public static function display()
{
if (isset($_POST['submit_bank_account'])) {
if (\PFBC\Form::isValid($_POST['submit_bank_account'])) {
new BankFormProcess();
}
Framework\Url\Header::redirect();
}
$oHR = new Http();
$iProfileId = AdminCore::auth() && !Affiliate::auth() && $oHR->getExists('profile_id') ? $oHR->get('profile_id', 'int') : (new Session())->get('affiliate_id');
$oAff = (new AffiliateModel())->readProfile($iProfileId, 'Affiliates');
$oForm = new \PFBC\Form('form_bank_account', 500);
$oForm->configure(array('action' => ''));
$oForm->addElement(new \PFBC\Element\Hidden('submit_bank_account', 'form_bank_account'));
$oForm->addElement(new \PFBC\Element\Token('bank_account'));
if (AdminCore::auth() && !Affiliate::auth() && $oHR->getExists('profile_id')) {
$oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="center"><a class="s_button" href="' . Uri::get('affiliate', 'admin', 'browse') . '">' . t('Return to back affiliates browse') . '</a></p>'));
}
unset($oHR);
$oForm->addElement(new \PFBC\Element\HTMLExternal('<h2 class="underline">' . t('Bank Information:') . '</h2>'));
$sHtmlPayPalIcon = '<a href="http://paypal.com" target="_blank"><img src="' . PH7_URL_STATIC . PH7_IMG . 'icon/paypal_small.gif" alt="PayPal" title="PayPal"></a><br />';
$oForm->addElement(new \PFBC\Element\Email($sHtmlPayPalIcon . t('Your Bank Account:'), 'bank_account', array('id' => 'email_paypal', 'onblur' => 'CValid(this.value,this.id)', 'description' => t('Your Bank Account (PayPal Email Address).'), 'title' => t('Your Bank Account.'), 'value' => $oAff->bankAccount, 'validation' => new \PFBC\Validation\BankAccount(), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\HtmlExternal('<span class="input_error email_paypal"></span>'));
$oForm->addElement(new \PFBC\Element\Button());
$oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script>'));
$oForm->render();
}
public function __construct()
{
parent::__construct();
$oAffModel = new AffiliateModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sPassword = $this->httpRequest->post('password');
/** Check if the connection is not locked **/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isAffiliateLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxAffiliateLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginAffiliateAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Affiliates')) {
\PFBC\Form::setError('form_login_aff', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
// Check Login
$sLogin = $oAffModel->login($sEmail, $sPassword, 'Affiliates');
if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
if ($sLogin === 'email_does_not_exist') {
$this->session->set('captcha_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_login_aff', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
$oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username', 'Affiliates');
} elseif ($sLogin === 'password_does_not_exist') {
$oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password', 'Affiliates');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt('Affiliates');
}
$this->session->set('captcha_enabled', 1);
// Enable Captcha
$sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
$sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
$sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'affiliate'));
\PFBC\Form::setError('form_login_aff', $sWrongPwdTxt);
}
} else {
$oSecurityModel->clearLoginAttempts('Affiliates');
$this->session->remove('captcha_enabled');
$iId = $oAffModel->getId($sEmail, null, 'Affiliates');
$oAffData = $oAffModel->readProfile($iId, 'Affiliates');
if (true !== ($mStatus = (new AffiliateCore())->checkAccountStatus($oAffData))) {
\PFBC\Form::setError('form_login_aff', $mStatus);
} else {
// Is disconnected if the user is logged on as "user" or "administrator".
if (UserCore::auth() || AdminCore::auth()) {
$this->session->destroy();
}
// Regenerate the session ID to prevent the session fixation
$this->session->regenerateId();
$aSessionData = ['affiliate_id' => $oAffData->profileId, 'affiliate_email' => $oAffData->email, 'affiliate_username' => $oAffData->username, 'affiliate_first_name' => $oAffData->firstName, 'affiliate_sex' => $oAffData->sex, 'affiliate_ip' => Ip::get(), 'affiliate_http_user_agent' => $this->browser->getUserAgent(), 'affiliate_token' => Various::genRnd($oAffData->email)];
$this->session->set($aSessionData);
$oSecurityModel->addLoginLog($oAffData->email, $oAffData->username, '*****', 'Logged in!', 'Affiliates');
$oAffModel->setLastActivity($oAffData->profileId, 'Affiliates');
Header::redirect(Uri::get('affiliate', 'account', 'index'), t('You are successfully logged!'));
}
}
}
public static function display()
{
if (isset($_POST['submit_compose_mail'])) {
if (\PFBC\Form::isValid($_POST['submit_compose_mail'])) {
new MailFormProcess();
}
Framework\Url\Header::redirect();
}
$oHttpRequest = new Http();
// For Reply Function
$oForm = new \PFBC\Form('form_compose_mail', '100%');
$oForm->configure(array('action' => ''));
$oForm->addElement(new \PFBC\Element\Hidden('submit_compose_mail', 'form_compose_mail'));
$oForm->addElement(new \PFBC\Element\Token('compose_mail'));
$oForm->addElement(new \PFBC\Element\Textbox(t('Recipient:'), 'recipient', array('id' => 'recipient', 'value' => $oHttpRequest->get('recipient'), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\Textbox(t('Subject:'), 'title', array('id' => 'str_title', 'onblur' => 'CValid(this.value,this.id,2,60)', 'value' => $oHttpRequest->get('title') != '' ? t('RE: ') . str_replace('-', ' ', $oHttpRequest->get('title')) : '', 'validation' => new \PFBC\Validation\Str(2, 60), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_title"></span>'));
$oForm->addElement(new \PFBC\Element\CKEditor(t('Your message:'), 'message', array('id' => 'str_msg', 'onblur' => 'CValid(this.value,this.id,2,2500)', 'value' => $oHttpRequest->get('message'), 'validation' => new \PFBC\Validation\Str(2, 2500), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_msg"></span>'));
unset($oHttpRequest);
if (!AdminCore::auth() && DbConfig::getSetting('isCaptchaMail')) {
$oForm->addElement(new \PFBC\Element\CCaptcha(t('Captcha:'), 'captcha', array('id' => 'ccaptcha', 'onkeyup' => 'CValid(this.value, this.id)', 'description' => t('Enter the code above:'))));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error ccaptcha"></span>'));
}
$oForm->addElement(new \PFBC\Element\Button());
$oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script><script src="' . PH7_URL_STATIC . PH7_JS . 'autocompleteUsername.js"></script>'));
$oForm->render();
}
public function __construct()
{
parent::__construct();
$this->oNoteModel = new NoteModel();
$this->oPage = new Page();
$this->iApproved = AdminCore::auth() && !$this->session->exists('login_user_as') ? null : 1;
$this->view->member_id = $this->session->get('member_id');
}
public function __construct()
{
parent::__construct();
if (!AdminCore::auth()) {
// For security reasons, we do not redirectionnons the user to hide the url of the administrative part.
