/** * Update User Messenger Settings * * @param int $userID * @param array $new */ public function updateMessenerSettings($userID, $data) { global $db; BuckysUser::updateUserFields($userID, array('messenger_privacy' => $_POST['messenger_privacy'] == 'all' ? 'all' : 'buddy')); //Update Buddylist Status if ($data['messenger_privacy'] == 'all') { //Change buddy list relationship to 1(Online) $query = $db->prepare("UPDATE " . TABLE_MESSENGER_BUDDYLIST . " SET `status` = 1 WHERE buddyID=%d", $userID); $db->query($query); } else { if ($data['messenger_privacy'] == 'buddy') { //Reset buddylist relationship $query = $db->prepare("UPDATE " . TABLE_MESSENGER_BUDDYLIST . " SET `status` = 0 WHERE buddyID=%d", $userID); $db->query($query); //only set the status=1 for them on the user buddylist $buddys = $db->getResultsArray($db->prepare("SELECT messengerBuddylistID FROM " . TABLE_MESSENGER_BUDDYLIST . " WHERE userID=%d", $userID)); $buddys = array_chunk($buddys, 100); //Process 100 ids at a once foreach ($buddys as $ids) { if (buckys_not_null($ids)) { $db->query("UPDATE " . TABLE_MESSENGER_BUDDYLIST . " SET `status` = 1 WHERE messengerBuddylistID in (" . implode(", ", $ids) . ")"); } } } } }
$users = BuckysPrivateMessenger::searchNonBlockedUsers($userID, $_POST['term']); $result = array(); foreach ($users as $row) { $result[] = array("id" => $row['userID'], 'label' => $row['fullName'], 'value' => $row['fullName'], 'hash' => buckys_encrypt_id($row['userID'])); } echo json_encode($result); buckys_exit(); } if ($_POST['action'] == 'load-messenger') { echo loadMessenger(); BuckysUser::updateUserFields($userID, array('show_messenger' => 1)); buckys_exit(); } if ($_POST['action'] == 'close-messenger') { BuckysPrivateMessenger::closeConversationBox(); BuckysUser::updateUserFields($userID, array('show_messenger' => 0)); buckys_exit(); } if ($_POST['action'] == 'save-settings') { BuckysPrivateMessenger::updateMessenerSettings($userID, $_POST); //Getting New Messenger Lists $newUserHTML = BuckysPrivateMessenger::getUserListHTML($userID); header('Content-type: application/xml'); render_result_xml(array('status' => 'success', 'html' => $newUserHTML)); buckys_exit(); } if ($_POST['action'] == 'block-user') { header('Content-type: application/xml'); $uID = isset($_POST['blockedID']) ? $_POST['blockedID'] : null; $uIDHash = isset($_POST['blockedIDHash']) ? $_POST['blockedIDHash'] : null; if (!$uID || !$uIDHash || !buckys_check_id_encrypted($uID, $uIDHash)) {
public function changePasswordAction() { $data = $_POST; $token = isset($data['TOKEN']) ? trim($data['TOKEN']) : null; if (!$token) { return ['STATUS_CODE' => STATUS_CODE_BAD_REQUEST, 'DATA' => buckys_api_get_error_result('Api token should not be blank')]; } if (!($userID = BuckysUsersToken::checkTokenValidity($token, "api"))) { return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('Api token is not valid.')]; } $current = BuckysUser::getUserData($userID); if (!buckys_validate_password($data['current_password'], $current['password'])) { return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => buckys_api_get_error_result('Current password is incorrect.')]; } else { $pwd = buckys_encrypt_password($data['new_password']); if (BuckysUser::updateUserFields($userID, ['password' => $pwd])) { return ['STATUS_CODE' => STATUS_CODE_OK, 'DATA' => ['STATUS' => 'SUCCESS']]; } else { return ['STATUS_CODE' => STATUS_CODE_UNAUTHORIZED, 'DATA' => buckys_api_get_error_result('There was an error to saving your information.')]; } } exit; }
