public function run(&$params)
{
//>>1.定义不需要登陆验证的地址
$noCheck = array('Login/index', 'Verify/index');
//>>2.获取用户正在访问的url地址
$requestURL = CONTROLLER_NAME . '/' . ACTION_NAME;
if (in_array($requestURL, $noCheck)) {
return;
}
header('Content-Type: text/html;charset=utf-8');
//>>1.判定用户是否登陆
if (!isLogin()) {
$loginService = D('Login', 'Service');
if (!$loginService->autoLogin()) {
//进行自动登录, 如果没有自动登录,就转向登录页面
redirect(U('Login/index'), 1, '请登陆!');
}
}
//>>3.如果是超级管理员不用在判定权限
if (isSuperUser()) {
return;
}
//>>2.判定登陆用户访问的url是否在他的权限范围之内
$urls = savePermissionURL();
if (!in_array($requestURL, $urls)) {
exit('权限不足!请求联系管理员!');
}
}
public function run(&$params)
{
//
//判断当前访问的url在不在这个数组中,如果在就直接访问
$accessarr = array('Login/login', 'Login/logout');
$requestURL = CONTROLLER_NAME . '/' . ACTION_NAME;
if (in_array($requestURL, $accessarr)) {
return;
}
//判断用户是否登录,如果未登录直接重定向到登录页面
if (!islogin()) {
$loginService = D('Login', 'Service');
$loginService->autoLogin();
redirect(U('Login/login'), 1, '请登陆!');
exit;
}
//判断是否是超级管理员
if (isSuperUser()) {
return;
}
//最后在判断是否有访问某个控制器里方法的权限;
$arr = userUrl();
$arr = array_column($arr, 'url');
if (!in_array($requestURL, $arr)) {
echo "没有该权限";
exit;
}
}
function addToolbar($item)
{
$canDo = JHotelReservationHelper::getActions();
JRequest::setVar('hidemainmenu', 1);
if ($canDo->get('core.create') && ($item->hotel_state == 0 || isSuperUser(JFactory::getUser()->id))) {
JToolBarHelper::apply('hotel.apply');
JToolBarHelper::save('hotel.save');
}
JToolBarHelper::cancel('hotel.cancel');
}
protected function addToolbar()
{
$canDo = JHotelReservationHelper::getActions();
JRequest::setVar('hidemainmenu', 1);
if ($this->item->state == 0 || isSuperUser(JFactory::getUser()->id)) {
if ($canDo->get('core.create')) {
JToolBarHelper::apply('offer.apply');
JToolBarHelper::save('offer.save');
JToolBarHelper::custom('offer.saveAsNew', 'save.png', 'save.png', 'Duplicate', false, false);
}
}
JToolBarHelper::cancel('offer.cancel');
}
function accessLevel($page)
{
global $tables, $access_levels;
if (!$GLOBALS["require_login"] || isSuperUser()) {
return "all";
}
if (!isset($_SESSION["adminloggedin"])) {
return 0;
}
if (!is_array($_SESSION["logindetails"])) {
return 0;
}
## for non-supers we only allow owner views
## this is likely to need tweaking
return 'owner';
}
function checkHotels($userId, $hotels)
{
if (isSuperUser($userId) || isManager($userId)) {
return $hotels;
}
$db = JFactory::getDBO();
$query = "SELECT b.hotel_id\r\n\t\t\t\t FROM #__users a,\r\n\t\t\t\t\t\t#__hotelreservation_user_hotel_mapping b\r\n\t\t\t\t\tWHERE a.id=b.user_id\r\n\t\t\t\t\t\t and a.id=" . $userId;
$db->setQuery($query);
$userHotels = $db->loadColumn();
if (count($userHotels) == 0) {
return null;
}
for ($i = 0, $a = count($hotels); $i < $a; $i++) {
$hotel = $hotels[$i];
if (!in_array($hotel->hotel_id, $userHotels) > 0) {
unset($hotels[$i]);
}
}
return $hotels;
}
public function menu()
{
//向首页添加菜单栏数据,先判断是不是超级管理员
if (isSuperUser()) {
$menuModel = D('Menu');
$result = $menuModel->getList('id,url,name,parent_id,level');
} else {
$permissionIds = savePermissionID();
// dump($permissionIds);
if ($permissionIds) {
$permissionIdsStr = implode($permissionIds, ',');
$sql = "select distinct m.id,m.name,m.url,m.level,m.parent_id from menu as m join menu_permission as mp on m.id = mp.menu_id where mp.permission_id in ({$permissionIdsStr})";
// dump($sql);
$result = M()->query($sql);
// dump($result);exit;
}
}
$this->assign('menus', $result);
$this->display('menu');
}
function accessLevel($page)
{
global $tables, $access_levels;
if (!$GLOBALS["require_login"] || isSuperUser()) {
return "all";
}
if (!isset($_SESSION["adminloggedin"])) {
return 0;
}
if (!is_array($_SESSION["logindetails"])) {
return 0;
}
# check whether it is a page to protect
Sql_Query("select id from {$tables["task"]} where page = \"{$page}\"");
if (!Sql_Affected_Rows()) {
return "all";
}
$req = Sql_Query(sprintf('select level from %s,%s where adminid = %d and page = "%s" and %s.taskid = %s.id', $tables["task"], $tables["admin_task"], $_SESSION["logindetails"]["id"], $page, $tables["admin_task"], $tables["task"]));
$row = Sql_Fetch_Row($req);
return $access_levels[$row[0]];
}
}
if ($delete) {
Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage"], $delete));
Sql_Query(sprintf('delete from %s where id = %d', $tables["subscribepage_data"], $delete));
Info($GLOBALS['I18N']->get('Deleted') . " {$delete}");
}
print formStart('name="pagelist" class="spageEdit" ');
print '<input type="hidden" name="active[-1]" value="1" />';
## to force the active array to exist
$ls = new WebblerListing($GLOBALS['I18N']->get('subscribe pages'));
