Ejemplo n.º 1
0
 /**
  * ส่งอีเมล์ ตาม ID
  *
  * @param Request $request
  */
 public function save(Request $request)
 {
     if ($request->initSession() && $request->isReferer() && ($login = Login::isMember())) {
         // ค่าที่ส่งมา
         $subject = $request->post('mail_subject')->topic();
         $detail = nl2br($request->post('mail_detail')->textarea());
         // ตรวจสอบ ค่าที่ส่งมา
         $ret = array();
         $antispam = new Antispam($request->post('mail_antispamid')->toString());
         if (!$antispam->valid($request->post('mail_antispam')->toString())) {
             // Antispam ไม่ถูกต้อง
             $ret['ret_mail_antispam'] = 'this';
             $ret['input'] = 'mail_antispam';
         } else {
             // ตรวจสอบผู้รับ
             $reciever = array();
             foreach (self::getUser($request->post('mail_reciever')->filter('0-9a-z')) as $item) {
                 $reciever[] = $item['email'] . (empty($item['name']) ? '' : '<' . $item['name'] . '>');
             }
             $reciever = implode(',', $reciever);
             // ตรวจสอบค่าที่ส่งมา
             if ($reciever == '') {
                 $ret['alert'] = Language::get('Unable to send e-mail, Because you can not send e-mail to yourself or can not find the email address of the recipient.');
                 $ret['location'] = WEB_URL . 'index.php';
             } elseif ($subject == '') {
                 $ret['ret_mail_subject'] = 'this';
                 $ret['input'] = 'mail_subject';
             } elseif ($detail == '') {
                 $ret['ret_mail_detail'] = 'this';
                 $ret['input'] = 'mail_detail';
             } else {
                 // ส่งอีเมล์
                 $err = Email::send($reciever, $login['email'] . (empty($login['displayname']) ? '' : '<' . $login['displayname'] . '>'), $subject, $detail);
                 if (empty($err)) {
                     // เคลียร์ Antispam
                     $antispam->delete();
                     // ส่งอีเมล์สำเร็จ
                     $ret['alert'] = Language::get('Your message was sent successfully');
                     $ret['location'] = WEB_URL . 'index.php';
                 } else {
                     // ข้อผิดพลาดการส่งอีเมล์
                     echo $err;
                 }
             }
         }
         if (!empty($ret)) {
             // คืนค่าเป็น JSON
             echo json_encode($ret);
         }
     }
 }
Ejemplo n.º 2
0
 /**
  * หน้าส่งอีเมล์
  * สมาชิกส่งจดหมายถึงสมาชิก และ แอดมิน
  *
  * @param Request $request
  * @return object
  */
 public function render(Request $request)
 {
     // สมาชิก
     if ($login = Login::isMember()) {
         // ค่าที่ส่งมา
         $to = strtolower($request->get('to')->filter('0-9a-zA-Z'));
         if (preg_match('/^[0-9]+$/', $to)) {
             $reciever = \Index\Sendmail\Model::getUser($to);
             $to = '';
             foreach ($reciever as $id => $item) {
                 $to_msg = empty($item['name']) ? $item['email'] : $item['name'];
                 $to = $id;
             }
         } elseif ($to == 'admin') {
             $to_msg = self::$cfg->member_status[1];
         } else {
             $to = '';
         }
         if ($to != '') {
             // antispam
             $antispam = new Antispam();
             // ข้อมูลส่งกลับ
             $index = (object) array('topic' => Language::replace('Send a message to the :name', array(':name' => $to_msg)), 'keywords' => self::$cfg->web_title, 'description' => self::$cfg->web_description, 'module' => 'sendmail');
             $template = Template::create('member', 'member', 'sendmail');
             $template->add(array('/{TOPIC}/' => $index->topic, '/{ANTISPAM}/' => $antispam->getId(), '/{ANTISPAMVAL}/' => Login::isAdmin() ? $antispam->getValue() : '', '/{RECIEVER}/' => $to_msg, '/{SENDER}/' => $login['email'], '/{RECIEVERID}/' => $to));
             $index->detail = $template->render();
             // breadcrumbs
             $index->canonical = WEB_URL . 'index.php?module=sendmail&to=' . $to;
             Gcms::$view->addBreadcrumb($index->canonical, $index->topic);
             return $index;
         }
     }
     // ไม่สามารถส่งอีเมล์ได้
     $message = Language::get('Unable to send e-mail, Because you can not send e-mail to yourself or can not find the email address of the recipient.');
