public function __construct() { parent::__construct(); $oAffModel = new AffiliateModel(); $oSecurityModel = new SecurityModel(); $sEmail = $this->httpRequest->post('mail'); $sPassword = $this->httpRequest->post('password'); /** Check if the connection is not locked **/ $bIsLoginAttempt = (bool) DbConfig::getSetting('isAffiliateLoginAttempt'); $iMaxAttempts = (int) DbConfig::getSetting('maxAffiliateLoginAttempts'); $iTimeDelay = (int) DbConfig::getSetting('loginAffiliateAttemptTime'); if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Affiliates')) { \PFBC\Form::setError('form_login_aff', Form::loginAttemptsExceededMsg($iTimeDelay)); return; // Stop execution of the method. } // Check Login $sLogin = $oAffModel->login($sEmail, $sPassword, 'Affiliates'); if ($sLogin === 'email_does_not_exist' || $sLogin === 'password_does_not_exist') { sleep(1); // Security against brute-force attack to avoid drowning the server and the database if ($sLogin === 'email_does_not_exist') { $this->session->set('captcha_enabled', 1); // Enable Captcha \PFBC\Form::setError('form_login_aff', t('Oops! "%0%" is not associated with any %site_name% account.', escape(substr($sEmail, 0, PH7_MAX_EMAIL_LENGTH)))); $oSecurityModel->addLoginLog($sEmail, 'Guest', 'No Password', 'Failed! Incorrect Username', 'Affiliates'); } elseif ($sLogin === 'password_does_not_exist') { $oSecurityModel->addLoginLog($sEmail, 'Guest', $sPassword, 'Failed! Incorrect Password', 'Affiliates'); if ($bIsLoginAttempt) { $oSecurityModel->addLoginAttempt('Affiliates'); } $this->session->set('captcha_enabled', 1); // Enable Captcha $sWrongPwdTxt = t('Oops! This password you entered is incorrect.') . '<br />'; $sWrongPwdTxt .= t('Please try again (make sure your caps lock is off).') . '<br />'; $sWrongPwdTxt .= t('Forgot your password? <a href="%0%">Request a new one</a>.', Uri::get('lost-password', 'main', 'forgot', 'affiliate')); \PFBC\Form::setError('form_login_aff', $sWrongPwdTxt); } } else { $oSecurityModel->clearLoginAttempts('Affiliates'); $this->session->remove('captcha_enabled'); $iId = $oAffModel->getId($sEmail, null, 'Affiliates'); $oAffData = $oAffModel->readProfile($iId, 'Affiliates'); if (true !== ($mStatus = (new AffiliateCore())->checkAccountStatus($oAffData))) { \PFBC\Form::setError('form_login_aff', $mStatus); } else { // Is disconnected if the user is logged on as "user" or "administrator". if (UserCore::auth() || AdminCore::auth()) { $this->session->destroy(); } // Regenerate the session ID to prevent the session fixation $this->session->regenerateId(); $aSessionData = ['affiliate_id' => $oAffData->profileId, 'affiliate_email' => $oAffData->email, 'affiliate_username' => $oAffData->username, 'affiliate_first_name' => $oAffData->firstName, 'affiliate_sex' => $oAffData->sex, 'affiliate_ip' => Ip::get(), 'affiliate_http_user_agent' => $this->browser->getUserAgent(), 'affiliate_token' => Various::genRnd($oAffData->email)]; $this->session->set($aSessionData); $oSecurityModel->addLoginLog($oAffData->email, $oAffData->username, '*****', 'Logged in!', 'Affiliates'); $oAffModel->setLastActivity($oAffData->profileId, 'Affiliates'); Header::redirect(Uri::get('affiliate', 'account', 'index'), t('You are successfully logged!')); } } }
