public function __construct()
{
parent::__construct();
$oBlog = new Blog();
$oBlogModel = new BlogModel();
if (!$oBlog->checkPostId($this->httpRequest->post('post_id'))) {
\PFBC\Form::setError('form_blog', t('The ID of the article is invalid or incorrect.'));
} else {
$aData = ['post_id' => $this->httpRequest->post('post_id'), 'lang_id' => $this->httpRequest->post('lang_id'), 'title' => $this->httpRequest->post('title'), 'content' => $this->httpRequest->post('content', Http::ONLY_XSS_CLEAN), 'slogan' => $this->httpRequest->post('$slogan'), 'tags' => $this->httpRequest->post('tags'), 'page_title' => $this->httpRequest->post('page_title'), 'meta_description' => $this->httpRequest->post('meta_description'), 'meta_keywords' => $this->httpRequest->post('meta_keywords'), 'meta_robots' => $this->httpRequest->post('meta_robots'), 'meta_author' => $this->httpRequest->post('meta_author'), 'meta_copyright' => $this->httpRequest->post('meta_copyright'), 'enable_comment' => $this->httpRequest->post('enable_comment'), 'created_date' => $this->dateTime->get()->dateTime('Y-m-d H:i:s')];
if (!$oBlogModel->addPost($aData)) {
$this->sMsg = t('An error occurred while adding the article.');
} else {
/*** Set the categorie(s) ***/
/**
* WARNING: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant, otherwise the Http::post() method
* removes the special tags and damages the SQL queries for entry into the database.
*/
$iBlogId = Db::getInstance()->lastInsertId();
foreach ($this->httpRequest->post('category_id', Http::ONLY_XSS_CLEAN) as $iCategoryId) {
$oBlogModel->addCategory($iCategoryId, $iBlogId);
}
/*** Set the thumbnail if there's one ***/
$oPost = $oBlogModel->readPost($aData['post_id']);
$oBlog->setThumb($oPost, $this->file);
/* Clean BlogModel Cache */
(new Framework\Cache\Cache())->start(BlogModel::CACHE_GROUP, null, null)->clear();
$this->sMsg = t('Post created successfully!');
}
Header::redirect(Uri::get('blog', 'main', 'read', $this->httpRequest->post('post_id')), $this->sMsg);
}
}
public function __construct()
{
parent::__construct();
$oCommentModel = new CommentModel();
$sComment = $this->httpRequest->post('comment');
$sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
$iTimeDelay = (int) DbConfig::getSetting('timeDelaySendComment');
$sTable = $this->httpRequest->get('table');
$iRecipientId = $this->httpRequest->get('recipient', 'int');
$iSenderId = (int) $this->session->get('member_id');
if (!$oCommentModel->idExists($iRecipientId, $sTable)) {
\PFBC\Form::setError('form_comment', t('The comment recipient does not exists.'));
} elseif (!$oCommentModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime, $sTable)) {
\PFBC\Form::setError('form_comment', Form::waitWriteMsg($iTimeDelay));
} elseif ($oCommentModel->isDuplicateContent($iSenderId, $sComment, $sTable)) {
\PFBC\Form::setError('form_comment', Form::duplicateContentMsg());
} else {
if (!$oCommentModel->add($sComment, $iRecipientId, $iSenderId, 1, $sCurrentTime, $sTable)) {
\PFBC\Form::setError('form_comment', t('Oops! Error when adding comment.'));
} else {
/* Clean All Data of CommentModel Cache */
(new Framework\Cache\Cache())->start(CommentCoreModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('comment', 'comment', 'read', $sTable . ',' . $iRecipientId), t('The comment has been sent successfully!'));
}
}
unset($oCommentModel);
}
public function __construct()
{
parent::__construct();
/**
* This can cause minor errors (eg if a user sent a file that is not a video).
* So we hide the errors if we are not in development mode.
*/
if (!isDebug()) {
error_reporting(0);
}
// Resizing and saving the video album thumbnail
$oPicture = new Image($_FILES['album']['tmp_name']);
if (!$oPicture->validate()) {
\PFBC\Form::setError('form_video_album', Form::wrongImgFileTypeMsg());
} else {
$iApproved = DbConfig::getSetting('videoManualApproval') == 0 ? '1' : '0';
$sFileName = Various::genRnd($oPicture->getFileName(), 1) . '-thumb.' . $oPicture->getExt();
(new VideoModel())->addAlbum($this->session->get('member_id'), $this->httpRequest->post('name'), $this->httpRequest->post('description'), $sFileName, $this->dateTime->get()->dateTime('Y-m-d H:i:s'), $iApproved);
$iLastAlbumId = (int) Db::getInstance()->lastInsertId();
$oPicture->square(200);
/* Set watermark text on thumbnail */
$sWatermarkText = DbConfig::getSetting('watermarkTextImage');
$iSizeWatermarkText = DbConfig::getSetting('sizeWatermarkTextImage');
$oPicture->watermarkText($sWatermarkText, $iSizeWatermarkText);
$sPath = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'video/file/' . $this->session->get('member_username') . PH7_DS . $iLastAlbumId . PH7_DS;
$this->file->createDir($sPath);
$oPicture->save($sPath . $sFileName);
/* Clean VideoModel Cache */
(new Framework\Cache\Cache())->start(VideoModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('video', 'main', 'addvideo', $iLastAlbumId));
}
}
public function result()
{
error_reporting(0);
$iGroupId = $this->httpRequest->get('group_id', 'int');
$iBan = $this->httpRequest->get('ban', 'int');
$sWhere = $this->httpRequest->get('where');
$sWhat = $this->httpRequest->get('what');
if ($sWhere !== 'all' && $sWhere !== 'username' && $sWhere !== 'email' && $sWhere !== 'firstName' && $sWhere !== 'lastName' && $sWhere !== 'ip') {
\PFBC\Form::setError('form_admin_search', 'Invalid argument.');
HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'user', 'search'));
} else {
$this->iTotalUsers = $this->oAdminModel->searchUser($sWhat, $sWhere, $iGroupId, $iBan, true, $this->httpRequest->get('order'), $this->httpRequest->get('sort'), null, null);
$this->view->total_users = $this->iTotalUsers;
$oPage = new Page();
$this->view->total_pages = $oPage->getTotalPages($this->iTotalUsers, 15);
$this->view->current_page = $oPage->getCurrentPage();
$oSearch = $this->oAdminModel->searchUser($sWhat, $sWhere, $iGroupId, $iBan, false, $this->httpRequest->get('order'), $this->httpRequest->get('sort'), $oPage->getFirstItem(), $oPage->getNbItemsByPage());
unset($oPage);
if (empty($oSearch)) {
$this->design->setRedirect(Uri::get(PH7_ADMIN_MOD, 'user', 'search'));
$this->displayPageNotFound('Empty search result. Please try again with wider or new search parameters.');
} else {
// Adding the static files
$this->design->addCss(PH7_LAYOUT . PH7_TPL . PH7_TPL_NAME . PH7_SH . PH7_CSS, 'browse.css');
$this->design->addJs(PH7_STATIC . PH7_JS, 'form.js');