Header::redirect(Uri::get('user', 'main', 'login'), $this->adminSignInMsg(), 'error');
}
}
public function __construct()
{
parent::__construct();
// Level for Admins
if (!AdminCore::auth() && $this->registry->controller === 'AdminController') {
// For security reasons, we do not redirectionnons the user to hide the url of the administrative part.
HeaderUrl::redirect(Uri::get('fake-admin-panel', 'main', 'login'), $this->adminSignInMsg(), 'error');
}
}
public function __construct()
{
parent::__construct();
// Admin Security, if you have forgotten your admin password, comment this code below
if ($this->httpRequest->get('mod') == PH7_ADMIN_MOD && ($this->registry->action == 'forgot' || $this->registry->action == 'reset')) {
Header::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'login'), t('For security reasons, you do not have the right to generate a new password. To disable this security option, you must go to the Permission file of "lost-password" module'), 'error');
}
if ((UserCore::auth() || AffiliateCore::auth() || AdminCore::auth()) && ($this->registry->action == 'forgot' || $this->registry->action == 'reset')) {
Header::redirect(Uri::get('lost-password', 'main', 'account'), $this->alreadyConnectedMsg(), 'error');
}
}
public function __construct()
{
parent::__construct();
if (UserCore::auth() && ($this->registry->action === 'index' || $this->registry->action === 'login' || $this->registry->action === 'register')) {
Header::redirect(Uri::get('user', 'account', 'index'), $this->alreadyConnectedMsg(), 'error');
}
if (!AdminCore::auth() && $this->registry->controller === 'AdminController') {
// For security reasons, we do not redirectionnons the user to hide the url of the administrative part.
Header::redirect(Uri::get('user', 'main', 'login'), $this->adminSignInMsg(), 'error');
}
}
private function adminDeletePicture()
{
if (AdminCore::auth()) {
if ($this->httpRequest->getExists('file') == true && (new Framework\File\File())->deleteFile($sFile) == true) {
$this->sMsg = t('The photo has been deleted!');
} else {
$this->sMsg = t('Sorry, we did not find any photo!');
}
Framework\Url\Header::redirect(Framework\Mvc\Router\Uri::get('webcam', 'webcam', 'picture'));
}
}
public static function display()
{
if (isset($_POST['submit_user_edit_account'])) {
if (\PFBC\Form::isValid($_POST['submit_user_edit_account'])) {
new EditFormProcess();
}
Framework\Url\Header::redirect();
}
$bAdminLogged = AdminCore::auth() && !User::auth();
// Check if the admin is logged.
