function onSubmit($vals)
{
// 1. prepare vals for insertion
if ($vals['contact_url'] == 'http://') {
$vals['contact_url'] = '';
}
if ($vals['loc_map'] == 'http://') {
$vals['loc_map'] = '';
}
$vals['details'] = nl2br(wordwrap(htmlentities_compat($vals['details']), 70, "\n", true));
if (!$vals['public'] || empty($vals['public'])) {
$vals['public'] = 'no';
}
if (!$vals['media'] || empty($vals['media'])) {
$vals['media'] = 'no';
}
if (!empty($vals['loc_addr2'])) {
$vals['loc_address'] .= "\n" . $vals['loc_addr2'];
}
$data = array('title' => $vals['title'], 'date' => $vals['date'], 'until_date' => $vals['end_date'], 'time' => $vals['time'], 'until_time' => $vals['end_time'], 'category' => $vals['category'], 'audience' => $vals['audience'], 'details' => $vals['details'], 'contact' => $vals['contact'], 'contact_email' => $vals['contact_email'], 'contact_phone' => $vals['contact_phone'], 'contact_url' => $vals['contact_url'], 'loc_name' => $vals['loc_name'], 'loc_address' => $vals['loc_address'], 'loc_city' => $vals['loc_city'], 'loc_province' => $vals['loc_province'], 'loc_country' => $vals['loc_country'], 'sponsor' => $vals['sponsor'], 'rsvp' => $vals['rsvp'], 'public' => $vals['public'], 'media' => $vals['media'], 'sitellite_status' => 'draft', 'sitellite_access' => 'public');
if (session_valid()) {
$data['sitellite_owner'] = session_username();
$data['sitellite_team'] = session_team();
}
// 2. submit event as 'draft'
loader_import('cms.Versioning.Rex');
$rex = new Rex('siteevent_event');
$res = $rex->create($data, 'Event submission.');
$vals['id'] = $res;
// 3. email notification
@mail(appconf('submissions'), 'Event Submission Notice', template_simple('submission_email.spt', $vals));
// 4. thank you screen
page_title(intl_get('Thank You!'));
echo template_simple('submissions.spt');
}
function SiteblogCommentForm()
{
parent::MailForm();
global $cgi;
$this->parseSettings('inc/app/siteblog/forms/comment/settings.php');
if (isset($cgi->_key) && !empty($cgi->_key)) {
//edit a comment
page_title('Editing Comment');
$comment = db_single('select * from siteblog_comment where id = ?', $cgi->_key);
$this->widgets['name']->setValue($comment->author);
$this->widgets['email']->setValue($comment->email);
$this->widgets['url']->setValue($comment->url);
$this->widgets['body']->setValue($comment->body);
} elseif (!isset($cgi->post)) {
header('Location: ' . site_prefix() . '/index');
exit;
} else {
if (session_valid()) {
$this->widgets['name']->setValue(session_username());
$user = session_get_user();
$this->widgets['email']->setValue($user->email);
$this->widgets['url']->setValue($user->website);
}
$this->widgets['post']->setValue($cgi->post);
//page_title ('Post a Comment');
}
if (!appconf('comments_security')) {
unset($this->widgets['security_test']);
}
}
function digger_has_voted($id)
{
if (!session_valid()) {
return false;
}
// can't vote on own stories
if (db_shift('select count(*) from digger_linkstory where id = ? and user = ?', $id, session_username())) {
return true;
}
// voted already
