $item = new webuser(); switch ($_REQUEST['act']) { // json data retrieval & operations case 'json': case 1: switch ($_REQUEST['oper']) { case 'del': // remove rows $ids = $_REQUEST['ids']; foreach ($ids as $id) { $item->load($id); $item->delete(); } echo json_encode(true); break; default: // list or search $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $orderby = $_REQUEST['sidx'] . ' ' . $_REQUEST['sord']; $where = ' website = ' . $website->id; if ($_REQUEST['_search'] == 'true' || isset($_REQUEST['quicksearch'])) { if (isset($_REQUEST['quicksearch'])) { $where .= $item->quicksearch($_REQUEST['quicksearch']); } else { if (isset($_REQUEST['filters'])) { $filters = $_REQUEST['filters']; if (is_array($filters)) { $filters = json_encode($filters); } $where .= navitable::jqgridsearch($filters); } else { // single search $where .= ' AND ' . navitable::jqgridcompare($_REQUEST['searchField'], $_REQUEST['searchOper'], $_REQUEST['searchString']); } } } $DB->queryLimit('id,avatar,username,email,fullname,groups,joindate,access,access_begin,access_end', 'nv_webusers', $where, $orderby, $offset, $max); $dataset = $DB->result(); $total = $DB->foundRows(); $dataset = grid_notes::summary($dataset, 'webuser', 'id'); global $webusers_groups_all; $webusers_groups_all = webuser_group::all_in_array(); //echo $DB->get_last_error(); $out = array(); for ($i = 0; $i < count($dataset); $i++) { $wug = str_replace('g', '', $dataset[$i]['groups']); $wug = explode(',', $wug); $wug = array_map(function ($in) { global $webusers_groups_all; if (empty($in)) { return; } return $webusers_groups_all[$in]; }, $wug); $blocked = 1; if ($dataset[$i]['access'] == 0 || $dataset[$i]['access'] == 2 && ($dataset[$i]['access_begin'] == 0 || $dataset[$i]['access_begin'] < time()) && ($dataset[$i]['access_end'] == 0 || $dataset[$i]['access_end'] > time())) { $blocked = 0; } $out[$i] = array(0 => $dataset[$i]['id'], 1 => empty($dataset[$i]['avatar']) ? '' : '<img title="' . $dataset[$i]['username'] . '" src="' . NAVIGATE_DOWNLOAD . '?wid=' . $website->id . '&id=' . urlencode($dataset[$i]['avatar']) . '&disposition=inline&width=32&height=32" />', 2 => '<div class="list-row" data-blocked="' . $blocked . '" title="' . $dataset[$i]['email'] . '">' . $dataset[$i]['username'] . '</div>', 3 => $dataset[$i]['fullname'], 4 => implode("<br />", $wug), 5 => core_ts2date($dataset[$i]['joindate'], true), 6 => $blocked == 0 ? '<img src="img/icons/silk/accept.png" />' : '<img src="img/icons/silk/cancel.png" />', 7 => $dataset[$i]['_grid_notes_html']); } navitable::jqgridJson($out, $page, $offset, $max, $total); break; } session_write_close(); exit; break; case 2: // edit/new form // edit/new form case 'create': case 'edit': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $item->load_from_post(); try { $item->save(); property::save_properties_from_post('webuser', $item->id); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'save', $item->username, json_encode($_REQUEST)); } } else { if (!empty($item->id)) { users_log::action($_REQUEST['fid'], $item->id, 'load', $item->username); } } $out = webusers_form($item); break; case 4: // remove // remove case 'remove': if (!empty($_REQUEST['id'])) { $item->load(intval($_REQUEST['id'])); if ($item->delete() > 0) { $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = webusers_list(); users_log::action($_REQUEST['fid'], $item->id, 'remove', $item->username, json_encode($_REQUEST)); } else { $layout->navigate_notification(t(56, 'Unexpected error.'), false); $out = webusers_form($item); } } break; case 90: // json request: timezones by country $timezones = property::timezones($_REQUEST['country']); if (empty($timezones)) { $timezones = property::timezones(); } echo json_encode($timezones); core_terminate(); break; case 'export': // export web users list to a CSV file users_log::action($_REQUEST['fid'], 0, 'export', "all", json_encode($_REQUEST)); webuser::export(); break; case 'webuser_groups_list': $out = webuser_groups_list(); break; case 'webuser_groups_json': $page = intval($_REQUEST['page']); $max = intval($_REQUEST['rows']); $offset = ($page - 1) * $max; $rs = webuser_group::all($_REQUEST['sidx'], $_REQUEST['sord']); $dataset = array(); foreach ($rs as $row) { $dataset[] = array('id' => $row->id, 'code' => $row->code, 'name' => $row->name); } $total = count($dataset); navitable::jqgridJson($dataset, $page, $offset, $max, $total, 'id'); session_write_close(); exit; break; case 