$req = Sql_Query(sprintf('select * from %s %s order by title', $tables["subscribepage"], $subselect));
while ($p = Sql_Fetch_Array($req)) {
$ls->addElement($p["id"]);
$ls->setClass($p["id"], 'row1');
$ls->addColumn($p["id"], $GLOBALS['I18N']->get('title'), stripslashes($p["title"]));
if ($require_login && isSuperUser() || !$require_login) {
$ls->addColumn($p["id"], $GLOBALS['I18N']->get('owner'), adminName($p["owner"]));
if ($p["id"] == $default) {
$checked = 'checked="checked"';
} else {
$checked = "";
}
$ls->addColumn($p["id"], $GLOBALS['I18N']->get('default'), sprintf('<input type="radio" name="default" value="%d" %s onchange="document.pagelist.submit()" />', $p["id"], $checked));
} else {
$adminname = "";
$isdefault = "";
}
$ls->addColumn($p["id"], s('active'), sprintf('<input type="checkbox" name="active[%d]" value="1" %s onchange="document.pagelist.submit()" />', $p["id"], $p["active"] ? 'checked="checked"' : ''));
$ls->addRow($p["id"], $p["active"] ? '<span class="yes" title="' . $GLOBALS['I18N']->get('active') . '"></span>' : '<span class="no" title="' . $GLOBALS['I18N']->get('not active') . '"></span>', sprintf('<span class="edit"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('edit') . '">%s</a></span>', PageURL2("spageedit", ""), $p["id"], $GLOBALS['I18N']->get('edit')) . sprintf('<span class="delete"><a class="button" href="javascript:deleteRec(\'%s\');" title="' . $GLOBALS['I18N']->get('delete') . '">%s</a></span>', PageURL2("spage", "", "delete=" . $p["id"]), $GLOBALS['I18N']->get('del')) . sprintf('<span class="view"><a class="button" href="%s&id=%d" title="' . $GLOBALS['I18N']->get('view') . '">%s</a></span>', getConfig("subscribeurl"), $p["id"], $GLOBALS['I18N']->get('view')));
}
print $ls->display();
?>
">Dashboard</a>
<a href="contacts.php" class="menubuttons <?php
if ($pagetitle == "Contact" || $pagetitle == "ContactDetails") {
echo "menubuttonsactive";
}
?>
">Contacts</a>
<a href="campaigns.php" class="menubuttons <?php
if ($pagetitle == "Campaigns") {
echo "menubuttonsactive";
}
?>
">Campaigns</a>
<?php
if (isSuperUser($row_userinfo)) {
?>
<a href="users.php" class="menubuttons <?php
if ($pagetitle == "Users") {
echo "menubuttonsactive";
}
?>
">Users</a>
<?php
}
?>
<span class="headerright">Logged in as <?php
echo $row_userinfo['user_email'];
?>
| <a href="logout.php">Log Out</a> | <a href="profile.php">Update Profile</a> </span><br clear="all" />
echo $room->offer_id . "|" . $room->room_id . "|" . $room->current;
?>
][price][<?php
echo $dayString;
?>
]" id="room_price_<?php
echo $room->id;
?>
_<?php
echo $dayString;
?>
" onBlur="setCustomPrice()" value="<?php
echo $price;
?>
" <?php
if (!isSuperUser(JFactory::getUser()->id)) {
echo "disabled";
}
?>
>
( <?php
echo number_format($room->daily[$dayString]["price_final"], 2);
?>
)
</li>
<?php
$d = strtotime(date('Y-m-d', $d) . ' + 1 day ');
}
?>
</ul>
</div>
$toList = '';
}
print '<div class="actions">
' . PageLinkButton('send&new=1' . $toList, s('Send a campaign')) . PageLinkButton('importsimple', s('Import some more emails')) . '</div>';
}
if (!empty($rejectReport['invalid'])) {
$report .= "\n\n" . s('Rejected email addresses') . ":\n";
$report .= $rejectReport['invalid'];
}
sendMail(getConfig("admin_address"), s('phplist Import Results'), $report);
foreach ($GLOBALS['plugins'] as $pluginname => $plugin) {
$plugin->importReport($report);
}
return;
}
if ($GLOBALS["require_login"] && !isSuperUser()) {
$access = accessLevel("import1");
switch ($access) {
case "owner":
$subselectimp = " where owner = " . $_SESSION["logindetails"]["id"];
break;
case "all":
$subselectimp = "";
break;
case "none":
default:
$subselectimp = " where id = 0";
break;
}
}
if (isset($_GET['list'])) {
if ($GLOBALS["require_login"] && !isSuperUser()) {
$access = accessLevel("bounce");
switch ($access) {
case "all":
$subselect = "";
break;
case "none":
default:
$subselect = " and " . $tables["list"] . ".id = 0";
break;
}
}
if (isset($start)) {
echo "<br />" . PageLink2("bounces", $GLOBALS['I18N']->get('BackToBList'), "start={$start}") . "\n";
}
if (isset($_GET["doit"]) && ($GLOBALS["require_login"] && isSuperUser() || !$GLOBALS["require_login"])) {
if ($useremail) {
$req = Sql_Fetch_Row_Query(sprintf('select id from %s where email = "%s"', $tables["user"], $useremail));
$userid = $req[0];
if (!$userid) {
print "{$useremail} => " . $GLOBALS['I18N']->get('NotFound') . "\n";
}
}
if (isset($userid) && $amount) {
Sql_Query(sprintf('update %s set bouncecount = bouncecount + %d where id = %d', $tables["user"], $amount, $userid));