if (db_shift('select count(*) from digger_vote where story = ? and user = ?', $id, session_username())) {
return true;
}
return false;
}
function NewsSubmissionsForm()
{
parent::MailForm();
$this->parseSettings('inc/app/news/forms/submissions/settings.php');
if (session_valid()) {
$this->widgets['author']->setDefault(session_username());
}
$list = array();
foreach (db_fetch_array('select * from sitellite_news_category') as $cat) {
$list[$cat->name] = intl_get($cat->name);
}
$this->widgets['category']->setValues($list);
page_title(intl_get('Submit A Story'));
if (!appconf('comments_security')) {
unset($this->widgets['security_test']);
}
}
function SitepollCommentAddForm()
{
parent::MailForm();
$this->parseSettings('inc/app/sitepoll/forms/comment/add/settings.php');
page_title(intl_get('Add Comment'));
if (session_valid()) {
$this->widgets['user_id']->setDefault(session_username());
}
global $cgi;
page_add_script('
function sitepoll_cancel (f) {
window.location.href = "' . site_prefix() . '/index/sitepoll-results-action/poll.' . $cgi->poll . '";
return false;
}
');
$this->widgets['submit_button']->buttons[1]->extra = 'onclick="return sitepoll_cancel (this.form)"';
}
function NewsCommentAddForm()
{
parent::MailForm();
$this->parseSettings('inc/app/news/forms/comment/add/settings.php');
page_title(intl_get('Add Comment'));
if (session_valid()) {
$this->widgets['user_id']->setDefault(session_username());
}
global $cgi;
page_add_script('
function news_cancel (f) {
window.location.href = "' . site_prefix() . '/index/news-app/story.' . $cgi->story_id . '";
return false;
}
');
$this->widgets['submit_button']->buttons[1]->extra = 'onclick="return news_cancel (this.form)"';
if (!appconf('comments_security')) {
unset($this->widgets['security_test']);
}
}
function SitememberContactForm()
{
parent::MailForm();
$this->parseSettings('inc/app/sitemember/forms/contact/settings.php');
global $cgi;
if (!isset($cgi->user)) {
header('Location: ' . site_prefix() . '/index/sitemember-app');
exit;
}
$this->member = session_get_user($cgi->user);
if (!is_object($this->member) || $this->member->public != 'yes') {
header('Location: ' . site_prefix() . '/index/sitemember-app');
exit;
}
page_title(intl_get('Member Contact Form') . ': ' . $cgi->user);
if (session_valid()) {
$info = session_get_user();
$this->widgets['email']->setValue($info->email);
}
}
<?php
global $cgi;
if (!session_valid()) {
page_title(intl_get('You must be logged in to post'));
echo template_simple('post_not_registered.spt', $cgi);
return;
}
if (empty($cgi->post) && empty($cgi->topic)) {
header('Location: ' . site_prefix() . '/index/siteforum-app');
exit;
}
class SiteforumPostForm extends MailForm
{
function SiteforumPostForm()
{
parent::MailForm();
page_title(intl_get('Post a Message'));
$this->parseSettings('inc/app/siteforum/forms/post/settings.php');
page_add_script('
function siteforum_preview (f) {
t = f.target;
a = f.action;
f.target = "_blank";
f.action = "' . site_prefix() . '/index/siteforum-post-preview-action";
f.submit ();
f.target = t;
f.action = a;
return false;
/**
* Open cache tag handler.