'webuser_group_edit': $webuser_group = new webuser_group(); if (!empty($_REQUEST['id'])) { $webuser_group->load(intval($_REQUEST['id'])); } if (isset($_REQUEST['form-sent'])) { $webuser_group->load_from_post(); try { $ok = $webuser_group->save(); $layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check'); users_log::action($_REQUEST['fid'], $webuser_group->id, 'save_webuser_group', $webuser_group->name, json_encode($_REQUEST)); } catch (Exception $e) { $layout->navigate_notification($e->getMessage(), true, true); } } else { users_log::action($_REQUEST['fid'], $webuser_group->id, 'load_webuser_group', $webuser_group->name, json_encode($_REQUEST)); } $out = webuser_groups_form($webuser_group); break; case 'webuser_group_delete': $webuser_group = new webuser_group(); if (!empty($_REQUEST['id'])) { $webuser_group->load(intval($_REQUEST['id'])); } try { $webuser_group->delete(); $layout->navigate_notification(t(55, 'Item removed successfully.'), false); $out = webuser_groups_list(); users_log::action($_REQUEST['fid'], $webuser_group->id, 'remove_webuser_group', $webuser_group->name, json_encode($_REQUEST)); } catch (Exception $e) { $out = $layout->navigate_message("error", t(24, 'Web users') . ' / ' . t(506, 'Groups'), t(56, 'Unexpected error.')); } break; case 0: // list / search result // list / search result case 'list': default: $out = webusers_list(); break; } return $out; }
public function author_name() { if (!empty($this->user)) { $w = new webuser(); $w->load($this->user); return $w->username; } else { return $this->name; } }
$current['plugins'] = $plugins; $events->extension_backend_bindings(null, true); if (!empty($session['webuser'])) { $webuser->load($session['webuser']); } else { if (!empty($_COOKIE["webuser"])) { $webuser->load_by_hash($_COOKIE['webuser']); } } // if the webuser was removed, it doesn't exist anymore, // $session/$_COOKIE may have obsolete data, force a log out // also check date range access if (empty($webuser->id) && (!empty($session['webuser']) || !empty($_COOKIE['webuser'])) || !$webuser->access_allowed()) { $webuser->unset_cookie(); unset($webuser); $webuser = new webuser(); } if (!empty($webuser->id)) { $webuser->lastseen = core_time(); $webuser->save(false); // don't trigger the webuser_modified event } // check if the webuser wants to sign out if (isset($_REQUEST['webuser_signout'])) { $webuser->unset_cookie(); unset($webuser); $webuser = new webuser(); } $current['webuser'] = $session['webuser']; setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']); date_default_timezone_set($webuser->timezone ? $webuser->timezone : $website->default_timezone);
function nvweb_list_parse_tag($tag, $item, $source = 'item', $item_relative_position, $item_absolute_position, $total) { global $current; global $website; global $structure; global $DB; $out = ''; switch ($tag['attributes']['source']) { // special condition, return direct query result values case 'query': $out = $item->_query->{$tag}['attributes']['value']; break; // special: return element position in list // special: return element position in list case 'position': $position = $item_relative_position; if ($tag['attributes']['absolute'] == 'true') { $position = $item_absolute_position; } switch ($tag['attributes']['type']) { case 'alphabetic': $out = number2alphabet($position); break; case 'numeric': default: $out = $position + 1; // first element is 1, but in list is zero break; } break; // NOTE: the following refers to structure information of an ITEM, useless if the source are categories! // NOTE: the following refers to structure information of an ITEM, useless if the source are categories! case 'structure': case 'category': nvweb_menu_load_dictionary(); // load menu translations if not already done nvweb_menu_load_routes(); // load menu paths if not already done switch ($tag['attributes']['value']) { case 'title': if ($source == 'structure' || $source == 'category') { $out = $structure['dictionary'][$item->id]; } else { $out = $structure['dictionary'][$item->category]; } if (!empty($tag['attributes']['length'])) { $out = core_string_cut($out, $tag['attributes']['length'], '…'); } break; case 'slug': if ($source == 'structure' || $source == 'category') { $out = $structure['dictionary'][$item->id]; } else { $out = $structure['dictionary'][$item->category]; } // remove spaces, special chars, etc. $out = core_string_clean($out); $out = slug($out); break; case 'property': $id = $item->id; if ($source != 'structure' && $source != 'category') { $id = $item->category; } $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => !isset($tag['attributes']['mode']) ? 