Example #1
0
    public function getContent()
    {
        global $sql;
        //Lang::load('blocks/shoutbox/lang.*.php');
        $err = new Error();
        $note = new Notifier('note-shoutbox');
        $form['author'] = LOGGED ? User::$nickname : '';
        $form['message'] = '';
        if (isset($_POST['reply-shoutbox'])) {
            $form['author'] = LOGGED ? User::$nickname : filter($_POST['author-shoutbox'], 100);
            $form['message'] = filter($_POST['message-shoutbox'], Kio::getConfig('message_max', 'shoutbox'));
            $err->setError('author_empty', t('Author field is required.'))->condition(!$form['author']);
            $err->setError('author_exists', t('Entered nickname is registered.'))->condition(!LOGGED && is_registered($form['author']));
            $err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']);
            // No errors
            if ($err->noErrors()) {
                $sql->exec('
					INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip)
					VALUES (
						' . TIMESTAMP . ',
						"' . $form['author'] . '",
						"' . cut($form['message'], Kio::getConfig('message_max', 'shoutbox')) . '",
						' . UID . ',
						"' . IP . '")');
                $sql->clearCache('shoutbox');
                $note->success(t('Entry was added successfully.'));
                redirect(HREF . PATH . '#shoutbox');
            } else {
                $note->error($err->toArray());
            }
        }
        // If cache for shoutbox doesn't exists
        if (!($entries = $sql->getCache('shoutbox'))) {
            $query = $sql->query('
				SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message
				FROM ' . DB_PREFIX . 'shoutbox s
				LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = s.author_id
				ORDER BY s.id DESC
				LIMIT ' . Kio::getConfig('limit', 'shoutbox'));
            while ($row = $query->fetch()) {
                if ($row['author_id']) {
                    $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
                    $row['message'] = parse($row['message'], Kio::getConfig('parser', 'shoutbox'));
                }
                $entries[] = $row;
            }
            $sql->putCacheContent('shoutbox', $entries);
        }
        try {
            $tpl = new PHPTAL('blocks/shoutbox/shoutbox.tpl.html');
            $tpl->entries = $entries;
            $tpl->err = $err->toArray();
            $tpl->form = $form;
            $tpl->note = $note;
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e->getMessage());
            //echo Note::error($e->getMessage());
        }
    }
Example #2
0
    public function getContent()
    {
        global $sql;
        // $kio->disableRegion('left');
        if (u1 || LOGGED) {
            // TODO: Zamiast zapytania dla własnego konta dać User::toArray()
            $profile = $sql->query('
				SELECT u.*
				FROM ' . DB_PREFIX . 'users u
				WHERE u.id = ' . (ctype_digit(u1) ? u1 : UID))->fetch();
        }
        if ($profile) {
            Kio::addTitle(t('Users'));
            Kio::addBreadcrumb(t('Users'), 'users');
            Kio::addTitle($profile['nickname']);
            Kio::addBreadcrumb($profile['nickname'], 'profile/' . u1 . '/' . clean_url($profile['nickname']));
            Kio::setDescription(t('%nickname's profile', array('%nickname' => $profile['nickname'])) . ($profile['title'] ? ' - ' . $profile['title'] : ''));
            Kio::addTabs(array(t('Edit profile') => 'edit_profile/' . u1));
            if ($profile['birthdate']) {
                $profile['bd'] = $profile['birthdate'] ? explode('-', $profile['birthdate']) : '';
                // DD Month YYYY (Remaining days to next birthday)
                $profile['birthdate'] = $profile['bd'][2] . ' ' . Kio::$months[$profile['bd'][1]] . ' ' . $profile['bd'][0] . ' (' . day_diff(mktime(0, 0, 0, $profile['bd'][1], $profile['bd'][2] + 1, date('y')), t('%d days remaining')) . ')';
                $profile['age'] = get_age($profile['bd'][2], $profile['bd'][1], $profile['bd'][0]);
                if (Plugin::exists('zodiac')) {
                    require_once ROOT . 'plugins/zodiac/zodiac.plugin.php';
                    $profile['zodiac'] = Zodiac::get($profile['bd'][2], $profile['bd'][1]);
                }
            }
            if ($profile['http_agent'] && Plugin::exists('user_agent')) {
                require_once ROOT . 'plugins/user_agent/user_agent.plugin.php';
                $profile['os'] = User_Agent::getOS($profile['http_agent']);
                $profile['browser'] = User_Agent::getBrowser($profile['http_agent']);
            }
            $group = Kio::getGroup($profile['group_id']);
            $profile['group'] = $group['name'] ? $group['inline'] ? sprintf($group['inline'], $group['name']) : $group['name'] : '';
            if ($profile['gender']) {
                $profile['gender'] = $profile['gender'] == 1 ? t('Male') : t('Female');
            }
            try {
                // TODO: Zrobić modyfikator dla funkcji o wielu parametrach (teraz jest tylko jeden możliwy)
                $tpl = new PHPTAL('modules/profile/profile.tpl.html');
                $tpl->profile = $profile;
                return $tpl->execute();
            } catch (Exception $e) {
                return template_error($e);
            }
        } else {
            return not_found(t('Selected user doesn't exists.'), array(t('This person was deleted from database.'), t('Entered URL is invalid.')));
        }
    }
Example #3
0
 public function getContent()
 {
     //Lang::load('blocks/calendar/lang.*.php');
     $today = date('j');
     $month = date('n');
     $year = date('Y');
     if ($month < 8 && $month % 2 == 1 || $month > 7 && $month % 2 == 0) {
         $total_days = 31;
     } else {
         $total_days = $month == 2 ? date('L') ? 29 : 28 : 30;
     }
     $first_day = date('w', mktime(1, 1, 1, $month, 0, $year));
     $last_day = date('w', mktime(1, 1, 1, $month, $total_days - 1, $year));
     if ($first_day != 0) {
         $colspan = $first_day;
