Example #1
0
 public function editProcess($actionurl = false)
 {
     global $callbackId;
     if (PPostHandler::isHandling()) {
         $vars =& PPostHandler::getVars();
         if ($vars) {
             // Populate the _REQUEST array with the Post-Vars, so the wiki can use them :-/
             foreach ($vars as $key => $value) {
                 $_REQUEST[$key] = $value;
             }
         }
         $url = $this->parseRequest();
         $this->no_output = true;
         ob_start();
         $this->getWiki($url);
         ob_end_clean();
         PPostHandler::clearVars();
         $url = str_replace('edit/', '', $url);
         if ($actionurl) {
             header('Location: ' . PVars::getObj('env')->baseuri . $actionurl);
             PPHP::PExit();
         }
         header('Location: ' . PVars::getObj('env')->baseuri . 'wiki/' . $url);
         PPHP::PExit();
         //return PVars::getObj('env')->baseuri.'wiki';
     } else {
         $callbackId = PFunctions::hex2base64(sha1(__METHOD__));
         PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
         return $callbackId;
     }
 }
Example #2
0
    echo htmlentities($vars['d'], ENT_COMPAT, 'utf-8');
}
?>
</textarea>
            <p class="desc"><?php 
echo $words->get('TripDesc_desc2');
?>
</p>
        </div>
    </fieldset>
    <p>
<?php 
if (isset($vars['trip_id']) && $vars['trip_id']) {
    echo '<input type="hidden" name="trip_id" value="' . $vars['trip_id'] . '" />';
}
?>
        <input type="hidden" name="<?php 
echo $callbackId;
?>
" value="1"/>
        <input type="submit" value="<?php 
echo $editing ? $words->getSilent('TripSubmit_edit') : $words->getSilent('TripSubmit_create');
?>
"/><?php 
echo $words->flushBuffer();
?>
    </p>
</form>
<?php 
PPostHandler::clearVars($callbackId);
Example #3
0
    /**
     * Processing registration
     *
     * This is a POST callback function
     *
     * Sets following errors in POST-vars:
     * username   - general username fault
     * uinuse     - username already in use
     * email      - general email fault, email format error
     * einuse     - email in use
     * pw         - general password fault
     * pwmismatch - password mismatch
     * inserror   - error performing db insertion
     *
     * @param void
     */
    public function registerProcess()
    {
        $c = PFunctions::hex2base64(sha1(__METHOD__));
        if (PPostHandler::isHandling()) {
            $vars =& PPostHandler::getVars();
            $errors = array();
            // check username
            if (!isset($vars['u']) || !preg_match(User::HANDLE_PREGEXP, $vars['u']) || strpos($vars['u'], 'xn--') !== false) {
                $errors[] = 'username';
            } elseif ($this->handleInUse($vars['u'])) {
                $errors[] = 'uinuse';
            }
            // email
            if (!isset($vars['e']) || !PFunctions::isEmailAddress($vars['e'])) {
                $errors[] = 'email';
            } elseif ($this->emailInUse($vars['e'])) {
                $errors[] = 'einuse';
            }
            // password
            if (!isset($vars['p']) || !isset($vars['pc']) || !$vars['p'] || !$vars['pc'] || strlen($vars['p']) < 8) {
                $errors[] = 'pw';
            } elseif ($vars['p'] != $vars['pc']) {
                $errors[] = 'pwmismatch';
            } else {
                if (substr_count($vars['p'], '*') != strlen($vars['p'])) {
                    // set encoded pw
                    $vars['pwenc'] = MOD_user::passwordEncrypt($vars['p']);
                    $shadow = str_repeat('*', strlen($vars['p']));
                    $vars['p'] = $shadow;
                    $vars['pc'] = $shadow;
                }
            }
            if (count($errors) > 0) {
                $vars['errors'] = $errors;
                return false;
            }
            $Auth = new MOD_user_Auth();
            $authId = $Auth->checkAuth('defaultUser');
            $query = '
INSERT INTO `user`
(`id`, `auth_id`, `handle`, `email`, `pw`, `active`)
VALUES
(
    ' . $this->dao->nextId('user') . ',
    ' . (int) $authId . ',
    \'' . $this->dao->escape($vars['u']) . '\',
    \'' . $this->dao->escape($vars['e']) . '\',
    \'' . $this->dao->escape($vars['pwenc']) . '\',
    0
)';
            $s = $this->dao->query($query);
            if (!$s->insertId()) {
                $vars['errors'] = array('inserror');
                return false;
