/** * displayAddNewsSubmit * * @return void */ function displayAddNewsSubmit() { $sql = "INSERT INTO `fcms_news`\n (`title`, `news`, `user`, `created`, `updated`)\n VALUES\n (?, ?, ? ,NOW(), NOW())"; $params = array($_POST['title'], $_POST['post'], $this->fcmsUser->id); $newNewsId = $this->fcmsDatabase->insert($sql, $params); if ($newNewsId === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $url = getDomainAndDir(); $email_headers = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $subject = sprintf(T_('%s has added %s to his/her Family News'), $name, $_POST['title']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'familynews.php?getnews=' . $this->fcmsUser->id . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } $user = (int) $this->fcmsUser->id; header("Location: familynews.php?getnews={$user}&newsid={$newNewsId}"); }
/** * displayAddRecipeSubmit * * @return void */ function displayAddRecipeSubmit() { $name = strip_tags($_POST['name']); $category = (int) $_POST['category']; $ingredients = strip_tags($_POST['ingredients']); $directions = strip_tags($_POST['directions']); $thumbnail = 'no_recipe.jpg'; $uploadsPath = getUploadsAbsolutePath(); // Upload Recipe Image if (isset($_FILES['thumbnail']) && $_FILES['thumbnail']['name'] && $_FILES['thumbnail']['error'] < 1) { $this->fcmsImage->destination = $uploadsPath . 'upimages/'; $this->fcmsImage->uniqueName = true; $thumbnail = $this->fcmsImage->upload($_FILES['thumbnail']); if ($this->fcmsImage->error == 1) { $this->displayHeader(); echo ' <p class="error-alert"> ' . sprintf(T_('Thumbnail [%s] is not a supported type. Thumbnails must be of type (.jpg, .jpeg, .gif, .bmp or .png).'), $this->img->name) . ' </p>'; $this->displayFooter(); return; } $this->fcmsImage->resize(100, 100); if ($this->fcmsImage->error > 0) { $this->displayHeader(); echo ' <p class="error-alert"> ' . T_('There was an error uploading your thumbnail.') . ' </p>'; $this->displayFooter(); return; } } $sql = "INSERT INTO `fcms_recipes` \n (`name`, `thumbnail`, `category`, `ingredients`, `directions`, `user`, `date`) \n VALUES\n (?, ?, ?, ?, ?, ?, NOW())"; $params = array($name, $thumbnail, $category, $ingredients, $directions, $this->fcmsUser->id); $rec_id = $this->fcmsDatabase->insert($sql, $params); if ($rec_id === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { foreach ($rows as $r) { $recipeUser = getUserDisplayName($this->fcmsUser->id); $to = getUserDisplayName($r['user']); $subject = sprintf(T_('%s has added the recipe: %s'), $recipeUser, $name); $email = $r['email']; $url = getDomainAndDir(); $email_headers = getEmailHeaders(); $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'recipes.php?category=' . $category . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } header("Location: recipes.php?category={$category}&id={$rec_id}"); }
/** * handleAutoActivation * * @param string $email email address to send email to * @param string $subject subject of email * @param int $id id of user being activated * @param string $sitename sitename * * @return void */ function handleAutoActivation($email, $subject, $id, $sitename) { $code = uniqid(''); //bug in some versions of php, needs some value here $sql = "UPDATE `fcms_users` \n SET `activate_code` = ?\n WHERE `id` = ?"; if (!$this->fcmsDatabase->update($sql, array($code, $id))) { $this->fcmsError->displayError(); $this->displayFooter(); die; } $message = T_('Please click the following link to activate your account') . ': ' . getDomainAndDir() . 'activate.php?uid=' . $id . '&code=' . $code; echo ' <div id="msg"> <h1>' . T_('Congratulations and Welcome') . '</h1> <p> ' . sprintf(T_('You have been successfully registered at %s.'), $sitename) . ' ' . sprintf(T_('Your account information has been emailed to %s.'), $email) . '<br/> <b>' . T_('Please remember your username and password for this site.') . '</b> </p> <p>' . T_('Unfortunately you must activate your account before you can <a href="index.php">login</a> and begin using the site') . '</p> </div>'; mail($email, $subject, $message, getEmailHeaders()); }