     }
     if (6 - $last_day != 0) {
         $colspan2 = 6 - $last_day;
     }
     $days = null;
     for ($day = 1; $day <= $total_days; ++$day) {
         $day_of_week = date('w', mktime(1, 1, 1, $month, $day - 1, $year));
         if ($day == 1 || $day_of_week == 0) {
             $days .= '<tr class="border-1-parent" title="' . t('Week: %week', array('%week' => date('W', mktime(1, 1, 1, $month, $day, $year)))) . '">';
             if ($colspan > 0 && $day == 1) {
                 $days .= '<td colspan="' . $colspan . '" class="empty">&nbsp;</td>';
             }
         }
         $days .= '<td><a';
         if ($day == $today) {
             $days .= ' class="today border-2"';
         }
         $days .= ' href="#' . $day . '.' . $month . '.' . $year . '">' . $day . '</a></td>';
         if ($day == $total_days && $colspan2 > 0) {
             $days .= '<td colspan="' . $colspan2 . '" class="empty">&nbsp;</td>';
         }
         if ($day_of_week == 6 || $day == $total_days) {
             $days .= '</tr>';
         }
     }
     try {
         $tpl = new PHPTAL('blocks/calendar/month_view.html');
         $tpl->days = $days;
         $tpl->month_year = date('m') . '/' . $year;
         return $tpl->execute();
     } catch (Exception $e) {
         return template_error($e->getMessage());
     }
 }
Example #4
0
    public function getContent()
    {
        global $sql;
        $pager = new Pager('users', Kio::getStat('total', 'users'), Kio::getConfig('limit', 'users'));
        $pager->sort(array(t('Nickname') => 'nickname', t('Group') => 'g_name', t('Gender') => 'gender', t('Title') => 'title', t('Location') => 'locality', t('Country') => 'country', t('Registered') => 'registered'), 'registered', 'asc');
        $query = $sql->query('
			SELECT id, name, inline, members
			FROM ' . DB_PREFIX . 'groups
			ORDER BY display_order');
        while ($row = $query->fetch()) {
            if ($row['inline']) {
                $row['name'] = sprintf($row['inline'], $row['name']);
            }
            $groups[] = $row;
        }
        $query = $sql->query('
			SELECT u.id, u.nickname, u.email, u.registered, u.group_id, u.gender, u.locality, u.country, u.communicator, u.title, g.name g_name
			FROM ' . DB_PREFIX . 'users u
			LEFT JOIN ' . DB_PREFIX . 'groups g ON g.id = u.group_id
			ORDER BY ' . $pager->orderBy . '
			LIMIT ' . $pager->limit . '
			OFFSET ' . $pager->offset);
        while ($row = $query->fetch()) {
            $row['nickname'] = User::format($row['id'], $row['nickname'], $row['group_id']);
            switch ($row['gender']) {
                case 1:
                    $row['gender'] = ' <img class="gender" src="' . LOCAL . 'themes/' . THEME . '/images/male.png" alt="' . t('Male') . '" title="' . t('Male') . '" />';
                    break;
                case 2:
                    $row['gender'] = ' <img class="gender" src="' . LOCAL . 'themes/' . THEME . '/images/female.png" alt="' . t('Female') . '" title="' . t('Female') . '" />';
                    break;
                default:
                    $row['gender'] = '';
            }
            $users[] = $row;
        }
        try {
            $tpl = new PHPTAL('modules/users/users.tpl.html');
            $tpl->sort = $pager->sorters;
            $tpl->users = $users;
            $tpl->groups = $groups;
            $tpl->pagination = $pager->getLinks();
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e);
        }
    }
Example #5
0
 public function getContent()
 {
     $err = new Error();
     $note = new Notifier('note-newsletter');
     $form = array();
     $tpl = 'blocks/newsletter/newsletter_form.html';
     if (isset($_POST['add-newsletter']) || isset($_POST['delete-newsletter']) || isset($_POST['delete2-newsletter'])) {
         include_once ROOT . 'blocks/newsletter/action.php';
     }
     try {
         $tpl = new PHPTAL($tpl);
         $tpl->err = $err->toArray();
         $tpl->note = $note;
         $tpl->form = $form;
         return $tpl->execute();
     } catch (Exception $e) {
         return template_error($e->getMessage());
     }
 }
    public function getContent()
    {
        global $sql;
        $this->err = new Error();
        $pager = new Pager('guestbook', Kio::getStat('entries', 'guestbook'), Kio::getConfig('limit', 'guestbook'));
        if (Kio::getConfig('order_by', 'guestbook') == 'DESC') {
            $x = $pager->items + 1 - $pager->offset;
            $y = '$x--;';
        } else {
            $x = $pager->offset;
            $y = '$x++;';
        }
        //		$entries = $sql->getCache('guestbook_'.$pager->current);
        if (!$entries) {
            $stmt = $sql->query('
				SELECT gb.id, gb.added, gb.author, gb.email, gb.website, gb.message, gb.author_id, gb.author_ip,
					u.nickname, u.group_id, u.avatar, u.signature
				FROM ' . DB_PREFIX . 'guestbook gb
				LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = gb.author_id
				ORDER BY gb.id ' . Kio::getConfig('order_by', 'guestbook') . '
				LIMIT ' . $pager->limit . '
				OFFSET ' . $pager->offset);
            if ($stmt->rowCount()) {
                while ($row = $stmt->fetch()) {
                    eval($y);
                    $row['number'] = $x;
                    if ($row['author_id']) {
                        $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
                    }
                    $row['message'] = parse($row['message'], Kio::getConfig('parsers', 'guestbook'));
                    $row['signature'] = $row['signature'] ? parse($row['signature'], Kio::getConfig('parsers', 'guestbook')) : '';
                    $entries[] = $row;
                }
                $sql->putCacheContent('guestbook_' . $pager->current, $entries);
            } else {
                $this->note->info('Jeszcze nikt nie dodał żadnego wpisu.');
            }
        }
        // Editing entry
        if (ctype_digit(u2)) {
            // guestbook/edit/u2
            $edited_id = u1 == 'edit' ? u2 : '';