$oUserModel = new UserModel();
$oHR = new Http();
$iProfileId = $bAdminLogged && $oHR->getExists('profile_id') ? $oHR->get('profile_id', 'int') : (new Session())->get('member_id');
$oUser = $oUserModel->readProfile($iProfileId);
// Birth Date with the date format for the date picker
$sBirthDate = (new CDateTime())->get($oUser->birthDate)->date('m/d/Y');
$oForm = new \PFBC\Form('form_user_edit_account');
$oForm->configure(array('action' => ''));
$oForm->addElement(new \PFBC\Element\Hidden('submit_user_edit_account', 'form_user_edit_account'));
$oForm->addElement(new \PFBC\Element\Token('edit_account'));
if ($bAdminLogged && $oHR->getExists('profile_id')) {
$oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="center"><a class="m_button" href="' . Uri::get(PH7_ADMIN_MOD, 'user', 'browse') . '">' . t('Back to Browse Users') . '</a></p>'));
$oGroupId = (new AdminCoreModel())->getMemberships();
$aGroupName = array();
foreach ($oGroupId as $oId) {
// Retrieve only the activated memberships
if ($oId->enable == 1) {
$aGroupName[$oId->groupId] = $oId->name;
}
}
$oForm->addElement(new \PFBC\Element\Select(t('Membership Group:'), 'group_id', $aGroupName, array('value' => $oUser->groupId, 'required' => 1)));
unset($aGroupName);
}
unset($oHR);
$oForm->addElement(new \PFBC\Element\Textbox(t('First Name:'), 'first_name', array('id' => 'str_first_name', 'onblur' => 'CValid(this.value,this.id,2,20)', 'value' => $oUser->firstName, 'required' => 1, 'validation' => new \PFBC\Validation\Str(2, 20))));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_first_name"></span>'));
$oForm->addElement(new \PFBC\Element\Textbox(t('Last Name:'), 'last_name', array('id' => 'str_last_name', 'onblur' => 'CValid(this.value,this.id,2,20)', 'value' => $oUser->lastName, 'validation' => new \PFBC\Validation\Str(2, 20))));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_last_name"></span>'));
$oForm->addElement(new \PFBC\Element\Textbox(t('Username:'******'username', array('description' => t('For site security, you cannot change your username.'), 'disabled' => 'disabled', 'value' => $oUser->username)));
$oForm->addElement(new \PFBC\Element\Email(t('Email:'), 'mail', array('description' => t('For site security and to avoid spam, you cannot change your email address.'), 'disabled' => 'disabled', 'value' => $oUser->email)));
$oForm->addElement(new \PFBC\Element\Radio(t('Gender:'), 'sex', array('female' => t('Female'), 'male' => t('Male'), 'couple' => t('Couple')), array('value' => $oUser->sex, 'required' => 1)));
$oForm->addElement(new \PFBC\Element\Checkbox(t('Interested in:'), 'match_sex', array('male' => t('Male'), 'female' => t('Female'), 'couple' => t('Couple')), array('value' => Form::getVal($oUser->matchSex), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\Date(t('Date of birth:'), 'birth_date', array('id' => 'birth_date', 'onblur' => 'CValid(this.value, this.id)', 'value' => $sBirthDate, 'validation' => new \PFBC\Validation\BirthDate(), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error birth_date"></span>'));
// Generate dynamic fields
$oFields = $oUserModel->getInfoFields($iProfileId);
foreach ($oFields as $sColumn => $sValue) {
$oForm = (new DynamicFieldCoreForm($oForm, $sColumn, $sValue))->generate();
}
$oForm->addElement(new \PFBC\Element\Button());
$oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script><script src="' . PH7_URL_STATIC . PH7_JS . 'geo/autocompleteCity.js"></script>'));
$oForm->render();
}
public function __construct()
{
parent::__construct();
if (UserCore::auth() && $this->registry->controller === 'HomeController') {
// Newsletter subscription is only for visitors, not for members since they can subscribe into their account.
HeaderUrl::redirect(Uri::get('user', 'main', 'index'));
}
if (!AdminCore::auth() && $this->registry->controller === 'AdminController') {
// For security reasons, we do not redirectionnons the user to hide the url of the administrative part.
HeaderUrl::redirect(Uri::get('user', 'main', 'login'), $this->adminSignInMsg(), 'error');
}
}
public function account()
{
if (UserCore::auth()) {
$sUrl = Uri::get('user', 'account', 'index');
} elseif (AffiliateCore::auth()) {
$sUrl = Uri::get('affiliate', 'account', 'index');
} elseif (AdminCore::auth()) {
$sUrl = Uri::get(PH7_ADMIN_MOD, 'main', 'index');
} else {
$sUrl = $this->registry->site_url;
}
Header::redirect($sUrl);
}
public function __construct()
{
parent::__construct();
$oUserModel = new UserModel();
$iProfileId = AdminCore::auth() && !User::auth() && $this->httpRequest->getExists('profile_id') ? $this->httpRequest->get('profile_id', 'int') : $this->session->get('member_id');
$oUser = $oUserModel->readProfile($iProfileId);
// For Admins only!
if (AdminCore::auth() && !User::auth() && $this->httpRequest->getExists('profile_id')) {
if (!$this->str->equals($this->httpRequest->post('group_id'), $oUser->groupId)) {
$oUserModel->updateMembership($this->httpRequest->post('group_id'), $iProfileId);
}
}
if (!$this->str->equals($this->httpRequest->post('first_name'), $oUser->firstName)) {
$oUserModel->updateProfile('firstName', $this->httpRequest->post('first_name'), $iProfileId);
$this->session->set('member_first_name', $this->httpRequest->post('first_name'));
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'firstName' . $iProfileId . 'Members', null)->clear();
}
if (!$this->str->equals($this->httpRequest->post('last_name'), $oUser->lastName)) {
$oUserModel->updateProfile('lastName', $this->httpRequest->post('last_name'), $iProfileId);
}
if (!$this->str->equals($this->httpRequest->post('sex'), $oUser->sex)) {
$oUserModel->updateProfile('sex', $this->httpRequest->post('sex'), $iProfileId);
$this->session->set('member_sex', $this->httpRequest->post('sex'));
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'sex' . $iProfileId . 'Members', null)->clear();
}
// WARNING: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant, otherwise the Request\Http::post() method removes the special tags
// and damages the SET function SQL for entry into the database.
if (!$this->str->equals($this->httpRequest->post('match_sex', Http::ONLY_XSS_CLEAN), $oUser->matchSex)) {
$oUserModel->updateProfile('matchSex', Form::setVal($this->httpRequest->post('match_sex', Http::ONLY_XSS_CLEAN)), $iProfileId);
}
if (!$this->str->equals($this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d'), $oUser->birthDate)) {
$oUserModel->updateProfile('birthDate', $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d'), $iProfileId);
}
// Update dynamic fields.
