Example #1
0
 /**
  * Deletes a category
  * @param int $iId 
  * @return bool
  */
 public function deleteCategory($iId)
 {
     Phpfox::isAdmin(true);
     $this->database()->delete(Phpfox::getT('app_category'), 'category_id = ' . (int) $iId);
     $this->database()->delete(Phpfox::getT('app_category_data'), 'category_id = ' . (int) $iId);
     return true;
 }
Example #2
0
 /**
  * Gets the bulletins to show in the entry block, this complies with the admin panel settings for
  * how many to show in front page and if the bulletins are private or not, also with the cache time out
  * Private bulletins are never cached or it would lead to too many cache files.
  * @param $iId integer User id for which we filter, we check if this user has permission to see every message or we filter out
  * @return array
  */
 public function getBulletins($iId)
 {
     // we need to show all the bulletins that this user can see
     // we need to know if the admin has set it so only friends can view bulletins
     if (Phpfox::getParam('bulletin.is_bulletin_public') || Phpfox::isAdmin()) {
         // check the cache first
         // we do a simple get
         if (Phpfox::getParam('bulletin.bulletin_do_cache')) {
             $sCacheId = $this->cache()->set('bulletin');
             if (!($aRows = $this->cache()->get($sCacheId, Phpfox::getParam('bulletin.cache_time_out')))) {
                 $aRows = $this->database()->select('b.bulletin_id, b.view_id, b.title, b.time_stamp, b.total_comment, b.total_attachment, ' . Phpfox::getUserField())->from($this->_sTable, 'b')->join(Phpfox::getT('user'), 'u', 'u.user_id = b.user_id')->order('b.time_stamp DESC')->where('b.view_id = 0')->limit(Phpfox::getParam('bulletin.how_many_show_in_front_page'))->execute('getSlaveRows');
                 if (!empty($aRows)) {
                     foreach ($aRows as $iKey => $aRow) {
                         $aRows[$iKey]['posted_on'] = Phpfox::getPhrase('bulletin.posted_on_time_stamp_by_user_link', array('item_time_stamp' => Phpfox::getTime(Phpfox::getParam('bulletin.bulletin_view_timestamp'), $aRow['time_stamp']), 'user' => $aRow));
                     }
                     $this->cache()->save($sCacheId, $aRows);
                 }
             }
             return $aRows;
         }
         $aRows = $this->database()->select('b.bulletin_id, b.title, b.view_id, b.time_stamp, b.total_comment, b.total_attachment, ' . Phpfox::getUserField())->from($this->_sTable, 'b')->join(Phpfox::getT('user'), 'u', 'u.user_id = b.user_id')->order('b.time_stamp DESC')->limit(Phpfox::getParam('bulletin.how_many_show_in_front_page'))->execute('getSlaveRows');
         foreach ($aRows as $iKey => $aRow) {
             $aRows[$iKey]['posted_on'] = Phpfox::getPhrase('bulletin.posted_on_time_stamp_by_user_link', array('item_time_stamp' => Phpfox::getTime(Phpfox::getParam('bulletin.bulletin_view_timestamp'), $aRow['time_stamp']), 'user' => $aRow));
         }
         return $aRows;
     }
     // Private bulletins, cache the ones this oner can see
     $aRows = $this->database()->select('DISTINCT b.bulletin_id, b.title, b.view_id, b.time_stamp, b.total_comment, b.total_attachment, ' . Phpfox::getUserField())->from($this->_sTable, 'b')->join(Phpfox::getT('friend'), 'f', '(f.friend_user_id = ' . (int) $iId . ' AND f.user_id = b.user_id) OR b.user_id = ' . (int) $iId)->join(Phpfox::getT('user'), 'u', 'b.user_id = u.user_id')->order('b.time_stamp DESC')->limit(Phpfox::getParam('bulletin.how_many_show_in_front_page'))->execute('getSlaveRows');
     foreach ($aRows as $iKey => $aRow) {
         $aRows[$iKey]['posted_on'] = Phpfox::getPhrase('bulletin.posted_on_time_stamp_by_user_link', array('item_time_stamp' => Phpfox::getTime(Phpfox::getParam('bulletin.bulletin_view_timestamp'), $aRow['time_stamp']), 'user' => $aRow));
     }
     return $aRows;
 }
Example #3
0
 public function compose()
 {
     Phpfox::isUser(true);
     $aUser = Phpfox::getService('user')->get($this->get('user_id'), true);
     $this->setTitle(Phpfox::getPhrase('interact.interact_with_user', array('fname' => $aUser['full_name'])));
     if (!Phpfox::getService('user.privacy')->hasAccess($aUser['user_id'], 'interact.can_interact')) {
         echo Phpfox::getPhrase('interact.unable_privacy');
         return false;
     }
     if (Phpfox::getParam('interact.interact_friends_only')) {
         if (!Phpfox::getService('friend')->isFriend($aUser['user_id'], Phpfox::getUserId())) {
             echo Phpfox::getPhrase('interact.unable_friend');
             return false;
         }
     }
     if (Phpfox::getUserParam('interact.enable_interactions')) {
         $iAllowed = Phpfox::getUserParam('interact.send_per_hour');
         if ($iAllowed != 0) {
             $iHourSent = Phpfox::getLib('database')->select('COUNT(id)')->from(Phpfox::getT('interactions_main'))->where('is_reply = 0 AND sender_id = ' . Phpfox::getUserId() . ' AND time >= ' . (time() - 3600))->execute('getSlaveField');
             if (!Phpfox::isAdmin() && $iHourSent >= $iAllowed && $this->get('reply') == 0) {
                 echo Phpfox::getPhrase('interact.flood_control', array('allowed' => $iAllowed));
                 return false;
             }
         }
         $iItemId = 0;
         if ($this->get('item_id')) {
             $iItemId = $this->get('item_id');
         }
         Phpfox::getBlock('interact.compose', array('int_id' => $this->get('int_id'), 'user_id' => $this->get('user_id'), 'item_id' => $iItemId, 'is_reply' => $this->get('reply') ? $this->get('reply') : 0));
         echo '<script type="text/javascript">$Core.loadInit();</script>';
     } else {
         echo Phpfox::getPhrase('interact.no_permission');
         return false;
     }
 }
 /**
  * Class process method wnich is used to execute this component.
  */
 public function process()
 {
     Phpfox::isAdmin(true);
     if (!($aLog = Phpfox::getService('core.admincp')->getAdminLoginLog($this->request()->get('login_id')))) {
         return false;
     }
     $this->template()->assign(array('aLog' => $aLog));
 }
Example #5
0
 public function deleteNoFollow()
 {
     Phpfox::isAdmin(true);
     foreach ((array) $this->get('id') as $iId) {
         Phpfox::getService('admincp.seo.process')->deleteNoFollow($iId);
         $this->remove('#js_id_row_' . $iId);
     }
     $this->call('$(\'#js_check_box_all\').attr(\'checked\', false);');
 }
Example #6
0
	/**
	 * This function validates the permission to send a PM to another user, it 
	 * takes into account the user group setting: mail.can_compose_message
	 * the privacy setting by the receiving user: mail.send_message
	 * and if the receiving user is blocked by the sender user or viceversa
	 * Also checks on other user group based restrictions
	 * @param int $iUser The user id of the member trying to send a message
	 * @return boolean true if its ok to send the message, false otherwise
	 */
	public function canMessageUser($iUser)
	{
		(($sPlugin = Phpfox_Plugin::get('mail.service_mail_canmessageuser_1')) ? eval($sPlugin) : false);
		if (isset($bCanOverrideChecks))
		{
			return true;
		}
		// 1. user group setting:
		if (!Phpfox::getUserParam('mail.can_compose_message'))
		{			
			return false;
		}
		// 2. Privacy setting check
		$iPrivacy = $this->database()->select('user_value')
				->from(Phpfox::getT('user_privacy'))
				->where('user_id = ' . (int)$iUser . ' AND user_privacy = "mail.send_message"')
				->execute('getSlaveField');

		if (!empty($iPrivacy) && !Phpfox::isAdmin())
		{
			if ($iPrivacy == 4) // No one
			{				
				return false;
			}			
			else if($iPrivacy == 1 && !Phpfox::isUser()) // trivial case
			{				
				return false;
			}
			else if ($iPrivacy == 2 && !Phpfox::getService('friend')->isFriend(Phpfox::getUserId(), $iUser, false)) // friends only
			{				
				return false;
			}
		}

		// 3. Blocked users		
		if (!Phpfox::isAdmin() && (Phpfox::getService('user.block')->isBlocked(Phpfox::getUserId(), $iUser) > 0 || Phpfox::getService('user.block')->isBlocked($iUser, Phpfox::getUserId()) > 0))
		{			
			return false;
		}

		// 4. Sending message to oneself vs the setting mail.can_message_self
		if ($iUser == Phpfox::getUserId() && !Phpfox::getUserParam('mail.can_message_self'))
		{			
			return false;
		}