            if (!User::hasPermit('guestbook edit')) {
                $this->note->error(t('You do not have access to edit entries.'));
            } else {
                if ($edited_id) {
                    $row = $sql->query('
					SELECT id, added, author, author_id, author_ip, email, website, message
					FROM ' . DB_PREFIX . 'guestbook
					WHERE id = ' . $edited_id)->fetch();
                    // Entry exists
                    if ($row) {
                        $form = $row;
                        $form['edit_mode'] = true;
                        if (!$row['author']) {
                            $form['author'] = User::getNickname(BY_ID, $row['author_id']);
                        }
                    } else {
                        $this->note->error(t('Selected entry doesn&apos;t exist.'));
                    }
                }
            }
        }
        if (!$form['edit_mode']) {
            $form['author'] = User::$nickname;
        }
        // Form action
        $add = $_POST['add'] ? true : false;
        $edit = $_POST['edit'] ? true : false;
        // On form submit
        if ($add || $edit) {
            $this->formSumbit();
        } else {
            if (ctype_digit($_POST['delete_id']) && $_POST['auth'] == AUTH && User::hasPermit('guestbook delete')) {
                $sql->exec('
				UPDATE ' . DB_PREFIX . 'stats SET content = content - 1 WHERE name = "guestbook_entries";
				DELETE FROM ' . DB_PREFIX . 'guestbook WHERE id = ' . $_POST['delete_id']);
                $sql->clearCacheGroup('guestbook_*');
            }
        }
        try {
            $tpl = new PHPTAL('modules/guestbook/guestbook.tpl.html');
            $tpl->message_limit = Kio::getConfig('message_max', 'guestbook');
            $tpl->form = $form;
            $tpl->entries = $entries;
            $tpl->err = $this->err->toArray();
            $tpl->note = $this->note;
            $tpl->pagination = $pager->getLinks();
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e);
        }
    }
Example #7
0
    private function getEntries()
    {
        global $sql;
        $pager_url = 'news';
        $category_id = 0;
        if (u1 == 'category') {
            $category_id = (int) u2;
        }
        $total = Kio::getStat('entries', 'news');
        if ($category_id) {
            $category = $sql->setCache('news_categories_' . $category_id)->query('
				SELECT id, name, description, entries
				FROM ' . DB_PREFIX . 'news_categories
				WHERE id = ' . $category_id)->fetch(PDO::FETCH_ASSOC);
            if ($category) {
                $total = $category['entries'];
                if ($category['description']) {
                    Kio::setDescription($category['name'] . ' - ' . $category['description']);
                }
                Kio::addTitle($category['name']);
                Kio::addBreadcrumb($category['name'], 'news/category/' . $category_id . '/' . clean_url($category['name']));
                $pager_url = 'news/category/' . $category_id . '/' . clean_url($category['name']);
            } else {
                return not_found(t('Selected category does not exists.'), array(t('Category was moved or deleted.'), t('Entered URL is invalid.')));
            }
        }
        if (!empty($category) || empty($category)) {
            $this->subcodename = 'entries';
            $pager = new Pager($pager_url, $total, Kio::getConfig('limit', 'news'));
            $stmt = $sql->setCache('news_' . $category_id . '_' . $pager->current)->query('
				SELECT u.nickname, u.group_id, c.id c_id, c.name c_name, c.description c_description, n.*
				FROM ' . DB_PREFIX . 'news n
				LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = n.author_id
				LEFT JOIN ' . DB_PREFIX . 'news_categories c ON c.id = n.category_id
				WHERE ' . ($category_id ? 'c.id = ' . $category_id . '
					AND ' : '') . (LOGGED ? 'n.publication > 0' : 'n.publication = 1') . '
					AND n.added < ' . TIMESTAMP . '
				ORDER BY ' . Kio::getConfig('order_by', 'news') . '
				LIMIT ' . $pager->limit . '
				OFFSET ' . $pager->offset);
            while ($row = $stmt->fetch()) {
                if ($row['author_id']) {
                    $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
                }
                $row['url_title'] = ($row['c_name'] ? clean_url($row['c_name']) . '/' : '') . clean_url($row['title']);
                $row['content'] = parse($row['content'], Kio::getConfig('parsers', 'news'));
                $entries[] = $row;
            }
            try {
                $tpl = new PHPTAL('modules/news/news.tpl.html');
                $tpl->entries = $entries;
                $tpl->pagination = $pager->getLinks();
                return $tpl->execute();
            } catch (Exception $e) {
                return template_error($e);
            }
        }
    }
    public function getContent()
    {
        global $sql;
        $this->note = new Notifier();
        $err = new Error();
        // Redirect logged users to front page
        // Activate account
        // registration/activate/234/sfs9fsefsef36dsdgesefe4td
        if (u1 == 'activate' && ctype_digit(u2)) {
            return $this->accountActivation();
        } else {
            if (Kio::getConfig('type', 'registration') == 0) {
                return $this->note->error('Rejestracja została <strong>wstrzymana</strong>.');
            } else {
                //			Kio::addJsCode('$(\'#check_logname\').click(function(){alert();});');
                // Registering
                if (isset($_POST['register'])) {
                    // filter(string, limit)
                    $form = array('logname' => $_POST['logname'] ? filter($_POST['logname'], 100) : '', 'nickname' => $_POST['nickname'] ? filter($_POST['nickname'], 100) : '', 'pass' => $_POST['pass'] ? filter($_POST['pass'], 100) : '', 'pass2' => $_POST['pass2'] ? filter($_POST['pass2'], 100) : '', 'email' => strtolower(filter($_POST['email'], 100)), 'rules' => $_POST['rules'] ? true : false, 'newsletter' => $_POST['newsletter'] ? 1 : 0, 'pm_notify' => $_POST['pm_notify'] ? 1 : 0, 'hide_email' => $_POST['hide_email'] ? 1 : 0);