if ($photo['poster'] != $userID) { buckys_redirect('/photo_manage.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Update Photo Caption and Privacy BuckysPost::updatePhoto($userID, $_POST); //Change user profile image if ($_POST['photo_visibility'] == 2) { if (!$photo['is_profile']) { BuckysPost::createProfileImage($photo, $_POST); } //Update profile image with old one BuckysUser::updateUserFields($userID, array('thumbnail' => $photo['image'])); } else { if ($userData['thumbnail'] == $photo['image']) { //If it was a profile image and now it is not, remove it from the profile image BuckysUser::updateUserFields($userID, array('thumbnail' => '')); } } //Save Album if (isset($_POST['album']) && $_POST['album'] != '' && isset($albums[$_POST['album']])) { BuckysAlbum::addPhotoToAlbum($_POST['album'], $photo['postID']); } buckys_redirect('/photo_edit.php?photoID=' . $photo['postID'], MSG_PHOTO_UPDATED, MSG_TYPE_SUCCESS); exit; } } $set_profile = isset($_GET['set_profile']) ? $_GET['set_profile'] : null; buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('posting.css'); buckys_enqueue_stylesheet('jquery.Jcrop.css'); buckys_enqueue_javascript('jquery.Jcrop.js');
/** * Use credits to place an item on trade section * * @param mixed $userID * @param mixed $amount */ public function useCreditsInTrade($userID, $amount) { global $db; $userIns = new BuckysUser(); $userInfo = $userIns->getUserBasicInfo($userID); if (!$userInfo) { return; } $userInfo['credits'] = $userInfo['credits'] - $amount; $userIns->updateUserFields($userID, array('credits' => $userInfo['credits'])); $data = array('receiverID' => BuckysTransaction::BUCKYSROOM_ACCOUNT_ID, 'payerID' => $userID, 'activityType' => BuckysTransaction::ACTIVITY_TYPE_TRADE_ITEM_ADD, 'amount' => $amount, 'transactionID' => BuckysTransaction::NO_TRANSACTION_ID, 'receiverBalance' => 0, 'payerBalance' => $userInfo['credits'], 'createdDate' => date('Y-m-d H:i:s')); $nId = $db->insertFromArray(TABLE_CREDIT_ACTIVITY, $data); return $nId; }
/** * Save Post * * @param $userID * @param mixed $data * @return bool|int|null|string */ public static function savePhoto($userID, $data) { global $db, $TNB_GLOBALS; //Check the Photo File Name if (!isset($data['file']) || strpos($data['file'], "../") !== false || !file_exists(DIR_FS_PHOTO_TMP . $data['file'])) { buckys_add_message(MSG_FILE_UPLOAD_ERROR, MSG_TYPE_ERROR); return false; } $data['pageID'] = isset($data['pageID']) && is_numeric($data['pageID']) ? $data['pageID'] : BuckysPost::INDEPENDENT_POST_PAGE_ID; // Validate the file type $fileParts = pathinfo($data['file']); if (!in_array(strtolower($fileParts['extension']), $TNB_GLOBALS['imageTypes'])) { buckys_add_message(MSG_INVALID_PHOTO_TYPE, MSG_TYPE_ERROR); return false; } //Validate File Size list($width, $height, $type, $attr) = getimagesize(DIR_FS_PHOTO_TMP . $data['file']); if ($width * $height > MAX_IMAGE_WIDTH * MAX_IMAGE_HEIGHT) { buckys_add_message(MSG_PHOTO_MAX_SIZE_ERROR, MSG_TYPE_ERROR); return false; } //Checking File Size and move it from the tmp folder to the user photo folder and resize it. if ($data['post_visibility'] == 2) { //Calc Ratio using real image width $ratio = floatval($width / $data['width']); $sourceWidth = ($data['x2'] - $data['x1']) * $ratio; BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], PROFILE_IMAGE_WIDTH, PROFILE_IMAGE_HEIGHT, $data['x1'] * $ratio, $data['y1'] * $ratio, $sourceWidth, $sourceWidth); if ($data['pageID'] == BuckysPost::INDEPENDENT_POST_PAGE_ID) { //Update User Profile Field BuckysUser::updateUserFields($userID, ['thumbnail' => $data['file']]); $is_profile = 1; } else { //Update Page Profile field $pageIns = new BuckysPage(); $pageIns->updateData($data['pageID'], ['logo' => $data['file']]); $is_profile = 1; } } else { if ($width > MAX_POST_IMAGE_WIDTH) { $height = $height * (MAX_POST_IMAGE_WIDTH / $width); $width = MAX_POST_IMAGE_WIDTH; } if ($height > MAX_POST_IMAGE_HEIGHT) { $width = $width * (MAX_POST_IMAGE_HEIGHT / $height); $height = MAX_POST_IMAGE_HEIGHT; } //Create normal image BuckysPost::moveFileFromTmpToUserFolder($userID, $data['file'], $width, $height, 0, 0); $is_profile = 0; } $now = date('Y-m-d H:i:s'); $newId = $db->insertFromArray(TABLE_POSTS, ['poster' => $userID, 'pageID' => $data['pageID'], 'profileID' => $data['profileID'], 'content' => $data['content'], 'type' => 'image', 'post_date' => $now, 'image' => $data['file'], 'visibility' => $data['post_visibility'] > 0 ? 