		// 5. User group setting (different from check 2 since that is user specific)		
		if ((Phpfox::getUserParam('mail.restrict_message_to_friends') == true)
			&& (Phpfox::getService('friend')->isFriend(Phpfox::getUserId(), $iUser, false) == false)
			&& (Phpfox::getUserParam('mail.override_restrict_message_to_friends') == false))
		{
			return false;
		}
		// then its ok
		return true;
	}
Example #7
0
 public function dumpCache()
 {
     Phpfox::isAdmin(true);
     $aFiles = Phpfox::getLib('file')->getAllFiles(PHPFOX_DIR_CACHE);
     foreach ($aFiles as $sFile) {
         unlink($sFile);
     }
     $aFiles = Phpfox::getLib('file')->getAllFiles(PHPFOX_DIR_CACHE);
     $this->html('#dump_cache_button_text', Phpfox::getPhrase('sysop.dump_cache') . ' (' . count($aFiles) . ' ' . Phpfox::getPhrase('sysop.files') . ')');
     $this->call('blinkStatus("cache_dump_status");');
 }
Example #8
0
 private function _view($sView)
 {
     switch ($sView) {
         case 'pending_entries':
             Phpfox::isUser(true);
             if (!Phpfox::isAdmin()) {
                 $this->search()->setCondition('AND en.status = 0 and ct.user_id = ' . PHpfox::getUserId());
             } else {
                 $this->search()->setCondition('AND en.status = 0 ');
             }
             break;
         default:
             Phpfox::isUser(true);
             $this->search()->setCondition('AND en.user_id = ' . Phpfox::getUserId());
             break;
     }
 }
Example #9
0
 /** This function updates the site wide rewrites, not the redirects.
  * 	This is called from AdminCP -> Tools -> SEO -> URL Rewrite
  * 	@version 3.7.0
  * 	@param $aRewrites array [ {rewrite_id: #, original_url: string, replacement_url : string }, {... ]
  */
 public function updateRewrites($aRewrites)
 {
     Phpfox::isAdmin(true);
     $oParse = Phpfox::getLib('parse.input');
     foreach ($aRewrites as $aRewrite) {
         if (!isset($aRewrite['rewrite_id']) || !isset($aRewrite['remove']) && (!isset($aRewrite['original_url']) || !isset($aRewrite['replacement_url']))) {
             continue;
         }
         if (!isset($aRewrite['remove']) && strpos($aRewrite['original_url'], ' ') !== false) {
             Phpfox_Error::set('This is not a valid url: "' . $aRewrite['original_url'] . '"');
             continue;
         }
         if (!isset($aRewrite['remove']) && strpos($aRewrite['replacement_url'], ' ') !== false) {
             Phpfox_Error::set('This is not a valid url: "' . $aRewrite['replacement_url'] . '"');
             continue;
         }
         // Invalid params from the otiringal url
         if (isset($aRewrite['original_url'])) {
             $aRewrite['original_url'] = str_replace('_', '', $aRewrite['original_url']);
         }
         if (is_numeric($aRewrite['rewrite_id']) && $aRewrite['rewrite_id'] > 0 && (int) $aRewrite['rewrite_id'] == $aRewrite['rewrite_id']) {
             if (isset($aRewrite['remove'])) {
                 $this->database()->delete(Phpfox::getT('rewrite'), 'rewrite_id = ' . (int) $aRewrite['rewrite_id']);
             } else {
                 $aRewrite['original_url'] = trim($aRewrite['original_url'], '/');
                 $aRewrite['replacement_url'] = trim($aRewrite['replacement_url'], '/');
                 $this->database()->update(Phpfox::getT('rewrite'), array('url' => $oParse->clean($aRewrite['original_url']), 'replacement' => $oParse->clean($aRewrite['replacement_url'])), 'rewrite_id = ' . (int) $aRewrite['rewrite_id']);
             }
         } else {
             $aRewrite['original_url'] = trim($aRewrite['original_url'], '/');
             $aRewrite['replacement_url'] = trim($aRewrite['replacement_url'], '/');
             $this->database()->insert(Phpfox::getT('rewrite'), array('url' => $oParse->clean($aRewrite['original_url']), 'replacement' => $oParse->clean($aRewrite['replacement_url'])));
         }
     }
     $iCacheId = Phpfox::getLib('cache')->set('rewrite');
     Phpfox::getLib('cache')->remove($iCacheId);
     $iReverseCacheId = Phpfox::getLib('cache')->set('rewrite_reverse');
     Phpfox::getLib('cache')->remove($iReverseCacheId);
     return true;
 }
Example #10
0
 /**
  * This controller orchestrates to register a new application
  */
 public function process()
 {
     $bIsAdd = $bIsEdit = false;
     Phpfox::getUserParam('apps.can_add_app', true);
     if (!Phpfox::getParam('apps.enable_api_support')) {
         //return Phpfox_Error::display('No api');
     }
     if ($aVals = $this->request()->getArray('app')) {
         $bIsAdd = true;
         $aApp = Phpfox::getService('apps.process')->addApp($aVals);
         if ($aApp == false) {
             $this->template()->assign(array('sErrorMessage' => Phpfox_Error::get()));
         } else {
             $this->url()->send('apps.add', array('id' => $aApp['app_id']), Phpfox::getPhrase('apps.app_successfully_created'));
         }
     }
     if (($iId = $this->request()->getInt('id')) && $this->request()->get('req2') == 'add') {
         // is editing an app
         $aApp = Phpfox::getService('apps')->getAppById($iId);
         $this->template()->assign('aForms', $aApp);
         $bIsEdit = true;
         $aMenus = array('general' => Phpfox::getPhrase('apps.general'), 'photo' => Phpfox::getPhrase('apps.photo'), 'url' => Phpfox::getPhrase('apps.url'));
         $this->template()->buildPageMenu('js_apps_block', $aMenus, array('link' => Phpfox::permalink('apps', $aApp['app_id'], $aApp['app_title']), 'phrase' => Phpfox::getPhrase('apps.view_this_app')));
         if ($aVals = $this->request()->getArray('val')) {
             if (Phpfox::getService('apps.process')->updateApp($aVals, $aApp)) {
                 $this->url()->send('apps.add', array('id' => $aApp['app_id']), Phpfox::getPhrase('apps.successfully_updated_the_app'));
             }
         }
         // check that this user is owner of the app
         // we can have a user group setting here
         if ($aApp['user_id'] != Phpfox::getUserId() && !Phpfox::isAdmin()) {
             Phpfox_Error::display(Phpfox::getPhrase('apps.you_are_not_allowed_to_edit_this_app'));
         } else {
             $this->template()->assign(array('aApp' => $aApp))->setHeader(array('index.js' => 'module_apps'));
         }
     }
     $aCategories = Phpfox::getService('apps.category')->getAllCategories();
     $this->template()->setTitle($bIsEdit ? Phpfox::getPhrase('apps.editing_app') . ': ' . $aApp['app_title'] : Phpfox::getPhrase('apps.create_an_app'))->setFullSite()->setBreadcrumb(Phpfox::getPhrase('apps.apps'), $this->url()->makeUrl('apps'))->setBreadcrumb($bIsEdit ? Phpfox::getPhrase('apps.editing_app') . ': ' . $aApp['app_title'] : Phpfox::getPhrase('apps.create_an_app'), $this->url()->makeUrl('apps.add'), true)->assign(array('aCategories' => $aCategories));
 }
Example #11
0
	/**
	 * This function is called from the add controller when a user submitted an edited 
	 * version of their app. 
	 * @param type $aVals
	 * @param type $aApp 
	 */
	public function updateApp($aVals)
	{		
		// get the app and make sure this user is allowed to edit it
		$aApp = Phpfox::getService('apps')->getAppById($aVals['app_id']);
		
		if (empty($aApp) || ($aApp['user_id'] != Phpfox::getUserId() && !Phpfox::isAdmin()))
		{
			return Phpfox_Error::set(Phpfox::getPhrase('apps.cannot_edit_this_app'));
		}
		
		$oParse = Phpfox::getLib('parse.input');
		
		$sUrl = rtrim($oParse->clean($aVals['app_url']), '/') . '/';
		
		if (!preg_match('/^(http|https):\/\/(.*)$/i', $sUrl))
		{
			return Phpfox_Error::set(Phpfox::getPhrase('apps.please_provide_a_valid_url'));
		}
		
		$this->database()->update(Phpfox::getT('app'), array(
			'app_title' => $oParse->clean($aVals['title']),
			'app_description' => $oParse->clean($aVals['description']),
			'app_url' => $sUrl
		), 'app_id = ' . $aApp['app_id']);
		
		if (!empty($_FILES['image']['name']))
		{
			// Upload this picture before deleting the old one
			$oFile = Phpfox::getLib('file');
			$oImage = Phpfox::getLib('image');
			