                    // Errors
                    $err->setError('logname_empty', t('Logname field is required.'))->condition(!$form['logname']);
                    $err->setError('logname_exists', t('The logname you used is already registered.'))->condition(is_registered($form['logname'], 'logname'));
                    $err->setError('nickname_empty', t('Nickname field is required.'))->condition(!$form['nickname']);
                    $err->setError('nickname_exists', t('The nickname you used is already registered.'))->condition(is_registered($form['nickname'], 'nickname'));
                    $err->setError('pass_empty', t('Password field is required.'))->condition(!$form['pass']);
                    $err->setError('pass_not_match', t('Passwords do not match.'))->condition($form['pass'] != $form['pass2'] && $form['pass']);
                    $err->setError('email_empty', t('E-mail field is required.'))->condition(!$form['email']);
                    $err->setError('email_invalid', t('E-mail address you entered is invalid.'))->condition($form['email'] && !is_email($form['email']));
                    $err->setError('email_exists', t('The e-mail you used is already registered.'))->condition(is_registered($form['email'], 'email'));
                    $err->setError('rules_not_accepted', t('Accepting the rules is required.'))->condition(!$form['rules'] && Kio::getConfig('show_rules', 'registration'));
                    // No errors
                    if ($err->noErrors()) {
                        $blocked = 1;
                        switch (Kio::getConfig('type', 'registration')) {
                            case 1:
                                $blocked = 'NULL';
                                $message = 'Rejestracja przebiegła pomyślnie, możesz się teraz zalogować.';
                                break;
                            case 2:
                                $message = 'Rejestracja przebiegła pomyślnie.<br />Wymagana jest aktywacja konta poprzez kliknięcie w odnośnik wysłany na Twoją skrzynkę e-mail.';
                                break;
                            default:
                                $message = 'Rejestracja przebiegła pomyślnie.<br />Wymagana jest aktywacja konta przez administratora, wówczas zostaniesz powiadomiony e-mail&#39;em.';
                        }
                        // Detect country
                        $form['country'] = end(explode('.', gethostbyaddr(IP)));
                        $form['country'] = $lang_system['COUNTRIES'][$form['country']] ? $form['country'] : '';
                        $stmt = $sql->prepare('
						INSERT INTO ' . DB_PREFIX . 'users
						SET
							logname = :logname,
							nickname = :nickname,
							email = :email,
							pass = :pass,
							registered = :registered,
							country = :country,
							newsletter = :newsletter,
							pm_notify = :pm_notify,
							hide_email = :hide_email,
							blocked = :blocked,
							time_zone = :time_zone,
							ip = :ip,
							auth_code = :auth_code,
							http_agent = :http_agent;
							
						UPDATE ' . DB_PREFIX . 'stats
						SET content = content + 1
						WHERE name = "registered_users"');
                        $stmt->execute(array('logname' => $form['logname'], 'nickname' => $form['nickname'], 'email' => $form['email'], 'pass' => md5($form['pass']), 'registered' => TIMESTAMP, 'country' => $form['country'], 'newsletter' => $form['newsletter'], 'pm_notify' => $form['pm_notify'], 'hide_email' => $form['hide_email'], 'blocked' => 1, 'time_zone' => Kio::getConfig('time_zone'), 'ip' => IP, 'auth_code' => auth_code($form['logname']), 'http_agent' => filter($_SERVER['HTTP_USER_AGENT'], 250)));
                        $this->note->success($message);
                        redirect(HREF . 'registration');
                    } else {
                        $this->note->error($err->toArray());
                    }
                }
                //			// No action
                //			else
                //			{
                //				$this->note->info(array(t('Register and enjoy additional services.')));
                //			}
                try {
                    $tpl = new PHPTAL('modules/registration/registration.tpl.html');
                    $tpl->form = $form;
                    $tpl->entries = $entries;
                    $tpl->err = $err->toArray();
                    $tpl->note = $this->note;
                    return $tpl->execute();
                } catch (Exception $e) {
                    return template_error($e);
                }
            }
        }
    }
Example #9
0
/**
 *
 * @global object $kio
 * @global object $module
 * @param string $message
 * @param array $causes [optional]
 * @param bool $notify [optional]
 */
function not_found($message, $causes = array(), $notify = true)
{
    global $kio, $module;
    if (!$causes) {
        $causes = array(t('Content was moved or deleted.'), t('Entered URL is invalid.'));
    }
    Kio::addTitle(t('Page not found'));
    $module->codename = 'error';
    $module->subcodename = 'not_found';
    $note = new Notifier();
    $note->error(t($message));
    try {
        $tpl = new PHPTAL('system/not_found.html');
        $tpl->causes = $causes;
        $tpl->note = $note;
        echo $tpl->execute();
    } catch (Exception $e) {
        template_error();
    }
}
Example #10
0
            }
            $image['thumbs'][] = $row;
        }
        if ($image['author_id']) {
            $image['author'] = User::format($image['author_id'], $image['nickname'], $image['group_id']);
        }
        // TODO: http://www.pixastic.com/lib/
        $image['src'] = 'modules/gallery/images/' . $image['id'] . '.' . $image['file_extension'];
        //list($image['width'], $image['height']) = getimagesize(ROOT.$image['src']);
        $image['prev'] = $y[$image['current'] - 2];
        $image['next'] = $y[$image['current']];
