Example #1
1
    function v($k, $v = false, $nr = false)
    {
        $a = isset($this->config[$k]) ? $this->config[$k] : false;
        if ($nr !== false && $v !== false) {
            $this->config[$k] = $v;
            return $v;
        }
        if ($v !== false) {
            $sql_update = array('config_value' => $v);
            if ($a !== false) {
                $sql = 'UPDATE _config SET ' . _build_array('UPDATE', $sql_update) . sql_filter('
					WHERE config_name = ?', $k);
            } else {
                $sql_update['config_name'] = $k;
                $sql = 'INSERT INTO _config' . _build_array('INSERT', $sql_update);
            }
            _sql($sql);
            $this->config[$k] = $a = $v;
        }
        return $a;
    }
Example #2
0
    public function home()
    {
        $sql = 'SELECT *
			FROM _store s, _store_fields f
			WHERE s.store_field = f.field_id
			ORDER BY store_field';
        $store = _rowset($sql, 'store_assoc', false, true);
        $a_country = array('Alemania' => 82, 'Argentina' => 10, 'Bolivia' => 26, 'Chile' => 43, 'Colombia' => 47, 'Ecuador' => 63, 'El Salvador' => 65, 'Espana' => 197, 'Francia' => 74, 'Greece' => 85, 'Guatemala' => 90, 'Honduras' => 97, 'Italia' => 107, 'Mexico' => 140, 'Paraguay' => 168, 'Peru' => 169, 'Uruguay' => 227, 'Venezuela' => 230);
        foreach ($store as $i => $row) {
            $nickname = '';
            $address = '';
            $birthday = '';
            $country = '';
            foreach ($row as $field) {
                switch ($field['field_alias']) {
                    case 'nickname':
                        $nickname = $field['store_value'];
                        break;
                    case 'address':
                        $address = $field['store_value'];
                        break;
                    case 'birthday':
                        $temp = explode('/', $field['store_value']);
                        $birthday = $temp[2] . '' . $temp[1] . '' . $temp[0];
                        break;
                    case 'country':
                        $country = $a_country[$field['store_value']];
                        break;
                }
            }
            $sql_insert = array('type' => 1, 'active' => 0, 'username' => $nickname, 'password' => '', 'registration' => time(), 'lastvisit' => 0, 'lastpage' => '', 'country' => $country, 'email' => $address, 'birthday' => $birthday, 'birthday_last' => 0, 'gender' => 0, 'date' => 0, 'dateformat' => 'd M Y H:i', 'timezone' => -6, 'dst' => 0, 'login_tries' => 0);
            $sql = 'INSERT INTO _members' . _build_array('INSERT', prefix('user', $sql_insert));
            _sql($sql);
            //_pre($sql);
        }
        $this->e('Done.');
        return;
    }
Example #3
0
    protected function _cat_create()
    {
        gfatal();
        $v = $this->__(array('group' => 0, 'name'));
        if (!f($v['name'])) {
            $this->_error('#FIELD_IS_EMPTY');
        }
        if ($v['group']) {
            $sql = 'SELECT group_id
				FROM _groups
				WHERE group_id = ?';
            if (!_fieldrow(sql_filter($sql, $v['group']))) {
                $this->_error('#GROUPS_NO_EXISTS');
            }
        }
        $sql = 'INSERT INTO _tickets_cat' . _build_array('INSERT', prefix('cat', $v));
        _sql($sql);
        return $this->e('~OK');
    }
Example #4
0
 function _log($action, $uid = false)
 {
     $method = preg_replace('#^(INSERT|UPDATE|DELETE) (.*?)$#is', '\\1', $action);
     $method = strtolower($method);
     if (!in_array($method, w('insert update delete'))) {
         return;
     }
     if (!($whitelist = get_file('./base/sql_history'))) {
         return;
     }
     if (!count($whitelist)) {
         return;
     }
     $action = str_replace(array("\n", "\t", "\r"), array('', '', ' '), $action);
     $table = preg_replace('#^(INSERT\\ INTO|UPDATE|DELETE\\ FROM) (\\_[a-z\\_]+) (.*?)$#is', '\\2', $action);
     if (!in_array($table, $whitelist)) {
         return;
     }
     $actions = '';
     switch ($method) {
         case 'insert':
             if (!preg_match('#^INSERT INTO (\\_[a-z\\_]+) \\((.*?)\\) VALUES \\((.*?)\\)$#is', $action, $s_action)) {
                 return;
             }
             $keys = array_map('trim', explode(',', $s_action[2]));
             $values = array_map('trim', explode(',', $s_action[3]));
             foreach ($values as $i => $row) {
                 $values[$i] = preg_replace('#^\'(.*?)\'$#i', '\\1', $row);
             }
             if (count($keys) != count($values)) {
                 return;
             }
             $query = array('table' => $s_action[1], 'query' => array_combine($keys, $values));
             break;
         case 'update':
             if (!preg_match('#^UPDATE (\\_[a-z\\_]+) SET (.*?) WHERE (.*?)$#is', $action, $s_action)) {
                 return;
             }
             $all = array('set' => array_map('trim', explode(',', $s_action[2])), 'where' => array_map('trim', explode('AND', $s_action[3])));
             foreach ($all as $j => $v) {
                 foreach ($v as $i => $row) {
                     $v_row = array_map('trim', explode('=', $row));
                     $all[$j][$v_row[0]] = preg_replace('#^\'(.*?)\'$#i', '\\1', $v_row[1]);
                     unset($all[$j][$i]);
                 }
             }
             $query = array('table' => $s_action[1], 'set' => $all['set'], 'where' => $all['where']);
             break;
         case 'delete':
             if (!preg_match('#^DELETE FROM (\\_[a-z\\_]+) WHERE (.*?)$#is', $action, $s_action)) {
                 return;
             }
             $all = array('where' => array_map('trim', explode('AND', $s_action[2])));
             foreach ($all as $j => $v) {
                 foreach ($v as $i => $row) {
                     $v_row = array_map('trim', explode('=', $row));
                     $all[$j][$v_row[0]] = preg_replace('#^\'(.*?)\'$#i', '\\1', $v_row[1]);
                     unset($all[$j][$i]);
                 }
             }
             $query = array('table' => $s_action[1], 'where' => $all['where']);
             break;
     }
     global $user;
     $sql_insert = array('time' => time(), 'uid' => $user->v('user_id'), 'method' => $method, 'actions' => json_encode($query));
     $sql = 'INSERT INTO _log' . _build_array('INSERT', prefix('log', $sql_insert));
     _sql($sql);
     return;
 }
Example #5
0
    public function home()
    {
        global $core, $user;
        $tree = $this->valid_tree();
        $v = $this->__(_array_keys(w('is_comment is_form'), 0));
        // Form posting enabled and form submitted
        if ($v['is_form'] && _button()) {
            if (!is_ghost()) {
                _fatal(405);
            }
            if (!$tree['tree_form']) {
                _fatal();
            }
            $sql_fields = 'SELECT form_alias, form_required, form_legend, form_regex, 
				FROM _form_fields
				WHERE form_tree = ?
