private function contact() { $isSent = Request::get(0, VAR_URI) == 'send'; $options = array('name' => array(Validator::MESSAGE => 'Der Name muss mindestens 5 und darf maximal 150 Zeichen lang sein.', Validator::MIN_LENGTH => 5, Validator::MAX_LENGTH => 150), 'email' => array(Validator::MESSAGE => 'Die E-Mail-Adresse ist nicht korrekt.', Validator::CALLBACK => Validator::CB_MAIL), 'message' => array(Validator::MESSAGE => 'Die Nachricht entspricht nicht den Vorgaben (mindestens 10 Zeichen, maximal 1000 Zeichen).', Validator::MIN_LENGTH => 10, Validator::MAX_LENGTH => 1000), 'title' => array(Validator::MESSAGE => 'Der Titel entspricht nicht den Vorgaben (mindestens 5 Zeichen, maximal 100 Zeichen).', Validator::MIN_LENGTH => 5, Validator::MAX_LENGTH => 100)); $this->enableClientFormValidation($options); // Don't validate the captcha via ajax as the session would end if (Config::get('captcha.enable')) { Core::loadClass('Core.Security.ReCaptcha'); $options['recaptcha_response_field'] = array(Validator::MESSAGE => 'Der Sicherheitscode wurde nicht korrekt eingegeben.', Validator::CALLBACK => 'cb_captcha_check'); } $data = array_fill_keys(array_keys($options), ''); $data['name'] = iif(Me::get()->loggedIn(), Me::get()->getName()); $data['email'] = iif(Me::get()->loggedIn(), Me::get()->getEmail()); $this->breadcrumb->add('Kontakt'); $this->header(); if ($isSent) { extract(Validator::checkRequest($options)); if (count($error) > 0) { CmsPage::error($error); } else { CmsTools::sendMail(Config::get('general.email'), $data['title'], $data['message'], $data['email'], $data['name']); CmsPage::ok('Die Anfrage wurde erfolgreich verschickt. Vielen Dank!'); $data['title'] = ''; $data['message'] = ''; } } $tpl = Response::getObject()->appendTemplate('Cms/contact/contact'); $tpl->assign('data', $data); if (Config::get('captcha.enable')) { $tpl->assign('captcha', recaptcha_get_html(Config::get('captcha.public_key')), false); } $tpl->output(); $this->footer(); }
public function write() { $db = Database::getObject(); $id = Request::get(1, VAR_INT); $action = Request::get(2, VAR_URI); $options = array('title' => array(Validator::MESSAGE => 'Der Name muss mindestens 2 und darf maximal 255 Zeichen lang sein.', Validator::MIN_LENGTH => 2, Validator::MAX_LENGTH => 255), 'uri' => array(Validator::MULTIPLE => array(array(Validator::MESSAGE => 'Die URI enthält Zeichen die nicht erlaubt sind. Erlaubt sind: a-z, 0-9, _, -', Validator::REGEXP => '/^[\\w\\d\\-]*$/i'), array(Validator::MESSAGE => 'Die angegebene URI existiert bereits für eine andere Seite.', Validator::CLOSURE => function ($uri) use($db, $id) { $db->query("SELECT uri FROM <p>page WHERE id != <id:int> AND uri = <uri>", compact("id", "uri")); return $db->numRows() == 0; }))), 'content' => array(Validator::OPTIONAL => true)); $this->breadcrumb->add(iif($id > 0, "Bearbeiten", "Hinzufügen")); $this->scriptFiles[URI::build('client/scripts/wymeditor/jquery.wymeditor.js')] = 'text/javascript'; $this->header(); $data = array('id' => $id, 'title' => '', 'uri' => '', 'content' => ''); if ($action == 'send') { extract(Validator::checkRequest($options)); $data['id'] = $id; if (count($error) > 0) { CmsPage::error($error); } else { if ($id > 0) { $db->query("UPDATE <p>page SET title = <title>, uri = <uri>, content = <content> WHERE id = <id:int>", $data); } else { $db->query("INSERT INTO <p>page SET title = <title>, uri = <uri>, content = <content>", $data); $data['id'] = $db->insertId(); } CmsPage::ok("Die Seite wurde erfolgreich gespeichert."); } } else { if ($id > 0) { $db->query("SELECT id, title, uri, content FROM <p>page WHERE id = <id:int>", compact("id")); if ($db->numRows() == 1) { $data = $db->fetchAssoc(); } } } $tpl = Response::getObject()->appendTemplate('Cms/admin/docs_write'); $tpl->assign('data', $data); $tpl->output(); $this->footer(); }