			Phpfox::getLib('file')->load('image');
			$sFileName = $oFile->upload('image', Phpfox::getParam('app.dir_image'), $aApp['app_id']);
			$this->database()->update(Phpfox::getT('app'), array('image_path' => $sFileName), 'app_id = ' . $aApp['app_id']);
			
			// Create thumbnail						
			$oImage->createThumbnail(Phpfox::getParam('app.dir_image') . sprintf($sFileName, ''), Phpfox::getParam('app.dir_image') . sprintf($sFileName, '_200'), 200, 200);
			
			$iSize = 50;
			$oImage->createThumbnail(Phpfox::getParam('app.dir_image') . sprintf($sFileName, ''), Phpfox::getParam('app.dir_image') . sprintf($sFileName, '_' . $iSize), $iSize, $iSize);
			$oImage->createThumbnail(Phpfox::getParam('app.dir_image') . sprintf($sFileName . '', ''), Phpfox::getParam('app.dir_image') . sprintf($sFileName, '_square'), $iSize, $iSize, false);
			// update the image from the database
			$this->database()->update(Phpfox::getT('app'), array('image_path' => $sFileName), 'app_id = ' . $aApp['app_id']);
			
			// now we can delete the old image
			if (!empty($aApp['image_path']))
			{
				if (file_exists(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], '')))
				{
					Phpfox::getLib('file')->unlink(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], ''));
				}

				if (file_exists(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], '_' . $iSize)))
				{
					Phpfox::getLib('file')->unlink(Phpfox::getParam('app.dir_image') . sprintf($aApp['image_path'], '_' . $iSize));
				}
			}
		}
		// update the category for this app
		$this->database()->delete(Phpfox::getT('app_category_data'), 'app_id = ' . $aApp['app_id']);
		$this->database()->insert(Phpfox::getT('app_category_data'), array(
			'category_id' => (int)$aVals['category'],
			'app_id' => $aApp['app_id']
		));
		return true;
	}
Example #12
0
 public function clearIgnore()
 {
     Phpfox::isAdmin();
     Phpfox::getService('generator.image.process')->clearIgnoreList();
     $this->call('alert("Ignore list cleared.");');
 }
Example #13
0
 /**
  * Gets all the sites custom menus, such as the Main, Header, Footer and Sub menus.
  * Since information is stored in the database we cache the information so we only run
  * the query once. 
  *
  * @param sting $sConnection Current page we are viewing (Example: account/login)
  * @return array $aMenus Is an array of the menus data
  */
 public function getMenu($sConnection = null)
 {
     $oCache = Phpfox::getLib('cache');
     $oDb = Phpfox_Database::instance();
     $oReq = Phpfox_Request::instance();
     ($sPlugin = Phpfox_Plugin::get('template_template_getmenu_1')) ? eval($sPlugin) : false;
     $aMenus = array();
     $bIsModulePage = false;
     if ($sConnection === null) {
         $sConnection = Phpfox_Module::instance()->getFullControllerName();
         $bIsModulePage = true;
         $sConnection = preg_replace('/(.*)\\.profile/i', '\\1.index', $sConnection);
         if ($sConnection == 'user.photo' && $oReq->get('req3') == 'register' || $sConnection == 'invite.index' && $oReq->get('req2') == 'register') {
             return array();
         }
     }
     //$sConnection = strtolower($sConnection);
     $sConnection = strtolower(str_replace('/', '.', $sConnection));
     if ($sConnection == 'profile.private') {
         return array();
     }
     $sCachedId = $oCache->set(array('theme', 'menu_' . str_replace(array('/', '\\'), '_', $sConnection) . (Phpfox::isUser() ? Phpfox::getUserBy('user_group_id') : 0)));
     if (!($aMenus = $oCache->get($sCachedId)) && is_bool($aMenus) && !$aMenus) {
         $aParts = explode('.', $sConnection);
         $aMenus1 = $this->_getMenu($sConnection);
         $aCached = array();
         foreach ($aMenus1 as $aMenu1) {
             $aCached[] = $aMenu1['menu_id'];
         }
         $aMenus2 = $this->_getMenu($aParts[0]);
         foreach ($aMenus2 as $iKey => $aMenu2) {
             if (in_array($aMenu2['menu_id'], $aCached)) {
                 unset($aMenus2[$iKey]);
             }
         }
         $aFinal = array_merge($aMenus1, $aMenus2);
         $aMenus = array();
         foreach ($aFinal as $aMenu) {
             // test if this menu points to a real location
             if (isset($aMenu['url']) && !empty($aMenu['url']) && strpos($aMenu['url'], 'http') !== false) {
                 $aMenu['external'] = true;
             } else {
                 if (isset($aMenu['url']) && $aMenu['url'] == '#') {
                     $aMenu['no_link'] = true;
                 }
             }
             // $aChildren1 = array();
             if ($aMenu['parent_id'] > 0) {
                 continue;
             }
             /*
             				if ($aMenu['m_connection'] == 'main' || $aMenu['m_connection'] == 'main_right' || $aMenu['m_connection'] == 'application')
             				{
             					$aChildParts = explode('.', $aMenu['url']);
             					$aChildren1 = $this->_getMenu('', $aMenu['menu_id']);												
             				}
             				
             				$aMenu['children'] = $aChildren1;
             * 
             */
             $aMenus[$aMenu['menu_id']] = $aMenu;
         }
         $aParents = Phpfox_Database::instance()->select('m.menu_id, m.parent_id, m.m_connection, m.var_name, m.disallow_access, mo.module_id AS module, m.url_value AS url, mo.is_active AS module_is_active')->from(Phpfox::getT('menu'), 'm')->join(Phpfox::getT('module'), 'mo', 'mo.module_id = m.module_id AND mo.is_active = 1')->join(Phpfox::getT('product'), 'p', 'm.product_id = p.product_id AND p.is_active = 1')->where("m.parent_id > 0 AND m.is_active = 1")->order('m.ordering ASC')->execute('getRows');
         if (count($aParents)) {
             foreach ($aParents as $aParent) {
                 if (!isset($aMenus[$aParent['parent_id']])) {
                     continue;
                 }
                 if (isset($aParent['url']) && $aParent['url'] == 'profile.designer' && Phpfox::getUserParam('profile.can_custom_design_own_profile') == false) {
                     continue;
                 }
                 $aMenus[$aParent['parent_id']]['children'][] = $aParent;
             }
         }
         if ($sPlugin = Phpfox_Plugin::get('template_template_getmenu_2')) {
             eval($sPlugin);
         }
         $oCache->save($sCachedId, $aMenus);
     }
     if (isset($this->_aMenus[$sConnection])) {
         $aMenus = [$this->_aMenus[$sConnection]];
     }
     if (!is_array($aMenus)) {
         return array();
     }
     if ($sConnection == 'main' && Phpfox::isUser()) {
         $aUserMenusCache = array();
         $sUserMenuCache = Phpfox::getLib('cache')->set(array('user', 'nbselectname_' . Phpfox::getUserId()));
         if (!($aUserMenusCache = Phpfox::getLib('cache')->get($sUserMenuCache))) {
             $aUserMenus = Phpfox_Database::instance()->select('*')->from(Phpfox::getT('theme_umenu'))->where('user_id = ' . (int) Phpfox::getUserId())->execute('getSlaveRows');
             foreach ((array) $aUserMenus as $aUserMenu) {
                 $aUserMenusCache[$aUserMenu['menu_id']] = true;
             }
             Phpfox::getLib('cache')->save($sUserMenuCache, $aUserMenusCache);
         }
     }
     foreach ($aMenus as $iKey => $aMenu) {
         if (substr($aMenu['url'], 0, 1) == '#') {
             $aMenus[$iKey]['css_name'] = 'js_core_menu_' . str_replace('#', '', str_replace('-', '_', $aMenu['url']));
         }
         if (($aMenu['url'] == 'ad' || $aMenu['url'] == 'ad.index') && !Phpfox::getUserParam('ad.can_create_ad_campaigns')) {
             unset($aMenus[$iKey]);
             continue;
         }
         if ($aMenu['url'] == 'mail.compose' && Phpfox::getUserParam('mail.restrict_message_to_friends') && !Phpfox::isModule('friend')) {
             unset($aMenus[$iKey]);
             continue;
         }
         if (isset($aUserMenusCache[$aMenu['menu_id']])) {
             $aMenus[$iKey]['is_force_hidden'] = true;
         }
         /*
         			if (Phpfox::isModule('pages') && (Phpfox::getService('pages')->isViewMode() || defined('PHPFOX_IS_PAGES_VIEW')) && $aMenu['url'] == 'photo.add')
         			{
         				$aPage = Phpfox::getService('pages')->getPage();
         
