/**
* Function is responsible for setting the current page. this function will
* use the information provided in the requested string.
*
*/
function five_request()
{
//initializing
global $page;
$page = 'main';
$get = BRequest::get('get');
if ($tmp = BRequest::getVar('page')) {
$page = $tmp;
}
}
/**
* Function is responsible for validating a safe file and saving it to the
* associated directory, then returning the target path
*
* @param array $fileArray
* @param string $type
* @param string $directory
* @return string
*/
function save_file($fileArray, $type = null, $directory = '')
{
//reasons to fail
if (!BRequest::get('files', false) || !is_array($fileArray)) {
return false;
}
if (!file_is_safe($fileArray, $type)) {
return false;
}
//initializing
$parts = pathinfo($fileArray['name']);
$original_name = $parts['basename'];
$target_path = FivePath::clean(strtolower(UPLOADS . DS . $directory . DS . create_guid() . '.' . $parts['extension']));
if (!move_uploaded_file($fileArray['tmp_name'], $target_path)) {
return false;
}
//success
return str_replace(ABSPATH, '', $target_path);
}
function pms_set_rating()
{
if (!is_user_logged_in() || !isset($_REQUEST['rating'])) {
return '2';
}
$userid = get_current_user_id();
$item = BRequest::getVar('method');
$itemid = BRequest::getVar('i');
$date = time();
$update = "update ratings set rating='" . BRequest::getVar('rating') . "',date_added='" . $date . "' where item='" . $item . "' and itemid='" . $itemid . "' and userid='" . $userid . "'";
$result = mysql_query($update) or die(mysql_error());
if (mysql_affected_rows() == 0) {
$query = "insert into ratings set rating='" . BRequest::getVar('rating') . "', item='" . $item . "', itemid='" . $itemid . "', userid='" . $userid . "', date_added='" . $date . "'";
if (mysql_query($query)) {
return '1';
} else {
return '0';
}
} else {
return '1';
}
}
$_SESSION['registration']['reqtoken'] = 'PROMO';
$_SESSION['registration']['amt'] = 0.0;
}
//@todo process the credit card
if ($has && !$promo) {
$post['amount'] = '20.00';
$post['products'] = array(array('name' => 'Services Registration', 'price' => '20.00', 'qty' => '1', 'sku' => '02201'));
$auth = apply_filters('captureCreditCard', $post);
if ($auth['auth'] == 'ACCEPT') {
$query = "update cybersource set reqid='" . $auth['reqid'] . "',reqtoken='" . $auth['reqtoken'] . "' where id='" . $csid . "'";
if (!mysql_query($query)) {
die(ERROR_MSG_CRITICAL1);
}
$_SESSION['registration']['reqid'] = $auth['reqid'];
$_SESSION['registration']['reqtoken'] = $auth['reqtoken'];
$_SESSION['registration']['amt'] = BRequest::getVar('total');
} else {
set_error($auth['errorMsg']);
$has = false;
}
}
//If there's no error, then redirect
if ($has) {
$groups =& FiveTable::getInstance('groups');
$groups->loadByUserID(get_current_user_id());
$groups->business = 1;
$groups->store();
redirect(Router::url(array('controller' => 'user', 'action' => 'profile')));
}
}
require $view;
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
//initializing
$user = FiveTable::getInstance('user');
if (BRequest::getVar('verify', false)) {
// LOGIN USER
mysql_query("update user set status='active' where secToken='" . BRequest::getVar('verify', false) . "'") or die(mysql_error());
