/** * Get the jambo form */ public function get_jambo_form($attrs, $context = null) { // borrow default values from the comment forms $commenter_name = ''; $commenter_email = ''; $commenter_url = ''; $commenter_content = ''; $user = User::identify(); if (isset($_SESSION['comment'])) { $details = Session::get_set('comment'); $commenter_name = $details['name']; $commenter_email = $details['email']; $commenter_url = $details['url']; $commenter_content = $details['content']; } elseif ($user->loggedin) { $commenter_name = $user->displayname; $commenter_email = $user->email; $commenter_url = Site::get_url('habari'); } // Process settings from shortcode and database $settings = array('subject' => Options::get('jambo__subject'), 'send_to' => Options::get('jambo__send_to'), 'success_message' => Options::get('jambo__success_msg', 'Thank you contacting me. I\'ll get back to you as soon as possible.')); $settings = array_merge($settings, $attrs); // Now start the form. $form = new FormUI('jambo'); // $form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) ); // Create the Name field $form->append('text', 'jambo_name', 'null:null', _t('Name'), 'formcontrol_text')->add_validator('validate_required', _t('Your Name is required.'))->id = 'jambo_name'; $form->jambo_name->tabindex = 1; $form->jambo_name->value = $commenter_name; // Create the Email field $form->append('text', 'jambo_email', 'null:null', _t('Email'), 'formcontrol_text')->add_validator('validate_email', _t('Your Email must be a valid address.'))->id = 'jambo_email'; $form->jambo_email->tabindex = 2; $form->jambo_email->caption = _t('Email'); $form->jambo_email->value = $commenter_email; // Create the Subject field, if requested if (self::ask_subject($settings['subject'])) { $form->append('text', 'jambo_subject', 'null:null', _t('Subject'), 'formcontrol_text')->id = 'jambo_subject'; $form->jambo_subject->tabindex = 32; } // Create the Message field $form->append('text', 'jambo_message', 'null:null', _t('Message', 'jambo'), 'formcontrol_textarea')->add_validator('validate_required', _t('Your message cannot be blank.', 'jambo'))->id = 'jambo_message'; $form->jambo_message->tabindex = 4; // Create the Submit button $form->append('submit', 'jambo_submit', _t('Submit'), 'formcontrol_submit'); $form->jambo_submit->tabindex = 5; // Set up form processing $form->on_success(array($this, 'process_jambo'), $settings); Plugins::act('jambo_build_form', $form, $this); // Allow modification of form // Return the form object return $form; }
/** * Verifies user credentials before creating the theme and displaying the request. */ public function __construct() { $user = User::identify(); if ( !$user->loggedin ) { Session::add_to_set( 'login', $_SERVER['REQUEST_URI'], 'original' ); if ( URL::get_matched_rule()->action == 'admin_ajax' && isset( $_SERVER['HTTP_REFERER'] ) ) { $ar = new AjaxResponse(408, _t('Your session has ended, please log in and try again.') ); $ar->out(); } else { $post_raw = $_POST->get_array_copy_raw(); if ( !empty( $post_raw ) ) { Session::add_to_set( 'last_form_data', $post_raw, 'post' ); Session::error( _t( 'We saved the last form you posted. Log back in to continue its submission.' ), 'expired_form_submission' ); } $get_raw = $_GET->get_array_copy_raw(); if ( !empty( $get_raw ) ) { Session::add_to_set( 'last_form_data', $get_raw, 'get' ); Session::error( _t( 'We saved the last form you posted. Log back in to continue its submission.' ), 'expired_form_submission' ); } Utils::redirect( URL::get( 'auth', array( 'page' => 'login' ) ) ); } exit; } $last_form_data = Session::get_set( 'last_form_data' ); // This was saved in the "if ( !$user )" above, UserHandler transferred it properly. /* At this point, Controller has not created handler_vars, so we have to modify $_POST/$_GET. */ if ( isset( $last_form_data['post'] ) ) { $_POST = $_POST->merge( $last_form_data['post'] ); $_SERVER['REQUEST_METHOD'] = 'POST'; // This will trigger the proper act_admin switches. Session::remove_error( 'expired_form_submission' ); } if ( isset( $last_form_data['get'] ) ) { $_GET = $_GET->merge( $last_form_data['get'] ); Session::remove_error( 'expired_form_submission' ); // No need to change REQUEST_METHOD since GET is the default. } $user->remember(); // Create an instance of the active public theme so that its plugin functions are implemented $this->active_theme = Themes::create(); // setup the stacks for javascript in the admin - it's a method so a plugin can call it externally self::setup_stacks(); // on every page load check the plugins currently loaded against the list we last checked for updates and trigger a cron if we need to Update::check_plugins(); }
