private function getChangePassword($id, $key) { $text = Core_Text::__getInstance(); $text->setFile('main'); $text->setSection('lostpass'); // Check the key $db = Core_Database::__getInstance(); $chk = $db->select('players', array('plid'), "plid = " . intval($id) . " AND seckey = '" . $db->escape($key) . "'"); if (count($chk) === 1) { $password1 = Core_Tools::getInput('_POST', 'pass1', 'varchar'); $password2 = Core_Tools::getInput('_POST', 'pass2', 'varchar'); $page = new Core_Template(); $page->set('title', $text->get('changepass')); $page->set('about', $text->get('aboutchange')); $page->set('pass1', $text->get('pass1')); $page->set('pass2', $text->get('pass2')); $page->set('submit', $text->get('submitchange')); if ($password1 && $password1 === $password2) { $login = Core_Login::__getInstance(); $login->setPassword($chk[0]['plid'], $password1); $page->set('success', $text->get('passchanged')); } elseif ($password1 || $password2) { $page->set('warning', $text->get('passmismatch')); } return $page->parse('lostPassword_res.tpl'); } else { return '<p class="false">Security Key Not Found.</p>'; } }
protected function getContent() { $action = Core_Tools::getInput('_POST', 'welcome_selection', 'varchar'); switch ($action) { case 'honger': header('Location: ' . $this->getUrl('page=register&nocompany=false')); break; case 'geld': header('Location: ' . $this->getUrl('page=register&nocompany=true&action=shopowner')); break; } $text = Core_Text::__getInstance(); $text->setFile('about'); $text->setSection('home'); $page = new Core_Template(); $page->set('action', $this->getUrl('page=welcome')); return $page->parse('welcome.tpl'); }
public function __construct($level) { /* Store level */ $this->level = $level; /* Check for login */ $uid = Core_Tools::getInput('_SESSION', 'plid', 'int', false); $logout = Core_Tools::getInput('_GET', 'logout', 'bool', false); /* Check for logout */ if ($logout) { $this->logout(); } elseif ($uid) { $this->uid = $uid; } else { // Check for different auth types $authType = Core_Tools::getInput('_SESSION', 'loginAuthType', 'varchar'); $authUID = Core_Tools::getInput('_SESSION', 'loginAuthUID', 'int'); $authKey = Core_Tools::getInput('_SESSION', 'loginAuthSesKey', 'varchar'); if (!empty($authType) && $authUID > 0) { // There is an auth, just make sure there is a user in the database. $db = Core_Database::__getInstance(); $data = $db->select('players', array('plid, authSesKey'), "authType = '{$authType}' && authUID = '{$authUID}'"); if (count($data) == 1) { $this->uid = $data[0]['plid']; if ($data[0]['authSesKey'] != $authKey) { // Update the session key! $db->update('players', array('authSesKey' => $authKey), "plid = '" . $this->uid . "'"); } } else { // Only one ring to rule them all. if (count($data) > 0) { $db->remove('players', "authType = '{$authType}' && authUID = '{$authUID}'"); } $this->uid = $db->insert('players', array('authType' => $authType, 'authUID' => $authUID, 'authSesKey' => $authKey, 'activated' => 1)); } } else { /* Check for cookies */ $uid = Core_Tools::getInput('_COOKIE', 'un' . $this->level, 'username', false); $pas = Core_Tools::getInput('_COOKIE', 'ps' . $this->level, 'md5', false); $sal = Core_Tools::getInput('_COOKIE', 'sl' . $this->level, 'md5', false); /* Process login (to be written) */ $this->uid = false; } } }