				ORDER BY form_order';
            if (!($form = _rowset(sql_filter($sql_fields, $tree['tree_id']), 'form_alias'))) {
                $form = _rowset(sql_filter($sql_fields, 0), 'form_alias');
            }
            $form['secure'] = array('form_required' => 1, 'form_regex' => '^([a-zA-Z]+)$', 'form_alias' => 'secure', 'form_type' => 'text', 'form_legend' => _lang('XCF_LEGEND'));
            foreach ($form as $row) {
                $v = array_merge($v, $this->__(array($row['form_alias'])));
                if (!f($v[$row['form_alias']])) {
                    if ($row['form_required']) {
                        $this->_error(sprintf(_lang('E_COMMENT_FIELD_EMPTY'), $row['form_legend']), false);
                    }
                    continue;
                }
                if (f($row['form_regex']) && !preg_match('#' . $row['form_regex'] . '#is', $v[$row['form_alias']])) {
                    $this->_error(sprintf(_lang('E_COMMENT_FIELD_BAD'), $row['form_legend']), false);
                    if ($row['form_alias'] == 'secure') {
                        $v[$row['form_alias']] = '';
                    }
                }
            }
            require_once XFS . 'core/xcf.php';
            $xcf = new captcha();
            if ($xcf->check($v['secure']) === false) {
                $v['secure'] = '';
                $this->_error('#E_COMMENT_INVALID_CAPTCHA');
            }
            unset($xcf);
            require_once XFS . 'core/emailer.php';
            $emailer = new emailer();
            $emailer->set_decode(true);
            $emailer->format('plain');
            $emailer->from($v['address']);
            $emailer->set_subject(_rm_acute($v['subject']));
            $emailer->use_template('contact_email');
            if (f($core->v('default_email'))) {
                $tree['tree_form_email'] .= (f($tree['tree_form_email']) ? ';' : '') . $core->v('default_email');
            }
            $form_addresses = array_map('trim', array_unique(explode(';', $tree['tree_form_email'])));
            foreach ($form_addresses as $i => $address) {
                $row_f = !$i ? 'email_address' : 'cc';
                $emailer->{$row_f}($address);
            }
            unset($v['secure']);
            $content = w();
            foreach ($form as $row) {
                if (!f($v[$row['form_alias']])) {
                    continue;
                }
                $content[] = $row['form_legend'] . ":\n" . $v[$row['form_alias']];
            }
            $emailer->assign_vars(array('CONTENT' => implode("\n\n", $content), 'FORM_ARTICLE' => $tree['tree_subject']));
            $emailer->send();
            $emailer->reset();
            $response = array('lang' => _lang('FORM_SUCCESS'));
            $this->e(json_encode($response));
        }
        // Comment posting enabled and form submitted.
        if ($v['is_comment'] && _button()) {
            if (!$tree['tree_allow_comments']) {
                _fatal();
            }
            $cv = $this->__(w('comment_username comment_address comment_website comment_message comment_security'));
            $comment_time = time();
            if (!$user->v('is_member')) {
                foreach ($cv as $cv_k => $cv_v) {
                    if (!f($cv_v)) {
                        $this->error('E_COMMENT_FILL_FIELDS');
                        break;
                    }
                }
                if (!$this->errors()) {
                    $sql = 'SELECT comment_time
						FROM _comments
						WHERE comment_ip = ?
							AND comment_status = 0';
                    if ($row_flood = _fieldrow(sql_filter($sql, $user->ip))) {
                        if ($comment_time - $row_flood['comment_time'] < 30) {
                            $this->error('E_COMMENT_FLOOD_TIME');
                        }
                    }
                }
                // CAPTCHA verification
                require_once XFS . 'core/xcf.php';
                $xcf = new captcha();
                if ($xcf->check($cv['comment_security']) === false) {
                    $cv['comment_security'] = '';
                    $this->error('E_COMMENT_INVALID_CAPTCHA');
                }
                unset($xcf);
            }
            if (!$this->errors()) {
                $approve_comments = !$user->v('is_member') ? $tree['tree_approve_comments'] : 1;
                $sql_insert = array('tree' => (int) $tree['tree_id'], 'uid' => (int) $user->v('user_id'), 'username' => $cv['comment_username'], 'email' => $cv['comment_address'], 'website' => $cv['comment_website'], 'ip' => $user->ip, 'status' => (int) $approve_comments, 'time' => (int) $comment_time, 'message' => $cv['comment_message']);
                $sql = 'INSERT INTO _comments' . _build_array('INSERT', prefix('comment', $sql_insert));
                _sql($sql);
                if ($approve_comments) {
                    $sql = 'UPDATE _tree SET tree_comments = tree_comments + 1
						WHERE tree_id = ?';
                    _sql(sql_filter($sql, $tree['tree_id']));
                }
                // Send new comment email notification for approval.
                if (!$approve_comments) {
                    unset($cv['comment_security']);
                    require_once XFS . 'core/emailer.php';
                    $emailer = new emailer();
                    $emailer->from($cv['comment_address']);
                    $emailer->use_template('comment_approval');
                    if (f($tree['tree_form_email'])) {
                        $tree['tree_form_email'] = $core->v('default_comments_email');
                    }
                    foreach (explode(';', $tree['tree_form_email']) as $i => $row) {
                        $row_f = !$i ? 'email_address' : 'cc';
                        $emailer->{$row_f}($row);
                    }
                    $input = w();
                    foreach ($cv as $row_k => $row_v) {
                        if (!f($row_v)) {
                            continue;
                        }
                        if ($row_k == 'comment_message') {
                            $row_v = str_replace("\r\n", '<br />', $row_v);
                        }
                        $input[] = '&lt; ' . $row_v;
                    }
                    $emailer->assign_vars(array('U_APPROVAL' => _link(_rewrite($tree), array('x1' => 'comments')), 'INPUT_FIELDS' => implode('<br /><br />', $input), 'FROM_USERNAME' => $cv['comment_username']));
                    $emailer->send();
                    $emailer->reset();
                }
                redirect(_link(_rewrite($tree)));
            }
            if ($this->errors()) {
                if (is_ghost()) {
                    $this->e('!');
                }
                _style('comments_error', array('MESSAGE' => $this->get_errors()));
            }
        }
        //
        if (f($tree['tree_redirect'])) {
            if (preg_match('#^[a-z0-9\\-\\_]+$#is', $tree['tree_redirect'])) {
                $tree['tree_redirect'] = _link($tree['tree_redirect']);
            }
            redirect($tree['tree_redirect']);
        }
        //
        if ($tree['tree_parent']) {
            $sql = 'SELECT *
				FROM _tree
				WHERE tree_id = ?';
            $parent = _fieldrow(sql_filter($sql, $tree['tree_parent']));
            if ($tree['tree_level'] > 2) {
                $sql = 'SELECT *
					FROM _tree
					WHERE tree_id = ?';
                $subparent = _fieldrow(sql_filter($sql, $parent['tree_parent']));
            }
        }
        if ($tree['tree_node']) {
            $sql = 'SELECT *
				FROM _tree
				WHERE tree_id = ?';
            $node = _fieldrow(sql_filter($sql, $tree['tree_node']));
        }
        //
        if (@method_exists($this, 'cf_' . _rewrite($tree))) {
            $this->{'cf_' . _rewrite($tree)}($tree);
        }
        //
        $sql = 'SELECT *
			FROM _tree
			WHERE tree_parent = ?
