/**
  * @see lib/modules/CommandModule::execute()
  */
 public function execute($user, $target, $message)
 {
     // split message
     $messageEx = explode(' ', $message);
     if ($target[0] != '#') {
         $target = $messageEx[1];
         unset($messageEx[1]);
         $messageEx = array_values($messageEx);
     }
     if (!$this->bot->isRegistered($target)) {
         return $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.notRegistered'));
     }
     $access = $this->bot->getAccess($target, Services::getUserManager()->getUser($user->getUuid())->accountname);
     if ($access < 500) {
         return $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.permissionDenied'));
     }
     $sql = "SELECT\n\t\t\t\tunregistercode\n\t\t\tFROM\n\t\t\t\tchanserv_channels\n\t\t\tWHERE\n\t\t\t\tchannel = '" . escapeString($target) . "'";
     $row = Services::getDB()->getFirstRow($sql);
     $code = $row['unregistercode'];
     if (isset($messageEx[1])) {
         if ($code != trim($messageEx[1])) {
             return $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.codeWrong', $target));
         }
         // TODO: Validate unregistercode
         $this->bot->unregister($target);
         $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.success', $target));
     } else {
         $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.code', $code));
     }
 }
 public function updateDatabase($debug = false)
 {
     $keys = array();
     $values = array();
     $query = '';
     if ($this->ID == null) {
         foreach ($this->_Params as $key => $propertie) {
             if ($this->{$propertie} != null) {
                 $keys[] = '`' . $key . '`';
                 $values[] = "'" . escapeString($this->{$propertie}) . "'";
             }
         }
         $query = "INSERT INTO `" . $this->getDBName() . "` (" . implode(', ', $keys) . ") VALUES (" . implode(', ', $values) . ")";
         Framework::getDb()->query($query);
         if (($lastID = Framework::getDb()->getLastID()) != 0) {
             $this->ID = $lastID;
         }
     } else {
         foreach ($this->_Params as $key => $propertie) {
             if ($key != 'id') {
                 $values[] = "`" . $key . "` = '" . escapeString($this->{$propertie}) . "'";
             }
         }
         $query = "UPDATE `" . $this->getDBName() . "` SET " . implode(', ', $values) . " WHERE `id` = '" . escapeString($this->ID) . "'";
         if ($debug == true) {
             echo '<pre>';
             //print_r($this);
             echo '<strong>Query</strong>: ' . $query . '<br />';
             echo '</pre>';
         }
         Framework::getDb()->query($query);
     }
     return true;
 }
 /**
  * Updates the data in our database table
  */
 public function update()
 {
     $updateSQL = '';
     $updateSQL .= '`authorID` = ' . $this->authorID;
     if (!empty($this->authorName)) {
         if (!empty($updateSQL)) {
             $updateSQL .= ',';
         }
         $updateSQL .= '`authorName` = \'' . escapeString($this->authorName) . '\'';
     }
     if (!empty($updateSQL)) {
         $updateSQL .= ',';
     }
     $updateSQL .= '`serverID` = ' . $this->serverID . '';
     if (!empty($this->serverName)) {
         if (!empty($updateSQL)) {
             $updateSQL .= ',';
         }
         $updateSQL .= '`serverName` = \'' . escapeString($this->serverID) . '\'';
     }
     if (!empty($this->text)) {
         if (!empty($updateSQL)) {
             $updateSQL .= ',';
         }
         $updateSQL .= '`text` = \'' . escapeString($this->text) . '\'';
     }
     $updateSQL .= ',`votes` = ' . $this->votes;
     $updateSQL .= ',`isDisabled` = ' . $this->isDisabled;
     $updateSQL .= ",`enableSmilies` = " . ($this->enableSmilies ? 1 : 0);
     $updateSQL .= ",`enableHTML` = " . ($this->enableHTML ? 1 : 0);
     $updateSQL .= ",`enableBBCodes` = " . ($this->enableBBCodes ? 1 : 0);
     $sql = "UPDATE bash" . BASH_N . "_entry\r\n\t\t\t\tSET\r\n\t\t\t\t\t" . $updateSQL . "\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tentryID = " . $this->entryID;
     WCF::getDB()->sendQuery($sql);
 }
 /**
  * Updates the data in our database table
  */
 public function update()
 {
     $updateSQL = '';
     if (!empty($this->serverID)) {
         if (!empty($updateSQL)) {
             $updateSQL .= ',';
         }
         $updateSQL .= '`serverID` = ' . $this->serverID;
     }
     if (!empty($updateSQL)) {
         $updateSQL .= ',';
     }
     $updateSQL .= '`authorID` = ' . $this->authorID;
     if (!empty($this->authorName)) {
         if (!empty($updateSQL)) {
             $updateSQL .= ',';
         }
         $updateSQL .= '`authorName` = \'' . escapeString($this->authorName) . '\'';
     }
     $updateSQL .= ',`message` = \'' . escapeString($this->message) . '\'';
     $updateSQL .= ",`timestamp` = " . $this->timestamp;
     $updateSQL .= ',`enableSmilies` = ' . ($this->enableSmilies ? '1' : '0');
     $updateSQL .= ',`enableHtml` = ' . ($this->enableHtml ? '1' : '0');
     $updateSQL .= ',`enableBBCodes` = ' . ($this->enableBBCodes ? '1' : '0');
     $updateSQL .= ",`isDisabled` = " . $this->isDisabled;
     $sql = "UPDATE bash" . BASH_N . "_server_comment\r\n\t\t\t\tSET\r\n\t\t\t\t\t" . $updateSQL . "\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tcommentID = " . $this->commentID;
     WCF::getDB()->sendQuery($sql);
 }
Exemple #5
0
 /**
  * @see WCF::__construct()
  */
 public function __construct()
 {
     // include options before locking
     try {
         $this->initOptions();
     } catch (Exception $e) {
         // ignore ...
