/**
* Checks all requirements defined for some Extension
*
* @param array $info Extension info array, from setup file header
* @param bool $mute_err_msg (optional) Disable error messages firing
* @param bool $mute_info_msg (optional) Disable success messages. Disabled by default.
* @return boolean Result of check
*
* @see cot_infoget() from `API - Extensions` package
* @uses cot_requirements_satisfied()
*/
function cot_check_requirements($info, $mute_err_msg = false, $mute_info_msg = false)
{
foreach ($info as $key => $constraint) {
if (strpos(trim($key), 'Requires') === 0) {
list(, $package) = explode('_', $key, 2);
$package = $package ?: 'Core';
$package = strtolower($package);
if (in_array($package, array('plugins', 'modules'))) {
// old style requirements check
$list = explode(',', $constraint);
foreach ($list as $extname) {
$extname = trim($extname);
$satisfied = cot_requirements_satisfied(substr($package, 0, -1), '*', $extname);
if (!$satisfied) {
break;
}
}
} else {
// new style constraints
$check_installed = strpos($constraint, '?') === false;
if (!$check_installed) {
$constraint = str_replace('?', '', $constraint);
}
$satisfied = cot_requirements_satisfied($package, $constraint, null, $check_installed);
}
$requirement_str = " {$package}: {$info[$key]}";
if ($satisfied === false) {
$mute_err_msg || cot_error(cot_rc('req_not_satisfied', array('req' => $requirement_str)));
} elseif ($satisfied !== true) {
// get error with constraint
$mute_err_msg || cot_message(cot_rc('req_not_valid', array('req' => $requirement_str, 'error_msg' => $satisfied)), 'warning');
} else {
$mute_info_msg || cot_message(cot_rc('req_satisfied', array('req' => $requirement_str)), 'ok');
}
if ($satisfied !== true) {
return false;
}
// #FIXME comment for test
}
}
//return false; // #FIXME uncomment for test
return true;
}
function cfg_password_filter(&$input_value, $cfg_var, $minlength = 4)
{
if (!is_array($input_value)) {
return NULL;
}
if ($input_value[0] == $input_value[1]) {
if ($input_value[0] && mb_strlen($input_value[1]) < $minlength) {
cot_error('min length: ' . $minlength, $cfg_var['config_name']);
} else {
return $input_value[1];
}
} else {
if ($input_value[1]) {
cot_error('Password must match', $cfg_var['config_name']);
}
}
$input_value = $cfg_var['config_value'];
return NULL;
}
/**
* Импортировать файл
*/
function brs_importFile($inputname, $oldvalue = '')
{
global $lang, $cot_translit, $brs_allowed_ext, $brs_files_dir, $cfg;
$import = !empty($_FILES[$inputname]) ? $_FILES[$inputname] : array();
$import['delete'] = cot_import('del_' . $inputname, 'P', 'BOL') ? 1 : 0;
// Если пришел файл или надо удалить существующий
if (is_array($import) && !$import['error'] && !empty($import['name'])) {
$fname = mb_substr($import['name'], 0, mb_strrpos($import['name'], '.'));
$ext = mb_strtolower(mb_substr($import['name'], mb_strrpos($import['name'], '.') + 1));
if (!file_exists($brs_files_dir)) {
mkdir($brs_files_dir);
}
//check extension
if (empty($brs_allowed_ext) || in_array($ext, $brs_allowed_ext)) {
if ($lang != 'en') {
require_once cot_langfile('translit', 'core');
$fname = is_array($cot_translit) ? strtr($fname, $cot_translit) : '';
}
$fname = str_replace(' ', '_', $fname);
$fname = preg_replace('#[^a-zA-Z0-9\\-_\\.\\ \\+]#', '', $fname);
$fname = str_replace('..', '.', $fname);
$fname = empty($fname) ? cot_unique() : $fname;
$fname .= file_exists("{$brs_files_dir}/{$fname}.{$ext}") && $oldvalue != $fname . '.' . $ext ? date("YmjGis") : '';
$fname .= '.' . $ext;
$file['old'] = !empty($oldvalue) && ($import['delete'] || $import['tmp_name']) ? $oldvalue : '';
$file['tmp'] = !$import['delete'] ? $import['tmp_name'] : '';
$file['new'] = !$import['delete'] ? $brs_files_dir . $fname : '';
if (!empty($file['old']) && file_exists($file['old'])) {
unlink($file['old']);
}
if (!empty($file['tmp']) && !empty($file['tmp'])) {
move_uploaded_file($file['tmp'], $file['new']);
}
return $file['new'];
} else {
cot_error(cot::$L['brs_err_inv_file_type'], $inputname);
return '';
}
}
}
<?php
/* ====================
[BEGIN_COT_EXT]
Hooks=comments.send.first
[END_COT_EXT]
==================== */
/**
* mCAPTCHA validation
*
* @package MathCaptcha