         				$aMenus[$iKey]['url'] = 'photo.add.module_pages.item_' . $aPage['page_id'];
         			}
         */
         // Bug: http://www.phpfox.com/tracker/view/14383/
         if (defined('PHPFOX_IS_PAGES_VIEW')) {
             if (Phpfox::isModule('pages') && $aMenu['url'] == 'blog.add') {
                 $iPage = $this->_aVars['aPage']['page_id'];
                 $aMenus[$iKey]['url'] = 'blog.add.module_pages.item_' . $iPage;
             }
             if (Phpfox::isModule('pages') && $aMenu['url'] == 'event.add') {
                 $iPage = $this->_aVars['aPage']['page_id'];
                 $aMenus[$iKey]['url'] = 'event.add.module_pages.item_' . $iPage;
             }
             if (Phpfox::isModule('pages') && $aMenu['url'] == 'music.add') {
                 $iPage = $this->_aVars['aPage']['page_id'];
                 $aMenus[$iKey]['url'] = 'music.add.module_pages.item_' . $iPage;
             }
             if (Phpfox::isModule('pages') && $aMenu['url'] == 'video.add') {
                 $iPage = $this->_aVars['aPage']['page_id'];
                 $aMenus[$iKey]['url'] = 'video.add.module_pages.item_' . $iPage;
             }
             if (Phpfox::isModule('pages') && $aMenu['url'] == 'photo.add') {
                 $iPage = $this->_aVars['aPage']['page_id'];
                 $aMenus[$iKey]['url'] = 'photo.add.module_pages.item_' . $iPage;
             }
         }
         if ($aMenu['url'] == $oReq->get('req1') || empty($aMenu['url']) && $oReq->get('req1') == PHPFOX_MODULE_CORE || $this->_sUrl !== null && $this->_sUrl == $aMenu['url'] || str_replace('/', '.', $oReq->get('req1') . $oReq->get('req2')) == str_replace('.', '', $aMenu['url'])) {
             $aMenus[$iKey]['is_selected'] = true;
         }
         if ($aMenu['url'] == 'admincp') {
             if (!Phpfox::isAdmin()) {
                 unset($aMenus[$iKey]);
                 continue;
             }
         } else {
             if (!empty($aMenu['disallow_access'])) {
                 $aUserGroups = unserialize($aMenu['disallow_access']);
                 if (in_array(Phpfox::getUserBy('user_group_id'), $aUserGroups)) {
                     unset($aMenus[$iKey]);
                     continue;
                 }
             }
             if (isset($aMenu['children']) && is_array($aMenu['children'])) {
                 foreach ($aMenu['children'] as $iChildMenuMain => $aChildMenuMain) {
                     if (!empty($aChildMenuMain['disallow_access'])) {
                         $aUserGroups = unserialize($aChildMenuMain['disallow_access']);
                         if (in_array(Phpfox::getUserBy('user_group_id'), $aUserGroups)) {
                             unset($aMenus[$iKey]['children'][$iChildMenuMain]);
                             //break;
                         }
                     }
                 }
             }
         }
         if (isset($this->_aNewUrl[$sConnection])) {
             $aMenus[$iKey]['url'] = $this->_aNewUrl[$sConnection][0] . '.' . implode('.', $this->_aNewUrl[$sConnection][1]) . '.' . $aMenu['url'];
         }
         if (isset($this->_aRemoveUrl[$sConnection][$aMenu['url']])) {
             unset($aMenus[$iKey]);
             continue;
         }
         if ($sConnection == 'explore') {
             $aMenus[$iKey]['module_image'] = $this->getStyle('image', 'module/' . $aMenu['module'] . '.png');
             if (!file_exists(str_replace(Phpfox::getParam('core.path'), PHPFOX_DIR, $aMenus[$iKey]['module_image']))) {
                 unset($aMenus[$iKey]['module_image']);
             }
         }
         if (isset($aMenu['children'])) {
             foreach ($aMenu['children'] as $iChildKey => $aChild) {
                 if ($aChild['m_connection'] == 'video.index' && $aChild['url'] == 'video.upload' && !Phpfox::getParam('video.allow_video_uploading')) {
                     unset($aMenus[$iKey]['children'][$iChildKey]);
                 }
             }
         }
     }
     return $aMenus;
 }
Example #14
0
 /**
  * Shows the "pop up" when denying a user from the adminCP
  */
 public function showDenyUser()
 {
     Phpfox::isAdmin(true);
     $iUser = (int) $this->get('iUser');
     Phpfox::getBlock('user.admincp.denyUser', array('iUser' => $iUser));
 }
Example #15
0
 public function isAdmin()
 {
     return \Phpfox::isAdmin();
 }
Example #16
0
 * Route to view a video
 */
(new Core\Route('/videos/:id'))->where([':id' => '([0-9]+)'])->run(function (\Core\Controller $Controller, $id) {
    // Get the feed based on the ID#
    $video = (new Api\Feed())->get($id);
    // Use the Link service to get the current HTML embed code
    $response = Link_Service_Link::instance()->getLink($video->content->url);
    $video->html = $response['embed_code'];
    // Set the pages section, title and h1 based on the video details
    $Controller->title($video->content->title)->section('Videos', '/videos')->h1($video->content->title, '/videos/' . $video->id);
    // Render the page
    return $Controller->render('view.html', ['video' => $video, 'videoId' => $id]);
});
/**
 * Load all the videos
 */
(new Core\Route('/videos'))->run(function (\Core\Controller $Controller) {
    $Controller->title('Videos')->section('Videos', '/videos')->asset('@static/jquery/plugin/jquery.mosaicflow.min.js');
    $videos = (new Api\Feed())->get(['type_id' => 'PHPfox_VideoFeed', 'limit' => 20]);
    return $Controller->render('index.html', ['videos' => $videos]);
});
new Core\Route('/videos/delete/:id', function (\Core\Controller $controller, $id) {
    \Phpfox::isAdmin(true);
    $video = (new Api\Feed())->get($id);
    if (!isset($video->id)) {
        return false;
    }
    (new Core\Db())->delete(':feed', ['feed_id' => (int) $id]);
    \Phpfox::addMessage(_p('Video successfully deleted!'));
    $controller->url->send('/videos');
});
Example #17
0
  public function __construct()
  {
      $Template = \Phpfox_Template::instance();
      $this->_loader = new View\Loader();
      $dir = $Template->theme()->get()->getPath() . 'html';
      if (is_dir($dir)) {
          $this->_loader->addPath($dir, 'Theme');
      }
      $this->_loader->addPath(PHPFOX_DIR . 'theme/default/html', 'Theme');
      $this->_loader->addPath(PHPFOX_DIR . 'views', 'Base');
      $this->_env = new View\Environment($this->_loader, array('cache' => defined('PHPFOX_IS_TECHIE') && PHPFOX_IS_TECHIE || defined('PHPFOX_NO_TEMPLATE_CACHE') ? false : PHPFOX_DIR_FILE . 'cache/twig/', 'autoescape' => false));
      $this->_env->setBaseTemplateClass('Core\\View\\Base');
      $this->_env->addFunction(new \Twig_SimpleFunction('url', function ($url, $params = []) {
          return \Phpfox_Url::instance()->makeUrl($url, $params);
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('is_user', function () {
          return \Phpfox::isUser();
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('is_admin', function () {
          return \Phpfox::isAdmin();
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('setting', function () {
          return call_user_func_array('setting', func_get_args());
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('user', function () {
          return call_user_func_array('user', func_get_args());
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('phrase', function () {
          return call_user_func_array('phrase', func_get_args());
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('comments', function () {
          \Phpfox::getBlock('feed.comment');
          return '';
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('payment', function ($params) {
          $params = new \Core\Object($params);
          \Phpfox::getBlock('api.gateway.form', ['gateway_data' => ['item_number' => '@App/' . $params->callback . '|' . $params->id, 'currency_code' => 'USD', 'amount' => $params->amount, 'item_name' => $params->name, 'return' => $params->return, 'recurring' => '', 'recurring_cost' => '', 'alternative_cost' => '', 'alternative_recurring_cost' => '']]);
          return '';
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('pager', function () {
          $u = \Phpfox_Url::instance();
          if (!isset($_GET['page'])) {
              $_GET['page'] = 1;
          }
          $_GET['page']++;
          $u->setParam('page', $_GET['page']);
          $url = $u->current();
          $html = '
		<div class="js_pager_view_more_link">
			<a href="' . $url . '" class="next_page">
				<i class="fa fa-spin fa-circle-o-notch"></i>
				<span>View More</span>
			</a>
		</div>
	';
          return $html;
      }));
      $this->_env->addFunction(new \Twig_SimpleFunction('_p', function () {
          return call_user_func_array('_p', func_get_args());
      }));
  }
Example #18
0
 public function updateCompare($aVals)
 {
     Phpfox::isAdmin(true);
     $oParse = Phpfox::getLib('parse.input');
     // 1. Delete every record we have
     $this->database()->query('TRUNCATE ' . Phpfox::getT('subscribe_compare'));
     $iEmpty = 0;
     // 2. Go through each of the features
     foreach ($aVals as $aRow) {
         $aValue = array();
         // 2.1 Go through each of the packages
         foreach ($aRow['package'] as $iPackageId => $aValues) {
             if ($aValues['radio'] > 0) {
                 $aValue[] = array('package_id' => $iPackageId, 'value' => $aValues['radio'] == 1 ? 'img_accept.png' : 'img_cross.png');
             } else {
                 if (!empty($aValues['text'])) {
                     $aValue[] = array('package_id' => $iPackageId, 'value' => $oParse->clean($aValues['text']));
                 }
             }
         }
         // 3. Insert this row
         if (!empty($aValue)) {
             // 3.1 if the title is empty then add our magic title to hide it
             if (empty($aRow['title'])) {
                 $aRow['title'] = 'no-feature-title-' . $iEmpty;
                 $iEmpty++;
             }
             // 3.2 insert!
             $this->database()->insert(Phpfox::getT('subscribe_compare'), array('feature_title' => $oParse->clean($aRow['title']), 'feature_value' => json_encode($aValue)));
         }
     }
     return true;
 }
Example #19
0
 public function removeCoverPhoto($iPageId)
 {
     if (!Phpfox::isAdmin()) {
         $bIsAdmin = $this->database()->select('user_id')->from(Phpfox::getT('pages_admin'))->where('page_id = ' . (int) $iPageId . ' AND user_id = ' . Phpfox::getUserId())->execute('getSlaveField');
         if (empty($bIsAdmin)) {
             return Phpfox_Error::set('User is not an admin');
         }
     }
     $this->database()->update(Phpfox::getT('pages'), array('cover_photo_id' => '', 'cover_photo_position' => ''), 'page_id = ' . (int) $iPageId);
     return true;
 }
Example #20
0
 public function canRemoveEntryFromWinningList($iEntryId, $iUserId)
 {
     $aEntry = Phpfox::getService('contest.entry')->getEntryForCheckingPermission($iEntryId);
     if (!$aEntry) {
         return false;
     }
     if (!$this->canViewBrowseContest($aEntry['contest_id'], $iUserId)) {
         return false;
     }
     $aContest = Phpfox::getService('contest.contest')->getContestForCheckingPermission($aEntry['contest_id']);
     if ($iUserId != $aContest['user_id'] && !Phpfox::isAdmin()) {
         return false;
     }
     if (!in_array($aContest['contest_status'], array(Phpfox::getService('contest.constant')->getContestStatusIdByStatusName('closed')))) {
         return false;
     }
     if (!Phpfox::getService("contest.entry")->CheckExistEntryWinning($iEntryId)) {
         return false;
     }
     return true;
 }
Example #21
0
	/**
	 * Class process method wnich is used to execute this component.
	 */
	public function process()
	{
		Phpfox::isUser(true);		
		