$oFields = $oUserModel->getInfoFields($iProfileId);
foreach ($oFields as $sColumn => $sValue) {
$sHRParam = $sColumn == 'description' ? Http::ONLY_XSS_CLEAN : null;
if (!$this->str->equals($this->httpRequest->post($sColumn, $sHRParam), $sValue)) {
$oUserModel->updateProfile($sColumn, $this->httpRequest->post($sColumn, $sHRParam), $iProfileId, 'MembersInfo');
}
}
unset($oFields);
$oUserModel->setLastEdit($iProfileId);
/*** Clear caches ***/
$oUserCache = new User();
$oUserCache->clearReadProfileCache($iProfileId);
$oUserCache->clearInfoFieldCache($iProfileId);
// Destroy objects
unset($oUserModel, $oUser, $oUserCache);
\PFBC\Form::setSuccess('form_user_edit_account', t('Your profile has been saved successfully!'));
}
protected function delete()
{
if (AdminCore::auth() && !UserCore::auth()) {
$this->_bStatus = $this->_oMailModel->adminDeleteMsg($this->_oHttpRequest->post('msg_id'));
} else {
$this->_bStatus = $this->_oMailModel->setTo($this->_oSession->get('member_id'), $this->_oHttpRequest->post('msg_id'), 'delete');
}
if (!$this->_bStatus) {
$this->_sMsg = jsonMsg(0, t('Your message does not exist anymore.'));
} else {
$this->_sMsg = jsonMsg(1, t('Your message has been successfully removed!'));
}
echo $this->_sMsg;
}
public function __construct()
{
parent::__construct();
$bAdminAuth = AdminCore::auth();
/***** Levels for admin module *****/
// Overall levels
if (!$bAdminAuth && $this->registry->action !== 'login') {
Header::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'login'), $this->signInMsg(), 'error');
}
if ($bAdminAuth && $this->registry->action === 'login') {
Header::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'index'), t('Oops! You are already logged in as administrator.'), 'error');
}
// Options ...
}
public static function display()
{
$bAdminLogged = AdminCore::auth() && !UserCore::auth();
$oForm = new \PFBC\Form('form_search', 500);
$sUrl = $bAdminLogged ? Uri::get('mail', 'admin', 'msglist') : Uri::get('mail', 'main', 'result');
$oForm->configure(array('action' => $sUrl . PH7_SH, 'method' => 'get'));
$oForm->addElement(new \PFBC\Element\Search(t('Search a message:'), 'looking', array('title' => t('Enter a keyword in the Subject, Contents, Author (username, first name, last name) or message ID.'))));
$oForm->addElement(new \PFBC\Element\Select(t('Browse By:'), 'order', array(SearchCoreModel::TITLE => t('Subject'), SearchCoreModel::USERNAME => t('Author (username)'), SearchCoreModel::SEND_DATE => t('Recent'))));
if (!$bAdminLogged) {
$oForm->addElement(new \PFBC\Element\Select(t('Where:'), 'where', array(MailModel::INBOX => t('Inbox'), MailModel::OUTBOX => t('Outbox'), MailModel::TRASH => t('Trash'))));
}
$oForm->addElement(new \PFBC\Element\Select(t('Direction:'), 'sort', array(SearchCoreModel::ASC => t('Ascending'), SearchCoreModel::DESC => t('Descending'))));
$oForm->addElement(new \PFBC\Element\Button(t('Search'), 'submit', array('icon' => 'search')));
$oForm->render();
}
protected function delete()
{
if ($this->_oSession->get('member_id') == $this->_oHttpRequest->post('recipient_id') || $this->_oSession->get('member_id') == $this->_oHttpRequest->post('sender_id') || AdminCore::auth()) {
$this->_bStatus = $this->_oCommentModel->delete($this->_oHttpRequest->post('id'), $this->_oHttpRequest->post('recipient_id'), $this->_oHttpRequest->post('sender_id'), $this->_oHttpRequest->post('table'));
if ($this->_bStatus) {
/* Clean All Data of CommentModel Cache */
(new Framework\Cache\Cache())->start(CommentCoreModel::CACHE_GROUP, null, null)->clear();
$this->_sMsg = jsonMsg(1, t('Your comment has been successfully removed!'));
} else {
$this->_sMsg = jsonMsg(0, t('Your comment could not be deleted because there no exist.'));
}
} else {
$this->_sMsg = jsonMsg(0, t('Whoops! The comment could not be removed!'));
}
echo $this->_sMsg;
}
public static function display()
{
if (isset($_POST['submit_aff_edit_account'])) {
if (\PFBC\Form::isValid($_POST['submit_aff_edit_account'])) {
new EditFormProcess();
}
Framework\Url\Header::redirect();
}
$bAdminLogged = AdminCore::auth() && !Affiliate::auth();
// Check if the admin is logged.