$this->sTitle = t('Users - Your search returned');
$this->view->page_title = $this->sTitle;
$this->view->h1_title = $this->sTitle;
$this->view->h3_title = nt('%n% User Result!', '%n% Users Result!', $this->iTotalUsers);
$this->view->browse = $oSearch;
}
$this->manualTplInclude('browse.tpl');
$this->output();
}
}
public function __construct()
{
parent::__construct();
$sTable = $this->registry->module == 'user' ? 'Members' : 'Affiliates';
$sSessPrefix = $this->registry->module == 'user' ? 'member' : 'affiliate';
if ((new UserCoreModel())->login($this->session->get($sSessPrefix . '_email'), $this->httpRequest->post('password'), $sTable) === 'password_does_not_exist') {
\PFBC\Form::setError('form_delete_account', t('Oops! This password you entered is incorrect.'));
} else {
$sUsername = $this->session->get($sSessPrefix . '_username');
$sMembershipType = $this->registry->module == 'affiliate' ? t('Affiliate') : t('Member');
$this->view->membership = t('Type of Membership: %0%.', $sMembershipType);
$this->view->message = nl2br($this->httpRequest->post('message'));
$this->view->why_delete = t('Due to the deletion of the account: %0%', $this->httpRequest->post('why_delete'));
$this->view->footer_title = t('Information of the user who has deleted their account');
$this->view->email = t('Email: %0%', $this->session->get($sSessPrefix . '_email'));
$this->view->username = t('Username: %0%', $sUsername);
$this->view->first_name = t('First Name: %0%', $this->session->get($sSessPrefix . '_first_name'));
$this->view->sex = t('Sex: %0%', $this->session->get($sSessPrefix . '_sex'));
$this->view->ip = t('User IP: %0%', $this->session->get($sSessPrefix . '_ip'));
$this->view->browser_info = t('Browser info: %0%', $this->session->get($sSessPrefix . '_http_user_agent'));
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/core/delete_account.tpl', DbConfig::getSetting('adminEmail'));
$sMembershipName = $this->registry->module == 'user' ? t('Member') : t('Affiliate');
$aInfo = ['subject' => t('Unregister %0% - User: %1%', $sMembershipName, $sUsername)];
(new Mail())->send($aInfo, $sMessageHtml);
$oUserModel = $this->registry->module == 'user' ? new UserCore() : new AffiliateCore();
$oUserModel->delete($this->session->get($sSessPrefix . '_id'), $sUsername);
unset($oUserModel);
$this->session->destroy();
Header::redirect(Uri::get('user', 'main', 'soon'), t('You delete account is successfully!'));
}
}
public function __construct()
{
parent::__construct();
// PH7\UserCoreModel::login() method of the UserCoreModel Class works only for "user" and "affiliate" module.
$oPasswordModel = $this->registry->module == PH7_ADMIN_MOD ? new AdminModel() : new UserCoreModel();
$sEmail = $this->registry->module == PH7_ADMIN_MOD ? $this->session->get('admin_email') : ($this->registry->module == 'user' ? $this->session->get('member_email') : $this->session->get('affiliate_email'));
$sTable = $this->registry->module == PH7_ADMIN_MOD ? 'Admins' : ($this->registry->module == 'user' ? 'Members' : 'Affiliates');
$sMod = $this->registry->module == PH7_ADMIN_MOD ? PH7_ADMIN_MOD : ($this->registry->module == 'user' ? 'user' : 'affiliate');
$sAction = $this->registry->module == 'affiliate' ? 'home' : 'main';
// Login
if ($this->registry->module == PH7_ADMIN_MOD) {
$mLogin = $oPasswordModel->adminLogin($sEmail, $this->session->get('admin_username'), $this->httpRequest->post('old_password'));
} else {
$mLogin = $oPasswordModel->login($sEmail, $this->httpRequest->post('old_password'), $sTable);
}
// Check
if ($this->httpRequest->post('new_password') !== $this->httpRequest->post('new_password2')) {
\PFBC\Form::setError('form_change_password', t('The passwords do not match.'));
} elseif ($this->httpRequest->post('old_password') === $this->httpRequest->post('new_password')) {
\PFBC\Form::setError('form_change_password', t('The old and new passwords are identical. So why do you change your password?'));
} elseif ($mLogin !== true) {
\PFBC\Form::setError('form_change_password', t('The old password is not correct.'));
} else {
// Update
$oPasswordModel->changePassword($sEmail, $this->httpRequest->post('new_password'), Various::genRnd(), Various::genRnd(), $sTable);
\PFBC\Form::setSuccess('form_change_password', t('Your password has been correctly updated.'));
}
}
public function __construct($sTable)
{
parent::__construct();
$oUserModel = new UserCoreModel();
$sMail = $this->httpRequest->post('mail');
if (!($iProfileId = $oUserModel->getId($sMail, null, $sTable))) {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
\PFBC\Form::setError('form_forgot_password', t('Oops, this "%0%" is not associated with any %site_name% account. Please, make sure that you entered the e-mail address used in creating your account.', escape(substr($sMail, 0, PH7_MAX_EMAIL_LENGTH))));
} else {
$oUserModel->setNewHashValidation($iProfileId, Various::genRnd(), $sTable);
(new UserCore())->clearReadProfileCache($iProfileId, $sTable);
// Clean the profile data (for the new hash)
$oData = $oUserModel->readProfile($iProfileId, $sTable);
/** We place the text outside of Uri::get() otherwise special characters will be deleted and the parameters passed in the url will be unusable thereafter. **/
$sResetUrl = Uri::get('lost-password', 'main', 'reset', $this->httpRequest->get('mod')) . PH7_SH . $oData->email . PH7_SH . $oData->hashValidation;
$this->view->content = t('Hello %0%!<br />Somebody (from the IP address %1%) has requested a new password for their account.', $oData->username, Ip::get()) . '<br />' . t('If you requested for this, click on the link below, otherwise ignore this email and your password will remain unchanged.') . '<br /><a href="' . $sResetUrl . '">' . $sResetUrl . '</a>';
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/lost-password/confirm-lost-password.tpl', $oData->email);
$aInfo = ['to' => $oData->email, 'subject' => t('Request for new password - %site_name%')];
unset($oData);
if (!(new Mail())->send($aInfo, $sMessageHtml)) {
\PFBC\Form::setError('form_forgot_password', Form::errorSendingEmail());
} else {
\PFBC\Form::setSuccess('form_forgot_password', t('Successfully requested a new password, email sent!'));
}
}
unset($oUserModel);
}
public function __construct()
{
parent::__construct();
// Thumbnail
$oImg = new Image($_FILES['thumb']['tmp_name']);
if (!$oImg->validate()) {
\PFBC\Form::setError('form_game', Form::wrongImgFileTypeMsg());
return;
// Stop execution of the method.