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') or die("Wrong URL.");
if ($cfg['captchamain'] == 'mcaptcha' && $usr['id'] == '0') {
$rverify = cot_import('rverify', 'P', 'TXT');
if (!cot_captcha_validate($rverify)) {
cot_error('captcha_verification_failed', 'rverify');
}
}
$adminpath[] = array(cot_url('admin', array('m' => 'other', 'p' => 'configeditor', 'n' => 'set', 'c' => $c)), $info['configcat_title']);
$adminpath[] = $L['edit_cat'];
$types_array = array(COT_CONFIG_TYPE_TEXT => $L['ccfg_type_text'], COT_CONFIG_TYPE_STRING => $L['ccfg_type_string'], COT_CONFIG_TYPE_SELECT => $L['ccfg_type_select'], COT_CONFIG_TYPE_RADIO => $L['ccfg_type_radio'], COT_CONFIG_TYPE_CALLBACK => $L['ccfg_type_callback'], COT_CONFIG_TYPE_HIDDEN => $L['ccfg_type_hidden'], COT_CONFIG_TYPE_SEPARATOR => $L['ccfg_type_separator'], COT_CONFIG_TYPE_RANGE => $L['ccfg_type_range'], COT_CONFIG_TYPE_CUSTOM => $L['ccfg_type_custom']);
if ($a == 'add') {
$name = cot_import('rname', 'P', "ALP");
$title = cot_import('rtitle', 'P', "TXT");
$desc = cot_import('rdesc', 'P', "HTM");
$order = cot_import('rorder', 'P', "INT");
$variants = cot_import('rvariants', 'P', "HTM");
$default = cot_import('rdefault', 'P', "HTM");
$type = cot_import('rtype', 'P', "INT");
if (empty($name)) {
cot_error($L['err_no_name']);
}
if (cfg_editor::config_exists($name)) {
cot_error($L['err_exists_name']);
}
if (!cot_error_found()) {
cfg_editor::config_add($c, $name, $order, $title, $desc, $type, $default, $variants);
cot_message('added_success');
}
$cache && $cache->clear();
cot_redirect(cot_url('admin', array('m' => 'other', 'p' => 'configeditor', 'n' => 'edit', 'c' => $c), '', true));
}
if ($a == 'update') {
$titles = cot_import('rtitle', 'P', "ARR");
$descs = cot_import('rdesc', 'P', "ARR");
$orders = cot_import('rorder', 'P', "ARR");
$variantss = cot_import('rvariants', 'P', "ARR");
$defaults = cot_import('rdefault', 'P', "ARR");
$types = cot_import('rtype', 'P', "ARR");
}
/* ===== */
if (!cot_error_found()) {
$res = cot_structure_add($n, $rstructure, $is_module);
if ($res === true) {
cot_extrafield_movefiles();
/* === Hook === */
foreach (cot_getextplugins('admin.structure.add.done') as $pl) {
include $pl;
}
/* ===== */
cot_message('Added');
} elseif (is_array($res)) {
cot_error($res[0], $res[1]);
} else {
cot_error('Error');
}
}
cot_redirect(cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&d=' . $durl, '', true));
} elseif ($a == 'delete') {
cot_check_xg();
if (cot_structure_delete($n, $c, $is_module)) {
/* === Hook === */
foreach (cot_getextplugins('admin.structure.delete.done') as $pl) {
include $pl;
}
/* ===== */
cot_message('Deleted');
}
cot_redirect(cot_url('admin', 'm=structure&n=' . $n . '&mode=' . $mode . '&d=' . $durl, '', true));
} elseif ($a == 'resyncall') {
public function deleteAction()
{
$id = cot_import('id', 'G', 'INT');
$d = cot_import('d', 'G', 'INT');
$backUrlParams = array('m' => 'subscribe');
if (!empty($d)) {
$backUrlParams['d'] = $d;
}
// Фильтры из списка
$f = cot_import('f', 'G', 'ARR');
if (!empty($f)) {
foreach ($f as $key => $val) {
if ($key == 'id') {
continue;
}
$backUrlParams["f[{$key}]"] = $val;
}
}
$sort = cot_import('s', 'G', 'ALP');
// order field name
$way = cot_import('w', 'G', 'ALP', 4);
// order way (asc, desc)
if ($sort != 'title') {
$backUrlParams['s'] = $sort;
}
if ($way != 'asc') {
$backUrlParams['w'] = $way;
}
if (!$id) {
cot_error(cot::$L['subscribe_err_not_found']);
cot_redirect(cot_url('admin', $backUrlParams));
}
$item = subscribe_model_Subscribe::getById($id);
if (!$item) {
cot_error(cot::$L['subscribe_err_not_found']);
cot_redirect(cot_url('admin', $backUrlParams));
}
$title = $item->title;
$item->delete();
cot_message(sprintf(cot::$L['subscribe_deleted'], $title));
cot_redirect(cot_url('admin', $backUrlParams, '', true));
}
/* === Hook === */
foreach (cot_getextplugins('forums.editpost.update.first') as $pl) {
include $pl;
}
/* ===== */
$rtopic['ft_title'] = cot_import('rtopictitle', 'P', 'TXT', 255);
$rtopic['ft_desc'] = cot_import('rtopicdesc', 'P', 'TXT', 255);
$rmsg = array();
$rmsg['fp_text'] = cot_import('rmsgtext', 'P', 'HTM');
$rmsg['fp_updater'] = $rowpost['fp_posterid'] == $usr['id'] && $sys['now'] < $rowpost['fp_updated'] + 300 && empty($rowpost['fp_updater']) ? '' : $usr['name'];