		header("Cache-Control: no-cache, must-revalidate");
		header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");		
		
		list($bIsRegistration, $sNextUrl) = $this->url()->isRegistration(3);
		(($sPlugin = Phpfox_Plugin::get('user.component_controller_photo_1')) ? eval($sPlugin) : false);

		$bIsProcess = false;		
		if ($this->request()->get('req3') == 'process')
		{
			if (($sStep = $this->request()->get('step')))
			{
				$bIsProcess = true;
				$aCacheImage = unserialize(base64_decode(urldecode($sStep)));
			}
		}
		(($sPlugin = Phpfox_Plugin::get('user.component_controller_photo_2')) ? eval($sPlugin) : false);
		if ($aVals = $this->request()->getArray('val'))
		{
			$aImage = Phpfox::getLib('file')->load('image', array('jpg', 'gif', 'png'), (Phpfox::getUserParam('user.max_upload_size_profile_photo') === 0 ? null : (Phpfox::getUserParam('user.max_upload_size_profile_photo') / 1024)));
			
			if (!empty($aImage['name']))
			{
				$iUserId = Phpfox::getUserId();
				if (isset($aVals['is_iframe']) && Phpfox::isAdmin())
				{
					$iUserId = (int) $aVals['user_id'];	
				}
				
				if (($aImage = Phpfox::getService('user.process')->uploadImage($iUserId, (isset($aVals['is_iframe']) ? true : (Phpfox::getUserParam('user.force_cropping_tool_for_photos') ? false : true)))) !== false)
				{				
					if (isset($aVals['is_iframe']))
					{
						$sImage = Phpfox::getLib('image.helper')->display(array(
								'server_id' => $aImage['server_id'],
								'path' => 'core.url_user',
								'file' => $aImage['user_image'],
								'suffix' => '_75',
								'max_width' => 75,
								'max_height' => 75,
								'thickbox' => true,
								'time_stamp' => true								
							)
						);
						
						echo "<script type=\"text/javascript\">window.parent.document.getElementById('js_user_photo_" . $iUserId . "').innerHTML = '{$sImage}'; window.parent.tb_remove();</script>";
						exit;
					}
					else 
					{				
						if (Phpfox::getUserParam('user.force_cropping_tool_for_photos'))
						{					
							$this->url()->send('user.photo.process', array('step' => urlencode(base64_encode(serialize($aImage)))));
						}
						else 
						{
							if ($bIsRegistration === true)
							{
								$this->url()->send($sNextUrl, null, Phpfox::getPhrase('user.profile_photo_successfully_uploaded'));
							}
							else 
							{
								$this->url()->send('user.photo', null, Phpfox::getPhrase('user.profile_photo_successfully_uploaded'));
							}
						}						
					}
				}			
			}
		}
		
		if (isset($aVals['is_iframe']))
		{
			exit;
		}		
		
		$sImage = Phpfox::getLib('image.helper')->display(array(
				'server_id' => Phpfox::getUserBy('server_id'),
				'title' => Phpfox::getUserBy('full_name'),
				'path' => 'core.url_user',
				'file' => ($bIsProcess === true ? $aCacheImage['user_image'] : Phpfox::getUserBy('user_image')),
				'suffix' => '',
				'max_width' => 500,
				'max_height' => 500,
				'no_default' => true,
				'time_stamp' => true,
				'id' => 'user_profile_photo',				
				'class' => 'border'
			)
		);
		
		$sImageThumb = Phpfox::getLib('image.helper')->display(array(
				'server_id' => Phpfox::getUserBy('server_id'),
				'title' => Phpfox::getUserBy('full_name'),
				'path' => 'core.url_user',
				'file' => Phpfox::getUserBy('user_image'),
				'suffix' => '_120',
				'max_width' => 120,
				'max_height' => 120,
				'no_default' => true,
				'time_stamp' => true,
				'class' => 'border'	
			)
		);		
		
		$sImageAvatar = Phpfox::getLib('image.helper')->display(array(
				'server_id' => Phpfox::getUserBy('server_id'),
				'title' => Phpfox::getUserBy('full_name'),
				'path' => 'core.url_user',
				'file' => Phpfox::getUserBy('user_image'),
				'suffix' => '_75_square',
				'max_width' => 75,
				'max_height' => 75,
				'no_default' => true,
				'time_stamp' => true,
				'class' => 'border'
			)
		);		
		
		$sPageTitle = ($bIsRegistration ? Phpfox::getPhrase('user.upload_profile_picture') : Phpfox::getPhrase('user.edit_profile_picture'));		
		(($sPlugin = Phpfox_Plugin::get('user.component_controller_photo_3')) ? eval($sPlugin) : false);
		$this->template()->setTitle($sPageTitle)
			->setBreadcrumb($sPageTitle)
			->setFullSite()
			->setPhrase(array(
					'core.select_a_file_to_upload'
				)
			)				
			->setHeader(array(
					'progress.js' => 'static_script',
					'<script type="text/javascript">$Behavior.changeUserPhoto = function(){ if ($Core.exists(\'#js_photo_form_holder\')) { oProgressBar = {holder: \'#js_photo_form_holder\', progress_id: \'#js_progress_bar\', uploader: \'#js_progress_uploader\', add_more: false, max_upload: 1, total: 1, frame_id: \'js_upload_frame\', file_id: \'image\'}; $Core.progressBarInit(); } }</script>'					
				)
			)
			->assign(array(
					'sProfileImage' => $sImage,
					'sImageThumb' => $sImageThumb,
					'sImageAvatar' => $sImageAvatar,
					'sProfileImage2' => str_replace('id="user_profile_photo"', 'id="js_profile_photo_preview"', $sImage),
					'bIsRegistration' => $bIsRegistration,
					'sNextUrl' => $this->url()->makeUrl($sNextUrl),
					'bIsProcess' => $bIsProcess,
					'sCacheImage' => ($bIsProcess ? $aCacheImage['user_image'] : ''),
					'iMaxFileSize' => (Phpfox::getUserParam('user.max_upload_size_profile_photo') === 0 ? null : ((Phpfox::getUserParam('user.max_upload_size_profile_photo') / 1024) * 1048576))
				)
			);
		
