/**
* displayAddNewsSubmit
*
* @return void
*/
function displayAddNewsSubmit()
{
$sql = "INSERT INTO `fcms_news`\n (`title`, `news`, `user`, `created`, `updated`)\n VALUES\n (?, ?, ? ,NOW(), NOW())";
$params = array($_POST['title'], $_POST['post'], $this->fcmsUser->id);
$newNewsId = $this->fcmsDatabase->insert($sql, $params);
if ($newNewsId === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email members
$sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) > 0) {
$name = getUserDisplayName($this->fcmsUser->id);
$url = getDomainAndDir();
$email_headers = getEmailHeaders();
foreach ($rows as $r) {
$to = getUserDisplayName($r['user']);
$subject = sprintf(T_('%s has added %s to his/her Family News'), $name, $_POST['title']);
$email = $r['email'];
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'familynews.php?getnews=' . $this->fcmsUser->id . '
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $email_headers);
}
}
$user = (int) $this->fcmsUser->id;
header("Location: familynews.php?getnews={$user}&newsid={$newNewsId}");
}
/**
* displayAddRecipeSubmit
*
* @return void
*/
function displayAddRecipeSubmit()
{
$name = strip_tags($_POST['name']);
$category = (int) $_POST['category'];
$ingredients = strip_tags($_POST['ingredients']);
$directions = strip_tags($_POST['directions']);
$thumbnail = 'no_recipe.jpg';
$uploadsPath = getUploadsAbsolutePath();
// Upload Recipe Image
if (isset($_FILES['thumbnail']) && $_FILES['thumbnail']['name'] && $_FILES['thumbnail']['error'] < 1) {
$this->fcmsImage->destination = $uploadsPath . 'upimages/';
$this->fcmsImage->uniqueName = true;
$thumbnail = $this->fcmsImage->upload($_FILES['thumbnail']);
if ($this->fcmsImage->error == 1) {
$this->displayHeader();
echo '
<p class="error-alert">
' . sprintf(T_('Thumbnail [%s] is not a supported type. Thumbnails must be of type (.jpg, .jpeg, .gif, .bmp or .png).'), $this->img->name) . '
</p>';
$this->displayFooter();
return;
}
$this->fcmsImage->resize(100, 100);
if ($this->fcmsImage->error > 0) {
$this->displayHeader();
echo '
<p class="error-alert">
' . T_('There was an error uploading your thumbnail.') . '
</p>';
$this->displayFooter();
return;
}
}
$sql = "INSERT INTO `fcms_recipes` \n (`name`, `thumbnail`, `category`, `ingredients`, `directions`, `user`, `date`) \n VALUES\n (?, ?, ?, ?, ?, ?, NOW())";
$params = array($name, $thumbnail, $category, $ingredients, $directions, $this->fcmsUser->id);
$rec_id = $this->fcmsDatabase->insert($sql, $params);
if ($rec_id === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email members
$sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) > 0) {
foreach ($rows as $r) {
$recipeUser = getUserDisplayName($this->fcmsUser->id);
$to = getUserDisplayName($r['user']);
$subject = sprintf(T_('%s has added the recipe: %s'), $recipeUser, $name);
$email = $r['email'];
$url = getDomainAndDir();
$email_headers = getEmailHeaders();
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'recipes.php?category=' . $category . '
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $email_headers);
}
}
header("Location: recipes.php?category={$category}&id={$rec_id}");
}
/**
* handleAutoActivation
*
* @param string $email email address to send email to
* @param string $subject subject of email
* @param int $id id of user being activated
* @param string $sitename sitename
*
* @return void
*/
function handleAutoActivation($email, $subject, $id, $sitename)
{
$code = uniqid('');
//bug in some versions of php, needs some value here
$sql = "UPDATE `fcms_users` \n SET `activate_code` = ?\n WHERE `id` = ?";
if (!$this->fcmsDatabase->update($sql, array($code, $id))) {
$this->fcmsError->displayError();
$this->displayFooter();
die;
}
$message = T_('Please click the following link to activate your account') . ':
' . getDomainAndDir() . 'activate.php?uid=' . $id . '&code=' . $code;
echo '
<div id="msg">
<h1>' . T_('Congratulations and Welcome') . '</h1>
<p>
' . sprintf(T_('You have been successfully registered at %s.'), $sitename) . '