private function getIMAPI() { // Fetch the user key $key = Core_Tools::getInput('_POST', 'userkey', 'varchar'); if (!empty($key)) { $db = Core_Database::__getInstance(); $user = $db->select('im_users', array('im_player', 'im_activated'), "im_user = '******'"); if (count($user) == 0) { // Request to login $this->processIMLogin($key, Core_Tools::getInput('_POST', 'msg', 'varchar')); } elseif ($user[0]['im_activated'] == 0) { $this->processIMActivate($key, Core_Tools::getInput('_POST', 'msg', 'varchar')); } else { // User is authenticated $this->processIMCommand($user[0]['im_player'], Core_Tools::getInput('_POST', 'msg', 'varchar')); } } else { echo 'What are you doing here?'; } }
private function getEditProfile() { $myself = Profile_Member::getMyself(); if (!$myself) { return $this->getRegistrationForm(); } // Process incoming data $firstname = Core_Tools::getInput('_POST', 'firstname', 'varchar'); $name = Core_Tools::getInput('_POST', 'name', 'varchar'); $nickname = Core_Tools::getInput('_POST', 'nickname', 'username'); $email = Core_Tools::getInput('_POST', 'email', 'email'); $page = new Core_Template(); if ($firstname && $name && $nickname && $email) { // Update the database $db = Core_Database::__getInstance(); $db->update('players', array('firstname' => $firstname, 'lastname' => $name, 'realname' => $nickname, 'email' => $email), "plid = {$myself->getId()}"); $myself->reloadData(); $page->set('done', true); } elseif ($firstname || $name || $nickname || $email) { $page->set('done', false); } $page->set('nickname', Core_Tools::output_form($myself->getUsername())); $page->set('firstname', Core_Tools::output_form($myself->getFirstname())); $page->set('name', Core_Tools::output_form($myself->getName())); $page->set('email', Core_Tools::output_form($myself->getEmail())); return $page->parse('account_edit.tpl'); }
protected function getBasket() { $myself = Profile_Member::getMyself(); if ($myself) { $orders = $myself->getPendingOrders(); if (count($orders) > 0) { // Process Input $remId = Core_Tools::getInput('_GET', 'bRem', 'int'); if ($remId > 0) { $myself->removeProductFromBasket($remId); // Reload ;-) $orders = $myself->getPendingOrders(); } $text = Core_Text::__getInstance(); $page = new Core_Template(); $page->set('remove', addslashes($text->get('remove', 'basket', 'main'))); $page->set('title', $text->get('title', 'basket', 'main')); foreach ($orders as $v) { // Create combination string $comb = $v[1]['op_amount'] . 'x ' . Core_Tools::output_varchar($v[0]['p_name']) . ", "; $comb .= !empty($v[1]['op_message']) ? Core_Tools::output_varchar($v[1]['op_message']) . ", " : null; $comb .= Core_Tools::output_varchar($v[2]->getName()) . ", "; $comb .= Core_Tools::output_varchar($v[3]->getName()); $page->addListValue('products', array(Core_Tools::output_varchar($v[0]['p_name']), Core_Tools::output_varchar($v[1]['op_amount']), Core_Tools::output_varchar($v[1]['op_message']), Core_Tools::output_varchar($v[1]['op_price']), Core_Tools::output_varchar($v[2]->getName()), Core_Tools::output_varchar($v[3]->getName()), addslashes($comb), self::getUrl('page=register&bRem=' . $v[1]['op_id']))); } return $page->parse('blocks/basket.tpl'); } else { return null; } } else { return null; } }
private function processManagementInput($objShop) { $db = Core_Database::__getInstance(); $iCount = 0; while ($iCount !== false && $iCount >= 0 && $iCount < 200) { $iCount++; $productName = Core_Tools::getInput('_POST', 'productName' . $iCount, 'varchar'); $productText = Core_Tools::getInput('_POST', 'productText' . $iCount, 'varchar'); $originalId = Core_Tools::getInput('_POST', 'productOrg' . $iCount, 'varchar'); $categoryId = Core_Tools::getInput('_POST', 'categoryId' . $iCount, 'varchar'); $okay = true; $productPrice = ""; $i = 0; while ($okay && $i < 10) { $priceIn = Core_Tools::getInput('_POST', 'productPrice' . $iCount . '_' . $i, 'float'); if ($priceIn > 0) { $productPrice .