		if ((Phpfox::getUserBy('user_image') && !empty($sImage)) || ($bIsProcess === true && !empty($sImage)))
		{
			if (Phpfox::getParam('core.allow_cdn') && Phpfox::getUserBy('server_id') > 0)
			{
				preg_match("/src=\"(.*?)\"/", $sImage, $aMatches);

				list($iWidth, $iHeight) = getimagesize($aMatches[1]);				
			}	
			else
			{		
				preg_match("/height=\"(.*?)\" width=\"(.*?)\"/", $sImage, $aMatches);			
				$iHeight = $aMatches[1];
				$iWidth = $aMatches[2];
			}
			$this->template()->setHeader('cache', array(
						'jquery/plugin/jquery.crop.js' => 'static_script',
						'<script type="text/javascript">$Core.photo_crop.init({width: 75, height: 75, image_width: ' . $iWidth . ', image_height: ' . $iHeight . '});</script>'		
					)
				)		
				->assign(array(
						'iImageHeight' => $iHeight,
						'iImageWidth' => $iWidth
					)
				);
		}
	}
Example #22
0
 public function deleteByValue($sType, $sValue)
 {
     Phpfox::isAdmin(true);
     $this->database()->delete($this->_sTable, 'type_id = \'' . $this->database()->escape($sType) . '\' AND find_value = \'' . $this->database()->escape($sValue) . '\'');
     $this->cache()->remove('ban', 'substr');
     return true;
 }
Example #23
0
 public function countForSearch($sType, $sView)
 {
     $iType = Phpfox::getService('contest.constant')->getContestTypeIdByTypeName($sType);
     $sCond = 'c.is_deleted = 0 AND c.type = ' . $iType;
     switch ($sView) {
         case 'my_entries':
             $sCond .= ' AND e.user_id = ' . Phpfox::getUserId();
             break;
         case 'pending_entries':
             $sCond .= ' AND e.status = 0';
             if (!Phpfox::isAdmin()) {
                 $sCond .= ' AND c.user_id = ' . Phpfox::getUserId();
             }
             break;
     }
     $iCnt = $this->database()->select('COUNT(*)')->from($this->_sTable, 'e')->join(Phpfox::getT('contest'), 'c', 'c.contest_id = e.contest_id')->join(Phpfox::getT('user'), 'u', 'u.user_id = e.user_id')->where($sCond)->execute('getSlaveField');
     return $iCnt;
 }
Example #24
0
 public function updateNote($sNote)
 {
     Phpfox::isAdmin(true);
     $this->database()->update(Phpfox::getT('setting'), array('value_actual' => $this->preParse()->clean($sNote)), 'module_id = \'core\' AND var_name = \'global_admincp_note\'');
     $this->cache()->remove('admincp_note');
 }
Example #25
0
 /**
  * This function is called from an ajax function in the AdminCP to dis/enabling a sponsored campaign.
  * 
  * @param int $iId
  * @param int $iType
  * @return bool TRUE on success, FALSE on failure.
  */
 public function updateSponsorActivity($iId, $iType)
 {
     Phpfox::isUser(true);
     // get the item to check for ownership
     $aAd = $this->database()->select('user_id, item_id, module_id')->from(Phpfox::getT('ad_sponsor'))->where('sponsor_id = ' . (int) $iId)->execute('getSlaveRow');
     $iUser = $aAd['user_id'];
     $bIsOwner = $iUser == Phpfox::getUserId();
     if ($bIsOwner || Phpfox::isAdmin()) {
         if ($iType == '1') {
             if (!defined('PHPFOX_API_CALLBACK')) {
                 define('PHPFOX_API_CALLBACK', true);
             }
             $sModule = $aAd['module_id'];
             $sSection = '';
             if (strpos($sModule, '-') !== false) {
                 $aModule = explode('-', $sModule);
                 $sModule = $aModule[0];
                 $sSection = $aModule[1];
             }
             Phpfox::callback($sModule . '.enableSponsor', array('item_id' => $aAd['item_id'], 'section' => $sSection));
         }
         $this->database()->update(Phpfox::getT('ad_sponsor'), array('is_custom' => $iType == 1 ? '3' : '2', 'is_active' => (int) ($iType == '1' ? 1 : 0)), 'sponsor_id = ' . (int) $iId);
         $this->cache()->remove('ad', 'substr');
         return true;
     } else {
         return Phpfox_Error::set('You cant do that... ');
     }
 }
Example #26
0
             if ($time <= $old) {
                 continue;
             }
             $total++;
             $blogs .= '<li style="padding-bottom: 10px;"><a href="' . $item->link . '">' . $item->title . '</a><div class="extra_info">' . \Phpfox::getLib('date')->convertTime($time) . '</div></li>';
         }
         // }
     }
     $blogs .= '</ul>';
     if (!$total) {
         return;
     }
     echo $blogs;
 });
 new Route('/admincp', function (Controller $controller) {
     if (!\Phpfox::isAdmin()) {
         return '';
     }
     $token = setting('pf_wp_d_token');
     if (!$token) {
         $token = md5(uniqid());
         $app = (new App())->get('PHPfox_Wordpress_Discuss');
         $setting = new Setting\Service($app);
         $setting->save(['pf_wp_d_token' => $token]);
     }
     return $controller->render('admincp.html', ['hookUrl' => $controller->url->make('/wordpress-discuss/new-post/' . $token)]);
 });
 new Route('/new-post/:token', function (Controller $controller, $token) {
     $tokenSetting = setting('pf_wp_d_token');
     if (empty($tokenSetting)) {
         throw error('Token has not been created yet.');
Example #27
0
 /**
  * Starts the phpFox engine. Used to get and display the pages controller.
  *
  */
 public static function run()
 {
     if (isset($_REQUEST['m9callback'])) {
         header('Content-type: application/json');
         try {
             $Home = new Core\Home(PHPFOX_LICENSE_ID, PHPFOX_LICENSE_KEY);
             $callback = $_REQUEST['m9callback'];
             unset($_GET['m9callback'], $_GET['do']);
             if (!$_GET) {
                 $_GET = [];
             }
             echo json_encode(call_user_func([$Home, $callback], $_GET));
         } catch (\Exception $e) {
             // throw new \Exception($e->getMessage(), 0, $e);
             echo json_encode(['error' => $e->getMessage()]);
         }
         exit;
     }
     $oTpl = Phpfox_Template::instance();
     $aLocale = Phpfox_Locale::instance()->getLang();
     $oReq = Phpfox_Request::instance();
     $oModule = Phpfox_Module::instance();
     if ($oReq->segment(1) == 'favicon.ico') {
         header('Content-type: image/x-icon');
         echo file_get_contents('http://www.phpfox.com/favicon.ico');
         exit;
     }
     $aStaticFolders = ['file', 'static', 'module', 'apps', 'Apps', 'themes'];
     if (in_array($oReq->segment(1), $aStaticFolders) || $oReq->segment(1) == 'theme' && $oReq->segment(2) != 'demo' && $oReq->segment(1) == 'theme' && $oReq->segment(2) != 'sample') {
         $sUri = Phpfox_Url::instance()->getUri();
         if ($sUri == '/static/ajax.php') {
             $oAjax = Phpfox_Ajax::instance();
             $oAjax->process();
             echo $oAjax->getData();
             exit;
         }
         if (Phpfox::getParam('core.url_rewrite') == '1') {
             header("HTTP/1.0 404 Not Found");
             header('Content-type: application/json');
             echo json_encode(['error' => 404]);
             exit;
         }
         $HTTPCache = new Core\HTTP\Cache();
         $HTTPCache->checkCache();
         $sDir = PHPFOX_DIR;
         if ($oReq->segment(1) == 'Apps' || $oReq->segment(1) == 'apps' || $oReq->segment(1) == 'themes') {
             $sDir = PHPFOX_DIR_SITE;
         }
         $sPath = $sDir . ltrim($sUri, '/');
         if ($oReq->segment(1) == 'themes' && $oReq->segment(2) == 'default') {
             $sPath = PHPFOX_DIR . str_replace('themes/default', 'theme/default', $sUri);
         }
         if ($oReq->segment(3) == 'emoticon') {
             $sPath = str_replace('/file/pic/emoticon/default/', PHPFOX_DIR . 'static/image/emoticon/', $sUri);
         }
         $sType = Phpfox_File::instance()->mime($sUri);
         $sExt = Phpfox_File::instance()->extension($sUri);
         if (!file_exists($sPath)) {
             $sPath = str_replace('PF.Base', 'PF.Base/..', $sPath);
             // header('Content-type: ' . $sType);
             if (!file_exists($sPath)) {
                 header("HTTP/1.0 404 Not Found");
                 header('Content-type: application/json');
                 echo json_encode(['error' => 404]);