$oAffModel = new AffiliateModel();
$oHR = new Http();
$iProfileId = $bAdminLogged && $oHR->getExists('profile_id') ? $oHR->get('profile_id', 'int') : (new Session())->get('affiliate_id');
$oAff = $oAffModel->readProfile($iProfileId, 'Affiliates');
// Birth date with the date format for the date picker
$sBirthDate = (new CDateTime())->get($oAff->birthDate)->date('m/d/Y');
$oForm = new \PFBC\Form('form_aff_edit_account', 500);
$oForm->configure(array('action' => ''));
$oForm->addElement(new \PFBC\Element\Hidden('submit_aff_edit_account', 'form_aff_edit_account'));
$oForm->addElement(new \PFBC\Element\Token('edit_account'));
if ($bAdminLogged && $oHR->getExists('profile_id')) {
$oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="center"><a class="m_button" href="' . Uri::get('affiliate', 'admin', 'browse') . '">' . t('Back to Browse Affiliates') . '</a></p>'));
}
unset($oHR);
$oForm->addElement(new \PFBC\Element\HTMLExternal('<h2 class="underline">' . t('Global Information:') . '</h2>'));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="error">' . t('Attention all your information must be complete, candid and valid.') . '</p>'));
$oForm->addElement(new \PFBC\Element\Textbox(t('Your First Name:'), 'first_name', array('id' => 'str_first_name', 'onblur' => 'CValid(this.value,this.id,2,20)', 'value' => $oAff->firstName, 'required' => 1, 'validation' => new \PFBC\Validation\Str(2, 20))));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_first_name"></span>'));
$oForm->addElement(new \PFBC\Element\Textbox(t('Your Last Name:'), 'last_name', array('id' => 'str_last_name', 'onblur' => 'CValid(this.value,this.id,2,20)', 'value' => $oAff->lastName, 'required' => 1, 'validation' => new \PFBC\Validation\Str(2, 20))));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error str_last_name"></span>'));
$oForm->addElement(new \PFBC\Element\Textbox(t('Username:'******'username', array('description' => t('For site security, you cannot change your username.'), 'disabled' => 'disabled', 'value' => $oAff->username)));
$oForm->addElement(new \PFBC\Element\Email(t('Your Email:'), 'mail', array('description' => t('For site security and to avoid spam, you cannot change your email address.'), 'disabled' => 'disabled', 'value' => $oAff->email)));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error phone"></span>'));
$oForm->addElement(new \PFBC\Element\Radio(t('Your Sex:'), 'sex', array('male' => t('Male'), 'female' => t('Female')), array('value' => $oAff->sex, 'required' => 1)));
$oForm->addElement(new \PFBC\Element\Date(t('Your Date of birth:'), 'birth_date', array('id' => 'birth_date', 'onblur' => 'CValid(this.value, this.id)', 'value' => $sBirthDate, 'validation' => new \PFBC\Validation\BirthDate(), 'required' => 1)));
$oForm->addElement(new \PFBC\Element\HTMLExternal('<span class="input_error birth_date"></span>'));
// Generate dynamic fields
$oFields = $oAffModel->getInfoFields($iProfileId, 'AffiliatesInfo');
foreach ($oFields as $sColumn => $sValue) {
$oForm = (new DynamicFieldCoreForm($oForm, $sColumn, $sValue))->generate();
}
$oForm->addElement(new \PFBC\Element\Button());
$oForm->addElement(new \PFBC\Element\HTMLExternal('<script src="' . PH7_URL_STATIC . PH7_JS . 'validate.js"></script>'));
$oForm->render();
}
public function __construct()
{
parent::__construct();
$this->oMailModel = new MailModel();
$this->oPage = new Page();
$this->_iProfileId = $this->session->get('member_id');
$this->_bAdminLogged = AdminCore::auth() && !UserCore::auth();
$this->view->dateTime = $this->dateTime;
$this->view->avatarDesign = new AvatarDesignCore();
// Avatar Design Class
$this->view->designSecurity = new Framework\Layout\Html\Security();
// Security Design Class
$this->view->csrf_token = (new Framework\Security\CSRF\Token())->generate('mail');
$this->view->member_id = $this->_iProfileId;
// Adding Css Style Content and JavaScript for Mail and Form
$this->design->addCss(PH7_LAYOUT . PH7_SYS . PH7_MOD . $this->registry->module . PH7_SH . PH7_TPL . PH7_TPL_MOD_NAME . PH7_SH . PH7_CSS, 'mail.css');
$this->design->addJs(PH7_DOT, PH7_STATIC . PH7_JS . 'form.js,' . PH7_LAYOUT . PH7_SYS . PH7_MOD . $this->registry->module . PH7_SH . PH7_TPL . PH7_TPL_MOD_NAME . PH7_SH . PH7_JS . 'mail.js');
}
public function __construct()
{
parent::__construct();
$this->_bAdminLogged = AdminCore::auth() && !User::auth();
$this->_iProfileId = (int) ($this->_bAdminLogged && $this->httpRequest->getExists('profile_id')) ? $this->httpRequest->get('profile_id') : $this->session->get('member_id');
$this->_sUsername = $this->_bAdminLogged && $this->httpRequest->getExists('username') ? $this->httpRequest->get('username') : $this->session->get('member_username');
$this->_sFirstName = $this->_bAdminLogged && $this->httpRequest->getExists('first_name') ? $this->httpRequest->get('first_name') : $this->session->get('member_first_name');
$this->_sSex = $this->_bAdminLogged && $this->httpRequest->getExists('sex') ? $this->httpRequest->get('sex') : $this->session->get('member_sex');
/** For the avatar on the index and avatar page **/
$this->view->username = $this->_sUsername;
$this->view->first_name = $this->_sFirstName;
$this->view->sex = $this->_sSex;
$this->view->avatarDesign = new AvatarDesignCore();
// Avatar Design Class
/** For the wallpaper on the index and design page **/
$this->view->path_img_background = $this->_getWallpaper();
/** For the 'display_status' function on the index and privacy page **/
$this->design->addJs(PH7_LAYOUT . PH7_SYS . PH7_MOD . $this->registry->module . PH7_SH . PH7_TPL . PH7_TPL_MOD_NAME . PH7_SH . PH7_JS, 'common.js');
}
public function __construct()
{
parent::__construct();
$bAffAuth = AffiliateCore::auth();
$bAdminAuth = AdminCore::auth();
if (!$bAffAuth && ($this->registry->controller === 'AdsController' || $this->registry->action === 'logout')) {
Header::redirect(Uri::get('affiliate', 'signup', 'step1'), $this->signUpMsg(), 'error');
}
if (!$bAffAuth && !$bAdminAuth && ($this->registry->controller === 'AccountController' && $this->registry->action !== 'activate')) {
Header::redirect(Uri::get('affiliate', 'signup', 'step1'), $this->signUpMsg(), 'error');
}
if ($bAffAuth && ($this->registry->controller === 'SignupController' || $this->registry->action === 'activate' || $this->registry->action === 'resendactivation' || $this->registry->action === 'login')) {
Header::redirect(Uri::get('affiliate', 'account', 'index'), $this->alreadyConnectedMsg(), 'error');
}
if (!$bAdminAuth && $this->registry->controller === 'AdminController') {
// For security reasons, we do not redirectionnons the user to hide the url of the administrative part.