/** * displayAddDocumentSubmit * * @return void */ function displayAddDocumentSubmit() { $doc = $_FILES['doc']['name']; $doc = cleanFilename($doc); $desc = $_POST['desc']; $mime = $_FILES['doc']['type']; $result = $this->fcmsDocument->uploadDocument($_FILES['doc'], $doc); if ($result === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } $sql = "INSERT INTO `fcms_documents` (\n `name`, `description`, `mime`, `user`, `date`\n ) VALUES(\n ?, ?, ?, ?, NOW()\n )"; $params = array($doc, $desc, $mime, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $url = getDomainAndDir(); $subject = sprintf(T_('%s has added a new document (%s).'), $name, $doc); $email_headers = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'documents.php ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } $_SESSION['ok'] = 1; header("Location: documents.php"); }
/** * emailMembersNewPhotos * * @param int $categoryId * * @return void */ function emailMembersNewPhotos($categoryId) { $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $subject = sprintf(T_('%s has added a new photo.'), $name); $url = getDomainAndDir(); $emailHeaders = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'index.php?uid=' . $this->fcmsUser->id . '&cid=' . $category . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $emailHeaders); } } }
/** * displayComposeFormSubmit * * @return void */ function displayComposeFormSubmit() { $to = (int) $_POST['to']; $title = strip_tags($_POST['title']); $msg = strip_tags($_POST['post']); if (strlen($title) <= 0 || strlen($msg) <= 0) { header("Location: privatemsg.php"); return; } // Insert the PM into the DB $sql = "INSERT INTO `fcms_privatemsg` \n (`to`, `from`, `date`, `title`, `msg`) \n VALUES\n (?, ?, NOW(), ?, ?)"; $params = array($to, $this->fcmsUser->id, $title, $msg); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email the PM to the user $sql = "SELECT `email` FROM `fcms_users` \n WHERE `id` = ?"; $r = $this->fcmsDatabase->getRow($sql, $to); if ($r === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } $from = $this->fcmsUser->displayName; $reply = $this->fcmsUser->email; $toName = getUserDisplayName($to); $sitename = getSiteName(); $sitename = html_entity_decode($sitename); $subject = sprintf(T_('A new Private Message at %s'), $sitename); $email = $r['email']; $url = getDomainAndDir(); $email_headers = 'From: ' . $sitename . ' <' . getContactEmail() . '>' . "\r\n"; $email_headers .= 'Reply-To: ' . $reply . "\r\n"; $email_headers .= 'Content-Type: text/plain; charset=UTF-8;' . "\r\n"; $email_headers .= 'MIME-Version: 1.0' . "\r\n"; $email_headers .= 'X-Mailer: PHP/' . phpversion(); $email_msg = T_('Dear') . ' ' . $toName . ', ' . sprintf(T_('%s has sent you a new Private Message at %s'), $from, $sitename) . ' ' . T_('The message has been attached below.') . ' ' . sprintf(T_('To respond to this message either visit %s or respond to this email.'), $url . 'privatemsg.php') . ' ---- ' . T_('From') . ': ' . $from . ' ' . T_('Message Title') . ': ' . $title . ' ' . $msg . ' '; mail($email, $subject, $email_msg, $email_headers); $_SESSION['success'] = 1; header("Location: privatemsg.php"); }