'structure' : $tag['attributes']['mode'], 'id' => $id, 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name'])); $out = nvweb_properties($nvweb_properties_parameters); break; case 'url': case 'path': if ($source == 'structure' || $source == 'category') { $out = $structure['routes'][$item->id]; } else { $out = $structure['routes'][$item->category]; } $out = nvweb_prepare_link($out); break; case 'id': if ($source == 'structure' || $source == 'category') { $out = $item->id; } else { // source = 'item'? $out = $item->category; } break; default: break; } break; // ITEM comments // ITEM comments case 'comment': case 'comments': switch ($tag['attributes']['value']) { case 'id': $out = $item->id; break; case 'avatar': $size = '48'; $extra = ''; if (!empty($tag['attributes']['size'])) { $size = intval($tag['attributes']['size']); } if (!empty($tag['attributes']['border'])) { $extra .= '&border=' . $tag['attributes']['border']; } if (!empty($item->avatar)) { $out = '<img class="' . $tag['attributes']['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $item->avatar . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if (!empty($tag['attributes']['default'])) { // the comment creator has not an avatar, but the template wants to show a default one // 3 cases: // numerical -> ID of the avatar image file in Navigate CMS // absolute path (http://www...) // relative path (/img/avatar.png) -> path to the avatar file included in the THEME used if (is_numeric($tag['attributes']['default'])) { $out = '<img class="' . $tag['attributes']['class'] . '" src="' . NVWEB_OBJECT . '?type=image' . $extra . '&id=' . $tag['attributes']['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if (strpos($tag['attributes']['default'], 'http://') === 0) { $out = '<img class="' . $tag['attributes']['class'] . '" src="' . $tag['attributes']['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { if ($tag['attributes']['default'] == 'none') { $out = ''; } else { $out = '<img class="' . $tag['attributes']['class'] . '"src="' . NAVIGATE_URL . '/themes/' . $website->theme . '/' . $tag['attributes']['default'] . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } } } } else { $gravatar_hash = ""; $gravatar_default = 'blank'; if (!empty($tag['attributes']['gravatar_default'])) { $gravatar_default = $tag['attributes']['gravatar_default']; } if (!empty($item->email)) { $gravatar_hash = md5(strtolower(trim($item->email))); } else { if (!empty($item->user)) { $email = $DB->query_single('email', 'nv_webusers', 'id = ' . protect($item->user)); if (!empty($email)) { $gravatar_hash = md5(strtolower(trim($item->email))); } } } if (!empty($gravatar_hash) && $gravatar_default != 'none') { // gravatar real url: https://www.gravatar.com/avatar/ // we use libravatar to get more userbase $gravatar_url = 'https://seccdn.libravatar.org/avatar/' . $gravatar_hash . '?s=' . $size . '&d=' . $gravatar_default; $out = '<img class="' . $tag['attributes']['class'] . '" src="' . $gravatar_url . '" width="' . $size . 'px" height="' . $size . 'px"/>'; } else { $out = '<img class="' . $tag['attributes']['class'] . '" src="data:image/gif;base64,R0lGODlhAQABAPAAAP///wAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw==" width="' . $size . 'px" height="' . $size . 'px"/>'; } } } if ($tag['attributes']['linked'] == 'true' && !empty($out)) { if (!empty($item->url)) { $comment_link = $item->url; } else { if (!empty($item->user)) { $wu = new webuser(); $wu->load($item->user); $comment_link = $wu->social_website; } } if (!empty($comment_link)) { $out = '<a href="' . $comment_link . '" target="_blank">' . $out . '</a>'; } } break; case 'username': $out = !empty($item->username) ? $item->username : $item->name; if ($tag['attributes']['linked'] == 'true' && !empty($out)) { if (!empty($item->url)) { $comment_link = $item->url; } else { if (!empty($item->user)) { $wu = new webuser(); $wu->load($item->user); $comment_link = $wu->social_website; } } if (!empty($comment_link)) { $out = '<a href="' . $comment_link . '" target="_blank">' . $out . '</a>'; } } break; case 'website': if (!empty($item->url)) { $out = $item->url; } else { if (!empty($item->user)) { $wu = new webuser(); $wu->load($item->user); $out = $wu->social_website; } } if (empty($out)) { $out = '#'; } break; case 'message': if (!empty($tag['attributes']['length'])) { $out = core_string_cut($item->message, $tag['attributes']['length'], '…'); } else { $out = nl2br($item->message); } break; case 'date': // Navigate CMS 1.6.6 compatibility if (empty($tag['attributes']['format']) && !empty($tag['attributes']['date_format'])) { $tag['attributes']['format'] = $tag['attributes']['date_format']; } if (!empty($tag['attributes']['format'])) { // custom date format $out = nvweb_content_date_format($tag['attributes']['format'], $item->date_created); } else { $out = date($website->date_format . ' H:i', $item->date_created); } break; case 'item_url': $out = nvweb_source_url('item', $item->item, $current['lang']); break; case 'item_title': $out = $item->item_title; break; case 'reply_to': $out = $item->reply_to; break; case 'depth': $c = new comment(); $c->load_from_resultset(array($item)); $out = $c->depth(); break; case 'property': $c = new comment(); $c->load_from_resultset(array($item)); // pass all nvlist tag parameters to properties nvweb, but some attribute/values take preference $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => 'comment', 'id' => $c->id, 'template' => $c->element_template(), 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name'])); $out = nvweb_properties($nvweb_properties_parameters); break; } break; case 'block': switch ($tag['attributes']['value']) { case 'id': $out = $item->id; break; // only for blocks in a block group! // only for blocks in a block group! case 'uid': $out = $item->uid; break; case 'block': // generate the full block code if ($item->type == "extension") { if (function_exists('nvweb_' . $item->extension . '_' . $item->id)) { // load extension block property values $item->properties = property::load_properties(NULL, $item->id, "extension_block", NULL, $item->uid); $out = call_user_func('nvweb_' . $item->extension . '_' . $item->id, $item); } } else { $out = nvweb_blocks_render($item->type, $item->trigger, $item->action, NULL, NULL, $tag['attributes']); } break; // not for extension_blocks // not for extension_blocks case 'title': $out = $item->dictionary[$current['lang']]['title']; if (!empty($tag['attributes']['length'])) { $out = core_string_cut($out, $tag['attributes']['length'], '…'); } break; case 'content': if ($item->type == "extension") { if (function_exists('nvweb_' . $item->extension . '_' . $item->id)) { // load extension block property values $item->properties = property::load_properties(NULL, $item->id, "extension_block", NULL, $item->uid); $out = call_user_func('nvweb_' . $item->extension . '_' . $item->id, $item); } } else { $out = nvweb_blocks_render($item->type, $item->trigger, $item->action, 'content', $item, $tag['attributes']); } break; // not for extension_blocks // not for extension_blocks case 'url': case 'path': $out = nvweb_blocks_render_action($item->action, '', $current['lang'], true); if (empty($out)) { $out = '#'; } else { $out = nvweb_prepare_link($out); } break; // not for extension_blocks // not for extension_blocks case 'target': if ($item->action['action-type'][$current['lang']] == 'web-n') { $out = '_blank'; } else { $out = '_self'; } break; // not for extension_blocks (only for standard blocks and block group blocks) // not for extension_blocks (only for standard blocks and block group blocks) case 'property': $properties_mode = 'block'; if (!is_numeric($item->id)) { $properties_mode = 'block_group_block'; } $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => !isset($tag['attributes']['mode']) ? $properties_mode : $tag['attributes']['mode'], 'id' => $item->id, 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name'], 'uid' => @$item->uid)); $out = nvweb_properties($nvweb_properties_parameters); break; // not for extension_blocks // not for extension_blocks case 'poll_answers': $out = nvweb_blocks_render_poll($item); break; default: break; } break; case 'block_link': switch ($tag['attributes']['value']) { case 'id': $out = $item->id; break; case 'title': $out = $item->title; if (!empty($tag['attributes']['length'])) { $out = core_string_cut($out, $tag['attributes']['length'], '…'); } break; case 'url': case 'path': $out = $item->link; if (empty($out)) { $out = '#'; } else { $out = nvweb_prepare_link($out); } break; case 'target': if ($item->new_window == 1) { $out = '_blank'; } else { $out = '_self'; } break; case 'icon': $out = @$item->icon; break; default: break; } break; case 'block_type': switch ($tag['attributes']['value']) { case 