        $sql->putCacheContent('gallery_image_' . u2, $image);
    }
    if ($image['description']) {
        $kio->description = $image['name'] . ' - ' . $image['description'];
    }
    // http://localhost/~kiocms/?images/gallery/15/5-5-0-0-0-0-0-0-0-0-0/biba.jpg
    try {
        $tpl = new PHPTAL('modules/gallery/image.html');
        $tpl->cfg = $cfg;
        $tpl->image = $image;
        $tpl->thumbs = $image['thumbs'];
        $tpl->comments = '';
        $tpl->comments = $plug->comments($image['id'], 'gallery_images', $image['comments'], 'gallery/image/' . $image['id'] . '/' . clean_url($image['name']));
        echo $tpl->execute();
    } catch (Exception $e) {
        echo template_error($e);
    }
} else {
    echo not_found(sprintf('Zdjęcie o numerze <strong>%s</strong> nie istnieje', u2), array('Zdjęcie zostało usunięte z bazy danych', 'Wprowadzony adres jest nieprawidłowy'));
}
Example #11
0
    public function getContent()
    {
        global $sql;
        if (!LOGGED) {
            return no_access('By mieć dostęp do edycji profilu musisz się zalogować.');
        }
        $note = new Notifier();
        $err = new Error();
        $edit = isset($_POST['edit']) ? true : false;
        $countries = (include 'lang/countries.php');
        asort($countries);
        //Edit user by ID
        if (ctype_digit(u1)) {
            $profile = $sql->query('
				SELECT u.*
				FROM ' . DB_PREFIX . 'users u
				WHERE u.id = ' . u1)->fetch(PDO::FETCH_ASSOC);
            if ($profile) {
                Kio::addTitle(t('Users'));
                Kio::addBreadcrumb(t('Users'), 'users');
                Kio::addTitle($profile['nickname'] . ' - ' . t('Edit profile'));
                Kio::addBreadcrumb($profile['nickname'], 'profile/' . u1);
                Kio::addBreadcrumb(t('Edit profile'), 'edit_profile/' . u1);
                $form = $profile;
            } else {
                return not_found(t('Selected user doesn&apos;t exists.'), array(t('This person was deleted from database.'), t('Entered URL is invalid.')));
            }
        } else {
            $profile = User::toArray();
            Kio::addTitle(t('Edit profile'));
            Kio::addBreadcrumb(t('Edit profile'), 'edit_profile');
        }
        $form = $profile;
        $form['password'] = '';
        $form['password2'] = '';
        $form['birthdate'] = explode('-', $profile['birthdate']);
        $form['newsletter'] = $profile['newsletter'] ? 1 : 0;
        $form['pm_notify'] = $profile['pm_notify'] ? 1 : 0;
        $form['hide_email'] = $profile['hide_email'] ? 1 : 0;
        if (!u1 || $profile) {
            // Edit profile
            if (!empty($edit)) {
                $form = array('nickname' => Kio::getConfig('allow_change_nick', 'edit_profile') ? filter($_POST['nickname'], 100) : User::$nickname, 'password' => filter($_POST['password'], 100), 'password2' => filter($_POST['password2'], 100), 'email' => strtolower(filter($_POST['email'], 100)), 'forename' => $_POST['forename'], 'surname' => $_POST['surname'], 'gender' => $_POST['gender'], 'locality' => $_POST['locality'], 'country' => !empty($countries[$_POST['country']]) ? $_POST['country'] : '', 'communicator' => $_POST['communicator'], 'website' => $_POST['website'], 'birthdate' => array_map('intval', (array) $_POST['birthdate']), 'newsletter' => isset($_POST['newsletter']) ? 1 : 0, 'pm_notify' => isset($_POST['pm_notify']) ? 1 : 0, 'hide_email' => isset($_POST['hide_email']) ? 1 : 0, 'avatar' => $_FILES['avatar']['error'] == 0 && !$_POST['delete_avatar'] ? $_FILES['avatar'] : array(), 'delete_avatar' => isset($_POST['delete_avatar']) ? 1 : 0, 'photo' => isset($_FILES['photo']) ? $_FILES['photo'] : null, 'delete_photo' => isset($_POST['delete_photo']) ? 1 : 0, 'title' => $_POST['title'], 'interests' => $_POST['interests'], 'signature' => $_POST['signature']);
                $allowed_types = array('image/png' => 'png', 'image/jpeg' => 'jpg', 'image/gif' => 'gif');
                // Nickname
                $err->setError('nickname_empty', t('ERROR_NICKNAME_EMPTY'))->condition(!$form['nickname']);
                $err->setError('nickname_exists', t('ERROR_NICKNAME_EXISTS'))->condition(Kio::getConfig('allow_change_nick', 'edit_profile') && $form['nickname'] && strtolower($form['nickname']) != strtolower($profile['nickname']) && is_registered($form['nickname']));
                // Password
                $err->setError('password_differ', t('ERROR_PASSWORD_DIFFER'))->condition($form['password'] != $form['password2']);
                // E-mail
                $err->setError('email_empty', t('ERROR_EMAIL_EMPTY'))->condition(!$form['email']);
                if ($form['email']) {
                    $err->setError('email_invalid', t('ERROR_EMAIL_INVALID'))->condition($form['email'] && !is_email($form['email']));
                    $err->setError('email_exists', t('ERROR_EMAIL_EXISTS'))->condition($form['email'] != $profile['email'] && is_email($form['email']) && is_registered($form['email'], 'email'));
                }
                // Birthdate
                $err->setError('birthdate_invalid', t('ERROR_BIRTHDATE'))->condition(array_sum($form['birthdate']) > 0 && !is_date('Y-n-j', $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2]));
                // Avatar
                if ($form['avatar']) {
                    $err->avatar_invalid_type(t('ERROR_ava'))->condition(!in_array($form['avatar']['type'], array_keys($allowed_types)));
                    $err->avatar_exceeded_max_size(t('ERROR_ava'))->condition(Kio::getConfig('avatar_size_max', 'edit_profile') && !$err->isError('avatar_invalid_type') && $form['avatar']['size'] > Kio::getConfig('avatar_size_max', 'edit_profile'));
                }
                // No errors
                if ($err->noErrors()) {
                    if ($form['delete_avatar']) {
                        unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar);
                    }
                    if ($form['avatar']) {