     }
     // check locking
     $userID = @intval($_COOKIE[COOKIE_PREFIX . 'userID']);
     if ($userID) {
         $i = 0;
         do {
             try {
                 LWUtil::checkLock($userID);
                 // everything okay
                 break;
             } catch (SystemException $e) {
                 if ($i >= 6) {
                     die($e->getMessage());
                 }
                 ++$i;
                 usleep(500000);
             }
         } while (true);
     }
     // bugfix
     if (WCF::getDB() !== null) {
         return false;
     }
     parent::__construct();
     // game-frontend only
     if ($this->getUser()->userID == 0) {
         return;
     }
     $args = array_merge($_GET, $_POST);
     if (isset($args['password'])) {
         unset($args['password']);
     }
     // log request
     $sql = "INSERT INTO ugml_request\r\n\t\t\t\t(userID, `time`, ip,\r\n\t\t\t\t data)\r\n\t\t\t\tVALUES\r\n\t\t\t\t(" . $this->getUser()->userID . ", " . TIME_NOW . ", INET_ATON('" . $_SERVER['REMOTE_ADDR'] . "'),\r\n\t\t\t\t '" . escapeString(SerializeUtil::serialize(array('page' => LWUtil::getFileName(), 'args' => $args))) . "')";
     WCF::getDB()->sendQuery($sql);
     self::$requestID = WCF::getDB()->getInsertID();
     if ($this->getUser()->lastLoginTime < TIME_NOW - 60 * 60 * 12 && $this->getUser()->lastLoginTime > 1188597600 && !defined('LOGIN')) {
         self::logout('index.htm');
     }
     if ($this->getUser()) {
         if ($this->getUser()->urlaubs_modus == 2) {
             $sql = "UPDATE ugml_users\r\n\t\t\t\t\t\tSET urlaubs_modus = 0\r\n\t\t\t\t\t\tWHERE id = " . $this->getUser()->userID;
             WCF::getDB()->sendQuery($sql);
             Session::resetSessions($this->getUser()->userID);
             $this->getUser()->urlaubs_modus = 0;
         }
     }
     $this->initPlanet();
     // detect bots
     /*require_once(LW_DIR.'lib/data/protection/BotDetector.class.php');
     		new BotDetector();*/
     $this->initSpec();
 }
 /**
  * Reads a host row from database
  * @param	integer	$hostID
  * @param	array	$row
  * @param	string	$host
  */
 public function __construct($hostID, $row = null, $host = null, $languageCode = null)
 {
     $this->sqlSelects .= 'host.*';
     // create sql conditions
     $sqlCondition = '';
     if ($hostID !== null) {
         $sqlCondition .= "host.hostID = " . $hostID;
     }
     if ($host !== null) {
         if (!empty($sqlCondition)) {
             $sqlCondition .= " AND ";
         }
         $sqlCondition .= "host.hostname = '" . escapeString($host) . "'";
     }
     if ($languageCode !== null) {
         if (!empty($sqlCondition)) {
             $sqlCondition .= " AND ";
         }
         $sqlCondition .= "host.languageCode = '" . escapeString($languageCode) . "'";
     }
     // execute sql statement
     if (!empty($sqlCondition)) {
         $sql = "SELECT \t" . $this->sqlSelects . "\r\n\t\t\t\tFROM \twcf" . WCF_N . "_host host\r\n\t\t\t\t\t" . $this->sqlJoins . "\r\n\t\t\t\tWHERE \t" . $sqlCondition . $this->sqlGroupBy;
         $row = WCF::getDB()->getFirstRow($sql);
     }
     // handle result set
     parent::__construct($row);
 }
 /**
  * @see EventListener::execute()
  */
 public function execute($eventObj, $className, $eventName)
 {
     if ($eventObj->poll->messageType == 'post') {
         // check permissions
         require_once WBB_DIR . 'lib/data/post/Post.class.php';
         $post = new Post($eventObj->poll->messageID);
         if (!$post->postID) {
             throw new IllegalLinkException();
         }
         require_once WBB_DIR . 'lib/data/thread/Thread.class.php';
         $thread = new Thread($post->threadID);
         $thread->enter();
         require_once WBB_DIR . 'lib/data/board/Board.class.php';
         $board = new Board($thread->boardID);
         $eventObj->canVotePoll = $board->getPermission('canVotePoll');
         // plug in breadcrumbs
         WCF::getTPL()->assign(array('board' => $board, 'thread' => $thread, 'showThread' => true));
         WCF::getTPL()->append('specialBreadCrumbs', WCF::getTPL()->fetch('navigation'));
         // get other polls from this thread
         if ($thread->polls > 1) {
             require_once WCF_DIR . 'lib/data/message/poll/Poll.class.php';
             $polls = array();