$result = mysql_query("select id,username,email,zip from user where secToken='" . BRequest::getVar('verify', false) . "'") or die(mysql_error());
$row = mysql_fetch_row($result);
set_session($row[0], stripslashes($row[1]), stripslashes($row[2]), $row[3]);
$user->load(get_current_user_id());
set_notice('Please make sure to update your password before continuing.');
}
//redirect if successful
if (!is_user_logged_in()) {
redirect(Router::url(array('controller' => 'user', 'action' => 'login')));
}
//loading the user
$user->load(get_current_user_id());
if ($post = BRequest::get('post', false)) {
//$user->load( get_current_user_id() );
if ($user->save($post)) {
set_notice("Profile Saved.");
} else {
set_error($user->getErrors());
}
}
require $view;
/**
* Checks to see if there's a user type
*
*/
function is_user_type()
{
if ($type = BRequest::getVar('user_type', false)) {
return $type;
}
return false;
}
/**
* Function is responsible for forcing the page to be ssl
*
* @return unknown
*/
function force_ssl($url = null)
{
//loading configuration settings
$five_config = fiveConfigurations();
//reasons to return
if ($five_config->base->force_ssl == '') {
return false;
}
if (BRequest::getVar("HTTPS", false) == "on") {
return false;
}
if (BRequest::getVar("SERVER_PORT", false) == 443) {
return false;
}
if (is_null($url)) {
//redirect( SITE_BASEURL_SECURE.substr($_SERVER['REQUEST_URI'],1) );
$url = BRequest::getVar("SERVER_NAME", url()) . BRequest::getVar("REQUEST_URI");
}
//redirect to secure url
redirect($url);
}
//redirect if successful
if (is_user_logged_in()) {
redirect(Router::url(array('controller' => 'user', 'action' => 'profile')));
}
if (BRequest::get('post', false)) {
$user = FiveTable::getInstance('user');
$parts = explode(' ', BRequest::getVar('name', ''));
$user->firstName = $parts[0];
if (isset($parts[1])) {
unset($parts[0]);
$user->lastName = implode(' ', $parts);
}
$user->email = BRequest::getVar('email', false);
if (!$user->check()) {
set_error($user->getErrors());
} elseif (!BRequest::getVar('agree', false)) {
set_error('Make sure to agree to the Terms of Use.');
} else {
$password = createRandomPassword();
$user->password = pw_encode($password);
// this function also does a store procedure
$secToken = $user->setRegistrationToken();
$user->store();
// send verification email
$to = 'New User <' . $user->email . '>';
$args = array('subject' => EMAIL_REGISTER_SUBJECT, 'username' => $user->email, 'password' => $password, 'site_name' => SITE_NAME, 'site_title' => SITE_TITLE, 'verifyURL' => url("user/account?verify={$secToken}"));
$returnOutput = get_show_view('email-register', $args);
// CALL SEND EMAIL
send_email($to, EMAIL_REGISTER_SUBJECT, $returnOutput, EMAIL_REGISTER_FROM);
//success
set_session($user->id, $user->username, $user->email, $user->zip);
$ratings_newest = BRequest::getVar('s') == 'r' && BRequest::getVar('r') == 'n' ? 'active' : '';
$ratings_oldest = BRequest::getVar('s') == 'r' && BRequest::getVar('r') == 'o' && !BRequest::getVar('p', false) ? 'active' : '';
$ratings_rating = BRequest::getVar('s') == 'r' && !BRequest::getVar('r', false) ? 'active' : '';
$ratings_like = BRequest::getVar('s') == 'l' && BRequest::getVar('r') == 'o' ? 'active' : '';