if (Sql_Affected_Rows()) {
print sprintf($GLOBALS['I18N']->get('AddedToB'), $amount, $userid) . "\n";
} else {
print sprintf($GLOBALS['I18N']->get('AddedToB'), $amount, $userid) . "\n";
}
}
Redirect('list&tab=' . $aListCategories[0]);
}
}
print '<p class="total">' . $total . ' ' . $GLOBALS['I18N']->get('Lists') . '</p>';
$limit = '';
$query = ' select *' . ' from ' . $tables['list'] . $subselect . ' order by listorder ' . $limit;
$result = Sql_query($query);
$numlists = Sql_Affected_Rows($result);
$ls = new WebblerListing(s('Lists'));
/** Always Show a "list" of all subscribers
* https://mantis.phplist.com/view.php?id=17433
* many users are confused when they have more subscribers than members of lists
* this will avoid that confusion
* we can only do this for superusers of course
* */
if (SHOW_LIST_OFALL_SUBSCRIBERS && isSuperUser()) {
$query = ' select count(u.id) as total,' . ' sum(u.confirmed) as confirmed, ' . ' sum(u.blacklisted) as blacklisted ' . ' from ' . $tables['user'] . ' u';
$req = Sql_Query($query);
$membercount = Sql_Fetch_Assoc($req);
$members = $membercount['confirmed'];
$unconfirmedMembers = (int) ($membercount['total'] - $members);
$desc = s('All subscribers');
if ($unconfirmedMembers > 0) {
$membersDisplay = '<span class="memberCount" title="' . s('Confirmed members') . '">' . $members . '</span> <span class="unconfirmedCount" title="' . s('Unconfirmed members') . '">(' . $unconfirmedMembers . ')</span>';
} else {
$membersDisplay = '<span class="memberCount">' . $members . '</span>';
}
$element = '<!-- ' . $row['id'] . '-->' . s('All subscribers');
$ls->addElement($element);
$ls->setClass($element, 'rows row1');
$ls->addColumn($element, $GLOBALS['I18N']->get('Members'), '<div style="display:inline-block;text-align:right;width:50%;float:left;">' . $membersDisplay . '</div><span class="view" style="text-align:left;display:inline-block;float:right;width:48%;"><a class="button " href="./?page=members&id=all" title="' . $GLOBALS['I18N']->get('View Members') . '">' . $GLOBALS['I18N']->get('View Members') . '</a></span>');
}
?>
/><label for="active"><?php
echo $GLOBALS['I18N']->get('Public list (listed on the frontend)');
?>
</label></div>
<div class="label"><label for="listorder"><?php
echo $GLOBALS['I18N']->get('Order for listing');
?>
</label></div>
<div class="field"><input type="text" name="listorder" value="<?php
echo $list["listorder"];
?>
" class="listorder" /></div>
<?php
if ($GLOBALS["require_login"] && (isSuperUser() || accessLevel("editlist") == "all")) {
if (empty($list["owner"])) {
$list["owner"] = $_SESSION["logindetails"]["id"];
}
$admins = $GLOBALS["admin_auth"]->listAdmins();
if (sizeof($admins) > 1) {
print '<div class="label"><label for="owner">' . $GLOBALS['I18N']->get('Owner') . '</label></div><div class="field"><select name="owner">';
foreach ($admins as $adminid => $adminname) {
printf(' <option value="%d" %s>%s</option>', $adminid, $adminid == $list["owner"] ? 'selected="selected"' : '', $adminname);
}
print '</select></div>';
} else {
print '<input type="hidden" name="owner" value="' . $_SESSION["logindetails"]["id"] . '" />';
}
} else {
print '<input type="hidden" name="owner" value="' . $_SESSION["logindetails"]["id"] . '" />';
function generate($title, $user, $object)
{
global $truncateText;
$results = $object->GetList(array(array("onlineuser_onlineuserid", "=", $user->onlineuserId)));
$alt = false;
$rowclass = "";
if (count($results) > 0 || isSuperUser(false)) {
$class = strtolower(get_class($object));
echo "<span class='adminrowheader'>{$title} Admin</span>";
if ($class != "platinum_membership" || isSuperUser(false)) {
echo " - <a href='" . $class . "_form.php' class='newslarge'>create new</a>";
}
echo "<div class=\"spacer\"></div>";
echo "<table class=\"table\">";
if (count($results) == 0) {
if (isSuperUser(false)) {
echo "<tr><td>";
echo "currently have no entries";
echo "</td></tr>";
}
} else {
$hasName = isset($results[0]->name);
$hasHeading = isset($results[0]->heading);
$hasDescription = isset($results[0]->description);
$hasText = isset($results[0]->text);
$hasLink = isset($results[0]->link);
if ($class == "platinum_membership" || $class == "supplier" || $class == "gold_membership") {
$hasStats = true;
} else {
$hasStats = false;
}
echo "<TR>";
if ($hasName) {
echo "<TD>Name</td>";
} elseif ($hasHeading) {
echo "<TD>Heading</td>";
}
if ($hasDescription) {
echo "<TD>Description</td>";
} elseif ($hasText) {
echo "<TD>Text</td>";
}
if ($hasLink) {
echo "<TD>URL</td>";
}
echo "<TD>Created</td>";
echo "<TD>Expires</td>";
echo "<td>Status</td>";