                 exit;
             }
         }
         // header('Content-type: ' . $sType);
         $HTTPCache->cache($sType, filemtime($sPath), 7);
         if ($oReq->segment(1) == 'themes') {
             $Theme = $oTpl->theme()->get();
             $Service = new Core\Theme\Service($Theme);
             if ($sType == 'text/css') {
                 echo $Service->css()->getParsed();
             } else {
                 echo $Service->js()->get();
             }
         } else {
             echo @file_get_contents($sPath);
         }
         exit;
     }
     ($sPlugin = Phpfox_Plugin::get('run_start')) ? eval($sPlugin) : false;
     // Load module blocks
     $oModule->loadBlocks();
     if (!Phpfox::getParam('core.branding')) {
         $oTpl->setHeader(array('<meta name="author" content="PHPfox" />'));
     }
     if (strtolower(Phpfox_Request::instance()->get('req1')) == Phpfox::getParam('admincp.admin_cp')) {
         self::$_bIsAdminCp = true;
     }
     $View = $oModule->setController();
     if ($View instanceof Core\View) {
     } else {
         if (!self::$_bIsAdminCp) {
             $View = new Core\View();
         }
     }
     if (!PHPFOX_IS_AJAX_PAGE) {
         $oTpl->setImage(array('ajax_small' => 'ajax/small.gif', 'ajax_large' => 'ajax/large.gif', 'loading_animation' => 'misc/loading_animation.gif', 'close' => 'misc/close.gif', 'move' => 'misc/move.png', 'calendar' => 'jquery/calendar.gif'));
         $oTpl->setHeader(array('<meta name="viewport" content="width=320; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;" />', '<meta http-equiv="Content-Type" content="text/html; charset=' . $aLocale['charset'] . '" />', '<meta http-equiv="cache-control" content="no-cache" />', '<meta http-equiv="expires" content="-1" />', '<meta http-equiv="pragma" content="no-cache" />', '<link rel="shortcut icon" type="image/x-icon" href="' . Phpfox::getParam('core.path') . 'favicon.ico?v=' . $oTpl->getStaticVersion() . '" />'))->setMeta('keywords', Phpfox_Locale::instance()->convert(Phpfox::getParam('core.keywords')))->setMeta('robots', 'index,follow');
         $oTpl->setHeader('cache', Phpfox::getMasterFiles());
         if (Phpfox::isModule('friend')) {
             $oTpl->setPhrase(array('friend.show_more_results_for_search_term'));
         }
         if (PHPFOX_DEBUG) {
             $oTpl->setHeader('cache', array('debug.css' => 'style_css'));
         }
         if (!Phpfox::isMobile() && Phpfox::isUser() && Phpfox::getParam('user.enable_user_tooltip')) {
             $oTpl->setHeader('cache', array('user_info.js' => 'static_script'));
         }
         if (Phpfox::isModule('captcha') && Phpfox::getParam('captcha.recaptcha')) {
             // http://www.phpfox.com/tracker/view/14456/
             $sUrl = (Phpfox::getParam('core.force_https_secure_pages') ? 'https' : 'http') . "://www.google.com/recaptcha/api/js/recaptcha_ajax.js";
             $oTpl->setHeader('<script type="text/javascript" src="' . $sUrl . '"></script>');
         }
     }
     if ($sPlugin = Phpfox_Plugin::get('get_controller')) {
         eval($sPlugin);
     }
     $oTpl->assign(['aGlobalUser' => Phpfox::isUser() ? Phpfox::getUserBy(null) : array()]);
     $oModule->getController();
     Phpfox::getService('admincp.seo')->setHeaders();
     if (!defined('PHPFOX_DONT_SAVE_PAGE')) {
         Phpfox::getLib('session')->set('redirect', Phpfox_Url::instance()->getFullUrl(true));
     }
     if (!defined('PHPFOX_NO_CSRF')) {
         Phpfox::getService('log.session')->verifyToken();
     }
     ($sPlugin = Phpfox_Plugin::get('run')) ? eval($sPlugin) : false;
     if (!self::isAdminPanel()) {
         if (!Phpfox::isMobile() && !PHPFOX_IS_AJAX_PAGE && Phpfox::isModule('rss') && !defined('PHPFOX_IS_USER_PROFILE')) {
             $aFeeds = Phpfox::getService('rss')->getLinks();
             if (is_array($aFeeds) && count($aFeeds)) {
                 foreach ($aFeeds as $sLink => $sPhrase) {
                     $oTpl->setHeader('<link rel="alternate" type="application/rss+xml" title="' . $sPhrase . '" href="' . $sLink . '" />');
                 }
             }
         }
         $aPageLastLogin = Phpfox::isModule('pages') && Phpfox::getUserBy('profile_page_id') ? Phpfox::getService('pages')->getLastLogin() : false;
         $oTpl->assign(array('aMainMenus' => $oTpl->getMenu('main'), 'aSubMenus' => $oTpl->getMenu(), 'bIsUsersProfilePage' => defined('PHPFOX_IS_USER_PROFILE') ? true : false, 'sGlobalUserFullName' => Phpfox::isUser() ? Phpfox::getUserBy('full_name') : null, 'sFullControllerName' => str_replace(array('.', '/'), '_', Phpfox_Module::instance()->getFullControllerName()), 'iGlobalProfilePageId' => Phpfox::getUserBy('profile_page_id'), 'aGlobalProfilePageLogin' => $aPageLastLogin));
         $oTpl->setEditor();
         if (Phpfox::isModule('captcha')) {
             $sCaptchaHeader = Phpfox::getParam('captcha.recaptcha_header');
             if (strlen(preg_replace('/\\s\\s+/', '', $sCaptchaHeader)) > 0) {
                 $oTpl->setHeader(array($sCaptchaHeader));
             }
         }
         if (Phpfox::isModule('notification') && Phpfox::isUser() && Phpfox::getParam('notification.notify_on_new_request')) {
             $oTpl->setHeader('cache', array('update.js' => 'module_notification'));
         }
     }
     if (!PHPFOX_IS_AJAX_PAGE && ($sHeaderFile = $oTpl->getHeaderFile())) {
         ($sPlugin = Phpfox_Plugin::get('run_get_header_file_1')) ? eval($sPlugin) : false;
         require_once $sHeaderFile;
     }
     list($aBreadCrumbs, $aBreadCrumbTitle) = $oTpl->getBreadCrumb();
     $oTpl->assign(array('aErrors' => Phpfox_Error::getDisplay() ? Phpfox_Error::get() : array(), 'sPublicMessage' => Phpfox::getMessage(), 'sLocaleDirection' => $aLocale['direction'], 'sLocaleCode' => $aLocale['language_code'], 'sLocaleFlagId' => $aLocale['image'], 'sLocaleName' => $aLocale['title'], 'aBreadCrumbs' => $aBreadCrumbs, 'aBreadCrumbTitle' => $aBreadCrumbTitle, 'sCopyright' => '&copy; ' . Phpfox::getPhrase('core.copyright') . ' ' . Phpfox::getParam('core.site_copyright')));
     Phpfox::clearMessage();
     unset($_SESSION['phpfox']['image']);
     if (Phpfox::getParam('core.cron')) {
         require_once PHPFOX_DIR_CRON . 'exec.php';
     }
     if ($oReq->isPost()) {
         header('X-Is-Posted: true');
         exit;
     }
     if ($oReq->get('is_ajax_get')) {
         header('X-Is-Get: true');
         exit;
     }
     if (defined('PHPFOX_SITE_IS_OFFLINE')) {
         $oTpl->sDisplayLayout = 'blank';
         unset($View);
     }
     if (!PHPFOX_IS_AJAX_PAGE && $oTpl->sDisplayLayout && !isset($View) || !PHPFOX_IS_AJAX_PAGE && self::isAdminPanel()) {
         $oTpl->getLayout($oTpl->sDisplayLayout);
     }
     if (PHPFOX_IS_AJAX_PAGE) {
         header('Content-type: application/json; charset=utf-8');
         /*
         if (isset($View) && $View instanceof \Core\View) {
         	$content = $View->getContent();
         }
         else {
         	Phpfox_Module::instance()->getControllerTemplate();
         	$content = ob_get_contents(); ob_clean();
         }
         */
         if ($View instanceof \Core\View) {
             $content = $View->getContent();
         } else {
             Phpfox_Module::instance()->getControllerTemplate();
             $content = ob_get_contents();
             ob_clean();
         }
         $oTpl->getLayout('breadcrumb');
         $breadcrumb = ob_get_contents();
         ob_clean();
         $aHeaderFiles = Phpfox_Template::instance()->getHeader(true);
         $aCss = [];
         $aLoadFiles = [];
         foreach ($aHeaderFiles as $sHeaderFile) {
             if (!is_string($sHeaderFile)) {
                 continue;
             }
             if (preg_match('/<style(.*)>(.*)<\\/style>/i', $sHeaderFile)) {
                 $aCss[] = strip_tags($sHeaderFile);
                 continue;
             }
             if (preg_match('/href=(["\']?([^"\'>]+)["\']?)/', $sHeaderFile, $aMatches) > 0 && strpos($aMatches[1], '.css') !== false) {