public function __construct() { parent::__construct(); $sIp = Ip::get(); $oAdminModel = new AdminModel(); $oSecurityModel = new SecurityModel(); $sEmail = $this->httpRequest->post('mail'); $sUsername = $this->httpRequest->post('username'); $sPassword = $this->httpRequest->post('password'); /*** Security IP Login ***/ $sIpLogin = DbConfig::getSetting('ipLogin'); /*** Check if the connection is not locked ***/ $bIsLoginAttempt = (bool) DbConfig::getSetting('isAdminLoginAttempt'); $iMaxAttempts = (int) DbConfig::getSetting('maxAdminLoginAttempts'); $iTimeDelay = (int) DbConfig::getSetting('loginAdminAttemptTime'); if ($bIsLoginAttempt && !$oSecurityModel->checkLoginAttempt($iMaxAttempts, $iTimeDelay, $sEmail, $this->view, 'Admins')) { \PFBC\Form::setError('form_admin_login', Form::loginAttemptsExceededMsg($iTimeDelay)); return; // Stop execution of the method. } /*** Check Login ***/ $bIsLogged = $oAdminModel->adminLogin($sEmail, $sUsername, $sPassword); $bIsIpBanned = !empty($sIpLogin) && $sIpLogin !== $sIp; if (!$bIsLogged || $bIsIpBanned) { sleep(2); // Security against brute-force attack to avoid drowning the server and the database if (!$bIsLogged) { $oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Incorrect Email, Username or Password', 'Admins'); if ($bIsLoginAttempt) { $oSecurityModel->addLoginAttempt('Admins'); } $this->session->set('captcha_admin_enabled', 1); // Enable Captcha \PFBC\Form::setError('form_admin_login', t('"Email", "Username" or "Password" is Incorrect')); } elseif ($bIsIpBanned) { $this->session->set('captcha_admin_enabled', 1); // Enable Captcha \PFBC\Form::setError('form_admin_login', t('Incorrect Login!')); $oSecurityModel->addLoginLog($sEmail, $sUsername, $sPassword, 'Failed! Bad Ip adress', 'Admins'); } } else { $oSecurityModel->clearLoginAttempts('Admins'); $this->session->remove('captcha_admin_enabled'); // Is disconnected if the user is logged on as "user" or "affiliate". if (UserCore::auth() || AffiliateCore::auth()) { $this->session->destroy(); } $iId = $oAdminModel->getId($sEmail, null, 'Admins'); $oAdminData = $oAdminModel->readProfile($iId, 'Admins'); // Regenerate the session ID to prevent the session fixation $this->session->regenerateId(); $aSessionData = array('admin_id' => $oAdminData->profileId, 'admin_email' => $oAdminData->email, 'admin_username' => $oAdminData->username, 'admin_first_name' => $oAdminData->firstName, 'admin_ip' => $sIp, 'admin_http_user_agent' => $this->browser->getUserAgent(), 'admin_token' => Various::genRnd($oAdminData->email)); $this->session->set($aSessionData); $oSecurityModel->addLoginLog($sEmail, $sUsername, '*****', 'Logged in!', 'Admins'); $oAdminModel->setLastActivity($oAdminData->profileId, 'Admins'); HeaderUrl::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'index'), t('You signup is successfully!')); } }
/** * Check the permissions so only members can vote, but you can disable this check so that even visitors vote page. * * @access protected * @return boolean Returns true if the user is connected, false otherwise. */ protected function checkPerm() { // Only for members if (!UserCore::auth()) { $this->_sTxt = t('Please <b>register</b> or <b>login</b> to vote this.'); return false; } return true; }
/** * @return array The 'sex_user' and 'match_sex' */ public static function getGenderValues() { $sSexUser = '******'; $sMatchSex = 'female'; if (UserCore::auth()) { $sSexUser = (new UserModel())->getSex((new Session())->get('member_id')); $sMatchSex = $sSexUser == 'male' ? 'female' : ($sSexUser == 'couple' ? 'couple' : 'male'); } return ['sex_user' => $sSexUser, 'match_sex' => $sMatchSex]; }