}
$sThumbFile = Various::genRnd($oImg->getFileName(), 30) . $oImg->getExt();
$sThumbDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/img/thumb/';
$oImg->square(60);
$oImg->save($sThumbDir . $sThumbFile);
unset($oImg);
// Game
$sGameFile = Various::genRnd($_FILES['file']['name'], 30) . PH7_DOT . $this->file->getFileExt($_FILES['file']['name']);
$sGameDir = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'game/file/';
// If the folders is not created (games not installed), yet we will create.
$this->file->createDir(array($sThumbDir, $sGameDir));
if (!@move_uploaded_file($_FILES['file']['tmp_name'], $sGameDir . $sGameFile)) {
\PFBC\Form::setError('form_game', t('Impossible to upload the game. If you are the administrator, please check if the folder of games data has the write permission (CHMOD 755).'));
} else {
$aData = ['category_id' => $this->httpRequest->post('category_id', 'int'), 'name' => $this->httpRequest->post('name'), 'title' => $this->httpRequest->post('title'), 'description' => $this->httpRequest->post('description'), 'keywords' => $this->httpRequest->post('keywords'), 'thumb' => $sThumbFile, 'file' => $sGameFile];
(new GameModel())->add($aData);
/* Clean GameModel Cache */
(new Framework\Cache\Cache())->start(GameModel::CACHE_GROUP, null, null)->clear();
HeaderUrl::redirect(Uri::get('game', 'main', 'game', $aData['title'] . ',' . Db::getInstance()->lastInsertId()), t('The game was added successfully!'));
}
}
public function __construct()
{
parent::__construct();
$oAffModel = new AffiliateModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sPassword = $this->httpRequest->post('password');
/** Check if the connection is not locked **/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isAffiliateLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxAffiliateLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginAffiliateAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Affiliates')) {
\PFBC\Form::setError('form_login_aff', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
// Check Login
$sLogin = $oAffModel->login($sEmail, $sPassword, 'Affiliates');
if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
if ($sLogin === 'email_does_not_exist') {
$this->session->set('captcha_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_login_aff', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
$oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username', 'Affiliates');
} elseif ($sLogin === 'password_does_not_exist') {
$oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password', 'Affiliates');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt('Affiliates');
}
$this->session->set('captcha_enabled', 1);
// Enable Captcha
$sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
$sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
$sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'affiliate'));
\PFBC\Form::setError('form_login_aff', $sWrongPwdTxt);
}
} else {
$oSecurityModel->clearLoginAttempts('Affiliates');
$this->session->remove('captcha_enabled');
$iId = $oAffModel->getId($sEmail, null, 'Affiliates');
$oAffData = $oAffModel->readProfile($iId, 'Affiliates');
if (true !== ($mStatus = (new AffiliateCore())->checkAccountStatus($oAffData))) {
\PFBC\Form::setError('form_login_aff', $mStatus);
} else {
// Is disconnected if the user is logged on as "user" or "administrator".
if (UserCore::auth() || AdminCore::auth()) {
$this->session->destroy();
}
// Regenerate the session ID to prevent the session fixation
$this->session->regenerateId();
$aSessionData = ['affiliate_id' => $oAffData->profileId, 'affiliate_email' => $oAffData->email, 'affiliate_username' => $oAffData->username, 'affiliate_first_name' => $oAffData->firstName, 'affiliate_sex' => $oAffData->sex, 'affiliate_ip' => Ip::get(), 'affiliate_http_user_agent' => $this->browser->getUserAgent(), 'affiliate_token' => Various::genRnd($oAffData->email)];
$this->session->set($aSessionData);
$oSecurityModel->addLoginLog($oAffData->email, $oAffData->username, '*****', 'Logged in!', 'Affiliates');
$oAffModel->setLastActivity($oAffData->profileId, 'Affiliates');
Header::redirect(Uri::get('affiliate', 'account', 'index'), t('You are successfully logged!'));
}
}
}
public function __construct()
{
parent::__construct();
$sIp = Ip::get();
$oAdminModel = new AdminModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sUsername = $this->httpRequest->post('username');
$sPassword = $this->httpRequest->post('password');
/*** Security IP Login ***/
$sIpLogin = DbConfig::getSetting('ipLogin');
/*** Check if the connection is not locked ***/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isAdminLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxAdminLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginAdminAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Admins')) {
\PFBC\Form::setError('form_admin_login', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
/*** Check Login ***/
$bIsLogged = $oAdminModel->adminLogin($sEmail, $sUsername, $sPassword);
$bIsIpBanned = !empty($sIpLogin) && $sIpLogin !== $sIp;
if (!$bIsLogged || $bIsIpBanned) {
sleep(2);
// Security against brute-force attack to avoid drowning the server and the database
if (!$bIsLogged) {
$oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Incorrect Email, Username or Password', 'Admins');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt('Admins');
}
$this->session->set('captcha_admin_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_admin_login', t('"Email", "Username" or "Password" is Incorrect'));
} elseif ($bIsIpBanned) {
$this->session->set('captcha_admin_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_admin_login', t('Incorrect Login!'));
$oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Bad Ip adress', 'Admins');
}
} else {
$oSecurityModel->clearLoginAttempts('Admins');
$this->session->remove('captcha_admin_enabled');
// Is disconnected if the user is logged on as "user" or "affiliate".