' . sprintf(T_('Your account information has been emailed to %s.'), $email) . '<br/>
<b>' . T_('Please remember your username and password for this site.') . '</b>
</p>
<p>' . T_('Unfortunately you must activate your account before you can <a href="index.php">login</a> and begin using the site') . '</p>
</div>';
mail($email, $subject, $message, getEmailHeaders());
}
/**
* displayAddDocumentSubmit
*
* @return void
*/
function displayAddDocumentSubmit()
{
$doc = $_FILES['doc']['name'];
$doc = cleanFilename($doc);
$desc = $_POST['desc'];
$mime = $_FILES['doc']['type'];
$result = $this->fcmsDocument->uploadDocument($_FILES['doc'], $doc);
if ($result === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$sql = "INSERT INTO `fcms_documents` (\n `name`, `description`, `mime`, `user`, `date`\n ) VALUES(\n ?, ?, ?, ?, NOW()\n )";
$params = array($doc, $desc, $mime, $this->fcmsUser->id);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email members
$sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if (count($rows) > 0) {
$name = getUserDisplayName($this->fcmsUser->id);
$url = getDomainAndDir();
$subject = sprintf(T_('%s has added a new document (%s).'), $name, $doc);
$email_headers = getEmailHeaders();
foreach ($rows as $r) {
$to = getUserDisplayName($r['user']);
$email = $r['email'];
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'documents.php
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $email_headers);
}
}
$_SESSION['ok'] = 1;
header("Location: documents.php");
}
/**
* emailMembersNewPhotos
*
* @param int $categoryId
*
* @return void
*/
function emailMembersNewPhotos($categoryId)
{
$sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) > 0) {
$name = getUserDisplayName($this->fcmsUser->id);
$subject = sprintf(T_('%s has added a new photo.'), $name);
$url = getDomainAndDir();
$emailHeaders = getEmailHeaders();
foreach ($rows as $r) {
$to = getUserDisplayName($r['user']);
$email = $r['email'];
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'index.php?uid=' . $this->fcmsUser->id . '&cid=' . $category . '
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $emailHeaders);
}
}
}
/**
* displayComposeFormSubmit
*
* @return void
*/
function displayComposeFormSubmit()
{
$to = (int) $_POST['to'];
$title = strip_tags($_POST['title']);
$msg = strip_tags($_POST['post']);
if (strlen($title) <= 0 || strlen($msg) <= 0) {
header("Location: privatemsg.php");
return;
}
// Insert the PM into the DB
$sql = "INSERT INTO `fcms_privatemsg` \n (`to`, `from`, `date`, `title`, `msg`) \n VALUES\n (?, ?, NOW(), ?, ?)";
$params = array($to, $this->fcmsUser->id, $title, $msg);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email the PM to the user
$sql = "SELECT `email` FROM `fcms_users` \n WHERE `id` = ?";
$r = $this->fcmsDatabase->getRow($sql, $to);
if ($r === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$from = $this->fcmsUser->displayName;
$reply = $this->fcmsUser->email;
$toName = getUserDisplayName($to);
$sitename = getSiteName();
$sitename = html_entity_decode($sitename);
$subject = sprintf(T_('A new Private Message at %s'), $sitename);
$email = $r['email'];
$url = getDomainAndDir();
$email_headers = 'From: ' . $sitename . ' <' . getContactEmail() . '>' . "\r\n";
$email_headers .= 'Reply-To: ' . $reply . "\r\n";
$email_headers .= 'Content-Type: text/plain; charset=UTF-8;' . "\r\n";
$email_headers .= 'MIME-Version: 1.0' . "\r\n";
$email_headers .= 'X-Mailer: PHP/' . phpversion();
$email_msg = T_('Dear') . ' ' . $toName . ',
' . sprintf(T_('%s has sent you a new Private Message at %s'), $from, $sitename) . '
' . T_('The message has been attached below.') . '
' . sprintf(T_('To respond to this message either visit %s or respond to this email.'), $url . 'privatemsg.php') . '
----
' . T_('From') . ': ' . $from . '
' . T_('Message Title') . ': ' . $title . '
' . $msg . '
';
mail($email, $subject, $email_msg, $email_headers);
$_SESSION['success'] = 1;