     return createClass('Index\\PageNotFound\\Controller')->init($request, 'member', $message);
 }
Ejemplo n.º 3
0
 public function index(Request $request)
 {
     $request->initSession();
     // Antispam Image
     Antispam::createImage($request->get('id')->toString());
 }
Ejemplo n.º 4
0
 /**
  * ฟังก์ชั่นสร้าง Form Element
  *
  * @param string $tag
  * @param array $param property ของ Input
  * id, name, type property ต่างๆของinput
  * label : ข้อความแสดงใน label ของ input
  * labelClass : class ของ label
  * comment : ถ้ากำหนดจะแสดงคำอธิบายของ input
  * ถ้าไม่กำหนดทั้ง label และ labelClass จะเป็นการสร้าง input อย่างเดียว
  * @param string $options ตัวเลือก options ของ select
  * array('name1' => 'value1', 'name2' => 'value2', ....)
  */
 public function render()
 {
     $prop = array();
     $event = array();
     foreach ($this->attributes as $k => $v) {
         switch ($k) {
             case 'itemClass':
             case 'itemId':
             case 'labelClass':
             case 'label':
             case 'comment':
             case 'unit':
             case 'value':
             case 'dataPreview':
             case 'previewSrc':
             case 'accept':
             case 'options':
             case 'optgroup':
             case 'multiple':
             case 'validator':
             case 'antispamid':
             case 'text':
             case 'validator':
                 ${$k} = $v;
                 break;
             case 'result':
                 $prop[$k] = 'data-' . $k . '="' . $v . '"';
                 break;
             case 'title':
                 $prop['title'] = 'title="' . strip_tags($v) . '"';
                 break;
             default:
                 if (is_int($k)) {
                     $prop[$v] = $v;
                 } elseif ($v === true) {
                     $prop[$k] = $k;
                 } elseif ($v === false) {
                     continue;
                 } elseif (preg_match('/^on([a-z]+)/', $k, $match)) {
                     $event[$match[1]] = $v;
                 } else {
                     $prop[$k] = $k . '="' . $v . '"';
                     ${$k} = $v;
                 }
                 break;
         }
     }
     if (isset($id) && empty($name)) {
         $name = $id;
         $prop['name'] = 'name="' . $name . '"';
     }
     if (isset(Html::$form)) {
         if (isset($id) && Html::$form->gform) {
             if (isset($validator)) {
                 $js = array();
                 $js[] = '"' . $id . '"';
                 $js[] = '"' . $validator[0] . '"';
                 $js[] = $validator[1];
                 if (isset($validator[2])) {
                     $js[] = '"' . $validator[2] . '"';
                     $js[] = empty($validator[3]) || $validator[3] === null ? 'null' : '"' . $validator[3] . '"';
                     $js[] = '"' . Html::$form->attributes['id'] . '"';
                 }
                 $this->javascript[] = 'new GValidator(' . implode(', ', $js) . ');';
                 unset($validator);
             }
             foreach ($event as $on => $func) {
                 $this->javascript[] = '$G("' . $id . '").addEvent("' . $on . '", ' . $func . ');';
             }
         } elseif (!Html::$form->gform) {
             foreach ($event as $on => $func) {
                 $prop['on' . $on] = 'on' . $on . '="' . $func . '()"';
             }
         }
     }
     if ($this->tag == 'select') {
         unset($prop['type']);
         if (isset($multiple)) {
             $value = isset($value) ? $value : array();
         } else {
             $value = isset($value) ? $value : null;
         }
         if (isset($options)) {
             $datas = array();
             foreach ($options as $k => $v) {
                 if (is_array($value)) {
                     $sel = in_array($k, $value) ? ' selected' : '';
                 } else {
                     $sel = $value == $k ? ' selected' : '';
                 }
                 $datas[] = '<option value="' . $k . '"' . $sel . '>' . $v . '</option>';
             }
             $value = implode('', $datas);
         } elseif (isset($optgroup)) {
             $datas = array();
             foreach ($optgroup as $group_label => $options) {
                 $datas[] = '<optgroup label="' . $group_label . '">';
                 foreach ($options as $k => $v) {