$rmsg['fp_updated'] = $sys['now'];
if (isset($_POST['rtopictitle']) && mb_strlen($rtopic['ft_title']) < $cfg['forums']['mintitlelength']) {
cot_error('forums_titletooshort', 'rtopictitle');
}
if (mb_strlen($rmsg['fp_text']) < $cfg['forums']['minpostlength']) {
cot_error('forums_messagetooshort', 'rmsgtext');
}
foreach ($cot_extrafields[$db_forum_topics] as $exfld) {
$rtopic['ft_' . $exfld['field_name']] = cot_import_extrafields('rtopic' . $exfld['field_name'], $exfld);
}
foreach ($cot_extrafields[$db_forum_posts] as $exfld) {
$rmsg['fp_' . $exfld['field_name']] = cot_import_extrafields('rmsg' . $exfld['field_name'], $exfld);
}
if (!cot_error_found()) {
$db->update($db_forum_posts, $rmsg, "fp_id={$p}");
if (!empty($rtopic['ft_title']) && $db->query("SELECT fp_id FROM {$db_forum_posts} WHERE fp_topicid = {$q} ORDER BY fp_id ASC LIMIT 1")->fetchColumn() == $p) {
if (mb_substr($rtopic['ft_title'], 0, 1) == "#") {
$rtopic['ft_title'] = str_replace('#', '', $rtopic['ft_title']);
}
$rtopic['ft_preview'] = mb_substr(htmlspecialchars($rmsg['fp_text']), 0, 128);
$db->update($db_forum_topics, $rtopic, "ft_id = {$q}");
cot_error(sprintf($L['adm_extrafield_not_updated'], $k));
}
}
}
}
//cot_redirect(cot_url('admin', "m=extrafields&n=$n&d=$durl", '', true));
} elseif ($a == 'del' && isset($name)) {
/* === Hook === */
foreach (cot_getextplugins('admin.extrafields.delete') as $pl) {
include $pl;
}
/* ===== */
if (cot_extrafield_remove($n, $name)) {
cot_message('adm_extrafield_removed');
} else {
cot_error('adm_extrafield_not_removed');
}
//cot_redirect(cot_url('admin', "m=extrafields&n=$n&d=$durl", '', true));
}
$cache && $cache->db->remove('cot_extrafields', 'system');
cot_load_extrafields(true);
$totalitems = $db->query("SELECT COUNT(*) FROM {$db_extra_fields} WHERE field_location = '{$n}'")->fetchColumn();
$res = $db->query("SELECT * FROM {$db_extra_fields} WHERE field_location = '{$n}' ORDER BY field_name ASC LIMIT {$d}, " . $maxperpage);
$pagenav = cot_pagenav('admin', 'm=extrafields&n=' . $n, $d, $totalitems, $maxperpage, 'd', '', $cfg['jquery'] && $cfg['turnajax']);
$field_types = array('input', 'inputint', 'currency', 'double', 'textarea', 'select', 'checkbox', 'radio', 'datetime', 'country', 'range', 'checklistbox', 'file');
$ii = 0;
/* === Hook - Part1 : Set === */
$extp = cot_getextplugins('admin.extrafields.loop');
/* ===== */
foreach ($res->fetchAll() as $row) {
$ii++;
// Enforce cache loading
require_once $cfg['system_dir'] . '/cache.php';
$cache = new Cache();
$cache->init();
}
if ($a == 'purge' && $cache) {
if (cot_check_xg() && $cache->clear()) {
$db->update($db_users, array('user_auth' => ''), "user_auth != ''");
cot_message('adm_purgeall_done');
} else {
cot_error('Error');
}
} elseif ($a == 'delete') {
cot_check_xg();
$name = $db->prep(cot_import('name', 'G', 'TXT'));
$db->delete($db_cache, "c_name = '{$name}'") ? cot_message('adm_delcacheitem') : cot_error('Error');
}
if ($cache && $cache->mem) {
$info = $cache->get_info();
if ($info['available'] < 0) {
$info['available'] = '?';
}
$t->assign(array('ADMIN_CACHE_MEMORY_DRIVER' => str_replace('_driver', '', $cache->mem_driver), 'ADMIN_CACHE_MEMORY_PERCENTBAR' => ceil($info['occupied'] / $info['max'] * 100), 'ADMIN_CACHE_MEMORY_AVAILABLE' => $info['available'], 'ADMIN_CACHE_MEMORY_MAX' => $info['max']));
$t->parse('MAIN.ADMIN_CACHE_MEMORY');
}
$sql = $db->query("SELECT * FROM {$db_cache} WHERE 1 ORDER by c_name ASC");
$cachesize = 0;
$ii = 0;
/* === Hook - Part1 : Set === */
$extp = cot_getextplugins('admin.cache.loop');
/* ===== */
$t->parse('MAIN.RESULTS.FORUMS.ITEM');
}
$jj++;
}
$sql->closeCursor();
if ($jj > 0) {
$t->parse('MAIN.RESULTS.FORUMS');
}
}
/* === Hook === */
foreach (cot_getextplugins('search.list') as $pl) {
include $pl;
}
/* ===== */
if (array_sum($totalitems) < 1) {
cot_error($L['plu_noneresult'] . $R['code_error_separator']);
}
if (!cot_error_found()) {
$t->parse('MAIN.RESULTS');
}
$rs_url_path = array();
foreach ($rs as $k => $v) {
if (is_array($v)) {
foreach ($v as $sk => $sv) {
$rs_url_path['rs[' . $k . '][' . $sk . ']'] = $sv;
}
} else {
$rs_url_path['rs[' . $k . ']'] = $v;