echo "<TD><!-- Functions --></td>";
if ($hasStats && isSuperUser(false)) {
echo "<TD>Impressions</TD>";
echo "<TD>Clicks</TD>";
}
echo "</tr>";
foreach ($results as $obj) {
if ($alt) {
$rowclass = "row_even";
} else {
$rowclass = "row_odd";
}
$alt = !$alt;
echo "<tr>";
if ($hasName) {
echo "<td class=\"{$rowclass}\">" . $obj->name . "</td>";
} else {
if ($hasHeading) {
echo "<td class=\"{$rowclass}\">" . $obj->heading . "</td>";
}
}
if ($hasDescription) {
echo "<td class=\"{$rowclass}\">" . strip_tags(substr($obj->description, 0, $truncateText)) . "...</td>";
} else {
if ($hasText) {
echo "<td class=\"{$rowclass}\">" . strip_tags(substr($obj->text, 0, $truncateText)) . "...</td>";
}
}
if ($hasLink) {
echo "<td class=\"{$rowclass}\">" . $obj->link . "</td>";
}
echo "<td class=\"{$rowclass}\">" . FormatDateTime($obj->dt_created, 7) . "</td>";
echo "<td class=\"{$rowclass}\">" . FormatDateTime($obj->dt_expire, 7) . "</td>";
$classId = $class . "Id";
$status = $class . "_status";
//echo "</td>";
if ($obj->{$status} != "temp" && $obj->dt_expire <= date("Y-m-d")) {
echo "<td class=\"{$rowclass}\">Expired</td><td class=\"{$rowclass}\"><ul>";
echo "<li><a href=\"renew.php?type={$class}&id=" . $obj->{$classId} . "\">Renew</a></li>";
} else {
switch ($obj->{$status}) {
case "temp":
echo "<td class=\"{$rowclass}\">Temporary</td><td class=\"{$rowclass}\"><ul>";
echo "<li><a href=\"activate.php?type={$class}&id=" . $obj->{$classId} . "\">Activate</a></li>";
break;
case "active":
echo "<td class=\"{$rowclass}\">Active</td><td class=\"{$rowclass}\"><ul>";
if (isSuperUser(false)) {
echo "<li><a href=\"deactivate.php?type={$class}&id=" . $obj->{$classId} . "\">Pause</a></li>";
}
break;
case "disabled":
echo "<td class=\"{$rowclass}\">Paused</td><td class=\"{$rowclass}\"><ul>";
if (isSuperUser(false)) {
echo "<li><a href=\"activate.php?type={$class}&id=" . $obj->{$classId} . "\">Continue</a></li>";
}
break;
}
}
echo "<li><a href=\"" . $class . "_form.php?id=" . $obj->{$classId} . "\">Modify</a></li>";
if (($class == "gold_membership" || $class == "supplier") && isSuperUser(false)) {
echo "<li><a href=\"spotlight_form.php?type={$class}&membershipid=" . $obj->{$classId} . "\">Spotlight</a></li>";
}
if (isSuperUser(false)) {
echo "<li><a href=\"#\" onClick=\"sure('{$class}','" . $obj->{$classId} . "')\">Delete</a></li>";
}
echo "</ul>";
echo "</td>";
if ($hasStats && isSuperUser(false)) {
$stats = new Stats();
$results = $stats->GetList(array(array("objectname", "=", $class), array("objectid", "=", $obj->{$classId})));
// we should only get one object back in the array
$statObject = $results[0];
echo "<TD class=\"{$rowclass}\">" . $statObject->impressions . "</td>";
echo "<TD class=\"{$rowclass}\">" . $statObject->clicks . "</td>";
}
echo "</tr>";
}
}
echo "</table>";
}
echo "<br/>";
echo "<br/>";
}
if (TEST) {
print Info($GLOBALS['I18N']->get('Running in testmode, no emails will be sent. Check your config file.'));
}
if (version_compare(PHP_VERSION, '5.1.2', '<') && WARN_ABOUT_PHP_SETTINGS) {
Error($GLOBALS['I18N']->get('phpList requires PHP version 5.1.2 or higher'));
}
if (defined("ENABLE_RSS") && ENABLE_RSS && !function_exists("xml_parse") && WARN_ABOUT_PHP_SETTINGS) {
Warn($GLOBALS['I18N']->get('You are trying to use RSS, but XML is not included in your PHP'));
}
if (ALLOW_ATTACHMENTS && WARN_ABOUT_PHP_SETTINGS && (!is_dir($GLOBALS["attachment_repository"]) || !is_writable($GLOBALS["attachment_repository"]))) {
if (ini_get("open_basedir")) {
Warn($GLOBALS['I18N']->get('open_basedir restrictions are in effect, which may be the cause of the next warning'));
}
Warn($GLOBALS['I18N']->get('The attachment repository does not exist or is not writable'));
}
if (MANUALLY_PROCESS_QUEUE && isSuperUser() && empty($_GET['pi']) && (!isset($_GET['page']) || $_GET['page'] != 'processqueue' && $_GET['page'] != 'messages' && $_GET['page'] != 'upgrade')) {
## avoid error on uninitialised DB
if (Sql_Table_exists($tables['message'])) {
$queued_count = Sql_Fetch_Row_Query(sprintf('select count(id) from %s where status in ("submitted","inprocess") and embargo < now()', $tables['message']));
if ($queued_count[0]) {
$link = PageLinkButton('processqueue', s('Process the queue'));
$link2 = PageLinkButton('messages&tab=active', s('View the queue'));
if ($link || $link2) {
print Info(sprintf(s('You have %s message(s) waiting to be sent'), $queued_count[0]) . '<br/>' . $link . ' ' . $link2);
}
}
}
}
}
# always allow access to the about page
if (isset($_GET['page']) && $_GET['page'] == 'about') {
function saveConfirmation($reservationDetails)
{
try {