public function loginform_do_login($form) { $name = $form->habari_username->value; $pass = $form->habari_password->value; if (null != $name || null != $pass) { $user = User::authenticate($name, $pass); if ($user instanceof User && $user != false) { $userinfo = $user->info; // if there's an unused password reset token, unset it to make sure there's no possibility of a compromise that way if (isset($userinfo->password_reset)) { unset($userinfo->password_reset); } /* Successfully authenticated. */ // Timestamp last login date and time. $user->info->authenticate_time = DateTime::create()->format('Y-m-d H:i:s'); $user->update(); // Remove left over expired session error message. if (Session::has_errors('expired_session')) { Session::remove_error('expired_session'); } $login_session = Session::get_set('login'); if (!empty($login_session)) { /* Now that we know we're dealing with the same user, transfer the form data so he does not lose his request */ if (!empty($login_session['post_data'])) { Session::add_to_set('last_form_data', $last_form_data['post'], 'post'); } if (!empty($login_session['get_data'])) { Session::add_to_set('last_form_data', $last_form_data['get'], 'get'); } // don't bother parsing out the URL, we store the URI that was requested, so just append that to the hostname and we're done $login_dest = Site::get_url('host') . $login_session['original']; } else { $login_session = null; $login_dest = Site::get_url('admin'); } // filter the destination $login_dest = Plugins::filter('login_redirect_dest', $login_dest, $user, $login_session); // finally, redirect to the destination Utils::redirect($login_dest); return true; } /* Authentication failed. */ // Remove submitted password, see, we're secure! $form->habari_password->value = ''; $this->handler_vars['error'] = _t('Bad credentials'); } }
/** * Verifies user credentials before creating the theme and displaying the request. */ public function __construct() { $user = User::identify(); if (!$user->loggedin) { Session::add_to_set('login', $_SERVER['REQUEST_URI'], 'original'); if (URL::get_matched_rule()->name == 'admin_ajax' && isset($_SERVER['HTTP_REFERER'])) { header('Content-Type: text/javascript;charset=utf-8'); echo '{callback: function(){location.href="' . $_SERVER['HTTP_REFERER'] . '"} }'; } else { $post_raw = $_POST->get_array_copy_raw(); if (!empty($post_raw)) { Session::add_to_set('last_form_data', $post_raw, 'post'); Session::error(_t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission'); } $get_raw = $_GET->get_array_copy_raw(); if (!empty($get_raw)) { Session::add_to_set('last_form_data', $get_raw, 'get'); Session::error(_t('We saved the last form you posted. Log back in to continue its submission.'), 'expired_form_submission'); } Utils::redirect(URL::get('auth', array('page' => 'login'))); } exit; } $last_form_data = Session::get_set('last_form_data'); // This was saved in the "if ( !$user )" above, UserHandler transferred it properly. /* At this point, Controller has not created handler_vars, so we have to modify $_POST/$_GET. */ if (isset($last_form_data['post'])) { $_POST = $_POST->merge($last_form_data['post']); $_SERVER['REQUEST_METHOD'] = 'POST'; // This will trigger the proper act_admin switches. Session::remove_error('expired_form_submission'); } if (isset($last_form_data['get'])) { $_GET = $_GET->merge($last_form_data['get']); Session::remove_error('expired_form_submission'); // No need to change REQUEST_METHOD since GET is the default. } $user->remember(); // Create an instance of the active public theme so that its plugin functions are implemented $this->active_theme = Themes::create(); // setup the stacks for javascript in the admin - it's a method so a plugin can call it externally self::setup_stacks(); }