				AND tree_child_hide = 0
			ORDER BY ??';
        $childs = _rowset(sql_filter($sql, $tree['tree_id'], $this->child_order($tree)));
        foreach ($childs as $i => $row) {
            if (!$i) {
                $sql = 'SELECT image_id, image_tree, image_extension
					FROM _images
					WHERE image_tree IN (??)
					ORDER BY RAND()';
                $images_child = _rowset(sql_filter($sql, _implode(',', array_keys($childs))), 'tree_id');
                _style('tree_child1', array('ORDER_URL' => _link($tree['tree_id'], array('order', 0, 0, 0, 0))));
            }
            _style('tree_child.row', array('ITEM' => $row['tree_id'], 'URL' => _link(_rewrite($row)), 'SUBJECT' => $row['tree_subject'], 'CONTENT' => $row['tree_content'], 'EDITED' => _format_date($row['tree_edited']), 'IMAGE' => isset($images_child[$row['tree_id']]) ? $images_child[$row['tree_id']]['image_id'] . '.' . $images_child[$row['tree_id']]['image_extension'] : 'default.gif'));
        }
        // Comments
        if ($tree['tree_allow_comments'] && $tree['tree_comments']) {
            $sql = 'SELECT c.comment_id, c.comment_username, c.comment_website, c.comment_time, c.comment_message, m.user_username
				FROM _comments c, _members m
				WHERE c.comment_tree = ?
					AND c.comment_status = 1
					AND c.comment_uid = m.user_id
				ORDER BY c.comment_time DESC';
            $comments = _rowset(sql_filter($sql, $tree['tree_id']));
            foreach ($comments as $i => $row) {
                if (!$i) {
                    _style('comments');
                }
                _style('comments.row', array('ID' => $row['comment_id'], 'SUSERNAME' => $row['user_username'], 'USERNAME' => $row['comment_username'], 'WEBSITE' => $row['comment_website'], 'TIME' => _format_date($row['comment_time']), 'MESSAGE' => str_replace("\n", '<br />', $row['comment_message'])));
            }
        }
        //
        if ($this->css_parent($tree)) {
            $sql = 'SELECT *
				FROM _tree
				WHERE tree_parent = ?
					AND tree_child_hide = 0
				ORDER BY ??';
            $childs_parent = _rowset(sql_filter($sql, $this->css_var($tree), $this->child_order($tree)));
            foreach ($childs_parent as $i => $row) {
                if (!$i) {
                    $sql = 'SELECT image_id, image_tree, image_extension
						FROM _images
						WHERE image_tree IN (??)
						ORDER BY RAND()';
                    $images_child_parent = _rowset(sql_filter($sql, _implode(',', array_keys($childs_parent))), 'tree_id');
                    _style('tree_child', array('ORDER_URL' => _link($tree['tree_id'], array('order', 0, 0, 0, 0))));
                }
                _style('tree_child_parent.row', array('ITEM' => $row['tree_id'], 'URL' => _link(_rewrite($row)), 'TITLE' => $row['tree_subject'], 'IMAGE' => isset($images_child_parent[$row['tree_id']]) ? $images_child_parent[$row['tree_id']]['image_id'] . '.' . $images_child_parent[$row['tree_id']]['image_extension'] : 'default.gif'));
            }
        }
        if ($tree['tree_downloads']) {
            $sql = 'SELECT *
				FROM _downloads
				WHERE download_tree = ?
				ORDER BY download_order';
            $downloads = _rowset(sql_filter($sql, $tree['tree_id']));
            foreach ($downloads as $i => $row) {
                if (!$i) {
                    _style('downloads', array('ORDER_URL' => _link($tree['tree_id'], array('orderd', 0, 0, 0, 0))));
                }
                _style('downloads.row', array('ITEM' => $row['download_id'], 'DOWNLOAD' => _link('get', $row['download_alias'] . '.' . $row['download_extension']), 'TITLE' => $row['download_title']));
            }
        }
        //
        if ($tree['tree_form']) {
            $sql = 'SELECT *
				FROM _form_fields
				WHERE form_tree = ?
				ORDER BY form_order';
            $form = _rowset(sql_filter($sql, $tree['tree_id']), 'form_alias');
            if (!count($form)) {
                $sql = 'SELECT *
					FROM _form_fields
					WHERE form_tree = 0
					ORDER BY form_order';
                $form = _rowset($sql, 'form_alias');
            }
            $form['secure'] = array('form_required' => 1, 'form_regex' => '^([a-zA-Z]+)$', 'form_alias' => 'secure', 'form_type' => 'text', 'form_legend' => 'Imagen de seguridad');
            _style('form', array('URL' => _link(_rewrite($tree))));
            foreach ($form as $row) {
                _style('form.row', array('ALIAS' => $row['form_alias'], 'REQUIRED' => $row['form_required'], 'LEGEND' => _lang($row['form_legend']), 'TYPE' => $row['form_type'], 'PAGE' => $tree['tree_alias']));
                foreach ($row as $row_k => $row_v) {
                    if (preg_match('#^form_(alias|type)$#is', $row_k)) {
                        if ($row_k == 'form_alias') {
                            $row_k = 'name';
                        }
                        _style('form.row.attrib', array('ATTRIB' => str_replace('form_', '', $row_k), 'VALUE' => $row_v));
                    }
                }
            }
        }
        $s_css_page = '';
        if (@file_exists('./style/css/_tree_' . _rewrite($tree) . '.css')) {
            $s_css_page = _rewrite($tree) . '/';
        } elseif ($this->css_parent($tree)) {
            if (!f($tree['tree_css_var'])) {
                $tree['tree_css_var'] = 'parent';
            }
            $ary_css_var = false;
            switch ($tree['tree_css_var']) {
                case 'parent':
                case 'subparent':
                case 'node':
                    $ary_css_var = ${$tree['tree_css_var']};
                    break;
                default:
                    if (is_numb($tree['tree_css_var'])) {
                        $sql = 'SELECT *
							FROM _tree
							WHERE tree_id = ?';
                        if ($css_var_row = _fieldrow(sql_filter($sql, $tree['tree_css_var']))) {
                            $ary_css_var = $css_var_row;
                        }
                    }
                    break;
            }
            if ($ary_css_var !== false) {
                $s_css_page = _rewrite($ary_css_var) . '/';
            }
        }
        v_style(array('S_IMAGES' => $core->v('address') . 'container/images/a_' . ($this->css_parent($tree) ? $this->css_var($tree) : $tree['tree_id']) . '/', 'V_TREE' => $tree['tree_id'], 'V_CSS' => $s_css_page, 'V_SUBJECT' => $tree['tree_subject'], 'V_CONTENT' => _message($tree['tree_content']), 'V_COMMENTS' => $tree['tree_comments'], 'V_ALLOW_COMMENTS' => $tree['tree_allow_comments'], 'V_ALLOW_FORM' => $tree['tree_form'], 'U_COMMENTS' => _link(_rewrite($tree)), 'U_XCF' => _link(_rewrite($tree) . '-xs.jpg', false, false)));
        $tree['tree_subject'] = strip_tags($tree['tree_subject']);
        //
        if ($tree['tree_alias'] != 'home') {
            if ($node['tree_id'] != $parent['tree_id']) {