             $sql = "SELECT \t\tpoll_vote.pollID AS voted,\n\t\t\t\t\t\t\tpoll_vote.isChangeable,\n\t\t\t\t\t\t\tpoll.*\n\t\t\t\t\tFROM \t\twcf" . WCF_N . "_poll poll\n\t\t\t\t\tLEFT JOIN \twcf" . WCF_N . "_poll_vote poll_vote\n\t\t\t\t\tON \t\t(poll_vote.pollID = poll.pollID\n\t\t\t\t\t\t\t" . (!WCF::getUser()->userID ? "AND poll_vote.ipAddress = '" . escapeString(WCF::getSession()->ipAddress) . "'" : '') . "\n\t\t\t\t\t\t\tAND poll_vote.userID = " . WCF::getUser()->userID . ")\n\t\t\t\t\tWHERE \t\tpoll.pollID IN (\n\t\t\t\t\t\t\t\tSELECT\tpollID\n\t\t\t\t\t\t\t\tFROM\twbb" . WBB_N . "_post\n\t\t\t\t\t\t\t\tWHERE\tthreadID = " . $thread->threadID . "\n\t\t\t\t\t\t\t\t\tAND isDeleted = 0\n\t\t\t\t\t\t\t\t\tAND isDisabled = 0\n\t\t\t\t\t\t\t\t\tAND pollID <> 0\n\t\t\t\t\t\t\t)\n\t\t\t\t\tORDER BY\tpoll.question";
             $result = WCF::getDB()->sendQuery($sql);
             while ($row = WCF::getDB()->fetchArray($result)) {
                 $polls[] = new Poll(null, $row, $eventObj->canVotePoll);
             }
             if (count($polls) > 1) {
                 WCF::getTPL()->assign(array('polls' => $polls, 'pollID' => $eventObj->pollID));
                 WCF::getTPL()->append('additionalSidebarContent', WCF::getTPL()->fetch('pollOverviewSidebar'));
             }
         }
     }
 }
 /**
  * @see lib/modules/CommandModule::execute()
  */
 public function execute($user, $target, $message)
 {
     // split message
     $messageEx = explode(' ', $message);
     if ($target[0] != '#') {
         $target = $messageEx[1];
         unset($messageEx[1]);
         $messageEx = array_values($messageEx);
     }
     $access = $this->bot->getAccess($target, Services::getUserManager()->getUser($user->getUuid())->accountname);
     if ($access < $this->bot->getNeededAccess($target, $this->originalName)) {
         return $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.permissionDenied'));
     }
     if (count($messageEx) == 1) {
         $sql = "SELECT\n\t\t\t\t\t*\n\t\t\t\tFROM\n\t\t\t\t\tchanserv_channel_accessLevel\n\t\t\t\tWHERE\n\t\t\t\t\tchannel = '" . escapeString($target) . "'\n\t\t\t\tORDER BY \n\t\t\t\t\taccessLevel DESC";
         $result = Services::getDB()->sendQuery($sql);
         while ($row = Services::getDB()->fetchArray($result)) {
             $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.' . $row['function']) . ': ' . $row['accessLevel']);
         }
     } else {
         if (count($messageEx) == 3) {
             if ($access < $messageEx[2]) {
                 return $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.tooHigh'));
             }
             if (!$this->bot->getNeededAccess($target, $messageEx[1])) {
                 return $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.unknown'));
             }
             $sql = "UPDATE\n\t\t\t\t\t\tchanserv_channel_accessLevel\n\t\t\t\t\tSET\n\t\t\t\t\t\taccessLevel = " . $messageEx[2] . "\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tfunction = '" . escapeString($messageEx[1]) . "'";
             Services::getDB()->sendQuery($sql);
         } else {
             $this->bot->sendMessage($user->getUuid(), Services::getLanguage()->get($user->languageID, 'command.' . $this->originalName . '.syntaxHint'));
         }
     }
 }
 /**
  * Saves options.
  * 
  * @param	array		$options
  */
 public static function save($options)
 {
     foreach ($options as $optionID => $optionValue) {
         $sql = "UPDATE\twcf" . WCF_N . "_option\n\t\t\t\tSET\toptionValue = '" . escapeString($optionValue) . "'\n\t\t\t\tWHERE\toptionID = " . $optionID;
         WCF::getDB()->sendQuery($sql);
     }
 }
 /**
  * @see EventListener::execute()
  */
 public function execute($eventObj, $className, $eventName)
 {
     if (WCF::getUser()->userID && WCF::getUser()->getPermission('admin.general.canUseAcp') && !defined(get_class($eventObj) . '::DO_NOT_LOG')) {
         // try to find existing session log
         $sql = "SELECT\tsessionLogID\n\t\t\t\tFROM\twcf" . WCF_N . "_acp_session_log\n\t\t\t\tWHERE\tsessionID = '" . WCF::getSession()->sessionID . "'\n\t\t\t\t\tAND lastActivityTime >= " . (TIME_NOW - SESSION_TIMEOUT);
         $row = WCF::getDB()->getFirstRow($sql);
         if (!empty($row['sessionLogID'])) {
             $sessionLogID = $row['sessionLogID'];
             // update session log
             $sql = "UPDATE\twcf" . WCF_N . "_acp_session_log\n\t\t\t\t\tSET\tlastActivityTime = " . TIME_NOW . "\n\t\t\t\t\tWHERE\tsessionLogID = " . $sessionLogID;
             WCF::getDB()->registerShutdownUpdate($sql);
         } else {
             // create new session log
             $sql = "INSERT INTO\twcf" . WCF_N . "_acp_session_log\n\t\t\t\t\t\t\t(sessionID, userID, ipAddress, hostname, userAgent, time, lastActivityTime)\n\t\t\t\t\tVALUES\t\t('" . WCF::getSession()->sessionID . "', " . WCF::getUser()->userID . ", '" . escapeString(WCF::getSession()->ipAddress) . "', '" . escapeString(@gethostbyaddr(WCF::getSession()->ipAddress)) . "', '" . escapeString(WCF::getSession()->userAgent) . "', " . TIME_NOW . ", " . TIME_NOW . ")";