public function __construct() { parent::__construct(); // Admin Security, if you have forgotten your admin password, comment this code below if ($this->httpRequest->get('mod') == PH7_ADMIN_MOD && ($this->registry->action == 'forgot' || $this->registry->action == 'reset')) { Header::redirect(Uri::get(PH7_ADMIN_MOD, 'main', 'login'), t('For security reasons, you do not have the right to generate a new password. To disable this security option, you must go to the Permission file of "lost-password" module'), 'error'); } if ((UserCore::auth() || AffiliateCore::auth() || AdminCore::auth()) && ($this->registry->action == 'forgot' || $this->registry->action == 'reset')) { Header::redirect(Uri::get('lost-password', 'main', 'account'), $this->alreadyConnectedMsg(), 'error'); } }
public function __construct() { parent::__construct(); if (UserCore::auth() && ($this->registry->action === 'index' || $this->registry->action === 'login' || $this->registry->action === 'register')) { Header::redirect(Uri::get('user', 'account', 'index'), $this->alreadyConnectedMsg(), 'error'); } if (!AdminCore::auth() && $this->registry->controller === 'AdminController') { // For security reasons, we do not redirectionnons the user to hide the url of the administrative part. Header::redirect(Uri::get('user', 'main', 'login'), $this->adminSignInMsg(), 'error'); } }
public function __construct() { parent::__construct(); if (UserCore::auth() && $this->registry->controller === 'HomeController') { // Newsletter subscription is only for visitors, not for members since they can subscribe into their account. HeaderUrl::redirect(Uri::get('user', 'main', 'index')); } if (!AdminCore::auth() && $this->registry->controller === 'AdminController') { // For security reasons, we do not redirectionnons the user to hide the url of the administrative part. HeaderUrl::redirect(Uri::get('user', 'main', 'login'), $this->adminSignInMsg(), 'error'); } }
public function account() { if (UserCore::auth()) { $sUrl = Uri::get('user', 'account', 'index'); } elseif (AffiliateCore::auth()) { $sUrl = Uri::get('affiliate', 'account', 'index'); } elseif (AdminCore::auth()) { $sUrl = Uri::get(PH7_ADMIN_MOD, 'main', 'index'); } else { $sUrl = $this->registry->site_url; } Header::redirect($sUrl); }
protected function delete() { if (AdminCore::auth() && !UserCore::auth()) { $this->_bStatus = $this->_oMailModel->adminDeleteMsg($this->_oHttpRequest->post('msg_id')); } else { $this->_bStatus = $this->_oMailModel->setTo($this->_oSession->get('member_id'), $this->_oHttpRequest->post('msg_id'), 'delete'); } if (!$this->_bStatus) { $this->_sMsg = jsonMsg(0, t('Your message does not exist anymore.')); } else { $this->_sMsg = jsonMsg(1, t('Your message has been successfully removed!')); } echo $this->_sMsg; }
/** * Displaying the main homepage of the website. */ public function index() { // We must not put the title as this is the homepage, so this is the default title is used. // For Profiles Carousel $this->view->userDesignModel = new UserDesignCoreModel(); $this->view->userDesign = new UserDesignCore(); // Only visitors if (!UserCore::auth()) { // Set CSS and JS files $this->design->addCss(PH7_LAYOUT . PH7_TPL . PH7_TPL_NAME . PH7_SH . PH7_CSS, 'splash.css,tooltip.css,js/jquery/carousel.css'); $this->design->addJs(PH7_DOT, PH7_STATIC . PH7_JS . 'jquery/carouFredSel.js,' . PH7_LAYOUT . PH7_TPL . PH7_TPL_NAME . PH7_SH . PH7_JS . 