                $this->navigation($node['tree_subject'], _rewrite($node));
            }
            if ($tree['tree_level'] > 2) {
                if ($parent['tree_id'] && $node['tree_id'] && $tree['tree_level'] > 3) {
                    $this->navigation('...');
                }
                $this->navigation($subparent['tree_subject'], _rewrite($subparent));
            }
            if ($parent['tree_id']) {
                $this->navigation($parent['tree_subject'], _rewrite($parent));
            }
            $this->navigation($tree['tree_subject'], _rewrite($tree));
        }
        if ($user->v('is_member')) {
            $tree['tree_cp'] = 1;
            $i = 0;
            $auth_tree = array('create', 'modify', 'remove');
            foreach ($auth_tree as $row) {
                if (_auth_get('cp_' . $row)) {
                    if (!$i) {
                        _style('auth');
                    }
                    _style('auth.row', array('U_AUTH' => _link('cp', array($row, _rewrite($tree))), 'V_NAME' => _lang('CP_AUTH_' . $row)));
                    $i++;
                }
            }
        }
        //
        $this->_template('tree');
        if (f($tree['tree_template']) && @file_exists('./style/custom/' . $tree['tree_template'] . '.htm')) {
            $this->_template('custom/' . $tree['tree_template']);
        }
        // TODO: 304 header response
        header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $tree['tree_edited']) . ' GMT');
        return;
    }
Example #6
0
    protected function _ticket_home()
    {
        global $user, $core;
        if (!$core->v('cron_enabled')) {
            return $this->e('CRON_DISABLED');
        }
        foreach (w('mail pop3 emailer htmlparser') as $row) {
            require_once XFS . 'core/' . $row . '.php';
        }
        $pop3 = new pop3();
        if (!$pop3->connect($core->v('mail_server'), $core->v('mail_port'))) {
            return $this->e('MAIL_NO_CONNECT');
        }
        if (!($total_mail = $pop3->login('recent:' . $core->v('mail_ticket_login'), $core->v('mail_ticket_key')))) {
            return $this->e('MAIL_NEW_MAIL');
        }
        //
        $mail = new _mail();
        $emailer = new emailer();
        //
        if (!($blacklist = $core->cache_load('ticket_blacklist'))) {
            $sql = 'SELECT *
				FROM _tickets_blacklist
				ORDER BY list_id';
            $blacklist = $core->cache_store(_rowset($sql, 'list_address', 'list_id'));
        }
        if (!($ticket_status = $core->cache_load('ticket_status_default'))) {
            $sql = 'SELECT status_id
				FROM _tickets_status
				WHERE status_default = 1';
            $ticket_status = $core->cache_store(_field($sql, 'status_id', 0));
        }
        $sql = 'SELECT group_id, group_email
			FROM _groups
			ORDER BY group_email';
        $groups = _rowset($sql, 'group_email', 'group_id');
        $sql = 'SELECT group_email, group_name
			FROM _groups
			ORDER BY group_email';
        $groups_name = _rowset($sql, 'group_email', 'group_name');
        $sql = 'SELECT gg.group_email, m.user_email
			FROM _groups gg, _groups_members g, _members m
			WHERE g.member_mod = ?
				AND g.member_uid = m.user_id
				AND gg.group_id = g.member_group
			ORDER BY m.user_email';
        $groups_mods = _rowset(sql_filter($sql, 1), 'group_email', 'user_email', true);
        foreach ($groups as $a_group_email => $a_group_id) {
            if (!isset($groups_mods[$a_group_email])) {
                $groups_mods[$a_group_email] = w();
            }
        }
        $sql = 'SELECT s.a_assoc, s.a_value
			FROM _members_fields f, _members_store s
			WHERE s.a_field = f.field_id
				AND f.field_alias LIKE ?
			ORDER BY s.a_value';
        $email_alt = _rowset(sql_filter($sql, 'email%'), 'a_value', 'a_assoc');
        // Pre mail process
        $recv = w();
        $now = time();
        $line_orig = array('&nbsp;');
        $line_repl = array(' ');
        $_v = w('from from_d to ticket subject body date mod ip spam blacklist reply other');
        $_c = w('normal reply other blacklist spam', 0);
        for ($i = 1; $i <= $total_mail; $i++) {
            foreach ($_v as $row) {
                ${'recv_' . $row} = 0;
            }
            $s_header = $mail->parse_header(split("\r\n", implode('', $pop3->top($i))));
            $recv_from = $mail->parse_address($s_header['from']);
            if (isset($blacklist[$recv_from])) {
                $recv_blacklist = 1;
            }
            if ($recv_from == $core->v('mail_ticket_login')) {
                $recv_blacklist = 1;
            }
            _dvar($s_header['to'], '');
            _dvar($s_header['cc'], '');
            if (f($s_header['cc'])) {
                $s_header['to'] .= (f($s_header['to']) ? ', ' : '') . $s_header['cc'];
            }
            $to_part = array_map('trim', explode(strpos($s_header['to'], ',') ? ',' : ';', $s_header['to']));
            foreach ($to_part as $row) {
                if (strpos($row, '<') !== false) {
                    $row = preg_replace('#.*?<(.*?)>#is', '\\1', $row);
                }
                if (isset($blacklist[$row])) {
                    $recv_blacklist = 1;
                } else {
                    $recv_blacklist = 0;
                    $row_first = array_key(explode('@', $row), 0);
                    if (isset($groups[$row_first])) {
                        $recv_to = $row_first;
                    }
                }
            }
            if (strstr($s_header['to'], _lang('MAIL_TO_UNKNOWN')) !== false) {
                $recv_to = array_key(explode('@', $core->v('mail_ticket_login')), 0);
            }
            if (!$recv_to) {
                $recv_blacklist = 1;
            }
            if (!$recv_blacklist) {
                $recv_subject = htmlencode(trim($s_header['subject']));
                if (preg_match('#\\[\\#(.*?)\\]#is', $recv_subject, $p_subject)) {
                    $sql = 'SELECT ticket_id
						FROM _tickets
						WHERE ticket_code = ?';
                    if ($recv_subject_d = _fieldrow(sql_filter($sql, $p_subject[1]))) {
                        $recv_ticket = $recv_subject_d['ticket_id'];
                        $recv_reply = $p_subject[1];
                        $recv_subject = substr(strrchr($recv_subject, ']'), 3);
                    }
                }
                if ($recv_to . '@' . $core->v('domain') == $recv_from && $recv_from == $core->v('mail_ticket_login') && $recv_reply) {
                    $recv_blacklist = 1;
                }
            }
            if (!$recv_blacklist) {
                if (isset($email_alt[$recv_from])) {
                    $sql_field = 'id';
                    $sql_value = $email_alt[$recv_from];
                } else {