}
}
$pagenav = cot_pagenav('plug', array('e' => 'search', 'sq' => $sq, 'tab' => $tab) + $rs_url_path, $d, array_sum($totalitems), $cfg_maxitems);
<?php
/**
* Administration panel - Home page for administrators
*
* @package Cotonti
* @copyright (c) Cotonti Team
* @license https://github.com/Cotonti/Cotonti/blob/master/License.txt
*/
defined('COT_CODE') && defined('COT_ADMIN') or die('Wrong URL.');
$t = new XTemplate(cot_tplfile('admin.home', 'core'));
if (!$cfg['debug_mode'] && file_exists('install.php') && is_writable('datas/config.php')) {
cot_error('home_installable_error');
}
$adminsubtitle = '';
// Empty means just "Administration"
//Version Checking
if ($cfg['check_updates'] && $cache) {
$update_info = $cache->db->get('update_info');
if (!$update_info) {
if (ini_get('allow_url_fopen')) {
$update_info = @file_get_contents('http://www.cotonti.com/update-check');
if ($update_info) {
$update_info = json_decode($update_info, TRUE);
$cache->db->store('update_info', $update_info, COT_DEFAULT_REALM, 86400);
}
} elseif (function_exists('curl_init')) {
$curl = curl_init();
curl_setopt($curl, CURLOPT_URL, 'http://www.cotonti.com/update-check');
curl_setopt($curl, CURLOPT_RETURNTRANSFER, TRUE);
$update_info = curl_exec($curl);
foreach ($cot_extrafields[$db_com] as $exfld) {
$comarray['com_' . $exfld['field_name']] = cot_import_extrafields('rcomments' . $exfld['field_name'], $exfld);
}
/* == Hook == */
foreach (cot_getextplugins('comments.send.first') as $pl) {
include $pl;
}
/* ===== */
if (empty($rname) && $usr['id'] == 0) {
cot_error($L['com_authortooshort'], 'rname');
}
if (mb_strlen($rtext) < $cfg['plugin']['comments']['minsize']) {
cot_error($L['com_commenttooshort'], 'rtext');
}
if ($cfg['plugin']['comments']['commentsize'] && mb_strlen($rtext) > $cfg['plugin']['comments']['commentsize']) {
cot_error($L['com_commenttoolong'], 'rtext');
}
if (!cot_error_found()) {
$comarray['com_area'] = $area;
$comarray['com_code'] = $item;
$comarray['com_author'] = $usr['id'] == 0 ? $rname : $usr['name'];
$comarray['com_authorid'] = (int) $usr['id'];
$comarray['com_authorip'] = $usr['ip'];
$comarray['com_text'] = $rtext;
$comarray['com_date'] = (int) $sys['now'];
$sql = $db->insert($db_com, $comarray);
$id = $db->lastInsertId();
if ($cache && $area == 'page') {
if ($cfg['cache_page']) {
$cache->page->clear('page/' . str_replace('.', '/', $structure['page'][$url_params['c']]['path']));
}
}
$rusergroupsms = cot_import('rusergroupsms', 'P', 'ARR');
if (mb_strlen($ruser['user_name']) < 2 || mb_strpos($ruser['user_name'], ',') !== false || mb_strpos($ruser['user_name'], "'") !== false) {
cot_error('aut_usernametooshort', 'rusername');
}
if ($ruser['user_name'] != $urr['user_name'] && $db->query("SELECT COUNT(*) FROM {$db_users} WHERE user_name = ?", array($ruser['user_name']))->fetchColumn() > 0) {
cot_error('aut_usernamealreadyindb', 'rusername');
}
if (!cot_check_email($ruser['user_email'])) {
cot_error('aut_emailtooshort', 'ruseremail');
}
if ($ruser['user_email'] != $urr['user_email'] && $db->query("SELECT COUNT(*) FROM {$db_users} WHERE user_email = ?", array($ruser['user_email']))->fetchColumn() > 0) {
cot_error('aut_emailalreadyindb', 'ruseremail');
}
if (!empty($rusernewpass) && mb_strlen($rusernewpass) < 4) {
cot_error('aut_passwordtooshort', 'rusernewpass');
}
if (!cot_error_found()) {
if (!empty($rusernewpass)) {
$ruser['user_passsalt'] = cot_unique(16);
$ruser['user_passfunc'] = empty($cfg['hashfunc']) ? 'sha256' : $cfg['hashfunc'];
$ruser['user_password'] = cot_hash($rusernewpass, $ruser['user_passsalt'], $ruser['user_passfunc']);
}
$ruser['user_name'] = $ruser['user_name'] == '' ? $urr['user_name'] : $ruser['user_name'];
$ruser['user_birthdate'] = is_null($ruser['user_birthdate']) ? '0000-00-00' : cot_stamp2date($ruser['user_birthdate']);
if (!$ruserbanned) {
$ruser['user_banexpire'] = 0;
}
if ($ruserbanned && $ruser['user_banexpire'] > 0) {
$ruser['user_banexpire'] += $sys['now'];
}
}
}
if (cot::$usr['id'] == 0 && !empty($cot_captcha)) {
$rverify = cot_import('rverify', 'P', 'TXT');
if (!cot_captcha_validate($rverify)) {
cot_error('captcha_verification_failed', 'rverify');
}
}
if ($rcontact['contact_author'] == '') {