header("Location: privatemsg.php");
}
/**
* displayNewPostSubmit
*
* @return void
*/
function displayNewPostSubmit()
{
$post = $_POST['post'];
$threadId = (int) $_POST['thread_id'];
// Update Thread info
$sql = "UPDATE `fcms_board_threads` \n SET `updated` = NOW(), \n `updated_by` = ?\n WHERE `id` = ?";
if (!$this->fcmsDatabase->update($sql, array($this->fcmsUser->id, $threadId))) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Insert new Post
$sql = "INSERT INTO `fcms_board_posts`\n (`date`, `thread`, `user`, `post`)\n VALUES\n (NOW(), ?, ?, ?)";
$params = array($threadId, $this->fcmsUser->id, $post);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email members
$sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if (count($rows) > 0) {
$name = getUserDisplayName($this->fcmsUser->id);
$sql = "SELECT `subject` \n FROM `fcms_board_threads` \n WHERE `id` = ?";
$threadInfo = $this->fcmsDatabase->getRow($sql, $threadId);
if ($threadInfo === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$threadSubject = $threadInfo['subject'];
$pos = strpos($threadSubject, '#ANOUNCE#');
if ($pos !== false) {
$threadSubject = substr($threadSubject, 9, strlen($threadSubject) - 9);
}
$emailHeaders = getEmailHeaders();
$subject = sprintf(T_('%s has replied to the thread: %s'), $name, $threadSubject);
$url = getDomainAndDir();
foreach ($rows as $r) {
$email = $r['email'];
$to = getUserDisplayName($r['user']);
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'messageboard.php?thread=' . $threadId . '
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $emailHeaders);
}
}
header("Location: messageboard.php?thread={$threadId}");
}
/**
* getAuthedGoogleClient
*
* Will return a Google_Client on success,
* or false on failure.
*
* @return mixed
*/
function getAuthedGoogleClient($userId)
{
$fcmsError = FCMS_Error::getInstance();
$config = getGoogleConfigData();
$user = getGoogleUserData($userId);
if (empty($user['google_session_token'])) {
return false;
}
if (empty($config['google_client_id']) || empty($config['google_client_secret'])) {
return false;
}
// Setup url for callbacks
$callbackUrl = getDomainAndDir();
$callbackUrl .= 'settings.php?view=google&oauth2callback';
$googleClient = new Google_Client();
$googleClient->setClientId($config['google_client_id']);
$googleClient->setClientSecret($config['google_client_secret']);
$googleClient->setAccessType('offline');
$googleClient->setScopes(array('https://www.googleapis.com/auth/youtube.force-ssl', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', 'https://picasaweb.google.com/data/'));
$googleClient->setRedirectUri($callbackUrl);
// We still have a token saved
if (isset($_SESSION['googleSessionToken'])) {
try {
$googleClient->setAccessToken($_SESSION['googleSessionToken']);
// Make sure our access token is still good
if ($googleClient->isAccessTokenExpired()) {
$googleClient->refreshToken($user['google_session_token']);
}
} catch (Exception $e) {
$fcmsError->add(array('type' => 'operation', 'message' => 'Could not get Google Session Token.', 'error' => $e, 'file' => __FILE__, 'line' => __LINE__));
return false;
}
} elseif (!empty($user['google_session_token'])) {
try {
$googleClient->refreshToken($user['google_session_token']);
$_SESSION['googleSessionToken'] = $googleClient->getAccessToken();
} catch (Exception $e) {
$fcmsError->add(array('type' => 'operation', 'message' => 'Could not get Google Session Token.', 'error' => $e, 'file' => __FILE__, 'line' => __LINE__));
return false;
}
}
return $googleClient;
}
/**
* displayEditGoogle
*
* @return void
*/
function displayEditGoogle()
{
$this->displayHeader();
$config = getGoogleConfigData();
$user = getGoogleUserData($this->fcmsUser->id);
// Setup url for callbacks
$callbackUrl = getDomainAndDir();
$callbackUrl .= 'settings.php?view=google&oauth2callback';
$_SESSION['callback_url'] = $callbackUrl;
if (!empty($config['google_client_id']) || !empty($config['google_client_secret'])) {
$googleClient = new Google_Client();