$hight_low = BRequest::getVar('p') == 'h' && BRequest::getVar('s') == 'r' && BRequest::getVar('r') == 'o' ? 'active' : '';
$querystring = array();
$querystring['s'] = BRequest::getVar('s');
$querystring['p'] = BRequest::getVar('p');
$querystring['r'] = BRequest::getVar('r');
$parts = explode('?', $_SERVER['REQUEST_URI']);
$uri = $parts[0];
?>
<div class="index_filters">
<div style="width:80px;height:30px;position:relative;float:left;">
</div>
<div class="filters_buttons">
<div class="filter_button fbl"><a href="<?php
$querystring['ppage'] = BRequest::getInt('ppage') - 1;
echo Router::normalize($uri, $querystring);
?>
">Previous</a></div>
<div class="filter_button fbr"><a href="<?php
$querystring['ppage'] = BRequest::getInt('ppage') + 1;
echo Router::normalize($uri, $querystring);
?>
">Next</a></div>
</div>
</div>
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
// AJAX CALL - SET LIKE
if (BRequest::getVar('call', false) == 'sl') {
if (preg_match('/^[0-9]{1,20}$/i', BRequest::getVar('i', false)) && preg_match('/^[a-z]{4,20}$/i', BRequest::getVar('method', false))) {
$return = pms_set_like();
} else {
$return = 0;
}
print $return;
exit;
} elseif (BRequest::getVar('call', false) == 'sr') {
if (preg_match('/^[0-9]{1,20}$/i', BRequest::getVar('i', false)) && preg_match('/^[a-z]{4,20}$/i', BRequest::getVar('method', false))) {
$return = pms_set_rating();
} else {
$return = 0;
}
print $return;
exit;
}
require_once ABSPATH . 'inc' . DS . 'func_index.php';
require_once ABSPATH . 'bin' . DS . 'XPM4' . DS . 'MAIL.php';
global $cl;
$keywords = get_keywords();
// START META AND TITLE INFO FOR PAGE
$meta_desc = '<meta name="description" content="' . SITE_DESC . ' - ';
$meta_keywords = '<meta name="keywords" content="' . SITE_KEYWORDS . ' - ';
$title = '<title>';
function get_content()
{
// START INIT VARS \\
$return = NULL;
$prod_nrpp = 18;
// number of product results per page
$serv_nrpp = 26;
// number of product results per page
$serv_main_nrpp = 30;
// number of product results per page
if (BRequest::getVar('category') == 'services') {
$return = $this->get_filters() . $this->get_services_main($serv_main_nrpp) . $this->get_services($serv_nrpp);
} else {
$return = $this->get_filters() . $this->get_products($prod_nrpp) . $this->get_services($serv_nrpp);
}
return $return;
}
* @link http://www.5twentystudios.com
* @Package Five Twenty CMS
* @SubPackage PublicMarketSpace
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
$route = Router::parse();
if (!isset($route['pass'][0])) {
if (!is_user_logged_in()) {
redirect(url());
}
$route['pass'][0] = get_publicid(get_current_user_id());
}
BRequest::setVar('publicid', $route['pass'][0]);
global $cl, $page;
$page = 'profile';
require_once ABSPATH . 'inc' . DS . 'func_public.php';
// START META AND TITLE INFO FOR PAGE
$meta_desc = '<META NAME="DESCRIPTION" CONTENT="' . SITE_DESC . '" />' . "\n";
$meta_keywords = '<META NAME="KEYWORDS" CONTENT="' . SITE_KEYWORDS . '" />' . "\n";
$title = '<title>' . SITE_TITLE . '</title>';
// END
// CONTENT ENGINE
$cl = new contentLogic();
// END
// INITIALIZE THE MAIN ENGINE
$main = new main();
// END
//COMPILE META TAG
/**
* Cleans the request from script injection.