public function edit() { $id = Request::get(1, VAR_INT, 0); $action = Request::get(2, VAR_URI); $this->breadcrumb->add(iif($id > 0, "Bearbeiten", "Hinzufügen")); $this->header(); $db = Database::getObject(); $data = array('id' => $id, 'flughafen' => '', 'code' => '', 'land' => '', 'stadt' => ''); if ($action == 'send') { $options = array('flughafen' => array(Validator::MESSAGE => 'Der Name muss mindestens 2 und darf maximal 128 Zeichen lang sein.', Validator::MIN_LENGTH => 2, Validator::MAX_LENGTH => 128), 'code' => array(Validator::MESSAGE => 'Der Code muss genau 3 Zeichen lang sein.', Validator::LENGTH => 3), 'land' => array(Validator::MESSAGE => 'Der Name muss mindestens 2 und darf maximal 64 Zeichen lang sein.', Validator::MIN_LENGTH => 2, Validator::MAX_LENGTH => 64), 'stadt' => array(Validator::MESSAGE => 'Der Name muss mindestens 2 und darf maximal 96 Zeichen lang sein.', Validator::MIN_LENGTH => 2, Validator::MAX_LENGTH => 96)); extract(Validator::checkRequest($options)); $data['id'] = $id; if (count($error) > 0) { CmsPage::error($error); } else { if ($id > 0) { $db->query("UPDATE <p>airports SET flughafen = <flughafen>, land = <land>, stadt = <stadt>, code = <code> WHERE id = <id:int>", $data); } else { $db->query("INSERT INTO <p>airports SET flughafen = <flughafen>, land = <land>, stadt = <stadt>, code = <code>", $data); $data['id'] = $db->insertId(); } CmsPage::ok("Der Airport wurde erfolgreich gespeichert."); } } else { if ($id > 0) { $db->query("SELECT * FROM <p>airports WHERE id = <id:int>", compact("id")); if ($db->numRows() == 1) { $data = $db->fetchAssoc(); } } } $tpl = Response::getObject()->appendTemplate('Airlines/admin/airports_edit'); $tpl->assign('data', $data); $tpl->output(); $this->footer(); }
public function register() { $action = Request::get(1, VAR_URI); $min_year = date('Y') - 110; $max_year = date('Y') - 8; $countries = CmsTools::getCountries(); $options = $this->getFieldValidation($countries, $min_year, $max_year); $this->enableClientFormValidation($options); $this->breadcrumb->add('Registrieren'); $this->header(); if (Me::get()->loggedIn()) { CmsPage::error('Sie sind bereits registriert!'); } else { // Don't validate the captcha via ajax as the session would end if (Config::get('captcha.enable')) { Core::loadClass('Core.Security.ReCaptcha'); $options['recaptcha_response_field'] = array(Validator::MESSAGE => 'Der Sicherheitscode wurde nicht korrekt eingegeben.', Validator::CALLBACK => 'cb_captcha_check'); } $error = array(); $data = array_fill_keys(array_keys($options), ''); if ($action == 'send') { extract(Validator::checkRequest($options)); if (count($error) > 0) { CmsPage::error($error); } else { // Insert data $dt = new DT(); $dt->setDate($data['birthyear'], $data['birthmonth'], $data['birthday']); $data['birth'] = $dt->dbDate(); $data['pw1'] = Hash::generate($data['pw1']); $data['group_id'] = UserPages::DEFAULT_MEMBER_GID; $data['regdate'] = time(); if (Config::get('security.validate_registered_email') == 1) { $data['active'] = 0; $data['verification'] = Hash::getRandom(); } else { $data['active'] = 1; $data['verification'] = ''; } $db = Database::getObject(); $db->query("\n\t\t\t\t\t\tINSERT INTO <p>user\n\t\t\t\t\t\t(forename, surname, pw, group_id, email, gender, birth, city, country, regdate, active, verification)\n\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t(<forename>, <surname>, <pw1>, <group_id:int>, <email>, <gender>, <birth>, <city>, <country>, <regdate:int>, <active:int>, <verification>)\n\t\t\t\t\t", $data); $mid = $db->insertID(); $tpl = Response::getObject()->getTemplate('Cms/mails/register' . iif(!$data['active'], '_confirm')); $tpl->assign('mid', $mid, false); $tpl->assign('name', UserUtils::getSalutation($data['gender'], $data['forename'], $data['surname']), false); $tpl->assign('data', $data, false); CmsTools::sendMail($data['email'], 'Betätigung der Anmeldung bei ' . Config::get('general.title'), $tpl->parse()); CmsPage::ok("Sie haben sich erfolgreich registriert." . iif(!