if (UserCore::auth() || AffiliateCore::auth()) {
$this->session->destroy();
}
$iId = $oAdminModel->getId($sEmail, null, 'Admins');
$oAdminData = $oAdminModel->readProfile($iId, 'Admins');
// Regenerate the session ID to prevent the session fixation
$this->session->regenerateId();
$aSessionData = array('admin_id' => $oAdminData->profileId, 'admin_email' => $oAdminData->email, 'admin_username' => $oAdminData->username, 'admin_first_name' => $oAdminData->firstName, 'admin_ip' => $sIp, 'admin_http_user_agent' => $this->browser->getUserAgent(), 'admin_token' => Various::genRnd($oAdminData->email));
$this->session->set($aSessionData);
$oSecurityModel->addLoginLog($sEmail, $sUsername, '*****', 'Logged in!', 'Admins');
$oAdminModel->setLastActivity($oAdminData->profileId, 'Admins');
HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'index'), t('You signup is successfully!'));
}
}
public function __construct()
{
$bSend = (new Contact())->sendMessage();
if (!$bSend) {
\PFBC\Form::setError('form_contact', Form::errorSendingEmail());
} else {
\PFBC\Form::setSuccess('form_contact', t('Your message has been sent successfully!'));
}
}
public function __construct()
{
$aData = (new Newsletter())->sendMessages();
if (!$aData['status']) {
\PFBC\Form::setError('form_msg', Form::errorSendingEmail());
} else {
\PFBC\Form::setSuccess('form_msg', nt('%n% newsletters were sent successfully!', '%n% newsletter has been sent successfully', $aData['nb_mail_sent']));
}
}
public function __construct()
{
parent::__construct();
$oUserModel = new UserCoreModel();
$oSecurityModel = new SecurityModel();
$sEmail = $this->httpRequest->post('mail');
$sPassword = $this->httpRequest->post('password');
/** Check if the connection is not locked **/
$bIsLoginAttempt = (bool) DbConfig::getSetting('isUserLoginAttempt');
$iMaxAttempts = (int) DbConfig::getSetting('maxUserLoginAttempts');
$iTimeDelay = (int) DbConfig::getSetting('loginUserAttemptTime');
if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view)) {
\PFBC\Form::setError('form_login_user', Form::loginAttemptsExceededMsg($iTimeDelay));
return;
// Stop execution of the method.
}
// Check Login
$sLogin = $oUserModel->login($sEmail, $sPassword);
if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') {
sleep(1);
// Security against brute-force attack to avoid drowning the server and the database
if ($sLogin === 'email_does_not_exist') {
$this->session->set('captcha_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_login_user', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH))));
$oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username');
} elseif ($sLogin === 'password_does_not_exist') {
$oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password');
if ($bIsLoginAttempt) {
$oSecurityModel->addLoginAttempt();
}
$this->session->set('captcha_enabled', 1);
// Enable Captcha
$sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />';
$sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />';
$sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'user'));
\PFBC\Form::setError('form_login_user', $sWrongPwdTxt);
}
} else {
$oSecurityModel->clearLoginAttempts();
$this->session->remove('captcha_enabled');
$iId = $oUserModel->getId($sEmail);
$oUserData = $oUserModel->readProfile($iId);
if ($this->httpRequest->postExists('remember')) {
// We hash again the password
(new Framework\Cookie\Cookie())->set(array('member_remember' => Security::hashCookie($oUserData->password), 'member_id' => $oUserData->profileId));
}
$oUser = new UserCore();
if (true !== ($mStatus = $oUser->checkAccountStatus($oUserData))) {
\PFBC\Form::setError('form_login_user', $mStatus);
} else {
$oUser->setAuth($oUserData, $oUserModel, $this->session);
Header::redirect(Uri::get('user', 'account', 'index'), t('You are successfully logged!'));
}
}
}
public function __construct()
{
parent::__construct();
(new Logger())->init($_POST);
sleep(6);
// Security against brute-force attack and this will irritate the hacker
$this->session->set('captcha_admin_enabled', 1);
// Enable Captcha
\PFBC\Form::setError('form_login', t('"Email", "Username" or "Password" is Incorrect'));
}
public function __construct()
{
$oHR = new HttpRequest();
$aData = (new ImportUser($_FILES['csv_file'], $oHR->post('delimiter'), $oHR->post('enclosure')))->getResponse();
if (!$aData['status']) {
\PFBC\Form::setError('form_import_user', $aData['msg']);
} else {
Header::redirect(Uri::get(PH7_ADMIN_MOD, 'user', 'browse'), $aData['msg']);
}
}
public function __construct()
{
parent::__construct();
$oValidate = new Validate();
$oAdminModel = new AdminModel();
// Prohibit other administrators to edit the Root Administrator (ID 1)
$iProfileId = $this->httpRequest->getExists('profile_id') && $this->httpRequest->get('profile_id', 'int') !== 1 ? $this->httpRequest->get('profile_id', 'int') : $this->session->get('admin_id');
$oAdmin = $oAdminModel->readProfile($iProfileId, 'Admins');
if (!$this->str->equals($this->httpRequest->post('username'), $oAdmin->username)) {
$iMinUsernameLength = DbConfig::getSetting('minUsernameLength');
