Exemple #1
0
    // title
    $title = $lng['LNG_REGISTER_TITLE'];
    // breadcrumbs
    $breadcrumb = gcms::loadtemplate('', '', 'breadcrumb');
    $breadcrumbs = array();
    // หน้าหลัก
    $breadcrumbs['HOME'] = gcms::breadcrumb('icon-home', WEB_URL . '/index.php', $install_modules[$module_list[0]]['menu_tooltip'], $install_modules[$module_list[0]]['menu_text'], $breadcrumb);
    // url ของหน้านี้
    $breadcrumbs['MODULE'] = gcms::breadcrumb('', gcms::getURL('register'), $lng['LNG_REGISTER_TITLE'], $lng['LNG_REGISTER_TITLE'], $breadcrumb);
    if (isset($config['custom_register']) && is_file(ROOT_PATH . $config['custom_register'])) {
        // custom register form
        include ROOT_PATH . $config['custom_register'];
    } else {
        // antispam
        $register_antispamchar = gcms::rndname(32);
        $_SESSION[$register_antispamchar] = gcms::rndname(4);
        // แสดงฟอร์ม registerfrm.html
        $patt = array('/{BREADCRUMS}/', '/<PHONE>(.*)<\\/PHONE>/isu', '/<IDCARD>(.*)<\\/IDCARD>/isu', '/<INVITE>(.*)<\\/INVITE>/isu', '/{(LNG_[A-Z0-9_]+)}/e', '/{ANTISPAM}/', '/{WEBURL}/', '/{MODAL}/', '/{INVITE}/');
        $replace = array();
        $replace[] = implode("\n", $breadcrumbs);
        $replace[] = empty($config['member_phone']) ? '' : '\\1';
        $replace[] = empty($config['member_idcard']) ? '' : '\\1';
        $replace[] = empty($config['member_invitation']) ? '' : '\\1';
        $replace[] = OLD_PHP ? '$lng[\'$1\']' : 'gcms::getLng';
        $replace[] = $register_antispamchar;
        $replace[] = WEB_URL;
        $replace[] = gcms::getVars($_POST, 'action', '') != 'modal' ? 'false' : 'true';
        $replace[] = gcms::getVars($_COOKIE, PREFIX . '_invite', '');
        $content = gcms::pregReplace($patt, $replace, gcms::loadtemplate('member', 'member', 'registerfrm'));
    }
}
Exemple #2
0
<?php

// widgets/search/index.php
if (defined('MAIN_INIT')) {
    $patt = array('/[\\t\\r]/', '/{(LNG_[A-Z0-9_]+)}/e', '/{WEBURL}/', '/{SEARCH}/', '/{ID}/');
    $replace = array();
    $replace[] = '';
    $replace[] = OLD_PHP ? '$lng[\'$1\']' : 'gcms::getLng';
    $replace[] = WEB_URL;
    $replace[] = preg_replace('/[\\+\\s]+/u', ' ', gcms::getVars($_GET, 'q', ''));
    $replace[] = gcms::rndname(10);
    $widget = gcms::pregReplace($patt, $replace, file_get_contents(ROOT_PATH . 'widgets/search/search.html'));
}
Exemple #3
0
<?php

// widgets/contact/index.php
if (defined('MAIN_INIT')) {
    // antispam
    $antispam = gcms::rndname(32);
    $_SESSION[$antispam] = gcms::rndname(4);
    // contact form
    $widget[] = '<form id=contact_frm class=mainform method=post action=index.php>';
    $widget[] = '<div class=item><label for=mail_sender>{LNG_EMAIL_SEND} {LNG_TO}</label><span class="g-input icon-email-sent"><select name=mail_reciever id=mail_reciever>';
    $emails = array();
    $subject = '';
    if (!empty($module)) {
        foreach (explode(',', $module) as $item) {
            if (gcms::validMail($item)) {
                $emails = explode(',', $module);
            } else {
                $subject = $item;
            }
        }
        $_SESSION['emails'] = implode(',', $emails);
    }
    $widget[] = '<option value=admin>{LNG_ADMIN}</option>';
    foreach ($emails as $i => $email) {
        $widget[] = '<option value=' . $i . '>' . $email . '</option>';
    }
    $widget[] = '</select></span></div>';
    // sender
    $widget[] = '<div class=item><label for=mail_sender>{LNG_EMAIL_SENDER}</label><span class="g-input icon-email"><input type=text name=mail_sender id=mail_sender value="' . (isset($_SESSION['login']['email']) ? $_SESSION['login']['email'] : '') . '"></span></div>';