$googleClient->setClientId($config['google_client_id']);
$googleClient->setClientSecret($config['google_client_secret']);
$googleClient->setAccessType('offline');
$googleClient->setScopes(array('https://www.googleapis.com/auth/youtube.force-ssl', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', 'https://picasaweb.google.com/data/'));
$googleClient->setRedirectUri($callbackUrl);
// We still have a token saved
if (isset($_SESSION['googleSessionToken'])) {
try {
$googleClient->setAccessToken($_SESSION['googleSessionToken']);
// Make sure our access token is still good
if ($googleClient->isAccessTokenExpired()) {
$googleClient->refreshToken($user['google_session_token']);
}
} catch (Exception $e) {
$failure = 1;
}
} elseif (!empty($user['google_session_token'])) {
try {
$googleClient->refreshToken($user['google_session_token']);
$_SESSION['googleSessionToken'] = $googleClient->getAccessToken();
} catch (Exception $e) {
$failure = 1;
}
}
if (!isset($failure) && isset($_SESSION['googleSessionToken'])) {
try {
$youtube = new Google_Service_YouTube($googleClient);
$channel = $youtube->channels->listChannels('id', array('mine' => 'true'));
} catch (Exception $e) {
echo '<div class="error-alert">ERROR: ' . $e->getMessage() . '</div>';
$this->displayFooter();
return;
}
$oAuth = new Google_Service_Oauth2($googleClient);
$userInfo = $oAuth->userinfo->get();
$user = '******' . $channel->items[0]['id'] . '">' . $userInfo->email . '</a>';
$status = sprintf(T_('Currently connected as: %s'), $user);
$link = '<a class="disconnect" href="?revoke=google">' . T_('Disconnect') . '</a>';
} else {
$state = mt_rand();
$googleClient->setState($state);
$_SESSION['state'] = $state;
$url = $googleClient->createAuthUrl();
$status = T_('Not Connected');
$link = '<a href="' . $url . '">' . T_('Connect') . '</a>';
}
}
echo '
<div class="social-media-connect">
<img class="icon" src="ui/img/google.png" alt="Google"/>
<h2>Google</h2>
<p>' . T_('Connecting with Google will allow you to:') . '</p>
<ul>
<li>' . T_('Share your Picasa photos with this site.') . '</li>
<li>' . T_('Share your YouTube videos with this site.') . '</li>
</ul>
<div class="status">' . $status . '</div>
<div class="action">' . $link . '</div>
</div>';
$this->displayFooter();
}
/**
* displayInvitationSubmit
*
* @return void
*/
function displayInvitationSubmit()
{
$this->displayHeader();
$calendarId = (int) $_POST['calendar'];
// make sure the user submitted atleast one email address
if (!isset($_POST['all-members']) && !isset($_POST['email']) && !isset($_POST['non-member-emails'])) {
$error = T_('You must invite at least one guest.');
displayInvitationForm($calendarId, $error);
return;
}
// Get any invitations already sent for this event
$invitations = $this->getInvitations($calendarId, true);
if ($invitations === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (!isset($invitations['_current_user'])) {
// add the current user (host) to the invite as attending
$sql = "INSERT INTO `fcms_invitation` \n (`event_id`, `user`, `created`, `updated`, `attending`)\n VALUES \n (?, ?, NOW(), NOW(), 1)";
$params = array($calendarId, $this->fcmsUser->id);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
}
// Get the calendar event title
$sql = "SELECT `title` \n FROM `fcms_calendar` \n WHERE `id` = ?";
$r = $this->fcmsDatabase->getRow($sql, $calendarId);
if ($r === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
$title = $r['title'];
$invitees = array();
$nonMembers = array();
$members = array();
// get emails from textarea
if (isset($_POST['non-member-emails'])) {
$nonMembers = explode("\n", $_POST['non-member-emails']);
}
// get any members that have been invited
if (isset($_POST['all-members'])) {
$sql = "SELECT `id`, `email` \n FROM `fcms_users` \n WHERE `activated` > 0\n AND `phpass` != 'NONMEMBER'\n AND `id` != ?";
$rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
foreach ($rows as $r) {
array_push($members, array('id' => $r['id'], 'email' => $r['email']));