cot_error('contact_noname', 'ruser');
}
if (!cot_check_email($rcontact['contact_email'])) {
cot_error('contact_emailnotvalid', 'remail');
}
if (mb_strlen($rcontact['contact_text']) < cot::$cfg['plugin']['contact']['minchars']) {
cot_error('contact_entrytooshort', 'rtext');
}
if (!cot_error_found()) {
$rcontact['contact_authorid'] = (int) $usr['id'];
$rcontact['contact_date'] = (int) $sys['now'];
$rcontact['contact_val'] = 0;
if (in_array($cfg['plugin']['contact']['save'], array('db', 'both'))) {
$db->insert($db_contact, $rcontact);
}
$semail = !empty($cfg['plugin']['contact']['email']) ? $cfg['plugin']['contact']['email'] : $cfg['adminemail'];
if (cot_check_email($semail) && in_array($cfg['plugin']['contact']['save'], array('email', 'both'))) {
$headers = "From: \"" . $rcontact['contact_author'] . "\" <" . $rcontact['contact_email'] . ">\n";
$context = array('sitetitle' => $cfg["maintitle"], 'siteurl' => $cfg['mainurl'], 'author' => $rcontact['contact_author'], 'email' => $rcontact['contact_email'], 'subject' => $rcontact['contact_subject'], 'text' => $rcontact['contact_text']);
$rextras = '';
if (!empty(cot::$extrafields[cot::$db->contact])) {
foreach (cot::$extrafields[cot::$db->contact] as $exfld) {
$htparts[0] = $htdata;
$htparts[1] = $hta;
$htparts[2] = $custom_htaccess;
$htparts[3] = '';
}
$htdata = implode("\n### COTONTI URLTRANS ###\n", $htparts);
file_put_contents('.htaccess', $htdata);
$hta = $htdata;
}
$t->assign(array('ADMIN_URLS_CONF_NAME' => $conf_name, 'ADMIN_URLS_HTA' => $hta));
$t->parse('MAIN.HTA');
$cache && $cache->db->remove('cot_urltrans', 'system');
}
// Check urltrans.dat
if (!is_writeable('./datas/urltrans.dat')) {
cot_error('adm_urls_error_dat');
}
// Get list of valid areas
$areas = array('*', 'plug', 'login');
$res = $db->query("SELECT ct_code FROM {$db_core} WHERE ct_plug = 0 ORDER BY ct_code");
foreach ($res->fetchAll() as $row) {
$areas[] = $row['ct_code'];
}
sort($areas);
/* FIXME: check block / actualize as not exists in template --------------------- */
// New rule contents
foreach ($areas as $ar) {
$t->assign(array('ADMIN_URLS_AREABOX_SELECTED' => $ar == '*' ? ' selected="selected"' : '', 'ADMIN_URLS_AREABOX_ITEM' => $ar));
$t->parse('MAIN.AREABOX');
}
/* FIXME: [end_of_block] --------------------------------------------- */
/* ===== */
$rmsg['fp_text'] = cot_import('rmsgtext', 'P', 'HTM');
$rtopic['ft_title'] = cot_import('rtopictitle', 'P', 'TXT', 255);
$rtopic['ft_desc'] = cot_import('rtopicdesc', 'P', 'TXT', 255);
$rtopic['ft_mode'] = (int) (cot_import('rtopicmode', 'P', 'BOL') && $cfg['forums']['cat_' . $s]['allowprvtopics']) ? 1 : 0;
$rtopic['ft_preview'] = cot_string_truncate($rmsg['fp_text'], 120);
if (mb_strlen($rtopic['ft_title']) < $cfg['forums']['mintitlelength']) {
cot_error('forums_titletooshort', 'rtopictitle');
}
if (mb_strlen($rmsg['fp_text']) < $cfg['forums']['minpostlength']) {
cot_error('forums_messagetooshort', 'rmsgtext');
}
if (!strpos($structure['forums'][$s]['path'], '.')) {
// Attempting to create a topic in a root category
include cot_langfile('message', 'core');
cot_error($L['msg602_body']);
}
foreach ($cot_extrafields[$db_forum_topics] as $exfld) {
$rtopic['ft_' . $exfld['field_name']] = cot_import_extrafields('rtopic' . $exfld['field_name'], $exfld);
}
foreach ($cot_extrafields[$db_forum_posts] as $exfld) {
$rmsg['fp_' . $exfld['field_name']] = cot_import_extrafields('rmsg' . $exfld['field_name'], $exfld);
}
if (!cot_error_found()) {
if (mb_substr($rtopic['ft_title'], 0, 1) == "#") {
$rtopic['ft_title'] = str_replace('#', '', $rtopic['ft_title']);
}
$rtopic['ft_state'] = 0;
$rtopic['ft_sticky'] = 0;
$rtopic['ft_cat'] = $s;
$rtopic['ft_creationdate'] = (int) $sys['now'];
<?php
/* ====================
[BEGIN_COT_EXT]
Hooks=users.register.add.first
Order=10
[END_COT_EXT]
==================== */
/**
* reCAPTCHA Plugin for Cotonti
*
* @package recaptchag
* @version 2.0
* @author Alexeev vlad
* @copyright Copyright (c) Alexeev vlad
* @license Free
*/
defined('COT_CODE') or die('Wrong URL');
if ($cfg['captchamain'] == 'recaptcha') {
$response = cot_import('g-recaptcha-response', 'P', 'TXT');
if (!cot_recaptcha_valid($response)) {
cot_error('recaptcha_verification_failed', 'response');