                        move_uploaded_file($_FILES['avatar']['tmp_name'], ROOT . 'images/avatars/' . $profile['id'] . '.' . $allowed_types[$form['avatar']['type']]);
                        if ($allowed_types[$form['avatar']['type']] != User::$avatar) {
                            unlink(ROOT . 'images/avatars/' . $profile['id'] . '.' . User::$avatar);
                        }
                    }
                    $form['birthdate'] = array_sum($form['birthdate']) > 0 ? $form['birthdate'][0] . '-' . $form['birthdate'][1] . '-' . $form['birthdate'][2] : '';
                    $sql->exec('
						UPDATE ' . DB_PREFIX . 'users
						SET nickname		= "' . (Kio::getConfig('allow_change_nick', 'edit_profile') ? $form['nickname'] : User::$nickname) . '",
							' . ($form['password'] ? 'pass = "' . md5($form['password']) . '",' : '') . '
							email			= "' . $form['email'] . '",
							forename		= "' . $form['forename'] . '",
							surname			= "' . $form['surname'] . '",
							gender			= ' . ($form['gender'] == 1 || $form['gender'] == 2 ? (int) $form['gender'] : 0) . ',
							locality		= "' . $form['locality'] . '",
							country			= "' . $form['country'] . '",
							communicator	= "' . $form['communicator'] . '",
							website			= "' . $form['website'] . '",
							birthdate		= "' . $form['birthdate'] . '",
							newsletter		= ' . $form['newsletter'] . ',
							pm_notify		= ' . $form['pm_notify'] . ',
							hide_email		= ' . $form['hide_email'] . ',
							' . ($form['avatar'] ? 'avatar = "' . $allowed_types[$form['avatar']['type']] . '",' : ($form['delete_avatar'] ? 'avatar = "",' : '')) . '
							title			= "' . $form['title'] . '",
							interests		= "' . $form['interests'] . '",
							signature		= "' . $form['signature'] . '"
						WHERE id = ' . $profile['id']);
                    $note->success(t('Your profile was modified successfully.'));
                    redirect(HREF . 'edit_profile');
                } else {
                    $note->error($err->toArray());
                }
            }
            try {
                $tpl = new PHPTAL('modules/edit_profile/edit_profile.tpl.html');
                $tpl->profile = $profile;
                $tpl->countries = $countries;
                $tpl->allow_change_nick = Kio::getConfig('allow_change_nick', 'edit_profile');
                $tpl->form = $form;
                $tpl->err = $err->toArray();
                $tpl->note = $note;
                return $tpl->execute();
            } catch (Exception $e) {
                return template_error($e);
            }
        }
    }
Example #12
0
    private function getAlbumList()
    {
        global $sql;
        $this->subcodename = 'albums';
        $pager = new Pager('pm/' . u1, Kio::getStat('images', 'gallery'), Kio::getConfig('limit', 'gallery'));
        //		$albums = Cache::get('gallery_albums_'.$pager->current.'.txt');
        $albums = $sql->setCache('gallery_' . $pager->current)->query('
			SELECT id, name, description, added, thumbnail, images
			FROM ' . DB_PREFIX . 'gallery_albums
			LIMIT ' . $pager->limit . '
			OFFSET ' . $pager->offset)->fetchAll(PDO::FETCH_ASSOC);
        try {
            $tpl = new PHPTAL('modules/gallery/gallery.tpl.html');
            $tpl->albums = $albums;
            $tpl->pager = $pager;
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e);
        }
    }
Example #13
0
    public function getContent()
    {
        global $sql, $user, $cfg;
        //Lang::load('blocks/shoutbox/lang.*.php');
        $err = new Error();
        $note = new Notifier('note-shoutbox');
        $form = array();
        $form['author'] = $user->nickname;
        if ($_POST['reply-shoutbox']) {
            $form['author'] = LOGGED ? $user->nickname : filter($_POST['author-shoutbox'], 100);
            $form['message'] = filter($_POST['message-shoutbox'], $cfg->shoutbox['message_max']);
            $err->author_empty(t('Field <strong>author</strong> can not be empty.'), !$form['author']);
            $err->author_exists(t('Entered <strong>nickname</strong> is registered.'), !LOGGED && is_registered($form['author']));
            $err->message_empty(t('Field <strong>message</strong> can not be empty.'), !$form['message']);
            // No errors
            if (!$err->count()) {
                $sql->exec('
					INSERT INTO ' . DB_PREFIX . 'shoutbox (added, author, message, author_id, author_ip)
					VALUES (
						' . TIMESTAMP . ',
						"' . $form['author'] . '",
						"' . cut($form['message'], $cfg->shoutbox['message_max']) . '",
						' . $user->id . ',
						"' . IP . '")', 'shoutbox.txt');
                $note->success(t('Entry was added successfully.'));
                redirect(HREF . PATH . '#shoutbox');
            } else {
                $note->error($err);
            }
        }
        // If cache for shoutbox doesn't exists
        if (!($entries = $sql->getCache('shoutbox'))) {
            $query = $sql->query('
				SELECT u.nickname, u.group_id, s.added, s.author, s.author_id, s.message
				FROM ' . DB_PREFIX . 'shoutbox s, ' . DB_PREFIX . 'users u
				WHERE u.id = s.author_id
				ORDER BY s.id DESC
				LIMIT ' . $cfg->shoutbox['limit']);
            while ($row = $query->fetch()) {
                if ($row['author_id']) {
                    $row['author'] = User::format($row['author_id'], $row['nickname'], $row['group_id']);
                    $row['message'] = parse($row['message'], $cfg->shoutbox['parser']);
                }
                $entries[] = $row;
            }
            $sql->putCacheContent('shoutbox', $entries);
        }
        try {
            $tpl = new PHPTAL('blocks/shoutbox/sbox_overall.html');
            $tpl->cfg = $cfg;
            $tpl->entries = $entries;
            $tpl->err = $err->toArray();
            $tpl->form = $form;
            $tpl->note = $note;
            $tpl->user = $user;
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e->getMessage());
            //echo Note::error($e->getMessage());
        }
    }
Example #14
0
 /**
  * Open inc tag handler.