*
* @static
* @return void
* @since 1.0
*/
function clean()
{
BRequest::_cleanArray($_FILES);
BRequest::_cleanArray($_ENV);
BRequest::_cleanArray($_GET);
BRequest::_cleanArray($_POST);
BRequest::_cleanArray($_COOKIE);
BRequest::_cleanArray($_SERVER);
if (isset($_SESSION)) {
BRequest::_cleanArray($_SESSION);
}
$REQUEST = $_REQUEST;
$GET = $_GET;
$POST = $_POST;
$COOKIE = $_COOKIE;
$FILES = $_FILES;
$ENV = $_ENV;
$SERVER = $_SERVER;
if (isset($_SESSION)) {
$SESSION = $_SESSION;
}
foreach ($GLOBALS as $key => $value) {
if ($key != 'GLOBALS') {
unset($GLOBALS[$key]);
}
}
$_REQUEST = $REQUEST;
$_GET = $GET;
$_POST = $POST;
$_COOKIE = $COOKIE;
$_FILES = $FILES;
$_ENV = $ENV;
$_SERVER = $SERVER;
if (isset($SESSION)) {
$_SESSION = $SESSION;
}
// Make sure the request hash is clean on file inclusion
$GLOBALS['_BREQUEST'] = array();
}
<?php
/**
* @Author Jonathon byrd
* @link http://www.5twentystudios.com
* @Package Five Twenty CMS
* @SubPackage PublicMarketSpace
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
//redirect if successful
if (!is_user_logged_in()) {
redirect(Router::url(array('controller' => 'user', 'action' => 'login')));
}
//initializing
$user =& FiveFactory::getUser();
if (BRequest::get('post', false)) {
}
require $view;
" title="JOIN US NOW, IT'S FREE!">
GET STARTED TODAY, IT'S FREE!</a>
</div>
</div>
</td>
<td width="200">
<div class="loginform">
<form action="<?php
echo Router::url(array('controller' => 'user', 'action' => 'login'));
?>
" method="post" name="login" id="form-login">
<h2>Login</h2>
<label>
Username or Email<br>
<input type="text" value="<?php
echo BRequest::getVar('username');
?>
" class="inputbox frontlogin" name="username" id="username">
</label>
<label>
Password<br>
<input type="password" class="inputbox frontlogin" name="passwd" id="password">
</label>
<label for="remember">
<input type="checkbox" alt="Remember me" value="yes" id="remember" name="remember">
Remember me
</label>
<div style="text-align: center; padding: 10px 0 5px;">
/**
* Validation and filtering
*
* @return boolean True is satisfactory
*/
function check()
{
// Validate user information
if (trim($this->firstName) == '') {
$this->setError('Please enter your name.');
return false;
}
if (trim($this->email) == "" || !is_email($this->email)) {
$this->setError('Please enter a valid Email address');
return false;
}
if (trim($this->username) == '') {
$this->username = preg_replace("#[<>\"'%;()&\\@\\.]#i", '', $this->email);
}
if (trim($this->username) == '' || strlen(utf8_decode($this->username)) < 2) {
$this->setError('Please enter a valid Email address.');
return false;
}
// attempting to update our password
if (BRequest::getVar('_xpassword', false) || BRequest::getVar('password', false) && BRequest::getVar('password', '') != '') {
if (BRequest::getVar('_xpassword') != $this->password) {
$this->setError('Please confirm your password change.');
return false;
} else {
//password change is good
$this->password = pw_encode($this->password);
}
}
if (!$this->password) {
$this->password = $this->_xpass;
}
if ($this->dateReg == null) {
// Set the registration timestamp
$now =& FiveFactory::getDate();
$this->dateReg = $now->toMySQL();
}
// check for existing username
$query = 'SELECT id' . ' FROM ' . $this->_tbl . ' WHERE username = '******' AND id != ' . (int) $this->id;
$this->_db->setQuery($query);
$xid = intval($this->_db->loadResult());
if ($xid && $xid != intval($this->id)) {
$this->setError('Username is already in use.');
return false;
}
// check for existing email
$query = 'SELECT id' . ' FROM ' . $this->_tbl . ' WHERE email = ' . $this->_db->Quote($this->email) . ' AND id != ' . (int) $this->id;
$this->_db->setQuery($query);
$xid = intval($this->_db->loadResult());
if ($xid && $xid != intval($this->id)) {
$this->setError('Email is already in use.');
return false;
}
return true;
}
/**
* Saving this
*
* @return boolean True is satisfactory
*/
function store($updateNulls = false)
{
if ($banner = BRequest::getVar('img', false, 'files')) {
//delete the old
if (!is_null($this->banner)) {
@unlink($this->banner);
}
//save the new
$this->banner = save_file($banner, 'image', 'banner');
}
return parent::store($updateNulls);
}
/**
* Function is responsible for listing the ALL of the products from
* the database without querying for any categories.