$data['active'], ' Bitte aktivieren Sie Ihren Account, in dem Sie auf den Link klicken, der Ihnen an Ihre E-Mail-Adresse geschickt wurde.'), URI::build('Cms/user/login')); } } if ($action != 'send' || count($error) > 0) { $tpl = Response::getObject()->appendTemplate('Cms/user/register'); $tpl->assign('data', $data); $tpl->assign('r_birthday', range(1, 31)); $tpl->assign('r_birthmonth', range(1, 12)); $tpl->assign('r_birthyear', range($min_year, $max_year)); $tpl->assign('countries', $countries); if (Config::get('captcha.enable')) { $tpl->assign('captcha', recaptcha_get_html(Config::get('captcha.public_key')), false); } $tpl->output(); } } $this->footer(); }
private function executeClientFormValidation(&$options) { $field = Request::get('ajax'); $data = null; if (isset($options[$field])) { $result = Validator::checkRequest(array($field => $options[$field])); $data = array('valid' => count($result['error']) == 0, 'field' => $field, 'messages' => array()); foreach ($result['error'] as $error) { // Conversion to plain text and utf-8 $data['messages'][] = html_entity_decode(htmlentities($error), ENT_QUOTES, 'UTF-8'); } } $this->sendJsonData($data); }
public function write($onlyCreate = false, $tpl = null) { $id = Request::get(1, VAR_INT); $isSent = Request::get(2, VAR_URI) == 'send'; $data = new CustomData($this->position); if ($id > 0 && $onlyCreate && Session::getObject()->getSetting('last_added') != $id) { CmsPage::error('Die Bearbeitungszeit ist abgelaufen. Bitte wenden Sie sich an den Administrator.'); } else { if ($id > 0 && !$data->load($id)) { CmsPage::error('Der gewählte Datensatz wurde leider nicht gefunden.'); } else { if ($id == 0) { $data->setToDefault(); } $fields = $data->getFields(); if ($isSent) { $options = array(); foreach ($fields as $field) { if ($field->canWrite()) { if ($field->getField() instanceof CustomExternalFields) { $options = array_merge($options, $field->getValidation()); } else { $options[$field->getFieldName()] = $field->getValidation(); } } } $result = Validator::checkRequest($options); foreach ($fields as $field) { if ($field->canWrite()) { $name = $field->getFieldName(); if (isset($result['data'][$name])) { $field->setData($result['data'][$name]); } } } if (count($result['error']) > 0) { CmsPage::error($result['error']); } else { $success = false; if ($id > 0) { $success = $data->edit($id); } else { $id = $data->add(); if ($onlyCreate) { Session::getObject()->setSetting('last_added', $id); } if ($id > 0) { $success = true; } else { $id = 0; $success = false; } } if ($success) { CmsPage::ok("Der Datensatz wurde erfolgreich gespeichert."); } else { CmsPage::error("Der Datensatz konnt leider nicht gespeichert werden."); } } } $html = array(); foreach ($fields as $field) { if ($field->canWrite()) { $html[] = array('field' => Sanitize::saveHTML($field->getFieldName()), 'name' => Sanitize::saveHTML($field->getName()), 'description' => Sanitize::saveHTML($field->getDescription()), 'code' => $field->getInputCode(), 'label' => !$field->noLabel()); } } $tpl = Response::getObject()->appendTemplate($tpl ? $tpl : '/Cms/fields/data_categories_write'); $tpl->assign('data', $data, false); $tpl->assign('fields', $html, false); $tpl->assign('id', $id); $tpl->assign('baseUri', $this->baseUri); $tpl->output(); } } }
public function edit() { $id = Request::get(1, VAR_INT); $isSent = Request::get(2, VAR_URI) == 'send'; $this->breadcrumb->add('Bearbeiten'); $this->header(); $db = Database::getObject(); $db->query("SELECT * FROM <p>fields WHERE id = <id:int>", compact("id")); if ($db->numRows() == 0) { CmsPage::error('Das Feld wurde leider nicht gefunden.'); $this->overview(); } else { $field = CustomField::constructObject($db->fetchAssoc()); $_positions = $this->getPositions(); $positions = Core::constructObjectArray($_positions); // Fill data array with the default (currently saved) data $permissions = $field->getPermissions(); $data = array('name' => $field->getName(), 'description' => $field->getDescription(), 