/** * page code function */ function PageCompPageMainCode($iID, $sConfCode) { global $site; $ID = (int) $iID; $ConfCode = clear_xss($sConfCode); $p_arr = getProfileInfo($ID); if (!$p_arr) { $_page['header'] = _t("_Error"); $_page['header_text'] = _t("_Profile Not found"); return MsgBox(_t('_Profile Not found Ex')); } $aCode = array('message_status' => '', 'message_info' => '', 'bx_if:form' => array('condition' => false, 'content' => array('form' => '')), 'bx_if:next' => array('condtion' => false, 'content' => array('next_url' => ''))); if ($p_arr['Status'] == 'Unconfirmed') { $ConfCodeReal = base64_encode(base64_encode(crypt($p_arr[Email], CRYPT_EXT_DES ? "secret_co" : "se"))); if (strcmp($ConfCode, $ConfCodeReal) != 0) { $aForm = array('form_attrs' => array('action' => BX_DOL_URL_ROOT . 'profile_activate.php', 'method' => 'post', 'name' => 'form_change_status'), 'inputs' => array('conf_id' => array('type' => 'hidden', 'name' => 'ConfID', 'value' => $ID), 'conf_code' => array('type' => 'text', 'name' => 'ConfCode', 'value' => '', 'caption' => _t("_Confirmation code")), 'submit' => array('type' => 'submit', 'name' => 'submit', 'value' => _t("_Submit")))); $oForm = new BxTemplFormView($aForm); $aCode['message_status'] = _t("_Profile activation failed"); $aCode['message_info'] = _t("_EMAIL_CONF_FAILED_EX"); $aCode['bx_if:form']['condition'] = true; $aCode['bx_if:form']['content']['form'] = $oForm->getCode(); } else { $aCode['bx_if:next']['condition'] = true; $aCode['bx_if:next']['content']['next_url'] = BX_DOL_URL_ROOT . 'member.php'; $send_act_mail = false; if (getParam('autoApproval_ifJoin') == 'on' && !(getParam('sys_dnsbl_enable') && 'approval' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join'))) { $status = 'Active'; $send_act_mail = true; $aCode['message_info'] = _t("_PROFILE_CONFIRM"); } else { $status = 'Approval'; $aCode['message_info'] = _t("_EMAIL_CONF_SUCCEEDED", $site['title']); } $update = bx_admin_profile_change_status($ID, $status, $send_act_mail); // Promotional membership if (getParam('enable_promotion_membership') == 'on') { $memership_days = getParam('promotion_membership_days'); setMembership($p_arr['ID'], MEMBERSHIP_ID_PROMOTION, $memership_days, true); } // check couple profile; if ($p_arr['Couple']) { $update = bx_admin_profile_change_status($p_arr['Couple'], $status); //Promotional membership if (getParam('enable_promotion_membership') == 'on') { $memership_days = getParam('promotion_membership_days'); setMembership($p_arr['Couple'], MEMBERSHIP_ID_PROMOTION, $memership_days, true); } } if (getParam('newusernotify')) { $oEmailTemplates = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplates->getTemplate('t_UserConfirmed', $p_arr['ID']); sendMail($site['email_notify'], $aTemplate['Subject'], $aTemplate['Body'], $p_arr['ID']); } } } else { $aCode['message_info'] = _t('_ALREADY_ACTIVATED'); } return $GLOBALS['oSysTemplate']->parseHtmlByName('profile_activate.html', $aCode); }
function createProfile($aData, $bSendMails = true, $iMainMemberID = 0) { if (!$aData or !is_array($aData) or empty($aData)) { return false; } unset($aData['Couple']); unset($aData['Captcha']); unset($aData['TermsOfUse']); unset($aData['ProfilePhoto']); /* @var $this ->oPF BxDolProfileFields */ $this->oPF = new BxDolProfileFields(100); if (!