             WCF::getDB()->sendQuery($sql);
             $sessionLogID = WCF::getDB()->getInsertID("wcf" . WCF_N . "_acp_session_log", 'sessionLogID');
         }
         // format request uri
         $requestURI = WCF::getSession()->requestURI;
         // remove directories
         $URIComponents = explode('/', $requestURI);
         $requestURI = array_pop($URIComponents);
         // remove session url
         $requestURI = preg_replace('/(?:\\?|&)s=[a-f0-9]{40}/', '', $requestURI);
         // save access
         $sql = "INSERT INTO\twcf" . WCF_N . "_acp_session_access_log\n\t\t\t\t\t\t(sessionLogID, packageID, ipAddress, time, requestURI, requestMethod, className)\n\t\t\t\tVALUES\t\t(" . $sessionLogID . ", " . PACKAGE_ID . ", '" . escapeString(WCF::getSession()->ipAddress) . "', " . TIME_NOW . ", '" . escapeString($requestURI) . "', '" . escapeString(WCF::getSession()->requestMethod) . "', '" . escapeString(get_class($eventObj)) . "')";
         WCF::getDB()->registerShutdownUpdate($sql);
     }
 }
 /**
  * saves the selected permissions
  */
 protected function saved()
 {
     $sql = "UPDATE \twcf" . WCF_N . "_page_menu_item\n\t\t\tSET\tpermissions = '" . escapeString(implode(',', $this->selectedPermissions)) . "'\n\t\t\tWHERE\tmenuItemID = " . $this->eventObj->pageMenuItem->menuItemID;
     WCF::getDB()->sendQuery($sql);
     // clear cache
     PageMenuItemEditor::clearCache();
 }
Exemple #12
0
function nettoyage_et_formatage_chaine_description_ics($chaine)
{
    $retour = strip_tags($chaine);
    $retour = escapeString($retour);
    $retour = preg_replace("/\t/", " ", $retour);
    $retour = preg_replace("/\n/", "\\\n", $retour);
}
 /**
  * @see Form::save()
  */
 public function save()
 {
     parent::save();
     // save
     $updateOptionValueUpdate = '';
     foreach ($this->activeOptions as $option) {
         if ($option['defaultValue'] != $option['optionValue']) {
             $sql = "UPDATE\twcf" . WCF_N . "_user_option\n\t\t\t\t\tSET\tdefaultValue = '" . escapeString($option['optionValue']) . "'\n\t\t\t\t\tWHERE\toptionID = " . $option['optionID'];
             WCF::getDB()->sendQuery($sql);
             if (!empty($updateOptionValueUpdate)) {
                 $updateOptionValueUpdate .= ',';
             }
             $updateOptionValueUpdate .= 'userOption' . $option['optionID'] . "='" . escapeString($option['optionValue']) . "'";
         }
     }
     // apply to existing users
     if ($this->applyChangesToExistingUsers == 1 && !empty($updateOptionValueUpdate)) {
         $sql = "UPDATE\twcf" . WCF_N . "_user_option_value\n\t\t\t\tSET\t" . $updateOptionValueUpdate;
         WCF::getDB()->sendQuery($sql);
         // reset sessions
         Session::resetSessions();
     }
     // reset cache
     WCF::getCache()->clearResource($this->cacheName . PACKAGE_ID);
     // show success message
     WCF::getTPL()->assign('success', true);
 }
Exemple #14
0
 /**
  * Gets the main data of the passed user (id, name or whole datablock) 
  * and pass it over to the "protected function initUser()".
  * You can also create an emtpy user object e.g. to search for users.
  *
  * @param 	string 		$userID
  * @param 	array 		$row
  * @param 	string 		$username
  * @param 	string 		$email
  */
 public function __construct($userID, $row = null, $username = null, $email = null)
 {
     // set sql join to user_data table
     $this->sqlSelects .= 'user_option.*,';
     $this->sqlJoins .= "LEFT JOIN wcf" . WCF_N . "_user_option_value user_option ON (user_option.userID = user.userID)";
     // execute sql statement
     $sqlCondition = '';
     if ($userID !== null) {
         $sqlCondition = "user.userID = " . $userID;
     } else {
         if ($username !== null) {
             $sqlCondition = "user.username = '******'";
         } else {
             if ($email !== null) {
                 $sqlCondition = "user.email = '" . escapeString($email) . "'";
             }
         }
     }
     if (!empty($sqlCondition)) {
         $sql = "SELECT \t" . $this->sqlSelects . "\n\t\t\t\t\tuser.*\n\t\t\t\tFROM \twcf" . WCF_N . "_user user\n\t\t\t\t\t" . $this->sqlJoins . "\n\t\t\t\tWHERE \t" . $sqlCondition . $this->sqlGroupBy;
         $row = WCF::getDB()->getFirstRow($sql);
     }
     // handle result set
     parent::__construct($row);
 }
 /**
  * Sets a setting with an identifier and value.