'splash.js'); // Assigns the promo text to the view $this->view->promo_text = DbConfig::getMetaMain(PH7_LANG_NAME)->promoText; // Assign the background video option $this->view->is_bg_video = DbConfig::getSetting('bgSplashVideo'); // To check if the site is called by a mobile native app $bMobApp = $this->view->is_mobapp = MobApp::is(); /** * When you are in the development mode, you can force the guest page by set a "force" GET request with the "splash" or "classic" parameter. * Example: "/?force=splash" or "/?force=classic" */ if (isDebug() && $this->httpRequest->getExists('force')) { switch ($this->httpRequest->get('force')) { case 'classic': $sPage = 'index.guest'; break; case 'splash': $sPage = 'index.guest_splash'; break; default: exit('You can only choose between "classic" or "splash"'); } } elseif ($bMobApp) { $sPage = 'index.guest_splash'; } else { $bIsSplashPage = (bool) DbConfig::getSetting('splashPage'); $sPage = $bIsSplashPage ? 'index.guest_splash' : 'index.guest'; } $this->manualTplInclude($sPage . '.inc.tpl'); } elseif (UserCore::auth()) { // Set CSS and JS files $this->design->addCss(PH7_LAYOUT . PH7_TPL . PH7_TPL_NAME . PH7_SH . PH7_CSS, 'zoomer.css'); $this->design->addJs(PH7_STATIC . PH7_JS, 'zoomer.js,Wall.js'); // Assigns the user's first name to the view for the Welcome Message $this->view->first_name = $this->session->get('member_first_name'); $this->manualTplInclude('index.user.inc.tpl'); } $this->output(); }
public static function display() { $bAdminLogged = AdminCore::auth() && !UserCore::auth(); $oForm = new \PFBC\Form('form_search', 500); $sUrl = $bAdminLogged ? Uri::get('mail', 'admin', 'msglist') : Uri::get('mail', 'main', 'result'); $oForm->configure(array('action' => $sUrl . PH7_SH, 'method' => 'get')); $oForm->addElement(new \PFBC\Element\Search(t('Search a message:'), 'looking', array('title' => t('Enter a keyword in the Subject, Contents, Author (username, first name, last name) or message ID.')))); $oForm->addElement(new \PFBC\Element\Select(t('Browse By:'), 'order', array(SearchCoreModel::TITLE => t('Subject'), SearchCoreModel::USERNAME => t('Author (username)'), SearchCoreModel::SEND_DATE => t('Recent')))); if (!$bAdminLogged) { $oForm->addElement(new \PFBC\Element\Select(t('Where:'), 'where', array(MailModel::INBOX => t('Inbox'), MailModel::OUTBOX => t('Outbox'), MailModel::TRASH => t('Trash')))); } $oForm->addElement(new \PFBC\Element\Select(t('Direction:'), 'sort', array(SearchCoreModel::ASC => t('Ascending'), SearchCoreModel::DESC => t('Descending')))); $oForm->addElement(new \PFBC\Element\Button(t('Search'), 'submit', array('icon' => 'search'))); $oForm->render(); }
public function __construct() { parent::__construct(); $this->oMailModel = new MailModel(); $this->oPage = new Page(); $this->_iProfileId = $this->session->get('member_id'); $this->_bAdminLogged = AdminCore::auth() && !UserCore::auth(); $this->view->dateTime = $this->dateTime; $this->view->avatarDesign = new AvatarDesignCore(); // Avatar Design Class $this->view->designSecurity = new Framework\Layout\Html\Security(); // Security Design Class $this->view->csrf_token = (new Framework\Security\CSRF\Token())->generate('mail'); $this->view->member_id = $this->_iProfileId; // Adding Css Style Content and JavaScript for Mail and Form $this->design->addCss(PH7_LAYOUT . PH7_SYS . PH7_MOD . $this->registry->module . PH7_SH . PH7_TPL . PH7_TPL_MOD_NAME . PH7_SH . PH7_CSS, 'mail.css'); $this->design->addJs(PH7_DOT, PH7_STATIC . PH7_JS . 'form.js,' . PH7_LAYOUT . PH7_SYS . PH7_MOD . $this->registry->module . PH7_SH . PH7_TPL . PH7_TPL_MOD_NAME . PH7_SH . PH7_JS . 'mail.js'); }