                    $sql_field = 'username';
                    $sql_value = array_key(explode('@', $recv_from), 0);
                }
                $sql = 'SELECT user_id, user_username, user_firstname, user_lastname
					FROM _members
					WHERE user_?? = ?';
                if ($recv_from_d = _fieldrow(sql_filter($sql, $sql_field, $sql_value))) {
                    $recv_from_d = serialize(array_row($recv_from_d));
                } else {
                    $recv_other = 1;
                }
                $d_body = $mail->body($s_header, $pop3->fbody($i), true);
                $recv_date = $mail->parse_date($s_header['date']);
                $recv_ip = $mail->parse_ip($s_header['received']);
                if (isset($groups_email[$recv_to])) {
                    $recv_mod = $groups_email[$recv_to];
                }
                if ($recv_date > $now || $recv_date < $now - 86400) {
                    $recv_date = $now;
                }
                if (isset($d_body['text-plain']) && f($d_body['text-plain'])) {
                    $recv_body = trim($d_body['text-plain']);
                } elseif (isset($d_body['text-html']) && f($d_body['text-html'])) {
                    $htm_text = w();
                    $tag_open = false;
                    $parser = new HtmlParser($d_body['text-html']);
                    while ($parser->parse()) {
                        $line = trim(str_replace($line_orig, $line_repl, $parser->iNodeValue));
                        if ($tag_open || strpos($line, '<') !== false) {
                            $tag_open = !$tag_open;
                            continue;
                        }
                        if ($parser->iNodeName == 'Text' && f($line)) {
                            $htm_text[] = preg_replace("/(\r\n){1}/", ' ', $line);
                        }
                    }
                    $recv_body = implode("\n", $htm_text);
                }
                if (f($recv_body)) {
                    $recv_body = htmlencode(_utf8($recv_body));
                }
                if (!f($recv_body)) {
                    $recv_blacklist = 1;
                }
            }
            $recv[$i] = w();
            foreach ($_v as $row) {
                $recv[$i][$row] = ${'recv_' . $row};
            }
        }
        foreach ($recv as $i => $row) {
            if ($row['spam'] || $row['blacklist']) {
                $pop3->delete($i);
                $row_key = $row['spam'] ? 'spam' : 'blacklist';
                $_c[$row_key]++;
                continue;
            }
            // Send mail to group admin
            if ($row['other']) {
                $_c['other']++;
                if (count($groups_mods[$row['to']])) {
                    foreach ($groups_mods[$row['to']] as $i => $mod_email) {
                        $email_func = !$i ? 'email_address' : 'cc';
                        $emailer->{$email_func}($mod_email);
                    }
                    $emailer->from($row['from']);
                    $emailer->replyto($row['from']);
                    $emailer->set_subject(entity_decode($row['subject']));
                    $emailer->use_template('ticket_other');
                    $emailer->set_decode(true);
                    $emailer->assign_vars(array('SUBJECT' => entity_decode($row['subject']), 'MESSAGE' => entity_decode($row['body'])));
                    $emailer->send();
                    $emailer->reset();
                }
                $pop3->delete($i);
                continue;
            }
            $row['code'] = $row['reply'] ? $row['reply'] : substr(md5(unique_id()), 0, 8);
            $row['from_d'] = unserialize($row['from_d']);
            $row['group_id'] = $groups[$row['to']];
            $row['msubject'] = entity_decode(sprintf('%s [#%s]: %s', $groups_name[$row['to']], $row['code'], $row['subject']));
            $row['mbody'] = explode("\n", $row['body']);
            //
            $body_const = w();
            foreach ($row['mbody'] as $part_i => $part_row) {
                if (isset($row['mbody'][$part_i - 1]) && f($row['mbody'][$part_i - 1]) && f($row['mbody'][$part_i])) {
                    $row['mbody'][$part_i] = "\n" . $part_row;
                }
            }
            $row['body'] = implode("\n", $row['mbody']);
            $v_mail = array('USERNAME' => $row['from_d']['user_username'], 'FULLNAME' => entity_decode(_fullname($row['from_d'])), 'SUBJECT' => entity_decode($row['subject']), 'MESSAGE' => entity_decode($row['body']), 'TICKET_URL' => _link('ticket', array('x1' => 'view', 'code' => $row['code'])));
            if (!$row['reply']) {
                $_c['normal']++;
                $sql_insert = array('parent' => 0, 'cat' => 1, 'group' => $row['group_id'], 'title' => _subject($row['subject']), 'text' => _prepare($row['body']), 'code' => $row['code'], 'contact' => $row['from_d']['user_id'], 'aby' => 0, 'status' => $ticket_status, 'start' => $row['date'], 'lastreply' => $row['date'], 'end' => 0, 'ip' => $row['ip']);
                $sql = 'INSERT INTO _tickets' . _build_array('INSERT', prefix('ticket', $sql_insert));
                _sql($sql);
                // Send mail to user
                $emailer->email_address($row['from']);
                $emailer->from($row['to'] . '@' . $core->v('domain'));
                $emailer->set_subject($row['msubject']);
                $emailer->use_template('ticket_' . $row['to']);
                $emailer->set_decode(true);
                $emailer->assign_vars($v_mail);
                $emailer->send();
                $emailer->reset();
                // > Send mail to group admin
                if (count($groups_mods[$row['to']])) {
                    foreach ($groups_mods[$row['to']] as $i => $mod_email) {
                        $address_func = !$i ? 'email_address' : 'cc';
                        $emailer->{$address_func}($mod_email);
                    }
                    $emailer->from($row['to'] . '@' . $core->v('domain'));
                    $emailer->set_subject($row['msubject']);
                    $emailer->use_template('ticket_' . ($row['reply'] ? 'reply' : 'tech'));
                    $emailer->set_decode(true);
                    $emailer->assign_vars($v_mail);
                    $emailer->send();
                    $emailer->reset();
                }
            } else {
                $_c['reply']++;
                $sql_insert = array('ticket_id' => $row['ticket'], 'user_id' => $row['from_d']['user_id'], 'note_text' => htmlencode($row['body']), 'note_time' => $row['date'], 'note_cc' => 1);
                $sql = 'INSERT INTO _tickets_notes' . _build_array('INSERT', $sql_insert);
                _sql($sql);
                $sql = 'UPDATE _tickets SET ticket_lastreply = ?