$this->oPF->aArea) { echo 'Profile Fields cache not loaded. Cannot continue.'; return false; } $this->aItems = $this->oPF->aArea[0]['Items']; if ($iMainMemberID) { $aMainMember = $this->getProfileInfo($iMainMemberID); } else { $aMainMember = false; } // begin profile info collecting $aNewProfile = array(); foreach ($this->aItems as $aItem) { $sItemName = $aItem['Name']; if (array_key_exists($sItemName, $aData)) { $aNewProfile[$sItemName] = $aData[$sItemName]; } elseif ($aMainMember and array_key_exists($sItemName, $aMainMember) and $aItem['Type'] != 'system') { if ($aItem['Unique']) { $aNewProfile[$sItemName] = $this->genUniqueValue($sItemName, $aMainMember[$sItemName]); } else { $aNewProfile[$sItemName] = $aMainMember[$sItemName]; } } else { switch ($aItem['Type']) { case 'pass': $aNewProfile[$sItemName] = $this->genRandomPassword(); break; case 'num': $aNewProfile[$sItemName] = (int) $aItem['Default']; break; case 'bool': $aNewProfile[$sItemName] = (bool) $aItem['Default']; break; case 'system': switch ($sItemName) { case 'ID': //set automatically //set automatically case 'Captcha': //not been inserted //not been inserted case 'Location': //not been inserted //not been inserted case 'Keyword': //not been inserted //not been inserted case 'TermsOfUse': //not been inserted //pass break; case 'DateReg': $aNewProfile[$sItemName] = date('Y-m-d H:i:s'); // set current date break; case 'DateLastEdit': case 'DateLastLogin': $aNewProfile[$sItemName] = '0000-00-00'; break; case 'Couple': $aNewProfile[$sItemName] = $aMainMember ? $iMainMemberID : 0; //if main member exists, set him as a couple link break; case 'Featured': $aNewProfile[$sItemName] = false; break; case 'Status': if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on' && !(getParam('sys_dnsbl_enable') && 'approval' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join'))) { $aNewProfile[$sItemName] = 'Active'; } else { $aNewProfile[$sItemName] = 'Approval'; } } else { $aNewProfile[$sItemName] = 'Unconfirmed'; } break; } break; default: $aNewProfile[$sItemName] = $aItem['Default']; } } } //we completed collecting // set default language $aNewProfile['LangID'] = getLangIdByName(getCurrentLangName()); // set default privacy bx_import('BxDolPrivacyQuery'); $oPrivacy = new BxDolPrivacyQuery(); $aNewProfile['allow_view_to'] = $oPrivacy->getDefaultValueModule('profile', 'view_block'); $sSet = $this->collectSetString($aNewProfile); $sQuery = "INSERT INTO `Profiles` SET \n{$sSet}"; $rRes = db_res($sQuery); if ($rRes) { $iNewID = db_last_id(); $this->createProfileCache($iNewID); if ($aMainMember) { $this->updateProfile($iMainMemberID, array('Couple' => $iNewID)); } //set main member's couple. they will be linked each other //collect status text if ($bSendMails and !$aMainMember) { //send mail only to main member, not to couple $sStatusText = $aNewProfile['Status']; if (getParam('autoApproval_ifNoConfEmail') == 'on') { if ('Active' == $sStatusText) { $this->sendActivationMail($iNewID); } else { $this->sendApprovalMail($iNewID); } } else { if (!$this->sendConfMail($iNewID)) { $sStatusText = 'NotSent'; } } } else { $sStatusText = 'OK'; } //set crypted password $sSalt = genRndSalt(); $this->updateProfile($iNewID, array('Password' => encryptUserPwd($aNewProfile['Password'], $sSalt), 'Salt' => $sSalt)); bx_member_ip_store($iNewID); return array($iNewID, $sStatusText); } else { return array(false, 'Failed'); } }