    // subject
    $widget[] = '<div class=item><label for=mail_topic>{LNG_EMAIL_SUBJECT}</label><span class="g-input icon-edit"><input type=text name=mail_topic id=mail_topic value="' . $subject . '"></span></div>';
Exemple #4
0
<?php

// widgets/download/index.php
if (defined('MAIN_INIT')) {
    $id = gcms::rndname(10);
    $widget = array();
    $widget[] = '<div id=widget_' . $id . ' class="document-list download"><div class="row listview">';
    $sql = "SELECT * FROM `" . DB_DOWNLOAD . "` WHERE `module_id`=(SELECT `id` FROM `" . DB_MODULES . "` WHERE `owner`='download' LIMIT 1)";
    if (!empty($cat)) {
        $sql .= ' AND `category_id`=' . (int) $cat;
    }
    $sql .= " ORDER BY `last_update` DESC LIMIT {$config['download_news_count']}";
    $list = $cache->get($sql);
    if (!$list) {
        $list = $db->customQuery($sql);
        $cache->save($sql, $list);
    }
    // template
    $skin = gcms::loadtemplate($module, 'download', 'widgetitem');
    $patt = array('/{BG}/', '/{NAME}/', '/{EXT}/', '/{DETAIL}/', '/{DATE}/', '/{ICON}/', '/{ID}/', '/{DOWNLOADS}/');
    $bg = 'bg2';
    foreach ($list as $item) {
        $bg = $bg == 'bg1' ? 'bg2' : 'bg1';
        $replace = array();
        $replace[] = "{$bg} background" . rand(0, 5);
        $replace[] = $item['name'];
        $replace[] = $item['ext'];
        $replace[] = $item['detail'];
        $replace[] = gcms::mktime2date($item['last_update'], 'd M Y');
        $replace[] = WEB_URL . '/skin/ext/' . (is_file(ROOT_PATH . "skin/ext/{$item['ext']}.png") ? $item['ext'] : 'file') . '.png';
        $replace[] = $item['id'];
Exemple #5
0
<?php

// widgets/rss/index.php
if (defined('MAIN_INIT')) {
    $widget = array();
    $tab = gcms::rndname(10);
    if (preg_match('/([0-9]+)(_([0-9]+))?/', $module, $match)) {
        $id = $match[1] == 0 ? '' : $match[1];
        $interval = $match[3] == '' ? 30 : $match[3];
    } else {
        $id = '';
        $interval = 30;
    }
    if (is_array($config['rss_tabs'])) {
        $widget[] = '<div class="rss_widget widget widget_bg_color">';
        $widget[] = '<div id=rss_tab_' . $tab . ' class=rss_tab></div>';
        $widget[] = '<div id=rss_div_' . $tab . ' class=rss_div></div>';
        $widget[] = '</div>';
        $widget[] = '<script>';
        $widget[] = "var rss = new GRSSTab('rss_tab_{$tab}','rss_div_{$tab}', {$interval});";
        foreach ($config['rss_tabs'] as $item) {
            if ($id == $item[2]) {
                $widget[] = "rss.add('{$item['0']}', '{$item['1']}', {rows:{$item['3']},cols:{$item['4']}});";
            }
        }
        $widget[] = 'rss.show(0);';
        $widget[] = '</script>';
    }
    $widget = implode('', $widget);
}
Exemple #6
0
if (gcms::isReferer()) {
    if (isset($_SESSION['login']['account']) && $_SESSION['login']['account'] == 'demo') {
        $ret['error'] = 'EX_MODE_ERROR';
    } else {
        // ค่าที่ส่งมา
        $email = $db->sql_trim_str($_POST, 'forgot_email');
        if ($email == '') {
            $ret['input'] = 'forgot_email';
            $ret['error'] = 'EMAIL_EMPTY';
        } else {
            $sql = "SELECT * FROM `" . DB_USER . "` WHERE (`email`='{$email}' OR (`phone1`!='' AND `phone1`='{$email}')) AND `fb`='0' LIMIT 1";
            $user = $db->customQuery($sql);
            if (sizeof($user) == 1) {
                $user = $user[0];
                // สุ่มและอัปเดทรหัสผ่านใหม่
                $password = gcms::rndname(6);
                $save['password'] = md5($password . $user['email']);
                $db->edit(DB_USER, $user['id'], $save);