$iMaxUsernameLength = DbConfig::getSetting('maxUsernameLength');
if (!$oValidate->username($this->httpRequest->post('username'), $iMinUsernameLength, $iMaxUsernameLength)) {
\PFBC\Form::setError('form_admin_edit_account', t('Your username has to contain from %0% to %1% characters, your username is not available or your username already used by other admin.', $iMinUsernameLength, $iMaxUsernameLength));
$this->bIsErr = true;
} else {
$oAdminModel->updateProfile('username', $this->httpRequest->post('username'), $iProfileId, 'Admins');
$this->session->set('admin_username', $this->httpRequest->post('username'));
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'username' . $iProfileId . 'Admins', null)->clear();
}
}
if (!$this->str->equals($this->httpRequest->post('mail'), $oAdmin->email)) {
if ((new ExistsCoreModel())->email($this->httpRequest->post('mail'))) {
\PFBC\Form::setError('form_admin_edit_account', t('Invalid email address or this email is already used by another admin.'));
$this->bIsErr = true;
} else {
$oAdminModel->updateProfile('email', $this->httpRequest->post('mail'), $iProfileId, 'Admins');
$this->session->set('admin_email', $this->httpRequest->post('mail'));
}
}
if (!$this->str->equals($this->httpRequest->post('first_name'), $oAdmin->firstName)) {
$oAdminModel->updateProfile('firstName', $this->httpRequest->post('first_name'), $iProfileId, 'Admins');
$this->session->set('admin_first_name', $this->httpRequest->post('first_name'));
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'firstName' . $iProfileId . 'Admins', null)->clear();
}
if (!$this->str->equals($this->httpRequest->post('last_name'), $oAdmin->lastName)) {
$oAdminModel->updateProfile('lastName', $this->httpRequest->post('last_name'), $iProfileId, 'Admins');
}
if (!$this->str->equals($this->httpRequest->post('sex'), $oAdmin->sex)) {
$oAdminModel->updateProfile('sex', $this->httpRequest->post('sex'), $iProfileId, 'Admins');
(new Framework\Cache\Cache())->start(UserCoreModel::CACHE_GROUP, 'sex' . $iProfileId . 'Admins', null)->clear();
}
if (!$this->str->equals($this->httpRequest->post('time_zone'), $oAdmin->timeZone)) {
$oAdminModel->updateProfile('timeZone', $this->httpRequest->post('time_zone'), $iProfileId, 'Admins');
}
$oAdminModel->setLastEdit($iProfileId, 'Admins');
unset($oValidate, $oAdminModel, $oAdmin);
(new Admin())->clearReadProfileCache($iProfileId, 'Admins');
if (!$this->bIsErr) {
\PFBC\Form::setSuccess('form_admin_edit_account', t('Your profile has been saved successfully!'));
}
}
public function __construct()
{
parent::__construct();
$this->sSessPrefix = $this->registry->module == 'user' ? 'member' : 'affiliate';
$sTable = $this->registry->module == 'user' ? 'Members' : 'Affiliates';
$mLogin = (new UserCoreModel())->login($this->session->get($this->sSessPrefix . '_email'), $this->httpRequest->post('password'), $sTable);
if ($mLogin === 'password_does_not_exist') {
\PFBC\Form::setError('form_delete_account', t('Oops! This password you entered is incorrect.'));
} else {
$this->sendWarnEmail();
$this->session->destroy();
$this->goSoon();
}
}
public function __construct()
{
parent::__construct();
$sUrl = $this->httpRequest->postExists('url') ? $this->httpRequest->post('url') : $this->httpRequest->currentUrl();
$mNeedle = strstr($sUrl, '?', true);
$aData = ['reporter_id' => $this->session->get('member_id'), 'spammer_id' => $this->httpRequest->post('spammer'), 'url' => $mNeedle ? $mNeedle : $sUrl, 'type' => $this->httpRequest->post('type'), 'desc' => $this->httpRequest->post('desc'), 'date' => $this->dateTime->get()->dateTime('Y-m-d H:i:s')];
$mReport = (new Report())->add($aData)->get();
unset($aData);
if ($mReport === 'already_reported') {
\PFBC\Form::setError('form_report', t('You have already reported abuse about this profile.'));
} elseif (!$mReport) {
\PFBC\Form::setError('form_report', t('Unable to report abuse.'));
} else {
\PFBC\Form::setSuccess('form_report', t('You have successfully reported abuse about this profile.'));
}
}
public function step2()
{
$iProfileId = $this->oUserModel->getId($this->session->get('mail_step1'));
$sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d');
// WARNING FOT "matchSex" FIELD: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant otherwise the post method of the HttpRequest class removes the tags special
// and damages the SET function SQL for entry into the database
$aData1 = ['sex' => $this->httpRequest->post('sex'), 'match_sex' => Form::setVal($this->httpRequest->post('match_sex', Http::ONLY_XSS_CLEAN)), 'birth_date' => $sBirthDate, 'profile_id' => $iProfileId];
$aData2 = ['country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'profile_id' => $iProfileId];
if (!$this->oUserModel->exe($aData1, '2_1') || !$this->oUserModel->exe($aData2, '2_2')) {
\PFBC\Form::setError('form_join_user2', t('An error occurred during registration!<br /> Please try again with other information in the form fields or come back later.'));
} else {
// Register successfully in database for step 2!