$reservaitonId = $reservationDetails->reservationData->userData->confirmation_id;
if (count($reservationDetails->roomNotAvailable) > 0) {
foreach ($reservationDetails->roomNotAvailable as $room) {
$this->setError($room->room_name . " is not available between " . $reservationDetails->reservationData->userData->start_date . " and " . $reservationDetails->reservationData->userData->end_date);
}
return -1;
}
$startDate = $reservationDetails->reservationData->userData->start_date;
$endDate = $reservationDetails->reservationData->userData->end_date;
$reservaitonId = $this->storeConfirmation($reservationDetails);
$this->deleteReservaitonRooms($reservaitonId);
foreach ($reservationDetails->rooms as $room) {
$confirmationRoomId = $this->storeConfirmationRooms($reservaitonId, $room);
$this->storeConfirmationRoomPrices($confirmationRoomId, $room, $startDate, $endDate);
}
$this->deleteReservaitonExtraOptions($reservaitonId);
if (isset($reservationDetails->reservationData->userData->extraOptionIds) && is_array($reservationDetails->reservationData->userData->extraOptionIds)) {
//dmp($reservationDetails->extraOptions);
foreach ($reservationDetails->reservationData->userData->extraOptionIds as $extraOptionId) {
$extraOption = $this->getExtraOption($reservationDetails->extraOptions, $extraOptionId);
$this->storeConfirmationExtraOptions($reservaitonId, $extraOption);
}
}
if (isset($reservationDetails->reservationData->userData->guestDetails)) {
$this->deleteGuestDetails($reservaitonId);
$this->storeConfirmationGuestDetails($reservaitonId, $reservationDetails->reservationData->userData->guestDetails);
}
if (isset($reservationDetails->reservationData->userData->excursions)) {
if (count($reservationDetails->excursions)) {
foreach ($reservationDetails->excursions as $excursion) {
$confirmationExcursionId = $this->storeConfirmationExcursions($reservaitonId, $excursion);
$this->storeConfirmationExcursionPrices($confirmationExcursionId, $excursion, $startDate, $endDate);
}
}
}
if (!isSuperUser(JFactory::getUser()->id)) {
$this->addUser($reservationDetails, $reservaitonId);
}
//exit;
} catch (Exception $ex) {
JError::raiseWarning(500, $ex->getMessage());
return false;
}
//exit;
return $reservaitonId;
}
function prepareVariablesBuckaroo()
{
//TODO - remove this - this is only to calculate exact amount
$this->Reservation_Details_EMail = $this->getReservationDetails($this, false);
$query = " \tSELECT *\r\n\t\tFROM #__hotelreservation_paymentprocessors\r\n\t\tWHERE is_available = 1 AND paymentprocessor_id = " . $this->payment_processor_sel_id . "\r\n\t\tORDER BY paymentprocessor_name\r\n\t\t";
$this->_db->setQuery($query);
$configuration =& $this->_db->loadObject();
if ($configuration->paymentprocessor_type == PROCESSOR_BUCKAROO) {
$buckaroo = new Buckaroo();
if ($configuration->paymentprocessor_mode == 'test') {
$buckaroo->setPaymentServerUrl($configuration->paymentprocessor_address_devel);
} else {
$buckaroo->setPaymentServerUrl($configuration->paymentprocessor_address);
}
$buckaroo->setMerchantId($configuration->paymentprocessor_username);
$buckaroo->setSecretKey($configuration->paymentprocessor_password);
//$buckaroo->addPaymentMeanBrand("IDEAL,VISA,MASTERCARD");
$buckaroo->setCurrencyCode('EUR');
$buckaroo->setNormalReturnUrl(JURI::base() . "index.php/component/jhotelreservation/buckarooresponse");
$buckaroo->setAmount(my_round($this->total_cost > 0 ? $this->total_cost : $this->total - $this->total_payed, 2));
$isSuperUser = isSuperUser(JFactory::getUser()->id);
//if(!$isSuperUser){
// $buckaroo->addRequestedService("iDEAL");
// $buckaroo->addRequestedService("transfer");
// $buckaroo->addRequestedService("Paypal");
// $buckaroo->addRequestedService("Mastercard");
// $buckaroo->addRequestedService("Visa");
// $buckaroo->addRequestedService("payperemail");
//}
//$buckaroo->setAditionalService("creditmanagement");
$buckaroo->setInvoiceNumber($this->getStringIDConfirmation());
$buckaroo->setCulture('nl-NL');
?>
<form target='_self' name='form_<?php
echo $configuration->paymentprocessor_type;
?>
' id= 'form_<?php
echo $configuration->paymentprocessor_type;
?>
' method='post' action='<?php
echo $buckaroo->getPaymentServerUrl();
?>
'>
<div class='div_redirect_paysite'>
<?php
echo JText::_('LNG_WAIT_TO_REDIRECT_PAY_SITE', true);
?>
</div>
<?php
echo $buckaroo->getHtmlFields();
?>
</form>
<script>
window.onload = function(){
//alert(document.forms['form_<?php
echo $configuration->paymentprocessor_type;
?>
']);
document.forms['form_<?php
echo $configuration->paymentprocessor_type;
?>
'].submit();
};
</script>
<?php
}
}
$errorText .= "<LI>Your fax number is {$result}";