}
}
$sql_pm_users = $db->query("SELECT user_id, user_name FROM {$db_users} WHERE user_id IN {$touser_sql}");
}
}
$sql_pm_users && ($totalrecipients = $sql_pm_users->rowCount());
if ($totalrecipients > 0) {
while ($row = $sql_pm_users->fetch()) {
$touser_ids[] = $row['user_id'];
$touser_names[] = htmlspecialchars($row['user_name']);
}
$sql_pm_users->closeCursor();
$touser = implode(", ", $touser_names);
if ($totalrecipients < $touser_req) {
cot_error('pm_wrongname', 'newpmrecipient');
}
if (!$usr['isadmin'] && $totalrecipients > 10) {
cot_error(sprintf($L['pm_toomanyrecipients'], 10), 'newpmrecipient');
}
}
}
list($totalsentbox, $totalinbox) = cot_message_count($usr['id']);
$title_params = array('PM' => $L['Private_Messages'], 'SEND_NEW' => $L['pm_sendnew']);
$out['subtitle'] = cot_title('{SEND_NEW} - {PM}', $title_params);
$out['head'] .= $R['code_noindex'];
/* === Hook === */
foreach (cot_getextplugins('pm.send.main') as $pl) {
include $pl;
}
/* ===== */
if ($id) {
$pmsql = $db->query("SELECT *, u.user_name FROM {$db_pm} AS p LEFT JOIN {$db_users} AS u ON u.user_id=p.pm_touserid WHERE pm_id={$id} AND pm_tostate=0 LIMIT 1");
if ($pmsql->rowCount() != 0) {
$cot_groups[$row['grp_id']] = array('id' => $row['grp_id'], 'alias' => $row['grp_alias'], 'level' => $row['grp_level'], 'disabled' => $row['grp_disabled'], 'hidden' => $row['grp_hidden'], 'state' => $row['grp_state'], 'name' => htmlspecialchars($row['grp_name']), 'title' => htmlspecialchars($row['grp_title']));
}
$res->closeCursor();
$usr['id'] = 1;
// Install all at once
// Note: installation statuses are ignored in this installer
$selected_modules = cot_install_sort_extensions($selected_modules, true);
foreach ($selected_modules as $ext) {
if (!cot_extension_install($ext, true)) {
cot_error("Installing {$ext} module has failed");
}
}
$selected_plugins = cot_install_sort_extensions($selected_plugins, false);
foreach ($selected_plugins as $ext) {
if (!cot_extension_install($ext, false)) {
cot_error("Installing {$ext} plugin has failed");
}
}
}
break;
case 5:
// End credits
break;
default:
// Error
cot_redirect(cot_url('index'));
exit;
}
$inst_func_name = "cot_install_step" . $step . "_setup";
function_exists($inst_func_name) && $inst_func_name();
if (cot_error_found()) {
/**
* Validates page data.
* @param array $rpage Imported page data
* @return boolean TRUE if validation is passed or FALSE if errors were found
*/
function cot_page_validate($rpage)
{
global $cfg, $structure;
cot_check(empty($rpage['page_cat']), 'page_catmissing', 'rpagecat');
if ($structure['page'][$rpage['page_cat']]['locked']) {
global $L;
require_once cot_langfile('message', 'core');
cot_error('msg602_body', 'rpagecat');
}
cot_check(mb_strlen($rpage['page_title']) < 2, 'page_titletooshort', 'rpagetitle');
cot_check(!empty($rpage['page_alias']) && preg_match('`[+/?%#&]`', $rpage['page_alias']), 'page_aliascharacters', 'rpagealias');
$allowemptytext = isset($cfg['page']['cat_' . $rpage['page_cat']]['allowemptytext']) ? $cfg['page']['cat_' . $rpage['page_cat']]['allowemptytext'] : $cfg['page']['cat___default']['allowemptytext'];
cot_check(!$allowemptytext && empty($rpage['page_text']), 'page_textmissing', 'rpagetext');
return !cot_error_found();
}
cot_error('aut_usernametooshort', 'rusername');
}
if (mb_strlen($rpassword1) < 4) {
cot_error('aut_passwordtooshort', 'rpassword1');
}
if (!cot_check_email($ruser['user_email'])) {
cot_error('aut_emailtooshort', 'ruseremail');
}
if ($user_exists) {
cot_error('aut_usernamealreadyindb', 'rusername');
}
if ($email_exists && !$cfg['useremailduplicate']) {
cot_error('aut_emailalreadyindb', 'ruseremail');
}
if ($rpassword1 != $rpassword2) {
cot_error('aut_passwordmismatch', 'rpassword2');
}
/* === Hook for the plugins === */
foreach (cot_getextplugins('users.register.add.validate') as $pl) {
include $pl;
}
/* ===== */
if (!cot_error_found()) {
$ruser['user_password'] = $rpassword1;
$userid = cot_add_user($ruser);
/* === Hook for the plugins === */
foreach (cot_getextplugins('users.register.add.done') as $pl) {
include $pl;
}
/* ===== */
if ($cfg['users']['regnoactivation'] || $db->countRows($db_users) == 1) {
/**
* Validates product data.