					WHERE ticket_id = ?';
                _sql(sql_filter($sql, $row['date'], $row['ticket']));
                // Send mail to group members || user
                $sql = 'SELECT *
					FROM _tickets_assign a, _members m
					WHERE a.assign_ticket = ?
						AND a.user_id = m.user_id
						AND m.user_username NOT IN (?)';
                $tech = _rowset(sql_filter($sql, $row['ticket'], $row['from_d']['user_username']));
                if ($row['mod'] != $row['from_d']['user_username']) {
                    $tech[] = $row['mod'];
                }
                if (count($tech)) {
                    foreach ($tech as $tech_i => $tech_row) {
                        $m_method = !$tech_i ? 'email_address' : 'cc';
                        $emailer->{$m_method}($tech_row . '@' . $core->v('domain'));
                    }
                    $emailer->from($row['to'] . '@' . $core->v('domain'));
                    $emailer->use_template('ticket_reply');
                    $emailer->set_subject($row['msubject']);
                    $emailer->set_decode(true);
                    $emailer->assign_vars($v_mail);
                    $emailer->send();
                    $emailer->reset();
                }
            }
            // Delete mail from server
            $pop3->delete($i);
        }
        // Quit server
        $pop3->quit();
        $ret = '';
        foreach ($_c as $k => $v) {
            $ret .= "\n" . $k . ' = ' . $v . '<br />';
        }
        return $this->e($ret);
    }
Example #7
0
    function _edit_home()
    {
        global $user;
        $v = $this->__(array('id' => 0));
        $sql = 'SELECT *
			FROM _email
			WHERE email_id = ?';
        if (!($email = _fieldrow(sql_filter($sql, $v['id'])))) {
            $this->e('El registro de email no existe.');
        }
        if (_button()) {
            $v = array_merge($v, $this->__(w('subject message')));
            $sql = 'UPDATE _email SET ' . _build_array('UPDATE', prefix('email', $v)) . sql_filter('
				WHERE email_id = ?', $v['id']);
            _sql($sql);
            $this->e('El mensaje programado fue actualizado.');
        }
        v_style(array('SUBJECT' => $email['email_subject'], 'MESSAGE' => $email['email_message']));
    }
Example #8
0
    protected function _create_home()
    {
        global $user;
        $v = $tree = $this->init();
        $z = $this->__(w('zmode'));
        if (_button()) {
            $v_ary = array('subject', 'content');
            if ($user->v('is_founder')) {
                $v_ary = array_merge($v_ary, array('node' => 0, 'parent' => 0, 'level' => 0, 'module' => 0, 'alias', 'child_hide' => 0, 'child_order', 'nav' => 0, 'nav_hide' => 0, 'css_parent' => 0, 'css_var', 'quickload' => 0, 'dynamic' => 0, 'tags', 'template', 'redirect', 'description', 'allow_comments' => 0, 'approve_comments' => 0, 'form' => 0, 'form_email', 'published', 'move'));
            }
            $v = $this->__($v_ary);
            /*
            $v = $this->__(array(
            	'node' => 0,
            	'parent' => 0,
            	'level' => 0,
            	'module' => 0,
            	'alias',
            	'child_hide' => 0,
            	'child_order',
            	'nav' => 0,
            	'nav_hide' => 0,
            	'css_parent' => 0,
            	'css_var',
            	'quickload' => 0,
            	'dynamic' => 0,
            	'tags',
            	'template',
            	'redirect',
            	'subject',
            	'content',
            	'description',
            	'allow_comments' => 0,
            	'approve_comments' => 0,
            	'form' => 0,
            	'form_email',
            	'published',
            	'move'
            ));
            */
            //
            $v['edited'] = time();
            foreach (w('node level parent module') as $row) {
                $v[$row] = $tree['tree_' . $row];
            }
            if ($z['zmode'] == 'create') {
                $v['parent'] = $tree['tree_id'];
                $v['level']++;
                if (!$v['node']) {
                    $v['node'] = $v['parent'];
                }
            }
            // Parse vars
            foreach ($v as $row_k => $row_v) {
                switch ($row_k) {
                    case 'subject':
                        $row_v = $this->html($row_v, 'strong');
                        break;
                    case 'content':
                        $row_v = $this->html($row_v);
                        break;
                    case 'alias':
                        $row_v = _alias($row_v, w('_'), '-');
                        break;
                    case 'checksum':
                        $row_v = _hash($v['content']);
                        break;
                    case 'published':
                        $row_v = dvar($row_v, date('d m Y'));
                        $e_date = explode(' ', $row_v);
                        $row_v = _timestamp($e_date[1], $e_date[0], $e_date[2]);
                        break;
                }
                $v[$row_k] = $row_v;
            }
            if ($z['zmode'] == 'modify' && $tree['tree_alias'] == 'home' && $v['alias'] != 'home') {
                $v['alias'] = 'home';
            }
            if (f($v['alias'])) {
                $sql = 'SELECT tree_id
					FROM _tree
					WHERE tree_alias = ?