  *
  * @param	int		userID
  * @param	string	setting
  * @param	mixed	value
  * @param	int		expire time
  */
 public static function setSetting($userID, $setting, $value, $expireTime = 0x7fffffff)
 {
     $svalue = serialize($value);
     $sql = "REPLACE INTO ugml_user_setting\n\t\t\t\t(userID, setting, expireTime, value)\n\t\t\t\tVALUES\n\t\t\t\t(" . $userID . ", '" . escapeString($setting) . "', " . $expireTime . ", '" . escapeString($svalue) . "')";
     WCF::getDB()->sendQuery($sql);
     self::$settings[$userID][$setting] = $svalue;
     Session::resetSessions($userID);
 }
 /**
  * @see Action::execute()
  */
 public function execute()
 {
     $sql = "UPDATE\twcf" . WCF_N . "_user_guestbook\n\t\t\tSET\tcommentIsDeleted = 1,\n\t\t\t\tcommentDeleteTime = " . TIME_NOW . ",\n\t\t\t\tcommentDeletedBy = '" . escapeString(WCF::getUser()->username) . "',\n\t\t\t\tcommentDeletedByID = " . WCF::getUser()->userID . "\n\t\t\tWHERE\tentryID = " . $this->entry->entryID;
     WCF::getDB()->sendQuery($sql);
     $this->executed();
     HeaderUtil::redirect('index.php?page=UserGuestbook&userID=' . $this->entry->ownerID . '&entryID=' . $this->entry->entryID . SID_ARG_2ND_NOT_ENCODED . '#entry' . $this->entry->entryID);
     exit;
 }
 /**
  * @see Page::readParameters()
  */
 public function readParameters()
 {
     parent::readParameters();
     // parameters
     if (isset($_REQUEST['username'])) {
         $this->username = StringUtil::trim($_REQUEST['username']);
     }
     if (isset($_REQUEST['suspensionID'])) {
         $this->suspensionID = intval($_REQUEST['suspensionID']);
     }
     if (isset($_REQUEST['status'])) {
         $this->status = $_REQUEST['status'];
     }
     if (isset($_REQUEST['fromDay'])) {
         $this->fromDay = intval($_REQUEST['fromDay']);
     }
     if (isset($_REQUEST['fromMonth'])) {
         $this->fromMonth = intval($_REQUEST['fromMonth']);
     }
     if (isset($_REQUEST['fromYear'])) {
         $this->fromYear = intval($_REQUEST['fromYear']);
     }
     if (isset($_REQUEST['untilDay'])) {
         $this->untilDay = intval($_REQUEST['untilDay']);
     }
     if (isset($_REQUEST['untilMonth'])) {
         $this->untilMonth = intval($_REQUEST['untilMonth']);
     }
     if (isset($_REQUEST['untilYear'])) {
         $this->untilYear = intval($_REQUEST['untilYear']);
     }
     if (isset($_REQUEST['deletedUserSuspensionID'])) {
         $this->deletedUserSuspensionID = intval($_REQUEST['deletedUserSuspensionID']);
     }
     // init list
     $this->userSuspensionList = new UserSuspensionList();
     // set conditions
     $this->userSuspensionList->sqlConditions .= 'user_suspension.packageID = ' . PACKAGE_ID;
     if (!empty($this->username)) {
         $this->userSuspensionList->sqlConditions .= " AND user_suspension.userID = (SELECT userID FROM wcf" . WCF_N . "_user WHERE username = '******')";
     }
     if ($this->suspensionID) {
         $this->userSuspensionList->sqlConditions .= " AND user_suspension.suspensionID = " . $this->suspensionID;
     }
     if ($this->status == 'active') {
         $this->userSuspensionList->sqlConditions .= " AND (user_suspension.expires = 0 OR user_suspension.expires > " . TIME_NOW . ")";
     } else {
         if ($this->status == 'expired') {
             $this->userSuspensionList->sqlConditions .= " AND user_suspension.expires > 0 AND user_suspension.expires < " . TIME_NOW;
         }
     }
     if ($this->fromDay && $this->fromMonth && $this->fromYear) {
         $this->userSuspensionList->sqlConditions .= " AND user_suspension.time > " . gmmktime(0, 0, 0, $this->fromMonth, $this->fromDay, $this->fromYear);
     }
     if ($this->untilDay && $this->untilMonth && $this->untilYear) {
         $this->userSuspensionList->sqlConditions .= " AND user_suspension.time < " . gmmktime(0, 0, 0, $this->untilMonth, $this->untilDay, $this->untilYear);
     }
 }
 /**
  * Installs scm.
  *
  * @see	AbstractXMLPackageInstallationPlugin::install()
  */
 public function install()
 {
     parent::install();
     if (!($xml = $this->getXML())) {
         return;
     }
     $scmXML = $xml->getElementTree('data');
     foreach ($scmXML['children'] as $key => $block) {
         if (!empty($block['children'])) {
             switch ($block['name']) {
                 // install (or update existing) scm
                 case 'import':
                     foreach ($block['children'] as $scm) {
                         foreach ($scm['children'] as $child) {
                             // continue with next children if current tree is empty
                             if (!isset($child['cdata'])) {
                                 continue;
                             }
                             $scm[$child['name']] = $child['cdata'];
                         }
                         // break operation if we encounter missing attribute
                         if (!isset($scm['attrs']['name'])) {
                             throw new SystemException('Required "name" attribute for scm item tag is missing.');
                         }
                         $scmName = $scm['attrs']['name'];
                         // insert into db
                         $sql = "INSERT INTO\twcf" . WCF_N . "_" . $this->tableName . "\r\n\t\t\t\t\t\t\t\t\t   \t(packageID, scm)\r\n\t\t\t\t\t\t\t\tVALUES\t\t(" . $this->installation->getPackageID() . ", '" . strtolower($scmName) . "')\r\n\t\t\t\t\t\t\t\tON DUPLICATE KEY UPDATE scm = VALUES(scm)";
