/**
* List current set of users
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function manage()
{
$objSQL = Core_Classes_coreObj::getDBO();
$objTPL = Core_Classes_coreObj::getTPL();
$objTime = Core_Classes_coreObj::getTime();
$objUser = Core_Classes_coreObj::getUser();
$objTPL->set_filenames(array('body' => cmsROOT . Core_Classes_Page::$THEME_ROOT . 'block.tpl', 'panel' => cmsROOT . 'modules/core/views/admin/users/list.tpl'));
$query = $objSQL->queryBuilder()->select('*')->from('#__users')->orderby('id')->build();
$users = $objSQL->fetchAll($query, 'id');
if (!$users) {
msgDie('INFO', 'Cant query users :/');
return false;
}
foreach ($users as $id => $user) {
switch ($user['userlevel']) {
case ADMIN:
$role = 'Administrator';
break;
case MOD:
$role = 'Moderator';
break;
case USER:
$role = 'User';
break;
}
$objTPL->assign_block_vars('user', array('ID' => $id, 'NAME' => $objUser->makeUsername($id), 'EMAIL' => $user['email'], 'DATE_REGISTERED' => $objTime->mk_time($user['register_date']), 'ROLE' => $role, 'STATUS' => $user['active'] == '1' ? 'Active' : 'Disabled', 'STATUS_LABEL' => $user['active'] == '1' ? 'success' : 'error'));
}
$objTPL->parse('panel', false);
Core_Classes_coreObj::getAdminCP()->setupBlock('body', array('cols' => 3, 'vars' => array('TITLE' => 'User Management', 'CONTENT' => $objTPL->get_html('panel', false), 'ICON' => 'fa-icon-user'), 'custom_html' => array('HTML' => Core_Classes_coreObj::getForm()->inputBox('search_user', 'text', '', array('class' => 'input-mini', 'placeholder' => 'Search..')))));
}
/**
* Tests to see if we have a body handle in the template system, if so output it
*
* @version 1.0
* @since 1.0.0
* @author Dan Aldridge
*
* @return void
*/
public function output()
{
$objTPL = Core_Classes_coreObj::getTPL();
if (!$objTPL->isHandle('body')) {
$page = Core_Classes_coreObj::getPage()->getVar('contents');
if ($page === null) {
msgDie('FAIL', 'No output received from module.');
} else {
echo $page;
}
} else {
echo $objTPL->get_html('body');
}
}
function form_recaptcha($args)
{
global $objTPL;
$file = 'plugins/cscms/class.recaptcha.php';
if (!is_file($file) || !is_readable($file)) {
msgDie('FAIL', 'Fatal Error - 404' . '<br />We have been unable to locate/read the ' . $file . ' file.');
} else {
require_once $file;
}
if (class_exists('Captcha', false) && !is_empty($objTPL->config('site', 'captcha_pub')) && !is_empty($objTPL->config('site', 'captcha_priv'))) {
$objCAPTCHA = new Captcha($objTPL->config('site', 'captcha_pub'), $objTPL->config('site', 'captcha_priv'));
$objCAPTCHA->objTPL = $objTPL;
} else {
return false;
}
if (!HTTP_POST) {
return $objCAPTCHA->outputCaptcha($args);
} else {
return $objCAPTCHA->checkAnswer(User::getIP(), $_POST['recaptcha_challenge_field'], $_POST['recaptcha_response_field']);
}
return false;
}
/**
* Displays the header with an error.