                // ส่งเมล์แจ้งสมาชิก
                $replace = array();
                $replace['/%PASSWORD%/'] = $password;
                $replace['/%EMAIL%/'] = $user['email'];
                if ($user['activatecode'] != '') {
                    $replace['/%ID%/'] = $user['activatecode'];
                    // send mail
                    $err = gcms::sendMail(1, 'member', $replace, $user['email']);
                } else {
                    // send mail
                    $err = gcms::sendMail(3, 'member', $replace, $user['email']);
                }
                $ret['alert'] = rawurlencode(sprintf($lng['FORGOT_SUCCESS'], $user['email']));
Exemple #7
0
     $sql = "SELECT C.`id`,C.`topic`,C.`youtube` FROM `" . DB_VIDEO . "` AS C";
     $sql .= " INNER JOIN `" . DB_MODULES . "` AS M ON M.`owner`='video' AND M.`id`=C.`module_id` {$where}";
     $list = $cache->get($sql);
     if (!$list) {
         $list = $db->customQuery($sql);
         $cache->save($sql, $list);
     }
     if (empty($cols) && sizeof($list) == 1) {
         $youtube = $list[0]['youtube'];
     }
 }
 $widget = array();
 if (empty($youtube)) {
     $patt = array('/{ID}/', '/{THUMB}/', '/{YOUTUBE}/', '/{TOPIC}/', '/{DESCRIPTION}/', '/{VIEWS}/', '/{COLS}/');
     $skin = gcms::loadtemplate('video', 'video', 'listitem');
     $a = gcms::rndname(5);
     $widget[] = '<div class=video_list id=video_list_' . $a . '><div class="ggrid margin-box">';
     foreach ($list as $i => $item) {
         $replace = array();
         $replace[] = $item['id'];
         $replace[] = is_file(DATA_PATH . "video/{$item['youtube']}.jpg") ? DATA_URL . "video/{$item['youtube']}.jpg" : WEB_URL . '/modules/video/img/nopicture.jpg';
         $replace[] = $item['youtube'];
         $replace[] = $item['topic'];
         $replace[] = gcms::getVars($item, 'description', '');
         $replace[] = gcms::getVars($item, 'views', '');
         $replace[] = $cols;
         $widget[] = preg_replace($patt, $replace, $skin);
     }
     $widget[] = '</div></div>';
     $widget[] = '<script>';
     $widget[] = "inintVideoList('video_list_{$a}');";
     // ลบสมาชิก
     $db->query("DELETE FROM `" . DB_USER . "` WHERE `id` IN ({$ids}) AND `id`!=1");
 } elseif ($action == 'activate' || $action == 'sendpassword') {
     // ส่งอีเมล์ยืนยันสมาชิก อีกครั้ง
     $sql = "SELECT `id`,`email`,`activatecode` FROM `" . DB_USER . "` WHERE `id` IN ({$ids}) AND `fb`='0'";
     foreach ($db->customQuery($sql) as $item) {
         unset($replace);
         // สุ่มรหัสผ่านใหม่
         $password = gcms::rndname(6);
         // ข้อมูลอีเมล์
         $replace = array();
         $replace['/%PASSWORD%/'] = $password;
         $replace['/%EMAIL%/'] = $item['email'];
         if ($action == 'activate' || $item['activatecode'] != '') {
             // activate หรือ ยังไม่ได้ activate
             $save['activatecode'] = $item['activatecode'] == '' ? gcms::rndname(32) : $item['activatecode'];
             $replace['/%ID%/'] = $save['activatecode'];
             // send mail
             $err = gcms::sendMail(1, 'member', $replace, $item['email']);
         } else {
             // send mail
             $err = gcms::sendMail(3, 'member', $replace, $item['email']);
         }
         if ($err == '') {
             // อัปเดทรหัสผ่านใหม่
             $save['password'] = md5($password . $item['email']);
             // บันทึก
             $db->edit(DB_USER, $item['id'], $save);
         } else {
             echo $err;
         }
Exemple #9
0
function writeVar($defines)
{
    global $version, $prefix;