$this->session->set('mail_step2', $this->session->get('mail_step1'));
HeaderUrl::redirect(Uri::get('user', 'signup', 'step3'));
}
}
public function __construct()
{
parent::__construct();
$oForumModel = new ForumModel();
$sMessage = $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN);
$sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
$iTimeDelay = (int) DbConfig::getSetting('timeDelaySendForumTopic');
$iProfileId = (int) $this->session->get('member_id');
$iForumId = $this->httpRequest->get('forum_id', 'int');
if (!$oForumModel->checkWaitTopic($iProfileId, $iTimeDelay, $sCurrentTime)) {
\PFBC\Form::setError('form_msg', Form::waitWriteMsg($iTimeDelay));
} elseif ($oForumModel->isDuplicateTopic($iProfileId, $sMessage)) {
\PFBC\Form::setError('form_msg', Form::duplicateContentMsg());
} else {
$oForumModel->addTopic($iProfileId, $iForumId, $this->httpRequest->post('title'), $sMessage, $sCurrentTime);
Header::redirect(Uri::get('forum', 'forum', 'post', $this->httpRequest->get('forum_name') . ',' . $iForumId . ',' . $this->httpRequest->post('title') . ',' . Db::getInstance()->lastInsertId()), t('Your message has been added successfully!'));
}
unset($oForumModel);
}
public function __construct()
{
parent::__construct();
$oNote = new Note();
$oNoteModel = new NoteModel();
$sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
$iProfileId = $this->session->get('member_id');
$iTimeDelay = (int) DbConfig::getSetting('timeDelaySendNote');
if (!$oNote->checkPostId($this->httpRequest->post('post_id'), $iProfileId)) {
\PFBC\Form::setError('form_note', t('The ID of the article is invalid or incorrect.'));
} elseif (!$oNoteModel->checkWaitSend($this->session->get('member_id'), $iTimeDelay, $sCurrentTime)) {
\PFBC\Form::setError('form_note', Form::waitWriteMsg($iTimeDelay));
} else {
$iApproved = DbConfig::getSetting('noteManualApproval') == 0 ? '1' : '0';
$aData = ['profile_id' => $iProfileId, 'post_id' => $this->httpRequest->post('post_id'), 'lang_id' => $this->httpRequest->post('lang_id'), 'title' => $this->httpRequest->post('title'), 'content' => $this->httpRequest->post('content', Http::ONLY_XSS_CLEAN), 'slogan' => $this->httpRequest->post('slogan'), 'tags' => $this->httpRequest->post('tags'), 'page_title' => $this->httpRequest->post('page_title'), 'meta_description' => $this->httpRequest->post('meta_description'), 'meta_keywords' => $this->httpRequest->post('meta_keywords'), 'meta_robots' => $this->httpRequest->post('meta_robots'), 'meta_author' => $this->httpRequest->post('meta_author'), 'meta_copyright' => $this->httpRequest->post('meta_copyright'), 'enable_comment' => $this->httpRequest->post('enable_comment'), 'created_date' => $sCurrentTime, 'approved' => $iApproved];
if (!$oNoteModel->addPost($aData)) {
$this->sMsg = t('An error occurred while adding the article.');
} else {
/*** Set the categorie(s) ***/
/**
* WARNING: Be careful, you should use the \PH7\Framework\Mvc\Request\Http::ONLY_XSS_CLEAN constant, otherwise the Http::post() method
* removes the special tags and damages the SQL queries for entry into the database.
*/
if (count($this->httpRequest->post('category_id', Http::ONLY_XSS_CLEAN)) > 3) {
\PFBC\Form::setError('form_note', t('You can not select more than 3 categories.'));
return;
// Stop execution of the method.
}
$iNoteId = Db::getInstance()->lastInsertId();
foreach ($this->httpRequest->post('category_id', Http::ONLY_XSS_CLEAN) as $iCategoryId) {
$oNoteModel->addCategory($iCategoryId, $iNoteId, $iProfileId);
}
/*** Set the thumbnail if there's one ***/
$oPost = $oNoteModel->readPost($aData['post_id'], $iProfileId, null);
$oNote->setThumb($oPost, $oNoteModel, $this->file);
/* Clean NoteModel Cache */
(new Framework\Cache\Cache())->start(NoteModel::CACHE_GROUP, null, null)->clear();
$this->sMsg = $iApproved == '0' ? t('Your Note has been received! But it will be visible once approved by our moderators. Please do not send a new Note because this is useless!') : t('Post created successfully!');
}
Header::redirect(Uri::get('note', 'main', 'read', $this->session->get('member_username') . ',' . $this->httpRequest->post('post_id')), $this->sMsg);
}
}
/**
* Sets the Blog Thumbnail.
*
* @param object $oPost
* @param \PH7\Framework\File\File $oFile
* @return void
*/
public function setThumb($oPost, Framework\File\File $oFile)
{
if (!empty($_FILES['thumb']['tmp_name'])) {
$oImage = new Framework\Image\Image($_FILES['thumb']['tmp_name']);
if (!$oImage->validate()) {
\PFBC\Form::setError('form_blog', Form::wrongImgFileTypeMsg());
} else {
/**
* The method deleteFile first test if the file exists, if so it delete the file.
*/
$sPathName = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'blog/' . PH7_IMG . $oPost->blogId;
$oFile->deleteFile($sPathName);
// It erases the old thumbnail
$oFile->createDir($sPathName);
$oImage->square(100);
$oImage->save($sPathName . '/thumb.png');
}
unset($oImage);
}
}
public function __construct()
{
parent::__construct();
$oUserModel = new UserCoreModel();
$oMailModel = new MailModel();
$bIsAdmin = AdminCore::auth() && !UserCore::auth() && !$this->session->exists('login_user_as');
$sMessage = $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN);
$sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s');
$iTimeDelay = (int) DbConfig::getSetting('timeDelaySendMail');
$sRecipient = $this->httpRequest->post('recipient');
$iRecipientId = $oUserModel->getId(null, $sRecipient);
$iSenderId = (int) ($bIsAdmin ? PH7_ADMIN_ID : $this->session->get('member_id'));
if ($iSenderId == $iRecipientId) {
\PFBC\Form::setError('form_compose_mail', t('Oops! You can not send a message to yourself.'));
} elseif ($sRecipient == PH7_ADMIN_USERNAME) {
\PFBC\Form::setError('form_compose_mail', t('Oops! You cannot reply to administrator! If you want to contact us, please use our <a href="%0%">contact form</a>.', Uri::get('contact', 'contact', 'index')));
} elseif (!(new ExistsCoreModel())->id($iRecipientId, 'Members')) {
\PFBC\Form::setError('form_compose_mail', t('Oops! The username "%0%" does not exist.', escape(substr($this->httpRequest->post('recipient'), 0, PH7_MAX_USERNAME_LENGTH), true)));
} elseif (!$bIsAdmin && !$oMailModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime)) {
\PFBC\Form::setError('form_compose_mail', Form::waitWriteMsg($iTimeDelay));
} elseif (!$bIsAdmin && $oMailModel->isDuplicateContent($iSenderId, $sMessage)) {
\PFBC\Form::setError('form_compose_mail', Form::duplicateContentMsg());
} else {
$mSendMsg = $oMailModel->sendMsg($iSenderId, $iRecipientId, $this->httpRequest->post('title'), $sMessage, $sCurrentTime);
if (false === $mSendMsg) {
\PFBC\Form::setError('form_compose_mail', t('Problem while sending the message. Please try again later.'));
} else {
// If the notification is accepted and the message recipient isn't connected NOW, we send a message.