  * 
  * @access	private
  * @param	associative array	$node
  * @return	string
  * 
  */
 function _inc($node)
 {
     // evaluate the node name
     $node['attributes']['name'] = $this->exp->evaluate($node['attributes']['name'], $node, 'string', true);
     if ($node['type'] != 'complete') {
         $this->ignoreUntilLevel($node['level']);
     }
     if ($node['attributes']['type'] == 'csv') {
         if (!empty($node['attributes']['delimiter'])) {
             $delimiters = array('tab' => "\t", 'comma' => ',', 'colon' => ':', 'pipe' => '|', 'semicolon' => ';');
             if (isset($delimiters[$node['attributes']['delimiter']])) {
                 $delimiter = $delimiters[$node['attributes']['delimiter']];
             } else {
                 $delimiter = $node['attributes']['delimiter'];
             }
         } else {
             $delimiter = $delimiters['comma'];
         }
         $out = "<table>\n";
         $data = @file($this->path() . '/' . $node['attributes']['name']);
         if (!is_array($data)) {
             return '';
         }
         if ($node['attributes']['header'] == 'yes') {
             $headers = array_shift($data);
             $out .= "\t<tr>\n";
             foreach (preg_split('/' . $delimiter . '/', $headers) as $header) {
                 $out .= "\t\t<th>" . $header . "</th>\n";
             }
             $out .= "\t</tr>\n";
         }
         foreach ($data as $line) {
             $out .= "\t<tr>\n";
             foreach (preg_split('/' . $delimiter . '/', $line) as $item) {
                 $out .= "\t\t<td>" . $item . "</td>\n";
             }
             $out .= "\t</tr>\n";
         }
         return $out . "<table>\n";
     } elseif ($node['attributes']['type'] == 'messy') {
         return $this->messy($node['attributes']['name'], $this->exp->register['object']);
     } elseif ($node['attributes']['type'] == 'simple') {
         return template_simple($node['attributes']['name'], $this->exp->register['object']);
     } elseif ($node['attributes']['type'] == 'virtual') {
         //ob_start ();
         if (strpos($node['attributes']['name'], '/') === 0 || strpos($node['attributes']['name'], '://') === false) {
             $url = site_url() . $node['attributes']['name'];
         } else {
             $url = $node['attributes']['name'];
         }
         //include ($url);
         //$o = ob_get_contents ();
         //ob_end_clean ();
         $o = @join('', @file($url));
         return $o;
     } elseif ($node['attributes']['type'] == 'xml') {
         $this->ignoreUntilLevel(-1);
         $this->open = true;
         $this->xmlinc = array('node' => $node, 'struct' => '');
         $this->open_var =& $this->xmlinc['struct'];
         return '';
     } elseif ($node['attributes']['type'] == 'plain') {
         return @join('', @file($this->path() . '/' . $node['attributes']['name']));
     } else {
         // type is 'xt' or not specified
         $o = template_xt($node['attributes']['name'], $this->exp->register['object']);
         if ($o === false) {
             return '<!-- ' . template_error() . ' (' . template_err_line() . ', ' . template_err_colnum() . ') -->';
         }
         return $o;
     }
 }
Example #15
0
function show_mysql_error($query, $sql_error)
{
    template_error("Error in SQL: {$sql_error}<BR>Query: {$query}<BR>");
    exit(1);
}
Example #16
0
    public function getContent()
    {
        global $sql;
        $this->err = new Error();
        $this->pager = new Pager('guestbook', Kio::getStat('entries', 'guestbook'), Kio::getConfig('limit', 'guestbook'));
        $show_form = true;
        $entries = $this->getEntries();
        // Editing entry
        if (ctype_digit(u2)) {
            // guestbook/edit/u2
            $edited_id = u1 == 'edit' ? u2 : '';
            if (!User::hasPermit('guestbook edit')) {
                $this->note->error(t('You don&apos;t have access to edit entries.'));
                $show_form = false;
            } else {
                if ($edited_id) {
                    $row = $sql->query('
					SELECT id, added, author, author_id, author_ip, email, website, message
					FROM ' . DB_PREFIX . 'guestbook
					WHERE id = ' . $edited_id)->fetch();
                    // Entry exists
                    if ($row) {
                        $form = $row;
                        $this->edit_mode = true;
                        if (!$row['author']) {
                            $form['author'] = User::getNickname(BY_ID, $row['author_id']);
                        }
                    } else {
                        $this->note->error(t('Selected entry doesn&apos;t exist.'));
                    }
                }
            }
        }
        if (!$this->edit_mode) {
            $form['author'] = User::$nickname;
        }
        // Form action
        $add = isset($_POST['add']) ? true : false;
        $edit = isset($_POST['edit']) ? true : false;
        // On form submit
        if ($add || $edit) {
            $form = $this->formSumbit();
        } else {
            if (isset($_POST['delete_id']) && ctype_digit($_POST['delete_id']) && $_POST['auth'] == AUTH && User::hasPermit('guestbook delete')) {
                $sql->exec('
				UPDATE ' . DB_PREFIX . 'stats SET content = content - 1 WHERE name = "guestbook_entries";
				DELETE FROM ' . DB_PREFIX . 'guestbook WHERE id = ' . $_POST['delete_id']);
                $sql->clearCacheGroup('guestbook_*');
            }
        }
        try {
            $tpl = new PHPTAL('modules/guestbook/guestbook.tpl.html');
            $tpl->message_limit = Kio::getConfig('message_max', 'guestbook');
            $tpl->form = $form;
            $tpl->edit_mode = $this->edit_mode;
            $tpl->entries = $entries;
            $tpl->err = $this->err->toArray();
            $tpl->show_form = $show_form;
            $tpl->note = $this->note;
            $tpl->pagination = $this->pager->getLinks();
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e);
        }
    }
Example #17
0
<?php

page_title('SiteTemplate - Validation Error');
$data = array('error' => '', 'err_ln' => '', 'err_cl' => '');
$error = template_validate($parameters['body']);
if ($error == 1) {
    //the template is valid
    page_title('SiteTemplate - Template Valid');