*
* @access private
* @param associative array $node
* @return string
*
*/
function _cache($node)
{
$user = '';
if ($node['attributes']['scope'] == 'session') {
if (session_valid()) {
$user = session_username();
$cacheable = true;
} else {
$cacheable = false;
}
} else {
$cacheable = true;
}
$this->cache = false;
if (!$cacheable) {
return '';
}
if (!isset($node['attributes']['scope'])) {
$node['attributes']['scope'] = 'application';
}
if (isset($node['attributes']['duration'])) {
$duration = (int) $node['attributes']['duration'];
} else {
$duration = $this->cacheDuration;
}
if (!isset($node['attributes']['id'])) {
$this->cacheCount++;
$node['attributes']['id'] = $this->cacheCount;
}
loader_import('saf.Cache');
$this->_cache = new Cache($this->cacheLocation . $node['attributes']['scope']);
if ($this->_cache->expired($this->file . ':' . $node['attributes']['id'] . ':' . $user, $duration)) {
// re-cache
$this->cache = $this->file . ':' . $node['attributes']['id'] . ':' . $user;
$this->output2 = $this->output;
$this->output = '';
return '';
} else {
// show from cache
$out = $this->_cache->show($this->file . ':' . $node['attributes']['id'] . ':' . $user);
$this->ignoreUntilLevel($node['level']);
}
return $out;
}
<?php
loader_import('saf.Misc.RPC');
global $cgi;
if (!$cgi->page) {
echo rpc_response(false);
exit;
}
if (!$cgi->rev) {
echo rpc_response(false);
exit;
}
$level = 0;
if (session_valid()) {
$level++;
}
if (session_admin()) {
$level++;
}
$current = db_single('select * from sitewiki_page where id = ?', $cgi->page);
if (!$current) {
echo rpc_response(false);
exit;
}
$revision = db_single('select * from sitewiki_page_sv where id = ? and sv_autoid = ?', $cgi->page, $cgi->rev);
if (!$revision) {
echo rpc_response(false);
exit;
}
if ($current->view_level > $level && $current->owner != session_username()) {
echo rpc_response(false);
// your app begins here
global $cgi;
if (!empty($cgi->username) && session_admin()) {
header('Location: ' . site_prefix() . '/index/cms-app?forward=' . urlencode($_SERVER['HTTP_REFERER']));
exit;
} elseif (!session_valid()) {
$action = 'login';
} elseif (!empty($cgi->username) && $cgi->remember_me == 'yes') {
$duration = appconf('remember_login');
if ($duration) {
// convert duration to seconds
$duration = $duration * 86400;
// set "sitemember_remember" cookie
global $cookie;
$cookie->set('sitemember_remember', $duration, $duration, '/', site_domain(), site_secure());
// adjust cookie
session_change_timeout($duration);
// adjust expires value
session_user_edit(session_username(), array('expires' => date('Y-m-d H:i:s', time() + $duration)));
}
$action = 'home';
} else {
$action = 'home';
}
if (session_valid() && !empty($parameters['goto'])) {
header('Location: ' . $parameters['goto']);
exit;
}
list($type, $call) = split(':', appconf($action), 2);
$func = 'loader_' . $type;
echo $func(trim($call), $parameters, $box['context']);
function onSubmit($vals)
{
loader_import('cms.Versioning.Rex');
$rex = new Rex('sitewiki_page');
unset($vals['editing']);
unset($vals['instructions']);
unset($vals['security_test']);
unset($vals['submit_button']);
$vals['id'] = $vals['page'];
unset($vals['page']);
if ($this->new_page) {
$vals['created_on'] = date('Y-m-d H:i:s');
$vals['updated_on'] = date('Y-m-d H:i:s');
$vals['owner'] = session_username();
if (!$vals['owner']) {
$vals['owner'] = 'anonymous';
}
$vals2 = $vals;
unset($vals2['files']);
unset($vals2['file_1']);
unset($vals2['file_2']);
unset($vals2['file_3']);
$res = $rex->create($vals2, 'Page created.');
} else {
$vals['updated_on'] = date('Y-m-d H:i:s');
$vals2 = $vals;
unset($vals2['files']);
unset($vals2['file_1']);
unset($vals2['file_2']);
unset($vals2['file_3']);
$method = $rex->determineAction($vals['id']);
$res = $rex->{$method}($vals['id'], $vals2);
}
if (session_valid()) {
// handle files
$types = preg_split('/, ?/', appconf('allowed_file_types'));
if (is_object($vals['file_1'])) {
$info = pathinfo($vals['file_1']->name);
if (in_array(strtolower($info['extension']), $types)) {