}
} elseif (isset($_POST['member'])) {
foreach ($_POST['member'] as $id) {
array_push($members, array('id' => $id, 'email' => $_POST["id{$id}"]));
}
}
// merge all emails into one big list
$invitees = array_merge($nonMembers, $members);
// Create the invite and send the emails to each invitee
foreach ($invitees as $invitee) {
if (empty($invitee)) {
continue;
}
// create a code for this user
$code = uniqid('');
$user = 0;
$email = '';
$toEmail = '';
$toName = '';
$fromName = getUserDisplayName($this->fcmsUser->id);
$url = getDomainAndDir();
// member
if (is_array($invitee)) {
$user = (int) $invitee['id'];
$toEmail = rtrim($invitee['email']);
$toName = getUserDisplayName($user);
$email = null;
$url .= 'calendar.php?event=' . $calendarId;
} else {
$user = 0;
$toEmail = rtrim($invitee);
$toName = $toEmail;
$email = $toEmail;
$url .= 'invitation.php?event=' . $calendarId . '&code=' . $code;
}
// Skip email address that have already been invited
if (isset($invitations[$toEmail])) {
continue;
}
// add an invitation to db
$sql = "INSERT INTO `fcms_invitation` \n (`event_id`, `user`, `email`, `created`, `updated`, `code`)\n VALUES \n (?, ?, ?, NOW(), NOW(), ?)";
$params = array($calendarId, $user, $email, $code);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Send email invitation
$subject = sprintf(T_pgettext('%s is the title of an event', 'Invitation: %s'), $title);
$msg = sprintf(T_pgettext('%s is the name of a person, like Dear Bob,', 'Dear %s,'), $toName) . '
' . sprintf(T_pgettext('The first %s is the name of a person, the second is the title of an event', '%s has invited you to %s.'), $fromName, $title) . '
' . T_('Please visit the link below to view the rest of this invitation.') . '
' . $url . '
----
' . T_('This is an automated response, please do not reply.') . '
';
$email_headers = getEmailHeaders();
mail($toEmail, $subject, $msg, $email_headers);
}
displayOkMessage();
$this->fcmsCalendar->displayEvent($calendarId);
$this->displayFooter();
}
/**
* displayStatusUpdateSubmit
*
* @return void
*/
function displayStatusUpdateSubmit()
{
$status = $_POST['status'];
$parent = 0;
// Submited blank form?
if (empty($_POST['status'])) {
header("Location: home.php");
return;
}
if (isset($_POST['parent'])) {
$parent = (int) $_POST['parent'];
}
// Insert new status
$sql = "INSERT INTO `fcms_status`\n (`user`, `status`, `parent`, `created`, `updated`)\n VALUES\n (?, ?, ?, NOW(), NOW())";
$params = array($this->fcmsUser->id, $status, $parent);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// If replying, update the orig status updated date, so it bumps up to the top of the list
if ($parent > 0) {
$sql = "UPDATE `fcms_status`\n SET `updated` = NOW()\n WHERE `id` = ?\n LIMIT 1;";
if (!$this->fcmsDatabase->update($sql, $parent)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
}
// Post to facebook
if (isset($_POST['update_fb'])) {
$data = getFacebookConfigData();
// Send status to facebook
if (!empty($data['fb_app_id']) && !empty($data['fb_secret'])) {
$facebook = new Facebook(array('appId' => $data['fb_app_id'], 'secret' => $data['fb_secret']));
// Check if the user is logged in and authed
$user = $facebook->getUser();
if ($user) {
try {
$statusUpdate = $facebook->api('/me/feed', 'post', array('message' => $_POST['status'], 'cb' => ''));
} catch (FacebookApiException $e) {
printr($e);
}
}
}
}
// Email members
$sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) > 0) {
$url = getDomainAndDir();
$headers = getEmailHeaders();
$name = getUserDisplayName($this->fcmsUser->id);
foreach ($rows as $r) {
$to = getUserDisplayName($r['user']);
$subject = sprintf(T_('%s added a new status update.'), $name);
$email = $r['email'];
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'home.php
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $headers);
}
}
header("Location: home.php");
}
/**
* checkScheduler
*
* Checks the FCMS Scheduler to see if any scheduled jobs need run.