*
* @return unknown|string
*/
function getAllServices()
{
$db =& $this->getDBO();
$db->resetTree();
$db->setTree('SELECT', '`' . $this->_tbl . '`.*');
$db->setTree('FROM', '`#__rel_serv_cca`');
$db->setTree('INNER JOIN', '`' . $this->_tbl . '` ON `#__rel_serv_cca`.bizid=' . $this->_tbl . '.bizid');
$db->setTree('WHERE', '`#__rel_serv_cca`.catid = ' . $db->Quote('108'));
if (BRequest::getCmd('p', false) == 'h' && BRequest::getCmd('s', false) == 'r' && BRequest::getCmd('r', false) == 'o') {
$db->setTree('ORDER BY', '`' . $this->_tbl . '`.`price` DESC');
} elseif (BRequest::getCmd('p', false) == 'l' && BRequest::getCmd('s', false) == 'r' && BRequest::getCmd('r', false) == 'o') {
$db->setTree('ORDER BY', "`{$this->_tbl}`.`price` ASC");
} elseif (BRequest::getCmd('s', false) == 'l' && BRequest::getCmd('r', false) == 'o') {
//@todo doesn't work as expected
$db->setTree('SELECT', "sum((`likes`.`like`)) AS `tlikes`");
$db->setTree('LEFT JOIN', "`likes` ON `{$this->_tbl}`.`id` = `likes`.`itemid`");
$db->setTree('ORDER BY', "tlikes ASC");
} elseif (BRequest::getCmd('s', false) == 'r' && BRequest::getCmd('r', false) == 'n') {
$db->setTree('ORDER BY', "`{$this->_tbl}`.`dateAdded` DESC");
} elseif (BRequest::getCmd('s', false) == 'r' && BRequest::getCmd('r', false) == 'o') {
$db->setTree('ORDER BY', "`{$this->_tbl}`.`dateAdded` ASC");
} elseif (BRequest::getCmd('s', false) == 'r') {
//@todo doesn't work as expected
$db->setTree('SELECT', "sum((`ratings`.`like`)) AS `ratingsum`");
$db->setTree('LEFT JOIN', "`ratings` ON `{$this->_tbl}`.`id` = `ratings`.`itemid`");
$db->setTree('ORDER BY', "ratingsum ASC");
}
//default ordering
if (empty($sql['ORDER BY'])) {
$db->setTree('ORDER BY', "`{$this->_tbl}`.dateAdded ASC");
}
$per_page = config('products.per_page');
$db->setTree('LIMIT', $per_page);
if ($offset = (BRequest::getInt('ppage', 1) - 1) * $per_page) {
$db->setTree('OFFSET', $offset);
}
$q = $db->queryTree();
//echo _520($q);
if ($results = $db->loadList($this->_tbl_key, $this->_type)) {
return $results;
}
return false;
}
function pms_data_un()
{
return BRequest::getVar('username', 'Guest');
}
<?php
/**
* @Author Jonathon byrd
* @link http://www.5twentystudios.com
* @Package Five Twenty CMS
* @SubPackage PublicMarketSpace
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
if (BRequest::get('post', false)) {
do_action('authenticate', BRequest::getVar('username'), BRequest::getVar('passwd'), BRequest::getVar('remember'));
}
//redirect if successful
if (is_user_logged_in()) {
redirect(Router::url(array('controller' => 'user', 'action' => 'profile')));
}
require $view;
<?php
/**
* @Author Jonathon byrd
* @link http://www.5twentystudios.com
* @Package Five Twenty CMS
* @SubPackage PublicMarketSpace
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or die("Cannot access pages directly.");
$product = FiveTable::getInstance('products');
$products = $product->getLike(BRequest::getVar('query'));
if (BRequest::getVar('query', false) && $products) {
foreach ((array) $products as $product) {
if (!$product) {
continue;
}
require $view;
}
} else {
?>
<p>Sorry, we couldn't find any results.</p>
<?php
}
<option>14</option>
<option>15</option>
<option>16</option>
<option>17</option>
<option>18</option>
<option>19</option>
<option>20</option>
</select>
</dd>
<div class="clear"></div>
<dt>card cvv2 code</dt>
<dd>