1 : 0, 'is_profile' => $is_profile]); if (!$newId) { buckys_add_message($db->getLastError(), MSG_TYPE_ERROR); return false; } //Assign Photo to Album if (isset($data['album']) && $data['album'] != '') { if (!BuckysAlbum::checkAlbumOwner($data['album'], $userID)) { buckys_add_message(MSG_INVALID_ALBUM_ID, MSG_TYPE_ERROR); } else { BuckysAlbum::addPhotoToAlbum($data['album'], $newId); } } buckys_add_message(MSG_PHOTO_UPLOADED_SUCCESSFULLY); return $newId; }
} //Save Phone Numbers if ($_POST['action'] == 'save_phone') { //Update User Phone numbers if (BuckysUser::updateUserFields($userID, ['cell_phone' => $_POST['cell_phone'], 'cell_phone_visibility' => $_POST['cell_phone_visibility'], 'home_phone' => $_POST['home_phone'], 'home_phone_visibility' => $_POST['home_phone_visibility'], 'work_phone' => $_POST['work_phone'], 'work_phone_visibility' => $_POST['work_phone_visibility']])) { echo 'Success'; } else { echo $db->getLastError(); } exit; } //Save Address if ($_POST['action'] == 'save_address') { $data = ['address1' => $_POST['address1'], 'address2' => $_POST['address2'], 'city' => $_POST['city'], 'state' => $_POST['state'], 'zip' => $_POST['zip'], 'country' => $_POST['country'], 'address_visibility' => $_POST['address_visibility']]; //Update User Phone numbers if (BuckysUser::updateUserFields($userID, $data)) { echo 'Success'; } else { echo $db->getLastError(); } exit; } //Save Contact Info if ($_POST['action'] == 'save_messenger') { $data = []; for ($i = 0; $i < count($_POST['username']); $i++) { $data[] = ['name' => $_POST['username'][$i], 'type' => $_POST['type'][$i], 'visibility' => $_POST['visibility'][$i]]; } //Update User Phone numbers if (BuckysUser::updateUserMessengerInfo($userID, $data)) { echo 'Success';
if ($photo['poster'] != $userID) { buckys_redirect('/photo_manage.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } //Update Photo Caption and Privacy BuckysPost::updatePhoto($userID, $_POST); //Change user profile image if ($_POST['photo_visibility'] == 2) { if (!$photo['is_profile']) { BuckysPost::createProfileImage($photo, $_POST); } //Update profile image with old one BuckysUser::updateUserFields($userID, ['thumbnail' => $photo['image']]); } else { if ($userData['thumbnail'] == $photo['image']) { //If it was a profile image and now it is not, remove it from the profile image BuckysUser::updateUserFields($userID, ['thumbnail' => '']); } } //Save Album if (isset($_POST['album']) && $_POST['album'] != '' && isset($albums[$_POST['album']])) { BuckysAlbum::addPhotoToAlbum($_POST['album'], $photo['postID']); } buckys_redirect('/photo_edit.php?photoID=' . $photo['postID'], MSG_PHOTO_UPDATED, MSG_TYPE_SUCCESS); exit; } } $set_profile = isset($_GET['set_profile']) ? $_GET['set_profile'] : null; buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('posting.css'); buckys_enqueue_stylesheet('jquery.Jcrop.css'); buckys_enqueue_javascript('jquery.Jcrop.js');
$users = BuckysPrivateMessenger::searchNonBlockedUsers($userID, $_POST['term']); $result = []; foreach ($users as $row) { $result[] = ["id" => $row['userID'], 'label' => $row['fullName'], 'value' => $row['fullName'], 'hash' => buckys_encrypt_id($row['userID'])]; } echo json_encode($result); buckys_exit(); } if ($_POST['action'] == 'load-messenger') { echo loadMessenger(); BuckysUser::updateUserFields($userID, ['show_messenger' => 1]); buckys_exit(); } if ($_POST['action'] == 'close-messenger') { BuckysPrivateMessenger::closeConversationBox(); BuckysUser::updateUserFields($userID, ['show_messenger' => 0]); buckys_exit(); } if ($_POST['action'] == 'save-settings') { BuckysPrivateMessenger::updateMessenerSettings($userID, $_POST); //Getting New Messenger Lists $newUserHTML = BuckysPrivateMessenger::getUserListHTML($userID); header('Content-type: application/xml'); render_result_xml(['status' => 'success', 'html' => $newUserHTML]); buckys_exit(); } if ($_POST['action'] == 'block-user') { header('Content-type: application/xml'); $uID = isset($_POST['blockedID']) ? $_POST['blockedID'] : null; $uIDHash = isset($_POST['blockedIDHash']) ? $_POST['blockedIDHash'] : null; if (!$uID || !$uIDHash || !buckys_check_id_encrypted($uID, $uIDHash)) {