public function __construct() { $this->_oHttpRequest = new Http(); if ($this->_oHttpRequest->postExists('action') && $this->_oHttpRequest->postExists('table') && $this->_oHttpRequest->postExists('score') && $this->_oHttpRequest->postExists('id')) { if ($this->_oHttpRequest->post('action') == 'rating') { // Only for the Members if (!UserCore::auth()) { $this->_iStatus = 0; $this->_sTxt = t('Please <b>register</b> or <b>login</b> to vote.'); } else { $this->initialize(); } } } else { Framework\Http\Http::setHeadersByCode(400); exit('Bad Request Error!'); } }
public function __construct() { parent::__construct(); $oUserModel = new UserCoreModel(); $oMailModel = new MailModel(); $bIsAdmin = AdminCore::auth() && !UserCore::auth() && !$this->session->exists('login_user_as'); $sMessage = $this->httpRequest->post('message', Http::ONLY_XSS_CLEAN); $sCurrentTime = $this->dateTime->get()->dateTime('Y-m-d H:i:s'); $iTimeDelay = (int) DbConfig::getSetting('timeDelaySendMail'); $sRecipient = $this->httpRequest->post('recipient'); $iRecipientId = $oUserModel->getId(null, $sRecipient); $iSenderId = (int) ($bIsAdmin ? PH7_ADMIN_ID : $this->session->get('member_id')); if ($iSenderId == $iRecipientId) { \PFBC\Form::setError('form_compose_mail', t('Oops! You can not send a message to yourself.')); } elseif ($sRecipient == PH7_ADMIN_USERNAME) { \PFBC\Form::setError('form_compose_mail', t('Oops! You cannot reply to administrator! If you want to contact us, please use our <a href="%0%">contact form</a>.', Uri::get('contact', 'contact', 'index'))); } elseif (!(new ExistsCoreModel())->id($iRecipientId, 'Members')) { \PFBC\Form::setError('form_compose_mail', t('Oops! The username "%0%" does not exist.', escape(substr($this->httpRequest->post('recipient'), 0, PH7_MAX_USERNAME_LENGTH), true))); } elseif (!$bIsAdmin && !$oMailModel->checkWaitSend($iSenderId, $iTimeDelay, $sCurrentTime)) { \PFBC\Form::setError('form_compose_mail', Form::waitWriteMsg($iTimeDelay)); } elseif (!$bIsAdmin && $oMailModel->isDuplicateContent($iSenderId, $sMessage)) { \PFBC\Form::setError('form_compose_mail', Form::duplicateContentMsg()); } else { $mSendMsg = $oMailModel->sendMsg($iSenderId, $iRecipientId, $this->httpRequest->post('title'), $sMessage, $sCurrentTime); if (false === $mSendMsg) { \PFBC\Form::setError('form_compose_mail', t('Problem while sending the message. Please try again later.')); } else { // If the notification is accepted and the message recipient isn't connected NOW, we send a message. if (!$oUserModel->isNotification($iRecipientId, 'newMsg') && $oUserModel->isOnline($iRecipientId, 0)) { $this->view->content = t('Hello %0%!<br />You have received a new message from <strong>%1%</strong>.<br /> <a href="%2%">Click here</a> to read your message.', $this->httpRequest->post('recipient'), $this->session->get('member_username'), Uri::get('mail', 'main', 'inbox', $mSendMsg)); $sRecipientEmail = $oUserModel->getEmail($iRecipientId); $sMessageHtml = $this->view->parseMail(PH7_PATH_SYS . 'global/' . PH7_VIEWS . PH7_TPL_NAME . '/mail/sys/mod/mail/new_msg.tpl', $sRecipientEmail); $aInfo = ['to' => $sRecipientEmail, 'subject' => t('New private message from %0% on %site_name%', $this->session->get('member_first_name'))]; (new Mail())->send($aInfo, $sMessageHtml); } $sUrl = $bIsAdmin ? Uri::get(PH7_ADMIN_MOD, 'user', 'browse') : Uri::get('mail', 'main', 'index'); Header::redirect($sUrl, t('Your message has been sent successfully!')); } unset($oUserModel, $oMailModel); } }