Header::redirect(Uri::get('affiliate', 'home', 'index'), $this->adminSignInMsg(), 'error');
}
}
public static function display()
{
if (isset($_POST['submit_avatar'])) {
if (\PFBC\Form::isValid($_POST['submit_avatar'])) {
new AvatarFormProcess();
}
Framework\Url\Header::redirect();
}
$oForm = new \PFBC\Form('form_avatar', 500);
$oForm->configure(array('action' => ''));
$oForm->addElement(new \PFBC\Element\Hidden('submit_avatar', 'form_avatar'));
$oForm->addElement(new \PFBC\Element\Token('avatar'));
if (AdminCore::auth() && !User::auth()) {
$oForm->addElement(new \PFBC\Element\HTMLExternal('<p class="center"><a class="m_button" href="' . Uri::get(PH7_ADMIN_MOD, 'user', 'browse') . '">' . t('Back to Browse Users') . '</a></p>'));
}
$oForm->addElement(new \PFBC\Element\File(t('Your Avatar'), 'avatar', array('accept' => 'image/*', 'required' => 1)));
$oForm->addElement(new \PFBC\Element\Button());
$oForm->render();
}
public function __construct()
{
parent::__construct();
$oUserModel = new UserCoreModel();
$oMailModel = new MailModel();
$bIsAdmin = AdminCore::auth() && !UserCore::auth() && !$this->session->exists('login_user_as');
$sMessage = $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN);
$sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
$iTimeDelay = (int) DbConfig::getSetting('timeDelaySendMail');
$sRecipient = $this->httpRequest->post('recipient');
$iRecipientId = $oUserModel->getId(null, $sRecipient);
$iSenderId = (int) ($bIsAdmin ? PH7_ADMIN_ID : $this->session->get('member_id'));
if ($iSenderId == $iRecipientId) {
\PFBC\Form::setError('form_compose_mail', t('Oops! You can not send a message to yourself.'));
} elseif ($sRecipient == PH7_ADMIN_USERNAME) {
\PFBC\Form::setError('form_compose_mail', t('Oops! You cannot reply to administrator! If you want to contact us, please use our <a href="%0%">contact form</a>.', Uri::get('contact', 'contact', 'index')));
} elseif (!(new ExistsCoreModel())->id($iRecipientId, 'Members')) {
\PFBC\Form::setError('form_compose_mail', t('Oops! The username "%0%" does not exist.', escape(substr($this->httpRequest->post('recipient'), 0, PH7_MAX_USERNAME_LENGTH), true)));
} elseif (!$bIsAdmin && !$oMailModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime)) {
\PFBC\Form::setError('form_compose_mail', Form::waitWriteMsg($iTimeDelay));
} elseif (!$bIsAdmin && $oMailModel->isDuplicateContent($iSenderId, $sMessage)) {
\PFBC\Form::setError('form_compose_mail', Form::duplicateContentMsg());
} else {
$mSendMsg = $oMailModel->sendMsg($iSenderId, $iRecipientId, $this->httpRequest->post('title'), $sMessage, $sCurrentTime);
if (false === $mSendMsg) {
\PFBC\Form::setError('form_compose_mail', t('Problem while sending the message. Please try again later.'));
} else {
// If the notification is accepted and the message recipient isn't connected NOW, we send a message.