/** * Log the entry page view, when appropriate. * */ public function action_add_template_vars($theme, $handler_vars) { // If there is only one post if ($theme->post instanceof Post && count($theme->posts) == 1) { // Only track users that aren't logged in, unless specifically overridden if (!User::identify()->loggedin || Options::get('relativelypopular__loggedintoo')) { $set = Session::get_set('relativelypopular', false); $post = $theme->post; // this code is actually executed about 9 times per page request on my system, // so this check here is essential otherwise we bias the results by a factor of 9 if (!in_array($post->id, $set)) { // load fields $visits = $post->info->visits; $visits_activity = $post->info->visits_activity; // check if fields currently exist and contain the requsite valid data, otherwise reinitalise if ($visits_activity == null || count(explode('#', $visits_activity)) != 2 * $this->n_periods) { $visits_activity = implode('#', array_fill(0, 2 * $this->n_periods, 0)); } $activity = explode('#', $visits_activity); if (!array_key_exists($this->now, $activity)) { $activity += array($this->now => 0); } // increment the quantity for the period we're currently in and blank the $n_periods fields following it $activity[$this->now] += 1; for ($i = 1; $i <= $this->n_periods; $i++) { $next = ($this->day + $i) % (2 * $this->n_periods); if (!array_key_exists($next, $activity)) { $activity += array($next => 0); } $activity[$next] = 0; } // evaluate the total hits for this time period and store it along with the activity trace $post->info->visits = array_sum($activity); $post->info->visits_activity = implode('#', $activity); $post->info->commit(); Session::add_to_set('relativelypopular', $post->id); } } } if (!isset($theme->RelativelyPopular)) { $theme->RelativelyPopular = $this; } }
public function get_jambo_form() { // borrow default values from the comment forms $commenter_name = ''; $commenter_email = ''; $commenter_url = ''; $commenter_content = ''; $user = User::identify(); if (isset($_SESSION['comment'])) { $details = Session::get_set('comment'); $commenter_name = $details['name']; $commenter_email = $details['email']; $commenter_url = $details['url']; $commenter_content = $details['content']; } elseif ($user->loggedin) { $commenter_name = $user->displayname; $commenter_email = $user->email; $commenter_url = Site::get_url('habari'); } // Now start the form. $form = new FormUI('jambo'); // $form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) ); // Create the Name field $form->append('text', 'jambo_name', 'null:null', _t('Name'), 'formcontrol_text')->add_validator('validate_required', _t('Your Name is required.'))->id = 'jambo_name'; $form->jambo_name->tabindex = 1; $form->jambo_name->value = $commenter_name; // Create the Email field $form->append('text', 'jambo_email', 'null:null', _t('Email'), 'formcontrol_text')->add_validator('validate_email', _t('Your Email must be a valid address.'))->id = 'jambo_email'; $form->jambo_email->tabindex = 2; $form->jambo_email->caption = _t('Email'); $form->jambo_email->value = $commenter_email; // Create the Message field $form->append('text', 'jambo_message', 'null:null', _t('Message', 'jambo'), 'formcontrol_textarea')->add_validator('validate_required', _t('Your message cannot be blank.', 'jambo'))->id = 'jambo_message'; $form->jambo_message->tabindex = 4; // Create the Submit button $form->append('submit', 'jambo_submit', _t('Submit'), 'formcontrol_submit'); $form->jambo_submit->tabindex = 5; // Set up form processing $form->on_success(array($this, 'process_jambo')); // Return the form object return $form; }
/** * Log the entry page view, when appropriate. * */ public function action_add_template_vars($theme, $handler_vars) { // If there is only one post if ($theme->post instanceof Post && count($theme->posts) == 1) { // Only track users that aren't logged in, unless specifically overridden if (!User::identify()->loggedin || Options::get('popular_posts__loggedintoo')) { $set = Session::get_set('popular_posts', false); $post = $theme->post; if (!in_array($post->id, $set)) { $views = $post->info->views; if ($views == null) { $views = 0; } $views += 1; $post->info->views = $views; $post->info->commit(); Session::add_to_set('popular_posts', $post->id); } } } }
/** * Set the default value of this control from options or userinfo if the default value isn't explicitly set on creation */ protected function get_default() { // Get the default value from Options/UserInfo if it's not set explicitly if ( empty( $this->default ) ) { if ( $this->storage instanceof FormStorage ) { $type = 'formstorage'; } else { $storage = explode( ':', $this->storage, 2 ); switch ( count( $storage ) ) { case 2: list( $type, $location ) = $storage; break; case 1: list( $location ) = $storage; $type = 'option'; break; default: return $this->default; } } switch ( $type ) { case 'user': $this->default = User::identify()->info->{$location}; break; case 'option': $this->default = Options::get( $location ); break; case 'action': $this->default = Plugins::filter( $location, '', $this->name, false ); break; case 'session'; $session_set = Session::get_set( $location, false ); if ( isset( $session_set[$this->name] ) ) { $this->default = $session_set[$this->name]; } break; case 'formstorage': $this->default = $this->storage->field_load( $this->name ); break; case 'null': break; } } return $this->default; }