*
* @param string $subdir
*
* @return void
*/
function checkScheduler($subdir = '')
{
global $fcmsDatabase, $fcmsError;
$sql = "SELECT `id`, `type`, `repeat`, `lastrun`\n FROM `fcms_schedule`\n WHERE `status` = 1";
$rows = $fcmsDatabase->getRows($sql);
if ($rows === false) {
$fcmsError->displayError();
return;
}
if (count($rows) <= 0) {
return;
}
$url = getDomainAndDir();
// Remove subdirectory from end (admin/ or gallery/)
if (!empty($subdir)) {
$url = str_replace($subdir, "", $url);
}
foreach ($rows as $row) {
$runJob = false;
$hourAgo = strtotime('-1 hours');
$dayAgo = strtotime('-1 days');
$lastrun = strtotime($row['lastrun']);
$type = cleanOutput($row['type']);
// Job has never been run
if ($row['lastrun'] == '0000-00-00 00:00:00') {
$runJob = true;
} elseif ($row['repeat'] == 'hourly') {
if ($lastrun < $hourAgo) {
$runJob = true;
}
} elseif ($row['repeat'] == 'daily') {
if ($lastrun < $dayAgo) {
$runJob = true;
}
}
// Attempt to run scheduled job
if ($runJob) {
postAsync($url . 'cron.php', array('job_type' => $type));
return;
}
}
}
/**
* displayAddFormSubmit
*
* @return void
*/
function displayAddFormSubmit()
{
$for = strip_tags($_POST['for']);
$desc = strip_tags($_POST['desc']);
$sql = "INSERT INTO `fcms_prayers`\n (`for`, `desc`, `user`, `date`) \n VALUES\n (?, ?, ?, NOW())";
$params = array($for, $desc, $this->fcmsUser->id);
if (!$this->fcmsDatabase->insert($sql, $params)) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email members
$sql = "SELECT u.`email`, s.`user`\n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`";
$rows = $this->fcmsDatabase->getRows($sql);
if ($rows === false) {
$this->displayHeader();
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) > 0) {
$name = getUserDisplayName($this->fcmsUser->id);
$subject = sprintf(T_('%s added a new Prayer Concern for %s'), $name, $for);
$url = getDomainAndDir();
$email_headers = getEmailHeaders();
foreach ($rows as $r) {
$to = getUserDisplayName($r['user']);
$email = $r['email'];
$msg = T_('Dear') . ' ' . $to . ',
' . $subject . '
' . $url . 'prayers.php
----
' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . '
' . $url . 'settings.php
';
mail($email, $subject, $msg, $email_headers);
}
}
$_SESSION['success'] = 1;
header("Location: prayers.php");
}
/**
* displayCreateSubmit
*
* @return void
*/
function displayCreateSubmit()
{
$this->displayHeader();
// Check Required Fields
$requiredFields = array('username', 'password', 'fname', 'lname', 'sex', 'email');
$missingRequired = false;
foreach ($requiredFields as $field) {
if (!isset($_POST[$field])) {
$missingRequired = true;
}
}
if ($missingRequired) {
$this->fcmsAdminMembers->displayCreateMemberForm(T_('Missing Required Field'));
$this->displayFooter();
return;
}
// Check Email
$sql = "SELECT `email` FROM `fcms_users` \n WHERE `email` = ?";
$rows = $this->fcmsDatabase->getRows($sql, $_POST['email']);
if ($rows === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
if (count($rows) > 0) {