if (!$oUserModel->isNotification($iRecipientId, 'newMsg') && $oUserModel->isOnline($iRecipientId, 0)) {
$this->view->content = t('Hello %0%!<br />You have received a new message from <strong>%1%</strong>.<br /> <a href="%2%">Click here</a> to read your message.', $this->httpRequest->post('recipient'), $this->session->get('member_username'), Uri::get('mail', 'main', 'inbox', $mSendMsg));
$sRecipientEmail = $oUserModel->getEmail($iRecipientId);
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/mail/new_msg.tpl', $sRecipientEmail);
$aInfo = ['to' => $sRecipientEmail, 'subject' => t('New private message from %0% on %site_name%', $this->session->get('member_first_name'))];
(new Mail())->send($aInfo, $sMessageHtml);
}
$sUrl = $bIsAdmin ? Uri::get(PH7_ADMIN_MOD, 'user', 'browse') : Uri::get('mail', 'main', 'index');
Header::redirect($sUrl, t('Your message has been sent successfully!'));
}
unset($oUserModel, $oMailModel);
}
}
public function __construct()
{
parent::__construct();
$iApproved = AdminCore::auth() || DbConfig::getSetting('profileBackgroundManualApproval') == 0 ? '1' : '0';
if (AdminCore::auth() && !User::auth() && $this->httpRequest->getExists(array('profile_id', 'username'))) {
$iProfileId = $this->httpRequest->get('profile_id');
$sUsername = $this->httpRequest->get('username');
} else {
$iProfileId = $this->session->get('member_id');
$sUsername = $this->session->get('member_username');
}
$bWallpaper = (new UserCore())->setBackground($iProfileId, $sUsername, $_FILES['wallpaper']['tmp_name'], $iApproved);
if (!$bWallpaper) {
\PFBC\Form::setError('form_design', Form::wrongImgFileTypeMsg());
} else {
$sModerationText = t('Your Wallpaper has been received! But it will not be visible until it is approved by our moderators. Please do not send a new not.');
$sText = t('Your Wallpaper has been updated successfully!');
$sMsg = DbConfig::getSetting('profileBackgroundManualApproval') ? $sModerationText : $sText;
\PFBC\Form::setSuccess('form_design', $sMsg);
}
}
public function __construct()
{
parent::__construct();
$iApproved = AdminCore::auth() || DbConfig::getSetting('avatarManualApproval') == 0 ? '1' : '0';
if (AdminCore::auth() && !User::auth() && $this->httpRequest->getExists(array('profile_id', 'username'))) {
$iProfileId = $this->httpRequest->get('profile_id');
$sUsername = $this->httpRequest->get('username');
} else {
$iProfileId = $this->session->get('member_id');
$sUsername = $this->session->get('member_username');
}
$bAvatar = (new UserCore())->setAvatar($iProfileId, $sUsername, $_FILES['avatar']['tmp_name'], $iApproved);
if (!$bAvatar) {
\PFBC\Form::setError('form_avatar', Form::wrongImgFileTypeMsg());
} else {
$sModerationText = t('Your avatar has been received! But it will be visible once approved by our moderators. Please do not send a new avatar because this is useless!');
$sText = t('Your avatar has been updated successfully!');
$sMsg = $iApproved == '0' ? $sModerationText : $sText;
\PFBC\Form::setSuccess('form_avatar', $sMsg);
}
}
public function carouselProfiles($iOffset = 0, $iLimit = 25)
{
$oUser = $this->oUserModel->getProfiles(SearchCoreModel::LATEST, $iOffset, $iLimit);
if (empty($oUser)) {
return;
}
echo '<script>$(function(){$("#foo").carouFredSel()});</script>
<div class="transparent p1"><div class="img_carousel"><div id="foo">';
foreach ($oUser as $oRow) {
$sFirstName = $this->oStr->upperFirst($oRow->firstName);
$sCity = $this->oStr->upperFirst($oRow->city);
echo '<div class="carouselTooltip"><p><strong>';
if (!UserCore::auth() && !AdminCore::auth()) {
$aHttpParams = ['ref' => $this->oHttpRequest->currentController(), 'a' => 'carousel', 'u' => $oRow->username, 'f_n' => $sFirstName, 's' => $oRow->sex];
echo t('Meet %0% on %site_name%!', '<a href="' . $this->oUser->getProfileLink($oRow->username) . '">' . $sFirstName . '</a>'), '</strong><br /><em>', t('I am a %0% and I am looking %1%.', $oRow->sex, $oRow->matchSex), '<br />', t('I from %0%, %1%.', t($oRow->country), $sCity), '</em></p><a rel="nofollow" href="', Uri::get('user', 'signup', 'step1', '?' . Url::httpBuildQuery($aHttpParams), false), '"><img src="', $this->getUserAvatar($oRow->username, $oRow->sex, 150, 'Members'), '" alt="', t('Meet %0% on %site_name%', $oRow->username), '" class="splash_avatar" /></a>';
} else {
echo t('Meet %0% on %site_name%!', $sFirstName), '</strong><br /><em>', t('I am a %0% and I am looking %1%.', $oRow->sex, $oRow->matchSex), '<br />', t('I from %0%, %1%.', t($oRow->country), $sCity), '</em></p><a href="', $this->oUser->getProfileLink($oRow->username), '"><img src="', $this->getUserAvatar($oRow->username, $oRow->sex, 150, 'Members'), '" alt="', t('Meet %0% on %site_name%', $oRow->username), '" class="splash_avatar" /></a>';
}
echo '</div>';
}
echo '</div><div class="clearfix"></div></div></div>';
}
public function __construct()
{
parent::__construct();
$oAffModel = new AffiliateModel();
$iProfileId = AdminCore::auth() && !Affiliate::auth() && $this->httpRequest->getExists('profile_id') ? $this->httpRequest->get('profile_id', 'int') : $this->session->get('affiliate_id');
$oAff = $oAffModel->readProfile($iProfileId, 'Affiliates');
if (!$this->str->equals($this->httpRequest->post('first_name'), $oAff->firstName)) {
$oAffModel->updateProfile('firstName', $this->httpRequest->post('first_name'), $iProfileId, 'Affiliates');
$this->session->set('affiliate_first_name', $this->httpRequest->post('first_name'));
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'firstName' . $iProfileId . 'Affiliates', null)->clear();
}
if (!$this->str->equals($this->httpRequest->post('last_name'), $oAff->lastName)) {
$oAffModel->updateProfile('lastName', $this->httpRequest->post('last_name'), $iProfileId, 'Affiliates');
}
if (!$this->str->equals($this->httpRequest->post('sex'), $oAff->sex)) {
$oAffModel->updateProfile('sex', $this->httpRequest->post('sex'), $iProfileId, 'Affiliates');
$this->session->set('affiliate_sex', $this->httpRequest->post('sex'));
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'sex' . $iProfileId . 'Affiliates', null)->clear();
}
if (!$this->str->equals($this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d'), $oAff->birthDate)) {
$oAffModel->updateProfile('birthDate', $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d'), $iProfileId, 'Affiliates');
}
// Update dynamic fields.
