Exemple #1
0
 public function ShowAction($id = '')
 {
     global $CONFIG;
     $id += 0;
     if (!$id) {
         throw new ApplicationException("404 File Not Found");
     }
     $size = reqs('size');
     $is_preview = reqi('preview');
     if ($is_preview) {
         $item = $this->model->one($id);
         if ($item['is_image']) {
             $this->model->transmit_file($id, $size, 'inline');
         } else {
             #if it's not an image and requested preview - return std image
             $filepath = $CONFIG['site_root'] . '/img/att_file.png';
             # TODO move to web.config or to model?
             header('Content-type: ' . UploadUtils::get_mime4ext($item['ext']));
             $fp = fopen($filepath, 'rb');
             fpassthru($fp);
         }
     } else {
         $this->model->transmit_file($id, $size, 'inline');
     }
 }
Exemple #2
0
 public function get_filter()
 {
     global $CONFIG;
     #each filter remembered in session linking to controller.action
     $session_key = '_filter_' . $this->fw->G['controller.action'];
     $sfilter = $_SESSION[$session_key];
     if (!is_array($sfilter)) {
         $sfilter = array();
     }
     $f = req('f');
     if (!is_array($f)) {
         $f = array();
     }
     #if not forced filter
     if (!reqs('dofilter')) {
         $f = array_merge($sfilter, $f);
     }
     #paging
     if (!preg_match("/^\\d+\$/", $f['pagenum'])) {
         $f['pagenum'] = 0;
     }
     if (!preg_match("/^\\d+\$/", $f['pagesize'])) {
         $f['pagesize'] = $CONFIG['MAX_PAGE_ITEMS'];
     }
     #save in session for later use
     $_SESSION[$session_key] = $f;
     $this->list_filter = $f;
     return $f;
 }
Exemple #3
0
 public function SaveAction()
 {
     $mail_to = $this->fw->G['SUPPORT_EMAIL'];
     $mail_subject = reqs('subject');
     $redirect_to = reqs('redirect');
     $sys_fields = Utils::qh('form_format redirect subject submit RAWURL XSS');
     $msg_body = '';
     foreach ($_POST as $key => $value) {
         if (array_key_exists($key, $sys_fields)) {
             continue;
         }
         $msg_body .= $key . ' = ' . $value . "\n";
     }
     $this->fw->send_email($mail_to, $mail_subject, $msg_body);
     //need to add root_domain, so no one can use our redirector for bad purposes
     fw::redirect($this->fw->G['ROOT_DOMAIN'] . $redirect_to);
 }
Exemple #4
0
 public function SaveAction()
 {
     global $CONFIG;
     #special case login
     if (req('save_type') == 'facebook') {
         $this->SaveFacebook();
         return;
     }
     try {
         $login = trim($_REQUEST['item']['login']);
         $pwd = $_REQUEST['item']['pwdh'];
         if ($_REQUEST["item"]["chpwd"] == "1") {
             $pwd = $_REQUEST['item']['pwd'];
         }
         $pwd = substr(trim($pwd), 0, 32);
         if (!strlen($login) || !strlen($pwd)) {
             $this->ferr("REGISTER", True);
             throw new ApplicationException("");
         }
         $hU = db_row("select * from users where email=" . dbq($login) . " and pwd=" . dbq($pwd));
         if (!isset($hU['access_level']) || $hU['status'] != 0) {
             throw new ApplicationException(lng("User Authentication Error"));
         }
         $this->model->do_login($hU['id']);
         $gourl = reqs('gourl');
         if ($gourl && !preg_match("/^http/i", $gourl)) {
             #if url set and not external url (hack!) given
             fw::redirect($gourl);
         } else {
             fw::redirect($CONFIG['LOGGED_DEFAULT_URL']);
         }
     } catch (ApplicationException $ex) {
         $this->fw->G['err_ctr'] = reqi('err_ctr') + 1;
         $this->set_form_error($ex->getMessage());
         $this->route_redirect("Index");
     }
 }
 public function SaveMultiAction()
 {
     $acb = req('cb');
     if (!is_array($acb)) {
         $acb = array();
     }
     $is_delete = reqs('delete') > '';
     $ctr = 0;
     foreach ($acb as $id => $value) {
         if ($is_delete) {
             $this->model->delete($id);
             $ctr += 1;
         }
     }
     $this->fw->flash("multidelete", $ctr);
     fw::redirect($this->base_url);
 }
Exemple #6
0
 public function SelectAction()
 {
     $category_icode = reqs("category");
     $att_categories_id = reqi("att_categories_id");
     $AttCat = $this->fw->model('AttCategories');
     if ($category_icode > '') {
         $att_cat = $AttCat->one_by_icode($category_icode);
         if (count($att_cat)) {
             $att_categories_id = $att_cat['id'];
         }
     }
     $rows = $this->model->ilist_by_category($att_categories_id);
     foreach ($rows as $key => $row) {
         $row['direct_url'] = $this->model->get_url_direct($row);
     }
     $ps = array('att_dr' => $rows, 'select_att_categories_id' => $AttCat->get_select_options($att_categories_id));
     return $ps;
 }
Exemple #7
0
 public function AjaxAutocompleteAction()
 {
     $query = reqs('q');
     $ps = $this->model_related->get_autocomplete_items($query);
     return $ps;
 }