$this->fcmsAdminMembers->displayCreateMemberForm(sprintf(T_('The email address %s is already in use. Please choose a different email.'), $_POST['email']));
$this->displayFooter();
return;
}
// birthday
$year = '';
$month = '';
$day = '';
if (!empty($_POST['year'])) {
$year = (int) $_POST['year'];
}
if (!empty($_POST['month'])) {
$month = (int) $_POST['month'];
$month = str_pad($month, 2, "0", STR_PAD_LEFT);
}
if (!empty($_POST['day'])) {
$day = (int) $_POST['day'];
$day = str_pad($day, 2, "0", STR_PAD_LEFT);
}
$fname = strip_tags($_POST['fname']);
$mname = strip_tags($_POST['mname']);
$lname = strip_tags($_POST['lname']);
$maiden = strip_tags($_POST['maiden']);
$sex = strip_tags($_POST['sex']);
$email = strip_tags($_POST['email']);
$username = strip_tags($_POST['username']);
$hasher = new PasswordHash(8, FALSE);
$hashPassword = $hasher->HashPassword($_POST['password']);
// Create new member
$sql = "INSERT INTO `fcms_users`\n (`access`, `joindate`, `fname`, `mname`, `lname`, `maiden`, `sex`, `email`, `dob_year`, `dob_month`, `dob_day`,\n `username`, `phpass`, `activated`)\n VALUES\n (3, NOW(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1)";
$params = array($fname, $mname, $lname, $maiden, $sex, $email, $year, $month, $day, $username, $hashPassword);
$lastid = $this->fcmsDatabase->insert($sql, $params);
if ($lastid === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Create member's address
$sql = "INSERT INTO `fcms_address`\n (`user`, `created_id`, `created`, `updated_id`, `updated`)\n VALUES\n (?, ?, NOW(), ?, NOW())";
$addressParams = array($lastid, $this->fcmsUser->id, $this->fcmsUser->id);
if (!$this->fcmsDatabase->insert($sql, $addressParams)) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Create member's settings
$sql = "INSERT INTO `fcms_user_settings`\n (`user`)\n VALUES\n (?)";
if (!$this->fcmsDatabase->insert($sql, array($lastid))) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Email member
if (isset($_POST['invite'])) {
$from = getUserDisplayName($this->fcmsUser->id, 2);
$sitename = getSiteName();
$subject = sprintf(T_('Invitation to %s'), $sitename);
$url = getDomainAndDir();
$pos = strrpos($url, 'admin/');
if ($pos !== false) {
$url = substr($url, 0, $pos);
}
$message = $fname . ' ' . $lname . ',
' . sprintf(T_('You have been invited by %s to join %s.'), $from, $sitename) . '
' . T_('You can login using the following information') . ':
' . T_('URL') . ': ' . $url . '
' . T_('Username') . ': ' . $username . '
' . T_('Password') . ': ' . $_POST['password'] . '
' . T_('Thanks') . ',
' . sprintf(T_('The %s Webmaster'), $sitename) . '
' . T_('This is an automated response, please do not reply.');
mail($email, $subject, $message, getEmailHeaders());
}
$this->fcmsAdminMembers->displayMemberList(1);
displayOkMessageAdmin();
$this->displayFooter();
}
/**
* displayYouTubeUploadFilePage
*
* Takes the post data from the previous form, sends to youtube, creates new entry,
* and prints the video file upload form.