<div class="left">
<input type="text" size="3" maxlength="4" name="_ccSecCode" class="text-input large-input" value="<?php
echo BRequest::getVar('_ccSecCode');
?>
" />
</div>
<a href="{path_site}modal_boxes/cvv2_code_help.php" onclick="$(this).modal({width: 425, height: 250}).open(); return false;"><img style="margin: 6px 0 0 12px;" class="left" title="card issuer phone number help" alt="card issuer phone number help" src="{path_site}img/icon_question_mark.png"></a>
<div class="clear"></div>
</dd>
<div class="clear"></div>
</dl>
<p><input type="checkbox" name="agree" value="1" /> I am a small business owner and agree to the Saturday Market <a href="{path_site}terms/">Terms & Conditions</a> and
<a href="{path_site}privacy/" target="_blank">Privacy Policy</a>. I acknowledge and agree that any products provided for sale on PM will be adjusted 3.5% of the posted sale price.</p>
<input type="hidden" id="grand-total" name="total" value="20.00" />
<br />
<hr class="dotted" />
<p>You will be sent an email to verify your new {site_title} account. Upon verification you will be provided further instructions on setting up your account.</p>
<?php
//initializing
$ratings_newest = BRequest::getVar('s') == 'r' && BRequest::getVar('r') == 'n' ? 'active' : '';
$ratings_oldest = BRequest::getVar('s') == 'r' && BRequest::getVar('r') == 'o' && !BRequest::getVar('p', false) ? 'active' : '';
$ratings_rating = BRequest::getVar('s') == 'r' && !BRequest::getVar('r', false) ? 'active' : '';
$ratings_like = BRequest::getVar('s') == 'l' && BRequest::getVar('r') == 'o' ? 'active' : '';
$hight_low = BRequest::getVar('p') == 'h' && BRequest::getVar('s') == 'r' && BRequest::getVar('r') == 'o' ? 'active' : '';
$parts = explode('?', $_SERVER['REQUEST_URI']);
$url = Router::normalize($parts[0]);
?>
<div class="index_filters">
<div style="width:80px;height:30px;position:relative;float:left;">
<?php
if ($ratings_newest || $ratings_oldest || $ratings_rating || $ratings_like || $hight_low) {
?>
<div class="filters_button">
<div class="filter_button filter_button_first"><a href="<?php
echo $url;
?>
">Clear</a></div>
</div>
<?php
}
?>
</div>
<div class="filters_buttons">
<div class="filter_button fbl <?php
echo $ratings_newest;
?>
echo Router::url(array('controller' => 'user', 'action' => 'register'));
?>
" method="post" name="login" id="form-login">
<h2>Start Here</h2>
<label>
Name<br>
<input type="text" value="<?php
echo BRequest::getVar('name');
?>
"class="inputbox frontlogin" name="name" id="name">
</label>
<label>
Email<br>
<input type="text" value="<?php
echo BRequest::getVar('email');
?>
" class="inputbox frontlogin" name="email" id="email">
</label>
<label for="remember">
<input type="checkbox" value="yes" id="agree" name="agree">
I Agree to the Terms of Use
</label>
<div style="text-align: center; padding: 10px 0 5px;">
<input type="submit" value="Login" name="submit" id="submit" class="button">
</div>
</form>
<?php
/**
* @Author Jonathon byrd
* @link http://www.5twentystudios.com
* @Package Importing
* @Since 1.0.0
* @copyright Copyright (C) 2011 5Twenty Studios
*
*/
defined('ABSPATH') or _die("Cannot access pages directly.");
if (!is_user_logged_in()) {
redirect(url('user/login'));
}
$import = false;
if ($file = BRequest::getVar('import', false, 'files')) {
$import = save_file($file, 'csv', 'import');
}
require $view;