'title': $title_obj = json_decode($item->title, true); if (empty($title_obj)) { // not json $out = $item->title; } else { $out = $title_obj[$current['lang']]; } break; } break; case 'gallery': switch ($tag['attributes']['value']) { case 'url': case 'path': $out = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&disposition=inline'; break; case 'thumbnail': case 'thumbnail_url': $thumbnail_url = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&disposition=inline&width=' . $tag['attributes']['width'] . '&height=' . $tag['attributes']['height'] . '&border=' . $tag['attributes']['border']; if ($tag['attributes']['value'] == 'thumbnail_url' || @$tag['attributes']['return'] == 'url') { $out = $thumbnail_url; } else { $out = '<img src="' . $thumbnail_url . '" alt="' . $item[$current['lang']] . '" title="' . $item[$current['lang']] . '" />'; } break; case 'title': $f = new file(); $f->load($item['file']); $out = $f->title[$current['lang']]; break; case 'alt': case 'description': $f = new file(); $f->load($item['file']); $out = $f->description[$current['lang']]; break; default: $out = '<a href="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&disposition=inline"> <img src="' . NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $item['file'] . '&disposition=inline&width=' . $tag['attributes']['width'] . '&height=' . $tag['attributes']['height'] . '&border=' . $tag['attributes']['border'] . '" alt="' . $item[$current['lang']] . '" title="' . $item[$current['lang']] . '" /> </a>'; break; } break; case 'item': // useful also for source="structure" (but some are nonsense: title, comments, etc) // useful also for source="structure" (but some are nonsense: title, comments, etc) default: switch ($tag['attributes']['value']) { case 'id': $out = $item->id; break; case 'slug': $lang = $current['lang']; if (!empty($tag['attributes']['lang'])) { $lang = $tag['attributes']['lang']; } $out = $item->dictionary[$lang]['title']; // remove spaces, special chars, etc. $out = core_string_clean($out); $out = slug($out); break; case 'title': $lang = $current['lang']; if (!empty($tag['attributes']['lang'])) { $lang = $tag['attributes']['lang']; } $out = $item->dictionary[$lang]['title']; if (!empty($tag['attributes']['length'])) { $out = core_string_cut($out, $tag['attributes']['length'], '…', $tag['attributes']['length']); } break; case 'author': if (!empty($item->author)) { $nu = new user(); $nu->load($item->author); $out = $nu->username; unset($nu); } if (empty($out)) { $out = $website->name; } break; case 'date': case 'date_post': if (!empty($tag['attributes']['format'])) { // custom date format $out = nvweb_content_date_format($tag['attributes']['format'], $item->date_to_display); } else { $out = date($website->date_format, $item->date_to_display); } break; case 'content': case 'section': if ($source == 'structure' && $tag['attributes']['source'] == 'item') { $items = nvweb_content_items($item->id, true, 1, false, 'priority'); // we force finding the first non-embedded item ordered by priority if (empty($items)) { $items = nvweb_content_items($item->id, true, 1, true, 'priority'); } // find the first embedded item ordered by priority $item = $items[0]; } $section = $tag['attributes']['section']; if (empty($section)) { $section = 'main'; } $out = $item->dictionary[$current['lang']]['section-' . $section]; if (!empty($tag['attributes']['length'])) { $allowed_tags = ''; if (!empty($tag['attributes']['allowed_tags'])) { $allowed_tags = explode(',', $tag['attributes']['allowed_tags']); } $out = core_string_cut($out, $tag['attributes']['length'], '…', $allowed_tags); } break; case 'comments': $out = nvweb_content_comments_count($item->id); break; case 'gallery': $params = array('item' => $item->id); $params = array_merge($params, $tag['attributes']); $out = nvweb_gallery($params); break; case 'image': case 'photo': $photo = @array_shift(array_keys($item->galleries[0])); if (empty($photo)) { $out = NVWEB_OBJECT . '?type=transparent'; } else { $out = NVWEB_OBJECT . '?wid=' . $website->id . '&id=' . $photo . '&disposition=inline&width=' . $tag['attributes']['width'] . '&height=' . $tag['attributes']['height'] . '&border=' . $tag['attributes']['border']; } break; case 'url': case 'path': // rss -> full url // item -> relative url // embedded item -> category url if ($item->embedding == 1 && $item->association == 'category') { nvweb_menu_load_routes(); // load menu paths if not already done $out = nvweb_prepare_link($structure['routes'][$item->category]); } else { $path = $item->paths[$current['lang']]; if (empty($path)) { $path = '/node/' . $item->id; } $out = nvweb_prepare_link($path); } break; case 'tags': // pass all nvlist tag parameters to the content nvweb, but some attribute/values take preference $nvweb_parameters = array_replace($tag['attributes'], array('mode' => 'tags', 'id' => $item->id)); $out = nvweb_content($nvweb_parameters); break; case 'score': $out = nvweb_votes_calc($item, $tag['attributes']['round'], $tag['attributes']['half'], $tag['attributes']['min'], $tag['attributes']['max']); break; case 'votes': $out = intval($item->votes); break; case 'views': $out = intval($item->views); break; case 'property': if ($source == 'structure' && $tag['attributes']['source'] == 'item') { $items = nvweb_content_items($item->id, true, 1, false, 'priority'); // we force finding the first non-embedded item ordered by priority if (empty($items)) { $items = nvweb_content_items($item->id, true, 1, true, 'priority'); } // find the first embedded item ordered by priority $item = $items[0]; $source = "item"; } // pass all nvlist tag parameters to properties nvweb, but some attribute/values take preference $nvweb_properties_parameters = array_replace($tag['attributes'], array('mode' => $source == 'structure' || $source == 'category' ? 'structure' : 'item', 'id' => $item->id, 'template' => $item->template, 'property' => !empty($tag['attributes']['property']) ? $tag['attributes']['property'] : $tag['attributes']['name'])); $out = nvweb_properties($nvweb_properties_parameters); break; default: // maybe a special tag not related to a source? (unimplemented) } break; } return $out; }
function nv_plugin_init() { global $DB; global $webuser; global $config; global $website; global $current; global $dictionary; global $session; global $events; global $idn; // create database connection $DB = new database(); if (!$DB->connect()) { die(APP_NAME . ' # ERROR<br /> ' . $DB->get_last_error()); } // global exception catcher try { $idn = new idna_convert(); // which website do we have to load? $url = nvweb_self_url(); if (!empty($_REQUEST['wid'])) { $website = new website(); $website->load(intval($_REQUEST['wid'])); } else { $website = nvweb_load_website_by_url($url); } if ($website->permission == 2 || $website->permission == 1 && empty($_SESSION['APP_USER#' . APP_UNIQUE])) { nvweb_clean_exit(); } // global helper variables $session = array(); // user session $webuser = new webuser(); $nvweb_absolute = empty($website->protocol) ? 'http://' : $website->protocol; if (!empty($website->subdomain)) { $nvweb_absolute .= $website->subdomain . '.'; } $nvweb_absolute .= $website->domain . $website->folder; define('NVWEB_ABSOLUTE', $nvweb_absolute); define('NVWEB_OBJECT', $nvweb_absolute . '/object'); if (!defined('NAVIGATE_URL')) { define('NAVIGATE_URL', NAVIGATE_PARENT . NAVIGATE_FOLDER); } if (!isset($_SESSION['nvweb.' . $website->id])) { $_SESSION['nvweb.' . $website->id] = array(); $session['lang'] = nvweb_country_language(); } else { $session = $_SESSION['nvweb.' . $website->id]; if (empty($session['lang'])) { $session['lang'] = nvweb_country_language(); } } if (isset($_REQUEST['lang'])) { $session['lang'] = $_REQUEST['lang']; } if (!empty($session['webuser'])) { $webuser->load($session['webuser']); } else { if (!empty($_COOKIE["webuser"])) { $webuser->load_by_hash($_COOKIE['webuser']); } } @setlocale(LC_ALL, $website->languages[$session['lang']]['system_locale']); // remove the "folder" part of the route $route = ''; if (!empty($_REQUEST['route'])) { $route = $_REQUEST['route']; // remove the "folder" part of the route (only if this url is really under a folder) if (!empty($website->folder) && strpos('/' . $route, $website->folder) === 0) { $route = substr('/' . $route, strlen($website->folder) + 1); } } // global data across webgets $current = array('lang' => $session['lang'], 'route' => $route, 'object' => '', 'template' => '', 'category' => '', 'webuser' => @$session['webuser'], 'navigate_session' => !empty($_SESSION['APP_USER#' . APP_UNIQUE]), 'html_after_body' => array(), 'js_after_body' => array()); $dictionary = nvweb_dictionary_load(); $_SESSION['nvweb.' . $website->id] = $session; } catch (Exception $e) { ?> <html> <body> ERROR <br /><br /> <?php echo $e->getMessage(); ?> </body> </html> <?php } $events = new events(); nvweb_plugins_load(); $events->extension_backend_bindings(); }