/** * Produce a basic FormStorage implementation from a classic storage string * @param string $value A classic storage string, such as "option:someoption" or "user:age" * @return ControlStorage An instance of an object that will save and load to the indicated location */ public static function from_storage_string($value) { $storage = explode(':', $value, 2); switch (count($storage)) { case 2: list($type, $location) = $storage; break; case 1: list($location) = $storage; $type = 'option'; break; default: // @todo Figure this case out $location = '__'; $type = '__'; break; } switch ($type) { case 'user': $loader = function ($name) { return User::identify()->info->{$name}; }; $saver = function ($name, $value) { User::identify()->info->{$name} = $value; Session::queue(User::identify()); }; break; case 'option': $loader = function ($name) use($location) { return Options::get($location); }; $saver = function ($name, $value) use($location) { Options::set($location, $value); }; break; case 'action': $loader = function ($name) use($location) { return Plugins::filter($location, '', $name, false); }; $saver = function ($name, $value) use($location) { Plugins::act($location, $value, $name, true); }; break; case 'session': $loader = function ($name) use($location) { $session_set = Session::get_set($location, false); if (isset($session_set[$name])) { return $session_set[$name]; } return null; }; $saver = function ($name, $value) use($location) { Session::add_to_set($location, $value, $name); }; break; default: $loader = function () { }; $saver = function () { }; break; } return new ControlStorage($loader, $saver); }
<div class="comments"> <h2 id="respond" class="reply">Leave a Reply</h2> <?php $class = ''; $cookie = 'comment_' . Options::get('GUID'); $commenter_name = ''; $commenter_email = ''; $commenter_url = ''; if ($user) { $commenter_name = $user->username; $commenter_email = $user->email; $commenter_url = Site::get_url('habari'); } elseif (isset($_COOKIE[$cookie])) { list($commenter_name, $commenter_email, $commenter_url) = explode('#', $_COOKIE[$cookie]); } elseif (isset($_SESSION['comment'])) { $details = Session::get_set('comment'); $commenter_name = $details['name']; $commenter_email = $details['email']; $commenter_url = $details['url']; } if (Session::has_errors()) { Session::messages_out(); } ?> <br> <form action="<?php URL::out('submit_feedback', array('id' => $post->id)); ?> " method="post" id="commentform"> <div id="comment-personaldetails"> <p>
public function action_handler_mollom_fallback(SuperGlobal $handler_vars) { $comment = Session::get_set('mollom'); if (isset($comment['comment'])) { Plugins::act('mollom_fallback', $handler_vars, $comment['comment']); } else { die(_t('Sorry, we could not procces your comment.', 'mollom')); } }
$().ajaxSend(function(r,s){ $("#contentLoading").show(); }); $().ajaxStop(function(r,s){ $("#contentLoading").fadeOut("fast"); }); </script> <?php if (Session::get_set('votes', false)) { ?> <script type="text/javascript"> lockdown() getresults() </script> <?php } ?> </div>
/** * Helper function: Display a post * @param array $user_filters Additional arguments used to get the page content */ public function act_display_post($user_filters = array()) { $paramarray['fallback'] = array('{$type}.{$id}', '{$type}.{$slug}', '{$type}.tag.{$posttag}', '{$type}.single', '{$type}.multiple', 'single', 'multiple'); // Does the same as a Post::get() $default_filters = array('fetch_fn' => 'get_row', 'limit' => 1); // Remove the page from filters. $page_key = array_search('page', $this->valid_filters); unset($this->valid_filters[$page_key]); $paramarray['user_filters'] = array_merge($default_filters, $user_filters); // Handle comment submissions and default commenter id values $cookie = 'comment_' . Options::get('GUID'); $commenter_name = ''; $commenter_email = ''; $commenter_url = ''; $commenter_content = ''; $user = User::identify(); if (isset($_SESSION['comment'])) { $details = Session::get_set('comment'); $commenter_name = $details['name']; $commenter_email = $details['email']; $commenter_url = $details['url']; $commenter_content = $details['content']; } elseif ($user->loggedin) { $commenter_name = $user->displayname; $commenter_email = $user->email; $commenter_url = Site::get_url('habari'); } elseif (isset($_COOKIE[$cookie])) { list($commenter_name, $commenter_email, $commenter_url) = explode('#', $_COOKIE[$cookie]); } $this->commenter_name = $commenter_name; $this->commenter_email = $commenter_email; $this->commenter_url = $commenter_url; $this->commenter_content = $commenter_content; $this->comments_require_id = Options::get('comments_require_id'); return $this->act_display($paramarray); }