                         WCF::getDB()->sendQuery($sql);
                         // clear cache
                         SCMHelper::clearCache();
                     }
                     break;
                     // delete scm
                 // delete scm
                 case 'delete':
                     if ($package->getAction() == 'update') {
                         $itemNames = '';
                         foreach ($block['children'] as $scm) {
                             if (!isset($scm['attrs']['name'])) {
                                 throw new SystemException('Required "name" attribute for scm tag is missing.');
                             }
                             if (!empty($itemNames)) {
                                 $itemNames .= ',';
                             }
                             $itemNames .= "'" . escapeString($scm['attrs']['name']) . "'";
                         }
                         if (!empty($itemNames)) {
                             $sql = "DELETE FROM\twcf" . WCF_N . "_" . $this->tableName . "\r\n\t\t\t\t\t\t\t \t\tWHERE\t\tscm IN (" . $itemNames . ")\r\n\t\t\t\t\t\t\t\t\t\t&&\tpackageID = " . $this->installation->getPackageID();
                             WCF::getDB()->sendQuery($sql);
                             // clear cache
                             SCMHelper::clearCache();
                         }
                     }
                     break;
             }
         }
     }
 }
 /**
  * Returnes true if a page title is available
  * @param	string	$title
  * @param	integer	$hostID
  */
 public static function isAvailable($title, $hostID)
 {
     $sql = "SELECT\r\n\t\t\t\t\tCOUNT(*) AS count\r\n\t\t\t\tFROM\r\n\t\t\t\t\twcf" . WCF_N . "_page\r\n\t\t\t\tWHERE\r\n\t\t\t\t\ttitle = '" . escapeString($title) . "'\r\n\t\t\t\tAND\r\n\t\t\t\t\thostID = " . $hostID;
     $result = WCF::getDB()->getFirstRow($sql);
     if ($result['count'] > 0) {
         return false;
     }
     return true;
 }
 /**
  * @see	PackageInstallationPlugin::install()
  */
 public function install()
 {
     $instructions = $this->installation->getInstructions();
     if (isset($instructions[$this->tagName]['cdata'])) {
         $licenseTextFiles = array($instructions[$this->tagName]);
     } else {
         $licenseTextFiles = $instructions[$this->tagName];
     }
     $this->loadInstalledLanguages();
     foreach ($licenseTextFiles as $licenseTextFile) {
         if ($licenseText = $this->readLicenseText($licenseTextFile)) {
             // check required attributes
             if (!isset($licenseTextFile['languagecode'])) {
                 throw new SystemException("required 'languagecode' attribute for 'licensetexts' tag is missing in '" . PackageArchive::INFO_FILE . "'");
             }
             // check language encoding
             if (!Language::isSupported($licenseTextFile['languagecode'])) {
                 // unsupported encoding
                 continue;
             }
             $default = 0;
             if (isset($licenseTextFile['default'])) {
                 $default = $licenseTextFile['default'];
             }
             if (array_key_exists($licenseTextFile['languagecode'], $this->installedLanguages)) {
                 $this->licenseTexts[$licenseTextFile['languagecode']] = array('languageID' => $this->installedLanguages[$licenseTextFile['languagecode']], 'licenseText' => $licenseText);
                 if ($default == 1) {
                     $this->defaultLanguage = $licenseTextFile['languagecode'];
                 }
             }
         }
     }
     if (count($this->licenseTexts) < 1) {
         throw new SystemException("no license informations in your supported languages available in '" . PackageArchive::INFO_FILE . "'", 0);
     }
     if ($this->defaultLanguage == '') {
         if (isset($this->licenseTexts[WCF::getLanguage()->getLanguageCode()])) {
             $this->defaultLanguage = WCF::getLanguage()->getLanguageCode();
         }
         if ($this->defaultLanguage == '' && WCF::getLanguage()->getLanguageCode() == 'de-informal' && isset($this->licenseTexts['de'])) {
             $this->defaultLanguage = 'de';
         }
         if (isset($this->licenseTexts['en'])) {
             $this->defaultLanguage = 'en';
         }
     }
     $this->promptLicenseConfirmation();
     $itemInserts = '';
     foreach ($this->licenseTexts as $languageCode => $licenseData) {
         if (!empty($itemInserts)) {
             $itemInserts .= ',';
         }
         $itemInserts .= "(\n\t\t\t\t" . intval($this->installation->getPackageID()) . ",\n\t\t\t\t" . intval($licenseData['languageID']) . ",\n\t\t\t\t" . ($this->defaultLanguage == $languageCode ? 1 : 0) . ",\n\t\t\t\t'" . escapeString($licenseData['licenseText']) . "'\n\t\t\t)";
     }
     $sql = "INSERT INTO wcf" . WCF_N . "_" . $this->tableName . "\n\t\t\tVALUES " . $itemInserts;
     WCF::getDB()->sendQuery($sql);
 }
Exemple #21
0
function setValue($col, $isString, $s)
{
    $t = isset($_POST[$col]) ? $_POST[$col] : '';
    if ($t) {
        $t = $isString ? "'" . escapeString($t) . "'" : $t;
        $t = "{$col}={$t}";
    }
    return $s && $t ? $s . ',' . $t : $s . $t;
}
Exemple #22
0
function putConfig($name, $value)
{
    $config = sql_query("select value from xlsimport_config WHERE name='" . escapeString($name) . "'", true);
    if (count($config) == 0) {