}
}
if (($result = validate($password, "password", 45, 6)) !== true) {
$errorText .= "<LI>Your password is {$result}";
}
if ($_POST["readTerms"] != "on") {
$errorText .= "<LI>Please read the terms and then tick the box to proceed";
}
if ($errorText == "") {
$query = $db->Query("SELECT * FROM onlineuser WHERE email='" . $db->Escape($email) . "' LIMIT 1");
if ($db->Rows() > 0) {
$errorText .= "<LI>The email address you have entered is taken";
} else {
$user = new OnlineUser($email, $first_name, $last_name, $password, $address1, $address2, $address3, $postcode, $telephone, $fax, '', 'temp');
if (isSuperUser(false) && $status != "") {
$user->user_status = $status;
}
$userId = $user->Save();
$user = $user->Get($userId);
$created = strtotime($user->dt_created);
$mail = new Emailer();
$mail->setTo($email);
$mail->setFrom($configuration["fromEmail"]);
$mail->setSubject("Fastfoodjobsuk Registration");
$url = "http://www.fastfoodjobsuk.co.uk/register_activate.php?email={$email}&code={$created}";
$mail->bodyAdd("Dear {$first_name} {$last_name}");
$mail->bodyAdd("");
$mail->bodyAdd("Thank you for registering with Fast Food Jobs but as we take your privacy seriously, we just wanted to check you did register with our site.");
$mail->bodyAdd("In order to gain access to all of the web site functionality please click on here: {$url}");
$mail->bodyAdd("");
} else {
print '-> ' . $GLOBALS['I18N']->get('unable to find original email');
}
}
function moveUser($userid)
{
global $tables;
$newlist = $_GET['list'];
Sql_Query(sprintf('delete from %s where userid = %d', $tables['listuser'], $userid));
Sql_Query(sprintf('insert into %s (userid,listid,entered) values(%d,%d,now())', $tables['listuser'], $userid, $newlist));
}
function addUniqID($userid)
{
Sql_query(sprintf('update %s set uniqid = "%s" where id = %d', $GLOBALS['tables']['user'], getUniqID(), $userid));
}
if ($require_login && !isSuperUser() || !$require_login || isSuperUser()) {
$action_result = '';
$access = accessLevel('reconcileusers');
switch ($access) {
case 'all':
if (isset($_GET['option']) && $_GET['option']) {
set_time_limit(600);
switch ($_GET['option']) {
case 'markallconfirmed':
$list = sprintf('%d', $_GET['list']);
if ($list == 0) {
$action_result .= $GLOBALS['I18N']->get('Marking all subscribers confirmed');
Sql_Query("update {$tables['user']} set confirmed = 1");
} else {
$action_result .= sprintf($GLOBALS['I18N']->get('Marking all subscribers on list %s confirmed'), ListName($list));
Sql_Query(sprintf('UPDATE %s, %s SET confirmed =1 WHERE %s.id = %s.userid AND %s.listid= %d', $tables['user'], $tables['listuser'], $tables['user'], $tables['listuser'], $tables['listuser'], $list));
$listsHTML .= '<br/>' . s('If you choose one list only, a checkbox for this list will not be displayed and the subscriber will automatically be added to this list.');
# } else {
# $listsHTML .= s('If you choose one list only, a checkbox for this list will be displayed');
}
}
$listsHTML .= '</p>';
while ($row = Sql_Fetch_Array($req)) {
$listsHTML .= sprintf('<label><input type="checkbox" name="list[%d]" value="%d" %s /> %s</label><div>%s</div>', $row['id'], $row['id'], in_array($row['id'], $selected_lists) ? 'checked="checked"' : '', stripslashes($row['name']), htmlspecialchars(stripslashes($row['description'])));
}
$listsHTML .= '</div>';
print $listsHTML;
print '</div>';
// accordion
$ownerHTML = $singleOwner = '';
$adminCount = 0;
if ($GLOBALS['require_login'] && (isSuperUser() || accessLevel('spageedit') == 'all')) {
if (!isset($data['owner'])) {
$data['owner'] = 0;
}
$ownerHTML .= '<br/>' . $GLOBALS['I18N']->get('Owner') . ': <select name="owner">';
$admins = $GLOBALS['admin_auth']->listAdmins();
$adminCount = count($admins);
foreach ($admins as $adminid => $adminname) {
$singleOwner = '<input type="hidden" name="owner" value="' . $adminid . '" />';
$ownerHTML .= sprintf('<option value="%d" %s>%s</option>', $adminid, $adminid == $data['owner'] ? 'selected="selected"' : '', $adminname);
}
$ownerHTML .= '</select>';
if ($adminCount > 1) {
print $ownerHTML;
} else {
print $singleOwner;
jQuery("#offer-form :input").attr("disabled", true);
jQuery("#offer-form :select").attr("disabled", true);
jQuery("#offer-form :a").attr("href", "#");
}
</script>
<form action="index.php" method="post" name="adminForm" id="offer-form">
<?php
$options = array('onActive' => 'function(title, description){
description.setStyle("display", "block");
title.addClass("open").removeClass("closed");
}', 'onBackground' => 'function(title, description){
description.setStyle("display", "none");