/** * displayNewPostSubmit * * @return void */ function displayNewPostSubmit() { $post = $_POST['post']; $threadId = (int) $_POST['thread_id']; // Update Thread info $sql = "UPDATE `fcms_board_threads` \n SET `updated` = NOW(), \n `updated_by` = ?\n WHERE `id` = ?"; if (!$this->fcmsDatabase->update($sql, array($this->fcmsUser->id, $threadId))) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Insert new Post $sql = "INSERT INTO `fcms_board_posts`\n (`date`, `thread`, `user`, `post`)\n VALUES\n (NOW(), ?, ?, ?)"; $params = array($threadId, $this->fcmsUser->id, $post); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $sql = "SELECT `subject` \n FROM `fcms_board_threads` \n WHERE `id` = ?"; $threadInfo = $this->fcmsDatabase->getRow($sql, $threadId); if ($threadInfo === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } $threadSubject = $threadInfo['subject']; $pos = strpos($threadSubject, '#ANOUNCE#'); if ($pos !== false) { $threadSubject = substr($threadSubject, 9, strlen($threadSubject) - 9); } $emailHeaders = getEmailHeaders(); $subject = sprintf(T_('%s has replied to the thread: %s'), $name, $threadSubject); $url = getDomainAndDir(); foreach ($rows as $r) { $email = $r['email']; $to = getUserDisplayName($r['user']); $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'messageboard.php?thread=' . $threadId . ' ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $emailHeaders); } } header("Location: messageboard.php?thread={$threadId}"); }
/** * getAuthedGoogleClient * * Will return a Google_Client on success, * or false on failure. * * @return mixed */ function getAuthedGoogleClient($userId) { $fcmsError = FCMS_Error::getInstance(); $config = getGoogleConfigData(); $user = getGoogleUserData($userId); if (empty($user['google_session_token'])) { return false; } if (empty($config['google_client_id']) || empty($config['google_client_secret'])) { return false; } // Setup url for callbacks $callbackUrl = getDomainAndDir(); $callbackUrl .= 'settings.php?view=google&oauth2callback'; $googleClient = new Google_Client(); $googleClient->setClientId($config['google_client_id']); $googleClient->setClientSecret($config['google_client_secret']); $googleClient->setAccessType('offline'); $googleClient->setScopes(array('https://www.googleapis.com/auth/youtube.force-ssl', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', 'https://picasaweb.google.com/data/')); $googleClient->setRedirectUri($callbackUrl); // We still have a token saved if (isset($_SESSION['googleSessionToken'])) { try { $googleClient->setAccessToken($_SESSION['googleSessionToken']); // Make sure our access token is still good if ($googleClient->isAccessTokenExpired()) { $googleClient->refreshToken($user['google_session_token']); } } catch (Exception $e) { $fcmsError->add(array('type' => 'operation', 'message' => 'Could not get Google Session Token.', 'error' => $e, 'file' => __FILE__, 'line' => __LINE__)); return false; } } elseif (!empty($user['google_session_token'])) { try { $googleClient->refreshToken($user['google_session_token']); $_SESSION['googleSessionToken'] = $googleClient->getAccessToken(); } catch (Exception $e) { $fcmsError->add(array('type' => 'operation', 'message' => 'Could not get Google Session Token.', 'error' => $e, 'file' => __FILE__, 'line' => __LINE__)); return false; } } return $googleClient; }
/** * displayEditGoogle * * @return void */ function displayEditGoogle() { $this->displayHeader(); $config = getGoogleConfigData(); $user = getGoogleUserData($this->fcmsUser->id); // Setup url for callbacks $callbackUrl = getDomainAndDir(); $callbackUrl .