/** * Remove an addon-version-combination from the session and therefore from the cart * After removing, redirect to the overview page for that type of addon */ public function theme_route_remove_from_cart($theme, $params) { $oldlist = Session::get_set("addon_cart"); for ($i = 0; $i < count($oldlist); $i++) { if ($i == $params["index"]) { Session::notice(_t("You removed %s v%s for Habari %s from your cart.", array("<a href='" . $oldlist[$i]["permalink"] . "'>" . $oldlist[$i]["name"] . "</a>", $oldlist[$i]["version"], $oldlist[$i]["habari_version"]), "addon_catalog")); $type = $oldlist[$i]["type"]; continue; } Session::add_to_set("addon_cart", $oldlist[$i]); } Utils::redirect(URL::get("display_addons", array('addon' => $type))); }
/** * Manage this post's comment form * * @param String context // What is $context for ? * @return FormUI The comment form for this post */ public function comment_form( $context = 'public' ) { // Handle comment submissions and default commenter id values $cookie = 'comment_' . Options::get( 'GUID' ); $commenter_name = ''; $commenter_email = ''; $commenter_url = ''; $commenter_content = ''; $user = User::identify(); if ( isset( $_SESSION['comment'] ) ) { $details = Session::get_set( 'comment' ); $commenter_name = $details['name']; $commenter_email = $details['email']; $commenter_url = $details['url']; $commenter_content = $details['content']; } elseif ( $user->loggedin ) { $commenter_name = $user->displayname; $commenter_email = $user->email; $commenter_url = Site::get_url( 'habari' ); } elseif ( isset( $_COOKIE[$cookie] ) ) { // limit to 3 elements so a # in the URL stays appended $commenter = explode( '#', $_COOKIE[ $cookie ], 3 ); // make sure there are always at least 3 elements $commenter = array_pad( $commenter, 3, null ); list( $commenter_name, $commenter_email, $commenter_url ) = $commenter; } // Now start the form. $form = new FormUI( 'comment-' . $context, 'comment' ); $form->class[] = $context; $form->class[] = 'commentform'; $form->set_option( 'form_action', URL::get( 'submit_feedback', array( 'id' => $this->id ) ) ); // Create the Name field $form->append( 'text', 'cf_commenter', 'null:null', _t( 'Name <span class="required">*Required</span>' ), 'formcontrol_text' )->add_validator( 'validate_required', _t( 'The Name field value is required' ) ) ->id = 'comment_name'; $form->cf_commenter->tabindex = 1; $form->cf_commenter->value = $commenter_name; // Create the Email field $form->append( 'text', 'cf_email', 'null:null', _t( 'Email' ), 'formcontrol_text' )->add_validator( 'validate_email', _t( 'The Email field value must be a valid email address' ) ) ->id = 'comment_email'; $form->cf_email->tabindex = 2; if ( Options::get( 'comments_require_id' ) == 1 ) { $form->cf_email->add_validator( 'validate_required', _t( 'The Email field value must be a valid email address' ) ); $form->cf_email->caption = _t( 'Email <span class="required">*Required</span>' ); } $form->cf_email->value = $commenter_email; // Create the URL field $form->append( 'text', 'cf_url', 'null:null', _t( 'Website' ), 'formcontrol_text' )->add_validator( 'validate_url', _t( 'The Web Site field value must be a valid URL' ) ) ->id = 'comment_url'; $form->cf_url->tabindex = 3; $form->cf_url->value = $commenter_url; // Create the Comment field $form->append( 'text', 'cf_content', 'null:null', _t( 'Comment' ), 'formcontrol_textarea' )->add_validator( 'validate_required', _t( 'The Content field value is required' ) ) ->id = 'comment_content'; $form->cf_content->tabindex = 4; $form->cf_content->value = $commenter_content; // Create the Submit button $form->append( 'submit', 'cf_submit', _t( 'Submit' ), 'formcontrol_submit' ); $form->cf_submit->tabindex = 5; // Add required hidden controls /* $form->append( 'hidden', 'content_type', 'null:null' ); $form->content_type->value = $this->content_type; $form->append( 'hidden', 'post_id', 'null:null' ); $form->post_id->id = 'id'; $form->post_id->value = $this->id; $form->append( 'hidden', 'slug', 'null:null' ); $form->slug->value = $this->slug; */ // Let plugins alter this form Plugins::act( 'form_comment', $form, $this, $context ); // Return the form object return $form; }