                     if (is_array($value)) {
                         $sel = in_array($k, $value) ? ' selected' : '';
                     } else {
                         $sel = $value == $k ? ' selected' : '';
                     }
                     $datas[] = '<option value="' . $k . '"' . $sel . '>' . $v . '</option>';
                 }
                 $datas[] = '</optgroup>';
             }
             $value = implode('', $datas);
         }
     } elseif (isset($value)) {
         if ($this->tag === 'textarea') {
             $value = str_replace(array('{', '}', '&amp;'), array('&#x007B;', '&#x007D;', '&'), htmlspecialchars($value));
         } else {
             $prop['value'] = 'value="' . str_replace('&amp;', '&', htmlspecialchars($value)) . '"';
         }
     }
     if (empty($prop['title']) && !empty($comment)) {
         $prop['title'] = 'title="' . strip_tags($comment) . '"';
     }
     if (isset($dataPreview)) {
         $prop['data-preview'] = 'data-preview="' . $dataPreview . '"';
     }
     if (isset($accept) && is_array($accept)) {
         $prop['accept'] = 'accept="' . Mime::getEccept($accept) . '"';
     }
     if (isset($multiple)) {
         $prop['multiple'] = 'multiple';
     }
     $prop = implode(' ', $prop);
     if ($this->tag == 'input') {
         $element = '<' . $this->tag . ' ' . $prop . '>';
     } elseif (isset($value)) {
         $element = '<' . $this->tag . ' ' . $prop . '>' . $value . '</' . $this->tag . '>';
     } else {
         $element = '<' . $this->tag . ' ' . $prop . '></' . $this->tag . '>';
     }
     if (!empty($antispamid)) {
         $element = Antispam::createImage($antispamid, true) . $element;
     }
     if (empty($itemClass)) {
         $input = empty($comment) ? '' : '<div class="item"' . (empty($itemId) ? '' : ' id="' . $itemId . '"') . '>';
         if (empty($labelClass) && empty($label)) {
             $input .= $element;
         } elseif (isset($type) && ($type === 'checkbox' || $type === 'radio')) {
             $input .= '<label' . (empty($labelClass) ? '' : ' class="' . $labelClass . '"') . '>' . $element . '&nbsp;' . $label . '</label>';
         } else {
             $input .= '<label' . (empty($labelClass) ? '' : ' class="' . $labelClass . '"') . '>' . (empty($label) ? '' : $label . '&nbsp;') . $element . '</label>';
         }
         if (!empty($comment)) {
             $input .= '<div class="comment"' . (empty($id) ? '' : ' id="result_' . $id . '"') . '>' . $comment . '</div></div>';
         }
     } else {
         $itemClass .= isset($unit) ? ' wlabel' : '';
         $input = '<div class="' . $itemClass . '"' . (empty($itemId) ? '' : ' id="' . $itemId . '"') . '>';
         if (isset($type) && $type === 'checkbox') {
             $input .= '<label' . (empty($labelClass) ? '' : ' class="' . $labelClass . '"') . '>' . $element . '&nbsp;' . $label . '</label>';
         } else {
             if (isset($dataPreview)) {
                 $input .= '<div class=usericon><span><img src="' . $previewSrc . '" alt="Image preview" id=' . $dataPreview . '></span></div>';
             }
             if (isset($label) && isset($id)) {
                 $input .= '<label for="' . $id . '">' . $label . '</label>';
             }
             $input .= '<span' . (empty($labelClass) ? '' : ' class="' . $labelClass . '"') . '>' . $element . '</span>';
             if (isset($unit)) {
                 $input .= '<span class=label>' . $unit . '</span>';
             }
         }
         if (!empty($comment)) {
             $input .= '<div class="comment"' . (empty($id) ? '' : ' id="result_' . $id . '"') . '>' . $comment . '</div>';
         }
         $input .= '</div>';
     }
     return $input;
 }
Ejemplo n.º 5
0
 /**
  * ฟังก์ชั่นตรวจสอบความถูกต้องของ Anti Spam
  */
 public function antispam()
 {
     // referer, session
     if (self::$request->initSession() && self::$request->isReferer()) {
         $antispam = new Antispam(self::$request->post('id')->toString());
         if (!$antispam->valid(self::$request->post('value')->toString())) {
             echo Language::replace('Incorrect :name', array(':name' => Language::get('Antispam')));
         }
     }
 }
Ejemplo n.º 6
0
 /**
  * บันทึก
  */
 public function save(Request $request)
 {
     $ret = array();
     // referer, session
     if ($request->initSession() && $request->isReferer()) {