*
* @version 1.0
* @since 0.8.0
*/
function hmsgDie($type, $msg)
{
$objPage = Core_Classes_coreObj::getPage();
// $doSimple = false;
// if(HTTP_AJAX || isset($_GET['ajax']) || $objPage->getVar('simpleTpl')){
// $doSimple = true;
// }
$header = $objPage->getOptions('completed');
if (!$header) {
$objPage->showHeader();
}
msgDie($type, $msg, '', '', '');
}
*/
$url = explode('?', $_SERVER['REQUEST_URI']);
if (isset($url[1])) {
//backup the _GET array parse_str overwrites the $_GET array
$GET = $_GET;
//parse the _GET vars from the url
parse_str($url[1], $_GET);
//and merge away :D
$_GET = array_merge($GET, $_GET);
}
$mode = doArgs('__mode', null, $_GET);
$module = doArgs('__module', null, $_GET);
$action = doArgs('__action', null, $_GET);
$extra = doArgs('__extra', null, $_GET);
if (!preg_match('#install($|/)#i', $action)) {
if (!empty($module) && $objCore->loadModule($module, true)) {
$objModule = new $module($objCore);
$objModule->doAction($action);
} else {
$objCore->throwHTTP(404);
}
} else {
$objCore->autoLoadModule('core', $objModule);
$objModule->installModule($module);
}
$tplMode = $objPage->getVar('tplMode');
$objPage->showHeader(!$tplMode && !isset($_GET['ajax']) ? false : true);
if ($__eval = $objTPL->output('body')) {
msgDie('FAIL', 'No output received from module.');
}
$objPage->showFooter(!$tplMode && !isset($_GET['ajax']) ? false : true);
if ($userava_update === NULL) {
msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0);
}
$avachgr = '<script>top.change_avatar(\'' . $update['avatar'] . '\');top.myLightWindow.deactivate();</script>';
$this->objLogin->setSessions($uid);
msgDie('OK', 'The avatar upload was successful.' . $avachgr, '', '', '', 0);
} else {
msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0);
}
} else {
unset($update);
$update['avatar'] = '/' . root() . 'images/avatars/' . $uid . '/' . $file;
$userava_update = $this->objSQL->updateRow('users', $update, 'id = "' . $uid . '"');
$avachgr = '<script>top.change_avatar(\'' . $update['avatar'] . '\');top.myLightWindow.deactivate();</script>';
if ($userava_update === NULL) {
msgDie('FAIL', 'The upload failed. Please try again.', '', '', '', 0);
}
$this->objLogin->setSessions($uid);
msgDie('OK', 'The avatar upload was successful.' . $avachgr, '', '', '', 0);
}
} else {
$this->objTPL->set_filenames(array('body' => 'modules/profile/template/ava_upload.tpl'));
$form = 'File: ' . $this->objForm->inputbox('file', '', 'avatar', array('class' => 'upload_field', 'extra' => ' size="30"')) . $this->objForm->inputbox('hidden', 30000, 'MAX_FILE_SIZE');
$this->objTPL->assign_vars(array('SFORM' => $this->objForm->start('upload', 'POST', '/' . root() . 'modules/profile/avatar/?action=upload', "\$(\"uploading\").Show;\$(\"uploader\").Hide;", ' enctype="multipart/form-data"'), 'EFORM' => $this->objForm->finish(), 'MSG' => 'Please select the image you wish to use as your avatar.', 'FIELDS' => $form, 'SUBMIT' => $this->objForm->button('Upload', 'submit'), 'IMG' => '/' . root() . 'images/ajax-loading.gif', 'YES' => $this->objForm->button('Yes', 'submit', 'boxgreen'), 'NO' => $this->objForm->button('No', 'submit', 'boxred')));
$this->objTPL->pparse('body');
}
break;
default:
hmsgDie('FAIL', 'No idea what you were trying to do there...');
break;
}
/**
* Generates a full path+filename for the given filename, which can either
* be an absolute name, or a name relative to the rootdir for this Template
* object.