db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_1']->name, session_username());
$file_id = db_lastid();
$vals['file_1']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id);
}
}
if (is_object($vals['file_2'])) {
$info = pathinfo($vals['file_2']->name);
if (in_array(strtolower($info['extension']), $types)) {
db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_2']->name, session_username());
$file_id = db_lastid();
$vals['file_2']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id);
}
}
if (is_object($vals['file_3'])) {
$info = pathinfo($vals['file_3']->name);
if (in_array(strtolower($info['extension']), $types)) {
db_execute('insert into sitewiki_file values (null, ?, ?, now(), ?)', $vals['id'], $vals['file_3']->name, session_username());
$file_id = db_lastid();
$vals['file_3']->move('inc/app/sitewiki/data', $vals['id'] . '_' . $file_id);
}
}
}
lock_remove('sitewiki_page', $vals['id']);
header('Location: ' . site_prefix() . '/index/sitewiki-app/show.' . $vals['id']);
exit;
}
function removePersonal($word)
{
if (!session_valid()) {
return false;
}
return db_execute('delete from xed_speling_personal where username = ? and word = ?', session_username(), $word);
}
/**
* Constructor method. Creates the source and store objects and sets the
* default user to the current $session->username
*
* @param string
* @param string
*
*/
function Rev($source = 'Database', $store = 'Database')
{
global $loader;
if (!$loader->import('cms.Versioning.Source.' . $source)) {
$this->error = 'Failed to load source driver';
return;
}
$class = 'RevSource_' . $source;
$this->source = new $class();
if (!$loader->import('cms.Versioning.Store.' . $store)) {
$this->error = 'Failed to load store driver';
return;
}
$class = 'RevStore_' . $store;
$this->store = new $class();
if (session_valid()) {
$this->user = session_username();
} else {
$this->user = '******';
}
}
/**
* Builds the item tree from the database table specified.
*
* @access public
* @return boolean
*
*/
function getTree()
{
if (!session_valid() && $this->cache > 0) {
if (intl_lang() != intl_default_lang()) {
$this->cacheLocation .= '_' . intl_lang();
}
if (@file_exists($this->cacheLocation) && filemtime($this->cacheLocation) > time() - $this->cache) {
$this->loadConfig($this->cacheLocation);
return true;
}
}
$table = $this->table;
$idcol = $this->idcolumn;
$showcol = $this->showcolumn;
$refcol = $this->refcolumn;
$listcol = $this->listcolumn;
$hidevalue = $this->hideValue;
if (!empty($listcol)) {
// $list = "where $listcol != '$hidevalue' and $listcol is not null";
$listcolumn = ', ' . $listcol;
} else {
$list = '';
$listcolumn = '';
}
if (!empty($this->sectioncolumn)) {
$sectioncolumn = ', ' . $this->sectioncolumn;
} else {
$sectioncolumn = '';
}
if (!empty($this->templatecolumn)) {
$templatecolumn = ', ' . $this->templatecolumn;
} else {
$templatecolumn = '';
}
if ($this->sitelliteAllowed) {
global $session;
if (!empty($list)) {
$allowed = 'and ' . $session->allowedSql();
} else {
$allowed = 'where ' . $session->allowedSql();
}
} else {
$allowed = '';
}
if ($this->sortcolumn) {
$sort = ', ' . $this->sortcolumn;
if ($this->sortorder) {
$sort .= ' ' . $this->sortorder;
}
} else {
$sort = '';
}
$tree = db_fetch("select {$idcol}, {$showcol}, {$refcol} {$listcolumn} {$sectioncolumn} {$templatecolumn} from {$table} {$list} {$allowed} group by {$refcol} {$sort}, {$showcol} asc");
if (!$tree) {
$this->error = db_error();
return false;
} elseif (is_object($tree)) {
$tree = array($tree);
}
$this->initTree($tree);
if (intl_lang() != intl_default_lang()) {
loader_import('multilingual.Translation');
$tr = new Translation($table, intl_lang());
$titles = $tr->getTitles();
foreach ($titles as $key => $title) {
$this->{'items_' . $key}->title = $title;
}
}
if (!session_valid() && $this->cache > 0) {
if (@is_writeable($this->cacheLocation) || !@file_exists($this->cacheLocation) && @is_writeable(dirname($this->cacheLocation))) {
$fp = fopen($this->cacheLocation, 'w');
if ($fp) {
fwrite($fp, $this->makeConfig($tree));
fclose($fp);
}
}
}
return true;
}