= 'settings.php?view=google&oauth2callback'; $_SESSION['callback_url'] = $callbackUrl; if (!empty($config['google_client_id']) || !empty($config['google_client_secret'])) { $googleClient = new Google_Client(); $googleClient->setClientId($config['google_client_id']); $googleClient->setClientSecret($config['google_client_secret']); $googleClient->setAccessType('offline'); $googleClient->setScopes(array('https://www.googleapis.com/auth/youtube.force-ssl', 'https://www.googleapis.com/auth/userinfo.email', 'https://www.googleapis.com/auth/userinfo.profile', 'https://picasaweb.google.com/data/')); $googleClient->setRedirectUri($callbackUrl); // We still have a token saved if (isset($_SESSION['googleSessionToken'])) { try { $googleClient->setAccessToken($_SESSION['googleSessionToken']); // Make sure our access token is still good if ($googleClient->isAccessTokenExpired()) { $googleClient->refreshToken($user['google_session_token']); } } catch (Exception $e) { $failure = 1; } } elseif (!empty($user['google_session_token'])) { try { $googleClient->refreshToken($user['google_session_token']); $_SESSION['googleSessionToken'] = $googleClient->getAccessToken(); } catch (Exception $e) { $failure = 1; } } if (!isset($failure) && isset($_SESSION['googleSessionToken'])) { try { $youtube = new Google_Service_YouTube($googleClient); $channel = $youtube->channels->listChannels('id', array('mine' => 'true')); } catch (Exception $e) { echo '<div class="error-alert">ERROR: ' . $e->getMessage() . '</div>'; $this->displayFooter(); return; } $oAuth = new Google_Service_Oauth2($googleClient); $userInfo = $oAuth->userinfo->get(); $user = '******' . $channel->items[0]['id'] . '">' . $userInfo->email . '</a>'; $status = sprintf(T_('Currently connected as: %s'), $user); $link = '<a class="disconnect" href="?revoke=google">' . T_('Disconnect') . '</a>'; } else { $state = mt_rand(); $googleClient->setState($state); $_SESSION['state'] = $state; $url = $googleClient->createAuthUrl(); $status = T_('Not Connected'); $link = '<a href="' . $url . '">' . T_('Connect') . '</a>'; } } echo ' <div class="social-media-connect"> <img class="icon" src="ui/img/google.png" alt="Google"/> <h2>Google</h2> <p>' . T_('Connecting with Google will allow you to:') . '</p> <ul> <li>' . T_('Share your Picasa photos with this site.') . '</li> <li>' . T_('Share your YouTube videos with this site.') . '</li> </ul> <div class="status">' . $status . '</div> <div class="action">' . $link . '</div> </div>'; $this->displayFooter(); }
/** * displayInvitationSubmit * * @return void */ function displayInvitationSubmit() { $this->displayHeader(); $calendarId = (int) $_POST['calendar']; // make sure the user submitted atleast one email address if (!isset($_POST['all-members']) && !isset($_POST['email']) && !isset($_POST['non-member-emails'])) { $error = T_('You must invite at least one guest.'); displayInvitationForm($calendarId, $error); return; } // Get any invitations already sent for this event $invitations = $this->getInvitations($calendarId, true); if ($invitations === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (!isset($invitations['_current_user'])) { // add the current user (host) to the invite as attending $sql = "INSERT INTO `fcms_invitation` \n (`event_id`, `user`, `created`, `updated`, `attending`)\n VALUES \n (?, ?, NOW(), NOW(), 1)"; $params = array($calendarId, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->fcmsError->displayError(); $this->displayFooter(); return; } } // Get the calendar event title $sql = "SELECT `title` \n FROM `fcms_calendar` \n WHERE `id` = ?"; $r = $this->fcmsDatabase->getRow($sql, $calendarId); if ($r === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } $title = $r['title']; $invitees = array(); $nonMembers = array(); $members = array(); // get emails from textarea if (isset($_POST['non-member-emails'])) { $nonMembers = explode("\n", $_POST['non-member-emails']); } // get any members that have been invited if (isset($_POST['all-members'])) { $sql = "SELECT `id`, `email` \n FROM `fcms_users` \n WHERE `activated` > 0\n AND `phpass` != 'NONMEMBER'\n AND `id` != ?"; $rows = $this->fcmsDatabase->getRows($sql, $this->fcmsUser->id); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } foreach ($rows as $r) { array_push($members, array('id' => $r['id'], 'email' => $r['email'])); } } elseif (isset($_POST['member'])) { foreach ($_POST['member'] as $id) { array_push($members, array('id' => $id, 'email' => $_POST["id{$id}"])); } } // merge all emails into one big list $invitees = array_merge($nonMembers, $members); // Create the invite and send the emails to each invitee foreach ($invitees as $invitee) { if (empty($invitee)) { continue; } // create a code for this user $code = uniqid(''); $user = 0; $email = ''; $toEmail = ''; $toName = ''; $fromName = getUserDisplayName($this->fcmsUser->id); $url = getDomainAndDir(); // member if (is_array($invitee)) { $user = (int) $invitee['id']; $toEmail = rtrim($invitee['email']); $toName = getUserDisplayName($user); $email = null; $url .= 'calendar.php?event=' . $calendarId; } else { $user = 0; $toEmail = rtrim($invitee); $toName = $toEmail; $email = $toEmail; $url .= 'invitation.php?event=' . $calendarId . '&code=' . $code; } // Skip email address that have already been invited if (isset($invitations[$toEmail])) { continue; } // add an invitation to db $sql = "INSERT INTO `fcms_invitation` \n (`event_id`, `user`, `email`, `created`, `updated`, `code`)\n VALUES \n (?, ?, ?, NOW(), NOW(), ?)"; $params = array($calendarId, $user, $email, $code); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Send email invitation $subject = sprintf(T_pgettext('%s is the title of an event', 'Invitation: %s'), $title); $msg = sprintf(T_pgettext('%s is the name of a person, like Dear Bob,', 'Dear %s,'), $toName) . ' ' . sprintf(T_pgettext('The first %s is the name of a person, the second is the title of an event', '%s has invited you to %s.'), $fromName, $title) . ' ' . T_('Please visit the link below to view the rest of this invitation.') . ' ' . $url . ' ---- ' . T_('This is an automated response, please do not reply.') . ' '; $email_headers = getEmailHeaders(); mail($toEmail, $subject, $msg, $email_headers); } displayOkMessage(); $this->fcmsCalendar->displayEvent($calendarId); $this->displayFooter(); }
/** * displayStatusUpdateSubmit * * @return void */ function displayStatusUpdateSubmit() { $status = $_POST['status']; $parent = 0; // Submited blank form? if (empty($_POST['status'])) { header("Location: home.php"); return; } if (isset($_POST['parent'])) { $parent = (int) $_POST['parent']; } // Insert new status $sql = "INSERT INTO `fcms_status`\n (`user`, `status`, `parent`, `created`, `updated`)\n VALUES\n (?, ?, ?, NOW(), NOW())"; $params = array($this->fcmsUser->id, $status, $parent); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // If replying, update the orig status updated date, so it bumps up to the top of the list if ($parent > 0) { $sql = "UPDATE `fcms_status`\n SET `updated` = NOW()\n WHERE `id` = ?\n LIMIT 1;"; if (!$this->fcmsDatabase->update($sql, $parent)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } } // Post to facebook if (isset($_POST['update_fb'])) { $data = getFacebookConfigData(); // Send status to facebook if (!empty($data['fb_app_id']) && !empty($data['fb_secret'])) { $facebook = new Facebook(array('appId' => $data['fb_app_id'], 'secret' => $data['fb_secret'])); // Check if the user is logged in and authed $user = $facebook->getUser(); if ($user) { try { $statusUpdate = $facebook->api('/me/feed', 'post', array('message' => $_POST['status'], 'cb' => '')); } catch (FacebookApiException $e) { printr($e); } } } } // Email members $sql = "SELECT u.`email`, s.`user` \n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $url = getDomainAndDir(); $headers = getEmailHeaders(); $name = getUserDisplayName($this->fcmsUser->id); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $subject = sprintf(T_('%s added a new status update.'), $name); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'home.php ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $headers); } } header("Location: home.php"); }