*/
private function make_filename($filename, $handle)
{
// check to see if its a remote template
$from_http = 0;
$fname = $filename;
$filename = str_replace(array('../'), array('/'), $filename);
$extra_info = IS_ADMIN ? '<br /><br />Error: Template "' . $filename . '" not found.' : '';
if (strtolower(substr($filename, 0, 4)) == 'http') {
$from_http = 1;
}
if (!$from_http) {
// Check if it's an absolute or relative path.
if (substr($filename, 0, 1) != '/') {
// this allows loading of a template by url
$filename = realpath(cmsROOT . $filename);
if ($filename === false) {
die('We have encountered a problem with the page you are currently using. ' . $extra_info);
}
$dirsep = stristr(PHP_OS, 'WIN') ? '\\' : '/';
$explode = explode($dirsep, $filename);
$cexplode = count($explode);
$file_name = $explode[$cexplode - 3] . $dirsep . $explode[$cexplode - 1];
}
//play with tempalte overrides
if (!isset($this->override[$handle]) || $this->override[$handle] === true) {
$file_name = isset($file_name) ? $file_name : $filename;
$files = array();
//module/
$file[] = cmsROOT . 'template/' . $this->tpl . '/template/' . $explode[$cexplode - 6] . '/' . $explode[$cexplode - 2] . '/' . $explode[$cexplode - 1];
//module/admin/
$file[] = cmsROOT . 'template/' . $this->tpl . '/template/' . $explode[$cexplode - 4] . '/' . $explode[$cexplode - 2] . '/' . $explode[$cexplode - 1];
//core/admin/
$file[] = 'template/' . $this->tpl . '/template/' . $file_name;
foreach ($file as $f) {
if (file_exists($f)) {
return realpath($f);
}
}
}
if (!file_exists($filename)) {
if (!file_exists(cmsROOT . 'template/default/' . $fname)) {
msgDie('FAIL', 'We have encountered a problem with the page you are currently using. ' . 'A notification has been sent to the administration who will try and fix the problem as soon as possible. ' . $extra_info);
} else {
return realpath(cmsROOT . 'template/default/' . $fname);
}
}
}
return $filename;
}
/**
* Logs the user out
*
* @version 1.0
* @since 1.0.0
* @author Daniel Noel-Davies
*
* @param string $check The user code to verify
*/
public function logout($check)
{
$objSQL = Core_Classes_coreObj::getDBO();
$objUser = Core_Classes_coreObj::getUser();
$objTime = Core_Classes_coreObj::getTime();
$objPage = Core_Classes_coreObj::getPage();
if (!is_empty($check) && $check == $objUser->grab('usercode')) {
$objUser->update($objUser->grab('id'), array('autologin' => '0'));
$objSQL->deleteRow('online', array('userkey = "%s"', $_SESSION['user']['userkey']));
unset($_SESSION['user']);
if (isset($_COOKIE['login'])) {
setCookie('login', '', $objTime->mod_time(time(), 0, 0, 24 * 365 * 10 * 1000 * 1000, 'MINUS'));
unset($_COOKIE['login']);
}
session_destroy();
if (isset($_COOKIE[session_name()])) {
setCookie(session_name(), '', time() - 42000);
}
$objPage->redirect(doArgs('HTTP_REFERER', '/' . root(), $_SERVER), 0);
} else {
$objPage->redirect('/' . root(), 0);
msgDie('FAIL', 'You\'ve Unsuccessfully attempted to logout.<br />Please use the correct procedures.');
}
}
}
if (User::$IS_ONLINE && !$acpCheck && !isset($_GET['ajax'])) {
$objPage->redirect('/' . root() . 'index.php');
}
$objLogin->doLogin(isset($_GET['ajax']) && HTTP_AJAX ? true : false);
break;
case 'active':
if (!isset($_GET['un']) || !isset($_GET['check'])) {
hmsgDie('FAIL', 'Cannot activate your account, Please use all the url sent to you in the email');
} else {
if ($objUser->getUserInfo($_GET['un'], 'active') == 1) {
hmsgDie('Info', 'You account is already active.');
}
if ($objLogin->activateAccount($_GET['un'], $_GET['check'])) {
$objLogin->doError('0x08');
} else {
// Make this into a form
hmsgDie('FAIL', contentParse('Cannot activate your account.