*
* @return void
*/
function displayYouTubeUploadFilePage()
{
$this->displayHeader();
$videoTitle = '';
$videoDescription = '';
if (isset($_POST['title'])) {
$videoTitle = strip_tags($_POST['title']);
}
if (isset($_POST['description'])) {
$videoDescription = strip_tags($_POST['description']);
}
$videoCategory = isset($_POST['category']) ? $_POST['category'] : '';
$videoUnlisted = isset($_POST['unlisted']) ? true : false;
// Create fcms video - we update after the youtube video is created
$sql = "INSERT INTO `fcms_video` (\n `source_id`, \n `title`, \n `description`, \n `source`, \n `created`, \n `created_id`, \n `updated`, \n `updated_id`\n )\n VALUES\n ('0', ?, ?, 'youtube', NOW(), ?, NOW(), ?)";
$params = array($videoTitle, $videoDescription, $this->fcmsUser->id, $this->fcmsUser->id);
$lastId = $this->fcmsDatabase->insert($sql, $params);
if ($lastId === false) {
$this->fcmsError->displayError();
$this->displayFooter();
return;
}
// Save fcms video id
$_SESSION['fcmsVideoId'] = $lastId;
$sessionToken = $this->getSessionToken($this->fcmsUser->id);
$youtubeConfig = getYouTubeConfigData();
$httpClient = getYouTubeAuthSubHttpClient($youtubeConfig['youtube_key'], $sessionToken);
if ($httpClient === false) {
// Error message was already displayed by getYouTubeAuthSubHttpClient()
$this->displayFooter();
die;
}
$youTubeService = new Zend_Gdata_YouTube($httpClient);
$newVideoEntry = new Zend_Gdata_YouTube_VideoEntry();
$newVideoEntry->setVideoTitle($videoTitle);
$newVideoEntry->setVideoDescription($videoDescription);
$newVideoEntry->setVideoCategory($videoCategory);
// make video unlisted
if ($videoUnlisted) {
$unlisted = new Zend_Gdata_App_Extension_Element('yt:accessControl', 'yt', 'http://gdata.youtube.com/schemas/2007', '');
$unlisted->setExtensionAttributes(array(array('namespaceUri' => '', 'name' => 'action', 'value' => 'list'), array('namespaceUri' => '', 'name' => 'permission', 'value' => 'denied')));
$newVideoEntry->setExtensionElements(array($unlisted));
}
try {
$tokenArray = $youTubeService->getFormUploadToken($newVideoEntry, 'http://gdata.youtube.com/action/GetUploadToken');
} catch (Exception $e) {
echo '
<div class="error-alert">
<p>' . T('Could not retrieve token for syndicated upload.') . '</p>
<p>' . $e->getMessage() . '</p>
</div>';
$this->displayFooter();
return;
}
$tokenValue = $tokenArray['token'];
$postUrl = $tokenArray['url'];
$nextUrl = getDomainAndDir() . 'video.php?upload=youtube';
echo '
<form action="' . $postUrl . '?nexturl=' . $nextUrl . '" method="post" enctype="multipart/form-data">
<fieldset>
<legend><span>' . T_('Upload YouTube Video') . '</span></legend>
<div class="field-row">
<div class="field-label"><label><b>' . T_('Title') . '</b></label></div>
<div class="field-widget"><b>' . $videoTitle . '</b></div>
</div>
<div class="field-row">
<div class="field-label"><label><b>' . T_('Video') . '</b></label></div>
<div class="field-widget">
<input type="file" name="file" size="50"/>
</div>
</div>
<input name="token" type="hidden" value="' . $tokenValue . '"/>
<input class="sub1" type="submit" id="upload_file" name="upload_file" value="' . T_('Upload') . '"/>
</fieldset>
</form>';
$this->displayFooter();
}
/**
* displayEditPicasa
*
* @return void
*/
function displayEditPicasa()
{
$this->displayHeader();
$token = getUserPicasaSessionToken($this->fcmsUser->id);
// Setup url for callbacks
$callbackUrl = getDomainAndDir();
$callbackUrl .= 'settings.php?view=picasa';
if (!is_null($token)) {
$httpClient = Zend_Gdata_AuthSub::getHttpClient($token);
$picasaService = new Zend_Gdata_Photos($httpClient, "Google-DevelopersGuide-1.0");
try {
$feed = $picasaService->getUserFeed("default");
} catch (Zend_Gdata_App_Exception $e) {
print '<div class="error-alert">' . T_('Could not get Picasa session token.') . '</div>';
return;
}
$username = $feed->getTitle();
$user = '******' . $username . '">' . $username . '</a>';
$status = sprintf(T_('Currently connected as: %s'), $user);
$link = '<a class="disconnect" href="?revoke=picasa">' . T_('Disconnect') . '</a>';
} else {
$url = Zend_Gdata_AuthSub::getAuthSubTokenUri($callbackUrl, 'https://picasaweb.google.com/data', false, true);
$status = T_('Not Connected');
$link = '<a href="' . $url . '">' . T_('Connect') . '</a>';
}
echo '
<div class="social-media-connect">
<img class="icon" src="ui/img/picasa.png" alt="Picasa"/>
<h2>Picasa Web</h2>
<p>' . T_('Picasa Web allows users to share photos with friends and family.') . '</p>
<div class="status">' . $status . '</div>
<div class="action">' . $link . '</div>
</div>';
$this->displayFooter();
}