                 $sHeaderFile = str_replace(array('"', "'"), '', $aMatches[1]);
                 $sHeaderFile = substr($sHeaderFile, 0, strpos($sHeaderFile, '?'));
             }
             $sHeaderFile = strip_tags($sHeaderFile);
             $sNew = preg_replace('/\\s+/', '', $sHeaderFile);
             if (empty($sNew)) {
                 continue;
             }
             $aLoadFiles[] = $sHeaderFile;
         }
         $blocks = [];
         foreach (range(1, 12) as $location) {
             if ($location == 3) {
                 echo \Phpfox_Template::instance()->getSubMenu();
             }
             $aBlocks = Phpfox_Module::instance()->getModuleBlocks($location);
             $blocks[$location] = [];
             foreach ($aBlocks as $sBlock) {
                 Phpfox::getBlock($sBlock);
                 $blocks[$location][] = ob_get_contents();
                 ob_clean();
             }
         }
         $oTpl->getLayout('search');
         $search = ob_get_contents();
         ob_clean();
         Phpfox::getBlock('core.template-menusub');
         $menuSub = ob_get_contents();
         ob_clean();
         $h1 = '';
         if (isset($aBreadCrumbTitle[1])) {
             $h1 .= '<h1><a href="' . $aBreadCrumbTitle[1] . '">' . Phpfox_Parse_Output::instance()->clean($aBreadCrumbTitle[0]) . '</a></h1>';
         }
         $oTpl->getLayout('error');
         $error = ob_get_contents();
         ob_clean();
         $controller = Phpfox_Module::instance()->getFullControllerName();
         $data = json_encode(['content' => str_replace(['&#039;'], ["'"], Phpfox_Parse_Input::instance()->convert($content)), 'title' => html_entity_decode($oTpl->instance()->getTitle()), 'phrases' => Phpfox_Template::instance()->getPhrases(), 'files' => $aLoadFiles, 'css' => $aCss, 'breadcrumb' => $breadcrumb, 'blocks' => $blocks, 'search' => $search, 'menuSub' => $menuSub, 'id' => Phpfox_Module::instance()->getPageId(), 'class' => Phpfox_Module::instance()->getPageClass(), 'h1' => $h1, 'h1_clean' => strip_tags($h1), 'error' => $error, 'controller_e' => Phpfox::isAdmin() ? Phpfox_Url::instance()->makeUrl('admincp.element.edit', ['controller' => base64_encode(Phpfox_Module::instance()->getFullControllerName())]) : null, 'meta' => Phpfox_Template::instance()->getPageMeta(), 'keep_body' => Phpfox_Template::instance()->keepBody()]);
         // header("Content-length: " . strlen($data));
         echo $data;
         // sleep(4);
     } else {
         if (isset($View)) {
             echo $View->getContent();
         }
     }
 }
Example #28
0
 /**
  * This function resembles $this->check but it also handles banning and is a more direct approach
  * and handles redirection and db insertion
  * This function is called in every Service as opposed to a Library mainly because there may be
  * cases where it becomes too restrictive
  * If the user groups affected is an empty array, it assumes that it affects every user group.
  * This function has been implemented in the following services
  *		- Blog.process (Add, update, updateBlogText, updateBlogTitle)
  *		- Bulletin.process (Add, update)
  *		- Comment.process (Add, updateText)
  *		- Event.process (Add, massEmail, update)
  *		- Forum.post.process (Add, update, updateText)
  *		- Forum.thread.process (Add, update)
  *		- Group.process (Add, update)
  *		- Im.process (addText)
  *		- Mail.process (Add)
  *		- Marketplace.process (Add, update)
  *		- Music.process (upload)
  *		- Music.album.process (add, update)
  *		- Music.genre.process (add, update)
  *		- Music.song.process (setName)
  *		- Newsletter.process (add)
  *		- Page.process (add)
  *		- Photo.process (add)
  *		- Photo.album.process (add, updateTitle)
  *		- Photo.category.process (add)
  *		- Photo.tag.process (add)
  *		- Poll.process (add, updateAnswer)
  *		- Quiz.process (add, update)
  *		- Share.process (add, sendEmails)
  *		- Shoutbox.process (add)
  *		- Video.process (update)
  *		- Video.category.process (add)
  *		- User.process (updateStatus:2.1.0 RC1)
  * @param string $sValue
  * @return false on fail. In some situations it doesnt help echo'ing here (comment)
  */
 public function checkAutomaticBan($sValue)
 {
     /* Extra protection for admins so they dont get banned automatically. */
     if (Phpfox::isAdmin() || empty($sValue)) {
         return true;
     }
     if (is_array($sValue)) {
         $sValue = $this->_flatten($sValue);
     }
     $aFilters = $this->database()->select('*')->from($this->_sTable)->where('type_id = "word"')->execute('getRows');
     foreach ($aFilters as $iKey => $aFilter) {
         $aUserGroupsAffected = unserialize($aFilter['user_groups_affected']);
         if (is_array($aUserGroupsAffected) && !empty($aUserGroupsAffected) && in_array(Phpfox::getUserBy('user_group_id'), $aUserGroupsAffected) == false) {
             continue;
         }
         $sFilter = '' . str_replace('&#42;', '*', $aFilter['find_value']) . '';
         //$sFilter = str_replace(array(' *', '* '),'*', $sFilter);
         $bBan = false;
         $sFilter = str_replace("/", "\\/", $sFilter);
         $sFilter = str_replace('&#42;', '*', $sFilter);
         if (preg_match('/\\*/i', $sFilter)) {
             $sFilter = str_replace(array('.', '*'), array('\\.', '(.*?)'), $sFilter);
             $bBan = preg_match('/' . $sFilter . '/is', $sValue);
         } else {
             $bBan = preg_match("/(\\W)" . $sFilter . "(\\W)/i", $sValue);
             if (!$bBan) {
                 $bBan = preg_match("/^" . $sFilter . "(\\W)/i", $sValue);
             }
             if (!$bBan) {
                 $bBan = preg_match("/(\\W)" . $sFilter . "\$/i", $sValue);
             }
             if (!$bBan) {
                 $bBan = preg_match("/^" . $sFilter . "\$/i", $sValue);
             }
         }
         if ($bBan) {
             if ($aFilter['days_banned'] === null) {
                 return true;
             }
             $this->database()->insert(Phpfox::getT('ban_data'), array('ban_id' => $aFilter['ban_id'], 'user_id' => Phpfox::getUserId(), 'start_time_stamp' => PHPFOX_TIME, 'end_time_stamp' => $aFilter['days_banned'] > 0 ? PHPFOX_TIME + $aFilter['days_banned'] * 86400 : 0, 'return_user_group' => $aFilter['return_user_group'], 'reason' => $aFilter['reason']));
             define('PHPFOX_USER_IS_BANNED', true);
             $aFilter['reason'] = str_replace('&#039;', "'", $aFilter['reason']);
             $sReason = preg_replace('/\\{phrase var=\'(.*)\'\\}/ise', "'' . Phpfox::getPhrase('\\1',array(), false, null, '" . Phpfox::getUserBy('language_id') . "') . ''", $aFilter['reason']);
             // Related to issue 14487 this is a "best guess" fallback
             $iUserGroupId = Phpfox::getParam('core.banned_user_group_id');
             if ($iUserGroupId == 0) {
                 $iUserGroupId = 5;
             }
             $this->database()->update(Phpfox::getT('user'), array('user_group_id' => $iUserGroupId), 'user_id = ' . (int) Phpfox::getUserId());
             Phpfox::getService('user.auth')->logout();
             if (defined('PHPFOX_IS_AJAX') && PHPFOX_IS_AJAX) {
                 echo 'alert("' . $sReason . '");';
                 echo 'window.location.reload(true);';
             } else {
                 Phpfox::getLib('url')->send('', array(), $sReason);
             }
             return false;
         }
     }
     return true;
 }
Example #29
0
 public function removeRewrite()
 {
     Phpfox::isAdmin(true);
     Phpfox::getService('core.redirect.process')->removeRewrite($this->get('id'));
 }
Example #30
0
 public function updateCoverPosition($iFeventId, $iPosition)
 {
     $aFevent = Phpfox::getService('fevent')->getForEdit($iFeventId);
     if (!isset($aFevent['fevent_id'])) {
         return false;
     }
     if ($aFevent['user_id'] != Phpfox::getUserId() && !Phpfox::isAdmin()) {
         return Phpfox_Error::set('User is not an admin');
     }
     $this->database()->update(Phpfox::getT('fevent'), array('cover_photo_position' => (int) $iPosition), 'fevent_id = ' . (int) $iFeventId);
     return true;
 }