if (!$oUserModel->isNotification($iRecipientId, 'newMsg') && $oUserModel->isOnline($iRecipientId, 0)) {
$this->view->content = t('Hello %0%!<br />You have received a new message from <strong>%1%</strong>.<br /> <a href="%2%">Click here</a> to read your message.', $this->httpRequest->post('recipient'), $this->session->get('member_username'), Uri::get('mail', 'main', 'inbox', $mSendMsg));
$sRecipientEmail = $oUserModel->getEmail($iRecipientId);
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/mail/new_msg.tpl', $sRecipientEmail);
$aInfo = ['to' => $sRecipientEmail, 'subject' => t('New private message from %0% on %site_name%', $this->session->get('member_first_name'))];
(new Mail())->send($aInfo, $sMessageHtml);
}
$sUrl = $bIsAdmin ? Uri::get(PH7_ADMIN_MOD, 'user', 'browse') : Uri::get('mail', 'main', 'index');
Header::redirect($sUrl, t('Your message has been sent successfully!'));
}
unset($oUserModel, $oMailModel);
}
}
public function __construct()
{
parent::__construct();
$iApproved = AdminCore::auth() || DbConfig::getSetting('avatarManualApproval') == 0 ? '1' : '0';
if (AdminCore::auth() && !User::auth() && $this->httpRequest->getExists(array('profile_id', 'username'))) {
$iProfileId = $this->httpRequest->get('profile_id');
$sUsername = $this->httpRequest->get('username');
} else {
$iProfileId = $this->session->get('member_id');
$sUsername = $this->session->get('member_username');
}
$bAvatar = (new UserCore())->setAvatar($iProfileId, $sUsername, $_FILES['avatar']['tmp_name'], $iApproved);
if (!$bAvatar) {
\PFBC\Form::setError('form_avatar', Form::wrongImgFileTypeMsg());
} else {
$sModerationText = t('Your avatar has been received! But it will be visible once approved by our moderators. Please do not send a new avatar because this is useless!');
$sText = t('Your avatar has been updated successfully!');
$sMsg = $iApproved == '0' ? $sModerationText : $sText;
\PFBC\Form::setSuccess('form_avatar', $sMsg);
}
}
public function __construct()
{
parent::__construct();
$sMod = $this->httpRequest->get('mod');
$sName = $this->httpRequest->post('name');
$sType = $this->httpRequest->post('type');
$iLength = $this->httpRequest->post('length');
$sDefVal = $this->httpRequest->post('value');
if (Field::unmodifiable($sName)) {
\PFBC\Form::setError('form_edit_field', t('Bad field name!'));
} else {
$bRet = (new FieldModel(Field::getTable($sMod), $sName, $sType, $iLength, $sDefVal))->update();
if ($bRet) {
/* Clean UserCoreModel Cache */
(new Cache())->start(UserCoreModel::CACHE_GROUP, null, null)->clear();
Header::redirect(Uri::get('field', 'field', 'all', $sMod), t('The field has been edited.'));
} else {
\PFBC\Form::setError('form_edit_field', t('Oops! An error occurred while adding the field, please try again.'));
}
}
}
public function __construct()
{
parent::__construct();
$iApproved = AdminCore::auth() || DbConfig::getSetting('profileBackgroundManualApproval') == 0 ? '1' : '0';
if (AdminCore::auth() && !User::auth() && $this->httpRequest->getExists(array('profile_id', 'username'))) {
$iProfileId = $this->httpRequest->get('profile_id');
$sUsername = $this->httpRequest->get('username');
} else {
$iProfileId = $this->session->get('member_id');
$sUsername = $this->session->get('member_username');
}
$bWallpaper = (new UserCore())->setBackground($iProfileId, $sUsername, $_FILES['wallpaper']['tmp_name'], $iApproved);
if (!$bWallpaper) {
\PFBC\Form::setError('form_design', Form::wrongImgFileTypeMsg());
} else {
$sModerationText = t('Your Wallpaper has been received! But it will not be visible until it is approved by our moderators. Please do not send a new not.');
$sText = t('Your Wallpaper has been updated successfully!');
$sMsg = DbConfig::getSetting('profileBackgroundManualApproval') ? $sModerationText : $sText;
\PFBC\Form::setSuccess('form_design', $sMsg);
}
}
public function __construct()
{
parent::__construct();
$oSubscriptionModel = new SubscriptionModel();
$sEmail = $this->httpRequest->post('email');
$sName = $this->httpRequest->post('name');
$bIsSubscriber = (new ExistsCoreModel())->email($sEmail, 'Subscribers');
switch ($this->httpRequest->post('direction')) {
case 'subscrire':
if (!$bIsSubscriber) {
$aData = ['name' => $sName, 'email' => $sEmail, 'current_date' => (new CDateTime())->get()->dateTime('Y-m-d H:i:s'), 'ip' => Ip::get(), 'hash_validation' => Various::genRnd(), 'active' => '0', 'affiliated_id' => (int) (new Cookie())->get(AffiliateCore::COOKIE_NAME)];
$sActivateLink = Uri::get('newsletter', 'home', 'activate') . PH7_SH . $aData['email'] . PH7_SH . $aData['hash_validation'];
$this->view->content = t('Hi %0%!', $aData['name']) . '<br />' . t("Welcome to %site_name%'s Subscription!") . '<br />' . t('Activation link: %0%.', '<a href="' . $sActivateLink . '">' . $sActivateLink . '</a>');
$this->view->footer = t('You are receiving this mail because we received an application for registration with the email "%0%" has been provided in the form of %site_name% (%site_url%).', $aData['email']) . '<br />' . t('If you think someone has used your email address without your knowledge to create an account on %site_name%, please contact us using our contact form available on our website.');
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/newsletter/registration.tpl', $sEmail);
$aInfo = ['subject' => t('Confirm you email address!'), 'to' => $sEmail];
if ((new Mail())->send($aInfo, $sMessageHtml)) {
\PFBC\Form::setSuccess('form_subscription', t('Please activate your subscription by clicking the activation link you received by email. If you can not find the email, please look in your SPAM FOLDER and mark as not spam.'));
$oSubscriptionModel->add($aData);
} else {
\PFBC\Form::setError('form_subscription', Form::errorSendingEmail());
}
} else {
\PFBC\Form::setError('form_subscription', t('Oops! You are already subscribed to our newsletter.'));
}
break;
case 'unsubscribe':
if ($bIsSubscriber) {
$oSubscriptionModel->unsubscribe($sEmail);
\PFBC\Form::setSuccess('form_subscription', t('Your subscription was successfully canceled.'));
} else {
\PFBC\Form::setError('form_subscription', t('We have not found any subscriber with the email address.'));
}
break;
default:
Framework\Http\Http::setHeadersByCode(400);
exit('Bad Request Error!');
}
unset($oSubscriptionModel);
}
/**
* Sets the Note Thumbnail.