/** * @desc Generates design the voting system. * @param integer $iId Unique ID of the column of the table. EX: ID of 'profileId' column for the 'Members' table. * @param string $sTable See the list of data tables available in the class: PH7\Framework\Mvc\Model\Engine\Util\Various::checkTable(). * @param string $sCssClass Default value is empty. You can add the name of a CSS class (attention, only its name) e.g. 'center'. * @return void */ public static function voting($iId, $sTable, $sCssClass = '') { $oRatingModel = new RatingCoreModel(); $iVotes = $oRatingModel->getVote($iId, $sTable); $fScore = $oRatingModel->getScore($iId, $sTable); unset($oRatingModel); // Note: The rating.css style file is included by default in the CMS (new Design())->staticFiles('js', PH7_STATIC . PH7_JS, 'jquery/rating.js'); $fRate = $iVotes > 0 ? number_format($fScore / $iVotes, 1) : 0; $sPHSClass = 'pHS' . $iId . $sTable; echo '<div class="', $sCssClass, ' ', $sPHSClass, '" id="', $fRate, '_', $iId, '_', $sTable, '"></div><p class="', $sPHSClass, '_txt">', t('Score: %0% - Votes: %1%', $fRate, $iVotes), '</p> <script>$(".', $sPHSClass, '").pHRating({length:5,decimalLength:1,rateMax:5});</script>'; /** * Redirectionne the member to the registration page if not logged. * For security, a check on the server side ajax is already present, but javascript code allows this purpose the visitor to enter more Easily. */ if (!UserCore::auth()) { $sUrl = Framework\Mvc\Router\Uri::get('user', 'signup', 'step1', '?msg=' . t('Please register for free in order to vote.'), false); echo '<script>$(".', $sPHSClass, '").click(function(){window.location=\'', $sUrl, '\'});</script>'; } }
public function carouselProfiles($iOffset = 0, $iLimit = 25) { $oUser = $this->oUserModel->getProfiles(SearchCoreModel::LATEST, $iOffset, $iLimit); if (empty($oUser)) { return; } echo '<script>$(function(){$("#foo").carouFredSel()});</script> <div class="transparent p1"><div class="img_carousel"><div id="foo">'; foreach ($oUser as $oRow) { $sFirstName = $this->oStr->upperFirst($oRow->firstName); $sCity = $this->oStr->upperFirst($oRow->city); echo '<div class="carouselTooltip"><p><strong>'; if (!UserCore::auth() && !AdminCore::auth()) { $aHttpParams = ['ref' => $this->oHttpRequest->currentController(), 'a' => 'carousel', 'u' => $oRow->username, 'f_n' => $sFirstName, 's' => $oRow->sex]; echo t('Meet %0% on %site_name%!', '<a href="' . $this->oUser->getProfileLink($oRow->username) . '">' . $sFirstName . '</a>'), '</strong><br /><em>', t('I am a %0% and I am looking %1%.', $oRow->sex, $oRow->matchSex), '<br />', t('I from %0%, %1%.', t($oRow->country), $sCity), '</em></p><a rel="nofollow" href="', Uri::get('user', 'signup', 'step1', '?' . Url::httpBuildQuery($aHttpParams), false), '"><img src="', $this->getUserAvatar($oRow->username, $oRow->sex, 150, 'Members'), '" alt="', t('Meet %0% on %site_name%', $oRow->username), '" class="splash_avatar" /></a>'; } else { echo t('Meet %0% on %site_name%!', $sFirstName), '</strong><br /><em>', t('I am a %0% and I am looking %1%.', $oRow->sex, $oRow->matchSex), '<br />', t('I from %0%, %1%.', t($oRow->country), $sCity), '</em></p><a href="', $this->oUser->getProfileLink($oRow->username), '"><img src="', $this->getUserAvatar($oRow->username, $oRow->sex, 150, 'Members'), '" alt="', t('Meet %0% on %site_name%', $oRow->username), '" class="splash_avatar" /></a>'; } echo '</div>'; } echo '</div><div class="clearfix"></div></div></div>'; }