    foreach (array(ROOT_PATH . 'admin/install/vars.php', ROOT_PATH . 'bin/vars.php') as $_var) {
        if (is_file($_var)) {
            $fr = file($_var);
            foreach ($fr as $value) {
                if (preg_match('/^define\\([\'"]([A-Z_]+)[\'"](.*)\\);$/', trim($value), $match)) {
                    $defines[$match[1]] = $match[0];
                }
            }
        }
    }
    // update vars.php
    unset($defines['ROOT_PATH']);
    unset($defines['BASE_PATH']);
    unset($defines['WEB_URL']);
    unset($defines['DATA_FOLDER']);
    unset($defines['DATA_PATH']);
    unset($defines['DATA_URL']);
    unset($defines['COUNTER_REFRESH_TIME']);
    unset($defines['COUNTER_GAP']);
    unset($defines['MODULE_RESERVE']);
    unset($defines['LANGUAGE']);
    unset($defines['SKIN']);
    unset($defines['DB_DISTRICT']);
    unset($defines['DB_TAMBON']);
    unset($defines['DB_ZIPCODE']);
    // vars.php
    $datas = array();
    $datas[] = '<' . '?php';
    $datas[] = '// bin/vars.php';
    $datas[] = '// โฟลเดอร์สำหรับเก็บไอคอนของสมาชิก';
    $datas[] = getVar($defines, 'USERICON_PATH', "DATA_FOLDER.'member/'");
    $datas[] = '// นับจาก root ของ server';
    $datas[] = getVar($defines, 'USERICON_FULLPATH', "ROOT_PATH.USERICON_PATH");
    $datas[] = '// เวอร์ชั่นของ gcms';
    $datas[] = 'define(\'VERSION\', \'' . $version . '\');';
    unset($defines['VERSION']);
    $datas[] = '// ชื่อตัวแปรสำหรับเติมค่าตัวแปรต่างๆ';
    $datas[] = '// เช่น session หรือ db';
    $datas[] = '// เพื่อให้เป็นตัวแปรเฉพาะของเว็บไซต์เท่านั้น';
    unset($defines['PREFIX']);
    $datas[] = 'define(\'PREFIX\', \'' . $prefix . '\');';
    $datas[] = '// ชื่อตารางฐานข้อมูลพื้นฐานต่างๆ';
    $datas[] = '// ตารางสมาชิก';
    $datas[] = getVar($defines, 'DB_USER', 'PREFIX.\'_user\'');
    $datas[] = '// ตารางเนื้อหา';
    $datas[] = getVar($defines, 'DB_MODULES', 'PREFIX.\'_modules\'');
    $datas[] = getVar($defines, 'DB_INDEX', 'PREFIX.\'_index\'');
    $datas[] = getVar($defines, 'DB_INDEX_DETAIL', 'PREFIX.\'_index_detail\'');
    $datas[] = getVar($defines, 'DB_MENUS', 'PREFIX.\'_menus\'');
    $datas[] = getVar($defines, 'DB_COMMENT', 'PREFIX.\'_comment\'');
    $datas[] = getVar($defines, 'DB_CATEGORY', 'PREFIX.\'_category\'');
    $datas[] = getVar($defines, 'DB_BOARD_R', 'PREFIX.\'_board_r\'');
    $datas[] = getVar($defines, 'DB_BOARD_Q', 'PREFIX.\'_board_q\'');
    $datas[] = '// ตาราง ภาษา';
    $datas[] = getVar($defines, 'DB_LANGUAGE', 'PREFIX.\'_language\'');
    $datas[] = '// ตาราง Email';
    $datas[] = getVar($defines, 'DB_EMAIL_TEMPLATE', 'PREFIX.\'_emailtemplate\'');
    $datas[] = '// ตาราง counter';
    $datas[] = getVar($defines, 'DB_COUNTER', 'PREFIX.\'_counter\'');
    $datas[] = '// ตาราง useronline';
    $datas[] = getVar($defines, 'DB_USERONLINE', 'PREFIX.\'_useronline\'');
    $datas[] = '// ตำบล อำเภอ จังหวัด';
    $datas[] = getVar($defines, 'DB_PROVINCE', 'PREFIX.\'_province\'');
    $datas[] = getVar($defines, 'DB_COUNTRY', 'PREFIX.\'_country\'');
    $datas[] = '// ค่าคีย์สำหรับการเข้ารหัส';
    $datas[] = getVar($defines, 'EN_KEY', gcms::rndname(4, '123456789'));
    $datas[] = '// ตารางอื่นๆ';
    foreach ($defines as $define) {
        $datas[] = $define;
    }
    $f = @fopen(ROOT_PATH . 'bin/vars.php', 'wb');
    if ($f) {
        fwrite($f, implode("\n\t", $datas));
        fclose($f);
    }
    return $f;
}
Exemple #10
0
         $ret['confirm'] = 'CONFIRM_DOWNLOAD';
     } elseif ($action == 'downloading') {
         // อัปเดทดาวน์โหลด
         $save = array();
         $save['last_update'] = $mmktime;
         $save['downloads'] = $download['downloads'] + 1;