function checkPostValueForSystem($aItem, $mValue) { switch ($aItem['Name']) { case 'Captcha': return $this->checkCaptcha($mValue) ? true : _t('_Captcha check failed'); break; case 'Status': if (!in_array($mValue, $aItem['Values'])) { return 'Status hack attempt!'; } break; case 'TermsOfUse': $i = getParam(base64_decode('c3lzX2FudGlzcGFtX3NtYXJ0X2NoZWNr')) && bx_get('do_submit'); bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join') || $i || $oBxDolStopForumSpam->isSpammer(array('email' => $_POST['Email'][0], 'ip' => getVisitorIP(false)), 'join')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } else { return $mValue ? true : _t('_You must agree with terms of use'); } break; case 'ProfilePhoto': if ($aItem['Mandatory'] && is_null($mValue)) { return _t('_Please specify image file'); } if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { return true; } $sFileName = $GLOBALS['dir']['tmp'] . $mValue; if ($mValue && !file_exists($sFileName)) { // hack attempt return 'No way! File not exists: ' . $sFileName; } $aSize = @getimagesize($sFileName); if ($mValue && !$aSize) { @unlink($sFileName); return _t('_Please specify image file'); } if ($mValue && $aSize[2] != IMAGETYPE_GIF && $aSize[2] != IMAGETYPE_JPEG && $aSize[2] != IMAGETYPE_PNG) { unlink($sFileName); return _t('_Please specify image of JPEG, GIF or PNG format'); } return true; break; } return true; }
/** * Create new profile; * * @param : $aProfileInfo (array) - remote profile's information; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { $sCountry = ''; $sCity = ''; // join by invite only if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { return _t('_registration by invitation only'); } // convert fields $aProfileFields = $this->_convertRemoteFields($aProfileInfo, $sAlternativeName); if (empty($aProfileFields['Email'])) { return _t('_Incorrect Email'); } // antispam check bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join oauth') || $oBxDolStopForumSpam->isSpammer(array('email' => $aProfileFields['Email'], 'ip' => getVisitorIP(false)), 'join oauth')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } // add some system values $sNewPassword = genRndPwd(); $sPasswordSalt = genRndSalt(); $aProfileFields['Password'] = encryptUserPwd($sNewPassword, $sPasswordSalt); $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; // set default privacy bx_import('BxDolPrivacyQuery'); $oPrivacy = new BxDolPrivacyQuery(); $aProfileFields['allow_view_to'] = $oPrivacy->getDefaultValueModule('profile', 'view_block'); // check if user with the same email already exists $iExistingProfileId = $this->_oDb->isEmailExisting($aProfileFields['Email']); // check redirect page if ('join' == $this->_oConfig->sRedirectPage && !$iExistingProfileId) { return array('remote_profile_info' => $aProfileInfo, 'profile_fields' => $aProfileFields, 'join_page_redirect' => true); } // create new profile if ($iExistingProfileId) { $iProfileId = $iExistingProfileId; } else { $iProfileId = $this->_oDb->createProfile($aProfileFields); } $oProfileFields = new BxDolProfilesController(); // remember remote profile id for created member $this->_oDb->saveRemoteId($iProfileId, $aProfileInfo['id']); // check profile status; if (!$iExistingProfileId) { if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); // send email notification if (!empty($aProfileInfo['email'])) { $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate($this->_oConfig->sEmailTemplatePasswordGenerated, $iProfileId); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => getNickName($aNewProfileInfo['ID']), 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } // update location if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iProfileId)); } // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); } // store IP bx_member_ip_store($iProfileId); // auto-friend members if they are already friends on remote site if ($isAutoFriends && method_exists($this, '_makeFriends')) { $this->_makeFriends($iProfileId); } // set logged if ($isSetLoggedIn) { $aProfile = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfile['Password'], '', false); } return array('remote_profile_info' => $aProfileInfo, 'profile_id' => $iProfileId, 'existing_profile' => $iExistingProfileId ? true : false); }