/** * checkScheduler * * Checks the FCMS Scheduler to see if any scheduled jobs need run. * * @param string $subdir * * @return void */ function checkScheduler($subdir = '') { global $fcmsDatabase, $fcmsError; $sql = "SELECT `id`, `type`, `repeat`, `lastrun`\n FROM `fcms_schedule`\n WHERE `status` = 1"; $rows = $fcmsDatabase->getRows($sql); if ($rows === false) { $fcmsError->displayError(); return; } if (count($rows) <= 0) { return; } $url = getDomainAndDir(); // Remove subdirectory from end (admin/ or gallery/) if (!empty($subdir)) { $url = str_replace($subdir, "", $url); } foreach ($rows as $row) { $runJob = false; $hourAgo = strtotime('-1 hours'); $dayAgo = strtotime('-1 days'); $lastrun = strtotime($row['lastrun']); $type = cleanOutput($row['type']); // Job has never been run if ($row['lastrun'] == '0000-00-00 00:00:00') { $runJob = true; } elseif ($row['repeat'] == 'hourly') { if ($lastrun < $hourAgo) { $runJob = true; } } elseif ($row['repeat'] == 'daily') { if ($lastrun < $dayAgo) { $runJob = true; } } // Attempt to run scheduled job if ($runJob) { postAsync($url . 'cron.php', array('job_type' => $type)); return; } } }
/** * displayAddFormSubmit * * @return void */ function displayAddFormSubmit() { $for = strip_tags($_POST['for']); $desc = strip_tags($_POST['desc']); $sql = "INSERT INTO `fcms_prayers`\n (`for`, `desc`, `user`, `date`) \n VALUES\n (?, ?, ?, NOW())"; $params = array($for, $desc, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $params)) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email members $sql = "SELECT u.`email`, s.`user`\n FROM `fcms_user_settings` AS s, `fcms_users` AS u \n WHERE `email_updates` = '1'\n AND u.`id` = s.`user`"; $rows = $this->fcmsDatabase->getRows($sql); if ($rows === false) { $this->displayHeader(); $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $name = getUserDisplayName($this->fcmsUser->id); $subject = sprintf(T_('%s added a new Prayer Concern for %s'), $name, $for); $url = getDomainAndDir(); $email_headers = getEmailHeaders(); foreach ($rows as $r) { $to = getUserDisplayName($r['user']); $email = $r['email']; $msg = T_('Dear') . ' ' . $to . ', ' . $subject . ' ' . $url . 'prayers.php ---- ' . T_('To stop receiving these notifications, visit the following url and change your \'Email Update\' setting to No:') . ' ' . $url . 'settings.php '; mail($email, $subject, $msg, $email_headers); } } $_SESSION['success'] = 1; header("Location: prayers.php"); }
/** * displayCreateSubmit * * @return void */ function displayCreateSubmit() { $this->displayHeader(); // Check Required Fields $requiredFields = array('username', 'password', 'fname', 'lname', 'sex', 'email'); $missingRequired = false; foreach ($requiredFields as $field) { if (!isset($_POST[$field])) { $missingRequired = true; } } if ($missingRequired) { $this->fcmsAdminMembers->displayCreateMemberForm(T_('Missing Required Field')); $this->displayFooter(); return; } // Check Email $sql = "SELECT `email` FROM `fcms_users` \n WHERE `email` = ?"; $rows = $this->fcmsDatabase->getRows($sql, $_POST['email']); if ($rows === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } if (count($rows) > 0) { $this->fcmsAdminMembers->displayCreateMemberForm(sprintf(T_('The email address %s is already in use. Please choose a different