'priority' => $field->getPriority(), 'position' => $field->getPosition()->getClassPath(), 'type' => $field->getClassPath(), 'read' => $permissions['read'], 'write' => $permissions['write']); foreach ($field->getParamsData() as $key => $value) { $data[$key] = $value; } $error = array(); if ($isSent) { // Base options for every field $options = array_merge($this->getValidator(), array('position' => array(Validator::MESSAGE => 'Der Anzeigeort ist ungültig.', Validator::LIST_CS => $_positions)), $field->getValidationParams(false)); extract(Validator::checkRequest($options)); if (count($error) == 0) { $this->injectDataToField($field, $data); if ($field->update()) { CmsPage::ok("Das Feld wurde erfolgreich aktualisiert."); } else { $error[] = 'Das Feld konnt leider nicht aktualisiert werden.'; } } if (count($error) > 0) { CmsPage::error($error); } } $tpl = Response::getObject()->appendTemplate("/Cms/admin/fields_edit"); $tpl->assign('field', $field, false); $tpl->assign('positions', $positions, false); $tpl->assign('data', $data); $tpl->assign('baseUri', $this->getBaseURI()); $tpl->output(); } $this->footer(); }
public function edit() { $id = Request::get(1, VAR_INT); $action = Request::get(2, VAR_URI); $this->breadcrumb->add('Bearbeiten'); $this->header(); $member = UserUtils::getById($id); if ($member === null) { CmsPage::error('Das angeforderte Mitglied wurde leider nicht gefunden.'); $this->members(); } else { $min_year = date('Y') - 110; $max_year = date('Y') - 8; $countries = CmsTools::getCountries(); $db = Database::getObject(); $db->query("SELECT id, title FROM <p>group WHERE registered = 1 ORDER BY admin ASC, editor ASC, title"); $groups = array(); while ($row = $db->fetchAssoc()) { $groups[$row['id']] = $row['title']; } $options = UserPages::getFieldValidation($countries, $min_year, $max_year); $options['pw1'][Validator::OPTIONAL] = true; $options['email'] = array(Validator::MULTIPLE => array(array(Validator::MESSAGE => 'Die E-Mail-Adresse ist nicht korrekt.', Validator::CALLBACK => Validator::CB_MAIL), array(Validator::MESSAGE => 'Diese E-Mail-Adresse ist bereits registriert.', Validator::CLOSURE => function ($mail) use($id) { $other = UserUtils::getByEmail($mail); return !($other !== null && $id != $other->getId()); }))); if (Me::get()->getId() != $id) { $options['group_id'] = array(Validator::MESSAGE => 'Die Gruppe ist nicht gültig.', Validator::LIST_CS => array_keys($groups)); $options['active'] = array(Validator::OPTIONAL => true, Validator::EQUALS => 1, Validator::VAR_TYPE => VAR_INT); } $error = array(); $data = array(); if ($action == 'send') { extract(Validator::checkRequest($options)); if (count($error) > 0) { CmsPage::error($error); } else { // Update data if (!empty($data['pw1']) && !empty($data['pw2'])) { $data['pw'] = Hash::generate($data['pw1']); } // prepare SQL update $sql = $data; unset($sql['pw1'], $sql['pw2'], $sql['birthday'], $sql['birthmonth'], $sql['birthyear']); if (Me::get()->getId() == $id) { unset($sql['group_id'], $sql['active']); // Don't allow to change own group or active state } $dt = new DT(); $dt->setDate($data['birthyear'], $data['birthmonth'], $data['birthday']); $sql['birth'] = $dt->dbDate(); $update = array(); foreach ($sql as $field => $value) { $update[] = "{$field} = <{$field}>"; } $update = implode(', ', $update); $sql['id'] = $id; $db->query("UPDATE <p>user SET {$update} WHERE id = <id:int>", $sql); // Update global data about me Session::getObject()->refreshMe(); CmsPage::ok("Ihre Angaben wurden erfolgreich gespeichert."); } } $user = $member->getArray(); $user = array_merge($user, $data); $tpl = Response::getObject()->appendTemplate("Cms/admin/members_edit"); $tpl->assign('user', $user); $tpl->assign('r_birthday', range(1, 31)); $tpl->assign('r_birthmonth', range(1, 12)); $tpl->assign('r_birthyear', range($min_year, $max_year)); $tpl->assign('countries', $countries); $tpl->assign('groups', $groups); $tpl->output(); } $this->footer(); }