* @param array $ritem Imported product data
* @return boolean TRUE if validation is passed or FALSE if errors were found
*/
function cot_folio_validate($ritem)
{
global $cfg, $structure;
cot_check(empty($ritem['item_cat']), 'folio_select_cat', 'rcat');
if ($structure['folio'][$ritem['item_cat']]['locked']) {
global $L;
require_once cot_langfile('message', 'core');
cot_error('msg602_body', 'rcat');
}
cot_check(mb_strlen($ritem['item_title']) < 2, 'folio_empty_title', 'rtitle');
cot_check(!empty($ritem['item_alias']) && preg_match('`[+/?%#&]`', $ritem['item_alias']), 'folio_aliascharacters', 'ralias');
$allowemptytext = isset($cfg['folio']['cat_' . $ritem['item_cat']]['allowemptytext']) ? $cfg['folio']['cat_' . $ritem['item_cat']]['allowemptytext'] : $cfg['folio']['cat___default']['allowemptytext'];
cot_check(!$allowemptytext && empty($ritem['item_text']), 'folio_empty_text', 'rtext');
return !cot_error_found();
}
}
$file = $_FILES[$code];
if (!empty($file['tmp_name']) && $file['size'] > 0 && is_uploaded_file($file['tmp_name'])) {
$gd_supported = array('jpg', 'jpeg', 'png', 'gif');
$var = explode(".", $file['name']);
$file_ext = strtolower(array_pop($var));
$fcheck = cot_file_check($file['tmp_name'], $file['name'], $file_ext);
if (in_array($file_ext, $gd_supported) && $fcheck == 1) {
$file['name'] = cot_safename($file['name'], true);
$filename_full = $usr['id'] . '-' . strtolower($file['name']);
$filepath = $code == 'avatar' ? $cfg['avatars_dir'] . '/' . $filename_full : $cfg['photos_dir'] . '/' . $filename_full;
if (file_exists($filepath)) {
unlink($filepath);
}
move_uploaded_file($file['tmp_name'], $filepath);
cot_imageresize($filepath, $filepath, $settings['width'], $settings['height'], $settings['crop'], '', 100);
@chmod($filepath, $cfg['file_perms']);
/* === Hook === */
foreach (cot_getextplugins('profile.update.' . $code) as $pl) {
include $pl;
}
/* ===== */
$sql = $db->update($db_users, array("user_" . $code => $filepath), "user_id='" . $usr['id'] . "'");
} elseif ($fcheck == 2) {
cot_error(sprintf($L['pfs_filemimemissing'], $file_ext), $code);
} else {
cot_error(sprintf($L['userimages_' . $code . 'notvalid'], $file_ext), $code);
}
}
}
}
/**
* Validates product data.
* @param array $ritem Imported product data
* @return boolean TRUE if validation is passed or FALSE if errors were found
*/
function cot_market_validate($ritem)
{
global $cfg, $structure;
cot_check(empty($ritem['item_cat']), 'market_select_cat', 'rcat');
if ($structure['market'][$ritem['item_cat']]['locked']) {
cot_error('market_locked_cat', 'rcat');
}
cot_check(mb_strlen($ritem['item_title']) < 2, 'market_empty_title', 'rtitle');
cot_check(!empty($ritem['item_alias']) && preg_match('`[+/?%#&]`', $ritem['item_alias']), 'market_aliascharacters', 'ralias');
$allowemptytext = isset($cfg['market']['cat_' . $ritem['item_cat']]['allowemptytext']) ? $cfg['market']['cat_' . $ritem['item_cat']]['allowemptytext'] : $cfg['market']['cat___default']['allowemptytext'];
cot_check(!$allowemptytext && empty($ritem['item_text']), 'market_empty_text', 'rtext');
return !cot_error_found();
}
public function deleteAction()
{
$id = cot_import('id', 'G', 'INT');
$d = cot_import('d', 'G', 'INT');
$backUrlParams = array('m' => 'subscribe', 'n' => 'queue');
if (!empty($d)) {
$backUrlParams['d'] = $d;
}
// Фильтры из списка
$f = cot_import('f', 'G', 'ARR');
if (!empty($f)) {
foreach ($f as $key => $val) {
if ($key == 'id') {
continue;
}
$backUrlParams["f[{$key}]"] = $val;
}
}
if (!$id) {
cot_error(cot::$L['nf']);
cot_redirect(cot_url('admin', $backUrlParams));
}
$item = subscribe_model_Queue::getById($id);
if (!$item) {
cot_error(cot::$L['nf']);
cot_redirect(cot_url('admin', $backUrlParams));
}
$item->delete();
cot_message(cot::$L['Deleted']);
cot_redirect(cot_url('admin', $backUrlParams, '', true));
}
/**
* Check Poll form
*/
function cot_poll_check()
{
global $cfg, $L, $poll_id, $poll_text, $poll_multiple, $poll_state, $poll_options;
$poll_id = cot_import('poll_id', 'P', 'INT');
$poll_delete = cot_import('poll_delete', 'P', 'BOL');
$poll_reset = cot_import('poll_reset', 'P', 'BOL');
$poll_text = trim(cot_import('poll_text', 'P', 'HTM'));
$poll_multiple = cot_import('poll_multiple', 'P', 'BOL');
$poll_state = cot_import('poll_state', 'P', 'BOL');
$poll_options = cot_import('poll_option', 'P', 'ARR');
if ($poll_delete && (int) $poll_id > 0) {
cot_poll_delete($poll_id);
$poll_id = '';
}
if (isset($_POST['poll_id'])) {
if ($poll_reset && (int) $poll_id > 0) {
cot_poll_reset($poll_id);
}
$poll_options_temp = array();
foreach ($poll_options as $key => $val) {
$val = trim(cot_import($val, 'D', 'TXT'));
if (!empty($val)) {
$poll_options_temp[$key] = $val;
}
}
$poll_options = $poll_options_temp;
if (is_int($poll_id) || $cfg['polls']['del_dup_options']) {