/** * Create new profile; * * @param : $aProfileInfo (array) - some profile's information; * @see : $this -> aFacebookProfileFields; * * @param : $sAlternativeName (string) - profiles alternative nickname; * @return : error string or error or profile info array on success */ function _createProfileRaw($aProfileInfo, $sAlternativeName = '', $isAutoFriends = true, $isSetLoggedIn = true) { //print_r($aProfileInfo); exit; $sCountry = ''; $sCity = ''; //-- join by invite only --// if (getParam('reg_by_inv_only') == 'on' && (!isset($_COOKIE['idFriend']) || getID($_COOKIE['idFriend']) == 0)) { return _t('_registration by invitation only'); } //-- // process the date of birth; if (isset($aProfileInfo['birthday'])) { $aProfileInfo['birthday'] = isset($aProfileInfo['birthday']) ? date('Y-m-d', strtotime($aProfileInfo['birthday'])) : ''; } // generate new password for profile; //$sNewPassword = genRndPwd(); //$sPasswordSalt = genRndSalt(); //$aProfileInfo['password'] = encryptUserPwd($sNewPassword,$sPasswordSalt); $aProfileInfo['password'] = md5(""); //-- define user's country and city --// $aLocation = array(); if (isset($aProfileInfo['location']['name'])) { $aLocation = $aProfileInfo['location']['name']; } else { if (isset($aProfileInfo['hometown']['name'])) { $aLocation = $aProfileInfo['hometown']['name']; } } $sCity = ""; $sCountry = ""; if ($aLocation) { $aCountryInfo = explode(',', $aLocation); $sCountry = $this->_oDb->getCountryCode(trim($aCountryInfo[1])); $sCity = trim($aCountryInfo[0]); //set default country name, especially for American brothers if ($sCity && !$sCountry) { $sCountry = $this->_oConfig->sDefaultCountryCode; } } //-- //try define the user's email $sEmail = !empty($aProfileInfo['email']) ? $aProfileInfo['email'] : $aProfileInfo['proxied_email']; //print_r($sEmail);exit; //check email if ($this->_oDb->isEmailExisting($sEmail)) { return _t('_bx_facebook_error_email'); } //ini_set("display_errors", "1"); //print_r($aProfileInfo); exit; //-- fill array with all needed values --// $aProfileFields = array('FacebookProfile' => $aProfileInfo['id'], 'NickName' => $aProfileInfo['nick_name'] . $sAlternativeName, 'Email' => $sEmail, 'Sex' => isset($aProfileInfo['gender']) ? $aProfileInfo['gender'] : '', 'DateOfBirth' => isset($aProfileInfo['birthday']) ? $aProfileInfo['birthday'] : '', 'Password' => isset($aProfileInfo['password']) ? $aProfileInfo['password'] : '', 'FirstName' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'LastName' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'DescriptionMe' => isset($aProfileInfo['bio']) ? $aProfileInfo['bio'] : '', 'Interests' => isset($aProfileInfo['interests']) ? $aProfileInfo['interests'] : '', 'Religion' => isset($aProfileInfo['religion']) ? $aProfileInfo['religion'] : '', 'Country' => $sCountry, 'City' => $sCity); //-- $aEdirectoryProfileFields = array('facebook_uid' => $aProfileInfo['id'], 'nickname' => $aProfileInfo['nick_name'] . $sAlternativeName, 'personal_message' => isset($aProfileInfo['bio']) ? $aProfileInfo['bio'] : '', 'facebook_image' => isset($aProfileInfo['picture']) ? $aProfileInfo['picture'] : '', 'facebook_image_width' => '100', 'facebook_image_height' => '100', 'location' => $sCity); $thisusername = $aProfileInfo['first_name'] . $aProfileInfo['last_name']; //$thisusername = utf8_encode ( $thisusername ); $aAccountFields = array('facebook_username' => "facebook::" . $thisusername . "_" . $aProfileInfo['id'], 'username' => "facebook::" . $thisusername . "_" . $aProfileInfo['id'], 'has_profile' => 'y', 'active' => 'y', 'foreignaccount' => 'y', 'foreignaccount_done' => 'y', 'password' => isset($aProfileInfo['password']) ? $aProfileInfo['password'] : '', 'updated' => date('Y-m-d H:i:s'), 'entered' => date('Y-m-d H:i:s'), 'agree_tou' => '1'); $aAccountProfileContactFields = array('username' => "facebook::" . $thisusername . "_" . $aProfileInfo['id'], 'has_profile' => 'y', 'nickname' => $aProfileInfo['first_name'] . " " . $aProfileInfo['last_name'], 'first_name' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'last_name' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'facebook_image_width' => '100', 'facebook_image_height' => '100'); $aContactFields = array('email' => $sEmail, 'first_name' => isset($aProfileInfo['first_name']) ? $aProfileInfo['first_name'] : '', 'last_name' => isset($aProfileInfo['last_name']) ? $aProfileInfo['last_name'] : '', 'country' => $sCountry, 'city' => $sCity); bx_import('BxDolStopForumSpam'); $oBxDolStopForumSpam = new BxDolStopForumSpam(); if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked()) { return _t('_Sorry, your IP been banned'); } elseif ('on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'join facebook') || $oBxDolStopForumSpam->isSpammer(array('email' => $aProfileFields['Email'], 'ip' => getVisitorIP(false)), 'join facebook')) { return sprintf(_t('_sys_spam_detected'), BX_DOL_URL_ROOT . 'contact.php'); } // check fields existence; foreach ($aProfileFields as $sKey => $mValue) { if (!$this->_oDb->isFieldExist($sKey)) { // (field not existence) remove from array; unset($aProfileFields[$sKey]); } } //-- add some system values --// $aProfileFields['Role'] = BX_DOL_ROLE_MEMBER; $aProfileFields['DateReg'] = date('Y-m-d H:i:s'); // set current date; $aProfileFields['Salt'] = $sPasswordSalt; //-- //check redirect page if ('join' == $this->_oConfig->sRedirectPage) { return array('profile_info_fb' => $aProfileInfo, 'profile_fields' => $aProfileFields, 'join_page_redirect' => true); } // create new profile; $iProfileId = $this->_oDb->createProfile($aProfileFields); $this->_oDb->EdirctorycreateProfile($aAccountFields, $aEdirectoryProfileFields, $aContactFields, $aAccountProfileContactFields); $oProfileFields = new BxDolProfilesController(); //remember FB uid for created member $this->_oDb->saveFbUid($iProfileId, $aProfileInfo['id']); // check profile status; if (getParam('autoApproval_ifNoConfEmail') == 'on') { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendActivationMail($iProfileId); } } else { $sProfileStatus = 'Approval'; if (!empty($aProfileInfo['email'])) { $oProfileFields->sendApprovalMail($iProfileId); } } } else { if (!empty($aProfileInfo['email'])) { $oProfileFields->sendConfMail($iProfileId); $sProfileStatus = 'Unconfirmed'; } else { if (getParam('autoApproval_ifJoin') == 'on') { $sProfileStatus = 'Active'; } else { $sProfileStatus = 'Approval'; } } } // update profile's status; $this->_oDb->updateProfileStatus($iProfileId, $sProfileStatus); $oProfileFields->createProfileCache($iProfileId); if (!empty($aProfileInfo['email'])) { //-- send email notification --// $oEmailTemplate = new BxDolEmailTemplates(); $aTemplate = $oEmailTemplate->getTemplate('t_fb_connect_password_generated'); $aNewProfileInfo = getProfileInfo($iProfileId); $aPlus = array('NickName' => getNickName($aNewProfileInfo['ID']), 'NewPassword' => $sNewPassword); sendMail($aNewProfileInfo['Email'], $aTemplate['Subject'], $aTemplate['Body'], '', $aPlus); } //-- bx_member_ip_store($iProfileId); if (BxDolModule::getInstance('BxWmapModule')) { BxDolService::call('wmap', 'response_entry_add', array('profiles', $iProfileId)); } // create system event $oZ = new BxDolAlerts('profile', 'join', $iProfileId); $oZ->alert(); // auto-friend members if they are already friends on Facebook if ($isAutoFriends) { $this->_makeFriends($iProfileId); } // set logged if ($isSetLoggedIn) { $aProfile = getProfileInfo($iProfileId); $this->setLogged($iProfileId, $aProfile['Password'], '', false); } return array('profile_info_fb' => $aProfileInfo, 'profile_id' => $iProfileId); }