public function index() { $this->view->total_pages = $this->oPage->getTotalPages($this->iTotalVisitors, 10); $this->view->current_page = $this->oPage->getCurrentPage(); $this->iTotalVisitors = $this->oVisitorModel->get($this->httpRequest->get('looking'), true, SearchCoreModel::LAST_VISIT, SearchCoreModel::DESC, null, null); $oVisitor = $this->oVisitorModel->get($this->httpRequest->get('looking'), false, SearchCoreModel::LAST_VISIT, SearchCoreModel::DESC, $this->oPage->getFirstItem(), $this->oPage->getNbItemsByPage()); $this->view->user_views_setting = UserCore::auth() ? $this->oUserModel->getPrivacySetting($this->session->get('member_id'))->userSaveViews : ''; if (empty($oVisitor)) { $this->sTitle = t('No Visitors found for the profile of "%0%"', $this->sUsername); $this->view->page_title = $this->sTitle; $this->view->h2_title = $this->sTitle; $this->view->error = t('Not found visitor.'); } else { $this->sTitle = t('%0%\'s Visitors:', $this->sUsername); $this->view->page_title = $this->sTitle; $this->view->h2_title = $this->sTitle; $sVisitorTxt = nt('%n% Visitor', '%n% Visitors', $this->iTotalVisitors); $this->view->visitor_number = $sVisitorTxt; $this->view->visitors = $oVisitor; } $this->output(); }
/** * Checks whether the user membership is still valid. * * @return boolean */ public function checkMembership() { return UserCore::auth() ? (new UserCoreModel())->checkMembershipExpiration($this->session->get('member_id'), $this->dateTime->get()->dateTime('Y-m-d H:i:s')) : true; }
/** * Set a Not Found Error Message with HTTP 404 Code Status. * * @final * @param string $sMsg Default is empty ('') * @param boolean $b404Status For the Ajax blocks and others, we cannot put the HTTP 404 error code, so the attribute must be set to FALSE. Default TRUE * @return void Quits the page with the exit() function */ public final function displayPageNotFound($sMsg = '', $b404Status = true) { if ($b404Status) { Http::setHeadersByCode(404); } $this->view->page_title = !empty($sMsg) ? t('%0% - Page Not Found', $sMsg) : t('Page Not Found'); $this->view->h1_title = !empty($sMsg) ? $sMsg : t('Whoops! The page you requested was not found.'); $sErrorDesc = t('You may have clicked an expired link or mistyped the address. Some web addresses are case sensitive.') . '<br /> <strong><em>' . t('Suggestions:') . '</em></strong><br /> <a href="' . $this->registry->site_url . '">' . t('Return home') . '</a><br />'; if (!\PH7\UserCore::auth()) { $sErrorDesc .= '<a href="' . Uri::get('user', 'signup', 'step1') . '">' . t('Join Now') . '</a><br /> <a href="' . Uri::get('user', 'main', 'login') . '">' . t('Login') . '</a><br />'; } $sErrorDesc .= '<a href="javascript:history.back();">' . t('Go back to the previous page') . '</a><br />'; $this->view->error_desc = $sErrorDesc; $this->view->pOH_not_found = 1; $this->output(); exit; }
protected function isOnline($sUsername) { $oUserModel = new UserCoreModel(); $iProfileId = $oUserModel->getId(null, $sUsername); $bIsOnline = $oUserModel->isOnline($iProfileId, Framework\Mvc\Model\DbConfig::getSetting('userTimeout')); unset($oUserModel); return $bIsOnline; } protected function sanitize($sText) { $sText = escape($sText); $sText = str_replace("\n\r", "\n", $sText); $sText = str_replace("\r\n", "\n", $sText); $sText = str_replace("\n", "<br>", $sText); return $sText; } public function __destruct() { unset($this->_oHttpRequest, $this->_oMessengerModel); } } // Go only is the member id connected if (UserCore::auth()) { $oSession = new Session(); // Go start_session() function. if (empty($_SESSION['messenger_username'])) { $_SESSION['messenger_username'] = $oSession->get('member_username'); } unset($oSession); new MessengerAjax(); }