title.addClass("closed").removeClass("open");
}', 'startOffset' => 0, 'useCookie' => true);
if ($this->item->state == 1 && !isSuperUser(JFactory::getUser()->id)) {
echo "<div class='message'>" . JText::_("LNG_OFEFR_LIVE_MODE_MESSAGE") . "</div>";
}
echo JHtml::_('tabs.start', 'tab_room_edit', $options);
echo JHtml::_('tabs.panel', JText::_('LNG_OFFER_DETAILS', true), 'tab1');
include dirname(__FILE__) . DS . 'offerdetails.php';
echo JHtml::_('tabs.panel', JText::_('LNG_ROOMS', true), 'tab2');
include dirname(__FILE__) . DS . 'rooms.php';
echo JHtml::_('tabs.panel', JText::_('LNG_ROOM_DETAILS', true), 'tab3');
include dirname(__FILE__) . DS . 'roomdetails.php';
echo JHtml::_('tabs.panel', JText::_('LNG_EXTRA_OPTIONS', true), 'tab4');
include dirname(__FILE__) . DS . 'extraoptions.php';
//echo JHtml::_('tabs.panel', JText::_('LNG_EXCURSION',true), 'tab5');
//include(dirname(__FILE__).DS.'excursions.php');
echo JHtml::_('tabs.panel', JText::_('LNG_PICTURES'), 'tab6');
include dirname(__FILE__) . DS . 'pictures.php';
$ls->addColumn($element, " ", PageLinkClass('upgrade', $GLOBALS['I18N']->get('Upgrade'), '', 'hometext'));
$ls->setClass($element, "upgrade");
}
if (checkAccess("dbcheck")) {
$some = 1;
$element = $GLOBALS['I18N']->get('dbcheck');
$ls->addElement($element, PageURL2("dbcheck"));
$ls->addColumn($element, " ", PageLinkClass('dbcheck', $GLOBALS['I18N']->get('Check Database structure'), '', 'hometext'));
$ls->setClass($element, "dbcheck");
}
if (checkAccess("eventlog")) {
$some = 1;
$element = $GLOBALS['I18N']->get('eventlog');
$ls->addElement($element, PageURL2("eventlog"));
$ls->addColumn($element, " ", PageLinkClass('eventlog', $GLOBALS['I18N']->get('View the eventlog'), '', 'hometext'));
$ls->setClass($element, "view-log");
}
if (checkAccess("admin") && $GLOBALS["require_login"] && !isSuperUser()) {
$some = 1;
$element = $GLOBALS['I18N']->get('admin');
$ls->addElement($element, PageURL2("admin"));
$ls->addColumn($element, " ", PageLinkClass('admin', $GLOBALS['I18N']->get('Change your details (e.g. password)'), '', 'hometext'));
$ls->setClass($element, "change-pass");
}
if ($some) {
print '<h3><a name="system">' . $GLOBALS['I18N']->get('System Functions') . '</a></h3>';
$ls->noShader();
$ls->noHeader();
print '<div>' . $ls->display() . '</div>';
}
print '</div>';
if (name.indexOf(element.name) >= 0)
document.folderlist.elements[i].checked = isset;
}
}
</script>
<?php
require_once dirname(__FILE__) . '/accesscheck.php';
if (!ALLOW_IMPORT) {
print '<p class="information">' . $GLOBALS['I18N']->get('import is not available') . '</p>';
return;
}
ob_end_flush();
print '<p class="button">' . $GLOBALS['I18N']->get('Import emails from IMAP folders') . '</p>';
$email_header_fields = array("to", "from", "cc", "bcc", "reply_to", "sender", "return_path");
if ($require_login && !isSuperUser()) {
$access = accessLevel("import3");
if ($access == "owner") {
$subselect = " where owner = " . $_SESSION["logindetails"]["id"];
} elseif ($access == "all") {
$subselect = "";
} elseif ($access == "none") {
$subselect = " where id = 0";
}
}
$result = Sql_query("SELECT id,name FROM " . $tables["list"] . " {$subselect} ORDER BY listorder");
while ($row = Sql_fetch_array($result)) {
$available_lists[$row["id"]] = $row["name"];
$some = 1;
}
if (!$some) {
function checkAccess($page)
{
global $tables;
if (!$GLOBALS["require_login"] || isSuperUser()) {
return 1;
}
# check whether it Is a page to protect
Sql_Query("select id from {$tables["task"]} where page = \"{$page}\"");
if (!Sql_Affected_Rows()) {
return 1;
}
$req = Sql_Query(sprintf('select level from %s,%s where adminid = %d and page = "%s" and %s.taskid = %s.id', $tables["task"], $tables["admin_task"], $_SESSION["logindetails"]["id"], $page, $tables["admin_task"], $tables["task"]));
$row = Sql_Fetch_Row($req);
if (!$row[0]) {
return 0;
}
return 1;
}
## we make one column with the subscriber status being "on" or "off"
## two columns are too confusing and really unnecessary
# ON = confirmed && !blacklisted
# $ls->addColumn($user["email"], $GLOBALS['I18N']->get('confirmed'), $user["confirmed"] ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
# if (in_array("blacklist", $columns)) {
$onblacklist = isBlackListed($user['email']);
# $ls->addColumn($user["email"], $GLOBALS['I18N']->get('bl l'), $onblacklist ? $GLOBALS["img_tick"] : $GLOBALS["img_cross"]);
# }
if ($user['confirmed'] && !$onblacklist) {
$ls_confirmed = $GLOBALS['img_tick'];
} else {
$ls_confirmed = $GLOBALS['img_cross'];
}
$ls_del = '';