    echo template_simple('tpl_validate_noerr.spt', $data);
} else {
    //the template has errors, find the line with errors
    $data['error'] = template_error($parameters['body']);
    $data['err_ln'] = template_err_line($parameters['body']);
    $data['err_cl'] = template_err_colnum($parameters['body']);
    echo template_simple('tpl_validate.spt', $data);
    $list = preg_split('/(\\r\\n|\\n\\r|\\r|\\n)/s', $parameters['body']);
    echo '<pre style="padding: 10px; background-color: #eee; border: 1px solid #aaa">';
    foreach ($list as $key => $e) {
        if ($key > $data['err_ln'] - 8 && $key < $data['err_ln'] + 6) {
            if ($key == $data['err_ln'] - 1) {
                echo '<span STYLE="background-color:#ff0">' . ($key + 1) . ' ' . htmlentities($e) . '</span><br />';
            } else {
                echo $key + 1 . ' ' . htmlentities($e) . '<br />';
            }
        }
    }
    echo '</pre>';
}
Example #18
0
    public function getContent()
    {
        global $sql;
        $err = new Error();
        $form = array();
        if (Kio::getConfig('informations', 'contact')) {
            $info = Notifier::factory('note-contact_info')->info(parse(Kio::getConfig('informations', 'contact'), BBCODE . AUTOLINKS . EMOTICONS . CENSURE . PRE));
        }
        if (isset($_POST['send'])) {
            // Form values
            $form = array('receiver' => filter($_POST['receiver'], 100), 'sender' => LOGGED ? User::$nickname : filter($_POST['sender'], 100), 'email' => LOGGED ? User::$email : filter($_POST['email'], 100), 'subject' => filter($_POST['subject'], 100), 'message' => filter($_POST['message'], 250));
            if (!empty($_COOKIE[COOKIE . '-flood-contact']) && Kio::getConfig('flood_interval')) {
                $err->setError('flood', t('ERROR_FLOOD'));
            } else {
                // Errors
                if (!LOGGED) {
                    $err->setError('sender_empty', t('Sender field is required.'))->condition(!$form['sender']);
                    $err->setError('sender_exists', t('ERROR_SENDER_EXISTS'))->condition(is_registered($form['sender'], 'nickname'));
                    $err->setError('email_empty', t('E-mail address field is required.'))->condition(!$form['email']);
                    $err->setError('email_invalid', t('ERROR_EMAIL_INVALID'))->condition($form['email'] && !is_email($form['email']));
                }
                //				$err->setError('phone_invalid', t('ERROR_PHONE_INVALID'))
                //					->condition($form['phone'] && !preg_match('#^[0-9 ()+-]+$#', $form['phone']));
                $err->setError('subject_empty', t('Subject field is required.'))->condition(!$form['subject']);
                $err->setError('message_empty', t('Message field is required.'))->condition(!$form['message']);
            }
            if ($err->noErrors()) {
                $from = "From: {$form['email']}2";
                $msg = "Imię: {$imie}\nE-Mail: {$form['email']}2\nTelefon: {$telefon}\n\nTreść wiadomości:\n{$form['message']}\n\n\n----\nWiadomość została wysłana ze strony {$adres}\nIP: {$ip}";
                echo mail($form['email'], $temat, $msg, $from) ? $note->success(t('SUCCESS')) . redirect() : $note->error(t('Wystąpił błąd, spróbuj wysłać później'));
                if (Kio::getConfig('flood_interval')) {
                    setcookie(COOKIE . '-contact', 'true', TIMESTAMP + Kio::getConfig('flood_interval') + 1, '/');
                }
                $to = "someone@example.com";
                $subject = "Test mail";
                $message = "Hello! This is a simple email message.";
                $from = "someonelse@example.com";
                $headers = "From: {$from}";
                mail($to, $subject, $message, $headers);
            } else {
                $this->note->error($err->toArray());
            }
        }
        $stmt = $sql->setCache('contact')->prepare('
			SELECT id, nickname, group_id
			FROM ' . DB_PREFIX . 'users
			WHERE id IN (:receivers)');
        $stmt->bindParam(':receivers', Kio::getConfig('receivers', 'contact'));
        $stmt->execute();
        while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
            $row['g_name'] = Kio::getGroup($row['group_id'], 'name');
            $receivers[] = $row;
        }
        try {
            $tpl = new PHPTAL('modules/contact/contact.tpl.html');
            $tpl->message_limit = Kio::getConfig('message_max', 'contact');
            $tpl->form = $form;
            $tpl->user = User::toArray();
            $tpl->receivers = $receivers;
            $tpl->err = $err->toArray();
            $tpl->note = $this->note;
            $tpl->info = isset($info) ? $info : '';
            return $tpl->execute();
        } catch (Exception $e) {
            return template_error($e);
        }
    }
Example #19
0
    private function getMessage()
    {
        global $sql;
        Kio::addTitle(t(ucfirst(u1)));
        Kio::addBreadcrumb(t(ucfirst(u1)), 'pm/' . u1);
        // Get message content
        $message = $sql->query('
			SELECT pm.*, u.nickname, u.group_id, u.avatar
			FROM ' . DB_PREFIX . 'pm pm
			LEFT JOIN ' . DB_PREFIX . 'users u ON u.id = pm.connector_id
			WHERE pm.id = ' . (int) u3 . ' AND pm.owner_id = ' . UID)->fetch(PDO::FETCH_ASSOC);
        // Message exists
        if ($message) {
            Kio::addTitle($message['subject']);
            Kio::addBreadcrumb($message['subject'], 'pm/' . u1 . '/read/' . u3);
            $this->subcodename = 'read';
            // Sender/Recipient has id (is registered)
            if ($message['connector_id']) {
                $message['nickname'] = User::format($message['connector_id'], $message['nickname'], $message['group_id']);
            }
            // Mark as read
            if (!$message['is_read']) {
                $sql->exec('
					UPDATE ' . DB_PREFIX . 'pm
					SET is_read = 1
					WHERE id = "' . (int) $message['id'] . '"');
            }
            try {
                $tpl = new PHPTAL('modules/pm/read.tpl.html');
                $tpl->message = $message;
                return $tpl->execute();
            } catch (Exception $e) {
                return template_error($e);
            }
        } else {
            return not_found();
        }
    }