         if ($download['download_id'] == 0) {
             $save['module_id'] = $download['module_id'];
             $save['document_id'] = $download['id'];
             $save['member_id'] = $login['id'];
             $db->add(DB_EDOCUMENT_DOWNLOAD, $save);
         } else {
             $db->edit(DB_EDOCUMENT_DOWNLOAD, $download['download_id'], $save);
         }
         // URL สำหรับดาวน์โหลด
         $fid = gcms::rndname(32);
         $_SESSION[$fid]['file'] = $file_path;
         $_SESSION[$fid]['size'] = $download['size'];
         $_SESSION[$fid]['name'] = "{$download['topic']}.{$download['ext']}";
         $_SESSION[$fid]['status'] = $status;
         // คืนค่า URL สำหรับดาวน์โหลด
         $ret['href'] = rawurlencode(WEB_URL . "/modules/edocument/filedownload.php?id={$fid}");
         $ret['downloads'] = $save['downloads'];
     }
 } elseif ($action == 'delete') {
     $download = $db->getRec(DB_EDOCUMENT, $id);
     if ($download) {
         $db->query("DELETE FROM `" . DB_EDOCUMENT . "` WHERE `id`='{$download['id']}' LIMIT 1");
         $db->query("DELETE FROM `" . DB_EDOCUMENT_DOWNLOAD . "` WHERE `document_id`='{$download['id']}'");
         // ลบสำเร็จ
         $ret['error'] = 'DELETE_SUCCESS';
Exemple #11
0
<?php

// modules/member/fb_login.php
header("content-type: text/html; charset=UTF-8");
// inint
include '../../bin/inint.php';
// ตรวจสอบ referer
if (gcms::isReferer()) {
    // ค่าที่ส่งมา
    foreach (explode('&', $_POST['data']) as $item) {
        list($k, $v) = explode('=', $item);
        ${$k} = $v;
    }
    // สุ่มรหัสผ่านใหม่
    $login_password = gcms::rndname(6);
    // ตรวจสอบสมาชิกกับ db
    $sql = "SELECT `id`,`email`,`icon`,`fb`,`visited` FROM `" . DB_USER . "` WHERE `email`='" . addslashes($email) . "' LIMIT 1";
    $save = $db->customQuery($sql);
    if (sizeof($save) == 0) {
        // ยังไม่เคยลงทะเบียน, ลงทะเบียนใหม่
        $save = array();
        if (preg_match('/^([0-9]+)[\\/\\-]([0-9]+)[\\/\\-]([0-9]+)$/', $birthday, $match)) {
            $save['birthday'] = "{$match['3']}-{$match['1']}-{$match['2']}";
        }
        $save['id'] = 1 + $db->lastId(DB_USER);
        $save['email'] = $email;
        $save['icon'] = "{$save['id']}.jpg";
        $save['sex'] = $gender == 'male' ? 'm' : 'f';
        $save['website'] = str_replace(array('http://', 'https://', 'www.'), '', $link);
        $save['password'] = md5($login_password . $save['email']);
        $save['fname'] = $first_name;
Exemple #12
0
 $save['status'] = 0;
 list($displayname, $domain) = explode('@', $save['email']);
 $save['displayname'] = $displayname;
 $a = 0;
 while (true) {
     if (!$db->basicSearch(DB_USER, 'displayname', $save['displayname'])) {
         break;
     } else {
         $a++;
         $save['displayname'] = $displayname . $a;
     }
 }
 // บันทึกลงฐานข้อมูล
 if ($config['user_activate'] > 0 && $config['sendmail'] == 1) {
     // ต้อง activate และ สามารถส่งเมล์ได้
     $save['activatecode'] = gcms::rndname(32);
     // บันทึกลงฐานข้อมูล
     $lastid = $db->add(DB_USER, $save);
     // แสดงข้อความตอบรับการสมัครสมาชิก
     $ret['alert'] = sprintf($lng['NEWREGISTER_ACTIVATE_ALERT'], $save['email']);
     // กลับไปหน้าหลักเว็บไซต์
     $ret['location'] = $_POST['modal'] != 'true' ? rawurlencode(WEB_URL . '/index.php') : 'close';
 } else {
     // บันทึกลงฐานข้อมูล
     $lastid = $db->add(DB_USER, $save);
     // login
     $_SESSION['login'] = $save;
     $_SESSION['login']['id'] = $lastid;
     $_SESSION['login']['password'] = $password;
     // แสดงข้อความตอบรับการสมัครสมาชิก
     $ret['alert'] = sprintf($lng['NEWREGISTER_NOACTIVATE_ALERT'], $save['email']);