Please email the site administrator at [email]' . $objCore->config('site', 'admin_email') . '[/email]'));
}
}
break;
case 'logout':
$objLogin->logout($_GET['check']);
break;
}
$objPage->showHeader(isset($_GET['ajax']) ? true : false);
if ($objTPL->output('body')) {
msgDie('FAIL', 'No output received.');
}
$objPage->showFooter(isset($_GET['ajax']) ? true : false);
$objTPL->assign_var('MSG', 'Config Written Successfully.');
$objTPL->assign_var('SUBMIT', $objForm->button('submit', 'Next', array('extra' => ' onclick="window.location=\'?action=6\'"')));
$_SESSION['allow_config'] = true;
} else {
$objTPL->assign_var('MSG', 'CONFIG.PHP isnt writable, please chmod it 0777 before continuing. To continue please press Refresh or F5 and RETRY the process');
}
break;
case 6:
include cmsROOT . 'cache/config.php';
//
//--SQL Setup
//
$objSQL = new driver_mysql($config['db']);
//check and see whether we can connect to the db
if (!$objSQL->connect(true, LOCALHOST && cmsDEBUG ? true : false, is_file(cmsROOT . 'cache/ALLOW_LOGGING'))) {
msgDie('FAIL', '<b>Fatal Error</b>: <i>No Connection to the database</i>. SQL Said: ' . $objSQL->error(), __LINE__, __FILE__);
}
unset($config['db']['password']);
//dont want this info being used now :D
if (is_readable('sql.php')) {
include_once 'sql.php';
if (!is_array($sql) || !count($sql)) {
$info = '<font color=red>ERROR: No SQL to process.</font>';
break;
}
$content = '';
foreach ($sql as $s) {
//replace the table prefix's with the wanted version :D
$s = str_replace('cs_', $config['db']['prefix'], $s);
$query = $objSQL->query($s);
$content .= $query === false ? dump($s, mysql_error()) : NULL;
//--Generate a 'Template' for the Session
//
$guest['user'] = array('id' => 0, 'username' => 'Guest', 'theme' => $objCore->config('site', 'theme'), 'userkey' => doArgs('userkey', null, $_SESSION['user']), 'timezone' => doArgs('timezone', $objCore->config('time', 'timezone'), $_SESSION['user']));
//generate user stuff
$config['global'] = array('user' => isset($_SESSION['user']['id']) ? $_SESSION['user'] : $guest['user'], 'ip' => User::getIP(), 'useragent' => doArgs('HTTP_USER_AGENT', null, $_SERVER), 'browser' => getBrowser($_SERVER['HTTP_USER_AGENT']), 'language' => $language, 'secure' => $_SERVER['HTTPS'] ? true : false, 'referer' => doArgs('HTTP_REFERER', null, $_SERVER), 'rootPath' => '/' . root(), 'fullPath' => $_SERVER['REQUEST_URI'], 'rootUrl' => ($_SERVER['HTTPS'] ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . '/' . root(), 'url' => ($_SERVER['HTTPS'] ? 'https' : 'http') . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
//hook the session template, this is the place to add some more if you want
$objPlugins->hook('CMSCore_session_tpl', $config['global']);
$objUser->setIsOnline(!($config['global']['user']['id'] == 0 ? true : false));
$objUser->initPerms();
if (!defined('NO_DB')) {
//start the tracker, this sets out a few things so we can kill, ban etc
$objCore->objUser->tracker();
}
$theme = !User::$IS_ONLINE || !$objCore->config('site', 'theme_override') ? $objCore->config('site', 'theme') : $objUser->grab('theme');
if (!$objPage->setTheme($theme)) {
msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Cannot find template. Please make sure atleast default/ is uploaded correctly and try again.'));
}
if (is_file(cmsROOT . 'modules/core/lang.' . $language . '.php')) {
translateFile(cmsROOT . 'modules/core/lang.' . $language . '.php');
}
//include the templates settings, these will assign them to an array in the page class
if (is_readable(Page::$THEME_ROOT . 'settings.php')) {
include Page::$THEME_ROOT . 'settings.php';
}
//this sets the global theme vars