= $priceIn . ','; } else { $okay = false; } $i++; } $productPrice = substr($productPrice, 0, -1); /* 2 requirements: name & price */ if ($productName) { if ($originalId > 0) { // update $db->update('products', array('p_name' => $productName, 'p_info' => $productText, 'p_price' => $productPrice, 'c_id' => $categoryId), "p_id = '" . $originalId . "' AND s_id = '" . $objShop->getId() . "'"); } else { // add $db->insert('products', array('p_name' => $productName, 'p_info' => $productText, 'p_price' => $productPrice, 's_id' => $objShop->getId(), 'c_id' => $categoryId)); } } elseif ($originalId > 0) { $db->remove('products', "p_id = '" . $originalId . "' AND s_id = '" . $objShop->getId() . "'"); } else { // Get out of here! $iCount = false; } } // Last: general info $message = Core_Tools::getInput('_POST', 'shopMessage', 'varchar'); $db->update('shops', array('s_message' => $message), "s_id = '" . $objShop->getId() . "'"); $objShop->refreshData(); }
public function getGoogleContent() { $db = Core_Database::__getInstance(); $shop = Core_Tools::getInput('_GET', 'sid', 'int', false); if ($shop > 0) { // Show all products of this shop $shop = Profile_Shop::getShop($shop); if ($shop) { $shop_page = new Pages_Shop(); return $shop_page->getOverview($shop); } } // Show a list of all shops. $page = new Core_Template(); $data = $db->select('shops', array('*'), null, 's_name ASC'); foreach ($data as $v) { $page->addListValue('shops', array('name' => Core_Tools::output_varchar($v['s_name']), 'url' => self::getUrl('page=order&sid=' . $v['s_id']), 'location' => Core_Tools::output_varchar($v['s_gemeente']))); } return $page->parse('google_shops.phpt'); }
public function getPoefboekLog($objCompany) { $me = Profile_Member::getMyself(); $status = $objCompany->getUserStatus($me); $bShowLogs = Core_Tools::getInput('_GET', 'details', 'int') == 1; if ($status != 'pending') { $user = Profile_Member::getMember(Core_Tools::getInput('_GET', 'uid', 'int')); if ($user->isFound()) { $text = Core_Text::__getInstance(); $text->setFile('company'); $text->setSection('poeflog'); $page = new Core_Template(); $locname = Core_Tools::output_varchar($user->getUsername()) . ' @ ' . Core_Tools::output_varchar($objCompany->getName()); $page->set('poeflog', $text->get('poeflog') . ': ' . $locname); $page->set('nologs', $text->get('nologs')); $page->set('return', $text->get('return')); $page->set('return_url', self::getUrl('page=company&id=' . $objCompany->getId())); if (!$bShowLogs) { $page->set('show_details_url', self::getUrl('page=company&id=' . $objCompany->getId() . '&action=poeflog&uid=' . $user->getId() . '&details=1')); } else { $page->set('hide_details_url', self::getUrl('page=company&id=' . $objCompany->getId() . '&action=poeflog&uid=' . $user->getId() . '&details=0')); } $page->set('datum', $text->get('datum')); $page->set('amount', $text->get('amount')); $page->set('balance', $text->get('balance')); $page->set('actor', $text->get('actor')); foreach ($objCompany->getPoefboekLog($user, $bShowLogs) as $v) { $page->addListValue('logs', array('date' => date(DATETIME, $v['date']), 'amount' => Core_Tools::convert_price($v['amount']), 'newpoef' => Core_Tools::convert_price($v['newpoef']), 'actor_name' => $v['actor_name'], 'actor_url' => $v['actor_url'], 'comment' => Core_Tools::output_varchar($v['comment']), 'details' => $v['details'])); } $page->set('showDetails', $bShowLogs); return $page->parse('company_poeflog.tpl'); } else { return '<p>User not found.</p>'; } } else { return '<p>No permission to watch logs.</p>'; } }