$oFields = $oAffModel->getInfoFields($iProfileId, 'AffiliatesInfo');
foreach ($oFields as $sColumn => $sValue) {
$sHRParam = $sColumn == 'description' ? Http::ONLY_XSS_CLEAN : null;
if (!$this->str->equals($this->httpRequest->post($sColumn, $sHRParam), $sValue)) {
$oAffModel->updateProfile($sColumn, $this->httpRequest->post($sColumn, $sHRParam), $iProfileId, 'AffiliatesInfo');
}
}
unset($oFields);
$oAffModel->setLastEdit($iProfileId, 'Affiliates');
$oAffCache = new Affiliate();
$oAffCache->clearReadProfileCache($iProfileId, 'Affiliates');
$oAffCache->clearInfoFieldCache($iProfileId, 'AffiliatesInfo');
unset($oAffModel, $oAff, $oAffCache);
\PFBC\Form::setSuccess('form_aff_edit_account', t('Your profile has been saved successfully!'));
}
/**
* Gets Ads with ORDER BY RAND() SQL aggregate function.
* With caching, advertising changes every hour.
*
* @param integer $iWidth
* @param integer $iHeight
* @param boolean $bOnlyActive Default TRUE
* @return object Query
*/
public function ad($iWidth, $iHeight, $bOnlyActive = true)
{
$this->_oCache->start(self::CACHE_STATIC_GROUP, 'ads' . $iWidth . $iHeight . $bOnlyActive, static::CACHE_TIME);
if (!($oData = $this->_oCache->get())) {
$sSqlActive = $bOnlyActive ? ' AND (active=\'1\') ' : ' ';
$rStmt = Db::getInstance()->prepare('SELECT * FROM ' . Db::prefix('Ads') . 'WHERE (width=:width) AND (height=:height)' . $sSqlActive . 'ORDER BY RAND() LIMIT 1');
$rStmt->bindValue(':width', $iWidth, \PDO::PARAM_INT);
$rStmt->bindValue(':height', $iHeight, \PDO::PARAM_INT);
$rStmt->execute();
$oData = $rStmt->fetch(\PDO::FETCH_OBJ);
Db::free($rStmt);
$this->_oCache->put($oData);
}
/**
* Only if the administrator is not connected,
* otherwise it doesn't make sense and tracking of advertising could reveal the URL of directors or retrieve sensitive data from the administrator, ...
*/
if (!\PH7\AdminCore::auth() && $oData) {
echo '<div class="inline" onclick="$(\'#ad_' . $oData->adsId . '\').attr(\'src\',\'' . PH7_URL_ROOT . '?' . \PH7\Framework\Ads\Ads::PARAM_URL . '=' . $oData->adsId . '\');return true;">';
echo \PH7\Framework\Ads\Ads::output($oData);
echo '<img src="' . PH7_URL_STATIC . PH7_IMG . 'useful/blank.gif" style="border:0;width:0px;height:0px;" alt="" id="ad_' . $oData->adsId . '" /></div>';
}
unset($oData);
}
public function delete()
{
if ($this->session->get('member_id') == $this->httpRequest->post('recipient_id') || $this->session->get('member_id') == $this->httpRequest->post('sender_id') || AdminCore::auth()) {
$this->sTable = $this->httpRequest->post('table');
if ($this->oCommentModel->delete($this->httpRequest->post('id'), $this->httpRequest->post('recipient_id'), $this->httpRequest->post('sender_id'), $this->sTable)) {
/* Clean All Data of CommentModel Cache */
(new Framework\Cache\Cache())->start(CommentCoreModel::CACHE_GROUP, null, null)->clear();
$this->sMsg = t('The comment has been deleted!');
} else {
$this->sMsg = t('Your comment could not be deleted because there no exist.');
}
} else {
$this->sMsg = t('Whoops! The comment could not be removed!');
}
Framework\Url\HeaderUrl::redirect(Uri::get('comment', 'comment', 'read', $this->sTable . ',' . $this->httpRequest->post('recipient_id')), $this->sMsg);
}
private function _check()
{
if (!AdminCore::auth()) {
// It rechecks if the administrator is always connected
$this->_aErrors[] = t('You must be logged in as administrator to upgrade your site.');
}
if (DbConfig::getSetting('siteStatus') !== DbConfig::MAINTENANCE_SITE) {
$this->_aErrors[] = t('Your site must be in maintenance mode to begin the upgrade.');
}
if (!isDebug()) {
$this->_aErrors[] = t('You must put your site in development mode in order to launch the upgrade of your site!') . '<br />' . t('1) Please change the permission of the ~%0% file for writing for all groups (0666 in octal).', PH7_PATH_APP_CONFIG . PH7_CONFIG_FILE) . '<br />' . t('2) Edit ~%0% file and find the code:', PH7_PATH_APP_CONFIG . PH7_CONFIG_FILE) . '<br />' . '"<code>environment = production ; production or development</code>"<br />' . t('and replace it with the code:') . '<br />' . '"<code>environment = development ; production or development</code>"<br />' . t('3) After installation, please edit ~%0% file and find the code:', PH7_PATH_APP_CONFIG . PH7_CONFIG_FILE) . '<br />' . '"<code>environment = development ; production or development</code>"<br />' . t('and replace it with the code:') . '<br />' . '"<code>environment = production ; production or development</code>"<br />' . t('4) Change the permission of the file to write only for users and reading for the other groups (0644 in octal).');
}
}