/** * Either just display the login form; or check a user's credentials, and * create a session for them; or handle a password reset request. */ public function act_login() { // If we're a reset password request, do that. if (isset($_POST['submit_button']) && $_POST['submit_button'] === _t('Reset password')) { Utils::check_request_method(array('POST')); $name = $this->handler_vars['habari_username']; if ($name !== NULL) { if (!is_numeric($name) && ($user = User::get($name))) { $hash = Utils::random_password(); $user->info->password_reset = md5($hash); $user->info->commit(); $message = _t('Please visit %1$s to reset your password.', array(URL::get('user', array('page' => 'password_reset', 'id' => $user->id, 'hash' => $hash)))); Utils::mail($user->email, _t('[%1$s] Password reset request for %2$s', array(Options::get('title'), $user->displayname)), $message); } // Moving this inside the check for user existence would allow attackers to test usernames, so don't Session::notice(_t('A password reset request has been sent to the user.')); } } else { Utils::check_request_method(array('GET', 'HEAD', 'POST')); $name = $_POST['habari_username']; $pass = $_POST['habari_password']; if (NULL != $name || NULL != $pass) { $user = User::authenticate($name, $pass); if ($user instanceof User && FALSE != $user) { /* Successfully authenticated. */ // Timestamp last login date and time. $user->info->authenticate_time = date('Y-m-d H:i:s'); $user->update(); // Remove left over expired session error message. if (Session::has_errors('expired_session')) { Session::remove_error('expired_session'); } $login_session = Session::get_set('login'); if (!empty($login_session)) { /* Now that we know we're dealing with the same user, transfer the form data so he does not lose his request */ if (!empty($login_session['post_data'])) { Session::add_to_set('last_form_data', $last_form_data['post'], 'post'); } if (!empty($login_session['get_data'])) { Session::add_to_set('last_form_data', $last_form_data['get'], 'get'); } /* Redirect to the correct admin page */ $dest = explode('/', MultiByte::substr($login_session['original'], MultiByte::strpos($login_session['original'], 'admin/'))); if ('' == $dest[0]) { $login_dest = Site::get_url('admin'); } else { // Replace '?' with '&' in $dest[1] before call URL::get() // Therefore calling URL::get() with a query string $dest[1] = str_replace('?', '&', $dest[1]); $login_dest = URL::get('admin', 'page=' . $dest[1]); } } else { $login_session = null; $login_dest = Site::get_url('admin'); } // filter the destination $login_dest = Plugins::filter('login_redirect_dest', $login_dest, $user, $login_session); // finally, redirect to the destination Utils::redirect($login_dest); return TRUE; } /* Authentication failed. */ // Remove submitted password, see, we're secure! $_POST['habari_password'] = ''; $this->handler_vars['error'] = _t('Bad credentials'); } } // Display the login form. $this->login_form($name); }
$content->checkout_form->out(); } ?> <hr> </div> <?php if (count(Session::get_set("addon_cart", false)) == 0) { ?> <div class="empty_cart">Your cart is empty</div> <?php } else { ?> <div id="cart_downloads"> <ul> <?php foreach (Session::get_set("addon_cart", false) as $index => $c) { ?> <li> <span><i class="icon-<?php echo $c["type"]; ?> "><?php echo AddonCatalogPlugin::get_type_icon($c["type"]); ?> </i></span> <span><a href="<?php echo $c["permalink"]; ?> "><?php echo $c["name"]; ?>
public function filter_post_content($content, Post $post) { if ($post->info->password) { // if user logged in, show post // make sure it's not just the anonymous user! $user = User::identify(); if ($user instanceof User && $user != User::anonymous()) { return $content; } $session = Session::get_set('post_passwords', false); $token = Utils::crypt('42' . $post->info->password . $post->id . Options::get('GUID')); // if password was submitted verify it if (Controller::get_var('post_password') && Controller::get_var('post_password_id') == $post->id) { $pass = InputFilter::filter(Controller::get_var('post_password')); if (Utils::crypt($pass, $post->info->password)) { Session::add_to_set('post_passwords', $token, $post->id); $session[$post->id] = $token; } else { Session::error(_t('That password was incorrect.', 'postpass')); } } // if password is stored in session verify it if (isset($session[$post->id]) && $session[$post->id] == $token) { return $content; } else { $theme = Themes::create(); $theme->post = $post; return $theme->fetch('post_password_form'); } } else { return $content; } }