$objPage->setThemeVars();
//set a default breadcrumb
$objPage->addPagecrumb(array(array('url' => '/' . root(), 'name' => langVar('B_MAINSITE'))));
//
//--Setup modules, online system and bbcode stuffz
//
if ($objForm->loadCaptcha('verify') === false) {
$_error['captcha'] = 'The captcha you provided was incorrect. Please try again.';
}
if (count($_error)) {
$_SESSION['register']['error'] = $_error;
$_SESSION['register']['form'] = $_POST;
$objPage->redirect($objCore->config('global', 'fullPath'), 3, 0);
exit;
}
//set the input array up
$userInfo['username'] = $_POST['username'];
$userInfo['password'] = $_POST['password'];
$userInfo['email'] = $_POST['email'];
$register = $objUser->register($userInfo);
if (!$register) {
msgDie('FAIL', $objUser->error());
}
if ($objPage->config('site', 'register_verification')) {
$user = $objUser->getUserInfo($register);
$emailVars['URL'] = 'http://' . $_SERVER['HTTP_HOST'] . '/' . root() . 'login.php?action=active&un=' . $user['id'] . '&check=' . $user['usercode'];
$emailVars['USERNAME'] = $userInfo['username'];
$emailVars['SITE_NAME'] = $objCore->config('site', 'name');
sendEmail($userInfo['email'], 'E_REG_SUCCESSFUL', $emailVars);
$msg = langVar('L_REG_SUCCESS_EMAIL');
} else {
$msg = langVar('L_REG_SUCCESS_NO_EMAIL');
}
unset($_SESSION['register'], $_SESSION['error'], $query, $userInfo, $_error);
$objCache->generate_statistics_cache();
hmsgDie('INFO', $msg);
}
} else {
msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Cannot open ' . ($langDir . $language . '/main.php') . ' for include.'));
}
//
//-- and now load the rest of the classes
//
$classes['objTPL'] = array($classDir . 'class.template.php', array('root' => '.', 'useCache' => $cacheWritable, 'cacheDir' => $cachePath . 'template/'));
$classes['objPage'] = array($classDir . 'class.page.php');
$classes['objGroups'] = array($classDir . 'class.groups.php');
$classes['objForm'] = array($classDir . 'class.form.php');
$classes['objTime'] = array($classDir . 'class.time.php');
$classes['objNotify'] = array($classDir . 'class.notify.php');
//init these classes
$doneSetup = $objCore->setup($classes);
if (!$doneSetup) {
msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Cannot load CMS Classes, make sure file structure is intact and $cmsROOT is defined properly if applicable.'));
}
//globalise the class names
foreach ($objCore->classes as $objName => $args) {
${$objName} =& $objCore->{$objName};
}
$objSQL = false;
unset($classes, $objCore->classes);
$objPage->setVar('language', $language);
//
//--BBCode Setup
//
$objBBCode = new BBCode();
$objBBCode->SetDebug(true);
$objBBCode->SetDetectURLs(false);
$objBBCode->ClearSmileys();
public static function getDBO()
{
global $errorTPL;
if (!isset(Core_Classes_coreObj::$_classes['database'])) {
$options = self::config('db');
if (!$options) {
trigger_error('Error: Could not obtain values from the configuration file. Please ensure it is present.', E_USER_ERROR);
}
$name = 'Core_Drivers_' . $options['driver'];
$options['persistant'] = true;
$options['debug'] = cmsDEBUG ? true : false;
$options['logging'] = is_file(cmsROOT . 'cache/ALLOW_LOGGING');
$objSQL = new $name(null, $options);
if ($objSQL === false) {
if (!headers_sent()) {
header('HTTP/1.1 500 Internal Server Error');
exit;
}
hmsgDie('FAIL', 'Error: No DB Avaliable');
}
if (!$objSQL->connect()) {
msgDie('FAIL', sprintf($errorTPL, 'Fatal Error', 'Connecting to SQL failed. ' . $objSQL->getVar('errorMsg') . (cmsDEBUG ? '<br />' . $objSQL->getError() : NULL)));
}
Core_Classes_coreObj::$_classes['database'] = $objSQL;
}
return Core_Classes_coreObj::$_classes['database'];
}