        sql_query("insert into xlsimport_config set name='" . escapeString($name) . "', value='" . escapeString($value) . "'");
    } else {
        sql_query("update xlsimport_config set value='" . escapeString($value) . "' where name='" . escapeString($name) . "'");
    }
}
 /**
  * @see Form::save()
  */
 public function save()
 {
     parent::save();
     $sql = "UPDATE ugml_users\n\t\t\t\tSET ally_request = " . $this->allianceID . ",\n\t\t\t\t\tally_request_text = '" . escapeString($this->applicationText) . "',\n\t\t\t\t\tally_register_time = " . TIME_NOW . "\n\t\t\t\tWHERE id = " . WCF::getUser()->userID;
     WCF::getDB()->sendQuery($sql);
     WCF::getSession()->setUpdate(true);
     header('Location: index.php?page=Alliance');
     exit;
 }
 /**
  * @see EventListener::execute()
  */
 public function execute($eventObj, $className, $eventName)
 {
     $email = $eventObj->email;
     if (WCF::getUser()->email == $email) {
         return;
     }
     $sql = 'UPDATE wcf' . WCF_N . '_' . $this->subscriberTable . "\n        \t\tSET email = '" . escapeString($email) . "'\n        \t\tWHERE userID = " . WCF::getUser()->userID;
     WCF::getDB()->sendQuery($sql);
 }
 /**
  * @see EventListener::execute()
  */
 public function execute($eventObj, $className, $eventName)
 {
     // create needed variables
     $knownHostIDs = $knownPageIDs = array();
     // read known page and host IDs
     $sql = "SELECT\n\t\t\t\t\t*\n\t\t\t\tFROM\n\t\t\t\t\tcms" . CMS_N . "_statistic_known\n\t\t\t\tWHERE\n\t\t\t\t\tsessionID = '" . escapeString(WCF::getSession()->sessionID) . "'";
     $result = WCF::getDB()->sendQuery($sql);
     while ($row = WCF::getDB()->fetchArray($result)) {
         if (intval($row['pageID'])) {
             $knownPageIDs[] = intval($row['pageID']);
         }
         if (intval($row['hostID'])) {
             $knownHostIDs[] = intval($row['hostID']);
         }
     }
     // handle hosts
     if (!in_array(CMSCore::getActiveHost()->getHostID(), $knownHostIDs)) {
         // update count for host if this user isn't known
         $sql = "UPDATE\n\t\t\t\t\t\tcms" . CMS_N . "_statistic_host\n\t\t\t\t\tSET\n\t\t\t\t\t\trequestCount = requestCount + 1\n\t\t\t\t\tWHERE\n\t\t\t\t\t\thostID = " . CMSCore::getActiveHost()->getHostID();
         WCF::getDB()->sendQuery($sql);
         // add to known hosts
         $sql = "INSERT INTO\n\t\t\t\t\t\tcms" . CMS_N . "_statistic_known (sessionID, hostID, timestamp)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t('" . escapeString(WCF::getSession()->sessionID) . "', " . CMSCore::getActiveHost()->getHostID() . ", " . TIME_NOW . ")";
         WCF::getDB()->sendQuery($sql);
     }
     // handle pages
     if (!in_array($eventObj->pageID, $knownPageIDs)) {
         // update count for page if this user isn't known
         $sql = "UPDATE\n\t\t\t\t\t\tcms" . CMS_N . "_statistic_page\n\t\t\t\t\tSET\n\t\t\t\t\t\trequestCount = requestCount + 1\n\t\t\t\t\tWHERE\n\t\t\t\t\t\tpageID = " . $eventObj->pageID;
         WCF::getDB()->sendQuery($sql);
         // add to known pages
         $sql = "INSERT INTO\n\t\t\t\t\t\tcms" . CMS_N . "_statistic_known (sessionID, pageID, timestamp)\n\t\t\t\t\tVALUES\n\t\t\t\t\t\t('" . escapeString(WCF::getSession()->sessionID) . "', " . $eventObj->pageID . ", " . TIME_NOW . ")";
         WCF::getDB()->sendQuery($sql);
     }
     if (isset($_SERVER['HTTP_REFERER']) and !strpos($_SERVER['HTTP_REFERER'], $_SERVER['SERVER_NAME'], 0) and !empty($_SERVER['HTTP_REFERER'])) {
         $url = parse_url($_SERVER['HTTP_REFERER']);
         $sql = "SELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\tcms" . CMS_N . "_statistic_referer_host\n\t\t\t\t\tWHERE\n\t\t\t\t\t\thostname = '" . escapeString($url['host']) . "'";
         $row = WCF::getDB()->getFirstRow($sql);
         if (WCF::getDB()->countRows()) {
             $hostID = $row['hostID'];
             $sql = "UPDATE\n\t\t\t\t\t\t\tcms" . CMS_N . "_statistic_referer_host\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tcount = count + 1\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\thostname = '" . escapeString($url['host']) . "'";
             WCF::getDB()->sendQuery($sql);
         } else {
             $sql = "INSERT INTO\n\t\t\t\t\t\t\tcms" . CMS_N . "_statistic_referer_host (hostname, count)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t('" . escapeString($url['host']) . "', 1)";
             WCF::getDB()->sendQuery($sql);
             $hostID = WCF::getDB()->getInsertID();
         }
         $sql = "SELECT\n\t\t\t\t\t\t*\n\t\t\t\t\tFROM\n\t\t\t\t\t\tcms" . CMS_N . "_statistic_referer\n\t\t\t\t\tWHERE\n\t\t\t\t\t\turl = '" . escapeString($_SERVER['HTTP_REFERER']) . "'";
         $row = WCF::getDB()->getFirstRow($sql);
         if (WCF::getDB()->countRows()) {
             $sql = "UPDATE\n\t\t\t\t\t\t\tcms" . CMS_N . "_statistic_referer\n\t\t\t\t\t\tSET\n\t\t\t\t\t\t\tcount = count + 1\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\turl = '" . escapeString($_SERVER['HTTP_REFERER']) . "'";
             WCF::getDB()->sendQuery($sql);
         } else {
             $sql = "INSERT INTO\n\t\t\t\t\t\t\tcms" . CMS_N . "_statistic_referer (url, count, hostID)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t('" . escapeString($_SERVER['HTTP_REFERER']) . "', 1, " . $hostID . ")";
             WCF::getDB()->sendQuery($sql);
         }
     }
 }
 /**
  * Updates this participant.