/** * Use credits to list products in shop * * @param mixed $userID * @param {mixed|mixed} $amount * @return int|null|string|void {mixed|mixed} */ public function useCreditsInShop($userID, $amount) { global $db; $userIns = new BuckysUser(); $userInfo = $userIns->getUserBasicInfo($userID); if (!$userInfo) { return; } $userInfo['credits'] = $userInfo['credits'] - $amount; if ($userInfo['credits'] < 0) { return; } //you can't use this amount $userIns->updateUserFields($userID, ['credits' => $userInfo['credits']]); $data = ['receiverID' => BuckysTransaction::TNB_ACCOUNT_ID, 'payerID' => $userID, 'activityType' => BuckysTransaction::ACTIVITY_TYPE_SHOP_PRODUCT_ADD, 'amount' => $amount, 'transactionID' => BuckysTransaction::NO_TRANSACTION_ID, 'receiverBalance' => 0, 'payerBalance' => $userInfo['credits'], 'createdDate' => date('Y-m-d H:i:s')]; $nId = $db->insertFromArray(TABLE_CREDIT_ACTIVITY, $data); return $nId; }
require dirname(__FILE__) . '/includes/bootstrap.php'; //Getting Current User ID $userID = buckys_is_logged_in(); //If the parameter is null, goto homepage if ($userID) { buckys_redirect('/account.php'); } $token = isset($_REQUEST['token']) ? $_REQUEST['token'] : ''; if (!$token) { buckys_redirect('/index.php', MSG_INVALID_REQUEST, MSG_TYPE_ERROR); } if (!($userID = BuckysUsersToken::checkTokenValidity($token, 'password'))) { buckys_redirect('/register.php?forgotpwd=1', MSG_USER_TOKEN_LINK_NOT_CORRECT, MSG_TYPE_ERROR); } if (isset($_POST['action']) && $_POST['action'] == 'reset-password') { if (!$_POST['password'] || !$_POST['password']) { buckys_add_message(MSG_EMPTY_PASSWORD, MSG_TYPE_ERROR); } else { if ($_POST['password'] != $_POST['password']) { buckys_add_message(MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR); } else { $pwd = buckys_encrypt_password($_POST['password']); BuckysUser::updateUserFields($userID, ['password' => $pwd]); buckys_redirect('/index.php', MSG_PASSWORD_UPDATED); } } } buckys_enqueue_stylesheet('register.css'); buckys_enqueue_javascript('register.js'); $TNB_GLOBALS['content'] = 'reset_password'; require DIR_FS_TEMPLATE . $TNB_GLOBALS['template'] . "/" . $TNB_GLOBALS['layout'] . ".php";
buckys_redirect("/index.php"); } if (!$_POST['currentPassword'] || !$_POST['newPassword'] || !$_POST['newPassword2']) { buckys_add_message(MSG_INVALID_REQUEST, MSG_TYPE_ERROR); $isValid = false; } else { if ($_POST['newPassword'] != $_POST['newPassword2']) { buckys_redirect("/change_password.php", MSG_NOT_MATCH_PASSWORD, MSG_TYPE_ERROR); $isValid = false; } } //Check Current Password $data = BuckysUser::getUserData($userID); if (!$data) { buckys_redirect("/index.php"); } if (!buckys_validate_password($_POST['currentPassword'], $data['password'])) { buckys_add_message(MSG_CURRENT_PASSWORD_NOT_CORRECT, MSG_TYPE_ERROR); $isValid = false; } if ($isValid) { $pwd = buckys_encrypt_password($_POST['newPassword']); BuckysUser::updateUserFields($userID, array('password' => $pwd)); buckys_redirect('/change_password.php', MSG_PASSWORD_UPDATED); } } buckys_enqueue_stylesheet('account.css'); buckys_enqueue_stylesheet('info.css'); $BUCKYS_GLOBALS['content'] = 'change_password'; $BUCKYS_GLOBALS['title'] = "Change Password - BuckysRoom"; require DIR_FS_TEMPLATE . $BUCKYS_GLOBALS['template'] . "/" . $BUCKYS_GLOBALS['layout'] . ".php";