$poll_options = array_unique($poll_options);
}
if (mb_strlen($poll_text) < 4) {
cot_error('polls_error_title', 'poll_text');
}
if (count($poll_options) < 2) {
cot_error('polls_error_count', 'poll_option');
}
}
}
cot_redirect(cot_url('admin', 'm=other&p=userimages', '', true));
}
if ($a == 'edit') {
$code = cot_import('code', 'G', 'ALP');
$width = cot_import('userimg_width', 'P', 'INT');
$height = cot_import('userimg_height', 'P', 'INT');
$crop = cot_import('userimg_crop', 'P', 'TXT');
if (!cot_userimages_config_edit($code, $width, $height, $crop)) {
cot_error('userimages_emptycode', 'code');
}
cot_redirect(cot_url('admin', 'm=other&p=userimages', '', true));
}
if ($a == 'remove') {
$code = cot_import('code', 'G', 'ALP');
if (!cot_userimages_config_remove($code)) {
cot_error('userimages_emptycode');
}
cot_redirect(cot_url('admin', 'm=other&p=userimages', '', true));
}
$userimg = cot_userimages_config_get(true);
foreach ($userimg as $code => $settings) {
$tt->assign(array('CODE' => $code, 'WIDTH' => $settings['width'], 'HEIGHT' => $settings['height'], 'CROP' => $settings['crop'], 'EDIT_URL' => cot_url('admin', 'm=other&p=userimages&a=edit&code=' . $code), 'REMOVE' => cot_rc('userimg_remove', array('url' => cot_url('admin', 'm=other&p=userimages&a=remove&code=' . $code)))));
$tt->parse('MAIN.USERIMG_LIST');
}
cot_display_messages($tt);
// use cot_message()
/* === Hook === */
foreach (cot_getextplugins('userimages.admin.tags') as $pl) {
include $pl;
}
/* ===== */
$pag_i18n['ipage_text'] = $pag['page_text'];
}
$t->assign(array('I18N_ACTION' => cot_url('plug', "e=i18n&m=page&a=add&id={$id}"), 'I18N_TITLE' => $L['i18n_adding'], 'I18N_ORIGINAL_LANG' => $i18n_locales[$cfg['defaultlang']], 'I18N_LOCALIZED_LANG' => cot_selectbox('', 'locale', $lc_values, $lc_names, false), 'I18N_PAGE_TITLE' => htmlspecialchars($pag['page_title']), 'I18N_PAGE_DESC' => htmlspecialchars($pag['page_desc']), 'I18N_PAGE_TEXT' => cot_parse($pag['page_text'], $cfg['page']['markup']), 'I18N_IPAGE_TITLE' => htmlspecialchars($pag_i18n['ipage_title']), 'I18N_IPAGE_DESC' => htmlspecialchars($pag_i18n['ipage_desc']), 'I18N_IPAGE_TEXT' => cot_textarea('translate_text', $pag_i18n['ipage_text'], 32, 80, '', 'input_textarea_editor')));
cot_display_messages($t);
/* === Hook === */
foreach (cot_getextplugins('i18n.page.translate.tags') as $pl) {
include $pl;
}
/* =============*/
} elseif ($a == 'edit' && $pag_i18n && ($i18n_admin || $i18n_edit || $usr['id'] == $pag_i18n['ipage_translatorid'])) {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// Update the translation
$pag_i18n['ipage_date'] = $sys['now'];
$pag_i18n['ipage_title'] = cot_import('title', 'P', 'TXT');
if (mb_strlen($pag_i18n['ipage_title']) < 2) {
cot_error('page_titletooshort', 'rpagetitle');
}
$pag_i18n['ipage_desc'] = cot_import('desc', 'P', 'TXT');
$pag_i18n['ipage_text'] = cot_import('translate_text', 'P', 'HTM');
if (cot_error_found()) {
cot_redirect(cot_url('plug', "e=i18n&m=page&a=edit&id={$id}&l={$i18n_locale}", '', true));
exit;
}
$db->update($db_i18n_pages, $pag_i18n, "ipage_id = ? AND ipage_locale = ?", array($id, $i18n_locale));
/* === Hook === */
foreach (cot_getextplugins('i18n.page.edit.update') as $pl) {
include $pl;
}
/* =============*/
cot_message('Updated');
$page_urlp = empty($pag['page_alias']) ? 'c=' . $pag['page_cat'] . "&id={$id}&l={$i18n_locale}" : 'c=' . $pag['page_cat'] . '&al=' . $pag['page_alias'] . '&l=' . $i18n_locale;
/**
* Displays redirect page
*
* @param string $url Target URI
*/
function cot_redirect($url)
{
global $cfg, $env, $error_string, $sys;
if (cot_error_found() && $_SERVER['REQUEST_METHOD'] == 'POST') {
// Save the POST data
if (!empty($error_string)) {
// Message should not be lost
cot_error($error_string);
}
cot_import_buffer_save();
}
if (!cot_url_check($url)) {
// No redirects to foreign domains
if ($url == '/' || $url == $sys['site_uri']) {
$url = COT_ABSOLUTE_URL;
} else {
if ($url[0] === '/') {
$url = mb_substr($url, 1);
}
$url = COT_ABSOLUTE_URL . $url;
}
}
if (defined('COT_AJAX') && COT_AJAX) {
// Save AJAX state, some browsers loose it after redirect (e.g. FireFox 3.6)
$sep = strpos($url, '?') === false ? '?' : '&';
$url .= $sep . '_ajax=1';
}
if (isset($env['status'])) {
$protocol = isset($_SERVER['SERVER_PROTOCOL']) ? $_SERVER['SERVER_PROTOCOL'] : 'HTTP/1.1';
header($protocol . ' ' . $env['status']);
}
if ($cfg['redirmode']) {
$output = $cfg['doctype'] . <<<HTM
\t\t<html>
\t\t<head>
\t\t<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
\t\t<meta http-equiv="refresh" content="0; url={$url}" />
\t\t<title>Redirecting...</title></head>
\t\t<body>Redirecting to <a href="{$url}">{$url}</a>
\t\t</body>
\t\t</html>
HTM;
header('Refresh: 0; URL=' . $url);
echo $output;
exit;
} else {
header('Location: ' . $url);
exit;
}
}