            }
            $userId = $s->insertId();
            $key = PFunctions::randomString(16);
            // save register key
            if (!APP_User::addSetting($userId, 'regkey', $key)) {
                $vars['errors'] = array('inserror');
                return false;
            }
            // save lang
            if (!APP_User::addSetting($userId, 'lang', PVars::get()->lang)) {
                $vars['errors'] = array('inserror');
                return false;
            }
            $View = new UserView($this);
            $View->registerMail($userId);
            PPostHandler::clearVars();
            return PVars::getObj('env')->baseuri . 'user/register/finish';
        } else {
            PPostHandler::setCallback($c, __CLASS__, __FUNCTION__);
            return $c;
        }
    }
Example #4
0
 public function editGalleryProcess($vars)
 {
     $this->dao->exec("UPDATE `gallery` SET `title` = '" . $vars['t'] . "' , `description` = '" . $vars['txt'] . "' WHERE `id`= " . $vars['id']);
     PPostHandler::clearVars($callbackId);
     return false;
 }
Example #5
0
 /**
  * allows to reply to a thread in the suggestions group
  *
  **/
 public function showExternalSuggestionsThreadReply($suggestionId, $groupId, $threadId, $urlpart)
 {
     $request = $this->request;
     $this->parseRequest();
     $this->_model->setGroupId($groupId);
     $this->_model->setThreadId($threadId);
     $this->isTopLevel = false;
     $this->_model->prepareForum();
     $this->_model->prepareTopic();
     $this->_model->initLastPosts();
     $this->_view->suggestionId = $suggestionId;
     $this->_view->suggestionsGroupId = $groupId;
     $this->_view->suggestionsThreadId = $threadId;
     $this->_view->suggestionsUri = 'suggestions/' . $suggestionId . '/' . $urlpart . '/';
     $callbackId = $this->replySuggestionsProcess();
     $this->_view->replyTopic($callbackId);
     PPostHandler::clearVars($callbackId);
 }
Example #6
0
 /**
  * Processing edit of a blog.
  *
  * This is a POST callback function.
  *
  * Sets following errors in POST vars:
  * title        - invalid(empty) title.
  * startdate    - wrongly formatted start date.
  * enddate      - wrongly formatted end date.
  * duration     - empty enddate and invalid duration.
  * category     - category is not belonging to user.
  * trip         - trip is not belonging to user.
  * upderror     - error performing db update.
  * tagerror     - error while updating tags.
  */
 public function editProcess($args, $action, $mem_redirect, $mem_resend)
 {
     if (!($member = $this->_model->getLoggedInMember())) {
         return false;
     }
     $userId = $member->id;
     $vars = $args->post;
     if (!isset($vars['id']) || !$this->_model->isUserPost($userId, $vars['id'])) {
         return false;
     }
     if (isset($vars['txt'])) {
         $vars['txt'] = $this->_cleanupText($vars['txt']);
     }
     if (!$this->_validateVars($vars)) {
         return false;
     }
     $post = $this->_model->getPost($vars['id']);
     if (!$post) {
         return false;
     }
     $flags = $post->flags;
     // cannot write sticky blogs currently
     $flags = $flags & ~(int) Blog::FLAG_STICKY;
     if (!isset($vars['vis'])) {
         $vars['vis'] = 'pri';
     }
     switch ($vars['vis']) {
         case 'pub':
             $flags = $flags & ~(int) Blog::FLAG_VIEW_PROTECTED & ~(int) Blog::FLAG_VIEW_PRIVATE;
             break;
         case 'prt':
             $flags = $flags & ~(int) Blog::FLAG_VIEW_PRIVATE | (int) Blog::FLAG_VIEW_PROTECTED;
             break;
         default:
             $flags = $flags & ~(int) Blog::FLAG_VIEW_PROTECTED | (int) Blog::FLAG_VIEW_PRIVATE;
             break;
     }
     $tripId = isset($vars['tr']) && strcmp($vars['tr'], '') != 0 ? (int) $vars['tr'] : false;
     $this->_model->updatePost($post->blog_id, $flags, $tripId);
     // 'Touch' the corresponding trip!
     if ($tripId) {
         $TripModel = new Trip();
         $TripModel->touchTrip($tripId);
     }
     /*// to sql datetime format.
       if ((isset($vars['sty']) && (int)$vars['sty'] != 0) || (isset($vars['stm']) && (int)$vars['stm'] != 0) || (isset($vars['std']) && (int)$vars['std'] != 0)) {
           $start = mktime(0, 0, 0, (int)$vars['stm'], (int)$vars['std'], (int)$vars['sty']);
           $start = date('YmdHis', $start);
       } else {
           $start = false;
       } */
     // to sql datetime format.