  *
  * @param	integer		$contestID
  * @param	integer		$userID
  * @param	integer		$groupID
  * @param	string		$state
  */
 public function update($contestID, $userID, $groupID, $state)
 {
     $sql = "UPDATE\twcf" . WCF_N . "_contest_participant\n\t\t\tSET\tcontestID = " . intval($contestID) . ", \n\t\t\t\tuserID = " . intval($userID) . ", \n\t\t\t\tgroupID = " . intval($groupID) . ", \n\t\t\t\tstate = '" . escapeString($state) . "'\n\t\t\tWHERE\tparticipantID = " . intval($this->participantID);
     WCF::getDB()->sendQuery($sql);
     // send event
     require_once WCF_DIR . 'lib/data/contest/owner/ContestOwner.class.php';
     require_once WCF_DIR . 'lib/data/contest/event/ContestEventEditor.class.php';
     ContestEventEditor::create($contestID, $userID, $groupID, __CLASS__, array('state' => $state, 'participantID' => $this->participantID, 'owner' => ContestOwner::get($userID, $groupID)->getName()));
 }
Exemple #27
0
function parseCategoryData($curl, $url, $prodIds)
{
    // TODO log product
    logData($url . PHP_EOL);
    curl_setopt($curl, CURLOPT_URL, $url);
    $output = curl_exec($curl);
    $result = array();
    $productDom = str_get_html($output);
    // TODO here starts the product content
    $prodData = $productDom->find('form[name="new_product"]', 0);
    $prodElem = $prodData->find('tr', 3);
    $result['sku'] = $prodElem->find('input[name="products_model"]', 0)->value;
    $result['product_name'] = $prodElem->find('input[name="products_name[4]"]', 0)->value;
    $result['product_variant'] = $prodElem->find('input[name="products_variant_of"]', 0)->value;
    $categoryString = $prodData->find('tr', 0)->find('td[class="pageHeading"]', 0)->innertext;
    /**
     * Product category name must be parsed since it has the following format:
     *
     * Ny produkt i &quot;Category&nbsp;&gt;&nbsp;Subcategory&quot;
     */
    preg_match('/(?<=&quot;)(.*)(?=&quot;)/', $categoryString, $category);
    $result['categories'] = html_entity_decode($category[1]);
    $status = $prodElem->find('input[name="products_status"]');
    $result['status'] = 0;
    foreach ($status as $s) {
        if ($s->attr['checked'] && $s->attr['value']) {
            $result['status'] = 1;
        }
    }
    $result['description'] = escapeString($prodElem->find('textarea[name="products_description[4]"]')[0]->innertext);
    $result['product_weight'] = $prodElem->find('input[name="products_weight"]', 0)->value;
    $result['available_from'] = $prodElem->find('input[name="products_date_available"]', 0)->value;
    $result['manufacturer'] = $prodElem->find('select[name="manufacturers_id"]', 0)->find('option[selected]', 0)->innertext;
    $result['price_incltax'] = $prodElem->find('input[name="products_price_gross"]', 0)->value;
    $result['price_excltax'] = $prodElem->find('input[name="products_price"]', 0)->value;
    $result['stock'] = $prodElem->find('input[name="products_quantity"]', 0)->value;
    $result['prop1'] = $prodElem->find('input[name="prop1"]', 0)->value;
    $result['prop2'] = $prodElem->find('input[name="prop2"]', 0)->value;
    $result['prop3'] = $prodElem->find('input[name="prop3"]', 0)->value;
    $result['prop4'] = $prodElem->find('input[name="prop4"]', 0)->value;
    $result['info1'] = $prodElem->find('input[name="info1"]', 0)->value;
    $result['info2'] = $prodElem->find('input[name="info2"]', 0)->value;
    $result['info3'] = $prodElem->find('input[name="info3"]', 0)->value;
    $result['info4'] = $prodElem->find('input[name="info4"]', 0)->value;
    $result['image'] = $prodElem->find('div[class="imageholder"]', 0)->find('img', 0)->src;
    $images = array();
    $extraImages = $prodElem->find('input[name="delete_extra_images[]"]');
    if (is_array($extraImages)) {
        foreach ($extraImages as $extra) {
            $images[] = $extra->value;
        }
    }
    $result['extra_images'] = implode(',', $images);
    // TODO log product
    logData($result['sku'] . ' - ' . $url . PHP_EOL);
    return $result;
}
 /**
  * Creates a new Poll object.
  * 
  * @param	integer		$pollID
  * @param	array<mixed>	$row
  * @param	boolean		$canVotePoll	true, if the active user has permission to vote a poll
  */
 public function __construct($pollID, $row = null, $canVotePoll = true)
 {
     $this->canVotePoll = $canVotePoll;
     if ($pollID !== null) {
         $sql = "SELECT \t\tpoll_vote.pollID AS voted,\n\t\t\t\t\t\tpoll_vote.isChangeable,\n\t\t\t\t\t\tpoll.*\n\t\t\t\tFROM \t\twcf" . WCF_N . "_poll poll\n\t\t\t\tLEFT JOIN \twcf" . WCF_N . "_poll_vote poll_vote\n\t\t\t\tON \t\t(poll_vote.pollID = poll.pollID\n\t\t\t\t\t\t" . (!WCF::getUser()->userID ? "AND poll_vote.ipAddress = '" . escapeString(WCF::getSession()->ipAddress) . "'" : '') . "\n\t\t\t\t\t\tAND poll_vote.userID = " . WCF::getUser()->userID . ")\n\t\t\t\tWHERE \t\tpoll.pollID = " . $pollID;
         $row = WCF::getDB()->getFirstRow($sql);
     }
     parent::__construct($row);
 }
 /**
  * @see Page::readData()
  */
 public function readData()
 {
     parent::readData();
     $sql = "SELECT username,\n\t\t\t\t\tugml_planets.galaxy,\n\t\t\t\t\tugml_planets.system,\n\t\t\t\t\tugml_planets.planet,\n\t\t\t\t\tugml_planets.name\n\t\t\t\tFROM ugml_users\n\t\t\t\tLEFT JOIN ugml_planets\n\t\t\t\t\tON ugml_users.id_planet = ugml_planets.id\n\t\t\t\tWHERE username LIKE '" . escapeString($this->input) . "%'";
     $result = WCF::getDB()->sendQuery($sql);
     while ($row = WCF::getDB()->fetchArray($result)) {
         $this->users[] = array($row['username'], $row['name'], '[' . $row['galaxy'] . ':' . $row['system'] . ':' . $row['planet'] . ']', $row['galaxy'], $row['system']);
     }
 }
 /**
  * Returnes true if a group with the given name exists for given module
  * @param	string	$groupName
  * @param	integer	$moduleID
  */
 public static function isValidGroup($groupName, $moduleID)
 {
     $sql = "SELECT\r\n\t\t\t\t\t*\r\n\t\t\t\tFROM\r\n\t\t\t\t\twcf" . WCF_N . "_page_module_option_group\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tname = '" . escapeString($groupName) . "'\r\n\t\t\t\tAND\r\n\t\t\t\t\tmoduleID = " . $moduleID;
     $row = WCF::getDB()->getFirstRow($sql);
     if (WCF::getDB()->countRows()) {
         return $row['groupID'];
     }
     return false;
 }