*
* @param object $oPost
* @param \PH7\NoteModel $oNoteModel
* @param \PH7\Framework\File\File $oFile
* @return void
*/
public function setThumb($oPost, NoteModel $oNoteModel, Framework\File\File $oFile)
{
if (!empty($_FILES['thumb']['tmp_name'])) {
$oImage = new Framework\Image\Image($_FILES['thumb']['tmp_name']);
if (!$oImage->validate()) {
\PFBC\Form::setError('form_note', Form::wrongImgFileTypeMsg());
} else {
/**
* The method deleteFile first test if the file exists, if so it delete the file.
*/
$sPathName = PH7_PATH_PUBLIC_DATA_SYS_MOD . 'note/' . PH7_IMG . $oPost->username . PH7_SH;
$oFile->deleteFile($sPathName);
// It erases the old thumbnail
$oFile->createDir($sPathName);
$sFileName = Various::genRnd($oImage->getFileName(), 20) . PH7_DOT . $oImage->getExt();
$oImage->square(100);
$oImage->save($sPathName . $sFileName);
$oNoteModel->updatePost('thumb', $sFileName, $oPost->noteId, $oPost->profileId);
}
unset($oImage);
}
}
public function step1()
{
$sBirthDate = $this->dateTime->get($this->httpRequest->post('birth_date'))->date('Y-m-d');
$iAffId = (int) (new Cookie())->get(AffiliateCore::COOKIE_NAME);
$aData = ['email' => $this->httpRequest->post('mail'), 'username' => $this->httpRequest->post('username'), 'password' => $this->httpRequest->post('password'), 'first_name' => $this->httpRequest->post('first_name'), 'last_name' => $this->httpRequest->post('last_name'), 'sex' => $this->httpRequest->post('sex'), 'birth_date' => $sBirthDate, 'country' => $this->httpRequest->post('country'), 'city' => $this->httpRequest->post('city'), 'state' => $this->httpRequest->post('state'), 'zip_code' => $this->httpRequest->post('zip_code'), 'ip' => Ip::get(), 'hash_validation' => Various::genRnd(), 'current_date' => (new CDateTime())->get()->dateTime('Y-m-d H:i:s'), 'is_active' => $this->iActiveType, 'affiliated_id' => $iAffId];
$oAffModel = new AffiliateModel();
$iTimeDelay = (int) DbConfig::getSetting('timeDelayUserRegistration');
if (!$oAffModel->checkWaitJoin($aData['ip'], $iTimeDelay, $aData['current_date'], 'Affiliates')) {
\PFBC\Form::setError('form_join_aff', Form::waitRegistrationMsg($iTimeDelay));
} elseif (!$oAffModel->join($aData)) {
\PFBC\Form::setError('form_join_aff', t('An error occurred during registration!<br /> Please try again with other information in the form fields or come back later.'));
} else {
// Successful registration in the database!
/** Update the Affiliate Commission **/
if ($this->iActiveType == 0) {
// Only if the user's account is already activated.
AffiliateCore::updateJoinCom($iAffId, $this->config, $this->registry);
}
// Send an email and sets the welcome message.
\PFBC\Form::setSuccess('form_join_aff', t('Your affiliate account has been created! %0%', (new Registration())->sendMail($aData)->getMsg()));
}
unset($oAffModel);
}
public function __construct($sTable)
{
parent::__construct();
$sMail = $this->httpRequest->post('mail');
if (!(new ExistsCoreModel())->email($sMail, $sTable)) {
\PFBC\Form::setError('form_resend_activation', t('Oops, this "%0%" is not associated with any %site_name% account. Please, make sure that you entered the e-mail address used in creating your account.', escape(substr($sMail, 0, PH7_MAX_EMAIL_LENGTH))));
} else {
if (!($mHash = (new UserCoreModel())->getHashValidation($sMail))) {
\PFBC\Form::setError('form_resend_activation', t('Oops! Your account is already activated.'));
} else {
$sMod = $sTable == 'Affiliates' ? 'affiliate' : 'user';
$sActivateLink = Uri::get($sMod, 'account', 'activate') . PH7_SH . $mHash->email . PH7_SH . $mHash->hashValidation;
$this->view->content = t('Welcome to %site_name%, %0%!', $mHash->firstName) . '<br />' . t('Hello %0% - We are proud to welcome you as a member of %site_name%!', $mHash->firstName) . '<br />' . t('Your hash validation is <em>"%0%"</em>.', '<a href="' . $sActivateLink . '">' . $sActivateLink . '</a>') . '<br />' . t('Please save the following information for future refenrence:') . '<br /><em>' . t('Email: ') . $mHash->email . '.<br />' . t('Username: '******'.<br />' . t('Password: ***** (This field is hidden to protect against theft of your account).') . '.</em>';
$this->view->footer = t('You are receiving this mail because we received an application for registration with the email "%0%" has been provided in the form of %site_name% (%site_url%).', $mHash->email) . '<br />' . t('If you think someone has used your email address without your knowledge to create an account on %site_name%, please contact us using our contact form available on our website.');
$sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/core/resend_activation.tpl', $mHash->email);
$aInfo = ['to' => $mHash->email, 'subject' => t('Your new password - %site_name%')];
if (!(new Mail())->send($aInfo, $sMessageHtml)) {
\PFBC\Form::setError('form_resend_activation', Form::errorSendingEmail());
} else {
\PFBC\Form::setSuccess('form_resend_activation', t('Your hash validation has been emailed to you.'));
}
}
}
}