# $ls->addColumn($user["email"], $GLOBALS['I18N']->get('del'), sprintf('<a href="%s" onclick="return deleteRec(\'%s\');">del</a>',PageUrl2('users'.$find_url), PageURL2("users&start=$start&delete=" .$user["id"])));
if (isSuperUser()) {
$ls_del = sprintf('<a href="javascript:deleteRec(\'%s\');" class="del">del</a>', PageURL2("users&start={$start}&find={$find}&findby={$findby}&delete=" . $user['id']));
}
/* if (isset ($user['foreignkey'])) {
$ls->addColumn($user["email"], $GLOBALS['I18N']->get('key'), $user["foreignkey"]);
}
if (isset ($user["display"])) {
$ls->addColumn($user["email"], " ", $user["display"]);
}
*/
if (in_array('lists', $columns)) {
$lists = Sql_query('SELECT count(*) FROM ' . $tables['listuser'] . ',' . $tables['list'] . ' where userid = ' . $user['id'] . ' and ' . $tables['listuser'] . '.listid = ' . $tables['list'] . '.id');
$membership = Sql_fetch_row($lists);
$ls->addColumn($user['email'], $GLOBALS['I18N']->get('lists'), $membership[0]);
}
if (in_array('messages', $columns)) {
printf(' <a href="%s">%s</a>', getConfig("preferencesurl") . '&uid=' . $user["uniqid"], $GLOBALS['I18N']->get('update page'));
printf(' <a href="%s">%s</a>', getConfig("unsubscribeurl") . '&uid=' . $user["uniqid"], $GLOBALS['I18N']->get('unsubscribe page'));
print ' ' . PageLink2("userhistory&id={$id}", $GLOBALS['I18N']->get('History'));
} else {
$user = array();
$id = 0;
print '<h1>' . $GLOBALS['I18N']->get('Add a new User') . '</h1>';
}
print "<p><h3>" . $GLOBALS['I18N']->get('User Details') . "</h3>" . formStart() . "<table border=1>";
print "<input type=hidden name=list value={$list}><input type=hidden name=id value={$id}>";
print "<input type=hidden name=returnpage value={$returnpage}><input type=hidden name=returnoption value={$returnoption}>";
reset($struct);
while (list($key, $val) = each($struct)) {
list($a, $b) = explode(":", $val[1]);
if ($key == "confirmed") {
if (!$require_login || $require_login && isSuperUser()) {
printf('<tr><td>%s (1/0)</td><td><input type="text" name="%s" value="%s" size=5></td></tr>' . "\n", $GLOBALS['I18N']->get($b), $key, $user[$key]);
} else {
printf('<tr><td>%s</td><td>%s</td></tr>', $b, $user[$key]);
}
} elseif ($key == "password" && ENCRYPTPASSWORD) {
printf('<tr><td>%s (%s)</td><td><input type="text" name="%s" value="%s" size=30></td></tr>' . "\n", $GLOBALS['I18N']->get('encrypted'), $val[1], $key, "");
} elseif ($key == "blacklisted") {
printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get($b), isBlackListed($user['email']));
} else {
if (!strpos($key, '_')) {
if (ereg("sys", $a)) {
printf('<tr><td>%s</td><td>%s</td></tr>', $GLOBALS['I18N']->get($b), $user[$key]);
} elseif ($val[1]) {
printf('<tr><td>%s</td><td><input type="text" name="%s" value="%s" size=30></td></tr>' . "\n", $GLOBALS['I18N']->get($val[1]), $key, $user[$key]);
}
}
++$i;
}
// Do import
} else {
file_put_contents($newfile . '.data', serialize($_POST));
print '<h3>' . s('Importing %d subscribers to %d lists, please wait', count($email_list), count($import_lists)) . '</h3>';
print $GLOBALS['img_busy'];
print '<div id="progresscount" style="width: 200; height: 50;">Progress</div>';
print '<br/> <iframe id="import1" src="./?page=pageaction&action=import1&ajaxed=true&file=' . urlencode(basename($newfile)) . addCsrfGetToken() . '" scrolling="no" height="50"></iframe>';
}
// end else
# print '<p class="button">'.PageLink2("import1",$GLOBALS['I18N']->get('Import some more emails')).'</p>';
} else {
echo FormStart(' enctype="multipart/form-data" name="import"');
if ($GLOBALS['require_login'] && !isSuperUser()) {
$access = accessLevel('import1');
switch ($access) {
case 'owner':
$subselect = ' where owner = ' . $_SESSION['logindetails']['id'];
break;
case 'all':
$subselect = '';
break;
case 'none':
default:
$subselect = ' where id = 0';
break;
}
}
$result = Sql_query('SELECT id,name FROM ' . $tables['list'] . "{$subselect} ORDER BY listorder");
// no direct access
/**
* @copyright Copyright (C) 2008-2009 CMSJunkie. All rights reserved.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU General Public License for more details.
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
defined('_JEXEC') or die('Restricted access');
$isSuperUser = isSuperUser(JFactory::getUser()->id);
$cssDisplay = $isSuperUser ? "block" : "none";
$need_all_fields = true;
?>
<div id="hotel_reservation">
<?php
// require_once JPATH_COMPONENT_SITE.DS.'include'.DS.'reservationinfo.php';
require_once JPATH_COMPONENT_SITE . DS . 'include' . DS . 'reservationsteps.php';
?>
<form action="<?php
echo JRoute::_('index.php');
?>
" method="post" name="userForm" id="userForm">
<div class="hotel_reservation ">