         $antispam = new Antispam($request->post('register_antispamid')->toString());
         if (!$antispam->valid($request->post('register_antispam')->toString())) {
             // Antispam ไม่ถูกต้อง
             $ret['ret_register_antispam'] = 'this';
             $ret['input'] = 'register_antispam';
         } else {
             // รับค่าจากการ POST
             $save = array();
             foreach ($request->getParsedBody() as $key => $value) {
                 $k = str_replace('register_', '', $key);
                 switch ($k) {
                     case 'email':
                         $save['email'] = $request->post($key)->username();
                         break;
                     case 'phone1':
                     case 'idcard':
                         $save[$k] = $request->post($key)->number();
                         break;
                     case 'invite':
                         $save[$k] = $request->post($key)->toInt();
                         break;
                     case 'password':
                     case 'repassword':
                     case 'accept':
                     case 'next':
                         ${$k} = $request->post($key)->toString();
                         break;
                 }
             }
             if ($accept === '1') {
                 // ชื่อตาราง user
                 $user_table = $this->getFullTableName('user');
                 // database connection
                 $db = $this->db();
                 // ตรวจสอบค่าที่ส่งมา
                 $input = false;
                 // อีเมล์
                 if (empty($save['email'])) {
                     $ret['ret_register_email'] = 'this';
                     $input = !$input ? 'register_email' : $input;
                 } elseif (!Validator::email($save['email'])) {
                     $ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('Invalid :name'));
                     $input = !$input ? 'register_email' : $input;
                 } else {
                     // ตรวจสอบอีเมล์ซ้ำ
                     $search = $db->first($user_table, array('email', $save['email']));
                     if ($search !== false) {
                         $ret['ret_register_email'] = str_replace(':name', Language::get('Email'), Language::get('This :name is already registered'));
                         $input = !$input ? 'register_email' : $input;
                     } else {
                         $ret['ret_register_email'] = '';
                     }
                 }
                 // password
                 if (mb_strlen($password) < 4) {
                     // รหัสผ่านต้องไม่น้อยกว่า 4 ตัวอักษร
                     $ret['ret_register_password'] = '******';
                     $input = !$input ? 'register_password' : $input;
                 } elseif ($repassword != $password) {
                     // ถ้าต้องการเปลี่ยนรหัสผ่าน กรุณากรอกรหัสผ่านสองช่องให้ตรงกัน
                     $ret['ret_register_repassword'] = '******';
                     $input = !$input ? 'register_repassword' : $input;
                 } else {
                     $save['password'] = md5($password . $save['email']);
                     $ret['ret_register_password'] = '';
                     $ret['ret_register_repassword'] = '';
                 }
                 // phone1
                 if (!empty($save['phone1'])) {
                     if (!preg_match('/[0-9]{9,10}/', $save['phone1'])) {
                         $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('Invalid :name'));
                         $input = !$input ? 'register_phone1' : $input;
                     } else {
                         // ตรวจสอบโทรศัพท์
                         $search = $db->first($user_table, array('phone1', $save['phone1']));
                         if ($search !== false) {
                             $ret['ret_register_phone1'] = str_replace(':name', Language::get('phone number'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_phone1' : $input;
                         } else {
                             $ret['ret_register_phone1'] = '';
                         }
                     }
                 } elseif (self::$cfg->member_phone == 2) {
                     $ret['ret_register_phone1'] = 'this';
                     $input = !$input ? 'register_phone1' : $input;
                 }