function check_login($ID, $passwd, $iRole = BX_DOL_ROLE_MEMBER, $error_handle = true) { $ID = (int) $ID; if (!$ID) { if ($error_handle) { login_form(_t("_PROFILE_ERR"), $member); } return false; } switch ($iRole) { case BX_DOL_ROLE_MEMBER: $member = 0; break; case BX_DOL_ROLE_ADMIN: $member = 1; break; } $aProfile = getProfileInfo($ID); // If no such members if (!$aProfile) { if ($error_handle) { login_form(_t("_PROFILE_ERR"), $member); } return false; } // If password is incorrect if (strcmp($aProfile['Password'], $passwd) != 0) { if ($error_handle) { login_form(_t("_INVALID_PASSWD"), $member); } return false; } if (!((int) $aProfile['Role'] & $iRole)) { if ($error_handle) { login_form(_t("_INVALID_ROLE"), $member); } return false; } if ((int) $aProfile['Role'] & BX_DOL_ROLE_ADMIN || (int) $aProfile['Role'] & BX_DOL_ROLE_MODERATOR) { if ('on' != getParam('ext_nav_menu_enabled')) { update_date_lastnav($ID); } return true; } // if IP is banned if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked() || 'on' == getParam('sys_dnsbl_enable') && 'block' == getParam('sys_dnsbl_behaviour') && bx_is_ip_dns_blacklisted('', 'login')) { if ($error_handle) { $GLOBALS['_page']['name_index'] = 55; $GLOBALS['_page']['css_name'] = ''; $GLOBALS['_ni'] = $GLOBALS['_page']['name_index']; $GLOBALS['_page_cont'][$GLOBALS['_ni']]['page_main_code'] = MsgBox(_t('_Sorry, your IP been banned')); PageCode(); } return false; } // if profile is banned if (isLoggedBanned($aProfile['ID'])) { if ($error_handle) { $GLOBALS['_page']['name_index'] = 55; $GLOBALS['_page']['css_name'] = ''; $GLOBALS['_ni'] = $GLOBALS['_page']['name_index']; $GLOBALS['_page_cont'][$GLOBALS['_ni']]['page_main_code'] = MsgBox(_t('_member_banned')); PageCode(); } return false; } if ('on' != getParam('ext_nav_menu_enabled')) { update_date_lastnav($ID); } return true; }
function checkPostValueForSystem($aItem, $mValue) { switch ($aItem['Name']) { case 'Captcha': return $this->checkCaptcha($mValue) ? true : _t('_Captcha check failed'); break; case 'Status': if (!in_array($mValue, $aItem['Values'])) { return 'Status hack attempt!'; } break; case 'TermsOfUse': if (2 == getParam('ipBlacklistMode') && bx_is_ip_blocked() || 'on' == getParam('sys_dnsbl_enable') && bx_is_ip_dns_blacklisted('', 'join')) { return _t('_Sorry, your IP been banned'); } else { return $mValue ? true : _t('_You must agree with terms of use'); } break; case 'thumb': if ($aItem['Mandatory'] && is_null($mValue)) { return _t('_Please specify image file'); } if (isset($_SERVER['HTTP_X_REQUESTED_WITH']) and $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') { return true; } $sFileName = $GLOBALS['dir']['tmp'] . $mValue; if ($mValue && !file_exists($sFileName)) { // hack attempt return 'No way! File not exists: ' . $sFileName; } $aSize = @getimagesize($sFileName); if ($mValue && !$aSize) { @unlink($sFileName); return _t('_Please specify image file'); } if ($mValue && $aSize[2] != IMAGETYPE_GIF && $aSize[2] != IMAGETYPE_JPEG && $aSize[2] != IMAGETYPE_PNG) { unlink($sFileName); return _t('_Please specify image of JPEG, GIF or PNG format'); } return true; break; } return true; }