						AND tree_id <> ?';
                if (_fieldrow(sql_filter($sql, $v['alias'], $tree['tree_id']))) {
                    $this->_error('#ALIAS_IN_USE');
                }
            }
            if ($z['zmode'] == 'modify') {
                if ($v['move']) {
                    $mv_field = !is_numb($v['move']) ? 'alias' : 'id';
                    $sql = 'SELECT *
						FROM _tree
						WHERE tree_?? = ?';
                    if ($mv_tree = _fieldrow(sql_filter($sql, $mv_field, $v['move']))) {
                        $mv_insert = array('module' => $mv_tree['module_id'], 'node' => $mv_tree['tree_node'], 'parent' => $mv_tree['tree_id'], 'level' => $mv_tree['tree_level'] + 1);
                        $sql = 'UPDATE _tree SET ' . _build_array('UPDATE', prefix('tree', $mv_insert)) . sql_filter('
							WHERE article_id = ?', $tree['tree_id']);
                        _sql($sql);
                        $sql = 'UPDATE _tree SET tree_childs = tree_childs - 1
							WHERE tree_id = ?';
                        _sql(sql_filter($sql, $tree['tree_parent']));
                        $sql = 'UPDATE _tree SET tree_childs = tree_childs + 1
							WHERE tree_id = ?';
                        _sql(sql_filter($sql, $mv_tree['tree_id']));
                    }
                }
                unset($v['move']);
                // Check input values against database
                foreach ($v as $row_k => $row_v) {
                    if ($tree['tree_' . $row_k] == $row_v) {
                        unset($v[$row_k]);
                    }
                }
                if (!(count($v) - 1)) {
                    unset($v['edited']);
                }
            } else {
                unset($v['move']);
            }
            //
            $u_tree = _rewrite($tree);
            if (count($v)) {
                if (isset($v['content']) && $v['content']) {
                    $v['content'] = str_replace(w('&lt; &gt;'), w('< >'), $v['content']);
                }
                if ($z['zmode'] == 'create') {
                    $sql = 'INSERT INTO _tree' . _build_array('INSERT', prefix('tree', $v));
                } else {
                    $sql = 'UPDATE _tree SET ' . _build_array('UPDATE', prefix('tree', $v)) . sql_filter('
						WHERE tree_id = ?', $tree['tree_id']);
                }
                _sql($sql);
                if ($z['zmode'] == 'create') {
                    $u_tree = f($v['alias']) ? $v['alias'] : _nextid();
                    $sql = 'UPDATE _tree
						SET tree_childs = tree_childs + 1
						WHERE tree_id = ?';
                    _sql(sql_filter($sql, $tree['tree_id']));
                }
            }
            redirect(_link($u_tree));
        }
        //
        // Show fieldset
        /*$v_fieldset = array(
        			'subject',
        			'content',
        			'description',
        			'alias',
        			'child_hide' => 0,
        			'child_order',
        			'nav' => 0,
        			'nav_hide' => 0,
        			'css_parent',
        			'css_var',
        			'quickload' => 0,
        			'dynamic' => 0,
        			'tags',
        			'template',
        			'redirect',
        			'allow_comments' => 0,
        			'approve_comments' => 0,
        			'form' => 0,
        			'form_email',
        			'published'
        		);
        		*/
        $v_fieldset = array('subject', 'content');
        if ($user->v('is_founder')) {
            $v_fieldset = array_merge($v_fieldset, array('description', 'alias', 'child_hide' => 0, 'child_order', 'nav' => 0, 'nav_hide' => 0, 'css_parent', 'css_var', 'quickload' => 0, 'dynamic' => 0, 'tags', 'template', 'redirect', 'allow_comments' => 0, 'approve_comments' => 0, 'form' => 0, 'form_email', 'published'));
        }
        $is_modify = $z['zmode'] == 'modify';
        foreach (_array_keys($v_fieldset, '') as $k => $row) {
            $name = 'tree_' . $k;
            $cp_lang = _lang('CP_' . $k);
            $value = $is_modify ? isset($v[$k]) ? $v[$k] : (isset($tree[$name]) ? $tree[$name] : '') : '';
            $checked = is_numb($row) && $is_modify && $tree[$name] ? ' checked="checked"' : '';
            if (f($value)) {
                switch ($k) {
                    case 'published':
                        $value = date('d m Y', $value);
                        break;
                }
            }
            $type = 'text';
            if (is_numb($row)) {
                $value = 1;
                $type = 'checkbox';
            }
            $tag = 'input';
            if ($k == 'content') {
                $tag = 'textarea';
            }
            _style('field', array('NAME' => $k, 'ID' => $k, 'TAG' => $tag, 'TYPE' => $type, 'VALUE' => $value, 'LANG' => $cp_lang, 'CHECKED' => $checked));
            if ($k == 'template') {
                $i = 0;
                $fp = @opendir('./style/custom/');
                while ($row_d = @readdir($fp)) {
                    if (_extension($row_d) != 'htm') {
                        continue;
                    }
                    if (!$i) {
                        _style('field.templated');
                        _style('field.templated.row', array('V' => '', 'FILE' => _lang('NONE')));
                    }
                    $v_file = str_replace('.htm', '', $row_d);
                    _style('field.templated.row', array('V' => $v_file, 'FILE' => $v_file));
                    $i++;
                }
                @closedir($fp);
            }
            //
        }
        $cp_format = !$is_modify ? 'CREATE' : 'MODIFY';
        v_style(array('CP_PAGE' => sprintf(_lang('CP_PAGE_' . $cp_format), $tree['tree_subject'])));
        return;
    }
Example #9
0
    public final function _install()
    {
        global $core;
        // TODO: Improve module installation!
        // Pre run check
        if (!($modules = $core->cache_load('modules'))) {
            $sql = 'SELECT *
				FROM _modules
				ORDER BY module_name';
            $modules = $core->cache_store(_rowset($sql));
        }
        $run_install = true;
        foreach ($modules as $row) {
            if ($row['module_alias'] === $this->m()) {
                $run_install = false;
            }
        }
        // Run module install
        if ($run_install) {
            $proc = $this->install();
            // Post install
            $sql_insert = array('alias' => $this->m(), 'name' => $proc['NAME'], 'author' => $proc['AUTHOR'], 'link' => $proc['LINK']);
            $sql = 'INSERT INTO _modules' . _build_array('INSERT', prefix('module', $sql_insert));
            _sql($sql);
        }
        return;
    }
Example #10
0
File: bio.php Project: nopticon/mag
    public function auth_update($f, $v = false, $uid = false)
    {
        global $core;
        if ($uid === false) {
            $uid = $this->v('bio_id');
        }
        $field = $this->auth_field($f);
        if ($field !== false) {
            $cv = isset($this->auth[$uid][$field['field_alias']]);
            switch ($v) {
                case true:
                    if ($cv) {
                        return;
                    }
                    $sql_insert = array('bio' => $uid, 'field' => $field['field_id']);
                    $sql = 'INSERT INTO _bio_auth' . _build_array('INSERT', prefix('auth', $sql_insert));
                    _sql($sql);
                    $this->auth[$uid][$field['field_alias']] = true;
                    break;
                case false:
                    if (!$cv) {
                        return;
                    }
                    $sql = 'DELETE FROM _bio_auth
						WHERE auth_bio = ?