                 // idcard
                 if (!empty($save['idcard'])) {
                     if (!Validator::idCard($save['idcard'])) {
                         $ret['ret_register_idcard'] = str_replace(':name', Language::get('Identification number'), Language::get('Invalid :name'));
                         $input = !$input ? 'register_idcard' : $input;
                     } else {
                         // ตรวจสอบ idcard ซ้ำ
                         $search = $db->first($user_table, array('idcard', $save['idcard']));
                         if ($search !== false) {
                             $ret['ret_register_idcard'] = str_replace(':name', Language::get('Identification number'), Language::get('This :name is already registered'));
                             $input = !$input ? 'register_idcard' : $input;
                         } else {
                             $ret['ret_register_idcard'] = '';
                         }
                     }
                 } elseif (self::$cfg->member_idcard == 2) {
                     $ret['ret_idcard'] = 'this';
                     $input = !$input ? 'idcard' : $input;
                 }
                 // invite
                 if (isset($save['invite'])) {
                     $ret['ret_invite'] = '';
                     if (!empty($save['invite'])) {
                         $search = $db->first($user_table, $save['invite']);
                         if ($search === false) {
                             $ret['ret_register_invite'] = str_replace(':name', Language::get('Invitation code'), Language::get('Invalid :name'));
                             $input = !$input ? 'register_invite' : $input;
                         }
                     }
                 }
                 if (!$input) {
                     $save['create_date'] = time();
                     $save['subscrib'] = 1;
                     $save['status'] = 0;
                     list($displayname, $domain) = explode('@', $save['email']);
                     $save['displayname'] = $displayname;
                     $a = 1;
                     while (true) {
                         if (false === $db->first($user_table, array('displayname', $save['displayname']))) {
                             break;
                         } else {
                             $a++;
                             $save['displayname'] = $displayname . $a;
                         }
                     }
                     // รหัสยืนยัน
                     $save['activatecode'] = empty(self::$cfg->user_activate) ? '' : Text::rndname(32);
                     // บันทึกลงฐานข้อมูล
                     $save['id'] = $db->insert($user_table, $save);
                     // ส่งอีเมล์
                     $replace = array('/%EMAIL%/' => $save['email'], '/%PASSWORD%/' => $password, '/%ID%/' => $save['activatecode']);
                     Email::send(empty(self::$cfg->user_activate) ? 2 : 1, 'member', $replace, $save['email']);
                     if (empty(self::$cfg->user_activate)) {
                         // login
                         $save['password'] = $password;
                         $_SESSION['login'] = $save;
                         // แสดงข้อความตอบรับการสมัครสมาชิก
                         $ret['alert'] = str_replace(':email', $save['email'], Language::get('Registration information sent to :email complete. We will take you to edit your profile'));
                         // ถ้าไม่มีการกำหนดหน้าถัดไปมา ไปแก้ไขข้อมูลส่วนตัว
                         $ret['location'] = isset($next) ? $next : WEB_URL . 'index.php?module=editprofile';
                     } else {
                         // แสดงข้อความตอบรับการสมัครสมาชิก
                         $ret['alert'] = str_replace(':email', $save['email'], Language::get('Register successfully, We have sent complete registration information to :email'));
                         // ถ้าไม่มีการกำหนดหน้าถัดไปมา กลับไปหน้าหลักเว็บไซต์
                         $ret['location'] = isset($next) ? $next : WEB_URL . 'index.php';
                     }
                     // clear antispam
                     $antispam->delete();
                 } else {
                     $ret['input'] = $input;
                 }
             }
         }
     }
     // คืนค่าเป็น JSON
     if (!empty($ret)) {
         echo json_encode($ret);
     }
 }