     if (isset($vars['date']) && (strlen($vars['date']) <= 10 && strlen($vars['date']) > 8)) {
         list($day, $month, $year) = preg_split('/[\\/.-]/', $vars['date']);
         if (substr($month, 0, 1) == '0') {
             $month = substr($month, 1, 2);
         }
         if (substr($day, 0, 1) == '0') {
             $day = substr($day, 1, 2);
         }
         $start = mktime(0, 0, 0, (int) $month, (int) $day, (int) $year);
         $start = date('YmdHis', $start);
     } else {
         $start = false;
     }
     // Check if the location already exists in our DB and add it if necessary
     if ($vars['geonameid'] && $vars['latitude'] && $vars['longitude'] && $vars['geonamename'] && $vars['geonamecountrycode'] && $vars['admincode']) {
         $geoname_ok = $this->_model->checkGeonamesCache($vars['geonameid']);
     } else {
         $geoname_ok = false;
     }
     $geonameId = $geoname_ok ? $vars['geonameid'] : false;
     $this->_model->updatePostData($post->blog_id, $vars['t'], $vars['txt'], $start, $geonameId);
     if (!$this->_model->updateTags($post->blog_id, explode(',', $vars['tags']))) {
         $vars['errors'] = array('tagerror');
         return false;
     }
     $this->_model->updateBlogToCategory($post->blog_id, $vars['cat']);
     PPostHandler::clearVars();
     return 'blog/edit/' . $post->blog_id . '/finish';
 }
Example #7
0
 private function editTrip($tripId)
 {
     $callbackId = $this->editProcess();
     PPostHandler::clearVars($callbackId);
     $this->_model->prepareEditData($tripId, $callbackId);
     $P = PVars::getObj('page');
     $vw = new ViewWrap($this->_view);
     $P->content .= $vw->editTrip($callbackId);
     PPostHandler::clearVars($callbackId);
 }
Example #8
0
 /**
  * Fetches matching threads/posts from the Sphinx index
  *
  * @return mixed Either false if there was a problem with the search box content or a list of matches.
  */
 public function searchProcess()
 {
     if (!($User = APP_User::login())) {
         return false;
     }
     $vars =& PPostHandler::getVars();
     $vars_ok = $this->_checkVarsSearch($vars);
     if ($vars_ok) {
         $keyword = htmlspecialchars($vars['fs-keyword']);
         PPostHandler::clearVars();
         return PVars::getObj('env')->baseuri . $this->forums_uri . 'search/' . $keyword;
     }
     return false;
 }
Example #9
0
 /**
  * Loading register form template
  *
  * @param void
  */
 public function registerForm()
 {
     // instantiate signup model
     $Signup = new Signup();
     // retrieve the callback ID
     $callbackId = $Signup->registerProcess();
     // get the saved post vars
     $vars =& PPostHandler::getVars($callbackId);
     $javascript = false;
     if (isset($vars['javascriptactive'])) {
     }
     if (isset($vars['javascriptactive']) && $vars['javascriptactive'] === 'true') {
         $javascript = true;
     }
     $selYear = 0;
     if (isset($vars['birthyear'])) {
         $selYear = $vars['birthyear'];
     }
     $birthYearOptions = $this->buildBirthYearOptions($selYear);
     require 'templates/registerform.php';
     PPostHandler::clearVars($callbackId);
 }
Example #10
0
    /**
     * Processing creation of a comment
     *
     * This is a POST callback function.
     *
     * Sets following errors in POST vars:
     * title        - invalid(empty) title.
     * textlen      - too short or long text.
     * inserror     - db error while inserting.
     */
    public function shoutProcess($table = false, $table_id = false)
    {
        $callbackId = PFunctions::hex2base64(sha1(__METHOD__));
        if (PPostHandler::isHandling()) {
            if (!$_SESSION['IdMember']) {
                return false;
            }
            $vars =& PPostHandler::getVars();
            $request = PRequest::get()->request;
            if (!$table) {
                $table = $vars['table'];
            }
            if (!$table_id) {
                $table_id = $vars['table_id'];
            }
            // validate
            if (!isset($vars['ctxt']) || strlen($vars['ctxt']) == 0 || strlen($vars['ctxt']) > 5000) {
                $vars['errors'] = array('textlen');
                return false;
            }
            $shoutId = $this->dao->nextId('shouts');
            $query = '
INSERT INTO `shouts`
SET
    `id`=' . $shoutId . ',
    `table`=\'' . $table . '\',
    `table_id`=\'' . $table_id . '\',
    `member_id_foreign`=' . $_SESSION['IdMember'] . ',
    `title`=\'' . (isset($vars['ctit']) ? $this->dao->escape($vars['ctit']) : '') . '\',
    `text`=\'' . $this->dao->escape($vars['ctxt']) . '\',
    `created`=NOW()';
            $s = $this->dao->query($query);
            if (!$s) {
                $vars['errors'] = array('inserror');
                return false;
            }
            PPostHandler::clearVars();
            return PVars::getObj('env')->baseuri . implode('/', $request) . '#c' . $shoutId;
        } else {
            PPostHandler::setCallback($callbackId, __CLASS__, __FUNCTION__);
            return $callbackId;
        }
    }