/** * Generate a Report Link. * * @param integer $iId * @param string $sUsername * @param string $sFirstName * @param string $sSex * @internal We do not use \PH7\Framework\Url\Url::httpBuildQuery() method for the first condition otherwise the URL is distorted and it does not work. * @return void */ public function report($iId, $sUsername, $sFirstName, $sSex) { $sReportLink = \PH7\UserCore::auth() ? Uri::get('report', 'main', 'abuse', '?spammer=' . $iId . '&url=' . $this->oHttpRequest->currentUrl() . '&type=' . Registry::getInstance()->module, false) . '" data-popup="block-page' : Uri::get('user', 'signup', 'step1', '?' . Url::httpBuildQuery(array('msg' => t('You must register to report this person.'), 'ref' => 'profile', 'a' => 'report', 'u' => $sUsername, 'f_n' => $sFirstName, 's' => $sSex)), false); echo '<a rel="nofollow" href="', $sReportLink, '" title="', t('Report Abuse'), '">', t('Report'), '</a>'; }
/** * If a user is logged, get "approximately" the relative age for better and more intuitive search. * * @param object \PH7\UserCoreModel $oUserModel * @param object \PH7\Framework\Session\Session $oSession * @return array 'min_age' and 'max_age' which is the approximately age the user is looking for. */ protected static function getAgeVals(UserCoreModel $oUserModel, Session $oSession) { $iMinAge = (int) DbConfig::getSetting('minAgeRegistration'); $iMaxAge = (int) DbConfig::getSetting('maxAgeRegistration'); if (UserCore::auth()) { $sBirthDate = $oUserModel->getBirthDate($oSession->get('member_id')); $aAge = explode('-', $sBirthDate); $iAge = (new Year($aAge[0], $aAge[1], $aAge[2]))->get(); $iMinAge = $iAge - 5 < $iMinAge ? $iMinAge : $iAge - 5; $iMaxAge = $iAge + 5 > $iMaxAge ? $iMaxAge : $iAge + 5; } return ['min_age' => $iMinAge, 'max_age' => $iMaxAge]; }
/** * Gets The Current Session Token. * * @access protected * @return mixed (string | boolean) The "token" if a user is logged or "true" if no user is logged. */ protected function currentSess() { if (\PH7\UserCore::auth()) { $sToken = $this->_oSession->get('member_token'); } elseif (\PH7\AdminCore::auth()) { $sToken = $this->_oSession->get('admin_token'); } elseif (\PH7\AffiliateCore::auth()) { $sToken = $this->_oSession->get('affiliate_token'); } else { $sToken = true; } // If nobody is logged on, we did not need to do this test, so it returns true return $sToken; }
<?php /** * @author Pierre-Henry Soria <*****@*****.**> * @copyright (c) 2012-2016, Pierre-Henry Soria. All Rights Reserved. * @license GNU General Public License; See PH7.LICENSE.txt and PH7.COPYRIGHT.txt in the root directory. * @package PH7 / App / System / Core / Asset / Ajax / Popup */ namespace PH7; defined('PH7') or exit('Restricted access'); use PH7\Framework\Mvc\Request\Http, PH7\Framework\Layout\Html\Design, PH7\Framework\Url\Url, PH7\Framework\Mvc\Router\Uri, PH7\Framework\Url\Header; if (AdminCore::auth() || UserCore::auth() || AffiliateCore::auth()) { $oHttpRequest = new Http(); $oDesign = new Design(); $oDesign->htmlHeader(); $oDesign->usefulHtmlHeader(); echo '<div class="center">'; if ($oHttpRequest->getExists(array('mod', 'ctrl', 'act', 'id'))) { $sLabel = $oHttpRequest->get('label'); $sMod = $oHttpRequest->get('mod'); $sCtrl = $oHttpRequest->get('ctrl'); $sAct = $oHttpRequest->get('act'); $mId = $oHttpRequest->get('id'); ConfirmCoreForm::display(array('label' => Url::decode($sLabel), 'module' => $sMod, 'controller' => $sCtrl, 'action' => $sAct, 'id' => $mId)); } else { echo '<p>' . t('Bad parameters in the URL!') . '</p>'; } echo '</div>'; $oDesign->htmlFooter(); unset($oHttpRequest, $oDesign);