							AND auth_field = ?';
                    _sql(sql_filter($sql, $uid, $field['field_id']));
                    unset($this->auth[$uid][$field['field_alias']]);
                    break;
            }
            $core->cache_unload();
        }
        return;
    }
Example #11
0
    public function home()
    {
        global $user;
        $v = $this->__(array('faddr', 'nickname', 'address', 'birthday' => array('' => 0), 'country' => 0));
        foreach (w('year month day') as $name) {
            $v['birthday'][$name] = isset($v['birthday'][$name]) ? $v['birthday'][$name] : '';
        }
        if (f($v['faddr'])) {
            $v['address'] = $v['faddr'];
        }
        if (_button()) {
            if (!f($v['address']) || !f($v['nickname'])) {
                $this->error('COMPLETE_FIELDS');
            }
            if (f($v['address'])) {
                $sql = 'SELECT user_id
					FROM _members
					WHERE user_email = ?';
                if (_field(sql_filter($sql, $v['address']), 'user_id', 0)) {
                    $this->error('EMAIL_EXISTS');
                }
                if (!preg_match('/^[a-z0-9&\'\\.\\-_\\+]+@[a-z0-9\\-]+\\.([a-z0-9\\-]+\\.)*?[a-z]+$/is', $v['address'])) {
                    $this->error('EMAIL_BAD');
                }
            }
            $sql = 'SELECT country_id
				FROM _countries
				WHERE country_id = ?';
            if (!_field(sql_filter($sql, $v['country']), 'country_id', 0)) {
                $this->error('NO_COUNTRY');
            }
            if (!$this->errors()) {
                $v['birthday'] = _zero($v['birthday']['year']) . _zero($v['birthday']['month']) . _zero($v['birthday']['day']);
                $sql_insert = array('type' => 1, 'active' => 0, 'username' => $v['nickname'], 'password' => '', 'registration' => time(), 'lastvisit' => '', 'lastpage' => '', 'country' => $v['country'], 'email' => $v['address'], 'birthday' => $v['birthday'], 'gender' => 0, 'dateformat' => 'd M Y H:i', 'timezone' => 0, 'dst' => 0);
                $sql = 'INSERT INTO _members' . _build_array('INSERT', prefix('user', $sql_insert));
                _sql($sql);
                require XFS . 'core/emailer.php';
                $emailer = new emailer();
                $emailer->format('plain');
                $emailer->from('TWC Kaulitz <*****@*****.**>');
                $emailer->use_template('welcome');
                $emailer->email_address($v['address']);
                $emailer->assign_vars(array('USERNAME' => $v['nickname']));
                $emailer->send();
                $emailer->reset();
                //
                redirect('http://www.twckaulitz.com/', false);
            }
        }
        if ($this->errors()) {
            _style('errors', array('MSG' => $this->get_errors()));
        }
        for ($i = 1; $i < 32; $i++) {
            _style('days', array('DAY' => $i));
        }
        $months = w('Enero Febrero Marzo Abril Mayo Junio Julio Agosto Septiembre Octubre Noviembre Diciembre');
        foreach ($months as $i => $row) {
            _style('months', array('VALUE' => $i + 1, 'MONTH' => $row));
        }
        for ($i = 2005; $i > 1899; $i--) {
            _style('years', array('YEAR' => $i));
        }
        //
        // GeoIP
        //
        include XFS . 'core/geoip.php';
        $gi = geoip_open(XFS . 'core/GeoIP.dat', GEOIP_STANDARD);
        $geoip_code = strtolower(geoip_country_code_by_addr($gi, $user->ip));
        $sql = 'SELECT *
			FROM _countries
			ORDER BY country_name';
        $countries = _rowset($sql);
        $codes = w();
        foreach ($countries as $row) {
            $codes[$row['country_short']] = $row['country_id'];
            _style('countries', array('VALUE' => $row['country_id'], 'NAME' => $row['country_name']));
        }
        if (!$v['country']) {
            $v['country'] = isset($codes[$geoip_code]) ? $codes[$geoip_code] : $codes['gt'];
        }
        v_style(array('NICKNAME' => $v['nickname'], 'ADDRESS' => $v['address'], 'COUNTRY' => $v['country'], 'BIRTHDAY_YEAR' => $v['birthday']['year'], 'BIRTHDAY_MONTH' => $v['birthday']['month'], 'BIRTHDAY_DAY' => $v['birthday']['day']));
        return;
    }
Example #12
0
    protected function _create_home()
    {
        if (_button()) {
            $v = $this->__(array('codigo', 'nombre', 'apellido', 'direccion', 'edad', 'sexo', 'email', 'telefono', 'identificacion', 'status', 'carne', 'carne_auto' => 0));
            /*
            padre_nombre
            padre_apellido
            
            madre_nombre
            madre_apellido
            
            encargado_nombre
            encargado_apellido
            encargado_profesion
            encargado_labora
            encargando_labora_direccion
            
            encargado_identificacion
            encargado_emergencia
            */
            $sql = 'INSERT INTO _students' . _build_array('INSERT', $v);
            $v['id'] = _sql_nextid($sql);
            if ($v['carne_auto']) {
                $v['carne'] = date('Y') . $v['id'];
                $sql = 'UPDATE _students SET carne = ?
					WHERE id_alumno = ?';
                _sql(sql_filter($sql, $v['carne'], $v['id']));
            }
            $sql_insert = '';
            // TODO: Build query
            $sql = 'INSERT INTO _registrations' . _build_array('INSERT', '');
        }
        $sql = 'SELECT grade_id, grade_name
			FROM _grades
			WHERE grade_status = 1
			ORDER BY grade_order';
        $grades = _rowset($sql);
        foreach ($grades as $i => $row) {
            if (!$i) {
                _style('grades');
            }
            _style('grades.row', array('GRADE_ID' => $row['grade_id'], 'GRADE_NAME' => $row['grade_name']));
        }
        $sql = 'SELECT section_id, section_name
			FROM _sections
			WHERE section_grade = 1';
        $sections = _rowset($sql);
        foreach ($sections as $i => $row) {
            if (!$i) {
                _style('sections');
            }
            _style('sections.row', array('SECTION_ID' => $row['section_id'], 'SECTION_NAME' => $row['section_name']));
        }
        return;
    }
Example #13
0
    protected function _groups_modify()
    {
        gfatal();
        global $core;
        $v = $this->__(array('el' => 0, 'r_name', 'r_email', 'r_mod', 'r_color'));
        foreach ($v as $row) {
            if (!f($row)) {
                $this->_error('#FIELD_IS_EMPTY');
            }
        }
        $sql = 'SELECT *
			FROM _groups
			WHERE group_id = ?';
        if (!($group = _fieldrow(sql_filter($sql, $v['el'])))) {
            $this->_error('#GROUPS_NO_EXISTS');
        }
        $mod_list = array_map('trim', explode(',', $v['r_mod']));
        array_unshift($mod_list, 'addquotes');
        $sql = 'SELECT user_id
			FROM _members
			WHERE user_username IN (??)
			ORDER BY user_username';
        if (!($mods_list = _rowset(sql_filter($sql, _implode(',', $mod_list)), false, 'user_id'))) {
            $this->_error('#USER_UNKNOWN');
        }
        $sql = 'UPDATE _groups SET group_name = ?, group_email = ?, group_color = ?
			WHERE group_id = ?';
        _sql(sql_filter($sql, $v['r_name'], $v['r_email'], $v['r_color'], $v['el']));
        $sql = 'UPDATE _groups_members SET member_mod = 0
			WHERE member_group = ?';
        _sql(sql_filter($sql, $v['el']));
        foreach ($mods_list as $row) {
            $sql = 'SELECT member_id
				FROM _groups_members
				WHERE member_uid = ?';
            if (_field(sql_filter($sql, $row), 'member_id', 0)) {
                $sql = 'UPDATE _groups_members SET member_mod = ?
					WHERE member_uid = ?';
                _sql(sql_filter($sql, 1, $row));
            } else {
                $sql_insert = array('group' => $group_id, 'uid' => $row, 'mod' => 1);
                $sql = 'INSERT INTO _groups_members' . _build_array('INSERT', prefix('member', $sql_insert));
                _sql($sql);
            }
        }
        $core->cache_unload();
        return $this->e('~OK');
    }