email.'), $_POST['email'])); $this->displayFooter(); return; } // birthday $year = ''; $month = ''; $day = ''; if (!empty($_POST['year'])) { $year = (int) $_POST['year']; } if (!empty($_POST['month'])) { $month = (int) $_POST['month']; $month = str_pad($month, 2, "0", STR_PAD_LEFT); } if (!empty($_POST['day'])) { $day = (int) $_POST['day']; $day = str_pad($day, 2, "0", STR_PAD_LEFT); } $fname = strip_tags($_POST['fname']); $mname = strip_tags($_POST['mname']); $lname = strip_tags($_POST['lname']); $maiden = strip_tags($_POST['maiden']); $sex = strip_tags($_POST['sex']); $email = strip_tags($_POST['email']); $username = strip_tags($_POST['username']); $hasher = new PasswordHash(8, FALSE); $hashPassword = $hasher->HashPassword($_POST['password']); // Create new member $sql = "INSERT INTO `fcms_users`\n (`access`, `joindate`, `fname`, `mname`, `lname`, `maiden`, `sex`, `email`, `dob_year`, `dob_month`, `dob_day`,\n `username`, `phpass`, `activated`)\n VALUES\n (3, NOW(), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 1)"; $params = array($fname, $mname, $lname, $maiden, $sex, $email, $year, $month, $day, $username, $hashPassword); $lastid = $this->fcmsDatabase->insert($sql, $params); if ($lastid === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Create member's address $sql = "INSERT INTO `fcms_address`\n (`user`, `created_id`, `created`, `updated_id`, `updated`)\n VALUES\n (?, ?, NOW(), ?, NOW())"; $addressParams = array($lastid, $this->fcmsUser->id, $this->fcmsUser->id); if (!$this->fcmsDatabase->insert($sql, $addressParams)) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Create member's settings $sql = "INSERT INTO `fcms_user_settings`\n (`user`)\n VALUES\n (?)"; if (!$this->fcmsDatabase->insert($sql, array($lastid))) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Email member if (isset($_POST['invite'])) { $from = getUserDisplayName($this->fcmsUser->id, 2); $sitename = getSiteName(); $subject = sprintf(T_('Invitation to %s'), $sitename); $url = getDomainAndDir(); $pos = strrpos($url, 'admin/'); if ($pos !== false) { $url = substr($url, 0, $pos); } $message = $fname . ' ' . $lname . ', ' . sprintf(T_('You have been invited by %s to join %s.'), $from, $sitename) . ' ' . T_('You can login using the following information') . ': ' . T_('URL') . ': ' . $url . ' ' . T_('Username') . ': ' . $username . ' ' . T_('Password') . ': ' . $_POST['password'] . ' ' . T_('Thanks') . ', ' . sprintf(T_('The %s Webmaster'), $sitename) . ' ' . T_('This is an automated response, please do not reply.'); mail($email, $subject, $message, getEmailHeaders()); } $this->fcmsAdminMembers->displayMemberList(1); displayOkMessageAdmin(); $this->displayFooter(); }
/** * displayYouTubeUploadFilePage * * Takes the post data from the previous form, sends to youtube, creates new entry, * and prints the video file upload form. * * @return void */ function displayYouTubeUploadFilePage() { $this->displayHeader(); $videoTitle = ''; $videoDescription = ''; if (isset($_POST['title'])) { $videoTitle = strip_tags($_POST['title']); } if (isset($_POST['description'])) { $videoDescription = strip_tags($_POST['description']); } $videoCategory = isset($_POST['category']) ? $_POST['category'] : ''; $videoUnlisted = isset($_POST['unlisted']) ? true : false; // Create fcms video - we update after the youtube video is created $sql = "INSERT INTO `fcms_video` (\n `source_id`, \n `title`, \n `description`, \n `source`, \n `created`, \n `created_id`, \n `updated`, \n `updated_id`\n )\n VALUES\n ('0', ?, ?, 'youtube', NOW(), ?, NOW(), ?)"; $params = array($videoTitle, $videoDescription, $this->fcmsUser->id, $this->fcmsUser->id); $lastId = $this->fcmsDatabase->insert($sql, $params); if ($lastId === false) { $this->fcmsError->displayError(); $this->displayFooter(); return; } // Save fcms video id $_SESSION['fcmsVideoId'] = $lastId; $sessionToken = $this->getSessionToken($this->fcmsUser->id); $youtubeConfig = getYouTubeConfigData(); $httpClient = getYouTubeAuthSubHttpClient($youtubeConfig['youtube_key'], $sessionToken); if ($httpClient === false) { // Error message was already displayed by getYouTubeAuthSubHttpClient() $this->displayFooter(); die; } $youTubeService = new Zend_Gdata_YouTube($httpClient); $newVideoEntry = new Zend_Gdata_YouTube_VideoEntry(); $newVideoEntry->setVideoTitle($videoTitle); $newVideoEntry->setVideoDescription($videoDescription); $newVideoEntry->setVideoCategory($videoCategory); // make video unlisted if ($videoUnlisted) { $unlisted = new Zend_Gdata_App_Extension_Element('yt:accessControl', 'yt', 'http://gdata.youtube.com/schemas/2007', ''); $unlisted->setExtensionAttributes(array(array('namespaceUri' => '', 'name' => 'action', 'value' => 'list'), array('namespaceUri' => '', 'name' => 'permission', 'value' => 'denied'))); $newVideoEntry->setExtensionElements(array($unlisted)); } try { $tokenArray = $youTubeService->getFormUploadToken($newVideoEntry, 'http://gdata.youtube.com/action/GetUploadToken'); } catch (Exception $e) { echo ' <div class="error-alert"> <p>' . T('Could not retrieve token for syndicated upload.') . '</p> <p>' . $e->getMessage() . '</p> </div>'; $this->displayFooter(); return; } $tokenValue = $tokenArray['token']; $postUrl = $tokenArray['url']; $nextUrl = getDomainAndDir() . 'video.php?upload=youtube'; echo ' <form action="' . $postUrl . '?nexturl=' . $nextUrl . '" method="post" enctype="multipart/form-data"> <fieldset> <legend><span>' . T_('Upload YouTube Video') . '</span></legend> <div class="field-row"> <div class="field-label"><label><b>' . T_('Title') . '</b></label></div> <div class="field-widget"><b>' . $videoTitle . '</b></div> </div> <div class="field-row"> <div class="field-label"><label><b>' . T_('Video') . '</b></label></div> <div class="field-widget"> <input type="file" name="file" size="50"/> </div> </div> <input name="token" type="hidden" value="' . $tokenValue . '"/> <input class="sub1" type="submit" id="upload_file" name="upload_file" value="' . T_('Upload') . '"/> </fieldset> </form>'; $this->displayFooter(); }
/** * displayEditPicasa * * @return void */ function displayEditPicasa() { $this->displayHeader(); $token = getUserPicasaSessionToken($this->fcmsUser->id); // Setup url for callbacks $callbackUrl = getDomainAndDir(); $callbackUrl .= 'settings.php?view=picasa'; if (!is_null($token)) { $httpClient = Zend_Gdata_AuthSub::getHttpClient($token); $picasaService = new Zend_Gdata_Photos($httpClient, "Google-DevelopersGuide-1.0"); try { $feed = $picasaService->getUserFeed("default"); } catch (Zend_Gdata_App_Exception $e) { print '<div class="error-alert">' . T_('Could not get Picasa session token.') . '</div>'; return; } $username = $feed->getTitle(); $user = '******' . $username . '">' . $username . '</a>'; $status = sprintf(T_('Currently connected as: %s'), $user); $link = '<a class="disconnect" href="?revoke=picasa">' . T_('Disconnect') . '</a>'; } else { $url = Zend_Gdata_AuthSub::getAuthSubTokenUri($callbackUrl, 'https://picasaweb.google.com/data', false, true); $status = T_('Not Connected'); $link = '<a href="' . $url . '">' . T_('Connect') . '</a>'; } echo ' <div class="social-media-connect"> <img class="icon" src="ui/img/picasa.png" alt="Picasa"/> <h2>Picasa Web</h2> <p>' . T_('Picasa Web allows users to share photos with friends and family.') . '</p> <div class="status">' . $status . '</div> <div class="action">' . $link . '</div> </div>'; $this->displayFooter(); }